From eb70f6a066cbcc8604ab5a7e2f1e64a72af95480 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kate=C5=99ina=20Churanov=C3=A1?= <katerina@churanova.eu>
Date: Sat, 11 Dec 2021 15:49:05 +0100
Subject: [PATCH 001/475] fix: making the key name in the config database
 unique

---
 ...add_unique_index_to_settings_table_keys.py | 24 +++++++++++++++++++
 powerdnsadmin/models/setting.py               |  2 +-
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py

diff --git a/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py b/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py
new file mode 100644
index 000000000..48cfbe956
--- /dev/null
+++ b/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py
@@ -0,0 +1,24 @@
+"""Add unique index to settings table keys
+
+Revision ID: b24bf17725d2
+Revises: 0967658d9c0d
+Create Date: 2021-12-12 20:29:17.103441
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'b24bf17725d2'
+down_revision = '0967658d9c0d'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    op.create_index(op.f('ix_setting_name'), 'setting', ['name'], unique=True)
+
+
+def downgrade():
+    op.drop_index(op.f('ix_setting_name'), table_name='setting')
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index a46cfb6bb..4b9bcc5e3 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -11,7 +11,7 @@
 
 class Setting(db.Model):
     id = db.Column(db.Integer, primary_key=True)
-    name = db.Column(db.String(64))
+    name = db.Column(db.String(64), unique=True, index=True)
     value = db.Column(db.Text())
 
     defaults = {

From f41696c31084f363a4c1c42c7b078e6a3fe8b3cd Mon Sep 17 00:00:00 2001
From: root <ganor.roei98@gmail.com>
Date: Mon, 18 Apr 2022 09:01:22 +0000
Subject: [PATCH 002/475] WIP - Added health check

---
 powerdnsadmin/lib/errors.py |  8 ++++++++
 powerdnsadmin/routes/api.py | 35 ++++++++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index 687f5543e..b82001755 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -171,3 +171,11 @@ def __init__(self, name=None, message="Delete of user failed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
+
+class HealthCheckFail(StructuredException):
+    status_code = 500
+
+    def __init__(self,name=None, message="Health check failed"):
+        StructuredException.__init__(self)
+        self.message = message
+        self.name = name
\ No newline at end of file
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 4fce368ba..580e1a1c4 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -23,7 +23,7 @@
     AccountCreateFail, AccountUpdateFail, AccountDeleteFail,
     AccountCreateDuplicate, AccountNotExists,
     UserCreateFail, UserCreateDuplicate, UserUpdateFail, UserDeleteFail,
-    UserUpdateFailEmail,
+    UserUpdateFailEmail, HealthCheckFail
 )
 from ..decorators import (
     api_basic_auth, api_can_create_domain, is_json, apikey_auth,
@@ -1182,3 +1182,36 @@ def sync_domains():
     domain = Domain()
     domain.update()
     return 'Finished synchronization in background', 200
+
+@api_bp.route('/health', methods=['GET'])
+def health():
+    domain = Domain()
+    domain_to_query = domain.query.first()
+    
+    if not domain_to_query:
+        current_app.logger.error("No domain found to query a health check")
+        raise (HealthCheckFail)
+
+    pdns_api_url = Setting().get('pdns_api_url')
+    pdns_api_key = Setting().get('pdns_api_key')
+    pdns_version = Setting().get('pdns_version')
+    api_uri_with_prefix = utils.pdns_api_extended_uri(pdns_version)
+    api_uri = '/servers/localhost/zones/{}'.format(domain_to_query.name)
+    headers = {}
+    headers['X-API-Key'] = pdns_api_key
+
+    try:
+        resp = utils.fetch_remote(urljoin(pdns_api_url, api_uri_with_prefix + api_uri),
+                                method='GET',
+                                headers=headers,
+                                accept='application/json; q=1',
+                                verify=Setting().get('verify_ssl_connections'))
+                                
+    except Exception as e:
+        current_app.logger.error("Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
+        return make_response("bad", 503)
+
+    if resp.status_code == 200:
+        return make_response("good", 200)
+    else:
+        return make_response("bad", 503)
\ No newline at end of file

From 4958423cc74a929f052f4da6dea9f684f33b5850 Mon Sep 17 00:00:00 2001
From: RGanor <44501230+RGanor@users.noreply.github.com>
Date: Mon, 18 Apr 2022 22:11:31 +0300
Subject: [PATCH 003/475] Update api.py

---
 powerdnsadmin/routes/api.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 580e1a1c4..7ce363d0b 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1214,4 +1214,5 @@ def health():
     if resp.status_code == 200:
         return make_response("good", 200)
     else:
-        return make_response("bad", 503)
\ No newline at end of file
+        return make_response("bad", 503)
+    

From 40deb3c145619067ff20af15b4a0d0c589d33322 Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <github@advantic.de>
Date: Wed, 6 Apr 2022 14:59:59 +0200
Subject: [PATCH 004/475] Create method to encode and decode idna
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Previously strings with characters like "ß" would throw and exception
This seems to happen because the lib behind encode().decode('idna')
cant handle characters like this
---
 powerdnsadmin/lib/utils.py | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 951f75009..9e7cf20cd 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -4,6 +4,7 @@
 import requests
 import hashlib
 import ipaddress
+import idna
 
 from collections.abc import Iterable
 from distutils.version import StrictVersion
@@ -248,10 +249,27 @@ def pretty_domain_name(value):
         if value.startswith('xn--') \
         or value.find('.xn--') != -1:
             try:
-                return value.encode().decode('idna')
+                return to_idna(value, 'decode')
             except:
-                raise Exception("Cannot decode IDN domain")
+                raise Exception('Cannot decode IDN domain')
         else:
             return value
     else:
-        raise Exception("Require the Punycode in string format")
+        raise Exception('Require the Punycode in string format')
+
+def to_idna(value, action):
+    splits = value.split()
+    result = []
+    if action == 'encode':
+        for split in splits:
+            try:
+                # Try encoding to idna
+                result.append(idna.encode(split).decode())
+            except idna.IDNAError:
+                result.append(split)
+    elif action == 'decode':
+        for split in splits:
+            result.append(idna.decode(split))   
+    else:
+        raise Exception('No valid action received')
+    return ' '.join(result)

From 191e919626d396494c1197fa4405e158a6fc1251 Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <github@advantic.de>
Date: Wed, 6 Apr 2022 17:01:28 +0200
Subject: [PATCH 005/475] Allow IDNA in SOA
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Previously having characters like "ü" in the SOA wouldnt allow to push
updates to the domain
* Also use the new method to_idna to support characters like "ß"
---
 powerdnsadmin/models/record.py | 6 +++---
 powerdnsadmin/routes/domain.py | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index 9929b67b4..c19576aba 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -169,12 +169,12 @@ def build_rrsets(self, domain_name, submitted_records):
             record['record_data'] = record['record_data'].replace('[ZONE]', domain_name)
             # Translate record name into punycode (IDN) as that's the only way
             # to convey non-ascii records to the dns server
-            record['record_name'] = record['record_name'].encode('idna').decode()
+            record['record_name'] = utils.to_idna(record["record_name"], "encode")
             #TODO: error handling
             # If the record is an alias (CNAME), we will also make sure that
             # the target domain is properly converted to punycode (IDN)
-            if record["record_type"] == 'CNAME':
-                record['record_data'] = record['record_data'].encode('idna').decode()
+            if record['record_type'] == 'CNAME' or record['record_type'] == 'SOA':
+                record['record_data'] = utils.to_idna(record['record_data'], 'encode')
                 #TODO: error handling
             # If it is ipv6 reverse zone and PRETTY_IPV6_PTR is enabled,
             # We convert ipv6 address back to reverse record format
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index e3b61cc7d..603a2a300 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -10,6 +10,7 @@
 
 from ..lib.utils import pretty_domain_name
 from ..lib.utils import pretty_json
+from ..lib.utils import to_idna
 from ..decorators import can_create_domain, operator_role_required, can_access_domain, can_configure_dnssec, can_remove_domain
 from ..models.user import User, Anonymous
 from ..models.account import Account
@@ -379,7 +380,7 @@ def add():
 
             # Encode domain name into punycode (IDN)
             try:
-                domain_name = domain_name.encode('idna').decode()
+                domain_name = to_idna(domain_name, 'encode')
             except:
                 current_app.logger.error("Cannot encode the domain name {}".format(domain_name))
                 current_app.logger.debug(traceback.format_exc())

From 68045cc60c7160b11cb4fbbe655be750de4d0851 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sat, 7 May 2022 21:14:29 +0200
Subject: [PATCH 006/475] Fix revision in migration filename

This has no functional impact, flask-migrate aka alembic was and will
continue to work as expected. It is just a cosmetic change for
consistency.
---
 ...in_the_db.py => 31a4ed468b18_remove_all_settings_in_the_db.py} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename migrations/versions/{1274ed462010_remove_all_settings_in_the_db.py => 31a4ed468b18_remove_all_settings_in_the_db.py} (100%)

diff --git a/migrations/versions/1274ed462010_remove_all_settings_in_the_db.py b/migrations/versions/31a4ed468b18_remove_all_settings_in_the_db.py
similarity index 100%
rename from migrations/versions/1274ed462010_remove_all_settings_in_the_db.py
rename to migrations/versions/31a4ed468b18_remove_all_settings_in_the_db.py

From 0e2cd063c5a522c103df1aa401f077ea4523faba Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sat, 7 May 2022 21:14:48 +0200
Subject: [PATCH 007/475] Remove python v2 remnant

As vermin [0] confirms, the codebase has long moved beyond supporting
python v2 (which is not a bad thing). This removes the last explicit py2
piece of code.

And in case anyone wonders, vermin currently reports the minium version
to be v3.6.

[0] https://pypi.org/project/vermin/
---
 powerdnsadmin/models/user.py | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 1802492a6..1b34d629d 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -83,10 +83,7 @@ def is_anonymous(self):
         return False
 
     def get_id(self):
-        try:
-            return unicode(self.id)  # python 2
-        except NameError:
-            return str(self.id)  # python 3
+        return str(self.id)
 
     def __repr__(self):
         return '<User {0}>'.format(self.username)

From fec649b7476d0a7cdeb3a011620003acef1d250a Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sat, 7 May 2022 21:14:57 +0200
Subject: [PATCH 008/475] Header for fixed order column

Semantically and syntactically it is better to have the same number of
`<th>` as `<td>`. Not that anyone will ever see that new header, since
that column is always invisible (except if the user disables javascript).

Plus remove a unmatched closing html element.
---
 powerdnsadmin/templates/domain.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index e5863cdf9..d5e85fc05 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -60,6 +60,7 @@ <h1>
                                 {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                                 <th >Changelog</th>
                                 {% endif %}
+                                <th>Invisible Sorting Column</th>
                             </tr>
                         </thead>
                         <tbody>
@@ -104,7 +105,6 @@ <h1>
                                         <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
                                     </td>
                                 {% endif %}
-                                    </td>
                                     {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                                     <td width="6%">
                                         <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;

From 564ec6086dd4f927fdebbdc360f3d34f9b84aaeb Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sat, 7 May 2022 21:15:25 +0200
Subject: [PATCH 009/475] Replace pyOpenSSL with cryptography

This is literally the example from the docs [0]. The only thing I
adapted are the parameters for the keys and certificate, so they
stay the same.

Fixes #1086

[0] https://cryptography.io/en/latest/x509/tutorial/#creating-a-self-signed-certificate
---
 powerdnsadmin/lib/certutil.py | 92 +++++++++++++++++++----------------
 requirements.txt              |  1 -
 2 files changed, 51 insertions(+), 42 deletions(-)

diff --git a/powerdnsadmin/lib/certutil.py b/powerdnsadmin/lib/certutil.py
index 9e09cf63c..863e40b4f 100644
--- a/powerdnsadmin/lib/certutil.py
+++ b/powerdnsadmin/lib/certutil.py
@@ -1,48 +1,58 @@
-from OpenSSL import crypto
-from datetime import datetime
-import pytz
+import datetime
 import os
-CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__))  + "/../../")
+
+from cryptography import x509
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.x509.oid import NameOID
+
+
+CRYPT_PATH = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + "/../../")
 CERT_FILE = CRYPT_PATH + "/saml_cert.crt"
 KEY_FILE = CRYPT_PATH + "/saml_cert.key"
 
 
-def check_certificate():
-    if not os.path.isfile(CERT_FILE):
-        return False
-    st_cert = open(CERT_FILE, 'rt').read()
-    cert = crypto.load_certificate(crypto.FILETYPE_PEM, st_cert)
-    now = datetime.now(pytz.utc)
-    begin = datetime.strptime(cert.get_notBefore(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
-    begin_ok = begin < now
-    end = datetime.strptime(cert.get_notAfter(), "%Y%m%d%H%M%SZ").replace(tzinfo=pytz.UTC)
-    end_ok = end > now
-    if begin_ok and end_ok:
-        return True
-    return False
-
 def create_self_signed_cert():
+    """ Generate a new self-signed RSA-2048-SHA256 x509 certificate. """
+    # Generate our key
+    key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=2048,
+    )
+
+    # Write our key to disk for safe keeping
+    with open(KEY_FILE, "wb") as key_file:
+        key_file.write(key.private_bytes(
+            encoding=serialization.Encoding.PEM,
+            format=serialization.PrivateFormat.TraditionalOpenSSL,
+            encryption_algorithm=serialization.NoEncryption(),
+        ))
+
+    # Various details about who we are. For a self-signed certificate the
+    # subject and issuer are always the same.
+    subject = issuer = x509.Name([
+        x509.NameAttribute(NameOID.COUNTRY_NAME, "DE"),
+        x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "NRW"),
+        x509.NameAttribute(NameOID.LOCALITY_NAME, "Dortmund"),
+        x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Dummy Company Ltd"),
+        x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, "Dummy Company Ltd"),
+        x509.NameAttribute(NameOID.COMMON_NAME, "PowerDNS-Admin"),
+    ])
+
+    cert = x509.CertificateBuilder().subject_name(
+        subject
+    ).issuer_name(
+        issuer
+    ).public_key(
+        key.public_key()
+    ).serial_number(
+        x509.random_serial_number()
+    ).not_valid_before(
+        datetime.datetime.utcnow()
+    ).not_valid_after(
+        datetime.datetime.utcnow() + datetime.timedelta(days=10*365)
+    ).sign(key, hashes.SHA256())
 
-    # create a key pair
-    k = crypto.PKey()
-    k.generate_key(crypto.TYPE_RSA, 2048)
-
-    # create a self-signed cert
-    cert = crypto.X509()
-    cert.get_subject().C = "DE"
-    cert.get_subject().ST = "NRW"
-    cert.get_subject().L = "Dortmund"
-    cert.get_subject().O = "Dummy Company Ltd"
-    cert.get_subject().OU = "Dummy Company Ltd"
-    cert.get_subject().CN = "PowerDNS-Admin"
-    cert.set_serial_number(1000)
-    cert.gmtime_adj_notBefore(0)
-    cert.gmtime_adj_notAfter(10*365*24*60*60)
-    cert.set_issuer(cert.get_subject())
-    cert.set_pubkey(k)
-    cert.sign(k, 'sha256')
-
-    open(CERT_FILE, "bw").write(
-        crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
-    open(KEY_FILE, "bw").write(
-        crypto.dump_privatekey(crypto.FILETYPE_PEM, k))
\ No newline at end of file
+    # Write our certificate out to disk.
+    with open(CERT_FILE, "wb") as cert_file:
+        cert_file.write(cert.public_bytes(serialization.Encoding.PEM))
diff --git a/requirements.txt b/requirements.txt
index 4914a8e24..ce2445052 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,7 +14,6 @@ qrcode==6.1
 dnspython>=1.16.0
 gunicorn==20.0.4
 python3-saml
-pyOpenSSL==19.1.0
 pytz==2020.1
 cssmin==0.2.0
 jsmin==3.0.0

From b3271e84d6153b0157f887e5a5cab7e86eaba468 Mon Sep 17 00:00:00 2001
From: Cloud User
 <rganor@PowerDNS-Admin.jmrhd2hm4czujfv1nhhpcfh5wh.bx.internal.cloudapp.net>
Date: Sun, 15 May 2022 12:19:04 +0000
Subject: [PATCH 010/475] Using domain model and added authentication

---
 powerdnsadmin/lib/errors.py |  8 --------
 powerdnsadmin/routes/api.py | 28 ++++++----------------------
 2 files changed, 6 insertions(+), 30 deletions(-)

diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index b82001755..687f5543e 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -171,11 +171,3 @@ def __init__(self, name=None, message="Delete of user failed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
-
-class HealthCheckFail(StructuredException):
-    status_code = 500
-
-    def __init__(self,name=None, message="Health check failed"):
-        StructuredException.__init__(self)
-        self.message = message
-        self.name = name
\ No newline at end of file
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 7ce363d0b..cf7498651 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -23,7 +23,7 @@
     AccountCreateFail, AccountUpdateFail, AccountDeleteFail,
     AccountCreateDuplicate, AccountNotExists,
     UserCreateFail, UserCreateDuplicate, UserUpdateFail, UserDeleteFail,
-    UserUpdateFailEmail, HealthCheckFail
+    UserUpdateFailEmail
 )
 from ..decorators import (
     api_basic_auth, api_can_create_domain, is_json, apikey_auth,
@@ -1184,35 +1184,19 @@ def sync_domains():
     return 'Finished synchronization in background', 200
 
 @api_bp.route('/health', methods=['GET'])
+@apikey_auth
 def health():
     domain = Domain()
     domain_to_query = domain.query.first()
     
     if not domain_to_query:
         current_app.logger.error("No domain found to query a health check")
-        raise (HealthCheckFail)
-
-    pdns_api_url = Setting().get('pdns_api_url')
-    pdns_api_key = Setting().get('pdns_api_key')
-    pdns_version = Setting().get('pdns_version')
-    api_uri_with_prefix = utils.pdns_api_extended_uri(pdns_version)
-    api_uri = '/servers/localhost/zones/{}'.format(domain_to_query.name)
-    headers = {}
-    headers['X-API-Key'] = pdns_api_key
+        return make_response("Down", 503)
 
     try:
-        resp = utils.fetch_remote(urljoin(pdns_api_url, api_uri_with_prefix + api_uri),
-                                method='GET',
-                                headers=headers,
-                                accept='application/json; q=1',
-                                verify=Setting().get('verify_ssl_connections'))
-                                
+        resp = domain.get_domain_info(domain_to_query.name)                                
     except Exception as e:
         current_app.logger.error("Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
-        return make_response("bad", 503)
+        return make_response("Down", 503)
 
-    if resp.status_code == 200:
-        return make_response("good", 200)
-    else:
-        return make_response("bad", 503)
-    
+    return make_response("Up", 200)

From 3d2ad1abc0f60297156a517c7731ed92942c6d60 Mon Sep 17 00:00:00 2001
From: RGanor <ganor.roei98@gmail.com>
Date: Sun, 15 May 2022 13:57:13 +0000
Subject: [PATCH 011/475] LGTM fix - unused variable

---
 powerdnsadmin/routes/api.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index cf7498651..6a6d74e92 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1194,7 +1194,7 @@ def health():
         return make_response("Down", 503)
 
     try:
-        resp = domain.get_domain_info(domain_to_query.name)                                
+        domain.get_domain_info(domain_to_query.name)                                
     except Exception as e:
         current_app.logger.error("Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
         return make_response("Down", 503)

From 70450315ba870a1d87ccdd00f3eab974e732b1f4 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 19 May 2022 00:53:20 +0200
Subject: [PATCH 012/475] Add general modal functions

The two generic modals are defined in the base template, and are used
in various templates. So provide functions and remove duplicate code.
---
 powerdnsadmin/static/custom/js/custom.js   | 20 ++++----------------
 powerdnsadmin/templates/admin_history.html |  4 +---
 powerdnsadmin/templates/base.html          | 12 ++++++++++++
 powerdnsadmin/templates/domain.html        |  8 ++------
 powerdnsadmin/templates/domain_remove.html |  4 +---
 powerdnsadmin/templates/template_edit.html |  8 ++------
 6 files changed, 22 insertions(+), 34 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index 051a2e038..e4b72b16e 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -12,13 +12,7 @@ function applyChanges(data, url, showResult, refreshPage) {
             console.log("Applied changes successfully.");
             console.log(data);
             if (showResult) {
-                var modal = $("#modal_success");
-                if (data['msg']) {
-                    modal.find('.modal-body p').text(data['msg']);
-                } else {
-                    modal.find('.modal-body p').text("Applied changes successfully");
-                }
-                modal.modal('show');
+                showSuccessModal(data['msg'] || "Applied changes successfully");
             }
             if (refreshPage) {
                 location.reload(true);
@@ -27,10 +21,8 @@ function applyChanges(data, url, showResult, refreshPage) {
 
         error : function(jqXHR, status) {
             console.log(jqXHR);
-            var modal = $("#modal_error");
             var responseJson = jQuery.parseJSON(jqXHR.responseText);
-            modal.find('.modal-body p').text(responseJson['msg']);
-            modal.modal('show');
+            showErrorModal(responseJson['msg']);
         }
     });
 }
@@ -50,18 +42,14 @@ function applyRecordChanges(data, domain) {
             });
 
             console.log("Applied changes successfully.")
-            var modal = $("#modal_success");
-            modal.find('.modal-body p').text("Applied changes successfully");
-            modal.modal('show');
+            showSuccessModal("Applied changes successfully");
             setTimeout(() => {window.location.reload()}, 2000);
         },
 
         error : function(jqXHR, status) {
             console.log(jqXHR);
-            var modal = $("#modal_error");
             var responseJson = jQuery.parseJSON(jqXHR.responseText);
-            modal.find('.modal-body p').text(responseJson['msg']);
-            modal.modal('show');
+            showErrorModal(responseJson['msg']);
         }
     });
 }
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index a3f0fd445..aa16c4a72 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -446,9 +446,7 @@ <h3 class="box-title">History Management</h3>
             
             if(!canSearch)
             {
-                var modal = $("#modal_error");
-                modal.find('.modal-body p').text("Please fill out the " + main_field + " field.");
-                modal.modal('show');
+                showErrorModal("Please fill out the " + main_field + " field.");
             }
             else
             {
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index bb9be5b0a..649663a4e 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -298,6 +298,18 @@ <h1>
         }
       });
     });
+
+    function showErrorModal(message) {
+      var modal = $('#modal_error');
+      modal.find('.modal-body p').text(message);
+      modal.modal('show');
+    }
+
+    function showSuccessModal(message) {
+      var modal = $("#modal_success");
+      modal.find('.modal-body p').text(message);
+      modal.modal('show');
+    }
   </script>
   {% endif %}
 {%- endassets %}
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index e5863cdf9..67b29944c 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -251,9 +251,7 @@ <h1>
     // handle apply changes button
     $(document.body).on("click",".button_apply_changes", function() {
         if (nNew || nEditing) {
-            var modal = $("#modal_error");
-            modal.find('.modal-body p').text("Previous record not saved. Please save it before applying the changes.");
-            modal.modal('show');
+            showErrorModal("Previous record not saved. Please save it before applying the changes.");
             return;
         }
 
@@ -277,9 +275,7 @@ <h1>
     // handle add record button
     $(document.body).on("click", ".button_add_record", function (e) {
             if (nNew || nEditing) {
-                var modal = $("#modal_error");
-                modal.find('.modal-body p').text("Previous record not saved. Please save it before adding more record.");
-                modal.modal('show');
+                showErrorModal("Previous record not saved. Please save it before adding more record.");
                 return;
             }
             // clear search first
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index e0b0eb824..6ac540102 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -73,9 +73,7 @@ <h3 class="box-title">Help with removing a new domain</h3>
     $(document.body).on("click", ".button_delete", function(e) {
         e.stopPropagation();
         if ( $("#domainid").val() == 0 ){
-            var modal = $("#modal_error");
-            modal.find('.modal-body p').text("Please select domain to remove.");
-            modal.modal('show');
+            showErrorModal("Please select domain to remove.");
             return;
         }
 
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index f71629368..89faebcd2 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -192,9 +192,7 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
     // handle apply changes button
     $(document.body).on("click",".button_apply_changes", function() {
         if (nNew || nEditing) {
-            var modal = $("#modal_error");
-            modal.find('.modal-body p').text("Previous record not saved. Please save it before applying the changes.");
-            modal.modal('show');
+            showErrorModal("Previous record not saved. Please save it before applying the changes.");
             return;
         }
 
@@ -217,9 +215,7 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
     // handle add record button
     $(document.body).on("click", ".button_add_record", function (e) {
             if (nNew || nEditing) {
-                var modal = $("#modal_error");
-                modal.find('.modal-body p').text("Previous record not saved. Please save it before adding more record.");
-                modal.modal('show');
+                showErrorModal("Previous record not saved. Please save it before adding more record.");
                 return;
             }
             // clear search first

From 0dfcdb6c3e64f69f0c9b798fdd9d4ecd8a5a25d2 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 19 May 2022 00:53:35 +0200
Subject: [PATCH 013/475] Fix rrest typo in history detail

There is a misspelling of rrset throughout the history logic, which also
effects the json payload in the database. Code-wise this is a simple
search-and-replace, and the migration will fix the payloads.
---
 ...6ea7dc05f496_fix_typo_in_history_detail.py | 46 +++++++++++++
 powerdnsadmin/routes/admin.py                 | 67 ++++++++++---------
 powerdnsadmin/routes/domain.py                | 18 ++---
 .../templates/applied_change_macro.html       | 22 +++---
 4 files changed, 100 insertions(+), 53 deletions(-)
 create mode 100644 migrations/versions/6ea7dc05f496_fix_typo_in_history_detail.py

diff --git a/migrations/versions/6ea7dc05f496_fix_typo_in_history_detail.py b/migrations/versions/6ea7dc05f496_fix_typo_in_history_detail.py
new file mode 100644
index 000000000..6a039949b
--- /dev/null
+++ b/migrations/versions/6ea7dc05f496_fix_typo_in_history_detail.py
@@ -0,0 +1,46 @@
+"""Fix typo in history detail
+
+Revision ID: 6ea7dc05f496
+Revises: fbc7cf864b24
+Create Date: 2022-05-10 10:16:58.784497
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '6ea7dc05f496'
+down_revision = 'fbc7cf864b24'
+branch_labels = None
+depends_on = None
+
+history_table = sa.sql.table('history',
+                             sa.Column('detail', sa.Text),
+                             )
+
+
+def upgrade():
+    op.execute(
+        history_table.update()
+            .where(history_table.c.detail.like('%"add_rrests":%'))
+            .values({
+                'detail': sa.func.replace(
+                                sa.func.replace(history_table.c.detail, '"add_rrests":', '"add_rrsets":'),
+                                '"del_rrests":', '"del_rrsets":'
+                          )
+            })
+    )
+
+
+def downgrade():
+    op.execute(
+        history_table.update()
+            .where(history_table.c.detail.like('%"add_rrsets":%'))
+            .values({
+                'detail': sa.func.replace(
+                                sa.func.replace(history_table.c.detail, '"add_rrsets":', '"add_rrests":'),
+                                '"del_rrsets":', '"del_rrests":'
+                          )
+            })
+    )
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 7919c8c6d..ab5dce05c 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -23,6 +23,7 @@
 from ..models.api_key import ApiKey
 from ..models.base import db
 
+from ..lib.errors import ApiKeyCreateFail
 from ..lib.schema import ApiPlainKeySchema
 
 apikey_plain_schema = ApiPlainKeySchema(many=True)
@@ -43,10 +44,10 @@
 Note: A change in "content", is considered a deletion and recreation of the same record,
 holding the new content value.
 """
-def get_record_changes(del_rrest, add_rrest):
+def get_record_changes(del_rrset, add_rrset):
     changeSet = []
-    delSet = del_rrest['records'] if 'records' in del_rrest else []
-    addSet = add_rrest['records'] if 'records' in add_rrest else []
+    delSet = del_rrset['records'] if 'records' in del_rrset else []
+    addSet = add_rrset['records'] if 'records' in add_rrset else []
     for d in delSet:  # get the deletions and status changes
         exists = False
         for a in addSet:
@@ -86,44 +87,44 @@ def get_record_changes(del_rrest, add_rrest):
     return changeSet
 
 # out_changes is a list of  HistoryRecordEntry objects in which we will append the new changes
-# a HistoryRecordEntry represents a pair of add_rrest and del_rrest
+# a HistoryRecordEntry represents a pair of add_rrset and del_rrset
 def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_num, record_name=None, record_type=None):
 
     if history_entry.detail is None:
         return
 
-    if "add_rrests" in history_entry.detail:
+    if "add_rrsets" in history_entry.detail:
         detail_dict = json.loads(history_entry.detail)
     else: # not a record entry
         return
 
-    add_rrests = detail_dict['add_rrests']
-    del_rrests = detail_dict['del_rrests']
+    add_rrsets = detail_dict['add_rrsets']
+    del_rrsets = detail_dict['del_rrsets']
 
 
-    for add_rrest in add_rrests:
+    for add_rrset in add_rrsets:
         exists = False
-        for del_rrest in del_rrests:
-            if del_rrest['name'] == add_rrest['name'] and del_rrest['type'] == add_rrest['type']:
+        for del_rrset in del_rrsets:
+            if del_rrset['name'] == add_rrset['name'] and del_rrset['type'] == add_rrset['type']:
                 exists = True
                 if change_num not in out_changes:
                     out_changes[change_num] = []
-                out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrest, add_rrest, "*"))
+                out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, add_rrset, "*"))
                 break
         if not exists:  # this is a new record
             if change_num not in out_changes:
                 out_changes[change_num] = []
-            out_changes[change_num].append(HistoryRecordEntry(history_entry, [], add_rrest, "+"))  # (add_rrest, del_rrest, change_type)
-    for del_rrest in del_rrests:
+            out_changes[change_num].append(HistoryRecordEntry(history_entry, [], add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
+    for del_rrset in del_rrsets:
         exists = False
-        for add_rrest in add_rrests:
-            if del_rrest['name'] == add_rrest['name'] and del_rrest['type'] == add_rrest['type']:
+        for add_rrset in add_rrsets:
+            if del_rrset['name'] == add_rrset['name'] and del_rrset['type'] == add_rrset['type']:
                 exists = True  # no need to add in the out_changes set
                 break
         if not exists:  # this is a deletion
             if change_num not in out_changes:
                 out_changes[change_num] = []
-            out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrest, [], "-"))
+            out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, [], "-"))
 
 
     # only used for changelog per record
@@ -133,9 +134,9 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
         else:
             return
         for hre in changes_i: # for each history record entry in changes_i
-            if 'type' in hre.add_rrest and hre.add_rrest['name'] == record_name and hre.add_rrest['type'] == record_type:
+            if 'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset['type'] == record_type:
                 continue
-            elif 'type' in hre.del_rrest and hre.del_rrest['name'] == record_name and hre.del_rrest['type'] == record_type:
+            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset['type'] == record_type:
                 continue
             else:
                 out_changes[change_num].remove(hre)
@@ -144,42 +145,42 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
 
 # records with same (name,type) are considered as a single HistoryRecordEntry
 # history_entry is of type History - used to extract created_by and created_on
-# add_rrest is a dictionary of replace
-# del_rrest is a dictionary of remove
+# add_rrset is a dictionary of replace
+# del_rrset is a dictionary of remove
 class HistoryRecordEntry:
-    def __init__(self, history_entry, del_rrest, add_rrest, change_type):
-        # search the add_rrest index into the add_rrest set for the key (name, type)
+    def __init__(self, history_entry, del_rrset, add_rrset, change_type):
+        # search the add_rrset index into the add_rrset set for the key (name, type)
 
         self.history_entry = history_entry
-        self.add_rrest = add_rrest
-        self.del_rrest = del_rrest
+        self.add_rrset = add_rrset
+        self.del_rrset = del_rrset
         self.change_type = change_type  # "*": edit or unchanged, "+" new tuple(name,type), "-" deleted (name,type) tuple
         self.changed_fields = []   # contains a subset of : [ttl, name, type]
-        self.changeSet = []   # all changes for the records of this add_rrest-del_rrest pair
+        self.changeSet = []   # all changes for the records of this add_rrset-del_rrset pair
 
 
         if change_type == "+": # addition
             self.changed_fields.append("name")
             self.changed_fields.append("type")
             self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrest, add_rrest)
+            self.changeSet = get_record_changes(del_rrset, add_rrset)
         elif change_type == "-": # removal
             self.changed_fields.append("name")
             self.changed_fields.append("type")
             self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrest, add_rrest)
+            self.changeSet = get_record_changes(del_rrset, add_rrset)
 
         elif change_type == "*":  # edit of unchanged
-            if add_rrest['ttl'] != del_rrest['ttl']:
+            if add_rrset['ttl'] != del_rrset['ttl']:
                 self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrest, add_rrest)
+            self.changeSet = get_record_changes(del_rrset, add_rrset)
 
 
 
     def toDict(self):
         return {
-            "add_rrest" : self.add_rrest,
-            "del_rrest" : self.del_rrest,
+            "add_rrset" : self.add_rrset,
+            "del_rrset" : self.del_rrset,
             "changed_fields" : self.changed_fields,
             "created_on" : self.history_entry.created_on,
             "created_by" : self.history_entry.created_by,
@@ -803,7 +804,7 @@ def __init__(self, history, change_set):
                 authenticator=detail_dict['authenticator'],
                 ip_address=detail_dict['ip_address'])
 
-        elif 'add_rrests' in detail_dict: # this is a domain record change
+        elif 'add_rrsets' in detail_dict: # this is a domain record change
             # changes_set = []
             self.detailed_msg = ""
             # extract_changelogs_from_a_history_entry(changes_set, history, 0)
@@ -902,7 +903,7 @@ def convert_histories(histories):
 	detailedHistories = []
 	j = 0
 	for i in range(len(histories)):
-		if histories[i].detail and ('add_rrests' in histories[i].detail or 'del_rrests' in histories[i].detail):
+		if histories[i].detail and ('add_rrsets' in histories[i].detail or 'del_rrsets' in histories[i].detail):
 			extract_changelogs_from_a_history_entry(changes_set, histories[i], j)
 			if j in changes_set:
 				detailedHistories.append(DetailedHistory(histories[i], changes_set[j]))
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index fe9e98c2b..6cc1bc186 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -63,7 +63,7 @@ def domain(domain_name):
 
     # Query domain's rrsets from PowerDNS API
     rrsets = Record().get_rrsets(domain.name)
-    current_app.logger.debug("Fetched rrests: \n{}".format(pretty_json(rrsets)))
+    current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
     if not rrsets and domain.type != 'Slave':
@@ -202,7 +202,7 @@ def changelog(domain_name):
 
     # Query domain's rrsets from PowerDNS API
     rrsets = Record().get_rrsets(domain.name)
-    current_app.logger.debug("Fetched rrests: \n{}".format(pretty_json(rrsets)))
+    current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
     if not rrsets and domain.type != 'Slave':
@@ -290,7 +290,7 @@ def record_changelog(domain_name, record_name, record_type):
         abort(404)
     # Query domain's rrsets from PowerDNS API
     rrsets = Record().get_rrsets(domain.name)
-    current_app.logger.debug("Fetched rrests: \n{}".format(pretty_json(rrsets)))
+    current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
     if not rrsets and domain.type != 'Slave':
@@ -328,9 +328,9 @@ def record_changelog(domain_name, record_name, record_type):
     for change_num in changes_set_of_record:
         changes_i = changes_set_of_record[change_num]
         for hre in changes_i: # for each history record entry in changes_i
-            if  'type' in hre.add_rrest and hre.add_rrest['name'] == record_name and hre.add_rrest['type'] == record_type:
+            if  'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset['type'] == record_type:
                 continue
-            elif 'type' in hre.del_rrest and hre.del_rrest['name'] == record_name and hre.del_rrest['type'] == record_type:
+            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset['type'] == record_type:
                 continue
             else:
                 changes_set_of_record[change_num].remove(hre)
@@ -450,9 +450,9 @@ def add():
                                     domain_name,
                                     'template':
                                     template.name,
-                                    'add_rrests':
+                                    'add_rrsets':
                                     result['data'][0]['rrsets'],
-                                    'del_rrests':
+                                    'del_rrsets':
                                     result['data'][1]['rrsets']
                                 }),
                             created_by=current_user.username,
@@ -685,8 +685,8 @@ def record_apply(domain_name):
                 msg='Apply record changes to domain {0}'.format(pretty_domain_name(domain_name)),
                 detail = json.dumps({
                         'domain': domain_name,
-                        'add_rrests': result['data'][0]['rrsets'],
-                        'del_rrests': result['data'][1]['rrsets']
+                        'add_rrsets': result['data'][0]['rrsets'],
+                        'del_rrsets': result['data'][1]['rrsets']
                     }),
                 created_by=current_user.username,
                 domain_id=domain.id)
diff --git a/powerdnsadmin/templates/applied_change_macro.html b/powerdnsadmin/templates/applied_change_macro.html
index 4bb1c4f2f..6a49b01d8 100644
--- a/powerdnsadmin/templates/applied_change_macro.html
+++ b/powerdnsadmin/templates/applied_change_macro.html
@@ -7,28 +7,28 @@
             <th colspan="3">
                 {% if hist_rec_entry.change_type == "+" %}
                 <span
-                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrest['name']}}
-                    {{hist_rec_entry.add_rrest['type']}}</span>
+                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrset['name']}}
+                    {{hist_rec_entry.add_rrset['type']}}</span>
                 {% elif hist_rec_entry.change_type == "-" %}
                 <s
                     style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                    {{hist_rec_entry.del_rrest['name']}}
-                    {{hist_rec_entry.del_rrest['type']}}
+                    {{hist_rec_entry.del_rrset['name']}}
+                    {{hist_rec_entry.del_rrset['type']}}
                 </s>
                 {% else %}
-                {{hist_rec_entry.add_rrest['name']}}
-                {{hist_rec_entry.add_rrest['type']}}
+                {{hist_rec_entry.add_rrset['name']}}
+                {{hist_rec_entry.add_rrset['type']}}
                 {% endif %}
 
                 , TTL:
                 {% if "ttl" in hist_rec_entry.changed_fields %}
                 <s
                     style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                    {{hist_rec_entry.del_rrest['ttl']}}</s>
+                    {{hist_rec_entry.del_rrset['ttl']}}</s>
                 <span
-                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrest['ttl']}}</span>
+                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrset['ttl']}}</span>
                 {% else %}
-                {{hist_rec_entry.add_rrest['ttl']}}
+                {{hist_rec_entry.add_rrset['ttl']}}
                 {% endif %}
 
             </th>
@@ -120,7 +120,7 @@
                 </table>
             </td>
             <td>
-                {% for comments in hist_rec_entry.add_rrest['comments'] %}
+                {% for comments in hist_rec_entry.add_rrset['comments'] %}
                 {{comments['content'] }}
                 <br/>
                 {% endfor %}
@@ -130,4 +130,4 @@
     </tbody>
 </table>
 {% endfor %}
-{%- endmacro %}
\ No newline at end of file
+{%- endmacro %}

From 5b36ad034d0d2062ffecdc2828ac17ef957e9afe Mon Sep 17 00:00:00 2001
From: pixelrebel <github@pixelrebel.com>
Date: Thu, 19 May 2022 14:02:04 -0700
Subject: [PATCH 014/475] Rename incorrect SAML cert/key config variables

---
 configs/development.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index 2c2e63d6c..61df886a1 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -133,8 +133,8 @@
 # CAUTION: For production use, usage of self-signed certificates it's highly discouraged.
 # Use certificates from trusted CA instead
 # ###########################################################################################
-# SAML_CERT_FILE = '/etc/pki/powerdns-admin/cert.crt'
-# SAML_CERT_KEY = '/etc/pki/powerdns-admin/key.pem'
+# SAML_CERT = '/etc/pki/powerdns-admin/cert.crt'
+# SAML_KEY = '/etc/pki/powerdns-admin/key.pem'
 
 # Configures if SAML tokens should be encrypted.
 # SAML_SIGN_REQUEST = False

From 9221d58a1bf344bac26b0add9b3844b8fbfbc924 Mon Sep 17 00:00:00 2001
From: pixelrebel <github@pixelrebel.com>
Date: Thu, 19 May 2022 14:49:46 -0700
Subject: [PATCH 015/475] Allow SAML AttributeStatements to be optional

---
 configs/development.py         | 4 ++++
 powerdnsadmin/services/saml.py | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/configs/development.py b/configs/development.py
index 61df886a1..a8678127d 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -148,6 +148,10 @@
 
 # #SAML_ASSERTION_ENCRYPTED = True
 
+# Some IdPs, like Okta, do not return Attribute Statements by default
+# Set the following to False if you are using Okta and not manually configuring Attribute Statements
+# #SAML_WANT_ATTRIBUTE_STATEMENT = True
+
 # Remote authentication settings
 
 # Whether to enable remote user authentication or not
diff --git a/powerdnsadmin/services/saml.py b/powerdnsadmin/services/saml.py
index 40c97bf00..67255ca44 100644
--- a/powerdnsadmin/services/saml.py
+++ b/powerdnsadmin/services/saml.py
@@ -163,7 +163,8 @@ def init_saml_auth(self, req):
             'signatureAlgorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
         settings['security']['wantAssertionsEncrypted'] = current_app.config.get(
             'SAML_ASSERTION_ENCRYPTED', True)
-        settings['security']['wantAttributeStatement'] = True
+        settings['security']['wantAttributeStatement'] = current_app.config.get(
+            'SAML_WANT_ATTRIBUTE_STATEMENT', True)
         settings['security']['wantNameId'] = True
         settings['security']['authnRequestsSigned'] = current_app.config[
             'SAML_SIGN_REQUEST']

From e4c8c3892f42fd8451ebe7b1c42e9d2091a73bc6 Mon Sep 17 00:00:00 2001
From: pixelrebel <github@pixelrebel.com>
Date: Thu, 19 May 2022 19:00:38 -0700
Subject: [PATCH 016/475] Use HTTP_X_FORWARDED_PROTO header from reverse proxy
 to rewrite https:// for SAML request URLs

---
 powerdnsadmin/services/saml.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/services/saml.py b/powerdnsadmin/services/saml.py
index 67255ca44..4a33ee635 100644
--- a/powerdnsadmin/services/saml.py
+++ b/powerdnsadmin/services/saml.py
@@ -72,8 +72,9 @@ def retrieve_idp_data(self):
     def prepare_flask_request(self, request):
         # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
         url_data = urlparse(request.url)
+        proto = request.headers.get('HTTP_X_FORWARDED_PROTO', request.scheme)
         return {
-            'https': 'on' if request.scheme == 'https' else 'off',
+            'https': 'on' if proto == 'https' else 'off',
             'http_host': request.host,
             'server_port': url_data.port,
             'script_name': request.path,

From 8c85e80c2b330062e8c51b38372544e219abdea4 Mon Sep 17 00:00:00 2001
From: pixelrebel <github@pixelrebel.com>
Date: Thu, 19 May 2022 20:36:28 -0700
Subject: [PATCH 017/475] Add SAML_ATTRIBUTE_GROUP and SAML_GROUP_ADMIN_NAME to
 the development config, with instructions for use

---
 configs/development.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/configs/development.py b/configs/development.py
index a8678127d..f1768d27b 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -120,6 +120,16 @@
 # ###  be created and the user added to them.
 # SAML_ATTRIBUTE_ACCOUNT = 'https://example.edu/pdns-account'
 
+# ## Attribute name that aggregates group names
+# ### Default: Don't collect IdP groups from SAML group attributes
+# ### In Okta, you can assign administrators by group using "Group Attribute Statements."
+# ### In this case, the SAML_ATTRIBUTE_GROUP will be the attribute name for a collection of
+# ###  groups passed in the SAML assertion.  From there, you can specify a SAML_GROUP_ADMIN_NAME.
+# ### If the user is a member of this group, and that group name is included in the collection,
+# ###   the user will be set as an administrator.
+# #SAML_ATTRIBUTE_GROUP = 'https://example.edu/pdns-groups'
+# #SAML_GROUP_ADMIN_NAME = 'PowerDNSAdmin-Administrators'
+
 # SAML_SP_ENTITY_ID = 'http://<SAML SP Entity ID>'
 # SAML_SP_CONTACT_NAME = '<contact name>'
 # SAML_SP_CONTACT_MAIL = '<contact mail>'

From 83ed5cfb2835be055330ec5ec8a3d53d08fce0bf Mon Sep 17 00:00:00 2001
From: RGanor <44501230+RGanor@users.noreply.github.com>
Date: Sat, 21 May 2022 11:26:40 +0300
Subject: [PATCH 018/475] Create codeql-analysis.yml (#1204)

---
 .github/workflows/codeql-analysis.yml | 72 +++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 000000000..ad59382e2
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,72 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '45 2 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript', 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+        
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

From 715c6b76cda3abba9e311049f0b925a17286c5b3 Mon Sep 17 00:00:00 2001
From: Josh Matthews <josh@sol1.com.au>
Date: Mon, 23 May 2022 14:38:16 +1000
Subject: [PATCH 019/475] added code to raise user to operator on SAML auth if
 in the right group

---
 powerdnsadmin/routes/index.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index f9a564929..a18cc20e2 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -1008,6 +1008,8 @@ def saml_authorized():
                                                       None)
         admin_group_name = current_app.config.get('SAML_GROUP_ADMIN_NAME',
                                                   None)
+        operator_group_name = current_app.config.get('SAML_GROUP_OPERATOR_NAME',
+                                                  None)
         group_to_account_mapping = create_group_to_account_mapping()
 
         if email_attribute_name in session['samlUserdata']:
@@ -1061,6 +1063,8 @@ def saml_authorized():
             uplift_to_admin(user)
         elif admin_group_name in user_groups:
             uplift_to_admin(user)
+        elif operator_group_name in user_groups:
+            uplift_to_operator(user)
         elif admin_attribute_name or group_attribute_name:
             if user.role.name != 'User':
                 user.role_id = Role.query.filter_by(name='User').first().id
@@ -1117,6 +1121,14 @@ def uplift_to_admin(user):
                           created_by='SAML Assertion')
         history.add()
 
+def uplift_to_operator(user):
+    if user.role.name != 'Operator':
+        user.role_id = Role.query.filter_by(name='Operator').first().id
+        history = History(msg='Promoting {0} to operator'.format(
+            user.username),
+                          created_by='SAML Assertion')
+        history.add()
+
 
 @index_bp.route('/saml/sls')
 def saml_logout():

From 2020055ab2c0ef4647e354c6025c7dcd2b735f0c Mon Sep 17 00:00:00 2001
From: Josh Matthews <josh@sol1.com.au>
Date: Mon, 23 May 2022 14:39:29 +1000
Subject: [PATCH 020/475] added code to pull the operator and admin groups from
 SAML auth requests

---
 configs/development.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/configs/development.py b/configs/development.py
index 2c2e63d6c..401c121f6 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -113,6 +113,14 @@
 # ###  the user is set as a non-administrator user.
 # #SAML_ATTRIBUTE_ADMIN = 'https://example.edu/pdns-admin'
 
+## Attribute to get admin status for groups with the IdP
+# ### Default: Don't set administrator group with SAML attributes
+#SAML_GROUP_ADMIN_NAME = 'GroupName'
+
+## Attribute to get operator status for groups with the IdP
+# ### Default: Don't set operator group with SAML attributes
+#SAML_GROUP_OPERATOR_NAME = 'GroupName'
+
 # ## Attribute to get account names from
 # ### Default: Don't control accounts with SAML attribute
 # ### If set, the user will be added and removed from accounts to match

From 1bee83332659d1d2e5c96a4edf41c1435a625c7e Mon Sep 17 00:00:00 2001
From: RGanor <ganor.roei98@gmail.com>
Date: Mon, 23 May 2022 16:46:11 +0000
Subject: [PATCH 021/475] Updated the unknown state

---
 powerdnsadmin/routes/api.py     |  2 +-
 powerdnsadmin/swagger-spec.yaml | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 6a6d74e92..d26deb85d 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1191,7 +1191,7 @@ def health():
     
     if not domain_to_query:
         current_app.logger.error("No domain found to query a health check")
-        return make_response("Down", 503)
+        return make_response("Unknown", 503)
 
     try:
         domain.get_domain_info(domain_to_query.name)                                
diff --git a/powerdnsadmin/swagger-spec.yaml b/powerdnsadmin/swagger-spec.yaml
index dbf484ece..75b1d9f00 100644
--- a/powerdnsadmin/swagger-spec.yaml
+++ b/powerdnsadmin/swagger-spec.yaml
@@ -782,6 +782,32 @@ paths:
         '422':
           description: 'Returned when something is wrong with the content of the request. Contains an error message'
 
+  '/servers/{server_id}/health':
+    get:
+      security:
+        - APIKeyHeader: []
+      summary: Perfoms health check
+      operationId: health_check
+      tags:
+        - Monitoring
+      parameters:
+        - name: server_id
+          in: path
+          required: true
+          description: The id of the server to retrieve
+          type: string
+      responses:
+        '200':
+          description: Healthcheck succeeded
+          schema:
+            type: string
+            example: "up"
+        '503':
+          description: Healthcheck failed
+          schema:
+            type: string
+            example: Down/Unknown
+            
   '/pdnsadmin/zones':
     get:
       security:

From 88df88f30b5327625c52d5b32c23d4e3a6277b04 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Tue, 24 May 2022 13:58:45 +0200
Subject: [PATCH 022/475] fix: Active directory filter is broken

---
 powerdnsadmin/models/user.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 1b34d629d..2f8b87c58 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -290,7 +290,7 @@ def is_validate(self, method, src_ip='', trust_user=False):
                                 if LDAP_USER_GROUP:
                                     ldap_user_group = "(memberOf:1.2.840.113556.1.4.1941:={0})".format(LDAP_USER_GROUP)
                                 searchFilter = "(&({0}={1})(|{2}{3}{4}))".format(LDAP_FILTER_USERNAME, self.username,
-                                                                                 LDAP_FILTER_GROUP, ldap_admin_group_filter,
+                                                                                 ldap_admin_group_filter,
                                                                                  ldap_operator_group, ldap_user_group)
                                 ldap_result = self.ldap_search(searchFilter, LDAP_BASE_DN)
                                 user_ad_member_of = ldap_result[0][0][1].get(

From f98326ea90e20ffe2cb720ddd7217cc81ccddf35 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Tue, 24 May 2022 23:45:14 +0200
Subject: [PATCH 023/475] Fix remaining typo occurrence

---
 powerdnsadmin/models/record.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index 9929b67b4..e56a6dec5 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -359,10 +359,10 @@ def remove_blank_comments(rrset):
 
                     # rollback - re-add the removed record if the adding operation is failed.
                     if del_rrsets["rrsets"]:
-                        rollback_rrests = del_rrsets
+                        rollback_rrsets = del_rrsets
                         for r in del_rrsets["rrsets"]:
                             r['changetype'] = 'REPLACE'
-                        rollback = self.apply_rrsets(domain_name, rollback_rrests)
+                        rollback = self.apply_rrsets(domain_name, rollback_rrsets)
                         if 'error' in rollback.keys():
                             return dict(status='error',
                                         msg='Failed to apply changes. Cannot rollback previous failed operation: {}'

From bcc84417794eae596fb3424d951d177e23dca66f Mon Sep 17 00:00:00 2001
From: Artem Silenkov <artem.silenkov@gmail.com>
Date: Tue, 7 Jun 2022 16:13:31 +0300
Subject: [PATCH 024/475] Add yml to deploy on kubernetes (#286)

---
 deploy/kubernetes/README.md      |   1 +
 deploy/kubernetes/configmap.yml  |  22 +++++++
 deploy/kubernetes/deployment.yml | 102 +++++++++++++++++++++++++++++++
 deploy/kubernetes/service.yml    |  15 +++++
 4 files changed, 140 insertions(+)
 create mode 100644 deploy/kubernetes/README.md
 create mode 100644 deploy/kubernetes/configmap.yml
 create mode 100644 deploy/kubernetes/deployment.yml
 create mode 100644 deploy/kubernetes/service.yml

diff --git a/deploy/kubernetes/README.md b/deploy/kubernetes/README.md
new file mode 100644
index 000000000..7770d8aa6
--- /dev/null
+++ b/deploy/kubernetes/README.md
@@ -0,0 +1 @@
+#Files to deploy pdns-admin on kubernetes
diff --git a/deploy/kubernetes/configmap.yml b/deploy/kubernetes/configmap.yml
new file mode 100644
index 000000000..c27e0b4c9
--- /dev/null
+++ b/deploy/kubernetes/configmap.yml
@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: powerdnsadmin-env
+  namespace: powerdnsadmin
+data:
+  FLASK_APP: "/powerdns-admin/app/__init__.py"
+  BIND_ADDRESS: changeme_0.0.0.0
+  LDAP_FILTER: changeme_(objectClass=user)
+  LDAP_PASSWORD: changeme_Password
+  LDAP_SEARCH_BASE: changeme_cn=Users,dc=domain,dc=com
+  LDAP_TYPE: changeme_ldap
+  LDAP_URI: changeme_ldaps://ad.domain.com:636
+  LDAP_USERNAME: changeme_cn=svcUser,ou=ScriptUsers,dc=domain,dc=com
+  LDAP_USERNAMEFIELD: changeme_sAMAccountName
+  PDNS_API_KEY: changeme_secret
+  PDNS_HOST: changeme_pdns_host
+  SECRET_KEY: changeme_secret
+  SQLA_DB_HOST: changeme_db_host
+  SQLA_DB_NAME: changeme_db_name
+  SQLA_DB_PASSWORD: changeme_db_password_
+  SQLA_DB_USER: changeme_db_user
diff --git a/deploy/kubernetes/deployment.yml b/deploy/kubernetes/deployment.yml
new file mode 100644
index 000000000..337f6385f
--- /dev/null
+++ b/deploy/kubernetes/deployment.yml
@@ -0,0 +1,102 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: powerdnsadmin
+  namespace: powerdnsadmin
+  labels:
+    app: powerdnsadmin
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: powerdnsadmin
+    spec:
+      containers:
+      - name: powerdnsadmin
+        image: changeme_artsn00p/powerdns-admin-docker
+        ports:
+        - containerPort: 80
+        env:
+        - name: BIND_ADDRESS
+          valueFrom:
+            configMapKeyRef:
+              key: BIND_ADDRESS
+              name: powerdnsadmin-env
+        - name: LDAP_FILTER
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_FILTER
+              name: powerdnsadmin-env
+        - name: LDAP_PASSWORD
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_PASSWORD
+              name: powerdnsadmin-env
+        - name: LDAP_SEARCH_BASE
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_SEARCH_BASE
+              name: powerdnsadmin-env
+        - name: LDAP_TYPE
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_TYPE
+              name: powerdnsadmin-env
+        - name: LDAP_URI
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_URI
+              name: powerdnsadmin-env
+        - name: LDAP_USERNAME
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_USERNAME
+              name: powerdnsadmin-env
+        - name: LDAP_USERNAMEFIELD
+          valueFrom:
+            configMapKeyRef:
+              key: LDAP_USERNAMEFIELD
+              name: powerdnsadmin-env
+        - name: PDNS_API_KEY
+          valueFrom:
+            configMapKeyRef:
+              key: PDNS_API_KEY
+              name: powerdnsadmin-env
+        - name: PDNS_HOST
+          valueFrom:
+            configMapKeyRef:
+              key: PDNS_HOST
+              name: powerdnsadmin-env
+        - name: SECRET_KEY
+          valueFrom:
+            configMapKeyRef:
+              key: SECRET_KEY
+              name: powerdnsadmin-env
+        - name: PDA_DB_HOST
+          valueFrom:
+            configMapKeyRef:
+              key: SQLA_DB_HOST
+              name: powerdnsadmin-env
+        - name: PDA_DB_NAME
+          valueFrom:
+            configMapKeyRef:
+              key: SQLA_DB_NAME
+              name: powerdnsadmin-env
+        - name: PDA_DB_PASSWORD
+          valueFrom:
+            configMapKeyRef:
+              key: SQLA_DB_PASSWORD
+              name: powerdnsadmin-env
+        - name: PDA_DB_USER
+          valueFrom:
+            configMapKeyRef:
+              key: SQLA_DB_USER
+              name: powerdnsadmin-env
+        - name: FLASK_APP
+          valueFrom:
+            configMapKeyRef:
+              key: FLASK_APP
+              name: powerdnsadmin-env
+      restartPolicy: Always
+
diff --git a/deploy/kubernetes/service.yml b/deploy/kubernetes/service.yml
new file mode 100644
index 000000000..813b37b60
--- /dev/null
+++ b/deploy/kubernetes/service.yml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: powerdnsadmin
+  namespace: powerdnsadmin
+  labels:
+    app: powerdnsadmin
+spec:
+  ports:
+  - name: http
+    port: 80
+    targetPort: 80
+  selector:
+    app: powerdnsadmin
+

From 88c0aaea278efb4bbe646632b3f11866190eb3e5 Mon Sep 17 00:00:00 2001
From: RGanor <44501230+RGanor@users.noreply.github.com>
Date: Tue, 7 Jun 2022 16:22:38 +0300
Subject: [PATCH 025/475] Updated k8s (#1216)

---
 deploy/kubernetes/README.md      |   2 +-
 deploy/kubernetes/configmap.yml  |  20 +-----
 deploy/kubernetes/deployment.yml | 105 +++++--------------------------
 3 files changed, 20 insertions(+), 107 deletions(-)

diff --git a/deploy/kubernetes/README.md b/deploy/kubernetes/README.md
index 7770d8aa6..9a0a5472b 100644
--- a/deploy/kubernetes/README.md
+++ b/deploy/kubernetes/README.md
@@ -1 +1 @@
-#Files to deploy pdns-admin on kubernetes
+#Files to deploy PowerDNS-Admin on kubernetes
diff --git a/deploy/kubernetes/configmap.yml b/deploy/kubernetes/configmap.yml
index c27e0b4c9..4270db254 100644
--- a/deploy/kubernetes/configmap.yml
+++ b/deploy/kubernetes/configmap.yml
@@ -1,22 +1,8 @@
-apiVersion: v1
 kind: ConfigMap
+apiVersion: v1
 metadata:
   name: powerdnsadmin-env
-  namespace: powerdnsadmin
 data:
-  FLASK_APP: "/powerdns-admin/app/__init__.py"
-  BIND_ADDRESS: changeme_0.0.0.0
-  LDAP_FILTER: changeme_(objectClass=user)
-  LDAP_PASSWORD: changeme_Password
-  LDAP_SEARCH_BASE: changeme_cn=Users,dc=domain,dc=com
-  LDAP_TYPE: changeme_ldap
-  LDAP_URI: changeme_ldaps://ad.domain.com:636
-  LDAP_USERNAME: changeme_cn=svcUser,ou=ScriptUsers,dc=domain,dc=com
-  LDAP_USERNAMEFIELD: changeme_sAMAccountName
-  PDNS_API_KEY: changeme_secret
-  PDNS_HOST: changeme_pdns_host
+  FLASK_APP: powerdnsadmin/__init__.py
   SECRET_KEY: changeme_secret
-  SQLA_DB_HOST: changeme_db_host
-  SQLA_DB_NAME: changeme_db_name
-  SQLA_DB_PASSWORD: changeme_db_password_
-  SQLA_DB_USER: changeme_db_user
+  SQLALCHEMY_DATABASE_URI: 'mysql://user:password@host/database'
diff --git a/deploy/kubernetes/deployment.yml b/deploy/kubernetes/deployment.yml
index 337f6385f..1e5fea5d9 100644
--- a/deploy/kubernetes/deployment.yml
+++ b/deploy/kubernetes/deployment.yml
@@ -1,102 +1,29 @@
-apiVersion: extensions/v1beta1
 kind: Deployment
+apiVersion: apps/v1
 metadata:
   name: powerdnsadmin
-  namespace: powerdnsadmin
   labels:
     app: powerdnsadmin
 spec:
+  strategy:
+    type: RollingUpdate
   replicas: 1
+  selector:
+    matchLabels:
+      app: powerdnsadmin
   template:
     metadata:
       labels:
         app: powerdnsadmin
     spec:
       containers:
-      - name: powerdnsadmin
-        image: changeme_artsn00p/powerdns-admin-docker
-        ports:
-        - containerPort: 80
-        env:
-        - name: BIND_ADDRESS
-          valueFrom:
-            configMapKeyRef:
-              key: BIND_ADDRESS
-              name: powerdnsadmin-env
-        - name: LDAP_FILTER
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_FILTER
-              name: powerdnsadmin-env
-        - name: LDAP_PASSWORD
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_PASSWORD
-              name: powerdnsadmin-env
-        - name: LDAP_SEARCH_BASE
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_SEARCH_BASE
-              name: powerdnsadmin-env
-        - name: LDAP_TYPE
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_TYPE
-              name: powerdnsadmin-env
-        - name: LDAP_URI
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_URI
-              name: powerdnsadmin-env
-        - name: LDAP_USERNAME
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_USERNAME
-              name: powerdnsadmin-env
-        - name: LDAP_USERNAMEFIELD
-          valueFrom:
-            configMapKeyRef:
-              key: LDAP_USERNAMEFIELD
-              name: powerdnsadmin-env
-        - name: PDNS_API_KEY
-          valueFrom:
-            configMapKeyRef:
-              key: PDNS_API_KEY
-              name: powerdnsadmin-env
-        - name: PDNS_HOST
-          valueFrom:
-            configMapKeyRef:
-              key: PDNS_HOST
-              name: powerdnsadmin-env
-        - name: SECRET_KEY
-          valueFrom:
-            configMapKeyRef:
-              key: SECRET_KEY
-              name: powerdnsadmin-env
-        - name: PDA_DB_HOST
-          valueFrom:
-            configMapKeyRef:
-              key: SQLA_DB_HOST
-              name: powerdnsadmin-env
-        - name: PDA_DB_NAME
-          valueFrom:
-            configMapKeyRef:
-              key: SQLA_DB_NAME
-              name: powerdnsadmin-env
-        - name: PDA_DB_PASSWORD
-          valueFrom:
-            configMapKeyRef:
-              key: SQLA_DB_PASSWORD
-              name: powerdnsadmin-env
-        - name: PDA_DB_USER
-          valueFrom:
-            configMapKeyRef:
-              key: SQLA_DB_USER
-              name: powerdnsadmin-env
-        - name: FLASK_APP
-          valueFrom:
-            configMapKeyRef:
-              key: FLASK_APP
-              name: powerdnsadmin-env
-      restartPolicy: Always
-
+        - name: powerdnsadmin
+          image: ngoduykhanh/powerdns-admin
+          ports:
+            - containerPort: 80
+              protocol: TCP
+          envFrom:
+            - configMapRef:
+                name: powerdnsadmin-env
+          imagePullPolicy: Always
+      restartPolicy: Always
\ No newline at end of file

From 3aba0693c4c9a015b6983a42844aba3bc75bff9e Mon Sep 17 00:00:00 2001
From: RGanor <44501230+RGanor@users.noreply.github.com>
Date: Tue, 7 Jun 2022 16:28:54 +0300
Subject: [PATCH 026/475] Update README.md for k8s deployment (#1217)

* Update deploy/kubernetes /README.md
---
 deploy/kubernetes/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deploy/kubernetes/README.md b/deploy/kubernetes/README.md
index 9a0a5472b..f0394b015 100644
--- a/deploy/kubernetes/README.md
+++ b/deploy/kubernetes/README.md
@@ -1 +1,2 @@
-#Files to deploy PowerDNS-Admin on kubernetes
+# Kubernetes
+Example and simplified deployment for kubernetes.

From 111210568372e53bc1d11ef7e982ba7738743074 Mon Sep 17 00:00:00 2001
From: jbe-dw <50663045+jbe-dw@users.noreply.github.com>
Date: Fri, 17 Jun 2022 16:48:23 +0200
Subject: [PATCH 027/475] feat: Add /api endpoint (#1206)

---
 powerdnsadmin/routes/__init__.py |  8 ++++++--
 powerdnsadmin/routes/api.py      | 17 +++++++++++++----
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/routes/__init__.py b/powerdnsadmin/routes/__init__.py
index 829f11051..b22324b0a 100644
--- a/powerdnsadmin/routes/__init__.py
+++ b/powerdnsadmin/routes/__init__.py
@@ -1,11 +1,14 @@
-from .base import login_manager, handle_bad_request, handle_unauthorized_access, handle_access_forbidden, handle_page_not_found, handle_internal_server_error
+from .base import (
+    login_manager, handle_bad_request, handle_unauthorized_access,
+    handle_access_forbidden, handle_page_not_found, handle_internal_server_error
+)
 
 from .index import index_bp
 from .user import user_bp
 from .dashboard import dashboard_bp
 from .domain import domain_bp
 from .admin import admin_bp
-from .api import api_bp
+from .api import api_bp, apilist_bp
 
 
 def init_app(app):
@@ -17,6 +20,7 @@ def init_app(app):
     app.register_blueprint(domain_bp)
     app.register_blueprint(admin_bp)
     app.register_blueprint(api_bp)
+    app.register_blueprint(apilist_bp)
 
     app.register_error_handler(400, handle_bad_request)
     app.register_error_handler(401, handle_unauthorized_access)
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index e37b2aec2..036912b41 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -36,6 +36,7 @@
 import string
 
 api_bp = Blueprint('api', __name__, url_prefix='/api/v1')
+apilist_bp = Blueprint('apilist', __name__, url_prefix='/')
 
 apikey_schema = ApiKeySchema(many=True)
 apikey_single_schema = ApiKeySchema()
@@ -47,6 +48,7 @@
 account_schema = AccountSchema(many=True)
 account_single_schema = AccountSchema()
 
+
 def get_user_domains():
     domains = db.session.query(Domain) \
         .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
@@ -177,6 +179,11 @@ def before_request():
             }))
 
 
+@apilist_bp.route('/api', methods=['GET'])
+def index():
+    return '[{"url": "/api/v1", "version": 1}]', 200
+
+
 @api_bp.route('/pdnsadmin/zones', methods=['POST'])
 @api_basic_auth
 @api_can_create_domain
@@ -294,7 +301,6 @@ def api_login_delete_zone(domain_name):
                               domain_id=domain_id)
             history.add()
 
-
     except Exception as e:
         current_app.logger.error('Error: {0}'.format(e))
         abort(500)
@@ -1087,7 +1093,7 @@ def api_zone_forward(server_id, zone_id):
     if 200 <= status < 300:
         current_app.logger.debug("Request to powerdns API successful")
         if Setting().get('enable_api_rr_history'):
-            if request.method in ['POST', 'PATCH'] :
+            if request.method in ['POST', 'PATCH']:
                 data = request.get_json(force=True)
                 for rrset_data in data['rrsets']:
                     history = History(msg='{0} zone {1} record of {2}'.format(
@@ -1160,8 +1166,10 @@ def api_get_zones(server_id):
         return jsonify(domain_schema.dump(domain_obj_list)), 200
     else:
         resp = helper.forward_request()
-        if (g.apikey.role.name not in ['Administrator', 'Operator']
-            and resp.status_code == 200):
+        if (
+            g.apikey.role.name not in ['Administrator', 'Operator']
+            and resp.status_code == 200
+        ):
             domain_list = [d['name']
                            for d in domain_schema.dump(g.apikey.domains)]
 
@@ -1182,6 +1190,7 @@ def api_server_forward():
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
 
+
 @api_bp.route('/servers/<string:server_id>', methods=['GET'])
 @apikey_auth
 def api_server_config_forward(server_id):

From 1926b862b8fcf784546e1508308d9dbbeaf72dfb Mon Sep 17 00:00:00 2001
From: TomSebty <61846662+TomSebty@users.noreply.github.com>
Date: Fri, 17 Jun 2022 18:50:51 +0300
Subject: [PATCH 028/475] feat: Option to forbid the creation of domain if it
 exists as a record (#1127)

When enabled, forbids the creation of a domain if it exists as a record in one of its parent domains (administrators and operators are not limited though).
---
 powerdnsadmin/decorators.py             | 19 +++++++++++-
 powerdnsadmin/lib/errors.py             |  7 +++++
 powerdnsadmin/models/domain.py          | 15 +++++++++
 powerdnsadmin/models/setting.py         |  3 +-
 powerdnsadmin/routes/admin.py           |  2 +-
 powerdnsadmin/routes/domain.py          | 38 +++++++++++++++++++++--
 powerdnsadmin/templates/domain_add.html | 41 +++++++++++++++++++++++++
 7 files changed, 120 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index df1e348c8..819ee3697 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -6,7 +6,7 @@
 
 from .models import User, ApiKey, Setting, Domain, Setting
 from .lib.errors import RequestIsNotJSON, NotEnoughPrivileges
-from .lib.errors import DomainAccessForbidden
+from .lib.errors import DomainAccessForbidden, DomainOverrideForbidden
 
 def admin_role_required(f):
     """
@@ -259,6 +259,13 @@ def decorated_function(*args, **kwargs):
             msg = "User {0} does not have enough privileges to create domain"
             current_app.logger.error(msg.format(current_user.username))
             raise NotEnoughPrivileges()
+        
+        if Setting().get('deny_domain_override'):
+            req = request.get_json(force=True)
+            domain = Domain()
+            if req['name'] and domain.is_overriding(req['name']):
+                raise DomainOverrideForbidden()
+
         return f(*args, **kwargs)
 
     return decorated_function
@@ -269,6 +276,9 @@ def apikey_can_create_domain(f):
     Grant access if:
         - user is in Operator role or higher, or
         - allow_user_create_domain is on
+        and
+        - deny_domain_override is off or
+        - override_domain is true (from request)
     """
     @wraps(f)
     def decorated_function(*args, **kwargs):
@@ -278,6 +288,13 @@ def decorated_function(*args, **kwargs):
             msg = "ApiKey #{0} does not have enough privileges to create domain"
             current_app.logger.error(msg.format(g.apikey.id))
             raise NotEnoughPrivileges()
+
+        if Setting().get('deny_domain_override'):
+            req = request.get_json(force=True)
+            domain = Domain()
+            if req['name'] and domain.is_overriding(req['name']):
+                raise DomainOverrideForbidden()
+
         return f(*args, **kwargs)
 
     return decorated_function
diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index 687f5543e..f570b4e69 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -44,6 +44,13 @@ def __init__(self, name=None, message="Domain access not allowed"):
         self.message = message
         self.name = name
 
+class DomainOverrideForbidden(StructuredException):
+    status_code = 409
+
+    def __init__(self, name=None, message="Domain override of record not allowed"):
+        StructuredException.__init__(self)
+        self.message = message
+        self.name = name
 
 class ApiKeyCreateFail(StructuredException):
     status_code = 500
diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index cfc949dbe..e4b27760f 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -881,3 +881,18 @@ def is_valid_access(self, user_id):
                 DomainUser.user_id == user_id,
                 AccountUser.user_id == user_id
             )).filter(Domain.id == self.id).first()
+
+    # Return None if this domain does not exist as record, 
+    # Return the parent domain that hold the record if exist
+    def is_overriding(self, domain_name):
+        upper_domain_name = '.'.join(domain_name.split('.')[1:])
+        while upper_domain_name != '':
+            if self.get_id_by_name(upper_domain_name.rstrip('.')) != None:
+                    upper_domain = self.get_domain_info(upper_domain_name)
+                    if 'rrsets' in upper_domain:
+                        for r in upper_domain['rrsets']:
+                            if domain_name.rstrip('.') in r['name'].rstrip('.'):
+                                current_app.logger.error('Domain already exists as a record: {} under domain: {}'.format(r['name'].rstrip('.'), upper_domain_name))
+                                return upper_domain_name
+            upper_domain_name = '.'.join(upper_domain_name.split('.')[1:])
+        return None
\ No newline at end of file
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 33b8db540..46e67247b 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -190,7 +190,8 @@ class Setting(db.Model):
         'otp_field_enabled': True,
         'custom_css': '',
         'otp_force': False,
-        'max_history_records': 1000
+        'max_history_records': 1000,
+        'deny_domain_override': False
     }
 
     def __init__(self, id=None, name=None, value=None):
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index ab5dce05c..4782ba0fe 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1268,7 +1268,7 @@ def setting_basic():
             'allow_user_create_domain', 'allow_user_remove_domain', 'allow_user_view_history', 'bg_domain_updates', 'site_name',
             'session_timeout', 'warn_session_timeout', 'ttl_options',
             'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email',
-	          'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force'
+	          'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force', 'deny_domain_override'
         ]
 
         return render_template('admin_setting_basic.html', settings=settings)
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index f94b2a14d..3261264bc 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -32,7 +32,6 @@
                       template_folder='templates',
                       url_prefix='/domain')
 
-
 @domain_bp.before_request
 def before_request():
     # Check if user is anonymous
@@ -401,6 +400,38 @@ def add():
             account_name = Account().get_name_by_id(account_id)
 
             d = Domain()
+
+            ### Test if a record same as the domain already exists in an upper level domain
+            if Setting().get('deny_domain_override'):
+
+                upper_domain = None
+                domain_override = False
+                domain_override_toggle = False
+
+                if current_user.role.name in ['Administrator', 'Operator']:
+                    domain_override = request.form.get('domain_override')
+                    domain_override_toggle = True
+
+
+                # If overriding box is not selected.
+                # False = Do not allow ovrriding, perform checks
+                # True = Allow overriding, do not perform checks
+                if not domain_override:
+                    upper_domain = d.is_overriding(domain_name)
+
+                if upper_domain:
+                    if current_user.role.name in ['Administrator', 'Operator']:
+                        accounts = Account.query.order_by(Account.name).all()
+                    else:
+                        accounts = current_user.get_accounts()
+                    
+                    msg = 'Domain already exists as a record under domain: {}'.format(upper_domain)
+                    
+                    return render_template('domain_add.html', 
+                                            domain_override_message=msg,
+                                            accounts=accounts,
+                                            domain_override_toggle=domain_override_toggle)
+           
             result = d.add(domain_name=domain_name,
                            domain_type=domain_type,
                            soa_edit_api=soa_edit_api,
@@ -478,14 +509,17 @@ def add():
 
     # Get
     else:
+        domain_override_toggle = False
         # Admins and Operators can set to any account
         if current_user.role.name in ['Administrator', 'Operator']:
             accounts = Account.query.order_by(Account.name).all()
+            domain_override_toggle = True
         else:
             accounts = current_user.get_accounts()
         return render_template('domain_add.html',
                                templates=templates,
-                               accounts=accounts)
+                               accounts=accounts,
+                               domain_override_toggle=domain_override_toggle)
 
 
 
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index f6e00543e..607730f5b 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -34,6 +34,13 @@ <h3 class="box-title">Create new domain</h3>
                             <input type="text" class="form-control" name="domain_name" id="domain_name"
                                 placeholder="Enter a valid domain name (required)">
                         </div>
+                        {% if domain_override_toggle == True %}
+                        <div class="form-group">
+                            <label>Domain Override Record</label>
+                            <input type="checkbox" id="domain_override" name="domain_override"
+                                class="checkbox">
+                        </div>
+                        {% endif %}
                         <select name="accountid" class="form-control" style="width:15em;">
                             <option value="0">- No Account -</option>
                             {% for account in accounts %}
@@ -178,3 +185,37 @@ <h3 class="box-title">Help with creating a new domain</h3>
     });
 </script>
 {% endblock %}
+{% block modals %}
+<script>
+{% if domain_override_message %}
+    $(document.body).ready(function () {
+        var modal = $("#modal_warning");
+        var info = "{{ domain_override_message }}";
+        modal.find('.modal-body p').text(info);
+        modal.modal('show');
+    });
+{% endif %}
+</script>
+</div>
+<div class="modal fade" id="modal_warning">
+  <div class="modal-dialog">
+      <div class="modal-content modal-sm">
+          <div class="modal-header alert-danger">
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+                  <span aria-hidden="true">&times;</span>
+              </button>
+              <h4 class="modal-title">WARNING</h4>
+          </div>
+          <div class="modal-body">
+              <p></p>
+          </div>
+          <div class="modal-footer">
+              <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
+                  CLOSE</button>
+          </div>
+      </div>
+      <!-- /.modal-content -->
+  </div>
+  <!-- /.modal-dialog -->
+</div>
+{% endblock %}

From bf83e68a4bba0ef41ea836639537ec1c4ba8fce1 Mon Sep 17 00:00:00 2001
From: gadall <gedalya@gedalya.net>
Date: Sat, 18 Jun 2022 18:11:22 +0800
Subject: [PATCH 029/475] Fix DynDNS2 using X-Forwarded-For (#1214)

utils.validate_ipaddress() takes a string, not a list
---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index f9a564929..7b8b9e874 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -836,7 +836,7 @@ def dyndns_update():
 
     remote_addr = utils.validate_ipaddress(
         request.headers.get('X-Forwarded-For',
-                            request.remote_addr).split(', ')[:1])
+                            request.remote_addr).split(', ')[0])
 
     response = 'nochg'
     for ip in myip_addr or remote_addr:

From 81f158d9bcf821f929fb8c65d9a59f903acb0ec1 Mon Sep 17 00:00:00 2001
From: RGanor <44501230+RGanor@users.noreply.github.com>
Date: Sat, 18 Jun 2022 15:20:49 +0300
Subject: [PATCH 030/475] enh: Enforce Record Restrictions in API (#1089)

Co-authored-by: Tom <tom@tom.com>
---
 powerdnsadmin/decorators.py     | 57 ++++++++++++++++++++++++++++++++-
 powerdnsadmin/lib/errors.py     | 17 +++++++++-
 powerdnsadmin/models/setting.py |  3 +-
 powerdnsadmin/routes/admin.py   |  2 +-
 powerdnsadmin/routes/api.py     |  4 ++-
 5 files changed, 78 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index 819ee3697..6382141ce 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -5,9 +5,10 @@
 from flask_login import current_user
 
 from .models import User, ApiKey, Setting, Domain, Setting
-from .lib.errors import RequestIsNotJSON, NotEnoughPrivileges
+from .lib.errors import RequestIsNotJSON, NotEnoughPrivileges, RecordTTLNotAllowed, RecordTypeNotAllowed
 from .lib.errors import DomainAccessForbidden, DomainOverrideForbidden
 
+
 def admin_role_required(f):
     """
     Grant access if user is in Administrator role
@@ -384,6 +385,60 @@ def decorated_function(*args, **kwargs):
         return decorated_function
     return decorator
 
+def allowed_record_types(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if request.method == 'GET':
+            return f(*args, **kwargs)
+
+        if g.apikey.role.name in ['Administrator', 'Operator']:
+            return f(*args, **kwargs)
+
+        records_allowed_to_edit = Setting().get_records_allow_to_edit()
+        content = request.get_json()
+        try:
+            for record in content['rrsets']:
+                if 'type' not in record:
+                    raise RecordTypeNotAllowed()
+
+                if record['type'] not in records_allowed_to_edit:
+                    current_app.logger.error(f"Error: Record type not allowed: {record['type']}")
+                    raise RecordTypeNotAllowed(message=f"Record type not allowed: {record['type']}")
+        except (TypeError, KeyError) as e:
+            raise e
+        return f(*args, **kwargs)
+
+    return decorated_function
+
+def allowed_record_ttl(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if not Setting().get('enforce_api_ttl'):
+            return f(*args, **kwargs)
+
+        if request.method == 'GET':
+            return f(*args, **kwargs)
+            
+        if g.apikey.role.name in ['Administrator', 'Operator']:
+            return f(*args, **kwargs)
+
+        allowed_ttls = Setting().get_ttl_options()
+        allowed_numeric_ttls = [ ttl[0] for ttl in allowed_ttls ]
+        content = request.get_json()
+        try:
+            for record in content['rrsets']:
+                if 'ttl' not in record:
+                    raise RecordTTLNotAllowed()
+
+                if record['ttl'] not in allowed_numeric_ttls:
+                    current_app.logger.error(f"Error: Record TTL not allowed: {record['ttl']}")
+                    raise RecordTTLNotAllowed(message=f"Record TTL not allowed: {record['ttl']}")
+        except (TypeError, KeyError) as e:
+            raise e
+        return f(*args, **kwargs)
+
+    return decorated_function
+
 
 def apikey_auth(f):
     @wraps(f)
diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index f570b4e69..d432bf4f4 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -170,7 +170,6 @@ def __init__(self, name=None, message="Update of user failed"):
         self.message = message
         self.name = name
 
-
 class UserDeleteFail(StructuredException):
     status_code = 500
 
@@ -178,3 +177,19 @@ def __init__(self, name=None, message="Delete of user failed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
+
+class RecordTypeNotAllowed(StructuredException):
+    status_code = 400
+
+    def __init__(self, name=None, message="Record type not allowed or does not present"):
+        StructuredException.__init__(self)
+        self.message = message
+        self.name = name
+
+class RecordTTLNotAllowed(StructuredException):
+    status_code = 400
+
+    def __init__(self, name=None, message="Record TTL not allowed or does not present"):
+        StructuredException.__init__(self)
+        self.message = message
+        self.name = name
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 46e67247b..cdeb865cb 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -28,7 +28,7 @@ class Setting(db.Model):
         'allow_user_create_domain': False,
         'allow_user_remove_domain': False,
         'allow_user_view_history': False,
-	'delete_sso_accounts': False,
+	    'delete_sso_accounts': False,
         'bg_domain_updates': False,
         'enable_api_rr_history': True,
         'site_name': 'PowerDNS-Admin',
@@ -110,6 +110,7 @@ class Setting(db.Model):
         'oidc_oauth_email': 'email',
         'oidc_oauth_account_name_property': '',
         'oidc_oauth_account_description_property': '',
+        'enforce_api_ttl': False,
         'forward_records_allow_edit': {
             'A': True,
             'AAAA': True,
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 4782ba0fe..b0adc61b8 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1268,7 +1268,7 @@ def setting_basic():
             'allow_user_create_domain', 'allow_user_remove_domain', 'allow_user_view_history', 'bg_domain_updates', 'site_name',
             'session_timeout', 'warn_session_timeout', 'ttl_options',
             'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email',
-	          'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force', 'deny_domain_override'
+	          'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force', 'deny_domain_override', 'enforce_api_ttl'
         ]
 
         return render_template('admin_setting_basic.html', settings=settings)
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 036912b41..1f00b313c 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -30,7 +30,7 @@
     apikey_can_create_domain, apikey_can_remove_domain,
     apikey_is_admin, apikey_can_access_domain, apikey_can_configure_dnssec,
     api_role_can, apikey_or_basic_auth,
-    callback_if_request_body_contains_key,
+    callback_if_request_body_contains_key, allowed_record_types, allowed_record_ttl
 )
 import secrets
 import string
@@ -1079,6 +1079,8 @@ def api_zone_subpath_forward(server_id, zone_id, subpath):
 @api_bp.route('/servers/<string:server_id>/zones/<string:zone_id>',
               methods=['GET', 'PUT', 'PATCH', 'DELETE'])
 @apikey_auth
+@allowed_record_types
+@allowed_record_ttl
 @apikey_can_access_domain
 @apikey_can_remove_domain(http_methods=['DELETE'])
 @callback_if_request_body_contains_key(apikey_can_configure_dnssec()(),

From beed738d02dc93e384b312fe77966f120cf1142d Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <81569672+AdvanticGmbH@users.noreply.github.com>
Date: Sat, 18 Jun 2022 14:23:05 +0200
Subject: [PATCH 031/475] enh: Improve performance of domain update (#1218)

author: @AdvanticGmbH
---
 powerdnsadmin/models/domain.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index e4b27760f..bbd71e1cd 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -143,9 +143,20 @@ def update(self):
                 current_app.logger.debug(traceback.format_exc())
 
             # update/add new domain
+            account_cache = {}
             for data in jdata:
                 if 'account' in data:
-                    account_id = Account().get_id_by_name(data['account'])
+                    # if no account is set don't try to query db
+                    if data['account'] == '':
+                        find_account_id = None
+                    else:
+                        find_account_id = account_cache.get(data['account'])
+                        # if account was not queried in the past and hence not in cache
+                        if find_account_id is None:
+                            find_account_id = Account().get_id_by_name(data['account'])
+                            # add to cache
+                            account_cache[data['account']] = find_account_id
+                    account_id = find_account_id
                 else:
                     current_app.logger.debug(
                         "No 'account' data found in API result - Unsupported PowerDNS version?"

From a3c50828a631d7627f0db34548773c594430220e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Fri, 19 Nov 2021 00:34:16 +0100
Subject: [PATCH 032/475] feat: Allow underscores and hyphens in account name

---
 powerdnsadmin/models/account.py                 |  2 +-
 powerdnsadmin/routes/index.py                   | 10 +++++-----
 powerdnsadmin/templates/admin_edit_account.html |  6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/powerdnsadmin/models/account.py b/powerdnsadmin/models/account.py
index 4d08fc196..4e3ca970c 100644
--- a/powerdnsadmin/models/account.py
+++ b/powerdnsadmin/models/account.py
@@ -35,7 +35,7 @@ def __init__(self, name=None, description=None, contact=None, mail=None):
 
         if self.name is not None:
             self.name = ''.join(c for c in self.name.lower()
-                                if c in "abcdefghijklmnopqrstuvwxyz0123456789")
+                                if c in "abcdefghijklmnopqrstuvwxyz0123456789_-")
 
     def __repr__(self):
         return '<Account {0}r>'.format(self.name)
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index d2a7e0adc..342b06e88 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -331,7 +331,7 @@ def login():
                         # check if user has permissions
                         account_users = account.get_user()
                         current_app.logger.info('Group: {} Users: {}'.format(
-                            group_name, 
+                            group_name,
                             account_users))
                         if user.id in account_users:
                             current_app.logger.info('User id {} is already in account {}'.format(
@@ -351,7 +351,7 @@ def login():
                         account.mail = ''
                         account.create_account()
                         history = History(msg='Create account {0}'.format(
-                            account.name), 
+                            account.name),
                             created_by='System')
                         history.add()
 
@@ -485,13 +485,13 @@ def login():
                                        saml_enabled=SAML_ENABLED,
                                        error='Token required')
 
-        if Setting().get('autoprovisioning') and auth_method!='LOCAL': 
+        if Setting().get('autoprovisioning') and auth_method!='LOCAL':
             urn_value=Setting().get('urn_value')
             Entitlements=user.read_entitlements(Setting().get('autoprovisioning_attribute'))
             if len(Entitlements)==0 and Setting().get('purge'):
                 user.set_role("User")
                 user.revoke_privilege(True)
-                
+
             elif len(Entitlements)!=0:
                 if checkForPDAEntries(Entitlements, urn_value):
                     user.updateUser(Entitlements)
@@ -1093,7 +1093,7 @@ def create_group_to_account_mapping():
 
 def handle_account(account_name, account_description=""):
     clean_name = ''.join(c for c in account_name.lower()
-                         if c in "abcdefghijklmnopqrstuvwxyz0123456789")
+                         if c in "abcdefghijklmnopqrstuvwxyz0123456789_-")
     if len(clean_name) > Account.name.type.length:
         current_app.logger.error(
             "Account name {0} too long. Truncated.".format(clean_name))
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 41f2d430c..0514ead48 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -49,7 +49,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             <span class="fa fa-cog form-control-feedback"></span>
                             {% if invalid_accountname %}
                             <span class="help-block">Cannot be blank and must only contain alphanumeric
-                                characters.</span>
+                                characters, hyphens or underscores.</span>
                             {% elif duplicate_accountname %}
                             <span class="help-block">Account name already in use.</span>
                             {% endif %}
@@ -112,8 +112,8 @@ <h3 class="box-title">Help with creating a new account</h3>
                     </p>
                     <p>Fill in all the fields to the in the form to the left.</p>
                     <p>
-                        <strong>Name</strong> is an account identifier. It will be stored as all lowercase letters (no
-                        spaces, special characters etc).<br />
+                        <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
+                        characters, hyphens and underscores (no space or other special character is allowed).<br />
                         <strong>Description</strong> is a user friendly name for this account.<br />
                         <strong>Contact person</strong> is the name of a contact person at the account.<br />
                         <strong>Mail Address</strong> is an e-mail address for the contact person.

From eb13b37e096f65e448cc09373d9d9708d0a220e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Wed, 1 Dec 2021 14:35:05 +0100
Subject: [PATCH 033/475] feat: Add the extra chars as an option

---
 powerdnsadmin/models/account.py                 |  6 +++++-
 powerdnsadmin/models/setting.py                 | 11 ++++++-----
 powerdnsadmin/routes/admin.py                   |  3 ++-
 powerdnsadmin/routes/index.py                   | 10 +++++++---
 powerdnsadmin/templates/admin_edit_account.html |  5 +++--
 5 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/powerdnsadmin/models/account.py b/powerdnsadmin/models/account.py
index 4e3ca970c..7425afc9e 100644
--- a/powerdnsadmin/models/account.py
+++ b/powerdnsadmin/models/account.py
@@ -34,8 +34,12 @@ def __init__(self, name=None, description=None, contact=None, mail=None):
         self.API_EXTENDED_URL = utils.pdns_api_extended_uri(self.PDNS_VERSION)
 
         if self.name is not None:
+            if Setting().get('account_name_extra_chars'):
+                char_list = "abcdefghijklmnopqrstuvwxyz0123456789_-."
+            else:
+                char_list = "abcdefghijklmnopqrstuvwxyz0123456789"
             self.name = ''.join(c for c in self.name.lower()
-                                if c in "abcdefghijklmnopqrstuvwxyz0123456789_-")
+                                if c in char_list)
 
     def __repr__(self):
         return '<Account {0}r>'.format(self.name)
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index cdeb865cb..51e78e56d 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -192,7 +192,8 @@ class Setting(db.Model):
         'custom_css': '',
         'otp_force': False,
         'max_history_records': 1000,
-        'deny_domain_override': False
+        'deny_domain_override': False,
+        'account_name_extra_chars': False
     }
 
     def __init__(self, id=None, name=None, value=None):
@@ -273,15 +274,15 @@ def set(self, setting, value):
 
     def get(self, setting):
         if setting in self.defaults:
- 
+
             if setting.upper() in current_app.config:
                 result = current_app.config[setting.upper()]
             else:
                 result = self.query.filter(Setting.name == setting).first()
- 
+
             if result is not None:
                 if hasattr(result,'value'):
-                    result = result.value 
+                    result = result.value
                 return strtobool(result) if result in [
                     'True', 'False'
                 ] else result
@@ -289,7 +290,7 @@ def get(self, setting):
                 return self.defaults[setting]
         else:
             current_app.logger.error('Unknown setting queried: {0}'.format(setting))
-            
+
     def get_records_allow_to_edit(self):
         return list(
             set(self.get_forward_records_allow_to_edit() +
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index b0adc61b8..c5f28d15b 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1268,7 +1268,8 @@ def setting_basic():
             'allow_user_create_domain', 'allow_user_remove_domain', 'allow_user_view_history', 'bg_domain_updates', 'site_name',
             'session_timeout', 'warn_session_timeout', 'ttl_options',
             'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email',
-	          'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force', 'deny_domain_override', 'enforce_api_ttl'
+            'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force',
+            'deny_domain_override', 'enforce_api_ttl', 'account_name_extra_chars'
         ]
 
         return render_template('admin_setting_basic.html', settings=settings)
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 342b06e88..6f5f0e2dd 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -401,7 +401,7 @@ def login():
             if name_prop in me and desc_prop in me:
                 accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
                 accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
-		
+
                 #Run on all groups the user is in by the index num.
                 for i in range(len(accounts_name_prop)):
                     description = ''
@@ -411,7 +411,7 @@ def login():
 
                     account_to_add.append(account)
                 user_accounts = user.get_accounts()
-                
+
 		# Add accounts
                 for account in account_to_add:
                     if account not in user_accounts:
@@ -1092,8 +1092,12 @@ def create_group_to_account_mapping():
 
 
 def handle_account(account_name, account_description=""):
+    if Setting().get('account_name_extra_chars'):
+        char_list = "abcdefghijklmnopqrstuvwxyz0123456789_-."
+    else:
+        char_list = "abcdefghijklmnopqrstuvwxyz0123456789"
     clean_name = ''.join(c for c in account_name.lower()
-                         if c in "abcdefghijklmnopqrstuvwxyz0123456789_-")
+                         if c in char_list)
     if len(clean_name) > Account.name.type.length:
         current_app.logger.error(
             "Account name {0} too long. Truncated.".format(clean_name))
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 0514ead48..1946bc926 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -49,7 +49,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             <span class="fa fa-cog form-control-feedback"></span>
                             {% if invalid_accountname %}
                             <span class="help-block">Cannot be blank and must only contain alphanumeric
-                                characters, hyphens or underscores.</span>
+                                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.</span>
                             {% elif duplicate_accountname %}
                             <span class="help-block">Account name already in use.</span>
                             {% endif %}
@@ -113,7 +113,8 @@ <h3 class="box-title">Help with creating a new account</h3>
                     <p>Fill in all the fields to the in the form to the left.</p>
                     <p>
                         <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
-                        characters, hyphens and underscores (no space or other special character is allowed).<br />
+                        characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
+                        {% else %} (no extra character is allowed){% endif %}.<br />
                         <strong>Description</strong> is a user friendly name for this account.<br />
                         <strong>Contact person</strong> is the name of a contact person at the account.<br />
                         <strong>Mail Address</strong> is an e-mail address for the contact person.

From a87b9315202fbe6af50293874df094ccde2a54e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Fri, 31 Dec 2021 09:51:12 +0100
Subject: [PATCH 034/475] feat: Move the account parse calls to a method

---
 powerdnsadmin/lib/errors.py     |  8 ++++++-
 powerdnsadmin/models/account.py | 40 +++++++++++++++++++++++----------
 powerdnsadmin/routes/api.py     | 22 ++++++++++--------
 powerdnsadmin/routes/index.py   | 26 +++++++++------------
 4 files changed, 58 insertions(+), 38 deletions(-)

diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index d432bf4f4..e1e07852e 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -136,6 +136,13 @@ def __init__(self, name=None, message="Account does not exist"):
         self.message = message
         self.name = name
 
+class InvalidAccountNameException(StructuredException):
+    status_code = 400
+
+    def __init__(self, name=None, message="The account name is invalid"):
+        StructuredException.__init__(self)
+        self.message = message
+        self.name = name
 
 class UserCreateFail(StructuredException):
     status_code = 500
@@ -145,7 +152,6 @@ def __init__(self, name=None, message="Creation of user failed"):
         self.message = message
         self.name = name
 
-
 class UserCreateDuplicate(StructuredException):
     status_code = 409
 
diff --git a/powerdnsadmin/models/account.py b/powerdnsadmin/models/account.py
index 7425afc9e..ab2341ec2 100644
--- a/powerdnsadmin/models/account.py
+++ b/powerdnsadmin/models/account.py
@@ -3,6 +3,7 @@
 from urllib.parse import urljoin
 
 from ..lib import utils
+from ..lib.errors import InvalidAccountNameException
 from .base import db
 from .setting import Setting
 from .user import User
@@ -22,7 +23,7 @@ class Account(db.Model):
                               back_populates="accounts")
 
     def __init__(self, name=None, description=None, contact=None, mail=None):
-        self.name = name
+        self.name = Account.sanitize_name(name) if name is not None else name
         self.description = description
         self.contact = contact
         self.mail = mail
@@ -33,13 +34,30 @@ def __init__(self, name=None, description=None, contact=None, mail=None):
         self.PDNS_VERSION = Setting().get('pdns_version')
         self.API_EXTENDED_URL = utils.pdns_api_extended_uri(self.PDNS_VERSION)
 
-        if self.name is not None:
-            if Setting().get('account_name_extra_chars'):
-                char_list = "abcdefghijklmnopqrstuvwxyz0123456789_-."
-            else:
-                char_list = "abcdefghijklmnopqrstuvwxyz0123456789"
-            self.name = ''.join(c for c in self.name.lower()
-                                if c in char_list)
+
+    @staticmethod
+    def sanitize_name(name):
+        """
+        Formats the provided name to fit into the constraint
+        """
+        if not isinstance(name, str):
+            raise InvalidAccountNameException("Account name must be a string")
+
+        allowed_characters = "abcdefghijklmnopqrstuvwxyz0123456789"
+
+        if Setting().get('account_name_extra_chars'):
+            allowed_characters += "_-."
+
+        sanitized_name = ''.join(c for c in name.lower() if c in allowed_characters)
+
+        if len(sanitized_name) > Account.name.type.length:
+            current_app.logger.error("Account name {0} too long. Truncated to: {1}".format(
+                                     sanitized_name, sanitized_name[:Account.name.type.length]))
+
+        if not sanitized_name:
+            raise InvalidAccountNameException("Empty string is not a valid account name")
+
+        return sanitized_name[:Account.name.type.length]
 
     def __repr__(self):
         return '<Account {0}r>'.format(self.name)
@@ -72,11 +90,9 @@ def create_account(self):
         """
         Create a new account
         """
-        # Sanity check - account name
-        if self.name == "":
-            return {'status': False, 'msg': 'No account name specified'}
+        self.name = Account.sanitize_name(self.name)
 
-        # check that account name is not already used
+        # Check that account name is not already used
         account = Account.query.filter(Account.name == self.name).first()
         if account:
             return {'status': False, 'msg': 'Account already exists'}
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 1f00b313c..672e84a3e 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -23,7 +23,7 @@
     AccountCreateFail, AccountUpdateFail, AccountDeleteFail,
     AccountCreateDuplicate, AccountNotExists,
     UserCreateFail, UserCreateDuplicate, UserUpdateFail, UserDeleteFail,
-    UserUpdateFailEmail
+    UserUpdateFailEmail, InvalidAccountNameException
 )
 from ..decorators import (
     api_basic_auth, api_can_create_domain, is_json, apikey_auth,
@@ -870,12 +870,15 @@ def api_create_account():
     contact = data['contact'] if 'contact' in data else None
     mail = data['mail'] if 'mail' in data else None
     if not name:
-        current_app.logger.debug("Account name missing")
-        abort(400)
+        current_app.logger.debug("Account creation failed: name missing")
+        raise InvalidAccountNameException(message="Account name missing")
+
+    sanitized_name = Account.sanitize_name(name)
+    account_exists = Account.query.filter(Account.name == sanitized_name).all()
 
-    account_exists = [] or Account.query.filter(Account.name == name).all()
     if len(account_exists) > 0:
-        msg = "Account {} already exists".format(name)
+        msg = ("Requested Account {} would be translated to {}"
+               " which already exists").format(name, sanitized_name)
         current_app.logger.debug(msg)
         raise AccountCreateDuplicate(message=msg)
 
@@ -913,8 +916,9 @@ def api_update_account(account_id):
     if not account:
         abort(404)
 
-    if name and name != account.name:
-        abort(400)
+    if name and Account.sanitize_name(name) != account.name:
+        msg = "Account name is immutable"
+        raise AccountUpdateFail(message=msg)
 
     if current_user.role.name not in ['Administrator', 'Operator']:
         msg = "User role update accounts"
@@ -1212,13 +1216,13 @@ def sync_domains():
 def health():
     domain = Domain()
     domain_to_query = domain.query.first()
-    
+
     if not domain_to_query:
         current_app.logger.error("No domain found to query a health check")
         return make_response("Unknown", 503)
 
     try:
-        domain.get_domain_info(domain_to_query.name)                                
+        domain.get_domain_info(domain_to_query.name)
     except Exception as e:
         current_app.logger.error("Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
         return make_response("Down", 503)
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 6f5f0e2dd..93823ce13 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -323,8 +323,8 @@ def login():
                             # Regexp didn't match, continue to next iteration
                             continue
 
-                    account = Account()
-                    account_id = account.get_id_by_name(account_name=group_name)
+                    sanitized_group_name = Account.sanitize_name(group_name)
+                    account_id = account.get_id_by_name(account_name=sanitized_group_name)
 
                     if account_id:
                         account = Account.query.get(account_id)
@@ -345,10 +345,12 @@ def login():
                             current_app.logger.info('User {} added to Account {}'.format(
                                 user.username, account.name))
                     else:
-                        account.name = group_name
-                        account.description = group_description
-                        account.contact = ''
-                        account.mail = ''
+                        account = Account(
+                            name=sanitized_group_name,
+                            description=group_description,
+                            contact='',
+                            mail=''
+                        )
                         account.create_account()
                         history = History(msg='Create account {0}'.format(
                             account.name),
@@ -1092,18 +1094,10 @@ def create_group_to_account_mapping():
 
 
 def handle_account(account_name, account_description=""):
-    if Setting().get('account_name_extra_chars'):
-        char_list = "abcdefghijklmnopqrstuvwxyz0123456789_-."
-    else:
-        char_list = "abcdefghijklmnopqrstuvwxyz0123456789"
-    clean_name = ''.join(c for c in account_name.lower()
-                         if c in char_list)
-    if len(clean_name) > Account.name.type.length:
-        current_app.logger.error(
-            "Account name {0} too long. Truncated.".format(clean_name))
+    clean_name = Account.sanitize_name(account_name)
     account = Account.query.filter_by(name=clean_name).first()
     if not account:
-        account = Account(name=clean_name.lower(),
+        account = Account(name=clean_name,
                           description=account_description,
                           contact='',
                           mail='')

From 3e462dab1749887a24bfdc39fabdecea5bf7d9cb Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 12:53:19 +0200
Subject: [PATCH 035/475] Fix csrf configuration

CSRF has been initialized *before* the app config was fully read. That
made it impossible to configure CSRF properly. Moved the CSRF init into
the routes module, and switched from programmatic to decorated
exemptions. GET routes don't need to be exempted because they are by
default.
---
 powerdnsadmin/__init__.py        | 28 +---------------------------
 powerdnsadmin/routes/__init__.py |  3 ++-
 powerdnsadmin/routes/api.py      | 20 ++++++++++++++++++++
 powerdnsadmin/routes/base.py     |  4 ++++
 powerdnsadmin/routes/index.py    |  5 ++++-
 5 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index c70b273d4..02479a529 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -1,7 +1,6 @@
 import os
 import logging
 from flask import Flask
-from flask_seasurf import SeaSurf
 from flask_mail import Mail
 from werkzeug.middleware.proxy_fix import ProxyFix
 from flask_session import Session
@@ -33,31 +32,6 @@ def create_app(config=None):
     # Proxy
     app.wsgi_app = ProxyFix(app.wsgi_app)
 
-    # CSRF protection
-    csrf = SeaSurf(app)
-    csrf.exempt(routes.index.dyndns_checkip)
-    csrf.exempt(routes.index.dyndns_update)
-    csrf.exempt(routes.index.saml_authorized)
-    csrf.exempt(routes.api.api_login_create_zone)
-    csrf.exempt(routes.api.api_login_delete_zone)
-    csrf.exempt(routes.api.api_generate_apikey)
-    csrf.exempt(routes.api.api_delete_apikey)
-    csrf.exempt(routes.api.api_update_apikey)
-    csrf.exempt(routes.api.api_zone_subpath_forward)
-    csrf.exempt(routes.api.api_zone_forward)
-    csrf.exempt(routes.api.api_create_zone)
-    csrf.exempt(routes.api.api_create_account)
-    csrf.exempt(routes.api.api_delete_account)
-    csrf.exempt(routes.api.api_update_account)
-    csrf.exempt(routes.api.api_create_user)
-    csrf.exempt(routes.api.api_delete_user)
-    csrf.exempt(routes.api.api_update_user)
-    csrf.exempt(routes.api.api_list_account_users)
-    csrf.exempt(routes.api.api_add_account_user)
-    csrf.exempt(routes.api.api_remove_account_user)
-    csrf.exempt(routes.api.api_zone_cryptokeys)
-    csrf.exempt(routes.api.api_zone_cryptokey)
-
     # Load config from env variables if using docker
     if os.path.exists(os.path.join(app.root_path, 'docker_config.py')):
         app.config.from_object('powerdnsadmin.docker_config')
@@ -69,7 +43,7 @@ def create_app(config=None):
     if 'FLASK_CONF' in os.environ:
         app.config.from_envvar('FLASK_CONF')
 
-    # Load app sepecified configuration
+    # Load app specified configuration
     if config is not None:
         if isinstance(config, dict):
             app.config.update(config)
diff --git a/powerdnsadmin/routes/__init__.py b/powerdnsadmin/routes/__init__.py
index b22324b0a..7d8aa9a46 100644
--- a/powerdnsadmin/routes/__init__.py
+++ b/powerdnsadmin/routes/__init__.py
@@ -1,5 +1,5 @@
 from .base import (
-    login_manager, handle_bad_request, handle_unauthorized_access,
+    csrf, login_manager, handle_bad_request, handle_unauthorized_access,
     handle_access_forbidden, handle_page_not_found, handle_internal_server_error
 )
 
@@ -13,6 +13,7 @@
 
 def init_app(app):
     login_manager.init_app(app)
+    csrf.init_app(app)
 
     app.register_blueprint(index_bp)
     app.register_blueprint(user_bp)
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 672e84a3e..3df31e18e 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -6,6 +6,7 @@
 )
 from flask_login import current_user
 
+from .base import csrf
 from ..models.base import db
 from ..models import (
     User, Domain, DomainUser, Account, AccountUser, History, Setting, ApiKey,
@@ -187,6 +188,7 @@ def index():
 @api_bp.route('/pdnsadmin/zones', methods=['POST'])
 @api_basic_auth
 @api_can_create_domain
+@csrf.exempt
 def api_login_create_zone():
     pdns_api_url = Setting().get('pdns_api_url')
     pdns_api_key = Setting().get('pdns_api_key')
@@ -255,6 +257,7 @@ def api_login_list_zones():
 @api_bp.route('/pdnsadmin/zones/<string:domain_name>', methods=['DELETE'])
 @api_basic_auth
 @api_can_create_domain
+@csrf.exempt
 def api_login_delete_zone(domain_name):
     pdns_api_url = Setting().get('pdns_api_url')
     pdns_api_key = Setting().get('pdns_api_key')
@@ -310,6 +313,7 @@ def api_login_delete_zone(domain_name):
 
 @api_bp.route('/pdnsadmin/apikeys', methods=['POST'])
 @api_basic_auth
+@csrf.exempt
 def api_generate_apikey():
     data = request.get_json()
     description = None
@@ -466,6 +470,7 @@ def api_get_apikey(apikey_id):
 
 @api_bp.route('/pdnsadmin/apikeys/<int:apikey_id>', methods=['DELETE'])
 @api_basic_auth
+@csrf.exempt
 def api_delete_apikey(apikey_id):
     apikey = ApiKey.query.get(apikey_id)
 
@@ -503,6 +508,7 @@ def api_delete_apikey(apikey_id):
 
 @api_bp.route('/pdnsadmin/apikeys/<int:apikey_id>', methods=['PUT'])
 @api_basic_auth
+@csrf.exempt
 def api_update_apikey(apikey_id):
     # if role different and user is allowed to change it, update
     # if apikey domains are different and user is allowed to handle
@@ -664,6 +670,7 @@ def api_list_users(username=None):
 @api_bp.route('/pdnsadmin/users', methods=['POST'])
 @api_basic_auth
 @api_role_can('create users', allow_self=True)
+@csrf.exempt
 def api_create_user():
     """
     Create new user
@@ -737,6 +744,7 @@ def api_create_user():
 @api_bp.route('/pdnsadmin/users/<int:user_id>', methods=['PUT'])
 @api_basic_auth
 @api_role_can('update users', allow_self=True)
+@csrf.exempt
 def api_update_user(user_id):
     """
     Update existing user
@@ -809,6 +817,7 @@ def api_update_user(user_id):
 @api_bp.route('/pdnsadmin/users/<int:user_id>', methods=['DELETE'])
 @api_basic_auth
 @api_role_can('delete users')
+@csrf.exempt
 def api_delete_user(user_id):
     user = User.query.get(user_id)
     if not user:
@@ -860,6 +869,7 @@ def api_list_accounts(account_name):
 
 @api_bp.route('/pdnsadmin/accounts', methods=['POST'])
 @api_basic_auth
+@csrf.exempt
 def api_create_account():
     if current_user.role.name not in ['Administrator', 'Operator']:
         msg = "{} role cannot create accounts".format(current_user.role.name)
@@ -904,6 +914,7 @@ def api_create_account():
 @api_bp.route('/pdnsadmin/accounts/<int:account_id>', methods=['PUT'])
 @api_basic_auth
 @api_role_can('update accounts')
+@csrf.exempt
 def api_update_account(account_id):
     data = request.get_json()
     name = data['name'] if 'name' in data else None
@@ -945,6 +956,7 @@ def api_update_account(account_id):
 @api_bp.route('/pdnsadmin/accounts/<int:account_id>', methods=['DELETE'])
 @api_basic_auth
 @api_role_can('delete accounts')
+@csrf.exempt
 def api_delete_account(account_id):
     account_list = [] or Account.query.filter(Account.id == account_id).all()
     if len(account_list) == 1:
@@ -996,6 +1008,7 @@ def api_list_account_users(account_id):
     methods=['PUT'])
 @api_basic_auth
 @api_role_can('add user to account')
+@csrf.exempt
 def api_add_account_user(account_id, user_id):
     account = Account.query.get(account_id)
     if not account:
@@ -1023,6 +1036,7 @@ def api_add_account_user(account_id, user_id):
     methods=['DELETE'])
 @api_basic_auth
 @api_role_can('remove user from account')
+@csrf.exempt
 def api_remove_account_user(account_id, user_id):
     account = Account.query.get(account_id)
     if not account:
@@ -1054,6 +1068,7 @@ def api_remove_account_user(account_id, user_id):
 @apikey_auth
 @apikey_can_access_domain
 @apikey_can_configure_dnssec(http_methods=['POST'])
+@csrf.exempt
 def api_zone_cryptokeys(server_id, zone_id):
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
@@ -1065,6 +1080,7 @@ def api_zone_cryptokeys(server_id, zone_id):
 @apikey_auth
 @apikey_can_access_domain
 @apikey_can_configure_dnssec()
+@csrf.exempt
 def api_zone_cryptokey(server_id, zone_id, cryptokey_id):
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
@@ -1075,6 +1091,7 @@ def api_zone_cryptokey(server_id, zone_id, cryptokey_id):
     methods=['GET', 'POST', 'PUT', 'PATCH', 'DELETE'])
 @apikey_auth
 @apikey_can_access_domain
+@csrf.exempt
 def api_zone_subpath_forward(server_id, zone_id, subpath):
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
@@ -1090,6 +1107,7 @@ def api_zone_subpath_forward(server_id, zone_id, subpath):
 @callback_if_request_body_contains_key(apikey_can_configure_dnssec()(),
                                        http_methods=['PUT'],
                                        keys=['dnssec', 'nsec3param'])
+@csrf.exempt
 def api_zone_forward(server_id, zone_id):
     resp = helper.forward_request()
     if not Setting().get('bg_domain_updates'):
@@ -1127,6 +1145,7 @@ def api_zone_forward(server_id, zone_id):
 @api_bp.route('/servers/<path:subpath>', methods=['GET', 'PUT'])
 @apikey_auth
 @apikey_is_admin
+@csrf.exempt
 def api_server_sub_forward(subpath):
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
@@ -1135,6 +1154,7 @@ def api_server_sub_forward(subpath):
 @api_bp.route('/servers/<string:server_id>/zones', methods=['POST'])
 @apikey_auth
 @apikey_can_create_domain
+@csrf.exempt
 def api_create_zone(server_id):
     resp = helper.forward_request()
 
diff --git a/powerdnsadmin/routes/base.py b/powerdnsadmin/routes/base.py
index 48ef1c03b..16ed00ae8 100644
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@@ -1,9 +1,13 @@
 import base64
+
 from flask import render_template, url_for, redirect, session, request, current_app
 from flask_login import LoginManager
+from flask_seasurf import SeaSurf
 
 from ..models.user import User
 
+
+csrf = SeaSurf()
 login_manager = LoginManager()
 
 
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 93823ce13..3a6f55cf9 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -10,7 +10,7 @@
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
 from flask_login import login_user, logout_user, login_required, current_user
 
-from .base import login_manager
+from .base import csrf, login_manager
 from ..lib import utils
 from ..decorators import dyndns_login_required
 from ..models.base import db
@@ -763,6 +763,7 @@ def resend_confirmation_email():
 
 
 @index_bp.route('/nic/checkip.html', methods=['GET', 'POST'])
+@csrf.exempt
 def dyndns_checkip():
     # This route covers the default ddclient 'web' setting for the checkip service
     return render_template('dyndns.html',
@@ -771,6 +772,7 @@ def dyndns_checkip():
 
 
 @index_bp.route('/nic/update', methods=['GET', 'POST'])
+@csrf.exempt
 @dyndns_login_required
 def dyndns_update():
     # dyndns protocol response codes in use are:
@@ -961,6 +963,7 @@ def saml_metadata():
 
 
 @index_bp.route('/saml/authorized', methods=['GET', 'POST'])
+@csrf.exempt
 def saml_authorized():
     errors = []
     if not current_app.config.get('SAML_ENABLED'):

From ae2ad6527a81adef5c4bf858fdd4f3865fb351be Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 12:53:28 +0200
Subject: [PATCH 036/475] Set csrf cookie to httponly

The CSRF token is currently inserted directly in the template and not
in the browser via JavaScript from the cookie, so making it inaccessible
is not a problem.

The Sesson-cookie is already httponly by default [0].

[0] https://flask.palletsprojects.com/en/2.1.x/config/?highlight=session_cookie_httponly#SESSION_COOKIE_HTTPONLY
---
 configs/docker_config.py        | 1 +
 powerdnsadmin/default_config.py | 1 +
 2 files changed, 2 insertions(+)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 6666fc2ce..ba0a233fa 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -2,6 +2,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 80
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
+CSRF_COOKIE_HTTPONLY = True
 
 legal_envvars = (
     'SECRET_KEY',
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 16b816185..873768047 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -10,6 +10,7 @@
 HSTS_ENABLED = False
 OFFLINE_MODE = False
 FILESYSTEM_SESSIONS_ENABLED = False
+CSRF_COOKIE_HTTPONLY = True
 
 ### DATABASE CONFIG
 SQLA_DB_USER = 'pda'

From 1a7752444735a33e471981e5fb85a789a1cd8777 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 12:53:32 +0200
Subject: [PATCH 037/475] Allow secure cookies in docker

Setting these two options to True is recommended if (and only if) you
serve PDA via TLS. It will break things on plain-HTTP deployments.
For plain deployments these can be set in the flask config file, for
docker they have to be whitelisted to be set via env vars.
---
 configs/docker_config.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index ba0a233fa..2cc6310ab 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -57,7 +57,9 @@
     'LDAP_ENABLED',
     'SAML_CERT',
     'SAML_KEY',
-    'FILESYSTEM_SESSIONS_ENABLED'
+    'FILESYSTEM_SESSIONS_ENABLED',
+    'SESSION_COOKIE_SECURE',
+    'CSRF_COOKIE_SECURE',
 )
 
 legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
@@ -79,7 +81,9 @@
     'SIGNUP_ENABLED',
     'LOCAL_DB_ENABLED',
     'LDAP_ENABLED',
-    'FILESYSTEM_SESSIONS_ENABLED'
+    'FILESYSTEM_SESSIONS_ENABLED',
+    'SESSION_COOKIE_SECURE',
+    'CSRF_COOKIE_SECURE',
 )
 
 # import everything from environment variables

From 52b704baeb00b43e393bb3157f8eb24a4a7955cb Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Tue, 31 May 2022 00:35:04 +0200
Subject: [PATCH 038/475] Set SameSite on cookies

Setting this attribute on a cookie marks it as non-cross-site, so it
is only send in requests to our own server. It is reasonable that no
one else should need our session or csrf data. Setting it explicitly
also prevents any issues from the ongoing change in browser behaviour [0]
when it is unset.

Seasurf supports the SameSite attribute starting with v0.3. As nothing
obviously broke, I used the opportunity and updated all the way to the
most recent version.

The SeaSurf default for SameSite is already `Lax`, so it only needs to
be set for the session cookie.

[0] https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure
---
 configs/docker_config.py        | 1 +
 powerdnsadmin/default_config.py | 1 +
 requirements.txt                | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 2cc6310ab..728525296 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -2,6 +2,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 80
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
+SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 
 legal_envvars = (
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 873768047..93b97b74d 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -10,6 +10,7 @@
 HSTS_ENABLED = False
 OFFLINE_MODE = False
 FILESYSTEM_SESSIONS_ENABLED = False
+SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 
 ### DATABASE CONFIG
diff --git a/requirements.txt b/requirements.txt
index ce2445052..ec2ecbbcd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -18,7 +18,7 @@ pytz==2020.1
 cssmin==0.2.0
 jsmin==3.0.0
 Authlib==0.15
-Flask-SeaSurf==0.2.2
+Flask-SeaSurf==1.1.1
 bravado-core==5.17.0
 lima==0.5
 pytest==6.1.1

From af902f24a2b58ba9ad408217ef3f17bbdef9433b Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 19 May 2022 00:56:13 +0200
Subject: [PATCH 039/475] Update using only one api call

Starting with the very first commit, the update was always done with
two api calls: one for DELETE and one for REPLACE. It is however
perfectly valid and save to do both at once, which makes it atomic, so
no need for the rollback. Plus it only updates the serial once.
There is no point in sending the full RRset data when deleting it, the
key attributes to identify it are enough. This also make the behaviour
consistent with the api docs [0] where it says "MUST NOT be included
when changetype is set to DELETE."

[0] https://doc.powerdns.com/authoritative/http-api/zone.html#rrset
---
 powerdnsadmin/models/record.py | 97 ++++++++++++++++------------------
 1 file changed, 45 insertions(+), 52 deletions(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index 112b9e335..b5e3050fd 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -303,10 +303,47 @@ def apply_rrsets(self, domain_name, rrsets):
                                   data=rrsets)
         return jdata
 
+    @staticmethod
+    def to_api_payload(new_rrsets, del_rrsets):
+        """Turn the given changes into a single api payload."""
+
+        def replace_for_api(rrset):
+            """Return a modified copy of the given RRset with changetype REPLACE."""
+            if not rrset or rrset.get('changetype', None) != 'REPLACE':
+                return rrset
+            replace_copy = dict(rrset)
+            # For compatibility with some backends: Remove comments from rrset if all are blank
+            if not any((bool(c.get('content', None)) for c in replace_copy.get('comments', []))):
+                replace_copy.pop('comments', None)
+            return replace_copy
+
+        def rrset_in(needle, haystack):
+            """Return whether the given RRset (identified by name and type) is in the list."""
+            for hay in haystack:
+                if needle['name'] == hay['name'] and needle['type'] == hay['type']:
+                    return True
+            return False
+
+        def delete_for_api(rrset):
+            """Return a minified copy of the given RRset with changetype DELETE."""
+            if not rrset or rrset.get('changetype', None) != 'DELETE':
+                return rrset
+            delete_copy = dict(rrset)
+            delete_copy.pop('ttl', None)
+            delete_copy.pop('records', None)
+            delete_copy.pop('comments', None)
+            return delete_copy
+
+        replaces = [replace_for_api(r) for r in new_rrsets]
+        deletes = [delete_for_api(r) for r in del_rrsets if not rrset_in(r, replaces)]
+        return {
+            'rrsets': replaces + deletes
+        }
+
     def apply(self, domain_name, submitted_records):
         """
         Apply record changes to a domain. This function
-        will make 2 calls to the PDNS API to DELETE and
+        will make 1 call to the PDNS API to DELETE and
         REPLACE records (rrsets)
         """
         current_app.logger.debug(
@@ -315,68 +352,24 @@ def apply(self, domain_name, submitted_records):
         # Get the list of rrsets to be added and deleted
         new_rrsets, del_rrsets = self.compare(domain_name, submitted_records)
 
-        # Remove blank comments from rrsets for compatibility with some backends
-        def remove_blank_comments(rrset):
-            if not rrset['comments']:
-                del rrset['comments']
-            elif isinstance(rrset['comments'], list):
-                # Merge all non-blank comment values into a list
-                merged_comments = [
-                    v
-                    for c in rrset['comments']
-                    for v in c.values()
-                    if v
-                ]
-                # Delete comment if all values are blank (len(merged_comments) == 0)
-                if not merged_comments:
-                    del rrset['comments']
-
-        for r in new_rrsets['rrsets']:
-            remove_blank_comments(r)
-
-        for r in del_rrsets['rrsets']:
-            remove_blank_comments(r)
+        # The history logic still needs *all* the deletes with full data to display a useful diff.
+        # So create a "minified" copy for the api call, and return the original data back up
+        api_payload = self.to_api_payload(new_rrsets['rrsets'], del_rrsets['rrsets'])
+        current_app.logger.debug(f"api payload: \n{utils.pretty_json(api_payload)}")
 
         # Submit the changes to PDNS API
         try:
-            if del_rrsets["rrsets"]:
-                result = self.apply_rrsets(domain_name, del_rrsets)
+            if api_payload["rrsets"]:
+                result = self.apply_rrsets(domain_name, api_payload)
                 if 'error' in result.keys():
                     current_app.logger.error(
-                        'Cannot apply record changes with deleting rrsets step. PDNS error: {}'
+                        'Cannot apply record changes. PDNS error: {}'
                         .format(result['error']))
                     return {
                         'status': 'error',
                         'msg': result['error'].replace("'", "")
                     }
 
-            if new_rrsets["rrsets"]:
-                result = self.apply_rrsets(domain_name, new_rrsets)
-                if 'error' in result.keys():
-                    current_app.logger.error(
-                        'Cannot apply record changes with adding rrsets step. PDNS error: {}'
-                        .format(result['error']))
-
-                    # rollback - re-add the removed record if the adding operation is failed.
-                    if del_rrsets["rrsets"]:
-                        rollback_rrsets = del_rrsets
-                        for r in del_rrsets["rrsets"]:
-                            r['changetype'] = 'REPLACE'
-                        rollback = self.apply_rrsets(domain_name, rollback_rrsets)
-                        if 'error' in rollback.keys():
-                            return dict(status='error',
-                                        msg='Failed to apply changes. Cannot rollback previous failed operation: {}'
-                                        .format(rollback['error'].replace("'", "")))
-                        else:
-                            return dict(status='error',
-                                        msg='Failed to apply changes. Rolled back previous failed operation: {}'
-                                        .format(result['error'].replace("'", "")))
-                    else:
-                        return {
-                            'status': 'error',
-                            'msg': result['error'].replace("'", "")
-                        }
-
             self.auto_ptr(domain_name, new_rrsets, del_rrsets)
             self.update_db_serial(domain_name)
             current_app.logger.info('Record was applied successfully.')

From 674704609b1c5d8c94a4db5a799b47fffaa82920 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:13 +0200
Subject: [PATCH 040/475] Always use local fonts

---
 powerdnsadmin/templates/base.html | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 649663a4e..cafe8ebbe 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -8,13 +8,8 @@
   {% block title %}<title>{{ SITE_NAME }}</title>{% endblock %}
   <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
   <!--  Get Google Fonts we like -->
-  {% if OFFLINE_MODE %}
   <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
   <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-  {% else %}
-  <link rel="stylesheet" href="//fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic">
-  <link rel="stylesheet" href="//fonts.googleapis.com/css?family=Roboto+Mono:400,300,700">
-  {% endif %}
   <!-- Tell the browser to be responsive to screen width -->
   <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
   <!-- Tell Safari to not recognise telephone numbers -->

From 54b2c5918f1bf87099f95c7b9e71caa9710c82c6 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:32 +0200
Subject: [PATCH 041/475] Serve the IE8 polyfills from local

---
 package.json                          | 4 +++-
 powerdnsadmin/assets.py               | 6 ++++++
 powerdnsadmin/templates/base.html     | 5 +++--
 powerdnsadmin/templates/login.html    | 5 +++--
 powerdnsadmin/templates/register.html | 5 +++--
 5 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index 76982c81c..c60b05dcc 100644
--- a/package.json
+++ b/package.json
@@ -10,6 +10,8 @@
     "jquery-ui-dist": "^1.12.1",
     "jquery.quicksearch": "^2.4.0",
     "jtimeout": "^3.1.0",
-    "multiselect": "^0.9.12"
+    "multiselect": "^0.9.12",
+    "html5shiv": "^3.7.3",
+    "respond.js": "^1.4.2"
   }
 }
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index e7c6354a0..136a4f230 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -64,9 +64,15 @@ def concat(self, out, hunks, **kw):
                  filters=(ConcatFilter, 'jsmin'),
                  output='generated/main.js')
 
+js_ie8 = Bundle('node_modules/html5shiv/dist/html5shiv.js',
+                'node_modules/respond.js/dest/respond.min.js',
+                filters=(ConcatFilter, 'jsmin'),
+                output='generated/ie8.js')
+
 assets = Environment()
 assets.register('js_login', js_login)
 assets.register('js_validation', js_validation)
 assets.register('css_login', css_login)
 assets.register('js_main', js_main)
 assets.register('css_main', css_main)
+assets.register('js_ie8', js_ie8)
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index cafe8ebbe..bf1799510 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -20,12 +20,13 @@
 {% if SETTING.get('custom_css') %}
   <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
 {% endif %}
+  {% assets "js_ie8" -%}
   <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
   <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
   <!--[if lt IE 9]>
-  <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
-  <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
   <![endif]-->
+  {%- endassets %}
   {% endblock %}
 </head>
 <body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 45afd7f73..65d71f147 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -15,12 +15,13 @@
 {% if SETTING.get('custom_css') %}
   <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
 {% endif %}
+  {% assets "js_ie8" -%}
   <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
   <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
   <!--[if lt IE 9]>
-  <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
-  <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
   <![endif]-->
+  {%- endassets %}
 </head>
 
 <body class="hold-transition login-page">
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 04cb1a8f9..ebbff7ff5 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -12,12 +12,13 @@
   <link rel="stylesheet" href="{{ ASSET_URL }}">
   {%- endassets %}
 
+  {% assets "js_ie8" -%}
   <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
   <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
   <!--[if lt IE 9]>
-  <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
-  <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
   <![endif]-->
+  {%- endassets %}
 </head>
 
 <body class="hold-transition register-page">

From fee26b84ba779c22e97e0a5999e7beb758e38c9b Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:36 +0200
Subject: [PATCH 042/475] Remove IE8 polyfills

These old browsers are EOL since 2016 [0], let them finally rest in
peace.

This effectively reverts/replaces commit b8dee5d17056788c2dc9940d14308648e32186d8.

[0] https://web.archive.org/web/20160115070611/https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support
---
 package.json                          | 4 +---
 powerdnsadmin/assets.py               | 6 ------
 powerdnsadmin/templates/base.html     | 7 -------
 powerdnsadmin/templates/login.html    | 7 -------
 powerdnsadmin/templates/register.html | 8 --------
 5 files changed, 1 insertion(+), 31 deletions(-)

diff --git a/package.json b/package.json
index c60b05dcc..76982c81c 100644
--- a/package.json
+++ b/package.json
@@ -10,8 +10,6 @@
     "jquery-ui-dist": "^1.12.1",
     "jquery.quicksearch": "^2.4.0",
     "jtimeout": "^3.1.0",
-    "multiselect": "^0.9.12",
-    "html5shiv": "^3.7.3",
-    "respond.js": "^1.4.2"
+    "multiselect": "^0.9.12"
   }
 }
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 136a4f230..e7c6354a0 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -64,15 +64,9 @@ def concat(self, out, hunks, **kw):
                  filters=(ConcatFilter, 'jsmin'),
                  output='generated/main.js')
 
-js_ie8 = Bundle('node_modules/html5shiv/dist/html5shiv.js',
-                'node_modules/respond.js/dest/respond.min.js',
-                filters=(ConcatFilter, 'jsmin'),
-                output='generated/ie8.js')
-
 assets = Environment()
 assets.register('js_login', js_login)
 assets.register('js_validation', js_validation)
 assets.register('css_login', css_login)
 assets.register('js_main', js_main)
 assets.register('css_main', css_main)
-assets.register('js_ie8', js_ie8)
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index bf1799510..92e3a1cc9 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -20,13 +20,6 @@
 {% if SETTING.get('custom_css') %}
   <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
 {% endif %}
-  {% assets "js_ie8" -%}
-  <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
-  <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
-  <!--[if lt IE 9]>
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  <![endif]-->
-  {%- endassets %}
   {% endblock %}
 </head>
 <body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 65d71f147..00f91838f 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -15,13 +15,6 @@
 {% if SETTING.get('custom_css') %}
   <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
 {% endif %}
-  {% assets "js_ie8" -%}
-  <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
-  <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
-  <!--[if lt IE 9]>
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  <![endif]-->
-  {%- endassets %}
 </head>
 
 <body class="hold-transition login-page">
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index ebbff7ff5..9a25fbb22 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -11,14 +11,6 @@
   {% assets "css_login" -%}
   <link rel="stylesheet" href="{{ ASSET_URL }}">
   {%- endassets %}
-
-  {% assets "js_ie8" -%}
-  <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
-  <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
-  <!--[if lt IE 9]>
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  <![endif]-->
-  {%- endassets %}
 </head>
 
 <body class="hold-transition register-page">

From b795f1eadf17f9e9fa279430442ff386de59da62 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:40 +0200
Subject: [PATCH 043/475] Use the doc search directly

---
 powerdnsadmin/templates/admin_pdns_stats.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index 7f22c4f9d..cd5a00003 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -35,7 +35,7 @@ <h3 class="box-title">PDNS Statistics</h3>
                         <tbody>
                             {% for statistic in statistics %}
                             <tr class="odd gradeX">
-                                <td><a href="https://google.com/search?q=site:doc.powerdns.com+{{ statistic['name'] }}"
+                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
                                         target="_blank" class="btn btn-flat btn-xs blue"><i
                                             class="fa fa-search"></i></a></td>
                                 <td>{{ statistic['name'] }}</td>
@@ -70,7 +70,7 @@ <h3 class="box-title">PDNS Configuration</h3>
                         <tbody>
                             {% for config in configs %}
                             <tr class="odd gradeX">
-                                <td><a href="https://google.com/search?q=site:doc.powerdns.com+{{ config['name'] }}"
+                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
                                         target="_blank" class="btn btn-flat btn-xs blue"><i
                                             class="fa fa-search"></i></a></td>
                                 <td>{{ config['name'] }}</td>

From 607caa1a2db574a46fcd97d7e4ceeabc99a77e1a Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:46 +0200
Subject: [PATCH 044/475] Rework user image handling

Moved all the logic out of the template into a separate endpoint. This
makes it easy to extend to also support images from different sources
like LDAP/SAML/OIDC. Session-based caching is hard to do, so to allow
time-based caching in the browser, the url needs to be unique for every
user by using a query parameter.

Replaced the default/fallback user image with a new one. It is based on
the old one, but does not need css to be visible. And removed said css.

Gravatar has now its own setting named `gravatar_enabled`, which is
disabled by default.
---
 powerdnsadmin/__init__.py                  |   2 -
 powerdnsadmin/lib/utils.py                 |  13 ------
 powerdnsadmin/models/setting.py            |   3 +-
 powerdnsadmin/routes/admin.py              |  49 +++++++++++++++------
 powerdnsadmin/routes/user.py               |  37 +++++++++++++++-
 powerdnsadmin/static/custom/css/custom.css |   9 ----
 powerdnsadmin/static/img/gravatar.png      | Bin 26693 -> 0 bytes
 powerdnsadmin/static/img/user_image.png    | Bin 0 -> 2718 bytes
 powerdnsadmin/templates/base.html          |  12 ++---
 9 files changed, 76 insertions(+), 49 deletions(-)
 delete mode 100644 powerdnsadmin/static/img/gravatar.png
 create mode 100644 powerdnsadmin/static/img/user_image.png

diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index c70b273d4..3f68a5856 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -100,8 +100,6 @@ def create_app(config=None):
     app.jinja_env.filters['display_record_name'] = utils.display_record_name
     app.jinja_env.filters['display_master_name'] = utils.display_master_name
     app.jinja_env.filters['display_second_to_time'] = utils.display_time
-    app.jinja_env.filters[
-        'email_to_gravatar_url'] = utils.email_to_gravatar_url
     app.jinja_env.filters[
         'display_setting_state'] = utils.display_setting_state
     app.jinja_env.filters['pretty_domain_name'] = utils.pretty_domain_name
diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 9e7cf20cd..4ef575989 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -2,14 +2,12 @@
 import re
 import json
 import requests
-import hashlib
 import ipaddress
 import idna
 
 from collections.abc import Iterable
 from distutils.version import StrictVersion
 from urllib.parse import urlparse
-from datetime import datetime, timedelta
 
 
 def auth_from_url(url):
@@ -186,17 +184,6 @@ def pdns_api_extended_uri(version):
         return ""
 
 
-def email_to_gravatar_url(email="", size=100):
-    """
-    AD doesn't necessarily have email
-    """
-    if email is None:
-        email = ""
-
-    hash_string = hashlib.md5(email.encode('utf-8')).hexdigest()
-    return "https://s.gravatar.com/avatar/{0}?s={1}".format(hash_string, size)
-
-
 def display_setting_state(value):
     if value == 1:
         return "ON"
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 51e78e56d..a4016bf1a 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -193,7 +193,8 @@ class Setting(db.Model):
         'otp_force': False,
         'max_history_records': 1000,
         'deny_domain_override': False,
-        'account_name_extra_chars': False
+        'account_name_extra_chars': False,
+        'gravatar_enabled': False,
     }
 
     def __init__(self, id=None, name=None, value=None):
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index c5f28d15b..9474503a2 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1259,20 +1259,41 @@ def history_table():    # ajax call data
 @login_required
 @operator_role_required
 def setting_basic():
-    if request.method == 'GET':
-        settings = [
-            'maintenance', 'fullscreen_layout', 'record_helper',
-            'login_ldap_first', 'default_record_table_size',
-            'default_domain_table_size', 'auto_ptr', 'record_quick_edit',
-            'pretty_ipv6_ptr', 'dnssec_admins_only',
-            'allow_user_create_domain', 'allow_user_remove_domain', 'allow_user_view_history', 'bg_domain_updates', 'site_name',
-            'session_timeout', 'warn_session_timeout', 'ttl_options',
-            'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email',
-            'delete_sso_accounts', 'otp_field_enabled', 'custom_css', 'enable_api_rr_history', 'max_history_records', 'otp_force',
-            'deny_domain_override', 'enforce_api_ttl', 'account_name_extra_chars'
-        ]
-
-        return render_template('admin_setting_basic.html', settings=settings)
+    settings = [
+        'account_name_extra_chars',
+        'allow_user_create_domain',
+        'allow_user_remove_domain',
+        'allow_user_view_history',
+        'auto_ptr',
+        'bg_domain_updates',
+        'custom_css',
+        'default_domain_table_size',
+        'default_record_table_size',
+        'delete_sso_accounts',
+        'deny_domain_override',
+        'dnssec_admins_only',
+        'enable_api_rr_history',
+        'enforce_api_ttl',
+        'fullscreen_layout',
+        'gravatar_enabled',
+        'login_ldap_first',
+        'maintenance',
+        'max_history_records',
+        'otp_field_enabled',
+        'otp_force',
+        'pdns_api_timeout',
+        'pretty_ipv6_ptr',
+        'record_helper',
+        'record_quick_edit',
+        'session_timeout',
+        'site_name',
+        'ttl_options',
+        'verify_ssl_connections',
+        'verify_user_email',
+        'warn_session_timeout',
+    ]
+
+    return render_template('admin_setting_basic.html', settings=settings)
 
 
 @admin_bp.route('/setting/basic/<path:setting>/edit', methods=['POST'])
diff --git a/powerdnsadmin/routes/user.py b/powerdnsadmin/routes/user.py
index f411c29a9..709156f83 100644
--- a/powerdnsadmin/routes/user.py
+++ b/powerdnsadmin/routes/user.py
@@ -1,5 +1,8 @@
 import datetime
-from flask import Blueprint, request, render_template, make_response, jsonify, redirect, url_for, g, session, current_app
+import hashlib
+
+from flask import Blueprint, request, render_template, make_response, jsonify, redirect, url_for, g, session, \
+    current_app, after_this_request, abort
 from flask_login import current_user, login_required, login_manager
 
 from ..models.user import User, Anonymous
@@ -96,4 +99,34 @@ def qrcode():
         'Cache-Control': 'no-cache, no-store, must-revalidate',
         'Pragma': 'no-cache',
         'Expires': '0'
-    }
\ No newline at end of file
+    }
+
+
+@user_bp.route('/image', methods=['GET'])
+@login_required
+def image():
+    """Returns the user profile image or avatar."""
+
+    @after_this_request
+    def add_cache_headers(response_):
+        """When the response is ok, add cache headers."""
+        if 200 <= response_.status_code <= 399:
+            response_.cache_control.private = True
+            response_.cache_control.max_age = int(datetime.timedelta(days=1).total_seconds())
+        return response_
+
+    # To prevent "cache poisoning", the username query parameter is required
+    if request.args.get('username', None) != current_user.username:
+        abort(400)
+
+    setting = Setting()
+
+    email = current_user.email
+    if email and setting.get('gravatar_enabled'):
+        hash_ = hashlib.md5(email.encode('utf-8')).hexdigest()
+        url = f'https://s.gravatar.com/avatar/{hash_}?s=100'
+        current_app.logger.debug('Redirect user image request to gravatar')
+        return redirect(url, 307)
+
+    # Fallback to the local default image
+    return current_app.send_static_file('img/user_image.png')
diff --git a/powerdnsadmin/static/custom/css/custom.css b/powerdnsadmin/static/custom/css/custom.css
index f5dcb343f..1cd372890 100644
--- a/powerdnsadmin/static/custom/css/custom.css
+++ b/powerdnsadmin/static/custom/css/custom.css
@@ -42,15 +42,6 @@ table td {
     background-position: center;
 }
 
-.navbar-nav>.user-menu>.dropdown-menu>li.user-header>img.img-circle.offline {
-    filter: brightness(0);
-    border-color: black;
-}
-
-.navbar-nav>.user-menu .user-image.offline {
-    filter: brightness(0);
-}
-
 .search-input {
     width: 100%;
 }
\ No newline at end of file
diff --git a/powerdnsadmin/static/img/gravatar.png b/powerdnsadmin/static/img/gravatar.png
deleted file mode 100644
index 83602867a01f97bef0586e5ed18f6243c3ac1974..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 26693
zcmdp7g;P}T*S|}5N_TflNJxW%q?9xw-QBQ&w1m>#wRD4|BGL`gozfv)@8vu5`zPL=
zVRo5$>YjU^6QA=r5vt1am}sPE003aVeIug|0C3<>H~<9+{QBoPbqjtWxJbR#Kmk9#
zD4)W?|4|*^d~g8(bo}Q(2#}UR3;@)?TNz0W&y0g5uM`8#M1d2J3K30BbxG79j6fi*
zAe7ruqd=BSR)Snj@~gX?+7yzyCS+=~RwkqX2JOpH%Lvnw(AE3o_){yxluvU>AukR=
z6-g2$buY{3Sa*f$2ccD9!DWZr(aB?0nEc~O`MG-2UWVJ%oP`54{QvW(q~`5BB-|32
z-RQk#cKJx<Cmy{(1M<cwA$O-<Tc<h1E>5HsSq<S|YS4T@a(NM5b+f0PI!F`>2fe4$
z#0MBW=sDGcXw<&qAutHx5hX18MoAqZJ9b8`aCJRYdP?M6kvRq^-#>DY9Y8QH7_A;G
z!!3KOA=EIYe2@Aaw{HEEBR0-ExDGC;pGoau0D;O|k@a{_oKQDaBXna9YMZ48_c!Kt
zwKdgP(s#;56mj8=Ch!soL8*f?q80j_RI73D5OE;X;`@L<nyA>JZNn#X5A;tQ2sS{A
ztg+w@z0Y9LBjQzYW^~E)^QMIaY%VQfBHP_t0D<@z6n@n`2X>U@Uhn;}TD<#$kf3vp
zT2T5S=`8e4%XIfdVSX+=jercu3peL9I<GI#e<Xq!uEr6eIC4KemS?(u{?H#tCi@S`
zqm!m8)yS~`%1kK$$h_a;yfN#s2){)qzlFoSBa+xDrYI{-t#ZD`Wc3a%d&sMA-Vq4*
zoUaKd#Rb=<81p|G_DS6~L^{oXx5<s@t|aoFjjy{McKr&vufaQGdzk)IT+fHgj|Q%-
z@~LM)f1&$u)Z+&aw>T0EeKJNyrOT1;R~2sebiCft9l;I`j@WB(WbC+;q0^Q1bWG?j
z548QoSmwlt%zI-`lt`-ZjlFl3&WGERSj~cmZ)7e$V*<F)%kgO+t+MG2z$dtb@|!zl
z<fut!(4b%)NsI5``cdoTh;)L005DbipCFvo{WH5)m}7{f5(BU+x`vcCi&<}n$u|``
zK1ftV5{X)K?5tcTNHKVnN3^L88^KM#oBzrzYp#j^V1jhL{i)%EBBSLgw4M%Ei3nWt
zp7Z>jzu)N_+yJ5+F65QL;sDOTyDRG3mWkhp;=kf_<^#j6BQOE}ivP~oev5^ytZsZ<
zf3CX0-Q-5=Y^Ak@p1~zC90?9d9u$r5tn*B0ZX+|VTE!7Z<SCOnHNx?2d|A8`CS(Y+
zlBbOf0mp^>w^YTgvPVWi<SVP4+-=h?Z>P?erney#7OoGk4n<{hX8~2|K@L4PXvqb-
zBOKIr-phKV+`7vT=GjGo9o`3zB}yHGtbYP+7GDiQu4l#8nqrjw8or~D_sx<w)$(`z
z@bn0ta|?pYHa!3pIUdT_9~telW!KR>OL7=&^;#~}ca(l@GjC23024BA?K`l0ikgEP
za=)6RO|c7|LpzwqqvH&%Eeq&2kQ;zsGPUZZNn-_t<+)hMt?OGuf~2ukQokXi#WS1f
z_<@Obe^sYA(v90F3|5uCc$+LfbGYXoJY%t7e)OG5WBVuf4AhT0W&g;9=CwAakDy7g
zBc@EKVieJRf)Ac*K6s&`O+me~@BXs!Vi~*VhgC1CMxZJGFMGE>;?<_e?cWMM!+I<A
zqp8SMqlE7BrVdTcT-4}2W;6)sCIX$OWbk+GlA(iS$9L{a0+uqdKaik%E3&41=X(F>
zwKJCE>TWQxN$v$<&HbxQKWm$k(7%%wkFXU|RB(ber%zJ>op&t6zIN;vw)*ussS~QX
ziyl+lIevn8Y+$fJac0<VL^UMmmfu_6XIUT{t}2TK)>=Se(F$IuL?hG_MUOkP+ENRG
z6_ypr;L4WFNCVxk(gydcPU0_M=Mymv?HJ7}7(4Xo3*y1KeoUYq{~LW?uFh8}SG6+Z
zlR1_8^wMO^IX$cWbps&o@`DTA?B06=xs~dThz4KUt6J-11o!YRY`4{rkN$7k#f7=+
z#7p~n71Qt0iT9Kyz~wA$ff9cV!)y-Mqg%pYj6dh9PmMD_965efDLJ=fuTFVk7iX3-
zWcn;9-@N<F;3z(z8B=+@LZX-MM3J`WdOY(=9=eA}1}LnUW%XC+T_9;bF+(kiD0ZG|
z-%3<@T)UO*HS~W&v=Q299cfm445~q7wuo`Q9)~^BN-RvoTm;Nn2V*1&x*Lu3N<ClE
z1lZ5MUuqI=2xH6jb@y}&t8vF&TW2yBj|hG~4oV`phfuq7`55T6)5lBek`V=w3Gp*M
z<6Sn6zc*_0Z%f>2AUPVF$uZ*ZU+hS35?EQ>w8}62JD;O+O7f4_=_ra*fyw`|;yW?W
zX{f6Iv}R|8ocpI630gFB#$SiFH4tVZgc+$n?*uHY#vH?WlQ`UR<h)J~L^#?>d?y~k
z_g$cfB2*Wd3`nC4t_&GjU%+sVfom<I=pFJ$NgPdfX*oVATFFD2Y1}fm_rq*Fq&odp
zzmYPxl=>y>)s5rKjF33A2%ZdpwKRT>kfxYcf!rRvbP+vM_(KF8B2t7$|5KD2vZuJ#
zHhq_?>lYT$ZjkF!klGWt@@Y|JNqFo${iTcQxhcE^|Kv^o`hohgJmT4(7p5A(6Bm*1
z>(og<gGtUhMJMo84v#J#GCO4;%(6}DTXY4EGHne2Bf_gc>UmXN!1<>wiuMJb<T9M^
zY?@b~KEEE;^(${%hKng29Y{$^YTVe#e7t2Z46xe7msU*MxJY(8c%#qXKhIQah^<_n
zgiR~vcxtjjhU^K($NPOR(|sFN)G#XT*j(+s@bw9$$KsVyI(hTY9yy{~kCk`sr@nx;
zh#ZvIhmB(?f<g7P4}O?KqimS2PbpFVRF#?)O<bqHBI%XK(G@@3hlb@WYwztp(gyUh
zAPE33*gIYCQ&pcb!aFQ=Rcy7KSIe>z(FdY@eivUXPE9!H<D>UHxI&Z>;<86v(${*^
zhTB@}Js%Gzy$r2i+X9w*NCxM8+L@f{57#fbTGNQ{>*iotbr)YM#Z@-EA|53d`YK$8
z_$(qe3akufe%h9mWhB}jbi`F*OlW|r#9~Ed&~8zv`*2p@A#TUqx~iVI_bUDY{WzoX
z98WBwaqZOa-3d)#8-;}X_Ys@znXOfah1!CvtiQrc{MZ6OefJsNMip-SsC3Qw%goyK
z6E4^WemuO`e(~Q78If}CHfy6WKb^&8VS_51?{g2Tem)Z`e$%cQv1y==&HHx?4)^&S
ziK=;B)n|;B@4<|4XX;uUvH8FK+@0lHJb98iae(f*W=xtS(~~hFbJtrAf>TMUz^R-q
zg*_HlzdIni_g2DN{8^=!48>d-DMjbFvdLtemr{-$aPsd4Q7Q0?rtt^-&>gap&ef#B
z_p4$%#xGts%fy+TlJr(N1~u%80bXoo>Rw-F@`u4$K0X&wom$CAdMF>`kr3b9R6_<n
z!ry1>)+;F7=<?&j1~Ak*cOiL1`(bSLCy7AFORZ&lhc3-N*!1QeLrfMb$(*Hre%@lF
zIl$=f`!BM%#<`1{^hbD!Ck^|5f8f=o*)+{MNwZ;a-93e0{4o6511e5i!qo*`K238n
zRQYQxt?*&uBR(0&%p@Uy@3r=&w3e_1cAxs9zhst#j!HJPC++ZD?aT5O(?6hVO`nO%
zTrhhqd&Z{d({`cT_`-&_A7joWM$PzNWAhUW0RKGLw6@X6ghO+M8h%@N<JkKZK4x(_
zy?t+O^?bQCnIO|<&?Ak7_!~>B4L^&IU^rzrDjgk!2|%t_GDkV_SF6*q`c5lsE1g+A
zcIj?gW6mR6waffzWDK<j&r|L$yb@NLy;gJXti33$F>C=8yTQoODwsj;n3%O27T+RE
z&=n*6(n{6zt8h{S|GDcj3jZ3|(T6e@;(Jb_0E5D+tEL8FWd2aA4>>`5+V-CgWVG+=
z%>@JakWWf$6|o&2WmMQdOq?${)2tj;D^lJpL@3kvn8B_;*nhgmY$#EQ4yFSt1`N*V
zdaxt<<{E@US}F!TFIO0o*{@|QMkJ@o=R<pqbO>%>a6U78<ly`Kd#wArMW`YIQ-V#m
zhBrB&d4rGEQ@%oZ&EDwk*$wuyCjbY^C>`IEWviELb0KXifvbvW(Wf8zi8CQLg0W-8
z_Tqy3fSIE9l&zI|w=|<auhA>oNTw#+b*0F?;#}b}!i!-iySYuzjPZsV!i&<^H4sZ0
zJG!P3r@m?E<)6Hc7NcxjAGW4FhDe8nr0%n6(vDJ>c!g~Oy}RwFQn`!Lk!pw~Zp+ux
zV3S8b%_T8!C+WE!@dVpF%B}eg8GhGPi?e;Er0`W!ptfd^?4DC+duxjU-9Ew~eGi)q
zN~o$M;E$lu0dFjKFu&c1RaC{6J^mnGV}m~~o=idEQ>k%*ra2U0v?TD8uZk7Z_2H$z
z9gN8rv$}sPjL8r+@i?DRFhE~VOEg_DAn&i{-~9)>+&I5R5`Xf}@9t8tna!|Xn@&{X
z!bmzmiCvKQ5h=tMlb@LN^W9vb-}f-bHjVrl#=Jw9R0}kZ7o$j<<+}}-W}|(mZ;fV}
z@@I;^cOm7xB?#?Z#`;kRm80CM!NhuKD(Jj}HM>Pv!p;UGdn4zQA%|b|=HBTq3%nXT
zpKf+5r3B?674mic4$yzmUOiXQx7twHu`DiEr6ePHrpUCd_`3>WjH01Bl`i-y>DF6Y
zrb4lFgB;2jPeo!Bq`P=;vcmp$>!$4nf4X?{OXYN-fDa{<Ess!(pxK{MTwR~MfwM4%
z4jBGvfR^7A3wQRFbn12M)QVW&mQ)03SB_0?-Sw&N5V~Wp@x+RoKo#O}Af`k-^OrB!
z)2rJ?kWGWa$4V~QN<|rdEn=1|gt}1)e*C&h5v2IQqu8GEw||Y{#}GgZsfbYf(q3}`
z=-XF#5aah84i7JqHu-S+ro;f($2q6<9}~PmK99}BKU4UzRcoHLQRv0G`#at-y)Pe<
z!;6gUT|d&m9v^n2kXkyMUXGoomhfBYf_h~f@-?Cf^4L=%yQFQtXw+i%_E=19A5YDC
zK3Vy|WL;a*$+14qoRijJi!CTR3R5C@zOgShfNsy{F{VuMO-yf>WP1KIecr9(`0UUk
zVT+VzOr-YI5QB>-5xVs|TYyy6-*Y{Y)}LX$^29^dDnBzkcbWd95-p5raOMTt)}}Zh
zCZMY%J;(Q$R#3IGX9*t4kphbJ9#p~4;YNYsf&pOxE%m3%_@3uX*3Mu&nJDnM<w@K@
zSy4pGbhN_xMVXwkf>8-Q26!2_*mwN{?dBD&{lP}H;<soqs#Spw8IDh&t<Jx;QuFd?
z%WE8Gzk{=9SQMHCUWPY*)!Wff^3R90%Cn2;@9hf*M|tBkP<ya^c_B}YXBQ$KypouB
zK=XX3ShSR26tCed5q6dv<E1NOyv{vV=|FX8;Kt>;@VJ7fv{R!BIWU{vyQ*=eJu8yY
zK(__<mLd~d^c!6fbJ}YZzTbT-=u98<!fOx)XIx<j<2cM2_XNJW807Z!ySM9O0fYXF
zA%in)4_~=Jy7k0g#=K*E<Ykn&{2icfFP6|jg7VM#+}nwde24UVXMw4jd&|>c(C+;D
z*8MhMW)62BS1q3T!Y$y%(M}JHiS>9SmJs>lbpG{h=5*;|-)schgKoL^(Y5Qu%EfD}
zJN)qt=j8joU&XSH&gI{>A48uFe$AemC^@7=`q=<$?-G5Sc4?}jPyfC=nl6qjMuV#&
z;Fh@_V`=ny>Va);yk_S&O#ZYQQo=_u_&du`vlUL_wR%6>H>ChCrj>K1yhC34B-`&-
zhtLO$1aBCk)6M0VwRHDr_1L^MI;eN;M>EdOnvGsKa>Bx_jlBs*ktDWz+;J>DF!WSp
zT~Yfn&NGmDcd?~(MG=wP&Bn8*CKLlqef=34v*sxnVDv%CSrjzvFBzWoVc}4S*#3)}
zvMd(Y(BfeRaRW0JI5r|B{t-hbn@{Ak-YuS5$z>tFkH)WnipW<ydo9<eZ;eK`c&ybx
z_vS_|=)E7Pn`k82Al8;<=h&OuFX6z`Mu>|WN0zBmV)%fV!=rV*V7oWU#&tvzs~QD&
zf-5mE*XtfS81TF0CLgZX#tVGhlmS13rl0>VxXa|21*Mf9@j*p-|5^716jLG%$pF35
z=>2X7&j1)cO-LN8e4L`C^{$`zc0?s{A@+4ZtS+ap%6QBRTLCxVnq^>={SxB&A>reZ
zg$kByz$*m~+Pr|gsTDt##nEW>cc(C4i&J<t>+u9fEC~f?#i&vBA62=1A=-5gpy68n
z72+RWvJLK-iN6AOa*HyJ$LFW))gPosJC#TA3yB&N43?PRTwXy(uq(~nZQinuK3`xu
z`h0We$7mI+rk`+p`$4<@+p}+1GvQp*?${y1vKmWYg;do~!^oXGyN=<jDPc`f+K)nW
zGd@J=inqu_(ZlTT_8b6L`4TPm{vp}j1s|Kwy7ln0Kmm29t#3$4n@HO?JE*Z*Y1LKi
zT0==LN9OL3#l0+CKn(=ByFihkRTlP`^TR=_@0i?Onr7U{_TKmk{;T!--~q186t2|0
z<Bx45#z#cS$ll9TbVPRI0>C7DXSruNbLAJc!9Z=shb3*$cww54HB`9VtA@2rVakUO
zxIo^mJnkQ{(KLVGbJr~F^k9%j(Z#Q_h>phWdT9+ttHqjSO%gROjyzX&itu7o5jat#
zZ%kYdNF4pjAP!o_+4biD^v56AV3Vkg(OYFBp|9?gX@((dr!Lga=9UzKt>WnHn{ein
zVVGU6B(B55Dc6ClhIqOI<TFWEf4vc7l8KKu)!WJR=hRZho$|U@7+J%>TrZ+|4Qco~
zvOnyBms5I)7O84<+x)=YF2N@K#%*hOsn_wm_U{iQ<Fw5%rdt_b`udob3O2T^=#J&i
z-+i)fwl`@XZVJu}iP*Jra^2PWX0s8!O}?@CAr({ItIm6sH2w$LsF$AI5f37Y+}9U$
zT6lfY|MzPaco%#>acZIP+W}I~Q4*JH8zVhn;rgUfV5t!cYBFbY23mYT*g6Y{2bhwP
z3#V<?4m$0%g-t3;H^hVf-v0Lm5lUv%$3}vakU|D@hp6~3l-NXYum(x(k^s)@ZS1Zd
z@n7iy_<CS8M3uG6CiDk#_Vst?4LtOSzN`0aYxDA_<LL_wLvcTR0xMn3TknAVlUO7o
zbvwafU&5pNAYD^iz`A^_Wse@$PtB6TrStXNlo%-;{&e=wlV6>L0`80ThdgQtnA&@h
z5*E^qPPr~k>FC|~PigLyu;@?6M=nc_(v}p6hWf-D9b$5f-o6Lb)|Lz9PtLfox*#+X
zO1uh6?zzsBkvHQd%B~sOi|y90;rh}iMtCz9PeWwvpe`TMRMzezT9~yRVw{!+KaIDW
zIbAJ%%^Np$M99%v>;dz*peGa{<+{J^Mlk!ncD+Wk+p}!x9wLEo+^5N-MVu<cddU7l
z`|rO>w{Kss5Q)@93w1Bh>16VHf8at%`!Qpws%TfxDmK6X5y^Yy`N<;2Mdr^RPr@ZY
z7*s)wyEkOZ*By8UOEN=fosvOu?W?|`X--%JA%UZ(FSt>UxblE?&Ut*#91iM{K4zmp
z|4xgZ7Jh$rfQ@$U?TLfu`I88NZ%$l-19OHrk05xOi11|Reio!fT-^Z^qK$j9bYm&o
z2NQTz_`<eWq|PS0ZIZ!`)GB5E*yra_Pg;?7GnxOe7t=?p@eqJUxA7yYUo}(cVKt05
zsOfW(+Vs--)}rH=H~(U10hvFIw$q&`^qzgoGF)l;wW~xtylS^+-5XDw)eh1PVu$Q*
z2c=MbJ>t~xYBj>?;Qo%IC-+spTsN7Ef`i>z7t>F9ou=?OlR0HJ44#N=e2X6hZdAX#
zNvM^a`FV0(63!mRy0a+S!oJFeHW-<`>a#jbQ~F}$<!rX}e#w3@_imeo>@V@^aPW}F
zz~*_bTQi$hJhA?Q*6!l18PHqo?BC4@G)X=PNPziNW{W6&^)Q?*VV^m!Akk=xRamLG
zCQWOXAD7T&;H|F&5wQD)t|L7_Aa%hH?W)bvx5gdw#Z}Wgtbe}za*QA0aYjMF!+C3f
zDk%Fwq(hT**Wa{2BOwVymqWr9sy_Fz740V=>9NIRN9|*BUPgU-KMGq_(tHLwAFh4B
z4!JBH%5n-x(fG(l-WMz$vh}|fJ2u82yGElk)rRx7eS^u@+PWC%<r#2Xq|>5HlDze$
zK(*4Bc#W)4G-X&*d8<_w^N4r!#Zk&NDZ-@VdDFCG%Mf*P;+@ZLnsv27Dz0e+=8p^F
zMnSEcp}p7|UuRMVBVe9#Q|Dr#;T;SC^5gN60mvTVHnzIMZ7T)0-{Kn7G~BL!5@u+^
zU5CGfiveWfjD#QG;gW>W5^43XeAqj_k;>3Wh?JbUA6nm$-L&HuRa}p$YPpu(>NrZz
zTlv?N+**&RLjE!G3he|5xY5lVSS3ol`~D=>@T3))$1VCu8SX1w68-^oPT#}o^nQV^
z$NEEtDsCY22zvWX`rSog#}U`>0T~v@<i(-&Vr%zv!Fz&}ShKpsb}-cSNV@Z}e|Hhe
zydJOkJs|O)M<;`6BR2UUWvT~Grqpsa70a2PQ81g`-lOe_Aq0k~^UBl4Z5>6T8cg%Y
z9oreJ-}U68$3G&L<$cZru`L1>{GJ<rW`n@HVui%LUZ+10>_0jFFZn_p=J_QbyIDQC
ztWUzn-zl?m{k@et`2Nz*xx2@Zpp|5-iz~-prnGaX*GavBQ2?L;-=@jKuVI{j2-7_5
zTpWL2bEvZ_NSe5=J8G1Pf3{|{H@oYQCSrP6vRVIAQL*T?A@<QZ0^s_hJ6m2r%QgQD
zNR_x*>28HZCHFNlI_+TyCJT6oMY%{9#l!+|n|~_2r9Y=X87Y$7=@h(42x@fcy>u`0
zXWJWIsYZ=!O1||roU;@R0GPq>Lq))y0&DdFXp~_q*DVP*dS!ZDG=|!gkmvha1Z6ff
zhc*)aye_gT>P0C-4I~BjW4{iHjW~mg;jB1?B;YOIYT;BE{+dJUEwVqn1~%)3hhJ$f
zQ#)ov;%zIJd(%!A4`o@o)YTi&JAVD`ukw19-))86mW{|s?|bB7*TezXMKPFNF9?J^
z{1i{vRAVA0$~o9*W%FKa+HP>?jK*k=4s$9AH<4@U)}A!#@J}XT{3BFMZxkhp88n^N
zm`>iFQDKkJj4d*%9p~ijrV5TMVYk#XvTZr6H(eu#mOi77Y}$XAt36aHYLXLgy{n=V
zB8xsOSf0urU0aoVV?C)(%=jrw2kZyX9;t&imkjSOg}wBg@hAt^-*y%Su{8IauQl4J
z|5|DIhwd-Wl=X;KH)XfLdxa<u6y?NeER*=2BUi2scLris9+U_NCHpP^e)nr7<KLBU
zt(C)LS0l$q<nQ7KCqnp!1g|uG34%@e^#Y*QY=8G}vLNDUrMawk1Ol#Y9O?y0Kaq^(
z!9}>6u#u;^%e;%`iCAz8bH?T#oe(c$)f8n`UeC>(HxM_FN=~fQk;h>FDlKZiQT`kI
zKB_1)T>2A_u_WJ((gPi6wFud?%8cQwgU|RZ+O#!2uuIoq|Aia4Z1_r5jb=SN-L!sD
zZfy>=Rd;M^*8Fi35?8WVv1iN@L*nYh6lH(E{n8NG>ZsIP;<vOz4mn87ZV6d<b4)D&
zh^*(;q@L`h25PeArN+wlOHYm(=sQY&sqkCk(IMUKpqDF`OZexOy%BTrwi<@m>}=L7
zXa2~Of@pWW$w~EVbwI<t(pJM3aF_6p%A$w0ex7o?CTa<F+Zc#_M~?o(B^bTMDA9J$
z`cO{wSG>~YG1fi1RD(8=91~WoYM6Rl#`rlh5$gQ5HbE<au*fnc+j}<fG26Auhg#PE
z<&cKf3cto>!BuJkRdk*5{)WWXu2kI*U7H)8dn*0Y@Un52-;ahiVGNIsxv3obcrg*z
z7hOX{E(XxUUL<3YErB5+PS@>Dbk0oj-49gHqLSLFbO;;>>f$A!cF}LI`YWE<$o{uo
zzGs=#@NIS`6-9uVCxwFavrVEvna5Gmyc}Hl;A>a@ZWvVQOGl!Ru#uO_ywhh)`J1_a
zn|zgiKu;2>mgEN>3_4@uN=g$zZFKwGsl`%6wZ$y4@lAglA7GW_*GIY*srH)%Y{Pz9
zp7yAcldE^HW-obf2YU1j$V`@1sJ{lGrjRM_+4+g03X9%>Dcf)FO2x0$pzEuki)Z*s
zJN}X_bGc!pduGN{dBF?cNif%1-4<vJCP9KjPpH)tV^Swq2-JM=%jMT_L<=SCSs*T+
z%kV#u-XpwC!px}^k|I@zP`JS7MyS}^u{W7HApC)}`gSv^LRdmG2Ca0hOS>s+{9;EZ
z)zW(_i7=Z17WR3HdsSZl=CnUi;KG;0ya_4E>w|xR5SIdVn)@?e>w1yn1_AuM{5{J>
zl=HTGz~#a<g0v6L%k^>S&<mw`g&6APkO*G~<Pcy)w9wiXDgkf-@?V4!u!uy&o5Pv4
z!+r5Gm`@Sr<+YEk3=NQ}MW#u&n;S*P9%?;HEp;<p2H&HTJm70A6zl$kW+&XW-spS#
zv?!W*-kX<jW>};0E$S^>4U*gAOg>3rnf{Lp(CkdtL&fU&D*>H&AeH@cuD1E^D7+>O
zO&-XSn1&t8bPZDhQ+_W&VM*!<+`;0~#eovC8UI;aT29(-8U~FTJrikUA|z{LRzmkf
zjZM~Ved1lzYKW(3ve$14Cd6s()`pj34;ybHm=QTI_u@8&PkPk@MlWj4>LdG=D3V1E
z0^>+4g<fk>rui54h|NHlL#G_CJWR&CvVF+!e~8B1XZGZ4@GzBxn~&J+9U7!Bt<DQb
z1T#V-Z<DV@xDmmEHX6NUJUtJ2)Q|mOxf5ntTCA&cDTR{VMX4QF^6$tg+gU&q%L#S<
z!vNGrp=BuG*MRgSm$=Pf6y%+s3ohTN2CGp_a!G@Z=Fi4AS_g{)rcFCCk<u*8c6-;}
z*SzDu4dAGd$)Evwey$f;+&;2zFr7My!DtfHLKbc>&DpiH_neO}-L@DE1k=`HY54U;
zEfK=h1?rCrggCL-Xsh;ws)*}DeCj^JpQvb5oVk~T+A^#4Z^5#o2*cIajwGeSXjgrn
zXk_%KJBiePG8hxSnhvo=%0^$LXVxoSx2rjOi7x=ex}{p^ZyK1$9{8lIh^#IP1u_%l
zn~IbT_|q^f-Xqtn*Ryv|(}YFc&|<`Fnf8F!?2!NUgZ~>$qK!{o0YTz%y?s?&lq4Pd
z+4`hx*oFD3i54N`4qbj*!(vUp1}0$&=}nKkmLGJcrS8}<Z`oP=a%VI`j`VgjR&~k2
zQsgR+jOgw{XX*pXbA_i|6x2vB_rBA;YX^*oo`K2QP(nMWhC~{MAu&rjE(N37zgadz
z?5>hj%1FK#;NjgzI8;Kc#x}(XZs1~)<90MPkP%R<0sZ@Joe#R1tw{U;)^T)Vh&r#U
zr>thj3ytoBM4b+Etqche%InI1QF}|u?EIe7c)M?ph*mByAtlW23Bz+YRNx;<$P%#*
z2>0>fV7E5H2<N{!kNq?p4h1Kr^pOR}Ap2_wx7!#L2qh4DsOgN+s($M~xe1_$3FA7q
zbq6!LsQWQrTs)3125U{bo(h6;zyMX{<MtW9%KP)`x3sL;u`j|VTz@EuNH*Z8nkfFQ
zN8HcfvU1Whv5|_=?laV>ao(fz(GdRyUsdD%0?hSd@QY4sAf7U>SUNcmmI4-3N47ff
zxo`^^vg;2Co!e4Zy0-%8bQjO5p&T>}^OW{0bn2uEY9GuEP-lNb@#cc|ZSoPV9c=;1
zwUeB+01w|}wkLk%;oC{+7$VQriNb%_jr{Ke&{$0Hgo}gsq*j*oAgH?J1Hfw}PXsam
zI8<c1#OX!vhV7a;O{mVpwk7F+yt8DT50+$2U6~L_2mCVqB93c?=4_OOzN6yUif5fM
zJdl%CvysF4zRH;Fo6=>sX9Tkn>~X3ZZDeh`Pv#;nXXA(FYMN|q%f|QWUI3P;aCvcx
z$Itnw20#(9o}@d1LA+6mTp{%>!=_^x(xHj+DQefSaazw<M?CjKRUDo@%J*%-s3ZqK
zc!ceU^7aspGg&@T+D!tQW3If)_t7j@i2Q87o=;U23;X*v+JVu3Nw$s`spg;{Fb$)i
z&<gB+8vebi*B#S4r1N1n;DKh>5?fCZx~F(z3TT#U3~+R6x`Jb&9qgNySWkjfxL(}5
zo=`gA>#KvuxD8F5ml1J$@4oZ`n&kLw%K6rZNX9(_<iBDtU_aKLicGg91<@hGre?Wz
zzvwML7D+ymvY}6hjr9Uh@{mDM<HO|NGZUB+&r}g)*J2hT?u9g4>nEpQZ#0l=Q}xGe
zeC>VFsXMB(t!Q{U(&j$lu{@!ezc=!ct#MiS9<d|$Wy(?aJH!!{432mF={G2nnln|u
zSz(K1G4AxUn3%lp=$xb*qEH=9(sb16ID^GTThX#85a>2v%^5DbJ&(hytau>KDI^0@
zko~S{{q4$`HRNNGVWmhFqREP%vUQwv4gA?Iu~?1$k(15smDlk+F~Qn(Majcr`c=^0
z&m3A!Gx)Ir1eEz9c^I#tGG5Rs2~C*Zs>R!jK|VrH%s&=jkriF{w)Ja+Exd6WdfJ0S
z*X^hNpd5pNl9<#AtXKK~n8f5uVnU^~dK9EC3Vppj#)pFB_F-wLz65Pf;4I)Y$3vpW
zi6e|4J>^r7Jt^Zd0h_`gANt*g$U2Cn7A+^K5Z?X>QchuWR0KJp7W|B?g7n234$C!S
zh(~smtPD0vS&l7`mg+gyF#8KD*r&^oJGzX43<{>rd@pACb7UB5eyZdl=6#Qsyxfl4
zKy=1IYJn(K4~oJ|s=SF%cRwrAaVmMFe|sShozsZb-lYsd*J{|LYfWmCh`2?Uit*^K
za@u|*`?!^RTjzG#CQjyPBoRS!14h$d2uozQW@1O>y9Of7{Y8|;uXDq{mMmwubp>PH
zGZuVKL0rNo)l?J!IB&UVdZWC@T8pOu8S-tx&;&=f*GMSz-%xc+WDzB^Y50*&t1p0|
z&zKTrIG^2oux`xC*)=*fP8O;+{M5?XD+ZQ=NdY29qAtSKBgvUhkXfKU$WBjU?>>&y
zi<yhHLgF7$Afh2L)0=%fY@0s>1Lp0Bn+5k}IdDOgUt$i)S(LjiTac((l7mB^AbRbk
z0g_`QpQeZv67Q=_2v1<eVq`nZ0vGL!x=XvWBY{zF4Dl^P$N5{i-y5FGenTg{;5IYT
zrdw7oIA(y)SQkQ_YV|RES1UlGUa_GBfA(7;G;Y}&>)EpJ_SYQBnSvL?A4_t>byiKG
z)%|PHC0nF`Aa*){0+x6<BwNKIHH^sF-jq50Py}s~)6vwNluUQ!@N&>Opj!sfso`aU
zjiRxvQT{PgH+4$xN)NAwq|mxy+W_q4UirU2_I-{4M9Dx(4R{;`j%i?%@+bwHT6_yG
zH0+y_n7(Ft2tA`XylSd9;;WpEw)LZNxQ6hbCosQUVXmBC+x;Ar|LleMlg=^_WmCjN
zFVN<bju*u&S0dyl)iDA6prjZ4*ACqD?+u+INykVG$cDTB_?2iqOoPr5EqSjDPVpW^
zy8Uee_Y^UBi4ZwaHcKdp*_7!lOOYgcf?w-vI=&qzq^H#e{o+wobYh{V5Pdm>+gDuu
zg*7!RY5nIW-Pz<{&s#wuxpV-8?`LTsB0m8078+^UDy{kXvUNm-(4uTEO3K=j(Z#J?
zbV^7D*F9Qm14Ux;tP6Xl))vrJomgo{GPi+K__R=)sx5;)wfRjnCdAr&kKo`6EQBB*
z;;KZK>i*E_J2lT0Q4vT=vI3qB;!91;)GwMW4wa5@#)A`VQZeqQrlt&5?nvUCo1Px+
zqFRL3>{|yz5jmL<0vBB?*)DM2z?QR)#g5MKTiJ@iDNq54W7bTeOfxmM2Y;;}zr~TR
zPgjpdl4?Kukb9Z}8L}X)Y+GiINkE9+_S)!6_Y+6?;*4K>>dNaaI9P}j=lSpOuW9PC
z|2|i*1uSYj=b)B>B@nBzhIw||T2DHwR3zXe2NwuK5Yx*;Vp@ltMR(CU#NrouMQjYy
z^orc?*VL+-I%8*`5Z{{B1lB9V8+)4TKsq2}d*r0vE?&y^&9h_-@9+nrzffWH{CM{D
zB>j)_zuruROOXMn?b<J6z-Q7o>x|owbs>jXI=y`g(sVQ;QI}pLNAx6LKdX$}z`VsD
zd1PuvHYlU$a42WKsN^Swf<PdFr?*6if>o6l=(=-%Gdw27byGZ=W5g)=z1lP9_npLW
z65%P3VGPb04Na3iOQ_fnT1Mbr!3XPSv~n;#j&Weqt$Pt%-JK~W*}6bzs!PG_j?_5*
zy_lg)_8$SoS0pDqXy1I$H7u0cgX~g#J<%<m@Ey<cY9)`;&Q4+9ve}O*c+{4xBanb1
z6KP@2{dI)gP!A9;`HozPs@n6hS+V>L=BR=3^;H}m7<gcC%;T})@e4ryAX0Em;Kf38
z^B_3bcighGz}O1Qy-Oe>7W)^%7Nrw9wEVJ|&jUd@v`5Kuk<!Cmb_Qdo>yj?NNo5sZ
z0w|eNYbHzd{K@@~N7?X%0xVNzP6a}kqpOObO*}VBO8)1Z&v|RKW;8DZH})>*^*c?F
zioi^Z^@$UsEYS39XJwv%MXh@vOR(lmV9q!W5$YX#$xU+=dO27gw$d>cwD{5aZt9bQ
z;jJ(fIXF_|;){?KsrK)Ka!^i}J7?t_D=~>-X`jvigb-LpYeV$%At;C2Fpws}gM>AY
zAwQ-M1a`J0%0rw7wJ3l-8)<8lO}vb@5^^?tepGZHgw>x&Ij=xg8+4uJ{p;m&;g$=o
zfS8o<w9jem$T-!K2`~*_>2WxI;>109I7M6Kfoa9O&$&hFX$^lX;~D@2VKR_Y@zES6
zue1Wxt7ut-JqNnP!fkkL*!;22%*46CDkK72@?<iS?Ax;@OjbeOQ`_)1&hp3rLJJC<
zOXAS9$^NJT^V{S&Jif;5bbr0oA_su=0|I#4J*mOVCMOKXhYedjJJqow4a+9e$)P3a
zq*i!gt&lr&^ozIk*MNFeS_edxdRN-j0$w7P>#tEY8Y~$Z+;Xzf^}hPe*FD4M$}(aM
zO6l4OmvYvek9_&NDPMAvnWK072ZN?`mbXY<CZOL1&1VkNr<givd5Hd|6v(NHPAs*r
z&`AxZ{+I3}%X{0;>{VhF5yB53t)WQd<71OUP!4EIZxTUbN{~F{1@gAVk+(v@8#lJj
z+zme*g!Y@&6RsrXV_hN^Jbo5zUj%AU&}%JWm>VcmkTG}1rrfv>y#V!*g$Ib^i)j^k
zPj<L|#10JUxQHv+z*mD)dyn4k9u`9>7zE1WSNC@zka+rU^IPC@UaLP#N%&s5HDb3D
z-Za(wPHNj;ao{A13E8`uUr>yN2%8Lok|F*F1r&?KY8W%+rJ_uQbm8rITt!e5!H<ZL
zwVI*@W@d49UqpmnL;@Zkp)ic>he>x-D#$7wG}OW|1{kYPIWY2Mq8^mqPuWj)e2ji?
z)CL=I^{*9Lz-_dq1)2vYlpfHJV!uYD8SOTtgX9MZ4PmL68JJ@(?!0}W{!zSnvtU6e
z>-Gy+i%Pe_$1R2T-!9NW<M0O4MKAfy&P@%k+WC9bR`*uDvG#o2mjUpr%%91P#=B??
ztT~EDd~_IWgVXK)MceHVs9;pZSAwi7LFui}W5RG4IS$7aAV_b6b6#!ZvHCpO4<6^1
zCNi}ALb;-(zI100@F&vkE%SGJu7j*aOniODg^6xlEh#+ijte@&L>|YnN}H3VVu+Z@
zprK5C$P`B{IYzYBlF}cMyc~9I0#!3ZA_LGts<*s?fFF{!dwAa#U=9MN36Ko9uQ?$}
zB^Tic{$A*99xtEY%#fHPf`ky9gh=_~%7ssgA+i3OlSL`FjU6)U*U;7%!V9mldjfwn
zAPj<U?&D{TsgF|f4$-kd8Z^|+DeYY?NH}9@xd+Sh1p05bK7(cKrzjjN-A#GM5rluy
zxo%)Y@oi)?Py8hV-ZcsUk|$2+!R`1)K>p(Pm&#~bp;vM&xENb<zgKYbwK%|U<rk6(
z9v7OM1{v4#?-Toxj9PC{a>n1Tx?~JbE02J?Dc*Wly7v-&oKn9|MguEPq~N?4Nd&PP
zlU#DFSEUmYGb(h`d4%;|HnViV7K+4slsg=kS22KUT!F5RZKy~$n-y7`x0}hF=a|;_
z236urA#&@L5L%+#MJffdCK=DfZ@TlJ@UFLpL0Up!wMoV+7mx{<0){|2A05z_c!`0W
zd8}*AoAFaqTKcHGYTJ91W+OyPz0b}BZUKB?W*eazr91z-+NQ}F0UA!rjQQ^o0nZBC
zXF5n@OXS9Eqbf$7OTyoE-A(o8HI%umsAZ#D582xvKc5g+tVYWc`1!p{<k<E$g8HSH
zLi*7|N%|A70*|cnRMikR(df?{m8X@O*3Gaei#HA4uV|H$c<ZPb)4!*=3(BO~XPR^-
zhZbc&O`~B-%!cW3)<JTFLb0k!ZcyzBt)$5`aeZsYUOgHSQ!Knv9zLx09WMX5do3vA
z$f=QEu3~H+FtBqtO#H37CqDeKh=WS#a}~%K$@G~;>H0GCyC?ulX42wpXjz0l{uQP9
zw5R69)~gw^g|OaiqN;82na1+#d;L;h(=S)|R1E!*ZT9C@$Ov|MGXE_3=DX#J*#8Zh
z!dpHfNzm^~*TWnUpn0qpZU)CN#gBh9j2-Zw%=`;Ht?niw#6JE(0y02k>b$#0k^B-}
zbB@c}uKVt0G5cegR#4TFk~pO8FBzb->Ku0iCND1xCT83^;A@ss13trm<N7a8x!k<3
zKS%vGM@nw9v^Dqt<oot@aRAN_A5+Ymr|4Il>>Pg|^@q}AfK}Su{3a!FxHu&di3+P#
z6lgjqt!o+44>f0-i@#%Dq5bl&>V%Jr-DG<3BW5w=<XmArtXtg?GHkr7kp>YtJ?i6s
zZv)CC%;EXxB3E0t{Jtw!$(qm#ZZfRSXoX-(Y@pxc7z|{<OEfs0<vHIhE*Kj1*|$T+
zmS?vRg~_^ns2{Tyzeo6(HG39zIXLxDV71rjkE{e%=<cP|+_0F<i1F@;Y4*9SdZwae
z)l|q0UsB&1^vC0S6tK|D<8rE_+#X{7XCXTwj`TD$+)dj?*lFsnVDiGdLlDbO=3m+M
z*dQFu>JEQmC_#;dLLOp^x{Cl)Wd_1*eHeB2{g5d(Zg>r~ZdWDKZG0K6O+LskOI1Ep
z7g0ehZ(jkFLU3^n%w_4gVwKN)*pcQ=`Vr?J7sD6<L!VA2qNxu2sSnww7WEkp=9l0=
zThIyN#@1Dz;(eUb`4CPyx+yX0ZFR=j1zq4Z=lTyJtgll&=fiGwkFuQP0?Ex_ju=E}
zfZKZj4$peyEH_HUyB<d3s5k#1&*jU`i!h~UCpWKF!vEQ@l_I>}So^{H76}NX%8LSB
zoE6`zvAWmALKxLG^>s2E9lT7pRrlK}ll=_k5F8;gsN4?TB@KA_iWZW3mOPSK54pI{
z_a{d1hE6i^2A;lyDbb|SyV8#EFh4Ia+QyGt#RWhLcMy2PRhNBN*oGd~>+|2GnikZz
z?7I=K+6JWguh9YX|1c#cJCSxHk?D<z+#w)$ynk#hk@w`Wac%ur-w~D8u0_u!REg13
z+bicT-AX?94@2l2jgiw5XuZ}#+?|d<i>J>2YV5(x!v~9e!^&a~OR(jx&hxyuz9rPp
z>-`AC(wFcWMdBI-x+ekh#Mu81?Q}gXHjALjy@%YJ7V2NdZGOoTFQ5p0L*DwC+<{{Z
zc=<pF&A5J;hROrxARk`&-(h<LLPjE4YO~a^I5OB#An*O__#Nz+^@^kI)giS^fN9Vi
z&5EPTE1#UX894h}Tqp+_yJZg#qI=Kkh0+SM+6MEL$3sVbi_KS*W$TmHi2;)?Z}?@6
z`B^s<her)<q~0?$bW+IdV%9ysR)+WVKTIIh8y~<{zVV!Xw=iUI^@S*$If$kPtT9(5
z6uM-QDGM6U6VCF?>I%J9U7qd8SzLLbBF0Ovbiuca{i)p24rHD^44Ys-SB6qj_tb2B
z>-fuqKkf}m!G;j4Uu%))S>9eQrvXI9C$~|~d>%gSUCVTNT#^2ie1c!IBiARlUWsWt
z6N$rYrqA^IraD(52j|1B_OxtX0(&-))Z26QZhhd1f&*L4cEOP3o)PNM7`-Umo5KX0
zq4AKz$=XM1;v@TGUSIKQJ(&L;f`9L`C{ZshvyDUux+xhj%7wp-AoyJJhw+YR8P%8s
zYDU~)B?q~YUOHv(B9id!fL9?hPLdFTbeWJ*c<MlX00YEcYutMktBoWhV@tJ3hj1yS
zJ|00!J)6^oe6vzhjtKz4-6g2S$r(qf4s5eXhEjnAV;PPgvfH7HPc+MTAeJMJiUal0
z5!^X)p_8Sd&6`grb9L36172eGBg6n;GZn4%3wskxsE9m}CI|LsfeBs6$eJ!7BZFz|
z$X;drKEQ2ZD4t^(&%v)j1|AAFUktN<;ySZ6DHgkoNeT-Ox29d8x%*rWF&=BB{2*TR
zw?Pgbkbq-?`=01yY6fmds`i1{x!H17&osKgj1)lmgFuLKTS!ZrXGM+DuGKVTu2nG!
zNZ6wa&(8rkxYHs|V5kOd80sJdb3ufFk~IScT-<40OL%J1e`Ymb>)*l0#oNw?Sqo4-
zCrCZu2D5U<mSO88Gz^UKXk<|Hy3&9j4@h_C3Fsx}&WRI2;a|hUne+6`-fNGM0ihyb
zq4@oZSmO_HApkh3&dtO~h=qiQ?`g<&Q%=J?2SuNdb;}_r4~|PhxN+enhAp4Pp2EVE
z2pwL6a6w8)G{_T?tf|GpRntd$1p<8_FR{jUHXT3<phRkK@Hdx{iC*O$Wj^qtVUXbk
z^F*yJ%&Usf4_12wuEmSWJ(Zpj;Auh^zfX%n-Id#elo)+R9a3eXP(mAk+tsrtkW5;^
zQWh(k02J)HYAKRII>ng}IoC7@NJ`r91AxrG(6|kQ46xNpEz=40&Y4kStUVXEK_4DO
zcBpE@#l^J<X=x+71FLa?<m}#o31;0&NFR}NCq`M$xkXI*JcBYREiD@VMv$KSd*i1#
z(zk_po(`6xATaY^E!en&wLlI|gkFmh9QD5P6P&!cU3sDwaG!2F51Cj!Aw%HZGV??9
zXNH#1%F#wTTo;kp^&P4cEXfXM?a?9vh{$IoIjb?EKsa?N90LRoU~mE%Ucn?ycT9qI
z59nYh^Y%*o^KJy{&#WhrpWC7Quq0bRhOZO2FDRuv?m{=+rkOWM_A08jx8;0UM@4-H
z*GQ#*3GZv<GN)wHDp9`#VJ24%6m>2EPC6e3>7E|3r2}bIh4c|ZMzD<MX0?Kst0H}X
zaztN_oTlyr_fK_A$(LzO9n<D2@BN(Wx<Bpd0bM2>b3kAGlTn(=e|)ga+q*3D>2D3A
zzf<oV!il4Hvs*zgzmRkg$myOFMMckv{L_v`V_`DpGMocz5$!x(cGDcU#j3W#8-01D
zmF3WQ3htR>CG?0_iyGHF`d`J8Pm9j79|<`6MwZpAN6@O&j$oLK;c7&}M~GW(C-uH1
z%_mUffxDy~2o26jdn+=71@^aX%7w42R*H|(w3wWCNnRCFM5U?Nd)|8z-2Bmq6}&b8
zDH`oG>pU*}K}o&{0Pf7!^-)Nh{{a7DEL;~7^e5(X--&Vu%89A5yK7<IIl^OKbDO}n
z#*!W8Agu&p#A-d-8OTVk2>sij>f4zx_=r(Fg07PoZ%GzNPT<`3)4{SQU3?6N*(EST
zlLK)~%wOZIxQ&uF5l)I0Yft-8wsz)hysrqj0w^Rswtz5I<PD(Ak-(PDqkfM|t!+`a
zb!`9o5b84t_6YYG_`2R(qV9g{xtI@+AXTt=4F`<9{_d@EzGpzgFZ%va8RXl61#tcr
z7ke*jnsl#<mW&+hFu|K8f8><ZwO-iSusUN4-hZsOh!UPnIVM7w&lu9{Ioqwj74y)>
z1C*{m9XA22>}<;zJyT7w>=rT4BA{FW`MCE*Bvp7#O+Pm+QJh&NOk?(EB4MnCXsd-G
z)@zeGT5W$2jg-ypZYY%vHIzjtrn#I%Sa*HO?*_EmZ{Rr=!H(r$Rgzs`G9*sgg@}u<
z28xGrrI+ToHrlheD;o>t_-26#yQd7nQ`260VM$p1zOC74K9aBgZ+}bwINqg)n^FNY
zW~mt!1OS`5PP;|v#M8YI)7ksWGsl~*{&<#_n6xN@VQGE1FJLY&-B9?{k;mf_ZV2Ci
zt{CN0xzR=j2Vktc%%{HTgj*o2PeUUR4X`n~s-i2hX0GrHByD@Gx9dCq06ls+jdyeg
z`;@cq!(*xzOhP``G&~{reF4a6x9YXB_m4seWwNk;Af&>sZ@lljwm~?{elNCcf=%yp
zb?|2(N~hs6XLD?gK%xpAM&qwv@N&vBN!fK9BqciYIkt*)45dH0#=$Rcm9=0}G=aR9
z;th~%V8xW@8oqX2y>T(G)o}w~u?z}}ewQRJrJWQs#2*WDk+{LuKL3JdA+G5KSzj5=
zt9K&mWokX-xEaamQwt!!z4)V}o!)$^C292XI94B<v_gumqWBZ?EI@5KUF{*EX|WZ*
z_x0<#su&shAW>-VO8j})6LVKdiL>5r0!ww71ZSU{{mnBY-T;Jolie9%?Y?f4<Eroc
z{`C%__k~733Iu{>o@ZV_uSq8w>(5?bc-Y{q+q7zQI1V-3R~PIeqlkF?Ds>sOUI#u|
z&oeX5(c$n$Nl6*Ueb{Z9OyGj6SzIeiZu$%p0J^r)X~NEVB+duG=1~dz`fGgLc74rD
zMG<T<9!*i{7uwsQO#Ue%4sA?_q8jkHp-+g9R5j}_YyTJ`uj0;q(KoD^MSSmXxBs;l
zK<#RRq{-|sMb#;K-KFH5W&Jj&8D$(kfx<+MyNn2CQRLy|*CP?O7tF`YHh;y1+1~X+
zl@Z+q&gWn$n3mmQM%q1!s;B8LVE!_YI6(bh3mcyr`H$`=?m_RZg~jl^X(M>wgvFC<
z6^+f4XG5wT|9I5&Yv?~F*6wvWf)3}{oK>&a$HwtMp5}5wW3knJNO{=Z?Zo!P60vSQ
z!+;f-)4wo(;U3oa8n}dfq9Pg!x$zCW3^n*-Gdg_aF^&z^@;iF?5lD?p=B@>EoPUBg
zsgCLy#akwv1@5arj#j_p!%zZxikSYqsHq^vp$G{Np;G=c2fx|kHT(}AD+@1n_#?I1
zD)L)BA$!g1*-rsi6s0R;i-mU0f4Qyy#|0>8Zi-<4Y?>>SWz%&o-8f%K@sy>-T5KzJ
z-jyRJ!7K|x5Ja%_BXk?#hs@_jrC;dN&Ht55`(OqGS}jbUR@_`NR4I3{(o`f^h+R2c
z3007MS#mPLr~gH@cuGffug`Z@HerSSr`W%4#Sml~eGr=|a4wNBTJ2IKm=!<N0f4%&
z+|)p@YdQJj8}>t?dQ*@N{xodRAq-XtoJ)1*qGLaU&Fd%3Eo<xitU}(fUa;S8i(yF~
zly}24h*!lb{O&B5n9p7?@A3zJxK$ruD?Il!W-!5i*6Lk_?R}kX^te+zZ90s7|M7%s
zQ)9XDnU89<okI~%MR`{WcK8h-E`p6W{}7a@Z5hE@EGVICEh1kK;4;7D;>Zf{$&k@d
ze9rqrZ+9kr{y31C+!|H-%hG1fGz?|o1+$5q@rlF`Ud_Ot4b*SrH2<%oPLmYuV2^)B
ze){{;;z*J1nw$fUXH3nkU47A4)fme{j$hOkB0$m=b9DWXq1f{1vZo*ks?Wpy3))GR
z)p6i34C=o!-Ff}A(0aw)0%NsXJ=UGpEEahykF2VSfQR!&lL<<f9izY5O-95;N1d~d
z_%$kK#CT!}HGEbeSYcubLaxdgiNOp<OHG@{yN*#pg(WOKkqpq%tfHXgxibBAf!S0X
z$L7$zkt)8b)VsR7V-odJKQ_cx(ahA`IZzZ3zWYP+%A&wy1(U>447$%#U0Gpl8isl=
zjU(Qc#KxI5*Y{WCrXv@9aDG|Ll(d?WArk*5o^6|c|I&-%w7-EKKo;F!vhP^5@=6yM
z=9lSbw=2U7t|I_{n$*(?<$5z^kZu)j=L&_9RsR~=vb(>(-JraoVgC&>f)J$Zh@WE7
zmVZ^gK#@pHb<)YonX^MAn<}$GIgkQQy;7-Fp;xZViqshXg#7JO9}N`Q4*MXc$!w|c
z_%|$Ko%tVjhct$^l$(9U@0Yz5dqRSToR8I3jHlD-t@LbRSUkx+Xr)We9Nko+JH2L^
z6irjM@6r-}M&@=BC6aZk-z!;Z_jdM_T6$YfU@F6yC=5=d;VIGjae5<a_Ht3Y_2VCN
z4FmmK8HobwriQsr^$RtQI4P1iIUb-yPZiYbRy#lS1`Q~}Qf{RL?|7l*dmF5V>;#=H
zW8%Jy-We;=m@+S@u)NwK*ai883#QY2|JU7D|3&#dZ!fHbG}3}Jf;7?+OCus(Qi6bV
z*V0S8X+c6jx<Qtb?h=q#y1N^RrJLvG^ZhTL{cZQPJFj!*%*>g&?wM;1kMY`1fi<Vo
z#Z(ni8Ef~Ul+XNjUCkv#<P-@#wl*jTH(`y`Y5THQ5yQ#0iMNjhU<P*J%R`|rM1{q@
z3Yf{cyt*N&>PeShbe*dAOh-v;IA}Z@Hd*mQ2k@PGtaPDPo&${qVE2Y$2A$Dz`;-!X
zS$M<q$$0ui8I2M5A+hrJ{hK1zj>zEwBv%UJDA7GZd9xeR8kO$-P_VFwbV_GA+WO6v
zGY5S}eDuESvBmBh6W<Tct05xn=)5B%4sr4<@hTu%LYeuN2RrtX`2KTmAJ?N<bgmZh
zEp2lVbOJ8El#^{OhKp#s(f06L#*UA5ch_jW3e8~B^*k#3-R}%Kf^P|#dyofqA{O&I
ztfQq<|7U9|5XKy?=kFUh4_J|1Q`;RPpj3u>#*Iy^X1?Sqzy4dT@d>7ThEPi;sD&2S
zLv$v#*<*Fnnf>QG8!p4j?eg)mu~Bv8H25OYIx06Jed2(*FCyE^fta6xDWT#L?eiVV
zf4)g77PcS(hQ%TVkGHhX6g@aS?KW>im%+t8b$Y1?p??ZaRGHBvMuJOPcUJs=v-&8F
zrkv#8%^_dbXJTf(n{R>-1@~WKfu-+AbQQ(Q{JEZobI%0rTE_A|3I^e}Z&5LjI6XRl
z3gi5EBez6VNb5zX@Hq0^`r<t1l&ZEXfDQXv%Bi{Otb9SfHQ+2Fe-ZEnt7MixaQ7ka
z$a<s2Il;RQ*3EGj;;nB~=m}_a6l-2@AjPRb&mOjOK~je*ULW`Q(5Lf}EvEaRN6cQG
zte5xEktp~bj_;?mZrW#xyze;O#k(sWh`hxTIS)L_n`rDqLf5}%?FAy@TUTLWnM%W(
zfmue6pi0uZa=AC=DJJ0GXp~7Lk3Ey+SbeI!`X|1f*rt;*u+kC1W}Fc&O@{f!G8Pp^
z??OdI$S*nZ?j$#;PkEZkC46oX)Daxqntcd2BLdO3nK;s*EfK`6MwdIixkv;WWKa&r
zXj14_)7kChvK{g?o^5N=-Mn#u2<(5pl1!_erzwt6nXJCjg1t|2Z=U`b9W*;$u`X*S
z`=$Gs*<^d{HT_G!?dtp&cZ*_+PJwfbjQ5>&AR%^IdLqrw!b>&3u<DpB%JN`4x&A&p
z?q#Wud=^AK_M&!2@+KA<2Q?SC2PX8>n8$NhyUrixv^LmJ!{S`zx3bqR88&{uqrMe+
z(+uXOp!W@Uj&{1Rt7c6HN{zNJ``b;^PF8vD$IbOH-s1u7k=AY9%(4(5h(NHC)!^Z@
zaCsf#Y;E>aV2T!L<FL^u@RlO++Rf?}-*TU2`nP)ZQ-oB89f>b364qA7sP0huBw?0?
z`?&r?2P?Bf6X5)jX)h)A+mA684ooEUbAwZ~sJvWjt6in52Pjx|E4&0H4smt+*4qtr
zEs$=au=U_4;bHX+Az~`(8%mCHc@gF%Q=8Hl5j)eSpYL!V!W6zjKHn9#A&16Dv`6m;
z*_Yf0;lcsFxiv7eHp^t*ACZ2n9u(#8X}BKZJJF5f`c1zZTG-o2zkPO+o#!xk_nv7`
zD0q{>yRkPa%#-}vYMUPG&7AXgj(5&ib!j#(w)?k*4|+dKqe<Z@KebxZad2AS>TTg@
zd=js2s&9iZcH*@4yXz5n*d7l6^EQ=U_!$Jf4FPXB@NPAKc$xp4^?kfoCu>5Bu*(T<
zTuvLRoOUqKzRR>so*@3)L@Ji{Iv70QWK;4{ZE=Y8rbYPPrZzG`ICo=XV8rMV-uj}a
zcLLuz^$XA#8jQ19PJZn1KBV3^rtL-TSbJk_C9%DFf}yGGyW>gMe@KR7WUy()+oHa-
z#-8!bik_vz_Jj(0Eo47V0_EtbakDTwuS7O%5H;WxS=^WQ+@fkD>Y_XfpyzCAXUU?4
zT%6`dc8W`9ax81g!$Q8XiV?BP^P~>0Ub#r-oXeH)PstN`z}|qjJx%LtpJGvG+eTWE
zs2Sk5o+b$@p+oy>E4HqO%{<ylyeP|A`o-HFQ+NN)+pt8eh6W5Sw+M5&*mr3j$o;X`
zm~Kw0t6bkPKOe1nGMNR8_g$q;4f5?~qE-9LT++2j0b@hq<w^|YMTRKddDk8hkbW`r
zp*|w*6=@DuN5ft4@2{ozK^Pz*E|ZPf=Bx437s%?W30#kvSFLSkev<R;$IG&a)aV7-
zXWPLUtJ#MZ$hEd}U~ozD-Bwa?8K&xrQgA?QogAyxoRz-#$qCk3D&_*g#_)npL3+2!
z>6%JvP0@29utb^*6Y+I;grVSVv(~(PUup=JFT)Y>Xpq#~f#YJ=!@q1MlYH?&$4A6c
zaPo&TK|Z+w^buZi2Zec8r_ya!y@n3~uS~jx9o6Qv_SU*HKgWa>=5}}E`7p_)!4H2b
zRr}bD&t9CdZ!aeaiTbqp)eNuv@C{P7OE0=ANXv0O8!bn1cTf%6qYj?!&y~&0{cZ1|
zyHg$r;q?)t<na4O21}{_Tw%Mt_6AfIMOfILignN_O7Kq@OZPf6Q0GD@q+bMT@CrEI
z(BUlb#%*Y{*87>%;p5Qey+cz&?2Ir?Z4Da=av!CkbLKF|{pA%1=l2`B9mAipEK%ku
z85sK52bA_iy$>C_A(chVWeZw&vj6p`Ed4vxwuA6wUxMeT<JO~dD-XxcEA~>XJTPb_
zJgd)?+I7%^Sw5$EZSp#?T00};=eo~XyF3mZS_=%ysQMxyO1ejPNL1$|zRvQ%Dq_!I
z7?=!aC|p%{oXw)4N{Z{j|NiYh>&aa($QC4Z7STb_Z2Nu@5@#elL71CouB{4D30RbJ
zSvY`NT6wZ5FYgzTyNwR;Pt~kEcY;ubEX#+@w{UZ^F>LVF+_mqu$liCY&<?wujD7|t
zGXuu*U)7;pxvPd*D}QViif6`RVhdTO4<w?OQTo-Vwi_n~dqo$CIa?WhOXtpKOq#+J
z6Cc;wA=ve+_|18J1R{x^YRk=V&hXCZTby|%g?C4IKWjQD(4HUr_{Qv_H<UqZ!hn-J
z%`}3AvOuWW#z(j36;EZ@1LMKxD~8ZCY6gS>r|j@zm5CXDYM$>#E~>BLr-&#9=0zvg
zlv!X3Du&bW47AYca8PtUs3&|^iOIyDU}gX*Zs%N8aCe&m+RH*xcZ4g4)M<=6hSRjZ
zPUp28l#uiD$Je?XdZHPxQgSq$<wr)^bh6P4fMW9sGO;1121c3{?^9#=!lxc$?~O0M
zcSuIZR+BIzlWDc0!V0hdAi0~kL<h*~fN=I&v{0cw((2*QNH`1~#whFQSyE~KP5@NF
z&KAAp?4|c#9+cz;W0{by5P80^w5Hv_;!3FsO19b*6P^7IKb#QDD68Ix1`~M1{ID*|
zAzRhMfA>(UOMDX=9Z3J@GKF3CQhdMD1=AQzFnKlJUEYB_9ibBRA>3XT6qHknVo$ER
z?^87-PFX+Z?N5(93|Au>#ZLaD-aNl5)*%_8!(=0G^3li6Hq+=_5NJ=!=D~YZXsGH{
zg3$vrRT||#|2)3olhcB-|ETf^jpNG+=&)P4+8!ZyX#*T(@G4(RQ-5|Sf78C6m#^nb
zW@p3W`5K@(xRiLEsE57-FLbBKr;Ch?(!W>09lAhbO5?=iQ(fb*bIxOJE#nzql{NF4
zy<5(O1VY{NqFFT3vKUBf`VhA$&laOeClBI2h~L>u1${u5!z1lg$QI`GdJa|l_8nJ(
z#B4L%9!!mkrIrxUOCq!#Kqkvt{AJ@dgbaQq-x+^)h8!m?!ycxa^V(fo(-ZVz6;*(I
z7J|C*h!%F>;Mkic^e1HVpx<Ve#IZ-Jy%3|M^tTrBEiddsR*aCNxhwFsaLXw~$#g@=
z8VSQX{Su=|+lY%_=M?pBkvyUuLNWeUzn2}3R#(k+OzJwL*IMM^`{4h5t$Oi+JeS=I
zc<`uIx$BRG56P2qGVtr}^=9}nK`@6N@`x8xhY?KPf9Unr;a+3$6$1%T8cx-RPcc-<
zM>L*pX*ql4HLwjZ0o5zIy}1&bRV6~_9Zz6vJ14Eb=gXC}WpvI-{#0u=CgtYDvJBd4
zn`;+FKakU6ZW5reLEY}iH2+*4IcAbVQQ{IV5BH+6>1D(w$KDc(7NrP0sm$(^`VB`{
zQ(%zhc1mx;V5_+h1-bAi5(k_<?iJ+3nM;K=eFWX$R}0~PeK9yBRC99>4~deLy`1d}
z(z=uBEKKopRjSBom`Qn$$q(6KKw?6^VLk%qO3gAFgh5LEQuk$UL8BuX6#Mf<VTcM)
zFYw7J$c(c4P11Co^JepG5gx`&s%87$^8UHJ!N7S4LYA$O@L1;znu1mB=*zT)Da<K5
za~-v->}lrSaaXrVT;MArwRW4=zB;keN3f+gt(yESf8Iwh8YD0nZzW!O&u|+)n@pG^
zV5zLKn)0{@hym}8$>Iy0#S`Y}<>gEd?iy7Y{#TOXJbpah^s&+D+cV`_dU%}11xJ(R
zvEe%xhsO9r^UONyTP)V)|E#Y}KlHq%zR;iq23#5SjqU<FU<4^ZYOg*cm|`U^vAQtX
zJ>uK`>LI?m>8kS+KcSX15E-{tz6NZ`1D<#prm21oIIlYAK0lVPr(@!JVs)|5L87=I
zKo(Fl#+Ilfyfm1B8Ku6W)YrJWvc1c%(dQN-7q-gV%=8{trR&v6au$wOfakGAfp*+Q
zQU*f~M)20p)e2HGnzij_cPW)Gxuu#rG=8a|<?z_eV}{DIXi8HvEyVxb7^9VV5?|mH
zfDi6-wq_XNOb{<H?b2Ms2tN9@M(fVe6N!``Eo~#i5@dDA$=~T2ltsOG?fz-5;dqKg
zmk-ELRZVqucFjY5dE^q?%Pr6JgEyTK&oS$-!2a#tp2)%ix;4Bs5+Hl|5&LMI7Xi;1
z5&ZNbsa)<kZ`yDq?4SbWSCFl1Gi7w_F{2&X3c3L|dGl5+tCxWx`!OwnQG$EY1BbGt
zOigSQNgLS>1vDvsbUo_&mG6VEi!4z4&#r!HWi?!O*Ym)$EB))^q6BTZwdXEv#*iST
zEB#?Rfq03Gq_;9UH4h%bR~&V@-p@=?E+>~6!VXvMW{baA4Kht2R{CzEKE#RPI(*Dc
zDcJ2jDgqM~jjYw~G~_dnc*-;v2n+W~sM4$P1y|7N6Evhg+lBOu`5aPK!0F)mn&w6n
zjUu!Lf#TAWF#{C3csqnnW7WmYd8RDNq;?zt@4$~JlHt(XL8q~evpm>UmyqtNc`5k<
z3Tf?`3bE0jBJVuFb>Kxq>4FjavXT^m3|nciWkq@|V)k9i8_Z{`^QmCazmV!G@~`5=
zO1PB%UV9{p`jwZdt2$~Y1DqeUaoU(ZXlFf-HT@%i#)D8eL?Bt|;bH+sSXD9dpEx$1
zuMJ1Buz)=O9nPB5)J|%-!fEjOwMTg?KrJ!9rgM)H$N;j%98w>YJZQXY@69>>gWAx>
z{O{ar|L>3(jHu{kP9yozp+~R(ywqE&7Z<t_w2<FkM@oo$zCZk(a)vJQE5HqdH=IKN
z^m9lwH1Sy;6RqW0iLgE_)^0MaHaRP)jn$dA{z5;nIBeH3nUvPl$&uXF!E`j97rtz!
z*A~_<K1lQa91!6n`1d&sv{FDb&`A0$Jz2sD=<+4lEQ_`Q(S*h3N2IgsTr0N#G)FTP
zlI74_Ljm*HEjfZo9nX>jIgm=QnWl4a*6_p+4jL=L!Q~RTh+Llwgjrv&k?sR28bFgG
zF*e$x!h7|7J#Tk;OR(1s052Gomo~yz7wO8OJCi$x<fh?_YWL?uG*I~wdrwsCn~zEg
z!$GCjX-4?nOFU~h^&E@&XGP??#K8EC+?e;VOb4Rp<y|bf6WsZ|`cP{?#=O4ChLYUA
zaF9r--<OSnHi}~E968#<>0q?pR({_SD01=I?BcHtv4_StAu#oatfN({j3}U&BS?3-
zWq6&_k9dHd12)bOH#=|ixi~6NlsPoCd1=5;q&532{?j=Df1vCAIs|W#sC@!2Qfrvh
zaKFK<`aEKUNc1r&DmRd!2hbYLe{xO$&x-_6IyTIn6?uW8L#6YR_e8dSdhNKd4!uQh
z!|N<U79RYI=ZsnuMS7;n0r`7)%IvJ3bSlaK$1+VG&-^gX+sIRQH%aY;1qeO3@P$by
zrRsE4l(3Z_d9eC6xKew2qd<Kd52KV;8%Z%$jvT%4e=T)N%LbFeVux`9)VgolLvv-}
z?qAbo{R$|FDgDtC-AHumubD<sWfOtoSZwqpgP~&_L$b!MA0?#1b?8QfAyH<6d#upn
zk^Fbjk!ShO_`FT<y4IO(Uwf~vYT8S-;RUXNcahtF`vHm*5Z_zE;VH-ik4u-xYmL0Z
z5r{#0eBH+&zkBc%q4I1URX%Bs+_(sA;p2lCi!{Lvh4<&+hinzpFd^yXHjSlxS61ka
zjV)lQhDRMlU*k=U>zTFlK$$8xp<bpCJV(iya-xn)h6JgJ7#YSLu|rObF8HQOfWq?e
zEb6swv+Awv-q)ck2UK88prdl_*Os#be^r?NdVgW=(DR)J??g~JUjH!`z=pTQz9YsN
zF`WgJSuFYWierM#oX;#|`oPBRjcI%Hqb<WXpOQ7j05M$!zDRvM3|l_EU%hcskG)AI
z?1Ue;hWt4E-y8`7-*(;2!I0XgwKmh$=?O#mjxIy2XJK~*=?FI1Z}`*Ro6nPZ-TBYz
z7ftIIh26T*w?%M3MX@JiXvHfH&}T}FUU-CQ>VOH9XQ!eyc#o7S1mE**oXaRlc9C3E
z#b6@P#I2jI4t*-^cWihpZaZyr>zhlTBA4E4tyh!)DUv%G>>s^+2Z3E>8s<_`b=z4=
z43pg93|AgH^!bfCqcv&vkz0Vuebv;dvCT=3?zF7_cAEnFjz~|E+X5j^yfr|ILe&3G
z#2%T}jPW~+a;rD?+IH>l8yZ^18D=wA>^m))3HAvWNodnR!IiGQ_*jO+@>RNr$Q=rI
zvC!R&tJN+BuqSh1PemnFR~$~l;^qZdcuIefM^)N*ZMHU_|5yF7{qCHQuSJIQgxB^5
z{ECe#SMeis#!%6M+CDBE*Xp09JmulC^nUUsE%zuObNgOj+WozH9=+F-fPKCeSXy*q
zT7bM1)OxHH4QM(6Geo|=jR-GcI<Dq692|eN{JWD5!7~<Oq({u>L0qm$f^I)nZyZLr
z!Iv|OG7LWJHM3g(pQI#rsKExOArG%sMZDK00O_sPecW1Z@)#kD1P9TTGh0hZ9(jf;
z@A2vY!T4h~l!b3kA<+I)ntMVk6>q%tcYv=X#*GYv>gwZyrX9w=#HY)G>?UdL#SH@B
zSQ}(13plz~;9FE!9+B_57g7Ca_j%Y{=uTsHY|N8~w@4hQp@{%Yh8^0qxNXFbu`&k0
zPA>WjY!Vgnz1*lJc%EWvL|C?7zNeWD)YEwm_4xEgUR%6WQJs(kw?uI=-uS&IiW9mu
zUFdGf%y)3cbBI_nuk-nqHfH_oU5slf<}}{;H~O-tJ%~SA9Nyh-y*`khmL$0MZpV$R
zDvKU=hCS{A&>~+vu!%JloM*H`?<l65un_VWK2ytFG*)Dj2L;r&>y$~HD??xSa`Q~v
ze97CpG>yvJ@c`$UGI}t~cKH3{M^z@+OU5w();EBX);0ey4)By&u^b%Mzkf#atw{w0
z%3^HjhmmUIJYHkJ=6Z3qPtz`aCo9RT40!a`#ryX%UzGQoA&-~sBct>;E)tgue-vvo
zbh|abum9J!8xAawe@VCT4-@p`z$>uesJog$<{7RpwOCypCM(e8EJ+=qMWLoas7ra_
zwMYVd%6Kn*zvj&0KdZKPW0Wi%%?eFuB@|A2`3zVU`#!rL!sS8vXZ~oXtTJMF=|Nk|
z^;tJiAX~~|`5qOUeEBk@Xb;Zg)mDO;*Aj-*StyFMz7k7)i4OdjbN^pGTEoH@H5Edi
z5Y{EjEkvLc)joZK^n@nkaf^d_CIDubOrDZ;s6_T=FDyZCOu^jXy!7sQr8^1UTcv-t
zYU#il9}P?N!crpsYq><5qb~jd;W19H>GfM*eDz2ulKK)*9YxMU!%jw`!9xu<-$cf(
zy+`E|Kfz>>Zdu3D?FFKF?Z_kV=m{A^pPgygc2G|O4?5Yj*jy8h%H6(TgyT-4Tl+0K
zDC;|ogfKC2_N7bCfCl&w5xM^Zu(pyWnutN%AMaY9WJ-5auD3WGk`*-lSPK8nMO6&t
z(A4KR=k(vp0syLkdxqeERg7nq%^CR{{U@3mZV@s{blX>AdC_P;8zS8kn?7tiaYZMG
zLqX=Ogu{*Rw8`%lwRB$#DR9^YN1eY+{guI|LtehTBXHQTFbdeH!RI>*P5}_FK|}F+
z$_Ko1L64C#GY$S)o}@`rgB&kJ!*o7UV1=%D=K*jE{d4lnmjH$2ADQhxnPkm()-G)=
zTR{#Jjf=jt@WP7bspf0`Dw<kz54WewuZH?bbpWAx$y45YGPCXwklR)Oh7PO~1M^{i
zndMI4l}xVTeIeVk`24@Rz7lR)!*5t7vQB)Zdw%tP4Qs2rGUDmUafZG*wsp<fia(<9
zN|1s-DlTwu1>&18=I<Aalk$@Q{p!spY@zQaHqb#$I#5PlXiGiq&2B{*nu;crJ?AEM
z@p74qL-E0u2SNy+yvGwTT2B$7-`D$H0AE+t07xQJp+jJ<4}2}C5l~GS_ib*|g}JFa
zofnz239S+YK(2@@Paxq}$-n*xw894M-veo%(;l^o4vgJe4zN&!mjQN_{DT590)^O`
zd+q*kEZL2tJ{b{jspps^wcIQ6YN?#HNgF0XiBZjV!0s2DNjLXG0L1s^I$+Yfc)JW$
z72fTEzJMOfv^li4r}s@>6Za`LN^BYg-z}%$Sk}(zZHO%lXTA=?1t~27aA<SX1;Ddw
z&6}0n^cn56s`Bfr%W3nEIgY^({McQrndrcA!-gK2Lr%xf?FzG@ey;?{bIkvs``7Aa
z!>;VOZ{fe}b>dM5Svj5aH}oEapPr-GynQ`NOq_^+5S^Cx=Jz_NwC}AAuV{g=i1>lQ
z40ouHnu{@5LgTGX_X^(E-c2A=!wpS$tU@ql-r6?S*Vl%uzpzuQJXtbqdFxbA-$ny(
zNWuMApN}>hIt4vC^%(q{XZ5sr!|yiPzE?Eecc-d$#k2JxmDrpbMLzD$Hlv;Vlu0|n
zPmsN5gLB9)>hE*ZWwj{LU#)bIQp#t!MZh6-#E}$3c?S)1+9|Ey{m%Zkr_->hotVV=
zNo%~qN)Ay@z926nB71B<aiysh^eExtg>@9D#sV}Shc*G}60?L4XoPIi%L8n$Q4!#(
z&~tem83xbkso}QR;0}etdpr1PmXE#rz96sS))IWaYXG#GEO1@6P$O-gHc$-1zUCip
z068_SY8{##A?^lFA@A*lczcq>S4l%_M}zUWOd+>><_oV9&h_!?E_DB=;>;%xn^V&`
z)a#o=`}$h_Z>CU1LH0NIwbcBoE;axn>#QL%yZT6*!&M}YYkongb_Z0l#|2*BRK_U*
zBHxVR@|#qt)_fIz{OMBkDy*z!w^%L<)9-%xEf^{jrKHwAWXtJXcNGVYYCh!0byL=F
zmW_B^$XXbS84-?i_OKE~Tt1*A%!1ocEZ@d_1A#C)pZ+6&+$XBhPtt#SstS+ywp6MO
zOOsPEiPI}9qej*A4Li-8Au;pMUgUYB%{epPW4N>m2b2V+HvG;K2$~W#qw90;EUxM!
zZk@G!bz2ZTm-BQF36%pa)afD)B~UR<4DkM(9*@_L<V=<vjL9adAP8#jn6m}aTKObb
z4=|t_w~m!Gv!Dz-Su$&v`Vs8kYCo4YjvdVREqpVHFbW$2-0Xt;XR=WtFJtPYc?y@9
zPz3OjT8TF|0pQ-Zr8qkoFrrD>Cp-JH=_m317nI{Ma<IL6B8KeVLZ~&IRJWi1UK1Z^
zvMq~y$QJx#28w9eH$+t3f93s+4Bc6TO1H4(l#X03S7FD&s>q|Q>LbNL?S9XP-3k`F
zX{MWAq%;6C1o!9lq+572OeASqb#7DoCW$YPY3Lh{yoc;LxHxf7DeQurlJ5HXvAYil
z1cfz8FmmXqdF~UwK+}@lNE}wY!}g*87WHTwvFV%RUMG^eVHQ`v7Q`%|3;LKN>APE9
z?FQV!qjSv`o0M2|^t!&(W(65Mw;4JBt!Po4qvE~8ipe->Mw?zCFPdngruPSg<wPD0
zG3Qo6%zpEdoJ4pfRed$bTVN`K*59g}sy|Sum={OSZkNuripF}UOI)~Afn|{?jiuw6
zjNqxFTixA-C>;QEN1T_1?r;GH@plqPF~1Cj#4m2f!)IETHa{j(_%WG4NV-*U8!{82
zdfWp>zWTd*!<*Af^V#aN!?G7H#t=03VyJHX*Y;ejwDc|g)^8e@@AnPyM^B#!(#y9G
zbro()@RP4!XwB9vZQAlz72?(_${rDR@AW@JM^Mg%H1w}f0LF1bWZIo(5*x|&ws#53
zn<MMsoYT&R;@JNWhPqW-+O48$E?{PZ>w3c^)YRhYIEr+Y4lRi1rsykv5;{$${8YuO
z;y+tF*5|Cei?7z2PJ<!UgF*fDn55yi^z~eUYY9<)Y>&Z0j$|@7mFc7ly-i{h?7)eh
zIwj@71||KW(vBW2h;YO})_2U`r1mzlW*iICQZ6=MDh1L-F5Y(vU;-|sGF5l<-v>`>
znXL|<Vc9K|pW7jx@LJO<qn*bTm^|warIB7^eAP|SEYRX!kO+YGbR@3f2q)EzeM6P=
z<mBBWO=KQeC1O=UNAyiJv*BGb1eq5h%CxmkbXbJ>R?TcJV@pp|zm1UMZxu25pupE!
zvJt)a=5^Vs$uWVEjP@+`@5k0y>OT}WJVpuCx^>j9Rqm>E)|Sm^Q_UwE>j&Ej-g6!g
zv$?E%*kA?EuE{c-bB0&~waQ2}x6S4;;`M-vW3K|%KlLLo%Nw4VpfxY6$ax(>cEc;n
zmVG*`ZeX4#3CLM}2UAf*C}N->%Oa@4#KddR0_IAbYxR}G4iIA{Wh$Q9_id*7SCf=9
z9h)Q5CweKd)z*1dP@D`>hE)t&pB^@AA9;nr1Aw3o6Dw1=?WIHkAk;c({wH~1wp1gj
zpf<)=9E(Fnw|t9$(IsyJS#GWQW*Zb~iX!&RM~1tKqMzWgHQdOsY{ULf<(g%SB0U_q
z$@yGxaqQ#ksjb>8u)I5Qk~@^mNx*)2tU868{kWot0CS+2mYJy@zUz`fG%Xz42OQvQ
z`3V#d@j@p>&>o^lxnPmo`~(#!v^Q)nLv2S)L`0j?&4HaL!p|b?_6&*a#6rd16x6-k
zNR-*cczQzg3#ud&1^ms!Xd+MtPSr4!J9V%6zrx#Do@!#8L%nQ5@lnyTpRLzGLK--@
zMz;XLb68c{IESjE3)zm4i7q_b4c;9KRNmVt)<c46eV6NS{RXq|mM1eH0;Pl|#_iHs
z*#SK6c<?hJP++uI5`W8Vmh_S9OuBHANKey;{dx?@=mgL(9${tdm>Rh6hYD#A06%-M
zmeAif)OM+K3cZt}f(mU6eLS$(F}S+*(vjse1ilV008kRF11|6U+{(I?e`qx=gRWd!
z|1^)rUWQXpYa_i^D*L;R2>VL=-Iq@N#5<Yc0E4p3IX8E`5}Rvm@)2(D62ZU2<7?~I
z^=iXF%Pn+Y8Df0YdL!e@upKzk)`Vnwjc9V|>@J7STKg&g`HK*V?DYvd!s_(_ouXtO
zt(~GZ+O;Syya2SxiH~|h+Xcf#VyKN`EZ%pN@VDU=9>z{J$<faNidExnxH`Q17Zq&x
z7Gam<GCPDbAJOZMH?Qn}Kn0j~ovtGzsuC^BPX?425DQBTC{dzf_v15ZEK6$%ELw03
zoHm%j<r9`9YYruqht!IS?TtpJ<0Uik!+#x_z1s(U=XSG4PW`Q$?;e)v=>NZd<xp%q
af>$X$nNgFM{D4MLkb<nTOqrB%;Qs?mWOS+k

diff --git a/powerdnsadmin/static/img/user_image.png b/powerdnsadmin/static/img/user_image.png
new file mode 100644
index 0000000000000000000000000000000000000000..325b0ef853a5d2c5a89142c94904378828085d7b
GIT binary patch
literal 2718
zcmeHIi&Io(6hHT}kE>kV1!dVmahEL3!URPP5O+mvA&eBv6g5^&qRbIQkxJmgE+T4=
zsZ7V$K#quMh7*p9IC6nuN}F(N1QkRfnm|+7K$Q3Ge3y%;jZ=R>I|FCW_x-+ee&@M4
z3nNV~BRxj~fJ=B-XcPdAUuj?zDDI_P?m?kg9bpPZiJ$IyCFv+eB!n$X0&pHp{wUaY
zKnpN(PI&0t#VNIS>+dFx_8TK#cwy#qAwkK(w(SeGp?w*j`9+@7)t<h$DbmUJ&zu|8
zyK5pxh$jF4_h<&RVfPt*e$=bSio(W4RaK6bQ@{k?nKX4=!1AEnB;}_Nxap<r_NwXh
z4|Sz0cld%Q=zoojosJbVw>UfLu~?;gqBxvsyZau<%PZ4u?kbh<@A&D$Bo_pCos1nT
z-6Qz0D%~4o;M?UYGXhk^GDPXi0!gXq2!_HV219MrTpwmZ+S`mjn6DUG=*_Pky*EW@
ze^!FMkRXH8sZ&j=yw!Vq_NC<~om!Hi0MF!?vNwh&AFuOSlKtiPadH{NuRk8MG5l7w
z<!VA%donCOyu=dIano_rdrk3j$`gF|`coXhwo)}LXl8&F=6p~``-2|hDWHHwrfT3F
z9yGVS6@XJfVeb_hh3(+LHdYUOLdVTB{WA{y>^~h9P1V#%s=V$oxp^5meWy6DxD)e#
zUI}*K8o!fcjAm<h+aU!5z^8sQEv4x2V&Ortt=Ji}2}UPK7Ge;ZB16|?6m~`Q>$nXY
ztf~N=6Q#fZO!Ih%#|sLn9`UpUT^7nTfj>Yl>M}rz;*A>2>LWH^bm4ow@AX^N(c8be
zb*`Gi*+QEfV$k=~gv*61o7%@@rsmfK+8%77uD93!Ri-(6;M>hlx*(p)+iRERUix(`
z+U0j0Yn)*;qH*Lw#D`5A*{$Vo(p%2+#lVo*@DOQgcXs%t@WEW9$E;>SGO9hagPoYb
z+OL)84=7!L(8SOeG&N@g^_;jY=)qWd?6*<k@xiurv+2E6b@1`j_}l4r5eSY?&a!bE
zS$oUsq4&o6gZZUnOVTkFKfc?<kj!wS9!wig`7}*4PuRJ)N9T_x3Mj&Sqael6@U7CJ
zoxa*{5f32-N<=4~V5iLwRD&gofja|poq$qSKj#&kbvwv?oqIeOo$;Oly-Yj6zyID0
zv?xAC$KJdn`?GNraVJ{F{8QTu*54Vp@A>{7UF_^E)1@ExJda%~vH=L;8iy>6Yz02)
z^E0Kv6*?Jc6K=l?QLlFIi#$ZnUO$1J{ZosHO2+hXYIBzpu1z%ibj7i~jpANW##wc$
zi+eWt_hAI=Wrem6lWoZYV&7bdb}Rtw7#W+^vNM9SFMsb+KyyUk%nl*(7nMKoOV@K{
zn1qI9>-nnh*gw_<_V>S&N@Eo>&(MlF4Dk9@yj_V!`R|`x>e>WuV0YBTlg_59no(-t
z3M_B=VyE~z<TPf_DOOLEds!4J^J29`>5`+uH<;9@u&LHZlr*b2r-L_XbBWU6AtSKC
z2_9Bt;y4>IT7;3s<4U7ap_5k9pz_a~$6)`W@D3%h#-^)jZC%*}{E-7}ERD!Ujj{0#
z6C)~CX!#<7BU6msMq>#ZRUtS4+5x>xZ3%)WF1!P9k{>h0TyO<k3)sL#INMl5wK41y
zoH(*ga^)zVxI8-8jo8J`QuEgv;wkJ{+(CuC$|(<5(a__<-ZQ->X+v=YJ7`nHl6B-F
zIzoXniesQh$zr^)sCa9pm#U~xTf%M^2MRCAdL!cvh1}Vk`T}89`PX-}<Y_J?27p<>
zq=8v6WAy%Lp(3;LnxDuAA1#UYJ2kn}aAIk$m(vi;z0+;~B4J+E{Mv^wP4tvgBRUO>
zR}>7xTu-}I9}`wtDu-cl(UTYL?$OO$Q8*0KY<8<gO4;-49$G^#4Qr}CFDUOe+_5E;
zC`rb!6#;45E(N$94-m2^`P^uwBti||?rz5mgvK0a+ZrHC2BFfvtw_qSR;~c6LX+r0
z{etJ11U(Aj<)GEB&4S$?(mH-9RB?-%y_*FB3LzCINECKO?D#UDD$l$|dA$dnH<&CV
z-r+Z-#dTfRuAR04jLMy7XNe^pe99q$tz7FmF_BUS##~(~3&pOGcuB?+izi>4cLVpN
z$CeFbrb!is4HNrJ`MPJeUVM?W|3$aGVU&WCUOy_-JK97t>ff+0C1Q^Y?(W)8xsT2n
z*bGh2fp0rW4-Gq%{Qg6jW6$gM30+>m*sk^l4<+|e#}8Bb-wvhtLp#SB+-tU#&f2vV
Pc|iF5$k3A^=FGnV3?!(&

literal 0
HcmV?d00001

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 92e3a1cc9..85b2f8288 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -23,11 +23,7 @@
   {% endblock %}
 </head>
 <body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
-  {% if OFFLINE_MODE %}
-  {% set gravatar_url = url_for('static', filename='img/gravatar.png') %}
-  {% elif current_user.email is defined %}
-  {% set gravatar_url = current_user.email|email_to_gravatar_url(size=80) %}
-  {% endif %}
+{% set user_image_url = url_for('user.image', username=current_user.username) %}
 <div class="wrapper">
   {% block pageheader %}
   <header class="main-header">
@@ -51,14 +47,14 @@
           <!-- User Account: style can be found in dropdown.less -->
           <li class="dropdown user user-menu">
             <a href="#" class="dropdown-toggle" data-toggle="dropdown">
-              <img src="{{ gravatar_url }}" class="user-image {{ 'offline' if OFFLINE_MODE }}" alt="User Image"/>
+              <img src="{{ user_image_url }}" class="user-image" alt="User Image"/>
               <span class="hidden-xs">
                 {{ current_user.firstname }}
               </span>
             </a>
             <ul class="dropdown-menu">
                 <li class="user-header">
-                  <img src="{{ gravatar_url }}" class="img-circle {{ 'offline' if OFFLINE_MODE }}" alt="User Image"/>
+                  <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
                   <p>
                     {{ current_user.firstname }} {{ current_user.lastname }}
                     <small>{{ current_user.role.name }}</small>
@@ -89,7 +85,7 @@
     {% if current_user.id is defined %}
       <div class="user-panel">
         <div class="pull-left image">
-          <img src="{{ gravatar_url }}" class="img-circle" alt="User Image"/>
+          <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
         </div>
         <div class="pull-left info">
           <p>{{ current_user.firstname }} {{ current_user.lastname }}</p>

From b809308d31229649a26d1bfbc7e7b8a759b7d32b Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:01:51 +0200
Subject: [PATCH 045/475] Add LDAP user images

---
 powerdnsadmin/routes/user.py | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/powerdnsadmin/routes/user.py b/powerdnsadmin/routes/user.py
index 709156f83..65d7e084f 100644
--- a/powerdnsadmin/routes/user.py
+++ b/powerdnsadmin/routes/user.py
@@ -1,5 +1,7 @@
 import datetime
 import hashlib
+import imghdr
+import mimetypes
 
 from flask import Blueprint, request, render_template, make_response, jsonify, redirect, url_for, g, session, \
     current_app, after_this_request, abort
@@ -115,12 +117,33 @@ def add_cache_headers(response_):
             response_.cache_control.max_age = int(datetime.timedelta(days=1).total_seconds())
         return response_
 
+    def return_image(content, content_type=None):
+        """Return the given binary image content. Guess the type if not given."""
+        if not content_type:
+            guess = mimetypes.guess_type('example.' + imghdr.what(None, h=content))
+            if guess and guess[0]:
+                content_type = guess[0]
+
+        return content, 200, {'Content-Type': content_type}
+
     # To prevent "cache poisoning", the username query parameter is required
     if request.args.get('username', None) != current_user.username:
         abort(400)
 
     setting = Setting()
 
+    if session['authentication_type'] == 'LDAP':
+        search_filter = '(&({0}={1}){2})'.format(setting.get('ldap_filter_username'),
+                                                 current_user.username,
+                                                 setting.get('ldap_filter_basic'))
+        result = User().ldap_search(search_filter, setting.get('ldap_base_dn'))
+        if result and result[0] and result[0][0] and result[0][0][1]:
+            user_obj = result[0][0][1]
+            for key in ['jpegPhoto', 'thumbnailPhoto']:
+                if key in user_obj and user_obj[key] and user_obj[key][0]:
+                    current_app.logger.debug(f'Return {key} from ldap as user image')
+                    return return_image(user_obj[key][0])
+
     email = current_user.email
     if email and setting.get('gravatar_enabled'):
         hash_ = hashlib.md5(email.encode('utf-8')).hexdigest()

From 3a8ad7c4440fb84a9a74a013573215a530caf50c Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 27 May 2022 13:02:00 +0200
Subject: [PATCH 046/475] Remove OFFLINE_MODE config option

---
 configs/development.py          | 1 -
 configs/docker_config.py        | 2 --
 docker-compose.yml              | 1 -
 powerdnsadmin/__init__.py       | 5 -----
 powerdnsadmin/default_config.py | 1 -
 5 files changed, 10 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index cdced368a..d4bd24f23 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -7,7 +7,6 @@
 SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
-OFFLINE_MODE = False
 
 ### DATABASE CONFIG
 SQLA_DB_USER = 'pda'
diff --git a/configs/docker_config.py b/configs/docker_config.py
index 6666fc2ce..7019a34af 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -48,7 +48,6 @@
     'SAML_LOGOUT',
     'SAML_LOGOUT_URL',
     'SAML_ASSERTION_ENCRYPTED',
-    'OFFLINE_MODE',
     'REMOTE_USER_LOGOUT_URL',
     'REMOTE_USER_COOKIES',
     'SIGNUP_ENABLED',
@@ -73,7 +72,6 @@
     'SAML_WANT_MESSAGE_SIGNED',
     'SAML_LOGOUT',
     'SAML_ASSERTION_ENCRYPTED',
-    'OFFLINE_MODE',
     'REMOTE_USER_ENABLED',
     'SIGNUP_ENABLED',
     'LOCAL_DB_ENABLED',
diff --git a/docker-compose.yml b/docker-compose.yml
index e18d68376..123782786 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,4 +15,3 @@ services:
       - GUNICORN_TIMEOUT=60
       - GUNICORN_WORKERS=2
       - GUNICORN_LOGLEVEL=DEBUG
-      - OFFLINE_MODE=False # True for offline, False for external resources
diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index 3f68a5856..467b3cd00 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -117,9 +117,4 @@ def inject_setting():
         setting = Setting()
         return dict(SETTING=setting)
 
-    @app.context_processor
-    def inject_mode():
-        setting = app.config.get('OFFLINE_MODE', False)
-        return dict(OFFLINE_MODE=setting)
-
     return app
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 16b816185..d2aad5f2d 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,7 +8,6 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-OFFLINE_MODE = False
 FILESYSTEM_SESSIONS_ENABLED = False
 
 ### DATABASE CONFIG

From 9890ddfa6414af78985b26b61ffbe2726cf54e59 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sun, 19 Jun 2022 12:16:40 +0200
Subject: [PATCH 047/475] Fix rrset changelog for names with hyphen

When clicking the changelog button for a record with the name
`foo-bar.example.org`, the url you get redirected to is
`/domain/example.org/changelog/foo-bar.example.org.-A`. Because of the
non-greedy behaviour of the path converter, the last part gets split at
the *first* hyphen, so the example above gets wrongly dissected into
`record_name=foo` and `record_type=bar.example.org.-A`. This results
for obvious reasons in an empty changelog.

As described in rfc5395 [0], types have to be alphanumerical, so its
converter is changed from path to string.

The hyphen is one of the few characters recommended by rfc1035 [1],
so it is a bad choice as separator. The separator is instead changed to
a slash.
Granted, this does not entirely solve the issue but at least makes it a
lot less likely to happen. Plus, a lot more and other things break in
pda with slashes in names.

[0] https://datatracker.ietf.org/doc/html/rfc5395#section-3.1
[1] https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1
---
 powerdnsadmin/routes/domain.py      | 2 +-
 powerdnsadmin/templates/domain.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 3261264bc..556bc19ed 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -277,7 +277,7 @@ def changelog(domain_name):
 """
 Returns a changelog for a specific pair of (record_name, record_type)
 """
-@domain_bp.route('/<path:domain_name>/changelog/<path:record_name>-<path:record_type>', methods=['GET'])
+@domain_bp.route('/<path:domain_name>/changelog/<path:record_name>/<string:record_type>', methods=['GET'])
 @login_required
 @can_access_domain
 @history_access_required
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index d821e6ad4..f61696733 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -190,7 +190,7 @@ <h1>
 
     function show_record_changelog(record_name, record_type, e) {
         e.stopPropagation();
-        window.location.href = "/domain/{{domain.name}}/changelog/" + record_name + ".-" + record_type;
+        window.location.href = "/domain/{{domain.name}}/changelog/" + record_name + "./" + record_type;
     }
     // handle changelog button
     $(document.body).on("click", ".button_changelog", function(e) {

From 5036619a6765a4487c5bf674fc610c507543d79e Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 23 Jun 2022 22:31:00 +0200
Subject: [PATCH 048/475] Allow new domains to be absolute

Allow the new domain name to be input absolute (with a dot at the end).
To keep the rest of the logic working as-is, remove it fairly early in
the function.

Would have loved to use `str.removesuffix()` but that's python v3.9+.
---
 powerdnsadmin/routes/domain.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 3261264bc..105a18d3e 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -363,6 +363,9 @@ def add():
                     'errors/400.html',
                     msg="Please enter a valid domain name"), 400
 
+            if domain_name.endswith('.'):
+                domain_name = domain_name[:-1]
+
             # If User creates the domain, check some additional stuff
             if current_user.role.name not in ['Administrator', 'Operator']:
                 # Get all the account_ids of the user

From a88f4a66c63378802ab5e4eb091d786418fb8715 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Aug 2021 22:13:25 +0000
Subject: [PATCH 049/475] Bump path-parse from 1.0.5 to 1.0.7

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index e3b95c58a..f5e1d981a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -877,8 +877,9 @@ path-is-absolute@^1.0.0, path-is-absolute@^1.0.1:
   resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
 
 path-parse@^1.0.5:
-  version "1.0.5"
-  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.5.tgz#3c1adf871ea9cd6c9431b6ea2bd74a0ff055c4c1"
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
 path-platform@~0.11.15:
   version "0.11.15"

From 289faa501984d9fb30e0e862ddf1a77e36e2c8ed Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 Oct 2021 14:58:46 +0000
Subject: [PATCH 050/475] Bump jquery-ui from 1.12.1 to 1.13.0

Bumps [jquery-ui](https://github.com/jquery/jquery-ui) from 1.12.1 to 1.13.0.
- [Release notes](https://github.com/jquery/jquery-ui/releases)
- [Commits](https://github.com/jquery/jquery-ui/compare/1.12.1...1.13.0)

---
updated-dependencies:
- dependency-name: jquery-ui
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index f5e1d981a..2f21653d0 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -690,8 +690,11 @@ jquery-ui-dist@^1.12.1:
   resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.12.1.tgz#5c0815d3cc6f90ff5faaf5b268a6e23b4ca904fa"
 
 jquery-ui@^1.12.1:
-  version "1.12.1"
-  resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.12.1.tgz#bcb4045c8dd0539c134bc1488cdd3e768a7a9e51"
+  version "1.13.0"
+  resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.13.0.tgz#ab5ac65f37ca093c51b3478c4097f55bbc008f36"
+  integrity sha512-Osf7ECXNTYHtKBkn9xzbIf9kifNrBhfywFEKxOeB/OVctVmLlouV9mfc2qXCp6uyO4Pn72PXKOnj09qXetopCw==
+  dependencies:
+    jquery ">=1.8.0 <4.0.0"
 
 jquery.quicksearch@^2.4.0:
   version "2.4.0"
@@ -700,9 +703,10 @@ jquery.quicksearch@^2.4.0:
   dependencies:
     jquery ">=1.8"
 
-"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.5, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, jquery@^3.2.1:
-  version "3.3.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.3.1.tgz#958ce29e81c9790f31be7792df5d4d95fc57fbca"
+"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.5, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0", jquery@^3.2.1:
+  version "3.6.0"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.0.tgz#c72a09f15c1bdce142f49dbf1170bdf8adac2470"
+  integrity sha512-JVzAR/AjBvVt2BmYhxRCSYysDsPcssdmTFnzyLEts9qNwmjmu4JTAMYubEfwVOSwpQ1I1sKKFcxhZCI2buerfw==
 
 json-stable-stringify@~0.0.0:
   version "0.0.1"

From 34be2273812e33bbad9d2d253893837fd1f7b9d4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 27 Jan 2022 14:45:07 +0000
Subject: [PATCH 051/475] Bump cached-path-relative from 1.0.2 to 1.1.0

Bumps [cached-path-relative](https://github.com/ashaffer/cached-path-relative) from 1.0.2 to 1.1.0.
- [Release notes](https://github.com/ashaffer/cached-path-relative/releases)
- [Commits](https://github.com/ashaffer/cached-path-relative/commits)

---
updated-dependencies:
- dependency-name: cached-path-relative
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 2f21653d0..8b072501d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -299,9 +299,9 @@ builtin-status-codes@^3.0.0:
   resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
 
 cached-path-relative@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.0.2.tgz#a13df4196d26776220cc3356eb147a52dba2c6db"
-  integrity sha512-5r2GqsoEb4qMTTN9J+WzXfjov+hjxT+j3u5K+kIVNIwAd99DLCJE9pBIMP1qVeybV6JiijL385Oz0DcYxfbOIg==
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.1.0.tgz#865576dfef39c0d6a7defde794d078f5308e3ef3"
+  integrity sha512-WF0LihfemtesFcJgO7xfOoOcnWzY/QHR4qeDqV44jPU3HTI54+LnfXK3SA27AVVGCdZFgjjFFaqUA9Jx7dMJZA==
 
 charm@~0.1.0:
   version "0.1.2"

From 18150eea34043c0e732f5f536caff7c18348de21 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 9 Apr 2022 01:07:03 +0000
Subject: [PATCH 052/475] Bump moment from 2.22.2 to 2.29.2

Bumps [moment](https://github.com/moment/moment) from 2.22.2 to 2.29.2.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.22.2...2.29.2)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 8b072501d..3aa840437 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -817,14 +817,10 @@ module-deps@^6.0.0:
     through2 "^2.0.0"
     xtend "^4.0.0"
 
-moment@^2.24.0:
-  version "2.24.0"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.24.0.tgz#0d055d53f5052aa653c9f6eb68bb5d12bf5c2b5b"
-  integrity sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==
-
-moment@^2.9.0:
-  version "2.22.2"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.22.2.tgz#3c257f9839fc0e93ff53149632239eb90783ff66"
+moment@^2.24.0, moment@^2.9.0:
+  version "2.29.2"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
+  integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
 
 morris.js@^0.5.0:
   version "0.5.0"

From 41642fcea40c38342c03bcc6a6244157345917a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Sat, 28 May 2022 11:17:37 +0200
Subject: [PATCH 053/475] fix: Update JS minifier library

---
 powerdnsadmin/assets.py | 4 ++--
 requirements.txt        | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index e7c6354a0..233e23adf 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -24,7 +24,7 @@ def concat(self, out, hunks, **kw):
                   'node_modules/bootstrap/dist/js/bootstrap.js',
                   'node_modules/icheck/icheck.js',
                   'custom/js/custom.js',
-                  filters=(ConcatFilter, 'jsmin'),
+                  filters=(ConcatFilter, 'rjsmin'),
                   output='generated/login.js')
 
 js_validation = Bundle('node_modules/bootstrap-validator/dist/validator.js',
@@ -61,7 +61,7 @@ def concat(self, out, hunks, **kw):
                  'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
                  'custom/js/custom.js',
                  'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
-                 filters=(ConcatFilter, 'jsmin'),
+                 filters=(ConcatFilter, 'rjsmin'),
                  output='generated/main.js')
 
 assets = Environment()
diff --git a/requirements.txt b/requirements.txt
index ec2ecbbcd..cef0a76b9 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -16,7 +16,7 @@ gunicorn==20.0.4
 python3-saml
 pytz==2020.1
 cssmin==0.2.0
-jsmin==3.0.0
+rjsmin==1.2.0
 Authlib==0.15
 Flask-SeaSurf==1.1.1
 bravado-core==5.17.0
@@ -30,4 +30,4 @@ flask-session==0.3.2
 Jinja2==3.0.3
 itsdangerous==2.0.1
 werkzeug==2.0.3
-cryptography==36.0.2
\ No newline at end of file
+cryptography==36.0.2

From e7fbc7af376abe0e2015daf5c48ee7370dbad1e1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 22 Jun 2022 05:38:32 +0000
Subject: [PATCH 054/475] Bump shell-quote from 1.6.1 to 1.7.3

Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.6.1 to 1.7.3.
- [Release notes](https://github.com/substack/node-shell-quote/releases)
- [Changelog](https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md)
- [Commits](https://github.com/substack/node-shell-quote/compare/1.6.1...1.7.3)

---
updated-dependencies:
- dependency-name: shell-quote
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 22 +++-------------------
 1 file changed, 3 insertions(+), 19 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 3aa840437..a288bdb02 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -62,18 +62,6 @@ almond@~0.3.1:
   version "0.3.3"
   resolved "https://registry.yarnpkg.com/almond/-/almond-0.3.3.tgz#a0e7c95ac7624d6417b4494b1e68bff693168a20"
 
-array-filter@~0.0.0:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/array-filter/-/array-filter-0.0.1.tgz#7da8cf2e26628ed732803581fd21f67cacd2eeec"
-
-array-map@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/array-map/-/array-map-0.0.0.tgz#88a2bab73d1cf7bcd5c1b118a003f66f665fa662"
-
-array-reduce@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/array-reduce/-/array-reduce-0.0.0.tgz#173899d3ffd1c7d9383e4479525dbe278cab5f2b"
-
 asn1.js@^4.0.0:
   version "4.10.1"
   resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
@@ -1009,13 +997,9 @@ shasum@^1.0.0:
     sha.js "~2.4.4"
 
 shell-quote@^1.6.1:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.6.1.tgz#f4781949cce402697127430ea3b3c5476f481767"
-  dependencies:
-    array-filter "~0.0.0"
-    array-map "~0.0.0"
-    array-reduce "~0.0.0"
-    jsonify "~0.0.0"
+  version "1.7.3"
+  resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.7.3.tgz#aa40edac170445b9a431e17bb62c0b881b9c4123"
+  integrity sha512-Vpfqwm4EnqGdlsBFNmHhxhElJYrdfcxPThu+ryKS5J8L/fhAwLazFZtq+S+TWZ9ANj2piSQLGj6NQg+lKPmxrw==
 
 slimscroll@^0.9.1:
   version "0.9.1"

From 6a2ba1b1c3fa5d3876429a165b45fc1010f55251 Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <github@advantic.de>
Date: Tue, 28 Jun 2022 11:15:43 +0200
Subject: [PATCH 055/475] Add list to manage with an account associated domains

---
 powerdnsadmin/routes/admin.py                 | 43 +++++++--
 .../templates/admin_edit_account.html         | 92 ++++++++++++-------
 2 files changed, 95 insertions(+), 40 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index c5f28d15b..c8c953622 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -610,14 +610,24 @@ def manage_user():
 @operator_role_required
 def edit_account(account_name=None):
     users = User.query.all()
+    account = Account.query.filter(
+        Account.name == account_name).first()
+    all_accounts = Account.query.all()
+    accounts = {}
+    domains = Domain.query.all()
+
+    for acc in all_accounts:
+        accounts[acc.id] = acc
 
     if request.method == 'GET':
-        if account_name is None:
+        if account_name is None or not account:
             return render_template('admin_edit_account.html',
+                                   account=None,
                                    account_user_ids=[],
                                    users=users,
+                                   domains=domains,
+                                   accounts=accounts,
                                    create=1)
-
         else:
             account = Account.query.filter(
                 Account.name == account_name).first()
@@ -626,11 +636,14 @@ def edit_account(account_name=None):
                                    account=account,
                                    account_user_ids=account_user_ids,
                                    users=users,
+                                   domains=domains,
+                                   accounts=accounts,
                                    create=0)
 
     if request.method == 'POST':
         fdata = request.form
         new_user_list = request.form.getlist('account_multi_user')
+        new_domain_list = request.form.getlist('account_domains')
 
         # on POST, synthesize account and account_user_ids from form data
         if not account_name:
@@ -654,6 +667,8 @@ def edit_account(account_name=None):
                                        account=account,
                                        account_user_ids=account_user_ids,
                                        users=users,
+                                       domains=domains,
+                                       accounts=accounts,
                                        create=create,
                                        invalid_accountname=True)
 
@@ -662,19 +677,33 @@ def edit_account(account_name=None):
                                        account=account,
                                        account_user_ids=account_user_ids,
                                        users=users,
+                                       domains=domains,
+                                       accounts=accounts,
                                        create=create,
                                        duplicate_accountname=True)
 
             result = account.create_account()
-            history = History(msg='Create account {0}'.format(account.name),
-                              created_by=current_user.username)
-
         else:
             result = account.update_account()
-            history = History(msg='Update account {0}'.format(account.name),
-                              created_by=current_user.username)
 
         if result['status']:
+            account = Account.query.filter(
+                Account.name == account_name).first()
+            old_domains = Domain.query.filter(Domain.account_id == account.id).all()
+
+            for domain_name in new_domain_list:
+                domain = Domain.query.filter(
+                    Domain.name == domain_name).first()
+                if account.id != domain.account_id:
+                    Domain(name=domain_name).assoc_account(account.id)
+            
+            for domain in old_domains:
+                if domain.name not in new_domain_list:
+                    Domain(name=domain.name).assoc_account(None)
+
+            history = History(msg='{0} account {1}'.format('Create' if create else 'Update', account.name),
+                              created_by=current_user.username)
+
             account.grant_privileges(new_user_list)
             history.add()
             return redirect(url_for('admin.manage_account'))
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 1946bc926..ee8d1be6e 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -90,6 +90,28 @@ <h3 class="box-title">Access Control</h3>
                             </select>
                         </div>
                     </div>
+                    <div class="box-body">
+                        <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
+                            Moving already associated domains to this account will overwrite the previous associated account.
+                        </p>
+                        <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
+                        <div class="form-group col-xs-2">
+                            <select multiple="multiple" class="form-control" id="account_domains"
+                                name="account_domains">
+                                {% for domain in domains %}
+                                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                                        {% with account_id=domain.account_id %}
+                                            <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}"
+                                                value="{{ domain.name }}">{{ domain.name }}</option>
+                                        {% endwith %}
+                                    {% else %}
+                                        <option {% if account.id == domain.account_id %}selected{% endif %}
+                                            value="{{ domain.name }}">{{ domain.name }}</option>
+                                    {% endif %}
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
                     <div class="box-footer">
                         <button type="submit"
                             class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
@@ -127,40 +149,44 @@ <h3 class="box-title">Help with creating a new account</h3>
 {% endblock %}
 {% block extrascripts %}
 <script>
-    $("#account_multi_user").multiSelect({
-        selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        afterInit: function (ms) {
-            var that = this,
-                $selectableSearch = that.$selectableUl.prev(),
-                $selectionSearch = that.$selectionUl.prev(),
-                selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+    function addMultiSelect(id, placeholder) {
+        $(id).multiSelect({
+            selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                .on('keydown', function (e) {
-                    if (e.which === 40) {
-                        that.$selectableUl.focus();
-                        return false;
-                    }
-                });
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-            that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                .on('keydown', function (e) {
-                    if (e.which == 40) {
-                        that.$selectionUl.focus();
-                        return false;
-                    }
-                });
-        },
-        afterSelect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        },
-        afterDeselect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        }
-    });
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
+            },
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            },
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            }
+        });
+    }
+    addMultiSelect("#account_multi_user", "Username")
+    addMultiSelect("#account_domains", "Domain")
 </script>
 {% endblock %}

From cfab13824df74525a9b54f0549bbbc0acfa76ede Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <github@advantic.de>
Date: Tue, 28 Jun 2022 11:16:45 +0200
Subject: [PATCH 056/475] Add history entries for  association changes of
 domains

---
 powerdnsadmin/models/domain.py |  9 +++++++++
 powerdnsadmin/routes/admin.py  | 10 ++++++++++
 2 files changed, 19 insertions(+)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index bbd71e1cd..6db2d4084 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -2,6 +2,7 @@
 import re
 import traceback
 from flask import current_app
+from flask_login import current_user
 from urllib.parse import urljoin
 from distutils.util import strtobool
 
@@ -835,6 +836,7 @@ def assoc_account(self, account_id, update=True):
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
+        account_name_old = Account().get_name_by_id(domain.account_id)
         account_name = Account().get_name_by_id(account_id)
 
         post_data = {"account": account_name}
@@ -858,6 +860,13 @@ def assoc_account(self, account_id, update=True):
                     self.update()
                 msg_str = 'Account changed for domain {0} successfully'
                 current_app.logger.info(msg_str.format(domain_name))
+                history = History(msg='Update domain {0} associate account {1}'.format(domain.name, 'none' if account_name == '' else account_name),
+                              detail = json.dumps({
+                                    'assoc_account': 'None' if account_name == '' else account_name,
+                                    'dissoc_account': 'None' if account_name_old == '' else account_name_old
+                                }),
+                              created_by=current_user.username)
+                history.add()
                 return {'status': 'ok', 'msg': 'account changed successfully'}
 
         except Exception as e:
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index c8c953622..837e6d48e 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -919,6 +919,16 @@ def __init__(self, history, change_set):
                 ''',
                 history_status=DetailedHistory.get_key_val(detail_dict, 'status'),
                 history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
+        
+        elif 'Update domain' in history.msg and 'associate account' in history.msg: # When an account gets associated or dissociate with domains
+            self.detailed_msg = render_template_string('''
+                <table class="table table-bordered table-striped">
+                    <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
+                    <tr><td>Dissociate:</td><td>{{ history_dissoc_account }}</td></tr>
+                </table>
+                ''',
+                history_assoc_account=DetailedHistory.get_key_val(detail_dict, 'assoc_account'),
+                history_dissoc_account=DetailedHistory.get_key_val(detail_dict, 'dissoc_account'))
 
     # check for lower key as well for old databases
     @staticmethod

From 3c68b611c6f9676a97dca03c7b63e1f969048d03 Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <81569672+AdvanticGmbH@users.noreply.github.com>
Date: Wed, 29 Jun 2022 08:56:01 +0200
Subject: [PATCH 057/475] Update powerdnsadmin/routes/admin.py

Looks good to me

Co-authored-by: Corubba <97832352+corubba@users.noreply.github.com>
---
 powerdnsadmin/routes/admin.py | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 837e6d48e..ffba8af3f 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -613,12 +613,9 @@ def edit_account(account_name=None):
     account = Account.query.filter(
         Account.name == account_name).first()
     all_accounts = Account.query.all()
-    accounts = {}
+    accounts = {acc.id: acc for acc in all_accounts}
     domains = Domain.query.all()
 
-    for acc in all_accounts:
-        accounts[acc.id] = acc
-
     if request.method == 'GET':
         if account_name is None or not account:
             return render_template('admin_edit_account.html',

From 5f304ee29a37c78cae0990e91fe2e004ff490bf8 Mon Sep 17 00:00:00 2001
From: Phil Jaenke <prj@rootwyrm.com>
Date: Mon, 22 Aug 2022 20:40:17 -0400
Subject: [PATCH 058/475] Update to python-ldap 3.4.2

Minor version bump. This is necessary to resolve build issues on Alpine 3.16+ without impacts for any other distributions.
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index cef0a76b9..1fc2864b5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,7 +8,7 @@ mysqlclient==2.0.1
 configobj==5.0.6
 bcrypt>=3.1.7
 requests==2.24.0
-python-ldap==3.4.0
+python-ldap==3.4.2
 pyotp==2.4.0
 qrcode==6.1
 dnspython>=1.16.0

From 4383c337d4085ed485372d83876d50f9bd50ef6c Mon Sep 17 00:00:00 2001
From: Melchior NOGUES <m3lchior@gmail.com>
Date: Wed, 27 Jul 2022 11:35:47 +0200
Subject: [PATCH 059/475] fix: ldap type ad search user group when nested
 groups

---
 powerdnsadmin/models/user.py | 94 ++++++++++++++++++++----------------
 1 file changed, 52 insertions(+), 42 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 2f8b87c58..cb857c8c4 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -5,6 +5,7 @@
 import pyotp
 import ldap
 import ldap.filter
+from collections import OrderedDict
 from flask import current_app
 from flask_login import AnonymousUserMixin
 from sqlalchemy import orm
@@ -282,53 +283,62 @@ def is_validate(self, method, src_ip='', trust_user=False):
                                                 LDAP_USER_GROUP))
                                     return False
                             elif LDAP_TYPE == 'ad':
-                                ldap_admin_group_filter, ldap_operator_group, ldap_user_group = "", "", ""
-                                if LDAP_ADMIN_GROUP:
-                                    ldap_admin_group_filter = "(memberOf:1.2.840.113556.1.4.1941:={0})".format(LDAP_ADMIN_GROUP)
-                                if LDAP_OPERATOR_GROUP:
-                                    ldap_operator_group = "(memberOf:1.2.840.113556.1.4.1941:={0})".format(LDAP_OPERATOR_GROUP)
-                                if LDAP_USER_GROUP:
-                                    ldap_user_group = "(memberOf:1.2.840.113556.1.4.1941:={0})".format(LDAP_USER_GROUP)
-                                searchFilter = "(&({0}={1})(|{2}{3}{4}))".format(LDAP_FILTER_USERNAME, self.username,
-                                                                                 ldap_admin_group_filter,
-                                                                                 ldap_operator_group, ldap_user_group)
-                                ldap_result = self.ldap_search(searchFilter, LDAP_BASE_DN)
-                                user_ad_member_of = ldap_result[0][0][1].get(
-                                    'memberOf')
-
-                                if not user_ad_member_of:
+                                ldap_group_security_roles = OrderedDict(
+                                    Administrator=LDAP_ADMIN_GROUP,
+                                    Operator=LDAP_OPERATOR_GROUP,
+                                    User=LDAP_USER_GROUP,
+                                )
+                                user_dn = ldap_result[0][0][0]
+                                sf_groups = ""
+
+                                for group in ldap_group_security_roles.values():
+                                    if not group:
+                                        continue
+
+                                    sf_groups += f"(distinguishedName={group})"
+
+                                sf_member_user = f"(member:1.2.840.113556.1.4.1941:={user_dn})"
+                                search_filter = f"(&(|{sf_groups}){sf_member_user})"
+                                current_app.logger.debug(f"LDAP groupSearchFilter '{search_filter}'")
+
+                                ldap_user_groups = [
+                                    group[0][0]
+                                    for group in self.ldap_search(
+                                        search_filter,
+                                        LDAP_BASE_DN
+                                    )
+                                ]
+
+                                if not ldap_user_groups:
                                     current_app.logger.error(
-                                        'User {0} does not belong to any group while LDAP_GROUP_SECURITY_ENABLED is ON'
-                                        .format(self.username))
+                                        f"User '{self.username}' "
+                                        "does not belong to any group "
+                                        "while LDAP_GROUP_SECURITY_ENABLED is ON"
+                                    )
                                     return False
 
-                                user_ad_member_of = [g.decode("utf-8") for g in user_ad_member_of]
+                                current_app.logger.debug(
+                                    "LDAP User security groups "
+                                    f"for user '{self.username}': "
+                                    " ".join(ldap_user_groups)
+                                )
 
-                                if (LDAP_ADMIN_GROUP in user_ad_member_of):
-                                    role_name = 'Administrator'
-                                    current_app.logger.info(
-                                        'User {0} is part of the "{1}" group that allows admin access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_ADMIN_GROUP))
-                                elif (LDAP_OPERATOR_GROUP in user_ad_member_of):
-                                    role_name = 'Operator'
-                                    current_app.logger.info(
-                                        'User {0} is part of the "{1}" group that allows operator access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_OPERATOR_GROUP))
-                                elif (LDAP_USER_GROUP in user_ad_member_of):
+                                for role, ldap_group in ldap_group_security_roles.items():
+                                    # Continue when groups is not defined or
+                                    # user is'nt member of LDAP group
+                                    if not ldap_group or not ldap_group in ldap_user_groups:
+                                        continue
+
+                                    role_name = role
                                     current_app.logger.info(
-                                        'User {0} is part of the "{1}" group that allows user access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_USER_GROUP))
-                                else:
-                                    current_app.logger.error(
-                                        'User {0} is not part of the "{1}", "{2}" or "{3}" groups that allow access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_ADMIN_GROUP,
-                                                LDAP_OPERATOR_GROUP,
-                                                LDAP_USER_GROUP))
-                                    return False
+                                        f"User '{self.username}' member of "
+                                        f"the '{ldap_group}' group that allows "
+                                        f"'{role}' access to to PowerDNS-Admin"
+                                    )
+
+                                    # Stop loop on first found
+                                    break
+
                             else:
                                 current_app.logger.error('Invalid LDAP type')
                                 return False

From 9bf74a6baf1cb6d375fd1cb08a68a472243e5892 Mon Sep 17 00:00:00 2001
From: Pascal de Bruijn <pascal.debruijn@dustin.nl>
Date: Tue, 6 Sep 2022 15:25:28 +0200
Subject: [PATCH 060/475] admin_edit_key: default to User role for new api keys

hopefully this will prevent accidental administator api keys from being created
---
 powerdnsadmin/templates/admin_edit_key.html | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 7c8ca17d7..6a9434025 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 {% set active_page = "admin_keys" %}
-{% if create or (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
+{% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
 {% block title %}
 <title>Edit Key - {{ SITE_NAME }}</title>
 {% endblock %}
@@ -39,7 +39,9 @@ <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
                             <select class="key_role form-control" id="key_role" name="key_role">
                                 {% for role in roles %}
                                 <option value="{{ role.name }}"
-                                {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}>{{ role.name }}</option>
+                                {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
+                                {% if (key is none) and (role.name=="User") %}selected{% endif %}
+                                >{{ role.name }}</option>
                                 {% endfor %}
                             </select>
                         </div>

From 4fd1b1001847eaef73b3da9a222c011068a3b2b7 Mon Sep 17 00:00:00 2001
From: Pascal de Bruijn <pascal.debruijn@dustin.nl>
Date: Tue, 6 Sep 2022 15:31:43 +0200
Subject: [PATCH 061/475] models/user.py: properly guard plain_text_password
 property

Resolves the following issue, which occurs with force_otp enabled
and OAuth authentication sources:

File "/srv/powerdnsadmin/powerdnsadmin/models/user.py", line 481, in update_profile
  "utf-8") if self.plain_text_password else user.password
AttributeError: 'User' object has no attribute 'plain_text_password'
---
 powerdnsadmin/models/user.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 2f8b87c58..1ac7b6026 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -107,7 +107,7 @@ def get_hashed_password(self, plain_text_password=None):
 
     def check_password(self, hashed_password):
         # Check hashed password. Using bcrypt, the salt is saved into the hash itself
-        if (self.plain_text_password):
+        if hasattr(self, "plain_text_password"):
             return bcrypt.checkpw(self.plain_text_password.encode('utf-8'),
                                   hashed_password.encode('utf-8'))
         return False
@@ -423,7 +423,7 @@ def create_local_user(self):
                 name='Administrator').first().id
 
         self.password = self.get_hashed_password(
-            self.plain_text_password) if self.plain_text_password else '*'
+            self.plain_text_password) if hasattr(self, "plain_text_password") else '*'
 
         if self.password and self.password != '*':
             self.password = self.password.decode("utf-8")
@@ -459,7 +459,7 @@ def update_local_user(self):
         user.email = self.email
 
         # store new password hash (only if changed)
-        if self.plain_text_password:
+        if hasattr(self, "plain_text_password"):
             user.password = self.get_hashed_password(
                 self.plain_text_password).decode("utf-8")
 
@@ -478,7 +478,7 @@ def update_profile(self, enable_otp=None):
         user.lastname = self.lastname if self.lastname else user.lastname
         user.password = self.get_hashed_password(
             self.plain_text_password).decode(
-                "utf-8") if self.plain_text_password else user.password
+                "utf-8") if hasattr(self, "plain_text_password") else user.password
 
         if self.email:
             # Can not update to a new email that

From 41a39958656fb49b17e61db721917c1a7cf2eee6 Mon Sep 17 00:00:00 2001
From: Pascal de Bruijn <pascal.debruijn@dustin.nl>
Date: Tue, 6 Sep 2022 16:28:45 +0200
Subject: [PATCH 062/475] routes/index.py: otp_force shouldn't apply to OAuth

as 2FA policies are typically enforced on the OAuth proviers end

Relates to #1051
---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 3a6f55cf9..3cb365dc6 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -580,7 +580,7 @@ def get_azure_groups(uri):
 def authenticate_user(user, authenticator, remember=False):
     login_user(user, remember=remember)
     signin_history(user.username, authenticator, True)
-    if Setting().get('otp_force') and Setting().get('otp_field_enabled') and not user.otp_secret:
+    if Setting().get('otp_force') and Setting().get('otp_field_enabled') and not user.otp_secret and session['authentication_type'] not in ['OAuth']:
         user.update_profile(enable_otp=True)
         user_id = current_user.id
         prepare_welcome_user(user_id)

From 846c03f154ff9953641628e33632f4ba951b8bf9 Mon Sep 17 00:00:00 2001
From: Pascal de Bruijn <pascal.debruijn@dustin.nl>
Date: Wed, 7 Sep 2022 14:23:34 +0200
Subject: [PATCH 063/475] models/user.py: add non-zero valid_window to
 totp.verify

PyOTP's totp.verify defaults to the valid_window of zero, which means
it will reject valid codes, if submitted just past the 30 sec window.
It also means, users will run into authentication issues very quickly
if their phones time-sync isn't perfect.

Therefore valid_window should at the very least be 1 or more, settting
it higher trades security for robustness, especially with regard to
time desync issues.
---
 powerdnsadmin/models/user.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 2f8b87c58..228f8f31a 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -94,7 +94,7 @@ def get_totp_uri(self):
 
     def verify_totp(self, token):
         totp = pyotp.TOTP(self.otp_secret)
-        return totp.verify(token)
+        return totp.verify(token, valid_window = 5)
 
     def get_hashed_password(self, plain_text_password=None):
         # Hash a password for the first time

From cb835978dfef4f390738db81239a9d9d171c76c1 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 23 Sep 2022 00:19:22 +0200
Subject: [PATCH 064/475] Fix order of operations in api payload

PDNS checks that when a `CNAME` rrset is created that no other rrset of
the same name but a different rtype exists. When changing a record type
to `CNAME`, PDA will send two operations in one api call to PDNS: A
deletion of the old rrset, and the addition of the new rrset. For the
check in PDNS to pass, the deletion needs to happen before the addition.
Before PR #1201 that was the case, the first api call did deletions and
the second handled additions and changes. Currently the api payload
contains additions first and deletions last. PDNS applies these in the
order they are passed in the payload to the api, so to restore the
original/correct/working behaviour the order of operations in the api
payload has to be reversed.

fixes #1251
---
 powerdnsadmin/models/record.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index b5e3050fd..b6c3f5469 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -337,7 +337,8 @@ def delete_for_api(rrset):
         replaces = [replace_for_api(r) for r in new_rrsets]
         deletes = [delete_for_api(r) for r in del_rrsets if not rrset_in(r, replaces)]
         return {
-            'rrsets': replaces + deletes
+            # order matters: first deletions, then additions+changes
+            'rrsets': deletes + replaces
         }
 
     def apply(self, domain_name, submitted_records):

From d25a22272eb1ee589ca9425b77ebc49f4b177478 Mon Sep 17 00:00:00 2001
From: WhatshallIbreaktoday
 <75358410+WhatshallIbreaktoday@users.noreply.github.com>
Date: Wed, 12 Oct 2022 08:10:35 +0200
Subject: [PATCH 065/475] allow null/None JSON data

This change permits to proxy pdns zone notify api requests (which are expected to be with empty body)
---
 powerdnsadmin/lib/helper.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/lib/helper.py b/powerdnsadmin/lib/helper.py
index a5925ef84..1b5a08264 100644
--- a/powerdnsadmin/lib/helper.py
+++ b/powerdnsadmin/lib/helper.py
@@ -14,9 +14,9 @@ def forward_request():
     msg_str = "Sending request to powerdns API {0}"
 
     if request.method != 'GET' and request.method != 'DELETE':
-        msg = msg_str.format(request.get_json(force=True))
+        msg = msg_str.format(request.get_json(force=True, silent=True))
         current_app.logger.debug(msg)
-        data = request.get_json(force=True)
+        data = request.get_json(force=True, silent=True)
 
     verify = False
 

From d88da0fde3d4691420c376b48b228246a51db69a Mon Sep 17 00:00:00 2001
From: jbe-dw <50663045+jbe-dw@users.noreply.github.com>
Date: Fri, 14 Oct 2022 15:33:33 +0200
Subject: [PATCH 066/475] Update API.md

---
 docs/API.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/API.md b/docs/API.md
index d7e3732e0..7514d5c80 100644
--- a/docs/API.md
+++ b/docs/API.md
@@ -11,6 +11,8 @@
 
 #### Accessing the API
 
+PDA has its own API, that should not be confused with the PowerDNS API. Keep in mind that you have to enable PowerDNS API with a key that will be used by PDA to manage it. Therefore, you should use PDA created keys to browse PDA's API, on PDA's adress and port. They don't grant access to PowerDNS' API.
+
 The PDA API consists of two distinct parts:
 
 - The /powerdnsadmin endpoints manages PDA content (accounts, users, apikeys) and also allow domain creation/deletion

From 25ebbf132c16f0068b7b44759ab8a83e0aa38635 Mon Sep 17 00:00:00 2001
From: Will Rouesnel <wrouesnel@wrouesnel.com>
Date: Fri, 4 Nov 2022 11:59:59 +1100
Subject: [PATCH 067/475] Fix handling of passwords with % in the
 SQLALCHEMY_DATABASE_URI

Fix Flask-Migrate ValueError from occurring when a password has '%'
characters in it when specified via SQLALCHEMY_DATABASE_URI.
---
 migrations/env.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/migrations/env.py b/migrations/env.py
index 6a10e6d55..4742e1418 100755
--- a/migrations/env.py
+++ b/migrations/env.py
@@ -19,7 +19,7 @@
 # target_metadata = mymodel.Base.metadata
 from flask import current_app
 config.set_main_option('sqlalchemy.url',
-                       current_app.config.get('SQLALCHEMY_DATABASE_URI'))
+                       current_app.config.get('SQLALCHEMY_DATABASE_URI').replace("%","%%"))
 target_metadata = current_app.extensions['migrate'].db.metadata
 
 # other values from the config, defined by the needs of env.py,

From 3cdf2b6b7c058b74861c2338e45f3cbf48d62744 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 8 Dec 2022 10:52:02 -0500
Subject: [PATCH 068/475] Added current wiki content to project files for
 ongoing maintenance. Existing wiki will be updated with a link reference to
 the wiki files.

---
 ...ory-Authentication-using-Group-Security.md |  34 ++++
 docs/wiki/DynDNS2.md                          |  15 ++
 docs/wiki/Home.md                             |  22 +++
 .../Install-PowerDNS-Admin-in-Fedora-23.md    |   1 +
 ...-or-MariaDB-Database-for-PowerDNS-Admin.md |  22 +++
 ...g-PowerDNS-Admin-as-a-service-(Systemd).md |  72 +++++++
 .../Running-PowerDNS-Admin-on-Centos-7.md     | 100 ++++++++++
 .../Running-PowerDNS-Admin-on-Fedora-30.md    |  83 ++++++++
 ...ning-PowerDNS-Admin-on-Ubuntu-or-Debian.md |  94 +++++++++
 ...dmin-with-Systemd,-Gunicorn--and--Nginx.md | 181 ++++++++++++++++++
 ...Admin-with-Systemd,-Gunicorn-and-Apache.md |  97 ++++++++++
 docs/wiki/Running-on-FreeBSD.md               | 102 ++++++++++
 docs/wiki/Supervisord-example.md              |  18 ++
 docs/wiki/Systemd-example.md                  |  50 +++++
 .../Using-PowerDNS-Admin-with-PostgreSQL.md   |  38 ++++
 docs/wiki/WSGI-Apache-example.md              | 100 ++++++++++
 .../fullscreen-dashboard.png                  | Bin 0 -> 70522 bytes
 .../fullscreen-domaincreate.png               | Bin 0 -> 115626 bytes
 .../fullscreen-domainmanage.png               | Bin 0 -> 61219 bytes
 .../readme_screenshots/fullscreen-login.png   | Bin 0 -> 15454 bytes
 docs/wiki/images/webui/create.jpg             | Bin 0 -> 32990 bytes
 docs/wiki/images/webui/index.jpg              | Bin 0 -> 27513 bytes
 docs/wiki/images/webui/login.jpg              | Bin 0 -> 27845 bytes
 docs/wiki/uWSGI-example.md                    |  49 +++++
 24 files changed, 1078 insertions(+)
 create mode 100644 docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md
 create mode 100644 docs/wiki/DynDNS2.md
 create mode 100644 docs/wiki/Home.md
 create mode 100644 docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
 create mode 100644 docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
 create mode 100644 docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
 create mode 100644 docs/wiki/Running-on-FreeBSD.md
 create mode 100644 docs/wiki/Supervisord-example.md
 create mode 100644 docs/wiki/Systemd-example.md
 create mode 100644 docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md
 create mode 100644 docs/wiki/WSGI-Apache-example.md
 create mode 100644 docs/wiki/images/readme_screenshots/fullscreen-dashboard.png
 create mode 100644 docs/wiki/images/readme_screenshots/fullscreen-domaincreate.png
 create mode 100644 docs/wiki/images/readme_screenshots/fullscreen-domainmanage.png
 create mode 100644 docs/wiki/images/readme_screenshots/fullscreen-login.png
 create mode 100644 docs/wiki/images/webui/create.jpg
 create mode 100644 docs/wiki/images/webui/index.jpg
 create mode 100644 docs/wiki/images/webui/login.jpg
 create mode 100644 docs/wiki/uWSGI-example.md

diff --git a/docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md b/docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md
new file mode 100644
index 000000000..417bdc339
--- /dev/null
+++ b/docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md
@@ -0,0 +1,34 @@
+Active Directory Setup - Tested with Windows Server 2012
+
+1) Login as an admin to PowerDNS Admin
+
+2) Go to Settings --> Authentication 
+
+3) Under Authentication, select LDAP
+
+4) Click the Radio Button for Active Directory
+
+5) Fill in the required info -
+
+* LDAP URI - ldap://ip.of.your.domain.controller:389
+* LDAP Base DN - dc=youdomain,dc=com
+* Active Directory domain - yourdomain.com
+* Basic filter - (objectCategory=person)
+  * the brackets here are **very important**
+* Username field - sAMAccountName
+* GROUP SECURITY - Status - On
+* Admin group - CN=Your_AD_Admin_Group,OU=Your_AD_OU,DC=yourdomain,DC=com
+* Operator group - CN=Your_AD_Operator_Group,OU=Your_AD_OU,DC=yourdomain,DC=com
+* User group - CN=Your_AD_User_Group,OU=Your_AD_OU,DC=yourdomain,DC=com
+
+6) Click Save
+
+7) Logout and re-login as an LDAP user from each of the above groups.
+
+If you're having problems getting the correct information for your groups, the following tool can be useful -
+
+https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer
+
+In our testing, groups with spaces in the name did not work, we had to create groups with underscores to get everything operational. 
+
+YMMV
diff --git a/docs/wiki/DynDNS2.md b/docs/wiki/DynDNS2.md
new file mode 100644
index 000000000..2fbd9aecd
--- /dev/null
+++ b/docs/wiki/DynDNS2.md
@@ -0,0 +1,15 @@
+Usage:  
+IPv4: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.domain.tld&myip=127.0.0.1  
+IPv6: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.domain.tld&myip=::1  
+Multiple IPs: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.domain.tld&myip=127.0.0.1,127.0.0.2,::1,::2
+
+- user needs to be a LOCAL user, not LDAP etc
+- user must have already logged-in
+- user needs to be added to Domain Access Control list of domain.tld - admin status (manage all) does not suffice
+- record has to exist already - unless on-demand creation is allowed
+- ipv4 address in myip field will change A record
+- ipv6 address in myip field will change AAAA record
+- use commas to separate multiple IP addresses in the myip field, mixing v4 & v6 is allowed
+
+DynDNS also works without authentication header (user:pass@) when already authenticated via session cookie from /login, even with external auth like LDAP.
+However Domain Access Control restriction still applies.
\ No newline at end of file
diff --git a/docs/wiki/Home.md b/docs/wiki/Home.md
new file mode 100644
index 000000000..7902a9757
--- /dev/null
+++ b/docs/wiki/Home.md
@@ -0,0 +1,22 @@
+Welcome to the PowerDNS-Admin wiki!
+
+## Preparation guides
+- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin)
+- [Using PowerDNS-Admin with PostgreSQL](Using-PowerDNS-Admin-with-PostgreSQL)
+
+## Installation guides
+- [Running PowerDNS Admin on Ubuntu or Debian](Running-PowerDNS-Admin-on-Ubuntu-or-Debian)
+- [Running PowerDNS-Admin in Centos 7](Running-PowerDNS-Admin-on-Centos-7)
+- [Running PowerDNS-Admin in Fedora 30](Running-PowerDNS-Admin-on-Fedora-30)
+- [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](Running-on-FreeBSD)
+
+## Web Server configuration
+- [Supervisord](Supervisord-example)
+- [Systemd](Systemd-example)
+- [Systemd + Gunicorn + Nginx](Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx)
+- [Systemd + Gunicorn + Apache](Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache)
+- [uWSGI](uWSGI-example)
+- [WSGI-Apache](WSGI-Apache-example)
+
+## Feature usage
+- [DynDNS2](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/DynDNS2)
\ No newline at end of file
diff --git a/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md b/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
new file mode 100644
index 000000000..7f876ff86
--- /dev/null
+++ b/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
@@ -0,0 +1 @@
+Please refer to CentOS guide: https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
\ No newline at end of file
diff --git a/docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md b/docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
new file mode 100644
index 000000000..774d3e36d
--- /dev/null
+++ b/docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
@@ -0,0 +1,22 @@
+This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
+
+### Step-by-step instructions
+1. ivan@ubuntu:~$ `mysql -u root -p` (then enter your MySQL/MariaDB root users password)
+2. mysql> `CREATE DATABASE powerdnsadmin CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;`
+3. mysql> `GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd';`
+4. mysql> `FLUSH PRIVILEGES;`
+5. mysql> `quit`
+
+**NOTE:**
+
+If you plan to manage large zones, you may encounter some issues while applying changes.
+This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.
+
+Using MySQL/MariaDB, this column is created by default as TEXT and thus limited to 65,535 characters.
+
+_Solution_:
+
+Convert the column to MEDIUMTEXT: 
+
+* `USE powerdnsadmin;`
+* `ALTER TABLE history MODIFY detail MEDIUMTEXT;`
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md b/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
new file mode 100644
index 000000000..df0117922
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
@@ -0,0 +1,72 @@
+***
+**WARNING**  
+This just uses the development server for testing purposes. For production environments you should probably go with a more robust solution, like [gunicorn](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) or a WSGI server. 
+***
+
+### Following example shows a systemd unit file that can run PowerDNS-Admin
+
+You shouldn't run PowerDNS-Admin as _root_, so let's start of with the user/group creation that will later run PowerDNS-Admin:
+
+Create a new group for PowerDNS-Admin:
+
+> sudo groupadd powerdnsadmin
+
+Create a user for PowerDNS-Admin:
+
+> sudo useradd --system -g powerdnsadmin powerdnsadmin
+
+_`--system` creates a user without login-shell and password, suitable for running system services._
+
+Create new systemd service file:
+
+> sudo vim /etc/systemd/system/powerdns-admin.service
+
+General example:
+```
+[Unit]
+Description=PowerDNS-Admin
+After=network.target
+
+[Service]
+Type=simple
+User=powerdnsadmin
+Group=powerdnsadmin
+ExecStart=/opt/web/powerdns-admin/flask/bin/python ./run.py
+WorkingDirectory=/opt/web/powerdns-admin
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Debian example:
+```
+[Unit]
+Description=PowerDNS-Admin
+After=network.target
+
+[Service]
+Type=simple
+User=powerdnsadmin
+Group=powerdnsadmin
+Environment=PATH=/opt/web/powerdns-admin/flask/bin
+ExecStart=/opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/run.py
+WorkingDirectory=/opt/web/powerdns-admin
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+```
+Before starting the service, we need to make sure that the new user can work on the files in the PowerDNS-Admin folder:
+> chown -R powerdnsadmin:powerdnsadmin /opt/web/powerdns-admin
+
+After saving the file, we need to reload the systemd daemon:
+> sudo systemctl daemon-reload
+
+We can now try to start the service:
+> sudo systemctl start powerdns-admin
+
+If you would like to start PowerDNS-Admin automagically at startup enable the service:
+> systemctl enable powerdns-admin
+
+Should the service not be up by now, consult your syslog. Generally this will be a file permission issue, or python not finding it's modules. See the Debian unit example to see how you can use systemd in a python `virtualenv`
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md b/docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md
new file mode 100644
index 000000000..e61485ad0
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md
@@ -0,0 +1,100 @@
+```
+NOTE: If you are logged in as User and not root, add "sudo", or get root by sudo -i.
+```
+<br>
+
+**Remove old Python 3.4**<br>
+If you had it installed because of older instructions<br>
+```
+yum remove python34*
+yum autoremove
+```
+<br>
+
+## Install required packages
+**Install needed repositories:**
+<br>
+```
+yum install epel-release
+yum install https://repo.ius.io/ius-release-el7.rpm https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
+```
+
+**Install Python 3.6 and tools**
+```
+yum install python3 python3-devel python3-pip
+pip3.6 install -U pip
+pip install -U virtualenv
+```
+
+**Install required packages for building python libraries from requirements.txt file**
+```
+--> NOTE: I am using MySQL Community server as the database backend.
+          So `mysql-community-devel` is required. For MariaDB,
+          and PostgreSQL the required package will be different.
+```
+
+If you use MariaDB ( from [MariaDB repositories](https://mariadb.com/resources/blog/installing-mariadb-10-on-centos-7-rhel-7/) )
+
+```
+yum install gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
+```
+
+If you use default Centos mariadb (5.5)
+```
+yum install gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
+```
+
+
+**Install yarn to build asset files + Nodejs 14**
+```
+curl -sL https://rpm.nodesource.com/setup_14.x | bash -
+curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
+yum install yarn
+```
+<br>
+
+## Checkout source code and create virtualenv
+NOTE: Please adjust `/opt/web/powerdns-admin` to your local web application directory
+
+```
+git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
+cd /opt/web/powerdns-admin
+virtualenv -p python3 flask
+```
+
+Activate your python3 environment and install libraries:
+```
+. ./flask/bin/activate
+pip install python-dotenv
+pip install -r requirements.txt
+```
+<br>
+
+## Running PowerDNS-Admin
+NOTE: The default config file is located at `./powerdnsadmin/default_config.py`. If you want to load another one, please set the `FLASK_CONF` environment variable. E.g.
+```bash
+export FLASK_CONF=../configs/development.py
+```
+
+**Then create the database schema by running:**
+```
+export FLASK_APP=powerdnsadmin/__init__.py
+flask db upgrade
+```
+
+**Also, we should generate asset files:**
+```
+yarn install --pure-lockfile
+flask assets build
+```
+
+**Now you can run PowerDNS-Admin by command:**
+```
+./run.py
+```
+
+Open your web browser and access to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register an user. The first user will be in Administrator role.
+
+At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.
+
+_**Note:**_ For production environment, i would recommend you to run PowerDNS-Admin with gunicorn or uwsgi instead of flask's built-in web server, take a look at WIKI page to see how to configure them.
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md
new file mode 100644
index 000000000..e3b23ea21
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md
@@ -0,0 +1,83 @@
+```
+NOTE: If you are logged in as User and not root, add "sudo", or get root by sudo -i.
+      Normally under centos you are anyway mostly root.
+```
+<br>
+
+## Install required packages
+
+**Install Python and requirements**
+```bash
+dnf install python37 python3-devel python3-pip
+```
+**Install Backend and Environment prerequisites**
+```bash
+dnf install mariadb-devel mariadb-common openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
+```
+**Install Development tools**
+```bash
+dnf install gcc gc make
+```
+**Install PIP**
+```bash
+pip3.7 install -U pip
+```
+**Install Virtual Environment**
+```bash
+pip install -U virtualenv
+```
+
+**Install Yarn for building NodeJS asset files:**
+```bash
+dnf install npm
+npm install yarn -g
+```
+
+## Clone the PowerDNS-Admin repository to the installation path:
+```bash
+cd /opt/web/
+git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git powerdns-admin
+```
+
+**Prepare the Virtual Environment:**
+```bash
+cd /opt/web/powerdns-admin
+virtualenv -p python3 flask
+```
+**Activate the Python Environment and install libraries**
+```bash
+. ./flask/bin/activate
+pip install python-dotenv
+pip install -r requirements.txt
+```
+
+## Running PowerDNS-Admin
+
+NOTE: The default config file is located at `./powerdnsadmin/default_config.py`. If you want to load another one, please set the `FLASK_CONF` environment variable. E.g.
+```bash
+export FLASK_CONF=../configs/development.py
+```
+
+**Then create the database schema by running:**
+```
+(flask) [khanh@localhost powerdns-admin] export FLASK_APP=powerdnsadmin/__init__.py
+(flask) [khanh@localhost powerdns-admin] flask db upgrade
+```
+
+**Also, we should generate asset files:**
+```
+(flask) [khanh@localhost powerdns-admin] yarn install --pure-lockfile
+(flask) [khanh@localhost powerdns-admin] flask assets build
+```
+
+**Now you can run PowerDNS-Admin by command:**
+```
+(flask) [khanh@localhost powerdns-admin] ./run.py
+```
+
+Open your web browser and access to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register an user. The first user will be in Administrator role.
+
+At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.
+
+_**Note:**_ For production environment, i recommend to run PowerDNS-Admin with WSGI over Apache instead of flask's built-in web server...  
+ Take a look at [WSGI Apache Example](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/WSGI-Apache-example#fedora) WIKI page to see how to configure it.
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
new file mode 100644
index 000000000..1cdda78e3
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -0,0 +1,94 @@
+## Install required packages
+
+**Install Python 3 development package**
+
+```bash
+sudo apt install python3-dev
+```
+
+**Install required packages for building python libraries from requirements.txt file**
+
+```bash
+sudo apt install -y git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv build-essential curl
+```
+
+_**Note:**_ I am using MySQL Community server as the database backend. So `libmysqlclient-dev` is required. For MariaDB, and PostgreSQL the required package will be difference.
+
+** Install Maria or MySQL (ONLY if not ALREADY installed)**
+```bash
+sudo apt install mariadb-server mariadb-client
+```
+Create database and user using mysql command and entering 
+```bash
+>create database pda;
+>grant all privileges on pda.* TO 'pda'@'localhost' identified by 'YOUR_PASSWORD_HERE';
+>flush privileges;
+```
+**Install NodeJs**
+
+```bash
+curl -sL https://deb.nodesource.com/setup_14.x | bash -
+apt install -y nodejs
+```
+
+**Install yarn to build asset files**
+
+```bash
+sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
+echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
+sudo apt update -y
+sudo apt install -y yarn
+```
+
+## Checkout source code and create virtualenv
+_**Note:**_ Please adjust `/opt/web/powerdns-admin` to your local web application directory
+
+```bash
+git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
+cd /opt/web/powerdns-admin
+python3 -mvenv ./venv
+```
+
+Activate your python3 environment and install libraries:
+
+```bash
+source ./venv/bin/activate
+pip install --upgrade pip
+pip install -r requirements.txt
+```
+
+
+
+## Running PowerDNS-Admin
+
+Create PowerDNS-Admin config file and make the changes necessary for your use case. Make sure to change `SECRET_KEY` to a long random string that you generated yourself ([see Flask docs](https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)), do not use the pre-defined one. E.g.:
+
+```bash
+cp /opt/web/powerdns-admin/configs/development.py /opt/web/powerdns-admin/configs/production.py
+vim /opt/web/powerdns-admin/configs/production.py
+export FLASK_CONF=../configs/production.py
+```
+
+Do the DB migration
+
+```bash
+export FLASK_APP=powerdnsadmin/__init__.py
+flask db upgrade
+```
+
+Then generate asset files
+
+```bash
+yarn install --pure-lockfile
+flask assets build
+```
+
+Now you can run PowerDNS-Admin by command
+
+```bash
+./run.py
+```
+
+Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
+
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md b/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
new file mode 100644
index 000000000..57725bc16
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
@@ -0,0 +1,181 @@
+Following is an example showing how to run PowerDNS-Admin with systemd, gunicorn and nginx:
+
+## Configure PowerDNS-Admin
+
+Create PowerDNS-Admin config file and make the changes necessary for your use case. Make sure to change `SECRET_KEY` to a long random string that you generated yourself ([see Flask docs](https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)), do not use the pre-defined one.
+```
+$ cp /opt/web/powerdns-admin/configs/development.py /opt/web/powerdns-admin/configs/production.py
+$ vim /opt/web/powerdns-admin/configs/production.py
+```
+
+## Configure systemd service
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.service`
+
+```
+[Unit]
+Description=PowerDNS-Admin
+Requires=powerdns-admin.socket
+After=network.target
+
+[Service]
+PIDFile=/run/powerdns-admin/pid
+User=pdns
+Group=pdns
+WorkingDirectory=/opt/web/powerdns-admin
+ExecStartPre=+mkdir -p /run/powerdns-admin/
+ExecStartPre=+chown pdns:pdns -R /run/powerdns-admin/
+ExecStart=/usr/local/bin/gunicorn --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket 'powerdnsadmin:create_app()'
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target
+```
+
+`$ sudo systemctl edit powerdns-admin.service`
+
+```
+[Service]
+Environment="FLASK_CONF=../configs/production.py"
+```
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.socket`
+
+```
+[Unit]
+Description=PowerDNS-Admin socket
+
+[Socket]
+ListenStream=/run/powerdns-admin/socket
+
+[Install]
+WantedBy=sockets.target
+```
+
+`$ sudo vim /etc/tmpfiles.d/powerdns-admin.conf`
+
+```
+d /run/powerdns-admin 0755 pdns pdns -
+```
+
+Then `sudo systemctl daemon-reload; sudo systemctl start powerdns-admin.socket; sudo systemctl enable powerdns-admin.socket` to start the Powerdns-Admin service and make it run on boot.
+
+## Sample nginx configuration
+```
+server {
+  listen *:80;
+  server_name               powerdns-admin.local www.powerdns-admin.local;
+
+  index                     index.html index.htm index.php;
+  root                      /opt/web/powerdns-admin;
+  access_log                /var/log/nginx/powerdns-admin.local.access.log combined;
+  error_log                 /var/log/nginx/powerdns-admin.local.error.log;
+
+  client_max_body_size              10m;
+  client_body_buffer_size           128k;
+  proxy_redirect                    off;
+  proxy_connect_timeout             90;
+  proxy_send_timeout                90;
+  proxy_read_timeout                90;
+  proxy_buffers                     32 4k;
+  proxy_buffer_size                 8k;
+  proxy_set_header                  Host $host;
+  proxy_set_header                  X-Real-IP $remote_addr;
+  proxy_set_header                  X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_headers_hash_bucket_size    64;
+
+  location ~ ^/static/  {
+    include  /etc/nginx/mime.types;
+    root /opt/web/powerdns-admin/powerdnsadmin;
+
+    location ~*  \.(jpg|jpeg|png|gif)$ {
+      expires 365d;
+    }
+
+    location ~* ^.+.(css|js)$ {
+      expires 7d;
+    }
+  }
+
+  location / {
+    proxy_pass            http://unix:/run/powerdns-admin/socket;
+    proxy_read_timeout    120;
+    proxy_connect_timeout 120;
+    proxy_redirect        off;
+  }
+
+}
+```
+
+<details>
+<summary>Sample Nginx-Configuration for SSL</summary>
+
+* Im binding this config to every dns-name with default_server...
+* but you can remove it and set your server_name.
+
+```
+server {
+        listen                  80 default_server;
+        server_name             "";
+        return 301 https://$http_host$request_uri;
+}
+
+server {
+        listen                  443 ssl http2 default_server;
+        server_name             _;
+        index                   index.html index.htm;
+        error_log               /var/log/nginx/error_powerdnsadmin.log error;
+        access_log              off;
+
+        ssl_certificate                 path_to_your_fullchain_or_cert;
+        ssl_certificate_key             path_to_your_key;
+        ssl_dhparam                     path_to_your_dhparam.pem;
+        ssl_prefer_server_ciphers       on;
+        ssl_ciphers                     'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+        ssl_session_cache               shared:SSL:10m;
+
+        client_max_body_size            10m;
+        client_body_buffer_size         128k;
+        proxy_redirect                  off;
+        proxy_connect_timeout           90;
+        proxy_send_timeout              90;
+        proxy_read_timeout              90;
+        proxy_buffers                   32 4k;
+        proxy_buffer_size               8k;
+        proxy_set_header                Host $http_host;
+        proxy_set_header                X-Scheme $scheme;
+        proxy_set_header                X-Real-IP $remote_addr;
+        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header                X-Forwarded-Proto $scheme;
+        proxy_headers_hash_bucket_size  64;
+
+        location ~ ^/static/  {
+                include         mime.types;
+                root            /opt/web/powerdns-admin/powerdnsadmin;
+                location        ~* \.(jpg|jpeg|png|gif)$ { expires 365d; }
+                location        ~* ^.+.(css|js)$ { expires 7d; }
+        }
+
+        location ~ ^/upload/  {
+                include         mime.types;
+                root            /opt/web/powerdns-admin;
+                location        ~* \.(jpg|jpeg|png|gif)$ { expires 365d; }
+                location        ~* ^.+.(css|js)$ { expires 7d; }
+        }
+
+        location / {
+                proxy_pass              http://unix:/run/powerdns-admin/socket;
+                proxy_read_timeout      120;
+                proxy_connect_timeout   120;
+                proxy_redirect          http:// $scheme://;
+        }
+}
+```
+</details>
+
+## Note
+* `/opt/web/powerdns-admin` is the path to your powerdns-admin web directory
+* Make sure you have installed gunicorn in flask virtualenv already.
+* `powerdns-admin.local` just an example of your web domain name.
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md b/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
new file mode 100644
index 000000000..a2d4fa2b4
--- /dev/null
+++ b/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
@@ -0,0 +1,97 @@
+Following is an example showing how to run PowerDNS-Admin with systemd, gunicorn and Apache:
+
+The systemd and gunicorn setup are the same as for with nginx.  This set of configurations assumes you have installed your PowerDNS-Admin under /opt/powerdns-admin and are running with a package-installed gunicorn.
+
+## Configure systemd service
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.service`
+
+```
+[Unit]
+Description=PowerDNS web administration service
+Requires=powerdns-admin.socket
+Wants=network.target
+After=network.target mysqld.service postgresql.service slapd.service mariadb.service
+
+[Service]
+PIDFile=/run/powerdns-admin/pid
+User=pdnsa
+Group=pdnsa
+WorkingDirectory=/opt/powerdns-admin
+ExecStart=/usr/bin/gunicorn-3.6 --workers 4 --log-level info --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket "powerdnsadmin:create_app(config='config.py')"
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+PrivateTmp=true
+Restart=on-failure
+RestartSec=10
+StartLimitInterval=0
+
+[Install]
+WantedBy=multi-user.target
+```
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.socket`
+
+```
+[Unit]
+Description=PowerDNS-Admin socket
+
+[Socket]
+ListenStream=/run/powerdns-admin/socket
+
+[Install]
+WantedBy=sockets.target
+```
+
+`$ sudo vim /etc/tmpfiles.d/powerdns-admin.conf`
+
+```
+d /run/powerdns-admin 0755 pdnsa pdnsa -
+```
+
+Then `sudo systemctl daemon-reload; sudo systemctl start powerdns-admin.socket; sudo systemctl enable powerdns-admin.socket` to start the Powerdns-Admin service and make it run on boot.
+
+## Sample Apache configuration 
+
+This includes SSL redirect.
+
+```
+<VirtualHost *:80>
+  ServerName dnsadmin.company.com
+  DocumentRoot "/opt/powerdns-admin"
+  <Directory "/opt/powerdns-admin">
+    Options Indexes FollowSymLinks MultiViews
+    AllowOverride None
+    Require all granted
+  </Directory>
+  Redirect permanent / https://dnsadmin.company.com/
+</VirtualHost>
+<VirtualHost *:443>
+  ServerName dnsadmin.company.com
+  DocumentRoot "/opt/powerdns-admin/powerdnsadmin"
+  ## Alias declarations for resources outside the DocumentRoot
+  Alias /static/ "/opt/powerdns-admin/powerdnsadmin/static/"
+  Alias /favicon.ico "/opt/powerdns-admin/powerdnsadmin/static/favicon.ico"
+  <Directory "/opt/powerdns-admin">
+    AllowOverride None
+    Require all granted
+  </Directory>
+  ## Proxy rules
+  ProxyRequests Off
+  ProxyPreserveHost On
+  ProxyPass /static/ !
+  ProxyPass /favicon.ico !
+  ProxyPass / unix:/var/run/powerdns-admin/socket|http://%{HTTP_HOST}/
+  ProxyPassReverse / unix:/var/run/powerdns-admin/socket|http://%{HTTP_HOST}/
+  ## SSL directives
+  SSLEngine on
+  SSLCertificateFile      "/etc/pki/tls/certs/dnsadmin.company.com.crt"
+  SSLCertificateKeyFile   "/etc/pki/tls/private/dnsadmin.company.com.key"
+</VirtualHost>
+```
+
+## Notes
+* The above assumes your installation is under /opt/powerdns-admin
+* The hostname is assumed as dnsadmin.company.com
+* gunicorn is installed in /usr/bin via a package (as in the case with CentOS/Redhat 7) and you have Python 3.6 installed.  If you prefer to use flask then see the systemd configuration for nginx.
+* On Ubuntu / Debian systems, you may need to enable the "proxy_http" module with `a2enmod proxy_http`
diff --git a/docs/wiki/Running-on-FreeBSD.md b/docs/wiki/Running-on-FreeBSD.md
new file mode 100644
index 000000000..76a8f5b74
--- /dev/null
+++ b/docs/wiki/Running-on-FreeBSD.md
@@ -0,0 +1,102 @@
+On [FreeBSD](https://www.freebsd.org/), most software is installed using `pkg`. You can always build from source with the Ports system. This method uses as many binary ports as possible, and builds some python packages from source. It installs all the required runtimes in the global system (e.g., python, node, yarn) and then builds a virtual python environment in `/opt/python`. Likewise, it installs powerdns-admin in `/opt/powerdns-admin`.
+
+### Build an area to host files
+
+```bash
+mkdir -p /opt/python
+```
+
+### Install prerequisite runtimes: python, node, yarn
+
+```bash
+sudo pkg install git python3 curl node12 yarn-node12
+sudo pkg install libxml2 libxslt pkgconf py37-xmlsec py37-cffi py37-ldap
+```
+
+## Check Out Source Code
+_**Note:**_ Please adjust `/opt/powerdns-admin` to your local web application directory
+
+```bash
+git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/powerdns-admin
+cd /opt/powerdns-admin
+```
+
+## Make Virtual Python Environment
+
+Make a virtual environment for python. Activate your python3 environment and install libraries. It's easier to install some python libraries as system packages, so we add the `--system-site-packages` option to pull those in.
+
+> Note: I couldn't get `python-ldap` to install correctly, and I don't need it. I commented out the `python-ldap` line in `requirements.txt` and it all built and installed correctly. If you don't intend to use LDAP authentication, you'll be fine. If you need LDAP authentication, it probably won't work.
+
+```bash
+python3 -m venv /web/python --system-site-packages
+source /web/python/bin/activate
+/web/python/bin/python3 -m pip install --upgrade pip wheel
+# this command comments out python-ldap
+perl -pi -e 's,^python-ldap,\# python-ldap,' requirements.txt 
+pip3 install -r requirements.txt
+```
+
+## Configuring PowerDNS-Admin
+
+NOTE: The default config file is located at `./powerdnsadmin/default_config.py`. If you want to load another one, please set the `FLASK_CONF` environment variable. E.g.
+```bash
+cp configs/development.py /opt/powerdns-admin/production.py
+export FLASK_CONF=/opt/powerdns-admin/production.py
+```
+
+### Update the Flask config
+
+Edit your flask python configuration. Insert values for the database server, user name, password, etc.
+
+```bash
+vim $FLASK_CONF
+```
+
+Edit the values below to something sensible
+```python
+### BASIC APP CONFIG
+SALT = '[something]'
+SECRET_KEY = '[something]'
+BIND_ADDRESS = '0.0.0.0'
+PORT = 9191
+OFFLINE_MODE = False
+
+### DATABASE CONFIG
+SQLA_DB_USER = 'pda'
+SQLA_DB_PASSWORD = 'changeme'
+SQLA_DB_HOST = '127.0.0.1'
+SQLA_DB_NAME = 'pda'
+SQLALCHEMY_TRACK_MODIFICATIONS = True
+```
+
+Be sure to uncomment one of the lines like `SQLALCHEMY_DATABASE_URI`.
+
+### Initialise the database
+
+```bash
+export FLASK_APP=powerdnsadmin/__init__.py
+flask db upgrade
+```
+
+### Build web assets
+
+```bash
+yarn install --pure-lockfile
+flask assets build
+```
+
+## Running PowerDNS-Admin
+
+Now you can run PowerDNS-Admin by command
+
+```bash
+./run.py
+```
+
+Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
+
+### Running at startup
+
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
+
+The right approach long-term is to create a startup script in `/usr/local/etc/rc.d` and enable it through `/etc/rc.conf`.
\ No newline at end of file
diff --git a/docs/wiki/Supervisord-example.md b/docs/wiki/Supervisord-example.md
new file mode 100644
index 000000000..11cebc8b1
--- /dev/null
+++ b/docs/wiki/Supervisord-example.md
@@ -0,0 +1,18 @@
+Following is an example showing how to run PowerDNS-Admin with supervisord
+
+Create supervisord program config file
+```
+$ sudo vim /etc/supervisor.d/powerdnsadmin.conf
+```
+
+```
+[program:powerdnsadmin]
+command=/opt/web/powerdns-admin/flask/bin/python ./run.py
+stdout_logfile=/var/log/supervisor/program_powerdnsadmin.log
+stderr_logfile=/var/log/supervisor/program_powerdnsadmin.error
+autostart=true
+autorestart=true
+directory=/opt/web/powerdns-admin
+```
+
+Then `sudo supervisorctl start powerdnsadmin` to start the Powerdns-Admin service.
\ No newline at end of file
diff --git a/docs/wiki/Systemd-example.md b/docs/wiki/Systemd-example.md
new file mode 100644
index 000000000..d7f738b39
--- /dev/null
+++ b/docs/wiki/Systemd-example.md
@@ -0,0 +1,50 @@
+## Configure systemd service
+
+This example uses package-installed gunicorn (instead of flask-installed) and PowerDNS-Admin installed under /opt/powerdns-admin
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.service`
+
+```
+[Unit]
+Description=PowerDNS web administration service
+Requires=powerdns-admin.socket
+Wants=network.target
+After=network.target mysqld.service postgresql.service slapd.service mariadb.service
+
+[Service]
+PIDFile=/run/powerdns-admin/pid
+User=pdnsa
+Group=pdnsa
+WorkingDirectory=/opt/powerdns-admin
+ExecStart=/usr/bin/gunicorn-3.6 --workers 4 --log-level info --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket "powerdnsadmin:create_app(config='config.py')"
+ExecReload=/bin/kill -s HUP $MAINPID
+ExecStop=/bin/kill -s TERM $MAINPID
+PrivateTmp=true
+Restart=on-failure
+RestartSec=10
+StartLimitInterval=0
+
+[Install]
+WantedBy=multi-user.target
+```
+
+`$ sudo vim /etc/systemd/system/powerdns-admin.socket`
+
+```
+[Unit]
+Description=PowerDNS-Admin socket
+
+[Socket]
+ListenStream=/run/powerdns-admin/socket
+
+[Install]
+WantedBy=sockets.target
+```
+
+`$ sudo vim /etc/tmpfiles.d/powerdns-admin.conf`
+
+```
+d /run/powerdns-admin 0755 pdns pdns -
+```
+
+Then `sudo systemctl daemon-reload; sudo systemctl start powerdns-admin.socket; sudo systemctl enable powerdns-admin.socket` to start the Powerdns-Admin service and make it run on boot.
diff --git a/docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md b/docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md
new file mode 100644
index 000000000..04155e9e8
--- /dev/null
+++ b/docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md
@@ -0,0 +1,38 @@
+If you would like to use PostgreSQL instead of MySQL or MariaDB, you have to install difference dependencies. Check the following instructions.
+
+### Install dependencies
+```
+$ sudo yum install postgresql-libs
+$ pip install psycopg2
+```
+
+### Create database
+```
+$ sudo su - postgres
+$ createuser powerdnsadmin
+$ createdb powerdnsadmindb
+$ psql
+postgres=# alter user powerdnsadmin with encrypted password 'powerdnsadmin';
+postgres=# grant all privileges on database powerdnsadmindb to powerdnsadmin;
+```
+
+In your `config.py` file, make sure you have
+```
+SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin:powerdnsadmin@127.0.0.1/powerdnsadmindb'
+```
+
+Note:
+- Please change the information above (db, user, password) to fit your setup.
+- You might need to adjust your PostgreSQL's `pg_hba.conf` config file to allow password authentication for networks.
+
+### Use Docker
+```
+docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0 
+-e SECRET_KEY='a-very-secret-key' 
+-e PORT='9191' 
+-e SQLA_DB_USER='powerdns_admin_user' 
+-e SQLA_DB_PASSWORD='exceptionallysecure' 
+-e SQLA_DB_HOST='192.168.0.100' 
+-e SQLA_DB_NAME='powerdns_admin_test' 
+-v /data/node_modules:/var/www/powerdns-admin/node_modules -d -p 9191:9191 ixpict/powerdns-admin-pgsql:latest
+```
\ No newline at end of file
diff --git a/docs/wiki/WSGI-Apache-example.md b/docs/wiki/WSGI-Apache-example.md
new file mode 100644
index 000000000..d31e4f778
--- /dev/null
+++ b/docs/wiki/WSGI-Apache-example.md
@@ -0,0 +1,100 @@
+How to run PowerDNS-Admin via WSGI and Apache2.4 using mod_wsgi.
+
+**Note**: You must install mod_wsgi by using pip3 instead of system default mod_wsgi!!!
+
+### Ubuntu/Debian
+```shell
+# apt install apache2-dev
+# virtualenv -p python3 flask
+# source ./flask/bin/activate
+(flask) # pip3 install mod-wsgi
+(flask) # mod_wsgi-express install-module > /etc/apache2/mods-available/wsgi.load
+(flask) # a2enmod wsgi
+(flask) # systemctl restart apache2
+```
+### CentOS
+```shell
+# yum install httpd-devel
+# virtualenv -p python3 flask
+# source ./flask/bin/activate
+(flask) # pip3 install mod-wsgi
+(flask) # mod_wsgi-express install-module > /etc/httpd/conf.modules.d/02-wsgi.conf
+(flask) # systemctl restart httpd
+```
+### Fedora
+```bash
+# Install Apache's Development interfaces and package requirements
+dnf install httpd-devel gcc gc make
+virtualenv -p python3 flask
+source ./flask/bin/activate
+# Install WSGI for HTTPD
+pip install mod_wsgi-httpd
+# Install WSGI
+pip install mod-wsgi
+# Enable the module in Apache:
+mod_wsgi-express install-module > /etc/httpd/conf.modules.d/02-wsgi.conf
+systemctl restart httpd
+```
+
+Apache vhost configuration;
+```apache
+<VirtualHost *:443>
+        ServerName superawesomedns.foo.bar
+        ServerAlias [fe80::1]
+        ServerAdmin webmaster@foo.bar
+
+        SSLEngine On
+        SSLCertificateFile /some/path/ssl/certs/cert.pem
+        SSLCertificateKeyFile /some/path/ssl/private/cert.key
+
+        ErrorLog /var/log/apache2/error-superawesomedns.foo.bar.log
+        CustomLog /var/log/apache2/access-superawesomedns.foo.bar.log combined
+
+        DocumentRoot /srv/vhosts/superawesomedns.foo.bar/
+
+        WSGIDaemonProcess pdnsadmin user=pdnsadmin group=pdnsadmin threads=5
+        WSGIScriptAlias / /srv/vhosts/superawesomedns.foo.bar/powerdnsadmin.wsgi
+
+        # pass BasicAuth on to the WSGI process
+        WSGIPassAuthorization On
+
+        <Directory "/srv/vhosts/superawesomedns.foo.bar/">
+                WSGIProcessGroup pdnsadmin
+                WSGIApplicationGroup %{GLOBAL}
+
+                AllowOverride None
+                Options +ExecCGI +FollowSymLinks
+                SSLRequireSSL
+                AllowOverride None
+                Require all granted
+        </Directory>
+</VirtualHost>
+```
+**In Fedora, you might want to change the following line:**
+```apache
+WSGIDaemonProcess pdnsadmin socket-user=apache user=pdnsadmin group=pdnsadmin threads=5
+```
+**And you should add the following line to `/etc/httpd/conf/httpd.conf`:**
+```apache
+WSGISocketPrefix /var/run/wsgi
+```
+
+Content of `/srv/vhosts/superawesomedns.foo.bar/powerdnsadmin.wsgi`;
+```python
+#!/usr/bin/env python3
+import sys
+sys.path.insert(0, '/srv/vhosts/superawesomedns.foo.bar')
+
+from app import app as application
+```
+Starting from 0.2 version, the `powerdnsadmin.wsgi` file is slighty different : 
+```python
+#!/usr/bin/env python3
+import sys
+sys.path.insert(0, '/srv/vhosts/superawesomedns.foo.bar')
+
+from powerdnsadmin import create_app
+application = create_app()
+```
+
+(this implies that the pdnsadmin user/group exists, and that you have mod_wsgi loaded)
\ No newline at end of file
diff --git a/docs/wiki/images/readme_screenshots/fullscreen-dashboard.png b/docs/wiki/images/readme_screenshots/fullscreen-dashboard.png
new file mode 100644
index 0000000000000000000000000000000000000000..828fc48e2bd5732a085ef10a7307776304d87d6c
GIT binary patch
literal 70522
zcmd43S5(tmw?3>J1w{cB0j1girHV9ZK><PONRuwT6RDvkQE4h7sC1<F-U%&4K|p#Z
z^w1#$2qh3m;~#f9?|#qKck_*LE`X6m_+_m*=bGi2&*Z(Xwi*LHJN>Csrx>0+Re65u
z)LH1MQ-2`N{Xt!6Ik}fY{c+m+xth|cvVKl9^~D*-$6Ak1ovMt!K(andeSQAbQxoq~
zrx@FQf1U0G7T8f2ulYQA;iC_9@BvwS*`Io4?d;(r;$iP|Lqg=fh>V*!MElgKlQ+*)
z9vk>uZl<1psfldu%+K|!HQX}0L}YJ$dM92*B}PT)Jd5E67w!!f!**BYXRd{JO>6dY
zZ3Huwa<Aq})Yj#?xW0FB60F-1P`7IF-iC{NV;g#Al6vomC!Ju4a7dCINWpuxaZPb8
z&2=XgepyL+7`l*fN$K3pQ0li?jU1-IK0BBDzhC@bL9(G~e8iL3FaG)Ko1udTPY9=G
zHS=hd|N4WQKH$%QN77#lfBf?Z3#<Q&k6<-y5+&J85ao=azN^1hI8KNt#psh`M<h~>
zpI?ZB(m`t3Ev7-ucJ*SrZ-HNX@ac#Aed3CzvObhfV1LR!B|;F-Njcm>M_Q#l#7`Ql
z#gkD481rf`WN8JN|5H1SWIoy(*85yUaF}l0;eq6}zl9o^_!t|^O7t>EwSZ|=7&r-}
zNKrVU0~heVoL>lR@7Jnv0s$`~tWtLgg1}}eLT#5=dB>BezyLcu40hl3)#Lw`@Qc_@
zN#N3YWm_9D;&5~Fw$~$r7eD7MFAu@9)38&(0$}txo|D1vX=Iyp9x;#2ebMOa5}xLx
zM?;qfqS=QPAY9el#?_C8BP^iH%lCHItq%_b_l<t7g3cNq%HW6Ede{aAUI-=0Y=xs|
zixtBn^URFAmcH08Zi=p^w#1R=#ZI&>=ay#ZK!~m*)v62@JlHeE40jmkxoOrd(oDK9
zie1>X*z|!zKnZTbYkSZ90<C|IzWm!-gdQAfPO#(4Co+`@v~&mO_)aj_M=SM_j9jE?
z;u(Kw@$r(8I<KhsF-+aw0TVrXHeaWld*Dd~T!PY&gl(2w*=jiLt)Eoe5F3^Z*pWZ7
z&8!i_UYV*ISjF8G#g+r>O!EYDndpW+620lp=eU<kzkacA7GDwL<Gn%E>OVFOA|aMK
z;MZnhI=WBG(-fNMYCPsjAP31>MPqKJrP`f@K2u3I<FOu?LF%U!4my9|ZDg6otCuj3
zY(A3f)|-&@;1=7_kH@`J=IU%udG_|IM7gcm?)j8%d2dH)tU~CraBpZC;wk5<aMm+u
zBIyh-clw;IsqTohDCLP`OK_x6cJ=yR3ZVXrCPVmNduq*E$T(?MwBIZEe494n44u!R
z^K5}%RNzXFB)GA;l28p{V5jxnp3Culn$2i!&rZu)%=V(SNvHIa9#`YRmZJYe6HjS?
ztFsNMlY_6Em~4`dc~OB5S*H!%kyNWQ=hd?L6ohn0bo9F%cNj3i-&to)5ll!Ip}%kk
zO_N0NO|E$7#=9!xT}C0Tvdd0a=s=D(>I$WQ9_+WiHRV2D<xV;nk8fWa_<C}3mk9Qw
zJ*yxI{?)zQZTOWaH<^3mFK1Da!4T}|IMdT+6%2XwLiFU5Fo$HZQK4SLu)ARFmQl9X
zK%SN<Y-6efj14Rely;tlt18<jZEU5LteWNNl{X4ET_*==r%4?|g=vg$_dI;HYdXM7
zOq6VT7ZwkAW!c!P1KsIV+W*PY*-}q2?!Qfml1C?=Q%qgWk6hJh6p)zp7U5wYzn|h7
z&+Kuc+H_Nh;y`Y1%3}faH-IpaHKLl{AMjf+VdSyI^6turRWa6^9r-1H*^>M|{jL^|
zN>hF^fOIg%PnvoNv+P;rS3I&!3&=_is&XcIE?v3z^#F-hT8mC<WsIZ~iXg31c0ba5
z!M&L-?m@j@?FvftJtl=tI*Wg@cT}9um+x;O?4Q}E=LK1Qlh<Bt@N|AL71xtDB>1cI
z&OJlN?$MW8)I0sR%Wazjmb~M-Hc{$bO)Dt?E3h1T0k=Uq3gSu(8zMkU9Z_-$7RVPZ
zc?06Uat6g~X8Dg3Tzuu?ismx?g_lNZr~Ec%wo>s4?h1*O`$v;ZjNiCOL)H#`^b~(Z
z?2l63UKM^bCp68L+RJU?_s%mvbwn(rRv2xnv}|wfY`M$M{m3T;*2mwE4&b%&-trDK
zZj}~T5{mJwF9~{kwk)nJ8Q_K^k6vX>taIwV%DtBC2f%Eemd$tL#imq!X{LGs0^!%g
zX}acl<c&Lw*Kw;C0PipLRYxl>&ji6*WWX!M#dz<1ZpT@Nk%(_}KHV!l2(YJ=T;%lD
z=CoaZgo#f#kBNDqsRt$|pNWZkIBw=>sd&V=rJ)~BHzarN3Bdk;LJ{lf+Z}L{xn063
zD{QyDh99m7kfFRp5$5o5AFuKwYwH*~lU0s8bO5sj6C+XTMjn>Asu8BXQ3In}=8d1M
zSVR$J7J(v~r2EdDZ$OGC9vx*o{BGnllj^rm6v4VbM!OYuSWfQJ4VwajzSQ(axRZ}-
z(E0ugezYxctrR?QUBmm*qlT0Y$yF^dvy-iVs|n=W*{W9CHixe)mY0Va_8Bf@fqP`Z
zb`zU5o@UX5D3atbok;?NK4E9)2$Yx0J!`7tr`qyGr<X>Rei?9t*;^5OX6Eb1IUfX_
znY#6pmDEGDDiIraxxwj4{LrwbRA0eCwXb-c<a=)~@39Xl+$MdGUzM|2M$_PjzXiTh
z*4y!nzTY13uQ2mEM2(T_`ik_8oNVJ#N0OQ32L{a05X^CfRw2@GS2EVs?XLcSZXShs
zr8%u=Fh{Ajj)5I?;4()}>X>zv*c!?O!`M0zfPnV#W2-c6fUkQS6GF_@NcSlZqdWPw
zD1Pe62u_e~kNd=br{|4aS#Z!kaBAcBR*Pbp_UfF)9tI_YEaSPFcS2rzzm%7Y+xP?B
zrZBR9`^Z83vFE%h1^p!w%DP=N57}W#xVZR~eZcNBu-^Lek<%j*tfJL3PyTI+NexA9
z@>yQMoe_6+9>3gDgb2<f!`(MGE)?6?ftP&w3r_9~+}*mS9?rAWnt)MENg<P>_!ler
z8}8+0GtYFk%MRmy%ov7tbA2v|)#T#T)W13$L9}{*o5>?J@A@}E{Se9aRJOmv0REM~
zf5gINu845Z_IR!GY&^twIy|<FYe%JaJKT|mVI{>2tqkYymhvwO{`z5{t`N&LKgO5i
z&=WIW+JxU6-4A2q>qG6VAQLFRC>ZNQsCSa2pwkBN{tl5-ga6%akQdLa$zwk5<Nf96
zwIw64%&X1=*MI;v?Lklii6G4;`;EJPXPN~`>2FF`m~NH=vpNuBi0cb0k!y~L+knI$
zWQg`9g5<g6j=*0{wP`Jy;*tkwjRn<@LHJ|Fvo!~<f$Y4<D^l%e)a_DNA#2ju=`F!8
zM7G$sG+)`#A@!g(a`}T%qrLVND=QgD+k@t??{HV3x`VCe^evwCH_>iFKTh-1&z!Ux
z6gBU8^5iuA<ocX*rX-Jv)M@?2D!)umeE+w+sOjEciI5Ldb|CE9)$vASCp<eBL2>qb
zxlO8{jsZ@}z{9N6A!X0dR6%b%<q&*VA7S3UD(P}Gy1y}8VfZRR<Z;N`kO&-O%860y
zKmrtu8&EvSUZz^sVDMUdQ8C*d1<(+!O<JC^)l)n-ryR7syg~|0BWaC9q?okgz%Z{p
zFDX-p5&MNtviFAMlb2SoKS#nK6kG?r#|Ly~T(k~U_zZK7p-{~U@I>m3D}M@vgjDAV
zt*e=8ao(&x_G21}I{yXt*ylzAo>CP!zu@}mPHKNYtIatGtS>_7#^y${V6O$otzM@2
z`2?2k?h<+M{U_&}%^yGW8#X1p?2>zUyf{n>=HmTNN_cJp;aENRGJT4RAh~|&c~clP
zsi-f~*vZMi5j}C)cBwPUX*^?0pT+d5AgaV5*Do&J*$m+q;UNsB^*snG({VbfD3HD~
zhxm37w4JSXLfY5q4?$3^=Po<mdWk2v<<)Vgn$pDu#0HL^4Qn@dl7f(X%nPnK2AQ*|
z^WYA^_Zgl&`Y_*N0jXUR@5SrSC=B4kFL`9Yl)HD=DTwer+VfG2!hY*$vz6PNBQr@|
zv(1_w^!Z&ZpJ+Ea<WiG-J@mN4;yu1TNFj7u40i~A^pB21%WR`}T1sWvF@7K1#(8rr
zF=Z?+b@!}F?F${Jdz1G%`tA4m4$r$;z)i=hB-xFNP=%(YgM?bT8fV#w@{yeizyeK#
z4j9xvU|dcnAMGwdDKd~1zG{cF?b+ICzq+V~j{lWvZr#0`D$TPthp674M<b=Urvj?)
z<}n#{fGgxDe@G;UoRXf%u{(OUFMO&~v(F!0|IudbP|K6>fd-q-dW%U9L}Nm@AGGu^
z^FsJ}2ydh?Sgfl2cjB^5`=OmUCw~}Gh@~09Dhnz4(THcz<nMgfUbuGr`9{CvyR`+N
z@$PrrX^`dr1Ye^cdXgJ8WrHQ4rLvGT=S{29H$VlTZB)30CAX}PDbLBAWN}SUqvp~V
z-bQ%~sREZU$U*UwI;Z=;V0|&%vo^F0DR@e9uPapE{|KKB^8m{Fy{E>MMckXiz+dp4
zPSj*V|0~gf^x&8T@GkCqSj6HXIbcigvnG!Nk61hX#z6DD1pZ6Lxom!Q!i7XN)e4+`
zz2{0F3r8E0^mFyH(Fh%j*OSZd<-wP@E<{x9NdVY&!=TT@oolZgzxzQdV0=$(nNMT+
z;+u>SZ^a(djJ!w_7-)V(c=-pK=I^v@$6b2Wy_|4RRJX1_ou6)u;oc$<h(`zR6G9al
zOL?cq1V#n)O4KX)F>!b2ax@F;Ry61g%dc)*2v$XbLMxXB-<{rP<>Nlt-7H6(w17L;
zZW~omqrw+JaKj?IbHOU4NyA^}n8?{8^DSs?{D&e%<O{k@6{RC`Ugu}*&O>6>%EBju
z1tdhhf5n!hqSt2WkK^;Lyc2g{+30R>Mjdb!{UI@Z<VRsF!0n<m%JK32@^72bIZNS*
z5&7bbiENI`wy`tCiuXqX!crcDJ{BAaB|hYyQGgtF8z=OoO3L5=pS&JF_z++HI-{R5
zOHiE7GOpeho25PJ$tT{xhHp(9l+6^ly=UkBAStwKus_V3oFF{eXkN(3(i1jXJcV#h
zZP_xtxH)9IcvO#9q#(dn;97_Fz3*qyy~!3TY#Kc81V80|rmemg@(cV5U#zev)gYr^
zG4uYCN6X}!>xS05(il;7qa&>j>3E^G4%|)r5398SiXB9ouH1$&FBg>VEL*)tt)Tk*
z18;1c`LpUmeF3m2biF;G^SE)|fqW~B?sGDb_E`#u5Fc=-=NpG{-OCxee~N7P5UYTo
zotT>krXb)9xxvp`)Q6G#+Gr&l+DGqR94lrdvS!>;qciy&!lDi;(9P2>yy7m9aG}Ud
za-s=>_~dT+Zu2DF_@p+F5c+H%U^kAIWqnFGmAUkvN}u(*TC;4MbOEr(W8n>r)kg>=
zY+`3yfx~#~MX7l-JBwMIpb27BU$`e8Ct_T*r{C@xFEF%_l;4CbWS`3MFvuUj9YW6k
zdC_is_4)rQpnqN4IUN5rF?7?K971Hg&MfUYTu^YjgU`ana9uCoCQ>~&9bELH?@D`d
zeDDT3|AX;8y=M1ZuUQu(`rV?r@_^aztXfUIrUNB?xhnq!K3MBj1(7;-GUn%IL-OEa
z-g9R9t9{8=XN$cbjhI?+7zNeY?W*gr2<mTkRkf#;=;zrrb+3?$jn9=C*Mdf9DI-SW
z7*EOnRbBtw1OQz}ci1eUTVr@;zVc-0fG+6VwS$>?Bj4gUL2d5{0p7^5duCbAVbsDV
zVQbIrnA?5YH?{VYNyvo{xYLbE|EcP3q3c)7>O5XFy;LR5Ok(pqOnIbtS6C$lkLC3n
z?c1Mg3C6mZRQhyo3>+~feHU7(`d^YOnA(Sn(g{z<Z$$9|g-vC=`%@q-rPGGRqq$mY
zsMi(!*-PYAH``T^{eK_g-2Y7w=Kl+t#9&!ErM#}{fI1fa2ZO?2`M-%l`Mx3y&LDxk
z%Sa<$@Lu2N?4NR=ZOT64giLZBm+L_`%kKBBFAUJ(=yyGkZ%pWw$p1;!GclM%TxQge
zqRV;(j7^BLop0qu3EbJiBD_x^IAog|6E~m{j|{;=TlS!4e*G2|{;N>Sbg8WsWZoxs
z@xYhmgWSS$es<$DnTG#H=lXzz!5nbs`a&D4aI&<cB`M3Ehg05fvB{eadUT9jVuQ%}
z6ZSGk5Sx_4h*&NwkrTuLwgu+D{Y{!8?%mppR2xWqU_)5WEZ1TmhFLLT{Q$kPH%DXs
zjqedhBJ#H64x`rDByTL{Ca9jcwrXT|e&S-04j7k<oFn>g73qM=)Mu;R$ZHzNTw#L$
z$hX{LR3c)%54MKb*Cx#z-2=Al4);3WMkVge;Gj%NQqJ?Cl?$2RMlrz%U9Eqki(8sJ
z$u-!cy`zN?x<kxFrT44yxy(#3-4iAr1<2xslVs9xY*Km4!S?2p9!JsOlUf*?&bQ;k
zW$C#OLB50|<2=n&fct8%Gq696w8~+NN_-GZK-lJKv6Eb8UO%&KOXs*UQ!m`aa&G0{
z%5l{p47O+_p!GX1LOmX_*|I@TUPH))Ck*e{#Wvd4FJ}kgxULL}^7+rNw+z5J#TKpf
zL^aPva*qXl-?1b|;37YAv&!w|CRimul<^?AGUw@BmjUk$7BWYWh%0ZHJ5-t_s!sNm
zmCda0oOAlG^SW#EG@c<Su#JF76NwaZ+gs(pV<PcjgN2iYMH1IA@j5NjT2Cw_orn2g
zCek`29msQatWM2e5CISl4ywhWC#x)AY4FyFi(G&}TtTI+TJ$@vE7A_Xmg{daTe2VR
zC7xcge0Oa>_+()SEPKq6B&>8d{@==-9*(F>mDBRSN3dE755;dy%H<fNS~4LPA1M^d
zY!Hr~hno3lL~EbEsStR8oyxXK*d{km<4Z<*%L8dpjvEA{(vcPiIJLAS;?6NfUYC`)
zbxZ!v!@DKMFulqJ&n4PVJj{|FKFf)EG@V+Ua(=@IQ=j#pZb;u$=%$C|+-x@X3j!sZ
z{52urt5~`w)N?;~rg=sqMNQo?{L_C~A;)k8-&U|?RAiFaR=eH+)5RS;!}g^6_t!gV
z3PHFnwsE-{9j6yBMjT30B;D6$3k+u)`{3*~?z-g`ZBxRo2CmQ1*Rgws&FN)}hM8V)
z0)yF^Gq}x3@jC^MuZ*)Ro1mSa+lWzIT#|&`g>q5<pxMvaR%wWxz2Xs$ItQ3XB-UZ@
z>HLJ*CN8*<ye5BM!sih|cmCftR4fg48tz|fXS;<;JX{Q|zf5yWi7X2`cYYh-|Lgl&
zI<yRWGPo+793<(a3-7LGC?0cp4%go5mP{GjaWO1*?v&L^F#?j@RsvVLkplXakCRNd
z)R70JQ+G1#^D|z5Pn-Rtsn%`$!T0k0^@L7%<58PrP|HJ4V*h8sq)5dVmoJlpZxd<G
zIp#4X)b-?D_&^1vRg%~@1G%H{H+zZ6sr`flb6G2r^rnyT?(k}*-ARXg%XiI)zpLZv
zu@nFf!y)g!=v_{7{h3ivF`rSU&_u*vz>L9w*zGqE_hiX3^RnRFVf*6vd($P)R}Kw}
zrAuDaS{zKxa!6y)vr`DYX}-DC;$xLqjC@V#z<j<b(><1lEk55P$H2Gc&Z-^z?cqH}
z?-0V+Rw2#KUGZE*5qm!O+2&W1t<vL=xmq=9j_l*A&C@Dn)!ox0hp)V^uyQfL_i&_g
ze`H|hS0<e89B3f-;}R-&p*3AG$B`7@1NXdb3rTcJZN2D5$e6)rD!^tnQnWP40f##S
zb^s-habuE8!`X6f1;02{vc2>a2rOukC?mSI27hmD*Dcl9D4u>!JUBSMSvKLyt!A7=
z5_?IT6*4M&EBM0c&mnxxNj1cLO+W33cevAkqx&YlxlD6gvf6<GN3JK_<h`ET;Y>VN
z=M;0Gh&i}&qc4+$RKc#>SXHiTtiXz4ohG@;-psgU-gs-Wf6V2~Xerxx9hh2WaM5I?
zoQ*0$$`q-<McRvq@>B?y`Jj<wBOHKM$S|G1YkM-`ARIhJ^b1@VGtTP=OFJXWK=Go<
zJLyT@07YDX@@RZ2IZ0tCKNqWvj9L@gIvmS?s*z4nc(4))=RwF;fRXozWnW;T?pXDN
z#n!Ny64AL2hwO=7;k|_EmTNt-TH+INfJCDd|1Z6%LEB50tba5&<pa{LjQgs~&PH)W
zSn=*hXE((L-6LDwv_2t_u1rQ22U#7`AIJ7+J+F^~1b@+Fp&U|8tVG#_@G@(EKA=fN
zOni;n4*J`qeiaFV-*HX=39g>vmgx^Y7cXS1GDNMTij6_GJsrLrWBzqs=r4xqfUycq
zYGU4fT~J}Rc1rxmflIiA$3!tWpJF}4_10EU0%HYt)^$yvcVs_`FGK5>xM28;>jJ7&
z*_2Z)bpr6f5uoNH?3+H*8VuWI8A$iXv&BY;2i~hkG8gipRpd@Z4-u2ppPTOiPe7Kh
zwhm`_0DL3Hq(`P(tB_00qLAGbXKm;DM@uw^a||A|7tHH3#KHGV53Q_FH=4Y?YV981
zLZ;rtM1J0KeCmO^#Av5lTygb*@^&GMU6zdU0xRy(ZwUav{?4f~PDlGltY10j^+y~h
zfXn+Wlo9!SWoi!lcWbF+d?bREOI8~kuoHW}ZPAil%I)dI_nnv7I{SIPMdRhVd61+l
zwHk2+R*iNk`8__xregJ~D*y)9h*})u=9QU(kqpx<x>2X`YG+IaD;L2>;?QNR2vg1Q
zkvHAlxY?`PW^77PuW6e3fFM62UlY(duR7;WYC7~^$bEJaK-_v?4woW_=*-PEViQt8
zEhk$J5!~=3@=&J#3|-l*_Q@(Ay#;NSV=!c6W7d55WBx=eU;>H%(R>xe)IKmhf&0<y
z_QC#fS75z1rw^@%HlOmY&|ljBPFx#0IyXhZRxbv1;Yif1_@B#Cn$I*FcoZGQ0ERe~
z$9y*e^kMvwrQ;Q*yyYM4rwv5b^fPOKVO}jPJ!b*>Eud6Kf+V#B&>HDa4Kj2dLm13@
z3>W}sOAMns+=Iq|6PYHM*Rp*<5^giO+BB%=wX$r*!;4+rrD;wR`6^tt4eGvW;JTLb
z@{=B0wZ1@GFVY?pfP6^AR#D`=DBb-d#^IXZx;CR3+tD;A55(@+VjDEM@nUeWR6@-%
zlp^oB`PAd(yFWB}LIdV(hUp-|^s)$b6kR5BXSx+X#J4RQ*mUE8<ckOaG|ld4qxEuX
zKX5zF5Bf{K7C458p!3Z`KYH}Dz=Q+Z$QPIph>mflwH@@<Hv%6NuUm+K{jK+-L6o3{
z;+(F5vm*_E+*&f?v`OAIC)~e-9)*fW1EbR~J!`U|R(cZFE0(z_kJpPV=T~>nUxdDy
z%$l@9%smtpxfRo&TT^s_!|F=+!f>Yj()uUgw2IkgW40F4dqNs`KUDPEF#lJ?|8yI;
zG7oUpy8f^q<VKZHAE&VjmpCt8f%tnv8D5j0Bn8iomyE(q+tbDbX^{n^O@1qsDA!P!
z$M8_TaYH!xgQ1II*$0p$c00GYR?woWI5<^X2f03P*yNtgce<9HcC=)u%%GOB-Q`$O
zujiz&k+LE%UTE3Z<Ft7=E{AoSJUNJ-gbmoO1^e#J#NTE^9WQoz3Ic2o)gq|)oD&Rn
zqtvgZ=M)HbR{BV3!i>0{5zVO1^Yh2)6u^u^XEb(4e3DbKg$DL=4oGyk=*Cl*NJ$Nn
z3S(5ve7H?x!GwIj)WP5#zF7HNB^&6Fop`Yy!>1S4`bHvNRfb$!nut;~i<gB32+2iw
z4t~ha3w^7@^JN^~Q^rrS*q1i|fD`4x51Xp`MN8!zlZ1)=rRDa;w?YTvN`&`Q?kred
z5gR6|hvF6ldnh0X{w{vJw0upK{%h}<Gs6cmLg4zO%EMA*zE;rw$bJ><@1EEbD?zk!
zwI3ja;KM$Jy2fnnwryBz-nD42esw=EFW4!C08Spicu>STUZ9$2Tnn(246NPp7|L@*
z%g&|+H#+aCYo!P09WbwKDCo@<`>({?3rGhMlE!t6rHzVL%wTDif#mN3l3)$MNYxAX
zlP?S*0*0<rzlyb<4nTS+qAL*?*kL+lrCI@1GD{>wharjeD@T~7ftu>$)eFvq8y|~a
zq8|+UQpASC`IqP5v7Yxj_0S>6iyjv>JnoqgUWGvGo@@g<0jufmKZFy5Zbv#?S|)3t
z#We>i&Y3kw2dth|oW(H9zRin3`8~FCsbG{GjyQpk%RV<t`xQ3`{?K_gaF#IzzK!vQ
z9o<XnL=M#jI`*VqZN0?<9#DL+G}Vy(Y{W|aNHr1Vvv&68UTqXf9tN2qJ3LI?TNTk`
z{f-J)ShD3j+-|`_miQ=#<VLhP{mx7yk5;wC1mQ{_y)2W?(T1alNBzN)^fOP1Yxh6+
z5fMl~#Pv(K;i_3hi+SnYwSgvw5yPlir=$oCp1TVp(mV^WUr7zN^wsY#bV?&SX5+KO
z!M|RRJ;U9yexewgPZkygdsY4dUbwbuFYv>FrU1o-*`HeI>uet4*ub}IAo$k`%m<&v
z_l6@S7M0U^3W7CX06u$|9rK*s<2Mx1i)hw)j76Es?ywGvt3m1TqZ1=B3p15t3C__>
zXMaq`8{sK`NhU~<5lA_VRmWgQDi&yWS0ANYmzf#d#@`dbQa-U<sNN@N;BJ<y+R5%K
zi^T60udG-V`mN==_=$|wgK7zY(iG6f2z&rj-Zxe6j;~rS-G6?lsYA3Td>SbS?~bHc
zS!~K}8#<KFsOR>+z1y(=$J7n|5Z{70zz&0#C$q)2B|CGduv|Z)xfUc9AfrB|@K`7v
zpwa<7XmYxRV8Q_|?5hC4@0fYdjVeZW;4cpxlOGTsJdgEw#clO$=_5ce`W^p+v}yS-
zz57_7{g5ZeAzSjF=2&c!v?f$ukc@}5b|U2jz(*^QhMU*_j{gzK2kwjOgEv~gpSUR|
z1H5mL#eHylAtqHaybw9X_1Tcsga{NvpmUGOeot#`&CXd%XwXW(xU{|aT}&BT`DqOH
z-5U#4MjVGij+v%Pg6x<;EEOs8EG?>p%WA#5cx`9|q|0>D-$Bg_!sJb|6EdrYbnD(^
zx`CA&I>MjVGUQ^ebxYn6O}~pQ@Xw83DUv9D4tMV(Q2I>$T!*WO;s;IfrCY|0o=&NJ
z5O-71*3dow(Ts&^W<X-it*w=18gGQ`N&k;@HfTzc*I_g=q0Hv6yHtfR|MGXx3mT4a
zO@K@_i8+sl-V8a)yrj~myr*zhRuT3JdC#-urBT4>v*T-D_wFsCzk*%~D%N^j3dp>4
zdWX)wU!`}BuzPfv)1a@)$lV%kcGJ@6_~o(IMN53D|E-~TJ^sJFcdL>VX8Kr6v?cz&
zt$~y7APy%8qD%l3?%s_}xw2p8aB86&O#@8=;}dwEvo*Ikt%)vz41JNfn^ih%pY<#(
z-|cZ+A3HdH{O0EA()2>zj$(rNZ6$L4r;nSn{8ewTub&?%GYrsj6wzK6IA-sb&U~-j
z<r3~SSA$jV+6d22q4qKg3>s*2i$Mhj)yn!n+w3|xdmRHc4JC?Oo?bBxm2_EM8|g;q
zW437m8Lk~*1C|opq3$CKENaka05BK@1eH_pKPVr8NpLU0&wz(7@@O%-`~4R@_0#dx
z*d==IeaJOE%~zPFC~?|dcjD`XuZj<5rEeypaF4%S4i=B@mq_4AeVpaCi;7OftA8BB
zJ$7e4%w<wjwDjE}^)sO_F^yP41&{Bt4LU$7Uk|wD!`o8Ds#`3HjH%XBnDfO<q*!+o
zroT`nzvIrb$;`*zEqqX@OoU&+IePYo)`TNU-o4Cfd=ctwNiyKu>~8wRU`EE^jwd#K
znN2Zq$7V5aWr+|$8^)N5I3bnE++HU#YdJp|@A{e0ijE!X5jWWXgn|+%O*{|+@BRSi
zq}j(WtQ4K}76sR>>jXT|Q4=}+KA3xVddL?zj0D0F7!r^g?WLWAy#7eS5mH>CM;0#(
z7X>J{NC!WK9k=%|@(3U=Y#wu-19IcSaN<&mua8XQ{CN-hhEb^FY?_wc;#&)oNyN!_
z1bMY;<vgPfPiqkIr>f7psP$_c&L6qv6@wqW2Bvh>x{RSYIfsP&Rk~C&!#Cc9I|i{A
zoxSct%i(gCqgz@!w#fc2YE-u<InzL^ZKN+<$O7iy(9tefD{57#H|A(&=sr>U1e0-?
z8iaJ4%{Qoq7$(!gfKv@AI<G5zVejT>7A=#==~{Gax#`-9K??g6EBpzBL~ZlgaVm6d
zvf%7~-;gNWLVnJVWnn$0w;I#Om#@>LrBu0KGH<Uz21xq6d`J6hx6QutDRwHpw0TPM
z@cs%wpxZ#{7jKTZYw~!2$s*D(Ro3P!y``~))%**H*)N@RXTJh8Q)+|Pn4p8+Ge9*X
z-kh|>d@}-Irtbwc$qRxkXukyw@R%R3MnoL%v;VF5K<l1|$qz$S+b=GAz|YZtct%;!
z^!jMueRRNPr*R%4mu}YjM>>Gh;tESsC`Q85xu-buWNw!u>G-9R?&zk^-gX=rh-YGd
z2tDCho?T8*TI1oXCf9)pIm_ZRPnl7|JaIdvPR!4NbKTAUhY?uqZzM{mcM_EJquEt&
z3h~<9Sybkca*P$^*HKspoiSrsumU<_Q_k3r@73(Bs*{JuH1K5r0+Z?tESEc+hE_ur
zn{7-N6L7HSRYfpk@Yg3It>wY{yCpDv=q=2#^{f!2ZnFf(TaJK5bN2M<s|}cU@#*)M
z2L%oFYc|e)9HZhN044sp<E0+na?uI(^5t?;Mb|F6Eo06-;?PyD1lp8I28V}(xH%`Y
z^<Smaml6`(IZd-Gp<z>7X$8Ymx()EmK#+12w~i5B+5l~H7xjVml0AIg;##hYf?k<k
zrB{@CysK`R%e12_LF#a0aje9VY;@CdOWC!CX@7s~@{~-4)g#?RtMZ9onc|M{YRY$f
zXE~}dmAJF}n}Nr(vYpE5P@cixGy0OND4(g*c=$4t%58OSlgp}nAIU1X&<h8Nukllb
zTVK0OWd|liaIb$k5_X8xcKZlo(Q+@S;L_=**yf|CAX$g>fS`8xeIIHIo3CCiR6TEc
z7Qaw1?Bh*%6p=39`h@9i=Xlw&_Pf8r(G)t4OJB)0@23t_?;ZEsw@S<{<bV->%7ESo
ziUQJHM}T6+C7W*Kd!Zsewl6G64gGu*==1Evc;s2n$xEe6Y!a^mA_^lz?~4hNQ8R~U
zd}dla$s6rF+MJ5MpHn@a#{+`>6PscvOUr4?_$v-W+UL$&earW3%Q897gOv{qL-exF
z26);#{(&OCXckz&esy&m+P+Bo$ur)!m=%Q*k9H%xx{SPO!w$7huQWZnEl1q>;M~=j
zBY2q=nIDI<epK!dLa5>79Cvw&IwTYDPRv&g3&943gwq3o*D(_Nf)q{fwh@MlEXmi3
zd;_vR=%l(>9&8Zg4J%7CgEf@VfjY5eM3qTeop|>hg9cTWqM9<xzI-Ew^u~jzsARu#
zWR>w&U8Y47j`Qj$6?3&z4vb)2pLE2{Ped!4rugn3wy8xoOuUIvyK_J2tb)mJSI!GQ
z+IN!2zlg9-C)p(z$n#70=G^5w+5+uni@Z1g^b+Eh?~ZO00@&XVa+$sVpmskcC@kOh
zT()-AlHC1lZGl6php<oArJl=xkGxSrjXSS)-zENZwd&J954c)$6CA^E$`gX@)>;!5
z{i}Yi8LLj|7?{zaTnZEm{R9Ca!xUS-wK-lkuc|mvT#~Y|iGP5u$7P;ev0(6OA^=D@
z^fYM%qf-WU^%!2zPm+e7tVEs>0cVKYS#=%x9H(43zON()ewan&f%(nDVevp&LJx2<
ze(=W^Kny4~8GyqM-MUpU`FhYO6HLNzv}puIjP0K<9m!K`NG>fNb+M>Y*HE4e4BxX1
z@8(JuLirmYDqtP(mu^#yK4*b#Bkt*Ur{BFOacg^^BOTbNo}z9zHCi;@=x4E1J@<G{
zizZ}>gO1iG3O%;p0Dwn?9bCX(XO;8mB?!x%1jZ2YOPxQV^=V820Rb{H_(b^IG$Cp}
zcem#%g>=v~E2uUcVMI7m5h9tAu4;zmJ2NhHKEL#qMx^?jzjbcFuV)LNzX3$uS;v89
zg!z$xU#=X8HJ-0Y&Vl{*M<1|#)#$**)!eO`bft7@*gg|I3s1%vZh=|>tqpVY04|G<
zbFDFL;IVc6%;7Pwlu!{YuF(4fkL2t8WKj7R{;KVX&2>b@$C)%*Ad8FS^^4M}a{-Uf
zb3K$0kZ@Y{sLcl!eI#aht%bP|Uai5l%ELdI1*KWmoCKgZ?LDN<Ze7DKY##%^tkGv{
zJ8YRBjW_aa4|88KV|E<EEp!_<eIh9V6CPG?3kNoZsuOnl8+j-<iV4n`EM$Tw=+!T5
z^TW^bQ9&4d@9pBb_*^CsWD<8+Vn}y#MDDi;B!;(*L}YB268wOi<HcZR+ZVa<)_qYo
z=O|>j++l%kllx>cSGVD=z=0;SaswgUi&}Fvu6#)viS{r%`BAeA2Ad`bnk~KG6K05$
zRWPaC`fB*GU7$|bqCt7G$fC&D6;)}uALAf=3p~xlxG5`<n8%cz9w|x7<bi@NS1~xB
z^!0&{j&@5U8iGkN2?_YE%B5b*$2wHlU3Phd?stl~=bAU5h{}JYG+(i{9z&luKaaHV
z4wF~XJZe(Y;=1Lg&J)fQ^l6pL#!lyF^TC0+hbG;<1@AtyJCqhOs_Nh(w>I+`43*kZ
zc>j!MqLMyKL_X6@J(D2g9=!Gb_Fp^zpU?!D&iq^2G*4G&o;N(>dmzgl&8aMQx`G_0
z?rd$B9HuNiep`n-Jcdm}$_RcTof*xehqJh!TGk)CkSNp21=})gTc3W@oe(vFd?sM2
zd0Uj>abRnnEn**&5G@;EzjlRk(74Rx*fmV&WeA-o!|L%!53BvU?2!l$N-5#c$!2rI
zta|A+<INDvad_<>X0rDh&L?$zrC3@}KU*2C&hWv|$*y2DZ@HQa35U(YzM{A_EoJe?
zrzr=nhQbzQc7@5g0yRSV?J$x!m#cyEP@_xgcCE{yySZqV;nz2*Q%sCI98=YuJA*L^
zon%3uU-b^wx35UMA@DcwLra~|&nM*DGtf7B{F#3yp7DS)DvZhZfwR(8st+Akr7@wE
zcW7>@QRJMlybCR~p08p8f`dq*Ps@OB#GH11+BY3ro^P(pVM=9#fY<Q1&DPpI2M#tl
zC4$FQGpElkg_VEdLwpB{-6w_JD{lFMB@HyKw)|AE|GNF0WK_ky{rw<^>8B!eN*-kM
z5ccNvIm)|<cF7uE@QuZ!zX)lAm2-glqxQtaOqWllq|)^dT&$mrh9lyIo0XetU1onA
z`9$uRauMn-Ty$SW!2%Lu*tMc~i|PtjR?M;=cRm=909Pq}P3{YVHu#N!rlsAIi5nc3
z6)YJyFO8HH8W(=?)rfVoDl<o_v%F0&9nJR}gD|+LN|Z`x7%n~Ln!dP;k3zHFFEJiW
zyqp~#eGI}>T#g*~fbXLa>;7M<3?;=qXzU3%wmE)MaJ}o_Z4Osn@Q%yoY#wB*@nBls
zP;otp^+yzq?Nk_J`DC4OVKRVMK)M(yl%dCL8^>O%VdOkED!sSAvJXg;4KywA)D78y
z7aLzJvTQKvx)P-xyKYdX3Hz|}wiqy*@32Cla&08aSSFi)d_U}?_4QE9aZOmKvTo=Y
zuggKypY|THq=3kA#27v%>K3UUl8Kv=x<CH|;n-_~rw^?7pH95eI>GcA&xSP65N6Qj
z!s5bKKD+ha^synB7RJP72@i;Nbge7XD}IuiH!BA^?>;qyP@fg4O*u&0Z~dM?GE*Ic
z=4pft`=$vP!Tl>`+am)K{EIA-o^y4_ZIOH?GXz)&qb0+r;=oW)YQcCEt)Cl<{pPi?
zG3Zm&PUR9`6d7OQ+jOYtf3%Yhr34(|QEcU?hkmQApVRwmx37HvD?|Rzh(+x<KGTrM
z8s&;CwXC(HQd>tE%Em;pGR3kWBigl?I`@%=bRe>Vk+P8bF*CI()Tn5C1mU|xVJHeW
z2x`=t{Gy|Htdhi^=AZYXGFgWOFJMvS*)SZ{6aT>IE(ggix8<NHOu9@a;|ct<dx}a8
zkY%p0?R5+wI~=i7{%qvSa}WixwvCGBLBXL=6p~IFsBJ-_&^tggBB)8)-;|Wlvho95
zrloDUwgvlH+@^7^J!(&@wK)pDQOmS(SrS0Vl{Up)8yCJij4(sc9|Xzk7k;j^K})S@
zjER^uZ|Lj92e;}H-t!l+iW)5y+SF<Q#xi`K*<ki^X^P}$^R>s`sY=pG6jRNUyfe-~
z1UZS{cqk$Dz{O|t*Y$l?;pvJ4^}{G46E~;A;TEwcAwoq}oJgZ!{_oZ?6>GK>HU;eh
zrF>pad@s<`3Bnf*Kd5nNiZQx5fM=I<-N}(DZB&)=V0+%+m%qwVe8xavtU0(#T}Q#>
zu!~=S1zP1v<<a!Sx|!7(R1foV#0Gaa`Mh7X*Pv43_%b#|z#IlqxH7JxX3H1*wANdu
zYPj|5BXV}juYX+^cj&Wf-po#I(s8t$ZGxWg3ntWJhT~>=QtNh|uWV1RHfXzNfl~-Q
zb73A-n&saOflG}oveY=fB}aEHJK~UIM!crXn7B6w-|z*O^$gy7BldOr00Ou{3gdGR
zF_Uy-J#q^`e8`oPH*2wvd(hVt?_||dQ)%vu8s?RYzc<zpj4os8@hN}aqTgN>rJjHj
z(Ju;$q9=10U2rw1PB1Q=D^0;4U^rRkrAv%=ikbOZs+Zv>Lgw{$Xu4<Ty*nABtPfT4
zqXI$O61ByMU)tHSQt^GOJ}`^MAe@EYt={y1U#|^y9`;%fX+ry&l5(Jg$MD8=tcc;1
z+W7Wv@W}jHy7OGI3G&BHa@MV;nst3dR;4<+&alU)$f(RUE<eaXfX6)3O*gD+Rv?a{
z#2`;C*XvDOPwhRcyuhyfB6-7R^hj>dcp;}jzRQ5@z@f`jhE9_M8Endc!$|o3%J>P(
z>jOLcclQj*@hc*;z;q5eK4>gPFpAq>P9eXh?znT?a;jh3Cw3UOP?{~H2xNv|*!uGC
zuD1o6M$BcxyBd{>%yiWyexI9bQJ6l6bZ5SdYykT7Fm@mvnq~cT@jLNjf4IiE8fB_P
zcCWN@jBOcb+q{gcqKe+lfKWJYuYRp3;V__46F$r<$SP{t@}g3m_XDiVU>rO7;q;gw
zzQp);&a>2tRm;zSKHI<}vZFySQ8~!{+Jv<d5K3)!PWj|0ew9m<s9W#t|A_ms^&ftg
z64IDT?Wivu2)%c5h@FKgM^~^Pu-87I4U0-9%=COs=inly!yNm9dHrIn+AO04Vg8LO
z(~dp(gR=2lm!zrO4{<?z??1Gs6&PpvS3lrQjukX4H%ANbrWG9-?B++Zm75gh=&bBP
z28=fKnp|{49F;kcXk^yhYsS7-n#OA>u<O^|@cL46HP*^>k?uia;yuF=F%4Gc-F?~1
z-zJYtjUU+0<U4MAG2fNBzCW#q*!^bTI%^9|V(aQ7xInI%bnT~qBYcJKdz9G_DvqD`
zk5!wH9yr#)ozhNkeEzpC;Aomk&uPZnCkNO9whkN*`!sN8r@*tk9sYS|Z`s%;JX9^h
z@BQ|WK$bGtc5K+9IAP0h&H1Fr9^QSm{Ke*bf%Zs4QN3o>_coH<u>~e|IB{N$SW(Mn
z%}V~_xWI0h`tf%cmY~rhPV;h?^t@VvWI4xN5d?AAw_#j1mGOkb0n@lOXv8X;=#ETD
zO48!7BokD(b8*nH8mufY*=0LQG_NMzQ(|qK>AiJnYsYpU!5iypS-R>l(<jsLa7xf_
zj}0+&{nsr}G=x)`Z4z_<!zIS(3@oqO4PLi2-&OvkPKW{F-RLK~_k*hUz9ILs-cbia
z{^M2|sOPumN35wvu}du;&soUA+%fu1CIg-$a{<7G&GQ2XQ5-Ygx_GHs4kPrDX3}f+
zmDc8B-%^tw#hSkfj*3KsT^HUD#zJ}|bbdi@dT^CbB|k^3;8=sp@%IguCS(DpIW`Fp
z<$CC9nsRNb#<DF>IB{#rZePr8{biL#kH}`P=5Gz99j~6FV9V@i%Wj7hx++hYsd<N<
zM{q#|L;D>Twku)3NXrNkz2SCqg<BXp;I!|5ro5=J!5vLAgisrJJWE5AJYbZpbKT-O
zCXIr|gKM0&Ylhk)m{P7uyQo;%M!Kw|7~K=UQ(+ie`3&ROZ78hQY_n@KrY?Wrvul(4
zLBV9Bi@*D7P?ah=-_$^8x>EgE#4w$)z%tV@RUnhW1?O&%4Kwbm(@J?@Rx`Psnn-84
zLx@68#3X%nD#eB%`Pa&ZMVR8B001dZ@*`OnhyZ_vZwDK(_se6p6xU{tHcF{&NF)GI
zJcU1v4w?P0#D<C+xDCz0l*x_Yl+gg^<#&@<A@i>_!Ak@dV1MAj@(?b)Wm?YJ4q8s-
zI{}gJ=2mob%~!6ptFu9?TJ_t1@A`;2{J9Q5FS}P?OCZ)muh5N3K$Mf$pDPbMPOB9>
z^w@EGN_NposkN)KPmgMgvPfLNS@snq=O<Ov;7apY{++UA|3Lac?h-(AvXg1?QI`TN
zz>Wyrg5PYu!`$x?eLgA0?>&~`^ZtIFiCt<rMC2ol=K+iZdJFuj=HJeF>MP(9eA;)%
zdFa)v3>{Jl5(RPGZj{89X}nX{zLs7o4PM&dwN2;Qn9lN?o-%Zazo*yokb&!i;;u>;
zKf_A8fKij%dp;KRx`G#tPui<W1>@YUa!a7K`9b4FS6`F|Dib>cb%$Zfk!v5h`2Ell
zW!^n=0D3q#?s#|d+t=dkE*=ZDe)5K@c8A$L$L%yzv6yBS*8TAXMJ#v9O|vtyhW`%R
zRK}OTSsi8vviO!okhL@jy0Q2SyqHDk3);>d^G?Xi-AbgQKg}G{MdmGT4f$y$FS1^g
zdhx;q<2_6(eX2j$Cy$)OdzchzMhMu;D(cs{)_wpmz^QX&pR)MPm(9ttVkKie_Z-7K
zdG@v)z_p3A%oR8OGiIcOl(wQ?z_9Y&F|<A-cA5<JUL^;$&KRdb1Ln*kLGA=x%17{S
zB<cW<8Eu{#NiB+#1en!<S&|<Pu4gKtSy?n-r3QK4D-YZ;W3CfflGWPhB>(Nkr4eWv
zVCVOYn_}4!@P|urh2`yi@2sl%&?Cz~b)?I$U*SSe*I2GOQUkXUUxrJecAR=`xo(kr
z*l=mFk(&_$a+@w{@05c2zeUFN6_DsYRi><~JE38lul<RGn){bCamdKu{|<x1(f1V@
zxmcBYVWuRLspvswHBE2CzpX>|A^7#+<iAZn@-G_e_+hjeUc|gx*7tC)FkR&Fxh~|J
z;CqSX?`hhl8Gl#(gUU5at$(vKOBSN0@dGEpamQaCtuI*C<2a68?pv`&yaRInMqV@3
zoH1d%e+|aIXjAl9y>G>IZXtT@L6>pJan(bW;H5uXrV8q2qC$U@S=lWSp8QOwZY<$9
zn|c%4Z!U7sQHQ8c%{#{kK3YxIRsL(vxFX!?!s(26S|?A}*-#IEzu}Y)4Vp%%o7x3d
zt_eG(dj?JO=jy9-PkCPIQLAqDEa5Y+Z$0JtbM>_{b^0N)N|RyylKah5S05ApTs_74
z$1vTCSbLYho_=ol&rd!zf5}aQ$0aa;N>Kg(<>@hi?^#q-M^eS?+^HuqfWNj9@fvrU
z)t-u=-<(o9b@wgq^q<QQ&*U&w+@<E@3>TV&eH6f6PU{thiswarZBWloO`IC0qk9b$
z`176AgVg*!NZ_;*GFl`>{;tHkOY8u*JvlTR_B?P|p_xJ+ij)px8;|KLDfev^372Ac
zB}*Nz4MrqFkeU^!hPTVB?b#?R=-uX*^=YhZS8I-f7UEvpWl=jizdzu0*4ck#)i|Y;
zqi|W)$%w$x!r--ULy)`8pKq~dxx7NI5i%b?rPrR9Bs|e@?bM<EI$HVLvE1R#st#sJ
zDTG#-V#!PUiW`3j=bO4rOT{t(J7ikw!ygUN{-a9;_nT8v*P5Q>o^GxE>I36+OP+k2
z8hQGqqDU-2w_cSjrxs>>mUgyeWP~ml@mol`HB@c>sajnfvvp#7=HrE)SXrGBqmXkg
zr#-RVEeGDcFz27basobuM&C@PdK;Y^5VnKM_G%4<A0nT{XT96LC?;B1FMA5NV1uR+
zN6)p_$lP|G<+G{;9a>z@^Lhmg+s8(I`|8kQ9TKdzc+_><%IpMwEXA12+FXatJLb45
z>(vi{2vV`n$J|QmPkC~JN_V0RNDyWfwa1PuD9{tB`)h-646*)?YfUR|gykDvXBLUi
z%Sw1yCA=bY41P=Z6g|^FiuSDygP2Oat2y2AW&CaP60G^OmuF9jJyB$C*@0I$bSI+=
zotGD)<oaY(wxP=2PWMPot-<JLU;41odG{N+?K$r3dyu=6aBM?gjFARAvgWx3*D2Xo
zmAE%j1<GNfKj2t4rU%CUdt4k>2~&UtIaL(>0~DVx7{#jb<z-9I#$5Zsa@akc98}rh
z;Nx=l<M(Fmal)RNS@BK5YASbw(<k3Au8g&O-W%IdyP0!i#+^U&OL@>>MZF0&(K{|8
zVm0(b|ASzYo58;i^&0b!QD?T)T_X2+37vdhnE(yn2^qX6^+;v#6SJqYQrjbI2R%$E
zMP@BVeqQ&5=1gA0GbrIIOyP`yG2LrM^SfYwfAacbWjyUeI7{~)ACe#?S%)^GC&#XX
z?wHHFoN-Q%ptoY&p5|@L4Jqpzj(gO2`{GR22kNYm3+m}4K83rz!jLV@_>63XGxT`U
z@jX%Y{w|G{%%wjs-uJM79D}YS;rs3m0dE#MH)oqbzGF`6F=gbG7UkA5JDi%Z4i<Iw
z#yt7G)n#sX<zI^oZ-d2lpA#*!p*^j12V<u*LX>oPR0gL7dk30hqT7_9n6(xjoUlIK
z`O7mPl?M)IqOOIC#%xaWGG5FPeQ^~*8vaX=n=V&x#bV4lk{$J?1T22mTqm?_i2Uiw
zuKw|lC!6{LI5(I!m!oipvSKiNwLVQM324g+_b1OOKhuAdIeWu>cBUzj!UzHe7A%MR
zPTFMUULAK<4e&j+o-sH=m-!YogJ<6Y*g0#B;Fn*a)X=c5i+HZjH+`65z;Esd>Y3b*
zUIgjLem1e(<>)F?wN9B4Qo_=<mzplp5$ZO$|Jn_$wiXXbF6z^v6ap8;cmcmg@j%LZ
znXj+Ex4zx!iyp81bbsyV{puOFxrNnxo(i{v#-+<U?XoL&GnE4)^O0MeEcb7H61sAQ
z89iHLQG9Km-5=c_Gv>F)vRXcJ^Gmv-&(XU&F4H~cu8WzUXB*(ROc~$w&bZ&P(0Qt9
z@O72cG&uI#z4_%Zg=S+DQ|R3EUsHP7Wjlw3O@~=^ouu#9d3aD_rCfD&3kpHC!D2(t
zXRwXKVrwrFsk)&te#Ya34F4>#B|c^ufT9zphtuBOYhk)&hZ5<kV?m_zU2PfIR9RWc
zMLqSC^uvMYfv^mYtj?mww%>MqDop8S4%0zX)W-GkFexlYtuuFPC;hODjIh|_?D)Rc
zP7r2Xo8+NYF2ZG-C9C?$W$bz4^G@kT<h#ti6zN<jXnnRw*&8A|`OV*?$7NdWfPL4z
zXWWNkT1xceAlppWkuG{ZZnN5)NJ~dG+fq_hKRI=kH-oW8Ev?;|k-xqFK~31U1)^VK
zn#$&pIBID6`GkR^uJ&;X{VH;^_e|}0RQ>y#R+`PRQ}s+&V$Fn36)ei4mFL>9Y+n!S
z17@gwcG`;qyCH5fbeF5j!|kSVd5mM7TLO^c9OkhW)Z(Na3K)2mI++&(O*kInhE&Zw
z|NS3OPR$EkRU!=DSZ+_t<kH&Tami!)*}n>5=95!7xQH?DgofTTaY70>1a~rKUDqti
zWm;xJh{RvY^!WZuS3f;c`?Nw6JzPLjZv1XV&o8PZ=*5*m)Ebc86nMdti<%#a9_ius
zxxGM^7avI5tI$j;-ub${mBPY)wG)qCrR!ma0TPqW$B%a%)O6XhT`&uHsx~JrExjE1
zY+3@B#F^=dITj;!QH0G7$O@%nr(beWrzS&zna5%*GvcD*@akwDz`_F6FXG8}M%^JD
zGOcFP(5b4ARu`PBBEq#<(_A07Tv8ihJnxzyxym~YdD`hRj~Hl`HVU<2ypej>G>IVn
z{E%En=)DkzdlUIW^%Iw1GV^b#e3!f%ip$IcB`}J4X11yMtk0Ci?}#MndqK}6IX$D|
zBd#(|Hpb9}{&RDx)=TIn;h_J=-dl%7*>-QEAR+?7pdbxHDX5fmr$~c<(kU$|9S$MV
z-Q6WBB}jL74bt61$52DeccahqzR&Z#@9*3D*vCG;{m=GKj&bI`*1fKEt#zK~T9<Qh
zWXEl`HzWQ|g>M<J9)D)Ka9USw9|SBbVI3UzbL`ZU+0010a)05aygBIZ2H{QCp<|Wl
zP6Umw=ZXW1MhQXY*-$7~=h~Ty4+dAk)xOu-u16be*8{uzk;R34ZdXJ6OC|*TWjT(A
zkSYG?^THvelas(Zg{DM?WTtQ@JCEU^eS_%uom#OIMMFmv_4eEmjPLwfQpx-SGuVs2
z4!r8(+oz#&_;1mHO8=|w@;nv=htojZo_w&ja82JOgi5bpyk#hS3WlaJo9TR(Y0^6X
zeEyPJUkj0O5E_$8*p;(4o*e%6@OySvk^DPApyGq6VtHdN6lM{F98k&+%{xxS9Lx?b
zG0wD;DJgSV@4+>`=wq>U)49vQF4_1<F^#(}ej6hn#7TDUOiH*TfBj6?DmyOpR#t6z
z2=?8QZ+JB~>DwzkAZZHEeg(zQ2RS(0{RF!C30uLGBq0Y&{trgaj!;5Vv&AnQ@7K#(
z5pbo!-s+E$<Ch1L*pT`*8~K06lhq3h)UH|>;%BKM*+hhIP(GM=`jYS+2M#Xr{htAe
zcXgEW?pOp=;GqOjL2S7<0NwT-uV1Mc!)@R<hHNv{T&TF4auk!P-|O&k7s7t#8L!wE
zPT5x~MFfg{&xjOq8Mh>xvsZUP8`d)Vfr^?(_MGp9uPuad(}9GPkFh7YmMKf&Vt;^|
z;(VI#wPY&Y*Vqs~-Y+=g4_nxL)M~lJb+>s_cGU}Um2@u9$MWl$lE!u(P_TW@hh-8E
z<^Cm8J^dI)XFw8mlRcp{`Py0|UO{UOpDivXEu)E5uWREaV>pqs=?>y^%RfP(@XgdJ
z;T7E&dEa(-7$qW=KMZd-^Yb*X%=Ig|pKxy>Qt`_+`AqO9mpcgUd(?#HlO@wbX)a57
zwcSAI8790Xaz6*O+folHtBRzf%ND=+Nt7yF1qCn_<Lm!9WBubl{`zziH5J550^pDT
zwC%6IqTr(bnfCp^p2Gh>O0xeCJ@Q8@n2*}m6TF(p|GNdr|5vNgw8GB4J}>Dnt@SIm
z7S}3_fA1fY_9{$)>Uccc%BjIbott3lUA+~OCYL@Y8|y!ctyi^7H)8-I9&<oH`ys3#
zaNH;2nH&^YS7sGg!RD{UuPWxA%U@*wXE`=yl_?oc`MlrU>}$?F-w_7}cy{EE&zbV?
zJURaBkDShXvRnQ2!<_m5{lj=LpE3!=0?>l_+XK;o8tQiiC<RU_bk7HM5BtTU;mFe7
z3r3I-o^aNU&zCTc><?45P7ymP<Zq_T0{P;ve^@AgX6%5-P0LvxEELGa7@i{!ksvx{
z|3+#i_1@#oV&DJp@k%*xlpk^2r!sj+buTTBMfRjI#ph_}R!*q@#jkH~D#T-69{sbj
zxp`{GMmV*3iGj3dg>Ug1TRuA8z&wtc0{9bAMw93{8j1i`3fxQO0HBrEi6j3kFcAxu
zvy2cbt25*Kmeab^u}a%Ahc@2ZcSbO%Fjhe*`wX@tXbSD(PZQD%8HeD_{5-p{IjK)D
z6!T19L2-BWV#`0<lz`cj%R=Vk8n}5sB~HBCPN}C?Yh%Z!FzNat4oiNJ5LnU#D1!ZV
zlZ3V#tk2+*t@NE6p4><yb)?|cv~*N#ep<ek(TQlfb)3*Q(yoflLWHhoD-y?GJX#Uk
zh#RPWc^N!Wyd=G&DQ%xpDmTN)4ZU+g9vvF#d3HeJ*pbO=cv;s;XTwo1m-2AAe}E;v
z<Ms#3$h7x##?X;~>%MzqfHV^rkD@LPn6#m4ZKg_eI0oO3B5^xyV<>gR|HrW3snz!T
zri)DRT491wYbpqe-K%R9l<-^hf(x$&az4U%J8sE<`Pyu<1u3`=D8MgZKCA~_L1*55
zG;Bb67rarxt{k3|Pk(y+a8O@92b4w+RPGLqaD#dI*0?fDj#sRCDXclBr5A?s&NAS!
zdnVIId^)6}V1?#y{nps;{`(4ZKv(gPjZ<c-o`zk@Yb}33`ubc%p9InGroGE$@!@#9
zpPE#1Y9#aa-qp0t_OmCo=V1>E%)$GSpH34%st1rqC%Y-^fx%p6h!T&@FR3#rl2H#j
z?Y?Gxm6wrOGgXj9a*UOe&9xFe%CooVnn>qCqBl7EIgf@+7F<B9tgPe`q29?-<8|id
zmRN!uHU3xYj4MPlwe}KIK%Dnw_`N=A!Qea;Ip$aTd1>6+jqSTpdAl(}-zu&=Fy<az
z;dF=9o@Zq^0SHWl&mjhi3jq%dHGhfvq1@ne!WRg<$hJqgaSfo+(VPO*z}j|vm1tc9
z!k8W>W#Sm4cN3?I36VUUO~v)`^Uw06vIa-XqsgLm&4+u6cM?7+8CGRJTB;l#GT==$
zOKD`^S;#NV`<a*f2o!pFbQnrf36pZ$%&IVQvuz3TkyK?OmmS}?JM0Ld4OH2XsiS8~
z#Rrd%Rn|L?X1&4aeqn7|#aWynoYJ?w!|&vT=pK#XeaSZ%@(CU-1;$bWj-w3|7@GOH
zO>NiXTj;P36+afF(W#6I@FrDXmhQM-J?3SGFnqq*#48z>s3?@^3T{mWE>h@F`w;X9
zp*j)G<qu0#QCw@CR#6IaNGT_+PwHHdS9JxM#jL|DT&q%=n<D{3)^X15&bnvJnz5zs
zFA2`IYBb%1yDHunPC<?6uCh@)vUp%68{EvtD;;mNF|ZDj=nEAeS+LGN_{h(KrS|(7
zTX*NN4cahD$s&Y4f1cP@49o-#T-u`4)4zQ$Y%uWX3U<V(it~CWAE>v9KKf$xfKe8d
z7IH9Bg8W~z3U;caz{FdyoD!sI%+m*@2oRzP^SS*VlS?K)FNDfB2_K}_u{wG_Z4~p!
zvgsRI<?kkhj#P${S#MtGlbiyxuOe4Kuy>MCvlGJZJjtX(@t5Blp5MnFFP7n_oB2Sk
z2&U5#MZD^|*@J-HPUhJx>zg`I(YN!3Nl)hVo#k$<N$%3yI%P&mlYo!GiQkF?24zwE
zx@gR}dSf@Yp#3uvg}@E=+}x7ISt+WTui@Tgrv^VSg;w?=RxhBZ*2#P@U#}tS?_(a7
z5v#SnJR*vSrekg5+^N&d!O!xNBO_zsr1*yS@*v#6P@pI2Bkp`dr_BH~3xuc`p&T8P
zGOv%$TfSKWyFS@|?w4kGIJXj9IkX9>UDY4IOl|YkU-bT`KZ_um=3J@EC(h%l&1$as
zSu|e^CPbUKuC-Um)2pbMlrQ8ZcW4j`aT-G`9k^LM0x&FK;=p@vX!e+EF7A^SPK;yo
z!DTHF*hNd_ee%2`8JE7);iqUW+<OaJ`u^uLE68*uvGh7%!hm04Od9N@$Fkzi>>`Ye
zoqcXmqk@P)O6nAaW}a%W?rk2_Uzg*5%61Y@mjZi{#|Wb|Wj9HKcpicZ^xeWrfx`^?
zIohPU0W_z?PKX5o-#!lEGfz5yrQDN+C%nkC_Z&?3{!}|B*T&uWTw!YJbO-8u&1LYZ
zx1QfLK{EBV0vPvE(NxE2??jck5=f;Iz1>vTA>sImu<5&ZhaoZISTM9o;Wc`*5Sf*e
zPB<asjV3;GItRqhHc6GSFuU(#FbLib(}1RqU@XZ@@42}YHxAhwScMq)>I|dpWqFiC
zUtBwjSN^w0ry9Yy4ouc&*A@S&IP+=9<mQ{%NBrI9uYO$534=a4zOtUb4o>VeftF1$
ziU7_v6^Z>>M)k)cK`rJ|T$vw)dor;QrU`2`J-}yYFBT?L6?1hl$#U`gF$@>Fn`cnG
zBU98VDs!EMp=*y~aB4k4^WP4^2smns7{D2m@-aiYFnN*s{r!^h;44LS^-pLc{)3*z
zWhkZm#U)4Ul7M`$$@*gzZFH)Ne^G=``6P0<POo9G%2|&b6O$Dnn$1gavbh+8bEHu<
zHnT;ywN9$(w265~8fHt{Y2t)ZG#A7Jrai=6bV>+z$0!13flYw28<0w0pK?`(1_^m?
zp|FaDkMgQ*04q*$Ah(Sea*IA68XR@2T4dNh<WFFT?<qw6NYCKD1bKvzWn-HOstI?B
zolz&o(!jIr#{p01Hzx4cTu){>KAZ%nt?LnZAogYBN<wH3;ob=xpMda=t+#8Zk}Rw-
zf615obv5my!It&JXR>@ybv%?vjuKA_Dad(3`do1Jb(kz5w|#+XEg4?>fzQDCe7Z06
zs?6~1TV(}I7OR!lSQ;)T9`P)SC|<#at2y+%;mK6%ZqyJdUiv-^FE-Vu2{}O|?(K5A
z5gr3Q!Ub;E$170($qU#Qtd&El3u4zlvs;I7xHrdfWs31KN?F1Bb``bQ&#TIN1?!XY
zc*25)6UkPIp_Y+ylMYkw_7~%TX1r*#sV}Be=O(`sE?4C>f2Hkv=kJw-5fj+_POUFz
zf%%1kKlD+~x%sRwj1ke$(B)~6eY&mp<<Xa*rLlH=`!JRbSzWnxW^`@h+TM8+g-4{)
z-i#$Ikg7;ZdKLipE+N^X7wie$fu|Vmkzl*9sy<8DP^Mm=S>rimS@uFt(s^fjHI5Gq
z;Xw!5Za9JGH#l{iI`#@g>*M2soL#D|T0u_AjJS?wNeb3~q&LHg09MG3g963Q{I>jU
zDGOx%HJs8v{0=4rzwd~rWEpKQ2sKJhbkKUDC^-+bJ~pI!x#Cdqa1eRK=YF)vX}A%7
z=xwMx@E++l&y&Umk&|OV*!)mj2&ld|-)!m^d~A$7sivi~kM_J&v`QP0XK&VfkdPPk
zX20KBX3WF-y<ss7d#xkE<OkI`QF^1(BNjWLYf$(tm)_diB7H9?zoex05>vyUsBQQo
z*U5K+2c947q2a}g^FfL7!l;X4x*`nJy-V*cJ}J=jfbsQ;9uJYCpsb*Mr5D82Kv1PM
zA?uqQ(y+-(7xq`}r%gL;JqI~Yhn26LZxg)#rpnr#E2cZPc7Nr~Jf~PbX~js_^>JT)
zo#*Zfv5ILM5A;WfOYR5`4<>~k4Ukt$-GE-Rw2-rHB5Ax=40)!~PTe1z{eEB=R7oO4
zG!JE4VD`+>a;doRt<U$tZBePx6$d6kF~n1#x0pn78}4Vm?s=dO%g%jHlleW!qjw?M
zd)f;3jZv%DalwOGNb>aMys!y5qBqI>rbq|7dMWyK$~4*QC2j}new4+|0PQK?W}Z`?
zN+G^jJ&7@sT{o}uPMu4Z>rgoCrJ)?nm7qAeaKuhzqYnLtlE%yPD6&Ygupr8>KrZ+!
z7Zp2fJ%T1x{+i=3ey{I`KxNgd1USV`c!5519tsMj*N<pQkbOs#0$%#MwJp8Nb@?OS
z^(RRFTR{S<&xnuqNRY*hNafOz632s%g4T8GA&cNEZO7$jaW1*&hoHPLmis`#l5+zD
zgvo&EbU!#~se6kwj9^Ulioh@l&|!JdC~C@Ihp@h@ngHdez82tse!S<&@J)1KF)?0<
zln(x6;ZdRU70GS$BhQFENgW16=`KW_%uu~QmwwGSKFP0WbW{+E@zYb{k<C5}<9MLJ
z<?G!wj33n!o_5G4=segi97^6Ys<FtE>N8;b4mEL;{gl-i^@&D0rbkwy2($_G;ZkIJ
zyxM;~s!^Na1K?9EHhGg?5i<M!#&UGIbk%Z8di&V2#p!2y?w?xvri5N5$bRP>HqEXf
zLqX9e8&hx-unbmY6Ftm3lWR}yt74DsX{62AF#PfHIWkS-I`ee_$M+hukDfkzT-3Ve
z-j_ZF%d(#U^343^$RNuB6%8F2OiOg{Jk-0EKDv8UyPF~;aJ@D9`7}1oN}BZO8O9eU
zkuy3?m*DbCD+ouPLO<y6vXQ#SSv{gM%5P}fu#|!C`9<b2hHZ^GqG@*T^M3K?m2|a(
zRXyE-YWRzzexeq}clJlfi6ddn$i^!0{ZF2-_6XNp<n^=bW#+^L`xM;xCS=~=sSA~j
zZR7hY<uiTfb6IRJPYKECI0Ag+$8_m}%Qjnk>9L;11)>ORTojb;_9^LbNw*G~0D7r8
zg7gB$bpZpy=W&kSSs_2MIxgK!U>6z6=5#+p?Uv8hs`HXr<ZJ@eG^vpKn`aNG0bE7%
zCP@TZVW$}Gp)*e69O&*K`VR@AOk#P#`Jhv4%3$NEosb->MvjlTS5i|)y)=wIEc<BU
z9uMUCNdwlMW55Z19%m6-S_itGZiZc0N7m}o3_I8Qt8+M~a^N$UCQ~ltv+BFu!o_jD
zjWa3^<&uUoYxdlB)q1#R8n4&#j_7gspObcT^*OH{Hm)Rlc(Aq>_q)ww9K9GeIeVj^
zS7s6t><e;=_Y}Gi+7HI|H5WZLRA&4YT`lMZDP4mVIexutW8U?GOJE}i0Z|q{&)z^!
zbt>*FlN&iEasAV)+P}=MdYaIeyX_fMgeR-xhd|)epkca+x-huG_#5#aX<7cpk{IFP
zqq20SJ?r{~&1?mkm>du=0~&dKxnuDR=945nQ;3t}ySGnG@7j;1SX6%MO**zaYdZ+{
zzEnvT;*Ge-kGt@PcO1kJ?6Uk?uJHBZUBeCGm8E8q*K2F0>uZFqvu=}W#Qco(!E^fN
z@BGQuDF-5pral_c^7>a3zo`1DX4ZzU{p=<z{OE+}7q?+v?(ydl`{)TU`?`;)TdNZ4
zMZ5z?54qF%S>vFf9C{x|Q%X!N(f;w~+tvlzJtakkJKv$>Ux{}L9f?(sNCC$sKiz<!
z!rVHzuzg(cpfRn*5f8cLRW@|+NDSaU0TIa9kRudhC*SfgFD+gGojpCzv~+9TIIW=c
z)Nc_AX4+$$r7^0pL+k^?`sSH;o_&Y;{77b*;e=4Fq)ZDrhnNSLT66en|MYveTTNg<
za0p8tAEHjI(imM^^B3SS+<sW;<(@&uz0KjgcLzd#YT{9TIMaJsMr_6s*v}!4H)i@#
zuNXyV0M3B%@rj3R>3;L|A^m6JBe6x9nZxe0+an4OW|pGQWAES+mx(-6&bm8DM!lCO
zi$#HgVktT<t?2eN`;YbK{9eD(&H8no4h5A`rOGa%$FK;sA>ER|4G$}+j8Q2}KYewN
z@)WdJEX*w9`LPxHmzY?TEW}F7-=lMydg6u6RlD`H7ITgwF>10c99e$Sgq`&am_G{^
z>Z>d1oP%dJ0iq^ui2D5}-$W(26~HN-)iK1`=U_9Bx<k}~bMMqWW!Sq#af5ha6chr+
ze;2sG^sZk>=EexDwIVp~uE=g&Srjwo`D-hCj^#5Qw)GR)IOjy``!Y8MUugC@65cIm
zhn$(==@_7f@Kv|WnZBz7X9{TNO6P#=s;&b&s^JC1t}Q%~3T}*~;}YMC3!HPeURB*B
zgy{GFU2p!G^VL`*^p6LE%X_zJ&Ldqzd?ytLrL1@LPl8~CnK{7vczJnG@<EpnoF@t%
zOKUep7po17W4NaYD0ySLWVmNl7VvrW4?phYrwkRQ*P621w#_)?&wVln`|1F|$g7Nh
z*NwpVlV6gA%&k0-`*p@CXTtQkon!gsaSbwV(_XMrFRHKl!g-49qo?eAAy|S7qE7e(
z&IqjZLiJkbEf#K+KXDw~bpB_7>!YUt;Py}8<>j9MnhrN)!nOSYDnS-ZBdUHX(%dx|
zSj^4Ks<fG}5QeCaq`yQnN*y3}84*}n+4SDlLg>uQ?|aTregPh_>wkj39ENXD8or#5
z)v0>w9tc`Ui?3_($$XaLBx~cvBuiZ7sN*VpajicYuvc3wn(xmkLDrls0QVc)uheN9
zq9p9A<?0qr5SPdSiQxXDr2dy_g7ZMN#ah<33@<8masqu^iyJPXC5thuI(b^3f+Tn$
z8LfOtd*Qa)rx-_NPsi@%N#8yyk_U{z_3<Bd=D*x32!=-CyJ#v)+lV*o_~yIelBAtA
z9}{2@Yb6D6z*qTMFgYgzjpCbk@V&7P;<)wVWwiS+w37S(C<cMQ{Z_}Q$$_1a*6PUm
zT)+(0JQDo;38z7>bo9XaFiVprl+gO|Qh*e?o#oNuBM`U}{=w-3)&KVS65xvnLjzPD
z0o_(cW+$5pgCoVbmmbtfZn{w{+x670bnEMlnsX!NB~X7fQ{P7fRO>xQ%1)3c7EQg7
zVquC6Z;tKrY39B)b}u|h(Aq=b6av>*3yh@Ey*202(XJCK_%G$*zZMfO3vL6&GH55#
zyXBc`%)PCVFx%{bwPs6(dt4o>QM)XZL<!OPkqJ@K-RsF<aP4il&oIBGINtY7etXKS
zwTGegtrlAVNFFrs3i!(Zz^?xF4(wp9z%B+>RkO?Qh8Ez`DRj|(XuZjcc#V5dy9sP;
zk*@CUYL|no2tl)aP|ov4)zJicoQoA|zntb#BXc63@H@ln@7aPasu;x%&E&qD97gG}
zLtVY)JcU2%Xb<P+X^D*jGk5<3RQhw1(?DK1^=e2rlyFb)!$^8-<tp#W>j*%oE|16c
z)QYr+Wx#~T?B56-<){h~pgU4E)Da{JmSU!A=&q(gNHVe3y9WZYEjVBAXsRk)s~cEx
z^sGisooes@?=~TzF5~F|$}KGxb<%U+jT6}@3VdPI*K<r_&=v(STzU#=aR;heUpM%X
z$Bl{!3Ce!$uP=2kzy4w07G2cOs3%}tR>sg0y8A}>y)<SSO>lWC_UOQO-sl=VA1wSd
zQA#;dcGG?^gG_XI|A5|iKiZPy<NgW17sU#FIL|jS>TF?Ky-l$yT4%U4%#dJxe+($9
zM8hqzaeBWw^5OA`s_!{BJ>5H`ivRW@7lxW1hWCf=t4p}WIEC*|`_-r-O18e_M(PFp
zYv0f2pa~|-8`nsvmj&d2o>T}70@#_Gg<qP`-4E&5Uo-tCCBCn}T><oFzW{hD<lXr9
zn}4!a8)C55Yb`i+{MwCA>}0KIB)ea;TAqoz$j&jfBuUUg)OjOtZo#W^gm<t?{m2BA
z1#HC+@!ZJT52d!y#Jd2;hfL(Vb{=NloIs+~e*>99$g}@y2|(x+(5cFx?R@okvUJe%
zM_s!^@Q{I$6!_ZauGJCy6A|hf#*rxFn<xE8Sh5TGn+;?TB}l@Z_xjc=L|J4C!;AE7
z{EsQ`Mgx&VyiyUY{MHPKo_D2J#k^^Hrp{NFtMeb;5ot*97ZPF!Ah21As%1L;3yJ8?
zTjt23yjg)`j?du&-u#nKXrC|Z0_~re3Ni1?MK%SBe+7CP$b@sWkW|Y|3yZe1k<5wJ
zxJ_IoS85!v!u;uc&`Idof+Z2ZJ{;r!YHcqN5l)jMz_)N;igYFr>`j{rYs~>KcLQ1v
z{RR3L3f?U%(I#o%Ee!o1*7aloZqU)<Ll0$F$OB(GFkBFR3X2DzA3^{oSxxr~&1Yn~
zY;o+>n7ZFuXX9Rmlb%*uS9=t+$~0T!jM(=SH)BD|o7|&WyI8~iAD$LHMTqWO*TRT@
zh}H5$C6z-Rkf@dHLorPBeOqFycix^lA_C;EnOrOHLV&L<nR;YXyPz|YE>s;oX`lrR
zkotRgpzUPP?kHG(32U9;byv*G?c3*)$JB6SfT(;lyK|BAb=4`*<xf@wmkp5}6GDrf
z-<2nRa}fa!HsF8GDkF^<c(b-a{X`Xd-|Kn-qZa~T&y(kVAnk2)qL6d<LqOyA7iLJJ
z_T%}$+y*n2`?p)aU*xF_7&muUki#^GwcQ)m8svg-{u@JrG7EIwS*V}Ee70s>n+4>f
zNw9DHO$$h`ZqBOe%?wc8IT-?=eg6`BvviuJzRm&n(-alg=791_DMv^7@7$ILKTx%j
zmA#<yN~Tc&*ZH%^$gPi6IIo91_vouFeIhvmjjP~fiUq*c^Z|2e@aF~<{F5{}>5xTT
zT=JTCrcW!Q3ktf$eTDANSoa~#9*!H*aPIg7Z17@N%jf5M(zOwK80tw+GBGBcct7ct
zQjes5L2m@+dd!rR<QA}N+mY$3g0N*5>HMX=1dMl8D=T1Oe|74hIO@c>db=K5{IbY;
zmIopg#zp5>hT{=$*N!qJ>N9CI`*(LMe?~ll!MP&~?z^HG9i0Sy<hoc7As3?E>H2bx
z)=ePWfR|FTv=I65$iLET)imY1$MW3qeWRrqMJR3&_yti4Km-kS)K7N|6J*>FCC`@3
z1*kO(86ajqJzkC6_xM5GdzznL3?^M&U**1x1psj0QJ;Z9#nUj&^38>AxDS7R*!J2g
zx8vemv@~`#d8TJeNLvA_$4>pF?tNpDC^)sCp=V1B@t*1|O%!h8*gXmsprm5FgfAZH
zG2It2NVNO7d#B8hpN)zAgPUKNNOxa`BJeT+@{;h_knECq^?ShOJ%PZ#Wnsfb`cmLg
z#>)m!&hf6GIb^e0(GbD}6QB02?bjjeD|0=M8oR!pY@K!wm77bbfCEqcAb%g<SrLb;
zI67S~3K&nvPkXQs*`|?~LgQloppmQl(qma!(OR1`F5PtIF#yzEXx8XUK`{*8x)(q1
zChJ~ISo05y{k?aoD77-Z<arHlxJc7RhI{nY$T;fbI^%&s4-?a04sUTsHVMJJF><$+
zet6q@YYdni)rV6mR7%F?tJWmC!GugfI}kGXs)$`oP!-2FN5A-KU#u_icKSiV_$Q*8
zS30rcUENZwr1)%hpW=7#GEw0VJYzr!dJGH)9A{Hi47x`*U)(fdPNpEMK)6zP(EJh%
zHng?8q&ydvnk2$aiBQbl3VtjLyR2E$mI@7D<pT3Q(WrBEqa@6}7)^?HU21|^F8Y2-
z!N)Xk8>DrjsHORWo&urKaPi@F_{u;owU&0KUem}`{LIr#jWq}Kj_|q)q`fr@uuXT(
z*ORCBwbgDZrBHJmnsfW-_(E<yaL%XeDA%cSU;e^VEWM=y6~;19`#N#j{D9DQL~z|C
zx{pPH{Dr48cA%neLXB{2xK26LKeC%_=Lybd*&AE|fYjI0H)vTCNU+*jkU2iDlAIX@
zgHuH-ty6?Pa7c}eI*Z1Cf=-Jk%#IZ%=YyJ_00zXzTp?9>=3$!*&%7%dM2L>=6{;=>
zOVy<?CvRMY|42zm=|ekM*`rv)PgpJ7#^%rSm0%V!csClA=X_XhW|w5t7|lzsDoI9b
zYRwawSXhjjQg52{ob6iV@#N(X{I7=X$(2_#3DK@JoCX|L1JBa^x=|xf9STRo4An$`
zc)`N&MPibyap&zQ$;rh;P)H2~wgcU{WmY<BLce{}ArhWhuZGN(CaKMTyt^{Jj~ckt
z03z&$m&fofb5SI*`|Y6~G!Ly_s6^+<m`3N_^jUvhI~^WB6$LW-O3Uq8F2@mU)Xdoz
zq5v%*223oyIW?#nnyJA$_sF-4zQ)y0Iq(T51_0sptBx?FYh0W=5}>;IdXezWl8uAq
z)+}yqyvJR@FwuR0k#2JOmI_y3<O=#Y);BsVv^G`>FT^Ixf-He-<!$Xouqe|b+}=tG
zT%_jUY#tPF!KZ2~4C@ASDDvXic6Ri6_oDDiO^7&1=pWoN%zp&tiIBq;Tjcm)Aa1EH
z_R%u^Vd?V3n^#Qw!!np~occ)b7Vi`(R!yuh!t78a?qs+Vx;P>uuQvyz{XN3%6>)|)
z7~tDlswx_Q5aHLU5Qv}FBTae&<5$~R-LptYvbA+qCUr)lBa1Q~$(!95G*n1hO(Y^+
z76S6%mGIFR5~iw$k8`s3#0~y9cJM&E3E_(m$zeeLbWXGe_jV=p3$1yNC}9h-+NsTu
zPKy^BdK~8kly&vEw8f!$&p;{|N?^nNv!5huzEytvF#PTrckdvGq#(}Ls^VgAl6L>|
zahq~O3o5;yf?!E4=1V(;<X#?5*Sw;yLO<R}^HZneF-w?>Joi}ZGozhs+r;V4M(h3v
zm1DXctC-GgC}tOGsrTd6HhF3y-yCtGK0^8xqNff;jgjcAfD}V)UPfv)Si-e3W(4CI
zBs;cirrBBXaeJ(-NO{1{Baj!F{%TIV{f<LNpqvVRLh*qZ&iXZ1dcPerT{zJrH1h9z
zbmp(fmaS@rWov>gFqT>wne2A8jXNvlYnC4u?GS^dR0|y_BMm!CldB@gVYHiW8A?qL
z2!ND8M?eOng`5qN7(rcU%Qp4!9spOJD}v<=MK&n5M8DBN_76jo%f@F)hy;&lmWRH)
zVGn7cQNiz8QzkkvxD7d!=uoiUmM-OxUm(oseVogPb->=3d(wvuz+Ql8AgZcWPImsJ
z$1c<74&bmiDons(n?g!Tu9Q8J5Ml2J!BNx9D`?7704=t@=?(Mox;&I7=ay=@t5m5l
z_5LTD_U&q(=XW}y2niwdwA2sKq&H;28|WNQ%n?VC8{Y?KN@Jbc9_?5j`GTtnIGoAz
zaxJgiG#uZ2Kugmj+7aBs@AmA_wwkb|zL-jL$=>gjThvrPhH_KazO2aCjJU!gsG!;5
z>!T2e=aDMIP_lVfH2r;uW|#*L5f|Q4sue+jS$!FnBWo0m##`@gIXA+siF24q+M2gh
zrLRfXSKe6>FMwk0T@;;$c_>%{e}M-K2G|i1bFkH?I>L#8(08BCnK~SX;XvP-E95`B
zU;d3|y~R)3h-@YJaf&Exs^x7bw1kz_E{Z|(ho4zze?%<0-8$2x>x=u-;j?|dD`tiZ
za<RJiqHYmJ$}6;EIm<G9lRX#7NqyO6665a4gSLa^2N&(X%m?8Se*PoHd+SC>fif~P
zr6_26wv+_G5Ka}hY>`ZEgT6rZ<k{PqQx2dC0}o+70l?9-rWdPFTroo!5uIvP-5jT-
zU`A?3M8B3UYzZ6JFdA05F27q1p5ORUe6Ggh_P*00eU;_XY)@nOr;*>W-qvfi_D6DA
zVBCHd81wtG1SG4T%NGyCW25n|3bo*r5ErF<U2CLd@`Wn&vYEKijkDfcWAu#v!q`=m
z%Uqjr((~Ng_QIN(H!p-|f;JOU*PjkTimG4y2)BL#H!#jq2vS%ZGn4E_TOi!vg<;x~
zq^w$WdeXC(DSivX3DJRk<cOH88T26Acp%g<(N2;$IXOdx`~9AhUrA6O1v@RR>26m}
zp*_^q%hF|}9LIqU&6)u%UA?{(+_=1iZ=mo}EWuVhpuwhOr?Utn&x?1%jbV7KRpsNR
zcZ6qAhyf<aOn0bthh(+CFaFT4wBnDu0W3CvhNOcsJw_n&IxI^+nj}Jl`PfS!sQl#c
zHKlUi(_J?sG+!Q;56?7BlIN}F5Yfw6z<C^EJWs-;^VX`Wh@LYEDXGLatn|jkd_SwS
zJsi<|^0i3j<bGn-y(7jo;TP$JJ^40bn%H+M)Uf$L!Dg}W@8g~RJ1!9rH_2PvyY(oQ
zULD@7{9<}+1$W));G8}`Xd@r`p_IK(y@?VT%Q>B*wGT)hiE|ABwK@d_F^Q+wg>~1K
z5Wg?8f%M~Qg79Dp%)arTmyX#`+U}PfHVf8+QILo70k@?2!igtOBXux$tW2!oTNihx
zJ+@UNiC97M5$BOK59eaCT&c>#?>IMbz8us}rD{kYtOgPRS47E*+Q}5-`uI_wK#z5`
z-QmD|wL@TMwWqf6{Ll4)<eA4uhislPa+1J>5D#ydlCL?S3u~F(##fcg+@^!+!nKz4
z{IgH2`Q*VK&D&poMQAsw=}~7+LAO!qb_>=K)-}!6l_UiYx$(eHtc#tGTVObGxbY*w
z_&>k$DYm$sLvcZG<(zAWmh7A1qE}GvX5FkQC8iC51NRM<2*MZAXggOTq<Bkdpc$G-
zc9rUMrm`~WTJK5EN$(QCjGBtzx6z9BWURDP=#PwishcdxVQ36|>cTLkD!tW5^9Btg
zWWKMx#5Nnwv?cW$ar%e?8#vN8t6o;156i$P)bfn!f~8nJ(ch>U`^|<@9G;C%RVEa*
zR2Wu%R7RD3wYk@xu`KdQ!F1*JV;S$1U?+5yor{t^RfV~E`qS>buWlbe)pc&Rrdw&y
zGUpUv%8>Nry&AyRGE)IjMk}zjEv}#S$+_%rq=$S%jz#xp_d>WI847+;w}rL(srb!~
zPo|d7w#b1!x_jIK*@0P4+x*`8tf0P!c{``i<XFSkYL1ruz)qp}(bXRwWaum`gNy=N
zG59hnHV(x<)aJuCrCdWP{eB+it9fNTw(58b-6t*IcxV%!afP(1I})>c;{->lA>r~}
zMUhs;gfqsaQ;zKQpTlNtX=thC9L(j5qa-XI`L@_7Ux_484BM}x*Z*vpDq<fB4G{Xa
zjZa2+<eWFHdx%nnp{nS%vXyuERp6X5purc;-*g-8yN!<nCPI+y81l+ztv)M73BGa1
zjqtuzc#6b?%16?XXiQ$A#Sa6bWkY9Zs?jpj;W}umw}c|e1vO*LHh4r*F~k(oS8}vP
z7R3SSo*Hu(4H|#S2bznP{)<FUBbynT#4uno@Ut6nOD90bK%|gDPBv5EaGUkj*@mll
zmpjv!mujtk;E5Xvi5(ZRp3>!aUB!rLdQ)Kpq58!TJ5@Sr(Lpg97D)*oH{8o2vN1St
zuX=u4(I$Z)fS-k<MDseTGw%M2;>6Cz<leYB7pf4ouF#9m*)cy=+c{U|4Z$XKZ9$zv
zD<;p81_;Za!VvuL7Dn!0&>>X<<FVe`?@c<ECKhgI<_?&G%DpzOx?bA1)5Y%!Ek~c9
zpI<kPT*Xt|<!+~UI>v-{#T_Qs8B2=Erfr=yQ$RNRq}IlTYR0|UK>_@)hI$W6%xAo9
zWfS&@N~>2;Z9(7C;2a*YjV07$4tZI6G8%WDAi0LpUI7W}3{gnfZ3{t`jCpA&W(@ON
zUW(FuRf=cJne(bY%aZ19LLxJjyMnJKs=eU&r{NE8WMmH#iEhd8M?}jHS`53rTyP|w
zde|2Sr+yYK$NT=c1#R~oY*=r8m)|I9KwralA#E%1^3v5)uh!wfwRg($My8;8BZLZ*
z1M`SmUq;8D4kGp#*(Vq&5C_~-*Lp}nGAtgg@9m>UxUfV0u}~<+NC{FOWqQH+i7;i`
zZW&XJ1wy2lAxEk>Yok~?3vB)*55VsXnn5{_UxX7SSplJ-ADd0FS@T@hbB|_dexW~C
z^|Rv4iiwgL+E)m|LG_LY>ctm{6LW*c4XKkn3^QG+JkTVo?``dCeK+!47*ExtGo50P
zLdFvyv<^MV##hD004MA31{HeH!3CkqFJn8})TF?7v*@j5;!19;ivi@#1Pyvwq|6?9
zJGhg@Fq!!~P*}v($Aav$pUbR`*`CG(Zc<-NIj`pRr^8cyAPT;!sHT)suY|qtm#3vu
z&!e)n6O+qdQ<n%Vl%W6z3|AhA!-2<Te`STq^mOJ!%IU@c7Od8C-k(V$G5pZ3NGG*+
zb!BF6Z)IiGSdWi3QS{4s1@^7oI<FzFo0!@P#SrgkEpv4>Ek0tg&zsGtr)CJhp7cDX
z6dr7wM)tbzp9Z-jmzTS?Dv_ji$HS|hRYc*GOoUOvDW&7!R0v$y`f1|2C{^S2R`}5&
zW%2z&(}Nw)vtxm?y;eLAO0|(UQ2+C1)|m7?7^ee_bA$c+=ZHdQ-@wW}5B8I?Og|*q
z+q0+3m*M<K`-Lr)bs(x&XL3TXSzg3Tkd95wA9!y70u<ZF44&~4WzB%P1^-4f43tC_
zd7$xu!z+q261&D(YS;L{dnS5459tZ)b6HjaOnk`WW^v0<|KjT@B*Wgx4l=4ya^{kL
zFWs{uZSeVrSoS5vGKMR%x5_SFF26u@4#_-!_KbCTH$u2-ba64e-E@~UY}Mm5yyV;B
zS9gnDAzjY{-TGqd%JbD>tMA(^Gl)bu^`7UrjnLh`h4t=>-KUKp<{W@oSt+a&9tS7s
zpD}tYvA93>csZBac&t0;Q#&7W_Tls5QFzyUrKe(^{k84&QhTs}gU+O>>wHqLe;I&W
zRC5RjFUuePMq`+<f!^K})EhPpI4rfG7_tma0~rxQLmZ1HamH9WE7uA~vX7o`(tUEe
zDO*w#g@%NS=2x<BFX<emaB#Z7&9Ydp7ANbFJB?jPCOtA1o!FuDkJ4bqt^57UGBsuh
zTjnFtxvM=7Y22J@wDkk_%A@aN33_SO`+(@8bR}Hx`|g||x2KYD#g$$FGfsXg+u2p0
z|1YAWvG=Cg*VOAq0R21dmjY)b-*jG3qzf4d)G^MuQa7Ocyu-x?Mjjpy2u!%09vn-y
z;E+mz+cxCElzIvDNi;P_Z(AbRI~y*x40Pwj7awC!k%?iYYY)LRo=IDHYTQn~MNkJ2
zTSDae>J~_Q=C*%gR0%3j46VI7fcWtmQuxD@tw*~%pRsk#1K$7e)Dm`KySBIGimdfG
zU93AgMPna2^_EaWh}5#r%*7g{J+P@xZ`oeoIu-77w>1=;K5b@<7y7n{RG@sTPGamL
z+)`4dUn|B4vr(rsR~PJ3szzh^C)CKx35f{fbA2`q%)-T7`T+<VhJtRG?MPt8cUwO)
zwVpYIxqx%m2N+qmX^7YkVRyzMIelygI(&hkdZ~sev2HJFJfxiA=Q`-c^m8l@tw*e*
zsSw|fN_0GV>O9@P{%pe*#62c!nuh0c*%Y)qBhv;G9|p3>zax<=u+}KONsF=+y+M1M
z$uyyfvo=8WjW=}zi#f<4^p~2mJ8O&PicMYBt`dn<q5dIA>nj#yQ!sM&dT*Wt6e%P%
z6fbm-a~t^qDG0?pSWLed>|f6x=STEAdtyRu<}W;^)@S<CJ<G3mA&ZPxtQO;mE`0Z4
zKH@-I!qUG*#(<mtYydGo9>KU<2+Z8TIZ782vBKtscmY=&|CLGojW7P$OAm~MsE`6{
ztNtC3{#D`w-*j_bwK_l>3=qP6dVz8Me_>94<05}1*8%Y6N#LtAZZL~~%kzJGr(crp
z+#j7Q|L&#u3$^=y{DJ=5E;nr$IiQ<sx&IDfQ$t<>N8io$=HIACFieBt&BlMH-T+gN
zd~qi76;$>9I}-!6gfNX@#6SF-j{qw7e-JkR|HuBjL4L+U{}`yie8Z*j2tq!SvC=pg
zl~=-yudK6MUMl8<k%RFF)zuPq=gr}5Mb}K{uJ7D9tq6IaGtQ)6&wh8VOqe@97k=3|
zQNbjPrlVMCz0>A7)Oh88LN2XJInMswS=`2E&(>O;Q1ZvSCuve9Thilw(;QV>8&wJo
zGxH6@S-GDb@Ye)0*_~mmMjselEmo?EsC72?@!y=_5oQ6=<)8gP=aN++DxH%s@!mLb
zKc{={N@hQUr&s2L`e{2)H^*}cQ-LR)=(1L779$@1>>h8xa;F>Wzqss%yV*UM9U&A!
z;wRzC{b-M?aQ;!9tE}~#7xQM+T?=sBbcSuYU#-H}y(2M3M)4(|)3SK0<=Uc>14jG@
zC?rEpvG+6G=eqLyBLW4*`LNg-cBmO|Zdv)$WdW&zs0%9AKPBJ8-7s<Jf|sb^R(bfQ
z@w=b0Q!AmjYC|Z8Q`XSSQ|F&=SI5C^_B3_;oHmIlo&q%%f-7J2rOJUD<1<SNpij}L
z_2o=bJJ7oeboN$iR*;LG<k)xK&#Dq-g6xOlhHf&$ovES>S4>qV#npf5)BkJq_}zAt
znk+PmL)`tN>54zmx*?*Xd-_KZ$$Y8cxlhGWvO~b8%>27a0k$uZyhIT>p!zL$=RG!o
zFOk5-i9hR<Ha-tUF4y?o86z^q`vL(^{UA50nawu0MX7waXAA8odJQa}@L9P9d&nF#
zv%<dw??wUnKW#jq3x$spVm4{l#bZr=n=cG){!4r==<?nN{zk)T(M6o3lkEp%lMhH(
zVLs+KYsV#_moImcK84*S<t;MAm_qe_Dhrm&=52Fi#}QEC);Gd)K7CQh3{Xi#uWLsz
zCMjFQVgUS1Qy#oYZjuar)yUN7_!jYso-@o`0qAIxO9syKzeLtQYy)HzS`Yf<uL3`O
z)g5`94>Ubny}WpGcjxjB^`IkGc%JJgH(-FV4zW<VM!cB^pgF$8RigHB!{U}?IE9#v
zzua&VwVbpIFcxlQ4D<o?2dbYv)_q(4c$RmSzLbJ)<y=Qj!6905*`%ALCz)DL)OI7-
z2xOp{L*Z*PYD^W4Jse*$DJ^VVc~>t{cf#+$d`$nTLE(FTvqjnHz6I}(jJ~M+gf7ot
z8T25OubX=THi5H<(*@Rq`8cNz4A1)2cjbT_(fkmOTiWp^B=Tgp!?7^8<cNrhgP?Zn
z5?auTu7=QzQyE+KAv&>y8*kd2a7r*5?Y3^7xnHpT+qW~Fv^H)=B?2m`RDNgcxw=Fg
zOYfM8o#{$xSmduqU&t;cO9kVMU<}^=N0*3$E<z;fU~K>$ZhRzK{zh;9uuYy%#AhQg
z8F<U)Og6h=nEh~XJ+k?V$~KbFDGp4sNm*ddskOo}+}r7gOR1JEKl7vK5)XCf94{pk
ztQ%g*g6rO-R~3~1;ajTHVmZDi8^hU+-a8R?_R8=kpYRTAIKX&-1@QkNwHbB=N-N)+
z4556A@KzJMC}JV;-zWL+cA-C&3Bc)n(@vX)`ENmy6Z%nV{jd(fi8{LAFZJ`UfiJ+>
zn*mIu`OCrqIyO?Z9@)ZjbMGUb<_(DZU%w5&^Z#<#-wcy!X8*TF>Ypb)DvE@*5Tt8L
zpvAOpjdAgzEuLGi@aevGdV|FPX7Tn)#|aM@A6o$vKNtmGwJnsUf*qu403gK#@273<
zvXIN~9-zNm{<vJ-BI}&<*~1fyl!CsVtaJRPeV~Wewhi9DP8aJ}_i(&-W7%+<^X;w&
zz=QF|gVLjJcra>!2b-{Cu}SCuIDP5W{bZ>hdQ?I@J0CyuO~rq3^)3tDN}A@7nhoUp
z*2KeM27O8`r(ns7+iF3VyB$nC+Fs+he@~fjj26)Q2MeWw-6f&ju#DlIHMVfl1aE%g
zzB39CQc9x@!swwtqvxtQ(L&xQ56*V=_xJM&#9yXb7sbX^+A-%V?(tI{#1yQ`CCxp7
z8g`jSU0K>G76v}YO{hPAts2&_{R~izFW*Q~yVh({G}*=KT&EQ|t2Oc~Sct`^&wJ*X
z>_j*^hRT%r!*tL?ZxNOlRNkI=B$t~YE^`314rH4-r-uGBC;R=HhBdC&$KauX!CPcy
z=igbW^{60t-tgvoBNz}WNEaB;M&~~W&C1}kxF81GZ>b~3R{Ng|*@Nt@H0^LV9#-mK
z6u_&uO~u`J+N~-V<4?(8?}ehF@>c|AHW<CG@hJgTy<Un;cgca4j{QXfJ3OrU!ro*_
zxK4>k#bD6H`|YP@1gzmqwe7T8Vwyp&okVBE_{T+zjX;6~5RE`>VEq{IaUe<bq5*`K
zL$X$=-K+TS6fbqj`qe1KFqEcN?fTyziD_@G%@h#q){C?^WT*KZALj2HL*98SU1AQ6
z$VsnbN5_;^`>>7^&Nt|7@P2#UBe(U09`YTYN1Ez9Y5SGeax+_wnN$8EZ%UYF{dG`o
z?cNh5VWWcwu%$;E&23h~#$Ob@E&6Ix+riX@2GjVR8`W~Eb9|lz>jckoca9S*TR9xv
zdn^yQU)Hl%7I?B%4jEfCf<_)hzMTv(B3n9qLqBe}GD4xMO?3LcFO9;G?x=V&h3#=f
zOrHaEy+~Pei6ZWUjJAYeTC6pK{84UJ&|6*;t8jK)b$x`@8-OVC%K6Z3O3V)7az-gr
z;lh?|V`|xnW10u!{^Tph6}0oXZ{FxIEj!m=VmAU@Q@49oz_@7tAWWM_dDlkip?o0z
z4M{ZUS3VMIZ&kA>SrbI&zkb5WdE{H%K#|Kl`yM~XmlEKJUZ<}Buj4Uu{=NO@3iCF6
z)WD1JU$cI`wWOp@vwnE69M5DQSs5WT@vr*em*)dI&0B}P^zUb=Flk@R@|kzOkrj{A
z^}ZcOr8WgmUB<qnPlX9tRb<JK1}@}Td=U?UD=RXX7MXs9MMZch3yF0aOcjoqqFfkK
zxN9W3e<)h1Ea|6hYt$@g*%4VVx{e-re*Ernd<I$!|BP;4W=E1r-fqL%=8O1Oe0W%b
z#M#gN^wM2u1LG6`$iHBDQ^#rx&Ty;q8!vNlOvSiiO=TAIbe6ssM*y0yqjW8wy|Lod
z*OmRM-O-N8KHqw_ZAqy`(pk;)TJn*1tf$ZOG2YG@#5%q=_3n?ix86>-Ah=FoD))XZ
z+xy8fzIw1?+@UxBb9U@!&9IqB+dv-<cf8}Q^<K4!JCn%`*tqjuyzy);aQ}U+?>qD0
zP`+ZUb2hRI1;s{7&75NMa4QzqO7U^&!P`$jy^{gY&>Mp0c<QL~)byz?IQ50e4$m(_
zq^0KtAh-K193F|sy;;$n6G*i5A*kB_kzujLPZQ?%(i`n@Fb$VQfYZ!94Gk(aPvc|h
zUv$xG46$LxRG@@%)9q)qxh2e77*XyYyh9-`4}Jf0&oBAG(5!Nkrm@$@)UC0pLSOXa
zRLt0k;d|He@D5x_XHW=D&c71C6<k#ej<6saw$R%J;lgq$cLI9j^Wf3Sq(#aeky6og
z!;%Gionkel8Zx5U*u6q_wU0im<P!$ahRrMoJ}*0k*5^n*diO=f{q2xXq+SIZhJ;1b
zl0@;{ABF6`)I~8|<A!b}BLf{R>msywlw>1!uZc5Rcyx-5N!BpL9aq5A7uB$H;y2Ff
zRyqzg)%{6G*1dpt=7|wIY^mL^@7@0HcuvnGkxkycIb!ZnYSMofEPEnS@<R3YcTfvU
z$qLK0y1b`tE#tY5_~5Bz{lHf-Zkng(-*%!6m8&?Xln$-^)1uQ*;@j1O(vg<m?Gy@0
zL~FmSMDVr7plUsJzyvP`v@L7!@&c^V7(1`QLk(CN#=V5pGzqQsJcJ0BKw^h+PLcia
z(B1k2P~&o*j6^1m-J%~JBt7RhqhvMDL?LT?U?+O5QmoSqw9f)sm7B|(fy^HbC8){}
zA(D@&*0VyRajCT)y8Hy%X`4F3E7vQ{q7XB-@qUBBbBdgZc~+{nV}!$i`M68AA+{~%
z8KhhL{E0T5CW1dAd_<G>mB@i+w1Uxs^ULF96E)iI2Ql$kDiZyI2;~Y|<=2%1mb!fD
zp~newL`YJ3T`bul4RyI^U4pU1hWE&yLqvO=AkAnPT4q?1X59~7D@_~xbR6cc0?drJ
z6Cm@;%w-SHsk<{|O9BYHCxvG>mRp?!0QYY2a-Z`?Y4kb=?3-}vH_3z;={fapFu^Mn
zx&On*n5(F4W%eEg(45tv67wj13DjUCC$|6`TGeb(@u&a|MIBUSmSk9i>UBQR*RGHc
zq9O~N?wie{y^xX%`1s_8g<5YZ`s6gn#*H|JL{)%m-x#4=URZ1BeeC6KbImvc5{W~&
zL3gny_FiJw`LO_d_;;<Ml)58sXR~m7WK~bY*TGcoYWcNQ<7<Y0QviUxl3@vG-m@aM
zFEp@|H$A5g*B*gC^suB!nYJXcmUVld<@RP>TAjsnic=)y+?r@jIlQh<5~06oC*r9S
zcbupu3K(0CJkl=gVx!+y&GZYHyOtD~?_>!~o2qd`usRE0wU2&Wc_*-bSOD+0Uv?uw
zqnGuof91=>;Y-Un0T-<=m+Nv$oD8~*FdBNq(Gz*%L4_kJE$h$BrhnqJyS|x1KB7xd
zVIZUm1+Uc`I0ZM9rwK8PyE=~I#!Xhy=YwPlRo(VqQa{XyV8c_>zoqq5&U++&jU8jB
zh*qpz*=;@4oTQuPK_A$6^GjbzZ6tH}@Ha@3!@~-S+J`H@45%eWN%ipd)I+%+d#w#x
zysn<<GxW(tn+Jj`hnvl*h3*Q2bMFzeI`qcuHzen8MDka72YTAH)i$dA!-M~zj(jQ}
z$@fYZhsBI<7^pLOBG8gQo7)Qv&#;SXCY9H6&r3zceN9VSCfD9Ad2C#y1Xp^OT}4_0
z?n(awpYyNly}&=u1Q*V^W@_)e*os<t`1G??DlgXX31G@TFOs-5;Ztgc>&tlicV*_1
z3_xD;!;Ov{i+v>BF&43Hkx|q7ZY!&^$7<}-zkqQR2+QAUSknvNI!0ybhTWb@AT2!~
zJwS&@$UmLpdtl{5o>_wPoztTR20EIPa+dvfC~(!pIlGT($>Mt2x+xt_P%HB_HpYJg
znqk}wFjLBr%%Z)}sRe)dC%T^GuEf^Sp8Oxu<$}t|6JIj@%9SIR@dwt)bAlp&YRZ4J
z6n4Ui!Jaso9nsFhs}ZyX(w5HuPDttA{p$dhUx5JV^{Pa>IC-dd2N;vc7e-0pu{*QY
z?LFrH&7D=XSI=Rm*T7X?Rz<)%Rp|`RtXif+EoL_5n_a9-ku~JQw+eM8hGIV_&vlR6
z>q5w#GK_=^LHlJP=7qT~zBHbX;LjmVdUx%`F{9A)PK|*^>o0V1&vC0uZ#!x`ezns1
zp**D&4lBi`y~CERFyg;xFWekWk(a#pLxjPE6lF+aBO{3$=m7>U&cdlm)v`?hhFNic
z`U=_A)FUq5KfCo^bBl@gCxxm8k)Y~sSHEXMkJycmf5ASQe5yu&=h$xLJBH>k46>28
zcT2BeS^4Z7#1im4Tv4W?!)6-p?`pFF=JN0~d;WCXl@cJb%0S5$oYe7Tj#2!0)|f|E
zG+gm@7Y4^U`NQuX=@~+a(mi;-Gs@^b<*quA3b#j>m%RPsx-cU>6s9FgRQg)^<RZ(^
zSU^rEKI=5P{AvQ-Xs}?2K_9#4tICHpUoWG;7T8HsrcSe^H26DPcMQH7i@-wM2l#m9
z1#V&<yE-9x)w<hbVb8hwab}$lbKkk9Z%Ei1!WsZVPzc`7!o78sq#|`ChV`No2*1K$
z_73X%t<ywpZJ6<UBfTVlBcR@%D`)5Ox`)C7lcD`OcIMS#8YLa@Hj$ARtNBNJtWrhH
zgN3l%(@KG$!=F!@FE=Edv|WbTS#k&C2!xAYEe0mb#M0?0&JbAXWZ%4@H(>q5czXqx
zFdD&^2hHm#OLtb(7?|ZhE$4rgea=aXwGx;-6Pb)GiSgAmAJ!oGgx-dpuaug@5VyQa
zfQZ0Rk!o56<#j40h4~~43L4w>-C{<k(ps*xLbTR#!$H%H!e1QIvLb}=UMSAQFdEo*
z*WUC(Vy!arDgU%b_g5}R*yPa~+WhPp*|)c$N8(Ev^|?rP7%4sFu}!{h|Fj%?;?v>g
z4XdT`u|fY86DmeFU}ZV5*@o@@LU*^;z;5+9&)#tA!x87n29VZwHt_1Ib}gTCZ+G?l
zJau~v1Qud+r(kWG`L3_$Iy$u6XQ=%*#sV~<1I=X%a)(OS@5Ymoh-yfInv9Bsk6;C~
zYp<Vnfuap|Zxj|`Ip=`^L)dn(Oe_$#JB;)5-s#k*(-cw8iCy|9x!Ui=o~t30ng17c
zZy6Tl+O`erLd1eG5R@9EkrtGa0i>k_q+6uBa~P5ClI}*4?iT6p?q=v1YKVC+(6w$|
zYd!b-Y}@z#`R3;^oY&dcdG7nM?*{;9Z(Iaf|9Np0fwWBr18G^qN_i4|<gm+wA<%|D
zHtBt0+u?;$@g_F`z&126l<3OP50)zY&4)PNC(uOw@13;m*cB~jaZ3@eD|#|R#rm;c
z;a(Jc=~(1Y)Y&zBXU*f4a(3y4dMd)r!s?GBy>+>6Ay?oo+$wa;2_ytMTtB%MAi_>r
zf&0gZz|bsu+hO<>TfiQ=u(eqPbY<=LOV5DG?X$gZ?$o%ZqKQOj<*i7;wl`Gbo*x4#
z5|qyLf*^JPsrILh4M56%hP!6ls@(-(dA$tata0Ikw9-qO-g(_P>{HU4Xe@NF`1#=Z
zzy6=qK&$d-i64i^-CV#U{0CzT*df)T&SUiRc$LYusXnFi)d_{din;Orjw6I-fJB|O
zb2}}Zxw@;h9g!OI4}iEs9=+P%k<Q=H`bdLm4BWrCVUtjZ(|u!rvJt++O1n-|mYFbn
zcB5X%^$s=DddCZR)pN`Li5K`2hQCm4+Xc;5pNCt0*g3nwXTehGB@tJu1IW+*J1@a1
z42BSiags8YUzzVS8*_J2?D^8ATqyj1!Ss`|fZ&W2eT-`q_ue4tscaODfrkMaqW}Id
zc}d`59XeMH#>PbI><z<x{*4v*<<e^fB-GXZM0SIip_7z1#~*NdDyk~ZOn9R2rOlhg
zVcIDT@II$x(E-K0uN@WLH1*vUx*`sd{ZmvlB!CPDFXTG@5Qj#Kq%rUw{|BS;SI^Nx
zHKea>*cMw)MW>NK6Z0kdH0m+Ximo5MwbC!sT>N$lI{ge>`2Im}^aJsF>Ve1O(pd3g
z-E2|LW<W%@#^{~996Ue(uNQ*XUNIGfWp2#k4>H0eT%h+)v~6RXyPEm#-ztM8dSQkn
z+CG!)>Br~2*IW|RsgZk=<{4J!<5n>%*7?%3EpaSOidU5vkpzIEFhT$sB&ol7S6jho
zBbekx)FX+lF*B9xF27-*KQJe&w@5~tE;We5$gvN2FZ{W>T0*q>GwowDn~FprJRBiJ
z{a6S`B3N9$MA@snP_W6_lY-(I!0Jf+rxi9a_qC4nf;2^HPB=5mX}@p74qycTXop|X
z>ZE{Xplr_``O{B`Cz|dTif}f~*QG(!GHA5SnRvlgROE~O{$KnpDfgk<Yn28tWL=z0
zGh)YNutosk=Ozx`-`8F;j}-<JT-rT_AzZeSO^aK<#NAsEQXUrDLhsq<tkO*bB?x1z
zTZQ-{d&feyB<}u;a4r8$ABN?$XXt1BH6d}uPr_=e2Bx(kdA5gsRJ-ct4Ku^6=73b8
z#6PAaEfUDIAnSRdK!|hjGFh3~e9Qm>hZQ7LPHLgnnVcs+hG%|Euz$*Jd8ti^l<RuD
z&nw-O<R)?|eZTrr9ucSwn>)p=D))YBi2sOY{mN*!09V=eD|2%ZWDjhWK$GhPw+pW&
z8{;BJ>~kw`#1s1)gz7>1non0b;1|{ta^v5K0F$T3>kafEiwJ?GWsyw&-<iZ8c0x07
zSJMf<BI82b=w|2)R{@EdP(N~UAF!ypX2wPQA_uQs(g?qnZewP1l)*NIkP2s0>;d|%
z)W&#5@}_atrLY0g_Ybmg0*rgVjQ6DS!SzMQ`?Sdc-!025llP183Av+vnR2$oT)SJQ
z7bZ`q24`b6u~kg-!gJWsZ>VyO`;Y^!oa)|y9TYwhK6kMzaxNL6xxS7F#h0({8!CnR
z27}3h8(q^luVi1)=z#P^0be{OSgc-JTwWCHMT7Ag=M$V7Ucbs4(yWW)CtAN}iF^IG
zW%bh%Z3N*W2olnp2&y>`<L_s@<!DRUL4s*L+VKp7oKQrmWuNp>RF(M_@&-qK_W(;D
z1UKZyi#H>mzDXX&*Y@|teCsQbj~_J@+ih}9XxfEY_SuG2=v*V)l#oQV#L5Is&dVoP
zm8^iI^~iQ!DfiRi8~7?81YO5j!-&#(R0?14v70r`l=&g2sc&{2rAYIjkAwtW&s$>H
zCJKgpCD4;Z<fYaE`?Ieo>H6cekgsI=jFsF-;K1~|aOlFUDiRWzg3(n}l(u_Nl`iwZ
zjTdYWBCiso=!;?FH?|1l;dNpFh;_~PyMpZ>uwy4k0CU`sH2x><V`EBwDn*PNcSrYR
zv-GAhiW})1h0pT{7=X~#?2FJiz+S@W^<5Q4DDkuQ*K|m@t9WlcpsZMRL8##ubIJ`h
z_3WN9wt2*`tz#1Zo7)?28psH-?b4a@LgM%nE%_#OP&C3vJ}dIE{+y5o8zs~WNi3j0
zfuRZozc<_qhz=Eg@PK;_3T}Dgi-hoSUWPNh1}{z8QPFC-pPU4W0{f8$ZcYfqDRs-k
zxA9Cbc#J~~jang2O92SG@V;JH_Wbu<@2BTnD(E<nNU1nboSmei{(IlE4C5o$aW(JF
zrA2&Z7JXO+b05YrGee(kH&G7zrmK<hluXD2+@{`f`cpNLnLdo_c?enOjcroxk&N7$
z=8ru2zzerW3SJ*w`JH5l2RZXdg#;>$XJpr{1acQRy935bOmSpvUp+*5^kf)4%L)@+
z$~UL^x9#IfpC=^c1))gy$nooyWZ45jkXnu9eGrjIBw2h&9*JwhJLm9*B-wV{D6r>j
z55i@H?%k|}W}=VZ84XTN-^Z97AO!q)?9#HzLD+6dppAfIHFb=cA(>m4WRDi+a&8P{
z_l8Of3bUGA&s6@g(E^-kHlWHiP0{fA$OKDyr6lIf1Q;4Z-+F;kM$n)CPM-fXLkoxW
z92Ca&qPZPh#Lp0Zf;5;`Q_{ZkKTQMClzGzT_}>%6=sAv+;9An{B#MNj0`h81F?Plf
zl1|A8jPlf2fb*gUwozWOsI&`J_NC?Om9pCxdPcx#t>|zUs=1oZhc9!F>)Xc*bAJvh
zsPGiS<AYhvrpG$htqDh9NqLBG2+d9nntCp$M`;{6@14a0(j}WUO2}>W-OhW-e;Vz7
zI3)#CbTY&jj1AevHYkB4UYkh-ZWonQ9f%9Bs;DK6An=_$I)@{>yv3YbSv$NIMPc#O
zS=S4EGgknuG2a{E-^iUGx;)oEweqfjPgL!L@R?)FGu@6mK(t1lFAx_B!D|TrF!Jz)
zAc#L5OD~-Ax#Awqon5(toK4U_hJE3Ydpn!;U#3WJkY+Pq^R7t_;n`fb4u*^fB&C7I
z2*K+PyJ?+pG^rDj1R85=*gq`l{#GrSKF{V-29!0*Wt(KHZvG^~lpw}d@1qg5L@LNe
zN)KM&yh;igVOvQN;OxWL&}5h%-bVm|FaK3x%0U5Tb66_LbGr`8MV;H<C?p2rSX8kk
zkUV3j;LOtFjk4vB!vTQV6hXE%s<GL1<XHRn;1$4s@oySaCV0I$7aVP|ZW7Jtil$+E
zDA<Z;x%x~ZdNdqLFAaAUbcLD2sz1A^oB$SMZ7w0`jjLX-{;{vLFx~o9ybCDSR}P2W
z$-nMyS6cQdGXl7|z-%hW=^nL#Z8JvlBv35gE1|@^UH1P)^(vC~v7j}msrsraPoNVc
zOHj`_b_$Q~>DJVqDky}x*VceZ)PMjRRlqwt5jyS;C53E{#X<D8`tWEf0iT-RsbRqY
zDInkg<4>)=P#P%q!I%?0zLEusHNrhCDi{*@04QtaL@!b|_>BoFo;E(C)Am%A`S1{2
zD)u%UvO)67Vn!!I@DZd}>bn8(pu59&!f9#3zlKLCKK<>b_D?nEpR!!SXb2VORuiA5
z^&fp6z!j~sXTO)qzgbfR3{lUYJLDD*r05NXkb#oiNg-y1;Dz~;+wYwFJSCIi;y81S
zojG0uQ#8L%6&rNYYzLIPdPR*en7D`pSZA~!5Oo*sV;on3v*@>Q1TVW{<Wc1jKXsIl
z-P%-s{&H93W?VUJGh$GDI9m*IJZ~SsH=ToEjrg|evZTGi#0>`=SnGF%TjzA(mKS2G
zah|_iPybG7)&U}x#nNjQ78XYnbsZ%P9x<<p!LE?Idq9F5?oae4Lt{e!rda$l`e`K*
zq4_<CZ%_LHy0)#F#smgN;#!KPMMCpow+^)H<<0;$3l*T^-Xz378FkCA?Y}$U700;@
zLpt<U%sww&f7#Rw5|WR8-O*I_fhhrAZ?NeaTA5mV5KwN93@U#zL}|m9zI}`BM)hKX
zCGixc(Z2p{Se%L|;g%N3tQ%wg4W7XE&3X3VH$}Hd!9mH75*)<sX7wzd-S=y9^COr|
z<CK0|3-Ff#p;N_vgP|m7BJ3DV660n{()umR^RE67NYl*75!Ws(sDOch?McGxVO;U>
zzT^DGe~1lFLVgz;u7#>L=Xg0>RUf(A36A+N$kh%Brv2(eO^byuI`!oD>#&tD^6ru7
zkZYCaFbw77#U?is7RcePtH$<+V;=^V&VWcKqK;*!!yUukp4D_}qB3x6J<kR=0TQbq
zs=i9AhPf97*#^fZA0O!f-18L)Uen_QVdCM~;{fnAA0^juw0?|?^<tTRPZEBqlXGkq
zAZR^9UI?$*lnqKpNlCfK^YYlyvs_MTs;wqZOG#m2?m_wzy}kpbq%TE=$U$K%dp^h5
zBX-Mr?+&99{jXvN@%l|IM`%&+_l70D20S#KI*<{USn?il>n$?RIh`cINX_z>%mY+%
z08pje{RcwVyT$F!-k0=^{P(l~_~rUH<;e$xCd#F7so4N>&O9HnKdWvbS##ucUZhUn
zl2B%U5MkFkCk$SHH7rzU@_nRZYZ#mc;xV>FMBYW?s$rC53CuybRJzUsz9W@23!ukv
z*E8TsZEh8gf)8o}8B9F|Ov{MHT5tuj_uUY6Od}(k+X_BohZ%|aHhrA=BUHDPm}P`c
zB9)u_N>{oOI~ZjibnF<{0wsmH@=4>*jP&;GoW5XI9{^&rEoObs&zRzloC;l)3;agP
z*PTe7Fxn{Xx}dc#5M$RU<GyI{ASY`%P`vkpr%vzn4P@iZ`>4ly!%8;X-I(592mtDS
zp-dR3;q|B4hi*~(+cTS2)0esXFiv^^--Z`S@hgkbm8Z#yhWrn1Qvvt?JWX?MQEz=;
z1aIZOC_^ziS%l=e^&@*@7FA><hZpjZYjbWFBSS;6i9~|%($wv@>zu3l0OWs5eTeeD
z-<;%!aGhPO8b%TJn3F0C<DCJnSKXRv(mG0#qns2XreAvPBQQ&&(b6Gp3m+$oOuwAD
z(m}1XGK|@tRD6HPkk40jjVp5JGo{!*wOO%!Df2OD>T_D_9X&4j$u{NXz`3G#X+_mU
zp~jKv=@i}AFs%Vj%YN3Q6w=$OcdJuw(A}dB_ZKdCLa%OZK`TT*so7|44sPy<>J@y3
zy3`Viw2Co9H=m}FPieMhG{_G4br7a^OHCOn-)yw#5F<486JtEXriE&&@krM!F#E;7
z2<7|`)r#*%I)^iB(;mJB@-&E(_atJkZ8>s7OBMi-Z`S%Y5r*Y4xZi`Q@5^Ka<z}f9
z)5%YxU#fk&W7Yz}?|b>8Y22zl(CXnZR)eSF*zkn>bbxfkW|_AkXA?$<EX^P#yA465
z_wCkTNV3FDJoJv*zOlzTs?ua|*A4P5s^23rmsp`kwB|dQChz&UUcO|Oat3TYLe%jj
zz_N*&B!_m5!0}X6+qBiXuR|1h+p&Eu8D8(^T|4b;w$<U|H{3Gq(ku=Ir`pzFzd?R;
zY8wO2H&aOR7KVfdb5}CIyVh%|gz|KliWb)I@A#2lu+DyN!gt7$7@&y}=BcUhT(jhM
zh(k8@r@i8S{3d+y2*8SW_Z|mUe@z}Fcs<a1UDiNCunORvG4qqB&j)60h|TV!M08`2
zLm`H6;fj4D%~IMkSB9Q9TKhL;z^azk$)Z$*H{6N*dLMP>N>&9o{!Ts%<#q+hzaC#>
znpBpGFqUHE!E12&UXiLAS6)E5A!}i$Vrwuj7Ixc_`WN!~l<8OU856f4cf*_Y7OVq%
zjOR<5_N$Wi30?e`ox9YldRdv_q(BauIpR(t{_2(E-G?Q-2Nblk--_4!Tl3So-N5F?
zsB^smd)bzV(MK<go6-A8G}F0Csuw1)R4KV0q`supCC$M;dg|~~t9Z#hBW2E476|dv
z8~dsR<)6J*6zFot3~hNK>~dTEc120v$PNq3Ex%YYpAjHalsWTzZ5NfZut7=zfc#*_
z4N38LF`&c|xoU|DI%x<<XQHE{x5xXEpJQZkD?hesgX$kE8c4&T8<R2}t1TG*$^2x9
z$X)7**Nb9NRheNi@Uxm)`VN|<^Yi%$DAQWVAr17sE-b12X*$Sub3#fI{B;o>$O-e(
zYCy!jowD!s^HSWF=f20%ku3M=O6@J$Z;D^rT%`hxt%*0%;7KdgFeNvYN-wo;MThd&
zxzF`M3N<Wg37`7R!gjOXMw59%UPHM7Nn?xjEj(3)gWz$xSyJv`;s7>_XE;LL6MTmu
zL}8hqpKf^bf;=XnqrAP*?>8<Y48%0OXwo|OBZ<Cd@;vLP4ej&d9gt3~<W^b<78^EH
zq&Rsc*o2<W|1cQlw!WOcto3$Mv)H<~dhvzfd3_b>j{&u!kYT#pGPIabgzaxZmNm}1
z=R24MH(p6@swFQV34$`xFCDm?HiEO@Ad?7knAytldFHUa?1~^ic|sHiHAj?k3L*KH
z&80q4(J$@jxSN9cq+wNIOxB&ncJ!Hss5||vmY-^Da8z6;=9~ss=mWXnaxI<r3mt?}
zMb;)?K=12A^;85`IdCx>SN&l}gsiepUtdZil|R-<_8n*qqse@G|2;rI^gdQlU)xfO
zhE$`Rr%BX(I-kk)e~f9*6ToCN#;?0%s-@z5dlpSozs=RNwENsygM|COTk^_@2Cf4n
z+QAbt?r>OhJYRMuPr-ftT1F?FPeLL9h%6NSHuiuuE*fID@_=<QLUMv-_H~pBnJ;Xu
zDm?h5G0SjkTzye2AXwA)C-Mx~&FC~w;uRZv9-e;FGFwD#H=8V71ujalAXWCd7>FGO
zrxgn(e)w*1<bCI~E7N&m-GEH-<F2&Tmz6J(HJ>)Tum`i5V<NhAwYVty8*2qaBfj6a
z!olgkWg$Tu@Zx%tgs8B@Anr@EJoj`nw{TkChsA_)s<=?s@vq0A-hj+c;WtO=nU#aV
zA$KaS`RWC)bM^Z{AV$ru>;0Vf%cKs`kI*}s4KDbV4wK#pxf*Ujr>TeTlSxQ>q0`*b
zSz&{lZ^tD!pkeg5f_ww8{QS7Tg#}mL8KJhiDb*m*PXKWaff_Bn%lN6$bUuoJl2P#2
zVaEyity^l!zv48FQl3XbL;#)e)7?LG5_$1tj>D2hNpV{g<T9joy96sg0`bA*wFSdE
z?6vW_OHwxNVWGC?U1_2(yUymHp5#DmrxspBMMNB@yyy5c)SoaCGD6)?Up%(kPzEAE
z-|1xxsmBHvj|`%XMm^pSJjuI|5(a?U*DnvmHsn=XLOr%o#{xKYK$0)N@*&3Zg1plp
zA$tAqZV4}MWUwlDjEATZQs?yc=c%0+8Gd-QH%Z@7Okp1th^QM_{BT}DyT+XRajua*
z>QRhS^aZQ#&pQ|xqv{VxM1i=SXR2IKuW3FQQ!%me6Lq$HExywu4Xqin);!!Vm*avS
z1Idi|WhC4L+54tIsk2m@$KUAgvonXClyh*#6ydrXM+OdF@Qsm^$qYc+<~D0J!izwK
z%~m+tVOG^b;R0xiD)kR+>Faa1#DGOZ{RY|Rv@{dlfx}OeW;+!b9!yJ8cPf>c({`s4
zpL2mJx>z#wPlab;knHO(DGwXC+(-E2=meVq?(6LdWW6#h^zg71S^)n-G|fk!OEfWB
zv5Z(J%$T0EmVV(%|0h2KARd4mdyL}G8_pfZRK4Q8xE0FYqS`x!+*LFr#fM*jgkk{u
zeuVaTZrcSbldj@=vav|NMPC-_;&X>ba_tFf-QLkJ9{Y9z8+)4maoB6690!L0OSAI&
z)djnhm6QQN^XFFFpSWe=)gTbVx?%_DOmDyI_M!o$QUqD<8(!nJ4k@n^T}LjR>m7M4
zsB#eR4hQ#1!}b1vHxjv6g+HiwFz)|`diVJu3mr&J?tIz%qUGMLae!ych&gB6^0z8Q
zIKc+is-9YrCWmAUeyC-bIta1l22_f|`B|q=CENHA`aK02N=1KC?+n}jTk3t_R-{v)
zK-Bd!BEv%{+oe3z#mlz=C>|SN#LVIKVYdrfzF|=&wA7gGIWK`n@k@o%Nq?$*evUwn
zKNGEQ5J8!uGAAut51^clV-kf>=;(YFcm|yrchS_GYbSQt5p3>lpKX$f!Pcv8uE5YL
zJ{1_QAqXEXVriToirVZ+TYUOhUCPF?piTB^IRvqjKlZLTu?lbOEbio9?8&K&u3)s|
zw8cDx!p!u&4sF1qkP7KG?sxo^Hy_`-=xeTLhQ1DSvqw}1WSJBL$v9tgt}=1iXg2Tw
zx0-_5Q_1c3p715t2X61uuU=7g!}?;sVYO>#emCW6spU<K72Q~<xL%1_t@f??hdN|I
zgG#24KX2x>RjlM&2$`JMzr|Svju3LHk==6T988%Jq!C;_J`$#xr4!i_H2X*IozKy3
z_Ac#+v<@8^UyK*#S$)$Mh)!^kqnq!L!))oQISsw%KbZOEFc*t9{+gzA2FRJ&d&N&x
zZ}kErfh$Z-BHSx+sP-YEkO@k&LK6PE%~{>*tDooRHED$NMMTesb@qpN=(KoT;rMA`
znBb9R-5!YK_fw<eF|}Q+SCt<}Lm=<9L#Qcp)MmD*oPQ_j)6Fn;|Ba;g6$TfHdnZ8&
z8ZhV&v<&&U+4we8m9(@Y0K3t|2o~v7c_{=dW_qK61CoFc=ak3b6~b<ISJlBf)t+~W
zT7d=z-x9ipRHjuoC}PpgdBJ6F8C@<)PdD6qGfQ0Z4w?8{XATsW>%zNz#HvPh?V{9M
z2Aj@6wfD{LfH8(NM|8!Jz56Z62_VAa*kLYRZw)W3FTmj|@=CksXomYTRRLeCZo-U*
z`(MQUi~ma8yTAV%aSs*RO<lS6|CG2#Jj`3C?R)}T5?FG%R{X`(v6b^0z@h_@X?&ip
z7?KiG7B=0T&GvztUxRAe51=C<VaHU!ZDFunS)%LgTtY%k?I4Xg<Z)`WX(jPY*X<j|
zp_lx69w6fS0zh0!RIKVjl0Hsq9r4?%M+AT;`jsv+@M5k__GkN~tgB}aMYn=L-#8|g
zzr8%XS_V0AhJ8@mHSa_F#sRF_A;j#MVofa?H{WI{C)w7s;JS6u@;SG6IfyisKUH!3
zNDTn?lYOpq;(MZuS|`|Sb6GcuRMq6d1k%?mETo(g0+)SNd+ll?7h{!iCc1D)HofN*
z=-GoscsMcC?8Pr}0~$BcM;>GMVMJ3*bQFjs`A$shJAWn<jB~pbB?1^NFuA^dfo8Y{
zT(2b^^m^q52EAL3xWICL<@6;Wod*TzB_a02yvI}bXXt-@2w>C!pqf3MKiErJ5@^qS
zbe)I5)9x;^{@X?f&rgr)Jy+RpK!?)zB>@A1-?f222Cxx_Wpuzf^3R|w1%70r5OTp+
zxOLW7_4VuSG0K&@t)6K(AMeUzy<e99hq@3bL0BlRD$KY&GxXZdSP;O?3tWQk7m!ul
zE_&LMk8s8`Ecm5c6G4Yf=jv%0fOL`nCt*zyP2@|c!Y+-YaroYv{U+UbKL&n68PEZ*
zPJRSyT(s!3%^^mzOahD-Lg>HZQubQD83QQ&ch>mx0o06Xk{Y_gxYqCg81TTuqKke0
z2Bmy=>4I?rrVj8QX9j-f-%d0?$^3C+x3>yhXCk_O;hDt&F$6H<UxDEt7DAKodcOw1
zPEWtV?AaNRwZ&ojBV+A_;1KZa4EN|?O7rlZ*qTa(i;hKgC|ks_?1h|vpW1cMK=Pcv
zLDsdZ5`ETP5yB^1{5rYj;$&lJ^yuIp-3MS1@JNK_MCyX9V|nc%kOfB{utQ&Yd7)Ts
zPXldc>ZXGd`1>P0sBbkjn61SrA|mf=0dmtkg~C$w-~n<SUh&`ApC9UhfU>=JnijVb
zp5NGvFMP8chx>!?){nYhu=)m>er-?m#^TS0^c?bn-4h^pL$Bjch2prYNXLV*TI4Cc
z0OhrU4&4%Qh`rIot-p6Rpg`=eLHx{5V%w!ywi4!UDM&ZX;6s#&FHhdkMQKV-nGP12
z{L~Y!Iziiqp;vgpA1(G_WO0XSO<-U}2!p*+dvFxjLU>dr0&$`@?>)XIQb#{bFx9s%
zz597|qV<oz&sCtS^wp8X6&oa4%dxV%0M{FKoHo>n3)qAM-0cA01Rhql((_`p!<@ry
z0dM#O2hf{LO@UoFwRF(_z7cGWWgk0BTfb0!_;?fMvd#yAA1wUEyf{%|e<OdTu9D?@
zo&&M?t%0Ug6@0$-y?Uw=S8tE^U1azkj*LKV>0f~E9{_C;15{X{j`DVFmR##*l|l_&
z=dQ&#n~izlmrHNB{==NWZNn`>0#*aLSXO&hHqFL5Qko@@X>VIMoA#ODE^t1rrQ_m@
zT-o4!K06aEyQfv9Y<)X2gt4eryEu>Pg6j>204q|X^ac7|od`t4M0WwpcVr8e#fCqT
z*Y7mTrDc!!2@q_Tn@W__`n_)QrnjgrCB45tu0O})gzeXJedf2hU(X?hQq$>gY2dPE
z0T&|4W0sAXuFqQEl_RH;?fJ)~`^5>gme&_?e&omEk7RQa9BcI#VRpEdGR$|Ggc^WH
zybw>gbB1hhduXZRNeH=X9Ps}w0m{$10LcIy0!5a#tc1JSJ{3{hub!q^zSxj>n7*D+
zKTVL7)>H=M#i9mhCmt%UOU9x;vZBKCbkyvTJyY!$NusPUq-8>T50f%42)N6B2$CGW
zQ!;DgeOgJ|x8y>W`a8Mt0~G=w@gx6nvH-OACa)81#q^H913bFO?UP6~WMewPXxUQ<
z7QPc4QtsEYA3Z+sn@?keiXp$P;WIyVPk%I2f;D-WF7aZw@H{;cDVj1T*_%&xMyP>`
zgGsIaF$Yp*xBlZL8TW@MIGsYFDgN#543c-9<SUB|TiHg~iiz5(9#(qJ-K*XS6k?C3
zl4TvYG6k}*EFP4bgXQS_4A;hi_S&sun=sxmN6v7PYWDZlAWD2q?uiJ4eZKw(bOH|Z
zSWM&|;i-EZytKY8-IF+fixB}>-ya+iwgQs)v7@wz{|-ebmY?{u$*<;SsPBqQD(`28
zZ90-0tW5O0{rIx(mnZU`cHBl1`#lzXCKU@g!VFX`4po;`LT2Qb?In9%ng+xG4z``z
zyV{k}EfTnfmdI`M-N5B;R34Dqy6_1l`^MpkeIPS#d%7|ZibF@vDHuG!$TYFNlXz-t
z|F`u5Xa;`}LmA)tFm^0i!v-9ND1N+i03G<(@|XzQ!w-6|ch5cTFZ>T+mhgIQ-Bb`|
zFa$_H{i_9yC^zjI;AM;+(~qGR&3lKXDq_p|E|A;~46@PK{Pz0*{rXVP1H!q|sHVtI
zj#Ny}#LV1o#}~169IVhh3jI6k9F;14T|iVc8|53oF<^#VbTsmf0?^+O>^;}3FPiU)
z*6Z6PEf*Gw{{ET(f=7Nh)S^c~coeoTqX)#nEd>BrUT+U~B|IZF+6Gd(__|=v6x<j~
z;XMuNIz-}61u}m1V)=?E-0xG2wFxK2{cWfFry3hbONkZR+0J=#n-z+R-y+&IgxVb+
zcJq~u-T<hGm$38G{Q8@zXNs1S(f-`0!fNr{sQLT{_#U*&<7tMraVYv@-_A;Bl740!
z=%=956h`jCmZ^H0GawN*WL#92!l~47dLr6se#pK;8_5HSKABcMJEuh@y{th^x*xyi
zIAiHFv+NUa3+oA7-<92E-)*0mg1t1~*@8i4)F+N!z8PsV?9b7eT%uUw>QI7N{lVJ%
z@E?r&-?&??K8(je&Ymutt(YeXnAwNgyV18>_r==JZS=!>Jk)C}#wC{np_K*QyEV^4
z!zoc_=clcmD$#j1!^eBeu%ma#idm1vdP92bG*EklDVZ;U+Eg%YfyrVCxO)p}k*qnZ
z!ckx98%@7HZZ#imUwKaVby@_7mZ)9!z2(;H-tSpeRZIW1#jZ1Nvp8QK)zN-pc^1*}
zGCd+0aP8PhP!4P!KA|-~<Ep?PHg%GK^uJhs240w)hJES+zmnT$Gpx2R?jtm#{{7AS
z*9!d0VmT7QD>UudSV{zRj0zuKPB=TfU{q1WLpwP2vHD(nZg;};Avmd)PrW`ouDJ^q
zQ5AJ6-tVcZ9-Z#nhf&cI$f@NHhjJ3Nu)*GCYtG`gJF~%77j#2e1DNRM#N@G9zyZlQ
zv5*^+(wPachzMKu&;yws2{7&9fUum28h+gJI>XXAR)Y3R9O;|5*#DPFh8_-i1QCt3
zeZGg(8f!%vEeS2vfULRz|L?Tfe9zhkLN}9pc!B$lFJliPDOYoG!rrqMBB*vA8N5DF
z1ERUE0KLoiBm)%4(D6VVKvHQFl+ODwke;7_2$sFQvRI&=Kaxz^^8UgO*M9_b$tA~|
z9UE1ikEeTUfxN_G>iDWB3sLP6AVnm^=yW~EABdB|+A7=v++Ub+$eH>HpFpoK5OZ~Z
zpzT1+vQe*&S3c{InJb+-K^;t?*nK#rQIp&YQw42b))*X1hsI)eqj$?ji{D_;<Om%o
zh)#s4uvNNP6y~IFKK+F8`F<vvBibfqP7IgtTeblmUQB{JPxtOI;f6<oqOUv*xIZ6p
z?fHl6{1jB)uNG^jC$~1?_O^$P6zUGUoAJ#lL;~6l6^`lCXVK}?-S)PU9Xa-&x6LG)
zAqsRqJiI%ItnqL`a5Npo?2njoPoX14YrC0M>ffe`j-0o~>s=6<2B#bDFvp{lT*zr$
zgc_H*_*7L-IctOHq<W<!y8IlTLaow*Mt#;h<f=!KE9$%=@<{qn`_Se(Xt?#{Ugr4Y
zjtGEwJk8$tHY_9GJbk{g2CB5xEK|Bc`aVmo`ZV2Xb+AM=f^w0{J7PhGrd!<{b$*_e
zjF}MwdD+A0ATo(RXSzxRHgG;EVu!u~CC>GnUwI>I*5k_mIphx-U3?KRW4pmaqdaMN
zeLankVAtpAs<LM<E7nfBI#>~L1T_?ts%LYFPId^5t>I0v&<Oh4@;>;Tm_Cg1maNJ7
zRW#WCTCmM%@e~5FvO=y~+$G6gbbX6O%6|Dd)NY1z()}PR`n1aN&3T@CiqW8D#9*L|
zN*sYc=PIVcHY{#otrR~!0n!qw)nJJFOp_s`zUzFuo<jsod}jl6MHU@{OZd}M>O6~*
zV8qqJuX1(QbrT?oqxKTucZ1L33_byQ&;GqNK|t0~5%AZr|8GAq76${V)kqT0t|oq&
zNyPA$CP$a+dJzKA2p@bpLJa5Y3xO!m0N1Ld|93xlN1vxW#Fc<E$Qh6n3j*$Jm(vQ!
z4nPMaKM8^GJQ@RE`Em=(A&6?}j|bIA*u-wdSqOwU{7sgIYbr=Y6seI7+;BY(Fg|?w
z=t@N9Q~pgDJVyro_UW^19&ev#DmgSy4nS=APSAK{>v%!;8&xz?LFPb{+6Mk=l3`oF
zXK$BBv`3fJ{*5Isi*Z=8u2$#V0q?$^hoANHLA#<mnck0iOoshRbrZ>z{h4m_%dlAc
zf5x!v<X0CpHWr<BbBGiyKpuZ)(I!ANA;)4O2E1)@3>Es>72dMUeNL}5Ff=gOG8h>l
zJO@#8PcYw&e>yDB5dPG%RQ!&uv5}dYvxue8_Tr*BoA78tgm<q?d|j2pn}!CS_Bo3+
zeZg@e5hpZ|?NH@-I@NL4E*hbMtdbVHSmEOGHA|OZNP`IS1GUV5`h!{$Onk4+80CUv
z-o?Il#2Z|UW&1E4<XyGK-|u-RxVT#~joQ8k-$-40e1M(p1rrm~SfSKu++J3}_FHGR
zQk|WUp{u!-G!;{XhO3R5($lOD&^GpqMTe}h{Fe4}%vp{%pBIb1IPmj{0ORYK-l#c6
zfSx}{K~tskFR&y!8@-SJRt~Jr=xQ8T*YmBP>sCuHd3X`xI7_KtwM8L)a@W%Be;6Yf
zofA+ALyoC|lFBsuSBegwulw=B;3W_J1I{nuU!l%V#Xq}F@faEt>k)1keBE(uZj@}z
zg|i;85h|PCDa-ntW=LErHO*S!I5F_tU&>LdJUx0TcGxpKh45ChsyT7I+Vz(`(!+V_
zDH$1jM*I!BhGm7C=Axo2Ttd%&RQ8#}=bIEa$Zu3(x~Rx%&gz$*s%X+P_Ia`aTZT5U
zW&B)Z&$HpKF9+qY;~?;5%{lXI+tqo@yV;+svp!dMtGB=>?_gQ6bq@*z5N5x4U0T~<
zyyg-<HbWGYJsNC@FH=;=y)+2-wYAO)u9wONTDV)jH0Nv3R@K&|C?3cvs2H2)xJ75<
zWTxq7QXk#r^6jySnYW7B&2lDjRWvoO!QvBB$AQULikhm~{)@5JLbVl@4_$)=*v~j{
za%aUiRuynh8yY}M;gV&_lsI@;FCTat1;4w+AdSGQJMh;{&Rc9WWwTK2+EggbsgdiL
zo*L~{pj6WFFP+v>qB-*LJqVG>gr=~Ya(f6F3*8$HNKq9p7FDXs{pbrmzKva+JL0)-
zIK+;hmy;r699-zNSCYPWZ0?nPY_||z>B~}#xP}wu+@9fgAEVkkzplnbsyJaFJd4iy
z9P5*wkPPu-vl|=uy<9nyY}vP+edL*j3eC;^r)zB>NM^nLIo3_4aKkSTvI4$jFfxzW
z1kMJKKX>81>2ci#95v-vlJm}|&lCP%#)QNPiS38)^WE!Po&>vDaZm6=U7=!Y%sDY-
zNdItw8@|Y=;qzS<iK3!Y9D1`c%I@c~oPn4&F9sbl+$<yqGhON}XpK7WpS5$G(OM^)
zYW3P`#$mc_ozIz1@u(J7X6#LkD4Ek&^Vc}2RcC)cn$di0Pz18mvO2Q}5#=}b;x`d9
zHm<I$nei>cx&FkrM(45amU%9HX>v|}HG|5h{#>nN6EwaOw7L%~cZWY)KLlCZjHw~y
z8<*JYKN}7=#*W~oY`yaChrif3WK2Gp4`hnKpR1jXv}PA_>6$%NIBZhdZ{`@p@G+(f
z>`}Hk*ibdR<(ThR^V*1$LwSx2t8tW11G{>>X7zbPrQ$>%b2xZiZ~Od>`kVx6Pb>3S
zp~17<W+!?gue9ae7NKPAqKuFt1{bK8$UP;v|CWh&z<$xdw5)sv><$7-TH9v2-eR4j
zA7n4C*!o8E;e-0P&bjCOu33TZD&un=6p!%+>GZMqjnZyZnS=8SI5M31_OV+LrIWg4
zDK#bZo8P1dzIDMCo@4qyOAqUOD8Yxh*5=D6JUheX8lFJYfi8%=O9@9y7X!`@KR0?E
zdT3Df+uB;<F2z$B&0Y~&l_fZBM#YV;QK^Kzj6}OnI$_chC+!qgNP%6a9LBcdBNdr|
z57x?sc9H^<InSKJpN6J>%c0$(p(&4k^ZH4O?{`P5sqnEyG`c!3t>oNdXVp@t2#c&g
zR0rpRA6aN2O2K1PiXv%UQ}b%7hJG4S5|sgqP1o^KyHW9P1@E}TCp(?^8}JvXm}*9y
znyF9c4J8M=*(TLYw~hMeo3fdx?oM(rtf6LWgGYvTZ&YiuhYsKQV`p`iOVuxluyNJm
zS*@OFL_`t>2g<$WHSrXman>GDgZgHP1B}hId<Eob0pZ?x4)%2l=4lVKc|L5*W*E!c
zo)KVy<#3DAmzt%v(o}E{Z3ELH(`RLK)i|-#M<qGEB&pbxCBfEY?hQw%OxB~$Y~_OY
zswQs_x~d)SGEC6UKa*OMU>SI0aynmQo|{Sb07~aOsC{#BqZMxI$gYP;OR+G-Qi|{z
zYO9noOU#=O&ZYefYA|8eJ1+nJZ?D9IJ`8s8IBMU}g&Es8EhwQOUL5Zx)|5q~u8@@B
zSB^G4*eIbq;k({kYAf*~OYxna4RZaBr(lC8k`0OmnpLhNVQCyLK3;=m51vo3KB%nR
zAH>$a*(=)m*`@H^F(X3I#~W(BvFN)TqeJKmuQN?)<STZI6=+tjYv3`28mrbvhX>^B
ze#F42?j<S73nFj0f9Rn#OrBt-HiRPG7JR4FPKpRGmcMB#eWTn>LL=DeFnTN+4?4r^
z%s4zZVXZz(KVzD8=!r5ZDkTSpADy-|<GDQKzh9a^<{L4(OP%898t=+U_0(?uO8JiO
z+S*#U(YpB<)x>oqb~!)sT!?-EKDWC~%=Eei^8OBqcw84QDoJ(j-i`Eym%Oh|1k}9=
zsumBM+Q&otrw>Bh@D=#3>nrUDkroP322p?Q>e&_1qR%r!ZgWG1x;uBlwHcicHsYC^
zYfqclCsbmN)*qaW?m8_d?}f<7kfKys;t*H!-IUPr$)LhYeHezF8c1T!CJ9r8SViob
zmIoOuzJu~aAM3ilZ<P3S2apUa7=JQ>v9l0+!HRuta;S;ANTAyu1TCf!d|FFdUN1)<
zKEUU=9;doB9~;-WX##y-k_rNLA0{pcbYz6CmWl4o1RoJmi?xYSMOH~p`AP|H{)#_N
zzI&KBcux7(ZcQRwT*2ryzZ2kOhND=J(|%mRk$`(9u#a~ROyr|2K}Y3XO*rC7#nQa@
zxWYzb7CY3eCX8V$VzX)Z%Ud3jF=B;pe^kpBT@M4Dk$U!P)8AG2T(#SzoURv4a;kc-
z@+tVtc;P#f(&uVwd8TS(2Hv-5YhJQAVOlpolDZ?r1B{!>n^iROwZKzHB;5O*JFKtz
zwKh1ZByw|{kJT|GvmK8IP>wTpdL9L2P@dSNU-}R5s=DJoHPVlJ2fTn;jJC{EzyPO{
zce25*ZhD&X{-k}coM$*acMu%)W+K|%^s~=+acuBBmc(Wc5a9YEkEWA9N3bSvrCP~p
zqkh25Hp_9XIYeHKKSEVQRlr{0j(Kj5vB1oJx_a{%CiAUHm@XxM{PHpeM>Q+SV<UAH
z3sC|RololYg8rkdcTYU#hsa9@?G;g=T)K<ieM>)9<4>FMZf;zPm{SHb4h>kQXsS;~
zJ8xHcjJ(>%n;V>fPl3-XshyP<ot)<kAvnh*F5wZ{GitcpXW^1ya*#vvs8&rF?#8_l
z`~tcnBI8V1pNOCh#Z`Ped!Abh;&Uyt`@7oD(bXj1hN|J2W8;R6K&)Td-X*7yQ+}2o
zeO`j^WvH>kj`bdI*V2gSgt13z`cVtdNAYK8ms|4-TX=m`(wp~;XfY=YcT}sM?T)%H
zA7YDBLV0MDfa{0|I3yfVr^FluDLebt=<AxnySpGhB_uiJY?4=4o`dk(f13XO1fvT|
zcq>rb@cNeWvT72|c=5`)Pm*t_R+n_+v8K3qE0Lkg%3#avR#(JK*ZG!GX#*I#HgTBW
zX#cJ#x45o)KKdKiJsT5pDjbDEh1#|EZ-e!?q3TVFwi8*+IE!~y6-+8Cv=VKGMRuGg
zb7vay!x>=mz6Lsvue1m(h(B+>&KdoY*YE0bXECA$8Vi=0#96Ksv#$MKgOfkj$CWa|
zN>E5&p4}CG0<$x|H?2gJWYK$IY{jnMP?{3T)$%F=cK|m>E<#{(V76<zUwUgg;cZp)
z$=JoH1jEGk_DExxDwb3iDsz;FAFMZuv)RU3y=YMUUaR(gj4lE4ng|j5!b>8mp?TzF
zrakUKTk`j85}^iKeYho_($u{oM8>O4{4JR$xYXF6&+VzTwCR<yab-5+W6w)yUe(HI
z>dkzc)QYPtTAg)0KY47?5gM&-It`q92sG*Q;HjV#(s!>>lzj4W<h5r=She{;OpcVo
zwmMckzWH(ja%o*?3pMRtEH2rH(QyB7C)PCT^ds8W&KXJj3f1Zfp{3|saD&gL(ivO8
zmfrNBz#!@E2`&sq7Bt;hkxij&sakpH8)JC-q`W{CUwN!r{SLP3Tic2gKf&JCRgDwX
zMdt`gZ?4gOn1fU;gVPKvgYQ;4(P{N}FZBt(ry+`Gb2>AFm;&ss906xn+drQsA_)b~
z<aUp*E|+ZI>(u5qu2oU>9QMy_VKCuP-b6|1`IZfZ6dGirf5g<K%6LaIZeGTB-r|9K
zpY7Q7(DKui4O`(dNA#L<EH=+CgMr$6pu86XNGI<eHFhSG1D6Z^lmT9b<Tx~CJjbtQ
zUIq_yoAx~dD9>FNxMj}U$SgwtC{`0YcC<i_ZziH71ne;hI9_wQ!S>!2Wsv6}GNyMe
zKbC(>kAk%H%(ev2cRB(YjqHq9#~H?b5(b+g>yHVKZJxpoLj4^BOkW<S>80NWSIe;Q
z<)3Tg{*hC~6C3}ZO-S4jc}3)z??E8vFiZRjUeNTrFvoTbD*r-o(KPhRNfdk;qfHwJ
zgX=?I<ZYu0c>QSqrX7Z@hc{~9qPI}#econ@x5lgd{3Fegj#Ll`QgNt|b9gjWtqgm_
ziEbY7`*l1@;G|m{IfJ!`>0jUuX9`#DCx&I4yix-d1RRKw1Gi*mUsoa?{SNdOlZd3d
zw^o<|x!^PLGB%}165R4#9~5Jo(S)^yrSevd?CNwGwU^}u@F1EF<Yb+q$nN%7Jb`VZ
zR4w3Wl{zoNC!VK*23u*zV4Hmy_MOh+s#?v7kT#t3c0EZ^L@{{~jxabx=V!b85Kp?I
z0A<neV!*P4yUEbZIbn3jc+DI2yXGap<m{QiMIMZsqBxFF(9$(juY-v~0BSs5-L}eB
zp(x3qligjF8NYq>;(<5+1V^wfUC5&$Vux+FHOKlfxXtZ0yqmbU-oQLFJ`r5ax2R8=
zH(t9fgJZ%O?WkF}cjz%RHP5L8MkGA7IPO{oZIF#+N)+FEp|^QkwbuD;budfa`FOF>
z7nk9i)m=IpcprJMLo%kUVHfp!^kbQ&oF~vs2|d`A%%^NCyvdQbX?qb#M>(PDDv@2P
zl<0NEY4lJ=&KN|U9x0q}|BGy1T?q6^FW(8!rdk&`=@?zoN*&Myt+szO0RU@JJNeGC
zM(6W~u^9j!B({gkS{Mu|YyIAa$xueka|D7Bxq2Xywg<%hVN*6O-pp9l1+&4ha`UsA
zSKnqkocdjrl?TI!C$nSZCKhtUI}W}xw{ryez>Q&JQ@tl`DYjqa%kA3@%d3@5ZFK94
z05IgDavxUR5J?<=p*H~bGLjDp7eU^Y06XuFoX>Y}*&!;YD>s&!I#FYGF-|sTHL=_W
zvt6CWLIK9(1=3yHYjNF&M22T^tdd*#CE_3-IO`;de1TTGWbE_y+EQZ+R1@M7c)|D}
zEDZkg;1}?Q6zXN!1h3Cuwwxp^->epzJ7=q?twJO*2Gz+*f=!f%%#Bb}y65)2fwyi0
z$xpx~HR0{Xhp?HwbHe5UypJ~<51q~S(&a5qP_(+0mTM*7*lvi$U9Pt)UVm%V#g$#g
zY_ZY5bbxz1Lq2|stA@MObkG$!g0UfYZ#U`WtvS+co(^9r&?;9M=^E2uMPDgg_&=A`
z9|WO-6>UrAx`(<yYlf6bTA%7Se!(qUCz-t5W3Lk5@AF)B`yGRdMbR+4P6L+iP`=@4
zA9(Vpdfb4ux?ma;+xc+roHX|<5(rbRSbWhB1^e`S;=`&9O*e}Pg$}YS$QkeTr(eEn
zuaNw01_CQeVyzi6u^ZYLb6`ziZgSInC5&>SQo`AEQR^hImHGtb<T=aAP=uIu1m!#^
ztj<&H`~ZJ@i49!|4uZU;EaJZM_8|d+SnBc`wtSindRTJqebziaRC$b^E_-<;yTbnp
z`6li!ppgmp5u7iUSrjbS#(Qm3^6jGzV+JAz#@Z>lO8x0`QU?0@0^d(r7jWCZkGc+=
zZ`CPzzh!44c)02|D`VsT+-YA!0N69--`g&RSnW@CXlDAf_k;xcjrLz3C@Zb8XhixK
zi1@dL{D%JmK<Dqn_Bsq(fqh&U`9V?c-}>uI>bJI0!9I+Rf`6MRe?v;qc*uU;wSI?m
zMZkX>*S8`rVTJywph#_CZxTjcxqB1NXZ`9=#4_#mt*^1h0Hpa>lL2kO1@G{oC{bd5
z?#VBI5C&g-pGYvEuk!Mj;#!^3F0*9@F$w>`zJqG+UR3bn$BdLgKjB?qdjQt##djJK
z#6Jr~zPgw-7vFu0<@wn&2=^=BRcf7qOUuRgOV@sO33h@TjXE?Nf^%gi2#i`ib#EW@
z)RrK-tZC+ppAX(H^gRv~;s)354i>Ks4|<{{RvbU$KHnMbZWQ7>$?Nd`QK><Ii@n5w
z15_(44)#Pz6Jk*s3;juf5W%k&)8KP{CxQml-MN$`sKOFIU^oNxg#n=Kya3E~1Q^x|
zeeHLGdH9o#*vPQCZZskXQLiql`i9VpnP(%m2N0EBU=R0t?*k(Ne7*q2r5B@0noJ&Y
z+19r}dism85abvAz5ae);lS`*6lMIQ*B;%Y1Auzqi^Q=XUB*bFL~==!@W`5<A+7%^
z*azj9<FsFlti5sZ?*$UhD)Cnhmfe8!^aZjAlzTMVc-owj5U75<I<~*I3M0GtT?>`^
zQZqN?q?`?Hpz9_8mRz9Lz%$L)`@#wn)bWlNPBBOmu%HMg65yjVc<9M}PZzq}RD-Si
zVT?TqSdd~-7wzKmK{-PzBXLonC&2ICl|0mi_WKaISq4K`Hl1n??Q#xRJeqoByezZj
z>bx#LdbNcBMO{(8(bGFbDL>JRRFX&sHQN^Dl+Cx|CU6&-4odPdlXe9IrC&UnB>Ak1
z4XQV0CQO0VyNTKZ?H{L9f8L2IiLD&S55O&%GWUhJZhbcvN|-L`gO#ni1Fz}9Y1`A!
zoVE*%7*!dJ;}@N9`8nX+%Lk$IoTtw<=H6^8j3Z&aIspgaluCgF<0XrATh3b;tdpaN
zmD{;r4XeZxnk~(xkY?jws@)M+vt9$Edim*f)(wYD*z8Hhgd00{ih~cfpgOb0++{l@
zVSyW5OX(m^r5NX<{)CBChKIX#8{LOB2MP_^c&OcPCGrOxG_V@2dTusS!YaLayK!Wg
zizcoRD=n(df9-G)YeR(!7h95WvI-vc!q$VYGJF#LbvyiFmf8xI4*9e4vNX7Nwa{dk
z(fC26UD({=hwv}5jF(+RGPc#x=h<oO9)D^WSkC1%8`r%~B{p69g%K7Df|Q`_Hd_p1
zhFK>G%9h^ECRA9K#~n`FkNcNqJH12Y8^<`4P~<qw+G(u2-XXrF1qQIt`SOVz3}=dP
zsMTK5JYn|!JCBQ(CTG!Fg6T<}IQRIN&BDr(dV8A5)SP%#AzVGd=xJP7BH=GRT??-V
znN+2nCzMu|@nOksV-UYAIc~}C476kZIvoL=ppH^b5p@YQcH_Nggpyv|=g;%LDo8db
z5Mje65S6%xVEe`VCdb;foNF@4|Cu?=HM_~@3Ci=iRY(0=x7*8ilV^;JYtQ#e0CVn5
zyCSwRvsis(p4qsR?P$#K*0}nk6Emast%=7bS!a_r%kdExhZ@F%Cv?A5G}kunbjp|&
zouO>Rh9zR$x%qG*o9ea}_@!<rWa6kldpv-^c50*7I2$Q|Gp$-vU0)63-?1u^`DH%D
zLI&EEUtqgqT?K8ZeC-BnZiEjXfX5E?QV7V+`{M#lTFSM+6F@M!QVBxHB1mBV0f;t?
znPH8s1hzE<d*dQ-_TVItyEYq6aj5wj!F&2-=&L&xw-MBQZ!0!o{AhH@SV$Nw4ZOSl
zTtLj=6SH|q)*>Q~v69d5fT7`u9!;S&AI^BEonyWeIe}9@flogUC>#N0QH{NXoG%8x
zB;9qNt{O=gKU~@6Tx?i`P0e<cr^rqf&n``GIH+~as0d0~tk-v+6O=u1S6I%`ww<!E
zoF5vBb^I*c@Zm<0+%F9dh8)pP!>?TxVrB7&FZiBtx^`PgIiX6NtIBxMLuKX*rdZ4`
zs~7NNsH7QM4A{`Kh7Ifqaes29s2Dbn6EGMAHk`}PMkyX}ESnfOS~lJl;+kxyS5rI`
zj$&=($N%LgfR?!<<Uhs!xnun(AOdk!1~}OK*+IZ2`|M(qz5JYz|KRLKyK5eSk$P4$
zi0yBc;EU~wgk&z33aOY}nzmot@sqfl8A+qrf^K^sJmJ0k?}kxML~llNciR5<JAeK}
z7k6*08SO{imm5$-1oxoy*|<8ud;g*m*Sr0p?C2Mp?3F96#7Gq-hK`@_1z?-~@iiHs
z_x{O7{{Q8R^yg5v(pvqxj~S9*goe!NhpY5@8A__Ni2k@}0Z;L(pYL$(G!SKiT3(_)
zihW=B9=o}NiW4e3beUq%6@D)U!X{})TLD{K)wSFT%vyd5bi-x)*?yiBW}MPN^QK?p
zcknuZtc48=QK63URj|5b#q`UU)|D&FfPVgxyk2I82J!M1z+LMbS>+g%@|=br@87*F
zE79W5!U%xEwzj78PNxLA&_SKuHP%w%IM?FKZI3<9c3<D1B%^wx&|6*_Z)~BfTH`R>
zI`jMi?zBV6vGZXR=E?MkoDGuk`Tl0%A-w{2Bo0bqu`g@7Y^B;;;P8d9qkNSov+3y+
zlveFnY*spWhuL&}Y^H{i-Ox;2AX`QutM;lXHXePl^<|ZaY5uH|N*ZXMGNA@mclJdF
zx-+RN?t9u!ND*kFP?V@2$b6u&JE1&&D)yvGsaIUx3Khzp;mUnpqtJTR{Y9DbXe~lg
zJl=8su=eiczC}OAa+utvxq9oi#AF&Sozi(~%vHbI{S!xAT4dwyVrS)4Sl#!=l(`)X
zTT!yDE&JV3)~VW+hI`9XBW7D4mtrHh-TFKQd^gprn-$v!qPT#X3^tTtUDo&g)t@IX
zT281}!<Kq`FM93BLCp!zoK+bsK^URs@iId)y;D!Wr*HWZ`XK~bz*sWVk)xhz-LgNu
zMt(1(C5ZR_aYH#5O|^Hr?U(TLGv%)7kWfiroMu{CPkD$5BC&(^UTnzk@KHf;<XG>n
zc%a{wt27Mj7WjJ&Vq@|_NoG7w4Yvr-nH}ZmmCRs!C9G2nDpAC}ax|u|9<QfVR$J+M
zFjqQDS;5^_dm`c>EsK-hOSX7QN-zQwZ{MxjV$|p$4Qy5oHp`7G0sgo}ePpDvcG*xK
zoS(<hx^fXPiH@1W#Ch0_<*Bg}hw_yK+(|-S<u*kUH%s?dc4tXg)j|soOwXn&cas}9
z2P1~SxD3uFu)Sn-U%7K<l=4;re!{0cWcS0)M-Gz6aG~PAb>-KF5sZXZOH(eo+7)?R
zh+Y<EAawg?F84svp_c<m-Vs3nG-%7V*W<hFV+%EyrB4YRBAx{Qts&uMMO*&(dFW<i
zg}e5D4y=uN74+@huEUKjwV;q5DA*}hnfbcOA=ME0o(UU}NWkK?hUVU7EiqV?Odqo6
zqRLi8pma$B(02)!1%9ylbHQ4Ef;@5-dG)ezxAknRqV|sY4jq$nLpPTgG7cr+8x5Ss
z#Khz64N+42e{4Y<Q6B}wHzg%o_E{O8F0(RFbjMEYr7GmHZ!d|SFA0>x>yPjyufwum
z1t?Ro2urO!>hnArx;)K)p#AfdZy5%;(ImO41SFug-)j^&WX0H2XLMfjH(vEd_YKd*
zI!|3_OsS1H<orMFeRouoS+~ArGzv&SQB=U7q7;>)A|(*Sfb=FrkdEM>pwbBtLWYhg
zMMXd$G{w*a=`}=}^xmX}E<K?H0s)fy>ZmjG`{ujr`{(}FU3U$CW|24N-DmG}_IdX6
z>|^j@hByL2=(ge49_FDyb&6DBGyG!e>XFzN%T%hJ_LZixv-M&uIkUcX$y@qa#Pv_F
ztC&k`@Ll$r=Bf}Y!=;BWjYC#7N2HMys{eGO21Nb+@5{|>;P+LeN%dQr4xCGFeveRK
zrT*PBeyk$@eDJ@*9_9^{F{W=L*;Vs~rYZJ)y3D0!eQC@e_XsF|I2PP><FjD+)oz1(
ziP%a<)kuM#d+hbnMBYk60ZnEL-1Sav%U9m6`<n#sB>!=ao%Qkg#WqRuk{@=D3Ood{
zf8fMLoYfOxyZ@b?wD&DD)8S12@q9K{CcZ=Bw@=)+{t)-#oa)a5eYo&H1NaXupz;{U
z;@aKU+bur*se3}y(nLetCvx}N@!W%u?Z$9D=yX|MPfvGm5m-I-;I1oge$K+^LT8}&
zF?Sn8**hr2ZK(Sw=JI|~wMGHuz=5*4SR+T@^vh~Jb2avTp90EkrY^duo$PaFDRv53
zE07RLb2=80F@NePKYu!$J+Zwg`gm)>2J_X83~!-I?Ktnwiyw1x_e4nYJlmX!@{NUM
zuCfZU1Be!AYCF3-Zgrk-1pn#v)#1|P^QQV{W+OWI9=-9ri?9}1E^Orc{?C@Ihxbb>
zsAbLHt}}ZDb7m<8@BUS_;V_VOeuY&kOOzotHphyJUpqL2v6_<v-|%9Yn!&Euo(R_-
zM#OwFblE!aSmZ8HCb%LYgwtfnznGP#W6if&nUw{bUJxsUpZ;QYOILTWTl}J#d1iJ-
z-JL^v;B##<GoiOnO=v!$&$OLbAk8IacJVQq1rlssaq30F`wj1@-mdM@o7)BLD9S1P
zb@}cx!}ZCA#YKL(=(vn3W8D?*-+ts#yy(>TM;T|YIXC7NUJrYGw-{yVgr|zz>(-ek
zf<Je6bQR>t%OFsFF<F&k73(*r?J)1s(mLWJ&u_X!M1LmMVc4`2pRLM}<L>6?$;%iH
zk!nBzh6ocsmx0;fvRqoI#hL+oU()f1QPVQsBE^Yw0`6au^uq?hX=G>HX7sJda9vag
zPYLU^s6pR{oI&zYr-yOp-(e50c0~CN_G3#@tlRr9jEf$Y8G5$nlKCJriuo6+{!rzf
zT*X<&D^lsa@S0qhF2_oeK4(YD1Z$&%X5w7r)vP9-k@<)hH+CSL4x-wOoHZ9Hv)#g#
zwMt#3CwnuGz`7qUEJSD=4T3OD#45mDSl6WzjKC#F^4lIH-Ql`cYIZ)=_0hu2ZD>kX
zj(sW9=wHose_@6raNE#5Q=hS1!e9<PL}3YiGT~H#!bTg;(<Nq_PZJ==7}c!#jii{Z
zMT)%=exu9e>InX3X4~s~dURYOy=^~Rgs?JU4}y0TcC`m6c^xi^1MUPNpI~JTbJ09t
zJKyKRT5l_Cd{>%-WGmj7?r)Pa`C2K}!)MtSdTOvCd+3H~d5%&y&WSDa&iGq%ZZ2Gy
z15N=$c{A8QjMVfIygz#ZHl)t7PLWc2B0tTzjBKmnzQ}7CK{rc#&=ONinl=s?U*nQ!
ztkQO2za!m>5kM9+N`2Z-8(Ma*?cqR++MBjq=*--~=#B4!wx79XbTzljbuOZ7>zPCe
zq+W+QlsNOoXegJ&*gCZ028~=bGPpDbI}o3>=NCbD)}NbvI4r13bb6`c?Qly3yv~YR
zPx9KwBQsOh)wA%J`%)O4B+)BWd}`5VQUJUgh+=}N&(UAAdOC(mJ*b{7DqP)tTASXi
zQWxuLw{qdw)Qwb^`yz*WlpC&uC3hKvB)r0TK-3rakW1=1;!+@a+;mlr!~TfRf;y0$
z8Q0rek1Z48gr00Rm%YS7oBdoRtX_07E{MCXIrlc@@!l~ygq7mYWbIK*bRLpKHI%mQ
zCX@$f2!1gi%}VZ=wY6qlweCL%u~A$t4!pG)C2{JE<l!61Xy?6`pch?VLIzWhHn61L
zKS-6oPu(3M1NxCcN~u8N-r%=YOYkP##mq{S3Qfj1GqP|TUW}>%^Rx~Vd^T)<5qQJ9
z<8d$q9rPX%xNRTi#2)@}=VXJ$UFSsIHLW;1-LF%At|Y<+p}W$2HrZo{9h__*XM@lu
zaU6BDI1w6hC6S_e5Dm<<R6aQvEU{T>oFV69su3z>aQ&0O{8g1t`<}+e%uNLj#eQjJ
zM@Z`)AsvP75#hLy^)A|1-a+SA7E5RuW4J6W!N~~3?-fKpVDp|MI&I?w_4)Rl*yLH#
z-bdJ7_qLJn?>ifi8`jqpCw;;XhoL-O!P8&4nVQ9C1Bd&40_~BJ?PEhN@dc?TKc+nM
zp|o-ji3I9}o2T}i8Iph1TEw&ayvO7eTwG)PA|LJHr>)>~b4-q@$5i9p6%b)tI|DK6
z>o?^*1%$1rK>`r_hjF`8kip4I9bu2B+bftC&QXsQ6lh?5Esu~SVb+e#m3uDVbjPWX
zB>DNPS+|iKy3)Zp6}|g6Ax{_dIQ4a#D-&nhpNp$6E(CxTIX=mYuJ0CtH!vQ52Z!xj
zJ3(uh)Q_^TGP8Y6z@4oy>Ot$m(bGe+<ALC5k_%FUr#1VW=CgF>wOxGoINs{s>L9qY
z-^p-XT8nX|HX0QfM&$>moZmm#mpSi<$#c>p)}`ML059_d=NLO-j}%MIbI;Gu*fV_6
zlYmIIT1y>O9rXvN8*&y=rtk^3956zWmJ<{)Qp8M{moqeQ-DK2$!mEGo84?+Kl$fKq
zqw0;x*>CmYvewH<{$V_i{3zi~bm!~iGmeba6N?Wy5-`?+ML;K?p$?Gmb)8?qa46^|
zOnC^LQBFkOO)Rh<3EUn{JaVD<Z0oj>DoAeNao(pPs(gX1Id%76VloOA^rmnNdTVY&
zW{&7ovYz!WGW6K;2o7qr#6~)`d=@<YM)pz*=^PiZdm7Eucx#>5H>-`(M?0ytwy^Ro
z7f6qpo_V{!gxK@pU3Cen7<%%yiKJeULS{35vp`zsV4|u)IAmcU^_b2D$F?I$(!f&B
zPO4Nb->3vb^a`#O<x9(f^a!nG%cZ|rPFxjRh=>lWfEQ!oTf!TJ*Aki)Sr!`BW!wTO
zp-gW|#2qhBATDe4<5Z4pmg^o+>`GR(&df%KY+X6Df)p)pBVfdDVxf{E<K}D^8=Kij
zS|4w)eSU~!@kN!1bwnpwzLS<e+T;hi`icI<pSq`V7{r!1DYff+M%XHh-j#ZlgU_Hz
z{b?7^sL=sP?y!HVD7P5zgVdbH>rmgRh>JSkkHCEB-<;*;eF~aCNMgkpPw}>XKzYLn
zq{O0p(kAnAd#kzBIW>Sh{|%G?xb`O6;pUgF2xwZ@*qc;;igS|61<h6uRkH7W5pXht
zCI5<n=FiLkz|fUBfk80WJ~+L=@!vd-1Lyxi_rDpMcHFTlP4Bl!pM>@<vPA0UDty-=
z0C-gAzI_LKZ#WnpfbRRhIDm`%--<v$kw#K)L=b4<`=f;R?W7QWD4oo)_xqejzJ#go
zG1&Vr<_Hzg=|Khq-KzgGgMT%7&|w4`cl<|%>u;_4f8a6xNxX7?ZhBnuFYNPwo^)6i
zx3QO=W@r>lo!0E5L+&6RCDs0mIe>2><hYWxAN`_I)zSIm6egOVw-C-)^cL!jhIzUn
zAFTsqx_pywW#H?jq8xAMtl=E#A-pP*hCkgi!1X+O=`=c8N#RL)g)YmV4ro={;pqv7
zbW*SR@QvO78862NUQ;RqDHf;L&!zwAP?+8oc%;mXQFp0P$tfW%E&Kt?zBF1to4?Ij
z<--#lxfmyn7C5RcUFoGY6~^HydF7_7NXDH)l!B~}fa*4<Yaz8niIkC%mX>C;zCqG;
z7w?gmS!>4@h>I5>g^e(xL-m`_>D4&lR1l0)bJ2vMmQyv3<|<218dj^d<@`L99k1<Y
zW;Hpr*2F?qE%!~T-l?43Ou`cngCD`vbND_QdoGETZ`TjEVQ+zrtsG=l98+u3IpI)1
zi5m_BwtWS}AHJ;aLbLzUQpDI8AB?3t22qkc{$x2-*BdrWJ5O`FKqYZRe*YC<gVAjp
z*57I;=~}ODZUcP1adOm->@Byss`jR^5%fscj_K9sklB&4&8W*c?a0yoC`ej{$vR~$
zDUZ`f>gIO(Brzn*XNI$Znw9+?eV^R!?@3=s8wU3fITx}`k4u-YE~gaKp7`YN8`eiG
zqAvvz6h><;LZf}b715c2V8_;&m^$!bIk$g1FQ6!=l4_uS?fZwv+$ueCOLyMoyfQ?{
z?*Wb?XTmkJ60)#!F9agTA$N}8Z;JW6SV*<Y0_LK%IuIFL^3*l)*?tmnh-+@BE?f22
zy&c0%z=$EHW_ixkaF46~WhKS>sA+gCb)8TSGZ3*h^AgxtD=|o3e-Qj2>-7!@V@16z
z>lt3K+ztmH4c^DHs7@P&(?rAm;@0-Pv(-~nCp>}XTfROPUr5YKYHF>?uyzc@luxbE
z@FamYCld_&6>gHW69Pt?8Gb(qz7!Fq#!c%n)2d+jUunYeLxxvqZ_2h3Jie?!<eW0+
zUlE?3I0=ZGhnP9z2L>6bt3m|YJSM>*a_NaCq!sg_8uhBqY<n~=#%6S`R+pdtUZbKW
zjA8FKAN$5;WpZ+(y+PwqV9l59iAa)0Nm#AXVM!4WH(PxzU(W=7Xi<|jGR`r<?-#K@
zA`9@3-Yhe-vgSqEV=g!1DwkJKq?pos^HkO}V!+n0H5+Dkk<tX)LPMMfiIfa`=4Q+_
z^CTvluU;Sk`$7(tUWBP34@#9Oq=0MDHQVj2fj+}tDyf`;Z@g2R%+)hqw7pJFX@AP0
z69IGMz#%vTJWzp5vjJ`|C>EsG%b*cUz|il@^+a84$Z&5h`vS}R)}0_oXP~=6MCu&0
z_Qz2nPYt5i_~FBQ>v>YVSp$7@YzRlveLQYI6NVEe<msE9SkBOo<6nV1e0BN;m9QA8
zuO4&{Q@%qG37*xYErqph4=*xAw$<7u+JG{m*L`(==GHTK#(92PQoxxr=#6pT_l~Xb
zFggOSia%l%ExF^0U!_anKhJ;Sjt!Mk^OWWtF&OQEv@{4*qdRDe7-S)B&5SWUGBr*r
zy#C@i)2+3<(@Z@#!}-oZPsgI}o%&$vC3|Yd&&_vY)yAp<>Z{~nmm96E^-l8ffdKYR
zdJ7dXb-;5%^Wfz(C%Yi$+3xq}1xkqE^RhHYm~|eR<pH;+w_F}eD<eP05;gb$BQ{;!
zN-1CVd*-)2)WA<Uvu_2SY-#8`<^MFvbOj&#v`a9W>(`A+D!bNP$*bnv$%pW=sN5!*
zf8({Tv(+FY#i*^<bn37Ye8-XZx7f=EVA5mj%~QMltchNA*l0OqGG^&>_@Ihh-?_X1
zOa7XK$FvVyz6~$yYR(vGX~sM3=X6G=(>8^eH^zrG9I>ruPK{A2u`AuNr0dU`Fbu66
z<+c$G+<-oo%iz?2L*ogogV(47wMAXCw4>pjWox>g^BJ>Y^uc8qc3&-rwGrJh_nG`L
z(F@<!;93gu(H)nzMR9TQqLDlsHGM*iA^Pj0E;xK}HcBGO$>V6HrZWA;=(XK<E0VKu
zxL2@x5uKf-8<YpzB6?Fhf_ve`Q%j5%{G5Ctu-ff8TZ?utx~C*ekt@o4-0!r*=>bQb
z?p}9P>KQ6>C8y<a3bWwL*I{;<_y>ryB69TlFV$x`g^lgcBpIS3&~6~+NreV%7=c^N
z=Ukzw6@4;{5m;jN4&te(u)!Od?jl!Sspar*{Z<t+RDZo|HXmy2QbuY$5L8v~`_Z2z
zs{=sj@gi@*cY~{~Ns8Pht0cIJB>DjTSOCr#Aw#l3g{1|;5~hZ1Z+7QSU>F%5$5kP5
z;^8p9u&;|E^yBPaTXI@j$xdaDmh4*h9LO#^t;BlKyKAoGIISq#zIDOY<}u!K*3Pin
zy>>RMpomynm{DWXT+ewYM^=bQu-sFlWniz(xU=MkYaT6MH`vBmzk1EY?LCHGT_ofU
z;W!WX)w60-2zKF0;sgZ{W2n@E711Ygw#MqI`mq|%po(M8%@8Km^p}@V)Xo$a>U+6`
z{9A4!egnkUwOY<`t?!&pD9s`St@z%i>}7`<gcC+<k5V78hL}IOgMXRjHyu!7{t4m<
zT9!YwXep*~$UUem5qDB7-$?*1>1h~82ql<I!(_yqU2Nt$H?g&=26KnbCP1x6638AZ
znDkMW&cL2P!t0nAw<#F9bo%pkueph+f+u2h$L;Oz?#(_}53a3wYjWV1X*1{>IRud8
zcDMrMCP~mN+^7v=7D13rx;P{@wvsdam^K>1!zNkH<h333l02R5fu^5$3tkCkNdWqR
zx4$XdOP;Ge!oTOKA1_+@P=Jr#&cYr|eXpL@-D~#d)9EqMnwZ^k$0cRkQHd@+i$z(V
zi5c-R(D5!%*j`%|NT<>rEE|%$>TH|rH1dWOr!LxBm<=0}OtgGxjbQ7MIy!91@5Qzg
z^>J~3tzqP%%vAYrS}qiY5NPe`bW35Q!u6zKdJ0?ePQG0t{89FzK>xTVE{BpXQ*&j2
z_-vqZ-<k2?_CfmtxC^3D%}c)IPD05wN?y!(b;jizQ5z>yg;*B3u`u<JLMYEhUETTG
zy-fhqk4BV2E_Qk&3-i&ZM;5!gC!Zu;V!%9R=laOo*SO*8a%f2>dxfmE>fr(B5rFdT
zG>*31%bA7gKt0$Y9xSLOo0t+-Gepi;@VH5H!^2^`16e>h+xiu35;Wz)hMAH5LX>h`
znXA2$u<6VFNsA{VO1^sJUgl`qgda1(^)XgdYIAvH63fx33hBPbL3+iBS<0FK-T`cF
zI_vt*P3NP20#=G_d@D&ZYO9SDu((6!XuVc&L4-I=QAfg~WDpm&8ksu-nJfg9d)kC~
z%a$s$+!(D##fxC~NL{v-ACoRohiI`Tre0$D;V`S0m!YRg<nz6~=`jE8J3iORHy{%t
z&@&!(oo92Mg!(Gz_I5fOqt1F6dCZnWg3COsRZ(q+``ZT)>`8@DMF%flb+=gXwLt7>
zWsI${u1H8UTS8h-8J9WlSYSef_9b_M0%ZAGnqeEPj<@bZg0*ZHX}*t7x{p=W6P2pU
zN`wH1R;P)&(5eFot3}vh&FS7b$`~eHg1ezd#I$ER!Hc#u6{y=+x2pRRC+r{Z_#RO0
zq{Rj(ToKFBN=W$OwHcJkvU#f|;TKvwWs@@Ex$yJME9WC7>O7dJXgvvEfuWk5X3FW6
zte4irh>4Rm^TAK#w$$t_CjCq2C+Dd_Pe_ZRJF&V4G<lq|x0XKXN~TKOre(b(EnZQ9
zd|`&mr+c~XmPHGIWRFXB7QX!y0-3x5@GI?U_3J%q<YI)3(^hBCVAw{~J;|;q6aHXa
z6GFDw_32iG+pqff-4yj`quC4VsM`gnn2c!-H0^n&&G8j+!&u<iA&$_~xu_iV1?8TD
z&o`^!P%UiBw8%4VVtIaHF;xIsfV6{MjBhcM%m~pBQisH`whSXjOoogiiwZMM)}6D<
zi>CT@QGG;elhCHnP_Zrxk5kT58_2->^+wtjsdt*G2xzhY;Di;+lVg!;9MZ3rGo;tz
z465AElZWi|$X0VAXCN7<K<SL&;xOMxnCL>%9w16Y!ut?25?l7`j`qp)VjEzF^l0`|
zl&K54$s<H+Yf9SlBT>w=)m4?qfb0_M;+NHr_bDCOwd;tfih{h}w3*3qgSV)q(Suaf
zhHV052KCu!@T-hpMCxU&%JS^<MTyi|uqUHNr69eb<MFa%6j<rv<rBt;I51<~)3|O;
z73sG800%DPpS;H@qNO=Spodjat}r^bLdx(HXU#ARDPWM&yYnKRSA_X7t7C%J0Z*Rz
zf*Wx3H)aKKi2~{Nz2$afzdRsp`?Kk1*AIiIR&WGYYt}17xkBSVJf@5yztr<uB21R#
z+=tl)ZTd#E?(k(-m|dlfjwdbN4S*YInMQgmBC}Bvjb=M8iCy^cG4&IckYq21uGvk_
z3%#S4*L9{bt|JrbnIrV|94*4Fu6>(fu9Ad#_Zx@$?FDJIEj&B^&pDO}#VRyW@V5+z
zxml6MtDpOJG021WAZRbH?DhyvD+9U48V8fLx0<%2&-VU`%&+;FH8SMUHYbb6;b${?
z7SF`-!ezTg3fALeP=(x%@k<8@%H;K<McMbE-6F?khx2IhM*0hScDa~oCNd%pxZ9$c
zYYKTIPV^($&rPm)cAHe$1clrwEm_(rG@ne|a*7+D#iox4>EBk@QQC+=0*%wl&4wZf
z^-IQfAAlCd>QF`3d1t0Afeq%Au`TFa<!`=489s6V6l{jDz(r7FIXP)aIT8Y1vnPpi
z+E{Q5c_{DeZa=Lv<0}-{!hutDyr^KFaQjk#Yp6P;R4E|KlxslT<H6ih-?D8=5_Pg9
ztzk^d^^zxg2Tv|{dTe9kW`!>bV&S3B*Szx|9z>eN$CX~A6z3Ik?N`duG@0eG$v~mI
z8o{+AFY)|w`tByejt>^h;ned;gct3@Qgug$Bf{vIYf(Xn$?MW<1N727<@^lJinY!x
z5xu&#&d(Wgm|1VG(29ZiFMD+LHCY}p+^KWPitl1!<@R&5Ze_1cxPGe^da&rWhVjnI
z+s}<%C^@68`V!7KgGw#PyVg)U^g<Jue@IUFsaz}MluMLjGlp9eVl`u*vhzI8Rw4`|
zBPQ-XcVnzSTqDerUS%tk9^Gg*T(sUiOvR2MRTa4=$R_lOfjkYxr$4s?EQ~L7qz%OO
z%`uKD87eBtyg(WHTKL@5qiM(O_4D0bqCUEQSgEu$v>2=jX5k1B2%0Kyg5`5ceOSM}
z<HNS2X!Vi(fV?L8j>&2w3eF@Y`DSSx;_5I}yDdgmQaex$fLX5}giN)?&n-d@@+-52
zBw^ol1y)3PWNVn>&u0_vQ@aB7C3d!f`z%pT!Lz1Tyl?!**zF>`xy2l2Kk95!4`thJ
zZjP-H-9YX<bt$WZwIePGo-lFo&M(6e@~o!X83R42M>ZQrB)Zvxi`WgE3^ol<^##y}
z6X>Dkci!Dy!H&?n{JYd4lZd05p7s@FpM<l|D%@Rd=I~8K0pF@uoFJvi8Q+hP6+vXM
zwH0lt#lo)Km-~#vScV2Yuhh~1RG$`^f-{qrO?np`dE9LvLHJ*=j|)}|*?{qd#OT-0
z&>Kq>Z(QV%$5!V^=A&WKKCtlKK-Vmjf|?S(YWYhze9&q;SL0|hAqbGMqD@hl@zb-_
zo<B_m;C{Y<fjR>lh{#iJG-ijB7s#@Alp*x>r8baOe7xQS6Q4I_j1ovZX?4avrK}BI
z>@iheU-Iz`Dcx#ll#zK;2Z-&IF*7Q=#rSMBExTeVK&D=v&ALv%Y1WHxto7O!#bPCq
zs{IbE80B{V1uO!f!GD)ne+P2Dy$q00;0GakRP<61aBbTDQ0~wDg&ws$MZ^jl90~#|
z$wI{xLFORg3wLCjC>CqNNX1j64?wFtRN|4lKLF6<15!fhaGk0{@UuXFmQ1HllBsmU
z!kkt-6k|Wt(VGByw3EHuISU^Sd^2vmL8%uOW3*wJ&onAS&Z7b+X=pNf*nU2+hdJ!A
z-4$c^<*}?gChj?DR3oIush6NBUVnGsBA$mHliLt{tb&4x`*XW#AmIRgr7Lpf%b|B2
zxcfEpxZSKlV_S~pOrltfULVwb1lo3IeYD9>b>BR~<&AJT8hOEseY%i+AOu3;d>&=E
z-8Hb++epKMQg~^qky&l@&+wF#FnS5MF<afZs=sIAz$qdE5U3YR!)Hw0PwOKj4kM@h
z%e&7=ejW>m`m&n!a)s$>16A105JlA44{9Yp4m}k=aY5wWbJ&5Bc`L!6ts-`JegoW$
z#0G&`y-xP-MHG#cR^jnCytQegzwDxB63>#Q-AftT^T9DGk6JHZ4m9Wxvg43yFSA~J
zVe}MebwG4kX+I_w%dLF6uXnAx6WW_@WU!y~s2^kAbc-Y{h4~8rXbfaB*h+S(81vLe
z7SzZ(xlLo!0c|1lM#=UvlZ!-Sp_uz~Kf@li?D*ni=)Q*iB|+T6IUi76jY-H>lU0%N
zAl)pX$fiJs$RqlLw_xg&oN#IBSaT)&T3KupQtKCzv|yc*-evS>D$xZwpByc-q4vnD
z6QnTsO^F6jFTQ3mg?EnuV#t!U&=dlo1$UlgZrj+{{P@wka3s~Nx7@nt80Iut;&N^J
zZM%{FQk#YW*;d|tCFuoFYUUxv_`79A)-<yr=iB-lceH?A@Yr7v$M~DHr6LWj1mumt
zv^2E|GWW)KXHSzIk;{}X9OgNlvREcuhHq?8iy9$S$hbdPIEO6cqK$hwIJt~*N@O41
zQMQh|i<mwy;sP!#K#!R^h`Har-$V#AEv2nN32OoR92bG>=PLB+y<aLmMgS+9<z(;A
zfRa%SVwIUF_97|+>qWDtqAk&!S?CVNR4@LB&C`*xa<6H9Gj&hs66FN?SHKwae>TQ7
zg`|N4FZ|x5{3r{U-=Ef|X`kL3rB|QObKosFPn-Dbjit>j`<YQFzD#o<i(BQiB*ReB
zdFkAL0Kvv50D0^w8T8^Ua=WX$du`y^sCVbJSR%^_)!eV&Q<At<AZ(BHzX@5wh5v-C
zhDQD<LjcRs^n-=!YB|VB>1k7OUh;}IZ6#RhC8bhT;Yn!^+aK)Le-8x5<0uw%KJ<sf
zI>~=R@qxBI|D(_`!1nsx;r_<Pe+yo{1^;^+s6ae{CNu2+dtTr*Oz*W#6FkV&<2J(R
zzSv)Y<{x#gzZR3us_Ly_@BYy2{C&ad|NdkCzRYy-^>;S+$7g>irM?xOew+NmV*i65
z_!WEY0QYu&Ba#PeRlUltxShcA?e}&?Lsuqp|6k5JB+LuuHI-r8mz~k}RoMjmHOGjo
zPCycNj437grqSP3JzU&n&QlB1Q8!^yjLLc(9D@EXpvj}|jA<#z%@2K!`U@dGb3@eA
zRZIkS^mqQfq<*khZ+<cexQ61J8tNNSzQgN>AnDsbt*iasS?YI+e!kgvJ<&H(elpO8
z>vuWQe@yQGp@R|m=O_O$>_6^vpYV4In16!grxNg=Ao>3iB*P*E8e_M2Kn6USU!ec%
PhNGgWsgQNU+~>al2D}qs

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/readme_screenshots/fullscreen-domaincreate.png b/docs/wiki/images/readme_screenshots/fullscreen-domaincreate.png
new file mode 100644
index 0000000000000000000000000000000000000000..ceb2d009db09d9894f2c09931bbcffa626ca03b8
GIT binary patch
literal 115626
zcmdq}XIzun_67{AsOTWX3Q{8~AR-_jAT1FQ=|n{VsiG9=oe&_23W`dTq99eJcj+~W
ziZtmp)P&wb5+Fc;v?nuX=A4=Ne|kT>AD)L_2xR9jd#}CrD%ZO9{pOCb4)<>YzwO(%
zk6Tao*1diE4k7pL<1jsPfZZb5^wfd<XTR?~otyhgx`me69}YTc8fos^R~ExXw>!lC
zeAG+#q3^zZJWap<?r-(Xvu8J+_0u-@Gx2ovgWCBx?DMj7_VAPOaPT{KP3EeMikkw$
zc;7zObG=)d_XBNK(~dqmJ<nj?eJ5CVOQ!C?Es~T~N32)a4c*!UNA`=J7r0X+vL1OU
zU;qBqr$!H4%3cBewXc3*-C1#YX@2p1(wCA4*vESLC1ziTM~16hb}_9&WE!b+wS3Mh
z9g^{@Q;ob1$HSl-Xgtg*r*EV&?fBrcYt9s@;|DeW^SaY?vJr5HBfdXW^vH{If4n~J
z$p!*H9Tv~#)cWsXTefSU8{CHafLH%HhW);RnSwtPNJ<bn_UEOJ9~?q{r|na`Dyeby
z&r6*<Qowpa-S6_~UeMLQ?s)t@>kye^@LSgAqrdKWE|1BD<IH=mxBUITcf7;k`~PRh
zE}1I&Qw%zQqqLueWZ{xLI-Z5tThGm~2_fosx9FHncq8{TAQv^hn!T~j_;-IlB@LF-
zG8zeJ?ih6@0i1xkyG<%HW6rUVr6Pz;R=`Aqw-!zqJAt75N=-H3!___1d*JzhE^^jn
zBZpP9Api~9TaA1f@xeM^{(<sjY_RP#Q4k5!!nG87G&1T1JuRR#Zs<fnv%AVi<vP9+
zwByiVaE6IbUiiNyd*_PeJUY#+=%Jja$I9mN0I&TO!xW_6FM4(buZ<F{yS!{*LBdeq
zC>i85@9@wSYZYL$Jwq6lY216en^<fkzm=Z*K4c}urJ1%i!}lP!XlI%hpOIGUX`oBr
zJ13YD3J$ULUTyLR=*3d+ujqgg$n@hLj`v^_$2x<T(NLE6Mgwp+)+85k3_<N8gxe&Z
zeAUNHL_6wXKxL*H_QhRi@ENLG@ZAWPz^ovG;5~~6&36?WW&WlIpOX4Eqk0;U)jp$f
zoBZtqj_+6yh=_v6#!_GWZLy0j06%|%+!rmZsC5vJu$m-np=h+iB*(h`8nK{I7UerI
zsf<s_NWxgQ7u)0;qX4O7^vD&+0^y}`t78+*Yh@5=gTx)H*#ObKA=%T=cjtU*y28h`
zGY(eX^6}ngOY<+S&0`W)1Sefft&%}%Fvnk;%O<D7xdlcV3~D0Opn|=1tw}hJ@NMBy
zNe?%Q$dj>6NTeXxX)cUk&m^Y^z3l{Htbg-FvKod6Br~5vvjR?BxJj<Dh+2_&zVFKl
z6?52xIrLm0Ffa4FRm|}jxH*l434C@2jHYpFe9k1PZUY7CW`Gxs!i=CfxbVG;e_Mym
zuXtJX*c4yW(qHxV3z0w9k2dXD4_29_40CjQ&aU`O{{+F~TOp{xkxoSBfW@|v%Y;<E
zGkulxgf}`p4n&Qc2hektNVdE<%AA4<1d}uO5P81=$2q+}45l5PK}#}x!;eSQcfYoR
z*gH@*@aSEuX5<TXD=%JM9Op^qn25BVuK4ZFf*5dp;p^L$%yFm<!@`z(eKg$Sri3tp
zVR>>3*rTyI9X^K#8iT&v{@Odb0zX2Jsw%v|8Y|5COTI@6+{N6-2x!OV_lXW!*@glN
zS@>_=L|T=H+!yykNozGjpx64>&+(km$wRJ7MG@gf#4+qpc}JVCT8#UsZ1&<i$r8N*
zUk}uLbQb_z#p(sdz*QO34E^q{TmB31N2)g8n=rJ;6(?%vyAnY($Pj@3O>#Hw2pQAS
z^m1n$G@L_vaK_U`Wv<LwWtsq4k`D{F!F#U?YBT{0(TrAuV4MCYZ>!-O6HXI?8&8@W
zN=L^V!@K4rzsKMgpO;fLul5Yn)-ueH9llS3m;>?ZI}NfVg#*OR@c2Q-U07;mdvwp!
zF97^tns5&Dsp)Pw@;z`ba}NH<^g*N8Pn9kBr<o>K%63sOWv-nZ*cKxJW-eJ=&{}Sf
z$eh1uJik64Y<z#ov-Di9p36{jLVu_*+jRV8J-M|iNF(Jwcl#68IcR>wtF;DdW{Cmu
zvTkaq;Be=428{}YA|Pfd9!L2$g(mB;BO-8dKaxrbEV0k1zM-28dOWcsnIZz)++}O<
z2jp5I7~$3K`70q+dUFw(wnqX2q@F7lsZv0_{s&veI7#B?_K54hO_I;~+(Swn$nYGX
z3afWe>=f*xW7}Qb5XKq$fs+dwT=pU&<?7$Vy87Kw0JT<7p&HlbN&k!=F`AP*-#C$3
za$54RTh#Zdd!!UITeZgRP20flzP;)^;Y&??6Q@Lfj`kD^(YJx6nBbYA7}go}ttV5i
zL$o_v!rb|JJ9F6p<HJd#5*Tqg450U&?17>OU9GA&Q2;y~qL5FY8G=F@nf$hZlgkE|
zy6^nWMZMkMWgFa;%_V*@I*Qy|Fq%{=!=Fj(5$<=|_$JD?B?7f+wOg!QMv`_J0vY(y
zhvAyS4bddrfWKzXx^$4?>RDy)jj-huE+Brp0SsEB)eNI{7F{!tmhGcA%gFGrni=!V
z^#@EzPI*h_)TNIfWs%HG=$7UB*zB<ov{5dVwp=oO<WopRxY5E^)lonB5F#gCgX?0G
za^hm_G00OK_w4gS->bhhgeNW%AJXV{K|T2IwBzOWT2xSoE%QVAN;q=$TuYeahUM(b
zSb^_krpaCJ$K#X}GD1^@VCH)2LiJPwD=5G1^(WcroxQL!AG>tNS99=B#0nkg_oqyO
z>5nIvj}2zuB;6r%j4L*ZtUfqBF`4;tF!gUf`!q+r{ZRP>E(ym@p;K7K3q37bv0;jm
z<LV|4JV%*yz4|VJ8D+8UGFVPkDW2_i4fY=IzOc8MA*B3t<q#t`K=`Wrk32~;8+dT{
zhea}Sev*iWWWW|ri8*mO<HAFGklvSfmgO|)KW&W}JBu8pSN0~~D5Lje)3#z^cs}6b
z*GvG5fq9UD2)Mz;B4@Dfm*l>^zx9o_R?K7^0lABtqibW4)*GK=DswN7aI;|j214y~
zA1}hvP`u9@4*ztQZmOyWztHC0U`@{{X+)n!Sm46>sH;1MmXkLYS4=;42Cti-hi{1P
zZ1Ji6Y?UjzMmAaq*<HQxWUL3Megd!2esgood8}tbwVe9h{PN9amy4Bg=x>^UvNaH$
z@St!0`^Mmf!J-6_)l2HI{r`=bdf&n_%{qY<Znz!Ecpa*ceA(jbkJ2*w>baD`+kE1R
zE(*_Jz@W5&f*zQ=j0bdj4Y&TryU8g)P~LasYyLp15r)1&AR`yvW22GY8(@3}9eRhY
zRC{CL+MZ?~BhK-#6n2`xHSfMP*@`eI;iTf<<>r);uDX>7?)yVxoy%*aFI}E)yPKF?
zroVhoo3#8;HdS<|iF&3LWR(kse~q35OFShATw5jwUEhik_JhWNhH@LmLeJuv5we#)
zRoF6I6Wqj$8jcnnY3v|T1gqijn?Z>0zq~(ne5ai&@z}u@hOf%QmP@e431-QqHN89A
z0}WYE-)^h(?S0`SmCFfpPE2o<CT^O}{{|<Ax}7YH9Xw!%0?_@IW?;8BhdUMC|J!tN
zIdR*hDqRutcft1g_K+3ItYcyqD<eDy?QSi4G>!WS1sN9x)^C4yAP*A{`xBFUr95up
zKP!kE>e{G3X^DI2OvR(tGv8uZYXcBgX6ikk>UZmN&BHM)pB0P_b>JHwv6uOk=LKO3
z$b=QFkb!aTEAXAmpI(w#Iz#ydX^xez@7H*yCD=E1mCZ=YSy?VZfJKi)_jII?AymaK
zIZemrF*=I?DRH3KGZrxMRLvBF@zI4x73;O(%ttTg;KwhYq;G@mq(G%hYt>Ll`ryRz
z3AfB&0?GN>5(&9V2O|MqYn2w3{J(91mP!uF4Bv^1oo)o=U_#$0C(iB`%ls`czI6B+
zbnn|B|53iE^Z}>M&WOVhmr>_C@zrp_H1H#%;pE_9NA6XH&Bp3b!5aRNMn)SCU*r<J
zZ%I<?BrhaAaCvpG&Y6omvZJd#MVSJC>6-(P2Y7}VTZ?`K0|OA>8C++OOif=c!?8V*
zXAFbl$=Z`es(x>wd5uxM39(es@+!cd)KT42_YqAMjJ0>`>dnf)jiKXXPfo9#Kg5-W
zras5aK0ChA#RU&yy|b&}>A8gz&e=Zw=G-XdF%jN7A%kZWe%TPz!<Rd0RJO{Ux2Em;
zpPRbF=&OV+Yqiz}MO$9=`q63ABwj;QYBX9D?UEHjGZ)mhK|y%`iuhOl%M<wzuuNib
z3}Hf}imJ`u#Azk(J@K}3l)_tFJO5l72&XS2k@WS}48&#d`un(wmp^NanfWV&7~=&X
z)9DVEB%U@D^Bu|XB|nFHj>EjjW@St8BNQAbrGsa0T<F?Jhj=y?A`r8$F&{EJPnCaL
zUeP5V(g6g*%zR--I=F8(0$^%b7lW&Qf#QIVu5!i*dY`rS>i)Ok+xV>ozP&L{hsp3u
zOw!@`mpq1JoN8678_Jp?fx3}RKr<CC6d-Wpz+Z{etIwYmcms%XMZ|9p84|MSPpqtN
zc+2)%s6SC{I@zJaBTd8Ev?lsOkLM`n;lR<w8hz4WfHAq7>oE19dcaPcvxz*PEQTEW
z1q0t}hT>V&4rB<5&^4>y&3h6B@Eg)vleMK&=hmqsq;MUKn*YW~Lxd90kIdQ_06y-g
zy@Q%VrACmH7wzU^ntizROT~OwagmQoO!Cydu^-YXZ*gXf6YLeLbnp<LULI95k4vi~
z1OVk8`GHCJ>?HN3;cO(tUw4dkl4hzqWnJwUX30!r%0N;)ZNAYyar|#`{Yzs<sV!Ti
zA?LN#h?5IHxl@#UW+uYkEW<g)jh4XY%6!L3MuJec5RcLvBN>m;kXtFd?bc&G5oGkE
zKzax^$$_Fk8n-fME&`a$-9<4B4L)2tlq!7@2DBO7ko=f;7$10dybIRw77`xHqPISm
zWeUdQ!qc80gRN-ibAHB1#C!xov-(NfCIy#qbI*VLw4rT^4{61j{di`dr~S2}>qyPd
z9b?Y;_f)$@^;s3J7qKd3Iu^B}8;pi<=F^L2KPNA-L%F*@>MFzKD-%sged)71q?8SS
zaifLZmEr5`N&Rmc%B@vGXC)@7Bl;8S_;`%@uPgfg5(66~)n7-G^QMJWH(iG+T?bm=
zDe202+5?)!$=t4!A$|?R3c>!#YM*rW+P+8R7&VYws23niJk!ipdThh|-gC3|y7ats
z81Qv<V_mpml0Wd)T7#zzLu)B@Vofp$a=ueRB;XFNV6B&+7OlsRMlAUcBzh;~!l$6D
z-L+6^6xq+~VGyuofrxE--)UP<o{WD^4%0pk4nb~IK&myQLfUT*sjX_C)Mvh^1jGse
zLRag^lgP84<wXVR>q0o%zQ0oT`xwR9SHZFm%d@aw^BK7|s`A8*bp>9r7=Fck%kdM!
zmi4NY=_5JXHwza|jaQ$YtagZ5Fbao0O`E6~h}^;Xwj9HRe4og`Z&pb7l%kmE*7xd!
z7<K}=Pjg7(?|DmPxrc?ak_x;n0j3vGVihzxFSTfthQkabbr<LQyDL}vSKzvO1p5mf
zh7cBnyIuQ>VFP`9so*M|+`))o86jo2p-4StCz*TfeCq$Cy`7iVaf^IKjgKA2Cis^P
z$|tebm>|1Xgqfq0<Hm$O4=)-oUpltdazH#SIStB$8L29{%YT6rBqzsuA_?+NcY3nE
zbBGt=KhK$#9{d+H@yWb@FgT#wAYIPYWuq860mHMC%o^riw&d(7PQQ$a8p_MA<VtX<
zcSp-&wM&Rc%!jVq0Z%pZ4aWIVs$BxTPW{D@OS^;0{{}`bwOrdmFY=Yt(znMwg6yAk
z57T@^n7hL4Jl6hcPj_+39gJ41V^naZi|Qx$h!esVMzvqNDo<RHC`DSde-`=e-*Aas
zepQSHm979eQ`8^<CO@BS2&gS>aP+F#KFU{lw!dWeS#?)<rK?;{$D#NSR)tvwHUCG9
zMJ{`?HV>`tH10)*lM!oJs7I~q%!u6uwVI5pA)O;XE7#2?6ug_b^yzz7{=W|pv5_m6
z)5?CQ4=SEZqc39qhmO4x`+w8mhgRWduLV2~=ytcPVQg<T>AYs{_IM)p@GQ_?@S}kz
z+RBqKZ2y@=v7F9Gpo)dwA<bBWf1q$?TY<n=4dT*P)pXp8a9j|p^Z{#^L}M|Pckn<a
zg~86kSWPwTCSr^+9q$`V;S#B*EY{$I2#Ph6<*Kx|+LHMLuOj&~=QuR&vj2hk5e!iP
zz8HZDzvc~2V54UfoT|RFRLax1n_EL~#qBPU=aIW}-x|(v;u(Yv&&Ju^NvRkHKAID;
zeuw!=4S`s!g5nU(^(hrTz8@w77;&2_12a0}mtZ&Fh5jwWVWX1TWcb;uE{1z_6)uGZ
zTmPXm;D+r2so|oB#O{Zf<?puYyMx0{RF6qUxDJ%gOoWhOYwgy8h~1yURB#{`MfDu>
zgD^Fe@&2t3pt$;#=oHy5ly`eER<=H%t8sADB%xEZ&G>JLCmS36vI(+Mcj;6#E3LKf
zOO<=l(xdzFeR487aQUrN37WK#F>mEhNmHI=+`xs#%)2Azs)K>`r0!r}Qtde0gfyf)
z5n@0phT>oZYnTdjvTPwb#cU3j1S4!EPRw=JBDxw45<8c`H>D4~xcN`1N(qpg@{XSJ
z@ocy8c5XR{4bzK1x!C!!;_4H-;T5SwM{7B0xZX@^Cx1kVE@m@%_aWFaaJS0Yz^vz&
zd8|CNJ@t@5VyTt?kfND&;%qmHI5v@DHotJCVZL5W*`{J?Y<1VHI5~K<eDHJNse`Bg
zHEiQ?+Er2Kne30tW~J?^YRc{{oe6sJ;yGEJ=Cxka<pyTr#t<XRBv`w{D3>fso*370
zTTE6+&K=kLrh+rZh(GQsysb@gz+^%CVfD;gDbv!2zS_gT#7L`RDkL$iP1REJYGhSn
zPY>FS^ftSq)yPLu?B=^mfAch&Tei82@UwD=i7GQ`#^{(Br9ZbP`D0vqx~lgJ*ZwR$
zlicji4s-Q@AC=y36xjc#sk?WF<@?U)7?I_?9w&mH$S$c=o5b9m42oJB0Nag4R(3jc
zEc9e3``-4k_?0juwOEIhsaFl29+Tp=FSV)Mu2*y|VU14p%_jH|N=Zmcib*b7Wn<qc
znx;FHZ}K3VBr$Eq3k0P9CL(Jirt_*m>z|5Z%tj{H+rm;NJ`y}oK3fhECnciN<ly?Z
zTN;-Ka<hB%Qr@eoDN4J4`)0?%85v1du5{|r^oHNwTvjY6Yird9plcb2*4<TGGVpRG
z?%_5l8jrDIDhR&UIk&7J-e6@S5%sX@ad)y5uZ{Q6+i@-ud~Yq*3`FlxRG!}!&iQ~)
z4VpUcf3y)+BY=2yd3Pz{pug%j+8x3_5&JXw)ajYnqh>bfsc6g6#^JR0a$x_NojwI8
zLzI2{mkyZ*KhngYW+-R#*7891>`S;B6jN&u6QSxSIHKtBl)C>((6O_<*{qksK~)|D
zD2E1+bVH0=pRZeP#HsK|17pKvkeKtYch9v>N<?F3lB<+8HUs;BHhTkDmU_sHCxGG7
zLC;Ryioor^%Z>zR#YCr**`E4-=)E8>x0Q|yg0kLGm^o}IoZshvHHH0`?~$8QH~DL9
zpv&Cg4vWUC?zcDQmQ5tO^bGVM8H$R|Gi%QoYLy-XXzfB{X-jT5yxsj=8Th!r!07y!
zd<Lg+3{WW_|2kr}6>6M>52Ban98FABcGII|6<S`j8Fg5F;jO?MEvzhw#y1<tV$@mf
z)&MZIfzisUChpF3#dx4+^YM^$CCf6=$NaeP%9+_*<FpNM{>xz8g<zn1!vcaF{QiO8
z)`4k3jFU82KaI;4J*%;)_f9xZ-4B`kE|*tx3uImjKim9E!=@;AZzHrkMpymj)wRn#
zAH?W8Z7D!XzoEiyBlLKoHt4}tANt3&lN$%RNGQC^iFEq2)m;sRs>uo?eL(aLBr?eT
z#jTka%~)I&ah}S`X(>_;Vt_oBHA=&U{tL^xJbT+lI}Y~g+`<;s5?iE7>cm}}-!@Yg
zx>MDhhKoL$<cQbp`Juj=6!Kc9D95-Cl|u_no5rfrMs|O!r!|OgufA7$Jh-Y?(Q;8n
zIH|D!yYtd0*y!nm*z|-*e9y9C)!m*!-&qA!iQ<4RYZWiAA9-c7GMMF8mK(s4?U{%a
zk>Itl41C=*l~ef)QA8dQ_gK$f9t$$WEh{e)Av<k`86Kq@jg{o~6yB)h5DGJ<eR@_b
z-ud!^)se$C^})^)=X-)Lu1L@ny41Ih+=T%*-MC`nMl@OR3RPjb=yeU4@7P=lYB2Iw
zd5SK*YA|cco804=!&s%ZzBvOVH;8*IRCIdI*u4b762e@@oiY<dgr2k0L)BT?I&$-@
z{@k8u5&YSo1+Yuir(>yh-@mBT)zo1p5tIH{Yjn_7`L3_Yy`1`2o8-|_!b@R`YlM;2
zMznNFjK}!c5R=}XCY#h(INr&Go7|2{NvZbRjC}9T*-ex`2Q&W>$+Z{h-Y5OpJJ)V8
zKmg%^JsK61mC6T(?xe2%d>C<<M?}Sm`J&L%#_a3X8$nVdWraJ%7iqb%D2oo-dE@?8
zELJaY<3-naC|O<aM@^%aBe6yGNQso~-mMr(HNHIB4R}DP_Eo#?mq$>5plWb%aa@w`
z=21z}6PDe_1D%KR{QGAGEwqQZjVSMqXySQKKHa%v{-c5os7BwIpm_}qyvm&Jz+kpE
zO3lRN0YB-qt4-m56$1;LUs6HGL^KvYxXRS+j?I$_Kgim~RX@cYGyCyrzlQ3T$9Ork
zBZp7XbF4wTVtTPAwLgC{vP9UCin`>k8`2-f&uEb*fi7nfzAbaS5(9{61V>6aEcLeY
zZF?&=c-hDEa0o(0{JXVHx|bDcFEsN*TRNBcz#;u}&WX1Ej2<$IT0id5!5H!+!x1c7
z%--U7Mu=k2*p=q=BNy37M%VbV64&5|V^^%H!T47E!S-wEK5U?HX&7`ie?;Ll5cMet
z7+EQz@Hqis`BU@4*QB?A`PI1o&<l57Q=bz$E>Jsjnc<_BxDP-67YDAG29lc+oa2X!
z3{h?me|2VkJ{lVIle#)l<4dazD1OCGl6tF~N2-fkt6kIlG*cdG$RrJvcBD>ow8TJ`
zulspW(oJNR<lUxvof$e=n<TZMsjojpLUXo=;Lkc4WnB$1o)g|{b;7UG2cQ81A|=Db
zV5>koa@i9J>k7xMJvAQ^Y}Kp>y}oVvTo!-~d`xbT_+SOieGECs#tK4kHoGfY4z?=>
zhtuijbR9Q<4769*<?Y9>EjB?<y-B8x06OFJHFVb)r~8T4#L_cp3z#W5Kr?G|>WKX;
z{M?2HDpiOdi3K_AHm!$RdRl43NJs0YVpJEEIa%jLvQNClUc6W|x(kilMdK$Lts-EP
znWb^ZPfk;s)W{a;t8pA+jIJ6aAxbK))m6I)zst<M7j}W#dx45_3`-JA{ul$XIT3gK
zFUyk$y4*;$TW^$1?EH8Yxv=yZuIBGHS!vyo16QpS7$}C{tJyYDt4YCSv$clkWIbr-
z!78D=vQ`%t&GyHSMvVj9C*{z-^g-S<o$9ARY))$}r6D@H;pr_*#Hj|V(dw|jJ*7KS
z5Srm<Ox0W5N*%1Xj*&^5wJMQ>dX8;cExRH?yIa8$g*F;1NYYxFkt_p7{J_c`IraP^
zIaJBB^kPK-+Wwh_`*$1ky8tR;ufNr01N1tYV~DmEm4U%eU$`fP#Bdk{uEaA4yixkW
zuRS=yYrR;AIa~P_ns~kMn+kvuDolT0OWQb3;yc&OHJ?_9Exs{H<<P|h&TC1skGz?s
z<hrn+{Rer~_f}$cWVw%C;p=BoGG`{lM8#@{SLwR1pAg|+FZWd~z_`eV|0)RGLESq`
zZu%B`G{PyyQVIKB1+RFi#Dw5zWTE6P1l3F#oJKhTmOcnzRf=t~m9^a!v-LU0qJiom
zK@lP*-5SUn@!K5Ts7E6z#ldL<;w5_FqS9)|)LAd=7NOq$Bv7@JtXU#XPq-n<J>dJh
z7Cs}FVdXmb;(o@=tDaQQVjqjrNErp|vm<mCt%(332GbUUado7+jd5Fq=bSS*L^K#!
zS#vqb;IKHJCH}GL)C;^2*srmmz7gO}7*V_Ou;4gZON>>my%w*WF^8{ybTst+{*};k
ztuevaW&Bs&;HMZi1SujywcI=0RY5P~I-kv{bB>eTgs}~NX1vgKl)fIPI4Cz|!Tk0e
ztN?AwWnQo>H9D_3i~W!!buLNvnLKiGU_N8u9R!D~Hl=b!+WPc#0Q<y_+M-$4xP&s0
zw+wW*nAHaH9~Lzj$t<Ayoaa1b;ASfq`mi9GL(F?Cv$VXEwYxiwx6zJ5%`MkNK8@a+
zL%}VTOEHXLOHUMhU>nQv>+YXnhwAS9x)vt5#A}v=3f{14kDWDlw1jL<N2DmB18?%E
zmqBN9P{=b{D-Ayafh|Tt@Z|$ohX`?Nw7ve!$j-1)O6B!ZZ%j9l&qyFy1-AAh3>~2Z
zNK!6B_D@ZFhdQQW;Vzlgp*_xm_&g)bZRucTm!X=wDd@%OXxDzy3}p=9GVXk<wd6_t
z_F24|$75=(9#K{RX;ZV_MeA9aP_rBP<Xw^5jb>DDso4hZ_7QvVi@RE+bf^!KN^+M)
zA+d$6{a9R<`Oqi(`HFLK>5b2f+3{-h4P#t5X0`FH&=bhD-pMA*{x(u0XLK8Ov<8^%
z`C3;Y@v4{Yw^dq}j?yorM#@3)E47RMUBx%%gM;LbT3Qx?8bn=f(W#g;>hpx1Hz&fE
z+B60kUf75ejn^p@useo;BbLH<h8FFqb9_1(jI9B3Najx!qqGs)OvcRv|1r6r4j0Js
zsQWm$$lLX$Vbm<*YF>Nf*gQ1f*48!5!Kl}47c7E$q2LjJ|BV*q&P@M&Wm0aA31P8>
zz8hWRwi<I&N5t5A)4cAadDNagUe*HzC&a#6Yik5t>@H3n$MUKB@02=rDh#DSCeh4~
z)P!%BPPfpmD!|-^zZ@;(HEMj^p3u2_D#(xR$(-YvlWN6={7~YHpGC`0_#i3QaEh}p
z5DGoS<o>+S!n=i_D2pwR!Fpuo0-vHwU*=r`+Mb#^%t)>T_SesTi?+V)N6>JddMC*T
z_!y)~ZZDQe9{GZFiHVTl0V=`9YWWNKO54VF3JEo<b&fP3#g^eU@H|E&Xx1|wzz+8l
zEzcARBuv5c93?fbAJ8Vj1Cirm!*Z}|6h^`X->03^S2!>e7|^wM%LB7y@_3y)qsoA{
zC)ZW#2sH`tY$Omk7?N5bPAF|q0`HD3>QC{nG+Foj_!AU7Ex0%Ht;M0x7g$StJ2*Gz
zFZLXnu`{VEAM7OBL8|e)G3ZKe;^16r!2*Rx(Mnq@!pIXb!?tNVO`(?QL8`2y5pn@x
zI8Kp8N)KyqWtM>T3=YRZiy*(v!p*M+(+ggnlCiz+J@lhJQQA29<Mq`S)zY)|R`1@c
zE`NBy<=AD@>*RKug3FJRN$txs@yXnNB3M<I6eN`F?=h&FUIKqQoZYv}r|dCM3L}7|
z>mxnz?wij7%`hh<;X0i{Dn2WRyx$aa=57gIm$O^S@@~p;%(5>+ucHfr(sk};qaQ9H
zCz&KC8hCeM7Kt<qTH<alILrog3LgHh<<StEUTw~!Dwrn_NLcqSHwppNc&vWoL>=|{
zVtxx7oS08;)yz7K0wASfbEANv8zmPY9vW-YCE=c!t>IRi&!jisTp{j{Ax;yh`DOsP
z?+biBcpVEZ>$QDqh61}gARhc`Nd#qyemLr1c5fSmP>%V^Xftd1j6pLuZ}SFWXJvQu
z_9Msk0zV=?)4i}LfI#A44?w++0U1;JkHNnmrMkY+V-in>zjRB)btH0MY4n&Js|(Uy
z>9IYQrzg}10Mbc|QYP{7CX2=Jxuv7LK96SKzibe(R8v+|@gHSm1JSjj5h5641H{Y`
zwS?4qix|((5V|L3KA3DiRZ)7ACtto1aG$LHUXl7a(@)K-a;*SXne-kkJIy?D?`5NK
z&%AR>0;X#Aw#VlM_uVfciKelFP+{y0<#NPPGf>F40I`ilGTSz)ky%@wwx%zIejDP$
zb-gSN*}!dYK}7mFz!N=(r)xZe=B69`$xUy}Mn3IrN5wE^JY2~fL+wqL9%6N6Ug<~m
z);rZg5)eyof-?}_e1c(k>&-n|Tlfoy+K(|SEXFRL$8(WmvmpcYlVmHP5+5bqLmvO}
z1-~`u9IVVXt_xlI<|@d|U%O9CWxR?zlPb?&@LpYGPBu`_f}b$I@jvX^%T`*68(jLa
z9HlCuyrPtOm&zYCcFbk4F*s9+LqL%{kq4`}y$DdP(e4p1rYSpv3yc~NX);1%`Q(J}
zO>sI=8AI+Ps|y^9enMBD3_e>oIeF5$DW@~z{WMyXyx71qu?WY~zB?glSR```4@B-Q
z=W6NT?iao2{$t&$820Tx=A4ZUw^#=~E&ZUY+qk(<%q~i=vgn?+F2?T!HbL*&F>8)S
zdOGQiTO<ivh7|I**%aj(_c5QTFs5J2laOlGG}Ag5fAs4&45(&T4sj;a<G_HdYg+GV
zNe9N0VEpcj+dFe>!%+?JD|EJ<#qR`;hD)?>D@));8Eq!yci*(et6ljfFz8A`b7D0C
zdq?5VT(H1c81H>%>w1=qMfJPRT*(duh3x>^uW1c$EZ1C;=Wx1fR7;(1YvO7TOAV5W
z2189&qA;|ugCZkIjaPdN7Kjr1<g}E=CFVVO6d27Y7^HPD;pIPq$NklCcBghWbV{;B
zA4|SK)8*F^sc=um^3ph2L`}pi@U{5{DD_J4xm|Jc8zkc1%}7}K@XW2zCMiA*L(UIb
zzvY{;UV)M|BlV0?F0E=4KMK=nuX8jIpCVDa=ciB#?;S1$0V~678<TWao>nP^5ekuX
z;s_`CP9|%WHO^;yNk<!AUixfuNNqEWxz?-(DYa$Ix!SM7<=1}A5_ajVB@+S`?7eev
z>jd4qBPf{6Va;ELps8JnXDea6!wh_9+jccKM<i%wcq=B6u{DPQ!x-&bH6{2x)uZa`
z6D^hzBWIcMRHonNss2X%PI_I<l=fcr^*)*xVPR57&m$v|9~aejriJ!3aQL-@@9irY
zYCfYAVGfiQ+ww<j!(TDZlQv#}bip#?$84@`q((Oh_@5oh>lnOkotrl9a4$3Zlt2}~
zzVPwlnI)66T@4un^|rHY$5KTas2_OE)euDlDvNqdZQ`_?TB7ucs+ZkoMx66!;}<T9
z=NcJ4ta~(?Mo=d1%#P1zFlGr;R4{XMmR(8@q4ZpCzP#l2ft~WaW1LRI<bMyDoE?wp
zhess!fng_R;8Ud^%qf=ZTzpm2@DZPH3kRfC#X-BX!%jcNPKMWjvqAW+-RHK1m@h|h
z;a`vHN&et)3s0ZonUuAGJ?4XId7-uk2XuA?IDI}}Ok^?|Y<K5=;&Pd7R#RjR#%Ynw
z|76t#`wulL=g2g8H`Na%6GT-$8dghPTfDh)hCr%wet0?UTStCm{`L5>?de`E$}s7R
z2xq|sK##*wfScj)#BVn*iv-R<l`DL%U6~LnV0zDJ;WK{W-*dKn`MtzT17-VPJAk=V
z=ZtfdSLK#_C35Bfr13%dZjRJP)=LevozTgdcW-qbQ7~ZI&WIZFGF8~5iTiiA1}z)<
zW#0&w5_F`cqf#KuH=Dbx@CFjXi;NFEIW8f)nF%Ea#RN%38s<sN*r`^6Hh&h6P0>qb
z-3NK)xt>dKlxolj2dZ5@TAmLAZk`|Pzi{^~S?l(%Z_O3qR&h#xdV6^)zPa2Gn-Rp|
zj|J2z*+}25v)9Yo4}}V(;dAefM+o|-dl|QeiKNX2Z5duKoqT=U{na&>K0+$5MvwE*
z;)E%@+jX+kz17ZIRl<*)+*?soh<}!kdX;5$?Yuvm!4wgnYa16=Zg1++vN>vIRld=V
zS3k3}!X}{XtRn?-Umtn<pm+4j?{RgC<X)l<=`%Ub(409=jk-ZBj(?S?8Q*0ok+}{s
z7p#ztIXFBS&-cpqnH79V@%9ahY{)v3AbUomaaksSyL=5aB0lIqgrCD+k*??A0za%y
zv!FFg_4G$%l1FoGHFnAIWFpRE@y7H200-T->}ArZ0;A^?y!2PzQ!yd*Tg#{kzV8cj
zrIY!P>g@YBr#=P(D<v-ckgTr)uwByohnu35uc<k|+n$eR>UTDV*CESe@1CLnu_f@G
z9}N!$k1H(YnfnPX4KS(Ir7@kf8ySr|iu~FcXzFx?nFyK|>%`h*F5=(Gg%k$?7mNkf
z!LUcSS9%9W<AWL&s$N3~@869**{K|!eC59iDtg!|%8uk*2E|M6hRZEhFJpp?$0l86
zq1<POzqp5FQgl)W3V?TKP2ra5crrb@X&fqqLs7m)1l7w#LZX5164ZZHUGnx}Q%DV*
zdMwhFoN$|!?>ow&>NQj_{t$~c8*>X>_8!271q%xHOv`>#P03~_;HTxaSsP?e6q|tb
z#t)Hk6-jZOd18^f)!g;85wNEWLQ=NzBQotsOVY{hOSj!I{u{n~jiIZ2J99CX(y6Cy
z8#k76zJMENY2$nu?=Cuqz=)w~(9n(mV(9jfS66ru<!*eKN>qg_?SxNu@SdMpz@OFN
z6U!ZNsCceSr`69%Zod-arsa6PghB01T^wkOkn-bLYFh|7v@4!302dyA1}A7zieuui
z7v}~rLQXO2=90;5+8RT1nWM0(#&}E}_WA6EgNRDPN~aDkdwrR9?h6HUi;fG2Y@aDY
z?isl!2Ayx4+NEHTa6(HQwf#sch#4Z4vW=vS&DMB?FiSJyzth9T4%Ju$13|1g6e?!L
zGp!P~aZ@nWG7yN9tbecJ!nWFDr>MgPR8iPU?`A$@;NETPRee|RMfZ2Ej`Xa$^(Q%1
zsHe9IJu)q!k*<jE%~2LqkHMgCb&CMlPWQwG+0~t)VzXR{W3H101eM>{6qqy-aG{&H
z<TBxLD}pD}(m%O3o02DoI@~36J@EU;-NcJVHcFvEz>-?OY}XdC%!QJm&5s%^p2HZ{
zdMh#nI7j-O>5E!-tb2UMPl;VfJMkLQCw&&VT)O<^z7HK@i}6ekuzJMyh4JTu$W84V
zw&8ObmGu5Ya~a8-AUZAn0z}_-B4oWxXXmBX23H7W!Q`cOX$4lfmrpK1_zPbG*d6YN
zKgx7@Mg3Lnc@1=66Sv*f5VGl_oAFzP{-w4t+8ViswYe!<E$m2!e==(~i&=9W#X#tG
zHBc7Gn!LV4CI(e^b_{E-W&VfaaHnb|ezD|9^kJT0#`kt=!0S@~+HDwIB~;Yzu(5p*
zu&uh;Qi6yA*stbd{N)v(t)F|bmg&{FtC(8Y5UPjYcA_$bVE<aq@zGRNSCN1eMWg||
zQU!=z{s|PZl2xw@d5jcg&+68K!fF)>3a+MpY^`)=Et1!u)%dL?0|>Yv2sl!Ibg#b6
zR{aUWdtjwFo(IPn2N8`xJJU=sHnu6aaLM>rIgo}CMVMQS9Dk;hO~0$#Snrzw&ic3>
zvRsi-;&bVSXpcTLWVV_iPzA)T{*Z&PzD&hudJ2s&JLnzq;#(wKzBa+Jt3lCIEz6;`
z%w6W}K-KJ&U0RSK5hsm8mhNiF+FbJ(6nk?j(I}((y#IotEAm6VJ@H#*(GMqmG(%>m
zDF)08r?Vu8yIhU_Cr|#dOlRP_R$q6<Xz7SFq{D!IE5HNgy`^4#{k%7GB^57}ut;}W
zfbT3~SlfF8Dv9NuHWy{g{b#G;tyMJ^!+F%_OYu~jF&|k}T(3bpVQ)`rRQ3^~er9+a
zxn8ur{M+mce{55OO>kcznWJt`UH642ey5+Nbkt}x5cqo2(`F)w*3>YnEStpK>z5@>
z!tclUF6D3S)hPYPwtiZ{<~jgMyRAMr=Sm5I2>Uc+FGo`C+NO2}CAGq%0@A>NHq^f5
z3-R|jjrD=o>>RQCOLEd)L1P5Rt9p_?@EyBeLu{Tr+!ZvRU+no_y+VqWqqYEP5O?-l
zXxs1Im9phF=60Vj96w%@=50qC<?~M-$Q`HeN6Ek1wpDlBiPL+ckb6-EqSxJRfjUoX
zv2%V10BzC1ECz57-JXHi1MULnk(g0t!k;VUzl@tZ3^TTSv|{Z{qhwb`gLh!4c-gb+
znaFz!ZG&efZ)aU2f9S1j`ews%ie|mKGU9Ju5v|1;X}v~kB?WJMkn%9{mnIE3m?j3a
zTdN*(8?Lk+$eFcZ1I{H|k;aQXq+vS`ayNwrwY{3x^W`oFUktFyej_Y<Ag9Qx(!Og*
zxu>%+$Y4E!brb>70Du{r?7*GQE_a*4sgqHJ;X+eQr?P(*mtU@fHbt&gI#C?c#%%`Y
zzDO?mK}ZQ+?RkS|tPdMCd>#K<GRa9jd)1#FHn=}j+<#SN`pfeQB`fq&fu0ucHu}-c
zabAsX*NJSsSrH?FR%H!O`;LW7%NhYBqHr$S-3dy#u3XYV-x1*o-?F^sxO5Yn^fF#T
zS}&u<k+|jRVa3{v$Y$5z84z}78Aw*}YQ-;QJgsAz%4ib5c$wYbihuRjl6KW^aEi&d
zwc4NmknFv<nc4@RqoYf9QJj$td5f>7XBQ*WQk8=G8@)>g*H7IWhw3G%6|p8jX^sIP
zWMHA=Vn(oWhi`Y?C+}I0Ma4I+eMLwDFT+w1TIH@d`(t|<rP@QlOF!`{jXc5E161_G
z)%Ni#IF;IX@Ai~n{KrYC3>GDY#oU=yX6<2_Sf0~-WW-Xe^jnSIhcf>x<xZmjsJ+&x
zlwMiyz0_!}{&A~RUb6nO;$_&_kHSP7|JEtzj@*l~N!J{V$8iHPPw_oNCCzI}U9v92
zSp%>|CAHkU5x(8agIV5Kih%9lY9mNG`2@G?!1=P--HKqpWPGV*%QqW-t>7NPVJK;7
znqT3bnT&a0^REX4Qt(=zQ##nYe8UzGht72=i@;XPK5~7yynVx|?q3q6f_`#~DB1OY
zbBO5Ym9~N-LiAfj^Cxe23#n4d6NU(~b%>_kcCNjc)Y0iL-l1duhHm(fJ1LID9<`dG
zy2VOQ9}m`okxr$X(w7I6=hDer&H*+d5jmk2ih{TthsU{;0h*u1abzD|6V-osOHWY6
zjaj+;vBI(Bm-$zZ$vqk{Xj3`Z7D4p{lBJ{>#8RNJie0%2BupUPYrV0oNmf`nWO-zN
z{LSc_+-wN??_0ReuYryUD}wr}{6<p^a&osL1&72z+1NP)i7O2%k_t|9MI9#>tr6?5
z`L$>~hV@^&eg;V2wjFWQZT-ORo$yf3%R>K%GU?<f=h2Xm6yEsps?@QvE_V52uj(l;
zzI=DE#C>s_m^xf)sc%Jn*mO7>B80i>J+qO(uWTJWnG=p&r*x$Nne(O9?wz(3S4_$-
z-rP!2L`+D>OB@xb2{L58d#YH%7mf6t+pl<BRpD<0S~fq2U99Z&9BGp(X}spYP|4&2
zpw1y~w%+BENe&o&#-C_?^^(KXoPlHa!`eqbrbbcYb*j~8`|{^&yNe~D>PQQklEPTE
zzQ?$WKFw5*Xld+<SIyTVOuJhIu*Kg>Nj`QR)4VAn9LLrZ-0Y8p{cy(^q3g<aOJCm1
z4qtg_6-X^+Ga=TjD*QaVvqN>FOs~Arjc<v5Zw;`Tm8tqgWGZ7+Y`z>eO|&OBP3jbY
zf;6xHrY-hQ{XW5_0P@OUu92V9ZbOVk-d~eKtZv5on(}0jMKaKSZBMc81P_afz?DYP
zwD|fOk&)`<DW2lRErLp}YeQCa@!=|$;nHSUlZBFhm2<2YqQgcyxr)tlFq&;4rYP|b
zqlbQSjf({=UqzW=Kk`v^1y9$Uv%9lU`37v8w%b;o;KUn+4j8`J{OX9}qoIq<<WC)n
zfsF#}TJ_<-v-jAXir66FUW{(-_JW{9mp)KKy4bZ8p=I6fT<BT1nVf1+YQ9Se#^Pa3
zznV|cayH3Vcj!46WZdFK@UWY?AJ}ETiM<KmF-1_W*?>5Qr4p*vpJG#N>E{+?(?Cg1
z#b@c&EOebzt^62h*Wk?OuTS!|b76`29;W^}tKnrca}fJ!y3p|!<9%0O(}Ud5{1cM;
zbH~X|o%F<LPRQK?+&FC9{$%;~C>3qDKcPU28dL9<i$Aur(A5xi@%y(zYHqBd46T@K
zfLKfUluiA-6FAfgJQ$cvwW;lYy-%B6Q26^kNA^fx@5P)&tvD&mG^z)a%HR9SJS_7f
zx|7tDY~p>j7UEzACK6ZDl>C@WxDsP&aj5hA{#m+SnniP!TYt&Aig3y`Qh%i$HYci~
z+HI`(K?GN_qWeIW9-AN-;DNx6M7zhS)}#!hnj&q|905xpHvJIBHbDG}U!mc~@WTKz
z{TTC1ov`b|$D&fRZ<(S1$|zHQbrNH=^KQK7HbST<WO?B(A^JX?Vr)0oTd7DpU`uL{
z_IS$t>{$>Es=Vgm*lm!}d*oufvQBzumfkj!{zln%p@Mv<kf-m6nFlQQ7n=jVk^)fA
zO6b@=WIQzSE8;AhssF#i=3eQ*8t6DTzw&zjP+_8zwUX<Pof8*M$_QMC6N^(2Wh&$`
zgMrCJLt8dvK8O}>wd$2Gb0t*nbjLSTMY)c$>9FE#x@DH{fH*N(Nrk0ez`K|}{$;%m
zZlMgs=NsKi3@~X3Na`cJ7-ckc@q3-PyYkEi&UwuAmxeU=FVi%hdhuf)Kiy_mD4Sa$
z`~aObV*AAdmTjM8-E|viy6<_{^hPHYoUg@u;u=$aO0een*|~<@hc88q&(6R5*Dxrc
z<3`C!@b$qg6^<Db>kHvV7G9&$DQ^*!N6ccgBJ(o3Ds`pE4?ETEe%Q~g?xHi>xi&Y+
zJe|yUjt?*rfO-Vsc8vs-JwrSwzCF&PI};_+-GUP(LrKx@;(n^&GK2AD4b`0O<z!qb
zp{Um5!r^0g^wr&sgmXjIUbsHqPD1M&e(`bz&L9Y^BpKM%c=cV)XRo;QcE-YMwF#c}
zD$*W~?K-)aZBcCMLg#oo{aXN$qY-fTp9DOtb1?Ar;TQq6dT7sPM6gxWWhu{rg)i<g
z#EG)`k}YLnjTtzr7>+GX7Q`;o^Dof)a)nf@NxhZc5#o#08h<cTl~i)?vWKudw$T{D
zrtwaohuV1DZ`<}dK2B5`kabZm?0KmW3>CTR_4=Nv-wL=#QPW$awzWCte&$_%1HmIR
z213RU;G49NJzRJSm6CY<&I{(ugG@wq>Ai8W{lEnK?oPaKYU!)Iy``617kg3=r6|ss
zS;%Ef81-}g|6!+b+@-hm9Sx<~#3gw3?2VHr6IgzI91u^dTKMcx_%;j*T3<`<_z)#L
zf&8g0+)(8<mUGl!^_t3Js^g-Pi?7XWgoPri*1h68(c+i~*2SD=nyFfyJh)3=o*b9h
zTIpBbgKC&NuP%L0tZ%VWwwoAR*K!myFA92X2tnNO-+Ys8|74?pZYEX8Gf9Mz1@RxW
z=k8c6Ogh*iC=2!PF5ZdK|0e-50moS)dO-(#&-|-HM<@jB)1ig!36M?o#b=vo#Iiax
zf)R;Ga?dP{O6bjbK%jKHV=KL>!(B7uRcCukn!g1|bM~>S&-SC|m!hRxZF^mO76XpL
zXA@EhF=4V+_u+I4_BwV|2R<dkuWuPm4Ta}DIZ$BqPgkdUfy~i2RaTPX<0&)F+F-fY
zl3QFUp0%sVG!kN|*}4afc*@cMXk2xksntyD0b=Xk6MnGeaxaF%U!&4puGTu@1ko~@
z-0O3zl)cyhCL3YrIRAAE6EX)jDQiybquCXV&m?!v#DWbJa<{MAsfG_^$qtT}UzBkK
zMPa_q4|YqRQd0zC(YtxoT{`Tm7nw9XM+H+0b86IYIKBU8aP%OC`n~sAY-W7?K#7H~
zL3D7J5p)6_GW0g<XBkSZT6iR%k=HH!%6icMk(HGYui6c#bN@8RYzFJIPswa#@^2RE
zuMO&Ig)<SJq#dMZF1_5Zf5D8M`kX&e_w=1XxQ|@^?dkeIY9@D%U3x2e>d(#O!uNN#
zFdidYIU5()Ak=S#{<4kQGUtAYWm|+1PX2MYT;_nV{GW8~5l!2W2ibJ>->=(Oq+=t-
zcYHqXp7am@qrWp3*xQwtc|QKR3x4%e&t(>j{UCuaFRX4P80c3W!HTgT1+eeu$y`PI
zKe^UlL$Chg+;@w+5%Bvr`|O@m_rG<J)ELn`JI}H2%V8Yn@2$_iexvPcE@y8!I~TdJ
zf8Sm9#*5#ZZ<w=h^q5_y3OIgyci*!-_PM_|pS!}|m|w;Q@6?WDhU~jB$UgV?pW`0}
zC?LOxi11H`+53n8^&Kypz--PIsBqX_(7tmnQ}91dIl{#j(G|As;rVe1xbL{)8t9Ma
zutPY`OCQ*anA0u+u<x}%An=do9|y=Br#tQi{r^6sp0FCAzHtC~*KoY>5E@DAo6pZD
zP?6b0jypBitjJAH!4vK608}yYfr1?}uL`mJI-z3iq)Dd6_vD^NmHhmU8gwa<{dk7!
zT+jXzUu?_<Mq^<zp(4b_MPAh3yIY)G=2>-NsKu-`x{)zT9W&P2hvW46V3LdD?7-V*
zfq#u{f<joM<2uoL;IX|~_??paHPGPU--rBdl=Ck+yzQl}jf$w6kIfC;?zKf>oEXVl
zv_jY_oyZ(tStQ=DTp@BB?sMS`1fHK}=qyTV52YCBG&QW4s`>vRQ?Kp)e+lWlz<kC?
z*<}^~rtdDcgikj(pL4qk9V2sG?|4oXJ(*{;HAw4SE2$si`9n2a_Ww0Qr`s>Fh~f9*
z6Uo;<6JOqF^$_Gi&_<cuh4<p)vFfdy<r%`T!7h;jU2FgG=o;?U<{F7@^2oc2Brry<
zhp}|R{kg2*zT~7PyOfZFZPyXFOfoXqt>@K)Yv<ej3AD%R0b%o3dr;08Q|=&zdwHj%
zY|e%vw<iQL#ZNw#ixFA((0_lM^wZp?W)N1Ww0Z()bRu%@{pby|=n&d=^!O5}Yt`K@
zpW@_6hHWaD9*ej<cM*`#^g#HTKn{BZZZe{#;Ox?9HwUopp4&%n_miKv4z)FR2O2-O
z5iofPBg7iDx2Ht+N-IEJVxIA)yuwwpq$ZVeGfKQ4Oq;GJ_t9M!3W6;X&oX`!KkjqW
zEh6#r{047d$!EHN^Wz6~ZIIWUW;Z2+w>{6e8eT0B><1WL$Q}rI%o0aKeAMhf%`<nr
z^AlectFo8WS@!h*M~Sts{>nY&FTZbS`{rk@+<DSg${f3BJhNq^#6#O2;VI9|1#eI6
z=}>{Rx7@vLZ7>_3XzbZoJr4O-aL|Ek{2z&)V?81^%<VR<h~=By?nicr;{a)6>r5k}
z-t!2P_DeAy19k<$F{VoVP2FsY<gtBK0=;s@58mf%<dcNS7526$mK6{G<+ob8LGP-5
zP%HE1ngRT$_IYH{L_yH&>q7h_8JnuNJo0Zo;|Jga3nqAxkf#h^Ps-iZn%1`7k;<1!
z)z=iima6Vkgutnw5!;(r5c>J9ZGeQ9EKJ*=eMBL*k$tyEdv@&OTbYUa#PjFpW%!yu
z%}a|X8g<E!XUJ6HYoEnFTo)n6-K;43SXknA#g(tYppzEUA0d=tQo%bQTk@N6b4ss|
zi3uNmTL{xwuJCn5Wm414Oy$GnxKrnEur6JcUBKD|<>M+-ty-hhBQyOL3#oc{^Y1~=
z-!8G}Nnwm%NLdiem9ee59L_S@SvfbV>>f~1JGk2YfNkH73;t!@J{`HeE81joNYzi@
zM)ue`dSl^YPw<kvdzk+9vL|(0S>`_b!%m;J16})AYyAADd=9~HQ_^vl@tu3@YqZC*
za@W%KD~(_e1&=SnqZcP{41C&d<8b=^IN*-kOEMmzd-l!c+X(G(x830<V=|siy(jsv
zmDoiI_2sYZ8$94of`7fm>Qb}5c@wGM{~)^Sh*qi6rbLcx^7-)&=qk)F9St!vT!!h^
zS<)MwVLuLiTgVj*YVWgqIQ;X0ncVR5$qP>Q3PS)*J%?|<&J0U_m8$%Zp*5eU8Jl|i
zluPd5;Jv8jyX!x{X5Q8+xZVHjb*^ZZ;-Rd!1}D-Ac-SV}^uLB{XdZt2)v%jfQRUcs
zo}4ftv}%BTPi9T=!)~*zWX^;aKNd1Sk4cPZ>BP<SevEmrE0>H?%9rTVJ?wYGRh&z>
zrb6_yx|>pjW6R}P?fMlnWkbb#qh{mp61GQaIAKAb53aWSeKGAPgbR3XxZhdCah9<Z
z!fv!0yrw|jgdYJoE%!!n{6EyaWmH|wwgrd>cPF^JyF+kyclY2ygS)%CySoH;cMl1!
z!GoqZ_ulV&a$on4?$<p=pMRV)4*Tq?RaI-wHP_s|uyLDXkUw=&3R@f~;+$H4>xthk
znBD74EsFl+RZm9URpZp{43l_d9^g5hC<)QKq9CR>#5~t*hgJv!eMK|;;*4WF#>P1W
z_sIwQ$!JN^Rj`QtoQ6TnrR;s-rGfsZh1ZH5E2W7zDl)4MIvZ<2R$8;xbU0c+)AO1m
z&i+AbJZ^%S5Y)AZVpS9=xF9;tijRZC%zbjS*Fi98{4Kef1^If3IkJUoG^PZ%6~>G-
z*@yeF)j_a{kKOgrPN(}a_xHUQriLJegsO9M1DGFfk-it<>LoG6PvyN^6_Sx)sZ!|f
zU^zx&7ckjB#gBC|u-t~z*2SCjzNsj$F7)8sC&Vp;{l`FeNLKcl=|pFf1^Q|t*8DXD
zTImnDJtr9RxidxRr`&*1`7r;XbWCYP{&6H5I7L;`B_Hl~(V^lnYX)_7;ApfwS}c1o
zns1{`8OG~0NiCVm9Bh$5)UM;Wi#VNEug+#NlSQIGaJ352Z2IjX9_IBFaNHg3?Q$p6
z$>Tak$J}-JJ2+g+KEc%dAmBGBX{b3a_h%&&$(EnP)>mFp`rm$*){NpZdqN|Tp(ta?
znyI6ts}aSQRuw!>PU?QSBJxGAxO_j9NwD`5h4ofj<s(E(XYtgaZWT|UoP+(?2vkCK
z5g#SXNZI=cPPpP%1j1%B4KMf&e40n5M#|P-*-m-QGx)Esp&BhC1C?rh^3-clm*3{w
zo|xO~{~1NK-AFO1$cMS8e;&2<_>Rm1^qEFCQ+AA3Fy-cQ=`(LxivBgE)ipG@*508N
z^P(vK7}WEZlkZPMk!#m<&#h8CSPlitl2q$geBxh3;6=KRjmPpO3iY4AYdV(e0T%*R
ziFq0LrRXJfWofBg-omr*z=x?ldq{4I#AAvhPSfvQm8G&c)CA|4oJO(-{mgLcNcaW8
zx7eL*<Th)0!r({uM_Qs1NI!OqxR|Tc&&z_TwNepr#DBUIrU>ju&`LyoN7)>st@+3r
zF~SL-$!4#%jGXgWrX@OJoi2K(3nW>Jp9;O7oa$BYA~Sb<E6+pWvqcEz+3Rq}GoBam
zh!7vnZ{q95Ra--2$j>DlZ%funUY{TFS;6ob?76<oUdQ0<4mzI=6bA4IeD&wgKY!W&
zFo$er(6r`6RdG4-0oVqF=oSAS$xatK%-lbmc`z${tp+;GVnj;7aW5(IxR*-2FMl{P
ze#YI9%g|Y|+WR0JWuT{_M{YsMTW+vE&joY%Lr%n+jLhXtMMx!tpBQS<+5;xLX*@XR
zf$7o*IZE|mXq-n~m#6FiH31z+A>kDPD;fdT+N>NN@z{a=BOfAMhpNn3cF*10rYn95
zv*VoLcv03`0#@y?you>&Ar1<8rfg__G>zgD8-`(W`P{1NidlryR5qif24V1~QAN>s
zAd5s_qsm2$RaQv_j>g`B&nJ}+4^;*^*6ji5eFcY>4!;EMUc*Vf5F6qbTc1}-DLOqG
zE(Lk7XERhC<Ay?lUydGzHD_1|VJd}ljF6rWAepnew_g??47xA3{`4@16ekAk+duG`
zL`gejv~Sr|U8E`Xtbf(1_+4|0FrjknHP}>;UN67Xg&eJVPo5cTr<cX&uz-@1)N=d7
z^d=2`t{vF$`R+EJ^ImD_8HvwEjN2eAX`J$Z5fq|``u4E6^k2By(3U{o@`&6QW2js!
z#PcvT=Qg=nMc$T9@bx}fxP|G(+V6{N4YpRESn0d&1G_`f<$zxEUD|&0{9yZ+#5i0j
zu?@8tlrb2Txb@r02lu_Wi8d{#RR{er@rvhysTd3m+CxQGU~8xs#{WXtF{FT<eJrmR
z&+hp$da<sAs^TdS00H#&`jUpy_1IsNosU7+_*!W!6pEV5jU{bC5I0;2M19P#s>#g5
zO%O;n8zQ|;_aLX8n{0U~l1bEPFP+Ssa{$o;1!aeRhY~2BgwQ(#H}>-adh)#i^25jL
zvwWsUgG@boIaxdoOLjU)*T;gd(}2r@3+k7>#=y)X;bn~voL9ByGaE&<O?6`u->kf4
znFY6}&$bH@45@9!YPrOVIeR|ta4>i~`wrxo<i_6`&r#mn$bGUU4-M8;1$N>!b93g2
zkmj4`nQG>kF_eF%fIVJ>&~B-5GhHu{?Ps1sD%EQp2A!&LggH~r5b(a~Og>33JjQ?U
zA)gX`FF4LSu0D3w5<Dubbp0xs*2%d!dP8&D{vhJ2>#Fb*b-=sR<)lXVX6MRxbZDXd
zOLiP?FuL8JQlbDf5+i-1HE>e4cFpTnhs(C;KVyo#0oFwwj2mZ)j?~7h6##k)13l?~
z{<i2NIe#={qoP3<b%}+VNUi^_-)}0)nV*9(X-GjRf*Fa@?8}A*@aEC7!+hJm%+Il}
zL$=Qd$Ej^DCp7NH1?j}9x$i&-P+S7D8O(Dhph}u{na#1&`#SqWZT<x8sY7>!6a5{o
zS<the_+Yad4^`w3!{LrF%4M?(b4f2To?DxR`x6hyG4b74ztY2Zh%;tc)g-sYaAQ^6
zjlp5&9~M=WvnGa^hj6h&O-fE`uPVR<ofN-g!FSvRV8H<`I6IcB5Ptvd!B$@@V4nm5
zU`^rnhZ9}N^wdFprgSFnaIgN~pj$sekhDG@&nlfU!=jdXU;@Ixt1a=#%pPxj!d>Js
z4rZmV$R@Y_>9$iMu`m<Lsf<w;v0}H_><%xJ%rEtb8?EvQw#BXTH3ZWsB55c;#1Rdg
z_HQv3>n;kh<Z}`iGizF~XPx`!(<4hy35Wbnn*ZxhbY`Djq5O4--y<k&U`NzN`VXi|
z!G7v<gehoVcJDY<iKepV&JYGg9<Al%N@lRR*bQ<^53gd5O%Mc3Mne#mPz+&WF~8`X
z^GpA1tns=h;ZZ5`AfvtYDbXPGZ6|hyj;Z7h^+d_f$V>#F!O0C7z)kO%c$ZGx6Kl3>
zzkk9H7#a{Fm4WRK&=o503*#N!6;J@Q;`;|6?9hLqy#II6?*DB7|Gx{;M;UhwfaDv4
z{m^Ij-Ruy^Q-1%Ih!b7Q%<?$_ft0bB^&m|9k5BV<0ovhz!uQ<#m!g}qN`Q?Z;M?}U
zMG5?WJxIa$`_J2gh{Cg4wC5s*0Ok6Rd;SkPCLRzS(Sv-`g8J7d762^&Cp7{PIUt4r
zLGX_+{6Br$0@7EZgqE0kM5p{b(DRd7IB)*9(sK}<0-I7HD}v)^7%9k}JWORm=qLU)
zDHxcVvjjg(<<{S@sGH>Z8Xr0-9=x0)Xq(PMB<WxFPX5&L9MQU9t;AlqQ!I9dg#5*g
zyoddn-$VX%ULi$xQPi2Pg2&V&RNDh_ZIkqd!|%A`gs`Q>u^_f)=OCWq;gFf0f}*0$
zc~6bY1tu9DN2TV(UMl|XI`spJA_;L@JvA$P5&UPc{hdK855kHrZtiU;AL{b@+^n%<
zbfx1dsnK7*o4eOZ6|=Gp><^PjeHO{H%$?@-+V8HAB<Zsz7Qp|40|3DWQU|^r$`crq
z0qyb~9X@H_f{d(f^KMVx68xKahpAj1*|Y7f0GoFa8kQPwwz?oU>A1qcvm%mw`%5Ml
z{-tOh7j18q06iJEk9Gbl-e7G8_VIV6Usz^ESXKh@5kIQneL8)WE^%@Hrz^5uf)i`z
zT#|S_X)-CQf0ri)tx2kSNq`ktJcNPm+7~-hR8|+(3hoW6rJWf+<V+02D1PKl$B|;Q
z(1_Uhc_=lu7x3*6%a(UTMLQu^tdQL7G@k7&MkB?`sgc!ctc&l0DtwSiB)OI=)xu)=
zFsd$xA$~SMSs9&vJ2`zM;?VW**D#{`uMQZ5PZhfi)E1GqTTlE}o~<)o?AUY@EBCj1
z%6di2b?qj}jHE{omIx^ZX}Q#7OSlQE>P3tp`RVAXUhPvw>i#r@GH23bcPAGWG`*=0
z*t<cn99ryAAdLA{egX(YchH{mT6$XTd{KwR=?Xv8A=|8^w8Rb;5Ip%ObBvM8wNAoK
zj-z5IaI91?<?{ProA{g;Ls;&Kf+86b!t&hm?dZ{q++-qIrXr*q&v6G17DLWa)n9c*
z?X+<XSB+QL*(K)=qLwP43x{zrdsSeo14<|RMJ6zvj|B-kY{^u<o&^Tkv}oRfuIKcJ
zH`ib}jLzl|QmNU+)$ve5gpz!mNnU$#yN9m3k3Y4ZGwpiY^)1C1N=M8gn_reXV|qMI
zDq?R^QyR2v%#`Hi$>-2%A>v%SXTi9jv2b0kVkl#m0R((MEZQ7aTUMOEmpvda<$xFK
zwDPA3m=vH^m$=NpZToCk(D;k4*si*}Oz=w^Hd`Gm2X5=(B@2};zi(duB?O<og~wDh
z>vbHk6BAE}hO8#*H<VY0&!U>5Cu!6-cR;w2X{JbUHb>F;n7v7}{HmZa%lGb=6?cUY
z__n{nHv_9sf>LAR#dpL=i!{6WLdO=#&-yW5>8$`BH#o{8a3AuxL&*Z7e%@GJ)NW>!
zv2a(di0pMb8@+x0RNm>P-pb6%7pgT_bs#yZaFR8^>=EW^b@Q`8-QJKd4=SaYDRv{F
z<D}h%=D`GuV>~y=#Gt{Mn^k>aPe1&WH;b-&XH#c1TW8Tnb&Bfb2{ChcHu+%6iMrZ?
zs=*QY7)6IZip-F?d}clEYOo>u0T|3%k8TWG6=-sgb{05IeYT{<*i3P4$xO@!&shTD
z%0tH+AUfK$#={H6t*gy5e(I*A1x}@#EK!@{V0XqeH`?0NtAoYgV&ZoW*YP$Rbp)9S
za>i$<uQncMQ0zkv@9i`|KUKjA68fXMC%h_Ts}qyf4%*_Kr&=x<-~Je_6!Q(W2Ww59
z%w9`zC5%(3lIzwig*|?}O`X{ZM~46H?G$UQ=??l#(w{|}|44t1k{4|0ilF}6V}sYl
z_Ap156hI80Mw2s}D43;t(X}weqB%Okn+EFZ);b`=$6{8%4=Z(#v>My<mg$-geA14z
z|D4$$xcnmEX(RSB_P)Q*ezM<vn*74<TUM6o*Gb<Mis<F`>hz{dF2dFK{P`ZRphf&^
zlXr!}XGe+h$Hn)k*JCN6z*~PlItq)J{Bb<ROYM)6iA*&{vC*#^&{udvj2k;;61Jht
zfx8=n_Js=1L);MEU^yS@%Y@ZO_JM^^tYRb8>>%8YCNk%b_7I87>?7N^(2YYM`y&)5
zJTPw$2s82L+LO71%zo;*si=>C+pM2XUCrZ-gckqEGlH7aR8qexr$ddVOnZ8Qi_IM5
z!hujonk+P}J6e~Ut3V(&IRTHsl3!imC8k+tYr1DXHbNf_uaXiMxRstb4lHHVgS9$7
z0wsqzm=$b@N)=jMVpHR-8M!^{$g!%95*V2I1uaZr^9*rRRL*iqd3%z>YR+c4$oSEh
z*6*~VGz<^dOIT!a$qox2ig4GLWEw;+Rc)8$%&Tn+@DK~{NNM`7bzyWk?y*OMnMjUT
zTlmvIDmEk%uM|a9Rl!#?uIJ*jN?3&&88rs2QOr}5_F)Qw;*-WJ=6Eijy)R>W4?^*s
z8!)}&x=2QEAdl1jzDxf=r<@Qp>VgKZ?>W)2723Uherz%Xy$f+Uum%Vdc%gwxi61_|
z*yFe?ewqz6b152hA487Hi|zkS;3Jlu<oDsm&R0l5QA^*J&s*3~X^^h?Y{-`FELP*O
zJ9u~iOFIcVYQ7*$5>gzJTAEeq6D+&?prL&sNMrE2r5QSoedBIrtx#uVWs;0D+|>JI
zXiN`=6@Dt|q{~3BSsYresi2}|n4LjH!kCvLA0JXFLfykR2p>6;=Tnts7-nxd4hhoD
zh@*(oa*DG}Z9yxcBmO|{)iB`<hrsDJggRsw*^*MdP*2P1ZR$AkxH#?@ZKs_Qq@1Ig
zkt7S<QkMvEj8YX@cH7bXyy<ct_?l_I-*rroJvP4INTNx`;#`yi^;HQo{WT#wz=`LP
zz1tZTQ?0%-)ik(m0PB(R`1Ee7;~E<CkgR}YQ1YOq-OMI7L>F2VhNP1(9-HBy2s8hn
zRH)<;rl=W*LoAqCTdLUTjx@non;h;zC2l6e7<Q|fsi>nI<8olrz@FE|<xrh-t)$Vh
z$9GrgxW&i#`$TJy)&x-}%<y)D<BpPo5ye(c+X2+fgtyVq1%K}khVb8K26p>4<oD-W
zpZT5b6fXy2bXqRVn2{W4bq5*>*6cT0vL&{E`nVO_i@!vCfa|6U6)g^aFqqb`7-ZB<
zZS8bHqO~ct7_h{Ybl$$3NG8x`x8B`E$n@y<@oGKehQAcW2MV-^JUZP-ZwVv(A3oNy
z8X2n+{NmFm>C86CsonX~v)BFAhW8HQC!e?ey{uIClclyS$fanu@QBE;p}G#yH+90q
zdUhDW=w_rB5Il`5IXCdIsMlyJJ`O^U@b^W`F%sAl;PRv@R^Q7a`JqVJKSunD2HIV!
z5?ndSydVtS`Xa3Ft-u9NrL0+*_9!kf{%18?7LuF$pD$4B*m|Q=JO<oor1GC^2nRc`
zH*A9)_3IfG)iBsZgI$biJVJ?+4KHS0m$ib;Fp|kMSb>nCU~94BpY)m|hPLWYBmWR?
zhQn(#j_Op$>nvUWqsHvKYD2q4ex$y&ES_96D!Z;!UEb1G=fN4RoQ*nNZH0|k*pnxd
zq-=pWSQbgtfRmW`u-e_N6SMGxlgul*{XOXohAH}^PcVb;f!&jzs%WRDl)9$cO6Do*
zdbo*?JPC~m+xR9&YyTQ4R)3uhOFb1cCG`p*ThQbXcgZZ!jLF9m#D~kY^ZisXc8y3L
zkQ)%<_Rp1T2Xt9Em=Jt$J_ldAuxlm5?4g6Y*mes{P)zBNG`iyOF&1?H+0m~9czQ%+
zehIutNb{M<DdcV4V)}A4h_Z&KVbQ1|vv~vN%EKoPuJ>@c<@|ju*|Wv#-qxVyv+?HY
zWOFB?m%AWWK+w!;+y1xR>dckdk2PyOH?zC_nN}26D}S5@_%BdQB!(EhKc9l4jz$@A
zJG6g=4F4$TCYSSYWIqFi72RlG_(0W#<O-O?@Rs2MLgo&JAAIeUiNj2de=>${=|65f
z|Nc4T;4>v6b~66_>ke;*?`@EFi3hcoBF3ZDE7odbX#!_)jSoq9=VoIGE6tx3;-6V-
zQ+o%{napD8wATCJAKP@4#^h4)H6m(s%v=BmW}edIAMsTEuXs9+I0*`}ebS`&iO`Hi
z4OcS#EoGfr(;e7ABV-`sSQ1yjh9*{|=p2gp6|U{UPwmrJmvpwS+}>qBZQAAlVIb9|
zWMmxRq9Vh}@un!o=(ru(>h>t=FsIerlfezjQhl4{;JxER#M2KID4{bWQJ-5aVg9XW
zzMVX&NS`e?a3o2d#!F^Q@dr8Y_s7mOU0F+eo4fBad6h4|j}`duM|~sPd^;VpN+xS5
zI$n#L3u#mJ8oK85E9`0#wVK#S2Xj?qA`3EF#zx9(mK$GA=3<iwOJ<E#LC=FQeSj&(
z2`tkDd!E`TjUgOd(X{=|Gsz>x{^8+`9?Rv_<ix~stkwf)y_W4MIeSsPirUFsg&1R@
z2*bxyXH+GW<-_sKhL+G*snNWz$eL;QPT_`mT~QtGBuA^pEfM?~Cg13U{Y^<VO;wWi
zhh~Tt&2f$A0^TEWh$mhvd$!TsS-4uu8aTSS)1#eZ1BrOj4LW5IZ{H~P>Y<e?9{R5H
zLtN-T|B#;9<?sB;E$ABIq3V5Yd={vK)ZJxIyq3~fJQLVe=XOMOf^+po5&t0~2T=uW
z<wBstnN~-L_`v%$W{d2@YdkWahf?c1vtF_CjNC4|djr048vf81({U}ZsBv<<r_TrM
zMkEfZ4Dj#p@I7-lCNncV^c>`L+W2}Sf@d|yoX^#@MESI?)2l~)0j2=za|0IHZ*qhE
zqa`UiWXti!=c0W`>^3=pPWqF0{B9nA9lCF_G*i-5s+Nx6zl)_~LmiPz^Cq8FqQOYD
zPlAd-6}&7Rz3?B|wg^=vYxfn6XPR`)CmNAqZCA-dTbj*&V|iuv+VGyb*}F=HMcUu+
zzUhx5QlHzTpbYIL&rQ-lnd>R0Dr&UBMkt3clBh&u9nP!`ju;yXa-z`YPZRT&&O>Y0
zBCGlQ<1EUBMrL~PdXjo5q&C}32d~c*mJ$JvZX&6oz+?e?SH3z+akJ&<FaS&FNlrES
zfc&@;{;Z<}ihBJQv?hk*_$Bd;0)ppj!Q;jkLMPbObTr;hAi4P7;B6v?olTp`iykRJ
z)J)mepsy^7%WE2=n>3KaL9(V56=B;U1R<uGOY1zbPB6x4c=eiBhp#iKzFEW6<AIX?
z(06gBss92YV%uUbJZI_=YLq>CIp$K&j*wzOPtog9?-==%Aw|L>XrNJ69mo_jZ}nBu
zN%Y=^FhoAxV+LrOka53(_xQd#X%>4<PJVIKQ|A`kbKmEE3EpUpu@={;CpJknrIYW8
zaKxa%%i;WXfUooLagm@0`c6Qy7;s1$d5;F`&1WGInQb2RCs`CdBqh}s%xIy0_@?xq
zE0^bYe8LZ{f`5h&>4GS|heZ1UAJEN8nr*6GCBla;Cs|L#?`aP(Mgh8g558sIm&rfQ
z>3o&yQ(7&n_QZd`L?3D`Qu2Ap<iJ!<_lEOlBzxsDvLw7dUw-()g6jMIvO~%fQWMPB
zT1{xe`&qvibEJWx#ES1j`#D6|e$M>EHch_VC)QcUyOj3p(G18UVlcG~D+NB463&Pr
zEhd!G`;+#1S<0q;|L%_3v8t>l6MH3Iq^<{X=JLkUGn;(7T;%DNDG%tU9L9=J#Doxd
zfbrlG3Ed|yv;vt{2OH8toas>Y+-g5Ce#on3aybT($gl|H@y`NZNQ9^e1+)}r8^VOn
zX~G7Z$lVYA-48~muZ?5(lOxjI&-!iqPZMY=r9qSTrIX%gW>fgc;Sc`Rx|(*K_eS?8
zdZ7<zYxO+53+#b4TXnw#04(KG0&YWi5(+SkdF#If`1EgIbdm+*jMlx#75MU}42wtm
zOuQl^q_-;z9BK5gJ|lt2w538yLwK9L%^dG=F!M&6Y*R+*f)|U?6@Go*`SSCUEtL?g
zIA<i+BhWym__&6{r`SBM{fpmlwRhyCb@GX7iU+~Y1;03JSp|`Y)tF^nX;KZ%i+`Hx
zr-<*dj&-m}vl)#EKvw_`X8B3=A>qp5Xo@SdoC$YOOEzM&E~8derdbVLgE=V7GV9y!
zWv%Vk7mxcMh>1qSUyuIhe7IsfoGHg=>+}B@bw^$#%S&=|y9qZ<hE1@{8zG|bJ8_UD
zu=nv6TESWw_tXQyg;v}CxNGGJX^=m0K8KlC2YHPXyj*J&0FXK`=oU7$ji5^s^gvfX
zC1Vo~Z*Dr=ZoHre^Oxfe1g}X4{i-cjmsX1{L(H093!@?W9DLeT`Fw+?uCJFlpSMGS
zJuzLt#P}r&kK;@1#Z^@yV_K8%C3tjKH4|%2kNl5R9VAT;!qtqJY#j$|X1B%fYHR=(
z_RquAvm1$G7+od9zDJ`#A%5t4-lc~fm@F}?q}wNHON24`aN`a_m%~8lbm3E0HII%7
zuyPy`H{$)ok5e8s=~ewQ=D&x3z^A};TQFJ>CE1oFF`XKhB+4>v$V-feCFOZiLYvnp
zo7V5%id4-6fQFmn(&L(^Pq)w)(`Z4;xFt|vVY0?a-iA$i7<OrpB*9L91Q_zVK7*v3
z@8gpye<lH5{O7~oYR?>tB;vI~QJZqZ-r*P-V47eO&?Ca>6OB}+51bl#y{_}fI?u?x
zpSR5I&I3y%w|UAX1lp!<zE6g)=f7vNCNsKcS3RExOuUY5zn-1lJ{!z#e{OfU<oQ{h
zxC}U)2kRJoKV@;d@cf+7W7~I~iB-5FIAL<J-R+Zom>2xuzh>esY~o7XC?N>3^e*bk
zI{`esWMBK`IUgaE1MusoV-zvIR5lfT@j}t@tQ9Yx-9$2ts33gGpa1$j`7n3)>Mp$^
zy_4A|`LI5Je*#q8mYiU1$q5B1%p-C`-IaMkN{e<MnJjQ%pGFMxX1>)50;Zh}bxM+<
zxK)-inPM1AMH{NpZG4tg8B<znFHMn-%j92rFD_^6f#+|%ZDS=@h_KH?a?m_>?=<;c
zAK<$`%-X-@jDLEz%JS!j@}EPsKZx4m<-Y{3Ch-h1r$4mFe!bNBT3hw>fYdL$Bx?<!
z%z9f&0Zp7f5&1F76s6h+`EYc&MNY4(Wf4Cl&1zM*c+^<`spU?KiD)irPuX+ArNvIF
zrG*gM=P{(6d`)Vd<5moj<Ivx~8ENT#r+I%_$X9<MBr1z}Cu)|GAN=KsWwsZ#Nk%Cq
zXL^UW)qaVpi9u#&Yg<TAW)3;beLxP#)#=LcN2a3p96r5+b}*pwEDq@L74nquOYh|N
z0UBi3^bLi6(xhvAvGN#}fxhhmTyPCdiKgSD?J_&kj*BSb+^~&HjGU86B0X?6QY`v}
z08ewPNHd;tdL(o_bMGnK$R5OklQj3vAy1?+`9eD>Z{_TW-o}(>ZX}2V>`R|A^}omU
zFQJ~|ohKpL?<~cPGFaYZhq)PCK6#39TX8FIc7I=vfa$&cAc|Y(51w7E`t?t?7I{gN
z)>C+wxs8{Ubqb7K8uwiSDz8t~#w>Tmk?4cRHNWVCIk#!mw!MXz1b_Y-uWy|k0%_Ul
zVq!stV{WYm)=r}hFM?G80fPp0Lt1JZz9*(^l7qfvi)Jy}`t>*3A#v|59#5Va9L7{8
z)}%ACG&>pP-$!s<FdT=(VGjDLod44MWpV!{D16VBiAso7p5s=&h)b6p7KtO{ljUgx
z;+6La`ab!$dhwTlpCtFemVJ-IZc`b68`Ik){1E=_-vOW<nc1NCs_UvIW}$$i3n|%b
zCTX>o4eita1)rY9+!FxdK6cz@puh`SCU4yQ_?naTW8IUZzF{z1@%w_?30||IZg-6!
z<vaOp(r!urcirNBI#vMzUYN%yUw+78#@)#CcUo!bar$T$3uCqH$x`d?P22~8MJX9|
z4`-*Y=6flsFNE@iVbTurA|VoAHr(h@sHUeGH8i4f=GaNh%Ug2k{(BXG=l~|kG?#rl
zl(nEMrVFWA-#(i2t6r1oKd9;Z963P#Ot7-!r<tx35t}3-)ck6?`<I6EJ<NH5pNNoX
zC?@5rt}GHjJ9K_^!;OVw)fqW40ox$;Swxuwi2_XyT%e<hj?t;KO){#=`<1@swnrm<
zM-;UKHW<Zn_R@%13P)_;rGaKjI~czqT~8A=p;{zQwY9B`Xk=2db%ZJyvZ3RPN5Ev)
zyijuN+K+d-xc!}|K6WG!hGRYa)TCV8^J7ysgEPFZ5wScGO0H}`Zb2t)xvYr9MO)@<
zdhGk%uAH1512y9mDP%`C*@s9KbZckJc6G|pyzxtV!w=DDbc)r7ksP_JlynM-YP4F5
zVZ<Scq)oxL>#I+bTAXE|W7}C4+CyyP^T>8+v!3O;geLmt7qiuTv4O&DAsZ^@C<6t{
zJz!W4C{7VF&S)%mA0#E))GL1p>b%}2Vh2B_PYVXlTGME{vz3xGk&?No`ThBv*bs56
zp%zc&dD+q-JqB>dC)RVuC>UNRs$z~MCyA)?WpY2$f-;O<m+Gx$Hw@~5BF2O_LC|XH
zxz_8qNplr<DkI+L<Z5-b68Zv@o5nEU@c5@B7I2jW`G)v~P)M}sotm{tES!IV@99X3
zA=bMv7Q}alir9jAGL`+<4CNDyg9EvLD}<3QWeIM8I*_b2DgrtBjY}`~#Kde3A;jvb
zN<_dEF{w?j|42I&Gpoh}k!IqWwW(<`=Y^$3OIX<){c3-$i9w3Hia`w^h#9cbMQ0^3
za;hNgI8fdx+DX&=hU-ZZ;fW0M_-QA^>csH4l(SjP13M{Yiz8<teCt*jUT`&E!CK6E
zL28LyU(K9?&m1-gs7?X!G~?3Vpz38x<bl@w26QoVl(q_quC!9@$}mr`EDful#%ch&
zlq}c4j3g}VM#hOW)A`b7#BxXFBTsMnIyyoBURomTUyrv7G%j!^q4s8b$!W`>rdDVJ
z4a+X~qtER1-{ihqL}V$qm~GJ(seEd1jkn^ARX%e&=Fs6N5o5=w;>i$2shI>*hd5u}
zllb<v&FqokH7kxvJK3^QQ?D4_l3H6Y5X09KlU|3ez!;_nY~O+;M{#198HRo61j}|V
zEvDDlNg3gJl!Mpu2AnlhZYw|Nm`%N9U0usE3Bcd~(sKTb!2d7{f-+KT%QrS0JrBa7
zm{5&G7pz2!PnFpUCI#k8WU4zs6sW^<RJ&M6dliJw?b9x1ZyRI}bpmtrTkDH@?xKv2
zH}R6#<m|kvvKD;{A7GT5KzFN^qfCibFUzCBUP?0QdCov8T8=2uu=a!wqq%PD9#92s
zb#TIG;PkO`!E{AhS!Oh?=fg8c%H+a~ZW<Iu#yAT_x+E^O<Yp0x%}tn+3+Cv-7Ot|{
zBz}9$!5UkAjFE~BYI<vVEm39L=ERC)oRB(Nrao~C8b77Ek;q(1w3U*a*X<jM5{j{?
zrZ@_imTf*Wwi7jar!T5-J%rPzX$J3~M?o1RMoBpHX&i?#l!{r!YGJm_hk;v2vJDFB
zMsZo^ywO2x0vu{7c;~Wz%MJfk3j}2o8iiI4iN-4iEvh4p;<PG*5JcvwS^6&H9t}C9
z%x5GauW)~qmiAI8e5MH1>Ip`kc5xk51a5r)!>zb>Fflh#itsBF0WI@FIP(yGu{?!w
zy0UQ#?Rxq8l#*S_TnyL7WDEHxS}HXRvmwa#wRD$gx6!^6USPC}J6uxn6K{;T>nx?c
z(fS??bF~HXE@uZ&oj{8u`J-JYrE7IM@#Izn_M{eMVcsT%6YAgeDx%s+SK=?E-lzjy
z;me&ws>h-d<#Audv`meq-C)O$$x;*;th8Zr0@ISSsui1DgjSU*q|U!v9*gj5e-aBz
zZiylhk8|e&#*aMc?3xV)U53a@+PB}4`ZO*<6bu`)*RYw{3I<i014y$Ee2K1pH$bnM
zwoD{&Z5(b|QDL^Mo0e;ShWfi&{w~CD1OCD#dMmh{-O#xPQC>wE&b%ea^iY}pW~@uA
zyiYrB%n2&hb%yGLQXeNN?XaDNu4sR840CqzIOdAd$k}r2bXL{h5HVhnhrH3TK8`q4
zmKd&Ca_-|1W6TLe*)@7_^V$W3Ro&g1$54+D#u!nNG}O}Po;@zN(y^N4q7<fhZzM!J
zy7baZ%?A%~<)WNn3JO=AqPX^^I~iP&vfG0W&6p~deb2IeEi|v1a98*Z?L_eQ;x|-I
z+Q=r=_#KU-A3l908e!*T7PRPgYiShX?BsNRk5+R;(?GmT{%W%(#1JZp!86ghqKI7m
zBjo8(^zjQVMVxe8mQ?Iw&RE^EKT0Cq*KbgRpE~7DOe*D)MQPFK|4JXIP~V>zVNu-#
z=MN+UexA_yn$`*;xv)?#FT46yAk=5G!Y=;ziXHdf%m(CDy>;K5bY<o-u&hwPhwM2r
z$%m{JxEf(<;=_to2=_4wCozeC+PtDzzfE!}*xYnA>SE3DnPl3UUOW5_pUHzeE|Nax
z&39$VR{?1iSjN&`t&lb)$<E0+HKT>Ecrn{&OXl-y<q=!vklEMHB|^{!>$M?-PrIC+
zEnmJN=gd8~YOp6S7w3t%^fz1?PO+G75QbcQ5GZ4o639mr`KlBmqYb455Lc+Ek@FsX
zrUIqC%>9|E`8%Q|ha$X6#));l7e*no*jkWh=55#mHOqtjMK3SjJwQiox`)TwQ$4hA
zOB2o01kj-T`2|N)O=Ym7P)s@KHz{(<6qPZAvxFVTo7+3@HK|ZCy-bfOTp#rL(uawb
z@tjFSj@VJew+}P=_&03{#KaBj^|e#fwXLsV(Lsu!AzG-siCLvxGX2*ErN4U({^~Kw
z(-#>od*MHQ!8o=RCyMDP-sO5m6b-nK_j=trIYT)2Ui`>&QKI_T{Lr209vOIs@Z2Sv
z+qA6r^|iPDL=a-v=W+Ym*qOU&e+0d#BkUl315}?jWiqpN2$8d~4hUHNPIwM;PVLna
zX@8bCC6EF8G4p^S>V_sQ>Xj3SV@u|>c;(n@;-wRQ1LYeOAT`jVrDiXf4Nrou>~yuB
zV3nw|R79J9dTN^BDcKP{n7{=}@ZL`*&{qO+QWSp@V46o?ia`IoD&kGtV#&u{-(H4<
z$rZ>JI>U+>uP$Y5EpghrF0AE!-r2DInlgHAVdJYZ{F9b_JJM(^EoBM4{@8Li68S4c
ze+!OSl;H(5@Kgrxp%)bd@n_8zAgmkAASxEd=ILA|NC(j)4eDG?cwQoK08YQ1Yl1Ls
z3Tbt)d_hy+?ySQ0Dlr;J2mX7%jGw1M9@m6Xvsdv-whe<F(i1HG#cvJPc{=Pxn7xl_
z0_C2;y=4bphS|U~asIoEM)6Pi^+8Zq<iIzLBPXvWo!K+1fGCmN>dFGocbx_R={J0I
zn(gx$iOWmv<5~ZQ{+m4F@9)qy?H$^>|LIh2aN_SDAZ3RHkh$!v#;8GtVy$7U1euw{
z^}zxZ%wJjS|8Im&%wqqN!UUlneBN?;8h(72yd<w9ay>&Q9hh~Xq9(w43)4e@C<gw$
zEC1ChRTdi;{>5eCWc@}UF8wR}GxJI8L;iebV%+YPjh6*8$7|iwjL%-!;V?iH=#L^?
zVUUyWr}U#i3Pt~0LsOmrD%Duc<#y;b_PqcILZ+|g>!AS8=Qq$Yy}uCN->q1SyrWs;
zehSwC803#yQl^~Lw7o?nrtu!LmyV^gkVjgNKpHzdsHm_n?dbKw7thvLOUF2$m<*M~
zgpb<}q|x8~rPlaJGolf5-?Wm<kg3$7QmdKVj?{BT1PBr6c~J|2bUw>Ry9K3N%HU){
zI~3ah<5z<uAm<p?ejRsGV30W)pIq4J%UVV)+#K3BgIuGtseS{CPeNYzyMNRk!k{Vb
zi)s|;CDX76t(3>$oJvkOT~erD@;Gd!nl6rIo^`1@$$yO#nMsK8z9>%Ngyw#3qN^2K
zX}l1nQ;ev{#p^>h#@}LnR`pPl56M6ijxoImTD9D0Bi}#MLTYVQ{xdh{t2w<6=ePRd
zujK5nZZRRBPq{|SG~E|u?)AM9w(7}Prfp6#$0eZLXCx|mZmaJ~1{InV>CE%g1B<=X
zMtYNBj9UzIKzDJYO5m=}oV})&d_d9mh)Eq5n$4r8r2YeLc9D#UzdMZ4GnLXw-OLJN
z;<}kH5HvS--;x!kNC(G*++3{Kn``mR#g0NxD<#*63#Mu#tf`Q;F)vCS2E7waSBjfX
zUQMfqwy`Z>n26i68-tD|+NflKl|sC|DJvKn3MI*K&Cl&on}frr-!HdPD4bV{H`(n_
zqt&m-y`AMI-3rLkgI-v02d=vow8>0=l^M4?39>OM;A}abWn)_8wrHvo=hh{jw6UR8
zor*rSnA_F$&)|ax$n}?4p;hP0Oq7pbTBO^IhMe-M^DmY-jvepkm(oPAHmfM_KU@)k
z7!&^6j&q0NxGYhc^JJ@-N#hX=L!1uP9)*+4T};w9e3rUDB2tWll^dfh$wWJ?Az5Ol
zy-g++qls9kn~{7vq@7y)lX08~O^2g!8F>MgSD8ugmhn*3sCk7RJp(`jgKp@oNs;r+
zCIAhRMi!t5|MOOw36Dv)2ZFU`B}!(V93%dm=`htehi*ak^oC(6pkzT0TDi?%Q#x(i
z%JF`m&y|$^l=Q(4fw;TQYPHA(1*Y6%G8-9>)N-?8UiZYM9GwPA=<IJ?{`c`DKr%f$
zXa}~&ekcU-SjQ|{Fh{lrgT57K=rOx7e6Su0AIkw+`Ce%sotiF!o4V^CEKhUQqIj_i
zATtT?V2fsTFEVVAplG-yM5Nb@F<#cQhcHKuqzH+$D)y%FA<ucqlI>76;M|g>97&2S
z{iGTo2EKk^v$m?=+5+ZR<1<=V1F9_slcGPa#wNE@f<pEMp1GopG#D?en2LF{#tKA&
z|Jez);jn-)rU-`Il0o|5BeCKtn{7gdkT4I$1r>)jE?NTXS5t{E+Tea^r77J=ryPV_
zC;TppUf<WuPKco^eE)N6ry?Orsh-gV!$fE_4k`?${muz?=rJqi0srSfLl0qbY1s6T
zOr*WW;-~kFPfbm+P9`ftD-}bem@}2J+R$p^PLY(9S;luq=Q+n8hMjk0;&K8F-uY}@
z(pG}mD_^mem%6g9svu!;8os%v)R>sm8)g~7GP_m|u;CGvhV}Ux_=Xt(%pyrfiNi*g
z`(Jmu+UyNIyq0>+hN`(NF|9kW&No0&94T2RnU6ms)XE$%%wBelVHV6V3qr(EZgx2^
zOdp!|usaK9vm}bF`ubi0`H$%oDb<5~(m`4kJ!(-{PHY=Cxj2)9UWb>Gbfv-mb)$io
zhDOCPvy_^78at9WpmkCeNnzx^A;r)iiFrgeqt}m*zHDZtn(Wy`dK(SK*IYYW+&l6u
z(?VNTdR`V*9e~j|#ApiYRc|C9ZwYWyA2T^nEjoVe0rf0qmd6LYp;Ys<<3ZJHL`rWM
z7uqJ!>YL^m88{e6oFMLAh&eWsjq5HMr6K%sLfqACugLefmAXG}@895Wf@ry$+qOc5
zPfBGTi8Rcqvs&gmqLoybxoaT&l-ygT+n8vyc133kzti^igQOY-ylA7&@JV!!63I`q
z7}SGs`CVQXYoXUgz~X!=d|4AM5_I&b(ToBG|NiW0|D|0z$a;Q$=L;hKwzsn+muljF
z88dz5G5zY?xTFaI!S63>pu4ol1P0}g%aEiPU+D#94jxQ9Zpk5sALuP>)^8&xX%P}w
zoQ|UJ^L7RVCxwiYJ);<ztov%<Iow-mB1O%kU%(;yJz<TRYYD35)9snlx6H6om@+>K
zkP&%*AJEaS>TdN5(P@t7s>Gy>?Qb!MrJVyRei_F_)TK=W;du}fP)%biCH1caENaW2
zi{spi`Y`Pn_GvOG(s4YuhX$N<%Lz|bv%Ko}+3BVQ#spY<<BH?ZH1G3i44D6rgrjIM
zDXb=06Hxu!L4Y|ISI3`e2o15>q!Hw<Nj9RB0La2Y9)yYK&z~Q90`b(Xh?kB4A4#Mw
zg09;X*G?p_?u~_!2$Vdi_fBT2GpgJd57?m>UN{i0$oEF)Y@o^{qv@cim0&X6BDAG+
z?0T3ngBsUZL{Ds$7B-ClA{1DF33%gm5}ctQ^AZ6KSU;Ds?#~|8NZ?Sqk*;V7=x!S}
z@6Yv8`IWdk=ABnN4^v5RRlWF5zi=fU`{dzzO$_@;@CT>cy3aLKd%3fcx?gVh$m*c=
zO}72v)LDxN-}3Th|9TuURdvL_y<=$~8E#|$tE-B9^M-aSwcc@pc*<48cD4PyPsfe0
z2#S!W?eSoZ4(y)`gam(IrIsC3lp4ejNX0;o;<W5Near7JzCIC&Buufs<f-T9l3e`~
zg9Y5?ad3hKd=qd1S00dA!*a;W!20bzd6b&Kyak};SG{V(`OE2Rq-5B!K^kyT{{fu~
z1LiMBpH`-L-7Yqmb0M~0&T_zcF&BbbZ8zONANF7^D>HsO)4Bh+<%Hy_0KEpg9hzT=
z>A*YLnEj|(zS3#3)*tSOrm<OfTBmX2Is2QB&vzFnjDNf%SoNBypms!aSnIkxYMGjh
zW%|!Tj_(t3T}a!a#dr?WQG`5ZZ!LkI(~5WRo#PSn&x-p~#9mKc!M}x{3P@U%Nj846
zr?{O={K{Gen%QxwfIBl3$=x-KyatT3Az#)!6b~U@3EnJ0aK4)Ed*a@M0PGG3E?qNF
zsF`j?GQB7G3KZZ!<mhoP-wH&nzBJS~^@U+_rcB<;+^9!I=rsEr<``_(oqpb(;`_C)
zV~*`{{X5}7c*ad{*MA`R)KzdO%E10-yVMnB&6bbL;W9hl^t#?bOTLRUOvstfESSWQ
znZu4$Md3(jg~of=7vS|U_WF&`)yzTaV8*KGFg3n68Z;&7t4mbR2~FS7cH>|`<Eq3M
z2nYh+Uybm}z@zJxhIzuMcAmePU!rMvA|`tDFo#;mz(BZ%aEz5sd~C7H$=3YcP|D;y
zc#!ID?>eH_Yts6_$+~1qzao$}4Mt(j9Z4~S#gEv3pOpS!yVKR_!s*`0<wdA&w}T^R
zBZTrUN{m>3&TA(u!}9mNmU0%b-2O1dOb7@Nc^5?inwmssU8Yov$@>9h5agZY0bW7H
z#GZuWLsPH&EuxG&%5AALyJ&Dj%}6DZzX@hS0A-E+=m9N}Z}VCG{MLqjeBs#khx_f&
z>W7&a+w;KY2Y-Qv`paOQnqEF;*NE?y05Cy(FU5!fPySTrYm=dQ6+7;@5xy5lv-(m8
zv{L-%>l%3yrdb$0fSyAlymTY!aCS;W;bU+*4vlASt!r?P4Q_Y3p9;L`4$$Kvb#>Vx
zdA$V?E}43wK{4vJ8pS?N!G%5u0QWvRY(LY{M>i0yU*%IK^L~=f0Z$TOM`{-nTMK!=
zvMRcTHLo}AUf>3ZU&!B<3cw*1_=XrJxpPM(eJwB;?dq^<A$u0=p#PDl&GnQgHDxa)
zx~Odn$;krZ^?E43`)n(*pp4U>yvVB6gCL80j?466Dw1hC^dF_arOlr{yCEY@khp->
zF#NrE$NEbk3pVAjam6Nm`on8C66C&GX+TdvR1ky)!?QQ5*Cl|j*N+W}{DOfY0sDI@
zfaCyKweo%IpB{WRY$Jp}3_S1|rKXycmzMl&c95KQ`GS~)Vd;=9KR(KkS6d7L!uI)J
z<)r_xW#DO4>iOL-6>_@=2|_gdzAXZ;|L}h}iV}Z(=aFHKAq8$+5rJ!e<^VVWORl(H
zg}bX*G(9aUM%t*9GFnX^idCoKXahJ7bv$#k>Z+Q3U(L*+C8s6pup^tfI3DUUxWDj?
z;$orqeQ{(_mA8WsoMBufP_+TcV*mF1S$%-<H>|7gYimOU4#rYZz$B%0o4C@Xrni`s
zRC_V8x){GrMZ8qvrjyb}iHZptZ{{$cU6A+WxVDzhu$-f3+K`x%$|G4waZ07SXjn7R
z#=#@ph98Q%GH(1&>9I*_8aQmuD@p(L=XtIIX5p`n_Lx3?Ysm@8jC`x`xbS~5On*CG
zM8&&A%OcG9#ia|WsuT)IxgpGylH}9}kypSfSIj_ww(l3T$d!uQRuTXG3$m0POV?g)
z+O64xG$Wnno{>|+c*~LNEBZ5Ycb!r#-LJhN)3vm44l;}vu%GVT+?gM^RUc(w`T9Fd
zW`+JHRR8kr_$DzARO81pMekW6X;%pZ(|%U}z<V6p_V#?3PX2NK`>xM9S)sEyRW;lF
zR>U04<>Mta?e4zCLHYv|?L_1zHG{f$`H;1My#EXUOVw;Y)>2KIdXdTduh0Y<2CFA&
zs%7Wx6qZs=&aj;~u?0gkxO3ofhpWLQofM;E?4>nQM9$x_SS>nPMT}mv(!|?kRA!Qr
z5j*MyYp=N=6unW~q2}oCS!6=A?|<<#`^npqpvQU~ZrL_xbQDf?XLTioUjf!tNp6O5
zywF6`+v<mpMN7>_F;l?BnW(OHMx68+BlTuZJ_y-TD8?KsMKkwsRtRxyL{C{iLxRrP
zOKKW(N<6ytB#dJ?$faU-n3x)&$wi%F{Z<HnLi`XT&Z*!&_3^!dr7NBODMt*e<#Lg&
zm+7_77S~E*r{KKU1magnUb+rj%VNL0o=$`$BZU^sdccPaXQ^;r(LeMs<`^9;{4W*O
z;cf(F{7<p{KV0Ts?#z7$GJlRUuE-T`BlK7paWiY4`C*#*Oa4zY17X5M-$6JUmSVf0
zfo4;`Nx-6sFz*gU-gdqEWy2sTKJJ_SeZ8R(m$x|;xHrdz{OG8O0^EEmrj_$Pkamy;
z`jTf%C-T|%^?qae@Mm&2k5>);5Ip+(IL#hfE=YQwH4dPJk+K(Hs->HniK7)m>=^wR
zmZ}B7S~u+s5pX?id7wr!qg#v1pO!O0=vPHIF*9q|Op~oS*%Knycs0ffm62<&n73Lj
z7nH{Rcm}R!%Jaj`3XO#2W?4JGVD;S1!m1^8zq4pLMSHsD3SVceCS9|@`2N*CK`o?5
zK07B&_Klxj`-6ruVx)=~{KAa3m{xdfwIh}+@-qx;!ir{8K1#_CCxNGMMP6cmT-<e&
ztY_k}P*us?BQ1_h*OujBO;;MA^n!*~CEIlBPoe%e&sw>UUiIrnTj`k<PAg4aRdNUJ
zydN<;WB+iIuxLG<SESDSZIVBueW`XkilD@X_BCK}U^3k{F0!BnSA=O85Mhy<VI`~m
z;z-D6^mo6>LI3r*+MB{3p>5B`+OCS%tGyndo}7|`7C427t&JIm{BK~_n@o=B!@}mP
zkVL0TT7?gmRE*lRedR$a<YQ>&-7yFp2P+ThB4`g+j0JhU7HzX)Z{*Z`ni95hfskVg
zhYyL)fu+8rNQ0S|DM$WFxX_O<KndS3yH&R^kIpfhD#wyY^#MVJPNtS-syOjpx*G(v
zyc~>tttw&Bk<5E80(Z*c^%++8?2T6{*+5-?lrn^DwkeyKGpebSv&V#XjXkkf(gm)L
zB5zreJdOw3Ln@hdRw2n{b6yhdFhb|RM6FFV!d^1XmulZ+%Qj^Vl`g9OOchK$y!yFR
z52;CfMnj+x*H}BV2WveTpQkx3SMF=vB)fZ%Vfj`tKXvh%zB$BUP4!;oo-C*207d-;
zWvc2iZ9bfoh=wN<qrG^~FEE%)0`fzP4nj$n3-7uXT@FopxKFVEM)C<TC1*pqTz|u)
zUBEb5XA_ALgKFjr!K5QGb)gvjX%@hCvFt7~jumo{6xYX-`Iw-ZaU&cqbic|M{z6Nt
zO+v|h*2G3$go)0t$Zff2qv2`RPRU72?b6(o6f1Y&l6qJpXEQ2Au|V38sE3-Tf_VYX
z6mLU)e$4CU=ClV7@4RQ2A|csk+1aKCP&T@8nb}erg{SqwKb4oIxgp-ii4?Pj)I#>&
zGBzKDe6OL{TM`w=ZIDH$rx@47EZOyESh{w4*&f+O9!f^78Cx?Iu}()NJ`jd(+3O5~
zMmh}xn<xQhqLcj8<Xb<Z>BZuho%2T@Gu|*#;s}X=XGB3K%FLJDVzlcKR}TJWWsu6S
z2*4!nYgD=>EoOQEcNO5$s==j8g(Uema@CJ{5@V#qB_|~=PDeGVnwM}-^Mwol;+lTf
zT&FodCUxJjwMP`6`~bgSF{zJ-nX`M8kSQC<2|^o>1BYGXSchn*n-dthU?^C3e{N6I
z{XC-xljG6~Z!xXwYK!u6TNchkiCgIU9gT0xA&E!r#TfeTlKxH;QeICnjoBPiWFPS8
z8Ip<AM_0{h=WZf={40PGkxrP6Rgs^`5d94b!dyJd@_A|X`7BbgcU9&Ti%vi=^LTmj
zDqBoid2+b4d;$Xeg!jHmSw5!O)&p0*9v9oENd;ShM?NJa)R8F0qNJJJc1m*wwicYe
zb{pEq1X%Oq9*BfSU%w!8j8qJr-iO3N85$O6<o6nqBq|VTTJl75qwPd$vpO^DPD6(H
z)pT}9|AQwKVH&P4B*L2zq*(4J%lg%y{kKxbK@dOr!Ej(;jvrqzzN&#%iY+Rku;`}@
zZw<%X2XPySRSAMSh)_yH_VbG?*GF}AeWWhD-AssUMTTai<iddey)V%$m3&uvvDSE<
zk)2Wk;RAVm+^&z=K5n2c4<20+Ump1O!uORmz&us$_|5orz!wx%#Tuu)JPLp6<FaHw
z(0)!9!7I2k^)R-`#K_3#!a?1d<@(R#4<>vN6H5k}*3@<Z;jJRxP{>;%1ZQPk614O^
zG$C-~3TqUfv!C;`V$B-kZL4_-ikb7XBM2HTKOU25r(3RoyH?#4=da`O2l!vJyyB;t
zYoGqTpjW;7IjkhkUm+(w@<*_g=c&7{xM7LQ<xD0#cwOv>jgx!H6rK)(ji~M3CZnQU
z>}7)~X<1{j$}woFeadL=EQ{k!=)zrN6Ef0Kix8Izz;;*c%-UB2FwN?L2Rlg1egiVU
z|LPj{?L!HK^Q7$D7Sb@jECDTPtzQoZKQXnAX8lBuN8hs9LhO#sP7<$4(G`mru6rc!
zQ|9g(-e&V|w=lWaj90*8_E#2Sw2@1)!pRqrbGxS>Cl0SeSL>(0_odT!V1E6U4t@+N
zrUq&}b09yh9P+LEHHf?RhYmKtL}Vx%KfWb{YL~qr`j(du;#XcGDvl0jX8m&N5ycx^
zMTz_S#ESZ494TX=S`}C?w@#y@0F=@ksNo#Xqu3nF+Ts+{tn?GyIJ0`F6?+^MSf_7(
z!H)6|=MzR?6lk*HjV(8jW(-TFmt~K4I4)i|7!~LtE!K^3-tux<d+FSE&oZ3NmJhuQ
zW<+jeI95UDUezG%-r_K`@R>T<Q#9MyUb*nP+GU`P0O{i?imwit#qOs@tgDkH!<n?Y
zWlC<$q+<aTd8Ry{!5~~y??BR9m+~pu38GZ%F)vG__C<G*iGT-Uk-rk+zX|_U;Z#z%
z=?^|#^ifrKRHoC^h&!SZHz13kM`6v-xOks{TFielQ^Pw-*bH)c!k3H2z7l|t-h9!!
z<w*<m^91EFrVki~`uF<XH?S5Gernns+8PA=-`gLa;J=6{w+w(efSka)3~EC}BNTxB
zce4E*5rF)kS+l*jZnw65fwmU<&m7c0zVaWf&wpjK?{EL_IMMwNjqHoy-jFaC3DO;E
zT0i8ee${{T6wPB}Tu6?KQ~eHSO<W(ec5eZ`wA6c|kQ?^vC0nnwJ>=gKI}q8?-<!!g
z+QsK$O!|~4li^XdRMgb1O+29wWL|+qQCR^Eer|c@Op!9<qtlG{IBNN5{|9ex8CKV_
zYz-3#?hxF92iHJwcXtTx?(P;KxLfdG!QI_u;qERWxI1|#`<$J7&)w&FzJK5Pz1EsN
zyQ{mps>T=v00BDc3#B&z@yeA_vbaIOB6Jn)IhB}l`bG+PFBgf2ay$w(fU5pgx5pkz
zk?2T$bOF3nnf712<`kY?X~xkl;dLe>bh?_*K|3Zzo?qw|LW?N+tQ&9tvD$iDG=n3<
z!;H2j!2}h_;cFqk#Ax}jKa9%BVQGQQMr&v>ZqPWiL?pdOuP-g7t)cn?tEFOI4$>a+
zMpAi+1D8v14H&J?%`*D+R<b%nZutOh`?8*;M5nHyKFUJ%ia?0@eB==;m+(3iMke%J
zM~mz4LRj{o*gd6e`Ue^s&sYJrmzUcPOK99rRi7DTt>%$t0BoP1`tB(E`pC$Lw79sq
zoZRgrX<BXkxx0Ww=yKyIL)1JCh-ZoJWu#TH8Ondmz)79f`?J#SsQqs8VZ0qD&%S3@
zSe)0lz*n%E7^|4t9{lb@d8U$JT-8#i+J=LtyRxEzpou-?a>3@3Mbz*Gi7T8ob!OuD
zkttM*)bJv>Ly{^zy?WB=R4W0ifxU!4a67$lO6NVCb}C_6DT+9EvXAcq5CX;M_Ls<X
zYm6E2iY^KQ4Mdp$jG9*SOh$c&O`fq(B};cqb&k86(2}2?z0OxeQ4sfIt$n7352o?O
z2<R#EDDSPRzD-3)a^ms18e}W2jH0T-S67NW!%4=a4WKwi#+Ug<hU}Kc!()VJ(P$1;
zaJ)eqJw~sjo)TxrNc<Shf?C3&6YZP327AIBYfd5aJ7St(J*{k3GSl#14$9~nY@#$~
z)-*|&SC{BwzqFO<(+b7DyPIK;ig3EARw+0D2(<b_JPKpVS(&mAeasj<1H`M{(x)o|
z>a239bMrw-$Q&h;+MP$g4(@vD#)=95R7OZ}c7I<@%lSS`XGP(2T+Da8T(k6x5qV$r
z<Jsc#cqHIYk$mJgsMATesK{U~1@n6aH>xDjYY&@1Cjje7H-p2edJ}6d9NZ$DrFk$N
zkUf4_rssIdU&SSmH6f*@Vi+B@cCBZKB!A#c*>ta5RL#mK^bKo)I6-dU&_)d^<7Z8J
z*z-(4@kIc_iFP(UG;b3nc{40GLF(J8ve!r`H#<F_IG%==i3F-8&LJ-}M*-j8DDQY$
zLr#L6D!{0V`u)uEzc2si{R;0{m`9Nn6{M|(w?fU*D(Q%cYOI(X2^?67NjoA4DOKi@
z{nUY`W<?=Tu+GL97w!svGg?{rpEI!XjlUpR59g(tVpiXLbb(K4t8IyCRga@qwC`ca
z(_gOA`pjg)$V1!=G4NB3vwA3Lf4LlX<X5V-9E+X#F;GCOaZ4%)ixgtK!IzEdE2<S7
zQ)i5FmNxNV+_<drr7N*~zuUXSRx&6?3V+SG6_X|14A|$LwcVEp<wJGB?VVp^&?eXw
zbidzN&L%2`7#SxIH*2OG5OBdnCdI_==gW}RxAtl9Jj165@f`a!x@gSW{_Py($#S0n
zcm{JQ4-R<NutluZ`(&i;Xeja>>LS7NsP2z-OGJSf96cW7J8q*M=Xfl{LYa)>iDf2Z
zc`k+E#*ibhGDH}2Z4>>vHed)q_NNN&mJ8b~XDo&f;fh28YGsE3>;6&i8JYorxM@r6
zmJ~OcMy*9wwS4->1P2HGER??~IW&A-8P4Iop@p}M{_{)V>LEq`r887}K<So4MVgA=
z+iFE~U_W;YYSbBB3YAzM9l}zF)hyHsN~i-dhOd2IS|;v896}sPM`>$}oTT`BcG1BB
zTFtsJ5)D<I&V6w<#GGEX7@=!tvblYcsxD~@wF1SwMoSm0!{*clCt9@9L>$`jc_<?z
z8i~wW35nA21{rjiE>Vh76O$Q~FOoy4zdU0z@Sl}GlbF)ZP3Q_2HowVzV4M9I;}C~C
zY^6ymt71;?oTeNWSwd=*_gM_)ovC?hEZv@0Hm`two&;xFJ*K#1nTc^4b^1XRfiQi4
z^=@R1M>AIC;IE?OgA^5>KgDN2;Dd<I=c&^l;!Xcrn<tUiS(oQ&+wE-!ppi>OM@NoY
z`$IMT#;|hd*Dij}H<UvRNu%pw%%|=4fTPmV={Bf2b>s0;mmLO24*{G<AryoJEDT27
zh9_5eFhCOIy{d$i)HKBjEUZ*A{j6XH6IAyRTL;63=Ppu5D>)xo3hnT6&thPGD#fO1
zCb<Y&F5kx`Mx;iO?|kr;r~SP_?aykMl+0Fei)9?k0lP@`!L+YN!%rgs3MBBHo4sQt
ziz6WnsDNN87E$adPq~VGxYew4CpJfBK7G%%NdCqmjSU^+f(cYVtW_<&t}sI0@|knj
zFBo6)Mtyoh8I2ac4~nHI?xW1;R!}fri-ArOB38L!D3_7qxQTl^xU&sToN$09siwq@
z+bLsUq;%ejG_5q^Xu|POj+0tA1A)B3&>fuil)z*GkP7O|h|9Zgu`0HFk3p(3x`MiW
zW{R2zE&552jAnW$FN5Q)c)8bokTT}_ZfM?&g=&3K9>iW$%36EiLbAENs@y5KiEWi}
zYLv#T<DWgUpzuQUau(9C<`FKfs_V8HWc8+63Ot&SN0P)$q3pdHY|DV&{cP5%-aHW>
zdIi;$!*|`-A4IdQC{rNZb*@0MjtCD8G@uUxJlrMXtxzTRy0*NY7B5|~=+=jE@Zv=B
zSw!!XnEI?UMzg$hg<}AB@P&Ju&CmaCKj&NKB?KZN0PQWk*h{m$2w|9-nv&gbLtYZ8
z4p?iWrI{lbaVoP@)z=U)R*`Q^8V<CvkJb_%;_d}No*Mpk9SnkB_!=qdT@#1=R}_6i
zTe8!S?%)QqteJhc8@_~cbdTy2EPB;_vS_XUk|8{U95a#kRIQlym`E0qM{)pW3#0qS
zGbv~%Ui0(j?jaLQz#EgrVwHD8%-#d_#5*28#dAch4llni=uy<sC{Zb{U|hnLX}%?p
zS}OW5Hgc}|d4w)seQtlb0QQR>Df%~mJC-zk>taP`Z-(l4(n6JNA)G2SGO1s!Xhm0h
zipW7S&WL#iR!eL%3Dmj@NiUbPC?p!+WPeFm5KLqsTd>5%o0h{e9)5q_OK8*9Twn1=
z7pgc)dZ8526|=t5>&adt&`mRyc>K}5f#Vuxpr?O1>p>n$xX$!EnZ!qqfF^YFdmG1u
z6Phhj7obHqm_KmAv=CN}Mx=R9!P7#iZ5bhz+7uD4oq0c#q;vJ%=L+;AnH+VtWJPyp
zPmSL|F)A5h>FTgtWp;3vbw`80s(NmmAP#%0Cp*@`q^^W|RLa44595;aCycLJ@h%4+
z3OsPf@q>Nt$<~HCz~*2fCDm@}jVDcgQu0)JF=&tq7lmG3S{DsqW!JlmA^8P90lu)C
zz*p@J6rVNQDFj5G&<#m;gkOYH<!0i4O5ESydnG4ir6wnr5lv@;_I%N=_V368VNLA2
z_yIZjt5NuABt`Qn#?Rewa;hdeuoV~$qR(6c(|h|ZksZ12?(Y3=0*sx1osA#AR2j~r
zIPHOS<%tF3^7kE-`WBLa^HJc#T7mQszq{H9O|1=CfyhAI)=((Go#SwK-<dIc<aD3~
zU0Tn-EvPf05Fo;N+VNP-`c3Vt!7<diq?}(D*?J@!rIFGo1eIFOO&9#;z&sE6;vAhu
zQA!<%o@B9yQlACO0B4qJHeFvp)hF^<)W{2HQ~~WlNkhuOF!0IXmiO%x=TZqxO0>|>
zFq;bYG>!{_aFoeW3}Q)*$2TlSuJAID(@3$;pX<l>8{QagG;yS$to(RO)Fvbj9w<w0
z-XFq@6;XRTb16%4`d>F*X5hlG_wU`mTyIG!A7p(}<Tz-y(Nm5T{+=v#puwM0o%cE5
zGy~AIRc}yJAFFifT?%8aZx&GJG}G?*k#z~d^aiLPqztMxy-!`j#ySIg{064`xHmeV
z3%NL4|5go(paV3o{s7|=z%*X)Q);Ld(rIfQ4e#j151Rv4%?<pS#b`w_KNEHHg_=oD
zGkpN9Dz@W6%>P|sY(lKk#%>Kn*f~}t`ul^3FIMCPpk(EeZ0Xcn)IlONw6yYp_c89-
zO{BQ|8GB2|_78+o##PxfDBV#qLdqBM<Q*<yWS|iSqsc@Qcpe5xka(YF5>;P}YhUXO
zCZ)OyEmdaR*QYXBd5XS-m{OtF3uB5kgYowczA$!p#L6ec!7{p;m4_X1I^!dC4<d2Q
z7lU@`_#1I#PX#hWL^Iv(Y>q>C8M<Oil5fCz1yiZ`7}TrUIu8}<wJIaOS?bA$NLmkI
zEXQY^p#0s6om6Bcjpf5-HQyY#P}{ny!E+3slHbQ>96VG^sI<Knk{PN|RFc$x*wR*5
zD%-NfS*)T)SwMb0(@h!Kvei5kAAI&{bqfkX%T9Z#Rl>=0u#_sb#^W*)(7R*`5X-)o
zPGweH$zG06lF=1mc9qj*EV1?Sdg4}%DVh}u`RY%$<n)bY-VZ0f!Y&#QR6jtEp{OuP
zf*@tK1Dl(yl_7~#_L<9l?+YRKM8Dt<q*p;az}<FSO-YGG6Ot>bwoo#Nzoje2*s;jb
zT@xe>BxhOK3RpRkcIlcI%D0TPE6S6#YL+Oh=l<H8z(ns6t2YCR6F<cG;DU8e)7Iov
zO{X(YS0YMZK3wA`Xl!l)>%(smHOSGkgrltDcFBT9OUTcCx&OouC^|rZZIr$r?&!Zp
zdX{s3*DHxWWBMfW;8E1Pg}?~|BPQcX6pWxzZ6&>wxKyf>9zQ^d@Y&9JI30G?{4UQP
zq$Z>BNyt(3DveYBK5-~#Ed;}|kRfwyTiuOF{L3!<Hgrrbgoj)TyBQ29%<M>UG`8y<
z-zn#4ijNS~Sj%TAsW!3_iafe>`d%Ym)M;B1pq+R0P_u`D0eD@jZuc4ayi68{Xt<s+
zv2w_3xZNFfu?}28)O6f~#y`KhJ>c}*01nd4a_DXlLx=QV&d;~>swCwJn^x0Q1nX8!
z1+tINd`g$yTu_%Tx(oN~H5~bt2c)?7icP&awx!xf#7zzU&G$t*3j?&I`v{hlf+dNh
z>oeIUYh!o7X^9S;mSCS~zFt(=^91tt>6Hib$r$9q{$lY*W7nnBGEG;2ezW;Q|Fp*s
zCp5h97Q2p7Bx_d6@xn&}9Z;AReui|)<fAyAB6i|xe*|=C_Go1guX&9MkiSPoyfNT4
z3GUgG(QVJR<x8shzy<UsaNC}UA(r||zCB<BdjiFE+Ov>f1Yc-zNbpshz?~HjK8G{m
zRVvgafd~QW_uT;B$#R2SS`%E%JspSezu&#K=!1Y4Lekjhd(I}kY+AmayLeHPQnvB=
zSo7mlJ}66h?d#&HH3eF1OYM&(rf>R&Eu!0kcujCdi5^*sv{f{8BwZ9Z*vZ7RI+f;m
zQF4nn|Lrq?Sund(vSr?4Tzf}=f!G22i|Gn8;qLnd=SBn<U?-y<L>?671}tY1+gBkB
zI~@0eIjL&VI3jF6xqoj>!c$HQ2|>}RFN~kTi?4-fv~3s4s#jHJ<=+z9$al=l7M0A&
z%F6trdw6d(59oAOtNX4Pc18%RN<MKvZ^Bbso(g@{)ZaPVy-G#m`g;}tQFkI>5=tuC
zA1*))L_8id<L~i|lBErXi0R@G`)M<Xd7(;p>iRRQXs%OqGi$xu%RdtaVidJ|Fi9KI
zm6+VqW<NO<T^lATyj1Z8E=|h0oQ05tk~j4|)Wq%e)XrX~6Pca8u0QZWNy5G6MZl>x
zqVq%s_l}0hnhkLya(l}=PQ+qx-pUJ6ASaGz+l=t;G%zzTHkxzjl>K6BrgTTeav-7r
z9_0tnI`v^0e?{pEOYTZqD{&+<^Cz!<YW-dSH8t>NLGpiTv4j~V{O<Vue46$9X`kz~
zb^F@Gm1z)ak=%bL2D9i5TFLcRugft%51<A8IwHTynLGer5T_@7U9nx`VJ<71)vC@G
zQ?4|zckgYY!)ddo_$#{dmUm*FzEqvfu3IrP`kKra(5ehCv_uwDukgm^(9(1fU^N;<
zn;v7G-qr&ej^Zrwx$Eoyd#{lY?Lr3%Fx&GCy~i6vreJ;l8Z$4H6Z`;fp|1k~gONh~
zYt6r<vI#8D7XB=#(d)d+fe&hsy@2KRcI|29HR>69L|Hd{nxX<#D7PZ>0DS?|ncFF^
zjS+sb7+#Omp0hTkV8q|=^ue^z8fapAs|JW<XTs10WB^t%@^yDgld^C`?_+fpO0m%Y
z1_8c49C-coTYu^8$UaCX*9im8l2dCR`}p>3fx9h=tbOF4gyWehc2~S-D|ahvPNr9Q
zKK4t+?>58JXbS);J$+rH!*E3Gh}8EM>a8tL>ES7&_R34%-esV5;_$yu<G+!&uMY$3
zR&;z-!1Vm*DE`hE{eO0unBb4?IM7B+$r_A$F$6&U$NdA?rVG5YORX+#U8h4-<rDRX
zetztQ+4#036)JyU^#5c^!O)pOjN-!p+5z4S+5(DGXsc0?*)ePwyk9y1duy1kZ0cs`
zKyE@eJuR^p&3HFiIlZqY8c2~UdpM#obNgW8QuXrI?EOoY@K+rhZf<en13<UE*xPYi
zv`xTF(jjBR<Vf0B2|V)Y2a;1yrSGsf_$&BzF8zW~yDpxNw!XEAzQOrNjj>Z0e*+pK
z|Nh`2;d?WxiMR^J+7m)@i*TCc9UOB_H8Y&o!%PorX)){kF8!Wk9JQ~6|G-zr8-+3!
z>9EC-xy#XCJ0lScSZ&BmLpYf$7RPu=ZN&2FiMsv1UU`+JrAJ<l1mN(4PCo@)_zVF8
z2~A05dOkeVFnmqi7t4SkQ~)!A+a~-5^1qA=XCt19aNYQp^uT+VY@02=qI37=;)fAM
zY)nx_C&lK{_aGpz#@-epF_rKQ{c8Yo2PGF(mx{QF=rBUj_fIqeQc|Qz35}7dLFOqH
z6Nv{^y2k`pp6WT}?_5!{dQ#@%8Kc)z=$oX5r7oGZVQo(FL=H6e2$Vaju-d^XJhZB`
zicshx*50|KPS@&bwAY(X_BuR%h!oKm&{-X}YIEqtj&{-HV3BJ`$5qnOQRSCT-ip&O
zDq7<df#eWnf#>P^{){jKRb|f7BhI4!Lrz>@aVBPIB7u`OV}{kmw7dD@?R~_AIny$F
z1kj;w>>ypH=vz0EHBmUP2u<QXthKwPq2M<evv~ec&8!~HbjjuVsv|54vWzOuP#Y}F
zZzm!A_AUbcsse`;)h{^HG@)8CUNSID0ehxe9{hCwBwM6>h45lluy0}hiI6iTWx@dH
z=|TRWW*FR9gXC1$Xy6@s3s4yksKf3F#{bT6oqMh<d1daL4$~UtyweZveIHuq%}IJW
ziI=lfD#1ANcXj(`)7KdMscS`VuepKJeU{E)fG5g}N<t1~#;)9RIzFuaU>ows!Bc=_
zRbP2x{sv+D@q{%Nev)`J|0DkL9t#VIB57I7nid?<!5HJ-Y=yr{Gphj7TZh4xfH<aa
zHY{cf(<E=-Lu2=qGkRshhPP7vjF1OaWy|vH!j=lt;<O&6K~%(;oFoK5%i-$EA{Vju
zGM`f`i(8>Ghz?V6OobVTr@$kpKcxvqO(9ulP4M<vjSbQ;Ic}P0u#1`199Vac!|H12
zxl@-d_m}IYBw(dX`^1H`^q!7Re*XS_L3@W?J6To6=$VB=Cbo>hc_OA9mRPj%`z{N(
z#k+qR?H7bIXDup?CPFr2GDpYFHwc``daf5km09a0*BC|^$)5N4K=z3v^wahP1tlwu
zF}Of?5Jz6497%PNl7<f&NKF>VKvCHhHuknG<ErF0IjyM`C6AaebdM^~>DC!dKkI!W
zA}Iz7;WVg)-k>6bw<hpY<cZXCZ)YPS*OaiLH(BpBfx>K(5b%#Xn%FlI&&KTGq^B7!
zjnUvS1T{Y+^g@OH7>$r9(u+|~*@Uj_EMVKy5jG{M&5^!^C<<WXQXQFNq?-tRvKr?2
z#+3wFq=G=F4pU>nmI+{iCkWhJ3a6^AtsaBkNSHvK6HG;vo&)qlGGvxW5p*U&pZ=M5
z;SQ{qR!c>#oz(AUQ2v2W@(bMs(}g8#=}!-lHM!FYJbIT<GnB@(8o$BuK_is~K8i^*
z5B2^Hb5@?K4IN_1Yu)<6Xwt7jnq9S3$&p;W-D0Tu(O<n26j}<7PtMW|A}I>Oj+t6u
z9aYO7?MtvK8fDE%@E5VE9~f#K1L&El0$9_Q{&V(;(lT5TbQa-XP%_?smSu@&bU>jN
zyAk9DH_#VU&akViDnnW|zL(gPB!fFJwtA3#tnd*p*7yNQ5t}K)v9hA@{czBvy7+9s
zRWPz@*q_|4MJX<h8LrNiT3(1u-2hY{3*SKP*UK1Ko1y3KQ{FJ8yHoJO#Uvw+9ty)}
z7`Nv%&pV;lr6}L?Pgg^c1mV@9*>uHkQ`FI`Eidb`aJcRTD3o2Mt$ks$4aEC!Pve*#
zwne+y|95HHRCAQutTm6Mq)9BX;zPI$S!irGqAo$ck++W#U>l`il;62d(8wgC8m7|2
z7g?D=er)u8B<xg!3ps~}HE<wm>XHCKgu}+L1C#3ry2Be56g;vxHkOv?SCgowC5~HK
zP#t)X9yI45Bc@V!;!P3N(0q@wxtPcC&C#+(CGUnQHhikYz&t{vrYi7?uKZ{S-e=-L
zS#tL$SN(IhUoUIm)$1(OFK2+d^I0v>sbU(BOr^s|<D?O8*PsCmqw#<7jE8S{J+-*6
zm|SpqsQCDFHI=oK{+*H_?A%|UD7|>R&yyO`O}PWGXBT<4Ixs8@z6vIy!8c~YK+#yq
z6I-W7^xODd`1Pp^Kuq_dpi=jJ#oF(W<Wpe<jzl|zhpqG{(0qq8GqX2ue5ilZgc8Va
zuPUpf6Kp?I5DG}b9e>1pW2+-NXzf}AW*D-NGQ@|Wu}c}5-B%eUweR_W2jON_=3yd2
zw>-{ofwIgdHIA{Sn>{PTDE=Yhtp!6h4Ad~_Ng!=$!n}A=<4Y+C2l`YL(n0%yh{zW7
zJA~X)I+V~etGJD~^|XGE{a2i6b;;Q#7LioSeM>15Cg{s~t?x7B4tjpSiy&z6(MP*j
zgLYY|D07f6$!Co{9#?<a6VdPqrqN{RYt9g#{Cqi;=f1QHJ@f9r?5|Pbud=>^x|?zV
zpbPYf<t8V=4`pd{e7v1#=b^!Id>My!BMs7a;=+caz58;af;UExp!vit`VTCiTz~+n
z_8Xqzn!RjaE@fKYe7KMJGWYGdk1ZJnW7Yjsz~`?5iR_eJt>dzlHd|ni22jW}@EQj6
z7<wmWp(#{rUUU-_^i=APk}y=S82fRO63NTBtB>@U$EMkAU!Bv8_pqw*^O`4bkuLIK
z4JcIF4PGRmdCHBgf6QKyB9<d?Vk948o=A&xL0#>>h24S!pZ;J8FHFLn);!5dn#H8w
zaG=yXa@38cid97oAnaJv)TJ(_XLvnOPYT~3so%n*qp7%loH~x#maLnhsD8%5qlkkr
z*q%fXaod|YC~BevfYgZpv^@F82~SYB7Hv{hs`dby>Et3SKs(gnHZ>eDXG7I4h*eP^
zOP>7HNq9F^FYsU7s^3y@`A0rW6B#C;XI;ryf!|AHILz0AP-;-P!$QeN?O$mh5Py17
z+}&yl(Aj&eg*4{mzW?#&6~_EOBt#2zUj>f<8kUNy(p1*I+S|=it~4|sxu~lsaVd-P
zQ1G>Ma8QGK0PY{j=>NRe{)4Xf*LC;*=R!8{%>TjXhM6T0m3|l+m$WBGiDRyI<Y}iq
z=1*ML1oR<$k$2uDN@e9CCGAc_z{1`evk|?!!8n6~I?A0(B)73vqZu1f<x<{=H%y%%
zWmZ)c-)&Z8Mg#>ty#d<<;2wTZu=gy3FB<_5A?`LmQ}T$B#K)S~oGCEM%cfW5xs*N#
zbWo;Ab87+B0lK`dKer&D3CtyxyAG8z$6E;FKAq!zLV#Eolhu*-{8aMPXOrCC1CzAh
zf;KfhE%BM_7NThnZAPko1N?p8Zkn-ph*Rk$V`Z(Nq|(8tGdWov*4>~&I53_Y;4lZW
zu*-4Vv#Xcyd{OTY9l!Z1iqp^Dh<*KC7q9R8IQS;KBkiyIx?&n%A(TOZ1P%wJ@kcJ`
zKehP1$&Lja5g+U5Q#?AXE3AE!Nl(&$32>)*zQ2afIT&>$o&Dh>6v0MUccNVvY$R1?
zw}eq1IIX>$QPe*s2$YGMM&`6{Inn>NZ23C{-Znkd3uR=%>`&ouO)=HX9=#G0V?eF%
zmTLKkI~r38>h1YrEYStpj4UB7)aWv!lghll>Su&R)nQ0}b7(%KCQJRigA7&))R4fW
z{{sIm_U#$1sKsO?Iyd_&4rb+9{3d<Je92hIT^OCh_K#9N^TH@Nc#*QIYLW(GPMlG|
zmIIb!mQZ3xUS}@3IZ6r!5{LCQR?&Q>#Az{<#TM3%^z~D^#f{Uvi)nFH&4iy12Jzos
z^0hG*ARNs}E+;-rPhG-j^Gn%dHnjOBA`o+n=Kb``$QImQyxnfH=JPJ)yjFn6Pyrx?
zMYOj&<C-Y+?vUH5v@B-Yu4VD(5Q#6CAJ6})_~-fJPfb6+44TZh2V4bod-Xh{(2l!e
zy-Ok89d?Lz;o@bfP<B;_S>%G3GI0G_$0vwzZ2QjhDz=<O7GSL&*<y$8yvo3UoX8tV
zTOq|S6JM$)siF&|L8&P{HK^Z*T&ms^I5zjbuR&-p(WK5J_6>AKKUjCz_JM?*w^30}
z!fHAQ%pi+gqagboz+B(>Z51;noYc2U`&&a`z0fNdz-L;ha!u{$@D=v0s34$vUn)OU
z@DP}sGg?~9f+K1Kl+YX*YQe*v@#9jf#Kg!Rj#1ET5cr(72?}#DDJit@03n|*3fR{p
zXFTDYcoWc;8U;p2g+#SxY)~JSLNsJ8QI=X@kjUet0g9{+sZ93pfTUyo&Mz7p%NHyo
z6)^VFQa}0|EZm+CDfOZPQ43<QWD3?<CyKiE^hGgK8%tEA_VAZ1i7OJ+=%ZRZjtBV5
zZ2m!12%pgjR5`u{PHYuUj#)sYh+e9~&)*+&TCe`kKE&OHZoLZYnq<IOsuO8VIJX4v
zAgna+2*=-b^lZimbJ`_66So-S##}~JGJ|1L6*mXpu@w%e_n7{(g2o3^`B&p_NLg5v
z;GKh?tf@ZSVm004r#-C>oj(leVjRm!PV8ShAo~C~V!EHXzG*8~n0SDgw$+*RZ=_V;
zFR%Pt_AD3Wq&?G04bsp}$>GU;5>#SS$!uRJmWzej^5Ry0-8Mbpno7`@ypJz?aj6;0
zi2{@lBU1)^Wf((Dfu2}DK>l*A;!!r>a%u|cL-ju)(gFD!TEtW`vrG554w{;nAd8l*
zEH@L}Wy-lYM8&s50Uu-JB|0dl$=8`t-}e<B=0CVCe`c*&8Z$yOUl4H6>;J6EU!@yJ
zHlNOb(U(VD-I$-p=4C{JZL6wYib{FaD?AlE^PIgeB(<|TSUd)WVNBi*hRD<c1TU$B
zNpVwj9?6cOtRZ>$bN*(y$uuk-5p04%lu}tO^LGq`#b8MpQiqFzO?ivcA3Ma!y+zfJ
za=(1$TZP4GZA*Z1HO8n?t2-aa-Cc1WWc(ERkqMM;+T*+6!CNnbVi6Xlg;Pyg>$Y=j
zW$)3K-s9?1D60wmXL|w&8$j7aWQ065hTnH%EADL+wxD*~(l*-8FEO_J>m;4`9Npy(
zLnc_5JWv87svN?x7xEVkRf1nd^~S$cgEEX?z`#8Js_#EO>U|I56nd$T;UjwaPRnUV
z>Dw}>OQfGi3uuea2|kNBHI5g!<0`^2yRgl{|GWn=k&u$X4h=soYwBc=f{mEvxTM1P
z3Jwv;ACFG#oR;zK6IV(=w3SFZ?69kNLuvqK&i*@4Ys;kWdsS^Hx&If3c(P?dmr-vX
z0TFx5G>X(Y7Jw*wb<)<yBj;f8BR6mAM}{#=$^9g?MKJalGzjhol;zJue(~C;>I*^M
z8d865h#W?iHj6g`JWR25IR}7PO4DUm^O)+-a7`d;=dV|$Uj3;(MlQ*LeP|9Nsq*RL
z3p_J?3`xA++^7aLds%g5)roAw!bb4)5VLFWrl($y^=8{g)~5RR-Q}>f(vz{_H8k8>
zT$<@R#0GE6HfPKa!Tt_4oxbHh!69pZ9WEEUx@7<|VGOK#zO#3=x`K@WT9f9jK)c=n
z&LI}@%N~?<YWC~N4&5^cx6F!p4*_-rxX@l|b8~ZG2N?nz>GKbk9b5S4OVoeY9Ij3=
zpGyp$B#1BdU(5Hu<r4^plN%{<9F3?Te_N9CM~gEdjQq$M5R8vm*jwi}6pJWWGA7BN
zRRAygNK0vbGoa0ERG6JE<F{BEj7iz$2s0|VVtmP4ua!wQj}$`%w^(hHEcs9lV~wES
zo$M1*zBi}0_+_WCg-HCPTh|<hJi^>$f#eE}h|5pBM|0UydINnE4-oDUW&hF_6g=@F
zt0$r5%zZO$)A-`B>c2`U%@(VJQZ{UF78Q$}3<sKosi2u4>{~>A1>S{&=M6qY#RZz>
zimqnZ7>d;oGrM-(qM!wyTwG1P@eX;RAx;p9VTr#T^!aiu4by~@I`A{;i%Q!umo>rv
zoLAVudF9?DvO97quI5BeX7sN5mVFXK&WN|d_p)1v9()NY>&9`N#$T7{OA86-4xGLg
zopdb-wyi#WlAYnGtWw4>mJh7+|CHKEd`}^M19Lv+(z0q5|Dv+#tN0V{>@OJ{>ORV@
zoGe`f-^4t_ozs+!?fFV^f~Xj>DX`TA`)ZJ|WQh<h#>?<@Q8L>&$zQ70Cjk!C+cbk8
zE*|0P@H($_O56{p_=j}Y@~2I${XbTz^6?7};TO;BLGca|7Y+X6e+?OB`{~jazkd{O
z#kWn|^r|fKGk!!7x0(`e2WR_EoVuT+>UK|p5+I+Fy0+zoZAM8^%{BvHSXO8Z%sgWK
zcb<v`tREzRwK9|~zBQ7{f7c&n80vsz0M+jj`8%K#u<}E$+QlGaaAFzZA2rj~M={Ot
z9TFugBI`op`Qm&HpC7YN7gD~HVo~m+xO1hYV3Ay^la=KdPMRP30V2ZE=`O$FGa<y<
zLZUp76Kq=DMaAF36hpnHZS}?OyM`~ep72keF)=k90x;GB@K0K#hX*I0<8}hXz`v~X
zHhqZ&+a&oRP>uq3HO$XI%PE1gXyCs@eE!gN3DY+5Nkc!a|KGj@pkKb!o8=nVM%`eI
z<5R^4rV?UOa0h6s{Mtn3WZCC^ED;u)X&%VPE0im<R0w#(=c&Fl!eSs8hhjO>;ol#H
zI@(Q-PF3cwM<tO9Y{M-Y@!|3D{T8E}w13yqS@sW$0byw!OLAXFcI*!fBXRBS`u(J%
zNvW|pD%IWbiK&HribJKbbG&!q;kC>VJJJ(ms-sr3V@CL~n#wzD1!hSYl{Q4+A3p)m
zZBM8nY6gaJY;4$|)B_<p7#=3nI%0oTZx033>ld>(NzQZGka+7F^STx&OI8#P6^W8q
z#oO}VwbYm(0Ck|5BZk3hFplafAvj_l1<xF?NGnzKklwQRY3q}_aOS~?jMa0~(*k*i
zWN+lRbdKNHcG{40Wb~}Vq8u=L@nv%}%IJj!d(ZwliTs*@Hf-(tK|CQThno{!-H-DK
zNTDcYY&INDc0JVOl{p8QSgnus<I3PUKVF%Vf1(ve;#?hPH=2k9h@;5Ur`5wXFG9(^
zX_1wnETh(Hp24*_K(KTJ!s$8kc}Z${i2pNgftaW`+TlSM>gX^%1XY=zeo^aSs<bCM
z+RtW3xQuvgu6NIg*R-fvrXTL(wIczfD>y^65b<2t`JmQtx=z*X9Ift@6{N8PV)0Y2
z{4vknL&>#J+G2IaVnct>V~;9Er6tiZ1&rofLA?g?D}t)Z;;B|L>s=Uc_X3ySsfO+b
z-3`P+JOk9LP}M(bqUK;VqVhAXl9E+waKzhGskK+^KPXsOGetIOZ+E;e0pA(yj(TB&
zR4i|3RsR)+>+ICrM{wDKPngxrI;bYj!n9$2HR7&${<U64&p6EA2{Z4nX~pFqqmj1!
z<g&C>DBFr`$#%3|9@54xt&9{j{gKOsi1U}bRS<6Zfm188l<zi&liTGe@#fq&=4tg(
z`yaKRc_@ehw%x;j%<{i#9h7S!k(#wZ$PA^kf(0Y3_esJm0cCr(TtCmbTc%wcbc8I4
zC<<)pUir;ZH%E6lxv!*C`+3``0c!hVxiennEP&+se+nYM0LEsi_orsh@u*pLK6P;y
z(r>owmG<kPL(I6}Vf4YF2SJ{$H7kGuY*(%)k%<jYqvLX*dkgYZ08(q~$v2D=p8O;G
z=&9DDP}-b>;*D6_%~)iD6|YMx9>;>9jwP3$8~umw)DnM@)GwM7FxPzDx#4SvtS2Q$
z!3_2Tr&BJwnVWXJQ#?UXbXilQhgel!+0!xq=-w?==1J7wJb&y?Y+G{<bgT!+;h}mK
z-lI_fbv<!VmH%j^IT$*s5inqAov{`ZIBota_fx{I9Db9dzj)kf?mZ_xd0zpIeFQ>I
z<Hh>GHJ%Q9foaJ#Xu69DDl$g~nxK8TzLhrz1~Bsxk(x+nR+LeVCXZu6A@H^Zgm8x|
z<?B_CoojfQvJq*G2D>~B5%qHPZbWlC?$IYJ9z9>Ha-k|7X4&Grf~~;b$-cI1`_DG!
zb%);B<sm&Ys~fBKLOCzELEa3uT5=S>h+~Cn-Ih14(-t`cRF+*|dG1hS?Z(KdS(ceF
zvpJQPq{z`7z7<X1I@6am#iBrK?U$W3H1}-iJQj7Vq*Z6e6}RlcSpg{nELCIH2Nm2i
z<o5S4&#{OtI|V^A`c;Nig!;$jxtb@F^*J#A>~gLcz6RZM-C1io&LFgZ8P#l@dov|g
z9*9>#?0-d!q%Ui;Esv6A40GtMUguqSF9=7GL<Y3%NRYHsT-arEn+;66#V1R$U6q{Y
zT_9(tBf~TCF52+^r2Wro+)UD~fHTk2uiEt`x62x`#70HE+j_jMV3YD?QXlYKlU8JS
z-`y&YQz4+MgrGyXZevc2hcrd7?jwIOZK=24_y1-PZbV}%*NjdxlH>ZDu<(v1vioPy
zI*s}V35`{$p!!4)%kD>%hf(-bkUI_j`Xfr5=F{jhJbMd3%tyCf7;Ht3ZNJrDZte}u
zLo_WEyU{=qe=XtvXU}*kKzG`tV$FHM)9e(n2-zlb?iz*NMF=3@<5ge@0f%F+P=u`n
z{>sBbVE;a2@$4f%tMSWT+fq0+QlibGSC1a14ZydaSow?meJgOBhLwqURTl5E-m3mk
zVof$?m^^KLnTB;Gg~L)<2_xV8Pv%0=$5V(5KCuH2zihMrvVQPuAqw_}3?0VvT^TK#
z9)1>@|6zJK9h8NQg3B+zkDeb(Xcpb~qkl8J<oLqAF@zMF6nZD<B{)R_i;G-~P)`9%
znkM~>0&j&9e8jKW6$uI+)WiGsJ{m{=!O5FD(t|Te&NX@^1oI@^<8fQ^o9%Uk_d8e7
z_-N8XK4^WDD+z<F)0&gy&ni=M?dffYt-9RlN|v+D+=tathwc_Cvx$`;QTyg3e<^Y)
z+;b;Vh-lWsdkIPl)^8H^@k~G^1eZNd8jAia=mR>Kd{-hMjT{p~wuVrSQVOUlhyf5T
zFt%ll4!-4KFpVPfhRI427f{|T;XZW&d70ZVKJ*Am?WQO(&f_<e7CxOMoR`B|b}h_N
zy<uOS?YOJzCqSQ1{KCHEW1MzcWZG!gQ?)0+ivzO&YekOX3}+9dd0XNI);al_`03+3
zM#Abx=I`oqv%)(=b_v%f>nW)%;YJk@nqa$WaK{x}t)@dt@MdJ^MIO3%S_`?Zg+3LE
zEjfh&<Pv_o0W!D0X#Zo_P~-5O>ByIK&xa|+2|p5P0e$7lA|4Fj@9OMj;;y|GtgD|<
zRyUo<;ned9mJf*)X@rSeW@}?cO=|E58orB?He-OaF_k-l=SSXsqZMXS*cV<uQxj2|
zlc1L@c-TIO<I6%Bm)>^0?=9(7mi8FUcMYPJ#Jta&w-U~!C2F8;2#3YEY)TCNH6_32
zv#ijx;1fW_JU;ctb40Li;n(Lm8WSxiRJhYx0y`B%mz)DSi%qiyrao~t(2!sBhiPeN
zc|8YlI8&?HFk^zXV+?0-Fe@M>HKWmrqeZN~3jr1d1xzFYD9^C%Qs5KO-S3l(3$GQM
z+eeo?!(3{s)1D-R$*;-vnh1DXJjgB1NmQ4NQlB6EkwPtR$F@w;_eNN%wJEF>67-WJ
zmyS0BR773u@QZkG>fyL&%(6z*GnB=p<_5!)ZjQVbFvtDmcNJ<*m%o?PPD>_fg>rB2
zyY*39ph>|eQ-^Vq5=zDFmLz7QxqZ{)Eu1pY#!cdgqqe=&!oafe73$Zdb7>ZFy>#J?
zf#~s2*El)(@Y8RZZ<9W~Pr)@k6f@6$M=nO2Ev?KAt8BWF7>bpf1KXb^$s(s3>G<Y?
z^9>mNKUWr)d7oBu^++t+%{T&1HC|R|$qn2D2G@vq<Vr=oAu;vTpiw>C&w%IHy}!s>
zi&<*wLe|c6aw)bG(e&{6U7kCcj-_7OqK;YWS4?>W(5|3_TZYRnRB^~XKig;5g3!g<
z9H86mTy<a_2L8yt^5-8?J!!TWzGjaq;j3oa=4^`5GiPtTC%d9#DK><mTVkkklo}7<
zCw_uzx`w)_GGUX=lbzKYlILN;>;P_&qUpJbU65WPAiIwXSn9+F#|R<Jv@3i&+FOXl
z=Hp4H@465CZxIEox8vOBt2@doM@=QXO3e94Hk9cqK~AM+gighm#ijzWE2H~gl>HKS
zJK^Ejz7p5p(U`(X?V%LUEp*KklJKUFSIm@2Db0+A>v#E)Q0R#rwp!`>Ej~_U!ng(~
z)xv(7?4oyi?3AcjFq$5!T-TS2NjXQ5Mhf-qSD}-i^Iz3bp#<v$SYP59eQ8}70V=#;
z8)iTzfnTUUl?{8yp@xn9N7_Jdl(dqIsMncb0TOO<|H}$putLKb!T6|E_G!KD^BOcp
z_V?of8L}=YochH^(8*Cv*yyNJq$Zs}VvNrc9Q_bhx$<oO`DZEoIUn@OT$y|;BimJy
z%T*8ZfKP3;5Zq<C7M1X;#58P?JY|yvbgF5`^mcQp`1B7E`7#n3A<iuYt+HTXK-T{M
z46;*i?UCOl%`n6qBHmglS#;NBPVH0|CMCK&vPHIq`PhXQ_0)F5mP8&F{M1{o;QL)B
zW!E~b-OVj8Bl@RFqDzG3E!9b6mqV>q-uDaH(C(Z`TvzkvBRt^M2B=hPUHqRg><7V3
zbde|N1O9E{dw1rDCSF3lY`V1b`Nzl&3!!s~0I*$1*jy~u>vyk*%arOP+{z2A3-Rc?
z>fJujdrYAWB>_$+3N5L_GL+4sE|_#C&bJ@~{HbIAxYS>iCkTKx^dneNgBweuVC670
z82+p52=-tmx=EW0n^`s4_mqzs^>d?!FXE6aC)$R}TPf`;1}5gNmiJ9ikC<E<p?#iH
zTraa<MQ8Sc^B;-@7n5NF*1g;+H?xe*SfP&`k)s4v`LXCOs;dJLNjwwLh9$2G39gb!
zQVhByoT<@Dr)_#xtK<P|$1Rnr(E&C{;4y=F6@fLi@d=?!&1!O8xiMC?jqZ==?1yLc
zpMpv8165E)j)_X7pj{jjA$zt@9G`Mn?(@(?We9VsKS4WrW*Y&<4g-`@^2WACH{iOc
ziNNew0p$=qf&R~ZV^>mvRvNY}5RDcti$5%_`4*)g+grfE&b|Wv=KubnCgVDTt52<)
z^Efn`H6Ucb1hXO7@mw0**DvRw^)t{C`Jcz4)`bM$+0}3IYLMub68y$yH(|oYI9cTY
zJ=*zaSTL}O*Qu^~ooXcA-QPQud>XWv>p<iMpeQNjz`zIrq|sj`p9T28-PBHu$_s<f
zd3eLR&m+KbdpeKyeL_wrdj2U^(ed(da6pw27fRjOsVUGn1kvdXY@^rT`?dYgb2N4t
zl0oe2UYDkjUmyf2sQbJTTyk}y@K=8!QOt$c6*4VX{MfX$gcI3%qXt%v{BL=eBfwey
z%hs!16MawD+FD#s%Q+a@@3xXVo_0I#!aME`J6<eNS+d5d{H1YweIV~#c)u=DUc`T1
z=00X$mY^8B&&t|L5ZT&Y1JgqO$7>m#Qvc3R)_Lec_OS#0eLu^$-BdszjGKoi|1GmQ
z%(7Zcv?krI^~Moq&ku551!thQ>yy4CSf>!!Ki=@B{9>Bb`*zj!bhYJnMoCU$0AfE}
z_lZPg&s`SQXbJ_Cm%Db~=?yDoPrFDL9O*Vp*zqawc2gipJQ)&fV-qlx*D34N`Lmdw
zYWL$jw_0_#n>WYH%;tWhte9(%BvLzv__QC!+=vjE<rpuz0<UYa&LqIV%3oV_ynb%}
zSlnXE@b44X4o?pckBX-uc**ziP?c@SUX(o|N8Xk2kYL=xz;x&lErDJb-F_qnN|shN
z<@7i)S?K2WX9;1%*BKprhPL_1-NyT85rJ1+ci+!Q*7dn3+`r$?`n`qKaR<CA>^y}1
z{usgQ6YTII?;9~V)=TtGy?=%wn`QPr`n4g0X#v$Fuug;I!oc#U;%U2PG(K0gDuY5!
zxHHL~MAK~(N5=KScx|(qRXNP$$0kc9?V44*f>ed*G2xr#f@4w0mM2_8=eAjd7Lj?p
zsTtZ%deLLcnY)@|H2l%S9dEnf!zZm@@&qm_&5Qqgu&ynuuQ<?QnhF@#z|mJIaN!5Q
zO1eExArceGtsm2{?45eq85VYtPrbo5J_AWQFx(rB!cQ1bXKYy%=;x0viTx^@YM0!J
z%kHj+_m$2~d~F5ItDJb6hY+082QD%bk{VOH><}fs<1Er@Ahfj*Mv6n{3*JvX&OSC{
z+-(Ja27{!r+wuG5as6@a_GG2W(Zl1L<4?Z;U~JUDzLCr>sl4<a8Flz>tAsEmoy8G&
z`)0irY@-<%&<`5hwrkbG=^UaG)e?~o59azft9Q;6ORMEosz=LSNxcmuE}k9iLyM;i
zE^`exZ<!50e{m@}h<R2OZ7_&EV+>de84^sI<%o5~EHgUf;F~wYbVYJ2fWl!W`QcP^
zVI=Wx+z4+!Fu47Y|J(t#QX|S8L^ZB;l9PQAFT#895pVKqf_+I%duSiJY@xj-2cPtC
z9KG7n1#Crvhka{;2$pA(2Wck#K4r!afyluDI-vQRzThKXXHK`1A2a)mL(rDHV`+H<
z?ooXPI&R8$q$s!n>4L2UGQnq2##Ib0?E)8j7gUUon4o$*+qtjG_?BA=zVCw+)$t=8
znzhJgRAe=s<yeB^+PRR#A`38z?E6Ez{TK5*gCp;DgfaD9qwqdpZpz>kgmjy$xJ^*G
zHwIEagq&$&;$ssYe83Z@cs%}!N=blV(W(5Kv2B)&-r8{2shR)J4ht#0@Vy7=u66kS
z4&i&+v|?)+&4GYZBm>rDSiNvH{2F7TujkwpI1mAmDj<`%6E7FmM>~1oWMuUbIO;!o
zZubq}hgM4m&l-FyTSVS+Ngd31YgJYzjbUPcnRsJ@$!@6cXtUQ-uMvJKM8AP(rM<?R
zYR@G*ZytA^%wT`$(J;nr3?*Tu8KSyxKVuTiJ5RUkiCxrNe@4%k9C%k$h-N6bqnS_O
zQwtJ3cB$TRAMB00;Z7uS7UfojvIYg0P;@&5*NzSxyA?ARCv4Iu%U{!}SW?j5$&V}A
z3Xit4oevGqc*w(QEe7Jg&pw*Eua+z#Z8rF{FmXX@`K8pv%{sZv6`JBlU`aP>JQX9k
z&~t$uCH5>~igw~hsNs6t4v+~8Q^Fyu&DSF58#YKu)Nf)ATc0OO)ifd2zCfq-RUSw7
zFy$WH#CGBoZip+!e?LiCkKfh|G)7h3U-0Kg^`}Bt4uV1SkbpiuAgVCl^w*b(A3jm#
z;KGrmNaT5mYs~DIamO)uX3=6)>B|Rc-GRq%WOp;X1wt@qOj{_m!OfDVRU6meFV9)_
zKeHeF;o+O3u1qhQo!*pAuaWCu1FdWT+_St|-nIa-;cfL$!BP2l?~c(bB32Jde+|pS
zL^chxIhODQK0W>~RO)!LyUK;?HfcsiQ`00Fnk0}PDgusG)6bw{ISNKF0yMd;rXdnP
zoN$;(uxpR?%7BOM9P1U0Si^*2P`eXs-^RmEqfRG<nO``pCiv4QTkS*aeOOGHgY=v`
zW!?6f7z+XBSmBZX!=hakK5R<}iO3sOW7Qi2i6DR2!wqBZc_U_}>IqxihKls1>!adQ
zCV7{t^N8zOO6JTGndWzDj$xQJDc8j+?h1*dqSMEu{@QkSWJMB7JN4mqtW*AasQw+h
zG1T-P6RWkwfj2kNco_KD4dxMNcjk~$`1aeL8*B2Q3q9Pgbd))4gvxi20D<{m_lTx2
z6(8P%w2s5eDv)S*9Xwd$tKR;vVRSieV!Bh&?IFsngsPBgeFl1zLlaZ?c5S*Tqlv>a
z?Q!NL)nTu)QPm}bMJW!gquELh9CcExQp6Sq^vd{9?S;|r$0vI#Zn4sMI&oTE``h$%
zKdEA9-2<<_tqUZ`(+(p!w1{z!3YdPWpHVrwM%Iz^U)_bOg4VSW!TQBn=>VTmu!1~;
zpfIkF7{k~%1Vf@dgk8vQ+q_2}TCbj{u_#3D4uL+`HSX3wB>bhoC}*A3Mwg@Ru(KWa
zxjI9UZPAJO$aTrevUSAmhAl|ao^}3B15Y`1Ixu-O@rGC<V_cOiHlqbFlseD>BJT>M
z)iFfPCNgTNH!wCVhR!jZ^xeZ#1ArF2QP}p&xAO97kWFy1tw=`<Pu>3rS@^Zx56c>Q
zd$8oV&wKq(z3p<ytsQCS>kZCFT_Lja7Cl;4Q`Ot&Y$6?NrcCB4oEc7N-AZgq94O_*
zMHOlUj1(QxTf^eoke_<>GUW_k^p9!Hqc5$<PEnK~%DC!qE4<hTn}v8cI>$a(tC=^X
z(NF0pFa=D7(%&wcY}22v=#67~2F6{RY94!is(b^-l&R63g`U$5eK{*_1x{Q#TzW)K
z&NS2c#rcB~_p%XnS{&NyUuK5SDX)>+pI|Mi&$ZE#+h-xPr2a9ZOolxF)3-ygLzP1c
z_bT`(Y?(re(0`fQ+<GEa05fw)2!Apft)Sscl2CC1VspGI<jrj~`rp>30rypwuZMi{
zoafz4LB~$#8Z^Oz+8yMdOUIvUZnnBiGr_e2<+<cr+fxY5<IJ<RgO<9>w;#)@HMf~q
z7DQ5(<t`44B-5aQ`a-XUHVgi8=j0d4<uS@?+?%(J5<{>lxL*Jn%)A9_IU@<jPxxW)
z>wY*oOeyW}C@mN$-LZ|=DRt4WzjZy_{c#BNU$ju>J*iz*oUNu$-Z@a8Ymzn8ANb-?
zKViP2g%dGQ#ioa3;TH@S5z?cMK#Ae(;P8Evp@f;nGbgXJ^R4rTV!MK&-dZZzA^r}k
z6b;Jtc7acIY5XdY{?#&~oWG<S*KSIX#}*3W6w?*h-dMx{$BX!}Go_qo{iKscTuP0w
z9oeNlm*Od*-n4EJPx$UKeq)PhBH9O%tA-<_<Sz$UjYu38hn;IL_Mb5cu~k#N@*$ti
z87{Qlne#grMOQ9)P^x`XbY47(!mLZ_p9F!L>i-Fv8PDi;y;vNbXk;-RCOa~+So@&-
z34A}cx=}uR8LW1!(}gJXH1Yjd17>8whM}~?PIVq(fNkPUMnr_aeb%WQWyTfgmb_eB
zf1<ew?{Y}b?B`?c$WfKeQgu73ZT5a@FXuW<RzRFdOV)@mE>cDnZXM~eq$z@HlTljy
z_am~5Y1?Xs8>^h@ug*)>3$Aj==6?QGGopdE;KUd9ptncEBfXW#kemKgzfj~irQ@kS
zkq16g#NvEst2xbBI_7r==CQ25;yzhSxO{OUVtDa|KOp~8t`&5toXkj4kyn1mXsTFz
z8=Q)_yTDeok{;XQdQwW%%ptW?NKL=dg*6d=$JdPn`(P<l{HrOXrD;ANPyj^DsNy*)
znkspR(c3r<xOC&*8q`CmNQ>wrqS$mw+P^%#_#aRICtm~vOC<KCM)E}EgO6vHzBem1
z>wFpBzv~#D7sZhIApO&o{v*Bg`gQ-?oC2-L+fB#ZmO_?2gHIW&-Y4iGnE^nZ<v-GG
zU|@E!K<`Q=!hqXNCEtfpQ=QF$iq^Y(zGr42iUOen4h=^29?UNnSl-v0x*mhtws$3A
z#oZJ;W%vC1-Ld@+r;T_lIp5>Q3hx(WnGsvQ%cY~6X-*jbcmI)+c>VDL2*ZuY=Qi55
z<GlN*Z`}6)l=U*T|NE}Q5p><TvuK+6(u?(ThFz?Nz1{oq0Qq6D4mk8V{tEg2MAxtX
z<Jkm$8hE|XcdPsK#3FLq!=5$SRUE=F+=fgP#dmu=?*?1Jb2(z_8=2*Ow5>}x>Xr(;
zQq$Tt?V{57xQ*{FI(pKDrQE?Wb|J$^=I@yScX09J-v6CH`7_wemv3jZcJ6zr-SJqu
z-Y<~oUN1^ME_C^8A;>-lV@HX$&t2O@9!I3-M87qjurr<qr*&H%`{&!w&UNo+2Xe=~
z4mCKXV&!=F9@`_lj(W1ZA5QSby>c!WDqi|4eD@BbpEId26)FEC*Yx`E8wbd>kZ9kB
zWn0Ga?o}?i=ynI@hhfUh>NU>$ndvM-?_DL`hZ5VfXVmqVn`GbB@$&qc$Fl{~OwY}e
z@T}wKmx>=sBSh!jYBNIkSx-+i+}psL>)h|zf(D~~PlBdRJI<TdpI}^g{*{>wskrdH
zh|i+M3_rE|xzTpJ7EcKV7ES$kJi801$te;ZdMj}sFh0Imt~Wl9j{9uVWOaD&FEg9G
zxS!hzCn~qzZl3>S@xA_dliufb6~yNuogPOHPvt?xd*wgCcYgq@w6VPYLUF@8qw;F4
zuh-b~aNXADn`PVf`#m5s-}c>j`YFce@q9fmCntB1ApI81?F#T~uk!(z-JZAGlTw4V
zE5CpZ-)QFlqwOujs`}PFP(Tqu1SO?JMY^OLq@=sML6D9`gOo^1cT0D7mvnb`F1i+Z
z=hCfz_u2cL`{iCgu1BYHj(o?jMoe}X4|{B)+p1Voo@a==?r~??V7sCx>TM6<-MBXg
zuA8g=fvfb2BcZoT^+^}{M#q#A$Jz&f0K0~Q0@gJyC;cq$itkxp>8GKUet#~-a`Vl#
zshVp5Lf3YkbY#f3Ulkt&#gap!Ndkg|B@ImCz;30=*mBkm)?yD@b2B(%ewe(7pu+8|
zqF*y&P*zPY<Ne-ZSv!Ndf>ZipV&txm>}-jb+kCrBQs^1qB7MOP1#46-3_jHDtd0mp
z^3#&*-=g#2ZfbK7l89Z~uaBq<UUk!dzo1Dz-BP08k=Qo6c`bd;fB)Fp1AXt+*vP}r
zLSHFQxLwYTPxiaN&D~Bkos?a+x**vn-=BszwXkpiL#+aHWm0I6>ozvzzNg4-tHk|!
z-Dv+<_-?`1s1d{cu#NDld6n?K-RQFS6#zB+@?4yPi^`|;u$zt$7J)$DN+{$59Kf4^
zu<Q9c`$^)yO&j2N{H54!cDpKb796MLbX{e{6_kE%S+ddOG|Ndacq#k#=0v{;8w4CQ
z$4djjt-7uLQv(Px*ZOfM2H4{x7L{kHW>L1a8t7C}L?!a<MqZ%Zj$(qRkT9w_=~Q`I
zrruJjZM!;l1L-b`0#*a+2TOavl>h8OQx$D%*WXnzk$s70g$$|wbgR#;oTbs#+wWE%
zNSdTNh8FzbTu!&mO>vKPHd#}<3V)_aAL&XWGq>n;^9RA38+?j<#HfF97e4)o&AFS)
zO9MzSGyy;xvK}NMi*#I*RJfd?FG{0+noD%w9%P?0IJ`t~23Cv9JmSXt83v;LkHt-n
zE!^HmHDBMD9kfAPj)B%cO*4k;0ui|USq?gB_cVSQop~->Q1>G(ot#9Wpvi;<M_ql^
z==XvNrj05i4j#YSZT~KIZ}+77v(^zrEG%>q&)Zsd^V@md7vzKR#A2DF$_Kb)5zzK=
z_p&8k{xSklq^A#HR&DMO(UpB<M+ICcHbD<F0E92VyqEwE5gHn_d$kfgL<1qC0R7Ub
z*LAL%p#hN-X$sZ%jk<|=21)=+p?)JiPvR8mrd>2xL3!?mf~mBCj;gcQTT{=Y4r5x_
zcdhMi&+t}ZamM?7Fb4G4vY_A=mwC{5U1-aU@#7=`?Z@}m`C5!u1*vUdmmy|**>($5
zVx)sQ<a^HPrm#B9S^al(pK@BIvV)g=s0F`!M=4S;5vRu;TXA5;Vf2J5QzVx0y3Br2
z51Br~63;Q<4(?D5Ee8);QvzLWUGVl#S9{YG;DY+sCs&9U2VV{{qXI-qN^f$<ZbIMq
z;Dfr(!7|(C^ZGIeM}tg4grsuvO7!BqYHzK+ZTpbq5c7_3b>(Yw15G!)->lK6dy2i%
z?;UQ4O2(586i7V8-q=QN>i$SW2TENw-SH@THOfj<mtHTPHz72s1h1;)tM#P^)JJYx
zli&{4TE$B!r)^EVH>I^Di&{c`KIu^Ut-<(eaV_J~j}~j^7$G_k+hns0!#i%tU4S0@
z1oDiLE|F!?%BBf&ni!SO9ka}Yr7V88I>joQt+pqlKtWzVs@Qyx{GK#s;Z4wowqWuP
zXg7G|$$e?mrR@uE7YjSaK7zV-xJQ|jiPK=IJOWRzLj8w@g9ez;U?QvyfKBFhMs6_A
zUL0$^VpxvwY=r;SCibtsy0aPNQUbeHyIxm{<9gCenaH%c$8UYZVstr6cdwZ8XgH=T
zW_WbQZ*VJrX<=bWfwA>Cs{g)#A!qw*;#idv(z<Z@#HRVT+cJYLHC3dHHSTG!%lo)(
z(RO36+;3>!6|xZ($e+ugJmRCx9nr~!>}jP(qcrjTiZ0kK>_K=Y{IGRjt9+kC8Ptid
z$$8IF4}gc~*?YZ@^djqHJNlI|>S9r6ueP~>jOiwT(RqqJ@|ei`#N+<phH7X~f?>aF
zqU~!(GFoeJ+08aDJXwKBMdyGNbs#$tgxg<(*`(L)dDRPt8cx@;<kBos6?;J$q3<dZ
zwNL9*1Vj)QP+uL~qwm+eyQMw$SJE@>?!#z=&7H-S?4SUb%lC*UJP8Ko#fIgOs5D}|
zr*?*9<9iJxfZU2SKS|i_9b3}qh?`K98a>3iW{_;(Ma&fP$@IV%R`fm&okDMU2*CeR
zBP#fIU9lf|afLEp@NQXrH=#cn5OGjbew3>z9@OzpHmMN6PL4>m3pyWN4V&Du3Bi4)
zC>*$k@lbDo!qWia*mOOAkd%}pYQzuAE(l!{_G#ld*Eo=wH<SX<2<k3U-!Fd$CJuP|
z`u(BCgK0^l^aqGM7CE*_k7TIJ<%gV9GiHP{w(RW^EDRr<KQPZ4W1ormM2xrrw?qcT
zB$w1R#AtSH1(VOm5J}tUL$R<m>droSy(M|A!aYF(=f5e)772e$DenXuNgM>~p)H_l
zF}LDV+!2V&L{{|TCDZGgzB^5U>-~P%tM|#w9=^<}KuP9XoHdX4yy$hRSQa6U0kH#l
z;<p|5%6IP?k#oaIt#&4)x%xU6V=}*Vb;%7?6Oz?fazCWBJI36VRTjg6cOH><#L|ar
z)FYY#wg49D{tt$Ue2DFo><Pi|U`g4h5KW)iBC)u_p0LPr#a1{?5GsfaJ2gJM8m8G+
zCxU%X{F^TP){u8&zu>sJ9<3EM@CD9(e=Ze@Y43U#(5~F<Ea1~@nBcTeAa*rfv}9P0
z2n-dKTuW2rJkNp0CYED5n$HYiym^t5F#^FAs1UfqrkRs27>kSW({uZng$xp?Q4G_j
zfeD5J{m27AoM661>9+pV!69(57P{mk%2&*REJ3^$1H++W%h4WWYf94Q;ema;Dv!FX
zdA@Z|N@Z<ipbBg$iFOTJBmoO7#ZRiQT=ihG!}BHq-NL9igzZ<eAr-fyuun`T6TQS9
z8ibc7r{N4QO0nh{diM3wGQ*9#h(_=|3oX%TZuVEqViXBuQ*40odzEZuN5KF~8mF+?
zJiw~pYn%C_c~N*>e*%7{W4dd0{Eft;1{C+J*6-(6!?fMJ304)fc!)3*e@<P%PILgO
zQ_^xhi&WAKy?Yb@0N$~ZGH|hs-gYgSVzo7(QPqr5^IgKn_vp{Pc!#?RkK7)rBas$-
z)%ehqJi$VnE!j{M5f&SFOh;}6`Y`iz0k2z^ws`cEWsIyM@oe1;nZux%D7Sp&p$)7h
z;JJd)wk#|hFh~Ro90X(K^-oN<Z0M6|#<MUOjK$mNS6$IcziMrIP15AqGu)m1wzn?D
zycPZQIwNV8!NLS(T)Ttq&Nir^S@6KMm;s}<F#jQK2D&V46w6SAHtHuR5qYrZ+m)5_
zikRrO{3P}Jh%Wb+Lb2tFDBksh#cOT&eEz(QI)jl$yMQK9-X<82WW`xw3Dqoj&%~u%
z`Mtrgrssl|^t+Eaytp?8r4s<WLrf5>ZsauGb^qVT8^0pt06@7f8ZR0+?DrFrk~Z+!
zQ<eY(UNj3R4d=8NuV*B7@m6O6zQ?<X-VeMej<sSGeEVhU>rD$Gtl;u@JRMCF+dK|o
z$cZnUs3AE&PfdX(@r2Y|=u>(TW#RfY`Z;MS@?Z_PM9|Wab2-xKvtROzM}}H{lecIC
z>q&)m1V{K@C+&4MY>FOWmp4h1o2YpKCyIQ#9(M?Jb~G;|swkhVD=8nizA{L(>Ct_=
zD|X<RQcXcvLtq3M^+J+X?VWsGe8Qp8(%*RqT#0}JdPK^Q_5Gp!*EtvVS0}l32scbf
zE$4Dp+sc`0qs7N3El1=O)uJ4GdPFnE&+^B*v9rZm7SLyK`!3Bc%^H<u4aJ^TTD1Vu
zqLhw-RAX`ic#xH0x^Ux}HW!C+9{iVCo)*a;U03TE@g35e^52j;nnH8CO{+QzH3`eS
z&=<__1hHb-he8JOSxw$5&k88OMEs!#+4Ljtd$sP4?{2RF=o;0iY}yQkK>FL8zl!~U
zr|z5XUilY6M!^LgICmiLY3amb30#7yg7wWO`5Xh1d}nO1kV1I#ew9d{<4>n7v=L=3
z--u;MU87AodspU;g(#G9%xxZ;<3Bkne+>`nu+XfABx0fMls!1Vew%Q$hwNr3nf=he
z;>(YIBZSkcms1N)=C@yF1_R}AkyQL3nS53*a7cx}m{n-wK$+FAAsjIiCQQm!JCM(%
zSOD@ZHq8wK5UkkaJvDs+8rjZo-R>W<d#tZn<-^9_OMkqC?isUYC3!4e9Cx8esXH!j
z2(zA^r87{HIc$UiXBvFCKOE(u!ku|lo%{XWAgitPZ8Jct$v}BJbBwz6cbBqhy`9%1
zq}8x{rO)q|qVyTS*LQF*%_{!^_rX-_{IFovBClI7Hd-)7G=CJYGKV|RLG%c9YV?`J
z(f(tYW~)EM&Y#2d9Ao84s)Ol$kMiKvhQ^bnjpn3?C8<|GDOXKInC6oI{3p=UnDd`i
z=Z`=F`tv_5-XA~>`tv_@=pTIo^yhzQ+COR{=+DL2zk&4sfjj)(A^uS~0e|~1=J7AI
z<Zll5&$mJ!{{Q;oY%Y=a;mJ4pCCV<o{0KloU=k-RjD!3i@Z<MOd;^w^rppf61-EN3
zlppTmxjW*qbURHaY`DAH&C1HM6(xa#;dBDp5BleykNWXC?`GW^0_4rz<$tz(|3iRS
zUxX;h{Bju(bj_?L5HcvUcI$uk?6qo|H)X^fE^w%4R52B>rjQ#oy$J89jR|WDSHpd#
zNIl;opxBn8Kdjvt`I-k0<`ob)`}2SL=L>-iVG$sn_vh<&(Kb%lh`)*OS1<UQSA7z9
zn!PSg>XdP=Rz6VHj?Y@1jw5hHLGlB?m@3$8Q|vu9#;AX!*#47}9!<D@ksak$mZ)DZ
z8kIi^j?*r|hj|bC-)LL+?Tl!*LodQP%H`A32<Y)a{eV9~GQ4s|M_c{LEJS2XLWy%i
zr|H5&nY{(+fS=pEBGB1miuz0FvAT4rK6}vFMj#&>%;(>ir2I2%02VztbGz=Kkuvcq
z{4r-1v>@pHYP8_HZOB1b9!_in`(hG~ct-+ah!AqS;5+XRj*EFQDA@8Tg~&li>^V8W
zT>pJGfrY{NgDU*#PoV7BOmZ%qxwgDMHv{%egZ3u}ZC(g@<-PVVK2E}MJXX8f3*?2o
z&KCE%KmYQ1^1V>8X(MIZ_e>&?b=3=I$p7)~_wxsC7pJH4?085+<Uh~Tfe!1g+9B`D
zw}qVvmDBVtxG~5Q#-7&~a{&qEjci1-3W{(rOTf@EN2$(T6gUr_adI2+!wt$jQD4V=
zrkSix2TM%j9;X!$rG=z4T$;DXl~>qYUcF*fzqNysyoI`p_8eG2{wNUc2Y?8ko8#V*
zY3ZebM2?8}Bu{lTUT*cIqfDcCE$f=&+yt#IUN6bA8oxQVqQpJ+<$k-@fI2T<%|#ZQ
zYa9ux+kOL%RQmZwmY7>oXN+lTiEi}RMVkgi1Bt}P0%h|`$w*=OBPblhTfk`!8RTg9
zJo<et7KMWy!%>o^>ldvT1p;51i5b58s96CNd5;pT+Iq6@H*?W#BBaIj?G#F$2*!lM
zQ`#TqOavf{;kYPwCu2j&cN2haacfY15OV2C>+TY`k*_o&zMJcY6rlG3!<~q5FRCqD
zrzv>4yZanDGj<GIE%`cIfP*M99do+xD(JjD_m*={?pwo<@!M;QIa8F4F2;=)V=0{S
zaH9BJX$n(q&ZfPS0dE!E-<^-=p33P9Sdk<LxH6njbe@jv7ULR^W5!@94XXw;jLUeI
z_04&a*4p`{5PqjLwSxJ*KmkW)VCi-~8&}eDT*utDD0YCXM{i?5XPR;}!e(n}A}Tw$
zvJnlkSpNdqkjmgvSHZEHJfZvzNM)q5$&uI2M2U=;foWY&won0BZ9hLaXv^S_F2GVb
z(50*C&l=5mhi5;XEwO8Nl!oiZCI^ec;;u#=RndOiOj9JVj3hS6=c#okQ1a9+v3x+d
zr$_o>g(baN86EL+AFN&;Y@bEc-L56=spzm3`D(1}i*Uc2?jK#?Y!0-jk>I{u$<ZB`
ziTxG_^~MO4`*Ibe{fX(RD-U)(xgYwULb^modsZTf`$<cVgYZYm6VAqthG@abLjn59
zo<b~3^%2M`<7m<=vh3|R3+bwo?sNtEEt_-Z4fv!hZH70f`FnEuEwL^+>K!qf>-8l&
zNa6u`W8PD0iS{DXT`lPIqQbsPQ!Bv5RKLWZ(8cussKN4^oNAA!l>C`AzV7wH6f8zu
zb4X&X*!yYZn+n|Zh)Dt^Sc!_{sTq~cg|B6iNF6ctWiKTx3~*mkwe8l3fNj3gu64DB
z#q230#`NaP)%RyS^CF`%@;h$dq9<Eb#pSbU+|yoKoeXoekx}xaO|<q3h)F8$n4**2
zs~0=r_h;WYl*XV;OT8asqhsl2>7{ETpWQ>*?DT2w{veZjP}9A(U6YoXJFq$63yHd;
z{v^iB1S>bRrX7E>rm?6kCwlD{Z_0N23CBzmF@IF>o%D#)K;2h6-<jPO7N=tKI!q~R
ze>8q#VS2VSe9aj02+59Z>(EmN53Z!xu3j1?hlbY*DLb7ai)34QE%C&uX!#$)9(8ky
zA(*zEC6z3!qrYsUD6^=SGY+lS>$$J}@+6g`<3wk<qF>%B(>RsA=j?g0nRpt{9yi4{
zM*&?V4=(7YQ7@4&VI%h<-=jb5>+L$-RKkS&cZ?z<28(P@R6*n3C#!l>eJh=Qd%RCT
zYBSTQ7X4004-HF6-bp;*8f141mC8niXvf9k?Aa{P7v&xfslc<rhN=dmM%HNzR>$@4
zPgxTuiNg_KZgDZgXNuj;ea0o#UChR@%RgsDdNPpa*Sh^0UE6<0WD^53DX(LI^p=rc
zVXIc%+CUnk*MR-eHxu7`*#g9L#5=zvf<IFY*fxQ>G5X?Q@qQWAoi)DS9I8dZ5XsVi
z1Jj(2P>&joQpfT`QLKDlg5j(WUaNPP7{j-r<3rb1%t_0V)C%MD)FfJ)&^-FQ#~#Y?
zI|hk|CWk5ZUw|H$PV<Qt;Y?^z?C&@pgwN|54vbvnUcOMT>ite^hF|ITJ@Jr$*i`EC
zqRPM26Qa|)$Q0e~O3y!i$(Mj?c!`6^vq@5P!N{h<f~;c^BW`FUc=wAh%s_~B{q)8{
zq^-475$&JW6N}Z1a4g>TR~k}L)%ODeUDS8AI2up;*{}#Z$eSt}B=xpamlyCf5uOUn
z9#}KKDe$OfX;eX;t<C?2Tlq2y4P*A>=vaCim!8CfNm-fLQe8I2vkaXo(N)%c|Fl@g
zz7U7eADOoCiuB2?S05DvaxPaZrM_GT+j-?Gno82&4lFBRX4Y(R$-LOL)yXRLc&3SI
zf>j}N{`Sm|snVOHo|qanBt(~k$G8@o&NEu=ioI}2JnCVlaq(sjOWMF!A^QAjv>ltO
zM9*J6uBp{3S61j3=en?|7RO{wU&20Sj>?UemhRagWSsL5tRA|D$CMsC{!&P%MTJp@
zl}jIPUC?LK#Ilux;>(A!y&ml;B^m+~u-LsU80hRM7Z89+9v(@#Uk6QJNHyJpY44qk
zksn&OKtXAsENhwt?=LppGoTR2^H>5k8L)>hBTX6ZeFzj-u-6IT;-mfkSe5CyOC<3?
zDZkDP_QXeI74J^fWR=%>RQJfwrQ4)4eZu_;<nf-m_6~@G%$2!<4doljU1A@n`>D|F
z6fzIW<-3PVOl#1B>LljyjEJwh#m&Z4RbF*;6Bi(enGT7vBcZXIB1K=4Q)lz;7=Dam
zjNI0q+^Ww?Q<mj6-`#x0HulQZInrn;xB6$VlDct${S2I${cSZxXIZN35PNU*w@O=0
zrkntwK#6l_oH(0dq=mRM)6PqV41Ag>B6GwtVVMur#>6M&*;3Eg$>qLKrkFolKn)K6
z@T}0^jQ$-7`hngwqg4QlSnako)=4{t@fl-VL8g4k(514e(vwC=xiPqbOp~kpZaFre
zOnlUGkfTB7v8Ziw9T<aE#nzp@M6o%Tg(Gk;Y@S^{&ho(L^fg(n$ygwYqT9bZ$x%F|
zJbS06=N<ZjA{}F#%S0UWLsflrs!0<`hsHh1NF7mb4k!_G^=Z-lPVRWI^u^;f&%bHD
zY6{RU)%pRLL@se+d2b(Er(iul2AnS?G&7K{*H9Q%EN@CphDsnn(NN3Ywt!G|Lr*PF
z;&=9_Ru{7AIlfvR+{5CN_c`yWjOzWD27lhU(e%CyXTm8DpT-B2%f?8#i1_dw$I5%f
zg(m*SFd;gzRBK#6N^zgqS+|p{W*%3*SSPN3#geYp$hO(O3sblI@tnJSUPz5o!A?bo
z$&@QUAs9r_JitLl3_*|WBvBN;_P#6sQJ)TjXM?L*v&%JC9>(r@rTk4NiNs6O*8;3)
z0#9klz+wDwIk%pjoa|Ucje*d9n>G@zJB(>|-gaL}E;lA1E84Iw?&<6bs+SSX^tCj7
z_|pYO0|T~0S%2_E%ln^gPrUV>bt0%rjG@b%fU2DYW8G$1gzxHIu2BD$_PRX=R)Qe9
zPk7fu(SXt&+YxV)`osicPzr-NaVi#=IvPa*F%?(9UpFUEy4z?IVB(TFV-p7&rQWza
zU8#P?aGke!&cOF-6Z0>oc3E_qTJn;@Z^BM@du=W~P4Kx^su+(qzjn!6Y^@0s$@h7*
zln>nPy!7~H1tTMQBR<K*<tX3PXrHl0vhIpvYCFYoXgjBf_tRl^)7RADDjF-r2tlfe
z&4aCfyn76GBg-bS#8}(#?o*$~z#Hjn=%5a&48x@qP2((sT};zXdS7hCP`e&)BUz8Q
z7bS8%QIL7kT;XX~cvkaFLs9vu8fqTB5C>-V%TMQU^1G7M{HKOdhb;cG+g=cp%qn>A
zctu$uX+ro#xPc^*DRcXYZcF%ml1HRLuhb&}H_BzJUn{98cTf%bE3uieh0wWq9m_m&
z1u8~vUS*QTRUi5qb9k=ZUPEhGCW$t#gR=^hFV~zyiROsx?-4p-jfqR-W;0^-s!(eA
zEVFp4FZix3DSmcC6=pcl4e*2MH-ed;N76iPD)d`tft4z}!>15A?sk17b>!|_le~n;
zuTGd*wcNC6D01h2iLH0O|M_xlQ;Q7%>q$1Mk{!)J*T!x)kYQjMqr0l+UjISpb~3Hh
zh&b7qPW~79-j-3;+x6f~)ZzS<6@Q~;AhoaZ=c3QkdU+JhSPCYCuwHe<dxG)a1@MSv
z`Vm7T{!4jzHZCV=d;ufkz)s~;_lhJzFdgO4E(5Y6TS$d8U@`*EUf8_Yjzla6Bx<|y
z*lm^gh^iJGPg%odbTH-$qSN=EFV?4++arH$Xr;-alO6#S_7(_BsH`V86O<2x%hc=P
zyi~CKDiKr!H}VKGrL!~%QoNRgD&g~=UpbmGKTuG4&9wJOIg+h^#A8T#b6fetP;&I9
zt2S|Gn+{bb-LyO@DXEjB@2?$5SlRFh7lk`=tUC;8YEyAc4?<NTLPVC+v%|$5S`iY+
zHU17z$KXK5I+NCU(5u_j(v%%s9?o`j7c4lCI~i2Pb@r4fo|Bi3#8M%Ok7^G(yB2sY
zbK9$uAYPC%DK^x4I~LfYaa3r;jZ4_R9bY4O{c;QOLQ|NKcRU-1Apb^^;i1v6KzPs_
zNK(Yvp1>ftqCCs;B!69YSWS;C0!h7%2x5@obR@5gY~i@=h^8A4g*tz6^4GAi!2ty)
z!rXPv1z*wamg~bUC}sQ`ps<`aJ(>PEw3__j_~lfV-H-`M6NWxlQ?ufB(3c8JqbfE(
z&ufo@EcJGOe?=|-Ek$1nj9zKiPEGr6djH*33TjaXOrS8&f0>15q+yIO7C#7iuw7dN
z*GQS19N4!R^CJJkfCd-KF>TBA2ijRB+moh)43f-Uh%lZ+ZoICxR9$t|iLxXXknSTx
z=I4qc(?{`1%hL&w+kNszww_3*O{-(^Bg&-`4CsdGC@8ys;vCwA=+930`GU?g-&iz|
zxmSv>KbWTCPWdtplSiMW0!n!|F`Lk%PbY79q;XDpjvrL3CYt^U&Ok!XW5tDH+?R+W
zBr92J%m_h@^4-C0vcAnh&5eJq?Lmo2e(&S!QTdA_Nb{u>=JSEWC<-iGLU?CMK8=Do
z+F&1UK}GIx;ud4vEytoFiFb3Gd&Ff6dZfg+IZoacjB>P3E#+o4^n$muS>mj@1X+$w
z1X3>c(A0B3^pCWZ`!<}(f$c+q>DZ=vH(w@FE?pKvJ|hJOEgz~+8pK4m4!+VKllfZ}
zB8OSloX6xFJt$oL$^p8#&A=69<YoXAD$kO9q}=W*58*ISZR3z~4!L9GLe3iR`Y7iT
zk9q=<??*%2mU1?Oyu3)=pbC+0Qr?Yp+M8j$G)7U-HDz*4{f8s1>m4nL#`~2lo;RN$
zOVRs%jkoKl{`%kIN&cF{K;m>D0L?jTYLvvDi-}XgG)tt+Nx<QoY`9*|4>np}?Xhs*
zQZ`)y%(B$I)qxf0JZIC$>7Y$0>27A8B?&S@s^WQn*>BWz-?_y=(SNacIfKnDc@*Lr
zgLxc8drLzbOTcpiZ-rdr_-}R$n1LTZ{S+muu@<T3wHNxZFf2$8geYq!^{5t{9Pv_y
zCl-s;91dWgwt7@UBCltQ*N2y+Bo_6D;G&zBgPSki9~}wZTy2e*uPJXm2Hh`$So9Gq
zeOHutPFrZ}S)G@6siuV*Zvrb&;jCBxT^W;rQ%M+q;BcM{;9GN?fOqv<-VwL@d^k4Y
zrRAocmg~{<L2~0e=Q}yViwkatB7bdOtDZA%;J)!>!uiBxPDpAO*~<`(IsN~XyvTAK
zcttE;f{PZ&ov={mu3t$?G+qfM*9LXbm{<Or!v>0UIoIGGwE1v3mJ9+_<Dg{YnIEb9
z>Vu{$hf^PHt!F4cgPa$w^VmFR&VW3pEkvo|q6PXEJZ`(QWgLsu*Ed<*rh<ItasU0f
z3SigE!-LAk!<#i4cj9(RS~tmhyJICD$TaqXHXW_YEemC%<1)~MXRD+UfZB;3cFpkb
zh2kd^R~(JE=31@0?E>g+inxexu)oDq{M*n0{#LVQVe|E&NTuI<m$WoKL-%!aE{E!4
z;2Sozs;}or52rew{v><>O>y$g8fies3I{&B1At4e0qATxPz?P1pP+iEwxICAp#7wQ
z{RJ6R^Y`Y(KYcPP>rl6Y!!@`Hz$p8n5!3h0kl_%w)2rR0<fNn#^4P~Phg*Q^7W$aK
zuv9>t6WzNW4+wM0;96l{qep%t4sxhn_T6)C23rk;;4EBtu>2cDi7{NTZ%NUFWZuO9
ztR^byJhR7oKjkmW;s&aa9JZ)hz{dG}&^s<INuT_|-k2qCoMN`|>+7za90b&f(P|v2
zN&1J)c7SollHanh_-yq!KFbX+WMd8<c&{M9Gx-P2`t7F?iy7Sf31w0HecT=fgZkmR
zHT}O;5LEaEFxk_Xp4f7(MpY&1S7{>84qJAIMda(2ejf#&%j%UIi4@H$khjGGOjZQ-
z&cvuDV;G<osG1(*4pf-gwi@KkiAzP3*rO4f0l!5L#)2sX?s)!;*Sa3RDac&rmd-^t
z02W&t+88bxS)N~dO9SEJNU*_{?!*K!z`)?6{>JtHHt7_3kB-XyME;@#OkamfhM#NG
zfJkF9et_K2>_#y|><$$vYm37a#G}f?hNbHWLA^Q&Z`lo4<p9ERL{Nj--#gr69q0RY
z3Q=5fBI<XwH2HpMKMJhbm(5QBF4K~qtRZaDi$A_9=^W+Y5vf)8!Sr$h;LC!khFWxg
zS*HFNeKN{Y-zWXka=gC!@m1&+4;~PQf$Du5RHp$5IBHHyy3{|_It);4_+V>Sy*M|j
z5y2UdFO2+dD<kCC{s2q<dCuU3@r_8JDTavBhnhGKG{-#(v6-O43g-u(KLIAVCDl?j
z3Ez1&ne<@*E4lIPDJ%|$?_kCY%C@18j$Sh37SoL?9^R9%u2~Jdjp!@09ZGeeEFg>I
zA|zYJw#LMn_qT&ZvME_yN7oEG(@*ujeU#A~t7zKL?=S-BGxlKhjibV0i(*K>g`&P3
z3Q5a%OgQZy>@j59u-mSr6eb9|G?o<!Fu_DSSuBgCn6XuKv_l>@XJ^9&^`WNii?XM_
z%!#<AVUT`0Td@^oXrIsgASx)@w0^5kaAZ|bO%z~Q_<`8BKV$BG&Sp@-nb3T(kvja#
zyF9o?Ds5i?8BTmW!)%1$G`|Ljp!dc@2`n0dJg7BF5g^sQ{)+<$UJykk*(g8VHdXR`
zEQkCouEzP-Vh#f?bGieMF~uVCjE4;5O!MZ=JG+Z#(So1B6hfofJ^>565LmxEp}9_h
z##9Y7Z<cK7>{chPO1<3eR;(({aQ7pbpnDVrdvC^6Xp||5W*}d_Qc!~X5vyMOxC3T9
zq?q~*)77S4BuIb4EQwrCt=Ww<?v^ntJinA|=WCo&c;TUi98u}CX@|xP;E@nMIH$p@
zP#fVb0f2^55-jT3M&jN@d&5sbkCWu(E7eM}2n{%xK)QuSV+2O|`sp9+>`Y(jN0}vc
zhTbt5Hgv}K&CDsHIOo#tyj6d#$p5|8fG%*X$Yk0<gsUd3R6nl>(4yi3j-X$v{(sC}
z6abRH^$RJ@!&b%m(dIIjNmMEROzgR6xzWJ`=eU-9Px1OEk!`xh{d5B?Ww2@ps=$;b
zs}!L0n}zE#dIe$|DwU;r9*yX{qT9`^eYl2cqG~21ZR*to_9)u8QFsM2iRM7qeCAcy
zEwkLSt8TwduTd^WE}Qu{i#S|GYiN6A0e_TEA!AS1^SI`0$8(D`Fm@KN>%iq{3t&uZ
z3l<UJm49XFMjD8cgyjzy9%N6j3FAj8O5C>Te0$FQi;)awFY+fD%QWSR=)+iXS)Iag
z=T3_X2M8X^!Pu<EEV3@3l~@hsO0h&(=1zEbQf9w}fl-HEqy9^93E1Qg>Q4p$cNZ1V
z5`epk|EF-wq*XO$$RwRjy>DDJh}!eK;X)@8MAYyDu}DzafD@E>zQVfUtJq_i2`H!r
zu6lh=&4V_}lxg(Hr$n%KV3E_*```O1Qjw#%p+16{M23Dpk%OPzn}TLgg>X1;QJeiq
z?~kzZcoiy(ld=X>(!E+KQjIyvMvZR{POWZ3@0V^Qr*IPbe!3JcjZy_n4mJge4Tn)`
zAA2ZdE5SX9B0Uewdv9ka>6Qn>k_6v@$gxm3z+L!~mLmfXFi!dc6aQB}0I>MESIstD
z?c^2JAN!xOC`0)NTmPS$vhjxn5Bog5RCd6XnmCtGXuKNUg7zh-H+A8KYH4;#kH8*i
zBD#t*KVn&2LDg#S?Ass(xZNuM!Yn_lZ&$~>G9nL$Y}jx8TK4RM6Sf-IKVb?9_Y3U&
zY<v`88%Ouv_D{@$2SlHXi@nQgqo#N6r+k?Wy>$UL>(u}=p8b3f&cK0pA}?XtqSyY%
zl9_K|>`XQ@Y8=?|x>#n+L>MI$hoY>bfGIlrXJ<CQb|&20IXzl9LZSdXsFQGiBa#=3
z?)T1sJuZ>MUQ$ZR2B5MJ0WKgzj$Q_F!o*V%&hT~Hq}70H+S!}!6FiRcVlk}NBztUB
zs<(}gT7pgc(Au?3l!?6=WK1I!7p{7ZVi|EKDEuenBh<L<Wim3ovIp|IrgveRnV{R^
zQ=Mo{NUg`bQ_WH^+$K^U9M$W^wpZNSrW)x1#t@n1G}DHb&pkgnW^owVEs}yW>|GN(
zjn24-c!gY~N8B9YaPD^2vEHb@jiR-YF1(p@&I|>9>ENR$AH;My@JgH-mqW<S>+J#y
zH(+|56;U+rFda0Y)}Ddvu3`w}gO!v;78KA;Ngu*+s{a|p|A!L|P!GR^u4diLVjV(n
zPQy_u4L-ruxxC>HdEdQ(e&*V3sY;(os{dXrO>O@5{fjSmPF@ZSrRC%B><7$Q0(&~J
zWoCTKFZw|J8xCAN%gKw{n0;T^E6%w5rs<j7Y|ow}El@1KpfeRv>4#NnT#3g<=CGP7
zHtJFsj~%oYr@t=gEVa;#`7p(_wd%TxsfY&f>CJY3I5F!>=;)jW40J~L?AdNha4?5t
zz#8SC55V3Yj?zH3g6fR?BVhkL|Fd%aCbT~beKE!8KzFoAwz#nfp=VtN)XDh36>$F}
z7ULxW2qI9Qko_EL6!sv+1fKO7?N7V?f5KG%ek0(~|36afG?4Gfg=<HSP;s&~DYQ&9
zr~ggc{6ob5D{7?qCx0gx^dWtEpR_FUoX9kjP7pUN|E+Zu{`pA7kMa;IV*#(4+<4#B
z?GKMUrI9pGWD+QWs_7?B{;N*;L)R<kkM3K(P6V{S1a?AV=Jy8^0pCXhvqnOj@t?wv
za=j4w;O3mryJ`Zh>MFy<A*|=lgi)JTum0x)|97vr-FiXQ!j3IF@V?_F>ku6jz^trT
zhgx~!VRTb8V$Pq$<#nM`^#X+A9Oh;AAx2UUoDa1kV}A(89o<98azTBRC$YR!(@RP>
zTl{?9zpK?gtxRt0ZPwg+EHEk}{)`={=mqdpuK-238&q|E11O0fYzpyQ4eu5;xdEEt
zKO9C%Atz)le5BEwkv%auu)r|(qZI7)9aqITZ>cE9NQ330g9ibX$ysDVoJgS|v(^DV
zN8F}{Rt%Chia$WH<>Mzf%Sa-<iluADC*rIW%AoDC7}Qz*I}(31v;X-*P3knz6G1ZO
zGnB`%*$;R3pQz<esR=i9^g^ZY(+xPgU!I7ieKpT<W;W;K$KsD<>LaQObeS75YK!eD
zKbEthva=7+Axg?|=Fb0F(PJ#SsHJB5>=EW=z2sDunl_QjSGRX$Ut%fPd-=<yoK3lM
zl^<FXIYhj8*TA4;>v3gw<c_CbtNpe_{Km6&$l@_&qTA=VxrP*Xxvh&F1Glw4i|FAl
zfZ~6r)bZhdEPo`p;+k(lHVg*_<~`2uK?v0gI$!M1H#pmCw7PKr(gtK^c8FHZGWC)<
zAMs6q#$M7)xHOdYj~)f8Er7!2o#;%3BJDLU^@`3ZYfHaRf&mvQbf>{D`rP3(6Yzn4
znF7olKjX{$iOFg(4_a!IfTD@bZVzb+9;UNma{HQbOORZpYQnta{%NpnN0$;7dY^s-
z7;Sr|M7P3<iomvlO)(9q`ET!8L{>5<wzrhLZaudaF<f71LmXR6kqAwJ>h(5L#J(y=
zN;VPtJ<tAZD*&e~M%!@eMR>EMi3kWuew}fgr&_5JNz5wz#;7zaPr|eDoJz;l7PneO
zC%9BbL_cgiT?W)bl4yza2|4PNepQwX`su<nG~|P?BoL0zpPgVot`dNrY83Jtz#b{8
z?BQN7ui%$<09ngeByjPf7^lk-@D=#LrPAj%X@y{b{@2*F!OSbCyxm-0{1QeOShnw~
zEv+zb8+tC#Sq63;GA*-WNjr()I^6K%f{u2F|9a4XDd_%bT`w)~XboJ9JYs$){pOw|
zv{`d;Z{kEpY@e1)<)XM_lAf?jH&x(M{v8zyP~-Jfgeg;7>I8`0eTG*M*eS~5DoN}8
zFfKJ774bt)NoC|*G5@!X*)8qi=Uu3!0zl5VA4`><0Wm5Z>>KgeRH|%Uc{)6w*`1;O
zI%<fR91tacj%Qd?OAN$>%svBRLh4aLAQNF4w}954v-OYj6sS?%_iHwD8&In(7NY<r
zKZ>~^^%58o)})@ACM90Q9)km9`IEe?M-%&UC6_&28j73+K_C4xD9L*TN^}Y^bhKdg
zxWGq|nKy4#xy|W}y#0xL#u>Lt$t%arSyuI@%n*gX8iq@RUn=Tf{3<A5-VHG=o@4AO
zGJv)-pSVKv1UltuZwB6ZhW6DFOgTQ|yMdtq@|z6YwEP$Amr5YtyBhU}lPs$mwd3Vv
zA^lJ8Jf83wVK?z{(#QOq97_AHTdpSn5HkQ688)4L<evQygvK^O&!lyWxBJ`MIe^GN
zMegU=n%*xj5A(grn8Pa@OA~ND=Qf?5MGZuKRWB+RP-KT2a?)?wd|v%m^}X@#l|bOs
zda)?S%7cSmZ!W7AZcmy;9-P8qnqf~}yc;vrI@7U<gKx#t`m3z69QLr)D8T4|CPn!t
zdp+TIsshH#oMmCp^`SFh8;hL$;C?RD#8%6ox8OT!5qP)7a=%w&q~&-g*Q6wj?4kbc
zUy|y7g*d1HG8!O^!1t%XXjX$@AFFM{l1|CqWD0A*^}uy0q%T)Nqef*=Z_=1H7|{J@
zARAFkilUukS_&UbIB?6c)RFxumWwZ10RPHM<fv>mnyAOk{7_-AX=PdC^>W5ZiCP>B
z4)CVc-GGhm_1z6+-|Dj{?8duYx2s~#iR+$8!#9(7;j>zI{ixT7<u~UHMO@c?q;`jL
zRZ>mo5uA7ZMFU3m$=5OL@W0|=fCKnH$qvHqULF4=JCx>7b7(08^>AhXt%WA?BcEv9
zVG1hQi_bm%PS3@jyoZEQQvzT>q+&vG(R-lTt?+kU@%F}1txPo!6bcPf1W2QJjCyOe
znYKZanJXS@N9{D{K<x#UgjKJF-|0w+;x{`@TqLyt`?n=O6gTsA1LtgN6?36{Sh$=4
zj0I@E>ut$+^RBD0w5~TwZfE=<u5a&7!PrtxA=kzc<@kX6CHboIi2MCZawu+xU)tk-
ze|yn%(Qq(dW3zdB%D6cM3lB(-71)W<Bc(T7mrxLPH6CMVzP+t<DVFDYwHtRp^>)F!
zBiK~GX69PESoE<`+7v|rFv<4l0=}HlAGyq>%^lYSP%se)*lBV(6(QW8<G5Q-?Yw{~
zMEKi<7UF(*u_DE3BjiA+d3mnnc725Ex^yJv2AIem13thHM@9Dw2izN*6hFG|ccu>(
zA*M@oK_PB?vDi)hPuxMr5Uo`Xf{0J6r=O%;M`l1rGn@B^{DclWkZH=r8?&fT$%gY&
z?8alJ(4|NV*A=4rX4L!PEb~D#EyNRb7uLJEDlK#$PQY52gQbM<g9*yHK?QyPw=&^p
zh4vGo8`WZnx=9>FdXl_Gqy_on2XLq)uCXpRWwZ$ZZs&NFbLlm~fZcRE4lzCNcfSbj
z;sH=wo{Lt%GPrC{ehdt)f(Fz+Se<ijR$#77@2L@9S4CWmN;O%t<Jgh46ou^fX+kCl
zIqy=t?!eJapo@yEd!pX67TTO2A?@xrMn`U1h-*$?p(eQhMRf|i>*t2KSHKA2K3pCk
zblI-4C@w&9deCZ=+<4tN>Yj_nd3FN;p0<|N7rb3nNseHj?#->Gkb-*ofwersEUzx^
zles7MS~sQ#7w&=>a5b<09k+(os!%r}v>(~s-%+?9ujD1)g87r`-vOv6VbfjT{HTTd
z>S*C7uilac-$l0#rqBy7DXx3Z>FdMJXl^1j&X=wmMVB13n*d(_{G59Z<3E99z&nXR
zf_*sAt>t<{ckK~iq#56Tx5MHd+2B92=PGUe@}LdD?VxvXj%$6U@x1Sc`;Qf+yTc-q
zmD}g$oNG@11;_;;ZrdqJJp3##;v$!_^(<83(+m#U`s14{XVd6*JwnLorjhP}m%~9@
z75CAaMX>}{!=US)NYo{II14aNqunLgso0a9mrtjSR=NZ%lP^3_vh@eI4|mfylkSl3
z=Q^8ij~VQjU90K-OLGC3K49ECaCJNF`J{EtcN3q^(Yk#YG)#EAk<4|mM>*(DaflP}
z4e&XZ6g9HeP`Y3hxvt_RhpZ_+KIsp@HXL-nLgi_FbAPzIxJ2GWr)yz$xn$IMMkUrv
zm_Ai^vApOu@AMiz5>g=LvUY@e-pCo}CnN}m_vY24;{UJ}8|)p66it5=;JT|h&D+$O
zbgxk+jBH{oOhf6uYpLZkpz+B&=Kct2v#=Iw{*-)xDXH-UGSAa^JF_+TGP(sYfkI->
z#vZL@`u)YJ!F+xV4LD3kNpErK4Z)cp*NvC@1sr|^`Hrf;O@GTw&!%Qh2^<u8<77-|
z$$hizu{Yz_s~0oJIR{x)c6J;~&sn2WkC_@W&XTAU6^@iA+QZ0%y?}^7o=8k{@&NFl
zcr=#-kcsqE!B67_zd*E!!VLeo^3x560?s(F%QF?T*@3I!B_8*N`BM3;&dM$egpu1b
zE$r2ghIHe5H#dRCYe}P-?s4FScm1~UD%`xbd83516BC>LAV>DC9*F)2n+9QBy69O~
zrc+!K)~C7Hj^y7~JYcz{ZVjGN-j)H;i#ls(*N#&|F%_ii85(0Z`75Qn@7!&cThdN4
zuZSYaae8t?>$g%d)N3x5YkLV3`xY)cg<Zx@SlklL;$o7Q*aGnW-L?Iw7t|jnSv4z3
zZ&0U_1;`15SL8480c)kh8(9?*s)Y4(=H&KDA5G-|wdZ|HX34^noy=0#66q+!yP&$v
z%2J@MWEG;$7=vf{jk9GHR&ko_j7d{LC;(KhGAz4b&@eW4))%H(l_&Z*PdNjVG@$@P
ztBk?0=oKNJRvQJFKH3i)1}JwW_6v}{Kk4+#ywDG!cM#~pDLNj_Os%tH&RmwWX)`$j
zF{RT5jJtl!G*3WEZUfSZbZ6-2!+a8Yd#&Dl(bU7V?*>p&qpgQslUgIixjdAjHTacX
ztKS`&BpT!P8}``y<dG-KIjb&Sb4H94Ig0Qj9(d70X*}fX>@0`9m5y*8uEUI&Z@XlF
z(<;Bihm09<3lu2_Gq$S`dO;a&P=T?lqm2pEYf2X##Ts17Dxa!361+SUYI8vLnrA?p
z8S9Eiju#cyvCU|lH;-fR$w@5ZnCiD~xrK5Z1Iyg_UjY5bGeS~7n%DWd06=e9DeKao
zzqbqdws>Jwr?6&rKX1~rnx=O2Hd+Say{KPN`C0hKl<~1u))z#f2P^>sg9VXNuM=o6
zgmRyLAX?Q@&T4pT)tR?bJ}dpn+<~A{wC<^j4zoWyx_b;uS+x~fTt9xU;2VlrsxF^}
zRHW5yYp53Z$h3_Q@GRC=*wAZPFf61F7kC_fGL1s7LGa4ZrptWOpz_7){7MjCW~8`>
zhf=3x!}J@R4b3}`2yP7GnHB{}tQ%PGj{*kDtMaByN{#OtR1i<72&BCnWJ6~uejt7w
z(;Z=U4tJ@;N?hCvHegU8APsL7&ziu>YMPAoAi<XD8M;SHC(Bc7(R1`N%AFO~QZPxO
z#9U6zf7!j0$_eDW|BAx-qu?KlBu#daEp);QlFTB~%R9n4!zrU#FVJ)Kr%jHg>gnn+
zYZ>i5J1{R3pBeTmFGsw7D<t$VH+8%s_w&HW^XYQ1w_28u_1h@Xbrmw1OE$B*F#?=7
z)CStVYN93G!119qly?RoDailo5nIrL;~ZTnRB}g+!_=?*LIJ?W`@uH~GseVX%-pk_
zCt&LRPs(zkGo-|GNWEr;H>3iuG+qS<uNrgjib+jS1a(11@PGlW$=^Sh;v(rQ6Clr;
zY@23iQLk();Rn9?F2ZacHy!fvMg9tqhByC`MwwW@sx#CSG2?5Tt67NLm0_|4@(fM5
zB8Htn@c8%HZxX4Vh774~>_L$h-}Pk^E8O^tb?U1}pxtwP|AhII6`Ympn0{<KV?7lC
z6VXnfLq2kDD}O;{TvjU8(`m^GpOF+$Z5Ptv6<ShUq?pEQ_GIy+;7c)myKF8v`IMO!
zjJP{<qepj!d@l_63Xa~WknIFduNo=xc-P6I<BDpUZVM}-tULaPbL73ob2o&bz=BSV
zu`)qQ>W>`_Ca(S{{*<OD9O*LahYF=>0Gh)vD^5W*X(y14Tkt@vGh~eUj*ks3Je~6i
z$IuLWF$0nj?fdEs3^DkPRT|2qKI<J8G1|I!qm2Fq=EASjaPwO5!xQ`5Z!Hmh`>c(V
z=)8~T;-6(fI&q1fY!GjQ%!IrwDW&n{G|@$szM@Mk4qV+VKOHvnIilbKv&j42qS&;>
zoA$g+vHx(=0;*WDU+1^4mH?T2z8!jIN7z(zprq|fWg)_=<57W0mavq6#({zNArb>^
z*MB=iqyH<F@s0*5nmZhwni52=8Y}Ht5l)L@tfFs(eW^6IKly6ADlEssg0g`qXjj_U
zb97Nm?J^!wm+^5$XMio=_a_$x5w;l;I%GK$d>S9Zfzb`rqyHnbHk%U2*zqp6#S4Ot
z@=is)g0*q$1hpWM%F(RLW5|yNRCpv(JAoA3$`8?)Ln@8}kKhQlO}~2yz(<N^s3@la
zvj1$<Hwq|3bF%&hIg@)dw}#BxVs3JNt{-IzBi|+j2|ZC4EDcT14tI?o{Bdkf(Kc%v
zDL~%C^23+P$}^DHT{(tLX{+fyJC7u@YZX3<Azr0{w?A31(zLO~<IB0FL4r$y%mUl^
zr_KuAP6582O(bc{^Y+Xgj__r#CYyuo`6|PLTjNdHan3nzd^{*>Cf{_c?4s&01(MQ0
z%5)L1+%7KBzhbVxD!+)+L3mJrLVggD@?crH2riG&W^bZ}&oon-8#}3evg;b!aECTF
z{^Psfkc#gK#KpM!q>t+juzxi0I|4D1|IuzhOk9-1<%%C^66<jTs&#0+XdQqt<l3*S
zuTHQn{PH9?FrBBxDvpKHKP8XN^-qg$>zK>_q?aR~<TEe70NkXv^B`|{IVzV%O-`wU
zj;CC-7=`+r`7N+xoqw(7VjT-;G}2~3FT`Lsn7=s#vWd*)^J8YV^4b`wPCvX#B+QCy
zR71&WdQ|@~Pwyh35(N>u26rOR=sU~6_LnSjM@`>;^dR5=+JIUawh?0n`DJyqlB%JW
zO{lm-Q+~5he9S{hu~^UaStxoc-x`k26>bu?2#5WJxt*|M)<c4n2Mpl_Z$Tz?<)!TM
zO+H!f!i0Rc{SWDIAKKJ~N(#e^*3u*Qwtp#Ifpa{R{!8%uzcc<X<^&s5=r>m->*i&%
zZY(t4mN+!Un<2dLq_hU?h?p(8C0g6&u9KgM85D+9<Hw#T>gLEtcHD1tXiHZINq#7H
z8fwhXsO<&Lx#~A+#8W;vKbs4m!s|+e6Ew&nfz^~Kwf42dXxs6v`=JJ^-avBqpxjwd
z57RoeqPW@VxDGCs6VbPU5C#cS4$-)A#jbreGZbi|5gu?qA2$~r5Y-K&C^03Tp4|US
z&K1|Un3;mFj+R$_d_kk!Z_O9gI6+5X*Dgc`fyr4L>x*)L`1Y&pDn&5o?+yA(;McuC
z;=r=9f)jBa(~_XM>NjUd^;(9`SkWQa4JCA1ouy#9#CA!uXv5&?(6Q0&s^(MsGjitG
zdpn2)4HK@nY8!{FyM2d5+Joi7h=`{K+wj(l(n$!vx22y)wwo1fi>BLisKx=nV=oC=
z0X#ND)BW}gpz48BEG*1RE~wL5yI^g5NVR$Y<Cz&2q&%sAgg3e&wE-ZtW$%!fk~(<T
zPz!%x`h=T%JBr;=%RTi9Q<-^pz&ku;p!{?u+@L{tEc#?s|Fz<M5<Lce(UR>mzd4#!
zW#VFfywtvz1ug_AI?<z3hyCDwkb4??kZX<<W3jPju2g2ALspXmD%>=welaSfS#=S%
zScm#z?D?(kOf%y5lhyi68!|utS(`Xak|kR7=Oiz@a)`9U4RtMIHb?yiRX=^3UT_+w
zJ6E5mzSTPJN96D!C_SwRnY@WdO8Yh~O}hAXYvaA!x`)lg)zkH-Pi|Grj9dr#4AxcY
zS`fdV>R62+SI&yZXjhN#Nu(@<(@7$d6t5DFJcBSWu<eb3lw$PQcY-q2W$G6BMi;?-
zy5S*5+#fq;`yeZCOCER>jzypt9KzMulMO!jO^p0!=E_#7uAYW2#zO8_t$}vpcK0T%
zruwgxU+oZ2X_eewz*rgskP-CHU(PuI8EpWdULa1DMu$6D4(e=P^&V$^33u*_f5xcE
zZ7wt)dPrIPG$%20+7i$p;|GNBv|R&KJ`g<&ebisUt^gRL<+PmvV5|riqO8AiQ@;Xl
z+gJ3eaf#^VL8)BPNa2m@5TMThI~QR>uYfBA=v3%a{&G12P@&Z5>Ad}7B;ZtcOoF~q
zyW2sVdE0`fZL2zR#FTs8DFygzgoh2l8p1ey{I8$%caFoGvc>C^+h=|JDesExwM!cF
z_#kL}n-4)MfVK;!8X%B<zQ8}m$^VAuSq+6_Bkcjnpoae`>-q1jv(Yg(aJhQ*qQ7Q_
z#<_?wJKE+U^n1~N<1T-v*#atjO;^D1r0FPlg-5071~K>*ZvZ^w@IaNZ0D!M%WgslH
zkGyci5CB;b>eK&dH7Ff&cYWY~;JjF8vpKN6Z9D+vS2hA%G2oe`cnvhc`^Qc1eSEd6
z;)st5zJ`@z^HI$iQ3LePqWMV8mSX-u%YW}wAg=WOIJ&7Gu+pNsU$#w~g5voRFun`_
zGn=8!_fPBnZx{$o^wMg;@34JPH&6SrFKHgz=A-r}^GyyF@vn=(6TOr&dp#t?+0-4o
z{S~+I>?psNmOmBm=aW!q`b_;?GwSp`q<S1zW5Pdyf-&zF*NO1l?h;m6khMV}?Fz@l
z*1wLmu+_VaWSs(xuQUrEC_y}iYRGP3c>BRQtaqrUIKX;`)w3<L8J@yDC!vJJe=<Hj
zbD#JYN8^uw>K`I5TFi>;WpLfQD5eW;bt*}V#3tsf>VVaeI*;Pao(iTrAUtOMc3F5p
zt&3Q~!?zvBIo+Xw&16S&k=y$}(%XiBz*Ki5Yg@{f0a7d_*yO;eoFpWEO;?D$APb1m
zw~z}l!gIE3P?3B@Wks};(6`PJ{bbiFikA;E*E+SmUY+ug1z|IGsBk)dZT2ki)A(L+
zqS>+Hbef{#wf^h)_oBvvaA4VDK1q^}(bS3O-`}~%my4R%J-$YYy4sI4Q7Ypoul=GL
zi8AHpuExfM5@E}@cM1BcahE{ZjV7s-`8?u{teO~baHCWIYJ;(eTQ=KY`uIHA^8za*
znOra@*^XO5FSZA{sG7>J{i{E1u>BZz7rEQJ#nSX8X*|)|R957%54&ocdF5^V#EETF
z8&}|^($LC%th9l!RJFBm&9YSII31_l^7PAg8&OIK`sk>lpj;@fCZgaL54FPA(Yf4V
zYZ*bzouO<=>4$Zl@o<L70sN*BMnMwM0p9GR$dA*96sR&>OUSlsY{?5zTs%!X42Wu(
zV!BHxKlVQcDU`6lv7L$QnTcN+3O~#jLsAMq48(MB6>iz#**F~1!upS52?j~^VO1D$
z*^??q62+2u9EN1bks-G!YV^(5iMIYm)y>k5(sDV_v}xrEXdOss8EI!!{L<oY^JLZ_
z9pqfCo%K<IK*+45(GVw1vUOEuID)7@=M=2_!Z=S+cbos+b*gJCI2cTC+<oR$t%0P-
zcdg$;p&dID%1U5LAjcX;Y<7|`o{q6(7JBgPSy!nAX-PR#wRKuWl=XKtKpOPM3|C0;
z6KkypROWXQ2ADubC!X*s`tL<4;C5LlMZDi8veLi$0j9>1wNnc!NAppbnChU5_IekY
ztvkXO%-T=yCeJ+PUuypN>4V6eEDy%@9u8k+>P(#b%bNK|pJYc;_ajFBALiaNs;YI5
z8zodiLb^qfZs|?|>F)0CmTu_|3F+?c?(S}o?rwM|y0?3uz0bMhy<^-DcYSl=nrqEx
zKJkxVqy_@61;*NQ>SK}xvSk&Er26Ao`{LwuFHLcvkk)*TIibQA?hj;xV|-*wl>NM6
zv$n<Ln)balre~zz*$7H1^ht+&HZmWs<B>0ox{S^)*qWI1h{xu`8GW40$k$uPctl-X
zg51;zr`VaDA@?<H2CU66;!07)a1U>^DKT#Qf%d>JNZ4;4I~O<VE9Gvpj=Are#o;$R
zDh2ijm8ED>Kve?+i$<@2iHNn_@|L#oOV;j&DQEo~X`2!&#=cyaZ!ZdD$0>c3Jynx<
zx-GG$jgxws`Xj35E?XjVonqKLdXQv7=;tQnXIq>H_U+C1opM|tqU>rELcDdw!=<34
zy_K7g()fk21_I!&vb#v!!L+W+G7>2DKZ*;7H|z=fDV0@YLDJIgRgl?ce$ecTwhsZX
z<YwqGil_eohr!}CO1mIwmXE%gyInP1F<vO=*TYrG_S#wMRFz1RfJcF3kp+L2cq}|B
zW!U~LFt;Te9Rx??j1sZGOrg~G2|IEPe`}?`NZK$DFIn?qcGTYsGW&=v@SZlx1H;(j
zOy==pEbN2s?|#~EoPx%CyUIPBhKd+F63XMn5yAv9-v>CSH{1uZlttZ1OpNu?H1Gj7
zcJJ-*sKDEUt&FBYSu8C3EQD8tzP@xRwe`5=^JQw9G^r9eEq#N!Az=~?#}u9ly-$1s
z$z5JjsER41b03bv=dolnSU|5E7l*fSnj}FjDWU77oLB*WW*NKx0UBR8EAE)4hQx7%
zBtH!cEONiqZfc7konRtMMRDuR9~vw3pNe-&jWT#;vGQlRGe{Vcw9jo2x4AxIb=Dm3
zi#a(GuZR&-#6<U6v!1Boq3!8V<J7mC13V+5fn9j};CvRJMd5%hne`td9$}bbLP9HT
z!`Ff~7`t%<7H>!rcMIHY(Fb-WwouwFkxIhQ`$mFfYaB_R;u@hz4Dzi{ez#G7;~<b{
z06o>_BLjwqIppbaypBr{dx5}7z4~&kz`c{U2sJdjktGOLzkKNK=P~oJs7E$~67tvB
zWAkC&*FhGac22IUq3DhHR-YB0Vs$t;&<Oj(L=W8BIG&eYibS!kT3sTf)tMeC0S-M2
zvYMI*Sp@k|JXjgqxF3*xUDpxxAWvQD;kSC?+mR6Nt9#GZTjS5aGyPtA=m?vGn#izf
zNeUwiR?c`kEMEkh#^zOecqA9Zg51Y8>CuDk<7IBc(g7vdxGXa@_&pt_MYC@e=8Hyi
z=4_Dm!Hh5QZzIw^PBJmuq|C^w^?`pGG7Dhg=wD8A0tRSMI~zS@9(Rh3D!EkctsF!q
z%+vpvRw+H>r3<-DfO0CS0z3-mOriBjLt{My!+Rx1`wqtQeTa*|Jxih?iXbdsk66$d
zpBcc%9$OD?Tj1@&oann5%9ms^W^>h1DFYr;2W1(P&mt&`fCvio8CQ}DVId_WqE7v%
zqrNNND3aLFiv;{@>mRP*wm0)PpBOyYbIpX-B=Q`Xg7}`o2d%BFv<i^Z)8>^4m!K3z
z0jh&Vpf*W-`>Mpg7E%A#itSvA16|%i;vL^(>NkK)hl|yiJhZG0obiyqgrO;Wj(H^^
z7GD`+q5k9uhKP8y4YKgNWxY~mDzuxTd+~yVV+t&>Eox<2gktx11zMu-FWa9q3915-
z$|(f2GHv$4!g#a@=YiGw4a`G0pzQ$3rSC<6>P8mZ%9>8KI&SiY`RGA#*=63e^j8eS
zfK_TA9YXW(PP9{PPqb+?LQiqRzK>=9Dh+{1m{{KgIPRgGnskz@<xnmu4QsJuwRlh6
zo1Wusm=J4MpG9W5aSkah*83pr7M`YYU>MH7vJ2rc)9U8r8~Hjn;7U$Q%5xwk0i;Y(
z#+qaZCOCoWUyq1#DyqbE_;W(lw#{Fah;Fy(kV+3V@VZ3|4)TH^s&dTgtQlh+VqFvH
zWQ2869<4;e>Vky?h?z4l8iL8$7`h21t`XOuGhmuzGkML*u(UwJRlZ+<)op)=Y1mbr
zW}Ok?j1Pd!`1tDS_h#Kgn@UEnV3S(UWef#O%VnI)yimH5$OzoD9x|w3?syxxShsNW
zX`to59_>WbB-o~+F;ZY0z_1g_hI@(2#s`>apnc_fK0zD=5#lg~^;A>x6Qeqs0wWhm
zvwi%YD84iz^z>p5tP>jn<QgY@x(tbJqc%&ug5WECnVW9xxBu<f0C8vGl2aUss`t3o
zyX1=`xNi)HDDUUrU&IL*tZ>WSWhY%|!Fc^AYWDXI3eqwNs4phOHtgN+)`$R!20g2P
zBLvlD>9@|pRTVa?7F=orwZr+BZ=uY71o`|cpaWUqZ%>9cxNInVVEiV$cvmw2R`aB+
zTjTlz#C~bur-tnp*!_b^rGG{qVeRraoHxDVsDYjKOg6_$PDi~+AnpQyg6q#L<S((8
z|9gDX&kz2kPy)1()hT12)jx-!AtAg)WIQi+m8(#O9toqW>CMvBN=zE3VhBnRdUHi!
z=i94(sc&wHHrN5`Cmmm$C<&~aD%SOAv5O+oDumJsMlWNyIbm8Z0Cn}}FZ$1P5Ae6J
z2Vg?BP-izkr47kHd@tDkC5DoxR$hD^KMaz+j={Lx?pys!2PNiVC*5<pC19rP2s*i^
z_+EnIL623k7_JZKyBK?RTH))<<mUB(W8oAbxbFeRSpT@U|0)a_qbMe4^M@o#fzjo~
z53{<pQn))&7p<Kauhqbj!U5lob+vbZiB`tKizxDMV%m+&=@KD7Oh{#A94*q@>A@^;
z{;PBeo#?X5mFkWOaoE;Rp%(=`X2nsPnk4wS-iX=tuDq;Ijky;Eo_fu>&B~>)FOal5
z&>CK`c%oGyhes@G<w!}><dNW3Yo`jPV)uTN$;*o<!=Bo<2nJDs_^&x<?bi2vp!M41
zq6|oheB03BJ8PGn+hB#MkR62cjN#zamLOz`&LwUVN?oBJK_E{s?@XAm=@2_a<vjsi
z<zbGX&6SbdNDW54_5rbA|F1U$D5lf{;3q(`#Qm3snQlj<ECu`xoEL0)nUAcff5_sU
zM2dx!z;WB<zRSDo%^;KP@=*`(WX?z-Sy?GmAOU6s!~;MqdWjxdKG+JVb_=^Iz-=VX
z;=qkP@sJkW(%Yic^jxaK=woc;Kk6>)rZd4(FoS@|zx=ag@tj*H0ZMd$qz6EmXaOL;
zKcP%YZ%51vS#(%od;@EBj~PSUj=Y3dGyHqH3k`a3Z^ObcCFLKnrD<fxNe}GC`Q~2B
zSusSD=CRd`$~W?Zt^k@8AT4^Vdsq5vll)Vmec{t5Ww<fm%=&hIUgynW(8ADA#1`QP
zuS?bNPYQEdIdw9d1TQpx8jyUQw5Tg{UGy&xI`w%dJ357uFW=cN{|;XpKWJ7KmRCIf
zy&M}9MCIe}<qH7g7R{~z1a{MDAKBQl#>r_v)%Y*{nHY$3Wn(#L9Vh!a(}(#zw?|Ft
zxYDTA<gGpe0ic3d3dEuhpwM~J&4>}d1mUKk<*fLl^YYkAM$xK(`)GR>L<+Q>!=e0v
z;tF-t{xJ#}QDOyeULGH}TDjNr$>wOP-?FV)kdG{uSj;E5c`&=T!!`GOmjA}nbyhGv
z%Rzba8L+qr7w;FYAW@>Q0iRBKa1;OzQiT3zCjDHb`+ve$pSrtV??;2pE)CtmJl6(L
z?UC1X-ZS8rB<o{^H(T{eGVSmK4KbHxtuVb!`?v_jK7fl%rqVkrOIjE~Y+TVuc+w7{
zg8TeHxa5sBmu5MU@2fr3yY>4^YlIgQe)JhF7G~WO(m%Y4`waC^a?UUPEt@qlFd34@
zNq;x1LH5nVM9|H!KV|Pdr6psHjk7dOGuP!A<M0@_Ut0Q5ugXJ=qWz>myV$CI&w^Sk
z<D#NZq>o9cY=~KgAgR-*XoHvg>f=T)+YVma8GMW|qN{s#>q;AlMbsCb0mzDUf9bD;
zH}2~Fk#gI3+0UJNW)=G~DTM#jhQo|LN;+`uz&xm2pZQ`viTvG|B;1D8N;=tVrA(Xy
zY;X`2=HD~mS)=NHgX##7O=!n`v|vbB+yr1cBoSi0pMZ@V9#|gK<dGq+i9@B7jzF`h
z_RcY>3)T@n-ef_KeE$ScsJLY4id;mu6==iMb=vsh<(c0}x9+rA1qfq^jshy30%aMd
z-_LCNSkR)6iDL?q$Q2ir%l36WqDn^Jp2FVBg-3}R4qO3tZk)8Xoq;caq>y$a@vA6U
z7Ph2YpFPOw-B}m6c7ZvPgwm1hy9o}*eOm+Kh{>Ew0;|G%KSTiLs5ikZ$R|&B3iuvg
zb_JsJ%co?Flt|U}I!k=II=Ut*cWB;Nk4Y5Crwdsx5~)Y$w__|3U>fYtoHCT(oYh@V
z-HtdYC|*RL(5>171F?7(6aVcW1!yJST^&6I@j^_(s{mdpFM)}`#rrC=$<!Qc!W&6R
z+^G#xB@<`8NMowPRAJ7SNqfip1!+h<*nK41-52)Y4f!HI8tXIV{JjZYKC3H`9lhCF
zGh?QkxY>a!)3@Y)-$rA4`{{LuUoa6UfvWbXy$m>bZErw5MiI*2L6tO9gzCJNR;leZ
zqa$5)(P1J@?fn`yv`nlY8}duKrvbwis*Yd=i_vq&C+>;2xcGV#Bk(zJX2{6aWal(w
z#2j2Y&LC^Vz?RCL5dmpI`FFOJ@}6~6VY!H4*W1ROToP@X?#E^&g9Qn`sBl@p__I|;
zHkAW(H4T*Rc86v5tcev_j7Bf^rxP)D(iOS41zc=kV-tD~CD_I9P=65kIAzeObAbx2
zREDA*wv@g2uz0HQ8Evgxb<p>~_X}^OR%Gyc&-_OON;-vR!96|1T7~+|d;?Zom`!Eq
zl2Dz(F)?n@8xR=laB@N|Fq+s;Y^q0gdnPRLUt{Ghax9$4fo&In1pNa-@7`5<pprfY
zwc|dkirZ1zJedXBB%aLvreyKZ2Kwl+)?Kl2-xShhy?MsBCF14Vd;48UQ2Tz*dCb^B
z6Rs*sU8or8+AD5$S`8HS2&xp2%=0<4!x4=P<?l-t5@5oMR1QR+JvL{CP=5Ys<*F->
zq!hRw#77w@0^9-l@*1P2{TSY+VULSaNiUu`Z4bZ>icRF-2!0p<bsi^~yTrdTn@QNR
z4EavY|5&4XsIeL<%oYnpEv|(o*+SXrnS?kdv#cwa4-|l|ILKoP)J(f0M==6n?@m#`
zcZG%59^T0Du!cP+7z_n?{VBR8TS&P~PTk<ch?L!C85aO}^;LI_!^_SuU2l=XIuo3o
zkV~X?FMU|)kbCP&6OP%jrutFo{^+)_1Q2OB;mSpt3AnVAo>xK2<?O4~1MB7sqBl@m
zm56xGS1h9K#KgqN-GX!~<4z)GO(d{B0E;H{6sRZ}4hJ|Mf$yn&4F3CZ_$LJ((B>ZC
zGgLyVcOKJDW;PJ-S)#2X)P(3+`hm5zu?1(M9P@2@_cioXK7>v!n-Ry3p_5zV8}+sk
zD*Tcp(0u~fwe&Z;XV7fTC0`G`?YIti^l^=PHXnsaX7q_Wi4t<&om>Q!S&4io)GJvN
zpOI&9Sl~e$Ub@Wr?wKQ#lHt+{N5NnAahs@t%*Kzoq+96I-Dlp1TGB^YvL%-&VV4{s
zUZ1?ss2U&NC@rcI88eSHMk*%2{c;5B)3f6POah<O{v5=-Nm^63Zl|=P(H`Iw2ciPd
z?*7r31VP=az;Y-9RpG?8ANc@QIm^@yj0GUS{m(f%Xg5XG;0CI~`<DBto#o&r8RaF2
z%5N>(zv{98jY9oIi_1dP;YS02jzxA#J^<)o6#xEWAd37O4fp?#L=g*1lPt>*y*eps
zKZOf*Ru-_wCFu`UEFKhw#aRHpr$|{+(6g_r5yjt8IUuk4TQb@WsFzQ*eT|*W&UQ+i
z0%JCV_3W7j`Dlc+K19++N<On?#)71r1ew_yjWx_-)?Mobw-ma1$KsmE6#=rx$hZBm
z3p{_H&4b4o(lU@}$FRzS3|22Z23?_OJCIUkxOD#hU2p4%pN02^)<c*#*mDAj*7g$!
zj-JqF&jocWO&m1$+dksDV(lw!G<%Oe+?*Le=kS)+g=FRr44A2Sqw|7MXfrEiS0hf3
zusjMw#Nk9H?QKLW6}%j!C$#Z42eo{tUOl4-?IM_5!MnQ2olrF6b%vS3G0?l$>3fsT
z6zjxxjo4T5tAc#8Rs8x1rrijM=?stRO9*ZdX#eI4xwk59>Ir7gn<mV=PUWh`RQ%)^
z04#;?Uu7Qg6j#Wjt8ehD4g%U(<^nYM#qU1VF;qFunPb`#D*_ycN}Ptb!@WF0s8VMe
zOy4ksJM`HPUdBsz2-=t6F%SsJ+Ja=Nz|F5)j<H#rb|Ydg@!oy4J`7>O8~%pez!Xz;
zwR*2&VX5ycDzQPPkg2+PRj!H%lyG~Up;K!l)NZcku_!N0HW6^>W$xF;g$I}QV$SPS
z7a{Zr0l7G)kn?08dhV+H*{~uhX~|crWl9G+g1aWMg331(idJGJ*6p$7!Wu`|7xc_)
zM=Sr!qKG94j-pVxQ11JDHAa7FOs!3vNOtLxhK5)n;ekQTh@IE_29>LrzKV$|PaoR~
ze~s$5N$kTq!=L&>Qgtj@MCXj`yHfW~2FcA5y=|5Yv)auf7ioiun3J-r3>;bk^SI%w
zF9jl?t}I18Cd`|x81d|CF&gQ3NeRV4h?%6UTuiuDw~RkrAxV@Al5N*)daGl*%Y(=L
z5;k;Nguk*73C*`1quzd==5E|JCu6Qj@4M?AwMZDAutP|4j1^DZ4TKgFkygOX=m(g?
ziyOgc%XVpcpCo8Wd+2!hX(><|P^-1U*=34eND>bb4;v-xrwx+N+p({&FYSj6HZT`(
z@=5Nvvm3Q^spJyQ4nc@MG7b|a-lqdRJhQqqugX&r?{yx>+|5=4odx*4idcL-S6x9e
z4A{y$51KAPEtb)9koMd15~p~D%thZEYT*HXN+D!LC(H&mL{u_OqR9=9i?o|F{iLcM
zB07_T7GC~zCS#J=tQ_AK)8h0~O}Cv#+%D#Sm3;u~sMB7e&iI&Z8y1=>Oyh6;Q)3wA
zgg*{=0lb#WGhRy_|MmXl!!Nj28TdjZHV#6L?*NP}Xj0~fGUGWYMh)nVs8Yc3r?*as
z)>xWBHyO}`FIZwc(^N+1v$J-XTtJ^IEFYj>OVp#~!=qtTcs*@M9-IsT5C>4N)NU?A
zi)@u+AxUKyLECOxo~UYY!TMh9Wn-r4Eu&Lp!P`GKIRcbTAz_Qh1qwn|J$-r<0zVwo
zNMVmiPCn=uUTajw1snp<s~BnydBg0?Q@t|T_n8L@MZOE&>%sE)`W+0zf`KJ^G7=Lw
zP+n%DrZJ;cX>vIQenL?rHJun6iU&#FvE5~(8mBZ>IwAHo@GHlU8EKeO^y8@v3&kZ_
z*m?@J%9^!<K}gitXg$K+Cv?ddnP}G0UF*(<z5x}2F*i&x!3r>U<qNyu<KWn5`m1)x
z$p~yBCo%1<gNIwAaXR;>?|l7ClSV>dgb-}`8|-Cstmr(;t40#>T)_%YJ=}IuIfJx;
z9P2*~m3||&ls3oSE3b^*$}JR6WN*J~P}<U``%*g)(--jUg|xq6uDMhEfoIYHM}fvQ
zqsj`cFIS^p=@{#7)9!uYP^C+Yu_Wd;KQ(wj5N)?^s>K*{0MM||)TAbBH36V~^T^S8
z`yiwehKU3^hqYf&qF|?wY?W%@2h~urlMu;5_QmeLVeU%b!O?2F2^{QXm-z12zW5%Z
z*rbDRwm$?(V%q&`a^*|StPq`b;PhpAehzf>rGx?$P=?PPFIo(WjD9?Rw87*#IL3LW
za%Wd<%!=Zz?6HPz%WLV=z!QB?Fnsp`*Pf&{6AULp4KH3dE65I)sSi+IBhtz#$r0oK
zGW)=WnG|HoLo>K)t=&~#|8h2U#h?aVKTuf&gwuoMq@?+L1h?zo%EbV=4j?&=ZJN`4
zcRm%wP!6sf$mA_;(T(AaI5;P1I%l^!;`L|~1ZHwq8PrYzTiOL94ocs9ReW9BGl+Jq
z`=t~?@>R!%&99>4gDbQz36s*lj-x}=YhVeJe6P&_pYh=PQIG4a+kU}X_oY>oAqnOV
z=dnu|0}E4)j8Y;#*4a&<^a*DHF_G<$KErZ%QS^#<kiz^3uh4ucH~oTwn7^Lc2{Pj2
z3&v(>$IP;np8dpQsgDc9(%Gu@N&L9w;1I%!ZGG!>9j4K~`?_xYG-UNe%Y`YBoi~oT
zdUEY%%-91ACXrs(WHOaw@5hY?t3Cmheul<_OUGLbH}|Bksn~4DM+Yu%4#9ns1=5XA
z^3qcVR=$_;+NFxUOjX>AR>#NU69cR7@Om60S$b+`Lj5xr|J~L854PCN5=3o_YUZL@
z-RH^t(NoJkY`|rXB#{oG0dqc&@B{CGiGHt)Eb=0t+0Vb&t{HvN3zwQ#&<Gz8u{rRn
zh-4+p8Z!fY{-&kwgJQ5$UK)4~)0Ljd=)*gSKHoiin@TT}Y)AVF1=FgkNwi&fvXDv3
zeSnocGcHaDzpOs=R(3Wb;AJPE6OR>5_B`c|=Xs(GHj&l!Ud|WJ1MUEW{g&w>Np=Tz
zm@dv1ZgsGhV6Ot;3^$2jfzcv?6)#hUbFySx$t_gc2_sS)=OYTaNzKg9PPSDoK|-)u
zjc~(I)M{$r_TL{QP<!iDv;hFX>{2&tbf)S$UuaPImimPwpDwaay6r&k!LKX)m&9O-
zB@S+oh91{`?jVL`!|e>uztecKEq{A#l0DsGEI?y&CfT`U$#gj4Tb@Cu=x(&U)(oYX
z*+rLdsq{C_FH{4ld#z?h5|nC=EkST6a!_)epT6tCo75LpjMu`_fZlX8=O{FM=912m
zF@%tC!a-`QW_sQuuUM8}7`|g&O9*L@LsCXpt3N1%i^02J@&jkd%S+y8+yC6a;k~(B
zLV?^5K)O2V4Ji;=Y>h;u+l)$z%qw55y-x*tA4S4+>7Gj9A9*gZKxe+@3{xO0%WtP5
z6404h@;f?x+BdOdh1(Oiw@7mLNOKuffN~v^NKB3$>%phv8l%#f6!OD60T}$g&6)Yp
zR@G`Db*tuTKgN;H24BksJ79rf5$fyBy=0A3B3-)Epr3%7^@-QElZmT*#2)M(O0Z<w
zr&4Pg@WAAcRNiDereZ($vn2m_oczidRMc;Z##SIu*(tLTKxN4{)Hebe{Q2OHs1W5p
zC{>S9#p)0?$6r^A(8CDn8J=l~*7lK=YGOs-WW!(&=6dXAUanOhJLfj7CVK%^+h?$M
zZ?bx(V4PW6GORD`!B0ic?<e8fbR?okI%!Z?-N|W=E(!Cy1E9#13ziRzS!+-!)?7Yf
z^(kDMi8%GMbeq-ZrvF&Hg|L<3<7Dq4O8UHyHgh5l`}NbA|4a<;tF16`p*%G=#x_|A
ztxd;VO!zqYK~rHaTGAX^>|Sv!h5EV7FOmt&mOO>lUvgBS{G}5mm#`h9nKq)YvZIG6
z`(V+D=ca?ASANZ2Q2_gu&RdL^Em}Yg>J}bkh%Ah+;YNkz1U-gZ69>5|-j=a>4Xt<^
z*Y8E!X9vxwV{DA$r$@0mFdBB{v61nbvcE5$O;Y|V_|uq|8@j;1Z4f~~n4qU0U!)xV
zu9*C8M}qvc&p0;tcg5lPLxAE$`tJ(r@09VmH2xQk3-W>B9{bm2p8xQ-GX3Aa<o`md
z{jatNaFxHr!hiSXpD+Fw*yn%!nBU%ZgMa{ggvhI*&dz8X$%1EZ;86p@S+Oqco~5im
zG9C1xX+;4>7!bGww~kcluuWFWCK7lvz$NXU>0^BV2}f9^7W81(;HHM_d*9cSmNigO
zp~{8fBWppV-YlJ_W4sp}3b3q535w05-+$29KryvjKWa7?DC%gmb5(SgNq=$}ZqbPp
z%eJ-}%~PQ$TlEv;cEEkB`|pj0Zi~hXXFnpQYSF=?AiJ?$G-X}&MXH!({JBLV{8rIJ
z8PoXj{#Kb@I5+0%TnXyxt`H+_%;p!kmew9$+_}bM4z|93KV<`KT8HX*xO&kt+W5s)
zn@sx)b08Z_NJ|G;4O^wpu`v>VQshlM(HMbYV93g4fb2`fkG*UO9n~||;EjS!s>2RG
zgNF*7pHiZzD+Rrw@ZW5NYc&uHv8dI>glE3Yq{s<_n@N8y;*?|>E8JMuK3b9<VGS*+
zb@`<8{=x>DMEbj=6mKc*nPq-LpP9?CMzmc)*nCOEN9|yhXKW6_Yyy7V+}uFO_y%4o
zvKD?+QD^B?qX<e*sb1&sy+XhQ^<V)9qb}12*}NB$+gABZat}?4$RjN7IRpV|{B$Z(
zatLxt=7#ZKi%hRFr|dq6^7sx2H4f#WfLE#EcgpQiW?8YezYJv989+acAHc7tkK4@O
zh_j8Rtp<}lPHgN|8GJonss~2c&LN#LBXtMw#x8G5M5nsy^3y5cKZ7=q5e5E5z*Kpi
zZh34KD0-*2CgL2HNwNm`2$l_6oAn$#Yw?Hy=4O_>8P-BHe%>f}?ZmtIZEI<XlI6pD
z^OU}lM5?98Do~R1Kyk)8VT9|Z5~>5)`1M{e`7zVj{1%Fwmb{Pe0DqxLr4D5tBi?#6
zBZv5U&sg$0gFl)Tjds#1id2!aB5djqP|uvjZ94PNWF%+OBj=mIptvdZ>FtR}>J7@8
zYf(5;6LSz$E>ra(EVw@Wj9zcN`z13uGcJdRuGA!>O~_z@vYMyCHoBZR#}-76cy`5b
z&Xle$O4iqr{-#DW=E{QG=eWJfx&PJV+p-Qmxy>F8{C<e}n|EoOqPa%9ALKZsJ-Zo{
zRH_fY@Dc>X9eN`#57?k821DwkqrSF)l|x#Ggp}9ZBF{keDG}^PRHWEAVMV3F{#f>q
zX0fZQ3ga;GJ5K?6Yi`#+X7|W>dU4f-z0E)-fUW_^2zq)*qi75I@lT~OhP5Z?e1M1D
zdmrOyfP*O4!yqmyM&@s7clIL--8VYfB$wYUYf!dtdtsBPpo4(4r14>HAyh=R=n<PS
zuOiH9<7$d4j#4pOl^NaU2i9=b<#8MkMTt~MbISG$Lj}<XVp2vS`B<HtnVn3yVpy%&
zqGWzRk!f4G3`Z%;hZ;&NnF3XS)05p=2*Mq(eygWjf;Y1ok^Lb_k!7-ae}+mDc@jMU
z#(6<O!l1R{hvKIKdSRVW_Cw3C%G1Nrd`Y8I(%gEeEbSU-d2R%aT)y{ZM!6K`J67lz
z(GEN0EW&ZPe5h(;ddHvt5}D|@J2r1RKfOSnzdJrN2FeV-Y((e=U^Kg4Ra2Xsd17GO
zv?bcl=#2N4EF)m`bUKn{CiFtj+Rpf&mr`4ki+qG3YgUGU|1u@XR9ff>#Z>A#3j>VB
z8?^eM08Fr?8x7VyYwbit)Wd~@v<048Ft%p2V(L+|2bz_t@b)xp2iIx`XhC~Vq+;Q-
z0A23zKIYX-yajYJ9eHh{vF`nr*0CvWd>wsx=eu@?fdV%<UveH)3ZB7_uO$yYrG8@c
z64GlgL#D0&h&Pd3OA;K<0+la-J$sBV=I?5RVQNSQZ%RC88WM@druBQf0tDXifwFz*
zvtvYxrkpSJ$F{4{MyzS<s>Nnjr2>Zer08Yr+2<8S#-BiKhvy<9G{flYQgDw}cEt^`
z&{cnHy^u4;(-%#Z|9;_{GYIhm%ZhV}5q#*k?Bv!@tb>vsEehqt<$+wQ$mT}2>$WI<
z2QC(1*o<A!vy;G}St{&-ko#5S<zh&tPin#Am(VEW&#Wq5aTxgUp{l<|a4KqqUwe^H
zq~epGA~?t>;C;z)%<>vZ-lP<A-(_atb}&b~Q4@Ru`*)NLh?oPM?LVH|oR+p8-*qGW
z&ziA4D0z$yK{&-20<Kwwx`sw{M*-)_IZHbWH*@8z9-ne|3?jVUo=U?T?)HL%Pfen$
z*TAnpDd6ImGG}{+vh@cc*NBpmWJujaU=rJ>(E2Z0&2TX9Bz&QhJ6Qc_eL<@buasmC
z=205c*s$qRv~<V4QSoY=r*P<4K~|>mDmBM@6B}6f^jPjlxw+mOBffQzZ_;2+mb})0
z^0$&sVfhu^OwU3VR1{@e8Bs%m-Cm_c+^Zn1PA6Qu{KPt?3^K<fFNr}(>BN-_@B9+$
zx!g`K%!afUCtM}olS7#k8felG&an4$=FL~!7ZHZUIlp^YfG!3l)N@qv++jxt8bMO^
zuRNE<->tX16+eD)ZR5mfZ7WZu`BV^LcklEX5Ix;D(kt%4zdPU;hLTL0@+?Q7XM|Xg
zfp!(-)|Qn^^F$gkzYZmuU2t3Vp3WHKA&rKgesd`D3gb+U{#EwnN*pr@4B_0N1<{*p
zU(a1#HE>3o+{7V^j(l7F0CqMr6oTajNV50L!{pEgjl*~ESP~_4Uo<(khOd9d=!}66
zA?`B;v(37#<Etl9izI;vGDcn8J(r$x%v^2=%VRbQK+5~hg<>bhSh<hH06G4VY|Jn>
zKk}Pm0l4&LKv>^#Bm9Sb7YCi+`&`SNg&;85fA*$87C?H?r+iN;+ZdieK`MVMA_BsX
z1VAkIEQbzQ9vmo&uV;P9Sd9nX0ttor9hv-n6y5h=+$y=s8GDO&4()(_^M8Hee}+#>
ze!>9!@uyDGb71wiBK0wc3L>C`BJgihm|C5q_WJCnt=8p-LNrHBE71n{t1-@-LaHW8
z@SmaLzhM*D>n_*LkB{bVkHu^ImydVDkLrht0wGr%Fh>V(@B1$mUGHO$9?mWs?GMU%
zE*)_X7a#gLAGVL~r_3Lwj_x0m?>82mXfB`o(`;qH*ge1g3O##f8{v-{9?u}=pDF{A
z9d7^$oTR7IrQxT$<?nS+CbfWOivV!VOt({3+=sKH1*hbfkB<lD54v9z4*~W_%ZKNF
z!Sm}c3`-(_qj{`{c)DF)b{!1Xf%AlTs)%WQx_rEB9ah)r1|;pvlbfEJAAMpk+^U}V
z%%W0w9<LUkoXDD*8XtC+;g23gGG-sf>!_e_=94+EIgg$;V%1zvk{$3uwt8}oIquI{
zlkbua-THKUHkTHQU9<WbKRNGPFH6GtPd8sHyPYIWKaJ~i@DuG{CqIhbZY?hBhc9x*
zhP%04Q9X48|L<`C<SNG9T#i?gpAOv$e3$7?Pypwg;bphW=B7*Y?>7mtk2~tP3r~J=
zoyAXwtzL@{Zue`9>W^3UN3^&d!$;Ebp^wvU_v-ME7v{?=KEy}hIL+7M@I!T1s~1#{
zQ*PIC2IcMI>d9hHn@6*fkA=WvA9mi#W{Zh<LY*h(_Ty~4Lu-DzbGu;xjK_(Z9AYzF
zIo<BeiFfXb-A>YJHnZK%COLOp18*3gcX%KJ1OYK>{}rMe@x{=s0RmD(gO%Ia{W4nY
zoI9U_`DuIYXg1So4yE^Rx9uh4v1Nxk9~;qs$IJRx9AOQQoy{&!N00EV^$*!@*K4%o
zWo>sF4CHaw7t8F|TjNiJYX@{wC$#_%<oz+x-P_8VtHP(0hF8UIqe8A%RNnG<PvW?D
zIMeyZk7RC-%5IO)ZZTddLJov~P7U+|0x}$auiBaAZVUPHd1sdWCA_mNfGm_<`<Y*m
z4j}n7$n+i{c@z5;<|?nNWUQFzyVy!4R)zN;(Ns174#7=7V;31}+-l5TsaG?(tDYtm
zr<kTXsUdtN{SkJoikO9cic}E_=Lw74pgCZ|Ptcz^wd0wLa74aIJyYV%q?`dOx;Tfq
z!<hCStd_H|KUyJ1DW-6TAABRPYh3FzC?%odR|`iskX_UY8PDaHzN<`Btg5smx9D0(
z#z#d-KcFGqI+e~`ZOQ%a%Kjh*q<P(*#%`ORk|DHM+gq3X+&EnPL#XEOB$}>Pw>X=x
zzT8f70<y{{(~_?m0c*rhR&mL#021ri;HQVEac?|9l3BH>S&~wATq#ax?lJTJRN%>{
zj54%_dA8tmv${=>6`{DPiA6K>nu#kt$4>$T<jPjD`JE)nC&k%~pTBA6SInDKMK3l8
zu{M&7msfPTpW3Zm(3y2LcsKr7w<A;Raa9h9RCJ`2Vv;a*-*6NyM$D`_<DTFM|4x88
z<T}1<cj#;Y7~7l`RN@F5p#K_<IM+H0N=g6YjK()beABgwcj7BnHN>JJq(H(1Y)-%0
zeLwb>{H8hj7=iKvutXh>&z|srjqGVP9j^>n-dzuiD1ch<jd=6fw`J(Yt5vmIqUJN)
zrt75U+N<#^(_-$CyW>msJOOIt0-5qF?&r-~2UwOrOKJJzJ9L=Aa{19)ev8HxF$F(+
z9}HuIxsw?<Cxc)dhn~|)v=H)bHm=l|7*{}tk-%S2q3j2xys$)_)G&Xz1<i55xXp;5
zJb6cu$!ZL7acNG27<m;tc1@$pGnypz`~1(2$ic_2&m9pKdX>zJ#N;hjQMoLTEFVv@
z-pP21Zf7#y^6uA2B(f^@O!lg834}`Px5VlJ5SmUEi^UeN*wd>8`1iWt7v-rxldslS
zEr$<-Rx~RFpOTQsDp_HCIL2%xsBY(l?mIFcWJV=bRvr0i{U*8N{YkMq3*0}mkJ6h=
z(=Jf}385XC^qS6E2wQhD+>6ZMY~e>HpV{_ylB)P<vX5T8;d2jNmybEk8UeBCm^qc7
zkYo!^>JO|&CDOgKsIf$FOZhYV`FNyLn4q1fgLA7*R0_J@J`lAKf7b=i=`TIY5&I~*
zc5J|EnM?RKs>sSfsBd+YMmg1NsXx*Oo1I;eUT!nOSQzThLotlj33sWc`7ZX!<<_nF
z>}cmY;V4d?nVPZV$#v&>6KuNSRMTHxrvvsyVDszOSHIgXC$qaBPqu*XoNa&~evCRO
z*>(yE6*}@drkz=CxE|2YavNrUjeEDd{59w4oTyoP$7RLL=TN<AX!*|K=+J)YG1uY9
zi{#wg0Vu8hJWYNnzBvmH{c5!gJM_)CSUM`JC$H_vUCelTMc=i?3?Mvw^>*Rm-RKy1
zo{BX-kOefEG6fBa3n_#qBcgQH)n1hr5Rug}s+O~^E(G-R3k{xP2KM!<y*nc_g7Hd1
z&;dMMB1ppYjGdyzFF7$RomZOybKW*wZTbFWtkt{E04`_!V5&x`T;kIvh4Bc$9Z55+
zH_7-8qq&||mGRkA$p5m}-QD=TEaDKvWAl+KBr#S|vJ$#2|E?oSK2E&}gYt>Nxc3S*
zlS{`gI;Fx_ky56yM-m@tuA1aa8|3JbFj=4_D2#a^Rx9TYmo5g_#sH0+<RjEMO5boB
z=Z^#vhlr#lIR4@AVh}>Y1jq&LWpb=SP(4M_7h}mv*!Fz-w8@B^(3478P`JdS@@?UO
z79Pc<>9=%k4F>eZYvLYJnI+;+WlN^trL%S|B{88KQuXhVAc09Sg9D`wea9Q?=#UMW
zbdw^ONx~Arw=Y+_U7kV+dI>99gFU{_wJ72gui}gwNv}xHVy)r+m!WDRpg5BWoUu>y
zk3r4n9y5>QoUWn`PN(1O)tjG+$#;RXaA*GM+P>@V7!Xij8tx?EZN^_K0CvW+<wr?p
zgmwL=b)4@aLYY?{J<VrmZhg2V*GbDyk<Hg3Gmw@?tjX)RRo4%kH~sZH$?|~52`lMS
z<UJSv)v)yCoFGsvMZGAjcAS`3f0#LPF#igKcWj72K(iZQ!$z!QLLW2A<7Z+k6gW<(
zey}TTqDY3?$gv;PRvWIDJc2TE8w*!m?&`+hxwTGN7-~zP<!Ca3A{9`ggjkM$r6}&?
z?4L}q@F^XI)0#g=A+3Smt0<7b45?j*%XjRNuU_wGvnb1}$3~j;O__&T`{~E>k2tYD
zZKfqiX;qf#UKr@RuB75?=jiD<$i|h+q5K4-lDUZlqMFf0(0wrzM-?N+exC8~v==A9
z$U>N7uRkG5B=64mB4)d5a31UtXM5}76><?xLC>6IVc1QYMasq>+d$fj8|LF=;wvIr
z`eC8atB?z{Npgobbfzlh(`h=n4m1$4$MH2;ZhE9J*#?`5r6)>SL@(1)nk~P0T}b)f
zdFp_713h!kSGU(%RWZA)h>-=-GyX*`c6^zYjZKc3yc4kgvjzf;g(3e;x1NK+>CZq6
z`IhjH@D=EL0#x*j-UWka8OG<%XK!8*te#?ta^fwrdbQk<OUlc_a^q!1D6$-E)LLaY
zh;mVm&8y`C@1cl!iM*JOKK^WcJf3~4l*~GXaVjLe+){xqUF|+&a?)X>*VW+lXuA{#
zuVv9@i}c#<yq3l2{R!AY<qrV!?~_73OYQpnO27d3vY9u99UJH=Rht}vvzCQj?ZbXA
zBe<xiu%RE$iqvdwUv?nT=4}V;b7%QRgb$Hdrn10*<eH+5gd3u*)T}`@iP<h{<-MM#
z6bD*iykP#ZmLmdRCjMAg7AJOm5wZq6-l)3Q0vK{mrAj1I)~achz|?Y$gA!qd({geh
zKcj#P&M_um2|5IDR{LtCP7-(z*SUOte>iKY?TA|n-C!Ul5&15fS6VKF1A6j+A60rr
zH%3jF=fCCT?scbA%I5xlRNo!e{68$;y_3%d&Tvt*+%Jae9A*bjN8l7G=|$G_6Uz69
z6^|R?04D;i8{BnCXq&ticEbotsO+PG=`!Z9eyI(LL`fv&1UUL9$6&sVq>hZwHN1J6
zeCN4V<wtW_8FLu(Mw$ZkO04fuQeu><?eZms{3WXzp|wP27tNN!FAtVI@3>Q<C~}ug
zQ%4hPt?SY|jmj4lOH&_9))a8M4_!t)*l{)hO#_>E>cn_pr2a{BMMFk8h2C<^Y&Z)Q
z0b_Ekd88dRy8agNqC0>tLZGf{s!~6_rYqxPg{K>%TS9Ps=iM<j`_Fl4(_)NVs;{!p
z1cj=k%5z;X?l-{MQj9!7lG+GwR`G73;hpTCqi3X^2nT8#Fdg&e&ok*i)7=7DQk?in
z!=Dm{wtY{Ve29Tp+q1?C^ol>e2yj`R2#?&#^N;N+Dq+dBwVcLDrlMx!WBDzL25Fm;
z7G<+T$J;tRkJn<y!kcpQ7k;yU^p|?Sab{5!IPM8r?GC9loVtHQ_NUveKJ#ZAe7kB_
zsTmVF3wD%~39iCfS+B$<SWF@v5L)&y`1;a-*&J_j8$Is(0jdOpO7navzjeUTS1OuQ
zB~cSi^nH#9+Y;o}D~=g|;oID@bT$+lcYbjWreRU@XR5xuK0wtk7?fjX!ol`|)h&d(
zK&8Te3#T3K`-ll3(az7|C+h?vae|AFKW^?Q*v-ZB4@}WgV+8>#y}+vcCoku1z;kcv
zDyZM_>4nfx#P>pv3pqGP=5m%!|E%~Q^%!=08=j3AWf_k7g4wyM-=SGlIp|ic7Csc4
z*}p>0_8L;LHHG@!w(z)Gjd<Qup@EqTAaF9rQq@kz(qiPYF2U>)GQl51F8IrVfUj;^
zdEE+$N6E>i%>zwjZ@Eorn$&|L)Ktg0Qt2{+ttH~T<Pb4}U8rum`*okO&6`Z83x@>u
zJ`JbDoBI1C*Yy2eircjW(1vk_dvFNYOIg>;_afniiq7g!A#Mz52$kPD4|8-OCdeLc
z@^QQ?Q;DSmbfuQR*XW7?nZXhN$NcUN?`YVGBM~&^*-8WEqrh2-t}=V=+hnJbyRSYv
zI3Dm+)cem-*Q8`f8)3>T_sRHgf~MJa{5-hhlIC<9leMG}SzhVsyd{%n%SJr~^t4L}
zkFA0=0!U?dHv&{u%mk4_HOY361FzB(#)*kqRN~FjNxL@g-M~JbknhZ5ggBfjCOW2k
zvJb!-EcUmv@h8j|te12K*X<mMiqaN9+qKi@vSisFh@Ou5i;evEVgryXTM(bDsDS9)
zI)%Pm#QvR+{iABIVj;NXXUY%&aW5Rl2ne_Tp&#`3iWqPyCY1<4k#}(}G;4wGe_iQs
z{QSQ^W8l+&D+ECP<HCPyLcsxUCi)0M5xH)#2z8(m+CcjG{Q7^<Ndo@22G#EsU2qEe
z%kUd``)^f~-_Smx8Ig7Vh~Ab|l`(<SR$0r59L}+lw;$m4E6Oupt$g`CVSl%~G~SK(
zT*DRh+^tOH0#(G|OZ?c>es^U0;QpW8rnlMtstW*D+_iJ4PcnTd<?Xw)R%c_Ms{x<E
z`;74&5wj`+R|dDXSt)Rf#^05u-!{(FKnscNii62k4M%wX&cc<lrpB+Exe-2?pRCu8
zr9oe(T=J8@nL{@~!GDYM`w{%U8T>wH9qRS3^Qq+<Oig@*T0oVlR<d^{r{~b3DaI19
z|E^?EA4*(L|Jk<^4UkOk7flrlCh?p23N&(d=t+W$`I|*cWnzM0iTPiC<L@yr1hsOY
zXvod`BKuWFvLl+58#&-CIvKWJWN@h088CymOIP;#c32y5Sb?k!`%Ql*rClaHEkh4X
z2rXC#{3kga@+C<V{boJ2U4HHekG&kzSe_+7p*o48JAFj~gWE@(rn4AT>FGDA;!vXY
zwe}5wK+GnSL&@(+L88%_+DIg0RFOKRs7!pRK;(Z9Q^ZLYlN)o2icBUYt2q8nvEXzE
zYEN)#D{qqvM<sGehq8`@E<CqHGg)lsMjN?=C7+J|r!UVx)UZInF_gPtbQqqA(<Vd@
zK)`J!{s7o8%=bp%nD=HOW@UAeYF5VS8SCYn0+I7v3jkr2a-=m~Vb02K>9C^jses8r
z=xqDEu*qB=?iC=(EoqNGz(te&0mBqy)*I@C$M-dWil1jPdfh1ejA*LuW4vR--SYtq
zAj$v(i1Rlx_Sv$OD05-)ia2=yb49F9OW-Gl-egb<{Um)bh#ApA-*mH`fpJ?HPdAu{
zswwzAwE<|Ht4>aKdk#Wr)=9~>?}0N{jJ-Y2t*M^P=k+Xz_d5P(1q<Qa=ftKQX4325
z7+8&1qK9QSN`vFBX7p4g!wdZEX`RS@SM==yk?e?f;ip>Z!#fKIaagL9JEY57HT)e&
z*wpZ|d$X`V>gIyhJnMh_0_$&6t*Sp>sBa_#RxsEDoKI)X&s(-f5XCxF3AwtS@P&7y
z@T<b6@}coK7?|uAgHoLlI8*o^T(!TItYQ;ZslYNS`)iq<C?RCaAmKe=K76|*4_l<D
zLiUcPuIY>>E+!+AiC|we+_1;w;d6uwBllm!NXo))2N+%rgvh<Gv+X`Fzwi>$(tY(o
zH@KeMP#BHdVgyVAbRbU+n#?sZ5{M461Gd8)5g?~D%C>Ba%h>X~kkfL$TXg^ca+;;+
zq6U>dJgveZvf`dxf!*FvL;RgM5{x2V!k7m$s{k-vqx^H*xy%o_h*XKX6vD7A!GK!H
zFP8b~xZB+0u-nXie{%~cC<qhy(=u@PPxo#NHlQbzBxra**op-;E8o?oYZt)~VZ)^)
z{wmT#GqyyPVhlj|mr!gG+Lb55)QRd_*DJs1?uf}>Rk9!msO^;gMPYvFXhyUo++mR}
z6jd!N*-h@@l}WA%48z(Brm^7CB=}cn6ffgo#ip39K9~HUEEv$hFa8*^t~{vc)M3wI
zanJqwT|hcbj#brzCfi}p)K^*|b%b4EaVXX)oD2(E<h!r>P&$<PJ%XfZouy2zG~Rm_
z!gS0@2KhD!=Ivuqz~0vNdvBY)Z{~bbf4Y8pTwH$Q<h-qax>-JIgz(^c=d|Hg@c5k)
z^PE)(?afhy)q4P}P!k@OgddFWIV(8#c?`6QwWVo!KUH{z^-6rqq;c_7^*T%C+32A&
z=4y@E*PlYZeJ+D5ig*)wSj0v%lr=L3Rd~~>MR9d=qehaTZ$2+){nyi9d+|a>$~aLU
zYPpQ-=GECGc?{#ipfv_+>u0qOPB!kL$<^)cFiId&f{K%5RWDN}jRYg_0BNr}54^zQ
z{I9kwM*~i{9Z+(THE{Ask<$C$!g348e83(ZVluOu!!3!7tOQ^{7=PPGyq<;Ue8{GF
z5afFIrpJQ^Em+u!Jxt=}v>MYL>jg$ep*N?rI5n#vx}g|X6NX3gD0h=(t0y^~W_~FQ
z(fz9Xvxs^B3>!{=;vOBUZ-I0+f2?#7|CkZ1-o4yCgF5*%0kAC;wnjCVXx59&?FNPo
z>`sTGA}e<rT`u3fk>FWJl}~H%uL{YpAMZ2YvI9pH!h-iJm5AG4iHt;gaEEm3^l~tL
z87$DW2C@2i9Hl>FQkT%$Vq`8HT@^MrqrixRi5x#VW67WA$VEe2++WQ3D3G|%=$%`9
zI>9o0t!kh?m%?zV&e|k&!<G=KmMNaMS=IM7?;K(UzjXg-X*R7^GSa52R0MH{?8B*h
zUF3~iK9A1u7b|r<##rW+((i%O(=5(`79Grk%Pb67?q-AuwbzI(?m^W3rzm#uP(7g#
z$D!bmd$P|M)6PpzRSpF8uPJnA{`YyC46(Q*CCz0TlezEPMKE<YjF6it-$(>O@4^V&
zN4^~L0+(vcVSf+KKEraC{&GX;bK;s%6yxZjC7-?0%>lL<SL;y&kubuFZzD9oR6s3L
z1cU;@tGaZA%R|*(yfO{F@+b?4Wi=w;O-_3^QT+~6v<ZU;FTe`3r&*v?n!lRmK_-Ta
zy}S7f&&_<J_gzq5v*UZ)@(W}l89omdY|%v2K5lIsMx1gfnSMb~_3W|<qa&|9OR$yO
zKTtRtkT1Y$xq*LxOoP*41lq9x2pL+Sg!*it^Y_02jT?{^tv?QM>K9-h3-5rU;x9FH
z5Q~q0?4G{|5C}fpS^ijWe_aN6cNge5{w#C8e*^jB71Xc(Mh>9;^ApqJ%k?e{3;&l8
zP>R_9=NE19f>0d$nvI3w5T_D{mteT?nFeE~e^yEzF_sAuV3-&)U`m?T#e78Ts@$%F
zE*hL@68a<NfC2Uf#?L@(#)xRlF6uX`(X`PGW1rhNnB9I@2q1Up>e~$|BP0<;%NKE}
zWUcOAyzkSj;xkSRL{0=KVPXN}3}Y}P(*60K+B@~iFjyxdF9EDcIJvHS5+<dcEd5*$
z4^F>9EWv?Y*$<^cG(mEfu0szY8LT4aj7{#UcecTkiTOqgzJ%gVTH-{Zv}8Xi2Z>u2
z@jqZ(AhXjivznkO&EEj!=k(&I63Un}yTv6EOS{BW_AL3=re)Bn?PbD694g}4WU$dw
zLNPW6bu9nBFa5^(9lLqKteC1P5<L?EOHyaJ`U@>Kgxmsr_$o(Cfkl}G_)2jDgN=oQ
zOJBW%fe$RCn*KY#lEA__r_s+{fQd!<tXxQ_>>R?Csjx8&u{jZ;R|-ZyYx7Obq7Z7C
zcFektT@UQ41?+Ulh6kXeXOz!8on^Tt*<mO(i#*PRQ^|NCYvJf+@olgkRds6(=HO$a
zl0l^G=g!JOmW+IP;fz^819o27lHi{+<1GuI>?fB!{)YxDd_DMfk$vP2-4uTvb7g$R
zhbG0A?mkh4J(DYM?;&_V1=aOg1@$A8ut=y?<%>*IVFsy$cEwIZmhB8O)VU#uF$zgF
zZAr%@1rsNUSM30r2Jo4b_Ll`WUSj*Ok;V_m4}E1l>M$d?iU%G%v-wNm+LihxpWB3u
zxTD$;C>c#81c1>we_=9XT86J}x_az6J9Gm;nb5)~DwtF$5vx+aZ>1Ydsl1%FjSaLS
zNiJ{q+MPHa(g{u=*CCJ#<bfsw^NHPNRvi-0DW0i9l?&hRH06-SlJLHT*=u+wj8}={
zyVx3g=Fx4PAO>5yjQ^HXdM*K)$tQ$VRCUx<PFDkyiGmt*3VuflhC;YuDd1zM8En*9
zAmSDOIG4*^{bb5m8DbXM_Zgeu$;!K1`i1in!d>_=hwDB<we6r~fy2bjV<Q|@umH$7
z7HBncG7h>*Vc~ZL3{XKK`z8BxdN^gmVu2T(0OMG8Sq<kOOV{0RC{mn*B(^V@KYKj9
zbkae1HE6Lvw)*0Nq{&q-l!9qS_y@%|urGlnE<Eipp3mZ^0$o4FPw~mg$6sa|2?~`#
z@qU%BREBXHr>{>K6wNTnFiji#Sz^|>OTpsJrv<2*gcx{+RhI=Jqy?DU0R59vK?CqC
zJME1cBoFx!iBm6I1lycLizx0C#!Vv?>RJ*K>m=q7;f+=$w$4AXfA&B+-$@-o_#Q=s
zABW0<7PrcW=qtUbsj21-&tf@H?v+(1L>{Zb=~A|78`Q|>)AS+eZ0kSIAQWVs$+ZK(
z{-7mB=M#A6K^oF{gdK``s@RIKcBiM0J0Y~iZggS-(HTW1&HEK?bQTrVpmJWAN<x6@
zPq;PxPTyr|2M|1qSTX49y7<}TduF3VdKwwZ-;eI^Olyn_6XB65|9Asee(I0Lw0<dR
zAcpo>;u&DDFm)<PDsoUB#iigS<Yz<bU|J3bwY#df5L#%8C=Zy?|HqEHlKKG$9vVYg
zRFlNS?rK-sW~C^Z9;nqW;9iJrLmS|T`OPafbEdBW8a1d#b%>=RjN8y8d<qnTnzqG2
zt#)B^2+`I0BW`t^e}<O-DJE<kWlW7IOe8mc@XKD{=79jO8iKTRZiP<&8zh<keqPQ9
zAuGX!Zy7DrXsL|`AnUwKxWkd=d68uJJ+Yfb_47@Xtge9d9nm0T>Ls%&WOdFbO~KS-
z@bmM0S#&qK6E>80m%%!MjH*LgMVNe~(?KN5y?YbJw*u?CC?cwhuEiXahGqp&O!Nwm
ztYrR?(%H;8$^_?IT9uJIREhSf6Ug#Q#jRQLhHZ9e-<nIFM^1W7;LAXOn}Q}Eo!CdY
z6K~8++Gs8XpPr5hULWHGX%u0rv6^jpC2Sxo|Hr_cJ$tJ}){Z&=d=y<1`p!&h^~v%C
z6QCN)DGzu(m~)mK_B$HugGRUG+4rw%RP}a$tcNfn_+#Q0nAiy6;dM|#l)-tQl#9gq
zf8zHt5_v9(IclxiX<V`R*lw5nB(Yjc&&z+-oLrH~0^^3=|C|-%#k5W&S-GnX$oFU`
zxl)4?#m|s`izHalww$!(A#LfiDxtAhXoDXaFEprE%IHm*)>Ph=Eyza|Pzq=};{%O{
z(z)%0u-rdQY7lF5Eq-GrLrs6T+&VsxEB;)hg|)-9-v6QVeu@8f*(Y`_uNY7{QtX$O
zzc4P@*@*A3bk3hO2`$JM-02`o{3yg~wCg@ij92ir%d{|3_2p$W_1SGdsW)6_?i#QU
z<8R;2iD$#FX2SpTBwtBA`$zq?_a1beFHfx@HdOg;>8`~DcJG^x{Q-GuG+XEbg<m7n
z+v77i9{bc{5}>~r5zK9TJLN!W-g&A)q?!Xk{q?!4#Of~?uHjcg=jROHlGmCm@^ayB
z2$7Y5zOyd5pfqykc2}EprcONH;<oigqQM{#g*V=Hi($1<kV?)7pt!n!m*aCz=Wx2#
ztzT4}tT%$nS!rcU?pgrtWbD-Wz#b)cBeoRrI9emwI&n95G?5K%qtRq+7{Nq8!#r4u
z)BniS+2!L^C%ZPpt@_Dvx6Bomp-}~Cb9Ehj_X+d`;rEV2lARAY7FeB-WNDVld*^x3
z`y?JWTnA_Stekxhf_yn`55@_qlS)nhhrPFqi)-oL1!F)6K>`6n(4fHy?(R--cXw+X
z5(vS9yAvE5C%6T72u|bfPGgPTP0oAX_nh;e4>Nb>-uc~`Ti<$j@4dUK)~b4H$+O=2
z#@Kr{s{Tn&`6u*Q5;dT8D9&Nf{P;U)zw=yhcCk_1;22BDG)Nk&u9?L&{nxJ*b<t7Z
zR6eg|QYUO!(u*o~G6;}jiqT!px->aP02g}od#7Uiz!okFv1wqho4}>-<RS!7pMLUU
zQ9+h9=KM(&U5YYY9FKHI&P73{s#lAKX?v=rWI<7W#?pO*<IEFr6->x3!}QpMbqD_l
zC|6TeJT}erBvHnc_vsrO1vPz%@}paK_a^7IJc7YNeNE-V_nAFW8+PokF=C~6hI%FB
zhBd&Rc@ku|S@xWTq|V0I{hXomY@3>2zI-nJV=O=57x1ZV<{%?Df!ib-Hk(kt1p{O0
z6;9q@Jc_<B@SwAXoIe%Do=rzy2Vg1*uc8#sPm#-OKS`EyI*v(ZVrAwFMfe=dfb39e
zolEsm;Lt6@T>Yp|i}jy-4{lIZ8Yr&K^U9XCs`o|$;YRrwNcoI7S#O9=b}$O6p5FTM
zls-Y_PUZ6x@H3M)(><3KRl=;)pZfv3stss#CDmyJH8N&ui%9ZfM<JPKdI}3>eQw~@
zV0f-qHN)xjq_O4d8a7ewKtcAsndGP9^Vx1$gI!BP@Wp9AJzQB-YOeZc{QEXh5`*Dn
zTgR({PfH%RR|ptyjYt*NjcH#{(ja0s%gHrZ6}+c+<yE){had?wm9ih%TW%r44OIUC
zVY6$SuoM*eFoVQm^XP1S%<~F-)v=9W!`%g~L*`-ITSmm3@^VB&cQ!0rKR~a@3cwGW
zH%}5nRx;#v9fRJk%jr{AuA<E{Ds@I+D~?7(={~<P;<MAKlMS(&dZFFqMx`$ku|rid
zu{LuIcsrPf#Z2*kW*Pq}lmJG5^gj!aKYH{(0ObE4J@k_SQz)(k`P1&-b%i58J381H
zzcKdL%Fg`SPg$j-)l=rqz2@EWjXbupro8)H)VNs>x3qeB$?Bg#^V5pFrSD$MlQ}y?
zTn0!j1aDy20#!TETv4T`97}^GHiuveY3i}XWG5uS6o1lgT`72CES@O|!H{iR@R}-c
zLahe-^~3Xd$GQfK7R}@w*iMK}>>F4%a5w<c&O4Y7f$%LvrHlJ_c5vx^{Tntu+6`lY
z(K`JcvMp&L%1&sd<8j+sPOx4c+(@ykPovtQD|2fwCi85Qev*1qMgN#Ujf5#sy8@_2
zQTfG?knSHE@+gBni$y`&r)U{trKs;2CG{FH;QN#<Kuuk5hw^@*)|K;6k>gwQu1R+K
z?uBU-3yR8Nck&Rhx3X2*Kth>S?{?r~^Y))Nn8q8Z36nC21=Y#DdyU=K?{whQ(Bw3j
zg`+;Y3yS@iO_+*LSH<*6%t?uw_N)dBDZ}qnRFBvWp6A5vR^aLt#*q$T$6WA#sBFf~
zi+5cHoFyN^*#CX7oRbEDw<G4QLu@*uwP--*EckL*{$|nDBTlvh)<9~&tmHua>Vwf2
zQ(-2JGUJ)$6`dX!R4lM5ys%vpRlF%65~$6)JP}2=O4hGh^0Hu`oD6TQ_Zc3t@j8v>
zs0%IagT<B;bm3HsR;AGR!>`RtoP{jp;RL7#>No3+s%BMx76&lUb4wxMPd=ZQ!SZh<
zORewfVthA&nLQ4q&S~UKncnui(KY&^{+&O*lD*U<x5~F_a9bWDBkR|=p^3Uj#Y#7N
z+@{e-aU7cX+tRYHAsYG1ZfY&qdD<Dcv<Y2f>o;Gzh|(0k^2=e7Tgpo~DrM3YU>{RG
z--!^Vh{YE?Zu^QdWR|N}uSLonF?5sXI$;*765Q%8G@)}6PgpqISL1Tt=cKac{+2E0
zSZ87vIAX02>PqE3IgBE|cbugKYCgQd?vtwjqr&rhw-izh%2C^YhxKgZOL=txb?1z<
zLD(M)pe`h(PayAiYEKhig?UZ?Q|fJqlW{cnkfP0atwPRNG-Yb!ayc~lZGpt=q$F-@
z3xo9+9`T{m^SnA;tiupkDkhq9Hx5^etYH-veWzygsWO*2gQ2m4GHspFRIeG%VqjfP
znWkytk2lW%L$hR@RyX%pt`0v=?gMRT?&Cxbd(wThZk^{4F&bUVpUNI(K&jwrH-QKN
z`r@|V?4BmX4Ss~N(05?Uoo}@Z#2r$YS*t&WRYaVk&HN^0l71~kd28tJP#<_MX@BRm
zMwbfsl7+r&zb<i{irPs>pRV%pc=Qq13+X2GLm{)MIHi>i+=1szu0B|K+W8;eQn6c{
zcW&#+!IN7CMO}{@(;<9#u0$?FSHN+`$48YoQj{+~R2Ri33Meu;E4QW8&e#=7LQ|n9
z4rRTZD|MlV_9bTAERA{cxm`_L(hJ2TwC}b2I-_Lj8>?zJ+aE80su4_Y9};-ibsyat
z1A#T$Okf$jw`e%$oN;n+uZDm;AP6qK%8(wQynj}{{L?D(3HNz%^clWV`7_fH6Bm}I
zv~$<MJ(d2(btH2T$)tvYWy+KHEw)(Km;Ej-6SBLW`eX@4Mv4*hhH0g&4E??@b3!>V
zRlce_O!_U1zcLv1RjfqZ5^UUX-+=pWBd-{?Y`}poiYnsJpOcMx>)>kEL>^6f{Ee>7
zB0O5kC7PJKw(FLEv&yZA8>!LNenHv129GMsk%M%0@FRG79YGo#^$DXmPbV-c#yGaN
zm&Jy}?-s}ATNfSsTy$rzMrJnVe)cc<qNJR8CytOh@7KL&)X5{V3d_Gok`oxo{vC{~
zA!ZK|(pkWDjp^Z@s^{%rve5YRUF`dz6ER>I4RjO)cn>Px_X+mW%4|n4&kw;Gn}}ma
z7WVbqz7z}NQ8f1EN_bK`oQKAA^8U%4@*l$ung(*ikw|4jlF2(0YgcOXxLC52_=T4g
zbTL1(B037B5cZ5_Jw-#HCT5|{0Lk$DMw<13PAp9iHR6<3(y+u(BvyWz-uqu99>LO-
z%f?4hit<<+X&LeqVO)bIikuWyG{`AhI*?2!gh;76!i109Jk-Aggs;~Xcx^n5gLXaj
zT(t>GAlvo8C=CjICRmEecFHXNl&rPNI*M4pU;E*0gC1y)Na~aV5IdD0(QQQ54*K^W
ziPS5uu#Ol5iAooOP~&&ceFeMS^V9?6ag5K(Pfb&rxNW6*#;wBF9N!k92V_nTtajYh
zTg6GUU9lpGydN5tnkauUX{Fi@)OWy`8;wCp%xze=W0)<&M~@jXv&~!k^>aGx%@{(T
z{c4#${TDk{j1O()sBr&shYA6fV&sRS*2rIIBzIA=+O%cBRZf>E`94T7tFM<z2cN!<
zVh4lppT`Kt2^y6iBF|dQt;=zJi9H^lgnz1RQiPr*s?Iyys3-qoCy!>i#-4IfuQ@5G
zVJydMD_-b3{Oso;P<jKKH6oZtw#1iexmDTbnMJwuP?FKXwB?I+g|Is-3<q9ur+7k!
zVpsmeFB{*YyBJr4W3p)|r=&_Kp&sRY{q+h4*jl5}FL>0YV&+Qe6ipb0^F9oxl36F2
zk(3wbI*D?L`1jMkWD)EBm}5G3ZPx|qCx(FEUPWVP=JGTR>D75wsn2^~3)*|@NVZ28
zjp^WpT<EJMjlPp>)I`~ae%fT3nWe-5{{YXys}TEg1g{y&(8UySoHNseG`as58``Vg
zpaX;kXSy^t6Y#c8o9!4UYDDsn$+1OLpk&g6tvvSvu$B7{0y`Kv|9S8|wE3rIvj;GQ
zzj~`rgT@ni(rk+ldo3g;un#BAwU)i!dr5kWnjqGo)zTJ^AHDrfu%Aa|bt=ejzPikS
zwH~Pea&X8Dt%>4=4!p+Dh&D;%v8<w)lSx`yLeC!4;|{CZe%~PIl<es&mfz?+v!9+4
zp-<T!We^`=X|hqcpgz1%MzM%ho|gI})~n|&c7pqCXHXq2ogQV*=z%7J@49=eWrDtS
z8tU^4Q+2i%Ma$1GjLa(H*qSx8bCn(0@q*2TCTV0!(vpOXnPyaeA)3wU$R{j3AD)SV
z6?p~>>0s1l(V>@qDLQb5?<Yh0C7<Yj?!R)=7$Zsw8G@aJPXOX*Y_LOlWor1NMiC%r
zk?3WkkIO2#+vv0y-S2UU>!C9~2)5f30?6=x`=`*JKXdSV22`eIde<({IH<#IKA_TI
z#WF8<IlDLC9qz1gF?fMGiFBS{;da(kg;(<wd&4Uur}47qE5Hu?nD#zEyCB3>(L0Ed
z2F=|N2#44Z=rEqyas9b~KykQVD90^7Uuj&Z_@<|x!b5CfmfWNBS)d&uCo)KIulVt(
z$tyLP=PuDAdUiOwKW6RNit<aAG!U;T<Ovc@ke7AJC_x;r3e}yhJ=z8uSng%NY<=}-
zyi;3!qG-#-7xZ@W*2VYZx#-wWQslT@)e=b0_|x;xAr*Ht+oEAiS%HFb@D!G65-w5x
z<Lg|g&;z`UEIR_C_g5SK3csdQR-nGVoJ|Gi8!<QQhgTaSdgmI}%-dGQ`7$TkvC0oJ
ze1jutj5UKDe0usZNgf?XEWld?h)<RT>V|P8Boy?30j8!~BXWGCmv=?z=@jGjM(+X`
z@UA2NiMht%E$5LxeXa|qb1{gKYogh{mK%8bhz_7N{OwQvb2;F*2D|{z^gLQ84q*Mn
z+-D##L}HKE_3`h50l&-5|9j1?0s^v^TGI%FI4KSk>Eii&$7ijJ^MnCzqkr10{y%x@
zupyoGjO(b$6wMmhlQ~HZ9EcKSeBkR_0r>hn+le2tO-rua01)jePMUf|tcLj8VmxZ^
zlF~a$u&1I(AQsuaE!kz0YtQ{)3J!A>#k7huR1kMzpQ-`|%r)@8;51TzF;9~z;3tsx
zsj-?OW+IUVm_`%ET7gmvsSjTFuB)F>qN!gfwDasqEY8O~r65@C;^YehD<%UZ>iYX;
z45k4C*Ze^_Oa}3xGy6upV{6gVCk_wqdMGCG;2;0DhsTDqKl_#36>ESr;j7oQ`0xPv
zH~uRpQl4j^(X$^@;*9o<iCrt~gqC^m<(e-$RS=^2yHKz#z|R&jzgqx&sYk#5=}VfE
zt_F)Fy>!RFgNpQA>%mo5@?MZy<+^+LrjCQ&ZyDy%5WGJ2HbCG4?*0_;UyM)iZRxJ;
z5|wA5hRT~~VckDb_ORL~*>!O@{Tx}hyx4)%AP{faIgr-zsFvWr^o3{u&aRCRJY9_4
zey(%a?)OK!TEH-nT7Y@z^()99+o*PlKEt(a(D7hqdI&+mgIJdtDAu~v_fI9769!#n
z=QWFdNQa)g6JF}Tb2Tnr^T)<`p0>FXK0g~oN)x}NdWiA)6!2%Z!=ESbr4b^+8Y|Oh
zz;`qM^v=1yRs%AvJe{5ZwVMb3`Oa~?bBi8PAok@LBo0g!^FK%SLAjj&B$NMh8GX1o
z4y3yMO}8H|%2WJvUjr`kr~W_v(50`DWTCG0k)Jin6T3o5qd%WI(sJ&g$4;*U3D+Zm
z?qgNo+}>;TU%7h4)GtXOqW~-a-?sshcdKopZ{J#dFAcPDMli2lF9@2q05V{Lw}gR;
z#wOs@Z>Cm`UL{;98^qzZ%_*%ZkoD~hDU)|&`s~hyCmDjMjM6DiroTEer3(tf+{$Dd
zLV*ljkK+`pKPq9!M`nBnnGxF4Wn|GM^eY;05&oLy-aE&Kv{}trp=@9maLW)#g<5_%
z2l6QiQ2ueu{)8(rU2BI0oApGe?&lz^$vQCWWdagVfQs@Hw=4hR+(O`FOEa2#bYaOp
zo$@X#q7MV`q^FZtG!pecrM0A(|L|2g@gpX_5Kxz1kGndwzMsr2AO8=2F@HxlNiFQk
za}6gZnMw2EkE==VMSfl%+5K~lxSbZ<cZ+57#>|*C0K%*IMVuN$T<itG^u1REMr=Xz
z<3N1un}Ni3eHL@Ec9EZaOH+1b9MPefLq=pzS(De<O_E;%>G&x$p1DQ7@s0fyH=aOs
z4kVvPc@bgejOx+>Run?x93R*su2|u*+^EymY@*u$2C$c{DX6Ekx434m;t>AZY|Dxz
z)aSw^ZxO*5HCHstWXwrCvGscSm@_52OS4LIp>Gjf01^v(|4ntyt+MKE?l1##elh#{
zl<gOjv)?Wxoh%s?dGV;q*pfI&=#O%rw(rskWlY4Vtb7}C*V#(r7vZj01i|>pD#etT
z?IOz%xQpzGjd*D6M^&kwQN_Q`4VlPVrlW8L;}1%S4M9bPUQ4}N=8Mv^eg9;=lI|BA
zWCFhHi^7)L!f0aQ#DS1q;y>300!}&Jt850`z~7Yw^}GD7oe*iFH(C$w7Z)H+qR#uM
z_u+jL{O^cF-o6cE!24c+UBKqfr0QsFlZ5M-MWUk6_?-C{<Lh^$=$d%)=!m(lqXl0I
zCPuhZE>FJkT0?L8rggc}+<Ph)&KE3;n?TazW|O?>r~p&KMN!kjd0*|6%Xz<hgF>-%
zU*Zq(y~VdJtX#Pt3wdTtvix)fYdg^9H`I(Te+`T#C3aB5r;bfnWYMzqhA?&k4yHX=
zA5|zhBIlKxbCT?&Q9fruZp|&o(8);@!D>>oYB?zlzL;KGId4W5t5wo^^urT;Px<@d
zDsFj*-c{z8zG?GVc?0K_nNh7gifA=!yV(N!>H<cnGnGM&1sQV8o9a=8<csJTQwxd7
z@_YkGu-4lWFs!E|wl879v6zE5=F1NwR8rM==!ONR*P35@>tXR1UzLVX<(F}}UoGlC
z>EtP@Ma-#v@cMNK>LibqR@E6Ow2ZZwJXmYXSg@i+l<pnRBL7*@%&a_tz@qCa>0PT9
zi|SHm<=i>$SvDEV)dcNPZ&xx-;yPcpk$b*DPpy$UeqmU!z?SUSO}bdl>DPDptsZe;
zM`&6<kXJA9Oq7AxKp5TYlS^0_S9U^iG6@AX<#x7E+7^Y8+=mFw+ige2tH>)?CU!qX
z->%{8gtMWP8-2dp9M!>r3Mm@lZK~32tl+!0FDb)C6hSm8P6y23d2zax1bp0NnNk}x
zbBDn`WsAx%1)QX}A=V4rwDJ(UD_LzvF#HI7(}Z<i*TQ6~#AfajmRaX?k0ledz5IBn
zq8%aIqE#m(rCLyLeT5Z5`T`Y!-da!rJl|ze&%_v*k;xgXCqRXihv)X{+nFosh!|`I
zDKBtg?wvNO?fs8Q?`52;WrKCR0|#}48s}LKhh=G``gydW#r^d)hr*)|y)H#Wa{*;z
zXkI@VcSH4rI|4~zj}B8%`EGtm9|nBog>8{kIy=r4i28CVioXhSS(-tp1Cz^R47!`<
zswnWqnFJwQ5Vkb$?r(Hl+TGPVv!yCVJBiTLKI0UORF*tYblvyUDm!XNt?T>R@3ON~
zay}Jjf{PK*wFb9s0$wCU_t4~Jqrbx9lss5l+CZD@9%R$BXPx!X=$HNKATzYP9)`jh
zl+4;XOQquc-Nq0Dici~4-tn5|eM?r2NJ$}a>i%|c{7hlGX00EaRuOl~c@DJ>7_MR&
zMFs!a0ZOa1@plwi#O0g$u09qVQ#&NZhG1cxZnKoo*4Jei|L8KI_ocw1=kam?Ve`l)
zFKLf1XdZGpvsYW^ThGM=`<i~eL=3`B+s>z23qhQ!Sxm%n@i})M<6x0c6&5PewPEX4
z0;cvAWP33K)3Va=>d23{*s9jEbZS)D8S!S#DsSo#wW1h^@2~Oqv9F#M6l=;(_r2co
zj3!c62~<pJ%B$KlN>Jk9#+&;=DN+o=-7Q~8$`5Sxh3gGH2$622U9m$b@e)^U9KX^?
zZW~OJ;nXThNxdDzteJ?~$E&l;g`2l|zIk}=Fv_%S7<H&7P>ZUc_YU^ScoMfYFz}TG
z^l@fKss-umwAqUdi}pz{e(u^J#DsCb<up?vSpi5FlX@PXU<&A@i46w!SSnQ1-qEnB
znTDs1OlwGGG}y`1bfCKll7#DJH|kHJl6eeC-O9w*-h7M-7fW^U=0k&n#_sUIlUU@q
z!!wO~s_+<h@&LMtnH@sDy#3{deWr(n;7oCZ_oN_oqZO`c(um~>GG9;%^qK}MdU>6P
zh=>huu8rx12L4v@o#5CHX;LLI2DOMcr&(DTu;y%Umx6hzsNRa(P2Ow~BkIiLXfZ};
z!^-8Z#wL<nFDf>*Y2E}RSX!STo?)vhzTPh$j{^tIY)gUmx#`=3^DlaLg>RA1uvehc
zM+s|Olja3gne_~pb{eisf0F?P;tdQG7<7SS#094)r&KL}5?5;IN7iCus{HUI;ah_A
z1m#nFTNv@tREWY<0(g(g!%{_|ckFyZ=wuL2tZ7M4d_bt)pqeo+{pgTeUDq&=IzbI_
zH1B9vjEi0UwKCP*hpY6@T%o~DWNHxpE1gnfaIQ!pJyue01NwU9ho&i>TI=Dyp2c)x
z$VV~jNjZ^gC>HrT7miYaR4)la%CX6zIc-R1Z!X<%v4b8vyZ`JnP5d|e21zB0wL}=?
zrB2UZlg?CThu0rGsUwq!vpx<kQx)a|cM$ihc&PC4y;G|t=hG@0NKu)k-Z>mKKQj@t
zF`UQCM7;71X_NMAibU(tRr#?Xe?84(m?LAE*W+weiyFkc$1F@(HsDV3=G6z{pa*FD
z%-$CP4fUTF-@(u*|4&@wPbB)QNCJ=Rdp3eVQ@QY5RQQ{C=0hgCJo#UjV&K9jMgi#K
z{vtNtSFcE-ww?l4Vh}S?)l8aReG7aODg03SAw&9a^9Woq_T73Kr*8X<gjkex1mTfu
zP0{eg*SGkUPm;&XUruaH4)&oO+n_#g7Z}k@zyrTTMrPxDTG_dYjN<QGWWf9SuU+Af
zQ8Vo~C}%AHrP_~vAzZ(hn*4T=dT1r!Yj@s8J!hi0fnij?;{KPuh2tPdnD{=Kaz6AR
z=*rzAR|g*}y%#@ue~(*-96aPSsBwIC!&;aP$QCkq61SMeG}u5nkJZp(HC{_8`jOwk
zUPrC@{CJ9HOi0i8&W(YvWAV_ey9_8U6J#?p<#(=RY&Oo>Q7UF?;_7Pfy%uSHxrwPU
z=xN17WQHAj%j$C3LLsVhvh9vtGvj>X$jF#CeQhcXK0r`FrB&!y(ub@Ga{T?fJN0$a
zg8g5I_|yCHp*XJ4^5bKRbENNQBN=1)Di)QT8w^{tgUrr_M|IVXh4Y83mgf+M1Maz*
zU%CnTN)$3?S&ON~sHPLIdb_&2D@T1dPkpUb3b+)Dzok#w!;O@6P1{+QP^dm@s?*5f
ztQuEjL7PZ4FOa*53bBY1Vl8C_Q()X4Xtg^TL@dmG=Vv<k;i3=yo}Ze0Ry94ERyZ`k
z{B=>~>5GjZ+ZZ-`{%TJ2*Rm_xjCczlT37c#JGgi+;MCzzI>EQGP?K&76O-y!;qG34
z>y*n7u!S+Ova&KWGjnpz?Az>%iS1gc)39!ASZu?=L&PixEsQNF8I)1dEj{vPR-_j-
z22%q}ao0*?hSo>?atb6*3~R+zl2a{}qQOj0Hcx}Cl_drqHI7?Wt_sx$-nAJSdxB(a
ztB<AV3MImZw)@nWBEC1aWs>{s;t`~4L|`C~e0`mGnlY=Cu8FNDZq$lch*?NpOj;>4
zXfqnWGc~RsD^NW`gnBJ#3KG;w)xk-YF2(BECvhkx<s%LeVu|_oynMdN;N9HNAWS2}
z7ghUsk^l1D_#J<=u!x1DwR5Uhaa9RtyHVAGO_FY+$kRb3ItF<o_{#m9u6K#dyL?;}
zmLhpJ+ZsKd*Z9hVeG7>AxuZc8$={nVQ0sV6q~>$qbM3F+i1*AC(+N2EU|nE<3%`C9
z%7DJ+!E^HI_k!`vw=EwhuE|v{TC<FAs^|KF44JPCUj-=p1Q_w$oRsv{PpG?Hg|SLh
zR@f6eGG^Cpaw)6)s53%|KBFj8=flJcDjI~8VWy|2y{)9maLs8!$MIC#3b}^~xgh*)
zTUy{C^nyn6=3spb4NWXgHcX`r5wZ83OD#xRoEZ%tH_D)8yPDpd!8w;UC|j^mqK<|j
z<DUlvI|*eZw2mr${B)^A6BK<4K-yub<JFsLWwOZ2h_m)gBkRclj3?>lzXdLD7SM6R
zBy|lb4<UxFl#*c9UYV23Z^!C2r*N5)SrWcsT+2@Vah8}Lq+%pIDyxh}D;5for=T}x
zUiyWcIWT&W7-pqZjVR-@PQ1})=z`ZyrlQ@@myXueD&WvvU*o_YOYgD=+3gX5BOJeX
zTn^yB_LD&$EPXi@9h5P_;wKBv*)=!|o^OYr@Yz5oY`EW(9a32vwbRat!&fc%wymRO
z8AcI_lSo>ZAeLRA;w0i1pf#Sy2-2{2vfC+`DW=Xpk;=<~XDhdo^=AKqpygXAD#Rju
zK*Fh1Badh7c*Hgtx52sNOJv!YuTK=B;`5zTHd1+GT|3qpTzPVWuc%ZB&GTb%n}{k%
z7$ZYG5G^N1iGE?KCNtBR{vzzl#D)s(_KmkowMuW2sjGhr`fre5W1jc7#d?8*YA-^+
z+9u5TEgjanL`j0^OR(Y`l%za@%XzX#?&IjGK8LY*&wSmUG!yCeSNRX-_(qIXF*g-S
z{oQ4$RK3OK=t5DpTTG#;s)G6C0+U>hCoZddQ|dT+y&DR|w%TTsb|2i-6CyBDolPrp
zBrL%8lkScIP-e*iohY{~exp5=Njiyzp6_8^uIaK_A1#BjGgAt3&bQY95`E_nb)dd_
z%(JQ;|LjIt!|9OlwOPWF1@hF$DDA-2ADXLsQRnFm900To36pZ{cL421#NhL;eTKc?
z+dtVM(xwO+5W^3DNr90E{lNkEl&*E?-7ZZFB_gPDT|dc!xzKzA?iOv2ibA9s7)=b}
z?Q>)ugD(kE;trH#2co95R~XZc>A_*bNwG!zle)58jMZ1F#3#%w=(CMxJwt!nz8W2Q
zZ;phRa0uSQwz9$pCI`!98#^<3ds+B&a|sK^7F8S1--#Wx1LFP0S)~*SEj@|M*;y2%
z-<0q7PJP}zR(K_~_PiDR@zdFmbaAFPV!Q{}){MvCuNss!`f8Vc(Bx=r5$jhi<I1S0
z*dtyOLGrGEg!CXx2w!GPBTkvjq->(GzHa|F+5xgBSUT736SGB3oQ{J9umtx{`H-C-
znivNywAR&*{c)+J7Bc6tH!VV=>)u|kms2neCi-+%NbMx$RNHd$ra7j8u;|;W97tEk
z_YZEGpQ{=;gFRAbMF#?8W%kfVjsG=NDKYNK6g@dHwYaHOMj{(aOKU6Z0F>X}2C;os
z<qD_0i|v66sloLAhote{9Qie0t+b=^d3J8{CSa^pL5`0hIgqtpD`0Dzay{^qI%v1@
zqv}d?3Eq|_<LJifjmqrUST4wcyBG5utS%(=VQ`jP5$Tt~hnjAq?%{arz`3=&R2W%K
z45K3dRnuw$<ziYr&_=O=3~AIy%`?2}prll%oEB38Ipxlp=X*E`KgK|^ES@n*M3UxW
z+qFzBh7^Xm)7@l<19GLKVA>P1)-6Y0TzuhNCT5EaEsOqK)uJWYX0Wh9T9v9<y+;~Z
zDR$=Jc^QGQlT}s|0&3Z*Lfw{Z{UlZ9SjHqCKY@%GU74z*>y)QiR~}TSl9i-FdHt&(
zs7bEA=wstYLR_QDg`O(Z-oA}nB`4C+qPb_XT!MkOI_Ijy4ocX@X2MSwKVE+RE5r#z
z-|f((F`?)&pi(FfBPYB%Y&08(l57<<(X#SP40)MZM|4gfHs&j*xab&(1UWh>H0iyY
zE&6CHJ0v|QgVvNoIWhpv6T45v#=x-fUEWkqsOi>l^rSIQX;#&ep&Gc|k)YJpu1{&)
zLeL6ahv1yr%Q*!p#-tP(VS+58iq&fJLs&tn*8@!`QmQY`UnNfF=32OGkdgC8M@LWM
zNh$ssT4}}#wbNK1zJ9Wgsxr)j21zm-Pw+m?@_Op6m+=~!?#Z9wb|hTNqApXyX7_Qn
z&bXg3h@<+v^0{vSw>+Ug5BeTxRt{I(9wQ(bgTM|E#IpBt)VMAqeKj*oKZ>)CL=unN
zYc*~Wm43TW^<eec7){;&`mmQBtXC$g#A-nfPK>x;vbllSjX7v9uLwWb`aU+0ifbQj
zmp<sa>D}M3!~5Sl>Fi6BZeW{UeZf_Uu|Wo1#i-oTx3Itt_!-kmaq+$3od;LzLeZNb
zag%h<5J#tbPo2trD&)ygic8hqP%@XW5lxHniFH_PQ`H(1U#ZN=xqPUih&lu@N^BRL
zx0#ICTkr1D9+A*ne9_>jXu(z<f41_ZlfQ{fKmTLwm}MUMxg^Zh+bf_h+Mne~3ZTk6
zJBMpx79Sq>sn7(^;2i9FgAZ<dXuvksh}C@ZJQw_GmOS(ERK}KlR{QkQC?4@Bug}wa
z`RA|7V{Q`J3-)ye;zXi^@;1j?Cnl8ArA`9oI8az8#nCLy8%}GM#rHb=2N6-&{j`xi
z(ybsbIjRl?6?F;8?(oJSjp7BRF%Gb0W9_p(FRMtOO@E?<(S0R~pr#55V4p|yP&&gJ
z-*gxUJyEr=J}f0AwAx}G-TZX${;wb!faL#gVgE;u-ede<{VQK(4f9!RY*avjXLU33
zS%xYLn6_Ep8zQE5t{2+Y)Qru{YDaJqXbDQAu1nq^KQjLES5>?${m#V1&0Q|fy-N-|
znrSQwS)?o-yZDXC@0y9*iwGA#LR%@B^qZ6k3t1aXtSQih$iZ7BynT;e{Ow@#QkbxB
za2M)T)(>oi3+})@r~4z-S*VX12><#!B2oBx6Kh*zv;2x0)-hJc^46KT@yoKA$-SNa
z)d|#2Yv)1F;wqcrv&q>(#6;J8M%KDtW3x|~q!U}MJPPc^$?<uO){|wrDlk*)b1dJT
z?z<?lP<v2l<i1RFtw;pt>oxIYB{6gJ8dH(_*y`-Cia=uLh7Y2=YbN9y)L5ts%Nw1E
zD4lW@hUIdE@S`RvTbY?u$6kXCjrOrQD=|*I;S%#yb(WsPqhvs~V&X^v66Hzh`nJ(1
z2jP`5MZ;W&@5|9q%=Fjt)qN2J&guribA?F@lJ#9Xm&MMiM`o}yXutF;!UPfx*BfJ=
z9pyZar!3L839M~a)k&pN<>1sq+Pd;G^hdUTI}{QLPMUO!;_f%A?YMBcKdJu>=Zu^l
z;M|0Ylw(z&9ZzDWMs%(~-h@W<wJp@dQV0Xd;zM#<PLDQK6{O^5PSRYir3kZ*SxdFx
zdcVsohmp04^i<O_3{{49+aj2BqL(A~ySQTURxk=@9(W>KWN_xPDCH~&rqm@14i$L7
zV?1>=G*(Wcx~_yJ<pVzBU-&2Ea|`Rfe&x(=Vfdh=$P&pi;rwEXxpU_YhhoXj`Rp0f
zTDacjqiPFG#TmU~YCff2r&FbS<8C^oq&XkY+^qh@Vr8fGC+!phEOMJnY8Y907K|^x
zA=_r{xGKiY9&7HD{2F;V!KC)e((>{W?5-qzao(V<5MnndEE;<}#`*0R#y(r}ez1n6
zNRzTW;-?yfzn;9&-Wll7<YnwaIuxYGyG*7Af>VSFAPTM7z2DhfdaRJ8_foWlC7Hm^
ztftgM8`ZJNTpZHT*~X}Gxlu=7__GxXo}N(>Qx8xQ6_gJw_F0^M8$;Pn!8%ormfrhl
z8?<gGqgXVWDkywAhhui|93C}eT1^5sD`HreK~d|oMSPKpfce3l`T7aaIe4v|;vbm~
zK3))svi_7%fBcrJg9?c-ll-*SU^Pv@i6ewh85t%v=i6lt)Ja8{=PI?p<iGlxLdZf>
zpKNzt7)-8ZlJhM~MC)u1u;lF+o_vI^QJw$n7@8;3hV+?m)%f;)*NCn(z4Aeb<&-Ck
zzndAgGF<tUP_M(M#9y%z_jZVV@!d)M{@zT0g<=<c8;eZ&3x^kov0DTJk!>O-(Tjt#
z#1|jeIcCQ&*{bG|7LFv2I3-KIIxw>1rfNrH0*__G0OGSp2Bv;bO4-{36%m2KxxLP$
zFpAo13QL_52j#;(&!wCvuGD`sV0;)m9QX#-t!ZG&nv~l_Jm{d%jE+AHPuJ1VJVY%j
z{v4#;$}CA+HPJQq8*a3&G2B+E-36xHqNSqchx^y>csW#$?S_cHejQQd%J*@T3B{!+
zV?O_2p392w4Urb0oKATWE4id%46cvnsqslQ>(Ae5+bcGB(Mtr#2`-mjwZgOGB5`?3
z%`4k6BdhTEVU}0JgO_Wh<mH(tu8TZUwNfXWZe|c%bU)QR{ks&+LlViH!y6mHT5|nG
zn~$wtx@+IQ^gGIy7%cCCBE2Zid;EnQBr=viv>jYW(lV7)M2;;7Y)^A@z533Q$_vek
z3v>LXv)PCJE{<FDGAOEYE=7>c0rQW1ni-}%z3;RPKgda^rDtgFu`o}+GdMif;wMu3
z-5<78Oo_YaSOom1H2wmmP2>2}y^Wi^UnF;jvgNqs!yA6ZBE3w1HpX3d+Mj++<cEuV
z=J`UPcC}_k+kw)BS?J8EPrA1dyX0%W7~uWL%yG|L)V8>IVL{ILHnogE%Aj7g3&+Ay
zV*Pe<-JMzsk>&XWCi5dMl)rcWw#4m~;Q5U=%l*iq;IHt-c+FJxh^9%!!`5Gvnu;ct
zKKc&RH<QU|X`+bI@H<hLWT!ERY*jqE&g20Bvcm;a&)97d(b5y*5%Rewpu<A~<Hd|?
zItUE%rR~4Av6Ff|-h^0KHC=z7NIOg8lb?QvagyXYXjgU6MD-4A9;}?9?cpMV&guL4
z>3ejL$yo!tl4`%Td4*F*M%j-&Wx~NBUk>@!<!E%z5TTOC!Ol!C$g!aFOy9#6iyBz#
z2g`$-b%>mp{my>$0|TL|78<$`<((%wS;7yjABKu~%JGo-WTn!Nu^$TMcT*N#r~($Y
zMv=ebrbmH(vO+u;$HgDEQV43=@OK^0tV9vX$ncCG2crB{KOcek{Hi962J4OuHq~t>
zMDwtqu~)b!U%%;J)T6zBCrp?@`Zskzd+gWj(R-&UuuzpzG7w**%?uTKnlX;%^(l(~
z|F&uHzXu-t53*AJ@4o^AaN<90xBu&m%2iw@>aJtechT;mMkdbC?=y4t>TWy>u6}7+
zI-Z9&N$L=LSV+2$&#hc#Mfvej|8}g03B>O7CKk5tlNj3rv9{i(*WtQb{aIv{s_R{t
zuGVa>@*2Dk%jq`3dGrYVKe}c^2_rJuXSIL_yif#bYSTMPyun+3`D+`kL1!vn`7?Wk
zol|BJ`J&!anOlAd9O-=~DVBMSSDWDD+5O&O+l#^Alnw&e#&>mDB3PLr6q~Q5`tpT9
zixzbGfK9bUi>3e3qX@x&YnB6eBw(u1geZ7R$oAk@T=EqsvV|=P>}aJ6MVJtt&zr9<
z0gmuMTVp`Z0Pq*Q_F3St3Gl8CBlL2;Idi%$QHOu@>E(aazZB1_EO+sw=Ei?$uLD5R
z031!!LHn@9YU$Bgy?k5%K*GCknmXnTvo<oJsJl(>w_%bx5U!D(L}uLGeVkYkV_WOo
z)HUjh6ia&P;1dhl@(&WEed^*D(%ZCK#KI_{?vp4!6eEGJmB-FNj)DjI)OqLSoNX4(
zl>8gaH5)o|>BB+?@k`KxVBQ<g)wY#ISuMB2j+HCr$g!5@WUT&~&O@7!UegNB+cAtP
zsoPnuMV3-;yOqAQVXWcBJE3)G_q?q$`RN&wC2?Y7`N}|SfloHZLhIQ^RlnR|FjJ71
z)Ac1s;{9UoY#y(i=^lMr(U0Bq#C^83W_esVpScFl+lU$Oe7Eb!>4?3%*1FxrTSZlJ
zksrp#H+<fbCoT3DE~l+sV^#Edn-}@yo^?QE7|)=N_5H1|Lv-NuU1CWgl}63+Y(U|#
z@!ewaTpA|{=cXxSM^Dp+uEpi<d{AnNH}YC16&8Rf@zQ4TIg30AP#MCr5R89-=EhD}
ztTP#~I&cw!3S*o2JbenO>JP8rM&R@I>G<M3DVti`obX!v`dt6Mb+~>gfG+zfB~OxS
zxbEd01{dr|FDI?R03bYh_MgMlqC8YTpR<Y-13DWzGJ@k}D+pG>N#E{qQ)%JS1V76}
z6>2|&l!y~u6e@K&VOb6ye=i{8xO(d(t18p%R|R+m3Yp?ORKD(-<d&kd%+x2CSbI(e
z@%6}w$uJvwnHO5jyjtir-^duVC@zpNu&rigF3-SvIug)2Ixa7>&$s2wDZ9MPy_Z%Q
zF%p2G+R{jCQgiR^WPZ$ZdRqIE-)M@rw#B<&d&u*CzHoY7#K-t*6=TXaP#xwME63a5
zy;_5f>vMLvuvftAkcH|~LZI4;)b1CX)V#4We7!j|AUAYR74K8$c=Ii>9My*2$8!UA
zrh7+=b*QZ~=h*dyDs3QSeI2)@U>}^B0Ze}^jI8`Rq&4fBt@x^1kaca9-n*Wfs`~gk
z^z_stiLp5oiH9!h5j{Mr@a{&77A7Kr_Z4KKl(1(W(3~PUT^?t}4f2hB4<%)h5khI8
zTCv<nmk%xL<^<DgqdP*+5>}hW_ZA`FcvBcU&s0n9=Q|h)e7sEV#)J2+?sjfH%+-Y7
zCHoj0Hy~s_KQ=!cA;%{UU#coyUzSJawpYf49(pY5c$K<|;XiL(5_LRo(1o7N6kw?G
za`<fa>Qcqn36A@SoDbW&grzeK#;1Cgcquy1%u9uM6lKxF2OVGm!Fd0%(A7<B`T3`D
zG>imTO)l7MnV-+>sgWfcBACn#k(a9`i9~7p=o{oONNx;JwU2p^Se%p^Vxk{Qs9=14
zfoy~um4XCvn9(0e<}&K*|7hgAHPnL^l(vB#y}r!KEi$A%#zjwXtHgw{8ZSavk<60j
z=^~rs>F#mTu`&g2!BpAWsPMw|?IBH_-IbzZ?wx;e+c{iH+A@LEA$;3cH*3<GdfQxk
zJ$TbS$QAC5J$AxvBP9G(SqK&~wQzm2$$a4vUvf}qr)xwem5!Yg($w5?w|dfjBIaGE
z0QXjS#KeIvGM*_=*6xJfEJQNJ8avwO_682p1<MJLGg@mC@>eQ4pgKUiuq)CUesS``
znJPk*II5jOVs-^o;RqE;vLXfimB{}Fg*|Le`$FgT6)OiA3HDscd*i(oHQ`zl=6k4X
z6@JQQbVyvL2u;zN>!D{uT8@RhDzPrI30f7eK|{ATV1-#Ot3|vhw4V0TnAXGwlT&Gz
z(Pnk1K&}!KDAMZe23wVn-Tv%y9Vk3Ju#8<<&@d;Z{b6}CZfJV`#n#6)kjF;K$@P5a
zI?S~78v6uUz42z8Ua6$8x9%k&^WjVA*oXT@$D291@HHi^gUsN#8VaL6yp$WHnW%7H
zQklzLUAE@iyNE{rHHwQFgwiYDOcZ;hDkO(^%aaqd(D?vR^>)Q<@A(LJKWydIqenge
zv2i<eXQIw0u3^2D(CgZ_s;Cr?t8v=*laA5uT3R*M-^82lE$MIvvvPa8n_D;Wl>svF
z<?VP<e)hFgo7)!<CcER5Y7nmxUmLD>!+p*T$9%|>TKXwZ*lFZi?xRD-FGgKDP{sRp
zdcNfQ6VRQ(<JOk+0o~bXnG+TpA%dbUu{W=^t}_<;j@7SA8l{DdNY0z8FNf22O`QfS
zuNi3`I=BM=<jLchMO$x2<;A(kB^KSXDoet)kpOI$mU1CJ`cU55R4e>jRZmljM?ZZK
z{<GM*(7=ce#nGbe&+OpOI{fF1=F`5+s%Q5nb6>oh9U~p(JGp4kzUW1|^$(JSeL}c8
zLZmRYrNCh@|8bTgt7IVEqB-VmCZaO<1Lf8~*B#`qX2B*pCMw?MmOm|KJydL}4;7ey
zO=P-c@q%h&&7hfzuz*N)oo+ME))kdVP5bJEP|k?t4t8eA5rj!uyvbWsy&F%^59iMm
z6kB68kgoBnR|l%PZulJf&8xB-uSX2MXFpu!VD7f5<#NAIyRML+AY)^e_@2kqCO_hH
ziUJ{L3st)P(WYT}kxlM<_X9uK7T3nQeBCbl!_kQX`sRC&lL(QsIRwSYrIB`z6W`|)
zF!}K~->vrcQu;YJQrm_IxjFd}1UKy7H2Q<UTLiZF`#WGe*{DNxvEg<vR}W|;g)M#c
z)*<kcpAb*8vv1<K*I}iKqOgDRi2pB#0WNGWab0)?h^8e7%fU9$(+w&h4;@0Hs3eVa
z-~AHy%t(!X!K})(vRm*ANJI5-<jvbOH8t#5)&9bz$r#GvLX8>@mB=ZBm+t$C_4Sp+
zZXTkd45-RELKV7&oXp=T19`1ps@RUN-NK!2u5)|ZUCfG{eGS1i=%RMH@>FkOAZ~yx
z*8~7Ne3FY!!i9j*2*SmB(#bmZPAkG!=mcs&65nF&4>OZJ|HH=1+YK_e8ehr#v8F|Y
z@F*7{PrCzHru$AdwimmD&SrG;H=zgH=*mJ4_%OBBTd1^$O;?MfDheyL`BYF@0{+R|
zmXLy`??^xk%q2SBCEK=2JPVbP^cdBRD~M8xwdE)kn?8v5(zd|W94c^R^uZ&q*ZQ=1
zLe=}9a#-`)>yvg6)BHU8WIqd>tuy+r7{VQry%1mN&{FpyMQXAD!0Pu`-#~yX1O#op
z-S;|LJ*#04B7+@)F<@@a@N7v_<6~@(9}&I$_ksn4U>sN6S`sb*hcF;?nf5<w{ofmT
z@xKmw2STKP!^i)ecobk%kngXCef|UKgMGgH0Ay+dEz=K2pbuj{<ipmDm8mkMuuqZO
zzvJ?5*3It)4yR08?hixmZ@O<9kbxhfy=ys3=W&IC*=vr6K&+8lPepToN6I+d`gr?5
zckkys01C6=rhAWzbX2rguU;8CIq!dGPj_p)Oa8|#s~>MjZu`fYFQ?uDzx$xmc{NZi
zh$@(g`X=!qJm;Zx%+rq`e3O0%t9fWE2l0Qt54hu%{e=|tG0E6NyxBvmy(atDfB${&
z+%3A-&mJfcV)?rrcn9(789l@m{cbKT!h{Tr4<S9jTZ8WZe(nFC26<qp*yj(qFwlAs
zleq^a0HD+~fI1`1Md|+d*a6rYzezJWJm~48M??gG_828aBK`5@F<=TJ8T+R7$EQGq
z2LUo!1Ck+t#?KAdlX{p*u>bgS1y~(Lb8+ha`1BCW#=tn(0~~FD_Q~~sg;&na_ZDwI
zB{>Wq*9;$Y59`LZJVcT$NjUpx=XlkGp$ahSZU?FRu-u)^Lop+V3zAK|T!>KB9Db<C
zHtRO1xti7dv@|VCey?o!(B(TWv^+as+VoDI)O)1?8<Z4nHyhSQ@;^pp9%WcXvwP=S
zY)yBjr`b=eS;NhQ*L8Jkt3B^j4tVv-R{Pjw9s&wpLbI`oHUYgHAxEuTjh@e~nkCEB
zlZMdi-7$5H^kV6$wKS4z3)A>YcOIWchh;?t^}~iuNS~@03VB^h<N5SmTAiDYD8f$s
zJ(((i|M}jjV7GWcSBgalo#4(ry&G&Njq7rGZ3C~dQJU|)n_|z#sxwh*hQhw#QSx4j
z-~=)fr*vaH@Zx^TA33#a?`Z~#L-gA&k9Q5gzb3gxB}^Q8F@f1PL_XmTYCdzivf|9*
zkmqCd;d_JT>b;*YeR6j#Rtm>A<!^OGGbBv-V&na6z#l@QxdG|xy<M^W0TQ_V%&XJv
zy01Ny5S)cdO|c#?vGjE0)6;8|bZu5$hT-&u`pfOlUe5Q_tJ^o_a`X$>NW&Z9!H3UJ
zV~P84-F)uVkG+mBecxX#sWSSX8e95Y%yClJTP&8Zn`S0l_xE#J2V;7<W)j1l=GokR
z=XC{-ASfU37q=X5wcjEkgs1RWc0Z{Get`pr!`*Cmd3NGO(Fn4An88M=6t~OO$yfGt
z&4+8ru+SDXOV*>C;~NDQxes|ty*Tb4k*aKXJ)0dI7OxKp6Ley!4LI!-(#jBAy=4ZT
zo$q6qBekK*f){!JHRn_{Lw$U_*He2jP?x*N+q1QbN4H*fP{G~&8zUoKYgpW6zxPaG
zNHM~|xOUzv^&S7{)0*)KI0X7Rm;02%VM0Y!{OmwmoTmQI(ZwM<ZGMqY(}zNSY-si@
zdE?G;Hnf12kGm>0>nrLdhvUNc>2D&nH&q(m^ETg4JU)ga_d_)}^>5#<XuCgfWAza(
z>Noi!k%<~^tCN6@MCfzMaK$e|*sNCPt$+N~S)k);mWt}wY5xX0B;7Mt2wpXuerM}T
z7^7B8<7f#uocC(wJj?2O!ts<(CbhiAG{KTk*k)5@O$-EGF4Zkf*S$%md4GJ9G<UZ&
zRIu$<-k&yHLeMg&C=g;`bfkZmcxgLHS-}*Ng}O2}<G=3aMq})w8I)eEqa^fRVE;W+
zLfRBzf{<;PujoGY9nNUh$<j#30Sg^*0iIQW*aD#fWi(@yJ{8+``Fl1pA<l@tg7dS=
z>mozCJDq`<vGqz$u%DQ+2xhJW<8`!i3){m~61Q<->+q7x{e%{1=_Tp;SkZ%Z(FU2{
zaa`97btt_%>5xhl!f!g)N-v<u`$na9ba%b-l39X_k(hOB>_by&NqR|95bx`(Q!aOb
zyFIf2!coUslJ2nJ?axEXs_SahJlkBL{ky`%Y*LC(Am_7_kq`-YN7e?~KbF!45vQZ&
zvV`XA{KYG=us%NLs@nVPM$Oin&l9<wjdIe*okJw)!K9!|0l86QZXpU4-B-Sb{k<2y
zFvp=1lG^(Tfm8dW`@3j^>&h#+&djToiu(#{;inzg0pe8T!8?{)$A)LhpnLFBm?c%X
zO=Sx5Zeh|PjkX{RZdZv_v!)$`!2RUD7rN4IVB@pVrCrGp#G9gabI{ttcIUQ=QEpY@
z_h#<a{%qv%e&G`Aq67cB#QT=tig}9N)6*N!lkPM6wUdHm`rsPV{1-H7Elys;LDbzo
zH|@c^jet#{v60+hJv<bFI$-oy``B!>!PQ)-hfkAhg{#b-a!VuR42SbF<1YO?c&}<L
zBM_ycUXGX-AE#iq-vU}FK@;}5`Kz#z3a&&m%oz3X{zr~z<Qpvs-Px<Ykag&1?>krH
zPD<%qTn;<NIxo?<RIL#vAEy>7p>Hn~_r^4-shnO(t}APfv(V}oW!zPH0IJyXCc7fv
z6g<XqOP?`Udl*>%Q`C6l0v?b7e&Kw_MX0CfVtIz_u<zJ2peT|FCd^1v4xnB4*zvsE
zzKL9e8F~%cV+n}oB01Q)HNO`hqIa%#SI*(#zKv}RyV|NUb)O%XTc<-)yhEZM8XQ59
zpb=L7z=JS>{E;I_Q86*JB)23uDS^A`y(t%GB#%Tn*fP(BoN@NkzZSiYTb15li}d8A
z8T7Bv3Zgy<o_J-fBvD!Ax1*j&2_F{F<uU|???{uX+ryZ&%Vr7<;biYXZ)=ubeppV{
zQRb)(Me{knQjr)?jfOQ>A~8&qflgpuo;d_u$#?as1CGeOp{O%gjy2KLh)&Q}VZ2G%
zUb*<DYYJ#{bcoj>N(e<fc4tK}(QE7BUx_IiZkOwc)Q73&i`o)dsP2oMhu*IWl;FlI
z-yLYzQ=yMLbu15abqiruqGkQ`6bbPjyVu#GlST>NVkjNnmxJ5hQM7EBW=DU{)YEFb
zA~s}lT-tt@wS0Y<;*?q4+sXdqIFd$=;ATd(CN0+kLGfy0s14QpNZ{qkS~_*CmUqb$
z67wq?>j&L55K0*^+H5;PAo);^MPV&6_N<9?C}J&fe7QYfLM2r#ZEQYX4pmAvLrGe2
zy$FfJYKR8T!B)VXDi<SPxw5uMh``jAw*L(3xeEzyd@{-4z+RU-Apl2cB+ft8{|o_&
zypU_50!}SdJNq>;oM%6}8~X#K>Hn`85xy^9zo(mP@n|C73_JksmNGSc;}=0cOU1J>
z2&(df!S|JTF;uFXVmD<{#}7-91Y_u8YBry@b`T7pE|uEt``vukq5+rX*YA;#1n~}}
z!$9gfcXl@GX;&HVVMm!Qu+zG|jgY~tmzrU`b8~NQE}I%}mXpsZB$C7!e?@3t+ii`O
zn!`vjw975y=OZM)-eHq<a_aR8yuvqfPVcx=iYN}wxrJ1rO7L;w7*XpqpFGa2^7?!f
z-qH|K5a7<gE$%QY${wq_&wN8v&yP)n!QL~tprcd#faO-&ION_!;^&|iLw-?;)K$6O
zk{>HSd6}xNb=<9q)ZK1XX`Vd$sEroMwL5Am>0aqPx@KZ4J9SnlOAQ3rUsH&N$);l_
zHf(Bc`>l$kN)riZMHRf=S*%&J)h7-en4%pij5rn0sO9&GkXp^I8MXQsHnfS{gy~SZ
zyrq5r!h+LBN%q$-Vb<X^o)liuHi@FL7Tp8g*NWn9iLpH4G&fm;o5r=V+!y*9JZmaO
zAcrgSR!2f%@`@@LIeL)Av`YGQMxow3@{&*bR__hP;yEkpUG2g+h6kqI`#|28Hgxy5
z9kD!P)Gp~LHb$R6v7vdPIp4zOVlQ};v9FSuQN1}&65UBVg05ixEXvVsmV{}gDLf1-
zE!fJQnwraaBles(L|kMX?=$5ZZPl(7KUcvn1+9%1d5;f8&ws$t`&p5tmkRS<_ss8Q
zW1Ll$SRA=kJDg|W)h;XPR4JPnNawX8oE>Hag`4(-nyg8+RXwaSfzRw2qq!C_U&~+&
zAc)DO%~4FPOW*&5R2oF{dQBoaQpnc{j^ntvkJ6vSP+YpRrK)&kdN(PdhQCa)-EJUo
z%CRzv<sKI%Z%EP9Q|>7UR<6Awitm!J&4B=Jp$9-c&ls-he9YFw=VsS;0)?`i1r#3o
zPywc<6t`gGI#Wj7DP5E(qZb=Da8yNnrp^=o&Wc}iFT+)QwAb259f)yUH$|4-(ZkjW
zAc~Hdg~-=N_UD*ylIG&S*V_r|vX*nwe$11ZVvk4P5~E6~t$tshNd!AG(h)_oi1(hq
z+?^^_Hd-DOA(S>Fk#RirRcrQMrN2@T1*XlZeco1T<o2#Usk+}V22Za%J-X}mL4LFA
zd^{UpR$wZ`)v1XP_-!NAj2}hGeYFd5{BJuwy*=z+s^awd_WQPKiRZ;ySg+4#nKC`*
z#HyB{pI5~?>h+(Vw!8G83Fx^WvjZz__ikO~HTAJ_t;CV=q=cnk@4t^#18rQ{@LF(r
z*gwgIYBs(THvdz$Qc-x!t0lIuF4IK4_Loq~*Dn^8x0dRMpA%O)f0*S{h|ZsL+_jUI
z-7i!$khj}i`t8JW@voM1_jy=`7uwGDsQ0_fI&)Rmte0#nYkk*+h2A;zm3^m)UzPUR
zGDsKZUD*WxzxH$X$bNq?@nv>ZQ0Sj?-GArLyW(FhI=RkRR#@d>dr22K^xupBJ#%Wx
zL}2TF*VmlQ_P3stvYtFDX7;M6>g&QaZ#GW*6;>Sa*DJm`b>U{tJ*<i=UEO{iE!<xk
zGF5oTyZgH*K5X5$DZ&5qxdkuIb>Ekt7yf?sj|X?Y$Jc+Z-SmETr(I6Y7ybHqSJO8X
z#j-1J+2r!~Uhf5K{WDwnzfDgS$~h5XX}M_Iompa;rQxf-%UTDf-JE#s;-;|h<*6DT
z%Ilv5A5=25*|a_*`{~B2zb#d}KYu=ca`v3L<-Qto?y|nDHhpq2sQK4R-Hk_O_J1*z
z*cno{RrQsd;_Fjv6Q@_s*|_FJtIGNm16i9}QTrzBnK=c#f5@ey6gVP3OO4~pSKep4
zIBN5o&nWz^`8UI^U--AI-LkrmXGD|cw|9rQFPnb3zvR{v6<_<Zb8mjVxps83`<a?$
z304c5`NKSSZF_a9=ZkCxdw<*%{;gL|`h=D=mOcE{93!Q^cWRn7q{ms_Uhr>4O-RS(
zxr;;>rLB5-{{HIApZe!Z-txN`|L4)E>a*6*3}^h>D;<C5<?E~E4H9ndn-Z0huiyTc
z1<Ilf8j{egq-fS{w_>&Ax4AKff~{u*&EsU|#7*s-fBN);y|?8a_!j-Y!&%vW^saq;
zP7cpI-~`oVn~G1eihXstQSnmC*RQ<2|7ap80Wt(cL0fvxBChgRmim0E`mD<?Fb~*2
z<6ohD{eJlN>NEGBA8MC<?E3#(uX6emSux;X=BMq&_vimVzW(HEhx@!Iot@4e{GOi#
o?u7q%-#pa2(qs%6a7#=7m#_P&TG-jLUKJFop00i_>zopr0Fapoo&W#<

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/readme_screenshots/fullscreen-domainmanage.png b/docs/wiki/images/readme_screenshots/fullscreen-domainmanage.png
new file mode 100644
index 0000000000000000000000000000000000000000..998bf9e4f8dc977c0b55cb1c363bcca39eaadb2d
GIT binary patch
literal 61219
zcmdSBXH=70*EXsmpdv)J3J5~P#+HsWX+cCqq$*8XA|N2W6Iv1#0Tn5V^d{0v2#OF|
zh;)=r=vAbK7D_@O^~-*@`+N5Do%836aekbWF%rgF;a*v5-fPY^uWQbEzcx11;XWaF
z;?SW(+`9K}KRk4Z9dYQ;k)2~l{_0VYy~g@;*zcjvtwZI#=kct@QD-d!twV=C$8pi@
z*jer4-uEp14jtlY`RjeS!>i~Ct5d-L&Le*lFDHMfov-5|Z#x%He`!xg{|gGzveGK<
z@^HgLhc-Xx-qtb=0<UKtzj?-So+(A3{%F{_)pi<S{Di%U?e@_-w@<6f4i3FV5AFQ;
zfR6uTHz>FJgdXz@_#EXl?2<uGf&x)d5v4E6E~8*;&~%B>C*QHTUa3~e_2q^dmEMpY
z26c9FcFtZN9}jL+mp5sb4-|gMlh^kPDEji$tz)bY)uemCkKy0HKK`rmSI;Uxp3Pr2
zmG9*5wlV!8>>1Bh+>3v%D1qbw`kS6u$^IVU7Acx|ST#kTEAsCVZxzAcfo^gpxHSE4
z9~+h#<Xm}tT}t48e(~0^9LgQaAz}RjcJ1FkYKr}TeG<qC=WRePXuR%M;VcihhS8@P
z2h@Pm=rh{5KaygCowe>woxlRn*SktB|9d&EgYUQ+L&)I=*<p;fJ-Q}AlR=G(GGfje
zaVFETiUhIlIM{L(x=_a;T}d@;(|*aU<m`V-Ob~~dW8T5=o&Mvx_tX7~cQTlrRck^w
z<HGjF%ecb!s|}Q;Nw0>3kqmTUqr4lf%;lX|+sn96sk%Putel&1&VS2d=sjKYkuv;O
zN`I3UokHRk5)@HiXk%z!<ami4a_hg>*Ql)?_JT&?eiP!dp7&Y?qhz-)l+Y{|2izH~
z;f4J&mtT93p8p;chA@LXeI3OfoLs5-$g{dZ@Wc2LEsC8Vt|{+a{Jq&_w5^ukDDr-R
zkcBV3!N-0b06dRPg)(_H3oEuBFzAz<*LhMJ`roJ__M=1bknw~u%Ou;doR1Y17j{Df
z>yQkBQm`^T;?g>?Q1pNA6=V55y)l7ZRMERjw~o-L9Pv!b0hBOMYOM@}0wAM-b$1Qw
zhFr!zYndn;0h!+pvvKYb)Ko9-4}Z^HmJaixP`4Ymi@PUG7flR+L7Na;_lZ=Ch&$s>
z+7#nQL4<F2=l%8YEt_B0BBz>;4x-VD&mIL|(+PTqpZw0+lD{|GFkwO2;VR}2-s}CE
z6$mUG7N%C^HQJz+t3(p2LeA!e?gn~F)sOgXmks5Gl13V(!Qpj#C%4w7L#Ni56en^P
zidpYCmBG%MM*fMxsOIK|S-=;W;8m;1CED6D_dL&KJR7&*+j-vZ!6@Ah!p>>Q?Unt&
z?T9yxRH{bZRz&)Oq7vV9LIJ?_{r}d8BJL<AH35%nzY_<Oll?Z@m1|PUFQ`-sMta1o
z)^YTOqMzak!-WQg-^{09lzt^jOm?GQtbJ>rZmB2noTL3J0$^<pW;$N`K#-Z$Au^SQ
zq(^o5@P(r<`x7~__4n#p&qIBe1^CQgCshXzjbg)~b6}9B?H_z8d4MOB8HKqkP7-pG
z#n_<D=|um}4<Jkm4)W{it1jo4{Nlk|--N%c^bnG=RJ0jPyBV?dBYgfNL{YJ535z?M
zo{kXq-*zA$IophsL&XFy=I1ogVRcaV;d1zf`LH;&*s==RqDr5r#xIPNW>TLyd9qFT
zui`55%kPJm_l=Ot21^jQSWEzjUeJ@V-TN!9aXj@il{^IpZaf(&`y<<m@-3KgM3c@K
zZi{@~g*ceo(V%O?@8;kYc@0ID3-yv90S{K{)?{cG%S4mbl1?+~ZbykqYE&$dCx4v)
z;t5kU(G5-?U3|4IW%GJ=q<Woq7>cG;=%W#QpV5{;yNx4ieF^@8Z^2|YE{(R=$|=WX
zhcQ<<BVYS^_T_GOkaqL*M{EjYRCl8V0tKc$Xq^CplheAAF0ck!x25_0dIY-)e{X|G
zy3%rTLj#reK_{5M599eL=X)x@&h_utNBiRLcQsxBV_ujh=oU|y6tGLY`DZt-2=D|s
z2M@_&XTTd)3T3z)Eh*b@D@+z@9OaYQSdO$tZ$8K^E)TgBx11JOI@?{T8=XZ;-zysW
zXkFW0Cm2&t+*-wKB{&L^pSbs^lg2kqWZ<>gmX+*AQ&J6x-AhiNGGVTGHesE|0@QCE
zM_W;SkW+q~*Mfg3^6oQ~Ff&bPT1ZWnY@FSd&{~FyhQ!>n?f|}fnp5sUFL=w7rPD!W
zyEOBYT&>VE@)0@*zuK2GCJd4ltiOxdn?DR<?iqyw48<wzGW&|hUTbq`9K0~Pc)4qR
zLDQF!na&yO%=F*(gwN$>V8@7Bh-|}J@3}!h;f`-jPcJoE(lTDV(57eZ{&0|0R4~OG
z`>cF{GMpXj46Nyn<NQpzc*f|@|JV&So>bz*N<~&<R(U{)`TFMI<EQA6aJA}{;qrN|
zp3o1dNqp)mG8;Ki;vQpucI_)_vch`4pl&%W#LV-T?Py!QMISu+v?ip=ksQUO&t?#e
z8XC9%taRdX)r7@stuJmeUSkv4@KV{Tw?dY3m9o^N8P~u!GM^K?aGP{P%FwB!#-4>f
znZZ8pM>bAk;cu|LM=a-La_zsLsEqJ$@os+cWYRYlc>Zj<lFPgnMHvx6Y;y06OaYyF
z!Y~ROZb^6RY)?TgxV5lfV&5Um)_aSF4&N2x<k`yA^n{DG^3ibhnq>--7kFa#B_?Hk
zMNP*}CJ>(|8Kns{9Se?G$lzr(Cq>HJcjGuWi$zI4rSCL#Xf&Up{^yh)dM0x>?kx{l
zL~v|6f7=h_iTw0}8c1HZD7=IH5}?s#>SkMTzw)|Snx;ulepru^;u_Rtpe|XD3hJxc
z#8r6AW^H01skFVXi$eUgAoYVsn-dTjIk)PM@u2m|pek8SGSnwzZ@gJYY>#%sU2m^X
zS)?Bf#FK3?H)7JM1K9v#Z8G^74w!Kx<67enbF+BR6fXhT1WiBACo|PKYwL?wnJYW7
z31H-0<@dRq>AdrvZOV~%|LIN2qepX><>G$wC6%#^i@49Z1pJ-*z(yl$KTCn>o7B}L
z^FJssY0Z&mqD)k&TVA2Vqw7R|>9E?c-u{hcBlUOS(D&&V;i^rUHf0WJAc4p?#<fP5
zuU+wZ7Jj4c7R8$^=CaU)G_m>CcwOqzgN)$Ae;X_RlN~Puh2-<7oyMpcOr7G!%Jf&g
z$BX=7*~PPk-Metd67=F=lvAIn$AiX@bgMq7=jQ6#pi0Gqj&FvU6yn+dVKKQ-@)31@
zX4hhO^XvjWv#)IY#jmj_I~`KH)+tV}Ma_n)41M*Wjn3Eda=My4lfEkGimi1!RdTK-
z&^xDP+b$Xb&Z2(Y@&uRJc~l=L;G%w?y*ldD$2?@R-wWAtE#rm}?YSOBqD$J?aG_De
zX}Qg*Mb0z*GpHct`{iPi?MIV3ReI@}vlSi)$Mg*B<7+ogncV~C<qB;wK8T{<181hw
zGlQptg1Mfn)e_Pq+f(*34<bbNJKF`$Z$0mt2DUz2RK#wE<FEQ;cjg@}D*%KAyxLj&
ziZ4ku634wb%W}&85myVRzktY8F~T@Ia++iG>6~q;?x?eCZBj8VAD-JgyjG`SGMpF-
zD;jLDLhf-3g(&#p#|Nc8IvX+P4j;b6aa1NqW^O7%69|IS0QvDO`^4=GzHF;*z5lb*
zP<4B4O6R@LsRnBGtoRT!I8wa;-x71)j?$Y>xkXo<w^uswN2$7ensbfiXNYA=zuheq
zGxs)WO*aRrHd-9JdJpwzg~<%S2b5<^GPWVtV5ca9zLNzNJ&`z#*3+l;2RXlUe#iRt
zt#SfvgT05h8`MQ3e=1LIy<>lAV4K>LQ6<{s&Bnv1x@CDz!3fy;=ksKVKNDiUCV>QY
zc?=tC&a9#H{^Q)beruvnu(Jm>^m`abdp?)(-zt8Hg4L!;bqzgL^I31L(RG-t@|J*9
zYLBmOh!1aCE!Rr-KvqWTb33-cGr61`+&nx8vAF~;6^k7pD2%rMnZaOl>f!rfL$;eX
z13_xMf90Ig-oGr&q>!yGp};L?vCcfe9fn%@n?cUWcF?Qj%NOo=)0MCj^5-IVuX$$A
z>1ZD-d{7a7M)DDn_#E4QxM@9$-<}LFwoAXWpZF@d<xKCzcTdwA9vK2(jx92#xkkOx
zgQC<%wQmTwjC=;%177&sZ8z4~<L35RD|ef?RA$@v%_%cv*nOxrgdUriMNs#ms97h&
zw%TuE4Y^lGOD8G<HkLG2m3dql&HcR|5aOoX)u6{K6>{<*8~CREX1GqAhz2|(6&B9A
z)A<&e>SZzw>HLT-^G4Y#erqv02T(7MX}_?MI+(TBQ#n|L?=<Iprf_Si$}w;LbcI@4
z-rSjIkXFwIe89Q<A0Fv#_%0~I*XEV_<rZ$1Q#BTl@KRLZBJF;XV2AyJtvY%0{^rp)
z`D(ND#gZF)&(D!X6S0A8ep;M{bCH?N&I_ocK3BEtP9o~woGt*|*gf*MAGjh=$No~;
zeX!W6{xC9>8&O_mMCZ%uu?gU|-V5_s=uBmUaVV5bR^3e;IV(XddoYXz_h|L3MFl*S
zo2uM>)rh$i6-W7*kZ4(JLEu-f3EV}Iuo=!H?piLCn>rc`*%-<N0?lg*C$F=~zeI<J
zjs1ejsi77@Lr*BDLXF>^T_6NExd>d*;w{g5dL8`D+wti9jfk~zf;5D`Zs&5k&Lach
zlg{MZmzP+6T&4Fh38VSk!<PGMj;~4;-^B@>M6b&FECZ%6w|ry$9PaK*VP(KwCQDiT
z_kg$KK{x+~QQ3{QVhx1B21^VN8)QphVX)ZCg3u%~BPum{KysfRLBo66&;A&ZqPka}
zSe!5|9?B1KWO7t#+X_Vm1PXsz1NnCL1Ng+8vTl%;6D88oH0V12dYaVJ_aIu0da}Ri
zE`k9LQr#%ZBJeEF*3~YrvKbTr*3_{enJHe}OPye>kk{tDvy2I&0myzt_MiAMF7!;E
zw4&~nlksOyaCLg5+tuAUNyh*D`T<nNrI_KYC0mx^9{2ql_cito`9L9XZ)eA!2mA=f
zg548hj>q_s`loy6YY=L?rh7*GC&LvpWMR*KBgzhAekP)k0R~|>HD_}W^`Lhc2rXGB
zd#+q+T5Yr#SK=BGdG<$jnQ<d*@x(@{`MN3cA=+yANcynQRJHECQJxmc9?ZeFTMR<S
zW@^&E`W_U*qX$zJOK&IU16micdGB~CQ?wRlv2<MEE~r-2L^kX7Dc2k0&udGX2ie@<
z%9eA_-?Ft!=DxyfGw7kthM5Xeh2f+2l%MD7O)`4RXi<RJ<;AJwlP`iE#X}DUOT4Z?
zzdWWV*2f>MguiZ%xyLOQo(J=$70lgFqO6V2&eZ|_!Oos+1&z#KuXuY@NiNgQ{-ZyW
zF-IZ~pir`lX{Fw@c%ABSL#f4Hk=6Hlr$tZ2QiWpE9KTFghQS(pjS_GOv)g4C&ZLiE
z&AZ{SADr3pYo>85?055#?|;y@;`|tTDTor~zb?G0yv{Ni;MfxzI8*>;lT=Fbc+`co
zYFkSD0WGr{sItmeUF=dUG0mCuQ=}*q^A8oc1jQK+90uVoMaj9DB>o>r^=%`;>twVb
zP(c00g(s~qQ<Mwdasf-+aFsqijRvj(MYabAJB~tTe_EjI4+IyxhLOhQdK<17p<y0>
z7uh1136{qrwAZ?&%)sowDF<V{z1P<Kt3cV0am;S$5`1fh2v{<By+T-=toA`Ak+M;b
z$^#F+nEe1*SFKkXl$fqt6{Z=5rycHD<$gNZ?7VcsNyGK@{{hk~`#6PKIvQwuWoVFY
zN)oZ@YaD~#TQeY2r-+0g&-VzgnoCaRxkgkgN<fQEs+M<$se$+jw;5L_Zt*k!Jyx3k
zVBxHX4YlW!iqH0EU_m+L^lrPGu;B1sP`Pi1RpP`*+0bY6#ZB(4-E-TjyW+zvJn(PA
z1UW&_)Z~GDwVP4{V$ciGwY#&Vz4f6g_(oP{eJF(^G$w903;Ws<-1FaZIraY!D(3&n
z2YH?2SB4%F?rg9|{6hixOa6a=H2S}p>G49qh6YAVKRxm5>KYp-fY)ofj=rCb=%uGt
zZs8KWdSJ@--Fl65Hrx6@2QYii#(xwoha#0q%&F`Z3tK26^GnfZziSf7oBZlQ@ywrd
zm={rGE|Hm9D08KDok^Y^*}tQ=%%E<h%0to>9j0Dxw@^4q8)F!?N|9s8AOE7~$hx>F
zrOoL}?QgBVEQB8bTcs@b#<L(iOahUB&7#WhuIFoX$gHa|I;yh~2ID*Pg-oxWD5j;L
zCNmS!2ZL=+&M)f&)j}saEluveJh{3yF&u6w_VUDk%^ObXAHjrn#%s-KM>SAZ_YoMz
z>i+A~9c}vQXz%ZcM#@$EBvQ9{G8uV5=qSY{g;l{B9TGE^6${g3en}evexNda8Vb%-
zlc!|jbDgm&_Ddh^P(~-Y1;^4YRbKwf8nJ}rMCotGP~8$b8g957lQ+SK>6}N|BTmK%
z$isJpWSDLfrMTrr(oEE6Jy47-?RyzHxlxWxcOf+J?~bg0H!18((eT@xN+q-#hLSU1
z6ZC=d)Sk{%6L6S>)5?d}Ik`GVziu`+a=l#ouO%8%e$G@bub(^J{#IndWE9uY0qy_D
zT5n57Z0HsH_5DWCOJSUMI8F)yuT!c-9hhesJ8Mn6^BgCIafq!~T6Vm-pFTlg8^g*4
zZQWTU$~u0avM?rNyZx0iL}-ulQWSL;0C#y3FI0Z?F!DdZ?d2-E6R&NgNf>x1njm(U
zN96qZQ)9Co9rXz2v#qVIce%M?RCe|#oyPsams<m<quBlT^@yP4#vIQXHnpHV!pZ>3
zVRVL0iHa3aaiZ<}oED1(3MpQ6YJTM+cL|IL7;`%vX&4gR`7)U!?zO;Ji%v(wrI!!?
z&F1n+!B&0^&yy@JF%(^HKfQ-N{G6_R>qSH8YFJnpg}4D!^{;X6Yt#s1qwWExN(mpc
zU>vn|WVgZIdM&O#7Q!BJ`!!Q!naqdOpl}@3i9N6K<lfWA&k)|snfXt*9IkSwtBZyW
z?pGY2k2DBz_|<xix!RB9+-+P9Xp%v5ad`nL@#=6wd}D=i_UC8%2*;KKS~G1|=#v3|
z<dy$0ho?$rFXjO}>OvaMo>p;Ql9&ezF0IX<>qn9Mb8`NoLC>90zwq?2vA6eRVCF>C
z#_Gfmqzi6OTB`2r(~+u0E@7b&FB7WD=xTti+fYEUWufJ6l5iM|N?PMznU(pNY&hCc
z7)nghI^7W!hY0ANjGlqOw)*3odmHyg){`>FpfYcOPW|_OCX>hTMk`Bx5m)>B5976q
zyZ)t#qa(x|1B*BdFi$9JhNzCW!m5`$Crhm#-^}LMIT?!29|-5<tRnQ!<ll+r2*~!b
z#QLOj7=Vj#MYh`f=ys2KWtYint+nMfg;H~jPokAniNdB;ZLu>(sZls|pGqOEZH(4C
z)W<f?faf9U#F4>13s2_U76i@X<Sa#ZKZt*oY;{)iS%ovj8(ul?ucb>lw87#~>;~w5
zq{{$6oP|ZUbAe`n*CyTjW%B4NM^4YQo)>@n8LHLQ1%U8dN1PhvLRPWuJOBXC7GW3_
z*Z1)!LsXQFvL6if9IZ2~TCI|>Kw9Lx)=vaXttmdWECr8p$Pito%d_3YvdwKLYC?v|
z0uOuKp0LO9cR>XoeE0HooV5@PiX<I7MqZzrpC~bC?ULz0R55Z1)$8inRj%`qZC!lW
z-5x|JNx0KJyhm^_>L>Ry7Z;Zi;)=e}L5#W@X`_`LkF_1e4RF1jEHt^g?dMYCy)jCB
zt9LN<cI_P3iz{nq_#WdpyBvU1wPX#fR@iWr3AOLt;;{o2&F#`faL{(Y4F3UC-ZL^3
zMIMZZ;36#tUgk)+mcFtIr&>MwS!%K{j{k6TuDFt=mqH6_lOo{HRNrySj1F@^;jYFn
zo|K-!f)WEDPn*x#IbKAkJKx`sssD4;HJJCt1nh^KgA+!DQ8n5gdrn^6-}~oJEjEs$
zdz<rxZUb8fA!ZWFWv1WrT@#ngN&`#GaP^E`FiD7_<iR)92K(6eY_pMfgO-~f9AWWv
zq|%)&&N-bJQec^V-5@+GK-g;5E5p;<w4O&~GfM*ucUyhC53qnS>CHyT4Gco<F0<Zi
z?#ECp7}T9KR^YR)jS47?q3@mTxM!3NiZwj2>#*?R_9H05mhW7r(w4wPGn<<D?A?}7
zUg?&H@JrF)iE}PCg*7)n4|4icz1Ha*JSfDTI0JqZL>;rhg@+m#6{h>ZnAT4Ybo~={
z`U;s6vilIGhEeseU$LV$N3e^&31>D9u&TETPQ+zCC}5vt5k^5lnEH7^`REYuU|D4$
ze2WRc!*7r|RHl><uxsJy$vP{)yrDc3G{5LGf0yUn6cz!r?HDnzRt#%2TznHCk>q8W
z{}7!v>|f<ZEMeN*ti1aiX}t#}$lbW{$@->gPhhyvR}x`?cgu#W??;UKkC8Q^JEpf!
zY2C6wm$_3Ot_Dc^srL9$J&!FX_wjUfSnsF2vnI>End*q`b(C^;O~`!i+0qoL&ju`t
z)&{G=97S~!7qRcb^>*iv5+pQj{zz8f=6@RYEvvps>hVi1es_If>oCKO5b#As$2_GW
zzLVRz^FVY07W*A9)XbSW&zEtFuT!%+Lto*^pHp0!#w<Zx7#$Z8Q15SXm{HpG+!%0V
z)3_TW68;bGdu*eSM9k4fZ_0y1eJE?W_F!Q}*V|ha{f9DjsMQ9miYUwc;KUO$rX~Fi
zzHPmVCB$+IiH~-f&!r&8Hdj_h<v*Im&BaVdDY=iLJj9qh(;R`LB&gpSDU8duZMi<F
z6j$yJBRhjv==zn<`>Fu0vl<^0-JG+*FbF*02X+?0jIpeALhO;KLQsa!{K$Zwave$d
zn|mDheH8T@X%g??`APQ41^Zq^oNYs<QQh{3i}`>yA?o9xvrwM4S_5~=;~<YW+YwjS
z<~V%%*=w$(o@}dqVpYNIo4KJ2kqn(~neQP=I(aVfvuU(n4!a?YXZsx;oG@C$YZDql
zr*mI`1;;h}`+9O=r$-A&)+4Bmho!E|s>AB8=6hw9J(cE)*yR$y)19f0=G+_so@<N4
z*z(Dr_YFcdM?adVp&OC)M6a1I*7b&s1`}kD@jB-OzN|#S&_v|q+_<V|-`Dexa$c8P
zZCvfsoSnkqmaAURFJa`RHgSE8^n(?qZ@I8~0)`Z{_ey!``lLhnAn`c?4Pm<A8E(Jg
zpQ8*H6S8Qv%&UfPm!wZVc!LkG=nmDVe1l}akd~3((-LU)@$mX(G@42I%5@R<!Xtjo
z9ot|>XjfKOpBeN1{zO`1!+tOlvj(pE0J1rltv18m<qUckECSDw!PZk!@cplMg|3DK
z>D!RSEO&m^L3Iw+I(@+mhb5$%3;g-(G6%JUne+2~$S!E-jp(k0%vtA0?H>Spf=RXh
z{@OI5oJN1~V3Z4FQ_U^q%JKoM3k;YC&+$_z{Il60^nt<7m?Z4yh`P=GnM?M+lz|FT
z5_5GYiJwkd@OaW5e;QxbpyK%Dv}q}?uV!g}ov7KqWS>+igjLS!eQ)}5PB=z_yu~e#
z_#M|VUbHd-Mn>(yeT@4=pHEL&jg(p=Zz09cS`8IXU><m2?^aQVP{SxK<g>^s&IV&=
z@3qLB%n5(;3Iw_M?Mu~k$#4LYFj44BFHdx<H}x9Kz1!j`E#vPp+>Z9qo4w0jZ(cHs
zba%*h7NmagS~WqMCvcE#{p)53Qa1b3<ruLY21Uw<iF=2e6{f-F0Ag3An3_(Z?){fp
zMBm1!E-Djv{adC-lWmyjJ|>g+DelS#(7kXrC0GqC4cpkFvJ*%n3D@xRfhSa)Q$n{M
zQf@F!Phe;-+txt+B=7JW<q+j3e;P{sbrYE;OwLf5e52j1SK~o<uCEzq@MrptsKahx
zf=8miLOouLmX;dnCCv>+&22+kKkKbt^`zly#*ltOPI0o)XZ%l(W+q5#%fMBB+}iwh
zsQ^%@+~I8ty#`KD%8)H<?Ve%-zC6JtxV4)vA!h)TM5fXk!uYl*{JJQ=YtMM6zs5u<
z_3@m}I=)ii@s5v_h=Ih)Bcl5EwFl#yeJPLUgf(tyDg@`8=y|kl7CC<VZ;mI^Tmr9M
zUoO(ZxhJ6Vh+pOQ=uAGi>dj(_>7Q#mHl&ZeJ)G4ZXBHl6)|j<CPNuNg3hohpPUQGu
ze;9;lTIYJyPIzR)%5n0;X&NTe`8JucW~*OIw`~dqx&28(p-LVFZv9gz&r5x8`T``W
zFO1rf7*%U%k3|+2KKs#;DYH1*r3@8j&NHil`%WDLh(bE09h&OpMMb*3GisDI0KP00
z7l=AZwA$jrx18Sb%I>>?k|`!OIr2cc^)}6%@GSw18NP#L_`w@2nw{KCTT@X8zp&d^
z*vCt-<8AO4^Xub+*L95&Pox>bC)nS)G%5XA06=@ffqHdc(z(ST3k+g8zp`L+8LrFm
zaHGQ#47T#pJLiW4Cl)>&P3*`=JNz8vd_$;l)Xbb$ZE3a_ktt_n+kLhcvxwOfI$Iw?
zaIsstZN9Yn+TZp)FE_duDQEyLNZ%(tfbaSm5i*opTO2xnVcI1eMQraDc3TEKL!hv`
z<@DgKHRXHB@S)KHt;i-lJZ@!V<u0ryj(MSWIj)?~{)jHcd&BsMr96JHZ|1^VXpO(G
zwt8|(iu<!5qZ25(<IT(TUFsw4m7n~V+-Zrz+f%K&LYFU{xi?2WFrxgTIv`j$C+sHf
zRI4xL=9ZwGn=p1KU91|@wRnvH_reQ)TIK!Qo|<h`?Vhu4)YIShZW5dI0QrL#5u?xB
z<Q>|&^R(An3yTtoIZ;sbfL&d3<Uxb_Cp4<it?I<0c(Tl734Fs2<oOPx`ZDzE`5C0g
z)4~zBuxkBRz@M`<MyYASS;cs(f{;>H$SApZ;)^~hsn6W+nnkI>!Ni8!$l61+9XZmV
zA+0`0IdHp}{=(wmE;!K&P&7N0YeE%aqn->49cc(iua?rA+1L89H|~P%o$(DD0f^1g
z@#J`2FFET)W2+yMudX_Szg_HPd0h&5fUv2@E1NS@yruJ~qjsXOil3l~(<1wAS}kWl
zFoFFho&@<bD?ukpVe`U7;qYX~HzvJa1*IY5{%2Z@fblMoyhkmG-S6Z|V|DpH`eu6$
zIz>BQ+(PdP2=q<45~o&^zdvz6XIocB@z=kXNT1DfP`#XcXJ7K0|IOC?9y$L{c;i?%
zwdH}=gF$UC#71H+ap^|gV=?cj^6TebG+C@1tNdh~{5M%%WRBWASV+8pXs)QWj&+X}
zz6<2Qysu%FjK9CSsk;TKnB5{SvojJ#GZfWfX*(V9N5^*&(fDj3Fgd;Yj%v|(lYa$K
zw13uby&`L%rJ*BkMOY=zIf0^BYWnABoe!pnp#cW$3QzX=1wnu^w%`1aN3uP}u=>Kb
zsU=cBOg+E_R%_Q2!GD_6>ZZC%eaAVMREb;EJ5<$etSYSx7S$Tn$6_Y^*LQ7p!Df)H
z@+s9KT_HkmW(aA6SJrbsW$a~NfuvEWR4|lg<jl9Jf+jAPeK4_@W!!i@E*|v<Ui&x;
z(+DZBf<X!w-k$lW@npIodnM@T0da0=+<|J2IPmO_zO-L@HicMpKx|r&q1|R|==Zt(
z?AAc|cGQ{ef`M`wSom|Iuv9*vc5>zlu4e6ieBsnLZcE9%U8C}lciq<s`SRACC`;$L
zdEovtj%)3D0Xvq5cENmNJ6;|xrRAAwH9i4T>GP4;PKa^K*5Tsoc(!_x$-z&Bl7pOo
znZ1(1($GKd#-`Kf%C@x_3_qo1S|-LZ7K=Eg?6`2G?a-|rJR9OkN+@HcL>FElrlnTJ
zlLUInO?<;cIPk53`UjzsBdP3^z>spMv&kHNG2A<;yuwP4A3x&i%SlY*ObiBn)Yo8M
zuVTeby|hn9y&-j(`sF(S#g+av$u$^XMT(obJ*d?}PsG$!1q@fM4q_dXzm?lk)t7%+
zBelIt17}1$K^m&0a}$V_8fDFt2KU`E5;Yk}xpc6<n3?Pep-~y-Z?jX8zJI<0eW=jq
zs%8ZZzHxI3VAA||TxMt1riG`Du}5RZD>Y%f9`KwaE=FT}#5r1{qfDiR^o4sf13^n|
zmYxY;Vm+1&^=042{j`vX%7-`Vk50RDNqNZ1P!D?;0rh{_Yz+<!^OYm)2t-k5f-=`^
zmWtofBteSF=)Q9O3So4?Q8Qz1d5K;}Ne}n`g~ZCx_gZ$yHSC&yEYJLysk7ge;WQWX
zPMD=HdGF=VR!fJ*S&v(UwjGu^C(%gRw%D#Bz&?}ELXr4(;@po^WcIF}q&_JAlD>lL
zRObR)vr(f@=!~8X;*mPf{(Mwk3|5dI<gZ8_1%l?PSEkQ$Rz_55{dG5gq+vE@wHO5E
zJrP1kHc#*t8Gvx;&1?Gg;UfZ(-O||l(S{NaTfymuhtufcpX_l)K7K~XY;|&ak6-Re
z>*y%3kLIMB3OsW#Ct|m_tlSZszk6}nJ*h{gJVTv=g%~m31sHfKMGwb=jEzttSKgX~
z&?<o^RWiss2*qm&nrsx~sjgC`u!9n8a@1&aH1z!BIpwtTpQvr_XWF;k&m%UQSK+xy
zT*(6RWx-ywn!K3O6&utumlODQf>`W%4IkCDRWqkL_DaM;9AK78?9lAQ$*;{qY7#*;
z+qh){iWzfWoq1K{=2c%DKId`sayqW|wU-QIt`k+voC9NbPC;q9OVZYT*jDcfaa~{v
zIw5FrbU1q12W6G%bLY##B$ownDb5`rhQY$utTs;(F$);yJux4zFDq2{1k%{YM53tw
zGo7J$&j;FdIuZC!k(9URR@cUB1LoTe8jeJM<r1*|Y-XIw0e8$ISQIoOQtuvi6y*F+
zJkzM3-_DA4OPLhIQ}4(87<$TdUo2QGsgkys#DpNtNm<a+(J#;_L&heUO)x<4QStQ0
zIuEv~$q>@s)^Nb8#*=UTDaD_eVC-@@aUNeN?L3WvlACfn;(*TQDG}r1E8W+n#yAW@
zn~8ksm&}E85nIYOtxXNep@Em62OMA4g8hagvtzSr{I85Qh`Bqkcnf*VkMO7{!U|qj
zh%BrQyRw!R0qxeP7+c?oAB?`fQ<~YBiUCBtaJ>&~)zgc|Ag1avL*wYWC!S-+3N>(1
zlh`t=nlPiivpY8ktM9xt4M5!n%mBLBRO3!3x|BSqAvtbI0MqGSh=qaVjH#N1gv>B6
z%}}@I$>X!<)wK(j7xNHArEyCydSdSn(3TlZ8SB&452Ms~!EgBDm4d?-<LF(pO!4q?
zoixxBFWZJEbd*JHPbUMvD>G;y{?2njY?hg1FuS<=jsT_I5}|Fkd?H&oZ>=>DCn;@H
zGN&w4Xhr?B7w}IKmTH{@Zt}>JkztI)j1gnF!tj4Qy67y(uDHSZ7m+b1mklvnWZ=P~
zmviG=1;f;@jE3>jqvXrpDB0$G0RQ0Z$ux#AH*fi-rK(aGp7+Z_F)1M&Y|z_%phj3v
z(`9HSG^%JXF>Yx34^s4=c(xB(@U4FWbn=c&SzzbcxVUC&Qc2We2opNyikOM#^?uKG
zFQhxnJ9w;UF=|C%W;ea?U`J=*iTPNA$HLFurP%$)aiUYlhYFSTiB{dh9y7Gr!;D)F
zVhMM#b<fq5l*&@okHt*u#=VI<H^|)u?x_u;?4xvetX~_(hE>Yq4?)9%T$np;QxGiN
zmcFS|&)g3PpuK7FrvR}|G_5#}N^;otUI_$W+L`lHKg3j*M+U2xqT;u`ln{)7sBR56
zv}w|s`ZAOEg){Ydp7Qt7XcsJBv)qKOz!w$>+RDZqA?C-ZWM{?&TwIvE3?m&<8Ijx5
z3UsLzHcV6TI>^e9Kzpv+%6ToROHb@O_%(MgK;Eu>)|J4sP8i#}Jge7Ty+_}LYut?t
z!3d0?b-sN|^9(Po=5ZaHC|u&Q%`ToS))yvU=casc86%H#fE-u%Bu%DcI8K?_u2>2r
z3Tm1l&Bk4k;^uA-kl^HHq2TI3Jbtho;)lM;PyQIW*))>{3vZxt98fqz$#ExyRG>4>
ziuG|$;Kl<B_+Kg`!ql#X>Gipv^><3;a}U=yO36ASE6WJCeBULVLUM|e7P@y;Hd#n^
z?f7I8Xp0|`@-)Qm9v6MtO(!{KBqr_hRQw>cQ^-dsLc-V=Jm;BkEkoQsomME|95Q?2
zVr4{gnw0-iG-8Q89rVN_)i4Y2c2?}*_MQ<?dc)94559WRgy(AXyQa@x2{>}zRp6=i
zYbhyc#KD`EsrhxJ#O3-WHprE8v)kT-I`s#iIl9mBjZdDo@I4phLqU}$?A@DLiR<}(
ztF9^7g)BDZ74CCl8ZTpsxO;tZFxF^aia8&3S+~6b+Gf%IUWGV}$SaNbi+5B|7Nhrk
zeCO4hEpPZrgk{`8Q+{*xy0n&Uzh5(g=ZNNYQ_t>4I{?3+^#S+yEmQ7|XzpL~J?8I9
ze<Ig*AsSW_l`dhZ{v}A33_sFr!!84%(MMZSJK)ZRLYFzC3OM5la3dZh=ZWJ--kp#4
z8x_1%`I1e~_ky@cgrL|`<}6y=yoOB!d#fewikGM*xJf7&%iP0uUn+cZVi&y-EPrLI
zBL*#R-k|9<!>_rG5UCF!b?z-NFZVw<E`Pcvd{7g9?<eq{J^TFa?=~$CK624s9jxUe
z^lu&gvhW^h*^Ik1+dUsE3lMuPqq0kHK04<;bYmb8nFr9OqJ=;e^U+P7mu^jQa&JzK
zYc^De2IVg`_SLVXechEN+fc77T74)UFVLrF^$n4pKAg?BG>O}(s$&`L&-#n3%p^~W
z{xDykIV(ZQsx&P?O|ghDP?MvBTdFhnpen45F(ah4Fd=(Fo3n&A23_amF~JG1pZol|
zjg+1A3?al>^|019o|m^SKL5u^k7sSYMs@V}mR_!W5?Yz$5CL0HJmYa6I41i7$_eG=
z{0@F!f3#o$etv0ZH1e`np*O<7Btq}bTM8xbJJF5$tH!;pLbusWEan;;YRXJ36@zSh
z?Vf7g&1D#7z{=j~AU<CYjL;~1bxMMknOrrmNkD1ZKiV0Y9e3vOv`tLe5>f8%wx@Wn
zNPM^Si%NJ~564ZH*QEGRa!~uq%JCP3^PL3$-1@S1*{ehBOaWKAWZ;TK!tnp3a-@as
z)$4u^{my20M!R2vt2(o9h6KvK<NduE9MN>_N-{`)RuTb^8u%5%0`eheFm#&%Toenl
zf%Blr^BvcAB@_@BY+v8;5Tf2xJ)l(_DIT}x$C5W$ht{Rp27at7^K+Syh2$dF$Y4~@
z_LPGz<uM~LqvSr2gS;Wzik<Gifd2R#)Dw`CXd9j$d{hxXg|^By3=o2rJVHC9mh}8E
zg<dl$q*e}F#|fRG&EzEqc&M3`v%uBeWapCVi%H0dFZW~26;}hxZP9-7luYo`lF*sq
z*(zi<w%#+v3)RV>-vykP6%R6giv3yi?(|3)nlwYFamI=80{t!lPjGROC~Dp2TFyx<
zaNN1~5-<I|#o^~pZlq&(NM+O?D?mEL;Kzd6jIz=BM;dE)CeA8b#(6jZ_u%&+H@5X!
zkO~0gA2Nsw!8)6D05;A2nO}y_E!2aX$cr+8uapT3BYW%!(g{C5K-f(`jyT!vz(k_&
zA3n{T?~Y!)Q$K&T5?yuUoz!ln5MDOw`DgsE7)>KMHtamYjGGz@+c#I;YkIslVy2m)
zzT0yDbA1+O7x&Uk4SpacM*ZPYCkA^#oLfNa?aN<yi^Gp`s=D@mNe+}@Mhe{*+wN4(
zPRq#jap^#`&ISIBydH(2Hd5ArXGB!q#tB`t*wML9?B=@PFRLmR7&WDFNfJWVTI%Lv
zAr->g{Fdg^ds(@sW#}R1o?A{n<<$7l5J>aWxsrtI&fsI5NqmD*Y|$7eKSYcgR>t#d
z1<ML>1M(z3f9x5BT@a=QOYrP0&t!FfntxIWz1oflUHXA4ou!8{^Q~1_+XGFp@I4t!
z>TGWfb~<>mNVH>F2&aMMzs?sC<)dR2DF>6n)?G4wim+|{x$fw)79GY%JuB7SPo{&M
zOpvE2%!-o?^~&WcpO&k^NcRsrSGbWI6(K7Rs~(_T18l`LMho<-mK;l}VAXd!;+A?r
zUtM~f<;9|c{7cNM=H!Rfl8UG2$E|F$kfjpVrFx61(<LKo;~yJC$xa(=lL5ze{SgDG
z(au9@ptnHbe6FAYm^blDl?!5dnO{A`zw$zM++Q09!MKv}kN)=za;9Bfr)K9tooCXo
zgi5IDz9FPM_!=$E+AVl(@DjfhzyFqyVp{p^54FM4%Wq%3o~3DOGnvFC0WSXLlhM@g
zLAd)SUYjw>%nM%n>3Q<ww=QbT8Kii%b`h7-k}3~HpYHiVdq`0Tq}R>mx_q<iAkK|!
zKpJ&zzS~}TuHMTCKyW}`XUfka+8}r5y2;;ZSHiBF$IpPckCoe~?&4VRMcRrYOE|rq
z#_P;;S?tyFfTMs>bmvUnTd?el*|+kXd%zqnp@zRaZmHSbjw`C$EFWwXw|0om^1<4Q
zo2xGCqo~jRCg6>J<`ZUqzTn8R7^U66%BYUi+<mc3ikUilPSQmMc468{&mz<G9`K|^
zCJ_+gxLv(#1P|9|{EWXTBUe4(-C@A``V2r)ij@!S*^+)3ETYO}k>1hVO8`agobb8l
z{#T3&wtvMEOTZR9SC1zH>OVu<sJfh<HmYAKwjmxJ<RldRN0@*3B5@AWYP3QcoQ0Ej
zr)l=ijgafR^qwgP99q5ruyB)ZF(<xuoaMGY03?;GTB_o;y@2TWMh}0Cx=;XcLTanc
zDXYnIhCYF(xhddHF<SNF-1TPV)1TaX%pF~!<@;geVWy=&zOyg%y=E-JrO0Tvog{8i
z`l$FpewuLU5UGq|Lyink^Di0AGn&6EicIJBag#5LqDD8)T%wYMPoLSJ$V0Hlqzp+1
zx&NBzfo?8qh7ngp4hWyU8SLe%$MgSk?|X2Z=6aZMiBN17=zh)7mYTnKX$i@zmT@uo
z79_Tkr!4EPOp)HmSw8wwiSUz==YUT61gJVjv>mcc@R}PDxa#GDUm!yafo+*FOLJ#s
z-$2ss%GtdbUh|xCGz}1}#XgCkE^4zmpa8o7R;?2S-{^}m(s=1}>aLX2VLmY{@m-wS
z{8b<5IPru4gTg6v9ks>&w2%1w&lyAerAg*NQvEVJ{+kfzZI;9SF66D@lt)cd>nfY(
zqsGl}cghxibpvvo+_q1Pa%c_?QNU!?{`y$au${$ExUw;~8T_t_s_DfwTG-u1o$okH
z^N@TCZH>n)v;R#+fS%V<H3j)qu0QPE25!7NXUa8PemUJ3X+9VgD{K=UQXjBdP&y#`
z)dwA44%gZUyEQ>R={{y|kpo_Cm(Jq0_DAj5Ogg(&y9~j<#m!!(d+kn;w!JX&c?383
z^u_w>fMV0nE)j1whf7E$w(>s@CfFcF%0+i_MLp8F1KczkLYH|#S?@3~9TGWPHgGEC
zxL4o_k@|)77&N0%2c>+lzpc4|_<(5CXGH$3>5ne?YO|$CnEc^qRM<CPKJfU43wMb@
z!m&gDbCxz2e&QJ9OdcuEOvm<r4PM^qp=Yn1>YtGL;?|#X*Op@8y6_;!u-<7S%(`k|
z*ki2N-WFY*Wyhow!%<Fev(M!T&3tNl#!*ER8gjAte5>@t*$~sx!FuzmXCaClN+t3&
z!E{liP*jzdTsLOgTZYVw3Asz$5LR?=ZT*g8yCfzvyG6&)j-;up!)ZSUa;fY9BAI|y
zaTcjJ>woQNRiUK**)t<Q-Q<+fRm{qRRw0k(hpb|&ze7vaPp`n9&deZP^52l$8jUw2
zX8IKNP|Mq&Li<xVHmIQ4B9oSO;k2(C^TYB*9--NF2BD4pp5JK6QJ7VnT*HB%hMT$P
z!$$XTU&r(h5^GjDVWZ-Sb!MfjX1OJZ=`=Q>Vd3?`$FJNHwhWPx0Z^{d003c8{^Di-
zUwPL~&t{-0R9iCF2@y@W&DPH*LNbcEGdUhEW&~Zucm3_umvPsch^p6g>4JHUOzVU9
z#(MKc@n%9C?ZA*7+}y{^+rRUzbEK?<s6Urxa!6bTLPMov4IT0ZY=ThX!H3Fu!IL5~
z3LAstZt>2jpPrx`4Sy}LM!2i;mcUdo=_eoQ$lB<NO_hC&b9V7gw|rls)MQbZO7f4h
z))u8xb*@)zdrA)Xjq<pdYkm#L%@I!H-WYUxRd4+?&QqI>GgfGK2V2l>lUPUkft&=0
zXw<>To4uG&CHH%_l<&Syp&t`i)L=}|hVgmm=yAU=2*jgd_44nyo@&7eF3JgM8$xtn
zob)oDjujoAJX*g>QT8Jfgg`34hM}rN;o(Wm?n3g%v>qzRqCT<Qe6e>}0%QEy2D8&=
z9#){g=$ut-QSRQd;|M8w)Ocs{O{?Ls1a$-{SD}j$MGA6zjJg+D@Aex?aYEPB6)yZK
zE*TbPO3VNxNm|#-sSzmCR5F0Rvn!Sj7Zl)YatHYPrt+1EGN-l|i7WiIYu5*dL?tOb
zZKVJKROjE}6VaEkr6gigzII_2XyYyqmk1xIJkpI>Cmb#q!0pc!R?MskmN85vj7XFP
zjDAy<AwGqamV0g7-zc>xvt^8z^npz3rz(*WW-AZ#?UPFqC(O#nKG_G4{x~~ffgGz1
zIXfGoc*|;t%MWIEkLuL4VSN<3p^)c=?L7Q^K)YqBI~DyH|3wDvsg@Ps(@|~<L3}QA
z>jSUvjXiaaQ_9K8)FH2&pBo?PaF_Of^zWpdiFi;=ZRo-3#k)KqpCQI3{N&YgdOAsP
z+Hb)h+v#G<*{~o)@lBUL?8(aY)qqUbn=g9ySr8tf?^8?8PL*1Wn3b+u*4mTB6B|k_
zHqA=!XV(pf4wX!l_}*b{dWu4sN{u7^r+EyeUO}Y481@QnQG+5EF%ElS812n*j9o%o
zv?gW0((L&5X`Q>*t?hG>96_X%fi4~UIG<_jbSWpOawZnGq8)fK?D~Jr`vd6f>QDep
zA~*a9wc2xjFT<^`ZqrVN2rKsZrq@?Rm@OZTejeW35)vpd){s>0xhPF4Ar?W97Sn<-
zHw!?K<uKN1c&4h9GF(204phXd4y#(A20z*#)Gc;ZAs^I25>y!mt0cFbFlMzBN1%uD
zSc^vrH174KNU=s`dB(8ZHPjvVOr^T;P-Q1Q_rVSvP9fyyhTO#91Ru?pN^=Ud*L6t)
zH9+qnJQJQsOD6rhij{?iUd`p+?SSuVp}~wzIGc?IH9+{xaPYmi7WZy<c-C3^&7|FE
zFnZcSfyb0qm0IR#XS(Jf(|BATb)h_m_sk@!OKciV5>M2vCTh5vx|rA6BYhW3lBKNc
zZ`B%Bm4;|Sy3ksg@E$>qYL`EzX0CMS!k$0~h`4CllPAoomO2dRThus*kcZGl%L31*
zIv((P^F82s!++P!veI~v^+63Fx<U3~(P;{YviryngJqz)XZy-%L5v8HL?AEsWC|)y
z)jKjr0#t{J`WFvYMaxN{Bc(gH^1lpc!3xaBozu+z94)^ep)@S6SZZGD8L?CKBf0cJ
zxlQi<vl^?WWO$?bEdS~OItWx0kf8OK6&aBpLKl|9mRFwH&pK9GJ1hCiPULG=R#;L_
z2{2h1UANva&;gYp@2({@(l?ZppMUCm^pi1IhigBMMg;e5y{Bbl^Bqk{Y#@?8yV1HQ
z5BP9V+{+|>qs1-Mfd@_^lKrF9zmxT<6k!*tHwUFC5U)tAy4_Z1k(NyC@oWW&rOcP3
z1qLzac?Efg<UgS%<2`!<NaAEy<0?dgAc#~_XUd9Ut;+{=C3+a=*tDE*6f!UFFLGU6
z7B?>fm)j(M=^H_r&Qy8^U@27;rSjALWi#KZV>qk41XoAG;zR3~0#>V5`cs3U=^G<$
zlK!$|0f#DO(?JbY<PgRI5y4(ZPRoMJF)0At^z!+^S%#wAm{icO*bFx{r`nn}=cy5(
zrQqBjH#Va5{15NEpNwjJlP5DCy!|lb$xk$PaZP^Z2uhM^CX)a<GXqMzHM5v6tP-&&
z6rA(m-%7+M3cC=vKBo~fRrA0BBG`{B)#H!jpCF|x_{|~sIvPQ$mzUb$EmZ$a+!s&s
za>>3@8Q;1U)*?4e+Du%b%y{!)XK~fyPm9u9wStSqiP^Af-*IPa)6xYqR2?MT3MM#m
z{OR7*w~-i*D%f*@p=!&nYT*>J)cXywik$GLeX$zj5vfGGmV;X@-+5{C;3tPYFNELt
z%8I^ghuAge(+TW@ZEvR-iyB|l50W7{-KqTTP`kU}n?nDoqPaz~{z`nlf<w=4f#Bg2
zbsYG*z@6ivF73^U5b4+1D)8=<2VSjjg@it>8Dm2x>&))%*G8;O_=l8RVNNW%CQ4Xi
zZ?Q7Qf0&C?-Sb&T-NU`{$iyyaky%yf^s2_%@Ro;hB_yFvOG+^EtLu$#`45t-JyM~P
zUtl4!$_+nBS^bzRm6r!5#yFEvMvy#hk+(7jtEN1e(!s|y_nI8X8qfut^+!EH7D4nv
z@<p2?&ai;{f$MC8QTG2%_hTh)vV9J(cSbK6Xiq2vD~7nQH@8Vx!0J4EcA(3cfCXd9
zcjiXQ9~xu%;24mt^+4tMRr6Al9QQ@vz7a`C_5E?@E)A1{!OA{`vWJZZJwJq9EjFwQ
zL(t15p~^)wga|7(D|O&l1AH=2IF&4(h13qvNL>*vh;p+Clq<1&%BB^<8+D6b%WTK3
zu{e(Jkk;q#5h2=Nsn|dp{;c=M3zc*@+6yz6b+lLdJkoSV4n`0WYd38g{OPP5yZ0=%
z;CG3^v0*QtLC#NZqn;wdR*fsmyvl?PGJiV?d@#5Aa%<t`_j784qsaZIzw|C?sD0hs
zxix*)Ox#pPM?1>5Pu*mD{Q7WLGAze6LP=2~u*j@d8(EU+Y7v049xjB(z+>E~if;X1
z_D4f1@|@8;xdGF&E8`CDEjkX1@ZHrITe2u5>X_e-=fr%PN7R+~1<5R;Cp(e=mnvUe
znw>;!?8*3bgO6;ms?mODqp<Qo?F#@6!u5gF%RU1;i+bjW>kjx2&*kRAK?3yEH~Vq8
z!Rl5l(`$4DxoV2CLeeU$#6Ni0AV0Ywe|Wf=d0Ld-52bi5##WX3ms+>2)s|pZM|Ym$
zo69UU?r(bMU~81+#x|-xm^23fPk1fUzJB01U7_IkuZJ5@Z~t}M3pbJDI5J^skGX`{
zT3XvSfrM;?lat_B#w6Q0wfQ9Y%KUULj4r6LYB8(<8OBH(oPSC*uJnzvN~|9$|7BKq
zKiR3rDsZK>?DQ@6e=9eL6$+f3?nB&O*nfcPPE~a<@6M=6WNoYTjQx$s#7h^O)hCs9
zLmKaAQ_RBF%vK-NzYp!XZ|iElX^JwhU+S?=>^BqnX!2hf#!m)0!#(N)cgX;Fz^}J1
za;IlQmNy;@IMBj0(npcw<zNpoB|sI^Uy&Id&BdYiO)UQ3n}e0{erm${--pcaG7m@8
zOoQKESnp>O{@6@)!0$U$ar-h|a&Xd~0{QW~I^k>sV{}@6S^7HUkAJ)_qs{T%<a^oC
z_=sz-{;qv6-&*C?*d_f_(evnH){V?N6dQdReXYNr$58Pi88s_@l=U2qzg~}l|9$l-
zJlo%292x`U0gSs?<({nTes?|AWYt7Tv2>UH9q4!0Gx|-+p(;sMl_SgR{{7lx!?O*2
z(dRP%*I;p<@&Pe6HlqF)Sgz!SLC)X*S^;FqAc+M?Ufcuz?)nD50DES|QmYdeVgHOs
zeNH^=YRM}2W-an}-#X_YXOZLolfnLUlrC)Br^;xEt5-&-i6z+IV#Pt};Z7S3qWZW$
z?#S@|J@WZu|ExQGFe+D1cNRL7<~~>48AEh=5~4rhI9Dq^N2$L1BGM=$(SPNdr_Vd;
z1Xhfj46qGaiQO^{z3_Y1X&k?$(7#7)()1tKol}YHM?qf_o5s*moii$k8bm*Ca^=%r
z6=6Lif4foTw@^O1{3B!!1EBp<AJ9=yGv3f)rOZ-}6@533mFC{b-k&y^SY=&VHLI-i
zTkHzlzvb}}iPv8F@|Ex@e_MMGI*>cEeo0t|6%rH+T~0f|MdI|%>~lu6OR7C-xPN%V
zu6H7MekaF~M*FyOpmt>%5n=HjI#C;s-F(ig4M{9BuDN=PSf;2Wm6`cC$E!>K;iD+K
zP<nWzk+steyZK&%%Wm#La{u@DF;}iAy8bWn-a0JGZtEXM0f%lWfuTdXq=ype5D-L4
z8l*#d2<h%_B}_m-I%JSWQUxT39y&&1sNan~KIfeGJm<XUy1u{ny}sA=<-c*p``&x)
zwbx#swLWWY^;(yb@WQYNoV8E4k~Q;c1(i`N$--gDS#5#^L0}I?dU6lqIb)n7?TZ<6
z@@=xg;$9O{ZmAC;5LzDH8vhnb&Qwkb0YL<_LC8aWWQz5z*?iOE{T&2MZ7ku5o;-Qo
z=yib)7P(G(rAG1)J0s~ioE;it!5Bzc!S2hN<zITCb^W*Ue9wj?ZkyE#1<-3gZ|g4=
zj74<p%zZYjJvh2$RCcgGcv5sRHrm-rvt@Pz6TjfcjIxu;p%=gG#nO*y$!BMr&YQV6
z$;b|9$5UEdZ4oZ=-I+3a)I$Cy;vzePJN7-KDeY8}*3c=~Gw1<A@4&gRl0cl(_W3ZF
zMe3UnB&*&%)hUc9e_B-8gi$OZgflTSOf}BftYZO5i^H>HBpQu$58GleBw5mg&>S7_
z7cr}zU{{|j_<M06OTvfbReb8<x6|1&sQS{<>-eJ+D<~QbWMxMVj)5X&d0hGPkb4S>
znuZ+@cH^K+4etX^!W2KNF4`BoQCwsZQkO0|)5~VmkvKzU3Qt=nE#zxLCbi|?k6y>Y
zi6h2|tdR@6gpZ5>>@e{AAP8Z0Tf%A0FU3zK`@I(xl)&}zdBds$CW6tPJnCa0owXBu
zb8x|q8IR;AX$BYUk8ktLD~8E>Ih}_C-W2b&xTnMSNs-wZMXCwZr_q)<Tu55=)7s*W
z{5wMv3=bZHyp+`~{LSZ=s<bZeE4SeeVIlGHc2sdcS@IZ9FU8(O91eG{P#g$#dYr}_
zZ)>lqmONE>BZG&9V_QmmFk{u2c$OzzEZpaqUMz=@y!7e95w@c$EeMvQpqQJsEFaZV
zNqj@=)MzQV#+I@~@9~Ctb$a+43pd}v)-NkJA0_*Tjp9;4$((xnYi1yc8+e{8gHsl}
zb|Oa8KWB?ZgNb?PE^GGEkWbZ6^d934Z}?Rj+x!*3dZdwU=doZY45^T4(rY~giS!fY
zQx>&YqzDB!cX*NF7sQ=EoV35ETvzZ|n`ClM9S<l+=C)hi5ugpQK4ENaB1379#TXAe
z3OanxgC2xD1DLRP0$Y};tvFMmPE{P6YG%<y*-ERACRK<VzQaoei@p_wb#a^FM*29l
z=KWe2N&Y_<Mg?rU6W>KxoX~SQGg))wDdzYnF>v@(m|X;rEhr1}TwXdYsBKM#kb_3u
znGQ<?2ly`q8<2SjsvDz41UMUst!g+^fh;aDIDrv1HaWb5<yXqrp#W0j@nU#f<$tw3
z^K9ZppFGpuDmp3hcqSCXz^VV5A|;_+Qe=|MlT|hu8yM@9$~9chrAnc^aseeJhl%Uv
z`Tg(6e~vYX?PED2L^ENJxIDZppSZmUGQC*7)xnAx7sw>)t33o%(qpN%5<4Us4hVnY
zV<|O#*tQb>BeE7JpGL?$$ir8s!e#C~{}M}Zl3BT9Q=<a)w~wkK;csgr$}0U+oXpPl
zWi7fq5#N#ul*qAgHaZ+{jvN#Bz*=4)e6KTgOx3Ke%6+&xo?_A=E*9u3+(zu7gsd$h
zD6iGRldd+2vGQF1%dr)G@{3k$bN0&!FJBJ%4q=Q2Y4@C1!^+rRiLtibQ^i|@Pk*j6
z>=lCo4fJtq{W6_X`?9<$f)DFpj8!e2ccDp@AN=4ktk<d|#G1QUUzxAm<dw-pLOTSI
z(ZSGw;|Hz%(FVO*?YrfkT<YBuzYe=y4<8(a{K4!Z3iGIV=2S0l3bg<J86r8iE3@!H
zw`Wm`-_iE%ys4fNo1>oHZL`H`aU7j&?|VqFL>2V37U^1d&1vTQ!C3E<vZ=k%J3sHs
z_b((opZAMwla2bFaT+)7;(j_#@F{7M00`6_{=Rn;wt6b2p+Pxim2NMu;x~_p$3WE5
z7*rD8qqDcBs$Uq3b+}gt<h`p9YWPxuZ9VQ#iFYtKt<#ai@m7Aj?|Mz(TmNNDgd#k;
z-%=)Ah?_4A%AJ5Xq}ZBKFXT<jQQmQvtxIlGd6qfI{xt?+oh2>e!!41*IZeN}kH_ks
zR;&HYXv<|Rt>Tp4SmI#XLE@Kv_IAscLk%<TrUl5(bXs}e90NViFq;mwt=kP~H&OTR
zitd%uuj}cZX;LO9N>c^*pzq{&5f#01_DB?6c^={1W&(SO<J$4)<VP&sWb3<1J`b|1
zncW`)?ORU1ELmuwDQT&bkXTiAo|m~ytr)(n`H`lWaRc*nMgtzBft}W{5d02x80KWe
z=pmJO@{NJnto#5ow+_sPr!Kf%yCSZIb(#;;KN-IsMH#c<4Y9M@GsI}(G8V+o(N&d3
zAt6LYW^QF^nFXRSr@*VN;w2JwANQomnT&i|G^_Q1`6#h9EVJF^h5XtNHiSi(uUSmm
z)gGT7D6~^nY^bxY%g(W<3}$Rf3(FW&o{W3MYN;UbL4Lf{e+bv^8voEF;V&V{VDFNR
zM%*ixYEtOJh@+bN{KnqGjK^Sf=?qI?Boheye0M#*)#4v2$mDH^safhSL9j+^M@^c^
zkpl5}8Y2{+Q|O5YWDKHB3l-)$rzNQMr>1Rc0zK4rhJ*AR5m;DjM1WV<{=AG(Tg}f|
zgn&B+n?>qNp_Z>zcmFB5z_}*kcJywa-GyvTHxH4J|93fy9+#8hD!a2~qK1s^#nZRi
z1AeK~TMThtX}S-)^XA4V_N$-CDXJUR3L1L%=Do1DRv6nVF|=^|aHG~wwc)_;yT7j$
zsEWkb4ul$qn)z*8?x>OI-K_|>Lxks~*S0C`I9;#ffSo3}Eo}$+FhTXShR>kkbt_Ff
zXOEUP!e+P*8+uD!1Xs(jm(}!G#X`bmEHE2uj+MC_S=xo5g)s)@d9cmAaKwPbd(2Og
zBE0s$tY&^@SrWwM&i2~4<8g5zKfL_iK>CtLn$b~_SEZ>=N`q8W0_|jcYo%WXzkj3_
z3?ctQ4<dC>p*}gV<c;Ik_i4^|3)U!2O&4*BvakG8pyEc8@cYelWGuE&T%|{!v=;B$
z*I&LeTUR+k{)oro`3xR~EixL5`iqW0#`oLa0)n4D7BaA|(TEu|<AeY@F0=SBN~GSU
z=<ZPSJh|<<V6A3hfnl-1%aJ=Dy&Swbtr>Mo0IykV27$g+t8%HQF4icdwD09MkM`TA
z)QB|(HZc#9@W&z#A7aGku9{{=ZJd#~7v8O{mBGAwvaC40&*V_^-(RZQw%sq{X0Gme
z0)=*x@;8Qo+$_kmku+37x2Mx2xSvP)z0`l~bx}hw`9>r8Yqrr-HzOM-_E6Vr8RdD3
z&7;nEGnHL4FhBf#dksay8prQ~j4s~Nd!>|GU#}3s(=x(oVf2Whxvb9#wY>GN0*?8;
zQD+~C0W9$IFPHMP6ma*Ony^L2b2o2&npu4|F<WsO*;_m9s-t#o?E$4Ph>|2Uf2KP=
z%?NGu&FMopO?0UVd_|-)RUN$cj=$JznygD!iK6hRlgK<Np4%^BGeW{iJo^vvz`Gba
zN{G(@KeRXlOtgZgc<m3^;$ps;3z0e2y;`x?ntwuy;NK3wzXvJ*zapOhOCI*Z77-GY
zBN0l#{NG}<|FsdnD<#Z-zfq`LWb{j2Tr4wR7#%a?Slved4Pv+vAy>^5E51tM{`w8U
zwfF;76#&A%`h^ywnSbLYe3x8PZ2%%`aQ~d47V~d#>KL?mmP`V)6nOFzCPpwu{ed2B
z(P>sQQURw*=NFbGQ~m?u%G{b4Z7T+pB=6Bruvw(^8-spF>po#&0opBo`GtrTfam@k
z*zgU}L0%4^#=h(qWMxnO1IY&6`RE#;47^hO!%rwIpY&V#YJN`TX$fKZHGUm^NA*c}
zW~q?uS{wb**DMUzW(Uj<1)OwH@k=t+&!;|}NW^m`Sg@vN1}mSAj<fNRn!N&I5&!^K
z8i1T8o(>TH*qAW*jh=(<$e`$7OmI}nTtsy!4y5bfN6o*>IdZ&BAzo~=nIqjk^;B+O
ze9vy7SxMj1$K6itV>da13Z(NbP|}jGI!HJPB3b|pb{K+?*U*E9FiB)Z-EBaWtN|T_
zU`>WuQO_(7yqCy-?{cAM(9wvizAV;xk6FKOleRYBWzM@kO8dC+hR4F8R59n?{O0{T
zL0YP)VQwc<T0~_&_?TW992y16=*G7&F)!t3T_fVR&{%IrBA19X5!b)nMa}zPolQV!
zYJ+Dr*+-w3z@ikluLO_0)VZa-jj+1|WKgEj`?fmtw=8A&6As=z@$;|bJ>2~~eR@_a
z*>^4|aVJVm_bEz-4(~+^HZTB16yNdU11iODES-tnH6nuvrW4inUkMPO90lLTTJgnU
zOWH7RiY6yhDuewrbF-`Bzz>tM52?V)^%}=qQDDyZ78_?AMm4fy5yFDWwQj0(Mroo+
zhBuA3UO(tPgV`bG?nULm#jTai#p}XjjiYc)RupaO!-t~OXVSV_#v4;lX6mCnK5t0J
zs}zCboZ#~(F((w;6OEEv^rI1FKxOewE)x`y`?|@+1F7>HqtMU>a_t)p2t#MG^-IYP
zsSB}-HEt;U1*xAJIlI|!<<=Tl^ndf68muPaD$=&w9`&NF<!&Q#V{o&fXbwf2Rep#J
z=8{2=jHpY$m7xy^!188>C}lT9OGp3nuKF}<US{Ky+Xr$wld?D+`cbr}?bz-lHpjkA
zP2QR}nWBOPN8{fb3V#U6@yfu)USxI2NROPlD<7eWxI6Rgot<B69EpBTdb*^*^i-#y
z+bAjo@k+HZ5pfN>|A<EIkz`Ui{KL{yDiCSeSX#ZtiFbgJ8il6U_%4gGU(a19i+W*R
zQ@(Jn&2=&UJLgJI`uu5)tu^FO#KnY~K<O*z!?#EV_tSTZHiRjGz2#;FqONm_t2@i?
zyd!h<IW}rkOQpCfK%CXm>%jOh$uOaQTp6YyzIRPz@Ba3Qpiq)9&ppyHyEAjPZSvXr
z+P&Mx$%a$J7yQO6Hzq0V>I+>SQA8kw=@b75U^zbCaD|A~w5HXaha+T<7r@e}gW!vG
z;c6z&j=eKy={fEJsWgtamNOrwVSZENt_iP@^pZzj2lnj48LRnixt$47^?~+zyU7L8
zk|jf=<s+Uut9fU&%a%81r`(a`(o&b-J|rBcG3Sxg=>_c&zdhC2OfzcfIifD5{kqY>
z5q7lWH0QK7zAGDIAksd;%g0LG{6q<C!rI~raZOZ`I7s=HqoH;=x><wu3aAy`D-I_z
zd+w#%*Ix4_Ap+yaox!wxA9w>Zhs9K`%l?GN2c&<Zddl>)oj~$M39t11Y!AvG`Ki8^
z#v~#^a*Zn-_S(JFpLFD0RyxPhfB+jg8}y-<SjOpgXKtguH&evi>8Igcfy<u!0z^67
zYrpfS8s1Rvh9vF;UJT8pbbGYDxIB<k8%^MKY)d~)oO>`5bt1yk&2}m3FcTJsjOLv-
zZ}7<craEUj==(6!>q4aQc2x|Qf9liqx(xE2Tj_U?Vl8dnyY@p0iWfKBdh?YUtNB8+
z-N+n=t{MWPp#{l5UUY?c*{TmE1la8*@Q&buvE<VlEH=-8E>VPr&Af+XVk;ta?+*gi
zV^7Xa;P34Dr&a2^Gfuj7#pzCFJ#jlY*ZOgH+#|Mo+Y0J633d|P#}XW*3XXmp)o8xY
zr5T$098*GyNb<jUXAe%EZ727I^-Oknu)JSAz}=a9G^jq{%Rc%2RHV&BQP1zm&^tvV
zE;sn64%oDg<*Bj=vkfh+PkVnjuJvnvsM5nh6YFFp)T%p4m@83uL(P=)p<Bp4P&@An
z>SE#5m`UraNGw>R65Ahpw?sQODxyx!6c6PyISQV7ZM*-`<HLxhpl4^inGQNCHSnFy
zQevll^5`Kpn`velA?psn=i~SZWRoC?P{n|4Oq6Jp|K4$n+Dg9RC<C6Qc!5BVy2umX
znFv3{<2OBY&1sjr-^P=z)_7vonCILP8taunBZ#*9xpH1lj+_IO=u(WA&U54rd$;sr
zC%OGrFuVTHf16LWi~cLazH^>?yZMK!&Py(&QQ^bwnGlzZ#GXqZTpu-%4rRA2k==8%
z_Yu54VwdFl)hzB}aoq=_gP1dXkk^Uv?^qKWq&1W2+Fy`@PFNbe$_zCWZPwg*yD9`@
zedk%;e3d~}THs54W(YE=FFHn`d(A`?W1{yie$@0T*_jZs=<9ElZTakb+JY`U!}{r3
zZ870=Pnc_!1^7n1VIUv3<L7$pq((Gx&ki{h-?^c$2B-`2QvS+L0DanS;Aq#MNA^0&
zRWT*zIO$GHY#Ms~AfCj<3TB@HXUXWBS1poKq-gMOcB+-;v~rZ6{!}xxpm*ITn+zi7
zQw$X1fV@%Cnpt$0J5%0i8)vH3cqX0i30V;#$K<?@Lt<_}@-G+ypMwJHo!oMrv1r%k
z?RzIcPBNizQPWUU$Ng7Z`UeLHwCEgb3$W#dlJe!9Uf#zKO#n8H-%8l9#j4**GNQJ?
zXN19g@Jwh?ikJ1BbaJ*p8M=sZ^B^pfio^anqwkmmlxHH_nj5O5dM?WRaZ32{`WceR
zj>CNola<@_D43`DHvedviN?ZWu~hmf$VsicvG|p-<c!4KF{?y~q{0;jP8y5g_VEep
zf}<@^zFw4`yE)`rNbQN?HWo)+-Mdr1Ob!uuO^l%<+`whA0Ar{tif3vjQJp42Yk_u(
z_Z!|5YUBH{{PuztCp>e9XdWHN=V&H%mm<)mr!yt_&Nmj@4NtrdAk6lO`JS>R5o>Pa
z(8@%}u*EURpw0Byr9UZyD*>A5$;q>d(;f`JeRFAx*#b<N67RfpL2x_QjxiMXtSz~7
z$>tRUln9_QCj#UgYKYByzC+pJ^fwyOxI2bvRm{VNnakqv>Ic(e6n2Q5(tyUa!$T=h
zIM)QT5!|i&n^^c8jYk^bLl#!Yg>I|2hHb?aq7Ll~QoN0yPt#2WgoS-H`XIOn^g5|<
z3ENoJrCP;YOx3H*!NV`e;QV`5XV&`?ul)SJol|O-N;fy1pB8l5b7DzcZ$R9LYl`ZW
z<{5(OdW-PpLsmw|repScExi&?Mn)VuKApW0n|=x&bhtcU5HjOe9f$I5GdA46nOxnx
z)PY$Ah9?=K{q_j4?$E7{$#2MApa`V9$2KH(Gwc?hUvtZC%cEJf2~Y=bjE_j;WS0`g
z1WNA#9YMb_^?q2#ob)r9_H{X2W0*t+JD?j#BdD1#Ye&3kMcj}8&6U2QZ>Z(*8GWwD
zgCl3hV*U6Dit2*}@qOatD$VKoLt?3|XHDs$FUkndXhj;FnxE<I)MJ|^U3tn1YT$a+
z@e3X?tC%TS7aiuKG||A5PtcBd8K=fVA?U7wVry?$Ls>o17jMBBx%0SwaLF)cxMPF&
zLOFt#XKCAqfr@S=#bd>0vD3R^`O!qeZgj^RwTd6~fQJ9vOv5*7f$8R7ws2jze0RyZ
z(<&W!RPODL(;>xF-*%=PUxxrQ_3GfV8EnQ#`En)%`oLc_PshBshKKP(6KRHQ@)|kl
zhEiHXfL5<I{U0Qq?&tf%yQsSSOordh_(a~I3Y;a~@hO_?$@gi$hlf-B1#q>GQ-Kx<
z&lG4+=a>HU&p&<x>=>cn^DbMN`<_Z+GoPn@7lZd|HkJSfRi)c};`xXEQPOB{E8pMQ
z9iSWJ-+cIzL`dW~)KaslvaGD0;g*g0no@MZV#4fbP9Dm5;V;3(;~gZ>X>y-6d;^l6
z-{HBkjKk(ZwlddtTJ8Nh^89}XL;O#`AxCBKzeQ$W|4hNjy#Id}R{uqc^M4aQcWdN(
zk%e*J__+gRHuw}_yNKIgqVY;{Ap-`@t4h9INl2-=cuO1Ehx=E6)o>I9Pik~c{hbl%
zZ6B%d)iOjSR!WAbf(7oVoB#gh?_{qijVS5?;Ug6=>)@O#Gq+Xz8&MWMJ5v-2qxX7e
zN_qMe^Fn*-4=^Fs0GF2BJ^!p^SC>7HYQ%8<FMRy#oc;9>YE|%I$@YYZ^rKAeXNZn{
zQB=MBr&zI9ps}$OdC3x78PMNndq2WIUX4v2MQ^ept6^Ai4S-#t#p-r;1t)Gg#fXrN
zOqM9b^mk8(Ji+#ytXpYrd{SGBJPU6|wO4k>#NrU>U)}G);+Z(2lBUPZm{Mv>-EL)N
zXG>~RlD0c`J>yNOCnkMmSAZXt*_P?IQG?_Sn}GQ(d`WeL;f_H_t7Ai#spLH5YRzU|
zvj}P*jo=SX)On+1oUZ+n<3CCV@YL}ZX_snTX)v}9hZ5)n*|r{!J~Ok7<~PMsdf2);
zzmI7lUhlI}T47LU@tH`#6;)^F_YJR%H#e!$Vy=-khjoPP@qBCzQ~#o^B!j^_W~hrh
zxOJVr?faE)R8~PnwY{|<WxWpIE4g*qjMcKHa9-u_?#$4kZ&V{K#?3Zdv#yq3&3P0l
zbNSd@!z=2VVvcl`)6J400NPi{q(iKK^XqvHUC1`;{rjZ-yvzKWzSK(wD0}aF!s4TC
zaVz!peCHREaR~X0&M7?kTX-=I-pR8U<rDndJR`juqmcZ@i^mHd0SmQM*TSFf_vaK7
zE<9Of-WJOg)g0is4l(Jh_-yI3qx=d$*y>9eSv9lA6OSWZvBK?8^lBbnS&7Z@{xq&W
z53BxJHvkb9Q+LUd9W)Xe?aWBrUZzK^-a_q8Yh72)W$@Sss$m|)fKaSXs>-pORo+vL
z#grKUiWzIev(&eD-3;O9nlCmS<hHJA7IICL+@__>Xcm2{e;eGyUPcIvJX(i(nDtli
zhYgNep-fQd4rTkLnq(=AV0}iY7Gbs;c-r_zVDoK@sn}2N{K2y#_kn5~_N@GLfxuA|
z^nh)bi5_z61X2FwfuI_NpgOpI1H#NrX*)Fm>PMhUSy^<KQt6l+;;(aKQv=Qz<{z*7
zBO)1;l2{#hUo9{%A|hgL*p5@M0#`>Bub7Y^_TCtX$3SU@$*3^6ZCieHA(JP6n`hSI
zd1*J6*D^EhDe|4N#PI>OHS^|V?d>>;%V!0gwrZr}cL%ZxteaQE0A5WhkoKS#w$cDO
zg<&HoPj>-&%@vO#AL9=#)o4eg$;*>(jgLi~h-Gn7l&rd>s1jVg`}-(pkD90!*kG@f
zQS%E_K!21X3*LrRg|61(Vli<ziy%qQR0$8f1Iu?cCidO*2ey(?p<q7-=+^60mf+cN
z1Gl5*%47%-9&xyN#D4{D&UGmZgOLDD0*FlsXG3TVm)_f6B2uvf=o;@fQnckaB=^5Q
z@9NqSIMYpx8Vg7Hc(0+li*pAlN?l@-IJ)lUoRNKU7@WR&>(xP|G8^fEW?AHhN^AmI
zAd8!4X9CN{a~%=WdA(ouP6+k`NtrNlP9DF<MPp?$q?YxWmSUaJ0$(woJYGYc@NNT=
z!PsaD1HPu)W?$=M+lPrt#6*N#**i3|S3u84%&kO-(fJ&ObKKcN=<eIybwX!C3Vsc4
zlK1c5!*E1<bj-prs*$o3S(&|^V__%VBoPG0pQJ_#G@_`Qf-i7}qZ%n8?85~RbynAy
z&YiL%`HQg6{EbDNnkf;}n!$t4*_0fK1#~kLY2C+Zj*%mKKr`D5?*z(#7P0R5s5XIL
zM*G&9S0@U=Xdyz=pLCZ<Krst}ps0T_oQuy-SM9Y2Dz;WED+N9GN72(+QJY30+Zlkc
z+t0A%!v#b~6mNa#$4tRo1F_o7qL5%xHVqffoAjDtR3t!S=giNrdCY9QPq&^waboUx
z3gIEjn5RGWOt3?o@m`0+!j&MID<QT4LFm$xqO60W8%ULGBc;H&pTi1DA2yvB!hgbt
z_w<8zDhG?r0mdF*vXr<Lg|O5TGcO+T1raOmDCh@J0Q57iIZR*yuE&5;isl}h?{}%f
z78fiiFCM$jqsu~|g-vdxYcwh65+K1a$g;kffPAC*m;q`G5o3-zRUVrBwGki52Qo+n
zyads%$`E3z6A_SBfTwavq`8yxAHo^vIIDh&0V5@fJmawps*nyK$NY@6rr$&Hxou7)
zbwni4oF0nUY~zr|#F`z4bOsXwJvM>~p7529ULQ~bJp*d=G%E0tFh<A&D9g)+zA5ix
z|9o+w@EZSo4RV7#L7<|n`#4U0IuPCnG4*}hLzkCL7fGTP&&f?=nH`Ljl>#^=KZDCP
zfj}qx(Xcm|$jeKh(B(bn&@O3=JXgf-C%hA+Y;z%c;G<CQC&m}=6&M(*$HK<84sBK<
zV@CAfk3$nT&owKAa!b6RfoEC_L*I5(CS9^mu}5rpZ~!Oj>aUOmd1`U0`7o;&tl_2@
zJuOVfMQfGZG2BD8&93bh$5;JA=TJtM2RgjiNEnayI}&|bMtIMXb*c}W03Jn!gFu&U
zrsns`rvsCcQ9FHiXzmD`mf{62Qt_b*^uqNGUa)8)->Y7W%c$=sSFP~E`}ty_>r%bx
z(%+dP{HjG<C?bk8!B#6Sbt;PqY-5YurGyyO==TAef%p53er1G#TaOx+2TYM8U!khq
zZRZ^ioL<v@yrB5`G*QAUzu|XmT~!<^+CI1cEaD!K7w=gm691x#kn^&;lj!i;sp-$(
z&r4n%Mt@4Ue<Gsn+F{$zuRi)*c>=%H{!i*x1iE6|I$&P^2<!hrC8HsrIe!iMn?wBb
z31}{&F32~3>dbGj@XN*cAA2x699fhU!}%-aQo{mu`72KikkC)wo8H)OE*x6tZ^qc)
z@#g;5oXX#EWwig4(f9901|)dAeiQY2n2>pvfUJL#1Z()AMEPi6Lr~f`UlJ&Sgl(O*
zU}$JR7MJ{Pvt1tFG5-+xoBWmpvBmq6@ml7osQ61+zYvleXfMHRb2?%t-F3uo6fBRB
zMXz=y3fHjo_v`>p#k1}<*|_}8Tbtv$ncHI)XFz&fe7|4F&2EZkGj3iBjH+J@noUB_
zJ|OIB8!f?YLo?RgnKdpUT(c-hI)C2VXMqaCw?(Y4Q}?wbjkr3|mXP+EpRZ;6Ox-|I
zgU32j{5Gi=d~T+-hMB3Z!K9kvGHLEwD`>9YoT$c@zHf~S*Gc`!R~)8%$@?I9-Ni#I
z<nRUy9-5Z4Mr)bdeu6WT9#CP4knfIXy5~t4ps@B;^>nG64j{%HfxlGq=K(|3_1M`(
zV~Dl=TDJO9|LpTv1b+$&f2W(*0s#NGu{d6isw=gQvw}5HMW+XMhp-rW<~{JC@)MbQ
zv{PXk<R+>*$!q!T@N;HWx2#Bhk)&cmlbLRf!^0nihO>Py4kATRn4T2ml{I0z99IY6
ze<R&hWRYXg&TfGEbjN8-i*E|VhqEnzvAed+=i1h)7a`qD62#MS+TAiimRNQLA#bVV
zM{QY?R^D9?(<nN>7xuxS^PRzKBa{qMU|@a16=Ra5V%vhnHN*($<4#OAt4O&c!(5PL
zs`eiWt`#A#GiO^4+8&daJb~3{&VJ=~bMx}r4>~-U^1$6uuzBhLCZFv~#09QlLeFkG
zM2N9Ar*#6=NYFQhuCgO3zL+P%8P-HVM6uD62Jo_gbbE#$#kkhq67K6|WILDM+IJr^
zsWN$||7;zBWIwQutghp-h2yUCem|@c=xu0oLp!rp-nKEd=e{@msF=`Mp+w`49}-UW
zI)DA3KK$@<O?jqi<QkSP;8rwe%d0u>!ARAiFU}jP*{F|bIAR+L$vL5XQ*y^-zkE2M
z8|$hM3dLz?zZAB}VxyydNl4jwm3y{075SC1$_6E)sm$l`V-9#ZE7Z+*rL)J=Blp?x
zkTbDpqoOUwXQrhwkndy|KhxBY*!gjbhLkyONg#a>U%~=<yEb}~hZ_?~c+!|n4?eb7
zcns9(a;8cjz+mLCpSh^Js6u`%)7RI(!q*CKY~ia=q7??@`fDyPf#>eMB~PLqizsa!
z32v7PD>J8<p(L;Q;f9-G^fY<r<CwijXe~Wq>L_TO)r7c3u?1F4s18;1Jvw}%QXN~%
zeZ33whTlkrs(z=P<iYcpV-w4%u2FZEdQ4jq1}^#xNWI67K;P2qlos@QP3G$VOi|mA
z!5)kFA-HQ}haGkmtqpteImqky$r4Wc=V!HX#tnk3WMiNJNB_B5N}HPXX;#t3wx#%-
z>EwOjE~h7ZDmy{tMk<W=Zt|30agW$cdw`s5mDhC5f4EJ$-xCr+p8j<BK{u1x7$qsn
zrdy$g-aLfsZ$35f0-yN{%n4r0<L`b|B+8G;)Z_;&9<Ki$N$4u$iq62*!m5A*L==8~
zr-<%%`=Xlk*LNcy0Xx?ki3M{fKHyk+$j$h-u+{A)cVc*h=yF*>07-s-2<o=0Ml{xt
zSh;c2z0$<MuvLLV@h@nmPz<;j=t(68JSKx)a#aR+l`dvm4kPfxTpP{KK+k8px#$v4
zZv1=&!IY}9H}mh@JHXDq3A4cm{y&hN#JQBXOO#JRKHK1~m}$8+j`g+ZM(Arf{O|Zh
z?DqlFeUoW3Irph1i@(O^%bUc}FX~H}C6j@}`49eg2oAjZ#<Sh#%3ZSV&KQcY)&0U&
z6&kpR;u%Ns1;Jh-#~GKq7VQ(6muz1OXNdZUuWTki>|)Js>s7gP{2o1*_&qwn?f&9(
ztghNNICT4FDB-JU+7C5cU&6G=JGoilNqD~xQq5cdb=>u$Z=7sGCa?16sJchI77N{!
z1#a13md#`iaf9xC=nVR<eebxPI54{0s3AEghf_`5Cs~qpw|d}yIe`k`#qU|1ZrCau
z<LB{7EK^=8h^LcKQBgJZt9+iQO&w#>O{0CHwSxOJT)NzxKEhyKYTj2M^m$Fc*In(d
z#*3se@{$7b0DH@ZR?c*PUhNva9<(5~yAv#vewv*Y0k&58kWc#&gC$5E9)FDon=c)Y
z`TbS=+=@h_4OL)FRKE{CRd(p^E|!4@*W516`6QcM58c3E^E@$Y@8fr^qBY+^RfI6-
z_+y<<Olksow(%d<=k1?KqxB9=wlPR4X69>@8J^Nj){+su?&A^eVK@p~IEqik8C@6A
zWLIfQtt=+`Q6}<fO;R!(NBWK%jcTzSou@Mznog*3a?6pfThBRK>Nm}XU9ku6U(~|8
zcR99t!xq?`IIt7`Ji)oLkg{b=r;+b(*$zed4es1M;N6TaAQ$_Rux;jXZlSGlAi)?A
zm3p4D*qv<9cu_4<(3;rbcKv9gQp?P2@IrwfsR^@O=u`9CN%<N^B$)aLRj65TFJHl_
z{-e~QjfU#@fv_+Gi&WSfthV=iO`)yt-M_}~=2#?v9f}yuk8;lL9keYl7N>Isqzt5!
zl<t1$t1uAFZUFG*8}9vu9=j-wLq|re2UZExOGy&(3-)*2)Hv!2UoerC7^_Uw5V_xp
zWf_vw%V$mChVq7zkQY`o=4T1`$rbZ8D>ag$qlr?%cwUhm>XPhh#&m1NEFj*KU!p&L
zm>WoMJ`M)K-P8BuvkRqb&F)Cemo?3Qrl?<}UFl9VhWTqcxpE)Mu*WZ?C+{lV_+zuS
zCo6+liyb1zebyF~*`ob;wu8#SQ-LV)Nd*A>CBJGsR<o#3rl`)M!K72gE7GiwM9Qf!
z`>=0XdVXfzSS0T)I;Dq9x{!xv%904}dQA)M?!x8G!l}Nk$AoO5D=&hykxTse;LvQG
zs5#Bop>J*^6mh^92X!R?4KWU=)U2RU>7VFuhV`9OFfWp+2liOCDsO6^>9p#d++MMc
z5>^4{4@$C@k4F8{miB<6yAw}RjfY2wqeppI2FMl=X-E-y?<aeH?c{D3i1RElk1o4y
zwyuT%H8iw)p~l*Fo3HNHFS1<F>lZXcN-QiNs*iSBnLJv+DyXjU`ZDcGpnv_O2IH9a
zLvO%$6p29p1o}T|J1cbeVQTLVrC$DE@z7__=VvCNL$W2O>;a9HqDR_JnjPJxLId<m
z4*8GG;vU`Wp|k9Q5bf{phf-NTe8Wp{xN8&%UNiFn@b!KqE?6y4z5dBO369MhTDV9z
zkMu+_+L#4XgLFTMN78$kskIg1z2Z4$PY!rf&)3&WIh|#MjqjsaPr?Nmbkp*lBtAY2
zBjI~<uK|;mwupU88>Ysf@~9RAaU|E8c=CXXM;impg$LLvv`4!4ilsYY!`g^e<wgs^
z(~?S3*ecfy?b85jNwH7FpmDeElNvN;D>Eqeq}67y7R^6eDwZ?|&5Id5@iVjKJ|zSJ
zyL*V4EmvD60@7C>A}~<cznf4@`E3mki%OoOlu(W^EmeTx;Q>4ZQ4zH#JgE1_;$k8x
z4&7Jjh?&{=l>5JqibNSl2lfpKoLDb!E)2Rc9;@@^Pc2CTJE4tQ=u&PkQ~$-lv-o(e
zR8J1GQX=&($ip*}%$rpg9=^}vOSmZj1QjI(RA1;&_d2Ui$tf!Wub-FOCv?c5QQ`?)
zUbP65o&$G7wTH)oF!a9~ga%|$<?i+K9B(D8$>m)M`T%Esp@2XQh_q9Isaj*g0tNA*
ze%Axz2^qy6oIqnQNN6lzldrVdWoK6Emo|4;mJN0!_++-YEn~<ZKStTZ#<8Ib4j-7#
zRwkA~hB$%iNjypC$vpunnI+7o^eZ`?Mba%|>G>;WqNHO!fc6Fm+rn`>+jSGqeot~t
zZb{K(k1B8A2v(DLkTB9d*qDi5R<U}}u~9sSgBC=}u$io4rpaPXBdn6Rol_iR7+}}S
z<Ucq%bN>L8vG5WTJ-Mo~HFQ(pFLt#WICN3+S*84Px&EyJWpRj`P1Bwqg;^kr!Og%@
zBQ+ea{`|9Cnkx$j3q}V8pb%^fe#d9-9o%<LK-x}ot)JUM+aEz)GwJdVb{D_1n;+Bb
zD)l^9lX~}P)cvN@+jXH2FI>u4%tli#9<LU651RBAqz(ouhqKZx=DS$jXKd(q_$i6d
zC(HTCgOpJ0%g=q2AA*rXJt1nSgDu^%mZ`QIVqDN7_R?+(3_zPHPBQ?@pQZY$AIf{&
z)`&gswp_s~9bAjb#WzBzuA`&P)1<EFt3(eImbLX)DZ&Oc8)&_=C7xVF<1_4?;Vb+Q
zLuyN5z~jj+FS+YNd-IK~vq(zrs{EbL@HncJ&@$npv9!$eB@TM)({l^*60YYb6_XHs
z9w`0Nrm0XISZhPX1IFkJmuH(_=!}uurQh!c2PPt5q}Xn3rdOLe21?H#z!yp=7p7*I
z+B1{LETHF>WVZS;Pr_>(OInoCw?#`7cEEPpKDgQ)cfbUDdfq*#!9SY-bE&<nhI*Ri
zOwvTwQgg@aB7AP*7<qmx6xVIZR4IXCy^m^J%RIWpUaRmWA_Sv)T$J*V*Q}LDY+|Yh
zkjN+d0l#Awx)dXqfWz=K<U(rl)ouWlG?tMN9V)`q%hq;wR??6ZK{-ySjmIb*lYPmr
zw89AL;id;Jr<UT*=z;86DUckEh3=6@MlefFo@zB^ZN|U%gLb3FKw2;*^vD4<9&(;N
zWV^sw&mD{7$Fp8;a>Z@;#><UKOVb_ZZcdQ?y}MueqBe|;_sYdlPz4)JPybmvcQZLF
z>!g9%mz|`ug4apwaipkj{4->5$l3Lz0vf~)QSc=#;OAMf2Rsc*M*n+=4fq^z?Em8G
zJ$>$?k82gJZ#s>5>e1ZV%W@4!g#s4|n0hnImF`|W#^h-bNq2MU@j4UmNe2IWq>u7`
zrz%l?e-Hr5Q>j<{n18yk{e^K-X(!!F(h{=XJRx@=t#O$dH%#whz#H)NVzB<^5q8Ny
zU*YIRya=JL5n(q&3qrZ>OQod*`rms0=<aV{P6_<)0Fd0D6^H*0sSy9IJ}@r$|1{nZ
z`e*&2tVLm~F6Qfw5n252w^I4gWX?rT^80$FTjT!0NvB5tQF2?0HlE<g@N8k|HMI5a
z-XmR&i#^9rPly@*tZ)2x@q+&mkpc0SUx6{8@{_n|=kI;~KmOgDB(yc<PpA6Ns?2$1
zB9w-}pT%{+jjU*(YyV=3p=3$JUdeE~62e(1g@ei!y>(Fum2ZqahCV<ZREcqwy#F^V
zjK#qSjI3i!8Qj?EsM0_GJR%kvh0E&6XINOz$~6S!5wo+_Y`Yv)=8|Z7)IvLf>z{#A
z(SI$<;>fERX|g~wMFT-#DTloE&jVE}_V(I>@x}h);dwj{Q;`e{{i(4bF=aXGbq+f+
z9gpK;jajlYGoz42OaIwub(Fy*>A2|NJL)8*NP=8Q$9R3vTY0@LRpk@UJcre34GVCy
ze6nZB&ZM{nOh#Yih=ACg<Xa%sLNAw&8zYom>=%msmzpXUt+Xc5yX(;np;1;h6m&u*
z-`)RGdU5zAly+(*G$pWvIK)e7;hV0L<Hk2<72>gokHydpJ#K)4syJsmR4Y~yN0m_(
zBQay4zlq_z9oF^onW^`UHkYo}&M{Cl=PKT%!-KBYP>!=VY96%J%=~$mTumet&6|Dd
zsRmP(>}Kdao;-;DFbZ;0r(_6TKELV1q4LgyaMz7s1)#?HKM;ROKE%6gKzWL+X~Ja&
zG#k>t=&<&vt(H}IOVHE_<5OdC)Y&H<*PPKqhZyKP5n7q|-uBtdTJ%ytAHJmW{3IP6
z!sI%oN0RSD40n>=9F~+pr^8ym0XG+rdv2%$u44;sTfl7!P^ePb?hR(HxsHl&P5t)0
z8v+EZ8fDmF%OBJYQW|YGzPLD3?C{@r6>RKnGfIZ2#i~nJ@z_0~&^#g-DR{@oOUO5a
zW~&a6g(8vvdYdOQk^nm))d?l@A|gb{Ny$`D_<nONEZ!0OKuK}N!AvlsLcIP7zeqg2
zxX(<yu>9I5fK97(X{5wBA!7!;E<N+KU2oC$y2ae=K8%Mnd3@{SPITaa^6De%Y<NyR
zx74|+yoT(Z1k<SH4+{S2a!gSfO_5~|JuTDqVM3J;1&xdzkD`EtacKAOz5hsOw17)D
z7<}i|R8J?Gr7PBAG2qV=nomhgm`D-IG|7+#wL*HSjP@reqP*roZ&@6TZI%@au$l=A
zHpkMpZw$V@3pG&7{*>gk2~b1Et-3@>z5tWkqY=;lRTObq>cO|<*VJ0aeCb*j$7LSx
z@>Jj!IkG?1SL+c1{g#x!-qM>p8kgzKD&pGoPrvF?)b)tjjT%0lV1r^^a&?YA1v^lm
zKCZnpzIzfS#J^VyISlr<1UPpO@&3hpUo@978Xrk;u8Y=aW<t)0-@21LD1b=%Am>-;
z(%iJ%!o%L%Xq@i)-BFKQ+ghL!bNgEE;a5z!a@4FeM=o)1uaVH&-aRirw_Y?n-xDq+
z9IOg<XxZ*~E!H|)j0Xyz@H8Z1zoN_jm67T5yIoAEMq%9XS`tbr>U7?YjD4pQlFocn
z#Mfmnx1fIYF^mk63XlrU$U0h>4_Tm%pIjtjNz}oSEfHL^w~byhT8!^^>PWbZEpPjn
zwblY=VWn)F6lj+wP+;;@dpn<k7|_gqf0O{!p?MXvMd#jQXQykn)jvxLLjLJ2y+5nN
z0DauJM*WRp6!bli#~O)d=6V%U)Z~W_+c2+rU{m?RIhI|XMf5CvF*0Lh#{sY;=R*CA
z+$)=RaU?M)E+5L;1ySj|FN5&V#|a#U`=Mop-VfgpTsz+uO?Yepm!_)Ge(}v3d+1||
zS<8(B0ya(T113|>wn~oP?vhhM6{oIf4&rO#385V@3<80t0$FQCxRKFQJnwFwPkyOq
zpG>nO*<exYPvnKa%(7R<Rj8$Z5cKdzV^CznREe~W!b$jTe^24$9Pum%&IG#@(8u;a
zXQa1`2x*F0?HByEW0(=Wb}ha3su(EE0=!0yHyW{E_O7)aDa%Gf;RX+R_@x;1R&WVl
zjr>}4)Q5E<(OemEErlqst?<Hpt5Bt02vUM9Ju&Ic_(rv7cNoIjNrcrC)xpW=Vdg$g
zH`phLxI<@3T$<B-DC(m=JIO5=(veO_ZoTSQ@Cr9(Do;T#-OpPg)oGucZ36cZr<sM_
z9t#%-+2k`W;ia}nqYnC~S&F^Fj%asY>`s2g_tcVcXWx012;npKz<+~6UW1kWs>CVe
zfBTg}>^2?&!3qH62bbQze`(hMVoOB#{*EnxxEE}0{!ZLGz5**gQ&LRSe9OS>*#j3B
z(?<_qwO89S#mYzFRB3nnQMQTHT#AW(J=2_y$XI7qPO-#qFl1Hjx;1i*U%{4yASR9E
z4mbBBSU69;gKRoomFe9oLg+r2KWwPntuo|#w!DvK7%~{~-2P!PA<@sK3qaot83F-D
z>p|L`)gs)?oMum_(7_JgCt=4R_6~M)0e+qzZ@rCdpSrLDLboVswGC6(P|8$Gu(La^
zG{^LDVt=yj5%cn<J)%uxc#8w`?E_Hv-p%%62m#w#<~?VcQLwQ4mRXU`?eoK3N)v^I
zW6Wav1$|yghQ!r{d5UM*5#?{L<vh{)#0;fxF*DBX&9ag#Z4x=3T<SINdHmg~e}<OA
z2sMKkRcr|T(a<eOU_*ry%qdv};xSFE8qQ!YcB0U5;&<E|b%v26M1oIgU%0CUbX&GX
zt_b3#-9Er)Ii2C#U#6HHJ63~NbDEzZ^WJ{xZRDfoG4!_HD|-a*&bx?Zc2*|uv#&Z4
zlPgs>C|o<ue#`COn{uQy!3_;7>09WtDX+}4Piep}K(L1>1fl*^P;#Jw-p`aCOCkh=
zZFBImL_Q4*gy<5Dg-T%nKSo%Bq|Q4?4j#|Q46^y?`SuHi*F<La`#ZPI9lO#wigmIX
z)WJ$6j#+YqvQIUJ5ga!G(S;pq_Z|gZyfPG@4b4B3BRK4o9WR~3n%p61-`udE7E$WJ
z`aS}`7qOwNXv2+&PrVp^`oTgKA7{xb(dk7I4g%cP&E{+%k%C-TYcxzo_0HrG5zj07
zLj8YG+CK>N+#(Z@w|SKGy%>u{?R21Pgkc|(0~d-7K=k8xB$~X7O=r_$1k)nz4--(a
zqQ-o$r1ojyf!!-At;L<E#DWE7(#^VRG-}CM9IOS#*Q#<0maB!`>LQ~;><;M<bkrd^
z(+Lvi6X`LkADfM$TPuoIuiqG&cGL666yZt8F>9!*H#hdX!|UZobF$z<xFX)U#-Jts
z=T?aUI*eX*A89910v~s<?*%V?R4HH+n@k%R=N6Vy5tNo8))IF??|b-)w<upJLWGMe
z)>9e(CVMjRDx8@9Tu03NIv~K{TF-5Ot*jsSY6y;jD71%mX{T_G_Xc=jt(X?P{ct~g
zbLSXmk%|ua1x<PIZbUhoC6*>y0={sMK8Qtb^u_b9^F=X_vXjy>x{W`{Zm#YBNJ&#H
z9cg1(wW3_te);t+w|fU{#i{rCj5^x{;dfmajZwkmaY-Vtl7U*=t*)4s(VhGy@kF7}
zn+2m8loIDYHi80!>Ha7gzb~pClF#+tMvnDb6OIn?;Nq(?OF5y4yKjvv9)OIeqi-S~
zu_O<+Ef+l551Lci3wCW%m%cOO%C{F{&_D(?wRp5!j8=M=+1)<%4HxSAwiG_$K<)LQ
z1>h)@Lw)oZ5x%<N<7cOqtt<%H675{_M`NU6kQhOtlu%+hIvGCa4+Y#jx}0PPd*GI`
zJm&r|lbE!$bS#ve0g#&M0xU^_7K0%iL$4LRYL50<SVpokEL*wr7U4AF5#?@+MWsmy
z*(kKXfAMmZ%kzh=uo4RDfrbNa8>MO|CJr!jZEC2x^Nj^cc5g+^q(2T?H+rMynInsX
znO2a$Y#)q_1KI~YnaCK`vHi4)>QH6!2)HjunyjP#3`8(_r2ASj%comEbc7g_eDG!>
zn8@sgu}F*uIzkjQ+Lsv&A`g7sYqMCV?f-b%X~iO?jFrvHfSp1-Shn07V?d7qHb}%7
z<3uMivn%6y6OD{^St`u{#dmtY)rHJ)evb-q{n<%F9nR$=?!5h@hD{i36Le{ltF5~O
z-1>Q3v|GxB+Sz`Wcdiw92|iCau~#>F@Ep;RejR=e^!Y_%X4$)|uRQWVv`D}>ad4}V
zo71DNh&hokZhFZ9qbId!S4}j3+5k^A@Y;*YhF9J04KV>b@q!XplIH^?f0Ofv6}yL9
zasN|A{F_P)pazdGj^wnF_8kS2K@R}gA9+b~EO3zgA^4Jv6~`=CCy;CBI&o(-P}SXc
z-9EMZSgdpX?RX*CB6#fc>tM*TpcG1p4Fiu%8y5zCWA`rF*zVaLOLkW&$sMT&L5i*P
zR`0bq0G>g7b9F@B+qfK>!h;-hH+8JTup60P0`2>fPDu0<8Eb}+5<n4+y{0`c6!q_-
zRK!uiH3BJLN5&r>zhW(j`=y0h3F`Sk(?l{?Q;S+0Vo#vSsn%^^&vKO#UM>yZ$+ML`
zK+4`T)c3aOY)YV;4fJrEHue->{XU7w*5-SB1a<Si95Q{gqimh#jnb+#K2jV=wcik=
zBO`-cxX0jM!&p6h%UA-`W8mUmPQ%o=@+S?4$YuxX`=pJN_bPV>wro={y#WHa?G>Zn
z7D)b?wB;3anwjao-7E^;qX+$zuHITW4zr6s_51~&hBLAYuLQHR{n69m?bl0%k`}Mv
z*?6TkCS<uYtzTT=%GYU|7`+}k?rq3}EW5V``LMzD@S)@992O-v2-y^4GmzfBPJ>$Z
z#qrF-wlt?72MWKkSmFsqC;M+Hkyd`o`F34TC6oTBEO7E!YA3SEtUrswCt_Ts&1aJ$
z0qP`!P#hSQ+!pNGg5--&B2&oCCeT4gS(Yzws4efllgdpZ;_3x21-xDkoJNrKcGoTs
z#5~`zUu#l6)T?1UwlA9>z}?l=n$>y50eyI0zdL~L$;d|g!)3YP%rHTNC-C^_d=#*a
zWi@OC1#KK^RYA=q1rYy$<D}umB={hFBYF8xNdbvUWW9r%K#PE`$+zuLth`CrAV6ZS
zw1qDL`&lg~qDwErJkGaU07;S#$E-DP5m%GQOkOo2Pfct$2J>3jr55x?I{2b#@M0)d
zkY@Cs;g9T(M>KhxxK!F5#lCU(wYy%GKfU<My@R<72aSMJxCfttq<pX2R84b~c7<m@
zgTdt1kZ6SNyItyS2mD2fI1k#+{!3S0*XWkQG!i}3Set`vpKRML)^WF+J6j!I`(e0L
zrGt2P!Yh!^FkxRwdfzVfj>cEODDDFy_0La~8Xiwcu%EcS(LuL1Ngd$srRsO#K_ZeI
zoQ^Z;j=_v2@sz=@@Xa@y;rmVttuiZr9PCQGSazPT=}sjq00VlVyjI8H&3YtTPeG|c
zk@SkI(P!F^nl95B6Rq=}kLH77WV^TZ-HR;6K&nv?ii9}jc)r~fri)Ilxj>Yr46a{;
zyP6zIdtlbl(Si@_@`jrEN(tLjc1$?9&Me;TdTf99(?3qgzFbSt^;8QjK{A}CIAX$l
zs8FCR)#`?*@dU()@(ns#!CX#aPe-rxM2_j+^HX>G_6RvNGioWKzpWgy-GzeJxBch~
zcdrg3$+0|cBUXq@s0<;w8nGUxL#GNfi#CDkcA~`fwA4FNl%E_$3dlIW%HkOBcN<<m
z?=LALXZD&-ovzfQSFLxXKk;P21ug5fLY6+`A(DyrzCA^5`*RBHI$FHf4#5~TOW~B2
zLcH5Q!pwCLS3KE{H_D4pS5C+C9O2VbnSc$2SrW1uCZ-p0-YTe+V_$fQ(P6-YG5KJb
zcE!m^&eRMpVGfT`N;)H=PC5x+Nph+!zSKAXL0)TLY?1*bIR<mCMZ_Zs<`eF@>ZS5i
zpQOYyq$7`B)ST%!9y=0&DWyrz>D~1s<NQkZHYsoo9ZU?!`$rbolBQk9P!y4^B1hKY
zAP+(He%v5);F!BDhpM#tu^16{X>`7Ran!L*JEK~SX1&>wB?#Ovd147**yj<jzzb_$
zluV5c>LUxLzUOLU_XrY2kf2dwk|V+5wY&|&9PJ4jlZ0kAl@!unwg+2ftZFng{y2UC
zJA1a3g73~95AB)B|4~nWwB1M5;J)ZoFiJsgiLlAy`q)=S=tW@4Mp%5gPpVFF4~14_
z1;Eq!lu|+&tG`7Eb4Iz$EH0@evDdz#uL91t6+e_uHkNYR%8G)V&X3;nf;-peKEUVv
zK8ci!X-j(!dOkA-D!)}wEm2oFe{8yd%tdc-IGW{x_DH1hGE?LRj+9Lu!wK)IB08#0
zF~bN6C`qC%Q66;*y8!i#2mtd}P1pVb7M2*ml)x%LM)KncU`h<=PF<d!oaZfKv>h$m
zjMU4vb-J`;0wls}@Vc|q;CEQT1_Ol@k*dvR$O(dEQwda!3|_&-OTPP28znQB7ffr`
z4)E|`Y#ILqhf9T2DG~C$054P&41nT(L`X?x;TM3RjQsXOaB(}Yf8{x-itZpy2XIJ2
zXNZB@QM-xsDF#~1J^B<Dak<L~6EsUy(hK}poT?TkK>OP#M|CRcrhG^HT(Qug;lW?b
z@qdb{Dgq+)L%Hl2?F}|l9_{X!ml1}ZUap<oCmb+(0i40iN6m$0kH}OiU_|Mkr@xMJ
zL4l7-OhIdW@<^HH9}zwPmF7btfoD&A?bhoQ;C2Lml7Ag!sFH%#S9_i?^*&&;6MC$J
z(ki2`sN}oMc(wzYnYy!mF(^A=6tx5K^}gI|0J^9nJ`ElX<(;g;c~3SyUK<0vT#oT?
zHj?b@{%5P?@LBQ^`-9%GoCs&$tmIpDn}Y=?m~@?yK<n@*@Obb0$3U}5ANR7QfMnkt
z>sBFy`efxkmZQPsUNQGo6GMTp0`D}9FBF?5=@MRjAKpcP$=7zEJmsICU(MmF-4DRx
z_@`hZux+X`A$*ihDRv#SBA9C1Z%@wk7p@<HO>?btol0HLS0o1lGDoru^6Ng0fr76?
zWmg^{9EGbXD7Whkj@SC&hVCZ_qzNTn_y{RQoY(X~Aab?VeiTkJqI!Af?N)*=e@~>q
ztZRzH$88LR3pVb)Y={CtYp{Ls&uaNI@()0#tP;X_8z6Z^usYi2jMG9F9+9=VeEYZg
z`>QzIKOqF5KjB~L#ec!I|2B976nG8)YFPLWd*}Bce}z>3#CLxcyWY<S$hTt(<CTE?
zYksvu{O9CE>Je}mLMBgRxWXUi;$JM%e{tdeimbORb#oL{8dDDR1Nh|){hx?Rp>g|n
zz^+(+TNejBg{OU2Zch0(kKwN*{5zlVE7<>cjGupsN&U|6Feotp9TW85(ae;Hv7u~#
z5@P;p`oEc=KZhBvtpWzhKRu0sqNiAB%qo60lsr`Ps;|O-{}L58Xl6?Ns*-pdWqk3@
z$(_D$21Jlo|3Y8?aVFk4h>l{8US)~;Zi(8#f+`FIdd*e$jQ?VQ{~^cqO9t$DNLe@E
z&V?m1h&|Eto&T@B_YP|^+unwCP(cx+1A@|`GKxwQsZtUZ6_GAYq)8Ew-g}6O5Cs9H
zNC%OoAWeEpr1#!ygwR3{Bm`352c4O7&dix}&UanE_r1RN`_6v}JbCusYnQdweXq4P
zyfD<t_?Pd@#@KI3R`ps;o&P2j@CQ$#a0v){Y|e$ozC*gxX3lGIbc2alVI}-^qnN1U
zB~Lr<si{C?D<P@OWS4-u;78wcLM1bQtLV8;@EkBF7XyL*jNNV;+EoIgIb9;AKlQb8
zY+?hfIuZw96P(-U&v!01b-I5i1`HO$a$PTY^*7E)X5`bQF9!-&$aP)e#@u~K%2YBh
zKlpzB2VwFno%Dk@in<A8nkA~UOGick!Av`DTJbn+rqW6~OIs$$h}}^cU1<5TtjhL!
zN4d9Xo`u8px=ne;7?D%`wVei1uuhq)F)FXeqms|6xDkNNsRba%>aJed6tbW7&N0b6
zb{nNVXTY3vMs9yL<6lrx0P7YFq>o$LEZv9~Tp4}$X2;oXrdiWDB1f(1yoxHtt8Yd`
z&l$saUn^$ki-^?41R%GCE@=<sS+U-feOYA9`*yp~>*r>m8cR9H59aBj3OA7M)l#YB
zN;>ptAmG;;rvHkzybMUW$NlD2c&36+6H;e6(n@g0i$=2lR2OBmwHwJ7rCq)jQ0732
zX~%lA|6pIbe;(?vO@@>MRXGylZ%Un!kT`7)E(WUj{>zp9nO*Y}z`aEdDP#7D4fFSi
zU5N6#CP{6{Ze(c8n$o<)IDEeGF1yqEaq8nE9O63{?lnVRUd1xxTg{fU#hX3w^;~@O
z7wY!6O}{5j;1U_WTCY_l<u!e=MA%`0PPT2kc+TDgu9X7IBx$xfDctxAERg<I@jYp+
zUUe3@I;dDWGb9U0Qj7hFooGA*B=apKz94`RJ^jKyAbmhQMgLK|k6eIOFB>}ceJl8=
zGt<iH>miiP(R%yPl+gu2C6xtXp|^!VMIL6(bU^t_)y1aqv1VWcfHu=}DcOB}sL;AN
z4$i;A^ZypF{c)g=5et(N`s9|c$`o?xKa%;{<c#F2;aG7`6SIjcmflP$hX004dLZ<n
zPZ@kh5cby^yY1n99fl*|rk~ru^r*ZNtxJA(Vr;=L8UF>N4(QdldE}&%?%ZSiDqtGZ
z(6v|p8`M&Y8R<<*#oa7}s5lY13?Sp{?9WBJl~+!%9keAho^+=8rw#z&b|*tfKY2^L
z%{}p#`IKZHa#JodV>$2#r|^tI#qpkPs)Jv(&Ip@)!zag}9z@_A04v8y4ut#VQi9Z!
zuL(`2Xy#evC9;p2EEF!rUU?Rv5_*<Z-i_Mav>u_W^F3tqv0kRq=a_<*v^tu(O4U1|
zyC=`+*5tu0R)n$L`p(Eyc1RUx1@c-D&CfMf(t95__n(yK$2P!0W;%pbz!m747?R$z
zhA~%c+z_<sV;DNUdFVpOzQ%@!?o2><=^tqXaW~C*0);|Jq~a9Zi#$)WR#D6a_}mrt
zvbuT`W|^||jtw^2Nvj&Cq254bEv#omO-ucU?IwG6sMjnW4~OS+=Y%MEKCgLS^7Dl^
zd7f=6cQ<)VIcor{o^#XWR-Wmb$^oss1j(l#&Jh2|CHw}E?kVT`hp@M4b#LArhxnhF
zQ{m+biGSzYa?WL+y6lY$lNU8q09>gX8-4bzsOZ_ZT*6GOpPvVi`|9qo7>^u(!hKIW
zw#fTA0_UqhP7zJ$q(6cQYVs?^|6*I7%*%J$@fKqPTdI<@Ab@m?ix9%~i+3OR$n`Hi
zX8wYILp>J(vsR+KZ1wku4&Y(y;r^Wt`^}=-Q0ixNd2`~LtjF^dL>}C(EokI!5&}IE
zJp+D!H0@<;!%inh1Lo#f>&Zd@9Ot-B(vSm?@!W#g+aYF)H)Jo(zlj!Tbyd)G%`$jx
zRPl_qd|)#9{?~`@PKm~+Z!Td*&hhjwhANPnyQZ8}7NhQ=<mH0&dinhKW8-%QnbnzQ
zE2MV<-_NHm+kDOBWD`{a-*tSz;pk#{Ivl$uM8A3O^{K0|9;12d;h;;@H8-re>)|5#
zhr7?C0+ANI^G0>8LYYFwBvs&sa@KORs7&*$r^<GSHKe{^@G4pZ07ma2DRsW_5Y|V~
zs&ntu(XFH0X<YZ}A2W9g(zGLqQDkTSBD4E_S}!((MWKo<Gu!MilgP-f7&-6o+vJS=
z0&RUm-<Ky#T@{X$O&2AZ;*VeC`ICwG=x{pdY{<6BaEjV#fq!5VV&vanmCrtKyY?Q;
z84;QwCiOaW;!PYR)a{;F2A1JdG5!huxc0(<q~!Ym{H0+n672_COsUMks4ljO%sw*V
z?sFuCzM-xi??6H_odd*Qzvtm`aP#t~5&F6AdZyz6CWgnrM&o*lQe|k+<#aeD`Ar1U
zR1!NF=T`O$!4*dT&_eT1A8ytQFVx)<v5UQ9xu_y=KVihM&Mqwm0KgZO%eT%pI7WN<
zoJP+rr~%B|;U=Gs?$^VCZ^ro0Cup96x|`>Prov-)t10HMZq7Us_0^!&iOt%D;V{s{
zaN##Ne9|)3Z01qCd<*4=G_w-SE6NXal$9-#Iemm5wXEQoX9UWfy(f;gM>n2a4q_%P
zSIx9?AbgK6v!x-fW8eP?4Ocz``vyvDV2ohM@vE7&(7S39W9@^t@PB&lz1z1#QHA$S
zZpyzsw%(Jf@FZqH<Jq}594{|51AduN{b|Y4nVz98p1%IIY*E6s(z`O*a!|3}**5n*
zfP8nD->UurP;c8O19ueUWApSEs}Bmp9FLFu&L-Ud!6tAe#Kxr!yK*=mm#y@p&Mvl!
zlgcb$nW@5o4?C5@d1S;T<q>Wtl1!o2T8Fhp?uY=iR;<6&YYyKGw0x`knI}vFkPH#g
z<YT~j66c)?<avyxsc|ofdd#(XB?YeB*kyM7=~pU&|I~LXfzlTJXDUGou_hh6Q)}lN
zg3K2c+Nn$I>_4YfF43mL4%<&m4q~)4*nb`OXJTtx1$=~%)z9I~L1ljw#$W+rNnhS~
zyZ#=m_hwdeW;&?N#J5l5nH>IZS9dqa9DI+-cCa?4+-X*g@y5%u&!X3#u6QCIO=nm{
z6j<KJH8FTrvLEtWKlOR|OrRSY??V&mG}8;$4M;~TGQQuy2_&8P`7~Ba+#jkp)Kr-s
z9u#p+l&idOU3cuMZb9yg!#`G8?70l}3K1~*zR!`+9Xa{~v-B><m6h9<68?@$01n{{
zz9WLk0*~sgFsaLyZ;@}pT+igbKJE1gmla>lkBXjQz<7uyC?v-xPCPdC#U40RF>~UI
zK_HW?!sk6)(5;?fRA--t8?ZSovGps8mW-O=-FG>TcXZe2><rsrqfp%do?{8!fnuUQ
z_()-zn?Zq6k9*;sj;kvO5`ag*J4|dhvjNt>l#R*tPej69=cUn#49uPbY;fHxwqn3;
z|K;E5n^;JXBA`xEkX=T2U(~Kn5g_%~fYbrx@AQ!*Zmi3srozGdo8dwq(i~hDuNxkP
zUp)LzXoRKyEN2{0v_hGdcz5Wk<eWH>D*njh>+I}<+#8pgpqU9e46rsUAN*T2rc)Qw
z*<V0)`yZaH>N|i@77y(_-y!J(9Ey!MGajgdrSTkL8ICW*vH4pGmVaUq*zZ6tR)YW*
zfg-%eB8<IQTm)E~bUtwTcN$^6)iGn|Yx!iy{F^LEpaRRpaBS|)7fC>Q|EME??g+uw
zLo13@`5*Sk!QS)^ot)Cgt)(G|;3RI(n53=>50Bc`d|nzX#cm4<&qeab>C9jiYCR^w
zqFQ;m-Ci0RJ3HM%k_V0_ju!<-K^EzPf)rO~u|h9PM|mwTG0bJUn^IGKomg3#D*LzJ
zT=4hQK1Ls^hd(<aP_yt0;!slnw}$rTff)T%uFG$}8a;VRu9vQf<PnQvXJfP-yit`C
z5wO{Dt6t)?N_X|e>H>k@Ke7nx-Qs`8B7|q$QhW0sum~eBM?paV2yRB2EST$HrWUgF
zIr5Sl%~QBENGFQK!>iuipwRjg%#$}dm`QOeUk+Zv`+)YW3`4ea-$?`(6wBT!PH+el
z0_Y8xi2_>nOWB8$wI;F$t&E>$J>N{er;4p#Y7VsGEnvNd{fH2t&!T<YTz2bG>oIpo
zU!fWDyA+D5X~e-<Au4`)t3Lci_u2ZS`r-5Ke7~Y2Jz+qwg|j{o-z>77NDWzJX^+F~
z8&zPy$XwS1PEN}}hmY4C?&g_(gTl_ik22de`nbn>TshxeA!w~>d923E&~oMhH1fnK
zeqW+7Q<yRTn#`8et#%Xe+Kl(vvze1(d0p6y!!15}DO23C+Ai7qz7^aLm~c8f%?YP8
z;(wVmT{{Pln<>G)cD*}zB!9YV=!$>u-C@mY3YhqF77&SX$&_y%dJ2#XBh?|+uwAFR
zEW9=Fs8shc(ZA6MQKz0X>rIDz#PeA~)LVELm$8G8j&<o@h~`S&LmMHJBCEUoN)vYv
zJ-lqu-3xzPpvCcpv2ux`BGaZi!2zftE`P2D#-`QG1iqRx>7$=~=ErUAf8`P^B>%`I
zv_y06YrOtH!zH{B*-C@n9~C|Et`D)IUV4&g;qfBaLb!AOf^iJxcF;nvXnn=cro$dq
zhvVv!CQ#5acE5`Uj%W5VocKFN@~9{71BV|v5vbAPasqCBgTwTA*zv{M=a=fTpXTln
zK^RemgD#5iBl<EK1IkzDBh4~o?xrf!yp-R=E5rw$1F3TnTti1@naWsxLFchezn^Fu
zMpVb0HM)9ksxoXU$?@?8q`jc7&712ob}r{*)qQd(u>IyL3m4IoZ*#U%`|o!g%N2h`
z_?i6?(Fll_DLzVFjVrLu&}cB{INjxPwk7W#{B@P{s}9eGI*zyJcF&5R+hQ4v{FO)8
z?vPSWNiqY{VV7lv#Ltm5kNSo&UvjffC|6wAWW@PLy@O}}*aTJ|5?HJ5+f5XOTA^C#
z<*aN(33li!pz}kh>-d@qDKWV>0uuXzpKT^*GXdQ0U^tka=1RyRqd`@kZX%sO#TJ6B
zx~^au79vAoS6=ZRq3<TtEHd;aV;N%D3`dg`col)7UUD+gKK5%-6VX**w!3@`YFl{I
zwRg{-Qy3ZF870fkEe&D9k8ClQs!Mj1NN=C@^c})HpQsYBn(Yd$g55KD@FpYW@t1u9
zDUgY4eo1m~Xzl9aMyGz8D)o5CzUaS;S-w~FLdf!`_bu-YK#3rL&jxZ^4~UwT$3&|l
zZ-N@SP=R71_vBy?WD}CDaAo)L*Nc5gU)?dT9t-U3+;ru{WY;q>t5XRXAn&Zrz}e?p
zA|y91DCL<oKr4En-fz_ISGf6BC1p*Qn+Blw{|UBl4$c!sp<ENc5s?%@PN~JRQ^Mts
z=y=m@1!``yzQK;G{OkutGwf^F6{yj39_*uckRHEhHzJrG+ygIGi52h(o&r$Io!LJ-
z`%#vM`Cu0T<Zs`1vg8`9fQ>!Mhjcx8%E!%eqQ-U95PyBh9O;rR-;XGe)qAlF*${0Q
zJm{K#D#@jH=Vm*$9;5XsVs63sRl;ZK?Pt}#G-__d9KbTjF`EOp?7xVb8%>5x$m&&#
zi8RSmsz$I3(=@1${{Vy7@JF70##VWe#ZT;keK}WNJQnjT5myESU;CKO$aEZ+Kki61
zO@{Pn38e?{d`YvfS_0}4Go{@63%?%#ukF;qYrvg{cU=aRI9W!bAOn|L1Oz+i8Q;h^
zh^3)bDA(g+dNbe2b3cbY^1N`1>S{&v-cg3gCfUT`&sw&X5Ke=R90AiSZkLzc#*g`J
z;^(Kwl{06XgsQf(kQ?1XF|S36-GJ8{vq4C%22&H4DpJy?s^Uac+4C$STv}_2EL^%K
zDu&;wO!FIOuo4bd#msdjx!5mHBMy>$Q$lQuF7A!tuds_BbpO$yaf>nF3g7*avbO&8
z=<=`BW{#}WSqV=JQP%)A$<od8-GUGff8+gilQ$K*J_emD2ZLlC*ddiJJ41&4GBq5B
z0!;A@w=q0YTVQI%YP?(dEqot}#g@#cbM)$m*Pau<a23ejkTI-#?$`4OC=Gjj?5_ab
z?^am=M*jmgpuPgXo=|6H>J{5+oCj2Q`w@%r|2e$=f1KI?qD2v+K#X;!6%bu+G$SB;
zu<qv{HM#yAR{y(;FLP_Je3*IvFViL!myW+H_zUR!I~Y}Uhz;`kd=wOdeIpxP*DR@!
z`qJy(Sy=3;1b?9Rb&C}X#k}Ye*5uF^krx|E{|5I4Qs4n7wf2p)U4j@;D6-Cc>yobG
zb(KUEre#wa69ojmW0zUWo3~iS!am>QHjjO5=C)bM)A~{}QR^>u<=-+mKJ=-8qhJyE
z8@-3`f)n-rgXfjNI~Jxh6oTK8N3^d6ub&^m1~|W4e$gG_;pE&Dmb;a8)b-W4#Zl?<
zK%-_sCAO{uqtWHx9_#trTNDz&iWw_>{V{OT<9kg*pZ3>Px#?F6$-66Y_=_%D|M_(M
zV;;#9K_KLqZx4gkk}dZJ%4}V6crKO1Rd#9e%J$harn|`jN+JAx2aT1DW1O!zSC*?Z
z)y^?Dy}{-syPeNr2h9$tfcb^Kffbq~|HS70v3SKtw?0I`a-U~L`ue>|KH?*jcza-+
zXBb2hAYO_Y+$zdcue%zK80PcX0LPh9JYIxFYKI%S^uFNGlbh4?Q;%zh@WtJWX8V;R
ze!-l1U;m?m`M)agkzQB`S`$uw%LkpT6#kW57%2pGWSm>n@_+XPC|Y$5>fD_-!sMxU
zl_$$c`mfl#-zXa(xhP&4e888{zp_(KzrcBg0V*)pAH$#9{DdRyN8$KC^L2kKd!UI;
z2c7qr4=ll(cD#;~&^%FNG*Ru&T$+h{R)=@&-?mE<ADJBNH^5ecGO+>eKypccS?*ZT
zlZY&fb8g}QxceR`O!r&nO$ZafZWT*x*SbDxd9HfNw_N$=%7_dCwUj>IaQX=&HmbOr
zba`Uyxe|DysUf0qh@Xl1dh?G0Bfq}lDgO;18|2${timO(YXA$eDGfnA4cp@dfCQh5
z`;Pte7u6&FMj5eU&-_GVKY1h*{zL}<4ZD<UP;kk<yG&DhwXXKx?7zRg<k&)DgS=uN
z(T-Jp;_0!!Vm*J8;{QWd@Bb3=@n3Zlh)#$uNzeZE?4w;Wvdy}`Gh+E8gXFhds=pwn
z``l4QAHo#KFR=CCS{eS|&G`RWWoBv)!+JJ*AIO&$mSfnSd7`a2G<GrkV~Kv9*oMV}
z{MzdJR;@aUoSYn`F7p@gFtgTe7cpIxS4=(Lzi_i(aC-A8vh^0o=(_fV#}gfFcV^S=
z);yKS2O_3#tBa~Y9JxlzMaR}5$^3GKuRfqYNQ>;>C(Zf0{`d_d-s4LP3X#Y7-{gU2
z7^}?lm!uQF)#9z5!GK78@#VwHEiHq~1pO*Zots!07diFsBlTNP01@*2s>Z&F)fd)R
z-o@3LDubAdwo1DP0vlJm&Iz>3SD(8l<*h6XRcL=8V0v?Ebh1^9uf?-r{!V_kOk(_%
z<R<AzEqj6b-@144pLZ`8`S+3dKNWzsvw=c-8G+H9a#fObd=6!?LKYce#4Al8@z~fz
z8(K3E)#@IRuJk2nLMT!`)9!?c8e@ZWz0|<H!;xl6N!(Yioh59%lTP5GP9H#hjBBm(
z<PR^CICYUE5WMyCzNcv){)AknT!EcY?85BU+x9)10aal|U2h(uizK}*gJn8>>=g3T
zbvSe<IEJZ>aQ^z`5H{eoJjdc!J6LrP&UfJh9VLiBwM*FGx0mi8&HwQB#Zxy`%2FWz
zflWiJm4?=2pzeWP_Kg#f_-89aZqBFY`PF+k#fQRacAFNW7FRl>Ts)f(Do3z%nz<h4
zkarOivN8CrqxGqO?x@>}!kwQ|&iB+iOak}uUc7bK;-{30Z_dk=?{Bzy=BzA3)B#<f
zet}0wi>92ACsx{7V^i*idtye6;{)dh04P0HtGV<tju51RIrQXIDm3x<9YxXt76|qq
zRvS9qy?@_Nr33G;8{c_8+YwT|Dkk5w7vL_|)-68vc0he??ZwM|P-vlWXh}A-%Hv2}
zs%wx#Zs+;eK+W2X0U-YA50M;zqs65E)3v^2Iq$1Pj_TJ3Ac4nSUSS04TDVCZa$hcT
zNVatCJO4DA^r0v1@tS&eF?{v_+yEBOhLSnPe;2W^EcWhB$D{)#0*GjSpSAB4?Fig2
z@CN{#zCY23>)EL{jX|8VIRQVPRdTeJ@LK%v&eCFT&Y8oRi8VViKjpLB)lLzc#%Vdu
z`uKE^zQKG@VCQ5+^kdz(@eP?jXYO75BPa1EN?<R@49{)ZXL_w#+^%t3DALNIyZs(d
zH=Q8j**=T=q(6&}8!wBjXlB0p^UhS%%2AD<fb{CV*2$~4DO^<(BTgFk*{WndyFCd8
z95W!UJ3OCBatfrdBCdR0D!A5%<v!l~z*=@>5VL%b%{N7F=brr+4F%gfnZjOf0QoPS
z(Ith#*t9EGtv1Jsit|1f@6UZ?aF})PLWShL&0PfefoXoz7stM0#QF{%*m89|Nh^6M
zGq>(K8W=bVqIFAWe4Ogs!Qm99RrT@cNdsAODvbsufwzX^tFvzbWy}xOkx#O-FEU>p
zo{#S+S?u%me4)q2Zi)R%kTgXa)-n!p^;=piIpJJIuo}K|-r`i+0hjWm0$)$V1J@#^
zc%-gLD7-#DYxR`B8OXeco5q|w9SORZXr_mV7FGprMvDi^*D~y`offgZJN$FBU!q51
z=$VkKjW#UzQmwjQlA)QLfZdUJ7?#fZ)1f1u4z{|38&sY@@_Ut8Sn*=7blUf!|EKUJ
z_Y{3=c*!?H|9mop&2E@_LTqk~^qTQtU^sokOkrPbg?!FkYyhph4u}Z5!Wv?=JtP(=
zC6>3T9%CUVDCa6WX0hM+_k0~^(pQ32rpk$~Pp4Aed`(ip(Z{Rk;GAXOS`59Oc9@!q
znwYTDa*RKoP$_B?Gwx8~qwFG7QBurhUAYx-{z;?6J;_Hu84JD>$msk$EW$N(Gtl<>
z_$%FyY$0E)FD#xLayj9<|779he$(rVE99*?Ki}?ah#T{ZWY|2egKstQn#n>Uk-K}L
zaUt>2<@uk>(EhHtb(o_)v*PC`D;twrOh&L6-|FDiv{Iq2nq?X2TaBXeX1KHr+S{2%
z?9Q|G->|qy88Yg{Pg5GEqPKJ*s50{%4dh^*hZbFUiwQ{?fl`J`v+`?fAHt<2<nGvq
zKa$p7Cm-kOl{CM2N7FuXq~O4OofhWt+O%#aC<0PKf@)=m!*<XynN#J*;YHdjgpDqf
z3v@r+x2AB298pOHoE^~kjxswNDOHvPT=?cs+9-+<88VQQm!WR9mi8w=u6y<#S;H)4
zff~29sKHef&xxU~rp8iLs#)d81Dl$R>V*@POTt92MgwtI3+9FXrOUiwn_B$CE3llM
zf!3O3q_<JCRT>-0#zcS15BD}|9UQ)`w}_O`eho%$M(4ZH41CICz2_8JU$kGNEtOU|
zI{4;1Z370YR$V<Wu!SUU>4hkMAbsm9t*FzQ{uW;|{c$mNqi1O05;_+bEfK07!la(L
z6|BDB-f$#w<YP^T{6zLJetMAZy(KX`N%gbM9{N1|=)ED4zVRStp+*3Tzy^r(FVR)p
zZ}%gHWce<j%XhNo@u||vX<@k9K<FUaeu$vT%_5%(np>RiBP-JH8-7g@L6Qg{MoL%6
z5Pn(!ExXk<Ffg4m%(zb59rerxyKl}++v6Z7CNn{bV83}kD)RL!X7VtP5XyV=>n%dA
zB?m|xE#SQ6+l|ucW>W*xH>_f~{P3r*yM^)o)X%sm{IC{gNX4g)z*9w`7pKaN>15;H
zDTz@1TcRJV$9<N(U*wgx%NZxpS2!<&_lYDi4(iBr+ryn*=St_pNbZjERhtQo&RY(Y
zd2>ROZK3;+els6e-sko#KXKa3JRk-?GJV4KY=hDKiK8_HO1v@gTSHFxAiN9jo77xP
zPwLMaV}!7x(7N(@({;SI<D-vXR#D^)tw?9ES~+yF!ILWBWD+_C5>INcqPwi=nLuS}
z<7Vu~SIHYdaveU^&7BN!d(E3k+cc%5f@;rXf#%Y`B`t&p=5uhQtUKWd_Un@{G7gb~
zazer^G~yw!a`LCG1%45VL;b5NM>r9yC!(gB4Bz(cG_P7CJ5ff<gp;8D^V48nl<yqf
z7iP9ZF<@<%RXd)O3Cc2ooJLyH(Mt(Q{F1PzYadQdGz$Wb>V4k)^i8MPWJRZ*3dH#g
z6S`G)UOys?lP{>qktZo$#woQBhn`E~D1yLtc9R;(f{+y{AErYP*hMK!xIEl%iIM}i
z@uQEdhczb<`!hl7D2Tqg@ICnDV-T%X+Hto8h@G^j|5Dw0JZo@sa6mV463B1epJ!bB
zoO}g#>WiGQ(%f{5eE7Hbt{~-mC|bAnBoXH2iK$3Jf1)la4{A1+o6dZiXB0l_PjXsN
zWQ8N~Lt2Br@;;%w&($r_2&`kwOQKt>B<$imv!*@kGlzb}%vjotyx_S^kP`tIBm!Ii
zW)64nGDvaF`v7B-?}Pg!0z7jG0$Y?6+-b-HO@9McDK4o9F8wf!w{A`awNVF5gj9-y
z-<pC%ke4T6a=mzh);x5&N*yd*gUnsUd!mXqePKix(=fz)4O`luk0dv^kRe~6-WDha
z^&`%<W1_Wr!zQ+vj>!-U((%i56^Siu{V3G0+SAx?Aq@oG#-DXt6JZ@R2K5#SF(g8Y
zshuG+x$Ii2DRoX;y^Hw|)e<0VjwROM{esAfYd%agKQ9tK)hp*Vx$BrBNB4>rzbg2f
z&8>gc8aBnTdSv@kWTW+?JN*c{6OH=mQ!Cw-rbnM!5kp@q+d|!HF5LxlKxI6!AoMj>
zICLj`fws|P0wF;oaYSZ@ILPY>+SI!mjxKd0AMz)Xqk$l8*Ft)yww=DNSOzw!n8uH@
zYB@p)>$zec<bhT*FHv{gs?`*Vyo~`l$dYR<$QIK{)M@`~{v<`TtOs#&ow~Tal(5c@
zPL!rof-s(F+El*?94H9B(#;t&6pdvttg${wGzD&%@~)0(tAFduTYF=H_g$1fHRV&K
z8u&vz{DSKtxN}h+M#Pr3WWvcW?THO<e~3=Wbl>eKFD@$j(#_pSZJ*V_OI_-TX!_PR
zG{@V`eM`ha&B$+I4vIE{p>_;TX?E7|(?&=k36UIV|M{Bj$@A>_<O1&}h%$*or_pxQ
z#!e@OWRrem)h&*}_o=p-peqW%NnVdPZQ1lXAC2H6$~_P0k{7&01$2aJ0%X=oHw!eX
zPn>2X=&BDWk}=^q;y-rRKVNuPVJ{_n5wSq!S&rOq5EXEcV7T6WZ)ulqKIz4Y`iQ=K
zx>z(;q4*V~K?VH2>MsSN0{)<iKl^SFZ`x{}Ktx_G_3X|*-yimTl>Ohl)g>0<XW!Wb
z<Vc|w#)tFamY-uG)tfCOM-zCrh$NIa>xq(FZMdTRmpkXj03ML~5pQ+6PqHG`JScc&
z9JY$Q5&@r*)=gT@P&M#(qjJo!io?9!y61Z{Is?#?n{7?egyCVj#qh|QiC>yCTfGo)
zc*jDH>i_BZx!jMiW`(_cT(Dk`{_N+XNNz}-%Lo-f@g|j5iA<FE6P445bc_j=umJVN
zv=GbWYRp<oa8EdqW1_I~?W*yI{fzTb|4wi_`0253nEh-*TDNvTf@hqz+dk}16B`z$
zPM5}HW9#{r6_NN76xGfz?+Fc;+Uc9JYZ_Db#E;6ArtT;p;<uHl1J_!^_MEb>{^C5>
zS2`)Y{rMqfw;Sm2N<}l$Fj17d#Hw=%KJ_5!TSYU<+uZw^$<DTC*@{g{G+Shd$m@v`
zdv*7-X=%`-!+qXdceVfWILrj~ULYM;_9GQon%gSV;=sBFJGG&7%H3tMx__BF$(V*i
z$Qqv>r*_0g^QGAOb~nbrzu4NX6b4EeljCe-rb;jwy@PNr<nE+Ue(@?<<LH@(fZ9<3
z8=vO#rEtN)U1X|6cg>e4)ZFO<CJ*TyBd+1}$&wWM3Yu<>S(CS=893*4Poj6`L;27Z
zR<oN$KldH~H;Zh(1t5P@cI$HCo^%o3OCCDbYfm@oC8|swy82=c2&8b2f4Sf%x&_>1
zOg7<}EHdvmnhsenPLeY0%1oh{@5~fIcN)Vc)#*;H&r#XJFI4{Ws5>b+iMUR!cgvxN
zgC$!QqDaljy5%8D_F25JpZXEDP-2Mz-2t}lX-t_#m?XE#iag9qBBK3eD#_9I;eIIB
zVog$cKSCsY?Nb-IB3gaT8c@xBROm-Fr`2k(oVNe`Tpl3@WsgP}{_`#*V7j$kDa|RS
z)56(hNj~_)KyXXZ#-~U)Y}INU?Ic=hWw(;LOt0Lz*fxX&vFM4xb~=Xr#ewEGht^IT
zfl;k9`Rvf*PbA9AuJy>wf4*v6DRDMo^c^w5iQ9xyt#C*ja4&D8qNLkVo-sM%h#scj
zQ*@nX<snC$CC0G%D*0_Ut><&*Y{Nc6h|@SnT0Q)-$Cn2#!&0<VX`GZ)O|kiSI4zU+
z!GzCnn4V;Km|v-kR|QsK=bWL7xZ6%2$>j6yjok%F8ci{+N)`O&#6O*D$1tc?Ck_k`
z3at7#<+0SuU%Xy#g)Ft9y824y@mBa##Rhw(-xAPBTC$0q|61$1$F3Orq~G+ABV`t=
zT9p&mn5@XFFOffW@&iFi#N)O6F11mL9c@VIS8UUQd_nFE1a(ut;W`@+x0PucdY};~
z`jc_S`!Cx4C<(y2t~d{U2-U68NpC-P;unE`dXk{I;hFImDD5b-r)JISK$^M@si%0S
z(B*i6)nLRE#q-mSsG`T+B;UMTka3mU;Dhlh$rjarz6-C>R3w_=l+)~MAAH6?DW>e;
z&$^?HMYsF-mUEy>yD3QR74bsbK%&0If7BJee#D4X48^T@CoOq!TsYa-nS2z=7RmO{
z&4)iMF$>byD<Qg0;7pLhyJmq;a@-XQC%E0#OqH-w%_*Pecfz6dbw=8bvV<1=Gt)g~
zU?~lI^NUi%FYdX(JiWy-)C+zW*WHL;l==q${y|~c9}mJ-RKTY!zw5jkz(Wy-V*c?*
z->$+Q#eVNABk)=!PQy&l(W37w_srh+fc9S-1`?-$?@yfKAXhrRYm<Pz?<~Uoj6wR}
z<-FIe^xDV24`{DP?`2)*I||L4!?>@xc-^g<N6~G1mTd2R+K5e-_002s?F(e#{W|`=
z$FJ`_{+3Vi!i5XMMwQxd+r{7u2Lm)rwC)8qi_3k9;kgc^D*df>@t!aqS&#XSIMUZQ
z?5al&r6MyMfC^1a;f}EPivKVSmg0H@XxN0su{ZtEai9aAm1Bf?uDPT`diegK|A*qS
z^`AfHU#bx%@5KLOQz~G~+b~ruFuueeN_lU%&n!t-1c3L607|O(ccHO}_apQ*O|*Of
zS!Mk$+9&VhARWP^_&z|Q*M6wWy;)=E#GC343`ZGff;yi3K24m~nV_N%$V@yiJ8F9i
z1Pt6W@Mu+nZ(Mzdao#NwAt_X`7H>N*H0uAE76x=>pyMB3V-DDftqSTB-UcH`q~(-q
z*<=;9#bUQpKM|71ZQ#)<lyGbi0nueel;)Sa8xM1_IV_Gb5QbxHXTD}WE@OjY-E+Zs
z7uA)@t@y|0y(i&`%u7?Pt9&(U3;N|~pgr-8KM2I~3XI8Mc<WB`$I|!pcW7g(jBO%X
zW5lx)@4n<oS<_!<fg+nr^Nmob>X)xLhWrURpl<7W+U)k*og<K`gYN4i+vi&+x&eWZ
zP8rqWr%M#qtv!Z=8F?ptS8l>Onim7m5U1u~`;?AZzIZk~A>q6_57foOW~m0A;-L*C
zNEqeK2>Us$--3OVtM(YKB0P&DtmT#Hxv>8_HKGC7`e%eKhe<bJ*0W<Fc0Q)$nntw~
zTMkBrIfc*Uywgd><0umNfvjWt)V22`n%{=_mz0^&C|5mPLr<aw8@-3#K;sx<U$-cq
zuRNb{Ok$f;x`ICaHeo)RFX)T#)(Z#B8?&oDA7#F@cP@|3G7IE=axgS7f|qXADaczM
zFcSHQ!@Ou8)j=8Y8TO1BF(#L94Q;H>Q%5WDONzp3_?x?T!o8Ps0y=H&CrZ7gLI*s@
zXH!+@qF=1b8HU~jM2^4Y_P8H0@39`}NrV)eHNKPEb_>05kSgb%?Qbvl5nJCjn4>30
zdT4I9<(vsZ8QPQfiLvb+8CPJjGR4>-?_nYDoj^XGgr3GAoRC0Mu>Ha-Y9|~Gy(Z~0
z*}{ql)(Tpmy06L+{I<SEgw3EKQe;B*=j_tha5-mNs*bBbWh{F~PB(nz)!QaZU+4XN
z>H~W2?e=qe{WfSe#~kzF7kN^SK9T$&c~O`C;KdeRtF<rd3PpJw;@*#_LS>&PO^mxz
zRrv_vT2m=Rqy}Z5J<$qp9>@SpfJt%*<N;W3s?_F;i_36L*+domOSvy<to$7VY+evp
z6P$KnSJH9Ld=NYR6uli+12yn&<^ipc9@#9d^csP3t8+%6W~-$NR`rKL_WFgDgtHci
zWrfw4A({3zga?mM7weH2-{!P@9g{L1X<zH{v6=MgnX=c2oP-;_>EFH#@glF3!@#_g
zCAO=<LWHC#=a?qXiBX(ly^(vd+}h&yU}IbzHbG)N0r~5e4v$j--{c3`naH~IS8u~_
zua8`wLX~o|ar=~0?GFKx^Hr_rR~Wf2LeGUHVoUkA!$YI8SkQJW2YahOhY9VPkH-vf
zcsznF^YPR@$%3`r)Nf|78T5ZE?_jJrZFW;C)J~>nq$z*decreqVa%bOSQOvL7U-&1
zR*9LHTI<$mCZ?qndT+F_mPryXUPAFW^fctjhM2Z0xdNwnx_Vi-6s#P$IZ!0TQ;jX5
zsqxXbJVt+g6bok32sFSb>{mccJqZd$<R7!w@11CZRKgxh1X~+D^nSOBsAukAW;G3{
z!VSGx>qj`zPKJlYWXV$=nrk@6eNd`>%;G`XcqsZ*pWMEw=vbv(HR)_cglh9b3yHP!
z$5`#H;*@?p$jpQK5tWgQyu5Kz`8x;#uR&vfSy&Fsme2A|PkmY7DiJu(Xl8uX@prYe
za=L~J&!c5DR)l)Sh|}+c*BK7q9-jP2J?A@F{X~^_9JO7#EJM^^{4S0!!hk%GX-oHI
zg^{b*^Vc~fKtUohISxIo)P%L_)yf>&H)TLI8L8??!hkbmiLq?Zm)A|@aF~Nh#TVKF
zNu#8265?-t4E)fb*VLeTRfwCT?vQ5%^X+h~!pL!vJ14=~2{U2>@oa`e?*YJ1dpggh
zsgLu#8w%3~CZ;Najc`4*ruP}{?@s@w4D#$q$B&Fx49gqZjd@I7UaN4uAwAP&geVRF
zJPAI={lK@q9&zk*%J2lkdvARJQqzhg4^O%Ds}8&SY1}mYG4o=h#8gdZq)pd-&kQm|
zJXqu-0TLBfIhB%RqDDTQz*ui@J5D@nGxN2+taI6u`8;q0w?L+lpjCI3!*x$&a>6dr
zN>I|aBTWv5x3>B|ga`?z%4rd?3Wc^`cS;%crUq#jLfhF?j|kg->qod`YpitkkVZqm
zRcTG?RrFNZwep-*_14>-!*joBoR|~{_o&-=u0Ux_ipO#Pz>sd)#iDhEb&#%f!FHwZ
zdQF+ksnQ8Yqe3&Kt@6^MGRM}kV=wX@mMfemFOFSx)b_W$g;8~aL5ZfDU+a}Qq1f5C
zt9)A@K(Vp71&HDN^R{kSIWf?DZlBpqPwG<n8qrDu|6u%-@hzzN@}qJ4gm^iRk2^2J
z6x8JmO_~e&?|e5vASIUGBqy)-;8J*<<4Gj_t0Vtd5GYr9xoW-Mi!j+Ga4A8$_^~@a
z*Z6ki^LEmKOi<$)OTyABIRSij6cZ*}{dg__H9=SmW{mf&#xism0;WrBD-twEBhP^o
zV?Fy@#yFN(u*L@M^0be)3iH28C@)>QE_%Y6mr0^~%ABN;l-lcFCTL3)ef_~{d;0^+
zYU`%sEkm*OcP@#en0XylULYf5>Vx$5yT?W}wOhkt>M0OI+VgmLU0V5j8_S+$TB1ya
z?QNXrmAop~;nprz_vFvs<Jq8vSV5Z1Qq5fb5J}+Fo)Tn>pTjChYr|eD;JRKiuk%74
zBIA$pOd>aHg$#xu8{<t<4`YTfuHejL_LXV0mk4tdbu`$=@o7D3;tPFpvo4%^mG>_G
z^4=omzY4p^&n%!T4n2`J&Z7q(ve>1CG}YWcYRk)$GO7kX`<sT0#MWm`%|0VEF5DKE
zsep|Zcfx>ubg9?Um(;VJ#npzor>S-%ILzJz*36STt<ap|PEFvLj%bIbYr<UNC6oT9
zGaGpb-QgHxs#0h>hw2g1#rb3Qs@#xMN$+DwM`LmT`O!2(N~^??m?`Sq*nDDYdE|1p
zzx9LwXf3JLgmUFqV@F>FtQHpPN0>4itYXT%a178WM(g3WdlqKj(veKi=&#n^@759U
zgUrmZ)$FNT8pue~)mYRwz<5o!y9$dvNs!0@EMC`#z(luLkoIiax!;UD6>x0-@20GH
z&mRn$@9XV<zlGOO>4xnCY~CdX`G2s)pS%Zb+m((uF~YO6Lh)=zZ^BexNr;M`;6;<J
zhyQ~~&uMMdm3Yl%wgmz9_rmsNkPH;`#4nwCL5ja`V`g?v?#n_~QVxjtn+Ne@TsJ%c
zyBRRd1BC|b6(0Wj_+`1w7#{f-|M2$zqYguac=`Xy#`n8p`_BLB05G8rTS4Ru=$3m%
zd4y&DtNunwz2cKY2rNU~E5HC>PmcE@kN9SF`+4C2850%u9&;O{de7j;o6*eUhP}EE
z05{I!0^pA&Qu^aC>r`wm6uE^cqfv?UZAl<ZM{m884}Nr9pI?o3&Cd0<fhmBPy@><d
z1`hwzQ}Plg`~`rAVueg)mxJ$so_%lk3h)=K80?H#?-AglyECvK4FG>k@5VptxFv83
zxF8)L_x&wEEYTZCKjT%_+(*Fw`+yr^EI*tCuJgK1QUSN96h8+pU%H#}-<Q79{jW^_
zyQKcRqyBrK{P#TluR7UN*Z)7!rq`S{(7;ezLI4{eZqIo6W$qpD@snQO-sejxdsae?
z3*cA&qO@xP7!OO)0(+m^_yL<jE8lSM^L@ykso^tsZ|~=ut$+nGAfUJRIZ7QcOfrot
z_CBZkT?I~8LR<9SYv&^WU)98fxU6)gHH~E}CN$|INPW2>>@C;L<)-C&g<e}S(u<yt
zk|r&Y3De=jjOyVu8N;q{lN?Z%Chn;OZ!XSV>h;RvZco?y9OTm|&TQ}<01kIxGp-A?
zq+DJb=<=-_>iochSy*;7eEdTidVK(jzh+SC<c~{`gxAi@g@>o)g~t*ALQ-B<eGri~
z2-GRFSxLSf!XC=|8RX$%hF;ukWX?``H2sC#G?lo`T1<b<91~jV-_Vaq<7>ROAaZK7
zAm6>JE9Dg0N4>nT*R>mqYmO0dFl?)o=O0V4G9EWnVSFb~zTy0BC#QW4#OMiyQD%Su
zk&g~v3G_|UEm(Q^6luHTzG9g$aysa-c`g|noC#u->PSIV69dr8Kh?Qgl=C?5`AJ{$
z#*XDDpdR&pVIf1F#Yhr{u8&dzm1Dw7^NK5P<myGvO%E;SYLO+y%dFXjsvH-3^BA6O
z`RbnJub2+f@vY=FF=~Bn(m2?U;2poH2V}|tOKt77tUS`ebccs$^daqe@<^F^cUDE?
zfG_C^GSBNO*5%gDes-Y;m8K@t1Fp1zS{|a{!vaD7HtCWrq^}1zi%H^C#br6g0rgA3
z&E4n%Cj~F0bfJXd)=YDVmYdvYDU`@PaeOWNAaPZeCvScc2^)NpP@)Q+65&563#W{Y
zZoX7^BWW0~TX=g7Wq|-07$Z#;$b#Ph5ya#)A50tppjcs|7B+jGWe-Iw3R~S^HE*xC
z#T{I>Tt@Hs4wXtc(HgpR<~;6EBeHQvYMcey>IrWbnumqTr-N>%IkGd>&3_G>Ip`bH
zwSL&(Cua5+{oALYZj^x(zaL9NZ1r2vOiVu2q$ojxo&=}WJr14xDSIJ6$DmpFWOIkf
zm8(8iD3&Rl2JA?HiF3<WV-@~FGMnrQn43BnQpUSVafeiHAzktVET{D|W!gWuo6ENG
zfaXOit*oT&se;<WyLL`a^>uG^`7_nPpB?PnBh}Wc98J677Wu;V7K+lOMNCK?>jP0g
zCiGNg@vgf*Wx~~GVbiI6N3?P{7Lw>?zudLaD3wex$GmhQZH(-M7<kebTo5li^JBDL
zX(>uVOUVWxZN30BrGL#vMpN~)v7d(@{mbS@NBM0MZiomka$d+GLPls*T>=s`-6t8w
zp;)30hWM;Ec2=Qu4K?fM`5FPv7So(2Td$u7|0YGpuN1mi_g0zh6l}Tepofy~PsG&#
zfjlE`bIBg;;g6l+Wl1~u1lhLp10Utgo%g57=I|{ckp67hZCgR~qdGY*xNM#za`}r$
z_7Hn4g=;=0%g#{IJdPcmJ!FQ<ZHicP$qq}P&IBE_5BJ`IeF7zom8DjGY|LrndZ>#o
zpP3mJ3i&?YuY--5*Q@fq_UqO}Eq{sY@pmH+&!Nr?B^(abqub{<v<X}?_KMC=)m^=2
zQgh$2+CmU<P-^11@iR#^S-Ahs9fHee8Ao?=HkW}q*hkN3Dm%9kDq9*3j?bTdhc3Hp
z$EzLla59SA6fZ(r8+XNb`tW7oek!2O>zd?`^-9C2Hrv5JPR=CL!41<VBYxomdrKsH
zMz4nAGF>?{d4wP`(qcWb#+<M--LbWPnEweFs?CLMluMIw-eo&c>1cxSPNldztSUO;
zagBuD&UTY>VLv(^IGSPzta@Ze58r7<CUx%VbW?>wKTa9v4}O<rNjo2wp4j*db{pEU
z=t-6McV*|L?j9I-Ha9?wH?wLEHqp!Oc*6PY#-TfH>&uQ(nIPi2KWUX&i@x1fRyR!W
zKOTvK?{;FWgjHZ}cCMltJDn&b4^n>}vk}^<cp<Y3x$^)=2sf!3A(M04xC(r?@{Ox$
zG!uG%yVZCmhyxB32{uc4i7V1_3>SG4#;aC?Jm*(~i!Osy?$Flcrw!YaSIgjcB>XPY
zQQrA%#D|z0hdnjMC-vCElAv(?5(8ED0*JHM(QMe=y1>v5M>zrqaih++sZEECT@QnF
zKuwrgRV+P&z|H)sF>S&9ohHS3xb3)^N-kggieX7Xby&gWr5t&8r)q8^H(4FGqI!FK
zV_5mqO_aypzCIdKT%O(U7#5~YKL~_xJ@T#yQ1v#&)tm*Cp5~k_dVV=>iHCWvy(ll?
z@Zj>2OU?(MLL+<5C^}LPnG7v)^){ztY*H{o2T}_wG!m=4YEIcyBR>n5$~;K+z%F7M
z{X25D6Z4J@m*rREHAZI9GE=zu#W2pIH=7qEO#*bG8s19N8Bd%=2RlDI+^aBku~956
z(MtLV<IAAVm!=@i73PopwrG;NFXv`2#Q6N8v3l;f+Tf{+;>n=43d?JfpPN99k$2s@
zT&#jg4LRA&mu!rT+zs6u=R9-tZ#2)9r2vtm27xTdUa5BFMatPaM+!bA`=h_j<&^cY
z{P)Py_Ey1b38YH|BugiJ(!p+FNMdS7W3&QCXi7dXh)+$H=H7L7UO_HWSqHuKR+3*%
znc`?gRrSMj2U3TL209#@7#x(A&j_bBG7{<j)z@GjyQ;`o&-zboTpIq84F)KZs&wsL
z31?|y6V$!R)ILy019}@l&LyqicIS}fjdDWVCVG<#Q|D{7?9m`}BKmQMhF~6$i;G*`
zFhK<7RHDN3F>cdCk{(Tm1Ji<+1$ZfMn?cDo$yLjrW)dbjq2dUT>02q9t4?yYG?M$Z
zcs^=t2!MI!biG9TeS{1t0h%KP$3(__>@R4W1nS*w6!?^(9P<vHt7cf8Df`gR=K<!R
z_O-~1A{CVp83ciL4d*qDt&9im&o>`Y=a4qDh11`VGfrECAuP@eG*Y>%%tbEt&^`tZ
zetX@$YH9j9;m|rMvxGXpBbBl0p)Ca`J&{o};jx~ojI;c1XUW!Qo0MWv97!nRV5%8c
z;TG8*mDD-O)TU%cPz&o~<tRx?^*dw(1p7F4dL(AZXiS!4V{}gD3Crnpc%czK+ZuF+
zo#qi@>JDOa!~Gh&kSE!CFcz{x!D*3$C&7|oC>?OGEy>AwrjuS(NSF_yX$75D2OB5E
z`|Wx*u7T9o=(-s3=8zi-wrIq8luy1lsVPuf%C5U8i7#4r5Uv?tBL66q@%+RMdruQh
zU?PTUHwNo~2$)cEA?Bxtj33&CAlKb2Zp7f!{kFT7#x?z~V<}DJl9ef!D@QwV3gyh%
z0vFYKG;ynohP}D(0Gl!=Y*=ZFLwpMV5OvI^y7)3EnjWR?a8PjMim}~D{<x+ed@wnn
zk+}s>JWui~v-R!`mW>;WyBqsaU20?=BuV;tS9;MKC^~6eb%CD9DI0$$zj9T=ne=Qq
zeQ)L*IQlY8NH8(8e4@+NuIdJlqIkZXHjn74I8T<NY-jWj<5sr5OK&}6Y2x)U0;i1!
z<-Yq-mgUy@AQt5WFki3p%$Mzjm^9hC3l@b5I%E%vZj&)U<emk%3Q*b{Vj_sypln?`
zyc@>Eai3B=m~c0^4Q!X0Le`jiQR>Oi(9J*CL@7&_k(6-XZd4r%f?ac36otk5*`tTo
z=>$R=1_hPay=Qy;3Nyg48PMG^`KX<*T~51%CsY3Jy9{%RHz!c8qeFaiLfDG+`du7L
z$b2)LLqg7=EY!7*M=ul{ESrIQ|APFBPmn!Sa=>GwVd(8HU~JGGiXrxAE1wQM!^RkB
z`)zA3l*y`bI5>_Qvp8opO9=|II}o*QOI1}D6l5mUBQ{Y11ixw>T&K?*hdXKzFy7<X
zj5}0(Yq*w5;xxd8Hj|YH8>h{b;k`jD(*}d>3rjEhjjyX#MQon*+`0`f@0dC0?_Ro8
zJSRGbGJXf<9i1cS67mpBcS`go(m%Q=WR}Q!eq24|J`q(akRKlF5g*oHmNb9w*YnDm
zzv*2d8XFi2QX7?$sm!9>&YhwUEW3h(g}OJ~ox7U0eF(D}10x5PcUS~%$?n3$N^4)O
zJ38woV@p`GvDoyHH!GV`B9(qE%7kY5hbi#}x<GVLaE>jSA<bqi(zF6|t7N<(A#Hk~
z6I_#RuJ?S2@8lY~NOs~Rz`(7q3tnL2L-{x^r4eZ*iGm$d_*7ndarLdSp$$SvzMnSt
zV0QBYL>ub0Q1rN*jH#cq^u?W$;Qi)=4C{B}<+9;9%Ad3iPFVz&f1UfFYz|v^?cz|t
z+~#G-=?_~=GWjUr;%`rVHj@;n^G4@PNPvOV%I7Jj2P-a`6HyLX!HymmDa0>3=HSlh
zo4XaDY0u2+&svOV!Tgd3;7(A0mz?0|`Bjrss~7kHJ>xf>p+gBS$R=CfEF45ta~@{f
z3UXoBq$!(IKje=ctf1h_XCCX7RBhq`3k4Av9Ah>~pTA8wmrLT}NF}xOGfD}ftP~0H
zd1Ff6V=Vcl7vkxOx<;BXt$Lvx|M#2KgpAV3s4jv0us=*uO+>Id)nsgExjZBWh^dpz
z_Mvx%1QI{zKvpH}@WTn_sZBen6|aVHTn~n}DfeNPkBfFgVxayTZYYznrW66|6}w*J
z3R#%9g|qoOmq5y(jL#O%2K>1+I|RF_cbv2AgU;3~%;HG)rcdPx5nS_j+N{K?mXI(N
zyF%y+5ra<{(rRAOt8t!m((F3tLQ)d8eqf-Xh~8HzABhpst$%sXIdl*`xwtJQvIGN<
zr3iA>2kBy#=VQ><q&d|LCZp%jvTLzdIXo@K(*`{@I(yC7v~^Zm^^S$qZCcCU20{Te
zX}hmB^JP<@y*tWXJaF3&pD`<`^XS2gytyu#DKe*!T2TK^Xn^RdHm+0nGWy~`sg*+c
zXA<Uh2-lYqXZ_H|Vz0pwWNs)*#b(cCy83xF(ATi6^MytUT%pF~7GWxA=BJ0v>(%)_
zJRDtRc;u#uT$Yg%d3nPrdoGO}uc(t{Uwt<R;*keg#s<hr3g(wt`Pd!Pu1A#GW;@td
zSl!ujd@p2NlD4DKzGOjA{ghWgZOh@yOv=RI?XxN(ez@$6+RY+5hSz3RCT=b3S7eM)
z7S^Q{LrnY)tOIP!h~_BTOs3RQc<pD}T9dh>iZ&xOu<q)^sfQODS4hDr@qojheijHx
z0$h2|>x2YIl&_fJ11V#5Hj*9^XNFr$XnfVpQB|wx=-XrG;fA3$$_o0!*JcI=W(~U6
zkVsr@WXk>NUhwH$kI<a$PX^NUkAWro3yb{^e}@6cLP?#7{xpL2Yhri-c(Lv5(Y|?T
z4dkTxf~G9w=;sjDeAE|8?F<jQNi}`gWPGQpQ>12i$Mt=RS}5pnE|{{Tx)%V_H}Rv3
l|5u?6{{}Nr*3zPb5n!t=UKW@XfXwVux~+CA@8+ZD{|mAngf0L8

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/readme_screenshots/fullscreen-login.png b/docs/wiki/images/readme_screenshots/fullscreen-login.png
new file mode 100644
index 0000000000000000000000000000000000000000..4d95472c36fb1a41da4b6cb747353ef2ba524b52
GIT binary patch
literal 15454
zcmeHud010fwr`YDs>_m86$%PsRJue(jHOJ9Nwh?<7*z_8F)AQ)K$(XSEgB;#AR_Z5
zC?GP)5T;B55@rw(8A1riBtsGsAR+TRSY7XF+24EjzW(m__3i5)<dAdD-h1t}*ZTd|
z+IuDHys5$FZ<M|Pfk2yoIj4US1loWBfn+SdUJu;a-{|TLT-NzsH24`*(zRn2`0|y@
zDU(wmP+9CI(UlFr_rLg@v-Smn<Qmuh)-`)Sa{_K|^E-3N&)oZ(U*MG+&LE#FZYaM)
zC}+Q2nuiV_I_7ya+!O@T>;6Um)UQDf44O37Vugqh2oZ53f(Xg$%+_P^U#rO?Hf;7v
z_*-Jg@*=zPA~Xm*zR{eo+0^&Lb55t;*7TA3JFg0KD~;F5vSW5^Jb&`SMfU5PRhNF0
zFaFASx?;eFl`>SpJ$Q-Pd2hUZBE{fcM=I{^=uxNQ$rV2aP7)h9D*g@-b5{&^9dNmm
ziv~VHSKT1M=gmvQvcP3m;(zc_iKmlrSn9%;_NO}+Y7@hs5o~^B$N)X~{3r|;>d)=S
zyVltSHuSLUfde-|R^>}N1*m;f($T{gZ7S}57^LRmbM6)XFfmuF(Dj1|->Aw4GDMAe
z$h^AjN6uyvj98Bzv~;Q6Qlk<K^zpJ%A~li5-My_og+QVU30G1+bd&rRGLZY*_+37q
zE1ufi{`XfuTuvVRAkue6!ZjIQ^?negYz_yOma%zOq3`ql-a&ie#d;r{sM(wMs5;~4
z4=)?f<N6EiYuqzw)}sO6{G)FEFC%<;^s&CbXyZ@X_|6T}9gD};K?Zft+sJ`@^Z*}u
zsdKa(b6GqA?o6Z7ES?H8gTW`t-5sUO(^Fc?TrbfDQZEmKs}?=k&TV^6q1vzw+c_TU
zn1tD0SfGT62>0w1Sjoja(%#PFv{kzM*3FFQvFe@8Pz#W4hf0wTy+?_atRT1GLeI`K
zFriJNS<nQSnrT<=Gn&2(bs%7oE8jX?kq1522aJD3Wfm<OWilfRLpBCNLJ%5Z!d0eK
zNFw6(HWNHX)G_aEQj(6pQi`sLVKn-cawN7wB&OD-vvCQJpMly-v2MqIBfu}MaNb0!
zVq;k0j7YVlFf!Y~esORUK3`I4eE>RL62fP2Vhu~)z;}e8X%RzucD&wsA%%DJ#{03C
zZx=EG{polDt7WncbW#g&zBhiNsRW)=--6$OuI2*M`grwxrbTIV^$$8V+fk6cJ1}Kz
zD~6;;AkLlYs|Lq&y=_O6r89@-i)+5#Lk(-aJLQX4D1x0AT=>Ob=;I^KVKUp=_r#Dz
zuNs(4tTvKy;9Jn+Q)^QvRD}c#q+68Y4tjImW)~u7Fi&bO3}bKCTlm)1L8uObuPGM5
z*V8iU)6-Tu#sjijGa63P%b6vRVvhptR0|x~d-=qhe*c6U<JSa=vNyK_7<<!3kd^G4
zaAkG+h71neL=UiLy@@?%M?||0lCNK|8W>5CDb|VI#@ZrRf_&3YbfPM2s2e|Xg~TAp
zPv=s<28}8A!9gcAaJR?PTB6^;3AmNGk`fLU>Mp5Yn!cK<zGbgo<bY*2@f|}=eHdF*
z^%}4yT+Z6K0i{IV^MP?Qm&<1y?>HQLU4CMSXV}e=Wo5u5py))+?#ZE&L~gFo(0J&D
zFjJUR6wFp8R<}8f2?%Y!4!KX6;ocO7a#41#`*C9_oKBV0<B=1@SbyX=H-0OlQAmu{
z8htY-;oJZ{Rsq=KnVJy!-o66Df+G6g9VmGX-w`HJ<N0;k*D(`hW+P<0Awle@$f3rg
zJJY#<z2I#s*<*UxjhSI%nZm3=?H36DuT&c&=9TfO%+ctCl0o<@a@!Vfr|uuUmWHu`
zqp-z7zP-IsRf5Dm&l65yj5FJ)W|oy;2&rr(jzVtAagj?*lmU4G(?4m#KMJj@o0d!(
zf<rtn^uvFJpPDF6vg~BcbxlhP+V9zShI%$N-m@g?c8V}Qw49O>S!7MaX1TnYtHST3
z2h0hCa(p4)PV)^40uN)e-QFJbBC%46#*(?*cnij9cE`Pv5~eU~+v@EEdC>VhK-U5e
z_Mmp&Ff&vtPPv8NYQ-_L=z%+BDJECEOK^j92RkiA*xN5<p=NbC_7-LmRdl;e>8@vf
zP2AlQi_}TQy&dSQFDeP)!Uvdr(+2bT;eUPVyd*=mIV@(V6;iRcWzsMYElllco2<Oh
zMAXcBQ03Yx>nyz;^(s{8Y-RoJHF2yg8XAi^oZYa@I4!Y`*a|hZ*WFEvEDOU%-reKa
zAjv$Vbx8AE$q4*!<hGjArBe3`;pVp!Jx<P5gN1WwAIHgrg`9_Psb&sk=$3_0=ZW48
zO^DU>GiIL3s}!CD1Oj0Eb>?_|XRP#Djfx}hH|KeWf;zpI%Z(z7v-6&=-bB)vJMkrz
znxsAb-VI*<Q$`gP>%lqT4Z(P@#-^n!Ed(ZW$VgkR@>lTY0RsA2op{oMifw3-NY>zC
zRW^(0y0R3i4#`;ussxz&q?#OwaJ@;~bWZRx^{w<4Qmca%dhLqifzmqeZv2s)Dfrh`
ztPPy44OFbR<Urrk&@KWWtRY6itZHuj^)WhG!j0FWVkckUnyKjht59VcU7>dq^wP@&
z@bV13Uh?(X5z5KqooZhnxXlNgrwhK}d@vo$Y_7_ey<%KvO~tCCIXO0BZuTe|vZj^r
z3U2lyw_ed|+Dwg~r@a0p!w~3cfMPr3wW0j&<+-KrpWo)Ic0*Gn;j%()$+J*FzKuI1
zZzY`N7)=fh?wspvug>z!N4GdjFWM)7IbVTNfw*hT#_fK6wA*srO#YT{`Wr>rx3>D?
z>!#t$lSZ<=&T@^V2<aL`MHV`waWmHsW8F5Fr1tgWoNQ;aldT2`e!^Bj$$)FTK%KH0
zNbeU<O@U6XMMWhkBDY60b1Xx>3cN|7WN@%TR3F+$Q=bWwj;lE&a~19%1E8A=hk4iW
ze49G+N5ab^xK{*VARsIT*4c;Q)ELkSs97Ryh8fr-B5!fC`-RZb^uGR;*VBo7>47vI
zS~zDaf#y{Wp1qv}IDd^20Mm9y`3G%S@rtEIbEshB#(r0b%>p_E5N$+lV|%-YXC^JY
zTo^ZlUBci3sMw;~#nw%rXKT1?RqZ|BE5wvD+-2Ou^%^-9Yw*!wy)yhJ(kdIBe1N8_
zioTii^lWgPIJDE@*o)9q?s$+?eiI9G^@Sfas{AxHDIicIh+?m{ZftIC0{-618ts`b
z?3d3K)k`gPCGXlo>*|u=NYdBjtH~IAa(WVs95{?cnHmWX&lV$=MZ%F1Ccn_3sK(@M
zhLIWvSa8g&<0e}w_7-kv>EN{FX}&;vhwNL8Ic6rA5(x&K#{z10Z>7-q(YGo?>mO>R
zA@vsDzLI)lgkvv_l#>p<@2ZP(gG-UH4i;v7{1~lbCg0Z7^cNm%X=l)6Yq9JcjNsc)
zOo!j!aa?z?ZIjud+G>2EP@*O%_0clS;O+)g6*mhHW>bs`S>2NQnS&vOnI^=J^qQy6
zfKf{_`|nNrA<NQ0pu7)Aut<Rj1`zBPu}Q)yUV11CSso%*x9AJ%KaBAaN6?YOR@Vnw
zt7BQ=&YiK!^4v!StJ<EBHa8J&23E7s8ZDNw!uL25KMX4%fmy6jMkEr(eNEu=jQ#X!
zzAQ1@(F_5oEI(&Gs1M+ymn%F;yE-d{c;oV%${w3F-sJy92?Wwv%L42Ig`o=mG+`l8
zqur>y-yI30Q$8|lt^AYFJF_Vh+B`U{w9vy1DW+ar4;p#Awq!JC+|Rsz_s9t-9G>sd
zwHzD&6{w~b$PC5=dNtt}0tZIg^3RZ#nCzsiOM^83?z>ha!{32wwgPWl-n&C7jB|@w
z!el|wd6>&mc7d6%-O{3n$>bXiNKdVRKqGsAF%CP9t~OSQ++uw9?xY_J4VP#(BYr&*
zB@Y^#e)>=3LjQjm)PH@en}&{i_RtUK_I(Z70?htb!^XeeImdWpstP&}*v$F;o8|ZH
z!I>YA2Au?a@MNy0@tr$wOlLLMgEjzbn9zH8_nwP-|I-@xSQ_HjqxQ@mMyco8ulqwW
zl?ie>ig781GtKZ1<g}(cuiVDYGfsKE{4($d&;-=0Z#(Pb`+Z7*U-*K|N%h~A*kgHo
z#7_U(feeTc^cvudH9h~UcUPB|wLpKZ=LbjkweYh?H;dK!boSg3_kA+e0(>p^)Z|8^
zPj$kawsM8Qw~v-NpH9@!yWJI*0u^vN&X;-mvc?LoUT};U&6aP3u6Pc<4jo$(QHg3X
z%e-k@u3RQ5xzwL8imFe#OI#snihdy-EKYOCEn8i9Ur;~V8C|NwQ#n_7KN=l=)rC~V
zK18XOug(3lK*7#JA9jX{atJSzII=nyAD_>um5OeSQrcXg*PI*TRA73et*Mco5u4Hc
z-mr`X>L@YaKv_M5M#X1)*RcBs2b0vW*zWt<0dEN}1~rj^%lgvk&B`GGJC0$37dR>P
z8p?MwkSA~z`T0`)s`2-;^`jc0-Pfp5BfYbtLD`#@01+O@y^>S>hDHz!WBc$SKvVu?
zJ7p3%xiFfU*~%uDT_KH5ZVb)~6Slri?8KYqdsF%@CBIEBXGZ1e9FgReZ+!Y}ce$oz
z7RT}os`FDrnnQ)VyI2Sx*rN`Q(DA{I)1w(`aPP3ta)c11Z_Zf(vMEipFJIJ}U9W<M
z@v-}Q8}`p@5A2#ix~LmRaZjNl{@kC0e`_?aeG`RZ$`~d%yS9n99?C*2UW9YAMsc;X
z!&vqkcSw1+r{_@cWCy<o3N<VF$(aV+?-?iU_comjIQQw|bEmU(_KN&GBFlRELM!z2
zCRJX}7;NNa9!ku7Pfv$-u!Ij397L1LDGR^d31Kw0N;bnH@|CIfUC11i@canxN^_i9
z`TCr)S-0wpN7P-Px{UV=eo{U+ula)K;D}Dp0rGAqOKAGwkX4xJRgRmyd^e#59>eb9
z7u|l=55JFoh}fb^UwCy(1xLl6-J2O42MbZfpUQ2~$n1(mgIs~M?D0jVy~Bpsw0kYa
zxl4`^kPQ%zJ$rOJs;YN<de0H_PZ!j$ruI(9ug4MGb&nIc>uwslCA+GtpbqUhn((jM
z9e`dsaemvX6M9QPk01X&U44D`d_SdiH-Gzm3g3NSkkRY*73iDa&Gu*grvZlf--Gr6
zj0z~?FW<)v@6R~<->q>})y3hhKJvd{uiNfteDlZLa*F@^t>Ay$zH|(`z$>Wth!oQI
zwHluiQUN|#d(_NnDKUwgsbqqv-JOGeK!twlS#@bTvAiS$GcXtRURgp|<(|C*fCc%_
zVBw&|LTn#?h|voPsUZjYhM&?0ART%S5+3aS;!;&@;7n9e&OWH_5ILK7vd8|u9M9|h
zP^h-_xb3J;I?|lYkIFC)jLT(DNK~WkwG>z<`d7oRR@(+FjPyJKWIFhnOx0jT1fqvt
zF`ldX#L>}(e$0mxe=pkkiJCyid({89kUd0%r3uY6!-ImCms^h_O)GX4?g${ndj$X-
zK#cx2!%TS^X}^ZnF3oXENy^AfF9OP}j9!Eud|k2h%GEJgbq2hQ8Z1|rf?D3s5{b%{
z;2UY5V!_40r6P24%QQ(cUUVk;p}bi6uEO}zIB7F6)C`k}+Z1f0Fd5noMFO*SX6ea>
zEUE8Q+O$--s~nXx>!{+w<8GOsPBPvCJEJ=Eu9cMS=XSfr>%pgxLF+7}2zx3FxLk5&
zuA20#S3x>HABeEZDeKO*1BQ1KHvs)OnKaJY+XiHGk!BHb_8Tu$ew&-rM$!m4k&8~|
zL<7s!_~+$<GlH@(`tNdyYKZM(&ea0BmLnnVR@VdXur)Pwi5|Z6#o6ppiF~xTDVMi!
z9PRER&^$}@fGFt=64a6DXN0?|k)Pt7zfM*Fp<7|P8nX?*+6s_qfwC^Fa_L++^iI1A
zZ(135u;oTMrZGlE?{1p0Lzs&}w-MCqm%wyFFB+06i0;FeE1sYZvZj`X?s-5awLc3S
z`jB=HVE%i^@~;wAP8)2jo}|5;>ghYJSM^lZ(y6=N)%t;&@Nv^^jni3^bf+Xe<FNSL
zxfDh7l9E-Ypyot2ap&v+yu~Z=Q|*4i_kS~d|4STozjUU}tGad>>#Fl{deXvpL|H}8
zm`7A=0HOD(zh^uxj4h1Qg4300A2Z!#z+LWc@$O-hkF%W{dS`?WB;PUeKBmapj2!ei
z%$<Nw(xeg79{5v)KK>JWMCH3edLcQqPx7m3^Gfh6xCiwyuL2Vo#(pmR=VIm*@6bCk
zl3l49H?REJ8~{eU1aXBp<$W$+<yJ<-$kW;YM&r23%pr$^0fK%yICe*uf?Swjc5nc4
z|IynbmbeiajrJo{F4_Q_ZQlX={vQ&P-&<NT8oLn$U2cD5F?F<NsbD+{B3^hxP8Yki
zAE&1S!9&{r4uYyL3w<VMo76YLP3bKfX&(LX1rc?yi7es;wzqeOYX;0NW{Tz+QuJ!W
zz^p}uQ~N+>t!4;wBAaY~AaMuen5O?y9(R0I(NR%yJUqB*V8)b)@bA<HVzIA*E$k05
zS{u$2qU0#m-x=a$(OthZD?6Yw@EE-sbh+uBK}bw4tK4pz9qv-W_0v-}I51shJ5g6#
zTTo3#scb{pz=z<TLZb<~bRr>bqoN#I`#6_Jqn1Z{blbHVVIApc_thcaBnoNOZ)&n?
zvpKLS<rm~VZth(a#$rV$4Qo69Nfa#<gfg>aq-e@5wjmH$#uC~}C(aF$2t|^(m)VFa
zWq#1*e$JE;4y<#r#6tM`g%5A2vB~0FB)Tk=r_67N;*JyZy3bE$H1sUY7ok_FLsysd
zcwyQ$%q@9UU?jS#>Jn*o!q-s|i_ExGj0OU;-+qtAqN;uXqWg#Th{feNQ9D$s`66KU
z^w8Gt)g5%X&ZKATzO7WSoWi}NlA*xqhB8IV$-<({ktTiwtf@TLgO?i_JrEQ^Uws};
zwAVFXn8?nB8Qg`r6dt745S`oA3DIbe#6u1Q_sg7%(Uf=n$~vZR!7hSCgxIgoTc<N~
zGGs=n3f!8=3y|cpp$>Mm!@-Qk;iE~1OdW(i*Y~mHY=*JW0Mi9E^B%Y+=JAuGpU54^
zXxyZ(P&yiz&0cAiDcos;gOSgRMI>D87FG0HlM|KCSx%0Tn`E=Xo!IYkJ;3Q?z-r8(
z2ayEs$tp^&qcS9TayCLy3F)F|G;l%F!I9mYzhu$viR{@X?Ssn|*%K;RW<yH+1MNCH
zJ&PU|AHBYTvUT(<sq&ch{-1n2eJt3f6v><FoSDJ;C^~8w*1FP#bBB=d1vP`&KHMi|
z@8)i|rjFsQYtK*i${H-GT?I5=<NrrCa3h+EjXF{3$9S2=DO?Zq<3~_*eOhJ;gg@Hc
ze05a{Wv{HT^_z*_TeyPTEe{9Q4Jl0^x)f1Jcv)<oSgZ6%ElbJU@kmp<Jz%Boiw%Q=
zt(j9WHMKxJ@dv%)!1=LAiC`oJAq_K{m><s~^O~9xJs<%RuZ5A&+%!XXKpN*ir1{|n
zkTzu+><kv1bC**x%Fpv($QpbxJMS5}fB#!o2V5}31gTSckszWtHevFgu6P;emFZHO
zaw9yfz?q1*6$kJkSFcw0v3@BDEa}IAHw9uu^@<Z(16IgyH*e)-dIEdvWQ{5Pvrv(L
zG2rL6Nq;0eyBUpxNwRMbIb@cAb%&PD_2sUgNIAkaL+SEYBGH9uCFtaHOV9m>u?s)k
z6~)MDjZ&O03Lo@?+pUTZF!g^bqt5dFI-oc399@&j17rNJ2kk-&X<h?G@b?dZA$I+d
zIKQd{^U+FuUJ#`xqUR#!x7P7KvlH<c!%d~V@GU&_rO>g7u!>D;W(o*z2V5Qck{w|*
zSCsezj!to+P_Y!~;L<tC?7eBL%mA|+L|-Cs9EMsQdmj}E>>sGugwC-Pp_sCxnD^5i
zAA?@PGwzjz-njgVw6oLI;mJYzuijxTmv?js|5jKHj=qmr+JnFMin}oV&>Uk&gBJy7
z2i3RY&75k7smUEq!ow-RaM%7mTz%F~6%}H-gWvMK9=5@auEYO_iS%u26B!XL{vG}v
z5R~!99s-2qX_}u=g1&7Jyv0Q69{|5AWO8rxXZ+OzoQ2(pKl>SlxvCG#*8cM3GZy=u
zB|ayz;kGi>MioQ7A8JXTKh#I%Yf@NLyFU}^zeVc!|Hyb<^^y>J1ab5Rv(2OYH)9Cz
z<9@5qq+Sk}ljMk?`7QJ<cWNZr3ajI(`#%ax^wao$GkNtJh^#E(+<aM?(Ubfb6s>Q_
z2hAKL(;Ale#bRnJ<IzXaNlx*7(#mvTCQNWaP_n-nJX*^TgB?`n!rd2#cuI7s_zA7?
zUd6mBSG3%ZKz6)c4OxB@g-hdxsoCmQGKl2-VvfhYBUDotBS}Dr2g#II(Rg}>)RkyF
z$#KCV(MRbsV+|Ut3?n16QnY)}d*TyyjQK$f`NSMj7avM}jhL|&+lHt`PkOTkh8miP
zO(i7B^80LO{zJ^D-)aQ3_hDAvk61ZranRA|B;{d#lBk_RrE9PD(XytHraWyMj9y%t
z_Qx8qb?cx?t3vCfNm(Yt!c5rl;cdgpbab7|v(Ub>Sdt)Qf#Y(T7#e=8H(5ZIxK0kT
zeTNjE7+}f5`O^?%Pu=VOFRi5F1#fOqXW)^Lxka-q*l~xSCi(A{nc1-h(Aa2u$$X4S
zggREKP^)*Fu)^afxYt3lk2|B3=Lt)IX11j80(VL^)m2i%hl4`t{LcDD#Y552_M-Q1
zhA3uGQlL-0`DwjwO%g#fWX^NKzv4&o_MKgDs~hYmwCI(4I$@FAD|OX9B4D4d<KvKT
zxYb2Z$E1U5e$=@`64dO?W$4C}TEl;pAfzTo!}@M38jKPuc;ce{Exkd-t;fiZeDPQc
zZ^%wI3>`$(SMNz($mged6NvS=<}_$gjqZr8fOr-wq1QXd<J+`bOJ{3-79OTiU&C99
zAAVvVcEA=~>rZ<4?=Evr%gSfz)hrH--x^QoX0{?^e=-p+&N8$2+iG?4gAbuYM1xhM
zIttTSx06fIt|c;iIZX!MD)xBiXM+c%vyV(TPQ`7*6SHY2a(|S^8D(&@-GE(PRKmwW
zte3Oj`)IvFrtt8wYtrEPQUL4sJ;XeJHzOlOGaD2Y(_B{aHdkbrIS9|2a@}HFz;c+?
zq4$bO<(WB_z<%s17q+Qt2P_=rw_I4-i~&|4w2Cwk#yCA|h&@{p#AsZV{TV<m;nR=8
zZr7tzE)GQ_H}<5J<i`y0(U6$%2eeD$^Y>;Xq8>WO#SFeO{W_9jsn|`_N~bwxC-<AF
z2$-c<@JwLvL8ZG$QUX11obz5bKkq&xIxc*?(50gEkSMr0FLeO!G;mNPDyEDodrydw
zlD%S0b!aBc?*y6ESo?&9S!^0?nvex7PbVN>2q$1xM+Ua?(5s%jy!tFT5w5JUhbO0D
zs%Wlxk*%G&X6eU1wsdN(XkgsS`(O)V2fI5>PA<!>W2RUdk9n7($d^$q-!5S_$^XO*
zbEiWC$<>UZC~I*=wuZ1AYv&mZrG|-sx7=OwM;gXQLJ{3r`{Ecr-9DXW4t8OzMe>xl
z<8@Y9wiT9w5j3%HEwA3EaAL~?#(Hb3<xJ5HO_kk*<iYXGEEEDA#(O1KI7)d#H=WG;
zB*Xb1c%JjGafSr~{o_(ZAV>ZCqs7e&NV4nO3B2JZa<+Z@HI0zz&fcFvW0q^hCCc6N
zwvY_WK#_F?GhIBEdMkdS-5>-)W_4LtkXACzm~2Aq2o?txk^`*@zTd_~@*0PtVIyot
zq#1GW_zank*8<ad3_Yb%pXTZrsC5PUDdFeS(!181vZz@kmGEoh_TVB2Dhv%9#!`&v
zWs}uXtulSvbs!xW5Wb9Dj*(nnX)w^)d`;Z2$lV%9FI#AOGQ^<_N{b`A8E!?30$=cm
z7CfEIACalxXzHwwn4jr%U|%HxZ_k7a1*;r()}dtS`=c_ds{CqIZzjt=m`*-HDqIcd
zbrSmAXrAz8?nI6YD#6ktQc{%F8{nK+<0McOpi?gPm{Ew}wH)1qw*o(%(%VU%xHYpE
zdTF25df<N#YmA_-X>k}*Ja~P%F|K|^nrgq}`oM2ek)vaaR9tsPUe62&3Ssk#H0#Qp
zwIW;<Y4zTjp<MYu@#S|1?vLLpZdZ^rR$tSCdJ<;NcvO2MxkS<N7*=tpR_TSi+E+~I
zzWf!HKv6rH7md8~Qwh5_7QyRiI5y#3P=MC0lcr=jE8e`X1_b(xCBmKdWU}28KxWXI
z%3j8xFq-zl2PR`_6sZ(bfJzp4Szam%M$u&Gt#h}65%X#L<c>tlL+lZpt{yt<c<7M#
z5|Oceb;8Fncp}o$l$f*I8xl?@zhheSioNPW_JkJeF>Ps>BKAtA|GjIlkt8n(6H8`=
zqMGMtL!vRF{CtN_g_si+K5wfPN-$dZZybXd4c5{+E$RWO{WY4HWm}=cMUri~X7R;_
z4{>1p==PvF=9>`XDsZVJM+kvP?YVb{HtcFbUUTYe!0)`2Bvptec9I-L7J&WT0g4?^
zcBPW5T{QBlqr~5FJ+jO(jK7tN)uc+{X&u-s>!4<EmPaZ@Xyuf2h5%SXtQ2+Q%C&*=
zJe6w#s}4c_u|PV`b*P)^@vTT+af@+q@j#aCgS)q{k(HsF%DGp71%b_D7GvYd?W?$N
zS>dbiCgh7>)#RXqcuuTtW*bJcOwy9qs-hhbJ}^fakTHu+Qb~y;Iaes4G?2#YKpmQE
zdVhRYU^M~@y;{<>cX8SSLhAP`_!+41I7W5p3-T>Ke4Wu~Z*-T)V9^uok%t*LaK-e&
zc?7?!$6o!KS=iTC=RBMPGq$nxB_0@7-Bzi9D2=0c+(-pTv2j1kr+K1crz;`%s#+wF
ziF1c|r4?2Sy2ooJk{JaW3`mHd40S@4)Xhd!DuSr-TAM*W5o?th(XLOWQJ55bQDB&U
zw;F#x5A8~Fxa=<US*Qkghg3poG1((<W8my-7h3a44Xd$`yn3o14N*es1aOM^^O!6Q
z3@v=1vqkDlD}hP<J)h2Aj5MWU7jAFib=p>=89d5Bw;>j@%2hD|OMKRp@GXEUK8>x<
zv8)p{ZgUj}ZfAx1q`Ejv0vim$)-QZ$t26~>kYA|#o`(Zj!Ylj~MMQEn=bLVVYYVIR
z0e$9%fV*3`hy24hEk0C`NJBH$itoe|bG5!qNq%Lx<5bjD=X4=3Gm{TKnygbTIV@cK
z*}QijobwJE?lV)ACuJb-FPm(KOqfZ+#pS_6GCxY1rRm)5-+4<=osGOHNL<YXbt$Q6
z2=2cMHFkq=@`Fapig>PPgp15pE9uctZ@#&j;O$eRttGz*7sp$;Tcx^Xl9zS(CAwz2
ziu5qcg}-#<#L{{YDhSA<#;*NT?l%6=L|zfSgNC~*S}U2{m=Dx*pcL?yBW13gC)xFP
zMXEb1vIgT|!!n?n9w3{(nMP@OSqJGNsiPO(jr&9E76A+Y0qE^NQ3L;9U%>%L^G{Xj
zf06J*h5r{FelhH|8vHNr@WmYfGx*Q`*6EAcd@-9ZX7eQ!`GOn&%r8d&{ZMq7iIplh
ZUnoypc_<I0{vgmVXH4}=e!l$M{{jXlV>|!=

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/webui/create.jpg b/docs/wiki/images/webui/create.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..3707735bec767e01dbf3768938a47da54a6f24fa
GIT binary patch
literal 32990
zcmeIa1zeR&w?F<MASs9vN_Te(5+ZI=K)OM?yK@VO=$1x6TIt%LbV!JFh;(<ibZ`C-
zo;S`p_x=CwJ@0+by}$drZa%}FXZFmRnKkpwtog24>vH6B2Dm9JDI*CWAt3=z!9U<~
z_U1ms!_o`@<mCZo007Vd6r}sWH86$)KF9`J0w`b{35;tdC0~65qyTX9+Zri=2Bu+y
z&!S)eNY}uB=vT3ypPwA~$$_67_{o8v9QetB|BW1waWk}|l(e+5ba1eD0|3+r<R9_`
zJ}5V2MWFmGUL6(rBaX}^2mn!0e~<rNwm?s~;@?l%;(y~T`q}579QetBpB(tffu9`s
zI|sNqx%h=Rd4;%mC^-d%I0b}wxPX6@1^_aE8(;|70hE9wU<ufO!2$fU2UD+54=hRx
z7Z(R14h}nKc0&_;BU5%`ds_|<LkA8nc1{jJSj@x0(Ae74h0@5>+|o{jVY{ZDfzr}M
zgh7K(o>SgI!qmc2+RMpQ#Y;ie*vr~j(1bxu^aiG|hmeP@gRQBHA*F|{jh(ZQhY0l#
z>Ox@rDw%^?RM^SHOi1~W<X>`tPa@QRX^XqNJG(m%yS<Y+2bZ9rAO|Nm2RAnxn1jvP
z)6T`vgU!yF<}U;unK~OgSvt5_+S^fH5i~TicXbh=c6GHh5i&D0<1;cb;bSv0<S}96
z;xaL0Gc@7hVl(04F%jV7y2owCWkmg#>P?LQR=b0%lg*F1O^i8AZA@)V?OdEeZg6o>
zbNtfie^s3zi~d&WKV(1HM=+0&gp;YEi|HdUh+Yjb8z(Ot7mw;+hn<~EkVlx~clm@l
zu9)$whW=|?{vYC&sIZB#knvU9?VWz9Ud7b$KR4PomZHBAs(<MwnEFcuqz_I$3=9lm
zj$c>(Z+Y<}1)O_exxdX+uq5Sw!RKcse~8IH+4YlMe~1HrDD%(R^^;wHhy#Bp^UvA!
zKa5>}mv&9<KoQp+lw~i+0SN#N74<qQ3fgtl>*#1`=$Lp|pp1b@fO``g?+yX+-8%$#
zh)Bp8s7T1@$cXMxvs2SCGO@6-5L0sSa4>T-FtadU5kW#jN5{m##K*$IXC}Qv%KV2v
zmkj_OIx;iT05TFaa19R$84u~Q37`OVlBl2-^GcEVmk-i4WE9lvXy_Q2SYU>-o4_?B
zWaMio$f&3&pb8Vo7yKPS!9%@8#U+0Iwvr(lwIe>af8={~nui}h6Daq7r{ytn3c$c5
zB)W5#n2w%-k%^g?k6+-Pppe8Ph@_OXjI4^Pn!1LjmbS5pshPQjrIoXbtDC!rr&r+f
zpcla}U%{fH-^9emy^T*uOV7y6%FfBnD=sN5E3c@ms&4$!)ZEhA*51+AKQK5nJTf{q
zJ2$_uxU{^oy0){sw|{VWbbNAp)h{Ff`Im0}t!KaM7arKJYbYqlC}>yxLb~P-24p-G
zR4T6Px5Smu3>|M%bNi#?Ka70;@iPVukMef{Bd1<WLR#Kgx}B@8{pi_$tYZQHRL}m_
zvA_3g48TT40tXKn4-f<Pv>DT?!yM9JjKIGQ0PT#E1&~&5BP_x?Bht%7wNl>%ZLDD1
z@4Ww1xKcHBo3p)0HcUr5ucp^Cg`P#|%M+iEN2#&Xo-G--+K;H+PMLU@N-GU&?HNzs
z7p?;?_+^t9kt9A)|3y*i<o)d9OQ1pcJOBs%^HEw&mF@dvM_%dq33d79VCo3M5_`7#
z>WM(zL8s~u8i7@l!96RgZh2Kud}meF3c`Nv4&!9ZioKlt4o62f^KX($2}`f5F&VRI
zZCRd&%5lvALVeSZ`1>@BE#T`MIJc0e%BK&Bisr1Xut;<a&)zC27IH&{4j30>@>n`2
zg;^CmgVRnd&w4uTKg|t|xt~R}O+TWKfoCh$W4}Il$WonISikXdeEu9);KC^R5_nN}
z2^^!P_Ud&Vst?l~eM|SAPyPC_$VcF_H^U|HOkkg{U56Ep>fzm*{-Vd>z<>?XaS7ml
zT3*SPA^AcjqneNN4rc3V%e&Fz$vgN>2_l2~se=3E%)<?D%v-jjC>d#085=KGfRsSK
z-qB+xKBOWFZ>XaJaBi(nqRG}m_3HKt%V1{AV8W-#@YE*r5ih%eVS$-2CR=urt<OxS
zR2d%hA*OS#r?~`E%Eltr`DfJpAg_`A9r3r}Vyy_I1|_|+mPAV@+(gXfvxcWbWJkd!
zFNsQwsV@PC1B!WFwc@dX!TCIq$L#Je3Qx?p>P71I2w~{VO`Mcr?|StOw@~qw9{jTb
zKz#|Aqy$ta(@5#4-qr>B@gi`)Ll4&Cf(uZhNU9{&aBfl<Xs@zNcRE;2jam1f_e6Xx
zVR9DcW5_nxy#zSZU@ViOs*IUqzPO9h;$)IcfD#11p~&5wVB@-AoM>=m;ltAoIg&v9
zq_DiHv>LC>yph-I{7=L@KD|HMFA^XNRGaOlc;&}X7GuWUIPfI#h+=jbVNQX~A>2tS
zSM_!VbG@{i{XTlhm&a0Fm%ukQ4jgUj#-kfuH8A6|vMSBR5$Q(Ef(ma>GOZy)p%`*<
zVu=0HCD6v0_Kc^mHgKsChE9{yj1MSDqOaY+N0L+OHyWT4L^4HQ^jcsDkh4r+(y(S)
zs_AGO-au_G8l$23^wN2YrM-*ODnn0`O=Hd%NAYb(DCA-Kk^Yq8d6?VRKDqHA7*+e4
zFB;s9P@Qw6k><Jc`D3p#^>3TT75#k>suZQF#8dScbz}_UCu$T;U3)%_9<ahUF0gY=
zB?!S9`Aww<C`m}so3g4!Qz*U=fDRnIyI$oHaXF^XQIl}b*2k(Ol|$70v2oBv^6Lw|
zo74fLU8;e(2VxTX^u~b-?4^XYiaG7hOp<ap)K(66cR3l;U?=k%4`Gb&uKm&Q4C5)9
z3PkgRIQ{!;<e`)la8=`OI`Re8I9k#gvd}lzhQ2Zef6wU|u2qB(9O1!WN_w~*%L0Oe
za&824AG#+f_xFfS23*;S&iy1V0X?FVes2^%T3>ut)?2`~rA;0Y?c3on(HL#2cLpC{
zp!RR!2tGn@-OoJ`J0aStUmvaCCqCJetB&naFRSz)B^Oi;z_~x%I`ci8;I3RkH^sXp
z!RHPt&pmG|PwaD09N!x1Yd)|g7NeEw`d&2IdK8@Lne0nYD9P}B@>EQ++zGlJWxXtW
z=#;RRFVkXoDC#ZN*#BOiJF6h09?v2Tc8HtI4G$jWTYXPTyS~JDw5?qhm*bOA`#kWh
zS>8&657+f8S?Y4`<m;mtp=4bsOVKx$;$uB*mE)>Di$2I1OOjB4P!Zg*Z0wxr5{PWR
z1l9*HfrJ6$`pN7Sb*)1F<g?`EkaIeFxP<~Md_HUoH--A;^=-BJp-&Z`BLe4bMVaQ&
zjz&xzQ(AM1d<t>ZzSocVQLQF)zwro|^HIQe2oI|d-z!RKm?zE@;_=S5uRPu8VONGL
z-j=r+yx^#Eo}-H?5Jju?fWMczL4Ma52v4?dW|^p?g|-FzBKD!DT-IN#2inIy-2E<r
zG+_m58KZgoMT11lhsaFW+~}Y2OErppX5-SMvE$TjpabnOr^EvVnHSTql5kHfaTI4S
zfi<}H(iclK^6vB+GB`x#Bno=p`Z&nS!x<9YM7%(VSKhG9ehEw}4GihIUIN%f)MYy%
z);y?t=@tX2+iv(fJZ~5~o=j46y3A_aMpqpz^$IO~{m#Rxfr5T)iuaCXc8koBu_B&_
zyFrC3<U?%;Zlc)`%ZU?nMTjuRC4ixjh>zuBJH;@S5t2Jk3Y%dUy?gvxUL#JSD$KYv
z7f(>~saLqyiT2G*ZQ*{n<;f)wf25gE_I-CDJ6Ji}E_K1#kFmTD&UZ5VZPC*9&4KW<
z$p(>T6P4uv9m^?_mt%rYHcbozZgAJtC3!xL*<SMVRo6Wrh1;`#R?=;(AS`|~NhY0Z
zk!Q(g_Sj^ej;{J1nsQjjr0PtcTCEz27rZfidnr%j%Ro5ogf~TQUutRg-6NSGe5EHA
z_(~Aqj|2j9`KQ&%RU#;XCxce1Mo}y{dCnRbPVI6ZlQsAH-*~6jr=`D8;>BRzB@@qO
z*}5&SM-fvxx6zncb_s;HLD$nR0U_A0AIQIiH-)G1{pyw4miON(lhdS9?xD?lhqP?~
z@r>;o_jD4r33+SE$|=blQyBklHOliaww%8ZZ5pB`mh9t)MRK62AY5T{fyLda&+oF>
z6&1EnJ^s>1(5L5{&ONcC_M)WqfjTOWsXjd+c^a9w3cEYPIZk<X&yM&O2RBUd8Dyj1
z3>NwvLSJQTe=?Mxj`5>{;QyF$x#y=b&waa|4`rGzZ;H~)$CQVs=E7x{-WOzZh_!2O
zHG6-^#OXaBhsFfd7zBy!-mAaxs^8O|%P&1vUrXV1+Q9dXIbk3hN+&~Xiap%zIU4iJ
zcAUR3^2NNtjTlL4b>1uVJDrczV^4<K=dFIzAN$~u^`ygB>~yX&{55yW>5aEi>S7if
z&gXo=-+P+HMvq#hYoiH=(YScX@h(JP)VV&rD8x{M9mOE#*Ha8Pcm$Oak4){OE7sgn
zZ;35PfTD$$*u|Z)*|N<`052=_9LtCBk#V&sGVaMr*&M-|$@JFt@V-=Vlh@olg5cx>
zxF3#*I&_>(G2B7i5j?*HP7m_6v@OphGrir<??1Ql4L%{r*R8ZQTAVDYA<3A>U4$6~
zT>?+CAxjw1?UPG(B>V?GHY(P+-*M8@EvvT^;aMaUmGM=Y;{)OAV`Xpwg~TY03JGix
zKJ@}aCa3JdeU7nn=^er_zxLdR(Vu+qgb1Q{#4fD1KHZ(aJy%+##U|QKSJ&rOzWCG`
zL6GZc`rf*uSXaW_i)*(Evz0>IGV$T}?&ui)a?UW>tm}&3T={lg*Pp;~H2X@Yjkg^}
zeALOadDr(;^e%xO1O~XZ657lKHt|>Bu@6^1kLQ{Q3>ik#Lkl^V0^ecw>R~)49gDcm
z=K{K3sc`3m{gHbLDdc!5s}uxp2eLJY1p7xp2HAwsgeHew3yId#A!Xv<2ounFI#&Cc
zVhRzXkjneQa!O)wB*D}NBI7LIStF+M9!=rR(^J|27-K>AKeNZ-#C@qqlfIFk8ZT(z
zsN?!soM*hNxXGcz>4uxO-+Qu)N|$?%NB!T1`xYxR?|C!X)zi%J6rkj)y3W)N*GFFh
z0XpE24vV@(Z{CLXSc+|@OZQ99<I;TCXO-uMsY@&wLhw~?suH;~Sz7IhK}c~`R+VcC
zEcDvcl%f=^77l!$Om~+Hzf{=@S6SE9>{4~u-yYoX@^rhd*^%oTQ*&_xirW?~&ij1H
zJenISJ6uTJcqm7b87nF!X`rMR3LnsLz%aDQy%5RAuDMP8=0vDyZCTwpAes1U-Vpb>
zaD7`sj9$dzo!kR7{5Kjo9uf&!q=u7ky_5RIKex^FLMUs<`(@XIBS*Xl>Ej{zsN<OL
z^QT_35K<y`5UK=Lb947KwY3thiq>`A-uoOKNlML1q1Od`I(K7wlHE~9?=7fsO*1dg
zNq=s-r)_m#1+Q;zR{>g!IP$93b&JX6Pj%cgX}knHyu63?NMG?<)7sqCG{I9uei@`K
z%i{ViX&g-jSFe5j?)~gjT#$?3g#CBASq;`QTrL6Eml>Yq>Rn-9eKnU7AuLprW1p`W
zsV?@?{t<t@xx`-Q@Tk?r!M-}-l8mBQW9`T=iL)c!;1_wOPOkI(_AW=+B#|U{Xn<%S
zeS>V7n!fd9_}nEhg9pl3dkhoc()`a!#4`4dY^9CTck(gAV3w6NX{H2popdg)grbxI
z4!72il)b=dehFX>t7E^*MInDqJj1MMw_G6@prQD_$SlnIUcQ>fo~S)Rgi7Mldv*hc
zkCVN+QPxK*g09e`*f+<p<1lRFm9p`R+=r8jYzud4wtk#kv{bha?(6W0+B~a2B8t{6
z9fNP2%Q%ee>x;#xGKg3w6xwFyN^ReFI2VDh_bk+R)#t4B8<bC1-CTKga5{*|SVWj9
zGZ4o+IeLI^(f=M5)2fZRIeCAG$3CbMK__xUBQ1;j4F#`Wyh=84q(efrxt=L}T<;m#
zr(Ch>*1&zfG#oDtBz4OA>heoK<$lioSE)t)LDJDot2~6oNs=ONi(<la_`)U7wZ&K{
z?<3)p9xHjoBH{7kBp8)wf(?`fte#Y;d_^=gPrDw0XGo!rueC#PTO_1Uqhi(BCkaao
z1MGz!3GRlgNw^*P!*n*IWmd9NHv60tV))zo8oLHdTD1cV^>Hq({zs}V1lll`mN$!n
z&N7p!iV8_gkcXJ<sCxYeG8-hA?k$RpRx$W0xy(*WfhF{CM)klTh|AZnJ!)m2ls-1r
zACUxVSof?A2qiDp<4uT);L;ov*~Qvs=Cy8#8smK#c7M+SzR*17X;oZvEHi>!sZOQg
zb6AI@LL9x;*=NeZ@n0_dU)QZ~gJ(w9=RqhR0i28>wZmF_JIry!siJ+g81d5br^>2J
zz<{Uzqp&Jpvku>zm|PamloX=iS+s7jFFH^IN4D;P3g^2Fwp~zJ7>uR$O;Ymc{>KnQ
zf;;)Npr9Zl4#9td^fUbA!4=FftisCQE5lphkV_nEynn3>I*Yr*wK_Yga|r+@m%y9_
zGBIrQ5_o>UX?mZ1ZTc7)6qRpFol{NGUjpyl)xo#zF7!Bo{W>2($t8g9{;GaOZ?OLR
zbpr%___4$%`Agv8795<-+?T)(uP(L~i#g)v_HF35ntbRCcKx|L#rI&3L`2Y!>P)Yy
ztGqLy-t&9%VzW3q0vA}-6$qg75@_mm;L3rg{u}bpMzT5kQzBRUbELRS;8og;v67D1
z@9F=(E0Bhkv~uY0=>M)Kul++IHkZI}$*2FeBSb&>ME{dd!0mr}KIIKpUoXk}va}{7
ze~<y4P8scmax)@}{sTM(_gx*<ih8*|mb|7U+}&?W`=Ow!Iy1f(cCJ{c7oTH226Q3L
zlHzdu5|9#cQ+quzY6GtN(vAOs(jP`^{t=CMR;3=SW?^euJIrFC1<rlSgY4c16fDQv
zl7SC)TC%gou*LEH({(QfO>xj>Ybb)84@P~oFM+7^{7Yb*;^J0J%h0+pQ6&i4HU0V+
z>&x~%4k6<fc?sCo?>i5h>e@FNoY0L)U4Sw|Z;xKg(<6Qz5OS0TrQbhoB}eNPBdlM@
zS-S)dTQ7k}nT}=ubxqgZ%60bkokQ*2D6DG=;NX{0_37Ra>w&wdy@Hx&t|tVFFAKX5
zy}Pw@t1z(Q-sh|e&cei?=nIYom72Z-U;5kb*;a8HaB?i2F6_h>Z?#QjN4COb*5PPN
zIBlC7iji(4qF_FIUbT>oZ<2U&i_KN6LgFTCuWmLi?qPLmm#X&S+M1BvYd4sxoLgw=
zq40vAtDKHkdQ2I5yB3_^+Y7Gn;!LTu-|&`!!iU^@cNbFMktV=#U%KRnv$TKG;BKRN
zKu}V-k77)-W-Y|4(?i~K7&FCY`#DG_0;5$7F3_a@A*(iBHw`srD@N1*=!KNF3>(M5
zkZYc{a%e$vXkw^-W8dsdRh4Fj^mz+5dgC&gm+R(GykVhbbyC)Smdwb8uYH*^r`N7q
zQ_qdDq`p)-Ss|6O{&fBB-S*bKT)qX(bD6ZRXRM)Il7<6e_b%iy*n}I^^4KjcO*T)U
z@x4Q+wN0Dz`T1@M5}4!H@nY|bpLn*)P8T{&FCGWE)`SiPlApursxsY%Ir0ST@4!Pg
zG6HCf&_(VQKylZuiD5K*=X~8Da`e=V6Y~gn)*jv<lCNTGz~hI~=$2K|%)VYe12?^N
z#udb)!RS!wvN41Al?eLY`50sG1?&dA-H*tk*>@;HE%Wo=xjgOoLKzqVF<VWrO*{6&
zGGHQRqC!1BTL_a^{caO7#?sX4^yPj_@I?ylK~~?O8@g()NACF4=C|oI7_-8=w123l
z`J3(rc`5a^!LF(+^voE<<diGNHtN`*?MfhSxEYRkB|C5J`tkJyh~64uf^hX;gJ|rr
z+$BI;BYg>!PoD~|7Z(c5a-2tP(jdm6E6ar)AG{OU0$_|8AoBjVivEqVs6bxjVS@L;
zfJ=T+v3}54Q%HU|bl2JrhMq*jXGuCyt?|+o9nq6x#ow#L*_3LotQDM1sRoymu-xQb
zw?-y)9PKI!W{9B>A1cqutBM<(HTSMLNkXLCE*<-u_Sww`tAuf+FsW`ti9r!%=2o0m
z3{653YZ^D(c@!|e*x?L35obtIyacqXZ%9GP1~S7ei8bwLW*Phs?~%u6jaaCc3rMbf
zIuf|okgz1bf%YzqeTXafp-QxRFL)fvcB~(bhBm5PWLAqYY#`Jpl1IP#a)q~qYCKLj
zQ|`B;wrJGu(ED;b>fUN=nN_dsnI{?h8*S^l_nKoZujn=>G{$^;M(qvnXtYS+N}LRJ
z<HM3@?(McMW%YfM$Z0*am3UGfHu{2g7eCf;wT-}BuMF1td6@7UwiLd&hM1C0j6R}6
zM6yLk>ou!W$gSY(iC&tWBN>U><?vj8W78rs;wdcaaYI{L=0{<nOD!2LWMM4MkNfBP
z_K!CyY4dP24~)DL5~fhg%V6m3EVodUC#8`I*!Z_bR+XN})b@dcoN+bc!2c<nWX}zs
z$B-EyMlOMsH--E)9KW4KlQu?2AfdP5EchGZkDFO{>k?>Z?-SdsK!ka1<cI!l78Q^$
zbv{jlF<~?2;jP*7$Si11bbM^<jl0f?frgeJsIda1rM;NDALNW>hrUP>V(9;wfbAau
zn@W1RbeS0yx2`kYihWuujgQ2JKk#&=K!~#~C#_nhFxy|^`m-D(DKr`yd?XQq+Y^#;
zcn#gJXi?JUbMEx);g@tSH0*A8@-yA1xodWaJoJn<Eq{D6vn!gKCI8`P9fww0<O?ge
z`>N3+X3q#=FZvca*r+RCa>}T3-WbM@bC)qkkA2cCm*<mSa}#av9mdMP!^z)s`OoES
zLy0t1)WRhFyJC{uJLp5c8Fn+Xekw|nnmnC3y6}>C#2{W!BiYCax5mL&mh`l+2Im{5
zv~ESD>f<yzN0urZT^%dVrJHxA&`2?(S`|5bEe~JnOW%ClM*A!+o5jC0+JE4g=V4(O
zjPO~PucKMeT*`o%jDMMp+w_s*3^ZANpddhw*4CPJg$>0m=w?OiylAS+#gxaYPLxhF
zYi~PstVNj0(mk|cG9KmLr-JeGRnkRlivgbW2^OT>l3F?>0%Tvp@~jmhr8gnM;b?KZ
z(QR_vv#_mu=PU{^6sK~BlW1gXd+N#8t5}L3HZdv}>{i3ZeXVGVtItRSJ0cVhEeW5-
z7Gz1%94A$Lb#9}iXspg*n=5}9Q8;MEE-AB+lsc4|Y0Ij1P}Qxk$@b}E89be*K&G6>
zPB!+dpN7gCdu6ZwZQD%m@xVh*?ai!^@y9nKUUEg&fPgoll+RHi4CX7d;vAvLtBBgD
zU70l9rgwOA9A_*0tX3p1eAG_M)U+guKdMj7RnFZYY37;cLe<fE{>QYK(hsK--2-#6
z^7ynCJ)tQk)<^M3B+t%ynvG>FS}e!<`lJiGn{0Y(OKx`D3_0<+C14!hS6$5%(5tz$
zvC*Y5#3NEu{o*YZe>1;1i6pmd$X1JE$YGv=X_aYA>{sbAIT^J<wn;zd03_q6<>}qR
z78tOUS>nbMpZ1nx4DW?)SI%@b@{&S^uMqKY|MS$5oq~vy$N0~Z_S;+0B3q67GxgJg
z^FFZQC=7Kt8edyIEYX={D+q8mVXBPW4N1us5fRB%{%XK@a<eV>t-EAw=&c2598V(|
zWI;;fsp@LRb%#~sL_$TjvGj4d!>lT2-bI|D=gXm!=%10v2l3tF`kwC@zPbCLIGS0K
zhQ#R-kO*F$s!m|kM#8^Fr+%|_F|?J&Y$9cOdVMPM54=l%?t4^VNAdyR_x%N7T3Tr_
z^+wz#?n>z|kFP0f=*}cg*(fZaker;fHuiSEZ;01YV-&qs%#6iY#RjEfX}yQR``R!V
zYry}Cf@SzG9xu4;=Q3m2&z&=S1y{-aSmgiQ0ZNAuppH*Sp<7E2X<&0dpJz#NY`fbE
zw=#RkcQ0=9I&|`-*{&pa^H-!9q@=xX=9%2SW>a?z<9TSE6c;K`xJfByTbx@Tn<wP4
zZZ)MHZ7h4#@c1TGZ;h##>&}auB6xjYtjRsEvT!4+)k+Zg!sw5=uorT{GZfT!2@Ey*
zLFV(d*s8lssfZOBaoH;D5nB@`<U&T-<<&2?XlSvuBnSkRGw=p(dR{NCFWK@NtnWC1
zminA;Q8=6NoE)xexSV-DjoR<1c~pVgAK_GqES4#@zDr(#_|#dd1fl$^81|p}W++E+
zG-l_p)xZ9pyDm^={a-R9(uPpQq3HJLvwFCt%YzOk#N*V-3yWP7#P&Mm8+KaiLi@$^
zP&mEf7NS%S`1$icVha*o#f~3=2n3Vc-2HB@75U;1L7V5#mEzL`Fjg$i9(wWJ=hC~?
ztK|D$ggCsEAzjIg=uxSvfrX-E`X<K8fL2g18v)VS?cSWLtb~RxauCSj^L;DPZz-XW
zxBp8DK9)gVCabmFe{qFW`1J2sBV@yhE&&_pzN`j`UR-n03A0fB#YYgKVA8d<E9deC
z)j*GbjklxqP5&02X*s6@u@Jos=(zm_>A|QvuCwU}5DIyrlm;{Dm$Ju_<9QCb%j&J3
zft!{u4z+h?g7G_2>W$NeMntY5BSorP+*Eqf<4*9wn9CFsiNUay0XfN7a8n^{j>#;R
zahwAKsRb7$B)kt4bN>&AwLkFNHSZtGe8Bi|J!VRYcWgPhOhxo0`2F@+S$qs$7NC>T
z08fx&r*tf#@SzqC2T=BZ`D=OjROdIx%F5~I^}BMV;b*qs(K)4t`SX^|58@qsimIAA
z@)5cjaJ-iJn<sIRdwyh4%qobLnX`aO9Bh{6(`)7Mjbg-}(RSeCR%ff|TQr!L<xr>x
z-n)mPPs!ed-7Pr^&v)`%*CWG+8oVV9?I;*pI|5{0W4Y6{IPUF2SqFwAbc(HsxYCGT
zcW}1Vf8J$6RkUxchA~aZ^51m9Fa6h`Oelxb&Bv+-s6SqDvm>@ESdJ={_x!hD*s$qu
zXO#{-M1S^5F$vC!tD9|C0cpSDw_w=sLBGIXKtHNC(yiLe2LwJ%Bk2(Rw6LciC1JG?
z($7Yr1YR(~fM#Om1AJ#x7_ZtI;}RCWMgD+N7a?P>Mo#)$R;9EeB`HqLe|@o+Y{65x
zD`}Z)Abh}t{pX4ab_ZmdelGTk+Z@ZPEBTA`i`}aii{~p-sZ$1Db9<#2b*pN{KGi3a
z^q+N}3<@zWV#Nt$AI0sZdqF*+LfH_~_fAXuh+V{ADWtz)*Zom8^oq<{GQLw#XW~`a
z-XCOC(!!opIsYj8gG`=_QU?+HkJ=@#$ha!N1RwrC(F8pd@?bGp?Ozsw%$5Iwkpu-k
z3GIm1%o0XrpSISn_rcR-q1FRk^$;Vh@e&&j@Rm#Trl`hfd1#IM#(D^NA%=VqwKR^f
zW+`mu#6Fi-k}SXUg%ieCp4670qJve$)5$Ox?6Xeiw`mLOwD!Y2`$ZeQ8Uf=%@b`rA
zGM0;wNZBqE<_b*xdyype6K$Qhr^~?G${H-F8|9oNuU$e3Eli#5o}XBjJ<~ugcmB$G
zL$9i`t~kY`d;KwC^OACJ4pocbjLRXy1*ryNn7?+zaS>{9?}i1#1oh(=tNyK%rwcnn
ziTvq~Yz2zgd#^(CI(o+&Gni-u&Fr{Z6>jhskR%RhaCo}Xbx|!~#IxCE&{Cq&E2VhN
zkCh)_WNO*k&O~<z+#=uxFrMJ2@U$o}mIo*-j<K+H&(ytWnEEgg&h%FDeH#k!DS)Sk
zfk2<7vors-9JKTV60%AgnU;Kp4uk}tQcbli5(FE%drgn-PUxNlEGCojGa>^sA=t}{
z%Sp~UZ~nU4{E=@Yksqs@xb3+?kfK&?=MRY9{Lh8aO^I`Jwc9<dKD3r1QxmaDH@-lb
zAK2McUx7dFs2`0@wcI-|N`=OUF57Ky+kWNQ4(YoH7&q(TSls(`ZYKs6>{%Ww=zTy?
z_u00@JZ|@7%1?lzK52PxQ?-yc?o8Z6nJL}OY<D3tompoa=uFBL-lQ(ed58U4k6x4J
zEwxS~G52d6Z8c$syNOBO*sf_klH<ZfuEfm3<WjNG!tpA@OE!2bz^eBC6GAG&2n^)s
zC(r%Vo&2^lAB;hwgRavAg-H3+03AZtkWPY!`P^VYmP<ah|6?)cmXH3mb!$mE>mvij
zqvFD*bl44b-yes@*gtWOJXYO*f-1I=FUIyn@{2VQ4(-zu5rvKARJaUTXsJ9#7-beJ
z3pvJ#`1--BI^#RcossdT4|!7lNNf~ce#*|NOIFSQoYLgKVGD~qVft}w5ZgkO(cy13
zNiDSg>RHd9BAVg|sxAEX5~w*Hc%$To;`bPOb?h((<!fan$OzsE*CpV7klr2+o=apP
zL{EPbAbQHDq_P#Fl9LwE2qL(+f2Q=-wZc(k7m_vAcO$Z+*K`Y=!Lr5SCU}Fi)E=(x
zh^*U4&p@sfVb_zzLO<62G{LQ^SH3CKVVCu@p&)9pAnOgbmPAMDHB>6prOH>|7EJOs
zdlmy9u3QhQ%QtsKDPdjt_=QT!+yS7R7wnN3%dlRDXpR=X$6}bE7vH-Ou_l)n+UvY;
z9QjzI=iW$rocdSHt+uuvAJtf5n;om0inI#&o?TPM>D;j_;nl$1&ok!h4-s`U{Et7r
z!X$b!>rT)^>2<*@P+JxvX;Kx0Qoq(IeH~N}z|F0{wN0CQ8=*vfEVuK@4^x~C>9^lt
zxUGxjtt9L`_S)s-jprltLT@MByQ>d~v*u87v@IGWF;5J4qrXu|w4JYntxZ`H-!l)B
zQv8%R6SLV?Am{=re3nMpx*9F1964Q)7sqQTla?3ZBFtlQI+p6HBR#_51Ec{>fvx3?
zcu)1lNm5H*zYLj2XxWq0vzJP_+w+E#sx)m=OshG_UPxIr@e}P@Db+M}ymH!(;d+iK
zj`WOzOE_dH6V|d=8u)a`8vB)9FILogfMOQ6gICi0PUbgX8>?1tYhHU=4bEz*qfrwS
zj)B9>u&pswN!T2N7Ks&sg9L^6nl-z(_3Ii!NPjGvINsRTsyJ(t?7Q>*4E3_F3W{#b
z*6FBItjaNr9u;oB$BZ7f^E}96fAJ|HC`p2QvLTSxrw^&^9?kbG`b=B;cQ*5p+6JsL
zU#_8xh0pI(m)N+h#|+S<EKN{vRT^P2jo129WLb`hgbpS*UH6bSC}w>u!8G>y)#v5u
zGOV7{i5n#A$E<9VOHrJ&ccb_nGTX>dSv3x~K48#?37S1vzkP4Q=|0XuYOb~}Uw41A
z^<idZ*{;Tt(qe?7Zsg}4d)X}B#0Gr<nRxo$Fk_Dx4Xd1!SE!XVp;hm1BodyMB{$vb
zDrt#qrV5Rp0MPG!b^dmkrMH%EkDCaD&2i8zVwd2!%|E+;AtjqJ6xWWN;UGX%#J;fG
ziBB7$;tuQz&E?&oz63TxULe<WROy?jL~UU1rR<kg9E=DhW9pBW=3=B!-Dk9C@tEuv
z5gKqGUNss**nNwZ`B20EEtN^|g5~~(hKye*HqN__u*G<CnrBEh6!AKwj?FrQ@TCMf
zCaQ|PCZ1Ph0!S_W{S1YU@~>>Pt;ba>w5FB_f-1GJpD~>hhZtm!XZn{HI5rl?%k2ax
z9=jGmH#!I6*<%H7yF`6_K^RhMxD#F<v-wrT@_MMthvEWVR?b;+h;6e8s|qE~giABB
z*}jHbKPu-0gwkh|ab~Mk*O&3kw7dyg3Mp$*-M(X(<hb5Wk!+-EdDM52wl#&zY)OCp
z-s{2#OdnrS&ewSz=6m@*FBjk`d8Ew<F2Qzrl5VjRiVR_(Ua`&sS^HPIqig?8{7+q>
z8e#d%VnwSm%Q6?+efcr4#cJm4WQL=9S>aW&+Eb;D#>E#f{umRBfwpHsPU$QumAt39
zKk|kPDQ^3{ar#hY2m6@-^6n4u14d;2bv{Y8^a@F#6t(;vUQpQiTLol=&YfCttIDGM
z6;gq`YX4inVBYVy3P`l7;t>#UkYMbEsMlAW(Y;T+_l5DSruqXJw}`K`3U@bw#F;jQ
z0J(0RV&bCbF^RzPo%NJY=68C$UW{w8v1E4P<R4~LXsJndEd%7vsXj)}s`4S`>?K(8
zC2h$nJ)EAIl9MMbLd!eN7T=KmMYmA?8w9L3*7x-&SJQ+;`{aq=A$F#4&}MKKwRzQR
zA5XPB=x2X!U_41QDtrkD_$i#*O;_A$)jwGsi#ub7mTXLt`%NCEWN&SM6>^1JF^;f;
zHwI064t*2Td&cYf2QDU0S{2IRf5$EU$VuWK<^69tUD%gY<fLzGua%j>3e8xkD@LaW
zEza(r!nM-E%m^X&CG~l|hwca3B@ogsR@k&TRP8UB1>b5B)O|(dOMwNfy78Ski&=b=
zFVw@q0)q*RONJ)uS5zp#0{Og3U5#z<D=MO30d<S?_@GD~u*%Y_0tLNNJXrq&tEGYQ
zkUL3<#?av_-vKeJXMZl#6Syh1fhhIOzDON<_d{uy`s)NxZO3q?cqRs?u)GA!4{{i<
zG<S%8M9;d^7<BZ)3iC>L2Q9q>N=|zZQxBoq0axm~pCtayi!#y_GmjQ#*<Uc9_gl(;
zKJLq_q_(}8QBxd+&Q3l$;>hf(Z>@}luWn@-$Kr0yG_Y(Ez!rX&RMzn*Tx|Xc)MyGE
z*|Pe>?$)<vdnhA<$Q15Himl(XXv|>Uw)~4l=5MW3P+}?Aj9T%Mj2(`)`_lEOHzdr0
z)hp>IJEg&kF1kEP<WL-E=^IweF)<;B!|vSO-fWGJN2RATjK6`FOKyL=AoV{^Gk3oe
zx|P}y8h$Z!p09kpR{`wpr2Q|?IY^}{<zh!VyXoK!G1q!#z!rb=Dqqeod7hC#?*H-w
z|5c`U{~HTq*j}ko*GODhYAD0u@>;bW{}rf~Aw+8VhZMSU3Dlmdl;F`3P$W}aiKRah
zl*~}xsQS4;r!E-x(h*0ikhiy#lumjt0q_0vui<CYnS@VeKnhYn<T5c(PSx`NNdV*l
z{-7(g+F9Yp<;6esb|iNwzLIwQKWzr~|6@LOdmKtMt1>|NLz9#^QT9Vu_~$Aj^NzM%
z$=-x!H$_b#?b0M6_sps@!likXeRU_t^2Zt|ElM0dpGdWe_w;|v5$y-Hq2?tQFQzy3
z-LBcsn+YAPA0r4#AY6Ch`~@85YGu#I3j~9Xc6-8tQ{sCJ4|0a)bvZ|4iz{%pAZ^n}
zM8bGI*+XSH8H7w)aycTC9aEq29a#KkBa3yt_xAVmOaDouy5Dj0zk!Qsg*FCT;T@r`
zE(Xu@PF{UffK`1ItFDhBxqX&@0;=7ZdNueNjx=`Dji9bjW>7aL#JtpmSVO4VC~g%k
zf||H&i0(-0q`@x~azJ(6N`B&xvOmaxI=y59=O1N%A@i111+4O_tmF?epqkG`t^2C>
zoF8OBUEu!<O~BK+dLQ}#v<GN?v6&%P$Gt!IFp0?&O8x!|DMcnj>eXTlM8S+YLPk`g
z_p|?HXTV>dCI4g#1XC?znX>!ROOQycq<rkaT>&e(vu&K!F&3+0_?y^dyxB)kzA6$8
zG6nJTFvmbS-q$$qtyvSxX>K*EmW!&Bp;Z+mD&ih{^)#U=hxc&hdq!xzrRWGyIZBok
zN@7Q|f!369B@m8luVJWv)4B_%j+_}UZE1C+{4Pi)<d&{l6+2q+h@+yrT6+4KQwC{x
zU$$l6x;pol%Ir7!u@655Or=jK8)*4{gonq2CvLN|s>zU@(|$daL&C#3ISb_GTW!t(
zCT}G3L}Uc#S8kYpE=qj+AYhWV()xwJ5`C9BvZL+sYPii{t(?M{SA$xw_FVygRzD*F
z6sM}Y>+4#@t5KG1B^a4e#x7=BMrBhp9k!HdNip{}+veBhb#jtVZ?o43hEo_`gO>Y7
z8zzQqPS)J_@}ro2T)o5UR@@O*KEH8%n?(=R$pHgB!)K(&$1E{xHM;v|%95n|nP)Z0
z{Ftuo_>uE2LU^!0YXagb9IFw4zI8_!W;iAB^qT52G9}Kt{{EtaigP^c3#fjOPW^3h
zd)|%|390J>+f^7ej?o{{Pd?!0?B{C_P8^<!r!*Drwg<G55+Z*)MU;~9FR{c=b?iTg
z!zPDVNJNYPF@g<k$T@t*Pf7%aaP4S!JD&!#B;6DzbzGH9xSlCk_A32MF7s^^i7;01
zt(m}QIu@<n&%Ea{h6=MQ`W_$NcaMEccyHzddGPQ-&QkAE^d@>-z&(3TyPJ^qdq}XP
z^D5*ztI3PFao)o+sojzaYum{HbegaW#{LHbUD2AgWi<oZnuI#m>fvs*pC72+B3eAD
zqTPe}F26D?t4v0VXt#S1?b{|p5|aE<s{5I*RHi(CNdNd623^CX50Nwa@k4x^_``$j
zWd6CUZhaRg`+^qv_<oxWAe%H}f;2$Pd&5SnCO~fdLHTgWXzUk^cdBgRipiROF>T}4
zC9A}`0;h##bORLvD%#Bi8xcAUnD?J`t>0nU&90MKZ7Uq{a}Ds}T{X0d9j;TGOrEHC
zqF^-fuI;OAv5ARc+Zrygqq3r;OhJrQb5A~~tah?1ZrYIL#*Br;+s+raf&_Ju&MCt@
z+CIB3zvh6`4v5Vu6t`xz-_kACJ8$*M_uC*ic{w>z=yA|cPygE8#l~cSk08NXr>E>z
z?Cj0ZkVJfw2vM7bSP|%TT@U9?WDN?d@rz7eWoUj++(#wH;iQejb*Y0B=x5yZ9Twf=
zJYP}pD03#K7)J710;6%#?qvbIOe=$#|C#vY=LWKM1L?ZNC&hbPlrWka%x}6F^O4@%
zmB=(}NHaTA`4g5zH=y30rqDyrLgOGJ&S0#?Sm6NA8#O4{6cUnw??dm}O{NgW?%MN<
z+oMI_y#Me#H##hyfj0W#wRbzhnL*$BTMw10&nT<*>OJeBaW$ReM*=&^quU|M$9Bsa
zwRMALgC>v{_hSRlsUw84rs{XQb^4=P1y{H_aIt0YfHzqza5vt&AAYo5K<xQ}md^I^
zHCy(}B+lda;PUqs5j|%b+de&|x}QKin8e*}y=N$B`2xJ}gF+Dp-2=@;olaj=c-ne<
za2!~=c=nm;+$&_08p%{T!s`Bznpj7Qmy+actg^G2lIZD-Rpzh5iWL)eVH_X!t+gX0
zJQX-%iEik&&|OJ*^HF!SwSehEHAgKwTSy6YojbF%E+BYs0v?v+FCYA+LffaG{Z%eJ
z8U9&?*4}=px;RI^t@#;B5QV3viCK`}yCa&)9lo*deBbcLa<6^aB&3%X@@3w}KEQJ$
zO(J!Yva6cqv%ii0=(S1MPD^Yb?@n9#h0A9(Nwr{>DBq7E<}}KkvV;jQvYq-)(h!fF
zg1Aa-tlob0{5o;Ct~um~sUwEllZAB{nN<xl<dN#gunD4R@j?w@ci!H7IK6cV1YUTe
z9b7>5<c6v@Cl}zt#7@a<W*(vKmDj{S#F+1P%$uo(*QOj7Trjk{d1Yl<+J%}HA4l3z
z)oGb2<A2zrMqX$`dv8OI!+cQ}<Zel$Grq={VElNutg5^#*psz=iLj+l20=O>(qEcP
z@uZ({YG5s&EhujTMrA`N`GhlXOEb{_Vo=$E+iOAp>G>;R@tnF;Yb;tg`6}lU-wpZ(
z3_9_d`H)l0vP?zRQx|z>YT+}dGjtKpyRCOya7k6{S!q+&Sn@4nnbIW{r=)7Nbnc><
zxFgp>(k<qt!Yumi`RJY=a|L}dPD!psv$7f@tPu2coe?XYvM0KTJ)BxH2?h;!Bn8Ks
zs5h9F_&rvfyw#tl&<|+0s<CCWQjC_@Y|#<{_aYi-8<`~UqRcPNI5<qeruun7ealMW
z?e0C{^>~J_6UN@R!)i;0a&<ktdx8zZH+7)pM0P%(PQ<G4PR}QK#{1IsbzCdvv@1lW
zhA*ViVEkITab@&t7_$NQ9w&8~Vtg#Ac;-&J)6y?ryYpzwugKoo-PD#;gGkQ)jzEVU
z&ipgP6J6V$Gp$yov5e@(c7~Uw7f&WR2_v3+Tyx}Md>W?UF<yIoL>{AvxH<Z~K`N&)
zg6+6&uFJDnAimxv%I+li2|5raG=Cj2d{A+aOS~JmSyub-R4Vq1tX9FJ;)f+9?}~Y-
zm~{+wZ6-3z9YqcY#`LSJi$;9jVqRnoOvuD8-HzZV7ZjYh@B2k*%wo9O2cegh@o{y^
zTXDfR(WRb;&}0wG*zU(L59ky12jvdf6PP{vRAnB-5Ry*o$v`5Fa$}PQ@cg1|Fnn-f
zBX9vV7+RFKSCfO@_Kn(Wsvn7+Hqla9u2AIa{2<&BngXoKWO=|47W1X$p?q@jwDIsQ
zIw%!g#l!S2Gc^&pr?$GJ=KeaJ*_*?(13uIBHXl5_y$s_^k}iR=ezLq9a<VB)i0LQ&
zg?&T2C>|AZ7_kD9lo6`jDS7CW;Vn_U*2^cW7j9_z{hhmrIy0Q~x%_Z;tk;fg)mS7)
zl@%uftRHOeV5^4VY>?h`j>454s2H}lr+4iy?R7;hp>@9{(k3<0QQ*ct!H<l+P~@X#
z9e$m4$P&FCTw2U(UdWIO$CJ;arUD^P101(QcGQi&+1q5ropGq@Sg_wEceS?XIzm;W
zyHid?C55V;Fm14|j%y1d-ZQsGt(P{&TMzZ(Zt2O}v+A4q6mhue+*=@J7xLZF;p<ry
z0u35KyTUbC39GVgD4}MD&kPa`BjqiewiYk4Pa5J<kH{YWMYr{*>ad!a;e+C*Fh#bj
zBZUwQuz;XZJrI+1{pW6Z{8|A0NAW*ZC{@ubr{UV*kv7iBH|pl<<oEq3HPV09eF9@g
zm1Um(B`VsII%VIb<iM<?j`$^d$P4Z_Mz8&qVHLkb!#`#pCGO$tV!lzU|0U`hD)wpm
zZQ6`#T6U$s;qyw`8ULQDX7T@^mlkz{mt`8gE==2Lp(arx@71bJA_UJ@;d(EV2B??W
zB6A_0?&qwv<_O;n=r(A1y`u_k>>PqFPqiX0>MsETZEq%W^TRr#nzL}Fv`;k%LVeI(
zg6N^x(I)6PGEZ#QbX{z38wA??rY`|l`lz&6+4tJ%39nFs#p&<G2dO7V;GN=n`%9o%
z=@P)=(7FUty(!KPFM)G4@(%HfqM$9r{D4If=p8L6t^o9tR2zPA21PK3A8UE_oS%VE
z-gE`%Tp{OB8F$l%!~KXn{oiS>RB;5<de*zX@_?8n?z=mT-RB{D>@H)v2Y-YS$~7Ec
znf=1F63c8eFJ9}1WqiscS2qBO|GcZL1f(EGw;9f|GIEwdCuE*tle{midm#igpywH}
zK~~~D-5nkJWJ8zUW<vUEUpVfTS9Y7{_MjK$O>%#TXG@ujYyJ)Tmb)BxK0oD<%fO{6
zt#KsWd^Vqyl=`&{F^T)K3>P=CS>r=Zd6WcJNcvZ<-4DW~J|k#-MRBKRpex5P`}Na<
z`<N`S9a^_TFS~e(U=(g)uSS&T@>REV1v&>d?;`L*ywtW)ULv}^58t(F>I75=N;`E;
zH%gt|Ijhap1`WuE75A7A-4NBuBKS(m+_m7yc~+c(&Me+z=BjUB0`uMVQwA64YO)sM
z;9XzfS8C3G7%#MMt>0ysgnmjry;B%fRZkAKGSwBa3tchF6T2n&5xR9CLb2dUhOea8
z+7LuAdW^Zo;!$Ljq^JG*MJUYxWk}@hz{ZcC@6d+fqSea4M<&H*y*srubtj|>&7@$Q
z$b{j6r7rCvB9_kH=k;LI@6!Y=rEjWi9~<<*Ye*pktJTS^qea4o9AjIohh=Z~;F2c#
z!2FUywvu*&P4AcdthAn`N2lC8a*Rz;z&z{x@LtYx|LLZ4`WjZkS7`82lJ|KJd0K4@
z>ujIPG4ESWNbUZuTVmt!FDW7jy1VnhZ5VuKgbXHGbf)tjHkw`M+e2^MYd9oehHsl*
zSR#ya{Z+@5V^?cynD{FYtIGpVWX$MZ(I!QC_v(-vPWf<vlO$B?0-X1UR{OGh^`LvR
zot+%;h8P8+TmO}=t0=#3p$1|ZH+2bADi`!f|9PsZzs^@aIw`T!;7h=z?`{!<`hzKU
z#!W9gIc3f~0b=?XPlx`=)mZ1QkxAO}l`hAIg^<BD#%qk5wzKhzF!Vkd0B7wP57M{W
z(`0${eH-LG8{x(_L*o^m^aM;v%l92amf%Vc2!<7lr455vXEfhA>`=aX*z)DQQW!2n
zq@tXT$5uv_G_}?OAp9OMLw?7Qn``mIY8Mmqm9(=oz0HAm&YY=T|CCLdA=b3v;3P;b
z>p7^E=lplo982fkmjJcz@L4-Jk727U$va~_$C4}5v4RrM#Ks7ejw8EaprD@%0@gHb
z7HP08QIrzPoT=5t(4fWUTxjh=M|;hBpqzc)8evpB9sHsTm#Hh1v@5fx3N0ZYLdc{b
zXQmUVK45DSE2ndoqi-BfEEq4Bsw}>on<lTJ6e~j;i&&jf-CZz?f8~N$6<qLElVvQX
z5Z<(o!}*vSXD$>vYG!I?FH$Uf(LbECxvE4mo=)1E7!OkzUs9oJ3QbxJc1~G(m-d><
zxqS<q2=Agl9UEK%6vW|Y;A*=uxDvBmkB#>{Au#5?^aI@7llqog%*r(%n={>_i#`gm
zZV=nmN{QT4{H@i8o5Al~MpTb9Z-MOO0-aU-ZLgt_^ZAY0hX%=Son2^(bjN;{_FR{P
zP{kxP4!(`XjItCffr~A}2J;xN6&<=}pYLe@rxMT$W`ZiDh;t7JME-+9g1n0sett;c
zNPo^d%=*!x`n_fg#8*&dn!=*~OG@g$AO(Fcfblx@gL>JhU(8khQxLt(UmX|}p&py=
z@DG3C$IY;Q%`kG__`REWYqw+oZ}{$VxQc!xxTjiw7TYHV?bl`Mk74cE&Z>i99k6-m
ztgQzFBGBN3NdR=cD0R+OgaUd1wgydGK<`I$%r>nqZmJq2zbh^Fn?j&z6j=;G3n(Uz
zeOJ7=UcakskDv}e*3k!@xV;-j$jXEMj6h2(DN~4J{rB=uw=V(lqVqS2m%z((1mSQ1
zbcGKz4~mBF;Dh#8qe{B=ziR^{xZ{`2q@Lb@E@VufLqM~vpDp^yqyNk2QJz;^iz3G8
z=%-i#<+a;LyI)9g;zbu506!OSl7nvk2%*36x#O-qSjg9HwXX81HQANQ4f)+Z@(4C=
zW3KwTF~gPHAoO1wmHpowPnjA~z_5O42>72hdNPb$gObM>@_N5;m$aC7jcCg2KAOOu
zc?uPF#kVZ)m8tX8rr&)zj@6O7MBx+J3fB*?=a)9Au6$)uQDd2Tv9^nj#u8S`<*y#K
zCO;ZS_I!6#-i7F9b4ZC}bOfh}S1(&!v|W^p<4wz(Ld|=2l&M)_+6iN(XXNk58aVEZ
zWE`A)Zpi1BE!M26vF3;Pt5dL$o6Uwm%hr>2R%JWBtUW3H7`qc57xcujGQe{mxF&Oo
zDOV%NI)TCeK@chKUfUX{gZLqJp=DpwVUay;oeJ5+0`?2!_q5odwHS9%2D}0xq|{S_
zA+3J9&4IQ^50GiX+mal3BxD;ZsN_XGMY~I^ecuu4`>mh^C}zu=l!p>jch{2hN2a67
zEQC0>t#(^A``T37W@gkpNMMjLRX<5TX{QKwx)0NlOZ_NiX~&)p=ySfw2t*atmqDy9
zr83vn!<*d<m2)N<aFz+ajdh~9g#;`LSICG<aOVYnz5X@3f<B&Zx6L$Y3%`+dek8GF
za^8M@cq$10{@XZCKKMX{w7A7cE=xb`jppMqYXkQFTkRj82?wt4FO`<D^g5HL6$!Nw
z&OSzV5cU~mId#dg<xn1$d&z}^y+!w0xR~Gx^ujMKN*eoQb8Ip~5Y3Av#0xJ0R(&@!
zRJd(_y{+jz6&6zj`vS0FKAZ*7tV~u>awKSavRT#LW{y?MUu1j~JT*U^DXIr?j!jGD
zk`R7D^_<l$Ts(y-2KCo+!+%Bmw$7Bi)t!f(FFsR6aMHTmquf(!r|G1Tp&@h=G!yCO
VhdsTzvia`{hre<tBz8Ia{{co1o#Oxi

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/webui/index.jpg b/docs/wiki/images/webui/index.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..33f0dedea27a616aae148b172ec064159df1374b
GIT binary patch
literal 27513
zcmeIa1zc3y8aKRY0a1w&kS^&C=}>7AhHj+0K}sA&KpByglu$ytq(e$tkPZQZ?rvt7
z`L@S<&b`O)*17M!_xFAGb@(mzn!Q*4_p_e$)Ee{z`YUirML}5sz`(!&?tp&)dgju;
zysy0t0H~<}8~^~E1F$h908B7<0sNx!*dD+J^B7=WKPC0s6`%%yO9QLa03LYnJosH2
zOaS#N`0w1e+|SQX1b!m$6M>%y{6yd<0{=H6pnTWdg<iql$==P)^)3M5L}C3RPmqCf
z!|N#Q-|}@a(ZA%eL_`4~Cg#uiKg$;9lE2~iQ?~fOk&1rK`6mKD5%`I~PXvA<@Mi=B
z`1nP{`Gmyz1?l<3#QB89g{}dA?H&Lq19t&)zy+WO6aag`2~2L_pDTFxo7IDm-p<R*
zO`Mn4#goU}%GJV}$I{iA*Vo*Qm!F4^7m$?kbu+hgwDzL6u(q{#kz(DdZ(^mlw~}Jj
z6ISC>bGu<}XRqY%VXftVTiep#(NfHcRYsbKK+;#-*V)b4+RL2Y*V)O%Q`}dI@t4-c
z!Th(|yo}P49#%Hunl}~xR08}a#rUVO`1ttn_z3d2df4*vi;0Qx@(J(?2ylZXxIO(`
zyv%*MT|Alo)WA(^PfHJbH!piv7y54vnp?Pfdr2{Rd)r%y+nC!3TUc2Mb6c1TT5<F9
zTbXm4TM6=WTL}tUT@&UP6|mvAVEj|}R+hi@?&j^`^h@7Xmb}(Z*3Q;0UY;Nt{Jf03
z-v|Bg>Jx<Mw@&{m{NNnHGU7Kptj)cwZ-Pns+bibg6XNC<)c*Cg^N3s%mgN1RoFwlz
zF#cko|K5@RQ)o#`T3L!)ejB^1$M^2Ftlj_5-nNsy^zVe~@6!bDe$RmIgT#lAk1xsl
zmtFtAvH0Z<NPA$t-zXKVN&jE?{Osfpf&3G$pK$#l1pZLrpVajeu0MppA1eHly8eF#
z*Po?bYZp+&^#NsB^b~Ldz{A18#lgnI#lby?hj)&Em=KgP2p|_PohPP%T%n|ZP>@s6
zvNBN7u+WfGF!C_6u(5M;abBV473Ad*VCCTC_|^yp-nnxG_ylBxgk&7l6x1Al_=9c+
zh|ghKV7$k|U<5FUF|dd+&}{%6=##_&y_nw|nSc6VU}9n8;NqRbCm;k1R9*rwF|e>O
zv9WM)ut66lMj-ecz$V5aVc?g;C54*fF}jlpJdA#Ij_G<?3q*5pn_1ApBM6`1GC2k1
z6_%^4Z0sCD!Xnp1#l&yilvhwxQdZH@*3s3|H!!rcvbM3cvv=_H^1kci>*xO{I3)D(
zlQ4Kp?DM$zgv6xejLfX;*EzX)`ESZADyyn%YU^6xwY7J2c6Ij*4UdeDjZb`>oSB`Q
zUszmPURmAQ-P=DnJUTu({WdQQ0PFj-ew*13^CAZ4g^7)gg^l-ZUKp4@V8SBC#$n*c
zC6R;TnY)uR3OqbVc0Kx4SqnaspyoEj!efx&GPBSO%g(o{{W7zEZel_I(#(FF*q`S$
z37p5m0AC&!F(3o%8M0;6MYv_a*?_;AiVat;`S|j;>A)JM35K7(!=r1gK@!7?yoX!H
z^GhgFAm!BDc=ml}TgY$%&ev!l*k+1uExUgP1tCkLpg8O6?$6|Q+MQN0y3fkxSx9<!
zvAR3u0CIm#zM&E){Jurx>}`j~Dzm9#!*`R*RyB)mSNP?13(u25<!v0upt6*r)B_mu
zc1Csy3G^cU-0D7a`$ZH;zM8X*7S=)CdiJkn5XcDZ#)qP$8Mb;A{}aa(>I29y-T5iY
zuwTYtYIdHFuBHa><M`=V%=<ESvxFVK2=AcSYT?FPEg40h?0xR0yeH;7TbS2TnN4BA
zv*#2X$<c*a_NjgH!y$ue*pWe1@;|g_TxNZVndrm<$#Z^bdK<&7v;<+B-c!OF%7k^4
za9$n3311JzBNq0iYr4@}ko<K;LhRGGp=>~gszaTdLhTjD>1K3ZZ};X4Vy}Mg<=5k?
zCxzTMN_r>OqBfQGIWN&m=jjW=7dH^cNs1-VlTrVf=hnXrC3r?ta==GUo=iI)L<IQb
zNftW_k9h!VHf$-*GE7y18sN+su3#&YjhV-{-j}+Zp1Bg#GcEZ@P;?#*c=_w523{q^
zpkUF=s7FSI^$Gfo#%9Y+N+HldGXY!1+eb^7aJHA2<&{KN2uHad$n)A@m5f!`6|QQ9
z=<oKKP(e#HgHKlK1%qp=;)g8B)+!&*J8*0Wb4&4Vz|)vbp>K&i2%R}i0#g|Ft~pO_
znQ=dD=?Px1RJYvnSnr^yQ+uz>jRty+RFz#>iLckP=B;z)mkx2SYg7Bh9Nnes$sS&3
zDy<@Z`JUF~t(sAZE#AXtWZ6>ICv<{IHp6Y*!&w^_`%l+FjQk%5e?y9a^6M@qljeYB
z4X&yzQv%}c3nZrnyrYsrH<D{`@NwJdJN2~KvgU58b|z-H&hxL2CSRDCR=y^zIX`&u
z3;hQ2#!&5hPQ|x%`dZ=XiKhf7P6{Mm4hZ3*LuoXCm#En`;B6ZJrR#orj#{p2l}sGo
zXU_pW9qSyUiPsFbs(qx?)SR7Z3JJ+LL(IlMXP3b6gF<k83Y&@|qk08Z5^F`<Cu!<W
zL&%_}59h%DvP9N;n#Hf4A7FbI(x}T)-5O)U%Zo&EzRajyn^_qLM?4<Vq1)P@{NlvR
zHa$wN<?Eoyg{JJF*Sk0^bZcZV@uh<K9Ws{dIn0p*rM@*5D;!ZL#l379@Fj^~UfQ=8
z_s^zEFG7Czz(vuXn}P>Y1sruH7v3$byg+o#kKZ>_)-Eo2GqUS>@5Za(*oZClCKN`I
zJel5DdK!**BgHnPGpwTOZRnvW#EQN0d2G9f&U!k5%)DkSs?q3#V6Xhj-m4pFFUFQi
zo}1@clu3WcuPf)1nb9zX4QO6Od>!Md-`>(6<W8RV^KqkpUm?~Lsd-U&{J46S2n{@L
zxPEx~uxht0w<zJm?fap1B}8k{zOmOMPAqnh7MR0RzD8uOm}+%c=C%sw8?>kGzJJpo
zuWY_zqUMjv>G#rI3a^;hFS-1AO19qO%UkjRz7L!i8Y5ChmDr1OI(1&JXvc}Uqz1j=
zg*qKP4H(FDdi>sVIndEGca7Mu&iHfwwTrD~Z5{hlMn!sED=q5rZ=Oz?uI>Ai=jL)P
z>=nL>MRXCV8+E8C3whk;A#o4Hd<!618b#8a41+IBUE^?KlC*^^9qd<DBmHlnX3+r0
zuHY>lV;R=+fG_*fkC>YWIs)VkOvkD}EcJP`ZQt5a$!1pI=m{V;X^h?OSkoDDE{W9$
z6;8zpVN-^{W*>(jlR|5)(wT#~dvcdQz1S(9Yx%N!btV0vSy#WX)l4_UkZ0Wg#aEBS
zK#$jSmx^QRR>nPBN;cFYvOVp3si%4dFVh^x2%c&~GH2;dC@a-Z5eaDEhH$FsG?klL
zy09*XFbia`wD1YkNq9;2CCkvJ*0Lhh@F1Zml1CySdW=#INn{?T3(rFqqk*Mk8sEzc
z(7_d9*L3x^k&Gzn@S$;NGo)$e3+`$fGp_1Q{i2bt{k(+fu7)kp+SdK<_CV6tQ=Qqq
zch41B^xSYccayrT1EytaY8f7X1^>p~06zt@^VZ7Zk)Ohr9?#(PC+x09yLR57Z1+f`
z-wrL9=^zTY<V!JQ8yP2Krn21Mo@ybnxaZ^?ELZy^^gQ0U6pY~2938FNtmx3t2a)PG
zfM5Y#($tp;U0<I>jxe3_r>HtAi+C*#0WY4csxM{@bITd<!;5Le&&A`+qZH0bt%Z$n
z-|q}$mU`H8CZXqQycG7Tt+ZF>2}F3o=K1s7y#vLjs973G_3{;#<4giLTS=nyGPuxy
zKax1#3^vVQbVaS8Y-%RgyzuY!vEX^JIF9!i>Ll-?0j8yzAnq9pgv?;F7gRoweS5~V
zdpi>)&n~mJ&=gfdRbq7vMFWh_(+_sPbm>LEKm+yn2Di4+0Ai~<MZN9I2@SXt7b_zR
zs*bh5a^b&})451-OsG4KR5}{-Fyi8ZH#K-rJzRmWHSoUT4c(_Gyf?_n&dZ$G%sl=A
z-Zm7EOO~;@FI9N?LW8GxTsD=WNx-Kxt(|Kq#TSvM3v{SQ#&Isk<IqU$9q)rSJTG%(
zrK?6JWg*Auc`jo+Iq9wwF0YXt9Tu7wute=^cc{c3u9SjQpPcUy<7a5Rfoj3pDRQXD
z>u&52VqDN=_qhSCn^;^}y<UD*DqY;`=Ep&oYzl`mlC#MWjAa6vB_j1ry__pTvE9SE
zw`{E>%GMs5iRcZHz`7t!Ytv|8S$Jm2Y<FwvluqrP%jb`$_p>f1=$c*~z=mVTk3-|U
zr0OpPwyR~WtYzDa9I`Ep;Y=0=gzuQDZ*R5JeZ2C{e%$q`M0GRs4%MN|jiI+O4dK@K
zGp|?967r>x^$>L`W!>t=3fOqs(uYO{G!Xql8x54y!uACXMt@j8X7;Mb?)x&=N{|Nr
zrG*<lC^?cq#l4~{z2mo?G$Dwgu6!J8I12kM(Kf+x{{7r0JdvFxMCOV1bGS$@)=P@)
z;*bn6=FKUBLpnU9?66Bk4cCEVNM(Hprc2a}71jf}gToSrAW9w=rci8N=5Pp^H}heM
zf?066bQo1&>D7$;whEMyXVa&M@ub8;p^QwEsj>}gl8);hX;-e9=pBq~O-|h$eavrQ
z;<8WBHjXog1~5PBuN37k@AzRdN-pbdem$a%!+o?pZd^9*TwKgUA0*16X9K^k3V1$j
zUK^^Hq5IVC__bh15U^3_#>>0fU?)>BYkmbH7AqZ-b-(seo}?PBLTvT4uRIyl%<vwd
z%Nm9T=04D!uAFhY)S>~>_q#3R_u`AG15}AP(_TX_?^JA@*?qVVE~01|c~Hi9@Q2dW
z_NTG;VcZit^wUjH{pZWscGd<=qSj)#)$hi<9P$pu_!GUuUU8_GEc%S-I1-LDRvKu5
zaNW>#T%ThR%~Q0wZ?Bn>*VpRMhjZ7IZ088cB(7=@__+TQL*UfTSj{A-_=vfwWE^C$
zn2uDBNXB0IV;Z>B2p^$dnVpcMfg=6nt+uy%dX)i2zC%6a6rPkUiT<{g?iG4M0!Sg2
z-i*82eLIyFbL`7!m!R^H&wl0xh6RDI7eBXL<eB>NQQppYTG7#ESj8=0MtnY2`?*7t
zvt*2)*<m1OU#A6w8i&VP)2j_@eeud{jzKemyJ&#?Mi~}>G2oS*`!$t^!N5WyE>vFG
z6mDOT*%9OJtm;;x1d?%KINirU%a7^TrfB09_jMtqBL!2FoD-|>EFEWD*G)=lvco*y
zJxUpWWe<Zal@FU&*Owt~mGKPoCOw;2N%!CDVJiyFHerF9wuE-*wRZP}7kPAK`W&8V
zu5P*XSKQj&=vQk?xnF4t=k$uvRpiQ=pE5VlL<6ta20O$eMqFHvo*9m~#<Y&qF7%&k
zd|g{4sOhM>$DH;2Icg8-*w;R5-;rgnd{BQTLpu4sR3~3E&y-L*+0?aU<~TKk4Bj##
zkP;+tZcEiPX_lZ6`iPyQdH#~Wo_i)zYm|##-*rZH6#8KOZlhGc|4eQnr}>JWZf>#H
z%#P0X&|)ShZR)l5orU{zD$+JG5vDRKvyyVNfr@PjgjZkDPo%HT+=jqTQ3uiT)`~dS
zgKJ;WsO?b3bCS}kl-F%kf73bc()#LA6@CgV(2Rb*Kss;MT3uOm(_k`jPNp&H4(yGT
zV{8eQP#dcQ|4F(@)SYS9u$V9Mr==Ni&Q|HdKf?ZhEn990;|@ky89zFDzHe^g9fu?z
zbPcK9%*icgOeHHh|8UkLT>O&bK&xfW<0I2D$?$iaIpN0dm3`2FU}HvYy%~wp1MZRg
zwg}ahBGJkzd_{rh(h)T!_tV5f<g<#_UhN$0HkgnX@~-4%%4?%W%FsZ1E*jX%hpV}?
z@}uhA_chd9)`nCzRky@4gWHrp%ANHN<hr=LstE3u2%&lGsh?oV!VIZ+O1B|%tjl~v
zGTmkB!}IxI$wE-vO*gv$dC?X>S~vHk08y}m1|ArUREi1X*Y>nEdCTPGYeUT>G_&%R
zdv32IIJ93W5TpuQJv}weyPAIWg5hNufztr^8uz9}-4kW3P_3288kP9ZtBwZOS{QC@
ze13cWs<gILw<BHGt{`;=MfC<l7ASJBp=^ERJr6%${YqHV^i>%J$)v3`r$+;(WT$+L
zZ&!VLAeUnh`_d{^Mo%*~*siUV%$sH8!yNR{K>rBrXjG2pt@)+d8w~sMMJ!J;AwDce
ziJf?1FDmStYLj&|5zwGksi7*fV-0WNFz;FAEF5Qzn=%c4!ja68oC(oS`B#-o1c{Tc
zbBuTg_Iu(*jl^oU+0}brefu{4^y_<mG~lf$4*}Q2(gM5Mo~q|M!?|I2FeFBJ|C!aK
z1yztCZD$=CI4H=8xEas4Q)(@BPPlpWg(~9d)n1ZI5_$7i4)~J7^LSK}OS-l_sgp%R
zSD`~@k0ks#3BI(Im13@5y|J1CZ%l3ve)KeiZp+<tp5Kdun>jMRAi-iqLgfXhY?9~Z
zKh`P3LP=X9S1Uf#zj<;md?;PsY^NZeF<fUl;j``e%U4|nU!&$U%PYA}sURF#lAoT_
zrW<xN?BMi%EyU{9TK0g6cQco<L@2MS`RS(&8pTI`4mjot)zfO*m_l~5rl}?+8@%u=
zn;-FlnqoQEm#<|)Al9W&d9u)N>ekQn6NCRG4M1{cHgLDv>NXk^?%=%;^yoW+DzZeD
zLXu45wz=hYMn5vKcr7ta9YqhhbUEsJS2bY@u~b6?@>T`<B9mUR!PQGSIuG)iX5@Ws
zQLsu^#2L7QQ<bP@yjiqq$lX&vhMH1>{Bgqwg$Cr&K*ur~2!YI`pP)vYw)V}CE^m3@
zVu>D^eKNmqAQMHV7YbWK=%Rt9LD){+ejVGQc~7L!549tIY<_KMIWy@ohve`N^?zs{
z9AAVD_0Qq`@N#~l_l<b}$7!#x5&PIFZwi+GXd=l{264NgsWT0$Zd(m0+jm&N8Ga(T
z(bBbAC_%Smc3UqAc~|2evDL)90~-b!sPce?h;~oM$3<d+vY8g&uZHas)nf>#T=y-V
zJu*WB3Z16*rU~1ephnw|z->Z3i+El|?IU#vXDcKM`e$ur|4O-r;kgpzlQGyKiTW9Y
z#oxp)r_=0&xDXAjGpC<&sN`<4JNZJ$phgtm?1DJolD}DV$qB8i%=#5Ha4I6cr?TJl
z&}>)oGi*W_4eUF4WtYy?ZdE|#?>PM<4h+%K7}@Zuca=Ugd76R|9xwesr)~);Z|mji
z<W1!Wt1QYS*}jk?)%lj@)@l#*(R1CGjr_w$ys0?z#MR1Hj~CAHh4TXPjV4w?&yG|9
z;L+s^U;Qo9{d-(VSIEn{?Q^-tUdxrm%u0Hn+R{A(&ACXW2Kw8v9=%LJJ168mVIZIX
zs9>_NwY{{}koxGoXA@Z@tuZ{Z-sc6k)C;9lb?e|%ghrQ20{t`3&jnK~JjuV(*U^+=
zzi0`g8R93f+J#(US{EmtO6JbXDkEU8zh<2`I;ekTF$ZRwYhR`hvGg!d5v8zf#!j)q
zNZHXa`{XE29JIN4Dlugn#awp6AYwZZp~hTH(x$+@y#HlS+#x$Kzs20!9{W9$@JN~=
z85XcJp6*`{ntWjM!mnWC{Rf8RZPDJZXVkiBXdwL#h7nnftWVX4Kl7E#MKAJPr%tKP
z`|7o#cFn&yy3n8{*ChMk?VO)^!z(JL`*hIjdMvYyFLeDSM7+G9@=Py(mHPkIm9tM;
z91V0mvqb~u%xGXxQ!jfw`JOjuaJbTsYE?!98Cm%ev+<n|L1nV+2`F~~-;!Q7k^n5S
zxQA*fK?9kVB|<-vxr)&Ri8O>fnJ#XNJedZ@-%I+2A98%M9OB1GT%7qI8U($RpepM(
zQ~8u-eLh<s^CC9!SVWfg)8|g9Nsj|&X)psWBW~^(Gf*p*#=y?I>%YeTdh9J)qbs}X
z8b+1>$~<xvc4duJwKM|Cd{?BKUhI5nF4IoCx)8tdP0N}vmhb~bjb;>XTIvNqXv*f|
zSfBl(r(rY#2lX_+hhj>eE`bvxHOUz3bXd})aH2osg`?4vP3Gw5sFi9QV2PE6)5rjE
zkI<DRm~r+azQM-z$kf0$68;38^$#nb#J^J;v>u-EgXARZV;f(T6(8j`>p$Sj&xVL9
z=5I8{51$Tud@cuh!Q~JX0>*HArv&*R0ac%KP}Er!q|D^U@a!{hP4CONQ`(X8sdt{V
z?-MPP1XJIznWw+XN-bLTQhEB^reueAs4eb;ZvyIuA^F)oG@w%)krDqHKkZsF#k}1I
zXsR4rpkg*l=B=?p8YR)p3uY&5mtf<sP&SdE*~;h!XhJGOw!6IWRclUpN0~^Jp_b`J
zo3wVbYP)xN_y+Ye%IT01lAIBLjkM1S9vRbCCG|}UsGHA0LdyDE1oZ3u{|^w--y^br
z^vu+LXB>6YQ3ip}ih{?y<@r6o)b=5(k_64JMd8<fWxj8Dzv>|)ucaRn!Oo~?{IY*w
zmzopq(?^qR8KoiwZ29AOOLQuZ(93rDLOLGsg;kDcWF8^!M|7^REf6N;<_kf4$a$gK
zcA3w4Ofzx^71@m6%0n|EG;00fnex=HJPsfVaIx$E=4$qXDM~d5**)Yu;L2vf`C&iU
zuiI0PXxe2mKm!xXGW*(b&}q$yZ4S1KD*oTBWxwAKycgqEV3<wwehp}#)Dg6fPOPY!
zcY1!Y%YZjea8!1lw(J)O8_u2GIn_~gmwJ+$QC?^ry}_$0!EdlYp!@-lBzWVWETkuO
zxxgDIE<K4EnrWoa>iGPwfqsOXd+XV4|B<~layq-3%h6j#cL__4x)!w_+@|z3t)c9b
zAPpqS=VUZdSQp9Id7{fHGz}Suw_Mm<N)rPO(eX6bH*9t{8~YL}ubq3xmiK5dj5R`0
zCYxb;ETdG*DBZjHBKE9=VyX$Fm&yC7*u9JHnol>>Uhh7v#3^bVpt8Kzv_9t}V=Da|
zqg>uXq*Ai|@<+^TABS}N8e-;4yUb#9Mo>CMj)KO9@|+!mg1J{kC^!PyN{!=xC6s^V
znv%XozRF$!I!N`KptA451!$$O_XArlQ7sWVUIQm6oPHJ@3n~!GIyCLvk(i+LVR`9a
zkUk2GVTE)m<vPVOV;8fveMl$Zx!u_Xk{uFBGs+QG5d!u4`>at){bdk;_!|O2dwZ_?
zn(C5#iEV0RP9kyCmQn7VloT&lpkXvG(*nF>spi5S5Iu~%6#-CU>#VY2X4((D`Hb0*
zO5|r{icD~&3lVYV_zXJ;=|YHAcff+@(n}zB;lKxRA(vgr@oOXvQ9?MW37hG%0A&GY
zD@&ph<u3iMcx3(BL4lA44n~$jn%T!q)`u|+_;x)DBVHfmD32)C^epA59Uhbs@W)#y
zpT>@*{vYbb-_cjgVLfd>h2t87xH7i>o-O>F#i-6O<N2lSoWWb?8b72JDSjLt%{OGL
zheVTuxm<*}f2FECxw)16q1S<fG+01$P=3OII51VpFtR+SK)V8Z_wr3MTXo&c^_A68
zZZeaQ|KW<+`Vf6u-#oUAbuLi)WC-~WvoFdl>pNs~@Z|4nB)cZ@i@5sM{pWr|uz>y7
zP#r5JH1L-<<fAU`WucB%6jND`npCXG41k}{{~A8Gl~Zc4=Sf$fTCryqXY!Y2zb!I>
z|L7uveBXkSi`-GAfgG7NX>B?&uDr>gH)mKXl{V(1uS=?RX??1Osf-n_In#cmwdW}+
zT8LY+hxD31!JhY!H^7vBQ)YxeUtUX$tsC9?EU)IGCVoc%7U+$zXQ;EY4D!PieKs$T
zqw}O+a;avCqVP;rzV>ZEiXVwz4!<(jv&2w5&}*|Qju;s?v^pZs&{p+L5s3DrdecQ_
zN&kTF6Mr|7eVJPoKR+w{vq|MUh3w`yZHPr}*IM*&4Q8CMqrue(K7C4V)Brv;4jQ1_
z&R=`2ewLfS!2Pu?Bu$_4VVvJgEX8R`TAaS`eRERY<fOgr9M&g%3SWvThA6$(+}3&M
zQ##;9Tn`l(yTB1X@NiGjewN=_KFtte5<e%<_pnUi)4N7>+Mt5|921LOLYrVYUyt7T
z%}9FAJC=A4I~h|Zm1Cq7SlvjL*{+Lm24khSX<V81Zp>lnD6Hz3RJzn`eYX0bGYapz
zg4oJfMS=L|$&<>Pbqxsdd|3-ZQW9lm>Rr4XmBE*wcj~(?@vmIJ(~HP2+aw#M2dF(i
zCHO&LS@B*>r-98YfC4wDC@klJ?>f8et2R{L$pYjUzgUhTKL{*qeVjum99Y+$9~!tb
z4k|-sL-Fq-mKq1;ArDJ+93u}Nt>`+iTktdoiTk{+Cgp@`o~54YMwU0_kA5Pxk(XCJ
z^f@q;{(vfwA25ji^TR=}%U0UjO|~$d%=N9+3KN_p2!!|Jmr*-}#Ay+^-2ZAtF_|&m
z5iJx5$89AFKIRA_aybiswv2MF|AwXjp^iDRI&YIm0@Vo2IZGdltUv?hr-L?}8U7p>
zzvmCr4`GH}t;=cfM;kKhsES|8J>{!o&3K7WN5~Y>*`op5gN$CDu;pCoVO0N`;w0?j
znO!;I&nEiURLVE+5X?#M8-xrBlR=ft|AXq&cTU}>TLTKi(x4uqZo$Epubvz2Da3Cu
zecQa_Fw#bha<h3f$|R$JC)3VpXkkey!v#yFg)i_z076^Ou(GmZY{!M9+YNR%cdhGS
zK0+oHFwJ-waX4lW&TrhhTcT}%VScRD-pf@Mmn=d8D|m<1w6Z2k0yQ}F@5|m_Aya$o
z8~ji|d~TR>?aPXm!<Arh=bCu8b^K;+O4ji7E=)VjQL+{x>*$+L>*StOE<DaXSkp<@
zt}x2wZtLok-pDq#jF1ZSMG^tV8Tkedcawu1oEJ>i>l-rO`A51DsnUFEDF0@j*v<JY
z?`Cj6<H6O8g4eHX8O&*>FX;G`8ep`Z9;`qo9paD5TDPNawmdl*U+C0O@cdF`hq(a3
z_8E)GY|zuF>pc2sh0QxY^eSENO=w@Se6MClAvu3nPV7|4oGiIr{_N=&l5(XmYW?14
zj2rV-v<=={aQC;Bm$*6>iAe)Lo_}P2O4mGqJ)*^!%sxjV$Efl+lL_<UEc^a17N38H
zOMmCewkD2uFZ%?IEqcUKn@d)S_20Uq3x^e&<-WA;Vas^)-&p?Nbr^&Eak@3Up?rz3
zb$J8mG@+U%vJcWiB0$DJRUg`lF@njd3x9LL&CvLrC(g(hyAbN$HaUvu44#jaR7Ta<
z5624S90s~`5*cf(v;^tIWSQLNL@6}X<=UMG6;<(!Qa<GycjwyoGi&CCHy)3TzmGWo
z>MOO?-WSmv{jBB{KH-YhvFx_&Oa|=@de4ES5j}bNi`twN;#`_jeGXScwLjUAUKM=M
z5=MXO7BKqaMZk+s#_J!cb$2$jgjnJ}p3X%NxF08vX1wsZqARwhQ(KYzenX>o&33Wb
zN-3!t6So!U?!cAKNHr%L0NIpK>8(Wj(Z})1ntdJa0|EO*r|eQ1g`Q(op4qP>@(A0O
z-{47{n^2)`Oqor%Rmrpt?K_+iE)`P<(G?P<M@}io9kNQTz07!A)M<&?I;8(<5azaQ
zxhL5l^{iHFeE4dCaQ4XI<*4@a1&l`Oq%PNMEF%O0108e0(fJTkj0+Z4<*X+=Zt2K#
zbLX9qyM1MEaq@1SgJ+r7y5}ir&YH~P>iLS0PfpLs_S2?1zRq|GpVVKPhnsEK^Yk^8
zxKy(<m~qWVa$*F{v10G9ooF~`CC^+nvcF6zj1vcq3IeVZ5>GMPCNHyPx~>f)gW8FB
zSmCN?%UxGil05jMWao8G*|L5!xc{p9{*5bU>W3s(@7yU<mD-pu5`lZeGPf)Je%Y$*
zyHRELGae>@7Ok$*A9ZWfgx|Bcd<nP_Ee>ek>|prSwDfzse#6l3Ekx{2qMHF5WKex7
z969kaH(Az*Q7N*qAog|GX7z$XCu;3JXd1fLTBdFZ`t_SQL}ZSPb_<?EdoTaKgji6!
zROHzhGIs(Ed~)q6hAQ&u=YT;LbzkDB=nzFGIz4QQgk*=`YG;0LsaBr4#Ukxn2ii{G
z`qE>|Oytt~Uj5m(rt%laJaOOw-)cj@w`80Vap!+wAY#M~?I%i0Lq*?E0$*!P(0^2a
zhZ>VVL#pT7i}&8G^KO198MS_|(n6Wp2joHg9(NU`nTXFz$=FLp9Kv_Dj&I)sJ-%{u
z$VYTwh?*jjRhkhEyo^N2MWTVQBB}65L4@PQk0`pu03yiTm+h3}r>G#A6I>b8)yN;J
zmPNsw%@H#1kp1Qv4FM?9bYj?mA{wCYL<4PuXaK+eNz*bD8i)d^Vb<<Y;NnK1jO{Tj
zX<bM!64vTD%X@kb4a`%Zf#YPE8L=JmGi=!Ic^FcSwnOf$^6@$vxVR@33g5-v`SL_p
z-lp*aMz<Eh9fVuuT3OZc=vxH`7Cf2{>pUW99LTVhX>aiO!rk9INWXfL{^<2TtITuu
zpg=gfKBOP4H=UB|<?F>ELAat*W!65z_OBM%-&2eQ1McdYv^~6_DowtDj#V5ROmmO>
zU4;ubh(-i%aLjpmu<KIWMmYpLV}({cQ1>zS##YRVY3<3`VXRj(?Xi<)BT_l-aetk)
zU2a^Vws0|8mZdBlH)nF{v;Aqp6Bncc9YVxz+D4)0L;FLuv<9zEmCm#k+Q^Z!75OiU
zuKjxR?o3J}&(bG5(!CFz>l?Nhsw~Iv^1~hNeO5@74zF=uVeI-~eg|TdNgDAO5BDvu
z+SNey_VENYmVLu}rJF&hp=Cvq_VQpvj%4^9;{Ae^K-^Sw$)mC`?uaCF>K<6l`YP;3
zvhhYi(LPd57gw@BsUq%Re{I?C*4W<EI^w2){33nywLFs^f4+W=KnL+PX@;pz`$GG}
zZJ8u$LocPsv#*4JV{8%QX0hMF3W6hoCg|<%#p9#Mvq4il(-S;oKqqRskkd<QIud1i
zuSrwIx`JE}N~!A$^{ETti;+FAX!33-U2DZ`X9f*8TZ4MmGvnUV>qVoLpDI&^&tBv1
zX4+286Q`V?+ZrLSF0hIwC5sh$b8e7nDn^O57OT3*eigQR4m2|tUj&y-^1HD+@pJ2{
z_|Zyrnx?|oFDIvW&mr4IS6kNATyw*U`wGYQjMU0|brM{AYg_2^n8G7JWJjPrSVhm&
z2gyINQ82*3KiDtitS6ik-WQM@*X(zC@93rtWFBWq$O36%TgO_4Q~eb+zM+}S?=6{C
z%8d#g1f-YFWk)DdbRk#vYp;z=ix;Os!kVfuZjVWOYzJPH9%VkNs%jzX>*afl2vx@1
zJhd&d>a={iZ|S^SoV0+ouzlhF*7#)ZJ4Z=e@;Zc*d$&26Wmh%HC0U8+hYCz3r3Wi&
z*=P4!H@}Q0oTO489me-nEv{1B#%PPdSsN}H7-k;XAR$a5@m)j+kjF8)_11tsoKFAF
zD*?>q98<krbsAyk^9gOacjw*HQV5(5HH$L1L_Y9mDH9Vs-ZFP<GHnR77tT3YLdm{B
zHJUBDOn#aC{L0aOE*7|~<ECO;)~UkORG!4_>+&_)f-*W@_Ih9-XL@aA8VaH&J!WJB
zZ<&D!2+}HdT(T{>(KVN>TeY{rL(7ocEilndQaHADB|NgWmEAJBLqJB{nO<$#OJn+m
zM|RO-gpTgyEhh@Bl}`Wom*wg_9oSRlP7We-6tg*5`**MS=z*SvsMd0CDNBU->f|IR
zVZqAgjW>!emK22HF(xChOIwCI4~y*6CrufLf(yLpBgBrnU4^1HSZy%8=)?Cq{MyeG
zovW0;Ok%PcziZFmao@G-{iWu)#U2SZ>bY2TXEQZbvbTZPN1d%cboZ_@Ibq(W5|zY+
zVHsTMNI!%Ov4nCK)Jss6b9I@jCh<X=T@%Zt$L_dy(>#X6bFtQraBt3)rb!qaEYwC^
z3(mWFdEr)gmbJi~<kwxn?o1!owVZ=pL`3>{`oWpwh+6TA$kvtqe1n@qii<A;f;GF(
zW@5XJ@@z)AxJwu-Y8tEHi>?P6-2w&OsMXlmV?EMYZv;>5tdY@MX}{MENj9O@4=S8q
zXs`=dIy~p_Wv08eSmY2t%q-1R8hg98rf!siO4%|bmBP=VAPHy-pdj5NUKLE1DLJMa
zzq580xTI=btiO6C`!L;6T&n#kPTY+=$?$zVNn7fpu3Xmfc{PQ_p<#ulw<6g$-^dQ&
z;5_G}lZ30|4P_2p)|ZqokeBqtVh_Ffykm;`+~{pOiVt#gVu$&I_SdRu8ON@wsi1+|
zVe?Pzf<&v{KY31?@GP<#uaaBt3gN5?wf>aJw1dcD^mLE~xn|)lB~hmHiuBtKqa8&#
zhHB@p`5cz2x}&mLl61h}N-xs>8RN7fTak3;I-7K7ccQW~VtMY$$Vrwu3o{SNLV}mw
z{r%wytimd)Mo*n-`-+N6hECNu&Y4a+3r!n+f@nR-qUg0Ek>k?#{6YqLHv5r}PLWN$
zn`YX>b0e2qRoAQ=+~cb4pDVo^;qlaDIVen1Pw*rR%#^<U5o3=};O^<y3!`18^4_==
z9UWsU#XLN(;sZFJ(us^IU|>XF#X7RSzEfLQLfF-3^h^d?F~YMH)H<s($SODyas#m=
z`C?xCfFnC$=jDYDbNa*FkSkl@UZAunB=Di2_F)S&wi_>8YjLE|xj3_`=500HPl>pl
zIlpjzi2{3m36JiEaf67hTw?-4p<@;$@l0G4^0nH&T8S`8BLvT7wt0R=-LswNQI^@H
zgHi(YjXLckSLdZD16|qvIHKvug#FA@BpP_XgXmua4{pf3+nk1x*gNLm$Z7W>J0ejU
zeDjX6Iz~s8W=_nMY(&?Twd!r!=>2XVZ1P$JOK)z5L^$TO`P1{c%r1mcoasX|=6*9q
za#^3+rISl&di$JuqUo6PFuLC1x_IEzHY6`=cBnRysrvb^?-+0tr5NdR2(o`(qQ`Zj
z#>8*#zpf^g_$>L`!u?N*R*(f4F({?js-GU3o#7XZf+i#e`y<ceAhDNK@%p_4_0fbL
z`1_}06^%?ieU|Lz$?(S9+1vuNk6_gD-kc{IxNn4HL%nYTgYBr&5xZYzO!O4H5FF_}
zsM#WjBZ3DFpzgWAw%)@+=zdqF?xMBUiP^MHMiI>V3mDV;tpDu9bvyGfE0D{r=fgM=
z@Cu!h^?EdLvQrC2<#D6P{<1>GvQ(V<0?b|aw|$Z}Ss{}d{?yVvUX(KI@qUSWumv_A
zBBQi$xNP5mi-pd<x2Sqm`qkyG+R43_%vG0tpfMi4cw?_KYWrW&J8FBe?HUV|w&2cQ
zKZjiP|HsGd&UZIRyjH(I9@D(2=p8+9YgUZXJ=CscqV0}{oa9B7;lFc|=)YjCQ?naH
z?LImn1Kor&jJzj{O>wk0&G!0W95HYpvg;|zuVg_nnjE=j){~X-fN2*Ll+zqfp!1;o
zEIGcL$M*6Z@=4QDGD_Qz7}hV0%vWK<2%>1|dIsYN{0EUIziMv(==yur?_UTGaP^hm
zUG3D5SLIA9n&*S?l7-+?C4@&z6I`h)9WFc2fy~HkN3EIdlY<o6oPY+d$jmT|H7)bP
z(7;1plrU{y+y?RHh+Z%nXuVMc8!$zK4kb)8q#bzl`LQ7=1ib|b7`y3saD5`+W<cfN
zZ%rsbgm#d2L*7>%$t*s8hO>nRwpqa7)5v2b?~+qOkj%fTqJd|$eUB>?>!GHkpbBxJ
z5>!<Jz`!be*iI&jgvJpSbOb64B;Yw4#d7nXL;H!^-=N(86<Yf-_M%wp_p3mkmTy#;
zaD$d@%eB~ri8K_StM@BS(Fgps?$>#hxhcb<pye|+>Q{?YQRI100aZ~yorNV9`cG{4
zBZEP4sF?KxZg=4|oUMTQ*O;pR#Fdk(?aMAvB&z=6yrWH7gBoZl0Bu2Qr6`5ii3_H1
zwp_Mfd*!rzC$mcui>gUq<fN^V6hs3I;91ZxltnUDUIv__`?o-#ACJ&2PkvDtYV3B+
zo$PjJ9xROMW#(WaTE;Wh6EliOF$62RxK>PT7IQz)e=Pu^zmP<+MCNrN`;(yZo7&-G
z*2>{2O->I@zTw1(UaYhl@Bqt5cg9LlQ3bvOGh=VpScd1Wa`f(IpM`R<Dobn|6LHVD
znLSB|d&L|D7G1H!&~XgYy>Tu3nfdtX7Eyz{VS*9<?n4O&pvA)wW}0~*#oq8<pJ}kE
z{IlP6JcQnh`YD>X_LHAea|}C)#?mhwGo-w8d(q#k*yOaQVYKG&o!Vn;u>4s&FSXFc
zpf22tF^M(IWpf|#)I{-&Sp~OaM)J)C&*sJWjDhOAbvOMXZ|D7QkJs_QrH7W@Gle70
zIL=UEu1-UN>F++@V@uj=oYbpQ@44+;>=3B>VTjx5UQv^+jWeS0@V37te4u{ZYieaO
zposilA;5iDMT3h6Xx*1h7OV)M+aNL|yi3R6)Qwu6AIsiMvhX$$FanJ>1FkgM#j}1y
zp_CsSB~(U@lo2<h+Uxw7K2n2wMZr;r*oNN4u%$E#U6f44d!p9f7^|!NNKve{KIvSO
zKCye(Y-w}cR_Ky!oagPDJrT9!K={(hxI`vM5q1s(Mx`f&HtI);S1Y(1)VVI+KTkDV
zZ*wOE4UEPgbqcHg)$Wu{F6b`XIb4w{JdH^6YWg&3ihMa=HFV*kp=##Lfn&Y;n?CHQ
zpt5Pdkf$|samzCODsVGWlWBttW7O^}dvKY0>qe&&MxV49v23^7w!KEXw_AwS3%@&_
zBOy$1!wI2UL8IkKy^q`nR0cfE$-*%P!67%z-vVp!2u?MQ;oC2uY3#h_e!aRo@$6Az
z-Hb`DvlKV)E+W(-R%a)0;Fb)Uz)Ez4JG7-FD1q4FGW3(2WSVO{l}*P1wpY%Gs-?n|
z(y*&*#ncme>&p5)$X8odM>eU8#_k4n-p?9NZ3?)`HUqr1D5n*sV^4<D+dK%Tl%2UV
ztAmE6je&X3an?q=y74;!lpE_pBNd1nSe*ETE-fGMsI_QAr%@Ddu8fv^oc&~{9N}AC
z-81EJ!86UbaD$eJXVvJb<Fji4Q&};T_YSEZNS?otLR-;wPmfD{<fy<k@wE;SMr;iQ
zo+v6VJ!iGayrDL|dr$KClgMVrr_Pew4&Jos(Yl-ZS8Hu6s}Vwq6p?=S+*cj0u;u?v
zM)EH*fl8#%a$P2#)8!{2v^n&1yST|%`G1!a{Ky&pmG2!p*N~4u<7M%?lPez!%}DEr
zq?x(*lH>?i0Wq1}tV66sa0mpyF(Vxth4aA$>|OL<A1TWNb}*M!BUyyHTm;nfWG-2z
z+MDj=7!7oiBRQqvcfLK9+1o(_5xmFHv-(_6!tX?hHq999Yv4XU+{^@ZE4pLwhZ92R
zrs^V*NZ8y{6eRt7qd%+tgydhRk_Y3J^qz;2$k3)4?M<Gmb&2oY8KV0=k#F<Gzx^Z<
z`#<e+{qB|(zqSjyb&AQB9KB==?})&sBShyBf+j7OY6zKM3x)G&@aVZw&?qkG%wJw~
zq+EJHEac}qhk?asA=oL`=}-(cexFfwC<j^0d0ZJ1?;MRE#RsifB7C$Gk-7?>tUfGn
zznjTko2mg&0adu-wlr@YoNzceJ*<Q5iE=(xecjm871q(Jh>`=S-3Q{kmf$&AMueF@
zl=$i8F@?vi_uhX9a8JHhH^E~&XcRrwT30=hOs4-TR6TWoWXW6tmD;Xt!p$5*$6;?3
zVfVgx0{{MnbCVa>Qox{S!Q3JPFW(~MVoja3QurMUuCi&tVIPXqk&W!@rSgtkudZHG
zC+RA)^&t%3<&%-F@F=b0TP`AE6f!Z_oE47Kke)Y>a?3$-bPYr1;<%fwQ)l^<-bEFv
zQywnge{Q%Y>(U_%$*sGorNCTW&rO%uvyd@W!LiAj*ALO$9KEAt4Zp#x#m>=Nua1XJ
z9E)5rcomnM0hj$XeCXeGg)ox_rp>UNiy?CgagVxRNkevsx#r;H64GPT8nelgNbY>{
z^-*mk^@!kS$vp)GF}5rRBUYvCQf<Fs5S*vE`fzugR8_cwBq`nRLe8VKwoC5)w?@=`
z1V2+{94A(7G<yjXkzx2d8~WYZ4Prd++!O!R2Ozn=G(k{=^M0zZ=b=)v40rj26|D>h
z9L|H&HnMp0nMy~8klpA6&6K_+O@J+2zf##E#Dc$_*^x550Ba9(s<wsZj3bWB1m6Ds
znWkgnCmJS=1;I)s#LI_Y28Odnm*RaFtRlTUlbV4!AKEifFv1;-P2K*~jq|ZaHv7Zo
zxw%Dbx+N_`2Q4`QBfp1?q+AaVH`x?(WU@6gg4eI*mAmJ4ViU8xdYGs(BpOD+fNhC=
zO>%Ez#i06{v*$wI%?QzP2Zf~8z1Wdh4XFGkc)CRMum6zP-}-^E|L%P(^vC}Pb;H@8

literal 0
HcmV?d00001

diff --git a/docs/wiki/images/webui/login.jpg b/docs/wiki/images/webui/login.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..08bb3c185b5449328356724f9f651079b78a9e0c
GIT binary patch
literal 27845
zcmeIa1zc6zx;H%O5)~w+1*E%kiMU7s=?3Xo(hb5=6jV|`Lb^Ldx+Mf8q`M@fLFr!W
zo9=zi-fr){_dRF7=brET?scu-V2(N0$Y(rbJpU&q$Z_N+;HrX*ybOSXf&$zJzW{Rn
z>OR!d#u5OOlmJ!$0I&gc6fpo5%v}a=6rR}t=wKcN%<Cj3eY*mb0C2T`of5zTpIrj)
zCBXzxu7iKDzvX^@ep28k1%6WCCk1{|;3ozCH&Q^}-Nc?&#^!;Iqoad60ARdC`vp%B
zfw&?2CHimq+Q^7s@@Tw501z4Zd;WK9fgS&iem}9r|3)tQIp?1g_(_4E6!=MjpA`6=
z0=(Qjf}-5~qC9-G+#;gfLZSjfz@I$>0C~V2FahiVT0jP{0Um(K5&SxUPrq3`@Mx`F
zT^&Waxa?gxP0SrkEjY~_?6^El9JzQnxw!ywh^M288O*|!*3`nv#$JNyOI;Hat&O<^
zleT~ox00i@g|&^Gx3h)1x3Y$rH_S}LoCzX{k1Ose>S^a_XW?o>>uLAE-bK_?;>Itn
zi-P%YkGXD0iaVQIimKg_`CAF_PU6Pj#^T}O!Rf)r>ELX|#Ummj!o|(Y#mmb9mf&#l
zvUfG{<gj<4|62ohEL_Z-Z5&-~9PDYoHE3e$;N~iE!_CdcT-4IUQoz*QT!6#WgwLFV
zhsWH6!^E7Ahr^tY&s<1=N0`@=$MnYEx;Hobt#?N^=Lf&^ZEnV8@xa2)!rs*dqy`Vy
z4X$4Y{jcg1B++l3{wevvIf7+GrJXHITrKW^N%Gqgb8z!>@bGE;ec3sAh4{s}ekdo-
z^^F+c4fJ0-@_&e0lH%rOqGsR5?%@1u_v#i-|97kXz((>9p!(Nof=_?VfbE0Khl7J7
z&h>rQ|B)8IJOOzRtoIwIf;DOX4WFN#{8L2!Nv@yd`ll%HPZj>jT|de7Pf_5XD*ThX
z{(nZU-_fpxJqU3<KrD-#0;B;f3=B*RbSz8^Ol&MHY+M375M$sHU%7gTfQ<M$IT<k-
zDFrnX9R(F56)D*b&Kr!(ENtv-*J-)<xLA3aSlL*=HG+bLjg5<gON56<#7ap<$@))!
zknaEjY*cfUF*KAL04f0r8UYHj4WI#ik{F;D^P3~{Zyyv?G;|D1ENmQHJg`8;RR9$Q
z4Gk3?4FdxmbYY_Sg1-ak1Q>*LJW`m~R86pMI1%waj!46%zg^l)tTynKfzQ<09|xC&
zl#Kj3<4q=J7FK=%K_OugQRzES8Cf}b1$7NgEo~iLJu`C)ODk&|TNhV1cMnf5?<Y?K
z0-rs95fmBqDmo@M?sa^6MrKxaPHtZQ+p_YC%Bt#`+LqR~_w5~>AG!vIhDS!n#wRA{
z7Z#U3FR!ewt?%sa?H?Q-9iN<jn->az_Up8Mo7oTZA^_)wijIzkj`eL`D5xG_LL)%O
zpyR<Llv2eqak_Sc_c1on?TEC}W*mAxwXejc&I7n44E*zqJKv`E%gp|<iTVGfnf*4g
z-{&<6TtY(u7Y~g9fB<`X%;~jZj_E<nz@Mg9s6D9u@~aruQ`SPU0EsGL^0wD`fu3u=
zrn`Slzyl~N?tytk0@PLY*o5b7Dv;?S`n}vkKD+Q38<#KPUyI+zEa*+`h>s<GimDR&
z^wBbCCZY8*=KX5?&5fY$+M(h?Brw)?8wq$iLqt~!0*d5~oJ3bG$qb|`L<$Zk5RA6W
z=`~@Wei>O3r2|_)s3OlQ&}*xI?7n^PQkDtz3e#>;-aww_S<s5a15HZN23-d80mJK_
zrgVt6^L=NjxGtWSbH_}td>vsWXF}KPny!6BOf?%#&pi>zXR~*>)RVz|_pJ|ib74WS
z$d>+t9bTV^=5ttl@%0L>FhMbEGsojl7A2wMi#C2$s7umgDA7F>s62js)s?r{6I1=T
zBTrgAcmb;jQ|cro2gNH|CCwCx6+3YcAv@-=D@SC*+H#F#k9<#-Ah$5C%s;;}oh)?#
zjA<X*-<<Me!aAJAJzR#nh}5!~!ttluaRLTa*ZM~d`W5ZZZiYrQU>ECEdzUu~kAF!E
zPJ50ZibB*83_yt=4-=_EfxnuFE!$gQCzW@&v1ZK%Y{g(6b=7jFG<-DOvvrDMa+^h?
z%+Hi_Y9uRGKfQ4vVC$Zj4UM-{#Ja2l6FT;KIlkt8$STOWCRXQGP_AmMiY=4qWm*{i
zq(IBfd_{F8fJjx#lISU>8X4-9dp6domn2kf$rES2r7+G5FFn;3?othUL;J-4itU#T
zQp3Tv0g7DGqu`@=2)YfUn_?&=NeYTaxu=N*f{~GFhBFc=CyBkrL#}ylSbfvaeOEeG
zStSIUOSaq0=&(3v{p*<1<!<OK+{?`Xa2MZwYN%UDX+24fv5WWB^kFroIEQ?S(3_C5
zpdP<^MQhvkJ(2ccJ5Nx#X2jRM#C*kg`%UKbpmfyN3^uGp(b9SA*f|68nImySHZzp7
zd8u)l*=60dpQEZzwWz!?T=WiO=o~6;Rm(s`!#YOmFZp3Wee@JZXpCPi59Tr6t{cm^
zAb+7(YZP=87xOSvqCqbqeXYr^dXJH&CS(sWuwVQJ$VUx9d54;T@>o;5Jg*8mJto*|
zh_%Vw<WsPP1kl6qJc}}LP|=M|Mzhj`P8lM#WZ!owEAM)kK#A0^YN$^^-N@zpMb8fN
ztTP8A%UF3|8S@*y{;(d;H({yc{1s7fP+0qALYhSjc+!m3;H>vC;gBM9Abk46k#Bg`
z!(|9+p5JcrT*TpPW!sG=GyR3tGbGT=XPq9j)0ctEoc`#aPpOv@?_nv<cXP*VIkzsm
z1RN4q-J85aTNcQ3&WxdCY!jH7rxrqR5++#JX3D5~0DpEXJxF@6_Of(S>9MAVj|s-$
z`n}wE0mrN><m7n?^B9LiRq9oJ4>GhfteL1O-az&@Q%<o<B#=Nrsjox6xVF|+aU2${
zak&R*A$!I=D#YO>EUYRH(p#|m&V~H68`(AW6CXUEw0P$PPE)Ktx!r-sZ^f#zU#M`(
zrdClkCJtfeOqVOB>ss;-d15Tq87N|SMbq@kyivAsNX$)qCEM_8Lfskud8A6SyyJFs
z<YfHi+S#7jGReVa1qOO%c(i-;lC#kzy52e44iAcDRd2TL3*;G8yLEn6DLbdm@#Cot
zB2M1bJ1v5AvLc>kNmdo<+YEG;@^9X9Cr1NP)->4Czg{^H*RwhUS36a}#z>hci?Q}@
zD?avc3AUo;;JFfq&wLRgIP=59DxMj3gW4M}Z=a6Q!BA@J183ya*`A^wet7T8a)Z6J
z+?m<jBv4KGM!mMt*C9`r_R&1Dn}c2>pB$vBE&S5!Lz=jwEtoa@4p&bvO)&>jwPz7;
zZ+6$Fv`iHVDbzOj%8=@N#;c`WR>pKPpz_6ANI4;Lb2#0PMFLU+dm|1prnU=oOscaz
zpFe(eb&RIF&iWxWTamC2PnNdpO>@qGQGt8`UyD+XtHo+gR~SqX5Wft+>NA>U0ofLp
zd+Nw}qxm!(3254m2~x-j!`Z4%{IKlBW^?nAfT+sK*iN-7)b3cci$nVTq;JDJeDYWq
zmM>vW`or;0Dd(hPqJ^|FZHkNAE1!KG(;nH1Ty_uZA|*HGC+v}M((`~|m#E#ab7MAl
zI_C^<IUe&}NV2p;Yuz)})A!n?!!39c@L}C)TpKO>p?-t@O97a$`J?2!KmpgXoWS1j
zj_~<yHygd~>}O+I&7XzkSp~lIjGiK%T`RC2n`E4?7*4g$q`Gpib(s1<rt+cEf_}+0
zTT4)IzTl;M?ka^42sOH35<*{h7(NkQk1Sw>R#C^|7Qt<~*fXCV(6jnpu`Podr00;5
zmfcAFtZeHvL+vM}MH_O}(Ym0vO;WjlHw=xcbthkQM}T%-h_wGgCKRfbXv>*D4<*vF
zO#4Nod=o4GU{Vghutfs(Eamx*?@q77oFr7|2JQy5y^&c=>cW?7ToWtE*bR(#H<9yJ
z8>D{K=1ZCe@2oIE0!AM|<{Rs)eRlqIyJ@2g3Gf+9SxZY&yrKDZw+Vu~O}oHg{jI!<
z3yiovGKM`w_Yso>w@68BcfnwWT1M{H1>e?Q2*(4Z>#QLTNZ?YqLO*25V5n(h5^{mA
z-KX8Od$k$~6c?TM`r`RIVZKOJWUK77yZ^55%{$_~^6+JaZTO2|KetBZglPGF_*Z44
z8@AjTD)}n=6i_1V{uBmFSkul5`8K10*2}YuHQo5WFAQam+`JxlyeU#x&MC5KlCG_c
zvsFA-*)d)s9`M9M$QJQk93p}K>ot?B^=L?de)Kis48Dr5a_t=F6w(<&dNu;t;p#ao
zGShknEhY8P-K~EwLw_tK+$&qSdN{fDN|BBtBf>IJ>f_*LIK9psVbhXa4HEE$Bw3#G
z?#NDU!b`u<2$6Kh$&1%|`^xT?MC3e+9YK_;xE?@m6$C#UMdWDPa7efforh(-hwL)1
z&mF9BA^c%0`KP3Ryg%eMp6?qz*=9rtKvaf7;d2xo&0BF<APGWUq*oE^boPZnpLPjK
z?y`mOEK>NKQMe9)3{Z_1u?&VE!3A52Y~r8RYUMfjVqSVFM~OB!nLip9kZySVL_?8{
z@gyPEWq`Csph1=xbEQf>CNd$9SY@FxIj7u4Qn0_GKobHBA}2HXlo&vJ>M~lal(wo@
zXw~z!EJ<!X9}-uLr**6-if(s(hvDRwYxRlOwiHcQMLpK1BK6kVS7Y8!cb<B7VVgQn
zh)||vL-bBqU%eT4l6Si(#Xe_FwInnNDoZRSFtRT^M}4de!M7!lH`ke%Ub$};`P7ZP
zSh+!V;bK~5PPzQjrRK@ojZer*I7`yI*OiN}^Cqu!E)Uxbv?~);B7sLBp7Eg8?eYvq
z+-^GTg|U_kOg!w>y9>w0(>>UU%TDsDm`TaD*l}u6S9uG{tD3O>KSitm8H)Y&Ia)zK
zXZ?k^j7l%T)UkV!-a>izqKW5QH|f@JRl`JQ_R@lOX|_xLVq+r~#{pWA!80@{iT7t|
zt}e&carpV(TW3yhpnoqx(z;MJ?z-V)yxEJmYnxF2v6?JzY7xy&j6bce(qi#M`}Kg4
zOSfauOvjE@aap3XmijsA2^H20ajU%JSb`bizzO9$1g?E~2gQCtY?VpEYT@j}5zC`R
zYUL;EVsFxe`bH{H%xv9LW~*DSsCct#gbIsvn-f`oY=A1`X+a6j?CW<gn^hR5B7t(4
zR*l3pwKK*6`S9(};!)$LW4dEm&i8HGi-Z{Kyum&HEF*q?<yiq4B!D4y<9M1)_SOiz
zRA9qUwrlTUAd{t2qCcd_O4aafP@;iR&mNtKdVHdXUQ)*kzZ*!PMLO+6&c%}tvt1rv
zK61le4prdnH^@*-$xg7dldF_eXr-5CJ<C$KoJbNf+sNDC9aJRm)19}fm-C)$i-UT-
zZLJQ!jf24Hrc*@7Sn>drh<iWxW?q2-k8sy`9*dTTH46?v=!q7ks8fqbr+YftHdpVo
zXLbzL^d87i`gpr#e&t1eo^+nzEBxM>-aXfdN?F8ek;2MDNbXaJS=^^<aUTx$i-X=Y
zYlN(3S8c4jS-#3qBwS?7j@j3vEg-obFdFL}>(0l|C*!AO{8@9gxIIeCDuG<M?)?NP
z*LU34g-6`*B}L-gJQM8UxV}g4CuVQd`X!duP>Pq-(L5><O0R~LIo6LYo%d;<Sy6R&
zZ$U7eKW604*jDv<!1<K;l64Lbsr?H;zRgT83};nyemLl1qB?!I^6(2=A}gnoyusXa
z0Rnp8NRqC+?uhAAZAsSJH2K~y{af$m8H0=SifT{E-ga8NUa~K2i?<`vZm*oGgDA)|
znuA+`4usOTF#g$OvnE=nQx(mrhwANNoMox1H&`I5zVc+arI9-MMnaCNAzyu<^-735
z-ZS<7pvY>N{>0{-TYZ49tl6>FOx25*k2uq4k${)T1>0(_rE7MPy6iCxc~IvLQPS#J
z_l{6*KEZ|{;bl%@-#7v_Dz!Fv_b~iu#3O${zBcl#k8z#{XQKI{rwVGRR5IQsscmy5
zz2taQbMARg9C4*8?&*O*pElL)_~VjQxBf0Cx0F_knKcmnP7VvmJ)jp0TT{71Gg`xz
z@Y;UG#_~bw1*@Q?JNr_pgnVX6%6l`W=iaMzG-i*wZSH5d6()Z<_pjU!b@+ff`!zC&
z7zxyE!U%&}LcRJ^_%9b~k;Jg3l;t*kqB?!!cIhc^@>7qjV%9$Ono>y3!yH$8sGa_C
z3>IL}K9Hihq&=Y8lRIp5RNEKw-aIazbAOC?cWzs7HDA79TzKI#)>x2w{`li47n)D7
zs;R-b*S;&U2L`v@m*6g(s=9o~fgiaa77eDDJU$(TE;qQj;&z<9l8DXwra_wAjvtsg
zp*nt;LaMt#tvQ1PVwT(UiexRbg|WRFYPm*hY#40Jts;W?C?kD_T$0PRKQ1__w<+vS
zl^*I)Vz5(k;OoykVz?@c?phorKSl!8;i7=;YfDgU7|ak0KfLpGclm{94>7xiq(TbQ
z`2OVv=3>!q-P$q~X|D(*;I?6Tg<$f-W8Qk%CUW9^4VUZ0B*lF_$34nQLFpGGJ@rkU
z<LP<DMW(GcK0~erQD~K_MmeWE?sYr!*5Bi*-)k&*-cUm`-TlgSLuc<eY?S9Y@n^_g
z-1df1&JyRsDSE_$lR<RZb)vD_?elP1{K$m@h?jE-WLH4I&Pi1d?`C)Mb*ZT}gLx4V
z@p$Hvq&8Eg=dt{K<;|bgOjvf+PZ~k&qs=q^SGCxm_5QjA;3w^Vr=43P>Q~~v(2{Ia
zhqn{@C@U&eP7M2+)D3>oYa3sgT1{j&E;N#t6v>dlr0YYRd*TG%<4fzDI7pz<2?>OH
zTUfA&#WNIo<(xB@TtWhUheb#Lo{j_-UEwW3U;ECHfbHDTDHlS>C>F|Tsm&@rgdoxm
zgs+@wA%Ug=_)aZk9_nd@fLA!2U63LHiW0^2FiXnZJ(XisBXT5=vZaqe0#GE-z6xS<
z;`x*l#7NVZedBZc2F@UnIOmMsAL?iP(ENTa^Rh`-IR6i|!+&gkV{kR&^|PPD`{UyL
zq~8A^-pjRbM7LJ5Z|PPaHcg;myQ?}(<4CNsVUz)->=9AjRe8?O)`t&^y>66>m4tKF
zePpOY_pFpS!6<rX;MUGa8X89V64TsKq;~vhfrk0M$v4BCDwGKLTSEELgxa(uQ;!7R
zL?MCI+>ODFUP%miXQ&qvFkwOh1FB<LqrB6TVj!kd<Ngbp%b(lk|D(2p_O4MB33TpR
zA%XkDV83s*<F&KS-H<@Uav!2O4+&(Lm+%)YmWEV;N>rSG5OXT(-_jM|V-QH)5Lmf*
zngSj=vPQ8+HecBgcVK;II1ofoSOaHi%<{lEsJce{pTH@3d~%anmRzZFAHyau-3t!^
zDXWDf$@Mk6B&&+(j|BGgQ`HE|+>e~DDujl%ToxRkE4m&p-xlK6S?5`MFE5yp<{8ht
zb+g*jVwM~YKkP~>1HrK-V_GZg&@${b(|}|X1oCdIZg{?|v7#c{oY#;?gB24~!mFSn
zIN#V{a>HA*oOgj`=4ooK*rSezaMqyZvwOn=d9GVG%_|ixFnt1VtuUnmJMwH9R=P53
zDz#b%+K5V_)nXeiw_p`Qowc!{4t6zrNn07xUJ4b}aeuLUW2Y5kFSuN%L>7biHBH#s
zDZ0p3&}tZt_S0KV+q`pprdD7{9K?^Ud~zo|AM-aTyVmJ0auKy~KQ${w3u~`h706Ll
zlHf3XrB_I}am^<GElyg9T+gjZSt^k}xI&%5=h*XCRMLnB&<bafTj(HAq_vBf#H-#~
ztV(*8Jb-y$jG6LsN7M$iI5zDmY;vt&eXw*`RmWR0&G(|nEz8zEN)h)3p@m`HtJB9F
zPWrDXhT`LE!PSjO{f<HZ&ZysCQ9c<{!I!*1OVArz`04~(FWVsEN9NJm8E@AI*ZZ#2
zcjhUq#&cYdqpt5ET2zogdPa$23IC7GqtoqTy$M1Mxt8yE?C-qx{q?ew+Zum^?fRHu
zL=2YQ=->&Qb50pUbB8l4b6pE!RX*k6ONUCs;{0x9>{MHwpTI!&?E*tIq;{RmPbQ<P
zw7lGOwDL`h3VH{b0YYPcaD_cj!=`1uuMzYsnW3r4(~mwBjjCMJrkj$`N4ps_y1+s4
z-rL`}I#6upEtD;hrQMlts$|WODCTQ7t2{eTeMDjgufO)HkJil$j+w?Rrm6D7;r$7K
zr_ix5^qQ~OkV;M-G0U#cM(y5&zFJm$mR+vr)Lngf^gQgB<fPFId7r2ctnPxu83RRp
zvCVk^Z_6m`!h3dKM=-_0GNe>ymEd)_F$k&+QKwp>>OWk9v4w~Qpd_sO3{*6l=HMvR
zG%c%aYjKw}Ej=89Y&<~%H;V%^V4iyOR@P>Gv@M+)_Ntq<3WkKDX;|d)M;_;d7nhy8
z5ek>nKxMxh3A`Pu=RyKB-W?adDI5C14ye=o8<$Ki$!t(V+q|!h#;|$bx8jzjw3M#t
zVx|bs>(IOQwkkR#1Da=ap?@|IV1oo0QI8M}q$fqL0%TPI_SfA4dHC>)XjQAj?;hka
zuSR4E3mf-NgQtK@+IJj*@+Wz$#}9uvcS;nGH$Wp@Z_33JbtEA3!N^9x!;IV><Px6m
zbzSPSKb|}FL!Y$IpO2*+62dQtsk{x%IC?YQs6vV9K_>qTzKegXjyT?8$$7XS{19K|
zf`ZX2%iFla_=Nfa64<<+aw@2>r!Xr<*6o-c#PS@Z1@QNDH22tem);0IE{_EEHQd(R
zmQ#L|3*`28RQ^HCd1R^@OCk}C<&(u~_D1Qs11hgLzg=XR4H}@T>0$S3yn{g5l;(Uu
zEE6Ph`|~<$D3NnO_ps)5=FfPsx%vF6U8G#98rB*A>S}t^=PPSkwnk6D9j`|IZ#g2m
z91x|A*$K+<gU|y3b=8-x*@g-YY9uBfs8F`K;jBYx81ZaGwjOpci8j0|QPvsW)uw|c
z(t?*gKkXzgr$-`o@j?}rnPmJ)LhEZ#82k%finJW;i;w8*Uvu#bYOfvPqKiCPyy_)r
z!CRQ);*TP}f>x4N6w&+Fj4Xd*lp&l#0)-HTGEETvkJ4o6=Ei(ZO%Gy~@g)6$XZD-I
zns&t}kifVAWdA|*a&)~rPt5%P4VK_d0K0a`%lA%nR?3=wk8UZ?5R#rt>ntO7VY~Rt
zPuZhM*nDB3*YecaJ0n?Nq{~p4zv~b;cjRd%&tn`+jS(xibmZJ=LU(!ubWo4D2YC=`
zu_$J>@_X3!(vo`4`3t{83zNuSUHFe!;~&K&KbAw)haWrxS*)Vzv~|BgfN;9}o1ExF
z{qb-xirpDQ$R<F}Fmn*0k@bUBVeP!%P9D?m_r1i?9}fqwoOdNB1SOD71|)FGD!O0W
zuAd-#|J!QF^t17ZhYb2AN$6#zCyf_E4_yyzB|jz?sSQBKbqT&b4=>9p&?r}RC%I#6
zrJ|LwxwbySL1Y*ZK{_!sl6xlVU7-jiH8KC+P?6_`h6wq&&A#fbmLTTL|Nf(#`L%_+
zDWe6-a{y(0u{z`7+#YBzV?+YDwg>Rj)wxrG9IdCACrvAL2t@>uLjuC5X{ia^IPZjd
zk$}Y9uJPCJsxYUb{a*jK0^lkATmEO^{}-r%LmR0AF{^RZNWQg*?(J(kqW%N{Aw|?w
z?djFrJ7W2!8S(u)w3pW#BS>H)1HLK~9d{$fnOMU-(h<lsDnSB<6iDDUe`H%!%Z@@?
z#Bc%2HomPCSwjUI1zwy&mlOFOCgtfBJ#`;j^vvlNbS6T-uMbm<6$<$!_+{<=N8G1)
ztOFN!6IaGk+MlG`^l(a58W>V`@6p7qNY=Zo$@mYKa~AbPq$c0k<y<mcWS6+L&646!
zwtKh9_DMJXo2EFPx*^F5!Zi{+@oOA!UvLbWTQPk$R`F|Chiu|=ZDvnx27e|OZ>dZ8
z;=Ll0lWNPE<%B2mrm*z2mM2*|nLS#svXdThRIW{Bgm8TrhJIi?1}Dzia*lmcfnL}*
z_Zsc@$L3$jQ(>L^ab37LELS+^HG?2C7zr3mofH}T8^s-;gm=@0tHTBMP+t42h2_MX
zJX0xlS@jeJ@!;_74$yO(^0kQb`I||WS!l<R84_shJ62sXfV)G^HbEO0sgy~%di`%D
zGdimgoA4u09OH8Ow_4|Tk<!eBBhDc6vJp-f<4E938G^_VBXB@@mlIM)b8!f73BR#;
zR*D4Xtj?Kh@$l1=es7xk_x@Z-D4=4$H~ss_(pT99gFJq3`?vm}{W^9;Uw&`<xBh}t
ze@^8$D*a=tf=;t@+;q^}6hG2cgigplwKU0{3FJsPZEb;=_A~9j36^oEr`a5qqPT>6
ztCS;wveTh5;sFU_tV#I9h4q=r8Kj8B#8m|<b(nGp*OMGV^ld=n46hB`^Ub+P84drX
z#(*X1oqY`&P$9EA$k>8xBFc3Gem3z3T2MNlJPk3;Of>-&m4A!f>($(anXi&yA}Bs6
z)@>@%P@tCCZ$s^?xNKag%HZ9W*cw;V(5{8I6w7<q5q%)4B47wVQcXmilbVftk(*Di
zT>(3>lMZRA%k*6*maJddU&vA1kT>P+aKmfQMBSjJz1DB}h$+3m&{)cbqONk0{9fl%
z5{fV^B3<KVzqbh<_@8T}1F>@a#I6HnP>onMe<~R^rkQ00;ro)B8;?}-nmYz_V9)Q#
z8CefQ5oPR{eI;3dJk;t#(d3;mR%5413vFB}2oKs=DpPy~)l7MR`I~7d1MDct;HqTy
zqnqieic`9@e2hIDSA}_TQ11Ei-RmpRm9iYWy&yt==^D$8WEK0S@WDr%1Dfv-8X2vk
z3582vUx!Y0c7EwFI?jS^-1%kz(_)%8=LL%P`B5Z@RSy(3YpWjJ4H*O8UR^}L($QqA
znmhUYMvTqEQw2#WhJwESCr^&A0~Jsyfvuu4yXu-i`bUnt7zntu`ijJV5{~?*YDgNa
zXxzw%Lf@vlhws(yxEYm8#I5Tw;4)nqEF6LTs%<dVScAGlL^8%7m5K(gKkE4oR3R2%
zoElLZC^3Hvvi14$gHo}l@`IiqQY9GH3?<SC$^Ml&%2$wp&YZeZk?7U?(rhW0gV8Ii
zg}4ZUVYk*(6GLL?$yP=)e3<09IJV;tVod8EKG%F2Tn-2ki^<W~P*)5LX!_c-k;U@#
zQN}-Eta-(E3nh}{9HkrO{EpjVgF4LTwYD0ZbHNlLT~IG}DM6nJ@9|pyo}mPhajt&a
z#~FqyHCw{>4w4i2jlBcBF|B*e<O}8dZ$2DWFUiV~a?bHy#b%;?(vKka3o;)2jF2)*
z_MtfI)=#J~50W?EGYg%UG~I;Iew+_WPHD3h%T89blk*K*@m-MF$$b(2^^uhDrx0p<
z*YbN*_V<mO8B!*Bya*u)440}yUUuO=`N(suW-I7HXfPLN8f7B5d7Js9C93*T2qC6$
zv40STSyD~K-WF#vosU>&e*yVCPCXV@04~nEb-6sQqR)F3f?+tgZyps7Gr5nhP-o)K
zrYE&@Kp51J08HNfe)QJpX9oH%5&Euo_p3iNLsXA7s;=?GvvAlkRD=dcahJ`|*^6E-
zNKq5hnjs2wnS8*fpPjJW%)7~#VaXTGK5d2e$k$uL`+<rDZpBvOAPxtKfacRubdoND
zFusVfpf&3Z_{Qlr2{%WfRcO%kZQWQUohrL&A&a-EM-pt>ceRyn4w!@Q9NgnJ@xP3r
zm!9+<R4iF8{oVNUUtL*~DqlOma;InSR7WmSG?b3f7*#k20WotICa0S5MGlBJ7p%Q^
zsyO~_C^*`XqQ~LY!G888e7owiHgo>+&G!=F7o+F7Ao7`U=qgr~<<`jo!A|X5GzHCB
z(TQdk^D-XMA>>GZHv>dgZcVH;P|9Z0<POA!pT>h<8_9@cSO2wo=(ncwKNGoN1o?cc
zt@>+A2I*n<OI3cYF8Hmff>)|NBrLy-LFQXan$AHY{{OQEB8B?KS&lyJK!QlkI|Sqr
z>3@T1(MYr4c+4<Zw=QV%E0oAZ^al3JPpGnLIQj6eiO0bRf5-_Y1aY(Skk=}deenvp
zaQXf|7!NvbT|$inp02bR?-PJdBpxKN!w+w9S>QUwMgmKq6Z|+{BIE^Pvh@)D>?FAr
z>Ung|BnbwJrG_J<!jZs>48*k*0(ieH5}*aKc-z3HIn9)gU*Fe%wCN{juqzV?nq?n+
z;>Ec?3{;$LVaxQa&3!a>?6#-nG;Z98Qvj0);H~DG8QsgWJj|*j#pIErvL|sfh`BJ_
z;J@05|LAXDxqh(Kt-*irmUwQOae&s5Y!FobCalor{C;rzjm1Cw!C6vhQB&@YE8Rah
zNFA7I6}SP}rEWq3C9fg-^cwlwpgV>Rw345mfR4o50t$7b9V^lB7hGEM4h|C2-S~yP
zN^DlPGFfp)tIYm5#o0P`>0Vj(#Pn)Cevd$x!y~VqiWmvd_BCLqUC)s-r-QGCv&G5&
zWxFtmJ*3l=bFM94S)`ps!JrAW%|mvDvYs6Van-@Lt4<Od+LL^&c%?n8oY3F;w#D4k
za!93*k2ECJsIngQ72LfUUD-~JiP4wZxiscG-+B?9Wpmg_D+%2*RCo~cX+8~8993!+
z&-*C%AtZf9ua&qx=OW8S)b=W39rn_!#`zP;M3wmE6On_wmC@OhvCh@gNGBy@{qw?-
zk`kpb{POPo-J=NuuJ~o)y=(Z}mvO^HL>7tBBkFm}oiiAozt`2dpGPG{U9mB`r>EdL
zBe;)YQ?hMU6?OJj)=`e;IfHiW@e_oMoeH7}G#d5y3V*0F<<Zd@2zq7V+r$RCV^Z{!
z!2pejmez~qZ}Gx!He8xhc7=7|^>e3a>ai_7+$mp(F0_|@7@;n7frB>M7!l-w-sZS5
z1#{p=5M4pk2<-~A`0l_qN#T13SO~Nf1ZP@2TY@g_-pwFr<n5>IP`MMG6|wLv*a*J*
z7hTZ#<N|ueW?%Mfgvx$sIAhm}nwJ0k;>xRg01o|eoVQwYzJ9MA`(V@qI_Jn2oyHsu
zADyN>zG!lCa9WMce5#Hg@#`c~c%FH!`l|=p$t5kT3C<YohpXE$`aUg3Y8_<mucB$?
zQuEMVKV1q}W*yW*)V-W)Iv8IKJxHz6?H!g>Ok_{KKk4@@$LvJyW`+e@d&I1Mog8n_
z+dQuQmE`E)Lyq1DJF*_Ejp=VY?Qh@>V9%5@zxyac>!Ntbq+`YQpm|DDSLW(c@xe)B
zTpvV_y{RPjBw+4f5A@zRY{fL$o(WBwfHy0#aYBBEHaTjgx|i&{>?y5SEet~37A4-m
zFlRrs`o`~6pfT6;1_Yt+POVJS^sudsE%!OtdcJWFke)1M(za1HLr`@rpPEtjN4IQ_
zrf9$QC$r?sXys4ViKbF`;_s~N6vhg#oV<wLg4jIkL;}f;_oq(w3n>yj!se4UKgTeR
zpl7MwnB$5*dbG`VdN%B$H!UyH5GEF9r}QPEln(QjctfLQJJxYcJKt=8Wm5^QUCxD9
z5>8V&$%dnS>eVVdx|enk>7ml|d~>%*0nc$>?yk3q{t~cc5})`{IkjC)JE(<w^>dba
zkUl7n6W!3_SJ!lG0*F-QK%L_rrugK3aPIWP#Ol~l(F0BMNX*9?B=_Du++|tyWu2aE
zh)xvzk~b}#Q+|v?HQX6mch=x2cX+dOp+BQxhoscW>+m=_E4bU*f$6aUb}SQi7ez9k
zQWKiW4%Jrgc8ZISgPR%U)wugMCu(OI!dUiOUCxeIT;8*-^10h7v`?;!!Gfneb6!2B
zR8z?RsO<DeS=rHPpTDyrly_mLh<4bHu||v8M1HvXJ`TOL$VZgL$(jZ{xu%L?0?u^v
zWC_gKsXp3hT{KAzh_j^eV6Hyr#uwc2jvNEsnThxOyy9<&G#qICiJ!Onx4LW7j}-}J
zf$mHs@cB5n<X{4BOkb{KrW6T#ZZ^!Jr?1H&4ik-eemN`9&$#_{#s*3Jax_UA_&-<7
zvB>T#q)7YUk{sz-6Wpymc5astT%KG}V3_G<V1J&`WpTe)hGBMz=2h}*;i4v7ER{=o
z&HQ}Q9JO(o@}}l=k5|Yk!<}CGT6?3Q8*#{%g`FDGtNJ&CjGzc-NcVRn%kMM*cXe5Z
z_b_672s7g%*^NS_5{$#DN^Z2edojI|<#I|IxSY~jd2c;FEZt;0TS*f7;_Ce+mNt`}
zP5tDP!n%=R&f={Mm{@LzXqUoh<)r(#D*D`pp4#PIsY?pfEA&8rl^k_%Qn`0_iokgc
z_nf}G2U+)2VVAk;c1>qCw8%#NWL74}is@yu<%DBSH^V2)=1(hOu-Hm}n6EdR4+ZQ)
z5n_a|+s@bQu|18K&5de+t49URg;G$sx$U~&Yk^70D0FR=`>rP(ZSeumq6A`R@UC}1
zVjw49gt$_51ZfX0R#u9+*H=n&`#gU&mFxA`QM{sA#6hZg=~Tl^<BjOEag2kiDZ%YC
zp~OZ@(G`1_poIqy+!UvRed-EuKKa@m+TyOtMwSv!lDS{XT|{8AwoLXN3JhLOak)qr
zaHyb2VXSXR_CtcE@%CxZ^FF=36{6{OC+Ysk{%E{)?7a%!TUno_M3)87{dKG!VbexU
zYr)SMClxt{^m`9;x1JhH)aa6EMFgd%VMXegRq3@Ox@$oMVZV<jLKbSbo%N)<RfTYR
zTNvw$#Vz_VKr8T3%i?>{k$pi@!G0C0YF(x(>xawtJ|%Kvg<;W)`?7Fof`V}4Ja8XA
z=Ay1VdhK3y@}#1EFk3FM?$$Qy_T<FmyA0l!j<Q%)0vS59)TNQkjKf@pSxpUgLt<>4
zBj}q@Eg(Nv0-Ky6`Jn8V0BY+0Mtx7t`?{X=;Ey7_z)Wwjq`k%)nz(u0!-9>R*1s(b
zs*30aWqb-n%GvJRyy1re8Z@nF6)@st`;^$az<9y~3G6L`62njboca5b%B$TI8VK#9
z|FRIY--k7&3$ai{3_IgQ0*Ht9@Gsr)0GdCvT6@Jp{ls`$v#1Xf-Z^iA*aKga(QW#^
z2%Aguq}{q_{-7?$%`o9^604A08Wt)<1urZ*Nmx%)vJ|W9$WXjbFS|3C-Hsxp05#M5
ziE?^%c<qfdVen`kgB)LDLIT9Ms&1`+UUq)Q)@XJAGEaZXZCkzH&=K$*Qu;oRf_*8I
zyOSQB`XC|a7_KzLr2F8LoB8dClc;)sMhQ(c9&BMsPAt^&)!(9(Q2!*V<jQ}y2a)?d
z1?5{7h=R%uu9M}aXn80gy97pOijVDPbOs~5N<OQp-Xb_5fcFWU=k9{II2m@L@#-GB
z-yP$<UO21x^QM(}geD^q3QYv*`JQoCv?)|X<DPGT<nQqV|0p>9&&vJFKx?njl@S3v
zDr%k0l483>z8Dswo<~UqA5k{mfj;hIIk%EiJP;XuQUs%56|<*m6l|!spq?t{45DKf
z7+;XUR}h7@hySr0mu1Hm!S=BB({FE<6v6wAkN^@uH9ofn4~%Depcc^p@-BMQ@xbP|
z&mEr%;(5r|mm9|Wq~N}J2Zlynhs@KBHm!2Ok-%dv1iz0U^}zqRPwL)h<+63EM%R!4
z&gBa5Ek_?DaE=4t$v_ZN!4UpO;9Lm7a9!Cllb=KTeMNs#?SCMz-J$tGef4Q4jn$rP
zQ!|?Gb)tR5>}Ae*YkJ!JaA_1@Ppdy>8?=9-e(xm|4F{oCr=ZH|Cj4bld^;H3{=^)_
zgdHci69sobNPPFtj^uyUv&;HzbGwA$i0bfV7<Hw%5~w3HgND}U2+PuS>d&CjOz!)h
zE@!ktcJaY~mq4?`W?5R#2ihYhARDEK+m*HhbYQg2_oC;wd;tkbll?GlC4N<}V^#xe
zgFO1KzJaVb6Rf@Y)mae9f)9m<Z0q`%dx}Lo4jqPB^&TFnQwLi=JUKegA#GBiA{d{h
zFHA>uxmw6VkWfU-rLV}mdx4pplNz6utho4UVUz>=W$%}nPO4nbv%+?}JWVG#Qgx{C
zmJ~9IJr@r$E7_#gx@F$R46ZBcU)kcLnvzLb!-PbkC9YuRcVxXg-7A_+Ib?%bUn-Mc
zdCkky(Ieq`o{xRdO#l-puho9-z_4r)zJ=jVX-1B=p-A)GtTfPKVAJnCL!C3i;dO`)
zcg8(;Ld0yV;;4{7%4A{Ab9r2^!fLEW?_?y9WGkOzL-RFKDl0pooO^cAYuj1yT8Pyc
z<w}Lgy54YnQC6*CN9_Wki{!28D|V^AtS$?b$3YV6n{!U?Cq`DrufnR2_EYh$e@x`y
zKZI}6l%BuCX`EO#OW9s&(CTNmyGcswoxWZ1lr^F{q>S=1RLaXYyU%_DmU)qEN&CWY
zurJK(({M~OZS~N8Ma9rqXH*Xt!?Yk0ctFr$dsSkeYuq{}ctLSPY`?djhd;=J;Bmy0
zh)r9Ht;-T(cWS+&_&Qt(MV$T2X$d+M9wamJb`2@QYOTs)Hk9(A69{&*{aj9g6MI+m
zA<J;5(8t&8H$^X*oeqx9jXAACZk3kD85phy*N$Gzms#NLaTFou*JB`nd8~O=PfnyI
z*d`l#KTgTgD&N6qPsu7OPHw!DY~pouzUu6Ln3zWIf*18JTWqB^oc=@grD<i!xW$9)
zqyFT_OKaEjDuY_c*^ABN=w<6`qY;NnlB>tQdfP*rWl{{Zg&x!<rrW}wy|3&IrluH4
zp>war@Jz5fzi?^tA)#K<czYa#src-PLLghgQ#OXFZnWe~7D}~M$;`;+OdEp9R$mLo
z=^>f7A820{zw-e^hl=+V_2mToE(Kz|_~hKdN_MnqTd#LfH}$SI<~7w)<wm8*-2i2*
zTQVZq?-zuGVx4EF7<;tuv%lPC1*o`vOcSst?2QJ?gDDbx>9U_VReRmZ@xgDF>hKeF
z&#dmZD=MlGsq`vkx8cZq91cXCAOv(D%9R@FN;Cw$cd(=|N4@Q=b3d{Tt`JCbRgwCc
zWCDYcseDp+6SWSLaJxv_T<S>h01_}0e0us~pho_wk?~|oGGF2tzZVl4+F;4etTO2+
z<=wJI6Ry{FIb`iT8rJJ7w?Mo4qyHp)8Kv7Z0dZRuG_eqz_nM7%yl7ftq`7dS=^2%f
zo=ycT{vpPB7<|7*>MeZC>^$JXC|4lW<rG%TleWz0ee_E-{i7p#<1hb<uD);SujYRk
zZqo}x3XOZAk)=Ru|5Bpg9WCge44R{%XEX}OZpnIX*yB(#y(q~?jR^wcq)r%uI0eeh
z52<paIXOlG9i*VTFf$Ba0Ym*LjlUM2GNVbKd4Qxz2|srN!xgq>WD$Olo%djbLtpx%
zpVfYn<X_4qiZ(Ph>pU%-aB(Ny{d=foB&I#`3`>#TgMT&Hh}B1)LB6sTSCRfapGxS{
z8CttvMFDqJmC&{Kmv}|%Ro{%0qg_?}<hsstp8v|8EzVV|N9!=c);pl)nb)1zZg$UG
zL=hb>N`Z7YU!!Y<TU)ugyLz_DP4A=Ub)XHa+MzB(i8C^rDMNM@9v{BBmuZ#DB)sis
z0C;}Ls@p9tx^7;@{T74v6<#%=jO0C(wK24&ERue%yaecjwMkcxT7w7kGE>iHLa?H6
zv8A@XvSlidw1iv?Sf@;_TTYx%HB73}!aI_Oo!`_%L19v9<o2Jdct5;~?Vf%aW1J@f
zT<ICQCNC34YcCgXJquOg3Xhdg_HAI%ot$^!4H|2F^SD)<5Is`N`m=SLry4iPiiB66
zN_#>U)Q&U7oikcyIh0UMBqV7Za`$nH?Ze_jyfqirps^?=)JZPL5%pdBA?~}Sbcc_p
zm?CChb4C%dEq`$L`>2WS7R;__{y5|mZ8l7cly^1Hek*=(TaMEI-XeWd1N6V`T_n`r
zqzzsE0Mjt(8=GQBj$)tuv2)(%p0Fbf3sHq8@5(wEgguM-2)~{K6)V*#rP|DMVPApC
z^VXJ{Tzry(6p2zvrG{XCdMcN%X*uZuz$vYgGcEH6pzTU9H^$6>jApDrElSW=wRDij
zB|u(+Nr_>w^hkc%SKd_qe7%UsaPr+<&Lw?~$Bt<XylhwMF9V2Z_S08YIIQJPC5h|X
znsVKM*T$UqhyrsRnj9?ZWELikCLH@wt;<hlQFvvl(Uu^uhw(*=Y+OWy%w_J0KKNm%
zdU|lFPUU1s&mdvmS?3+5Cr2_8r(ao#YFsN~rZFbi*mxvl_`+9IRiWE_YE-J*xLMN?
ztc5qZX6bo5`4R<(Qrf)LW^MDWScsgIfY56&HVj5t)lT}nbJ0;vqLaA77feap_S81Y
Wh9Bi~SJN}U8JJQ2Kc29V6aNn~Bs35J

literal 0
HcmV?d00001

diff --git a/docs/wiki/uWSGI-example.md b/docs/wiki/uWSGI-example.md
new file mode 100644
index 000000000..d50455d42
--- /dev/null
+++ b/docs/wiki/uWSGI-example.md
@@ -0,0 +1,49 @@
+This guide will show you how to run PowerDNS-Admin via uWSGI and nginx. This guide was written using Debian 8 with the following software versions:
+- nginx 1.6.2
+- uwsgi 2.0.7-debian
+- python 2.7.9
+
+`sudo apt-get install uwsgi uwsgi-plugin-python nginx`
+
+### Step-by-step instructions
+1. Create a uWSGI .ini in `/etc/uwsgi/apps-enabled` with the following contents, making sure to replace the chdir, pythonpath and virtualenv directories with where you've installed PowerDNS-Admin:
+ ```ini
+ [uwsgi]
+ plugins = python27
+ 
+ uid=www-data
+ gid=www-data
+ 
+ chdir = /opt/pdns-admin/PowerDNS-Admin/
+ pythonpath = /opt/pdns-admin/PowerDNS-Admin/
+ virtualenv = /opt/pdns-admin/PowerDNS-Admin/flask 
+ 
+ mount = /pdns=powerdnsadmin:create_app()
+ manage-script-name = true
+ 
+ vacuum = true
+ harakiri = 20
+ buffer-size = 32768
+ post-buffering = 8192
+ socket = /run/uwsgi/app/%n/%n.socket
+ chown-socket = www-data
+ pidfile = /run/uwsgi/app/%n/%n.pid 
+ 
+ daemonize = /var/log/uwsgi/app/%n.log
+ enable-threads
+ ```
+2. Add the following configuration to your nginx config:
+ ```nginx
+ location / { try_files $uri @pdns_admin; } 
+
+ location @pdns_admin {
+     include uwsgi_params;
+     uwsgi_pass unix:/run/uwsgi/app/pdns-admin/pdns-admin.socket;
+ }
+
+ location /pdns/static/ {
+     alias /opt/pdns-admin/PowerDNS-Admin/app/static/;
+ }
+ ```
+3. Restart nginx and uwsgi.
+4. You're done and PowerDNS-Admin will now be available via nginx.
\ No newline at end of file

From 5f750d1bb802a0bc355a47e3abdbf35fca34b965 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:17:08 -0400
Subject: [PATCH 069/475] Move Home.md to README.md

---
 docs/wiki/{Home.md => README.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/wiki/{Home.md => README.md} (100%)

diff --git a/docs/wiki/Home.md b/docs/wiki/README.md
similarity index 100%
rename from docs/wiki/Home.md
rename to docs/wiki/README.md

From d259a6494ed24f3bae9097ce2df27019ddee8147 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:20:40 -0400
Subject: [PATCH 070/475] Move preparation guides to sub-folder.

---
 .../Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md       | 0
 .../{ => preparation}/Using-PowerDNS-Admin-with-PostgreSQL.md     | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename docs/wiki/{ => preparation}/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md (100%)
 rename docs/wiki/{ => preparation}/Using-PowerDNS-Admin-with-PostgreSQL.md (100%)

diff --git a/docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md b/docs/wiki/preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
similarity index 100%
rename from docs/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
rename to docs/wiki/preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
diff --git a/docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md b/docs/wiki/preparation/Using-PowerDNS-Admin-with-PostgreSQL.md
similarity index 100%
rename from docs/wiki/Using-PowerDNS-Admin-with-PostgreSQL.md
rename to docs/wiki/preparation/Using-PowerDNS-Admin-with-PostgreSQL.md

From 305e529cfee902b490e1d36fd2bf4adc09b2db76 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:21:45 -0400
Subject: [PATCH 071/475] Fix header and update preparation links.

---
 docs/wiki/README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 7902a9757..b5e21cbc4 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,8 +1,8 @@
-Welcome to the PowerDNS-Admin wiki!
+# Welcome to the PowerDNS-Admin wiki!
 
 ## Preparation guides
-- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin)
-- [Using PowerDNS-Admin with PostgreSQL](Using-PowerDNS-Admin-with-PostgreSQL)
+- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin)
+- [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL)
 
 ## Installation guides
 - [Running PowerDNS Admin on Ubuntu or Debian](Running-PowerDNS-Admin-on-Ubuntu-or-Debian)

From 370aad4dfa300ac5d2060ce4697aa44a562e3012 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:22:57 -0400
Subject: [PATCH 072/475] Github seems to require the extension.

---
 docs/wiki/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index b5e21cbc4..10f7ecc71 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,8 +1,8 @@
 # Welcome to the PowerDNS-Admin wiki!
 
 ## Preparation guides
-- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin)
-- [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL)
+- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
+- [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
 ## Installation guides
 - [Running PowerDNS Admin on Ubuntu or Debian](Running-PowerDNS-Admin-on-Ubuntu-or-Debian)

From 4584b2aa24a6cc3c829459ff7bac0d065d7f2e06 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:26:00 -0400
Subject: [PATCH 073/475] Move and fix links for install guides.

---
 docs/wiki/README.md                                       | 8 ++++----
 .../{ => install}/Running-PowerDNS-Admin-on-Centos-7.md   | 0
 .../{ => install}/Running-PowerDNS-Admin-on-Fedora-30.md  | 0
 .../Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md         | 0
 docs/wiki/{ => install}/Running-on-FreeBSD.md             | 0
 5 files changed, 4 insertions(+), 4 deletions(-)
 rename docs/wiki/{ => install}/Running-PowerDNS-Admin-on-Centos-7.md (100%)
 rename docs/wiki/{ => install}/Running-PowerDNS-Admin-on-Fedora-30.md (100%)
 rename docs/wiki/{ => install}/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md (100%)
 rename docs/wiki/{ => install}/Running-on-FreeBSD.md (100%)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 10f7ecc71..c929ebae4 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -5,10 +5,10 @@
 - [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
 ## Installation guides
-- [Running PowerDNS Admin on Ubuntu or Debian](Running-PowerDNS-Admin-on-Ubuntu-or-Debian)
-- [Running PowerDNS-Admin in Centos 7](Running-PowerDNS-Admin-on-Centos-7)
-- [Running PowerDNS-Admin in Fedora 30](Running-PowerDNS-Admin-on-Fedora-30)
-- [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](Running-on-FreeBSD)
+- [Running PowerDNS Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
+- [Running PowerDNS-Admin in Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
+- [Running PowerDNS-Admin in Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
+- [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ## Web Server configuration
 - [Supervisord](Supervisord-example)
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-on-Centos-7.md
rename to docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-on-Fedora-30.md
rename to docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
diff --git a/docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
rename to docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
diff --git a/docs/wiki/Running-on-FreeBSD.md b/docs/wiki/install/Running-on-FreeBSD.md
similarity index 100%
rename from docs/wiki/Running-on-FreeBSD.md
rename to docs/wiki/install/Running-on-FreeBSD.md

From 7df3f033629c6a0edecc7d67b398809ca991d0e6 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:29:50 -0400
Subject: [PATCH 074/475] Move web server config to separate folder.

---
 docs/wiki/README.md                                  | 12 ++++++------
 ...erDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md |  0
 ...werDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md |  0
 docs/wiki/{ => web-server}/Supervisord-example.md    |  0
 docs/wiki/{ => web-server}/Systemd-example.md        |  0
 docs/wiki/{ => web-server}/WSGI-Apache-example.md    |  0
 docs/wiki/{ => web-server}/uWSGI-example.md          |  0
 7 files changed, 6 insertions(+), 6 deletions(-)
 rename docs/wiki/{ => web-server}/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md (100%)
 rename docs/wiki/{ => web-server}/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md (100%)
 rename docs/wiki/{ => web-server}/Supervisord-example.md (100%)
 rename docs/wiki/{ => web-server}/Systemd-example.md (100%)
 rename docs/wiki/{ => web-server}/WSGI-Apache-example.md (100%)
 rename docs/wiki/{ => web-server}/uWSGI-example.md (100%)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index c929ebae4..0a86eab25 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -11,12 +11,12 @@
 - [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ## Web Server configuration
-- [Supervisord](Supervisord-example)
-- [Systemd](Systemd-example)
-- [Systemd + Gunicorn + Nginx](Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx)
-- [Systemd + Gunicorn + Apache](Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache)
-- [uWSGI](uWSGI-example)
-- [WSGI-Apache](WSGI-Apache-example)
+- [Supervisord](web-server/Supervisord-example.md)
+- [Systemd](web-server/Systemd-example.md)
+- [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx)
+- [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache)
+- [uWSGI](web-server/uWSGI-example)
+- [WSGI-Apache](web-server/WSGI-Apache-example)
 
 ## Feature usage
 - [DynDNS2](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/DynDNS2)
\ No newline at end of file
diff --git a/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md b/docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
rename to docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
diff --git a/docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md b/docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
rename to docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md
diff --git a/docs/wiki/Supervisord-example.md b/docs/wiki/web-server/Supervisord-example.md
similarity index 100%
rename from docs/wiki/Supervisord-example.md
rename to docs/wiki/web-server/Supervisord-example.md
diff --git a/docs/wiki/Systemd-example.md b/docs/wiki/web-server/Systemd-example.md
similarity index 100%
rename from docs/wiki/Systemd-example.md
rename to docs/wiki/web-server/Systemd-example.md
diff --git a/docs/wiki/WSGI-Apache-example.md b/docs/wiki/web-server/WSGI-Apache-example.md
similarity index 100%
rename from docs/wiki/WSGI-Apache-example.md
rename to docs/wiki/web-server/WSGI-Apache-example.md
diff --git a/docs/wiki/uWSGI-example.md b/docs/wiki/web-server/uWSGI-example.md
similarity index 100%
rename from docs/wiki/uWSGI-example.md
rename to docs/wiki/web-server/uWSGI-example.md

From 2c7c75b3a6878bcc2ef882eccde89cd41c698de4 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:32:32 -0400
Subject: [PATCH 075/475] Update DynDNS2.md to features sub-folder.

---
 docs/wiki/README.md                 | 2 +-
 docs/wiki/{ => features}/DynDNS2.md | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename docs/wiki/{ => features}/DynDNS2.md (100%)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 0a86eab25..623c70146 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -19,4 +19,4 @@
 - [WSGI-Apache](web-server/WSGI-Apache-example)
 
 ## Feature usage
-- [DynDNS2](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/DynDNS2)
\ No newline at end of file
+- [DynDNS2](features/DynDNS2.md)
\ No newline at end of file
diff --git a/docs/wiki/DynDNS2.md b/docs/wiki/features/DynDNS2.md
similarity index 100%
rename from docs/wiki/DynDNS2.md
rename to docs/wiki/features/DynDNS2.md

From 88b7331db15ecdc9e8a6b50a405461cdf7c17e98 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 12:34:31 -0400
Subject: [PATCH 076/475] Fix missing extensions.

---
 docs/wiki/README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 623c70146..f75d8dbcd 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -13,10 +13,10 @@
 ## Web Server configuration
 - [Supervisord](web-server/Supervisord-example.md)
 - [Systemd](web-server/Systemd-example.md)
-- [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx)
-- [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache)
-- [uWSGI](web-server/uWSGI-example)
-- [WSGI-Apache](web-server/WSGI-Apache-example)
+- [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md)
+- [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md)
+- [uWSGI](web-server/uWSGI-example.md)
+- [WSGI-Apache](web-server/WSGI-Apache-example.md)
 
 ## Feature usage
 - [DynDNS2](features/DynDNS2.md)
\ No newline at end of file

From 3e9fc1f8fc9046efc18b55a4a0318b26072f0c45 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:00:00 -0400
Subject: [PATCH 077/475] Minor update to header.

---
 docs/wiki/features/DynDNS2.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/wiki/features/DynDNS2.md b/docs/wiki/features/DynDNS2.md
index 2fbd9aecd..b59972719 100644
--- a/docs/wiki/features/DynDNS2.md
+++ b/docs/wiki/features/DynDNS2.md
@@ -3,6 +3,7 @@ IPv4: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.do
 IPv6: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.domain.tld&myip=::1  
 Multiple IPs: http://user:pass@yournameserver.yoursite.tld/nic/update?hostname=record.domain.tld&myip=127.0.0.1,127.0.0.2,::1,::2
 
+Notes:
 - user needs to be a LOCAL user, not LDAP etc
 - user must have already logged-in
 - user needs to be added to Domain Access Control list of domain.tld - admin status (manage all) does not suffice

From 6babb1cd0397481a587440ccc6e4428363228470 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:03:15 -0400
Subject: [PATCH 078/475] Update links.

---
 docs/wiki/install/Running-on-FreeBSD.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/install/Running-on-FreeBSD.md b/docs/wiki/install/Running-on-FreeBSD.md
index 76a8f5b74..b37e9c3a1 100644
--- a/docs/wiki/install/Running-on-FreeBSD.md
+++ b/docs/wiki/install/Running-on-FreeBSD.md
@@ -17,7 +17,7 @@ sudo pkg install libxml2 libxslt pkgconf py37-xmlsec py37-cffi py37-ldap
 _**Note:**_ Please adjust `/opt/powerdns-admin` to your local web application directory
 
 ```bash
-git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/powerdns-admin
+git clone https://github.com/PowerDNS-Admin/PowerDNS-Admin.git /opt/powerdns-admin
 cd /opt/powerdns-admin
 ```
 
@@ -97,6 +97,6 @@ Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin
 
 ### Running at startup
 
-This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](../web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md) for instructions.
 
 The right approach long-term is to create a startup script in `/usr/local/etc/rc.d` and enable it through `/etc/rc.conf`.
\ No newline at end of file

From 0bdd09b3f15b13adea9b04626588d1505a0fc729 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:06:00 -0400
Subject: [PATCH 079/475] Update links.

---
 .../install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index 1cdda78e3..acc5858da 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -44,7 +44,7 @@ sudo apt install -y yarn
 _**Note:**_ Please adjust `/opt/web/powerdns-admin` to your local web application directory
 
 ```bash
-git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
+git clone https://github.com/PowerDNS-Admin/PowerDNS-Admin.git /opt/web/powerdns-admin
 cd /opt/web/powerdns-admin
 python3 -mvenv ./venv
 ```
@@ -91,4 +91,4 @@ Now you can run PowerDNS-Admin by command
 
 Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
 
-This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
\ No newline at end of file
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
\ No newline at end of file

From 45e05f94873767b8e3d9ba367aa4164cb149718a Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:10:44 -0400
Subject: [PATCH 080/475] Minor formatting updates.

---
 docs/wiki/web-server/uWSGI-example.md | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/web-server/uWSGI-example.md b/docs/wiki/web-server/uWSGI-example.md
index d50455d42..db15d0386 100644
--- a/docs/wiki/web-server/uWSGI-example.md
+++ b/docs/wiki/web-server/uWSGI-example.md
@@ -1,11 +1,18 @@
+# uWSGI Example
+
 This guide will show you how to run PowerDNS-Admin via uWSGI and nginx. This guide was written using Debian 8 with the following software versions:
 - nginx 1.6.2
 - uwsgi 2.0.7-debian
 - python 2.7.9
 
-`sudo apt-get install uwsgi uwsgi-plugin-python nginx`
+## Software installation:
+
+1. apt install the following packages:
+   - `uwsgi`
+   - `uwsgi-plugin-python`
+   - `nginx`
 
-### Step-by-step instructions
+## Step-by-step instructions
 1. Create a uWSGI .ini in `/etc/uwsgi/apps-enabled` with the following contents, making sure to replace the chdir, pythonpath and virtualenv directories with where you've installed PowerDNS-Admin:
  ```ini
  [uwsgi]

From 4f177407dd709e43829e28a507466fedfcfb4199 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:13:05 -0400
Subject: [PATCH 081/475] Update github urls.

---
 docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md  | 2 +-
 docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
index e61485ad0..18d57f6d0 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
@@ -57,7 +57,7 @@ yum install yarn
 NOTE: Please adjust `/opt/web/powerdns-admin` to your local web application directory
 
 ```
-git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
+git clone https://github.com/PowerDNS-Admin/PowerDNS-Admin.git /opt/web/powerdns-admin
 cd /opt/web/powerdns-admin
 virtualenv -p python3 flask
 ```
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
index e3b23ea21..c51862b16 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
@@ -36,7 +36,7 @@ npm install yarn -g
 ## Clone the PowerDNS-Admin repository to the installation path:
 ```bash
 cd /opt/web/
-git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git powerdns-admin
+git clone https://github.com/PowerDNS-Admin/PowerDNS-Admin.git powerdns-admin
 ```
 
 **Prepare the Virtual Environment:**

From 31fd350f0118de50d388105e27d2daaa2d4a0489 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:17:09 -0400
Subject: [PATCH 082/475] Add Fedora 23 directions and links.

---
 docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md         | 1 -
 docs/wiki/README.md                                      | 5 +++--
 docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md | 1 +
 docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)
 delete mode 100644 docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
 create mode 100644 docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md

diff --git a/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md b/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
deleted file mode 100644
index 7f876ff86..000000000
--- a/docs/wiki/Install-PowerDNS-Admin-in-Fedora-23.md
+++ /dev/null
@@ -1 +0,0 @@
-Please refer to CentOS guide: https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
\ No newline at end of file
diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index f75d8dbcd..8010cc14d 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -6,8 +6,9 @@
 
 ## Installation guides
 - [Running PowerDNS Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
-- [Running PowerDNS-Admin in Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
-- [Running PowerDNS-Admin in Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
+- [Running PowerDNS-Admin on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
+- [Running PowerDNS-Admin on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
+- [Running PowerDNS-Admin on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
 - [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ## Web Server configuration
diff --git a/docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md b/docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md
new file mode 100644
index 000000000..ca84460eb
--- /dev/null
+++ b/docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md
@@ -0,0 +1 @@
+Please refer to CentOS guide: [Running-PowerDNS-Admin-on-Centos-7](Running-PowerDNS-Admin-on-Centos-7.md)
\ No newline at end of file
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
index c51862b16..51b705c50 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
@@ -80,4 +80,4 @@ Open your web browser and access to `http://localhost:9191` to visit PowerDNS-Ad
 At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.
 
 _**Note:**_ For production environment, i recommend to run PowerDNS-Admin with WSGI over Apache instead of flask's built-in web server...  
- Take a look at [WSGI Apache Example](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/WSGI-Apache-example#fedora) WIKI page to see how to configure it.
\ No newline at end of file
+ Take a look at [WSGI Apache Example](web-server/WSGI-Apache-example#fedora) WIKI page to see how to configure it.
\ No newline at end of file

From 99370a9afb182594137cc525c0cfeeab89d50756 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:33:43 -0400
Subject: [PATCH 083/475] Update the guinicorn.

---
 docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md b/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
index df0117922..f69373618 100644
--- a/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
+++ b/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
@@ -1,6 +1,6 @@
 ***
-**WARNING**  
-This just uses the development server for testing purposes. For production environments you should probably go with a more robust solution, like [gunicorn](https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) or a WSGI server. 
+**WARNING**
+This just uses the development server for testing purposes. For production environments you should probably go with a more robust solution, like [gunicorn](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md) or a WSGI server.
 ***
 
 ### Following example shows a systemd unit file that can run PowerDNS-Admin

From c7dbb33dd79445928208c09f0ae468bf9d94f9af Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 13:35:35 -0400
Subject: [PATCH 084/475] Rename Fedora 23 filename.

---
 ...min-in-Fedora-23.md => Running-PowerDNS-Admin-on-Fedora-23.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/wiki/install/{Install-PowerDNS-Admin-in-Fedora-23.md => Running-PowerDNS-Admin-on-Fedora-23.md} (100%)

diff --git a/docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-23.md
similarity index 100%
rename from docs/wiki/install/Install-PowerDNS-Admin-in-Fedora-23.md
rename to docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-23.md

From 3e6804442013ce2d31b5d392625294a6f563350c Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <109844019+pneb@users.noreply.github.com>
Date: Fri, 9 Dec 2022 08:15:13 +0800
Subject: [PATCH 085/475] Update utils.py

This should fix the error you were experiencing, as it will now only attempt to process the `data` argument if it is a tuple containing two elements. If the `data` argument is not in the expected format, the function will simply return an empty string instead of raising an exception.
---
 powerdnsadmin/lib/utils.py | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 9e7cf20cd..5a62ee362 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -119,12 +119,16 @@ def fetch_json(remote_url,
 
 
 def display_record_name(data):
-    record_name, domain_name = data
-    if record_name == domain_name:
-        return '@'
+    # Check that the data argument is a tuple containing two elements
+    if isinstance(data, Iterable) and len(data) == 2:
+        record_name, domain_name = data
+        if record_name == domain_name:
+            return '@'
+        else:
+            return record_name
     else:
-        return re.sub('\.{}$'.format(domain_name), '', record_name)
-
+        # If data is not a tuple of length 2, return an empty string
+        return ''
 
 def display_master_name(data):
     """

From 9a4acf53058b698f2e4089fe9ac8e5fd73685048 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:33:57 -0400
Subject: [PATCH 086/475] Move configure Active directory auth to config
 folder.

---
 ...figure-Active-Directory-Authentication-using-Group-Security.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/wiki/{ => configuration}/Configure-Active-Directory-Authentication-using-Group-Security.md (100%)

diff --git a/docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md b/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
similarity index 100%
rename from docs/wiki/Configure-Active-Directory-Authentication-using-Group-Security.md
rename to docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md

From fc01be4cad625db83106ec0164fdfb6c908fca9a Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:34:29 -0400
Subject: [PATCH 087/475] Move systemd service to install folder.

---
 .../Running-PowerDNS-Admin-as-a-service-(Systemd).md              | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/wiki/{ => install}/Running-PowerDNS-Admin-as-a-service-(Systemd).md (100%)

diff --git a/docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md b/docs/wiki/install/Running-PowerDNS-Admin-as-a-service-(Systemd).md
similarity index 100%
rename from docs/wiki/Running-PowerDNS-Admin-as-a-service-(Systemd).md
rename to docs/wiki/install/Running-PowerDNS-Admin-as-a-service-(Systemd).md

From c5524dc9098b89ef3eaa45ad5dc5d9927ac9a46e Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:36:55 -0400
Subject: [PATCH 088/475] Fix link to gunicorn and nginx setup.

---
 docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index acc5858da..b5df0908d 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -91,4 +91,4 @@ Now you can run PowerDNS-Admin by command
 
 Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
 
-This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx) for instructions.
\ No newline at end of file
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md) for instructions.
\ No newline at end of file

From 1ced360e5fec0efc08bcb0a5e91e169bd9d1bd4a Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:39:25 -0400
Subject: [PATCH 089/475] Fixed links to gunicorn docs.

---
 docs/wiki/README.md                                       | 8 ++++++--
 .../install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 2 +-
 ...ing-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md} | 0
 3 files changed, 7 insertions(+), 3 deletions(-)
 rename docs/wiki/web-server/{Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md => Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md} (100%)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 8010cc14d..b7d2f3daa 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -5,16 +5,20 @@
 - [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
 ## Installation guides
-- [Running PowerDNS Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
+- [Running PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
 - [Running PowerDNS-Admin on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
 - [Running PowerDNS-Admin on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
 - [Running PowerDNS-Admin on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
 - [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
+### Post install Setup:
+- [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
+
+
 ## Web Server configuration
 - [Supervisord](web-server/Supervisord-example.md)
 - [Systemd](web-server/Systemd-example.md)
-- [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md)
+- [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md)
 - [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md)
 - [uWSGI](web-server/uWSGI-example.md)
 - [WSGI-Apache](web-server/WSGI-Apache-example.md)
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index b5df0908d..b4e3b66b7 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -91,4 +91,4 @@ Now you can run PowerDNS-Admin by command
 
 Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
 
-This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md) for instructions.
\ No newline at end of file
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](../web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md) for instructions.
\ No newline at end of file
diff --git a/docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md b/docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md
similarity index 100%
rename from docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn--and--Nginx.md
rename to docs/wiki/web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md

From 3bcda68df9947733e9d5c09d147db5167153485b Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:43:10 -0400
Subject: [PATCH 090/475] Add placeholders for environment variables and
 Docker.

---
 docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md | 1 +
 docs/wiki/preparation/Environment-variables.md        | 2 ++
 2 files changed, 3 insertions(+)
 create mode 100644 docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
 create mode 100644 docs/wiki/preparation/Environment-variables.md

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
new file mode 100644
index 000000000..6af7286a0
--- /dev/null
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
@@ -0,0 +1 @@
+# Installation on docker
\ No newline at end of file
diff --git a/docs/wiki/preparation/Environment-variables.md b/docs/wiki/preparation/Environment-variables.md
new file mode 100644
index 000000000..d83b744ba
--- /dev/null
+++ b/docs/wiki/preparation/Environment-variables.md
@@ -0,0 +1,2 @@
+# Supported environment variables
+

From 254c00ae92181f5414a015e3c2698f79c6146ab2 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:43:54 -0400
Subject: [PATCH 091/475] Add placeholder for getting started.

---
 docs/wiki/configuration/Getting-started.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 docs/wiki/configuration/Getting-started.md

diff --git a/docs/wiki/configuration/Getting-started.md b/docs/wiki/configuration/Getting-started.md
new file mode 100644
index 000000000..44bd3c6c2
--- /dev/null
+++ b/docs/wiki/configuration/Getting-started.md
@@ -0,0 +1 @@
+# Getting started with PowerDNS-Admin
\ No newline at end of file

From 59ab3dcecd124bd03ffbbb8fb46ad572d3d91215 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:44:10 -0400
Subject: [PATCH 092/475] Add link to getting started.

---
 docs/wiki/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index b7d2f3daa..779951ca6 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -12,7 +12,9 @@
 - [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ### Post install Setup:
-- [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
+- [Getting started](configuration/Getting-started.md)
+- SystemD:
+  - [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
 
 
 ## Web Server configuration

From 16fbf412d874c14b6fa5ca27ee181c4b108e417b Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:53:14 -0400
Subject: [PATCH 093/475] Fill in DB URI and secret key.

---
 docs/wiki/preparation/Environment-variables.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/wiki/preparation/Environment-variables.md b/docs/wiki/preparation/Environment-variables.md
index d83b744ba..3dc0ea0c7 100644
--- a/docs/wiki/preparation/Environment-variables.md
+++ b/docs/wiki/preparation/Environment-variables.md
@@ -1,2 +1,9 @@
 # Supported environment variables
 
+| Variable | Description | Default value |
+| -------------- | ----------- | --------------- |
+| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | <no default> |
+| SECRET_KEY   | Flask secret key [^1] | <no default> |
+
+
+[^1]: Flask secret key (see https://flask.palletsprojects.com/en/2.0.x/config/#SECRET_KEY for how to generate)

From 5a58e70e8cdb1ce54dcce07f40f7a17e41f07572 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:53:30 -0400
Subject: [PATCH 094/475] Add link to environment variables docs.

---
 docs/wiki/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 779951ca6..d7752731c 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -3,6 +3,7 @@
 ## Preparation guides
 - [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
 - [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
+- [Environment Variables](preparation/Environment-variables.md)
 
 ## Installation guides
 - [Running PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)

From 57b092771827932ed18a087b833519dd78886398 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:56:40 -0400
Subject: [PATCH 095/475] Minor formatting changes to README.

---
 docs/wiki/README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index d7752731c..b853d8754 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,9 +1,8 @@
 # Welcome to the PowerDNS-Admin wiki!
 
-## Preparation guides
+## Database Setup guides
 - [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
 - [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
-- [Environment Variables](preparation/Environment-variables.md)
 
 ## Installation guides
 - [Running PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
@@ -13,11 +12,11 @@
 - [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ### Post install Setup:
+- [Environment Variables](preparation/Environment-variables.md)
 - [Getting started](configuration/Getting-started.md)
 - SystemD:
   - [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
 
-
 ## Web Server configuration
 - [Supervisord](web-server/Supervisord-example.md)
 - [Systemd](web-server/Systemd-example.md)

From 2c34307365c9be8dec8481ea30e35e4053ec0a0b Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 20:59:35 -0400
Subject: [PATCH 096/475] Move environment vars to configuration

---
 docs/wiki/README.md                              | 16 ++++++++--------
 .../Environment-variables.md                     |  0
 2 files changed, 8 insertions(+), 8 deletions(-)
 rename docs/wiki/{preparation => configuration}/Environment-variables.md (100%)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index b853d8754..340b63a66 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,18 +1,18 @@
 # Welcome to the PowerDNS-Admin wiki!
 
 ## Database Setup guides
-- [Prepare MySQL or MariaDB Database for PowerDNS-Admin](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
-- [Using PowerDNS-Admin with PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
+- [MySQL or MariaDB](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
+- [PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
 ## Installation guides
-- [Running PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
-- [Running PowerDNS-Admin on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
-- [Running PowerDNS-Admin on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
-- [Running PowerDNS-Admin on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
-- [Running PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
+- [Installing PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
+- [Installing PowerDNS-Admin on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
+- [Installing PowerDNS-Admin on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
+- [Installing PowerDNS-Admin on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
+- [Installing PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
 
 ### Post install Setup:
-- [Environment Variables](preparation/Environment-variables.md)
+- [Environment Variables](configuration/Environment-variables.md)
 - [Getting started](configuration/Getting-started.md)
 - SystemD:
   - [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
diff --git a/docs/wiki/preparation/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
similarity index 100%
rename from docs/wiki/preparation/Environment-variables.md
rename to docs/wiki/configuration/Environment-variables.md

From e0970541b4dad20593da4c296a561002689691e2 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:10:45 -0400
Subject: [PATCH 097/475] Update links to be more readable.

---
 docs/wiki/README.md | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 340b63a66..9a7226d31 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,15 +1,16 @@
 # Welcome to the PowerDNS-Admin wiki!
 
-## Database Setup guides
+## Database Setup guides:
 - [MySQL or MariaDB](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
 - [PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
-## Installation guides
-- [Installing PowerDNS-Admin on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
-- [Installing PowerDNS-Admin on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
-- [Installing PowerDNS-Admin on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
-- [Installing PowerDNS-Admin on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
-- [Installing PowerDNS-Admin on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
+## Installation guides:
+- [Install on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
+- [Install on Docker](install/Running-PowerDNS-Admin-on-Docker.md)
+- [Install on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
+- [Install on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
+- [Install on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
+- [Install on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
 
 ### Post install Setup:
 - [Environment Variables](configuration/Environment-variables.md)
@@ -17,7 +18,7 @@
 - SystemD:
   - [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
 
-## Web Server configuration
+### Web Server configuration:
 - [Supervisord](web-server/Supervisord-example.md)
 - [Systemd](web-server/Systemd-example.md)
 - [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md)
@@ -25,5 +26,10 @@
 - [uWSGI](web-server/uWSGI-example.md)
 - [WSGI-Apache](web-server/WSGI-Apache-example.md)
 
+## Using PowerDNS-Admin:
+- Setting up a domain
+- Adding a record
+- <whatever else>
+
 ## Feature usage
 - [DynDNS2](features/DynDNS2.md)
\ No newline at end of file

From fb387eb570356b10fa338a5036da88f1b323b257 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:13:26 -0400
Subject: [PATCH 098/475] Minor formatting change.

---
 docs/wiki/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 9a7226d31..6de6dc299 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,7 +1,7 @@
 # Welcome to the PowerDNS-Admin wiki!
 
 ## Database Setup guides:
-- [MySQL or MariaDB](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
+- [MySQL / MariaDB](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
 - [PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
 
 ## Installation guides:

From 76315aac6d3c6973f8e07657f7e12810cbf07911 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:16:26 -0400
Subject: [PATCH 099/475] Add required column to table.

---
 docs/wiki/configuration/Environment-variables.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index 3dc0ea0c7..097bf1657 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -1,9 +1,9 @@
 # Supported environment variables
 
-| Variable | Description | Default value |
-| -------------- | ----------- | --------------- |
-| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | <no default> |
-| SECRET_KEY   | Flask secret key [^1] | <no default> |
+| Variable | Description | Required | Default value |
+| ---------| ----------- | -------- | ------------- |
+| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | Y | <no default> |
+| SECRET_KEY   | Flask secret key [^1] | Y | <no default> |
 
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/2.0.x/config/#SECRET_KEY for how to generate)

From d2c0c94e61000e1664e85d980fd8e4c760521ad5 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:19:18 -0400
Subject: [PATCH 100/475] Flesh out docker setup.

---
 .../install/Running-PowerDNS-Admin-on-Docker.md   | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
index 6af7286a0..2f238454a 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
@@ -1 +1,14 @@
-# Installation on docker
\ No newline at end of file
+# Installation on docker
+
+The Docker image is ngoduykhanh/powerdns-admin available on [DockerHub](https://hub.docker.com/r/ngoduykhanh/powerdns-admin)
+
+The supported environment variables to configure the container are located [here](../configuration/Environment-variables.md).
+
+You can run the container and expose the web server on port 9191 using:
+```bash
+docker run -d \
+    -e SECRET_KEY='a-very-secret-key' \
+    -v pda-data:/data \
+    -p 9191:80 \
+    ngoduykhanh/powerdns-admin:latest
+```

From 7a2f83a888adb766c862e1adea85c403d3d9bdb3 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:19:55 -0400
Subject: [PATCH 101/475] Update environment var required.

---
 docs/wiki/configuration/Environment-variables.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index 097bf1657..35e2a003c 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -2,7 +2,7 @@
 
 | Variable | Description | Required | Default value |
 | ---------| ----------- | -------- | ------------- |
-| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | Y | <no default> |
+| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | <no default> |
 | SECRET_KEY   | Flask secret key [^1] | Y | <no default> |
 
 

From 19e5750974a83f67eb1225ff9347e622116f2ffb Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:22:13 -0400
Subject: [PATCH 102/475] Dropped documentation to 1.1.x since that is the
 version being used.

---
 docs/wiki/configuration/Environment-variables.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index 35e2a003c..c24185a0a 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -6,4 +6,4 @@
 | SECRET_KEY   | Flask secret key [^1] | Y | <no default> |
 
 
-[^1]: Flask secret key (see https://flask.palletsprojects.com/en/2.0.x/config/#SECRET_KEY for how to generate)
+[^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)

From 2dec2ad2041d784242925c6f776bff7721ec65fe Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:23:28 -0400
Subject: [PATCH 103/475] Fix default values.

---
 docs/wiki/configuration/Environment-variables.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index c24185a0a..7b835e2ae 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -2,8 +2,8 @@
 
 | Variable | Description | Required | Default value |
 | ---------| ----------- | -------- | ------------- |
-| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | <no default> |
-| SECRET_KEY   | Flask secret key [^1] | Y | <no default> |
+| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
+| SECRET_KEY   | Flask secret key [^1] | Y | no default |
 
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)

From 2656242b45439ece9e50afd95667b83a24fb1439 Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <109844019+pneb@users.noreply.github.com>
Date: Fri, 9 Dec 2022 09:33:17 +0800
Subject: [PATCH 104/475] Update api_key.py

I added the parentheses to the `db.session.rollback` line to call the method, which will now properly roll back any changes made to the database if an error occurs.
---
 powerdnsadmin/models/api_key.py | 48 ++++++++++++++++-----------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/powerdnsadmin/models/api_key.py b/powerdnsadmin/models/api_key.py
index 4c26cd223..7bd0fda68 100644
--- a/powerdnsadmin/models/api_key.py
+++ b/powerdnsadmin/models/api_key.py
@@ -60,31 +60,31 @@ def delete(self):
 
     def update(self, role_name=None, description=None, domains=None, accounts=None):
         try:
-            if role_name:
-                role = Role.query.filter(Role.name == role_name).first()
-                self.role_id = role.id
-
-            if description:
-                self.description = description
-
-            if domains is not None:
-                domain_object_list = Domain.query \
-                                           .filter(Domain.name.in_(domains)) \
-                                           .all()
-                self.domains[:] = domain_object_list
-
-            if accounts is not None:
-                account_object_list = Account.query \
-                                           .filter(Account.name.in_(accounts)) \
-                                           .all()
-                self.accounts[:] = account_object_list
-
-            db.session.commit()
+          if role_name:
+              role = Role.query.filter(Role.name == role_name).first()
+              self.role_id = role.id
+
+          if description:
+              self.description = description
+
+          if domains is not None:
+              domain_object_list = Domain.query \
+                                       .filter(Domain.name.in_(domains)) \
+                                       .all()
+              self.domains[:] = domain_object_list
+
+          if accounts is not None:
+              account_object_list = Account.query \
+                                       .filter(Account.name.in_(accounts)) \
+                                       .all()
+              self.accounts[:] = account_object_list
+
+          db.session.commit()
         except Exception as e:
-            msg_str = 'Update of apikey failed. Error: {0}'
-            current_app.logger.error(msg_str.format(e))
-            db.session.rollback
-            raise e
+          msg_str = 'Update of apikey failed. Error: {0}'
+          current_app.logger.error(msg_str.format(e))
+          db.session.rollback()  # fixed line
+          raise e
 
     def get_hashed_password(self, plain_text_password=None):
         # Hash a password for the first time

From dc495ce4265ab467a9a179759abfb21a4223acad Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:44:52 -0400
Subject: [PATCH 105/475] Move preparation to database-setup.

---
 .../Setup-MySQL-or-MariaDB.md}                |  2 ++
 .../Setup-PostgreSQL.md}                      | 19 +++++++------------
 2 files changed, 9 insertions(+), 12 deletions(-)
 rename docs/wiki/{preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md => database-setup/Setup-MySQL-or-MariaDB.md} (93%)
 rename docs/wiki/{preparation/Using-PowerDNS-Admin-with-PostgreSQL.md => database-setup/Setup-PostgreSQL.md} (68%)

diff --git a/docs/wiki/preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
similarity index 93%
rename from docs/wiki/preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
rename to docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 774d3e36d..139e5156c 100644
--- a/docs/wiki/preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -1,3 +1,5 @@
+# Setup MySQL database for PowerDNS-Admin
+
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
 ### Step-by-step instructions
diff --git a/docs/wiki/preparation/Using-PowerDNS-Admin-with-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
similarity index 68%
rename from docs/wiki/preparation/Using-PowerDNS-Admin-with-PostgreSQL.md
rename to docs/wiki/database-setup/Setup-PostgreSQL.md
index 04155e9e8..2af39a005 100644
--- a/docs/wiki/preparation/Using-PowerDNS-Admin-with-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -1,10 +1,6 @@
-If you would like to use PostgreSQL instead of MySQL or MariaDB, you have to install difference dependencies. Check the following instructions.
+# Setup Postgres database for PowerDNS-Admin
 
-### Install dependencies
-```
-$ sudo yum install postgresql-libs
-$ pip install psycopg2
-```
+We assume you already have a postgres database software installed for your platform.
 
 ### Create database
 ```
@@ -16,16 +12,15 @@ postgres=# alter user powerdnsadmin with encrypted password 'powerdnsadmin';
 postgres=# grant all privileges on database powerdnsadmindb to powerdnsadmin;
 ```
 
-In your `config.py` file, make sure you have
-```
-SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin:powerdnsadmin@127.0.0.1/powerdnsadmindb'
-```
-
 Note:
 - Please change the information above (db, user, password) to fit your setup.
+
+### Setup Remote access to database:
+If your database is on a different server
+
 - You might need to adjust your PostgreSQL's `pg_hba.conf` config file to allow password authentication for networks.
 
-### Use Docker
+## Docker
 ```
 docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0 
 -e SECRET_KEY='a-very-secret-key' 

From 55537e5bce0c90bcf2b0bdfba4836ef445b40a9c Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:46:49 -0400
Subject: [PATCH 106/475] Update links to database setup.

---
 docs/wiki/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 6de6dc299..d27128777 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,8 +1,8 @@
 # Welcome to the PowerDNS-Admin wiki!
 
 ## Database Setup guides:
-- [MySQL / MariaDB](preparation/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin.md)
-- [PostgreSQL](preparation/Using-PowerDNS-Admin-with-PostgreSQL.md)
+- [MySQL / MariaDB](database-setup/Setup-MySQL-or-MariaDB.md)
+- [PostgreSQL](database-setup/Setup-PostgreSQL.md)
 
 ## Installation guides:
 - [Install on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)

From b5661b61a09737676a635cc69af4409ffd476782 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:47:28 -0400
Subject: [PATCH 107/475] Add postgres URI to getting-started.

---
 docs/wiki/configuration/Getting-started.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/docs/wiki/configuration/Getting-started.md b/docs/wiki/configuration/Getting-started.md
index 44bd3c6c2..c27beb1b4 100644
--- a/docs/wiki/configuration/Getting-started.md
+++ b/docs/wiki/configuration/Getting-started.md
@@ -1 +1,10 @@
-# Getting started with PowerDNS-Admin
\ No newline at end of file
+# Getting started with PowerDNS-Admin
+
+
+In your `config.py` file, make sure you have the database URI filled in:
+
+For Postgres:
+```
+SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin:powerdnsadmin@127.0.0.1/powerdnsadmindb'
+```
+

From 4952f2de061c43fe82705ba735ae46432405fff1 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:48:29 -0400
Subject: [PATCH 108/475] Add postgres dependencies for postgres.

---
 docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
index 51b705c50..bbd9f031c 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
@@ -14,6 +14,11 @@ dnf install python37 python3-devel python3-pip
 ```bash
 dnf install mariadb-devel mariadb-common openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
 ```
+**Install Postgres dependencies**
+```bash
+$ sudo yum install postgresql-libs
+$ pip3 install psycopg2
+```
 **Install Development tools**
 ```bash
 dnf install gcc gc make
@@ -27,6 +32,7 @@ pip3.7 install -U pip
 pip install -U virtualenv
 ```
 
+
 **Install Yarn for building NodeJS asset files:**
 ```bash
 dnf install npm

From 2129c050e82f9b73583c2e0f4a71ed56ede83b9e Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:54:18 -0400
Subject: [PATCH 109/475] Minor re-formatting.

---
 docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 139e5156c..91fbe0f2f 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -2,14 +2,14 @@
 
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
-### Step-by-step instructions
+## Step-by-step instructions
 1. ivan@ubuntu:~$ `mysql -u root -p` (then enter your MySQL/MariaDB root users password)
 2. mysql> `CREATE DATABASE powerdnsadmin CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;`
 3. mysql> `GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd';`
 4. mysql> `FLUSH PRIVILEGES;`
 5. mysql> `quit`
 
-**NOTE:**
+## Known issues:
 
 If you plan to manage large zones, you may encounter some issues while applying changes.
 This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.
@@ -21,4 +21,4 @@ _Solution_:
 Convert the column to MEDIUMTEXT: 
 
 * `USE powerdnsadmin;`
-* `ALTER TABLE history MODIFY detail MEDIUMTEXT;`
\ No newline at end of file
+* `ALTER TABLE history MODIFY detail MEDIUMTEXT;`

From 1cd14210b93f0aa5c121abbc0dfda25d07ec3de4 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 21:56:16 -0400
Subject: [PATCH 110/475] Change header

---
 docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 91fbe0f2f..8e9186d3a 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -2,7 +2,7 @@
 
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
-## Step-by-step instructions
+## Setup database:
 1. ivan@ubuntu:~$ `mysql -u root -p` (then enter your MySQL/MariaDB root users password)
 2. mysql> `CREATE DATABASE powerdnsadmin CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;`
 3. mysql> `GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd';`

From d6838cf802c5619c557e4a84532fa7323802f6e8 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:02:37 -0400
Subject: [PATCH 111/475] Add mysql DB URI

---
 docs/wiki/configuration/Getting-started.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/wiki/configuration/Getting-started.md b/docs/wiki/configuration/Getting-started.md
index c27beb1b4..b3b16baef 100644
--- a/docs/wiki/configuration/Getting-started.md
+++ b/docs/wiki/configuration/Getting-started.md
@@ -3,6 +3,11 @@
 
 In your `config.py` file, make sure you have the database URI filled in:
 
+For MySQL / MariaDB:
+```
+SQLALCHEMY_DATABASE_URI = 'mysql://username:password@127.0.0.1/db_name'
+```
+
 For Postgres:
 ```
 SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin:powerdnsadmin@127.0.0.1/powerdnsadmindb'

From 3c5b88340579fea9f7916d923bd56c08a34d3af9 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:02:51 -0400
Subject: [PATCH 112/475] Add DB setup README.md

---
 docs/wiki/database-setup/README.md | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 docs/wiki/database-setup/README.md

diff --git a/docs/wiki/database-setup/README.md b/docs/wiki/database-setup/README.md
new file mode 100644
index 000000000..1f8ea09e1
--- /dev/null
+++ b/docs/wiki/database-setup/README.md
@@ -0,0 +1,4 @@
+# Database setup guides
+
+[MySQL / MariaDB](Setup-MySQL-or-MaraDB.md)
+[Postgres](Setup-PostgreSQL.md)

From 9f8c4164326936ec445aaa662120f45721b5667c Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:06:24 -0400
Subject: [PATCH 113/475] Make db list a list.

---
 docs/wiki/database-setup/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/database-setup/README.md b/docs/wiki/database-setup/README.md
index 1f8ea09e1..0c6aee644 100644
--- a/docs/wiki/database-setup/README.md
+++ b/docs/wiki/database-setup/README.md
@@ -1,4 +1,4 @@
 # Database setup guides
 
-[MySQL / MariaDB](Setup-MySQL-or-MaraDB.md)
-[Postgres](Setup-PostgreSQL.md)
+- [MySQL / MariaDB](Setup-MySQL-or-MaraDB.md)
+- [Postgres](Setup-PostgreSQL.md)

From be933db09a32ada563c7adfd275ba7278c49df0f Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:37:29 -0400
Subject: [PATCH 114/475] Add documentation on how to allow remote connection
 on postgres.

---
 docs/wiki/database-setup/Setup-PostgreSQL.md | 23 ++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
index 2af39a005..a3b0e5b91 100644
--- a/docs/wiki/database-setup/Setup-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -16,9 +16,28 @@ Note:
 - Please change the information above (db, user, password) to fit your setup.
 
 ### Setup Remote access to database:
-If your database is on a different server
+If your database is on a different server postgres does not allow remote connections by default.
 
-- You might need to adjust your PostgreSQL's `pg_hba.conf` config file to allow password authentication for networks.
+```
+[root@host ~]$  sudo su - postgres
+# Edit /var/lib/pgsql/data/postgresql.conf
+# Change the following line:
+listen_addresses = 'localhost'
+# to:
+listen_addresses = '*'
+# Edit /var/lib/pgsql/data/pg_hba.conf
+# Add the following lines to the end of the 
+host    all             all              0.0.0.0/0                       md5
+host    all             all              ::/0                            md5
+
+[postgres@host ~]$ exit
+[root@host ~]$  sudo systemctl restart postgresql
+```
+
+On debian based systems these files are located in:
+```
+/etc/postgresql/<version>/main/
+```
 
 ## Docker
 ```

From fa6c58978ba1559d655c6c1ba9f018aeb2086438 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:50:25 -0400
Subject: [PATCH 115/475] Cleaned up mysql setup process.

---
 .../database-setup/Setup-MySQL-or-MariaDB.md  | 29 ++++++++++---------
 1 file changed, 16 insertions(+), 13 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 8e9186d3a..f028984b4 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -2,23 +2,26 @@
 
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
+We assume the database is installed per your platform's directions (apt, yum, etc).
+
 ## Setup database:
-1. ivan@ubuntu:~$ `mysql -u root -p` (then enter your MySQL/MariaDB root users password)
-2. mysql> `CREATE DATABASE powerdnsadmin CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;`
-3. mysql> `GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd';`
-4. mysql> `FLUSH PRIVILEGES;`
-5. mysql> `quit`
+
+Connect to the database (Usually using `mysql -u root -p` - then enter your MySQL/MariaDB root users password if applicable), then enter the following:
+```
+CREATE DATABASE `powerdnsadmin` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
+GRANT ALL PRIVILEGES ON `powerdnsadmin`.* TO 'pdnsadminuser'@'localhost' IDENTIFIED BY 'YOUR_PASSWORD_HERE';
+FLUSH PRIVILEGES;
+quit
+```
 
 ## Known issues:
 
-If you plan to manage large zones, you may encounter some issues while applying changes.
-This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.
+Problem: If you plan to manage large zones, you may encounter some issues while applying changes. This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.
 
 Using MySQL/MariaDB, this column is created by default as TEXT and thus limited to 65,535 characters.
 
-_Solution_:
-
-Convert the column to MEDIUMTEXT: 
-
-* `USE powerdnsadmin;`
-* `ALTER TABLE history MODIFY detail MEDIUMTEXT;`
+Solution: Convert the column to MEDIUMTEXT:
+```
+USE powerdnsadmin;
+ALTER TABLE history MODIFY detail MEDIUMTEXT;
+```

From 117659dd3105b8778c5ab0e9071958368a4da00e Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:51:59 -0400
Subject: [PATCH 116/475] Moved database setup to database-setup.

---
 ...nning-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index b4e3b66b7..137f1a795 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -1,4 +1,9 @@
-## Install required packages
+# Installing PowerDNS-Admin on Ubuntu or Debian based systems
+
+First setup your database accordingly:
+[Database Setup](../database-setup/README.md)
+
+## Install required packages:
 
 **Install Python 3 development package**
 
@@ -14,16 +19,7 @@ sudo apt install -y git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev
 
 _**Note:**_ I am using MySQL Community server as the database backend. So `libmysqlclient-dev` is required. For MariaDB, and PostgreSQL the required package will be difference.
 
-** Install Maria or MySQL (ONLY if not ALREADY installed)**
-```bash
-sudo apt install mariadb-server mariadb-client
-```
-Create database and user using mysql command and entering 
-```bash
->create database pda;
->grant all privileges on pda.* TO 'pda'@'localhost' identified by 'YOUR_PASSWORD_HERE';
->flush privileges;
-```
+
 **Install NodeJs**
 
 ```bash

From 09b661a8a371dbf4dc6ae33df823d977c6e114f3 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 22:53:23 -0400
Subject: [PATCH 117/475] Fix spelling mistake

---
 docs/wiki/database-setup/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/database-setup/README.md b/docs/wiki/database-setup/README.md
index 0c6aee644..e4e4d015d 100644
--- a/docs/wiki/database-setup/README.md
+++ b/docs/wiki/database-setup/README.md
@@ -1,4 +1,4 @@
 # Database setup guides
 
-- [MySQL / MariaDB](Setup-MySQL-or-MaraDB.md)
-- [Postgres](Setup-PostgreSQL.md)
+- [MySQL / MariaDB](Setup-MySQL-or-MariaDB.md)
+- [PostgreSQL](Setup-PostgreSQL.md)

From 099579de1144dad74cc398002845c6dd58fcbcda Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 23:04:23 -0400
Subject: [PATCH 118/475] Add db setup considerations for MySQL.

---
 docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index f028984b4..d14d2a953 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -13,6 +13,8 @@ GRANT ALL PRIVILEGES ON `powerdnsadmin`.* TO 'pdnsadminuser'@'localhost' IDENTIF
 FLUSH PRIVILEGES;
 quit
 ```
+- If your database server is located on a different machine then change 'localhost' to '%'
+- Replace YOUR_PASSWORD_HERE with a secure password.
 
 ## Known issues:
 

From 5f643ccb78adc0c977f61dfc3ff04a26873bceb0 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Thu, 8 Dec 2022 23:11:04 -0400
Subject: [PATCH 119/475] Explain where the config.py is.

---
 docs/wiki/configuration/Getting-started.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/wiki/configuration/Getting-started.md b/docs/wiki/configuration/Getting-started.md
index b3b16baef..0e322da5d 100644
--- a/docs/wiki/configuration/Getting-started.md
+++ b/docs/wiki/configuration/Getting-started.md
@@ -1,7 +1,9 @@
 # Getting started with PowerDNS-Admin
 
 
-In your `config.py` file, make sure you have the database URI filled in:
+In your FLASK_CONF (check the installation directions for where yours is) file, make sure you have the database URI filled in (in some previous documentation this was called config.py):
+
+TODO: list location of config.py
 
 For MySQL / MariaDB:
 ```

From 496222e6b7b3145c73e0103b4280eba5fb17d8ed Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 06:46:02 -0400
Subject: [PATCH 120/475] Remove TODO and add setup of first user.

---
 docs/wiki/configuration/Getting-started.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/wiki/configuration/Getting-started.md b/docs/wiki/configuration/Getting-started.md
index 0e322da5d..ce722348c 100644
--- a/docs/wiki/configuration/Getting-started.md
+++ b/docs/wiki/configuration/Getting-started.md
@@ -3,8 +3,6 @@
 
 In your FLASK_CONF (check the installation directions for where yours is) file, make sure you have the database URI filled in (in some previous documentation this was called config.py):
 
-TODO: list location of config.py
-
 For MySQL / MariaDB:
 ```
 SQLALCHEMY_DATABASE_URI = 'mysql://username:password@127.0.0.1/db_name'
@@ -15,3 +13,4 @@ For Postgres:
 SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin:powerdnsadmin@127.0.0.1/powerdnsadmindb'
 ```
 
+Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.

From a5fdd8ffc4b8ce8ee64ccd383e2bf3c18b817ecd Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 06:46:40 -0400
Subject: [PATCH 121/475] Change notes to headers and move setup of first user
 to getting started.

---
 ...nning-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index 137f1a795..91738dd4e 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -5,13 +5,13 @@ First setup your database accordingly:
 
 ## Install required packages:
 
-**Install Python 3 development package**
+###Install Python 3 development package
 
 ```bash
 sudo apt install python3-dev
 ```
 
-**Install required packages for building python libraries from requirements.txt file**
+###Install required packages for building python libraries from requirements.txt file
 
 ```bash
 sudo apt install -y git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv build-essential curl
@@ -20,14 +20,14 @@ sudo apt install -y git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev
 _**Note:**_ I am using MySQL Community server as the database backend. So `libmysqlclient-dev` is required. For MariaDB, and PostgreSQL the required package will be difference.
 
 
-**Install NodeJs**
+###Install NodeJs
 
 ```bash
 curl -sL https://deb.nodesource.com/setup_14.x | bash -
 apt install -y nodejs
 ```
 
-**Install yarn to build asset files**
+###Install yarn to build asset files
 
 ```bash
 sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
@@ -36,7 +36,7 @@ sudo apt update -y
 sudo apt install -y yarn
 ```
 
-## Checkout source code and create virtualenv
+###Checkout source code and create virtualenv
 _**Note:**_ Please adjust `/opt/web/powerdns-admin` to your local web application directory
 
 ```bash
@@ -52,9 +52,6 @@ source ./venv/bin/activate
 pip install --upgrade pip
 pip install -r requirements.txt
 ```
-
-
-
 ## Running PowerDNS-Admin
 
 Create PowerDNS-Admin config file and make the changes necessary for your use case. Make sure to change `SECRET_KEY` to a long random string that you generated yourself ([see Flask docs](https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)), do not use the pre-defined one. E.g.:
@@ -85,6 +82,7 @@ Now you can run PowerDNS-Admin by command
 ./run.py
 ```
 
-Open your web browser and go to `http://localhost:9191` to visit PowerDNS-Admin web interface. Register a user. The first user will be in the Administrator role.
+This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](../web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md) for instructions.
+
 
-This is good for testing, but for production usage, you should use gunicorn or uwsgi. See [Running PowerDNS Admin with Systemd, Gunicorn and Nginx](../web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md) for instructions.
\ No newline at end of file
+From here you can now follow the [Getting started guide](../configuration/Getting-started.md).

From e06fcd75ce9a69d9fc947d8fd26e34e2168b4d62 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 07:02:26 -0400
Subject: [PATCH 122/475] Moved database specific packages to the setup MySQL
 directions.

---
 docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index d14d2a953..246a0a552 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -16,6 +16,20 @@ quit
 - If your database server is located on a different machine then change 'localhost' to '%'
 - Replace YOUR_PASSWORD_HERE with a secure password.
 
+## Install required packages:
+### Red-hat based systems:
+
+### Debian based systems:
+```
+apt install libmysqlclient-dev
+```
+
+### Install python packages:
+```
+pip3 install mysqlclient==2.0.1
+```
+
+
 ## Known issues:
 
 Problem: If you plan to manage large zones, you may encounter some issues while applying changes. This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.

From 5ab04509c336bc32d3e086bebd8cc2af7e3e1456 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 07:03:07 -0400
Subject: [PATCH 123/475] Remove MySQL specific documentation

---
 ...ning-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 19 +++++--------------
 1 file changed, 5 insertions(+), 14 deletions(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index 91738dd4e..d3bc8345d 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -5,29 +5,20 @@ First setup your database accordingly:
 
 ## Install required packages:
 
-###Install Python 3 development package
+### Install required packages for building python libraries from requirements.txt file
 
 ```bash
-sudo apt install python3-dev
+sudo apt install -y python3-dev git libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv build-essential curl
 ```
 
-###Install required packages for building python libraries from requirements.txt file
-
-```bash
-sudo apt install -y git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv build-essential curl
-```
-
-_**Note:**_ I am using MySQL Community server as the database backend. So `libmysqlclient-dev` is required. For MariaDB, and PostgreSQL the required package will be difference.
-
-
-###Install NodeJs
+### Install NodeJs
 
 ```bash
 curl -sL https://deb.nodesource.com/setup_14.x | bash -
 apt install -y nodejs
 ```
 
-###Install yarn to build asset files
+### Install yarn to build asset files
 
 ```bash
 sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
@@ -36,7 +27,7 @@ sudo apt update -y
 sudo apt install -y yarn
 ```
 
-###Checkout source code and create virtualenv
+### Checkout source code and create virtualenv
 _**Note:**_ Please adjust `/opt/web/powerdns-admin` to your local web application directory
 
 ```bash

From 8b986db2acc692786ceed5634ef59c3ccb637b30 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 07:11:12 -0400
Subject: [PATCH 124/475] Desc added for what is being created.

---
 docs/wiki/database-setup/Setup-PostgreSQL.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/wiki/database-setup/Setup-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
index a3b0e5b91..40c1287f2 100644
--- a/docs/wiki/database-setup/Setup-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -3,6 +3,8 @@
 We assume you already have a postgres database software installed for your platform.
 
 ### Create database
+The below will create a database called powerdnsadmindb and a user of powerdnsadmin.
+
 ```
 $ sudo su - postgres
 $ createuser powerdnsadmin
@@ -18,6 +20,7 @@ Note:
 ### Setup Remote access to database:
 If your database is on a different server postgres does not allow remote connections by default.
 
+To change this follow the below directions:
 ```
 [root@host ~]$  sudo su - postgres
 # Edit /var/lib/pgsql/data/postgresql.conf
@@ -31,7 +34,7 @@ host    all             all              0.0.0.0/0                       md5
 host    all             all              ::/0                            md5
 
 [postgres@host ~]$ exit
-[root@host ~]$  sudo systemctl restart postgresql
+[root@host ~]$ sudo systemctl restart postgresql
 ```
 
 On debian based systems these files are located in:
@@ -40,6 +43,7 @@ On debian based systems these files are located in:
 ```
 
 ## Docker
+TODO: Setup a local Docker postgres database ready to go (should probably move to the top).
 ```
 docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0 
 -e SECRET_KEY='a-very-secret-key' 

From b1a3a98692487283816bbe429143e232759fc051 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 07:25:25 -0400
Subject: [PATCH 125/475] Add general install notes.

---
 docs/wiki/README.md          | 20 ++++++++++++++------
 docs/wiki/install/General.md |  7 +++++++
 2 files changed, 21 insertions(+), 6 deletions(-)
 create mode 100644 docs/wiki/install/General.md

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index d27128777..8a002bd55 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -5,12 +5,20 @@
 - [PostgreSQL](database-setup/Setup-PostgreSQL.md)
 
 ## Installation guides:
-- [Install on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
-- [Install on Docker](install/Running-PowerDNS-Admin-on-Docker.md)
-- [Install on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
-- [Install on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
-- [Install on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
-- [Install on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
+- [General (Read this first)](install/General.md)
+  - BSD:
+    - [Install on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
+  - Containers:
+    - [Install on Docker](install/Running-PowerDNS-Admin-on-Docker.md)
+  - Debian:
+    - [Install on Ubuntu or Debian](install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md)
+  - Red-Hat:
+    - [Install on Centos 7](install/Running-PowerDNS-Admin-on-Centos-7.md)
+    - [Install on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
+    - [Install on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
+
+
+
 
 ### Post install Setup:
 - [Environment Variables](configuration/Environment-variables.md)
diff --git a/docs/wiki/install/General.md b/docs/wiki/install/General.md
new file mode 100644
index 000000000..98dfa1f34
--- /dev/null
+++ b/docs/wiki/install/General.md
@@ -0,0 +1,7 @@
+# General installation 
+
+
+## Requirements:
+
+- A linux based system with python 3 or later available. Debian and Red-hat based systems are recommended, others (Arch-based for example) may work but are currently not tested.
+- A database for PowerDNS-Admin, if you are using a database for PowerDNS itself this must be separate to that database.
\ No newline at end of file

From 542af959e17f57af44a1395c7f7cbbed8aab0d07 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 09:48:51 -0500
Subject: [PATCH 126/475] Removed mysqlclient requirement based on issue 1305.
 Wiki documentation has already been updated to reflect this change.

---
 requirements.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 1fc2864b5..29f62d726 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,7 +4,6 @@ Flask-Login==0.5.0
 Flask-SQLAlchemy==2.4.4
 Flask-Migrate==2.5.3
 SQLAlchemy==1.3.19
-mysqlclient==2.0.1
 configobj==5.0.6
 bcrypt>=3.1.7
 requests==2.24.0

From 4f656d827e62b2999b76faad2a05e1831b92a8ec Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 10:56:08 -0400
Subject: [PATCH 127/475] Move DB directions to that section of docs.

---
 .../database-setup/Setup-MySQL-or-MariaDB.md  |  5 ++
 docs/wiki/database-setup/Setup-PostgreSQL.md  | 22 +++++++-
 .../Running-PowerDNS-Admin-on-Centos-7.md     | 53 +++++++------------
 .../Running-PowerDNS-Admin-on-Fedora-30.md    |  7 ---
 4 files changed, 44 insertions(+), 43 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 246a0a552..00586a561 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -18,6 +18,11 @@ quit
 
 ## Install required packages:
 ### Red-hat based systems:
+```
+yum install MariaDB-shared mariadb-devel mysql-community-devel
+```
+
+If you use MariaDB ( from [MariaDB repositories](https://mariadb.com/resources/blog/installing-mariadb-10-on-centos-7-rhel-7/) )
 
 ### Debian based systems:
 ```
diff --git a/docs/wiki/database-setup/Setup-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
index 40c1287f2..74af46f96 100644
--- a/docs/wiki/database-setup/Setup-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -53,4 +53,24 @@ docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0
 -e SQLA_DB_HOST='192.168.0.100' 
 -e SQLA_DB_NAME='powerdns_admin_test' 
 -v /data/node_modules:/var/www/powerdns-admin/node_modules -d -p 9191:9191 ixpict/powerdns-admin-pgsql:latest
-```
\ No newline at end of file
+```
+
+## Install required packages:
+### Red-hat based systems:
+```
+sudo yum install postgresql-libs
+```
+
+### Debian based systems:
+```
+apt install libpq-dev python-dev
+```
+
+### Install python packages:
+```
+pip3 install psycopg2
+```
+
+## Known Issues:
+
+** To fill in **
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
index 18d57f6d0..cee272c07 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Centos-7.md
@@ -1,59 +1,43 @@
+# Installing PowerDNS-Admin on CentOS 7
+
 ```
 NOTE: If you are logged in as User and not root, add "sudo", or get root by sudo -i.
 ```
-<br>
 
-**Remove old Python 3.4**<br>
-If you had it installed because of older instructions<br>
-```
-yum remove python34*
-yum autoremove
-```
-<br>
+## Install required packages:
+### Install needed repositories:
 
-## Install required packages
-**Install needed repositories:**
-<br>
 ```
 yum install epel-release
 yum install https://repo.ius.io/ius-release-el7.rpm https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
 ```
 
-**Install Python 3.6 and tools**
-```
-yum install python3 python3-devel python3-pip
-pip3.6 install -U pip
-pip install -U virtualenv
-```
-
-**Install required packages for building python libraries from requirements.txt file**
+### Install Python 3.6 and tools:
+First remove python 3.4 if installed
 ```
---> NOTE: I am using MySQL Community server as the database backend.
-          So `mysql-community-devel` is required. For MariaDB,
-          and PostgreSQL the required package will be different.
+yum remove python34*
+yum autoremove
 ```
 
-If you use MariaDB ( from [MariaDB repositories](https://mariadb.com/resources/blog/installing-mariadb-10-on-centos-7-rhel-7/) )
-
 ```
-yum install gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
+yum install python3 python3-devel python3-pip
+pip3.6 install -U pip
+pip install -U virtualenv
 ```
 
-If you use default Centos mariadb (5.5)
+### Install required packages for building python libraries from requirements.txt file:
 ```
-yum install gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
+yum install gcc openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
 ```
 
-
-**Install yarn to build asset files + Nodejs 14**
+### Install yarn to build asset files + Nodejs 14:
 ```
 curl -sL https://rpm.nodesource.com/setup_14.x | bash -
 curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
 yum install yarn
 ```
-<br>
 
-## Checkout source code and create virtualenv
+### Checkout source code and create virtualenv:
 NOTE: Please adjust `/opt/web/powerdns-admin` to your local web application directory
 
 ```
@@ -68,15 +52,14 @@ Activate your python3 environment and install libraries:
 pip install python-dotenv
 pip install -r requirements.txt
 ```
-<br>
 
-## Running PowerDNS-Admin
+## Running PowerDNS-Admin:
 NOTE: The default config file is located at `./powerdnsadmin/default_config.py`. If you want to load another one, please set the `FLASK_CONF` environment variable. E.g.
 ```bash
 export FLASK_CONF=../configs/development.py
 ```
 
-**Then create the database schema by running:**
+### Create the database schema:
 ```
 export FLASK_APP=powerdnsadmin/__init__.py
 flask db upgrade
@@ -97,4 +80,4 @@ Open your web browser and access to `http://localhost:9191` to visit PowerDNS-Ad
 
 At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.
 
-_**Note:**_ For production environment, i would recommend you to run PowerDNS-Admin with gunicorn or uwsgi instead of flask's built-in web server, take a look at WIKI page to see how to configure them.
\ No newline at end of file
+_**Note:**_ For production environment, i would recommend you to run PowerDNS-Admin with gunicorn or uwsgi instead of flask's built-in web server, take a look at WIKI page to see how to configure them.
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
index bbd9f031c..53f1c7cec 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Fedora-30.md
@@ -14,11 +14,6 @@ dnf install python37 python3-devel python3-pip
 ```bash
 dnf install mariadb-devel mariadb-common openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
 ```
-**Install Postgres dependencies**
-```bash
-$ sudo yum install postgresql-libs
-$ pip3 install psycopg2
-```
 **Install Development tools**
 ```bash
 dnf install gcc gc make
@@ -31,8 +26,6 @@ pip3.7 install -U pip
 ```bash
 pip install -U virtualenv
 ```
-
-
 **Install Yarn for building NodeJS asset files:**
 ```bash
 dnf install npm

From 02b7bda2920d45c726a1d8475ea457b845af5a34 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Fri, 9 Dec 2022 12:32:23 -0400
Subject: [PATCH 128/475] Update supported versions of python.

---
 docs/wiki/install/General.md | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/docs/wiki/install/General.md b/docs/wiki/install/General.md
index 98dfa1f34..28184e12a 100644
--- a/docs/wiki/install/General.md
+++ b/docs/wiki/install/General.md
@@ -1,7 +1,18 @@
 # General installation 
 
-
 ## Requirements:
-
-- A linux based system with python 3 or later available. Debian and Red-hat based systems are recommended, others (Arch-based for example) may work but are currently not tested.
-- A database for PowerDNS-Admin, if you are using a database for PowerDNS itself this must be separate to that database.
\ No newline at end of file
+- A linux based system. Others (Arch-based for example) may work but are currently not tested.
+  - Ubuntu versions tested:
+    - To fill in
+  - Red hat versions tested:
+    - To fill in
+  - Python versions tested:
+    - 3.6
+    - 3.7
+    - 3.8
+    - 3.9
+    - 3.10
+    - 3.11 - Failing due to issue with python3-saml later than 1.12.0
+- A database for PowerDNS-Admin, if you are using a database for PowerDNS itself this must be separate to that database. The currently supported databases are:
+  - MySQL
+  - PostgreSQL

From 54775e6c6907e44995a1667a1bcc44b834314907 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 11:41:38 -0500
Subject: [PATCH 129/475] Working on updated workflow for Docker image
 publishing.

---
 .github/workflows/build-and-publish.yml | 20 ++++++++++----------
 docker/Dockerfile                       |  1 -
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 4b103f8ce..1f56da738 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -11,41 +11,41 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout code
+      - name: Repository Checkout
         uses: actions/checkout@v2
 
-      - name: Docker meta
+      - name: Docker Image Metadata
         id: meta
         uses: docker/metadata-action@v3
         with:
           images: |
-            ngoduykhanh/powerdns-admin
+            powerdnsadmin/pda-legacy
           tags: |
             type=ref,event=tag
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
 
-      - name: Set up Docker Buildx
+      - name: Docker Buildx Setup
         id: buildx
         uses: docker/setup-buildx-action@v1
 
-      - name: Login to DockerHub
+      - name: Docker Hub Authentication
         uses: docker/login-action@v1
         with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          username: ${{ secrets.DOCKERHUB_USERNAME_V2 }}
+          password: ${{ secrets.DOCKERHUB_TOKEN_V2 }}
 
-      - name: Build latest image
+      - name: Docker Image Build
         uses: docker/build-push-action@v2
         if: github.ref == 'refs/heads/master'
         with:
           context: ./
           file: ./docker/Dockerfile
           push: true
-          tags: ngoduykhanh/powerdns-admin:latest
+          tags: powerdnsadmin/pda-legacy:latest
 
-      - name: Build release image
+      - name: Docker Image Release Tagging
         uses: docker/build-push-action@v2
         if: ${{ startsWith(github.ref, 'refs/tags/v') }}
         with:
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 5296e0238..f0a073124 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,5 +1,4 @@
 FROM alpine:3.13 AS builder
-LABEL maintainer="k@ndk.name"
 
 ARG BUILD_DEPENDENCIES="build-base \
     libffi-dev \

From 58d0d6b71d1e07105fe35292aa9d481c0e0ff803 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 12:30:18 -0500
Subject: [PATCH 130/475] Updated Docker image publish workflow to enable
 manual dispatch of the workflow.

---
 .github/workflows/build-and-publish.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 1f56da738..bb9325880 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -1,4 +1,5 @@
 on:
+  workflow_dispatch:
   push:
     branches:
       - 'master'

From 3889ceaf4c4a9df90858dfc6d431275ab5ab38fb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 12:55:45 -0500
Subject: [PATCH 131/475] Updated documentation to reflect the new Docker Hub
 home of the project's Docker images.

---
 README.md                                             | 2 +-
 docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 8067855f8..af2541328 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ $ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    ngoduykhanh/powerdns-admin:latest
+    powerdnsadmin/pda-legacy:latest
 ```
 This creates a volume called `pda-data` to persist the SQLite database with the configuration.
 
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
index 2f238454a..1e3ef50c1 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
@@ -1,6 +1,6 @@
 # Installation on docker
 
-The Docker image is ngoduykhanh/powerdns-admin available on [DockerHub](https://hub.docker.com/r/ngoduykhanh/powerdns-admin)
+The Docker image is powerdnsadmin/pda-legacy available on [DockerHub](https://hub.docker.com/r/powerdnsadmin/pda-legacy)
 
 The supported environment variables to configure the container are located [here](../configuration/Environment-variables.md).
 
@@ -10,5 +10,5 @@ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    ngoduykhanh/powerdns-admin:latest
+    powerdnsadmin/pda-legacy:latest
 ```

From c90592e039ac2b9da9ecc08dce477b188763d530 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 15:58:55 -0500
Subject: [PATCH 132/475] Updated build/deploy workflow to include updated
 naming.

---
 .github/workflows/build-and-publish.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index bb9325880..8de2410c5 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -1,3 +1,5 @@
+name: 'Docker Image Publish'
+
 on:
   workflow_dispatch:
   push:
@@ -8,7 +10,7 @@ on:
 
 jobs:
   build-and-push-docker-image:
-    name: Build Docker image and push to repositories
+    name: Build / Publish Docker Image
     runs-on: ubuntu-latest
 
     steps:

From 45071c3a9f69eed7fe3987eaf1beb780023fa1e5 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 16:40:39 -0500
Subject: [PATCH 133/475] Updated CodeQL workflow to support manual dispatch.

---
 .github/workflows/codeql-analysis.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index ad59382e2..bba8c1f95 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -12,6 +12,7 @@
 name: "CodeQL"
 
 on:
+  workflow_dispatch:
   push:
     branches: [ master ]
   pull_request:

From 02e4fcc20a65b7a1c107c50b62385aab7e91be57 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 16:42:53 -0500
Subject: [PATCH 134/475] Updating project README to include updated status
 badges since LGTM is shutting down soon.

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index af2541328..71461be1b 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,8 @@
 # PowerDNS-Admin
 A PowerDNS web interface with advanced features.
 
-[![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/PowerDNS-Admin/PowerDNS-Admin.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/PowerDNS-Admin/PowerDNS-Admin/context:python)
-[![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/PowerDNS-Admin/PowerDNS-Admin.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/PowerDNS-Admin/PowerDNS-Admin/context:javascript)
+[![CodeQL](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml)
+[![Docker Image Publish](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml)
 
 #### Features:
 - Multiple domain management

From 56ee0d674ec0ec6aacf1e652450d0c6b9d9ad389 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 16:56:03 -0500
Subject: [PATCH 135/475] Added very basic Docker Compose / Portainer template
 for the current project.

---
 deploy/docker/portainer.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 deploy/docker/portainer.yaml

diff --git a/deploy/docker/portainer.yaml b/deploy/docker/portainer.yaml
new file mode 100644
index 000000000..84402ef16
--- /dev/null
+++ b/deploy/docker/portainer.yaml
@@ -0,0 +1,15 @@
+version: '3.3'
+services:
+
+  core:
+    image: powerdnsadmin/pda-legacy:latest
+    restart: unless-stopped
+    environment:
+      - SECRET_KEY=INSECURE-CHANGE-ME-9I0DAtfkfj5JmBkPSaHah3ECAa8Df5KK
+    ports:
+      - "12000:9191"
+    volumes:
+      - "core_data:/data"
+
+volumes:
+  core_data:

From 81020fe2b5c008ea1f423b53100d37b66e2b75d7 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 16:57:13 -0500
Subject: [PATCH 136/475] Tweaked Docker status badge text in project README.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 71461be1b..82f15cc14 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 A PowerDNS web interface with advanced features.
 
 [![CodeQL](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml)
-[![Docker Image Publish](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml)
+[![Docker Image](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml)
 
 #### Features:
 - Multiple domain management

From 4940e280bb1fdd0690eb52ceca04ea48352a9fc1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 16:58:40 -0500
Subject: [PATCH 137/475] Tweaked name of Docker image build workflow for
 Docker image status updates.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 8de2410c5..0e1f2d32f 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -1,4 +1,4 @@
-name: 'Docker Image Publish'
+name: 'Docker Image'
 
 on:
   workflow_dispatch:

From dec457e2ea0dcba65c936abd003e5d1dcbd33a84 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 17:02:36 -0500
Subject: [PATCH 138/475] Tweaked job name of the Docker Image workflow.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 0e1f2d32f..52649e6f9 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -10,7 +10,7 @@ on:
 
 jobs:
   build-and-push-docker-image:
-    name: Build / Publish Docker Image
+    name: Build Docker Image
     runs-on: ubuntu-latest
 
     steps:

From 48c303dd84ebd3f01f13b2f32f69d4afedcac050 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 9 Dec 2022 17:03:46 -0500
Subject: [PATCH 139/475] Corrected typo / instructions related to Docker in
 the project README file.

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 82f15cc14..ce12f62a4 100644
--- a/README.md
+++ b/README.md
@@ -24,8 +24,8 @@ There are several ways to run PowerDNS-Admin. The easiest way is to use Docker.
 If you are looking to install and run PowerDNS-Admin directly onto your system check out the [Wiki](https://github.com/PowerDNS-Admin/PowerDNS-Admin/wiki#installation-guides) for ways to do that.
 
 ### Docker
-This are two options to run PowerDNS-Admin using Docker.
-To get started as quickly as possible try option 1. If you want to make modifications to the configuration option 2 may be cleaner.
+Here are two options to run PowerDNS-Admin using Docker.
+To get started as quickly as possible, try option 1. If you want to make modifications to the configuration option 2 may be cleaner.
 
 #### Option 1: From Docker Hub
 The easiest is to just run the latest Docker image from Docker Hub:

From dfdb0dca173c7bc2b95bbdefb8525fe5e2601a97 Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <109844019+pneb@users.noreply.github.com>
Date: Sat, 10 Dec 2022 10:37:06 +0800
Subject: [PATCH 140/475] Update domain.py

---
 powerdnsadmin/models/domain.py | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index bbd71e1cd..09b697e7d 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -110,6 +110,22 @@ def get_id_by_name(self, name):
                 'Domain does not exist. ERROR: {0}'.format(e))
             return None
 
+    def search_idn_domains(self, search_string):
+        """
+        Search for IDN domains using the provided search string.
+        """
+        # Compile the regular expression pattern for matching IDN domain names
+        idn_pattern = re.compile(r'^xn--')
+
+        # Search for domain names that match the IDN pattern
+        idn_domains = [
+            domain for domain in self.get_domains() if idn_pattern.match(domain)
+        ]
+
+        # Filter the search results based on the provided search string
+        return [domain for domain in idn_domains if search_string in domain]
+
+
     def update(self):
         """
         Fetch zones (domains) from PowerDNS and update into DB
@@ -906,4 +922,4 @@ def is_overriding(self, domain_name):
                                 current_app.logger.error('Domain already exists as a record: {} under domain: {}'.format(r['name'].rstrip('.'), upper_domain_name))
                                 return upper_domain_name
             upper_domain_name = '.'.join(upper_domain_name.split('.')[1:])
-        return None
\ No newline at end of file
+        return None

From 4e2ea4bc5eaee11042fa9a75ea224947a45d60ac Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 11 Dec 2022 17:43:02 -0500
Subject: [PATCH 141/475] Revert "Removed mysqlclient requirement based on
 issue 1305. Wiki documentation has already been updated to reflect this
 change."

This reverts commit 542af959e17f57af44a1395c7f7cbbed8aab0d07.
---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 29f62d726..1fc2864b5 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,6 +4,7 @@ Flask-Login==0.5.0
 Flask-SQLAlchemy==2.4.4
 Flask-Migrate==2.5.3
 SQLAlchemy==1.3.19
+mysqlclient==2.0.1
 configobj==5.0.6
 bcrypt>=3.1.7
 requests==2.24.0

From 23e0fdbedf3ddbbb8515d0feccf092643cd8cba9 Mon Sep 17 00:00:00 2001
From: Robert Walter <robert.walter@ipandmore.de>
Date: Mon, 12 Dec 2022 12:32:32 +0100
Subject: [PATCH 142/475] Fixing Validation Problem at LDAP Form

---
 powerdnsadmin/templates/admin_setting_authentication.html | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index ba82c2e8a..5d0fd1020 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -735,15 +735,17 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                 $('#ldap_admin_username').prop('required', true);
                 $('#ldap_admin_password').prop('required', true);
                 $('#ldap_domain').prop('required', false);
+                $('#ldap_filter_group').prop('required', true);
+                $('#ldap_filter_groupname').prop('required', true);
             } else {
                 $('#ldap_admin_username').prop('required', false);
                 $('#ldap_admin_password').prop('required', false);
                 $('#ldap_domain').prop('required', true);
+                $('#ldap_filter_group').prop('required', false);
+                $('#ldap_filter_groupname').prop('required', false);
             }
             $('#ldap_filter_basic').prop('required', true);
-            $('#ldap_filter_group').prop('required', true);
             $('#ldap_filter_username').prop('required', true);
-            $('#ldap_filter_groupname').prop('required', true);
 
             if ($('#ldap_sg_on').is(":checked")) {
                 $('#ldap_admin_group').prop('required', true);

From 8d5b92402d356efde146a364aba0ee7859af51b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20BECOT?= <jerome.becot@deveryware.com>
Date: Sat, 10 Dec 2022 23:32:12 +0100
Subject: [PATCH 143/475] fix: Remove deprecated option OPT_X_TLS

---
 powerdnsadmin/models/user.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 66669b7d2..04a73e220 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -125,7 +125,6 @@ def ldap_init_conn(self):
         conn = ldap.initialize(Setting().get('ldap_uri'))
         conn.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
         conn.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
-        conn.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_DEMAND)
         conn.set_option(ldap.OPT_X_TLS_DEMAND, True)
         conn.set_option(ldap.OPT_DEBUG_LEVEL, 255)
         conn.protocol_version = ldap.VERSION3

From 52169f698c783e9e057b0be9df2cc0cdb47e72b5 Mon Sep 17 00:00:00 2001
From: Dominik Fahr <dom@cc7.at>
Date: Mon, 12 Dec 2022 17:30:42 +0100
Subject: [PATCH 144/475] undo of commit a7f55de did not fix issue #1261 leaded
 into issue #1321

---
 powerdnsadmin/lib/utils.py | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 5a62ee362..9e7cf20cd 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -119,16 +119,12 @@ def fetch_json(remote_url,
 
 
 def display_record_name(data):
-    # Check that the data argument is a tuple containing two elements
-    if isinstance(data, Iterable) and len(data) == 2:
-        record_name, domain_name = data
-        if record_name == domain_name:
-            return '@'
-        else:
-            return record_name
+    record_name, domain_name = data
+    if record_name == domain_name:
+        return '@'
     else:
-        # If data is not a tuple of length 2, return an empty string
-        return ''
+        return re.sub('\.{}$'.format(domain_name), '', record_name)
+
 
 def display_master_name(data):
     """

From 97a79645b00d1d425f810e1b56b6cb721d81746b Mon Sep 17 00:00:00 2001
From: Dominik Fahr <dom@cc7.at>
Date: Mon, 12 Dec 2022 17:31:32 +0100
Subject: [PATCH 145/475] fix of issue #1261 split record by "." idna.encode
 leads into full stop if the string starts with "_" or "-"

---
 powerdnsadmin/lib/utils.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 9e7cf20cd..9a528ddcf 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -258,18 +258,24 @@ def pretty_domain_name(value):
         raise Exception('Require the Punycode in string format')
 
 def to_idna(value, action):
-    splits = value.split()
+    splits = value.split('.')
     result = []
     if action == 'encode':
         for split in splits:
             try:
                 # Try encoding to idna
-                result.append(idna.encode(split).decode())
+                if not split.startswith('_') and not split.startswith('-'):
+                    result.append(idna.encode(split).decode())
+                else:
+                    result.append(split)
             except idna.IDNAError:
                 result.append(split)
     elif action == 'decode':
         for split in splits:
-            result.append(idna.decode(split))   
+            if not split.startswith('_') and not split.startswith('--'):
+                result.append(idna.decode(split))   
+            else:
+                result.append(split)
     else:
         raise Exception('No valid action received')
-    return ' '.join(result)
+    return '.'.join(result)

From 650ea7660b6e1eb7f9f64c7d32cc54a502815d40 Mon Sep 17 00:00:00 2001
From: Dominik Fahr <dom@cc7.at>
Date: Mon, 12 Dec 2022 19:24:46 +0100
Subject: [PATCH 146/475] updated image docker-compose.yml & deployment.yml
 Docker Hub Repository Moved! #1317

---
 deploy/kubernetes/deployment.yml | 2 +-
 docker-compose.yml               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/deploy/kubernetes/deployment.yml b/deploy/kubernetes/deployment.yml
index 1e5fea5d9..d3e4cfe96 100644
--- a/deploy/kubernetes/deployment.yml
+++ b/deploy/kubernetes/deployment.yml
@@ -18,7 +18,7 @@ spec:
     spec:
       containers:
         - name: powerdnsadmin
-          image: ngoduykhanh/powerdns-admin
+          image: powerdnsadmin/pda-legacy
           ports:
             - containerPort: 80
               protocol: TCP
diff --git a/docker-compose.yml b/docker-compose.yml
index e18d68376..0f569c4d0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3"
 
 services:
   app:
-    image: ngoduykhanh/powerdns-admin:latest
+    image: powerdnsadmin/pda-legacy:latest
     container_name: powerdns_admin
     ports:
       - "9191:80"

From 89d0ab12f55e760917d8225203045d56213bedac Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 22:06:10 -0400
Subject: [PATCH 147/475] Add general arch doc.

---
 docs/wiki/install/Architecture.png | Bin 0 -> 8620 bytes
 docs/wiki/install/General.md       |  15 ++++++++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 docs/wiki/install/Architecture.png

diff --git a/docs/wiki/install/Architecture.png b/docs/wiki/install/Architecture.png
new file mode 100644
index 0000000000000000000000000000000000000000..04440be3d5f06b5a8379657d914d77e491877fcc
GIT binary patch
literal 8620
zcmeHtcTm$$*DoMH1shF75d=aJrG)?q#X<=kLhlGtLI@!VkdV-epoC(fiGYAoEfl3H
zT}2cSkS<*TrGu#Sb~pMw^WOX3zwg|6XPy}*+3fe6v%6<^&-t9smuO>@_OZjfhZz_c
zj_K+kO&J&%<3W3r<skSB_-OPSd@+(twbdDlJNRZ97?{aqO=~jV&kgH|W)PLr_}dbN
zLEVWYvZx$V6b94uM7xlEhy>6C{dl4))(wkx{re0Cg~6m`>3`-hsHmKpoE-R&mz9Rf
zD%$>)cfz0v|1zW?4Fv|otz~6J<<vpT088-o1K)m%a7VcOdC*ex^72Gmp`G=yWKo!w
zf*e9x4o+9m*D*IV5QS-gwkH;c24C7}7aWnU;_Bl>mBtc*I1DNcm!?lq!`+972SQr1
zP`ETyS^*}nBrU6?1fKlYQnX;Q(sI&rpwG<7&B+J*zYRw>fhId){;ts9M~!48?*UiW
z_C``QP*TRWvetiBMnU_Ku)r;Uob>O(>B?k(FZADDS2P9d0%igemD2>yb;UYie4Ow=
z1p6=lnG@YmE<`g|0>V_zNzR3$ZL9-4LN`Ki0!#Q~+8DS{O7^dj09#v>ivo$NsSDhz
zg>-QR9#z-HC{a9ow9PR}WIYdKUvoW*i@Sk^x~+++fxDZBw+~#Ailth*%j0lHSZfq;
zB5=MsRo@IuOx;(@%MXJKaFWCNTI-pE4ik)yD=_WpVQQr5;j4s@BN631<l#_bOM-&G
zA41cNpr%j4t5JXqMoZljhVe2|H#0ZUg%ZgwSc0Oix~)3KMajm3>gA*F>Td3jC3pj?
zHY9g<f{l&>)&&aoL0tnbZ)!xcR-^ASRUT_jbh0$Iby3te_0`ZYHPMro#Tr`}sLNuA
zvKq3+P@=QB4aNwFYHC}%c`5kHq7}X5p<e#Rrp|g;GlaamP5`h81k@?|y58P!ik1RY
zNx|BZN^!!&;5uqlLpcS17jsVwd8!{VK+ng?LQaF^YiI&2x?0J~VqgjwSFE$QIzb+Z
zBFb6n`dc{>Oo?EnI3GVe74D-%mozf=!=VUnS|meTGS-k_rG+3-uy8Xt&d*TMAEOsQ
za@TVs5U^hAzyr?SYTB+iZ4GY&Z&ME_-W=ntfP;HLP4sa}{<0Viyc4jehtp8E)$+1{
z`gvh3b$$HwT@>*CR4UO1t)#2t1Cz7y(Z_kB;eP7w)@Xz&*nTa27pQ_WR?pLvpebiX
zL0Q-upl~o*QyAI_XHK-zb|b-27G!6FF%)5@q>oqBGQ*()EWMEGMza3eN<>Rn7=kQo
zLn08Zv2w0RB?A*<xUsvtixu3}2YAlO3Wc^tm^#5s%>51B=!Xk!V52MNilI=<<g5&A
zv=CnMuHI@mZJZU!MAz5aSCN93r|${S^>K%z;Lb{l?g~oudkA{0ZH!57;J|}l|3347
zE&%xbuK**b={Dbcn}LDvyDn1A+|OY#BanPmbF*RmZH1QN36pS^gVs9ooWfNJ5bL|*
zI@e<unJr&2Ke9(krrcyYgtUDq#-jPH6v8QOlkLv_JpKmq(PL&|mKW@tn(ijo4>KJ*
z^>)H1WL~bp_vfX^+)JsM8No`OJ7%qea@!fx!RtX=9SfHdTiwcR&R88hbf_pN=WTUO
zO;JO`_|2%O_l|GIh1CT!P<9p;$$fo&gCnm<MWv-M$UUcn%wl4V8=P4m#9f1QZ}G%$
z{+hN646JESM|AS?@)qXjH@kH_IGyE?azC%6_GirM>gr%Ax~;INs68z$&2zRpPgE;>
zsrd%Oq`v*d)%`_D*Pzo}@sAz};XFOd=jJ?cSge}j#J73bC<FpA9K$V9SXS24+Scas
z`G^4u!q}X$5omE8*0li>gOp)9E4Q`++FW5P%lPQ^Ybz7)`uqCOmo8lrMO|OgrVn9$
z@x>A)PQdX2P5d3->C@glLP@UdpUAE@HmA+(TD&lYfv-0>aqEWeL3<ksyr)im=txs&
zvn;ZGcf#^|P*HDLcJ`Zqz(5;Mqq~li{oGR7a`jE^I9wGXG)NZ>OI?_md0bIhSzIS(
z)fCfs{huSA&2gtI-Mg}_2XDP-5%PNd56`JdeV?7w@x+mhgr~p-(l(_{-#?}%e$2e*
zRdP?pk#K}Z+7+K0=_0sLjFXC75%rW|ChY@Zy@DQ_{L<^;e3WOel1Qs_eNO3bcJ-4Q
z-O};R=KkuzS!Wzg-QZp8H(3`cv%V6^dM&T>2D}6KSecp}MMl`~bNrNnaGn}-m;b22
zckD{iQ|>0m(o1(}BEt>E)Qe4`U#3{7@f)$vNio-WA*ReU6XNwK#ksS3mBCGpKX=>6
zmZiZ4VhLXRT6KXmo!(33gthqS!ZQulz2Ajy-$>`giL9hp58O6PNsJa5e(wrlT_^U|
zMA49=8uM-fsUNCWVm0w+C#+wdf1$-08tp5Us#AJ(JG5?6NSfP7yDY28QGVA{@|k)k
za&0V-Sf%zQV7_R2tGv(BZg93Bi-5`WcYCpAZLG3MDQwu=s{GZVGK{ESIi@oAILCe$
zF&@+dAMw(_3|m-TRp|fDPaSbWjQQov8gcLXue{?KzOuK%w!VI8?ep9E{oUo^wPB*;
zU4AwDCJjDjiy_G*h7~LECw>k*tQ<<4Q;DN5iZ3WXS`IsK{P`Ke%h$)1XC5{_soz~2
zMm35+lvK(!Ka_;-;<mR28VEygY}4a(kz|8hlwWWBYvtSUbG%9%UH!5(3#GB6q|QsI
ziw>c?zADSLzZTXT_UkVF{-hDUjxIg(gFWhI=9ym^rV}oLJ`l(R?@NW}j^6LMmm)78
zTau~$aeesKT7tgxiwL&MpDRZxb~VfO+n(?FspVNaQ|BnZyR>Uu_<Tcd&K23e>aO1&
zU9O%dzWR2u>SgWz-geD6e8^q+9LscOV6n<;6Pt)g3CEAF?|0Y7mv0~HkM{JS_8203
zF{F`@?M0M$b1W@#y4TD|0Uw+pF;w?EYk#KzUo}d3^bZ$=lQ)16M-#bx5ON;U${_FV
zNEt*EY<2B)1^lPt*P6JDK05?1qC>Zb$4AHmm@C^h=gt;nP||i+?u3>TL3bsX^-xN~
z4q9dHvrERWB-V=?Um_}7#L_=MiaP7Dy;zl%o-pJbE48pOd4~#tuxzI4)DKjR_~_TH
z_S-G?WbKvLO<!8}9(-3^vox1qSpVaO%*)wl_F_Nho|O!}zq03z$yq9ai(Yi%L5g^?
zC9Um7H@I$JF@<CsG6@9#Hc|P}cwn*M%I*_<Sv!2K#VDj3gt1Z8l5BilMa8DROx;xE
zWE!sc#VB=r6s7d-#JbGhug)vu84`O_iAF=GF%P~TcTt{xK(fEe&l9-$Ev4q@_ub{t
z1}VGBj~+POC^0dbmR}%U`$IitSDdT6{2nZc%jjZP^pH&GW*fCITHK}jXRE~3;R6Q_
ztfh7aHRB_SLLx2vXm25%!J1(k`V>B-I`St^zbKz=gyL*&;>hV!+I-%T!&=H#<byjx
zQGCw6zP?LFtk;p+gKq}v*Ax(=xeHTlp&JqDG2OP2rR>R7V*zbRHWzn(yhR~<_p~qn
zj8}-E74L6$hAyGp+M;O}<l*q@{d4iHj@F%QJghPKy~TBFwt;Jdn5z_St*=7IBb3)a
zatQ7v@E?h1k6*!YC{3kRb~k*f_>>VCi0izxUTz>Z2|G{}HPh(FdUJ2J<lRzPhjN=C
z^=iOu9_0<|xtFuhq8D*8oE)riL-!@QUagM>E=o9V#_Y~J?)&VgwerM+i`(oP+i#!r
z)!kNqLPSMjG+Cmxcx-!Yz51yBb*_I+0*TZUJ_wP5@P>&prDb<NtGsh*?Y<pf=-iV6
z&tL5bDvmd;GQrEeP6H>z`=i3)(fm^Ny!85bt7SR7tH1yI$-X-(ONuGc24WCm?aIwS
z75zm=a+hZQfmwxH$uf|`Y(-Tglwo{_Ry1u)JkigWLa{Y8y!C{C)J#3cQ?G<2%7i^0
z`k2%yPGiYpXBLQxKgr>HWu4L=D^ovnveNf>?a5w?-~D~E@A)RjGKWB98YS9B4%pf9
z{;-gLJWlR0B&d#K3o=GjOB52Lks^qqd{1>74HBu$?vquj4ia1v1!{)FbbIi*?Ad4Y
z#Wfw7p?m)4thWqhSj?@g4lTFqE``w|K|qMA6@!HoB^t5B2qZj;)mf=Q#!j*dLYk2G
zncu`UL_6I7%5{B0>j1>mJ~Q4^>SL5*f-2O*mNoKpC|5L?`iX&EnvS=>R%r!PU_yuK
z^<%6kyW7sUSo*3aDM*o1#qk~r>$ePZ<KEm)fIMWp7zYb+$^fG+|AWlkFc2PazQ4~I
z$9ME-8imQJdE8Zi;|LS5dhP^!{DfB=S;FaZQ~bdQ?;dr*j~jN0v>&W$-Xj7yj;^y7
z!otE!+wm<iAw39@t;*a_*+nMh=$6$1M@RQ$9Y>z;8hlvjDTEY#6$;Tb<<4`=^Jke}
zaC0o$<r$t@U8JowcW2siaSL$7L%&sqI8vLwR<Q%6kmVPGo*;dFKFhMUM;9;2!=rwi
zd_BN+@yl94D|hfnK|{lG@N(JP<0>DAhKH|;Wxvf8xiA#HzVcpxI^2SrY<^Z!KeYEV
zrQu~sPsOrjh*-AFWJP#(y?W@@Y{972!j|bJ)Qu=b)R<mo5y*2vY2!K8F*LYo@4)oX
z9gm1(@aK1e7hF)x@G(D^s$((vuYMQ6jgrLO1G%DUs8hW>3%k3!gfk~HRvwX%@_139
z?lrNr=2jk#;KAZ{!3y6NkOMF(3(q6!c7C=!!spL$-M-j#x%aV|Bv{o89j&qqFj}Q!
z!{+z&MG(+l<UB1?Ay-CG`upw)Q^$j=M*XKVmJs}B^G1V7kkX({pQ`rS*2~)qlPDSb
zwa-u$FY9u<GpUI@BkQ5>$BjnZx%gA(@%vGfLXsb?Kre1SRyS-zLacqJf?J=X>!FO0
z$;s^O)gu|hkB;#qW5p%9))p=(laSkv-;hX^#qS|KjFy<J;L2f`118>G+i@{U!2$Ub
z;lbB1ZTZ`NixBHaoBWbDHKem6I#4xdvw%dVOL$z+*B<hSc>91hBMhm-u9Ri%enbnr
zI>zCvn6%cahJ3U6Sz_=GTb)EC1H_aiZ^MC0g`?~GtNdIaGaIGfY28C0+jw?7P+DTK
zud7>q%@*=0<52cHGLo4idfA1S*v1j>w@t+Nzegd-4~k$%GW_m4Ci%~VT`;toRU8)B
z`Esao&@Dancx^W}O2Vp`d}Q7LQzRv_!O!$gG>mp41=DLAn?XY!yT-ThRp@p^N&-%J
zCB=Tc*~d_1aET=!AfMM>d3|qK*h6o4$IM%}LcCW;PAq&E%4Cw1mQrS%D4Ed_?h}M?
zo~JUq9A)!{+G8uAVDFqBOayR4IITJjUlYzwoNt`y&gK%_i@7atdJF=I_tAzn|6o7#
zHreusu<8zX^Z8;cq5oHgl{j<@dIl|?Sq^?om75%5TgZ$IgBKP)e(Ys8VkXFbkP&~S
zX@m3N=9lGE01zuGDr_>w3fhmHZ-G2)zrZ7H?+(Cm%iO8D=wpohSKBu@&rl6pJ^{Gd
z>Ixg|>N3IM@foHE?D>M3l(nq2S!8U>#kZQBogl3C0LwOSB<Kv-5`uJ(9X;xbX;0H^
zO@&^WHf<jpb9h!*XkfiOgR*Bidi*#qK=!p3FEchL^)IBiyH(U}efU5FQ{f&vY^9YJ
z))6NoAwjbH3Z^Rt;5>Bp5NUa5<y|z5kn^hTFPwipl5AOUE3CtEc5cpD%5{iF%BkSE
z7G!hg(Z<f@kpHV*_=+#u*dTv2&AZ>;-oEtsOGgJvLPq9}lMGZTn)#ID#ByItbBZiS
zi?7KO45(DjU&Xq+KTk{JWfpz2m*TR$wPi5ff>SPi@+A6vA<Oo&UPG6lXe;Iuu=-kk
zWUr>wO<ywEno6x&U0)ym@x!Y&z(Kt~zX$v5>C@8cYUOkls&wp(=+yR0O7e>6<xC0J
zpj2bzM9;e?cC9?+W*DtwEUFAli5#j(+MgEt53w+sUrr8$S&)H|1%!KsKMg-FRb*|K
z2?rB<7y~mqhcm;UMlHw(V>6Fg80j`>EV4iYG{%4ck!&9MM-v%&3TOaZL?#*yp?pF8
zk0wO@C=g^13qvp>o6hia3;ogL5IRU7RJAdk0Wxvxb_{(i!7v*8fj^Beh724lTH2cQ
zA=trm|BUsY>Hf#N|2Yi*AFi5#I3yw>qQ9%lX>@e7e|((y_U+rdG2-E5WxR!jg{74h
zhBVz#(c0QdvyHJ~4^!o21<~qzXBKgBaS=`&yNLT6<I<H#Zk*ehw99p%Jn0`8z_i_y
zDyyu7<2*b{^Yl~1vWa9SCU)B8a9NJiyu78&&05cji!1NlI~ggwRUepggEQ&-cQ?Bi
z&Nt{d+TY**Xkd5?80`T|T=a*9!Lp+I`Y~9l!GneO{j4mK4z-`FtE&qO3JzVSM-(Q}
zFG!@BHGqo*<;aAiOlh|zB_v!tBu+2o^03n+!+RSWRVn?2HkBTI7xJG&=JTJN$$wH5
z6LWZeaS{C@cy8k{BO}WR9l_)l*V3Gvoc^I9+iTp?u}8xHIdbxI+-W(_u53+j+0!aQ
z4B_`Vbo%=H-BKiNoJrq5MyJl+uYohQrN~s>IKop3FNGWL9A{+l<I>6NnUyrN8QXze
zl||%L1gy^K3`cu|^#rlzel)<%uPid&D~VUVkem?lh#AB`L3SpZj-Yi;k2r*r-|-qN
zbAk>7hi<mjudPU$$jECl8<P--+v*h6PgUB;>tY7m?BaN!@n#n=E&l@_htqUGo(o<g
zWtH864}Itw^_#p^R9V?yT)*Wp?ERh}zq4%T`Qk?K-mfg``<H~e)&Aul9|kd5c*KZT
z1fA%s942f_6YBuLt^9iPOm*Pnq~zp5I&Hw?;P+^DVWWb3@MqVZkX|~9Q*clweK!c)
zS$RJYFgmn^7;O-S^cX(aR(n{^!Yl?kmlafcX|>nv_IH3D(6G~h_Xxq%)zzVpJ`D|k
zpIQ6eV>B$9V(;9r*-l(A3f)T7H8&p%n3tmG<@|gx>htbb)0rwyXgi>cryke=#Xgar
zpC5I1seYTV-CJ<ELhDY*N~|M!QE#f>oISof06HVZENFZx9LvFxnw?_{cqUShNfBp4
zP<%^j^?1nk;8@`DBC~4VvuACDnnifc?{57?z#Dm`Hf|)eA$=eT+q-t-Tlcu0jqj~h
zp~5;Y{xYZm)Rkd&1)UiI<q>gwvxB;jKE9J5Jfk5{+TU-fGIdu&td;;O4`?(k@;M*~
z>E)x@&0M$zp?=ft+;w_|8@%yWpwf=;>K)n;VBT_<+e*!>>C7vDk>TS~zgjY%bbg^>
ze~<Ex+bRxCxbdp^`Lhqm!;?)GAo~l1W4Yq@cc!nbg|h`UIs~s;%+JmOctU3e{?IPr
zht7J{DJ?vIyO5iRqQe=)Cptw57@RxQ-((nv|Ie0lMb*_qXtnhb(j6)Lm!Ho1PjMjJ
zacTO4?>V&joB-QZ#&rS>Y1nutBUXokKmtV|t<Nv7L>qnn^5r4Ev_%XRndvvdI_wn1
z|Ddk=z3;$P44pQ@SM*t;f<!VMcjv4Yqps{c8V%jwrHuJc4+0i!W=<er=8+iVrQP2>
zyR|QG+R}8o;=2Wz1@CHKvqd8JeFh#rF;F+N-0ZR095c>;SaGx{v=-D{;P}<NVhjZ5
zvTSXQg6LbVTMjM}1f@_>_<mlBgHPxl;N^S|RK^_K0#OEIR!<XmNnKE`5Rx4NrQ6jr
zwp0@_2;*HSp?WrdX<wfiJzo;CDv^>g61ZH~-`(vDh`E~is8&#J5|fjYDIH4FFB>E#
ztHH>N_1jAl0bUS@rnX)LdsrixrnC2Eiyou0g4bT)ieEJw{sM%>*6wYUC9ea|_v|9d
z=bpNU4XE#a`gGS$r!%<)7QeR_G7Q|a7`nfmRktw_TY2p@lNlvj&7#Mkl`~0bD)z$>
znOf+qFK4{AKyYv6ct{|19^mEe?v(ne(%4w(>JO}OF-=BhwsSe2iHbWj+E+?}sd1Ei
zhvMW>dOC<Y8{lrxE8kb~?VjDxTed6qzd?MCxt(+n1khRb_~`zNKI<6<$nvw<zR`5*
zXE%2L>9gX1_t&dVzOMLC{5lX1@!8v)9tNx-2BDevaT1(qs+sP5Nke^x*Be$qT@Kgj
zBm2o2NTf|tq^{<XwNkT1k9IAbOtn_*7M-Kzir@J;(6HBMXfp~{iV_rc_%+?hcJUNP
zd?N?x085g5I5xF|*T}DyCSLQY;k!b{FK`eC%Q`R5_p4?GE-9rbO~vF#iyW>3*D)88
z{Y36+fusgbLP0@+(28AK7$kfeFi(w~`|*~Iij$<%vR46#N%<0fsCY%0HIjLuRidPv
zPEtjO<qs*Vs9Ze>sY$xwK8l2k_bC4SAiM}h^Tpq}eOsBa8&bO!2-xJBJr7=kdCAsN
zuyHT54+%p|$+_|Xk0XV+S`4Y!v<n%iVYNg2Q~k%~i*hu*>e}<(&F*Al&l_^j8WxV=
z8YdgLx~>&UYQ1^r%fc;nZC>j9ZoZ~38pg?dYzB~DcDAuRG87y%@hY{~MEeyksr>_d
z&<`+SY59%EFK=9{TFbVI^L4B!@nzffZ#`dd-{HcifDc{T0*g(inuBeIh|#IBnISqI
zRR#U_?VBbW3Yj~jgJox8XR$>J^6`UYL=FlUW!Hg(tLB#_uv{n(R!2_EDJ|Soy$Fhr
zl^=;!$^R}J{sB1eaM+1yefD_8K(=8a_F$m>JGdNm5(1fzyweJfwJp$LW#d4Kd_A5Y
z$j*|=0O2e>aJ~K#gj3#WC`uIzk|F0(=>LSrs$k<VRz<dGWsL_3l1$3YRp3>RWr;&Z
z;q9(7Ao0VP>DBX~sQ$gr50pp{mlHQnL^b~W);4PM1C-G3uy-x#l~kPY-T$hb|3STB
zk+go^==SlxQ|w78J?qYy<IIBW+)Pix!^0N}ZOY=#7d?KNt4Nv3F9k1^!0WV9#arEn
zLG2d4lBxqwZ|}&uGOnei1zwdMQ)Lx`0uU!5AyGz0X}Q|u0|2E#!jq85o9&sGhUezz
zr4n0^T`12qrto*MJa$%AJUAh<Yt4CoqW*seb7TEKCr^7w89FKaAMeyODx%Ug7?@hl
zLB$}iiak7@)zyv4^LKyxbPe1n7QM(x)i+&#AtR|L-q6s{z)AD7<Nbr-xg35ew8sFR
z{x^K8J5P1qN<<YDJ$>3bH#g_GH1bL^`&@GwnVD%t@W(!bcPK3L>yx5d@b4E4x|%3t
JvHG>^{|lzj-_!sA

literal 0
HcmV?d00001

diff --git a/docs/wiki/install/General.md b/docs/wiki/install/General.md
index 28184e12a..a4bbcbca3 100644
--- a/docs/wiki/install/General.md
+++ b/docs/wiki/install/General.md
@@ -1,6 +1,18 @@
 # General installation 
 
-## Requirements:
+## PowerDNS-Admin Architecture
+
+![PowerDNS-Admin Component Layout](Architecture.png)
+
+A PowerDNS-Admin installation includes four main components:
+- PowerDNS-Admin Database
+- PowerDNS-Admin Application Server
+- PowerDNS-Admin Frontend Web server
+- PowerDNS server that 
+
+All 3 components can be installed on one server or if your installation is large enough or for security reasons can be split across multiple servers.
+
+## Requirements for PowerDNS-Admin:
 - A linux based system. Others (Arch-based for example) may work but are currently not tested.
   - Ubuntu versions tested:
     - To fill in
@@ -16,3 +28,4 @@
 - A database for PowerDNS-Admin, if you are using a database for PowerDNS itself this must be separate to that database. The currently supported databases are:
   - MySQL
   - PostgreSQL
+- A PowerDNS server that PowerDNS-Admin will manage.

From 6f450457ef6ba98369f139a24971e4d89ef2ad8b Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 22:06:44 -0400
Subject: [PATCH 148/475] Update env docs from legal_envvars

---
 .../configuration/Environment-variables.md    | 56 ++++++++++++++++++-
 1 file changed, 54 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index 7b835e2ae..3ee84c493 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -2,8 +2,60 @@
 
 | Variable | Description | Required | Default value |
 | ---------| ----------- | -------- | ------------- |
-| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
+| BIND_ADDRESS | 
+| CSRF_COOKIE_SECURE | 
+| FILESYSTEM_SESSIONS_ENABLED | 
+| LDAP_ENABLED | 
+| LOCAL_DB_ENABLED | 
+| LOG_LEVEL | 
+| MAIL_DEBUG |
+| MAIL_DEFAULT_SENDER | 
+| MAIL_PASSWORD | 
+| MAIL_PORT | 
+| MAIL_SERVER | 
+| MAIL_USERNAME | 
+| MAIL_USE_SSL | 
+| MAIL_USE_TLS | 
+| OFFLINE_MODE | 
+| OIDC_OAUTH_API_URL |  |  |  |
+| OIDC_OAUTH_AUTHORIZE_URL |
+| OIDC_OAUTH_TOKEN_URL |  |  |  |
+| PORT | 
+| REMOTE_USER_COOKIES |
+| REMOTE_USER_LOGOUT_URL |
+| SALT |
+| SAML_ASSERTION_ENCRYPTED |
+| SAML_ATTRIBUTE_ACCOUNT | 
+| SAML_ATTRIBUTE_ADMIN | 
+| SAML_ATTRIBUTE_EMAIL | 
+| SAML_ATTRIBUTE_GIVENNAME | 
+| SAML_ATTRIBUTE_GROUP | 
+| SAML_ATTRIBUTE_NAME | 
+| SAML_ATTRIBUTE_SURNAME | 
+| SAML_ATTRIBUTE_USERNAME | 
+| SAML_CERT | 
+| SAML_DEBUG | 
+| SAML_ENABLED | 
+| SAML_GROUP_ADMIN_NAME | 
+| SAML_GROUP_TO_ACCOUNT_MAPPING | 
+| SAML_IDP_SSO_BINDING | 
+| SAML_IDP_ENTITY_ID | 
+| SAML_KEY | 
+| SAML_LOGOUT | 
+| SAML_LOGOUT_URL | 
+| SAML_METADATA_CACHE_LIFETIME | 
+| SAML_METADATA_URL | 
+| SAML_NAMEID_FORMAT | 
+| SAML_PATH | 
+| SAML_SIGN_REQUEST | 
+| SAML_SP_CONTACT_MAIL | 
+| SAML_SP_CONTACT_NAME | 
+| SAML_SP_ENTITY_ID | 
+| SAML_WANT_MESSAGE_SIGNED | 
 | SECRET_KEY   | Flask secret key [^1] | Y | no default |
-
+| SESSION_COOKIE_SECURE | 
+| SIGNUP_ENABLED | 
+| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
+| SQLALCHEMY_TRACK_MODIFICATIONS | 
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)

From cc63d069f68c3e79ca4a6b6bf2e9313b45443aa4 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 22:41:41 -0400
Subject: [PATCH 149/475] Fill in MySQL server installation directions.

---
 .../database-setup/Setup-MySQL-or-MariaDB.md  | 28 ++++++++++++-------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index 00586a561..aaa4eaac9 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -2,28 +2,35 @@
 
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
-We assume the database is installed per your platform's directions (apt, yum, etc).
+Directions to do this can be found below:
+- MariaDB:
+    - https://mariadb.com/kb/en/getting-installing-and-upgrading-mariadb/
+    - https://www.digitalocean.com/community/tutorials/how-to-install-mariadb-on-ubuntu-20-04
+- MySQL:
+    - https://dev.mysql.com/downloads/mysql/
+    - https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04
+
+We assume the database is installed per your platform's directions (apt, yum, etc). The following directions assume a default configuration and for productions setups `mysql_secure_installation` has been run.
 
 ## Setup database:
 
-Connect to the database (Usually using `mysql -u root -p` - then enter your MySQL/MariaDB root users password if applicable), then enter the following:
+Connect to the database (Usually using `mysql -u root -p` if a password has been set on the root database user or `sudo mysql` if not), then enter the following:
 ```
 CREATE DATABASE `powerdnsadmin` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
 GRANT ALL PRIVILEGES ON `powerdnsadmin`.* TO 'pdnsadminuser'@'localhost' IDENTIFIED BY 'YOUR_PASSWORD_HERE';
 FLUSH PRIVILEGES;
-quit
 ```
 - If your database server is located on a different machine then change 'localhost' to '%'
 - Replace YOUR_PASSWORD_HERE with a secure password.
 
+Once there are no errors you can type `quit` in the mysql shell to exit from it.
+
 ## Install required packages:
 ### Red-hat based systems:
 ```
 yum install MariaDB-shared mariadb-devel mysql-community-devel
 ```
 
-If you use MariaDB ( from [MariaDB repositories](https://mariadb.com/resources/blog/installing-mariadb-10-on-centos-7-rhel-7/) )
-
 ### Debian based systems:
 ```
 apt install libmysqlclient-dev
@@ -34,7 +41,6 @@ apt install libmysqlclient-dev
 pip3 install mysqlclient==2.0.1
 ```
 
-
 ## Known issues:
 
 Problem: If you plan to manage large zones, you may encounter some issues while applying changes. This is due to PowerDNS-Admin trying to insert the entire modified zone into the column history.detail.
@@ -42,7 +48,9 @@ Problem: If you plan to manage large zones, you may encounter some issues while
 Using MySQL/MariaDB, this column is created by default as TEXT and thus limited to 65,535 characters.
 
 Solution: Convert the column to MEDIUMTEXT:
-```
-USE powerdnsadmin;
-ALTER TABLE history MODIFY detail MEDIUMTEXT;
-```
+1. Connect to the database shell as described in the setup database section:
+2. Execute the following commands:
+    ```
+    USE powerdnsadmin;
+    ALTER TABLE history MODIFY detail MEDIUMTEXT;
+    ```

From 94ce26eaad94ce86faf03f6a350332a50138461b Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 22:49:51 -0400
Subject: [PATCH 150/475] Minor cleanup of MySQL docs.

---
 docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
index aaa4eaac9..5242b69c3 100644
--- a/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
+++ b/docs/wiki/database-setup/Setup-MySQL-or-MariaDB.md
@@ -2,7 +2,7 @@
 
 This guide will show you how to prepare a MySQL or MariaDB database for PowerDNS-Admin.
 
-Directions to do this can be found below:
+We assume the database is installed per your platform's directions (apt, yum, etc). Directions to do this can be found below:
 - MariaDB:
     - https://mariadb.com/kb/en/getting-installing-and-upgrading-mariadb/
     - https://www.digitalocean.com/community/tutorials/how-to-install-mariadb-on-ubuntu-20-04
@@ -10,7 +10,7 @@ Directions to do this can be found below:
     - https://dev.mysql.com/downloads/mysql/
     - https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04
 
-We assume the database is installed per your platform's directions (apt, yum, etc). The following directions assume a default configuration and for productions setups `mysql_secure_installation` has been run.
+The following directions assume a default configuration and for productions setups `mysql_secure_installation` has been run.
 
 ## Setup database:
 

From dcbc4c3f7e47702e01d2a758a163aa2187e8340d Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 22:50:26 -0400
Subject: [PATCH 151/475] Add PostgreSQL install documentation.

---
 docs/wiki/database-setup/Setup-PostgreSQL.md | 38 ++++++++++++--------
 1 file changed, 23 insertions(+), 15 deletions(-)

diff --git a/docs/wiki/database-setup/Setup-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
index 74af46f96..a6e33644e 100644
--- a/docs/wiki/database-setup/Setup-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -1,8 +1,15 @@
 # Setup Postgres database for PowerDNS-Admin
 
-We assume you already have a postgres database software installed for your platform.
+This guide will show you how to prepare a PostgreSQL database for PowerDNS-Admin.
 
-### Create database
+We assume the database is installed per your platform's directions (apt, yum, etc). Directions to do this can be found below:
+
+- https://www.postgresql.org/download/
+- https://www.digitalocean.com/community/tutorials/how-to-install-postgresql-on-ubuntu-22-04-quickstart
+
+We assume a default configuration and only the postgres user existing.
+
+## Setup database
 The below will create a database called powerdnsadmindb and a user of powerdnsadmin.
 
 ```
@@ -42,19 +49,6 @@ On debian based systems these files are located in:
 /etc/postgresql/<version>/main/
 ```
 
-## Docker
-TODO: Setup a local Docker postgres database ready to go (should probably move to the top).
-```
-docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0 
--e SECRET_KEY='a-very-secret-key' 
--e PORT='9191' 
--e SQLA_DB_USER='powerdns_admin_user' 
--e SQLA_DB_PASSWORD='exceptionallysecure' 
--e SQLA_DB_HOST='192.168.0.100' 
--e SQLA_DB_NAME='powerdns_admin_test' 
--v /data/node_modules:/var/www/powerdns-admin/node_modules -d -p 9191:9191 ixpict/powerdns-admin-pgsql:latest
-```
-
 ## Install required packages:
 ### Red-hat based systems:
 ```
@@ -74,3 +68,17 @@ pip3 install psycopg2
 ## Known Issues:
 
 ** To fill in **
+
+
+## Docker (TODO: to move to docker docs)
+TODO: Setup a local Docker postgres database ready to go (should probably move to the top).
+```
+docker run --name pdnsadmin-test -e BIND_ADDRESS=0.0.0.0 
+-e SECRET_KEY='a-very-secret-key' 
+-e PORT='9191' 
+-e SQLA_DB_USER='powerdns_admin_user' 
+-e SQLA_DB_PASSWORD='exceptionallysecure' 
+-e SQLA_DB_HOST='192.168.0.100' 
+-e SQLA_DB_NAME='powerdns_admin_test' 
+-v /data/node_modules:/var/www/powerdns-admin/node_modules -d -p 9191:9191 ixpict/powerdns-admin-pgsql:latest
+```

From b0159beaec2d5c764e64736542228aff966f1389 Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Mon, 12 Dec 2022 23:12:03 -0400
Subject: [PATCH 152/475] Add SQLite as a supported database.

---
 docs/wiki/install/General.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/wiki/install/General.md b/docs/wiki/install/General.md
index a4bbcbca3..f0823c851 100644
--- a/docs/wiki/install/General.md
+++ b/docs/wiki/install/General.md
@@ -28,4 +28,5 @@ All 3 components can be installed on one server or if your installation is large
 - A database for PowerDNS-Admin, if you are using a database for PowerDNS itself this must be separate to that database. The currently supported databases are:
   - MySQL
   - PostgreSQL
+  - SQLite
 - A PowerDNS server that PowerDNS-Admin will manage.

From 4d529ec1d6fb1dbe99105f668d960eec5fd53b1f Mon Sep 17 00:00:00 2001
From: David Mc Ken <david.mcken@gmail.com>
Date: Tue, 13 Dec 2022 02:29:05 -0400
Subject: [PATCH 153/475] Linted the main menu.

---
 docs/wiki/README.md | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 8a002bd55..62f1bf102 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -1,10 +1,12 @@
-# Welcome to the PowerDNS-Admin wiki!
+# PowerDNS-Admin wiki
+
+## Database Setup guides
 
-## Database Setup guides:
 - [MySQL / MariaDB](database-setup/Setup-MySQL-or-MariaDB.md)
 - [PostgreSQL](database-setup/Setup-PostgreSQL.md)
 
-## Installation guides:
+## Installation guides
+
 - [General (Read this first)](install/General.md)
   - BSD:
     - [Install on FreeBSD 12.1-RELEASE](install/Running-on-FreeBSD.md)
@@ -17,16 +19,15 @@
     - [Install on Fedora 23](install/Running-PowerDNS-Admin-on-Fedora-23.md)
     - [Install on Fedora 30](install/Running-PowerDNS-Admin-on-Fedora-30.md)
 
+### Post install Setup
 
-
-
-### Post install Setup:
 - [Environment Variables](configuration/Environment-variables.md)
 - [Getting started](configuration/Getting-started.md)
 - SystemD:
   - [Running PowerDNS-Admin as a service using Systemd](install/Running-PowerDNS-Admin-as-a-service-(Systemd).md)
 
-### Web Server configuration:
+### Web Server configuration
+
 - [Supervisord](web-server/Supervisord-example.md)
 - [Systemd](web-server/Systemd-example.md)
 - [Systemd + Gunicorn + Nginx](web-server/Running-PowerDNS-Admin-with-Systemd-Gunicorn-and-Nginx.md)
@@ -34,10 +35,12 @@
 - [uWSGI](web-server/uWSGI-example.md)
 - [WSGI-Apache](web-server/WSGI-Apache-example.md)
 
-## Using PowerDNS-Admin:
+## Using PowerDNS-Admin
+
 - Setting up a domain
 - Adding a record
 - <whatever else>
 
 ## Feature usage
+
 - [DynDNS2](features/DynDNS2.md)
\ No newline at end of file

From d0290ac4696a25cdf5651a92430ebc3280c797eb Mon Sep 17 00:00:00 2001
From: Sshafi <sshafi@sshafi.net>
Date: Tue, 13 Dec 2022 09:10:21 +0100
Subject: [PATCH 154/475] Update login.html

Use SITE_NAME for login box title on login page.
This can be useful when using multiple powerdns admin in an organization.
---
 powerdnsadmin/templates/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 45afd7f73..51245024c 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -26,7 +26,7 @@
 <body class="hold-transition login-page">
   <div class="login-box">
     <div class="login-logo">
-      <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
+      <a href="{{ url_for('index.index') }}"><b>{{ SITE_NAME }}</b></a>
     </div>
     <!-- /.login-logo -->
     <div class="login-box-body">

From ff671ebabefeb40d975c8df93313ad38afe2f14d Mon Sep 17 00:00:00 2001
From: Aaron Carson <aaron@aaroncarson.co.uk>
Date: Wed, 14 Dec 2022 00:34:12 +0000
Subject: [PATCH 155/475] Fix 1329

---
 powerdnsadmin/models/user.py | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 66669b7d2..a1155c35c 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -108,8 +108,9 @@ def get_hashed_password(self, plain_text_password=None):
     def check_password(self, hashed_password):
         # Check hashed password. Using bcrypt, the salt is saved into the hash itself
         if hasattr(self, "plain_text_password"):
-            return bcrypt.checkpw(self.plain_text_password.encode('utf-8'),
-                                  hashed_password.encode('utf-8'))
+            if self.plain_text_password != None:
+                return bcrypt.checkpw(self.plain_text_password.encode('utf-8'),
+                                     hashed_password.encode('utf-8'))
         return False
 
     def get_user_info_by_id(self):
@@ -422,8 +423,12 @@ def create_local_user(self):
             self.role_id = Role.query.filter_by(
                 name='Administrator').first().id
 
-        self.password = self.get_hashed_password(
-            self.plain_text_password) if hasattr(self, "plain_text_password") else '*'
+        if hasattr(self, "plain_text_password"):
+            if self.plain_text_password != None:
+                self.password = self.get_hashed_password(
+                    self.plain_text_password)
+        else:
+            self.password = '*'
 
         if self.password and self.password != '*':
             self.password = self.password.decode("utf-8")
@@ -460,8 +465,9 @@ def update_local_user(self):
 
         # store new password hash (only if changed)
         if hasattr(self, "plain_text_password"):
-            user.password = self.get_hashed_password(
-                self.plain_text_password).decode("utf-8")
+            if self.plain_text_password != None:
+                user.password = self.get_hashed_password(
+                    self.plain_text_password).decode("utf-8")
 
         db.session.commit()
         return {'status': True, 'msg': 'User updated successfully'}
@@ -476,9 +482,11 @@ def update_profile(self, enable_otp=None):
 
         user.firstname = self.firstname if self.firstname else user.firstname
         user.lastname = self.lastname if self.lastname else user.lastname
-        user.password = self.get_hashed_password(
-            self.plain_text_password).decode(
-                "utf-8") if hasattr(self, "plain_text_password") else user.password
+
+        if hasattr(self, "plain_text_password"):
+            if self.plain_text_password != None:
+                user.password = self.get_hashed_password(
+                 self.plain_text_password).decode("utf-8")
 
         if self.email:
             # Can not update to a new email that

From f6c49c379d77989d52f1f9ae9a4b3ffa4f0b02a9 Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Thu, 15 Dec 2022 06:13:27 +0800
Subject: [PATCH 156/475] Update index.py

---
 powerdnsadmin/routes/index.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 3a6f55cf9..3630f660c 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -134,7 +134,9 @@ def oidc_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('oidc_authorized', _external=True)
+        redirect_uri = url_for('oidc_authorized',
+                                **_external=True,
+                                _scheme='https')**
         return oidc.authorize_redirect(redirect_uri)
 
 

From 89f3d4d01ac316530ff8705995e4a9d504513142 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 14 Dec 2022 20:37:30 -0500
Subject: [PATCH 157/475] Revert "enhancement(routes/index.py): OIDC supports
 HTTP Scheme now"

---
 powerdnsadmin/routes/index.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 3630f660c..3a6f55cf9 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -134,9 +134,7 @@ def oidc_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('oidc_authorized',
-                                **_external=True,
-                                _scheme='https')**
+        redirect_uri = url_for('oidc_authorized', _external=True)
         return oidc.authorize_redirect(redirect_uri)
 
 

From 644be6549562a4af8d8da72c10d2279a11e451ee Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Thu, 15 Dec 2022 12:53:53 +0800
Subject: [PATCH 158/475] Create setup_linux.sh

---
 deploy/auto-setup/setup_linux.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 deploy/auto-setup/setup_linux.sh

diff --git a/deploy/auto-setup/setup_linux.sh b/deploy/auto-setup/setup_linux.sh
new file mode 100644
index 000000000..19cda5893
--- /dev/null
+++ b/deploy/auto-setup/setup_linux.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Create a new group for PowerDNS-Admin
+groupadd powerdnsadmin
+
+# Create a user for PowerDNS-Admin
+useradd --system -g powerdnsadmin powerdnsadmin
+
+# Make the new user and group the owners of the PowerDNS-Admin files
+chown -R powerdnsadmin:powerdnsadmin /opt/web/powerdns-admin
+
+# Start the PowerDNS-Admin service
+systemctl start powerdns-admin
+
+# Enable the PowerDNS-Admin service to start automatically at boot
+systemctl enable powerdns-admin

From 3aa6d1f25892e8ea01db82f6e2537c76d1833805 Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Thu, 15 Dec 2022 12:54:31 +0800
Subject: [PATCH 159/475] Create setup_win.bat

---
 deploy/auto-setup/setup_win.bat | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 deploy/auto-setup/setup_win.bat

diff --git a/deploy/auto-setup/setup_win.bat b/deploy/auto-setup/setup_win.bat
new file mode 100644
index 000000000..a5ee9fd56
--- /dev/null
+++ b/deploy/auto-setup/setup_win.bat
@@ -0,0 +1,16 @@
+@echo off
+
+rem Create a new group for PowerDNS-Admin
+net localgroup powerdnsadmin /add
+
+rem Create a user for PowerDNS-Admin
+net user powerdnsadmin /add /passwordchg:no /homedir:nul /active:yes /expires:never /passwordreq:no /s
+
+rem Make the new user and group the owners of the PowerDNS-Admin files
+icacls "C:\path\to\powerdns-admin" /setowner "powerdnsadmin"
+
+rem Start the PowerDNS-Admin service
+net start powerdns-admin
+
+rem Enable the PowerDNS-Admin service to start automatically at boot
+sc config powerdns-admin start= auto

From 44cf98a159b27278d3e59db41a81dc0b56b35615 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 19 May 2022 00:52:59 +0200
Subject: [PATCH 160/475] Fix test docker

The Dockerfile did not work as is, because the dependencies in
requirements.txt are newer than the stretch-image with its python v3.5
can support/run. Use stable debian with the lts nodejs instead, plus
had to add some libs to make the wheel build succeed.
jsonschema v4 breaks things, so its version needs to be pinned until
bravado is fixed [0].

[0] https://github.com/Yelp/bravado-core/pull/385/files#r731674447
---
 docker-test/Dockerfile | 6 +++---
 requirements.txt       | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/docker-test/Dockerfile b/docker-test/Dockerfile
index 577e12004..e5f4d4ede 100644
--- a/docker-test/Dockerfile
+++ b/docker-test/Dockerfile
@@ -1,11 +1,11 @@
-FROM debian:stretch-slim
+FROM debian:stable-slim
 LABEL maintainer="k@ndk.name"
 
 ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8
 
 RUN apt-get update -y \
-    && apt-get install -y --no-install-recommends apt-transport-https locales locales-all python3-pip python3-setuptools python3-dev curl libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev build-essential libmariadb-dev-compat \
-    && curl -sL https://deb.nodesource.com/setup_10.x | bash - \
+    && apt-get install -y --no-install-recommends apt-transport-https locales locales-all python3-pip python3-setuptools python3-dev curl libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev libxmlsec1-openssl pkg-config build-essential libmariadb-dev-compat \
+    && curl -sL https://deb.nodesource.com/setup_lts.x | bash - \
     && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
     && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \
     && apt-get update -y \
diff --git a/requirements.txt b/requirements.txt
index 1fc2864b5..64151164f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -20,6 +20,7 @@ rjsmin==1.2.0
 Authlib==0.15
 Flask-SeaSurf==1.1.1
 bravado-core==5.17.0
+jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
 pytest==6.1.1
 pytimeparse==1.1.8

From b9eb593acd58455ca0d6552182b97cf25ca00e31 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 19 May 2022 00:53:05 +0200
Subject: [PATCH 161/475] Fix tests

Increased the version of pytest to make it work with py 3.10 [0].
The GET calls no longer return list but the object itself, fixed the
tests and assertions to account for that. The tests did not account for
the later added `allow_user_remove_domain` setting. And there were
issues with missing and non-stopped patchers/mocks.

Now all tests are at least passing.

[0] https://github.com/pytest-dev/pytest/pull/8540
---
 requirements.txt                              |  2 +-
 tests/fixtures.py                             |  4 +++
 .../integration/api/apikey/test_admin_user.py |  4 +--
 tests/integration/api/management/__init__.py  | 14 +++++---
 .../api/management/test_admin_user.py         | 17 ++++++----
 tests/integration/api/management/test_user.py | 16 +++++----
 tests/unit/zone/test_admin_apikey.py          | 30 ++++++++++++++++
 tests/unit/zone/test_admin_user.py            | 26 ++++++++++++++
 tests/unit/zone/test_user.py                  | 26 ++++++++++++++
 tests/unit/zone/test_user_apikey.py           | 34 +++++++++++++++++++
 10 files changed, 153 insertions(+), 20 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 64151164f..6ecea273a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -22,7 +22,7 @@ Flask-SeaSurf==1.1.1
 bravado-core==5.17.0
 jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
-pytest==6.1.1
+pytest==6.2.5
 pytimeparse==1.1.8
 PyYAML==5.4
 Flask-SSLify==0.1.5
diff --git a/tests/fixtures.py b/tests/fixtures.py
index 39b6a7089..3662916b7 100644
--- a/tests/fixtures.py
+++ b/tests/fixtures.py
@@ -36,6 +36,8 @@ def load_data(setting_name, *args, **kwargs):
         return 10
     if setting_name == 'allow_user_create_domain':
         return True
+    if setting_name == 'allow_user_remove_domain':
+        return True
 
 
 @pytest.fixture
@@ -131,6 +133,7 @@ def initial_apikey_data():
     api_url_setting = Setting('pdns_api_url', pdns_api_url)
     api_key_setting = Setting('pdns_api_key', os.environ['PDNS_API_KEY'])
     allow_create_domain_setting = Setting('allow_user_create_domain', True)
+    allow_remove_domain_setting = Setting('allow_user_remove_domain', True)
 
     try:
         flask_migrate.upgrade()
@@ -138,6 +141,7 @@ def initial_apikey_data():
         db.session.add(api_url_setting)
         db.session.add(api_key_setting)
         db.session.add(allow_create_domain_setting)
+        db.session.add(allow_remove_domain_setting)
 
         test_user_apikey = app.config.get('TEST_USER_APIKEY')
         test_admin_apikey = app.config.get('TEST_ADMIN_APIKEY')
diff --git a/tests/integration/api/apikey/test_admin_user.py b/tests/integration/api/apikey/test_admin_user.py
index d8d8f29c2..c367fe15f 100644
--- a/tests/integration/api/apikey/test_admin_user.py
+++ b/tests/integration/api/apikey/test_admin_user.py
@@ -39,7 +39,7 @@ def test_create_apikey(self, client, initial_data, apikey_data, zone_data,
         assert res.status_code == 201
 
         apikey_url_format = "/api/v1/pdnsadmin/apikeys/{0}"
-        apikey_url = apikey_url_format.format(data[0]['id'])
+        apikey_url = apikey_url_format.format(data['id'])
 
         res = client.delete(apikey_url, headers=basic_auth_admin_headers)
 
@@ -123,7 +123,7 @@ def test_delete_apikey(self, client, initial_data, apikey_data, zone_data,
         assert res.status_code == 201
 
         apikey_url_format = "/api/v1/pdnsadmin/apikeys/{0}"
-        apikey_url = apikey_url_format.format(data[0]['id'])
+        apikey_url = apikey_url_format.format(data['id'])
         res = client.delete(apikey_url, headers=basic_auth_admin_headers)
 
         assert res.status_code == 204
diff --git a/tests/integration/api/management/__init__.py b/tests/integration/api/management/__init__.py
index b546f4626..af748be34 100644
--- a/tests/integration/api/management/__init__.py
+++ b/tests/integration/api/management/__init__.py
@@ -14,8 +14,10 @@ def get_account(self, account_name, status_code=200):
             assert res.status_code == status_code
         if res.status_code == 200:
             data = res.get_json(force=True)
-            assert len(data) == 1
-            return data[0]
+            assert isinstance(data, dict)
+            assert len(data) == 7
+            assert data.get('id', None)
+            return data
         return None
 
     def check_account(self, cmpdata, data=None):
@@ -37,8 +39,10 @@ def get_user(self, username, status_code=200):
         assert res.status_code == status_code
         if status_code == 200:
             data = res.get_json(force=True)
-            assert len(data) == 1
-            return data[0]
+            assert isinstance(data, dict)
+            assert len(data) == 7
+            assert data.get('id', None)
+            return data
         return None
 
     def check_user(self, cmpdata, data=None):
@@ -50,5 +54,5 @@ def check_user(self, cmpdata, data=None):
             elif key == 'role':
                 assert data[key]['name'] == cmpdata['role_name']
             else:
-                assert key in ("id",)
+                assert key in ("id","accounts",)
         return data
diff --git a/tests/integration/api/management/test_admin_user.py b/tests/integration/api/management/test_admin_user.py
index 3df038448..eae61f8b9 100644
--- a/tests/integration/api/management/test_admin_user.py
+++ b/tests/integration/api/management/test_admin_user.py
@@ -89,8 +89,9 @@ def test_accounts(
         )
         data = res.get_json(force=True)
         assert res.status_code == 200
-        assert len(data) == 1
-        data = data[0]
+        assert isinstance(data, dict)
+        assert len(data) == 7
+        assert data.get('id', None)
         account_id = data["id"]
         for key, value in account_data.items():
             assert data[key] == value
@@ -142,10 +143,12 @@ def test_users(
         )
         data = res.get_json(force=True)
         assert res.status_code == 201
-        assert len(data) == 1
+        assert isinstance(data, dict)
+        assert len(data) == 6
+        assert data.get('id', None)
 
         # Check user
-        user1 = self.check_user(user1_data, data[0])
+        user1 = self.check_user(user1_data, data)
         user1_id = user1["id"]
 
         updated = user1_data.copy()
@@ -240,10 +243,12 @@ def test_account_users(
         )
         data = res.get_json(force=True)
         assert res.status_code == 201
-        assert len(data) == 1
+        assert isinstance(data, dict)
+        assert len(data) == 6
+        assert data.get('id', None)
 
         # Check user
-        user1 = self.check_user(user1_data, data[0])
+        user1 = self.check_user(user1_data, data)
         user1_id = user1["id"]
 
         # Assert test account has no users
diff --git a/tests/integration/api/management/test_user.py b/tests/integration/api/management/test_user.py
index b56652e83..31bf69fea 100644
--- a/tests/integration/api/management/test_user.py
+++ b/tests/integration/api/management/test_user.py
@@ -33,8 +33,8 @@ def test_self_get(
                          headers=basic_auth_user_headers)
         data = res.get_json(force=True)
         assert res.status_code == 200
-        assert len(data) == 1, data
-        self.user = data
+        assert data
+        self.user = [data]
 
     def test_accounts(
             self, client, initial_data,                          # noqa: F811
@@ -118,10 +118,12 @@ def test_users(
         )
         data = res.get_json(force=True)
         assert res.status_code == 201
-        assert len(data) == 1
+        assert isinstance(data, dict)
+        assert len(data) == 6
+        assert data.get('id', None)
 
         # Check user
-        user1 = self.check_user(user1_data, data[0])
+        user1 = self.check_user(user1_data, data)
         user1_id = user1["id"]
 
         # Update to defaults (should fail)
@@ -181,10 +183,12 @@ def test_account_users(
         )
         data = res.get_json(force=True)
         assert res.status_code == 201
-        assert len(data) == 1
+        assert isinstance(data, dict)
+        assert len(data) == 6
+        assert data.get('id', None)
 
         # Check user
-        user1 = self.check_user(user1_data, data[0])
+        user1 = self.check_user(user1_data, data)
         user1_id = user1["id"]
 
         # Assert test account has no users
diff --git a/tests/unit/zone/test_admin_apikey.py b/tests/unit/zone/test_admin_apikey.py
index 6f3a9c333..fed256110 100644
--- a/tests/unit/zone/test_admin_apikey.py
+++ b/tests/unit/zone/test_admin_apikey.py
@@ -27,6 +27,9 @@ def common_data_mock(self):
         self.github_setting_patcher = patch(
             'powerdnsadmin.services.github.Setting',
             spec=powerdnsadmin.models.setting.Setting)
+        self.azure_setting_patcher = patch(
+            'powerdnsadmin.services.azure.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -54,6 +57,9 @@ def common_data_mock(self):
         self.mock_setting_patcher = patch(
             'powerdnsadmin.routes.api.Setting',
             spec=powerdnsadmin.models.setting.Setting)
+        self.mock_decorators_setting_patcher = patch(
+            'powerdnsadmin.decorators.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
 
         data = admin_apikey_data()
         api_key = ApiKey(desc=data['description'],
@@ -63,6 +69,7 @@ def common_data_mock(self):
 
         self.mock_google_setting = self.google_setting_patcher.start()
         self.mock_github_setting = self.github_setting_patcher.start()
+        self.mock_azure_setting = self.azure_setting_patcher.start()
         self.mock_oidc_setting = self.oidc_setting_patcher.start()
         self.mock_helpers_setting = self.helpers_setting_patcher.start()
         self.mock_models_setting = self.models_setting_patcher.start()
@@ -75,17 +82,40 @@ def common_data_mock(self):
         self.mock_apikey = self.mock_apikey_patcher.start()
         self.mock_hist = self.mock_hist_patcher.start()
         self.mock_setting = self.mock_setting_patcher.start()
+        self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
 
         self.mock_google_setting.return_value.get.side_effect = load_data
         self.mock_github_setting.return_value.get.side_effect = load_data
+        self.mock_azure_setting.return_value.get.side_effect = load_data
         self.mock_oidc_setting.return_value.get.side_effect = load_data
         self.mock_helpers_setting.return_value.get.side_effect = load_data
         self.mock_models_setting.return_value.get.side_effect = load_data
         self.mock_domain_model_setting.return_value.get.side_effect = load_data
         self.mock_record_model_setting.return_value.get.side_effect = load_data
         self.mock_server_model_setting.return_value.get.side_effect = load_data
+        self.mock_decorators_setting.return_value.get.side_effect = load_data
         self.mock_apikey.return_value.is_validate.return_value = api_key
 
+        yield
+
+        for patcher in [
+            self.google_setting_patcher,
+            self.github_setting_patcher,
+            self.azure_setting_patcher,
+            self.oidc_setting_patcher,
+            self.helpers_setting_patcher,
+            self.models_setting_patcher,
+            self.domain_model_setting_patcher,
+            self.record_model_setting_patcher,
+            self.server_model_setting_patcher,
+            self.mock_apikey_patcher,
+            self.mock_hist_patcher,
+            self.mock_setting_patcher,
+            self.mock_decorators_setting_patcher,
+        ]:
+            patcher.stop()
+
+
     def test_empty_get(self, client, common_data_mock, admin_apikey):
         with patch('powerdnsadmin.routes.api.Domain') as mock_domain, \
              patch('powerdnsadmin.lib.utils.requests.get') as mock_get:
diff --git a/tests/unit/zone/test_admin_user.py b/tests/unit/zone/test_admin_user.py
index 085ba748c..721204550 100644
--- a/tests/unit/zone/test_admin_user.py
+++ b/tests/unit/zone/test_admin_user.py
@@ -22,6 +22,9 @@ def common_data_mock(self):
         self.github_setting_patcher = patch(
             'powerdnsadmin.services.github.Setting',
             spec=powerdnsadmin.models.setting.Setting)
+        self.azure_setting_patcher = patch(
+            'powerdnsadmin.services.azure.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -57,6 +60,7 @@ def common_data_mock(self):
 
         self.mock_google_setting = self.google_setting_patcher.start()
         self.mock_github_setting = self.github_setting_patcher.start()
+        self.mock_azure_setting = self.azure_setting_patcher.start()
         self.mock_oidc_setting = self.oidc_setting_patcher.start()
         self.mock_base_route_user = self.base_route_user_patcher.start()
         self.mock_helpers_setting = self.helpers_setting_patcher.start()
@@ -74,6 +78,7 @@ def common_data_mock(self):
 
         self.mock_google_setting.return_value.get.side_effect = load_data
         self.mock_github_setting.return_value.get.side_effect = load_data
+        self.mock_azure_setting.return_value.get.side_effect = load_data
         self.mock_oidc_setting.return_value.get.side_effect = load_data
         self.mock_helpers_setting.return_value.get.side_effect = load_data
         self.mock_models_setting.return_value.get.side_effect = load_data
@@ -91,6 +96,27 @@ def common_data_mock(self):
         self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
         self.mock_base_route_user.return_value.is_validate.return_value = True
 
+        yield
+
+        for patcher in [
+            self.google_setting_patcher,
+            self.github_setting_patcher,
+            self.azure_setting_patcher,
+            self.oidc_setting_patcher,
+            self.base_route_user_patcher,
+            self.helpers_setting_patcher,
+            self.models_setting_patcher,
+            self.domain_model_setting_patcher,
+            self.record_model_setting_patcher,
+            self.server_model_setting_patcher,
+            self.decorators_setting_patcher,
+            self.api_setting_patcher,
+            self.mock_user_patcher,
+            self.mock_hist_patcher,
+        ]:
+            patcher.stop()
+
+
     def test_empty_get(self, client, common_data_mock,
                        basic_auth_admin_headers):
         with patch('powerdnsadmin.routes.api.Domain') as mock_domain, \
diff --git a/tests/unit/zone/test_user.py b/tests/unit/zone/test_user.py
index 7a8d8d9e8..b15e94401 100644
--- a/tests/unit/zone/test_user.py
+++ b/tests/unit/zone/test_user.py
@@ -22,6 +22,9 @@ def common_data_mock(self):
         self.github_setting_patcher = patch(
             'powerdnsadmin.services.github.Setting',
             spec=powerdnsadmin.models.setting.Setting)
+        self.azure_setting_patcher = patch(
+            'powerdnsadmin.services.azure.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -57,6 +60,7 @@ def common_data_mock(self):
 
         self.mock_google_setting = self.google_setting_patcher.start()
         self.mock_github_setting = self.github_setting_patcher.start()
+        self.mock_azure_setting = self.azure_setting_patcher.start()
         self.mock_oidc_setting = self.oidc_setting_patcher.start()
         self.mock_base_route_user = self.base_route_user_patcher.start()
         self.mock_helpers_setting = self.helpers_setting_patcher.start()
@@ -74,6 +78,7 @@ def common_data_mock(self):
 
         self.mock_google_setting.return_value.get.side_effect = load_data
         self.mock_github_setting.return_value.get.side_effect = load_data
+        self.mock_azure_setting.return_value.get.side_effect = load_data
         self.mock_oidc_setting.return_value.get.side_effect = load_data
         self.mock_helpers_setting.return_value.get.side_effect = load_data
         self.mock_models_setting.return_value.get.side_effect = load_data
@@ -91,6 +96,27 @@ def common_data_mock(self):
         self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
         self.mock_base_route_user.return_value.is_validate.return_value = True
 
+        yield
+
+        for patcher in [
+            self.google_setting_patcher,
+            self.github_setting_patcher,
+            self.azure_setting_patcher,
+            self.oidc_setting_patcher,
+            self.base_route_user_patcher,
+            self.helpers_setting_patcher,
+            self.models_setting_patcher,
+            self.domain_model_setting_patcher,
+            self.record_model_setting_patcher,
+            self.server_model_setting_patcher,
+            self.decorators_setting_patcher,
+            self.api_setting_patcher,
+            self.mock_user_patcher,
+            self.mock_hist_patcher,
+        ]:
+            patcher.stop()
+
+
     def test_create_zone(self, client, common_data_mock, zone_data,
                          basic_auth_user_headers, created_zone_data):
         with patch('powerdnsadmin.lib.helper.requests.request') as mock_post, \
diff --git a/tests/unit/zone/test_user_apikey.py b/tests/unit/zone/test_user_apikey.py
index 84cd53cc7..e8bd91517 100644
--- a/tests/unit/zone/test_user_apikey.py
+++ b/tests/unit/zone/test_user_apikey.py
@@ -25,6 +25,9 @@ def common_data_mock(self):
         self.github_setting_patcher = patch(
             'powerdnsadmin.services.github.Setting',
             spec=powerdnsadmin.models.setting.Setting)
+        self.azure_setting_patcher = patch(
+            'powerdnsadmin.services.azure.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -49,9 +52,16 @@ def common_data_mock(self):
         self.mock_hist_patcher = patch(
             'powerdnsadmin.routes.api.History',
             spec=powerdnsadmin.models.history.History)
+        self.mock_setting_patcher = patch(
+            'powerdnsadmin.routes.api.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
+        self.mock_decorators_setting_patcher = patch(
+            'powerdnsadmin.decorators.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
 
         self.mock_google_setting = self.google_setting_patcher.start()
         self.mock_github_setting = self.github_setting_patcher.start()
+        self.mock_azure_setting = self.azure_setting_patcher.start()
         self.mock_oidc_setting = self.oidc_setting_patcher.start()
         self.mock_helpers_setting = self.helpers_setting_patcher.start()
         self.mock_models_setting = self.models_setting_patcher.start()
@@ -63,15 +73,19 @@ def common_data_mock(self):
         )
         self.mock_apikey = self.mock_apikey_patcher.start()
         self.mock_hist = self.mock_hist_patcher.start()
+        self.mock_setting = self.mock_setting_patcher.start()
+        self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
 
         self.mock_google_setting.return_value.get.side_effect = load_data
         self.mock_github_setting.return_value.get.side_effect = load_data
+        self.mock_azure_setting.return_value.get.side_effect = load_data
         self.mock_oidc_setting.return_value.get.side_effect = load_data
         self.mock_helpers_setting.return_value.get.side_effect = load_data
         self.mock_models_setting.return_value.get.side_effect = load_data
         self.mock_domain_model_setting.return_value.get.side_effect = load_data
         self.mock_record_model_setting.return_value.get.side_effect = load_data
         self.mock_server_model_setting.return_value.get.side_effect = load_data
+        self.mock_decorators_setting.return_value.get.side_effect = load_data
 
         data = user_apikey_data()
         domain = Domain(name=data['domains'][0])
@@ -83,6 +97,26 @@ def common_data_mock(self):
 
         self.mock_apikey.return_value.is_validate.return_value = api_key
 
+        yield
+
+        for patcher in [
+            self.google_setting_patcher,
+            self.github_setting_patcher,
+            self.azure_setting_patcher,
+            self.oidc_setting_patcher,
+            self.helpers_setting_patcher,
+            self.models_setting_patcher,
+            self.domain_model_setting_patcher,
+            self.record_model_setting_patcher,
+            self.server_model_setting_patcher,
+            self.mock_apikey_patcher,
+            self.mock_hist_patcher,
+            self.mock_setting_patcher,
+            self.mock_decorators_setting_patcher,
+        ]:
+            patcher.stop()
+
+
     def test_create_zone(self, client, common_data_mock, zone_data,
                          user_apikey, created_zone_data):
         with patch('powerdnsadmin.lib.helper.requests.request') as mock_post, \

From e920bf5009056b15fc9e1a5141089928c6bd0fab Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Thu, 23 Jun 2022 22:22:05 +0200
Subject: [PATCH 162/475] Fix broken code

PR #1089 is the culprit, as was already predicted in the review.
---
 powerdnsadmin/decorators.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index 6382141ce..50e4a3f5a 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -388,7 +388,7 @@ def decorated_function(*args, **kwargs):
 def allowed_record_types(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
-        if request.method == 'GET':
+        if request.method in ['GET', 'DELETE', 'PUT']:
             return f(*args, **kwargs)
 
         if g.apikey.role.name in ['Administrator', 'Operator']:

From 8d849ee2a12280234599787e22eaea982fc84685 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 24 Jun 2022 14:19:52 +0200
Subject: [PATCH 163/475] Cleanup

The `unit/apikey` directory is removed because it does not contain any
tests. Same for `unit/test_decorators.py`.
The `fixture` module is renamed to the special-name `conftest` [0] so
they are available in all tests without the need to import them. With
that in place, I removed all now unneeded or previously already unused
imports from the tests.
Also removed that wierd `sys.path` bit from `unit/zone/test_admin_apikey.py`,
no idea what that was originally intended for.

[0] https://docs.pytest.org/en/6.2.x/fixture.html#conftest-py-sharing-fixtures-across-multiple-files
---
 tests/{fixtures.py => conftest.py}                   | 0
 tests/integration/api/apikey/test_admin_user.py      | 3 +--
 tests/integration/api/apikey/test_user.py            | 3 ---
 tests/integration/api/management/test_admin_user.py  | 6 +-----
 tests/integration/api/management/test_user.py        | 4 ----
 tests/integration/api/zone/test_admin_user.py        | 3 ---
 tests/integration/api/zone/test_apikey_admin_user.py | 3 ---
 tests/integration/api/zone/test_apikey_user.py       | 3 ---
 tests/integration/api/zone/test_user.py              | 2 --
 tests/unit/apikey/__init__.py                        | 0
 tests/unit/test_decorators.py                        | 0
 tests/unit/zone/test_admin_apikey.py                 | 9 ++-------
 tests/unit/zone/test_admin_user.py                   | 4 +---
 tests/unit/zone/test_user.py                         | 4 +---
 tests/unit/zone/test_user_apikey.py                  | 7 ++-----
 15 files changed, 8 insertions(+), 43 deletions(-)
 rename tests/{fixtures.py => conftest.py} (100%)
 delete mode 100644 tests/unit/apikey/__init__.py
 delete mode 100644 tests/unit/test_decorators.py

diff --git a/tests/fixtures.py b/tests/conftest.py
similarity index 100%
rename from tests/fixtures.py
rename to tests/conftest.py
diff --git a/tests/integration/api/apikey/test_admin_user.py b/tests/integration/api/apikey/test_admin_user.py
index c367fe15f..04e9806e5 100644
--- a/tests/integration/api/apikey/test_admin_user.py
+++ b/tests/integration/api/apikey/test_admin_user.py
@@ -4,8 +4,7 @@
 
 from powerdnsadmin.lib.validators import validate_apikey
 from powerdnsadmin.lib.schema import ApiKeySchema
-from tests.fixtures import client, initial_data, basic_auth_admin_headers
-from tests.fixtures import user_apikey_data, admin_apikey_data, zone_data
+from tests.conftest import user_apikey_data, admin_apikey_data
 
 
 class TestIntegrationApiApiKeyAdminUser(object):
diff --git a/tests/integration/api/apikey/test_user.py b/tests/integration/api/apikey/test_user.py
index 17fc97046..1d0751de4 100644
--- a/tests/integration/api/apikey/test_user.py
+++ b/tests/integration/api/apikey/test_user.py
@@ -1,11 +1,8 @@
-import pytest
 import json
 from collections import namedtuple
 
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client, initial_data, basic_auth_user_headers
-from tests.fixtures import zone_data
 
 
 class TestIntegrationApiZoneUser(object):
diff --git a/tests/integration/api/management/test_admin_user.py b/tests/integration/api/management/test_admin_user.py
index eae61f8b9..b01732015 100644
--- a/tests/integration/api/management/test_admin_user.py
+++ b/tests/integration/api/management/test_admin_user.py
@@ -1,9 +1,5 @@
-
 import json
-from tests.fixtures import (    # noqa: F401
-    client, initial_data, basic_auth_admin_headers,
-    test_admin_user, test_user, account_data, user1_data,
-)
+
 from . import IntegrationApiManagement
 
 
diff --git a/tests/integration/api/management/test_user.py b/tests/integration/api/management/test_user.py
index 31bf69fea..548702a1a 100644
--- a/tests/integration/api/management/test_user.py
+++ b/tests/integration/api/management/test_user.py
@@ -1,10 +1,6 @@
 
 import json
 
-from tests.fixtures import (    # noqa: F401
-    client, initial_data, basic_auth_admin_headers, basic_auth_user_headers,
-    test_admin_user, test_user, account_data, user1_data,
-)
 from . import IntegrationApiManagement
 
 
diff --git a/tests/integration/api/zone/test_admin_user.py b/tests/integration/api/zone/test_admin_user.py
index 2aa9c448c..f1c12a723 100644
--- a/tests/integration/api/zone/test_admin_user.py
+++ b/tests/integration/api/zone/test_admin_user.py
@@ -1,11 +1,8 @@
-import pytest
 import json
 from collections import namedtuple
 
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client, initial_data, basic_auth_admin_headers
-from tests.fixtures import zone_data
 
 
 class TestIntegrationApiZoneAdminUser(object):
diff --git a/tests/integration/api/zone/test_apikey_admin_user.py b/tests/integration/api/zone/test_apikey_admin_user.py
index 9090ed6ab..494366f0d 100644
--- a/tests/integration/api/zone/test_apikey_admin_user.py
+++ b/tests/integration/api/zone/test_apikey_admin_user.py
@@ -3,9 +3,6 @@
 
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client
-from tests.fixtures import zone_data, initial_apikey_data
-from tests.fixtures import admin_apikey_integration
 
 
 class TestIntegrationApiZoneAdminApiKey(object):
diff --git a/tests/integration/api/zone/test_apikey_user.py b/tests/integration/api/zone/test_apikey_user.py
index b0c96bc31..94ddac111 100644
--- a/tests/integration/api/zone/test_apikey_user.py
+++ b/tests/integration/api/zone/test_apikey_user.py
@@ -3,9 +3,6 @@
 
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client
-from tests.fixtures import zone_data, initial_apikey_data
-from tests.fixtures import user_apikey_integration
 
 class TestIntegrationApiZoneUserApiKey(object):
 
diff --git a/tests/integration/api/zone/test_user.py b/tests/integration/api/zone/test_user.py
index 73925218f..1d0751de4 100644
--- a/tests/integration/api/zone/test_user.py
+++ b/tests/integration/api/zone/test_user.py
@@ -3,8 +3,6 @@
 
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client, initial_data, basic_auth_user_headers
-from tests.fixtures import zone_data
 
 
 class TestIntegrationApiZoneUser(object):
diff --git a/tests/unit/apikey/__init__.py b/tests/unit/apikey/__init__.py
deleted file mode 100644
index e69de29bb..000000000
diff --git a/tests/unit/test_decorators.py b/tests/unit/test_decorators.py
deleted file mode 100644
index e69de29bb..000000000
diff --git a/tests/unit/zone/test_admin_apikey.py b/tests/unit/zone/test_admin_apikey.py
index fed256110..9d1ca281f 100644
--- a/tests/unit/zone/test_admin_apikey.py
+++ b/tests/unit/zone/test_admin_apikey.py
@@ -2,9 +2,6 @@
 import pytest
 from unittest.mock import patch
 from collections import namedtuple
-import sys
-import os
-sys.path.append(os.getcwd())
 
 import powerdnsadmin
 from powerdnsadmin.models.setting import Setting
@@ -12,10 +9,8 @@
 from powerdnsadmin.models.api_key import ApiKey
 from powerdnsadmin.models.role import Role
 from powerdnsadmin.lib.validators import validate_zone
-from powerdnsadmin.lib.schema import DomainSchema, ApiKeySchema
-from tests.fixtures import client, initial_data, created_zone_data
-from tests.fixtures import user_apikey, admin_apikey, zone_data
-from tests.fixtures import admin_apikey_data, load_data
+from powerdnsadmin.lib.schema import DomainSchema
+from tests.conftest import admin_apikey_data, load_data
 
 
 class TestUnitApiZoneAdminApiKey(object):
diff --git a/tests/unit/zone/test_admin_user.py b/tests/unit/zone/test_admin_user.py
index 721204550..922aa64e4 100644
--- a/tests/unit/zone/test_admin_user.py
+++ b/tests/unit/zone/test_admin_user.py
@@ -5,12 +5,10 @@
 
 import powerdnsadmin
 from powerdnsadmin.models.user import User
-from powerdnsadmin.models.role import Role
 from powerdnsadmin.models.domain import Domain
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client, basic_auth_admin_headers
-from tests.fixtures import zone_data, created_zone_data, load_data
+from tests.conftest import load_data
 
 
 class TestUnitApiZoneAdminUser(object):
diff --git a/tests/unit/zone/test_user.py b/tests/unit/zone/test_user.py
index b15e94401..3d374927c 100644
--- a/tests/unit/zone/test_user.py
+++ b/tests/unit/zone/test_user.py
@@ -5,12 +5,10 @@
 
 import powerdnsadmin
 from powerdnsadmin.models.user import User
-from powerdnsadmin.models.role import Role
 from powerdnsadmin.models.domain import Domain
 from powerdnsadmin.lib.validators import validate_zone
 from powerdnsadmin.lib.schema import DomainSchema
-from tests.fixtures import client, basic_auth_user_headers
-from tests.fixtures import zone_data, created_zone_data, load_data
+from tests.conftest import load_data
 
 
 class TestUnitApiZoneUser(object):
diff --git a/tests/unit/zone/test_user_apikey.py b/tests/unit/zone/test_user_apikey.py
index e8bd91517..77b1018df 100644
--- a/tests/unit/zone/test_user_apikey.py
+++ b/tests/unit/zone/test_user_apikey.py
@@ -1,7 +1,6 @@
 import json
 import pytest
 from unittest.mock import patch
-from base64 import b64encode
 from collections import namedtuple
 
 import powerdnsadmin
@@ -10,10 +9,8 @@
 from powerdnsadmin.models.api_key import ApiKey
 from powerdnsadmin.models.role import Role
 from powerdnsadmin.lib.validators import validate_zone
-from powerdnsadmin.lib.schema import DomainSchema, ApiKeySchema
-from tests.fixtures import client, initial_data, created_zone_data
-from tests.fixtures import user_apikey, zone_data
-from tests.fixtures import user_apikey_data, load_data
+from powerdnsadmin.lib.schema import DomainSchema
+from tests.conftest import user_apikey_data, load_data
 
 
 class TestUnitApiZoneUserApiKey(object):

From 32e19777ccbd0638e2b9eecb1f226efb17334519 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 22 Dec 2022 06:00:06 -0500
Subject: [PATCH 164/475] Updating GitHub stale automation configuration to
 match new label schema.

---
 .github/stale.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/stale.yml b/.github/stale.yml
index a1b7aa1b2..0c0b1c399 100644
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -5,11 +5,12 @@ daysUntilClose: 7
 # Issues with these labels will never be considered stale
 exemptLabels:
   - pinned
-  - security
-  - enhancement
-  - feature request
+  - bug / broken-feature
+  - bug / security-vulnerability
+  - feature / request
+  - mod / help-wanted
 # Label to use when marking an issue as stale
-staleLabel: wontfix
+staleLabel: mod / stale
 # Comment to post when marking an issue as stale. Set to `false` to disable
 markComment: >
   This issue has been automatically marked as stale because it has not had

From eb163534762e8fa59c3695d9a264d398e153c0d0 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 22 Dec 2022 06:20:12 -0500
Subject: [PATCH 165/475] Testing new GitHub Dependabot configuration.

---
 .github/dependabot.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..68dd93227
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,18 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: daily
+    ignore:
+      - dependency-name: "*"
+        update-types: [ "version-update:semver-major" ]
+    labels: feature / dependency
+  - package-ecosystem: pip
+    directory: /
+    schedule:
+      interval: daily
+    ignore:
+      - dependency-name: "*"
+        update-types: [ "version-update:semver-major" ]
+    labels: feature / dependency

From 33ec2acd3ff3afe69275a6e09b49bf936e49b685 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 22 Dec 2022 07:20:02 -0500
Subject: [PATCH 166/475] Added a GitHub labels configuration file.

---
 .github/labels.yml | 91 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 .github/labels.yml

diff --git a/.github/labels.yml b/.github/labels.yml
new file mode 100644
index 000000000..df15d03d6
--- /dev/null
+++ b/.github/labels.yml
@@ -0,0 +1,91 @@
+labels:
+  - name: bug / broken-feature
+    description: Existing feature malfunctioning or broken
+    color: 'd73a4a'
+  - name: bug / security-vulnerability
+    description: Security vulnerability identified with the application
+    color: 'd73a4a'
+  - name: docs / discussion
+    description: Documentation change proposals
+    color: '0075ca'
+  - name: docs / request
+    description: Documentation change request
+    color: '0075ca'
+  - name: feature / dependency
+    description: Existing feature dependency
+    color: '008672'
+  - name: feature / discussion
+    description: New or existing feature discussion
+    color: '008672'
+  - name: feature / request
+    description: New feature or enhancement request
+    color: '008672'
+  - name: help / deployment
+    description: Questions regarding application deployment
+    color: 'd876e3'
+  - name: help / features
+    description: Questions regarding the use of application features
+    color: 'd876e3'
+  - name: help / other
+    description: General questions not specific to application deployment or features
+    color: 'd876e3'
+  - name: mod / accepted
+    description: This request has been accepted
+    color: 'e5ef23'
+  - name: mod / announcement
+    description: This is an admin announcement
+    color: 'e5ef23'
+  - name: mod / changes-requested
+    description: Changes have been requested before proceeding
+    color: 'e5ef23'
+  - name: mod / duplicate
+    description: This issue or pull request already exists
+    color: 'e5ef23'
+  - name: mod / good-first-issue
+    description: Good for newcomers
+    color: 'e5ef23'
+  - name: mod / help-wanted
+    description: Extra attention is needed
+    color: 'e5ef23'
+  - name: mod / invalid
+    description: This doesn't seem right
+    color: 'e5ef23'
+  - name: mod / rejected
+    description: This request has been rejected
+    color: 'e5ef23'
+  - name: mod / reviewed
+    description: This request has been reviewed
+    color: 'e5ef23'
+  - name: mod / reviewing
+    description: This request is being reviewed
+    color: 'e5ef23'
+  - name: mod / stale
+    description: This request has gone stale
+    color: 'e5ef23'
+  - name: mod / tested
+    description: This has been tested
+    color: 'e5ef23'
+  - name: mod / testing
+    description: This is being tested
+    color: 'e5ef23'
+  - name: mod / wont-fix
+    description: This will not be worked on
+    color: 'e5ef23'
+  - name: skill / database
+    description: Requires a database skill-set
+    color: '5319E7'
+  - name: skill / docker
+    description: Requires a Docker skill-set
+    color: '5319E7'
+  - name: skill / documentation
+    description: Requires a documentation skill-set
+    color: '5319E7'
+  - name: skill / html
+    description: Requires a HTML skill-set
+    color: '5319E7'
+  - name: skill / javascript
+    description: Requires a JavaScript skill-set
+    color: '5319E7'
+  - name: skill / python
+    description: Requires a Python skill-set
+    color: '5319E7'
\ No newline at end of file

From 8dd03a4d85a75dd8cee0e2a8f330aeec65c7d4e4 Mon Sep 17 00:00:00 2001
From: Ymage <heltem+git@o2php.com>
Date: Thu, 22 Dec 2022 22:47:02 +0100
Subject: [PATCH 167/475] Update tests fix

Fix migration init_db 'id'
Handle app context when needed
Fix conftest fixtures
Rearrange test Dockerfiles
Hide DeprecationWarning during pytest execution
Upgrade all python packages
---
 docker-compose-test.yml                       |   6 +-
 docker-test/Dockerfile                        |  30 ++-
 docker-test/start.sh                          |   4 +-
 migrations/env.py                             |  46 ++--
 migrations/versions/787bdba9e147_init_db.py   |   6 +-
 requirements.txt                              |  59 +++--
 tests/conftest.py                             | 245 +++++++++---------
 .../integration/api/apikey/test_admin_user.py |   8 +-
 tests/integration/api/apikey/test_user.py     |   2 +-
 tests/integration/api/management/test_user.py |  98 ++++---
 tests/unit/zone/test_admin_apikey.py          | 151 +++++------
 tests/unit/zone/test_admin_user.py            | 110 ++++----
 tests/unit/zone/test_user.py                  | 118 +++++----
 tests/unit/zone/test_user_apikey.py           | 160 ++++++------
 14 files changed, 548 insertions(+), 495 deletions(-)

diff --git a/docker-compose-test.yml b/docker-compose-test.yml
index 7dcf4a027..77c8dba22 100644
--- a/docker-compose-test.yml
+++ b/docker-compose-test.yml
@@ -1,11 +1,11 @@
-version: "2.1"
+version: "3.8"
 
 services:
   powerdns-admin:
+    image: powerdns-admin-test
     build:
       context: .
       dockerfile: docker-test/Dockerfile
-    image: powerdns-admin-test
     container_name: powerdns-admin-test
     ports:
       - "9191:80"
@@ -17,10 +17,10 @@ services:
       - pdns-server
 
   pdns-server:
+    image: pdns-server-test
     build:
       context: .
       dockerfile: docker-test/Dockerfile.pdns
-    image: pdns-server-test
     ports:
       - "5053:53"
       - "5053:53/udp"
diff --git a/docker-test/Dockerfile b/docker-test/Dockerfile
index e5f4d4ede..17f934fb4 100644
--- a/docker-test/Dockerfile
+++ b/docker-test/Dockerfile
@@ -1,15 +1,35 @@
-FROM debian:stable-slim
+FROM debian:bullseye-slim
 LABEL maintainer="k@ndk.name"
 
 ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8
 
 RUN apt-get update -y \
-    && apt-get install -y --no-install-recommends apt-transport-https locales locales-all python3-pip python3-setuptools python3-dev curl libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev libxmlsec1-openssl pkg-config build-essential libmariadb-dev-compat \
+    && apt-get install -y --no-install-recommends \
+        apt-transport-https \
+        curl \
+        build-essential \
+        libffi-dev \
+        libldap2-dev \
+        libmariadb-dev-compat \
+        libsasl2-dev \
+        libssl-dev \
+        libxml2-dev \
+        libxmlsec1-dev \
+        libxmlsec1-openssl \
+        libxslt1-dev \
+        locales \
+        locales-all \
+        pkg-config \
+        python3-dev \
+        python3-pip \
+        python3-setuptools \
     && curl -sL https://deb.nodesource.com/setup_lts.x | bash - \
     && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
     && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \
     && apt-get update -y \
-    && apt-get install -y nodejs yarn \
+    && apt-get install -y --no-install-recommends \
+        nodejs \
+        yarn \
     && apt-get clean -y \
     && rm -rf /var/lib/apt/lists/*
 
@@ -21,8 +41,6 @@ RUN pip3 install --upgrade pip
 RUN pip3 install -r requirements.txt
 
 COPY . /app
-COPY ./docker/entrypoint.sh /usr/local/bin/
-RUN chmod +x /usr/local/bin/entrypoint.sh
 
 ENV FLASK_APP=powerdnsadmin/__init__.py
 RUN yarn install --pure-lockfile --production \
@@ -31,4 +49,4 @@ RUN yarn install --pure-lockfile --production \
 
 COPY ./docker-test/wait-for-pdns.sh /opt
 RUN chmod u+x /opt/wait-for-pdns.sh
-CMD ["/opt/wait-for-pdns.sh", "/usr/local/bin/pytest","--capture=no","-vv"]
+CMD ["/opt/wait-for-pdns.sh", "/usr/local/bin/pytest", "-W", "ignore::DeprecationWarning", "--capture=no", "-vv"]
diff --git a/docker-test/start.sh b/docker-test/start.sh
index 9a6601764..efd1c0e25 100644
--- a/docker-test/start.sh
+++ b/docker-test/start.sh
@@ -10,9 +10,9 @@ fi
 
 # Import schema structure
 if [ -e "/data/pdns.sql" ]; then
-    rm /data/pdns.db
+    rm -f /data/pdns.db
     cat /data/pdns.sql | sqlite3 /data/pdns.db
-    rm /data/pdns.sql
+    rm -f /data/pdns.sql
     echo "Imported schema structure"
 fi
 
diff --git a/migrations/env.py b/migrations/env.py
index 4742e1418..8b3fb3353 100755
--- a/migrations/env.py
+++ b/migrations/env.py
@@ -1,8 +1,13 @@
 from __future__ import with_statement
-from alembic import context
-from sqlalchemy import engine_from_config, pool
-from logging.config import fileConfig
+
 import logging
+from logging.config import fileConfig
+
+from sqlalchemy import engine_from_config
+from sqlalchemy import pool
+from flask import current_app
+
+from alembic import context
 
 # this is the Alembic Config object, which provides
 # access to the values within the .ini file in use.
@@ -17,9 +22,9 @@
 # for 'autogenerate' support
 # from myapp import mymodel
 # target_metadata = mymodel.Base.metadata
-from flask import current_app
-config.set_main_option('sqlalchemy.url',
-                       current_app.config.get('SQLALCHEMY_DATABASE_URI').replace("%","%%"))
+config.set_main_option(
+    'sqlalchemy.url',
+    str(current_app.extensions['migrate'].db.engine.url).replace('%', '%%'))
 target_metadata = current_app.extensions['migrate'].db.metadata
 
 # other values from the config, defined by the needs of env.py,
@@ -41,7 +46,9 @@ def run_migrations_offline():
 
     """
     url = config.get_main_option("sqlalchemy.url")
-    context.configure(url=url)
+    context.configure(
+        url=url, target_metadata=target_metadata, literal_binds=True
+    )
 
     with context.begin_transaction():
         context.run_migrations()
@@ -65,22 +72,23 @@ def process_revision_directives(context, revision, directives):
                 directives[:] = []
                 logger.info('No changes in schema detected.')
 
-    engine = engine_from_config(config.get_section(config.config_ini_section),
-                                prefix='sqlalchemy.',
-                                poolclass=pool.NullPool)
+    connectable = engine_from_config(
+        config.get_section(config.config_ini_section),
+        prefix='sqlalchemy.',
+        poolclass=pool.NullPool,
+    )
 
-    connection = engine.connect()
-    context.configure(connection=connection,
-                      target_metadata=target_metadata,
-                      process_revision_directives=process_revision_directives,
-                      render_as_batch=config.get_main_option('sqlalchemy.url').startswith('sqlite:'),
-                      **current_app.extensions['migrate'].configure_args)
+    with connectable.connect() as connection:
+        context.configure(
+            connection=connection,
+            target_metadata=target_metadata,
+            process_revision_directives=process_revision_directives,
+            **current_app.extensions['migrate'].configure_args
+        )
 
-    try:
         with context.begin_transaction():
             context.run_migrations()
-    finally:
-        connection.close()
+
 
 if context.is_offline_mode():
     run_migrations_offline()
diff --git a/migrations/versions/787bdba9e147_init_db.py b/migrations/versions/787bdba9e147_init_db.py
index aa781de89..c4c7aa25e 100644
--- a/migrations/versions/787bdba9e147_init_db.py
+++ b/migrations/versions/787bdba9e147_init_db.py
@@ -56,9 +56,9 @@ def seed_data():
 
     op.bulk_insert(template_table,
         [
-            {id: 1, 'name': 'basic_template_1', 'description': 'Basic Template #1'},
-            {id: 2, 'name': 'basic_template_2', 'description': 'Basic Template #2'},
-            {id: 3, 'name': 'basic_template_3', 'description': 'Basic Template #3'}
+            {'id': 1, 'name': 'basic_template_1', 'description': 'Basic Template #1'},
+            {'id': 2, 'name': 'basic_template_2', 'description': 'Basic Template #2'},
+            {'id': 3, 'name': 'basic_template_3', 'description': 'Basic Template #3'}
         ]
     )
 
diff --git a/requirements.txt b/requirements.txt
index 6ecea273a..11b142141 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,34 +1,41 @@
-Flask==1.1.2
-Flask-Assets==2.0
-Flask-Login==0.5.0
-Flask-SQLAlchemy==2.4.4
-Flask-Migrate==2.5.3
-SQLAlchemy==1.3.19
-mysqlclient==2.0.1
+mysqlclient==2.1.1
 configobj==5.0.6
-bcrypt>=3.1.7
-requests==2.24.0
-python-ldap==3.4.2
-pyotp==2.4.0
-qrcode==6.1
+bcrypt==4.0.1
+requests==2.28.1
+python-ldap==3.4.3
+pyotp==2.8.0
+qrcode==7.3.1
 dnspython>=1.16.0
-gunicorn==20.0.4
-python3-saml
-pytz==2020.1
+gunicorn==20.1.0
+python3-saml==1.14.0
+pytz==2022.7
 cssmin==0.2.0
-rjsmin==1.2.0
-Authlib==0.15
+rjsmin==1.2.1
+Authlib==1.2.0
 Flask-SeaSurf==1.1.1
-bravado-core==5.17.0
+bravado-core==5.17.1
 jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
-pytest==6.2.5
 pytimeparse==1.1.8
-PyYAML==5.4
-Flask-SSLify==0.1.5
+alembic==1.9.0
+certifi==2022.12.7
+cffi==1.15.1
+passlib==1.7.4
+pyasn1==0.4.8
+webcolors==1.12
+zipp==3.11.0
+Flask==2.2.2
+Flask-Assets==2.0
+Flask-Login==0.6.2
+Flask-SQLAlchemy==3.0.2
+Flask-Migrate==4.0.0
+SQLAlchemy==1.4.45
+pyOpenSSL==22.1.0
+Authlib==1.2.0
+Flask-SeaSurf==1.1.1
+PyYAML==6.0
 Flask-Mail==0.9.1
-flask-session==0.3.2
-Jinja2==3.0.3
-itsdangerous==2.0.1
-werkzeug==2.0.3
-cryptography==36.0.2
+Flask-SSLify==0.1.5
+Flask-Session==0.4.0
+lxml==4.6.5
+pytest==7.2.0
diff --git a/tests/conftest.py b/tests/conftest.py
index 3662916b7..f5de9e8d5 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -1,26 +1,28 @@
 import os
-import pytest
-import flask_migrate
 from base64 import b64encode
 
+import pytest
+from flask_migrate import upgrade as flask_migrate_upgrade
+
 from powerdnsadmin import create_app
+from powerdnsadmin.models.api_key import ApiKey
 from powerdnsadmin.models.base import db
-from powerdnsadmin.models.user import User
 from powerdnsadmin.models.setting import Setting
-from powerdnsadmin.models.api_key import ApiKey
+from powerdnsadmin.models.user import User
+
 
-app = create_app('../configs/test.py')
-ctx = app.app_context()
-ctx.push()
+@pytest.fixture(scope="session")
+def app():
+    app = create_app('../configs/test.py')
+    yield app
 
 
 @pytest.fixture
-def client():
+def client(app):
     app.config['TESTING'] = True
     client = app.test_client()
     yield client
 
-
 def load_data(setting_name, *args, **kwargs):
     if setting_name == 'maintenance':
         return 0
@@ -41,17 +43,17 @@ def load_data(setting_name, *args, **kwargs):
 
 
 @pytest.fixture
-def test_admin_user():
+def test_admin_user(app):
     return app.config.get('TEST_ADMIN_USER')
 
 
 @pytest.fixture
-def test_user():
+def test_user(app):
     return app.config.get('TEST_USER')
 
 
 @pytest.fixture
-def basic_auth_admin_headers():
+def basic_auth_admin_headers(app):
     test_admin_user = app.config.get('TEST_ADMIN_USER')
     test_admin_pass = app.config.get('TEST_ADMIN_PASSWORD')
     user_pass = "{0}:{1}".format(test_admin_user, test_admin_pass)
@@ -63,7 +65,7 @@ def basic_auth_admin_headers():
 
 
 @pytest.fixture
-def basic_auth_user_headers():
+def basic_auth_user_headers(app):
     test_user = app.config.get('TEST_USER')
     test_user_pass = app.config.get('TEST_USER_PASSWORD')
     user_pass = "{0}:{1}".format(test_user, test_user_pass)
@@ -75,7 +77,8 @@ def basic_auth_user_headers():
 
 
 @pytest.fixture(scope="module")
-def initial_data():
+def initial_data(app):
+
     pdns_proto = os.environ['PDNS_PROTO']
     pdns_host = os.environ['PDNS_HOST']
     pdns_port = os.environ['PDNS_PORT']
@@ -85,46 +88,44 @@ def initial_data():
     api_key_setting = Setting('pdns_api_key', os.environ['PDNS_API_KEY'])
     allow_create_domain_setting = Setting('allow_user_create_domain', True)
 
-    try:
-        flask_migrate.upgrade()
-
-        db.session.add(api_url_setting)
-        db.session.add(api_key_setting)
-        db.session.add(allow_create_domain_setting)
+    with app.app_context():
+        try:
+            flask_migrate_upgrade(directory="migrations")
+            db.session.add(api_url_setting)
+            db.session.add(api_key_setting)
+            db.session.add(allow_create_domain_setting)
 
-        test_user = app.config.get('TEST_USER')
-        test_user_pass = app.config.get('TEST_USER_PASSWORD')
-        test_admin_user = app.config.get('TEST_ADMIN_USER')
-        test_admin_pass = app.config.get('TEST_ADMIN_PASSWORD')
+            test_user = app.config.get('TEST_USER')
+            test_user_pass = app.config.get('TEST_USER_PASSWORD')
+            test_admin_user = app.config.get('TEST_ADMIN_USER')
+            test_admin_pass = app.config.get('TEST_ADMIN_PASSWORD')
 
-        admin_user = User(username=test_admin_user,
-                          plain_text_password=test_admin_pass,
-                          email="admin@admin.com")
-        msg = admin_user.create_local_user()
+            admin_user = User(username=test_admin_user,
+                              plain_text_password=test_admin_pass,
+                              email="admin@admin.com")
+            ret = admin_user.create_local_user()
 
-        if not msg:
-            raise Exception("Error occurred creating user {0}".format(msg))
+            if not ret['status']:
+                raise Exception("Error occurred creating user {0}".format(ret['msg']))
 
-        ordinary_user = User(username=test_user,
-                             plain_text_password=test_user_pass,
-                             email="test@test.com")
-        msg = ordinary_user.create_local_user()
+            ordinary_user = User(username=test_user,
+                                 plain_text_password=test_user_pass,
+                                 email="test@test.com")
+            ret = ordinary_user.create_local_user()
 
-        if not msg:
-            raise Exception("Error occurred creating user {0}".format(msg))
+            if not ret['status']:
+                raise Exception("Error occurred creating user {0}".format(ret['msg']))
 
-    except Exception as e:
-        print("Unexpected ERROR: {0}".format(e))
-        raise e
+        except Exception as e:
+            print("Unexpected ERROR: {0}".format(e))
+            raise e
 
     yield
-
-    db.session.close()
     os.unlink(app.config['TEST_DB_LOCATION'])
 
 
 @pytest.fixture(scope="module")
-def initial_apikey_data():
+def initial_apikey_data(app):
     pdns_proto = os.environ['PDNS_PROTO']
     pdns_host = os.environ['PDNS_HOST']
     pdns_port = os.environ['PDNS_PORT']
@@ -135,42 +136,40 @@ def initial_apikey_data():
     allow_create_domain_setting = Setting('allow_user_create_domain', True)
     allow_remove_domain_setting = Setting('allow_user_remove_domain', True)
 
-    try:
-        flask_migrate.upgrade()
+    with app.app_context():
+        try:
+            flask_migrate_upgrade(directory="migrations")
+            db.session.add(api_url_setting)
+            db.session.add(api_key_setting)
+            db.session.add(allow_create_domain_setting)
+            db.session.add(allow_remove_domain_setting)
 
-        db.session.add(api_url_setting)
-        db.session.add(api_key_setting)
-        db.session.add(allow_create_domain_setting)
-        db.session.add(allow_remove_domain_setting)
+            test_user_apikey = app.config.get('TEST_USER_APIKEY')
+            test_admin_apikey = app.config.get('TEST_ADMIN_APIKEY')
 
-        test_user_apikey = app.config.get('TEST_USER_APIKEY')
-        test_admin_apikey = app.config.get('TEST_ADMIN_APIKEY')
+            dummy_apikey = ApiKey(desc="dummy", role_name="Administrator")
 
-        dummy_apikey = ApiKey(desc="dummy", role_name="Administrator")
+            admin_key = dummy_apikey.get_hashed_password(
+                plain_text_password=test_admin_apikey).decode('utf-8')
 
-        admin_key = dummy_apikey.get_hashed_password(
-            plain_text_password=test_admin_apikey).decode('utf-8')
+            admin_apikey = ApiKey(key=admin_key,
+                                  desc="test admin apikey",
+                                  role_name="Administrator")
+            admin_apikey.create()
 
-        admin_apikey = ApiKey(key=admin_key,
-                              desc="test admin apikey",
-                              role_name="Administrator")
-        admin_apikey.create()
+            user_key = dummy_apikey.get_hashed_password(
+                plain_text_password=test_user_apikey).decode('utf-8')
 
-        user_key = dummy_apikey.get_hashed_password(
-            plain_text_password=test_user_apikey).decode('utf-8')
+            user_apikey = ApiKey(key=user_key,
+                                 desc="test user apikey",
+                                 role_name="User")
+            user_apikey.create()
 
-        user_apikey = ApiKey(key=user_key,
-                             desc="test user apikey",
-                             role_name="User")
-        user_apikey.create()
-
-    except Exception as e:
-        print("Unexpected ERROR: {0}".format(e))
-        raise e
+        except Exception as e:
+            print("Unexpected ERROR: {0}".format(e))
+            raise e
 
     yield
-
-    db.session.close()
     os.unlink(app.config['TEST_DB_LOCATION'])
 
 
@@ -187,61 +186,51 @@ def zone_data():
 @pytest.fixture
 def created_zone_data():
     data = {
-        'url':
-        '/api/v1/servers/localhost/zones/example.org.',
-        'soa_edit_api':
-        'DEFAULT',
-        'last_check':
-        0,
+        'url': '/api/v1/servers/localhost/zones/example.org.',
+        'soa_edit_api': 'DEFAULT',
+        'last_check': 0,
         'masters': [],
-        'dnssec':
-        False,
-        'notified_serial':
-        0,
-        'nsec3narrow':
-        False,
-        'serial':
-        2019013101,
-        'nsec3param':
-        '',
-        'soa_edit':
-        '',
-        'api_rectify':
-        False,
-        'kind':
-        'Native',
+        'dnssec': False,
+        'notified_serial': 0,
+        'nsec3narrow': False,
+        'serial': 2019013101,
+        'nsec3param': '',
+        'soa_edit': '',
+        'api_rectify': False,
+        'kind': 'Native',
         'rrsets': [{
             'comments': [],
-            'type':
-            'SOA',
-            'name':
-            'example.org.',
-            'ttl':
-            3600,
+            'type': 'SOA',
+            'name': 'example.org.',
+            'ttl': 3600,
             'records': [{
-                'content':
-                'a.misconfigured.powerdns.server. hostmaster.example.org. 2019013101 10800 3600 604800 3600',
+                'content': 'a.misconfigured.powerdns.server. hostmaster.example.org. 2019013101 10800 3600 604800 3600',
                 'disabled': False
             }]
         }, {
             'comments': [],
-            'type':
-            'NS',
-            'name':
-            'example.org.',
-            'ttl':
-            3600,
+            'type': 'NS',
+            'name': 'example.org.',
+            'ttl': 3600,
             'records': [{
                 'content': 'ns1.example.org.',
                 'disabled': False
             }]
         }],
-        'name':
-        'example.org.',
-        'account':
-        '',
-        'id':
-        'example.org.'
+        'name': 'example.org.',
+        'account': '',
+        'id': 'example.org.'
+    }
+    return data
+
+
+def user_data(app):
+    test_user = app.config.get('TEST_USER')
+    test_user_pass = app.config.get('TEST_USER_PASSWORD')
+    data = {
+        "username": test_user,
+        "plain_text_password": test_user_pass,
+        "email": "test@test.com"
     }
     return data
 
@@ -261,37 +250,39 @@ def admin_apikey_data():
 
 
 @pytest.fixture(scope='module')
-def user_apikey_integration():
+def user_apikey_integration(app):
     test_user_apikey = app.config.get('TEST_USER_APIKEY')
     headers = create_apikey_headers(test_user_apikey)
     return headers
 
 
 @pytest.fixture(scope='module')
-def admin_apikey_integration():
+def admin_apikey_integration(app):
     test_user_apikey = app.config.get('TEST_ADMIN_APIKEY')
     headers = create_apikey_headers(test_user_apikey)
     return headers
 
 
 @pytest.fixture(scope='module')
-def user_apikey():
-    data = user_apikey_data()
-    api_key = ApiKey(desc=data['description'],
-                     role_name=data['role'],
-                     domains=[])
-    headers = create_apikey_headers(api_key.plain_key)
-    return headers
+def user_apikey(app):
+    with app.app_context():
+        data = user_apikey_data()
+        api_key = ApiKey(desc=data['description'],
+                         role_name=data['role'],
+                         domains=[])
+        headers = create_apikey_headers(api_key.plain_key)
+        return headers
 
 
 @pytest.fixture(scope='module')
-def admin_apikey():
-    data = admin_apikey_data()
-    api_key = ApiKey(desc=data['description'],
-                     role_name=data['role'],
-                     domains=[])
-    headers = create_apikey_headers(api_key.plain_key)
-    return headers
+def admin_apikey(app):
+    with app.app_context():
+        data = admin_apikey_data()
+        api_key = ApiKey(desc=data['description'],
+                         role_name=data['role'],
+                         domains=[])
+        headers = create_apikey_headers(api_key.plain_key)
+        return headers
 
 
 def create_apikey_headers(passw):
diff --git a/tests/integration/api/apikey/test_admin_user.py b/tests/integration/api/apikey/test_admin_user.py
index 04e9806e5..3bc0c8283 100644
--- a/tests/integration/api/apikey/test_admin_user.py
+++ b/tests/integration/api/apikey/test_admin_user.py
@@ -8,7 +8,7 @@
 
 
 class TestIntegrationApiApiKeyAdminUser(object):
-    def test_empty_get(self, client, initial_data, basic_auth_admin_headers):
+    def test_empty_get(self, initial_data, client, basic_auth_admin_headers):
         res = client.get("/api/v1/pdnsadmin/apikeys",
                          headers=basic_auth_admin_headers)
         data = res.get_json(force=True)
@@ -18,7 +18,7 @@ def test_empty_get(self, client, initial_data, basic_auth_admin_headers):
     @pytest.mark.parametrize(
         "apikey_data",
         [user_apikey_data(), admin_apikey_data()])
-    def test_create_apikey(self, client, initial_data, apikey_data, zone_data,
+    def test_create_apikey(self, initial_data, client, apikey_data, zone_data,
                            basic_auth_admin_headers):
         res = client.post("/api/v1/pdnsadmin/zones",
                           headers=basic_auth_admin_headers,
@@ -53,7 +53,7 @@ def test_create_apikey(self, client, initial_data, apikey_data, zone_data,
     @pytest.mark.parametrize(
         "apikey_data",
         [user_apikey_data(), admin_apikey_data()])
-    def test_get_multiple_apikey(self, client, initial_data, apikey_data,
+    def test_get_multiple_apikey(self, initial_data, client, apikey_data,
                                  zone_data, basic_auth_admin_headers):
         res = client.post("/api/v1/pdnsadmin/zones",
                           headers=basic_auth_admin_headers,
@@ -102,7 +102,7 @@ def test_get_multiple_apikey(self, client, initial_data, apikey_data,
     @pytest.mark.parametrize(
         "apikey_data",
         [user_apikey_data(), admin_apikey_data()])
-    def test_delete_apikey(self, client, initial_data, apikey_data, zone_data,
+    def test_delete_apikey(self, initial_data, client, apikey_data, zone_data,
                            basic_auth_admin_headers):
         res = client.post("/api/v1/pdnsadmin/zones",
                           headers=basic_auth_admin_headers,
diff --git a/tests/integration/api/apikey/test_user.py b/tests/integration/api/apikey/test_user.py
index 1d0751de4..34fdd861b 100644
--- a/tests/integration/api/apikey/test_user.py
+++ b/tests/integration/api/apikey/test_user.py
@@ -5,7 +5,7 @@
 from powerdnsadmin.lib.schema import DomainSchema
 
 
-class TestIntegrationApiZoneUser(object):
+class TestIntegrationApiApiKeyUser(object):
     def test_empty_get(self, initial_data, client, basic_auth_user_headers):
         res = client.get("/api/v1/pdnsadmin/zones",
                          headers=basic_auth_user_headers)
diff --git a/tests/integration/api/management/test_user.py b/tests/integration/api/management/test_user.py
index 548702a1a..65a5869d5 100644
--- a/tests/integration/api/management/test_user.py
+++ b/tests/integration/api/management/test_user.py
@@ -1,4 +1,3 @@
-
 import json
 
 from . import IntegrationApiManagement
@@ -6,57 +5,57 @@
 
 class TestIntegrationApiManagementUser(IntegrationApiManagement):
 
-    def test_accounts_empty_get(
-            self, client, initial_data,                         # noqa: F811
-            basic_auth_user_headers):                           # noqa: F811
+    def test_accounts_empty_get(self, initial_data, client,  # noqa: F811
+                                basic_auth_user_headers):  # noqa: F811
         res = client.get("/api/v1/pdnsadmin/accounts",
                          headers=basic_auth_user_headers)
         assert res.status_code == 401
 
-    def test_users_empty_get(
-            self, client, initial_data,                         # noqa: F811
-            test_admin_user, test_user,                         # noqa: F811
-            basic_auth_user_headers):                           # noqa: F811
+    def test_users_empty_get(self, initial_data, client,  # noqa: F811
+                             test_admin_user, test_user,  # noqa: F811
+                             basic_auth_user_headers):  # noqa: F811
         res = client.get("/api/v1/pdnsadmin/users",
                          headers=basic_auth_user_headers)
         assert res.status_code == 401
 
-    def test_self_get(
-            self, initial_data, client, test_user,              # noqa: F811
-            basic_auth_user_headers):                           # noqa: F811
-        self.user = None
+    def test_self_get(self, initial_data, client, basic_auth_user_headers, test_user):  # noqa: F811
         res = client.get("/api/v1/pdnsadmin/users/{}".format(test_user),
                          headers=basic_auth_user_headers)
         data = res.get_json(force=True)
         assert res.status_code == 200
         assert data
-        self.user = [data]
 
-    def test_accounts(
-            self, client, initial_data,                          # noqa: F811
-            account_data,                                        # noqa: F811
-            basic_auth_admin_headers, basic_auth_user_headers):  # noqa: F811
-        self.client = client
-        self.basic_auth_admin_headers = basic_auth_admin_headers
+    def test_create_account_fail(self, client, initial_data, account_data,  # noqa: F811
+                                 basic_auth_user_headers):  # noqa: F811
 
         # Create account (should fail)
-        res = client.post(
-            "/api/v1/pdnsadmin/accounts",
-            headers=basic_auth_user_headers,
-            data=json.dumps(account_data),
-            content_type="application/json",
-        )
+        res = client.post("/api/v1/pdnsadmin/accounts",
+                          headers=basic_auth_user_headers,
+                          data=json.dumps(account_data),
+                          content_type="application/json")
         assert res.status_code == 401
 
-        # Create account (as admin)
-        res = client.post(
-            "/api/v1/pdnsadmin/accounts",
-            headers=basic_auth_admin_headers,
-            data=json.dumps(account_data),
-            content_type="application/json",
-        )
-        data = res.get_json(force=True)
-        assert res.status_code == 201
+    def test_create_account_as_admin(self, app, initial_data, client, account_data,  # noqa: F811
+                                     basic_auth_admin_headers):  # noqa: F811
+        self.client = client
+        self.basic_auth_admin_headers = basic_auth_admin_headers
+
+        with app.test_request_context():
+            # Create account (as admin)
+            res = client.post("/api/v1/pdnsadmin/accounts",
+                              headers=basic_auth_admin_headers,
+                              data=json.dumps(account_data),
+                              content_type="application/json")
+            data = res.get_json(force=True)
+            assert res.status_code == 201
+
+    def test_update_account_fail(
+            self, initial_data, client,  # noqa: F811
+            account_data,  # noqa: F811
+            basic_auth_user_headers,
+            basic_auth_admin_headers):  # noqa: F811
+        self.client = client
+        self.basic_auth_admin_headers = basic_auth_admin_headers
 
         # Check account
         data = self.check_account(account_data)
@@ -71,6 +70,18 @@ def test_accounts(
         )
         assert res.status_code == 401
 
+    def test_delete_account_fail(
+            self, initial_data, client,  # noqa: F811
+            account_data,  # noqa: F811
+            basic_auth_user_headers,
+            basic_auth_admin_headers):  # noqa: F811
+        self.client = client
+        self.basic_auth_admin_headers = basic_auth_admin_headers
+
+        # Check account
+        data = self.check_account(account_data)
+        account_id = data["id"]
+
         # Delete account (should fail)
         res = client.delete(
             "/api/v1/pdnsadmin/accounts/{}".format(account_id),
@@ -80,6 +91,17 @@ def test_accounts(
         )
         assert res.status_code == 401
 
+    def test_delete_account_as_admin(
+            self, client, initial_data,  # noqa: F811
+            account_data,  # noqa: F811
+            basic_auth_admin_headers):  # noqa: F811
+        self.client = client
+        self.basic_auth_admin_headers = basic_auth_admin_headers
+
+        # Check account
+        data = self.check_account(account_data)
+        account_id = data["id"]
+
         # Cleanup (delete account as admin)
         res = client.delete(
             "/api/v1/pdnsadmin/accounts/{}".format(account_id),
@@ -90,8 +112,8 @@ def test_accounts(
         assert res.status_code == 204
 
     def test_users(
-            self, client, initial_data,                          # noqa: F811
-            user1_data,                                          # noqa: F811
+            self, client, initial_data,  # noqa: F811
+            user1_data,  # noqa: F811
             basic_auth_admin_headers, basic_auth_user_headers):  # noqa: F811
         self.client = client
         self.basic_auth_admin_headers = basic_auth_admin_headers
@@ -150,8 +172,8 @@ def test_users(
         assert res.status_code == 204
 
     def test_account_users(
-            self, client, initial_data,                          # noqa: F811
-            account_data, user1_data,                            # noqa: F811
+            self, client, initial_data,  # noqa: F811
+            account_data, user1_data,  # noqa: F811
             basic_auth_admin_headers, basic_auth_user_headers):  # noqa: F811
         self.client = client
         self.basic_auth_admin_headers = basic_auth_admin_headers
diff --git a/tests/unit/zone/test_admin_apikey.py b/tests/unit/zone/test_admin_apikey.py
index 9d1ca281f..ccef69ca6 100644
--- a/tests/unit/zone/test_admin_apikey.py
+++ b/tests/unit/zone/test_admin_apikey.py
@@ -15,81 +15,82 @@
 
 class TestUnitApiZoneAdminApiKey(object):
     @pytest.fixture
-    def common_data_mock(self):
-        self.google_setting_patcher = patch(
-            'powerdnsadmin.services.google.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.github_setting_patcher = patch(
-            'powerdnsadmin.services.github.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.azure_setting_patcher = patch(
-            'powerdnsadmin.services.azure.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.oidc_setting_patcher = patch(
-            'powerdnsadmin.services.oidc.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.helpers_setting_patcher = patch(
-            'powerdnsadmin.lib.helper.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.models_setting_patcher = patch(
-            'powerdnsadmin.models.setting.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.domain_model_setting_patcher = patch(
-            'powerdnsadmin.models.domain.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.record_model_setting_patcher = patch(
-            'powerdnsadmin.models.record.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.server_model_setting_patcher = patch(
-            'powerdnsadmin.models.server.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_apikey_patcher = patch(
-            'powerdnsadmin.decorators.ApiKey',
-            spec=powerdnsadmin.models.api_key.ApiKey)
-        self.mock_hist_patcher = patch(
-            'powerdnsadmin.routes.api.History',
-            spec=powerdnsadmin.models.history.History)
-        self.mock_setting_patcher = patch(
-            'powerdnsadmin.routes.api.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_decorators_setting_patcher = patch(
-            'powerdnsadmin.decorators.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-
-        data = admin_apikey_data()
-        api_key = ApiKey(desc=data['description'],
-                         role_name=data['role'],
-                         domains=[])
-        api_key.role = Role(name=data['role'])
-
-        self.mock_google_setting = self.google_setting_patcher.start()
-        self.mock_github_setting = self.github_setting_patcher.start()
-        self.mock_azure_setting = self.azure_setting_patcher.start()
-        self.mock_oidc_setting = self.oidc_setting_patcher.start()
-        self.mock_helpers_setting = self.helpers_setting_patcher.start()
-        self.mock_models_setting = self.models_setting_patcher.start()
-        self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
-        )
-        self.mock_record_model_setting = self.record_model_setting_patcher.start(
-        )
-        self.mock_server_model_setting = self.server_model_setting_patcher.start(
-        )
-        self.mock_apikey = self.mock_apikey_patcher.start()
-        self.mock_hist = self.mock_hist_patcher.start()
-        self.mock_setting = self.mock_setting_patcher.start()
-        self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
-
-        self.mock_google_setting.return_value.get.side_effect = load_data
-        self.mock_github_setting.return_value.get.side_effect = load_data
-        self.mock_azure_setting.return_value.get.side_effect = load_data
-        self.mock_oidc_setting.return_value.get.side_effect = load_data
-        self.mock_helpers_setting.return_value.get.side_effect = load_data
-        self.mock_models_setting.return_value.get.side_effect = load_data
-        self.mock_domain_model_setting.return_value.get.side_effect = load_data
-        self.mock_record_model_setting.return_value.get.side_effect = load_data
-        self.mock_server_model_setting.return_value.get.side_effect = load_data
-        self.mock_decorators_setting.return_value.get.side_effect = load_data
-        self.mock_apikey.return_value.is_validate.return_value = api_key
+    def common_data_mock(self, app):
+        with app.app_context():
+            self.google_setting_patcher = patch(
+                'powerdnsadmin.services.google.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.github_setting_patcher = patch(
+                'powerdnsadmin.services.github.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.azure_setting_patcher = patch(
+                'powerdnsadmin.services.azure.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.oidc_setting_patcher = patch(
+                'powerdnsadmin.services.oidc.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.helpers_setting_patcher = patch(
+                'powerdnsadmin.lib.helper.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.models_setting_patcher = patch(
+                'powerdnsadmin.models.setting.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.domain_model_setting_patcher = patch(
+                'powerdnsadmin.models.domain.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.record_model_setting_patcher = patch(
+                'powerdnsadmin.models.record.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.server_model_setting_patcher = patch(
+                'powerdnsadmin.models.server.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.mock_apikey_patcher = patch(
+                'powerdnsadmin.decorators.ApiKey',
+                spec=powerdnsadmin.models.api_key.ApiKey)
+            self.mock_hist_patcher = patch(
+                'powerdnsadmin.routes.api.History',
+                spec=powerdnsadmin.models.history.History)
+            self.mock_setting_patcher = patch(
+                'powerdnsadmin.routes.api.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.mock_decorators_setting_patcher = patch(
+                'powerdnsadmin.decorators.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+
+            data = admin_apikey_data()
+            api_key = ApiKey(desc=data['description'],
+                             role_name=data['role'],
+                             domains=[])
+            api_key.role = Role(name=data['role'])
+
+            self.mock_google_setting = self.google_setting_patcher.start()
+            self.mock_github_setting = self.github_setting_patcher.start()
+            self.mock_azure_setting = self.azure_setting_patcher.start()
+            self.mock_oidc_setting = self.oidc_setting_patcher.start()
+            self.mock_helpers_setting = self.helpers_setting_patcher.start()
+            self.mock_models_setting = self.models_setting_patcher.start()
+            self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
+            )
+            self.mock_record_model_setting = self.record_model_setting_patcher.start(
+            )
+            self.mock_server_model_setting = self.server_model_setting_patcher.start(
+            )
+            self.mock_apikey = self.mock_apikey_patcher.start()
+            self.mock_hist = self.mock_hist_patcher.start()
+            self.mock_setting = self.mock_setting_patcher.start()
+            self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
+
+            self.mock_google_setting.return_value.get.side_effect = load_data
+            self.mock_github_setting.return_value.get.side_effect = load_data
+            self.mock_azure_setting.return_value.get.side_effect = load_data
+            self.mock_oidc_setting.return_value.get.side_effect = load_data
+            self.mock_helpers_setting.return_value.get.side_effect = load_data
+            self.mock_models_setting.return_value.get.side_effect = load_data
+            self.mock_domain_model_setting.return_value.get.side_effect = load_data
+            self.mock_record_model_setting.return_value.get.side_effect = load_data
+            self.mock_server_model_setting.return_value.get.side_effect = load_data
+            self.mock_decorators_setting.return_value.get.side_effect = load_data
+            self.mock_apikey.return_value.is_validate.return_value = api_key
 
         yield
 
diff --git a/tests/unit/zone/test_admin_user.py b/tests/unit/zone/test_admin_user.py
index 922aa64e4..c4412de41 100644
--- a/tests/unit/zone/test_admin_user.py
+++ b/tests/unit/zone/test_admin_user.py
@@ -13,7 +13,8 @@
 
 class TestUnitApiZoneAdminUser(object):
     @pytest.fixture
-    def common_data_mock(self):
+    def common_data_mock(self, app, initial_data):
+
         self.google_setting_patcher = patch(
             'powerdnsadmin.services.google.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -26,17 +27,11 @@ def common_data_mock(self):
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
-        self.api_setting_patcher = patch(
-            'powerdnsadmin.routes.api.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.base_route_user_patcher = patch(
-            'powerdnsadmin.routes.base.User',
-            spec=powerdnsadmin.models.user.User)
         self.helpers_setting_patcher = patch(
             'powerdnsadmin.lib.helper.Setting',
             spec=powerdnsadmin.models.setting.Setting)
         self.models_setting_patcher = patch(
-            'powerdnsadmin.models.Setting',
+            'powerdnsadmin.models.setting.Setting',
             spec=powerdnsadmin.models.setting.Setting)
         self.domain_model_setting_patcher = patch(
             'powerdnsadmin.models.domain.Setting',
@@ -47,52 +42,60 @@ def common_data_mock(self):
         self.server_model_setting_patcher = patch(
             'powerdnsadmin.models.server.Setting',
             spec=powerdnsadmin.models.setting.Setting)
-        self.decorators_setting_patcher = patch(
-            'powerdnsadmin.decorators.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_user_patcher = patch('powerdnsadmin.decorators.User',
-                                       spec=powerdnsadmin.models.user.User)
+        self.mock_user_patcher = patch(
+            'powerdnsadmin.decorators.User',
+            spec=powerdnsadmin.models.user.User)
         self.mock_hist_patcher = patch(
             'powerdnsadmin.routes.api.History',
             spec=powerdnsadmin.models.history.History)
+        self.mock_setting_patcher = patch(
+            'powerdnsadmin.routes.api.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
+        self.mock_decorators_setting_patcher = patch(
+            'powerdnsadmin.decorators.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
+        self.base_route_user_patcher = patch(
+            'powerdnsadmin.routes.base.User',
+            spec=powerdnsadmin.models.user.User)
 
-        self.mock_google_setting = self.google_setting_patcher.start()
-        self.mock_github_setting = self.github_setting_patcher.start()
-        self.mock_azure_setting = self.azure_setting_patcher.start()
-        self.mock_oidc_setting = self.oidc_setting_patcher.start()
-        self.mock_base_route_user = self.base_route_user_patcher.start()
-        self.mock_helpers_setting = self.helpers_setting_patcher.start()
-        self.mock_models_setting = self.models_setting_patcher.start()
-        self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
-        )
-        self.mock_record_model_setting = self.record_model_setting_patcher.start(
-        )
-        self.mock_server_model_setting = self.server_model_setting_patcher.start(
-        )
-        self.decorators_setting = self.decorators_setting_patcher.start()
-        self.api_setting = self.api_setting_patcher.start()
-        self.mock_user = self.mock_user_patcher.start()
-        self.mock_hist = self.mock_hist_patcher.start()
-
-        self.mock_google_setting.return_value.get.side_effect = load_data
-        self.mock_github_setting.return_value.get.side_effect = load_data
-        self.mock_azure_setting.return_value.get.side_effect = load_data
-        self.mock_oidc_setting.return_value.get.side_effect = load_data
-        self.mock_helpers_setting.return_value.get.side_effect = load_data
-        self.mock_models_setting.return_value.get.side_effect = load_data
-        self.mock_domain_model_setting.return_value.get.side_effect = load_data
-        self.mock_record_model_setting.return_value.get.side_effect = load_data
-        self.mock_server_model_setting.return_value.get.side_effect = load_data
-        self.decorators_setting.return_value.get.side_effect = load_data
-        self.api_setting.return_value.get.side_effect = load_data
-
-        self.mockk = MagicMock()
-        self.mockk.role.name = "Administrator"
-
-        self.mock_user.query.filter.return_value.first.return_value = self.mockk
-        self.mock_user.return_value.is_validate.return_value = True
-        self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
-        self.mock_base_route_user.return_value.is_validate.return_value = True
+        with app.app_context():
+            self.mock_google_setting = self.google_setting_patcher.start()
+            self.mock_github_setting = self.github_setting_patcher.start()
+            self.mock_azure_setting = self.azure_setting_patcher.start()
+            self.mock_oidc_setting = self.oidc_setting_patcher.start()
+            self.mock_base_route_user = self.base_route_user_patcher.start()
+            self.mock_helpers_setting = self.helpers_setting_patcher.start()
+            self.mock_models_setting = self.models_setting_patcher.start()
+            self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
+            )
+            self.mock_record_model_setting = self.record_model_setting_patcher.start(
+            )
+            self.mock_server_model_setting = self.server_model_setting_patcher.start(
+            )
+            self.mock_user = self.mock_user_patcher.start()
+            self.mock_hist = self.mock_hist_patcher.start()
+            self.mock_setting = self.mock_setting_patcher.start()
+            self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
+
+            self.mock_google_setting.return_value.get.side_effect = load_data
+            self.mock_github_setting.return_value.get.side_effect = load_data
+            self.mock_azure_setting.return_value.get.side_effect = load_data
+            self.mock_oidc_setting.return_value.get.side_effect = load_data
+            self.mock_helpers_setting.return_value.get.side_effect = load_data
+            self.mock_models_setting.return_value.get.side_effect = load_data
+            self.mock_domain_model_setting.return_value.get.side_effect = load_data
+            self.mock_record_model_setting.return_value.get.side_effect = load_data
+            self.mock_server_model_setting.return_value.get.side_effect = load_data
+            self.mock_decorators_setting.return_value.get.side_effect = load_data
+            self.mock_setting.return_value.get.side_effect = load_data
+
+            self.mockk = MagicMock()
+            self.mockk.role.name = "Administrator"
+
+            self.mock_user.query.filter.return_value.first.return_value = self.mockk
+            self.mock_user.return_value.is_validate.return_value = True
+            self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
+            self.mock_base_route_user.return_value.is_validate.return_value = True
 
         yield
 
@@ -107,10 +110,10 @@ def common_data_mock(self):
             self.domain_model_setting_patcher,
             self.record_model_setting_patcher,
             self.server_model_setting_patcher,
-            self.decorators_setting_patcher,
-            self.api_setting_patcher,
             self.mock_user_patcher,
             self.mock_hist_patcher,
+            self.mock_setting_patcher,
+            self.mock_decorators_setting_patcher,
         ]:
             patcher.stop()
 
@@ -159,8 +162,7 @@ def test_get_multiple_zones(self, client, common_data_mock, zone_data,
                              headers=basic_auth_admin_headers)
             data = res.get_json(force=True)
 
-            fake_domain = namedtuple("Domain",
-                                     data[0].keys())(*data[0].values())
+            fake_domain = namedtuple("Domain", data[0].keys())(*data[0].values())
             domain_schema = DomainSchema(many=True)
 
             json.dumps(domain_schema.dump([fake_domain]))
diff --git a/tests/unit/zone/test_user.py b/tests/unit/zone/test_user.py
index 3d374927c..f7fe33592 100644
--- a/tests/unit/zone/test_user.py
+++ b/tests/unit/zone/test_user.py
@@ -13,7 +13,8 @@
 
 class TestUnitApiZoneUser(object):
     @pytest.fixture
-    def common_data_mock(self):
+    def common_data_mock(self, app, initial_data):
+
         self.google_setting_patcher = patch(
             'powerdnsadmin.services.google.Setting',
             spec=powerdnsadmin.models.setting.Setting)
@@ -26,17 +27,11 @@ def common_data_mock(self):
         self.oidc_setting_patcher = patch(
             'powerdnsadmin.services.oidc.Setting',
             spec=powerdnsadmin.models.setting.Setting)
-        self.api_setting_patcher = patch(
-            'powerdnsadmin.routes.api.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.base_route_user_patcher = patch(
-            'powerdnsadmin.routes.base.User',
-            spec=powerdnsadmin.models.user.User)
         self.helpers_setting_patcher = patch(
             'powerdnsadmin.lib.helper.Setting',
             spec=powerdnsadmin.models.setting.Setting)
         self.models_setting_patcher = patch(
-            'powerdnsadmin.models.Setting',
+            'powerdnsadmin.models.setting.Setting',
             spec=powerdnsadmin.models.setting.Setting)
         self.domain_model_setting_patcher = patch(
             'powerdnsadmin.models.domain.Setting',
@@ -47,52 +42,60 @@ def common_data_mock(self):
         self.server_model_setting_patcher = patch(
             'powerdnsadmin.models.server.Setting',
             spec=powerdnsadmin.models.setting.Setting)
-        self.decorators_setting_patcher = patch(
-            'powerdnsadmin.decorators.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_user_patcher = patch('powerdnsadmin.decorators.User',
-                                       spec=powerdnsadmin.models.user.User)
+        self.mock_user_patcher = patch(
+            'powerdnsadmin.decorators.User',
+            spec=powerdnsadmin.models.user.User)
         self.mock_hist_patcher = patch(
             'powerdnsadmin.routes.api.History',
             spec=powerdnsadmin.models.history.History)
+        self.mock_setting_patcher = patch(
+            'powerdnsadmin.routes.api.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
+        self.mock_decorators_setting_patcher = patch(
+            'powerdnsadmin.decorators.Setting',
+            spec=powerdnsadmin.models.setting.Setting)
+        self.base_route_user_patcher = patch(
+            'powerdnsadmin.routes.base.User',
+            spec=powerdnsadmin.models.user.User)
 
-        self.mock_google_setting = self.google_setting_patcher.start()
-        self.mock_github_setting = self.github_setting_patcher.start()
-        self.mock_azure_setting = self.azure_setting_patcher.start()
-        self.mock_oidc_setting = self.oidc_setting_patcher.start()
-        self.mock_base_route_user = self.base_route_user_patcher.start()
-        self.mock_helpers_setting = self.helpers_setting_patcher.start()
-        self.mock_models_setting = self.models_setting_patcher.start()
-        self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
-        )
-        self.mock_record_model_setting = self.record_model_setting_patcher.start(
-        )
-        self.mock_server_model_setting = self.server_model_setting_patcher.start(
-        )
-        self.decorators_setting = self.decorators_setting_patcher.start()
-        self.api_setting = self.api_setting_patcher.start()
-        self.mock_user = self.mock_user_patcher.start()
-        self.mock_hist = self.mock_hist_patcher.start()
-
-        self.mock_google_setting.return_value.get.side_effect = load_data
-        self.mock_github_setting.return_value.get.side_effect = load_data
-        self.mock_azure_setting.return_value.get.side_effect = load_data
-        self.mock_oidc_setting.return_value.get.side_effect = load_data
-        self.mock_helpers_setting.return_value.get.side_effect = load_data
-        self.mock_models_setting.return_value.get.side_effect = load_data
-        self.mock_domain_model_setting.return_value.get.side_effect = load_data
-        self.mock_record_model_setting.return_value.get.side_effect = load_data
-        self.mock_server_model_setting.return_value.get.side_effect = load_data
-        self.decorators_setting.return_value.get.side_effect = load_data
-        self.api_setting.return_value.get.side_effect = load_data
-
-        self.mockk = MagicMock()
-        self.mockk.role.name = "User"
-
-        self.mock_user.query.filter.return_value.first.return_value = self.mockk
-        self.mock_user.return_value.is_validate.return_value = True
-        self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
-        self.mock_base_route_user.return_value.is_validate.return_value = True
+        with app.app_context():
+            self.mock_google_setting = self.google_setting_patcher.start()
+            self.mock_github_setting = self.github_setting_patcher.start()
+            self.mock_azure_setting = self.azure_setting_patcher.start()
+            self.mock_oidc_setting = self.oidc_setting_patcher.start()
+            self.mock_base_route_user = self.base_route_user_patcher.start()
+            self.mock_helpers_setting = self.helpers_setting_patcher.start()
+            self.mock_models_setting = self.models_setting_patcher.start()
+            self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
+            )
+            self.mock_record_model_setting = self.record_model_setting_patcher.start(
+            )
+            self.mock_server_model_setting = self.server_model_setting_patcher.start(
+            )
+            self.mock_user = self.mock_user_patcher.start()
+            self.mock_hist = self.mock_hist_patcher.start()
+            self.mock_setting = self.mock_setting_patcher.start()
+            self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
+
+            self.mock_google_setting.return_value.get.side_effect = load_data
+            self.mock_github_setting.return_value.get.side_effect = load_data
+            self.mock_azure_setting.return_value.get.side_effect = load_data
+            self.mock_oidc_setting.return_value.get.side_effect = load_data
+            self.mock_helpers_setting.return_value.get.side_effect = load_data
+            self.mock_models_setting.return_value.get.side_effect = load_data
+            self.mock_domain_model_setting.return_value.get.side_effect = load_data
+            self.mock_record_model_setting.return_value.get.side_effect = load_data
+            self.mock_server_model_setting.return_value.get.side_effect = load_data
+            self.mock_decorators_setting.return_value.get.side_effect = load_data
+            self.mock_setting.return_value.get.side_effect = load_data
+
+            self.mockk = MagicMock()
+            self.mockk.role.name = "User"
+
+            self.mock_user.query.filter.return_value.first.return_value = self.mockk
+            self.mock_user.return_value.is_validate.return_value = True
+            self.mock_base_route_user.query.filter.return_value.first.return_value = self.mockk
+            self.mock_base_route_user.return_value.is_validate.return_value = True
 
         yield
 
@@ -107,10 +110,10 @@ def common_data_mock(self):
             self.domain_model_setting_patcher,
             self.record_model_setting_patcher,
             self.server_model_setting_patcher,
-            self.decorators_setting_patcher,
-            self.api_setting_patcher,
             self.mock_user_patcher,
             self.mock_hist_patcher,
+            self.mock_setting_patcher,
+            self.mock_decorators_setting_patcher,
         ]:
             patcher.stop()
 
@@ -118,7 +121,7 @@ def common_data_mock(self):
     def test_create_zone(self, client, common_data_mock, zone_data,
                          basic_auth_user_headers, created_zone_data):
         with patch('powerdnsadmin.lib.helper.requests.request') as mock_post, \
-             patch('powerdnsadmin.routes.api.Domain') as mock_domain:
+                patch('powerdnsadmin.routes.api.Domain') as mock_domain:
             mock_post.return_value.status_code = 201
             mock_post.return_value.content = json.dumps(created_zone_data)
             mock_post.return_value.headers = {}
@@ -139,8 +142,9 @@ def test_get_multiple_zones(self, client, common_data_mock, zone_data,
         with patch('powerdnsadmin.routes.api.get_user_domains') as mock_user_domains:
             test_domain = Domain(1, name=zone_data['name'].rstrip("."))
             mock_user_domains.return_value = [test_domain]
+
             res = client.get("/api/v1/pdnsadmin/zones",
-                            headers=basic_auth_user_headers)
+                             headers=basic_auth_user_headers)
             data = res.get_json(force=True)
 
             fake_domain = namedtuple("Domain", data[0].keys())(*data[0].values())
@@ -151,9 +155,9 @@ def test_get_multiple_zones(self, client, common_data_mock, zone_data,
 
     def test_delete_zone(self, client, common_data_mock, zone_data,
                          basic_auth_user_headers):
-        with patch('powerdnsadmin.lib.utils.requests.request') as mock_delete, \
-             patch('powerdnsadmin.routes.api.Domain') as mock_domain, \
-             patch('powerdnsadmin.routes.api.get_user_domains') as mock_user_domains:
+        with patch('powerdnsadmin.lib.helper.requests.request') as mock_delete, \
+                patch('powerdnsadmin.routes.api.Domain') as mock_domain, \
+                patch('powerdnsadmin.routes.api.get_user_domains') as mock_user_domains:
             test_domain = Domain(1, name=zone_data['name'].rstrip("."))
 
             mock_domain.return_value.update.return_value = True
diff --git a/tests/unit/zone/test_user_apikey.py b/tests/unit/zone/test_user_apikey.py
index 77b1018df..b1911cef5 100644
--- a/tests/unit/zone/test_user_apikey.py
+++ b/tests/unit/zone/test_user_apikey.py
@@ -15,84 +15,85 @@
 
 class TestUnitApiZoneUserApiKey(object):
     @pytest.fixture
-    def common_data_mock(self):
-        self.google_setting_patcher = patch(
-            'powerdnsadmin.services.google.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.github_setting_patcher = patch(
-            'powerdnsadmin.services.github.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.azure_setting_patcher = patch(
-            'powerdnsadmin.services.azure.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.oidc_setting_patcher = patch(
-            'powerdnsadmin.services.oidc.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.helpers_setting_patcher = patch(
-            'powerdnsadmin.lib.helper.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.models_setting_patcher = patch(
-            'powerdnsadmin.models.setting.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.domain_model_setting_patcher = patch(
-            'powerdnsadmin.models.domain.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.record_model_setting_patcher = patch(
-            'powerdnsadmin.models.record.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.server_model_setting_patcher = patch(
-            'powerdnsadmin.models.server.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_apikey_patcher = patch(
-            'powerdnsadmin.decorators.ApiKey',
-            spec=powerdnsadmin.models.api_key.ApiKey)
-        self.mock_hist_patcher = patch(
-            'powerdnsadmin.routes.api.History',
-            spec=powerdnsadmin.models.history.History)
-        self.mock_setting_patcher = patch(
-            'powerdnsadmin.routes.api.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-        self.mock_decorators_setting_patcher = patch(
-            'powerdnsadmin.decorators.Setting',
-            spec=powerdnsadmin.models.setting.Setting)
-
-        self.mock_google_setting = self.google_setting_patcher.start()
-        self.mock_github_setting = self.github_setting_patcher.start()
-        self.mock_azure_setting = self.azure_setting_patcher.start()
-        self.mock_oidc_setting = self.oidc_setting_patcher.start()
-        self.mock_helpers_setting = self.helpers_setting_patcher.start()
-        self.mock_models_setting = self.models_setting_patcher.start()
-        self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
-        )
-        self.mock_record_model_setting = self.record_model_setting_patcher.start(
-        )
-        self.mock_server_model_setting = self.server_model_setting_patcher.start(
-        )
-        self.mock_apikey = self.mock_apikey_patcher.start()
-        self.mock_hist = self.mock_hist_patcher.start()
-        self.mock_setting = self.mock_setting_patcher.start()
-        self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
-
-        self.mock_google_setting.return_value.get.side_effect = load_data
-        self.mock_github_setting.return_value.get.side_effect = load_data
-        self.mock_azure_setting.return_value.get.side_effect = load_data
-        self.mock_oidc_setting.return_value.get.side_effect = load_data
-        self.mock_helpers_setting.return_value.get.side_effect = load_data
-        self.mock_models_setting.return_value.get.side_effect = load_data
-        self.mock_domain_model_setting.return_value.get.side_effect = load_data
-        self.mock_record_model_setting.return_value.get.side_effect = load_data
-        self.mock_server_model_setting.return_value.get.side_effect = load_data
-        self.mock_decorators_setting.return_value.get.side_effect = load_data
-
-        data = user_apikey_data()
-        domain = Domain(name=data['domains'][0])
-
-        api_key = ApiKey(desc=data['description'],
-                         role_name=data['role'],
-                         domains=[domain])
-        api_key.role = Role(name=data['role'])
-
-        self.mock_apikey.return_value.is_validate.return_value = api_key
+    def common_data_mock(self, app):
+        with app.app_context():
+            self.google_setting_patcher = patch(
+                'powerdnsadmin.services.google.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.github_setting_patcher = patch(
+                'powerdnsadmin.services.github.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.azure_setting_patcher = patch(
+                'powerdnsadmin.services.azure.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.oidc_setting_patcher = patch(
+                'powerdnsadmin.services.oidc.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.helpers_setting_patcher = patch(
+                'powerdnsadmin.lib.helper.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.models_setting_patcher = patch(
+                'powerdnsadmin.models.setting.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.domain_model_setting_patcher = patch(
+                'powerdnsadmin.models.domain.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.record_model_setting_patcher = patch(
+                'powerdnsadmin.models.record.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.server_model_setting_patcher = patch(
+                'powerdnsadmin.models.server.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.mock_apikey_patcher = patch(
+                'powerdnsadmin.decorators.ApiKey',
+                spec=powerdnsadmin.models.api_key.ApiKey)
+            self.mock_hist_patcher = patch(
+                'powerdnsadmin.routes.api.History',
+                spec=powerdnsadmin.models.history.History)
+            self.mock_setting_patcher = patch(
+                'powerdnsadmin.routes.api.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+            self.mock_decorators_setting_patcher = patch(
+                'powerdnsadmin.decorators.Setting',
+                spec=powerdnsadmin.models.setting.Setting)
+
+            self.mock_google_setting = self.google_setting_patcher.start()
+            self.mock_github_setting = self.github_setting_patcher.start()
+            self.mock_azure_setting = self.azure_setting_patcher.start()
+            self.mock_oidc_setting = self.oidc_setting_patcher.start()
+            self.mock_helpers_setting = self.helpers_setting_patcher.start()
+            self.mock_models_setting = self.models_setting_patcher.start()
+            self.mock_domain_model_setting = self.domain_model_setting_patcher.start(
+            )
+            self.mock_record_model_setting = self.record_model_setting_patcher.start(
+            )
+            self.mock_server_model_setting = self.server_model_setting_patcher.start(
+            )
+            self.mock_apikey = self.mock_apikey_patcher.start()
+            self.mock_hist = self.mock_hist_patcher.start()
+            self.mock_setting = self.mock_setting_patcher.start()
+            self.mock_decorators_setting = self.mock_decorators_setting_patcher.start()
+
+            self.mock_google_setting.return_value.get.side_effect = load_data
+            self.mock_github_setting.return_value.get.side_effect = load_data
+            self.mock_azure_setting.return_value.get.side_effect = load_data
+            self.mock_oidc_setting.return_value.get.side_effect = load_data
+            self.mock_helpers_setting.return_value.get.side_effect = load_data
+            self.mock_models_setting.return_value.get.side_effect = load_data
+            self.mock_domain_model_setting.return_value.get.side_effect = load_data
+            self.mock_record_model_setting.return_value.get.side_effect = load_data
+            self.mock_server_model_setting.return_value.get.side_effect = load_data
+            self.mock_decorators_setting.return_value.get.side_effect = load_data
+
+            data = user_apikey_data()
+            domain = Domain(name=data['domains'][0])
+
+            api_key = ApiKey(desc=data['description'],
+                             role_name=data['role'],
+                             domains=[domain])
+            api_key.role = Role(name=data['role'])
+
+            self.mock_apikey.return_value.is_validate.return_value = api_key
 
         yield
 
@@ -143,8 +144,7 @@ def test_get_multiple_zones(self, client, common_data_mock, zone_data,
                              headers=user_apikey)
             data = res.get_json(force=True)
 
-            fake_domain = namedtuple("Domain",
-                                     data[0].keys())(*data[0].values())
+            fake_domain = namedtuple("Domain", data[0].keys())(*data[0].values())
             domain_schema = DomainSchema(many=True)
 
             json.dumps(domain_schema.dump([fake_domain]))

From 7d153932b3c8cdbce39f9e2fa647fd481a4b06a3 Mon Sep 17 00:00:00 2001
From: Ymage <heltem+git@o2php.com>
Date: Thu, 22 Dec 2022 22:50:01 +0100
Subject: [PATCH 168/475] Fix back_populate relationships

---
 powerdnsadmin/models/role.py | 4 ++--
 powerdnsadmin/models/user.py | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/models/role.py b/powerdnsadmin/models/role.py
index a5cf53026..5440f3dbf 100644
--- a/powerdnsadmin/models/role.py
+++ b/powerdnsadmin/models/role.py
@@ -5,7 +5,7 @@ class Role(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     name = db.Column(db.String(64), index=True, unique=True)
     description = db.Column(db.String(128))
-    users = db.relationship('User', backref='role', lazy=True)
+    users = db.relationship('User', back_populates='role', lazy=True)
     apikeys = db.relationship('ApiKey', back_populates='role', lazy=True)
 
     def __init__(self, id=None, name=None, description=None):
@@ -20,4 +20,4 @@ def __init__(self, name=None, description=None):
         self.description = description
 
     def __repr__(self):
-        return '<Role {0}r>'.format(self.name)
+        return '<Role {0}>'.format(self.name)
diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 1e395690e..78104f665 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -34,6 +34,7 @@ class User(db.Model):
     otp_secret = db.Column(db.String(16))
     confirmed = db.Column(db.SmallInteger, nullable=False, default=0)
     role_id = db.Column(db.Integer, db.ForeignKey('role.id'))
+    role = db.relationship('Role', back_populates="users", lazy=True)
     accounts = None
 
     def __init__(self,

From 1d885278d4164d60e6ba66ed97de1cbbf2565c42 Mon Sep 17 00:00:00 2001
From: Ymage <heltem+git@o2php.com>
Date: Thu, 22 Dec 2022 22:55:05 +0100
Subject: [PATCH 169/475] Cosmetic

---
 powerdnsadmin/routes/api.py | 113 ++++++++++++++++--------------------
 1 file changed, 51 insertions(+), 62 deletions(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 3df31e18e..4a18c1db4 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1,22 +1,21 @@
 import json
-from urllib.parse import urljoin
+import secrets
+import string
 from base64 import b64encode
-from flask import (
-    Blueprint, g, request, abort, current_app, make_response, jsonify,
-)
+from urllib.parse import urljoin
+
+from flask import (Blueprint, g, request, abort, current_app, make_response, jsonify)
 from flask_login import current_user
 
 from .base import csrf
-from ..models.base import db
-from ..models import (
-    User, Domain, DomainUser, Account, AccountUser, History, Setting, ApiKey,
-    Role,
+from ..decorators import (
+    api_basic_auth, api_can_create_domain, is_json, apikey_auth,
+    apikey_can_create_domain, apikey_can_remove_domain,
+    apikey_is_admin, apikey_can_access_domain, apikey_can_configure_dnssec,
+    api_role_can, apikey_or_basic_auth,
+    callback_if_request_body_contains_key, allowed_record_types, allowed_record_ttl
 )
 from ..lib import utils, helper
-from ..lib.schema import (
-    ApiKeySchema, DomainSchema, ApiPlainKeySchema, UserSchema, AccountSchema,
-    UserDetailedSchema,
-)
 from ..lib.errors import (
     StructuredException,
     DomainNotExists, DomainAlreadyExists, DomainAccessForbidden,
@@ -26,15 +25,15 @@
     UserCreateFail, UserCreateDuplicate, UserUpdateFail, UserDeleteFail,
     UserUpdateFailEmail, InvalidAccountNameException
 )
-from ..decorators import (
-    api_basic_auth, api_can_create_domain, is_json, apikey_auth,
-    apikey_can_create_domain, apikey_can_remove_domain,
-    apikey_is_admin, apikey_can_access_domain, apikey_can_configure_dnssec,
-    api_role_can, apikey_or_basic_auth,
-    callback_if_request_body_contains_key, allowed_record_types, allowed_record_ttl
+from ..lib.schema import (
+    ApiKeySchema, DomainSchema, ApiPlainKeySchema, UserSchema, AccountSchema,
+    UserDetailedSchema,
 )
-import secrets
-import string
+from ..models import (
+    User, Domain, DomainUser, Account, AccountUser, History, Setting, ApiKey,
+    Role,
+)
+from ..models.base import db
 
 api_bp = Blueprint('api', __name__, url_prefix='/api/v1')
 apilist_bp = Blueprint('apilist', __name__, url_prefix='/')
@@ -56,10 +55,10 @@ def get_user_domains():
         .outerjoin(Account, Domain.account_id == Account.id) \
         .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
         .filter(
-            db.or_(
-                DomainUser.user_id == current_user.id,
-                AccountUser.user_id == current_user.id
-            )).all()
+        db.or_(
+            DomainUser.user_id == current_user.id,
+            AccountUser.user_id == current_user.id
+        )).all()
     return domains
 
 
@@ -71,10 +70,10 @@ def get_user_apikeys(domain_name=None):
         .outerjoin(Account, Domain.account_id == Account.id) \
         .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
         .filter(
-            db.or_(
-                DomainUser.user_id == User.id,
-                AccountUser.user_id == User.id
-            )
+        db.or_(
+            DomainUser.user_id == User.id,
+            AccountUser.user_id == User.id
+        )
     ) \
         .filter(User.id == current_user.id)
 
@@ -167,12 +166,7 @@ def handle_request_is_not_json(err):
 def before_request():
     # Check site is in maintenance mode
     maintenance = Setting().get('maintenance')
-    if (
-        maintenance and current_user.is_authenticated and
-        current_user.role.name not in [
-            'Administrator', 'Operator'
-        ]
-    ):
+    if (maintenance and current_user.is_authenticated and current_user.role.name not in ['Administrator', 'Operator']):
         return make_response(
             jsonify({
                 "status": False,
@@ -224,14 +218,13 @@ def api_login_create_zone():
 
         history = History(msg='Add domain {0}'.format(
             data['name'].rstrip('.')),
-                          detail=json.dumps(data),
-                          created_by=current_user.username,
-                          domain_id=domain_id)
+            detail=json.dumps(data),
+            created_by=current_user.username,
+            domain_id=domain_id)
         history.add()
 
         if current_user.role.name not in ['Administrator', 'Operator']:
-            current_app.logger.debug(
-                "User is ordinary user, assigning created domain")
+            current_app.logger.debug("User is ordinary user, assigning created domain")
             domain = Domain(name=data['name'].rstrip('.'))
             domain.update()
             domain.grant_privileges([current_user.id])
@@ -299,9 +292,9 @@ def api_login_delete_zone(domain_name):
 
             history = History(msg='Delete domain {0}'.format(
                 utils.pretty_domain_name(domain_name)),
-                              detail='',
-                              created_by=current_user.username,
-                              domain_id=domain_id)
+                detail='',
+                created_by=current_user.username,
+                domain_id=domain_id)
             history.add()
 
     except Exception as e:
@@ -326,14 +319,14 @@ def api_generate_apikey():
 
     if 'domains' not in data:
         domains = []
-    elif not isinstance(data['domains'], (list, )):
+    elif not isinstance(data['domains'], (list,)):
         abort(400)
     else:
         domains = [d['name'] if isinstance(d, dict) else d for d in data['domains']]
 
     if 'accounts' not in data:
         accounts = []
-    elif not isinstance(data['accounts'], (list, )):
+    elif not isinstance(data['accounts'], (list,)):
         abort(400)
     else:
         accounts = [a['name'] if isinstance(a, dict) else a for a in data['accounts']]
@@ -385,8 +378,7 @@ def api_generate_apikey():
         user_domain_list = [item.name for item in user_domain_obj_list]
 
         current_app.logger.debug("Input domain list: {0}".format(domain_list))
-        current_app.logger.debug(
-            "User domain list: {0}".format(user_domain_list))
+        current_app.logger.debug("User domain list: {0}".format(user_domain_list))
 
         inter = set(domain_list).intersection(set(user_domain_list))
 
@@ -539,14 +531,14 @@ def api_update_apikey(apikey_id):
 
     if 'domains' not in data:
         domains = None
-    elif not isinstance(data['domains'], (list, )):
+    elif not isinstance(data['domains'], (list,)):
         abort(400)
     else:
         domains = [d['name'] if isinstance(d, dict) else d for d in data['domains']]
 
     if 'accounts' not in data:
         accounts = None
-    elif not isinstance(data['accounts'], (list, )):
+    elif not isinstance(data['accounts'], (list,)):
         abort(400)
     else:
         accounts = [a['name'] if isinstance(a, dict) else a for a in data['accounts']]
@@ -963,9 +955,7 @@ def api_delete_account(account_id):
         account = account_list[0]
     else:
         abort(404)
-    current_app.logger.debug(
-            f'Deleting Account {account.name}'
-        )
+    current_app.logger.debug(f'Deleting Account {account.name}')
 
     # Remove account association from domains first
     if len(account.domains) > 0:
@@ -1047,7 +1037,7 @@ def api_remove_account_user(account_id, user_id):
     user_list = User.query.join(AccountUser).filter(
         AccountUser.account_id == account_id,
         AccountUser.user_id == user_id,
-        ).all()
+    ).all()
     if not user_list:
         abort(404)
     if not account.remove_user(user):
@@ -1123,9 +1113,9 @@ def api_zone_forward(server_id, zone_id):
                     history = History(msg='{0} zone {1} record of {2}'.format(
                         rrset_data['changetype'].lower(), rrset_data['type'],
                         rrset_data['name'].rstrip('.')),
-                                    detail=json.dumps(data),
-                                    created_by=g.apikey.description,
-                                    domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
+                        detail=json.dumps(data),
+                        created_by=g.apikey.description,
+                        domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
                     history.add()
             elif request.method == 'DELETE':
                 history = History(msg='Deleted zone {0}'.format(zone_id.rstrip('.')),
@@ -1192,17 +1182,13 @@ def api_get_zones(server_id):
         return jsonify(domain_schema.dump(domain_obj_list)), 200
     else:
         resp = helper.forward_request()
-        if (
-            g.apikey.role.name not in ['Administrator', 'Operator']
-            and resp.status_code == 200
-        ):
+        if (g.apikey.role.name not in ['Administrator', 'Operator'] and resp.status_code == 200):
             domain_list = [d['name']
                            for d in domain_schema.dump(g.apikey.domains)]
 
             accounts_domains = [d.name for a in g.apikey.accounts for d in a.domains]
             allowed_domains = set(domain_list + accounts_domains)
-            current_app.logger.debug("Account domains: {}".format(
-                                     '/'.join(accounts_domains)))
+            current_app.logger.debug("Account domains: {}".format('/'.join(accounts_domains)))
             content = json.dumps([i for i in json.loads(resp.content)
                                   if i['name'].rstrip('.') in allowed_domains])
             return content, resp.status_code, resp.headers.items()
@@ -1223,6 +1209,7 @@ def api_server_config_forward(server_id):
     resp = helper.forward_request()
     return resp.content, resp.status_code, resp.headers.items()
 
+
 # The endpoint to synchronize Domains in background
 @api_bp.route('/sync_domains', methods=['GET'])
 @apikey_or_basic_auth
@@ -1231,6 +1218,7 @@ def sync_domains():
     domain.update()
     return 'Finished synchronization in background', 200
 
+
 @api_bp.route('/health', methods=['GET'])
 @apikey_auth
 def health():
@@ -1244,7 +1232,8 @@ def health():
     try:
         domain.get_domain_info(domain_to_query.name)
     except Exception as e:
-        current_app.logger.error("Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
+        current_app.logger.error(
+            "Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
         return make_response("Down", 503)
 
     return make_response("Up", 200)

From c7eaec27d802a3231b312d0ace2fd988b2e0544e Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Fri, 23 Dec 2022 08:23:14 +0800
Subject: [PATCH 170/475] Update utils.py

---
 powerdnsadmin/lib/utils.py | 34 ++++++++++++++++------------------
 1 file changed, 16 insertions(+), 18 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 9a528ddcf..769587eb2 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -238,24 +238,22 @@ class customBoxes:
     }
     order = ["reverse", "ip6arpa", "inaddrarpa"]
 
-def pretty_domain_name(value):
-    """
-    Display domain name in original format.
-    If it is IDN domain (Punycode starts with xn--), do the
-    idna decoding.
-    Note that any part of the domain name can be individually punycoded
-    """
-    if isinstance(value, str):
-        if value.startswith('xn--') \
-        or value.find('.xn--') != -1:
-            try:
-                return to_idna(value, 'decode')
-            except:
-                raise Exception('Cannot decode IDN domain')
-        else:
-            return value
-    else:
-        raise Exception('Require the Punycode in string format')
+def pretty_domain_name(domain_name):
+    # Add a debugging statement to print out the domain name
+    print("Received domain name:", domain_name)
+
+    # Check if the domain name is encoded using Punycode
+    if domain_name.endswith('.xn--'):
+        try:
+            # Decode the domain name using the idna library
+            domain_name = idna.decode(domain_name)
+        except Exception as e:
+            # If the decoding fails, raise an exception with more information
+            raise Exception('Cannot decode IDN domain: {}'.format(e))
+
+    # Return the "pretty" version of the domain name
+    return domain_name
+
 
 def to_idna(value, action):
     splits = value.split('.')

From 7e973c72190eae1b3daf7e084f90554b87c3d5ab Mon Sep 17 00:00:00 2001
From: Niklas Engvall <niklas@engvall.it>
Date: Fri, 23 Dec 2022 12:18:00 +0100
Subject: [PATCH 171/475] bump alpine to 3.15

---
 docker/Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index f0a073124..2b02353b1 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.13 AS builder
+FROM alpine:3.15 AS builder
 
 ARG BUILD_DEPENDENCIES="build-base \
     libffi-dev \
@@ -65,12 +65,12 @@ RUN mkdir -p /app && \
     cp -r /build/configs/docker_config.py /app/configs
 
 # Build image
-FROM alpine:3.13
+FROM alpine:3.15
 
 ENV FLASK_APP=/app/powerdnsadmin/__init__.py \
     USER=pda
 
-RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-psycopg2 xmlsec tzdata libcap && \
+RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-pyldap py3-flask py3-psycopg2 xmlsec tzdata libcap && \
     addgroup -S ${USER} && \
     adduser -S -D -G ${USER} ${USER} && \
     mkdir /data && \
@@ -79,7 +79,7 @@ RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-ps
     apk del libcap
 
 COPY --from=builder /usr/bin/flask /usr/bin/
-COPY --from=builder /usr/lib/python3.8/site-packages /usr/lib/python3.8/site-packages/
+COPY --from=builder /usr/lib/python3.9/site-packages /usr/lib/python3.9/site-packages/
 COPY --from=builder --chown=root:${USER} /app /app/
 COPY ./docker/entrypoint.sh /usr/bin/
 

From 4de7bbe354387623c9abc4e4252a266a34782d92 Mon Sep 17 00:00:00 2001
From: Niklas Engvall <niklas@engvall.it>
Date: Fri, 6 Jan 2023 16:43:48 +0100
Subject: [PATCH 172/475] Use alpine 3.17 as base + pip fix to remove warnings

---
 docker/Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 2b02353b1..e9905d6d2 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15 AS builder
+FROM alpine:3.17 AS builder
 
 ARG BUILD_DEPENDENCIES="build-base \
     libffi-dev \
@@ -29,7 +29,7 @@ COPY ./requirements.txt /build/requirements.txt
 
 # Get application dependencies
 RUN pip install --upgrade pip && \
-    pip install -r requirements.txt
+    pip install --use-pep517 -r requirements.txt
 
 # Add sources
 COPY . /build
@@ -65,7 +65,7 @@ RUN mkdir -p /app && \
     cp -r /build/configs/docker_config.py /app/configs
 
 # Build image
-FROM alpine:3.15
+FROM alpine:3.17
 
 ENV FLASK_APP=/app/powerdnsadmin/__init__.py \
     USER=pda
@@ -79,7 +79,7 @@ RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-py
     apk del libcap
 
 COPY --from=builder /usr/bin/flask /usr/bin/
-COPY --from=builder /usr/lib/python3.9/site-packages /usr/lib/python3.9/site-packages/
+COPY --from=builder /usr/lib/python3.10/site-packages /usr/lib/python3.10/site-packages/
 COPY --from=builder --chown=root:${USER} /app /app/
 COPY ./docker/entrypoint.sh /usr/bin/
 

From b163e517bb56596adf28df691076d1160630da8f Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Mon, 9 Jan 2023 11:10:22 +0800
Subject: [PATCH 173/475] Update utils.py


From 9088f9323329c581f95793df7e4c00d21ed2bbd8 Mon Sep 17 00:00:00 2001
From: Robert Walter <metrax@metrax.eu>
Date: Tue, 10 Jan 2023 13:49:16 +0100
Subject: [PATCH 174/475] Upgrade Database: Changing domain table type column
 to 8 chars

PowerDNS 4.7 is supporting 2 new zone types: "producer" & "consumer"
Due to the domain type column is limited to 6 chars, PDA Zone update will fail if producer or cusomer zones exist.
To solve this problem, this commit increases the lenght of the domain type column to 8 chars.
---
 .../f41520e41cee_update_domain_type_length.py | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 migrations/versions/f41520e41cee_update_domain_type_length.py

diff --git a/migrations/versions/f41520e41cee_update_domain_type_length.py b/migrations/versions/f41520e41cee_update_domain_type_length.py
new file mode 100644
index 000000000..f4672de83
--- /dev/null
+++ b/migrations/versions/f41520e41cee_update_domain_type_length.py
@@ -0,0 +1,31 @@
+"""update domain type length
+
+Revision ID: f41520e41cee
+Revises: 6ea7dc05f496
+Create Date: 2023-01-10 11:56:28.538485
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'f41520e41cee'
+down_revision = '6ea7dc05f496'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    with op.batch_alter_table('domain') as batch_op:
+        batch_op.alter_column('type',
+                              existing_type=sa.String(length=6),
+                              type_=sa.String(length=8))
+
+
+def downgrade():
+    with op.batch_alter_table('domain') as batch_op:
+        batch_op.alter_column('type',
+                              existing_type=sa.String(length=8),
+                              type_=sa.String(length=6))
+        

From c02cb3b7fe39044eb58f1d06beb381953d18a6ea Mon Sep 17 00:00:00 2001
From: Robert Walter <metrax@metrax.eu>
Date: Tue, 10 Jan 2023 13:51:04 +0100
Subject: [PATCH 175/475] Model change: Changing domain model type variable to
 8 chars

PowerDNS 4.7 is supporting 2 new zone types: "producer" & "consumer"
Due to the domain type variable is limited to 6 chars, PDA Zone update will fail if producer or cusomer zones exist.
To solve this problem, this commit increases the lenght of the domain model type variable to 8 chars.
---
 powerdnsadmin/models/domain.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index 09b697e7d..ab154c147 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -20,7 +20,7 @@ class Domain(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     name = db.Column(db.String(255), index=True, unique=True)
     master = db.Column(db.String(128))
-    type = db.Column(db.String(6), nullable=False)
+    type = db.Column(db.String(8), nullable=False)
     serial = db.Column(db.BigInteger)
     notified_serial = db.Column(db.BigInteger)
     last_check = db.Column(db.Integer)

From 18bc336d7a052749e1a0928be59bfd0319097cce Mon Sep 17 00:00:00 2001
From: Bernward Sanchez <sanzbernward@gmail.com>
Date: Wed, 11 Jan 2023 18:21:40 +0800
Subject: [PATCH 176/475] Potential fix

---
 powerdnsadmin/routes/index.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 3a6f55cf9..e6e83435f 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -323,6 +323,7 @@ def login():
                             # Regexp didn't match, continue to next iteration
                             continue
 
+                    account = Account()
                     sanitized_group_name = Account.sanitize_name(group_name)
                     account_id = account.get_id_by_name(account_name=sanitized_group_name)
 

From 246ad7f7d2a76ba069b0f760f1fe24aba49531eb Mon Sep 17 00:00:00 2001
From: Robert Walter <metrax@metrax.eu>
Date: Fri, 13 Jan 2023 10:05:20 +0100
Subject: [PATCH 177/475] Fixing Wrapping in History Details Modal in Dashboard

resolves #1358
---
 powerdnsadmin/templates/applied_change_macro.html | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/templates/applied_change_macro.html b/powerdnsadmin/templates/applied_change_macro.html
index 6a49b01d8..0b444b667 100644
--- a/powerdnsadmin/templates/applied_change_macro.html
+++ b/powerdnsadmin/templates/applied_change_macro.html
@@ -92,24 +92,24 @@
                         {% for changes in hist_rec_entry.changeSet %}
                         <tr>
                             {% if changes[2] == "unchanged" %}
-                            <td>
+                            <td style="word-break: break-all">
                                 {{changes[0]['content']}}
                             </td>
                             {% elif changes[2] == "addition" %}
-                            <td>
+                            <td style="word-break: break-all">
                                 <span style="background-color:  lightgreen">
                                     {{changes[1]['content']}}
                                 </span>
                             </td>
                             {% elif changes[2] == "deletion" %}
-                            <td>
+                            <td style="word-break: break-all">
                                 <s
                                     style="text-decoration-color: rgba(194, 10, 10, 0.6); text-decoration-thickness: 2px;">
                                     {{changes[0]['content']}}
                                 </s>
                             </td>
                             {% elif changes[2] == "status" %}
-                            <td>
+                            <td style="word-break: break-all">
                                 {{changes[0]['content']}}
                             </td>
                             {% endif %}
@@ -119,7 +119,7 @@
 
                 </table>
             </td>
-            <td>
+            <td style="word-break: break-all">
                 {% for comments in hist_rec_entry.add_rrset['comments'] %}
                 {{comments['content'] }}
                 <br/>

From b607c1b7ff420939f9fcc86b4de02d956e08cdc1 Mon Sep 17 00:00:00 2001
From: Sshafi <sshafi@sshafi.net>
Date: Wed, 25 Jan 2023 23:59:35 +0100
Subject: [PATCH 178/475] Update base.html

Use SITE_NAME for upper left title on base page.
This can be useful when using multiple powerdns admin in an organization.
---
 powerdnsadmin/templates/base.html | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 85b2f8288..35bfc51b3 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -32,7 +32,13 @@
       <!-- mini logo for sidebar mini 50x50 pixels -->
       <span class="logo-mini"><b>PD</b>A</span>
       <!-- logo for regular state and mobile devices -->
-      <span class="logo-lg"><b>PowerDNS</b>-Admin</span>
+      <span class="logo-lg">
+        {% if SETTING.get('site_name') %}
+          <b>{{ SITE_NAME }}</b>
+        {% else %}
+          <b>PowerDNS</b>-Admin
+        {% endif %}
+      </span>
     </a>
     <!-- Header Navbar: style can be found in header.less -->
     <nav class="navbar navbar-static-top">

From 91c19074865f9c3c6374e4e12fc1a38e1ffe2fbd Mon Sep 17 00:00:00 2001
From: Sshafi <sshafi@sshafi.net>
Date: Thu, 26 Jan 2023 00:02:08 +0100
Subject: [PATCH 179/475] Update login.html

Use SITE_NAME for login box title on login page (with default value).
This can be useful when using multiple powerdns admin in an organization.
---
 powerdnsadmin/templates/login.html | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index ee8cc740c..805422bb8 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -20,7 +20,13 @@
 <body class="hold-transition login-page">
   <div class="login-box">
     <div class="login-logo">
-      <a href="{{ url_for('index.index') }}"><b>{{ SITE_NAME }}</b></a>
+      <a href="{{ url_for('index.index') }}">
+        {% if SETTING.get('site_name') %}
+          <b>{{ SITE_NAME }}</b>
+        {% else %}
+          <b>PowerDNS</b>-Admin
+        {% endif %}
+      </a>
     </div>
     <!-- /.login-logo -->
     <div class="login-box-body">

From e411bc9f1949cd2d42ae13e9c2e9dd5a1d6f34f0 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 30 Jan 2023 22:46:59 +0000
Subject: [PATCH 180/475] Enable CAPTCHA

---
 configs/development.py                | 11 +++++++++++
 powerdnsadmin/routes/__init__.py      |  3 ++-
 powerdnsadmin/routes/base.py          |  2 ++
 powerdnsadmin/routes/index.py         | 17 +++++++++++------
 powerdnsadmin/templates/register.html |  9 +++++++++
 requirements.txt                      |  1 +
 6 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index d4bd24f23..b848d0c86 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -15,6 +15,17 @@
 SQLA_DB_NAME = 'pda'
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 
+#CAPTCHA Config
+CAPTCHA_ENABLE = True
+CAPTCHA_LENGTH = 6
+CAPTCHA_WIDTH = 160
+CAPTCHA_HEIGHT = 60
+CAPTCHA_SESSION_KEY = 'captcha_image'
+
+#Server side sessions tracking
+#Set to TRUE for CAPTCHA, or enable another stateful session tracking system
+FILESYSTEM_SESSIONS_ENABLED = True
+
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #    urllib.parse.quote_plus(SQLA_DB_USER),
diff --git a/powerdnsadmin/routes/__init__.py b/powerdnsadmin/routes/__init__.py
index 7d8aa9a46..598b17a7b 100644
--- a/powerdnsadmin/routes/__init__.py
+++ b/powerdnsadmin/routes/__init__.py
@@ -1,5 +1,5 @@
 from .base import (
-    csrf, login_manager, handle_bad_request, handle_unauthorized_access,
+    captcha, csrf, login_manager, handle_bad_request, handle_unauthorized_access,
     handle_access_forbidden, handle_page_not_found, handle_internal_server_error
 )
 
@@ -14,6 +14,7 @@
 def init_app(app):
     login_manager.init_app(app)
     csrf.init_app(app)
+    captcha.init_app(app)
 
     app.register_blueprint(index_bp)
     app.register_blueprint(user_bp)
diff --git a/powerdnsadmin/routes/base.py b/powerdnsadmin/routes/base.py
index 16ed00ae8..7af342ce3 100644
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@@ -3,10 +3,12 @@
 from flask import render_template, url_for, redirect, session, request, current_app
 from flask_login import LoginManager
 from flask_seasurf import SeaSurf
+from flask_session_captcha import FlaskSessionCaptcha
 
 from ..models.user import User
 
 
+captcha = FlaskSessionCaptcha()
 csrf = SeaSurf()
 login_manager = LoginManager()
 
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index e6e83435f..98664d6c7 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -10,7 +10,7 @@
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
 from flask_login import login_user, logout_user, login_required, current_user
 
-from .base import csrf, login_manager
+from .base import captcha, csrf, login_manager
 from ..lib import utils
 from ..decorators import dyndns_login_required
 from ..models.base import db
@@ -651,9 +651,10 @@ def logout():
 
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
+    CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
     if Setting().get('signup_enabled'):
         if request.method == 'GET':
-            return render_template('register.html')
+            return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
         elif request.method == 'POST':
             username = request.form.get('username', '').strip()
             password = request.form.get('password', '')
@@ -664,12 +665,16 @@ def register():
 
             if not username or not password or not email:
                 return render_template(
-                    'register.html', error='Please input required information')
+                    'register.html', error='Please input required information', captcha_enable=CAPTCHA_ENABLE)
 
             if password != rpassword:
                 return render_template(
                     'register.html',
-                    error="Password confirmation does not match")
+                    error="Password confirmation does not match", captcha_enable=CAPTCHA_ENABLE)
+
+            if not captcha.validate():
+                return render_template(
+                    'register.html', error='Invalid CAPTCHA answer', captcha_enable=CAPTCHA_ENABLE)
 
             user = User(username=username,
                         plain_text_password=password,
@@ -690,9 +695,9 @@ def register():
                         return redirect(url_for('index.login'))
                 else:
                     return render_template('register.html',
-                                           error=result['msg'])
+                                           error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
             except Exception as e:
-                return render_template('register.html', error=e)
+                return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
     else:
         return render_template('errors/404.html'), 404
 
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 9a25fbb22..197b18d36 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -64,6 +64,15 @@
           <span class="glyphicon glyphicon-log-in form-control-feedback"></span>
           <span class="help-block with-errors"></span>
         </div>
+        {% if captcha_enable %}
+          <p class="login-box-msg">Please complete the CAPTCHA below</p>
+          <div class="form-group has-feedback">
+            {{ captcha() }}
+            <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha"
+              data-error="Please complete the CAPTCHA" required>
+            <span class="help-block with-errors"></span>
+          </div>
+        {% endif %}
         <div class="row">
           <div class="col-xs-4 pull-left">
             <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
diff --git a/requirements.txt b/requirements.txt
index 1fc2864b5..051d56096 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -31,3 +31,4 @@ Jinja2==3.0.3
 itsdangerous==2.0.1
 werkzeug==2.0.3
 cryptography==36.0.2
+flask_session_captcha==1.3.0
\ No newline at end of file

From 7f25e3b555064087a91ac0e7625993c54150669d Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 2 Feb 2023 21:19:15 +0000
Subject: [PATCH 181/475] Initial go at upgrading from Bootstap v3 to v4 and to
 AdminLTE v3.2.0

---
 package.json                                  |  12 +-
 powerdnsadmin/static/custom/js/custom.js      |  16 +-
 .../templates/admin_edit_account.html         |  56 ++--
 powerdnsadmin/templates/admin_edit_key.html   |  67 ++--
 powerdnsadmin/templates/admin_edit_user.html  |  19 ++
 .../templates/admin_global_search.html        |  20 ++
 powerdnsadmin/templates/admin_history.html    | 141 ++++----
 .../templates/admin_manage_account.html       | 132 ++++----
 .../templates/admin_manage_keys.html          | 129 +++----
 .../templates/admin_manage_user.html          |  37 +-
 powerdnsadmin/templates/admin_pdns_stats.html |  20 ++
 .../admin_setting_authentication.html         |  60 ++--
 .../templates/admin_setting_basic.html        | 121 +++----
 .../templates/admin_setting_pdns.html         |   4 +-
 powerdnsadmin/templates/base.html             | 309 ++++++++++-------
 powerdnsadmin/templates/errors/400.html       |  77 +++--
 powerdnsadmin/templates/errors/403.html       |  69 ++--
 powerdnsadmin/templates/errors/404.html       |  69 ++--
 powerdnsadmin/templates/errors/500.html       |  69 ++--
 powerdnsadmin/templates/errors/SAML.html      |  89 +++--
 powerdnsadmin/templates/login.html            | 315 +++++++++---------
 powerdnsadmin/templates/register.html         | 251 ++++++++------
 powerdnsadmin/templates/template_add.html     |  29 +-
 requirements.txt                              |  42 +--
 24 files changed, 1234 insertions(+), 919 deletions(-)

diff --git a/package.json b/package.json
index 76982c81c..a375986b5 100644
--- a/package.json
+++ b/package.json
@@ -1,15 +1,15 @@
 {
   "dependencies": {
-    "admin-lte": "2.4.9",
-    "bootstrap": "^3.4.1",
-    "bootstrap-datepicker": "^1.8.0",
+    "admin-lte": "3.2.0",
+    "bootstrap": "4.6.2",
+    "bootstrap-datepicker": "^1.9.0",
     "bootstrap-validator": "^0.11.9",
-    "datatables.net-plugins": "^1.10.19",
+    "datatables.net-plugins": "^1.13.1",
     "icheck": "^1.0.2",
     "jquery-slimscroll": "^1.3.8",
-    "jquery-ui-dist": "^1.12.1",
+    "jquery-ui-dist": "^1.13.2",
     "jquery.quicksearch": "^2.4.0",
-    "jtimeout": "^3.1.0",
+    "jtimeout": "^3.2.0",
     "multiselect": "^0.9.12"
   }
 }
diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index e4b72b16e..0f096bf05 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -287,4 +287,18 @@ function copy_otp_secret_to_clipboard() {
     navigator.clipboard.writeText(copyBox.value);
     $("#copy_tooltip").css("visibility", "visible");
     setTimeout(function(){ $("#copy_tooltip").css("visibility", "collapse"); }, 2000);
-  }
\ No newline at end of file
+  }
+
+// Side menu nav bar active selection
+/** add active class and stay opened when selected */
+var url = window.location;
+
+// for sidebar menu entirely but not cover treeview
+$('ul.nav-sidebar a').filter(function() {
+    return this.href == url;
+}).addClass('active');
+
+// for treeview
+$('ul.nav-treeview a').filter(function() {
+    return this.href == url;
+}).parentsUntil(".nav-sidebar > .nav-treeview").addClass('menu-open').prev('a').addClass('active');
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 1946bc926..08403b920 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -4,26 +4,34 @@
 
 {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Account
-        <small>{% if create %}New account{% else %}{{ account.name }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} account</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Account
+            <small>{% if create %}New account{% else %}{{ account.name }}{% endif %}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add{% else %}Edit{% endif %} account</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
     <div class="row">
         <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
+            <div class="card card-primary">
+                <div class="card-header with-border">
+                    <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
                 </div>
                 <!-- /.box-header -->
                 <!-- form start -->
@@ -31,7 +39,7 @@ <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
                     action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                     <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
+                    <div class="card-body">
                         {% if error %}
                         <div class="alert alert-danger alert-dismissible">
                             <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
@@ -73,10 +81,10 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             <span class="fa fa-envelope form-control-feedback"></span>
                         </div>
                     </div>
-                    <div class="box-header with-border">
-                        <h3 class="box-title">Access Control</h3>
+                    <div class="card-header with-border">
+                        <h3 class="card-title">Access Control</h3>
                     </div>
-                    <div class="box-body">
+                    <div class="card-body">
                         <p>Users on the right have access to manage records in all domains
                             associated with the account.</p>
                         <p>Click on users to move between columns.</p>
@@ -90,7 +98,7 @@ <h3 class="box-title">Access Control</h3>
                             </select>
                         </div>
                     </div>
-                    <div class="box-footer">
+                    <div class="card-footer">
                         <button type="submit"
                             class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
                             Account</button>
@@ -98,12 +106,12 @@ <h3 class="box-title">Access Control</h3>
                 </form>
             </div>
         </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with creating a new account</h3>
+        <div class="col-md-6">
+            <div class="card card-primary">
+                <div class="card-header with-border">
+                    <h3 class="card-title">Help with creating a new account</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>
                         An account allows grouping of domains belonging to a particular entity, such as a customer or
                         department.<br />
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 6a9434025..a97afcba2 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -6,26 +6,35 @@
 {% endblock %}
 {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Key
-        <small>{% if create %}New key{% else %}{{ key.id }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_keys') }}">Key</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} key</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            API Keys
+            <small>{% if create %}Add API Key{% else %}Edit API Key - {{ key.id }}{% endif %}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_keys') }}">API Keys</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add API Key{% else %}Edit API Key - {% endif %}{{ key.id }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %}
 
 {% block content %}
 <section class="content">
-    <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
+  <div class="row">
+    <div class="col-md-6">
+            <div class="card card-primary">
+                <div class="card-header with-border">
+                    <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
                 </div>
                 <!-- /.box-header -->
                 <!-- form start -->
@@ -33,7 +42,7 @@ <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
                     action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                     <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
+                    <div class="card-body">
                         <div class="form-group has-feedback">
                             <label class="control-label" for="role">Role</label>
                             <select class="key_role form-control" id="key_role" name="key_role">
@@ -52,10 +61,10 @@ <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
                                 class="glyphicon glyphicon-pencil form-control-feedback"></span>
                         </div>
                     </div>
-                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                      <h3 class="box-title">Accounts Access Control</h3>
+                    <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                      <h3 class="card-title">Accounts Access Control</h3>
                     </div>
-                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                       <p>This key will be linked to the accounts on the right,</p>
                       <p>thus granting access to domains owned by the selected accounts.</p>
                       <p>Click on accounts to move between the columns.</p>
@@ -68,10 +77,10 @@ <h3 class="box-title">Accounts Access Control</h3>
                           </select>
                       </div>
                     </div>
-                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                        <h3 class="box-title">Domain Access Control</h3>
+                    <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                        <h3 class="card-title">Domain Access Control</h3>
                     </div>
-                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                         <p>This key will have acess to the domains on the right.</p>
                         <p>Click on domains to move between the columns.</p>
                         <div class="form-group col-xs-2">
@@ -83,7 +92,7 @@ <h3 class="box-title">Domain Access Control</h3>
                             </select>
                         </div>
                     </div>
-                    <div class="box-footer">
+                    <div class="card-footer">
                         <button type="submit"
                             class="btn btn-flat btn-primary" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
                             Key</button>
@@ -91,13 +100,13 @@ <h3 class="box-title">Domain Access Control</h3>
                 </form>
             </div>
         </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
+        <div class="col-md-6">
+            <div class="card card-primary">
+                <div class="card-header with-border">
+                    <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
                     </h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>Fill in all the fields in the form to the left.</p>
                     <p><strong>Role</strong> The role of the key.</p>
                     <p><strong>Description</strong> The key description.</p>
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 34f4272bc..110321afb 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -15,6 +15,25 @@ <h1>
         <li class="active">{% if create %}Add{% else %}Edit{% endif %} user</li>
     </ol>
 </section>
+
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Dashboard
+            <small>Control panel</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="#">Home</a></li>
+            <li class="breadcrumb-item active">Dashboard v1</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 2e38bf191..815230cc1 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -13,6 +13,26 @@ <h1>
         <li class="active">Global Search</li>
     </ol>
 </section>
+
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Dashboard
+            <small>Control panel</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="#">Home</a></li>
+            <li class="breadcrumb-item active">Dashboard v1</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %} {% block content %}
 <section class="content">
     <div class="row">
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index aa16c4a72..23b45b963 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -4,15 +4,26 @@
 <title>History - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        History <small>Recent events</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">History</li>
-    </ol>
-</section>
+
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            History
+            <small>Recent Events</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">History</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %} 
 {% block content %}
 {% import 'applied_change_macro.html' as applied_change_macro %}
@@ -20,57 +31,57 @@ <h1>
 
 
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">History Management</h3>
-                </div>
-                <div class="box-body clearfix">
-                    <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal"
-                        data-target="#modal_clear_history"
-                        {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                        Clear History&nbsp;<i class="fa fa-trash"></i>
-                    </button>
+      <div class="col-md-12">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">History Management</h3>
+          </div>
+          <div class="card-body clearfix">
+            <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
+                Clear History
+                <i class="fa fa-trash"></i>
+            </button>
+          </div>
+          <div class="card-body clearfix">
+            <form id="history-search-form" autocomplete="off">
+              <div class="nav-tabs-custom" id="tabs">
+                <ul class="nav nav-tabs" id="nav_nav_tabs" name="nav_nav_tabs">
+                  <li id="activity_tab" class="active"><a href="#tabs-act"    data-toggle="tab">Search for All Activity</a></li>
+                  <li id="domain_tab"><a href="#tabs-domain"   data-toggle="tab">Search By Domain</a></li>
+                  <li id="account_tab"><a href="#tabs-account" data-toggle="tab">Search By Account</a></li>
+                  {% if current_user.role.name != 'User' %}
+                    <li id="user_auth_tab"><a href="#tabs-auth"  data-toggle="tab">Search for User Authentication</a></li>
+                  {% endif %}
+                </ul>
+            <div class="tab-content">
+              <div class="tab-pane" id="tabs-act">
+            </div>
+            <div class="tab-pane" id="tabs-domain">
+              <td>
+                <label>Domain Name</label>
+              </td>
+              <td>
+                <div class="autocomplete" style="width:250px;">
+                  <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
                 </div>
-
-                <div class="box-body clearfix">
-                    <form id="history-search-form" autocomplete="off">
-                        <!-- Custom Tabs -->
-                        <div class="nav-tabs-custom" id="tabs">
-                            <ul class="nav nav-tabs" id="nav_nav_tabs" name="nav_nav_tabs">
-                                <li id="activity_tab" class="active"><a href="#tabs-act"    data-toggle="tab">Search for All Activity</a></li>
-                                <li id="domain_tab"><a href="#tabs-domain"   data-toggle="tab">Search By Domain</a></li>
-                                <li id="account_tab"><a href="#tabs-account" data-toggle="tab">Search By Account</a></li>
-                                {% if current_user.role.name != 'User' %}
-                                <li id="user_auth_tab"><a href="#tabs-auth"  data-toggle="tab">Search for User Authentication</a></li>
-                                {% endif %}
-                            </ul>
-                            <div class="tab-content">
-                                <div class="tab-pane" id="tabs-act">
-                                </div>
-                                <div class="tab-pane" id="tabs-domain">
-                                    <td><label>Domain Name</label></td>
-                                    <td>
-                                        <div class="autocomplete" style="width:250px;">
-                                            <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
-                                        </div>
-                                    </td>
-                                    <td>
-                                        <div style="position: relative; top:10px;">
-                                            <td>Record Changelog only &nbsp</td>
-                                                <td>
-                                                    <input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                                </td>
-                                        </div>
-                                    </td>
-                                </div>
-                                <div class="tab-pane" id="tabs-account">
-                                    <td><label>Account Name</label></td>
-                                    <td>
-                                        <div class="autocomplete" style="width:250px;">
-                                            <input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
+              </td>
+              <td>
+<div style="position: relative; top:10px;">
+<td>Record Changelog only &nbsp</td>
+<td>
+<input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
+class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
+</td>
+</div>
+</td>
+</div>
+<div class="tab-pane" id="tabs-account">
+<td><label>Account Name</label></td>
+<td>
+<div class="autocomplete" style="width:250px;">
+<input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
                                         </div>
                                     </td>
                                 </div>
@@ -109,9 +120,7 @@ <h3 class="box-title">History Management</h3>
                                     </td>
                                 </div>
                         </div>
-                        <!-- End Custom Tabs -->
-
-                        <div class="box-body">
+                        <div class="card-body">
                             <table id="Filters-Table">
                                 <thead>
                                     <th>Filters</th>
@@ -148,7 +157,6 @@ <h3 class="box-title">History Management</h3>
                                             <button type="submit" id="search-submit" name="search-submit" class="btn btn-flat btn-primary button-filter">Search&nbsp;<i class="fa fa-search"></i></button>
                                         </td>
                                         <td>
-                                            <!-- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -->
                                             <button id="clear-filters" name="clear-filters" class="btn btn-flat btn-warning button-clearf">Clear Filters&nbsp;<i class="fa fa-trash"></i></button>
                                         </td>
                                     </tr>
@@ -157,17 +165,8 @@ <h3 class="box-title">History Management</h3>
                         </div>
                     </form>
                 </div>
-
                 <div id="table_from_ajax"></div>
-
-
-                <!-- /.box-body -->
             </div>
-            <!-- /.box -->
-        </div>
-        <!-- /.col -->
-    </div>
-    <!-- /.row -->
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index 5aabbc17b..e56705c9e 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -3,74 +3,80 @@
 {% block title %}
 <title>Account Management - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Accounts <small>Manage accounts</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Accounts</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Accounts
+            <small>Manage</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">Accounts</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %} {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Account Management</h3>
-                </div>
-                <div class="box-body">
-                    <a href="{{ url_for('admin.edit_account') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_account">
-                            Add Account&nbsp;<i class="fa fa-plus"></i>
-                        </button>
-                    </a>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_accounts" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Description</th>
-                                <th>Contact</th>
-                                <th>Mail</th>
-                                <th>Member</th>
-                                <th>Domain</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for account in accounts %}
-                            <tr class="odd gradeX">
-                                <td>{{ account.name }}</td>
-                                <td>{{ account.description }}</td>
-                                <td>{{ account.contact }}</td>
-                                <td>{{ account.mail }}</td>
-                                <td>{{ account.user_num }}</td>
-                                <td>{{ account.domains|length }}</td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success"
-                                        onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
-                                        Edit&nbsp;<i class="fa fa-cog"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ account.name }}">
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+      <div class="col-xs-12 col-md-12">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Account Management</h3>
+          </div>
+          <div class="card-body">
+            <a href="{{ url_for('admin.edit_account') }}">
+              <button type="button" class="btn btn-flat btn-primary pull-left button_add_account">
+                Add Account&nbsp;<i class="fa fa-plus"></i>
+              </button>
+            </a>
+          </div>
+          <div class="card-body">
+            <table id="tbl_accounts" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Description</th>
+                  <th>Contact</th>
+                  <th>Mail</th>
+                  <th>Member</th>
+                  <th>Domain</th>
+                  <th>Action</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for account in accounts %}
+                  <tr class="odd gradeX">
+                    <td>{{ account.name }}</td>
+                    <td>{{ account.description }}</td>
+                    <td>{{ account.contact }}</td>
+                    <td>{{ account.mail }}</td>
+                    <td>{{ account.user_num }}</td>
+                    <td>{{ account.domains|length }}</td>
+                    <td width="15%">
+                      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
+                        Edit&nbsp;<i class="fa fa-cog"></i>
+                      </button>
+                      <button type="button" class="btn btn-flat btn-danger button_delete" id="{{ account.name }}">
+                        Delete&nbsp;<i class="fa fa-trash"></i>
+                      </button>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index dadc2a0f0..9f2c6825e 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -3,72 +3,75 @@
 {% block title %}
 <title>Key Management - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Key <small>Manage API keys</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Key</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            API Keys
+            <small>Management</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">API Keys</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %} {% block content %}
 <section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Key Management</h3>
-                </div>
-                <div class="box-body">
-                    <a href="{{ url_for('admin.edit_key') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_key">
-                            Add Key&nbsp;<i class="fa fa-plus"></i>
-                        </button>
-                    </a>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_keys" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Id</th>
-                                <th>Role</th>
-                                <th>Description</th>
-                                <th>Domains</th>
-                                <th>Accounts</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for key in keys %}
-                            <tr class="odd gradeX">
-                                <td>{{ key.id }}</td>
-                                <td>{{ key.role.name }}</td>
-                                <td>{{ key.description }}</td>
-                                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success button_edit"
-                                        onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
-                                        Edit&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ key.id }}">
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
-        </div>
-        <!-- /.col -->
+  <div class="container-fluid">
+    <div class="card">
+      <div class="card-header with-border">
+        <h3 class="card-title">Key Management</h3>
+      </div>
+      <div class="card-body">
+        <a href="{{ url_for('admin.edit_key') }}">
+          <button type="button" class="btn btn-primary pull-left button_add_key">
+            Add Key&nbsp;<i class="fa fa-plus"></i>
+          </button>
+        </a>
+      </div>
+      <div class="card-body">
+        <table id="tbl_keys" class="table table-bordered table-striped">
+          <thead>
+            <tr>
+              <th>Id</th>
+              <th>Role</th>
+              <th>Description</th>
+              <th>Domains</th>
+              <th>Accounts</th>
+              <th>Action</th>
+            </tr>
+          </thead>
+          <tbody>
+            {% for key in keys %}
+              <tr class="odd gradeX">
+                <td>{{ key.id }}</td>
+                <td>{{ key.role.name }}</td>
+                <td>{{ key.description }}</td>
+                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                <td width="15%">
+                  <button type="button" class="btn btn-flat btn-success button_edit"
+                    onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
+                    Edit&nbsp;<i class="fa fa-lock"></i>
+                  </button>
+                  <button type="button" class="btn btn-flat btn-danger button_delete"
+                    id="{{ key.id }}">
+                    Delete&nbsp;<i class="fa fa-trash"></i>
+                  </button>
+                </td>
+              </tr>
+            {% endfor %}
+          </tbody>
+        </table>
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index d6a720421..f1b6022f7 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -3,31 +3,40 @@
 {% block title %}
 <title>User Management - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        User <small>Manage user privileges</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">User</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            User
+            <small>Manage user privileges</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">User</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %} {% block content %}
 <section class="content">
     <div class="row">
         <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">User Management</h3>
+            <div class="card">
+                <div class="card-header with-border">
+                    <h3 class="card-title">User Management</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <a href="{{ url_for('admin.edit_user') }}">
                         <button type="button" class="btn btn-flat btn-primary pull-left button_add_user">
                             Add User&nbsp;<i class="fa fa-plus"></i>
                         </button>
                     </a>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <table id="tbl_users" class="table table-bordered table-striped">
                         <thead>
                             <tr>
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index cd5a00003..84a1ec6c3 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -13,6 +13,26 @@ <h1>
         <li class="active">Admin Console</li>
     </ol>
 </section>
+
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Dashboard
+            <small>Control panel</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="#">Home</a></li>
+            <li class="breadcrumb-item active">Dashboard v1</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %}
 
 {% block content %}
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 5d0fd1020..0509cbb5b 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -4,33 +4,43 @@
 <title>Authentication Settings - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Authentication</li>
-    </ol>
-    <script>
-        function ldapSelection() {
-            if (document.getElementById('ldap').checked) {
-                document.getElementById('ldap_openldap_fields').style.display = 'block';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                document.getElementById('ldap_ad_fields').style.display = 'none';
-            } else {
-                document.getElementById('ldap_openldap_fields').style.display = 'none';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                document.getElementById('ldap_ad_fields').style.display = 'block';
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>PowerDNS-Admin Settings</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item">Settings</li>
+            <li class="breadcrumb-item active">Authentication</li>
+          </ol>
+          <script>
+            function ldapSelection() {
+                if (document.getElementById('ldap').checked) {
+                    document.getElementById('ldap_openldap_fields').style.display = 'block';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
+                    document.getElementById('ldap_ad_fields').style.display = 'none';
+                } else {
+                    document.getElementById('ldap_openldap_fields').style.display = 'none';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
+                    document.getElementById('ldap_ad_fields').style.display = 'block';
+                }
             }
-        }
+    
+            window.onload = function() {
+                ldapSelection();
+            }
+        </script>
+        </div>
+      </div>
+    </div>
+  </div>
 
-        window.onload = function() {
-            ldapSelection();
-        }
-    </script>
-</section>
 {% endblock %}
 {% block content %}
 <section class="content">
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index d3d0905ea..3df8fc060 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -4,66 +4,73 @@
 <title>Basic Settings - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Basic</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>Basic</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - Basic</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+
 {% endblock %} {% block content %}
 <section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Basic Settings</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_settings" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Value</th>
-                                <th>Change</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for setting in settings %}
-                            <tr class="odd ">
-                                <td>{{ setting }}</td>
-                                {% if SETTING.get(setting) in [True, False] %}
-                                <td>{{ SETTING.get(setting)|display_setting_state }}</td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning setting-toggle-button"
-                                        id="{{ setting }}">
-                                        Toggle&nbsp;<i class="fa fa-info"></i>
-                                    </button>
-                                </td>
-                                {% else %}
-                                <td><input name="value" id="value" value="{{ SETTING.get(setting) }}"></td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning setting-save-button"
-                                        id="{{ setting }}">
-                                        Save&nbsp;<i class="fa fa-info"></i>
-                                    </button>
-                                </td>
-                                {% endif %}
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
-        </div>
-        <!-- /.col -->
+  <div class="container-fluid">
+    <div class="card">
+      <div class="card-header with-border">
+        <h3 class="card-title">Basic Settings</h3>
+      </div>
+      <div class="card-body">
+        <table id="tbl_settings" class="table table-bordered table-striped">
+          <thead>
+            <tr>
+              <th>Name</th>
+              <th>Value</th>
+              <th>Change</th>
+            </tr>
+          </thead>
+          <tbody>
+            {% for setting in settings %}
+              <tr class="odd">
+                <td>
+                  {{ setting }}
+                </td>
+                {% if SETTING.get(setting) in [True, False] %}
+                  <td>{{ SETTING.get(setting)|display_setting_state }}</td>
+                  <td width="6%">
+                    <button type="button" class="btn btn-warning setting-toggle-button" id="{{ setting }}">
+                      Toggle
+                      <i class="fa fa-info"></i>
+                    </button>
+                  </td>
+                {% else %}
+                  <td>
+                    <input name="value" id="value" value="{{ SETTING.get(setting) }}">
+                  </td>
+                  <td width="6%">
+                    <button type="button" class="btn btn-warning setting-save-button" id="{{ setting }}">
+                      Save
+                      <i class="fa fa-info"></i>
+                    </button>
+                  </td>
+                {% endif %}
+              </tr>
+            {% endfor %}
+          </tbody>
+        </table>
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index 84f86a9c7..08b42f12c 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -4,7 +4,7 @@
 <title>PDNS Settings - {{ SITE_NAME }}</title>
 {% endblock %} {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
+<div class="content-header">
     <h1>
         Settings <small>PowerDNS-Admin settings</small>
     </h1>
@@ -13,7 +13,7 @@ <h1>
         <li><a href="#">Setting</a></li>
         <li class="active">PDNS</li>
     </ol>
-</section>
+</div>
 {% endblock %}
 {% block content %}
 <section class="content">
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 35bfc51b3..f3261dda6 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -2,166 +2,221 @@
 <html>
 <head>
   {% block head %}
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  {% block title %}<title>{{ SITE_NAME }}</title>{% endblock %}
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
-  <!--  Get Google Fonts we like -->
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  <!-- Tell Safari to not recognise telephone numbers -->
-  <meta name="format-detection" content="telephone=no">
-  {% assets "css_main" -%}
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    {% block title %}
+      <title>
+        {{ SITE_NAME }}
+      </title>
+    {% endblock %}
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
+    <!--  Get Google Fonts we like -->
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <!-- Tell Safari to not recognise telephone numbers -->
+    <meta name="format-detection" content="telephone=no">
+    {% assets "css_main" -%}
       <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-{% if SETTING.get('custom_css') %}
-  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-{% endif %}
+    {%- endassets %}
+    {% if SETTING.get('custom_css') %}
+      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+    {% endif %}
   {% endblock %}
 </head>
+
 <body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
-{% set user_image_url = url_for('user.image', username=current_user.username) %}
-<div class="wrapper">
+  {% set user_image_url = url_for('user.image', username=current_user.username) %}
+  <div class="wrapper">
   {% block pageheader %}
-  <header class="main-header">
-    <!-- Logo -->
-    <a href="{{ url_for('index.index') }}" class="logo">
-      <!-- mini logo for sidebar mini 50x50 pixels -->
-      <span class="logo-mini"><b>PD</b>A</span>
-      <!-- logo for regular state and mobile devices -->
-      <span class="logo-lg">
-        {% if SETTING.get('site_name') %}
-          <b>{{ SITE_NAME }}</b>
-        {% else %}
-          <b>PowerDNS</b>-Admin
-        {% endif %}
-      </span>
-    </a>
-    <!-- Header Navbar: style can be found in header.less -->
-    <nav class="navbar navbar-static-top">
+    <nav class="main-header navbar navbar-expand navbar-dark">
+      <!-- Header Navbar: style can be found in header.less -->
       <!-- Sidebar toggle button-->
-      <a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button">
-        <span class="sr-only">Toggle navigation</span>
-      </a>
+      <ul class="navbar-nav">
+        <li class="nav-item">
+          <a class="nav-link" data-widget="pushmenu" href="#" role="button">
+            <i class="fas fa-bars"></i>
+          </a>
+        </li>
+      </ul>
 
-      <div class="navbar-custom-menu">
-        {% if current_user.id is defined %}
-        <ul class="nav navbar-nav">
-          <!-- User Account: style can be found in dropdown.less -->
-          <li class="dropdown user user-menu">
-            <a href="#" class="dropdown-toggle" data-toggle="dropdown">
-              <img src="{{ user_image_url }}" class="user-image" alt="User Image"/>
-              <span class="hidden-xs">
-                {{ current_user.firstname }}
+        <ul class="navbar-nav ml-auto">
+          {% if current_user.id is defined %}
+          <li class="nav-item dropdown user-menu">
+            <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">
+              <img src="{{ user_image_url }}" class="user-image img-circle elevation-2" alt="User Image"/>
+              <span class="d-none d-md-inline">
+                {{ current_user.firstname }} {{ current_user.lastname }}
               </span>
             </a>
             <ul class="dropdown-menu">
-                <li class="user-header">
-                  <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
-                  <p>
-                    {{ current_user.firstname }} {{ current_user.lastname }}
-                    <small>{{ current_user.role.name }}</small>
-                  </p>
-                </li>
-
-              <!-- Menu Footer-->
+              <li class="user-header">
+                <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image"/>
+                <p>
+                  {{ current_user.firstname }} {{ current_user.lastname }}
+                  <small>{{ current_user.role.name }}</small>
+                </p>
+              </li>
               <li class="user-footer">
-                <div class="pull-left">
-                  <a href="{{ url_for('user.profile') }}" class="btn btn-flat btn-primary">My Profile</a>
-                </div>
-                <div class="pull-right">
-                  <a href="{{ url_for('index.logout') }}" class="btn btn-flat btn-warning">Log out</a>
-                </div>
+                <a href="{{ url_for('user.profile') }}" class="btn btn-default">My Profile</a>
+                <a href="{{ url_for('index.logout') }}" class="btn btn-default float-right">Log out</a>
               </li>
             </ul>
           </li>
-        </ul>
-        {% endif %}
-      </div>
+          {% endif %}
+        <li class="nav-item">
+          <a class="nav-link" data-widget="fullscreen" href="#" role="button">
+            <i class="fas fa-expand-arrows-alt"></i>
+          </a>
+        </li>
+      </ul>
     </nav>
-  </header>
+
   {% endblock %}
   <!-- Left side column. contains the logo and sidebar -->
-  <aside class="main-sidebar">
+  <aside class="main-sidebar sidebar-dark-primary">
+    <!-- Logo -->
+    <a href="{{ url_for('index.index') }}" class="brand-link">
+      <span class="brand-text font-weight-light">
+        {% if SETTING.get('site_name') %}
+          <b>{{ SITE_NAME }}</b>
+        {% else %}
+          <b>PowerDNS</b>-Admin
+        {% endif %}
+      </span>
+    </a>
     <!-- sidebar: style can be found in sidebar.less -->
-    <section class="sidebar">
+    <div class="sidebar">
     {% if current_user.id is defined %}
-      <div class="user-panel">
-        <div class="pull-left image">
-          <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
+      <div class="user-panel mt-3 pb-3 mb-3 d-flex">
+        <div class="image">
+          <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
         </div>
-        <div class="pull-left info">
-          <p>{{ current_user.firstname }} {{ current_user.lastname }}</p>
-          <a href="#"><i class="fa fa-circle text-success"></i> Logged In</a>
+        <div class="info">
+          <a href="{{ url_for('user.profile') }}" class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
         </div>
       </div>
       <!-- sidebar menu: : style can be found in sidebar.less -->
-      <ul class="sidebar-menu" data-widget="tree">
-        <li class="header">USER ACTIONS</li>
-        <li class="{{ 'active' if active_page == 'dashboard' else '' }}">
-          <a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> <span>Dashboard</span></a>
+      <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
+        <li class="nav-header">USER ACTIONS</li>
+        <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
+          <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
+            <i class="nav-icon fas fa-tachometer-alt"></i>
+            <p>Dashboard</p>
+          </a>
         </li>
         {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'active' if active_page == 'new_domain' else '' }}">
-          <a href="{{ url_for('domain.add') }}"><i class="fa fa-plus"></i> <span>New Domain</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
+          <a href="{{ url_for('domain.add') }}" class="nav-link">
+            <i class="nav-icon fas fa-plus"></i>
+            <p>New Domain</p>
+          </a>
         </li>
         {% endif %}
         {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'active' if active_page == 'remove_domain' else '' }}">
-          <a href="{{ url_for('domain.remove') }}"><i class="fa fa-trash-o"></i> <span>Remove Domain</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
+          <a href="{{ url_for('domain.remove') }}" class="nav-link">
+            <i class="nav-icon fas fa-trash-alt"></i>
+            <p>Remove Domain</p>
+          </a>
         </li>
         {% endif %}
         {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="header">ADMINISTRATION</li>
-        <li class="{{ 'active' if active_page == 'admin_console' else '' }}">
-          <a href="{{ url_for('admin.pdns_stats') }}"><i class="fa fa-info-circle"></i> <span>PDNS</span></a>
+        <li class="nav-header">ADMINISTRATION</li>
+        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
+          <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
+            <i class="nav-icon fas fa-info-circle"></i>
+            <p>PDNS</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_global_search' else '' }}">
-          <a href="{{ url_for('admin.global_search') }}"><i class="fa fa-search"></i> <span>Global Search</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+          <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+            <i class="nav-icon fas fa-search"></i>
+            <p>Global Search</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
-          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+          <a href="{{ url_for('admin.history') }}" class="nav-link">
+            <i class="nav-icon fas fa-calendar"></i>
+            <p>History</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_domain_template' else '' }}">
-          <a href="{{ url_for('admin.templates') }}"><i class="fa fa-clone"></i> <span>Domain Templates</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
+          <a href="{{ url_for('admin.templates') }}" class="nav-link">
+            <i class="nav-icon fas fa-clone"></i>
+            <p>Domain Templates</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_accounts' else '' }}">
-          <a href="{{ url_for('admin.manage_account') }}"><i class="fa fa-industry"></i> <span>Accounts</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
+            <i class="nav-icon fas fa-industry"></i>
+            <p>Accounts</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_users' else '' }}">
-          <a href="{{ url_for('admin.manage_user') }}"><i class="fa fa-users"></i> <span>Users</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
+            <i class="nav-icon fas fa-users"></i>
+            <p>Users</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_keys' else '' }}">
-          <a href="{{ url_for('admin.manage_keys') }}"><i class="fa fa-key"></i> <span>API Keys</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
+            <i class="nav-icon fas fa-key"></i>
+            <p>API Keys</p>
+          </a>
         </li>
-        <li class="{{ 'treeview active' if active_page == 'admin_settings' else 'treeview' }}">
-          <a href="#">
-            <i class="fa fa-cog"></i> <span>Settings</span>
-            <span class="pull-right-container">
-              <i class="fa fa-angle-left pull-right"></i>
-            </span>
+        <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
+          <a href="#" class="nav-link">
+            <i class="nav-icon fas fa-cog"></i>
+            <p>
+              Settings
+              <i class="right fas fa-angle-left"></i>
+            </p>
           </a>
-          <ul class="treeview-menu" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
-            <li><a href="{{ url_for('admin.setting_basic') }}"><i class="fa fa-circle-o"></i></i> <span>Basic</span></a></li>
-            <li><a href="{{ url_for('admin.setting_records') }}"><i class="fa fa-circle-o"></i> <span>Records</span></a></li>
+          <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
+            <li class="nav-item">
+              <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
+                <i class="nav-icon fas fa-circle"></i>
+                <p>Basic</p>
+              </a>
+            </li>
+            <li class="nav-item">
+              <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
+                <i class="nav-icon fas fa-circle"></i>
+                <p>Records</p>
+              </a>
+            </li>
             {% if current_user.role.name == 'Administrator' %}
-            <li><a href="{{ url_for('admin.setting_pdns') }}"><i class="fa fa-circle-o"></i> <span>PDNS</a></li>
-            <li><a href="{{ url_for('admin.setting_authentication') }}"><i class="fa fa-circle-o"></i> <span>Authentication</span></a></li>
+              <li class="nav-item">
+                <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
+                  <i class="nav-icon fas fa-circle"></i>
+                  <p>PDNS</p>
+                </a>
+              </li>
+              <li class="nav-item">
+                <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
+                  <i class="nav-icon fas fa-circle"></i>
+                  <p>Authentication</p>
+                </a>
+              </li>
             {% endif %}
           </ul>
         </li>
         {% elif SETTING.get('allow_user_view_history') %}
-        <li class="header">ADMINISTRATION</li>
-        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
-          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
+        <li class="nav-header">ADMINISTRATION</li>
+        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+          <a href="{{ url_for('admin.history') }}">
+            <i class="nav-icon fa fa-calendar"></i>
+            <span>History</span>
+          </a>
         </li>
         {% endif %}
       </ul>
     {% endif %}
-    </section>
+    </div>
     <!-- /.sidebar -->
   </aside>
 
@@ -169,16 +224,24 @@
   <div class="content-wrapper">
     {% block dashboard_stat %}
     <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        Dashboard
-        <small>Control panel</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Dashboard</li>
-      </ol>
-    </section>
+    <div class="content-header">
+      <div class="container-fluid">
+        <div class="row mb-2">
+          <div class="col-sm-6">
+            <h1 class="m-0 text-dark">
+              Dashboard
+              <small>Control panel</small>
+            </h1>
+          </div>
+          <div class="col-sm-6">
+            <ol class="breadcrumb float-sm-right">
+              <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+              <li class="breadcrumb-item active">Dashboard</li>
+            </ol>
+          </div>
+        </div>
+      </div>
+    </div>
     {% endblock %}
     {% block content %}
     {% endblock %}
@@ -382,4 +445,4 @@ <h3><span id="modal-time"></span></h3>
 {% block modals %}
 {% endblock %}
 </body>
-</html>
+</html>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index ec53684de..b2ca8648a 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -1,41 +1,52 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 400 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ SITE_NAME }} - 400 Error
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        400
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>400</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            400
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">400 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">400</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Bad request
-            </h3>
-            <p>
-                {% if msg %}
-                  {{ msg }}
-                {% else %}
-                  The server refused to process your request and return a 400 error.
-                {% endif %}
-                <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        400
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa fa-warning text-yellow"></i>
+          Oops! Bad request
+        </h3>
+        <p>
+          {% if msg %}
+            {{ msg }}
+          {% else %}
+            The server refused to process your request and return a 400 error.
+          {% endif %}
+          <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index ffe96bf53..f629eb8b2 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -1,37 +1,48 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 403 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ SITE_NAME }} - 403 Error
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        403
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>403</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            403
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">403 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">403</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Access denied
-            </h3>
-            <p>
-                You don't have permission to access this page
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        403
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa fa-warning text-yellow"></i>
+          Oops! Access denied
+        </h3>
+        <p>
+          You don't have permission to access this page
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index a93c73133..858731f4b 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -1,37 +1,48 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 404 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ SITE_NAME }} - 404 Error
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        404
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>404</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            404
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">404 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">404</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! You're lost
-            </h3>
-            <p>
-                The page you requested could not be found.
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        404
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa fa-warning text-yellow"></i>
+          Oops! You're lost
+        </h3>
+        <p>
+          The page you requested could not be found.
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index d223b0b48..51142f0fe 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -1,37 +1,48 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 500 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ SITE_NAME }} - 500 Error
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        500
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>500</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            500
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">500 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">500</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
-            </h3>
-            <p>
-                Try again later.
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        500
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa fa-warning text-yellow"></i>
+          Oops! Something went wrong
+        </h3>
+        <p>
+          Try again later.
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index 2cfacbd82..c77902257 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -1,45 +1,60 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - SAML Authentication Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ SITE_NAME }} - SAML Authentication Error
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        SAML
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>SAML</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            SAML
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">SAML Authentication Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
-        <div>
-        <h1 class="headline text-yellow" style="font-size:46px;">SAML Authentication Error</h1></div><br/><br/>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
-            </h3><br>
-            <p>
-                Login failed.<br>
-                Error(s) when processing SAML Response:<br>
-                <ul>
-                    {% for error in errors %}
-                    <li>{{ error }}</li>
-                    {% endfor %}
-                </ul>
-
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <div>
+        <h1 class="headline text-yellow" style="font-size:46px;">
+          SAML Authentication Error
+        </h1>
+      </div>
+      <br/>
+      <br/>
+      <div class="error-content">
+        <h3>
+          <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
+        </h3>
+        <br>
+        <p>
+          Login failed.
+          <br>
+          Error(s) when processing SAML Response:
+          <br>
+          <ul>
+            {% for error in errors %}
+              <li>{{ error }}</li>
+            {% endfor %}
+          </ul>
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 805422bb8..02f3e41f8 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -1,166 +1,171 @@
 <!DOCTYPE html>
 <html>
-
-<head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Log In - {{ SITE_NAME }}</title>
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-{% if SETTING.get('custom_css') %}
-  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-{% endif %}
-</head>
-
-<body class="hold-transition login-page">
-  <div class="login-box">
-    <div class="login-logo">
-      <a href="{{ url_for('index.index') }}">
-        {% if SETTING.get('site_name') %}
-          <b>{{ SITE_NAME }}</b>
-        {% else %}
-          <b>PowerDNS</b>-Admin
-        {% endif %}
-      </a>
-    </div>
-    <!-- /.login-logo -->
-    <div class="login-box-body">
-      {% if error %}
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        {{ error }}
-      </div>
-      {% endif %}
-      {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-      <form action="" method="post" data-toggle="validator">
-        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-        <div class="form-group">
-          <input type="text" class="form-control" placeholder="Username" name="username"
-            data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group">
-          <input type="password" class="form-control" placeholder="Password" name="password"
-            data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
-          <span class="help-block with-errors"></span>
-        </div>
-        {% if SETTING.get('otp_field_enabled') %}
-        <div class="form-group">
-          <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
-        </div>
-        {% endif %}
-        {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
-        <div class="form-group">
-          <select class="form-control" name="auth_method">
-            <option value="LOCAL">LOCAL Authentication</option>
-            {% if SETTING.get('login_ldap_first') %}
-            <option value="LDAP" selected="selected">LDAP Authentication</option>
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Log In - {{ SITE_NAME }}</title>
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
+    {% assets "css_login" -%}
+      <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+    {% if SETTING.get('custom_css') %}
+      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+    {% endif %}
+  </head>
+  <body class="hold-transition login-page">
+    <div class="login-box">
+      <div class="card card-outline card-primary alert-danger">
+        <div class="card-header text-center">
+          <a href="{{ url_for('index.index') }}" class="h3">
+            {% if SETTING.get('site_name') %}
+              {{ SITE_NAME }}
             {% else %}
-            <option value="LDAP">LDAP Authentication</option>
+              <b>PowerDNS</b>-Admin
             {% endif %}
-          </select>
-        </div>
-        {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LDAP">
+          </a>
         </div>
-        {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LOCAL">
-        </div>
-        {% else %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LOCAL">
-        </div>
-        {% endif %}
-
-        <div class="row">
-          <div class="col-xs-8">
-            <div class="checkbox icheck">
-              <label>
-                <input type="checkbox" name="remember"> Remember Me
-              </label>
+        <div class="card-body login-card-body">
+          {% if error %}
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              {{ error }}
+            </div>
+          {% endif %}
+          {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+            <form action="" method="post" data-toggle="validator">
+              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+              <div class="form-group">
+                <input type="text" class="form-control" placeholder="Username" name="username" data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
+                <span class="help-block with-errors"></span>
+              </div>
+              <div class="form-group">
+                <input type="password" class="form-control" placeholder="Password" name="password" data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
+                <span class="help-block with-errors"></span>
+              </div>
+              {% if SETTING.get('otp_field_enabled') %}
+                <div class="form-group">
+                  <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
+                </div>
+              {% endif %}
+              {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
+                <div class="form-group">
+                  <select class="form-control" name="auth_method">
+                    <option value="LOCAL">
+                      LOCAL Authentication
+                    </option>
+                    {% if SETTING.get('login_ldap_first') %}
+                      <option value="LDAP" selected="selected">
+                        LDAP Authentication
+                      </option>
+                    {% else %}
+                      <option value="LDAP">
+                        LDAP Authentication
+                      </option>
+                    {% endif %}
+                  </select>
+                </div>
+              {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LDAP">
+                </div>
+              {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LOCAL">
+                </div>
+              {% else %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LOCAL">
+                </div>
+              {% endif %}
+              <div class="row">
+                <div class="col-8">
+                  <div class="icheck-primary">
+                    <input type="checkbox" id="remember">
+                    <label for="remember">
+                      Remember Me
+                    </label>
+                  </div>
+                </div>
+                <div class="col-4">
+                  <button type="submit" class="btn btn-primary btn-block">Sign In</button>
+                </div>
+              </div>
+            </form>
+          {% endif %}
+          {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
+            <div class="social-auth-links text-center">
+              {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+                <p>- OR -</p>
+              {% endif %}
+              {% if SETTING.get('oidc_oauth_enabled') %}
+                <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat">
+                  <i class="fa fa-openid"></i>
+                  Sign in using OpenID Connect
+                </a>
+              {% endif %}
+              {% if SETTING.get('github_oauth_enabled') %}
+                <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat">
+                  <i class="fa fa-github"></i>
+                  Sign in using Github
+                </a>
+              {% endif %}
+              {% if SETTING.get('google_oauth_enabled') %}
+                <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat">
+                  <i class="fa fa-google"></i>
+                  Sign in using Google
+                </a>
+              {% endif %}
+              {% if SETTING.get('azure_oauth_enabled') %}
+                <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat">
+                  <i class="fa fa-windows"></i>
+                  Sign in using Microsoft Azure
+                </a>
+              {% endif %}
             </div>
-          </div>
-          <!-- /.col -->
-          <div class="col-xs-4">
-            <button type="submit" class="btn btn-flat btn-primary btn-block">Sign In</button>
-          </div>
-          <!-- /.col -->
+          {% endif %}
+          {% if saml_enabled %}
+            <a href="{{ url_for('index.saml_login') }}">
+              SAML login
+            </a>
+          {% endif %}
+          {% if SETTING.get('signup_enabled') %}
+            <br>
+            <a href="{{ url_for('index.register') }}" class="text-center">
+              Create an account
+            </a>
+            {% if SETTING.get('verify_user_email') %}
+              <br/>
+              <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">
+                Resend confirmation email
+              </a>
+            {% endif %}
+          {% endif %}
         </div>
-      </form>
-      {% endif %}
-      {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
-      <div class="social-auth-links text-center">
-        {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-        <p>- OR -</p>
-        {% endif %}
-        {% if SETTING.get('oidc_oauth_enabled') %}
-        <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat"><i
-            class="fa fa-openid"></i> Sign in using
-          OpenID Connect</a>
-        {% endif %}
-        {% if SETTING.get('github_oauth_enabled') %}
-        <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat"><i
-            class="fa fa-github"></i> Sign in using
-          Github</a>
-        {% endif %}
-        {% if SETTING.get('google_oauth_enabled') %}
-        <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat"><i
-            class="fa fa-google"></i> Sign in using
-          Google</a>
-        {% endif %}
-        {% if SETTING.get('azure_oauth_enabled') %}
-        <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat"><i
-          class="fa fa-windows"></i> Sign in using
-        Microsoft Azure</a>
-      {% endif %}
       </div>
-      {% endif %}
-
-      {% if saml_enabled %}
-      <a href="{{ url_for('index.saml_login') }}">SAML login</a>
-      {% endif %}
-
-      {% if SETTING.get('signup_enabled') %}
-      <br>
-      <a href="{{ url_for('index.register') }}" class="text-center">Create an account </a>
-        {% if SETTING.get('verify_user_email') %}
-          <br/>
-          <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">Resend confirmation email</a>
-        {% endif %}
-      {% endif %}
-    </div>
-    <!-- /.login-box-body -->
-    <div class="login-box-footer">
-      <center>
-        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-      </center>
+      <div class="login-box-footer">
+        <center>
+          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+        </center>
+      </div>
     </div>
-  </div>
-  <!-- /.login-box -->
-
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-
-  <script>
-    $(function () {
-      $('input').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        radioClass: 'iradio_square-blue',
-        increaseArea: '20%' // optional
+    {% assets "js_login" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    {% assets "js_validation" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    <script>
+      $(function () {
+        $('input').iCheck({
+          checkboxClass: 'icheckbox_square-blue',
+          radioClass: 'iradio_square-blue',
+          increaseArea: '20%' // optional
+        });
       });
-    });
-  </script>
-</body>
-
+    </script>
+  </body>
 </html>
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 197b18d36..01008ad30 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -1,111 +1,166 @@
 <!DOCTYPE html>
 <html>
 
-<head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Register - {{ SITE_NAME }}</title>
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-</head>
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Register - {{ SITE_NAME }}</title>
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
+    {% assets "css_login" -%}
+      <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+  </head>
 
-<body class="hold-transition register-page">
-  <div class="register-box">
-    <div class="register-logo">
-      <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
-    </div>
-    <div class="register-box-body">
-      {% if error %}
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        {{ error }}
-      </div>
-      {% endif %}
-      <p class="login-box-msg">Enter your personal details below</p>
-      <form action="{{ url_for('index.register') }}" method="post" data-toggle="validator">
-        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="First Name" name="firstname"
-            data-error="Please input your first name" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="Last name" name="lastname"
-            data-error="Please input your last name" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="email" class="form-control" placeholder="Email" name="email"
-            data-error="Please input your valid email address" required>
-          <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <p class="login-box-msg">Enter your account details below</p>
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="Username" name="username"
-            data-error="Please input your username" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="password" class="form-control" placeholder="Password" id="password" name="password"
-            data-error="Please input your password" required>
-          <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+  <body class="hold-transition register-page">
+    <div class="register-box">
+      <div class="card card-outline card-primary">
+        <div class="card-header text-center">
+          <a href="{{ url_for('index.index') }}" class="h3">
+            {% if SETTING.get('site_name') %}
+              {{ SITE_NAME }}
+            {% else %}
+              <b>PowerDNS</b>-Admin
+            {% endif %}
+          </a>
         </div>
-        <div class="form-group has-feedback">
-          <input type="password" class="form-control" placeholder="Retype password" name="rpassword"
-            data-match="#password" data-match-error="Password confirmation does not match" required>
-          <span class="glyphicon glyphicon-log-in form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        {% if captcha_enable %}
-          <p class="login-box-msg">Please complete the CAPTCHA below</p>
+        <div class="card-body">
+          {% if error %}
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              {{ error }}
+            </div>
+          {% endif %}
+          <p class="login-box-msg">Enter your personal details below</p>
+          <form action="{{ url_for('index.register') }}" method="post" class="needs-validation" novalidate>
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            
+            <div class="input-group mb-3">
+              <input type="text" class="form-control" placeholder="First Name" name="firstname" id="firstname" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-user"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please input your first name
+              </div>
+            </div>
+
+            <div class="input-group mb-3">
+              <input type="text" class="form-control" placeholder="Last name" name="lastname" id="lastname" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-user"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please input your last name
+              </div>
+            </div>
+
+            <div class="input-group mb-3">
+              <input type="email" class="form-control" placeholder="Email" name="email" id="email" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-envelope"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please input a valid email address
+              </div>
+            </div>
+
+            <p class="login-box-msg">Enter your account details below</p>
+
+            <div class="input-group mb-3">
+              <input type="text" class="form-control" placeholder="Username" name="username" id="username" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-user"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please input desired username
+              </div>
+            </div>
+
+            <div class="input-group mb-3">
+              <input type="password" class="form-control" placeholder="Password" id="password" name="password" id="password" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-lock"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please input desired username
+              </div>
+            </div>
+
+
           <div class="form-group has-feedback">
-            {{ captcha() }}
-            <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha"
-              data-error="Please complete the CAPTCHA" required>
+            <input type="password" class="form-control" placeholder="Retype password" name="rpassword" data-match="#password" data-match-error="Password confirmation does not match" required>
+            <span class="fas fa-lock form-control-feedback"></span>
             <span class="help-block with-errors"></span>
           </div>
-        {% endif %}
-        <div class="row">
-          <div class="col-xs-4 pull-left">
-            <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
-          </div>
-          <div class="col-xs-4 pull-right">
-            <button type="submit" class="btn btn-flat btn-primary btn-block">Register</button>
+
+
+          {% if captcha_enable %}
+            <p class="login-box-msg">Please complete the CAPTCHA below</p>
+            <div class="form-group has-feedback">
+              {{ captcha() }}
+              <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha" data-error="Please complete the CAPTCHA" required>
+              <span class="help-block with-errors"></span>
+            </div>
+          {% endif %}
+          <div class="row">
+            <div class="col-6">
+              <button type="button" class="btn btn-block" id="button_back">Back</button>
+            </div>
+            <div class="col-4">
+              <button type="submit" class="btn btn-primary btn-block">Register</button>
+            </div>
           </div>
-          <!-- /.col -->
-        </div>
-      </form>
-    </div>
-    <!-- /.form-box -->
-    <div class="login-box-footer">
-      <center>
-        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-      </center>
+        </form>
+      </div>
+      <div class="login--footer">
+        <center>
+          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+        </center>
+      </div>
     </div>
-  </div>
-  <!-- /.login-box -->
-
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  <script>
-    $(function () {
-      $('#button_back').click(function () {
-        window.location.href = '{{ url_for('index.login') }}';
-      })
+    {% assets "js_login" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    {% assets "js_validation" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    <script>
+      $(function () {
+        $('#button_back').click(function () {
+          window.location.href = '{{ url_for('index.login') }}';
+        })
+      });
+      (function() {
+  'use strict';
+  window.addEventListener('load', function() {
+    // Fetch all the forms we want to apply custom Bootstrap validation styles to
+    var forms = document.getElementsByClassName('needs-validation');
+    // Loop over them and prevent submission
+    var validation = Array.prototype.filter.call(forms, function(form) {
+      form.addEventListener('submit', function(event) {
+        if (form.checkValidity() === false) {
+          event.preventDefault();
+          event.stopPropagation();
+        }
+        form.classList.add('was-validated');
+      }, false);
     });
-  </script>
-</body>
+  }, false);
+})();
 
+    </script>
+  </body>
 </html>
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 0ec265cac..84f96bd76 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -4,16 +4,25 @@
 
 {% block dashboard_stat %}
 <!-- Content Header (Page header) -->
-<section class="content-header">
-	<h1>
-		Template
-		<small>Create</small>
-	</h1>
-	<ol class="breadcrumb">
-		<li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
-		<li class="active">Create</li>
-	</ol>
-</section>
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Template
+          <small>Create</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+          <li class="breadcrumb-item active">Create</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
+
 {% endblock %}
 
 {% block content %}
diff --git a/requirements.txt b/requirements.txt
index 051d56096..e830ff2b3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,34 +1,34 @@
-Flask==1.1.2
+Flask==2.1.3
 Flask-Assets==2.0
-Flask-Login==0.5.0
-Flask-SQLAlchemy==2.4.4
+Flask-Login==0.6.2
+Flask-SQLAlchemy==2.5.1
 Flask-Migrate==2.5.3
-SQLAlchemy==1.3.19
+SQLAlchemy==1.3.24
 mysqlclient==2.0.1
-configobj==5.0.6
-bcrypt>=3.1.7
-requests==2.24.0
-python-ldap==3.4.2
-pyotp==2.4.0
-qrcode==6.1
-dnspython>=1.16.0
-gunicorn==20.0.4
+configobj==5.0.8
+bcrypt==4.0.1
+requests==2.28.2
+python-ldap==3.4.3
+pyotp==2.8.0
+qrcode==7.3.1
+dnspython>=2.3.0
+gunicorn==20.1.0
 python3-saml
-pytz==2020.1
+pytz==2022.7.1
 cssmin==0.2.0
-rjsmin==1.2.0
-Authlib==0.15
+rjsmin==1.2.1
+Authlib==1.2.0
 Flask-SeaSurf==1.1.1
-bravado-core==5.17.0
+bravado-core==5.17.1
 lima==0.5
-pytest==6.1.1
+pytest==7.2.1
 pytimeparse==1.1.8
 PyYAML==5.4
 Flask-SSLify==0.1.5
 Flask-Mail==0.9.1
-flask-session==0.3.2
-Jinja2==3.0.3
-itsdangerous==2.0.1
-werkzeug==2.0.3
+flask-session==0.4.0
+Jinja2==3.1.2
+itsdangerous==2.1.2
+werkzeug==2.1.3
 cryptography==36.0.2
 flask_session_captcha==1.3.0
\ No newline at end of file

From ac786f45be571556cb986c8c4dac142779ddd7ab Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 6 Feb 2023 15:45:13 +0000
Subject: [PATCH 182/475] Remove btn-flat to convert to round buttons (first
 pass) Convert col-xs-* to just col-* as part of bootstrap v3 -> v4 Convert
 box-* -> card-* as part of bootstrap v3 -> v4 Moved domain actions on main
 dashboard to a dropdown menu to avoid clutter Added "Log Out" to top header
 left Hid OTP on admin edit user to only show the disable card & options if
 the user account has OTP enabled

---
 package.json                                  |   2 +
 powerdnsadmin/assets.py                       | 105 +++--
 .../templates/admin_edit_account.html         | 199 ++++-----
 powerdnsadmin/templates/admin_edit_key.html   |  10 +-
 powerdnsadmin/templates/admin_edit_user.html  | 226 +++++-----
 powerdnsadmin/templates/admin_history.html    | 132 +++---
 .../templates/admin_history_table.html        | 150 ++++---
 .../templates/admin_manage_user.html          |   4 +-
 powerdnsadmin/templates/base.html             |  36 +-
 powerdnsadmin/templates/dashboard.html        | 286 ++++++------
 powerdnsadmin/templates/dashboard_domain.html |  62 ++-
 powerdnsadmin/templates/domain.html           | 338 +++++++--------
 powerdnsadmin/templates/domain_add.html       | 410 +++++++++---------
 powerdnsadmin/templates/domain_changelog.html | 121 +++---
 powerdnsadmin/templates/domain_remove.html    | 208 ++++-----
 powerdnsadmin/templates/errors/400.html       |   4 +-
 powerdnsadmin/templates/errors/403.html       |   4 +-
 powerdnsadmin/templates/errors/404.html       |   4 +-
 powerdnsadmin/templates/errors/500.html       |   4 +-
 powerdnsadmin/templates/errors/SAML.html      |   5 +-
 powerdnsadmin/templates/register.html         |  18 +-
 powerdnsadmin/templates/template.html         |  16 +-
 powerdnsadmin/templates/user_profile.html     |  46 +-
 requirements.txt                              |   2 +-
 24 files changed, 1252 insertions(+), 1140 deletions(-)

diff --git a/package.json b/package.json
index a375986b5..044e28d73 100644
--- a/package.json
+++ b/package.json
@@ -6,7 +6,9 @@
     "bootstrap-validator": "^0.11.9",
     "datatables.net-plugins": "^1.13.1",
     "icheck": "^1.0.2",
+    "ionicons": "^6.1.1",
     "jquery-slimscroll": "^1.3.8",
+    "jquery-sparkline": "^2.4.0",
     "jquery-ui-dist": "^1.13.2",
     "jquery.quicksearch": "^2.4.0",
     "jtimeout": "^3.2.0",
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 233e23adf..ac48610c9 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -2,67 +2,64 @@
 
 
 class ConcatFilter(Filter):
-    """
-    Filter that merges files, placing a semicolon between them.
+  """
+  Filter that merges files, placing a semicolon between them.
 
-    Fixes issues caused by missing semicolons at end of JS assets, for example
-    with last statement of jquery.pjax.js.
-    """
-    def concat(self, out, hunks, **kw):
-        out.write(';'.join([h.data() for h, info in hunks]))
+  Fixes issues caused by missing semicolons at end of JS assets, for example
+  with last statement of jquery.pjax.js.
+  """
+  def concat(self, out, hunks, **kw):
+    out.write(';'.join([h.data() for h, info in hunks]))
 
+css_login = Bundle(
+  'node_modules/ionicons/dist/collection/components/icon/icon.css',
+  'node_modules/icheck/skins/square/blue.css',
+  'node_modules/admin-lte/dist/css/adminlte.css',
+  filters=('cssmin', 'cssrewrite'),
+  output='generated/login.css')
 
-css_login = Bundle('node_modules/bootstrap/dist/css/bootstrap.css',
-                   'node_modules/font-awesome/css/font-awesome.css',
-                   'node_modules/ionicons/dist/css/ionicons.css',
-                   'node_modules/icheck/skins/square/blue.css',
-                   'node_modules/admin-lte/dist/css/AdminLTE.css',
-                   filters=('cssmin', 'cssrewrite'),
-                   output='generated/login.css')
+js_login = Bundle(
+  'node_modules/jquery/dist/jquery.js',
+  'node_modules/bootstrap/dist/js/bootstrap.js',
+  'node_modules/icheck/icheck.js',
+  'custom/js/custom.js',
+  filters=(ConcatFilter, 'rjsmin'),
+  output='generated/login.js')
 
-js_login = Bundle('node_modules/jquery/dist/jquery.js',
-                  'node_modules/bootstrap/dist/js/bootstrap.js',
-                  'node_modules/icheck/icheck.js',
-                  'custom/js/custom.js',
-                  filters=(ConcatFilter, 'rjsmin'),
-                  output='generated/login.js')
-
-js_validation = Bundle('node_modules/bootstrap-validator/dist/validator.js',
-                       output='generated/validation.js')
+js_validation = Bundle(
+  'node_modules/bootstrap-validator/dist/validator.js',
+  output='generated/validation.js')
 
 css_main = Bundle(
-    'node_modules/bootstrap/dist/css/bootstrap.css',
-    'node_modules/font-awesome/css/font-awesome.css',
-    'node_modules/ionicons/dist/css/ionicons.css',
-    'node_modules/datatables.net-bs/css/dataTables.bootstrap.css',
-    'node_modules/icheck/skins/square/blue.css',
-    'node_modules/multiselect/css/multi-select.css',
-    'node_modules/admin-lte/dist/css/AdminLTE.css',
-    'node_modules/admin-lte/dist/css/skins/_all-skins.css',
-    'custom/css/custom.css',
-    'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-    filters=('cssmin', 'cssrewrite'),
-    output='generated/main.css')
+  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.min.css',
+  'node_modules/icheck/skins/square/blue.css',
+  'node_modules/multiselect/css/multi-select.css',
+  'node_modules/admin-lte/dist/css/adminlte.css',
+  'custom/css/custom.css',
+  'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
+  filters=('cssmin', 'cssrewrite'),
+  output='generated/main.css')
 
-js_main = Bundle('node_modules/jquery/dist/jquery.js',
-                 'node_modules/jquery-ui-dist/jquery-ui.js',
-                 'node_modules/bootstrap/dist/js/bootstrap.js',
-                 'node_modules/datatables.net/js/jquery.dataTables.js',
-                 'node_modules/datatables.net-bs/js/dataTables.bootstrap.js',
-                 'node_modules/jquery-sparkline/jquery.sparkline.js',
-                 'node_modules/jquery-slimscroll/jquery.slimscroll.js',
-                 'node_modules/icheck/icheck.js',
-                 'node_modules/fastclick/lib/fastclick.js',
-                 'node_modules/moment/moment.js',
-                 'node_modules/admin-lte/dist/js/adminlte.js',
-                 'node_modules/multiselect/js/jquery.multi-select.js',
-                 'node_modules/datatables.net-plugins/sorting/natural.js',
-                 'node_modules/jtimeout/src/jTimeout.js',
-                 'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
-                 'custom/js/custom.js',
-                 'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
-                 filters=(ConcatFilter, 'rjsmin'),
-                 output='generated/main.js')
+js_main = Bundle(
+  'node_modules/jquery/dist/jquery.js',
+  'node_modules/jquery-ui-dist/jquery-ui.js',
+  'node_modules/bootstrap/dist/js/bootstrap.bundle.js',
+  'node_modules/datatables.net/js/jquery.dataTables.js',
+  'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
+  'node_modules/jquery-sparkline/jquery.sparkline.js',
+  'node_modules/jquery-slimscroll/jquery.slimscroll.js',
+  'node_modules/icheck/icheck.js',
+  'node_modules/fastclick/lib/fastclick.js',
+  'node_modules/moment/moment.js',
+  'node_modules/admin-lte/dist/js/adminlte.js',
+  'node_modules/multiselect/js/jquery.multi-select.js',
+  'node_modules/datatables.net-plugins/sorting/natural.js',
+  'node_modules/jtimeout/src/jTimeout.js',
+  'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
+  'custom/js/custom.js',
+  'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
+  filters=(ConcatFilter, 'rjsmin'),
+  output='generated/main.js')
 
 assets = Environment()
 assets.register('js_login', js_login)
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 08403b920..0fc0b30a5 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -27,110 +27,113 @@ <h1 class="m-0 text-dark">
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="card card-primary">
-                <div class="card-header with-border">
-                    <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
+      <div class="col-4">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
+          </div>
+          <form role="form" method="post" action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                  <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                  {{ error }}
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="card-body">
-                        {% if error %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            {{ error }}
-                        </div>
-                        <span class="help-block">{{ error }}</span>
-                        {% endif %}
-                        <div
-                            class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
-                            <label class="control-label" for="accountname">Name</label>
-                            <input type="text" class="form-control" placeholder="Account Name (required)"
-                                name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
-                                {% if not create %}disabled{% endif %}>
-                            <span class="fa fa-cog form-control-feedback"></span>
-                            {% if invalid_accountname %}
-                            <span class="help-block">Cannot be blank and must only contain alphanumeric
-                                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.</span>
-                            {% elif duplicate_accountname %}
-                            <span class="help-block">Account name already in use.</span>
-                            {% endif %}
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountdescription">Description</label>
-                            <input type="text" class="form-control" placeholder="Account Description (optional)"
-                                name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
-                            <span class="fa fa-industry form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountcontact">Contact Person</label>
-                            <input type="text" class="form-control" placeholder="Contact Person (optional)"
-                                name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
-                            <span class="fa fa-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountmail">Mail Address</label>
-                            <input type="email" class="form-control" placeholder="Mail Address (optional)"
-                                name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
-                            <span class="fa fa-envelope form-control-feedback"></span>
-                        </div>
-                    </div>
-                    <div class="card-header with-border">
-                        <h3 class="card-title">Access Control</h3>
-                    </div>
-                    <div class="card-body">
-                        <p>Users on the right have access to manage records in all domains
-                            associated with the account.</p>
-                        <p>Click on users to move between columns.</p>
-                        <div class="form-group col-xs-2">
-                            <select multiple="multiple" class="form-control" id="account_multi_user"
-                                name="account_multi_user">
-                                {% for user in users %}
-                                <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
-                                    value="{{ user.username }}">{{ user.username }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                    </div>
-                    <div class="card-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
-                            Account</button>
-                    </div>
-                </form>
+                <span class="help-block">{{ error }}</span>
+              {% endif %}
+              <div class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
+                <label class="control-label" for="accountname">Name</label>
+                <input type="text" class="form-control" placeholder="Account Name (required)"
+                  name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
+                  {% if not create %}disabled{% endif %}>
+                <span class="fa fa-cog form-control-feedback"></span>
+                {% if invalid_accountname %}
+                  <span class="help-block">Cannot be blank and must only contain alphanumeric
+                    characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.
+                  </span>
+                {% elif duplicate_accountname %}
+                  <span class="help-block">Account name already in use.</span>
+                {% endif %}
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountdescription">Description</label>
+                <input type="text" class="form-control" placeholder="Account Description (optional)"
+                  name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
+                <span class="fa fa-industry form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountcontact">Contact Person</label>
+                <input type="text" class="form-control" placeholder="Contact Person (optional)"
+                  name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
+                <span class="fa fa-user form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountmail">Mail Address</label>
+                <input type="email" class="form-control" placeholder="Mail Address (optional)"
+                  name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
+                <span class="fa fa-envelope form-control-feedback"></span>
+              </div>
             </div>
-        </div>
-        <div class="col-md-6">
-            <div class="card card-primary">
-                <div class="card-header with-border">
-                    <h3 class="card-title">Help with creating a new account</h3>
-                </div>
-                <div class="card-body">
-                    <p>
-                        An account allows grouping of domains belonging to a particular entity, such as a customer or
-                        department.<br />
-                        A domain can be assigned to an account upon domain creation or through the domain administration
-                        page.
-                    </p>
-                    <p>Fill in all the fields to the in the form to the left.</p>
-                    <p>
-                        <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
-                        characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
-                        {% else %} (no extra character is allowed){% endif %}.<br />
-                        <strong>Description</strong> is a user friendly name for this account.<br />
-                        <strong>Contact person</strong> is the name of a contact person at the account.<br />
-                        <strong>Mail Address</strong> is an e-mail address for the contact person.
-                    </p>
-                </div>
+            <div class="card-header with-border">
+              <h3 class="card-title">Access Control</h3>
+            </div>
+            <div class="card-body">
+              <p>Users on the right have access to manage records in all domains
+                associated with the account.
+              </p>
+              <p>Click on users to move between columns.</p>
+              <div class="form-group col-2">
+                <select multiple="multiple" class="form-control" id="account_multi_user"
+                  name="account_multi_user">
+                  {% for user in users %}
+                    <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
+                      value="{{ user.username }}">{{ user.username }}
+                    </option>
+                  {% endfor %}
+                </select>
+              </div>
+            </div>
+            <div class="card-footer">
+              <button type="submit"
+                class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
+                Account
+              </button>
             </div>
+          </form>
         </div>
+      </div>
+      <div class="col-6">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Help with creating a new account</h3>
+          </div>
+          <div class="card-body">
+            <p>
+              An account allows grouping of domains belonging to a particular entity, such as a customer or
+              department.
+              <br />
+              A domain can be assigned to an account upon domain creation or through the domain administration
+              page.
+            </p>
+            <p>Fill in all the fields to the in the form to the left.</p>
+            <p>
+              <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
+                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
+                {% else %} (no extra character is allowed){% endif %}.<br />
+              <strong>Description</strong> is a user friendly name for this account.<br />
+              <strong>Contact person</strong> is the name of a contact person at the account.<br />
+              <strong>Mail Address</strong> is an e-mail address for the contact person.
+            </p>
+          </div>
+        </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index a97afcba2..a0e7a88cc 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -31,7 +31,7 @@ <h1 class="m-0 text-dark">
 {% block content %}
 <section class="content">
   <div class="row">
-    <div class="col-md-6">
+    <div class="col-4">
             <div class="card card-primary">
                 <div class="card-header with-border">
                     <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
@@ -68,7 +68,7 @@ <h3 class="card-title">Accounts Access Control</h3>
                       <p>This key will be linked to the accounts on the right,</p>
                       <p>thus granting access to domains owned by the selected accounts.</p>
                       <p>Click on accounts to move between the columns.</p>
-                      <div class="form-group col-xs-2">
+                      <div class="form-group col-2">
                           <select multiple="multiple" class="form-control" id="key_multi_account"
                               name="key_multi_account">
                               {% for account in accounts %}
@@ -83,7 +83,7 @@ <h3 class="card-title">Domain Access Control</h3>
                     <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                         <p>This key will have acess to the domains on the right.</p>
                         <p>Click on domains to move between the columns.</p>
-                        <div class="form-group col-xs-2">
+                        <div class="form-group col-2">
                             <select multiple="multiple" class="form-control" id="key_multi_domain"
                                 name="key_multi_domain">
                                 {% for domain in domains %}
@@ -94,13 +94,13 @@ <h3 class="card-title">Domain Access Control</h3>
                     </div>
                     <div class="card-footer">
                         <button type="submit"
-                            class="btn btn-flat btn-primary" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
+                            class="btn btn-flat btn-primary float-right" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
                             Key</button>
                     </div>
                 </form>
             </div>
         </div>
-        <div class="col-md-6">
+        <div class="col-8">
             <div class="card card-primary">
                 <div class="card-header with-border">
                     <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 110321afb..b871b31e5 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -1,34 +1,28 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_users" %}
-{% block title %}<title>Edit User - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        User
-        <small>{% if create %}New user{% else %}{{ user.username }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_user') }}">User</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} user</li>
-    </ol>
-</section>
+{% block title %}
+  <title>
+    {% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
-<div class="content-header">
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
           <h1 class="m-0 text-dark">
-            Dashboard
-            <small>Control panel</small>
+            Users
+            <small>{% if create %}New user{% else %}Edit user {{ user.username }}{% endif %}</small>
           </h1>
         </div>
         <div class="col-sm-6">
           <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="#">Home</a></li>
-            <li class="breadcrumb-item active">Dashboard v1</li>
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_user') }}">Users</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %}</li>
           </ol>
         </div>
       </div>
@@ -38,109 +32,117 @@ <h1 class="m-0 text-dark">
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
+      <div class="col-4">
+        <div class="card card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
+          </div>
+          <form role="form" method="post"
+            action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                  <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                  {{ error }}
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        {% if error %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            {{ error }}
-                        </div>
-                        <span class="help-block">{{ error }}</span>
-                        {% endif %}
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="firstname">First Name</label>
-                            <input type="text" class="form-control" placeholder="First Name" name="firstname"
-                                {% if user %}value="{{ user.firstname }}" {% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="lastname">Last Name</label>
-                            <input type="text" class="form-control" placeholder="Last name" name="lastname"
-                                {% if user %}value="{{ user.lastname }}" {% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="email">E-mail address</label>
-                            <input type="email" class="form-control" placeholder="Email" name="email" id="email"
-                                {% if user %}value="{{ user.email }}" {% endif %}> <span
-                                class="glyphicon glyphicon-envelope form-control-feedback"></span>
-                        </div>
-                        <p class="login-box-msg">Enter the account details below</p>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="username">Username</label>
-                            <input type="text" class="form-control" placeholder="Username" name="username"
-                                {% if user %}value="{{ user.username }}" {% endif %}
-                                {% if not create %}disabled{% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
-                            <label class="control-label" for="username">Password</label>
-                            <input type="password" class="form-control"
-                                placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
-                                name="password"> <span class="glyphicon glyphicon-lock form-control-feedback"></span>
-                            {% if blank_password %}
-                            <span class="help-block">The password cannot be blank.</span>
-                            {% endif %}
-                        </div>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
-                            User</button>
-                    </div>
-                </form>
+                <span class="help-block">{{ error }}</span>
+              {% endif %}
+              <div class="form-group has-feedback">
+                <label class="control-label" for="firstname">First Name</label>
+                <input type="text" class="form-control" placeholder="First Name" name="firstname"
+                  {% if user %}value="{{ user.firstname }}" {% endif %}>
+                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="lastname">Last Name</label>
+                <input type="text" class="form-control" placeholder="Last name" name="lastname"
+                  {% if user %}value="{{ user.lastname }}" {% endif %}>
+                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="email">E-mail address</label>
+                <input type="email" class="form-control" placeholder="Email" name="email" id="email"
+                  {% if user %}value="{{ user.email }}" {% endif %}>
+                <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
+              </div>
+              <p class="login-box-msg">Enter the account details below</p>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="username">Username</label>
+                <input type="text" class="form-control" placeholder="Username" name="username"
+                  {% if user %}value="{{ user.username }}" {% endif %}
+                  {% if not create %}disabled{% endif %}>
+                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
+                <label class="control-label" for="username">Password</label>
+                <input type="password" class="form-control"
+                  placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
+                  name="password">
+                <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+                {% if blank_password %}
+                  <span class="help-block">The password cannot be blank.</span>
+                {% endif %}
+              </div>
             </div>
-            {% if not create %}
-            <div class="box box-secondary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Two Factor Authentication</h3>
-                </div>
-                <div class="box-body">
-                    <p>If two factor authentication was configured and is causing problems due to a lost device or
-                        technical issue, it can be disabled here.</p>
-                    <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
-                    <p><strong>Beware: This could compromise security!</strong></p>
-                </div>
-                <div class="box-footer">
-                    <button type="button" class="btn btn-flat btn-warning button_otp_disable" id="{{ user.username }}"
-                        {% if not user.otp_secret %}disabled{% endif %}>Disable Two Factor Authentication</button>
-                </div>
+            <div class="card-footer">
+              <button type="submit" class="btn btn-primary">
+                {% if create %}Create{% else %}Update{% endif %} User
+              </button>
             </div>
-            {% endif %}
+          </form>
         </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} user
-                    </h3>
-                </div>
-                <div class="box-body">
-                    <p>Fill in all the fields to the in the form to the left.</p>
-                    {% if create %}
-                    <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
-                        access to the user once it is created via the domain management buttons on the dashboard.</p>
-                    {% else %}
-                    <p><strong>Password</strong> can be left empty to keep the current password.</p>
-                    <p><strong>Username</strong> cannot be changed.</p>
-                    {% endif %}
-                </div>
+        {% if not create %}
+          {% if user.otp_secret %}
+            <div class="card card-secondary">
+              <div class="card-header with-border">
+                <h3 class="card-title">Two Factor Authentication</h3>
+              </div>
+              <div class="card-body">
+                <p>If two factor authentication is configured for this user and is causing problems due to a lost device or
+                  technical issue, it can be disabled here.
+                </p>
+                <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
+                <p><strong>Beware: This could compromise security!</strong></p>
+              </div>
+              <div class="card-footer">
+                <button type="button" class="btn btn-warning button_otp_disable" id="{{ user.username }}">
+                  Disable Two Factor Authentication
+                </button>
+              </div>
             </div>
+          {% endif %}
+        {% endif %}
+      </div>
+      <div class="col-8">
+        <div class="card card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">
+              Help with {% if create %}creating a new{% else%}editing a{% endif %} user
+            </h3>
+          </div>
+          <div class="card-body">
+            <p>Fill in all the fields to the in the form to the left.</p>
+            {% if create %}
+              <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
+                access to the user once it is created via the domain management buttons on the dashboard.
+              </p>
+            {% else %}
+              <p><strong>Username</strong> cannot be changed.</p>
+              <p><strong>Password</strong> can be left empty to keep the current password.</p>
+            {% endif %}
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     // handle disabling two factor authentication
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 23b45b963..5b96c0909 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -34,25 +34,40 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-md-12">
-        <div class="card">
-          <div class="card-header">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
             <h3 class="card-title">History Management</h3>
-          </div>
-          <div class="card-body clearfix">
-            <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                Clear History
-                <i class="fa fa-trash"></i>
-            </button>
+            {% if current_user.role.name != 'User' %}
+              <button type="button" class="btn btn-danger float-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
+                <i class="fas fa-trash"></i>  
+                &nbsp;Clear History
+              </button>
+            {% endif %}
           </div>
           <div class="card-body clearfix">
             <form id="history-search-form" autocomplete="off">
-              <div class="nav-tabs-custom" id="tabs">
-                <ul class="nav nav-tabs" id="nav_nav_tabs" name="nav_nav_tabs">
-                  <li id="activity_tab" class="active"><a href="#tabs-act"    data-toggle="tab">Search for All Activity</a></li>
-                  <li id="domain_tab"><a href="#tabs-domain"   data-toggle="tab">Search By Domain</a></li>
-                  <li id="account_tab"><a href="#tabs-account" data-toggle="tab">Search By Account</a></li>
+                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+                  <li class="nav-item">
+                    <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
+                      Search for All Activity
+                    </a>
+                  </li>
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
+                      Search By Domain
+                    </a>
+                  </li>
+                  <li class="nav-item">
+                    <a class="nav-link with-border" href="#tabs-account" data-toggle="pill" role="tab">
+                      Search By Account
+                    </a>
+                  </li>
                   {% if current_user.role.name != 'User' %}
-                    <li id="user_auth_tab"><a href="#tabs-auth"  data-toggle="tab">Search for User Authentication</a></li>
+                    <li class="nav-item">
+                      <a class="nav-link" href="#tabs-auth" data-toggle="pill" role="tab">
+                        Search for User Authentication
+                      </a>
+                    </li>
                   {% endif %}
                 </ul>
             <div class="tab-content">
@@ -82,11 +97,11 @@ <h3 class="card-title">History Management</h3>
 <td>
 <div class="autocomplete" style="width:250px;">
 <input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
-                                        </div>
-                                    </td>
-                                </div>
-                                <div class="tab-pane" id="tabs-auth">
-                                    <td><label>Username</label></td>
+</div>
+</td>
+</div>
+<div class="tab-pane" id="tabs-auth">
+<td><label>Username</label></td>
                                     <td>
                                         <div class="autocomplete" style="width:250px;">
                                             <input type="text" class="form-control" id="auth_name_filter" name="auth_name_filter" placeholder="Enter * to search for any username" value=""> 
@@ -154,15 +169,14 @@ <h3 class="card-title">History Management</h3>
                                     <tr><td>&nbsp</td></tr>
                                     <tr>
                                         <td>
-                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-flat btn-primary button-filter">Search&nbsp;<i class="fa fa-search"></i></button>
+                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search</button>
                                         </td>
                                         <td>
-                                            <button id="clear-filters" name="clear-filters" class="btn btn-flat btn-warning button-clearf">Clear Filters&nbsp;<i class="fa fa-trash"></i></button>
+                                            <button id="clear-filters" name="clear-filters" class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear Filters</button>
                                         </td>
                                     </tr>
                                 </tbody>
                             </table>
-                        </div>
                     </form>
                 </div>
                 <div id="table_from_ajax"></div>
@@ -470,49 +484,45 @@ <h3 class="card-title">History Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<!-- Clear History Confirmation Box -->
-<div class="modal fade modal-warning" id="modal_clear_history">
+  <!-- Clear History Confirmation Box -->
+  <div class="modal fade modal-warning" id="modal_clear_history">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p>Are you sure you want to remove all history?</p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger"
-                    onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">Clear
-                    History</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p>Are you sure you want to remove all history?</p>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger float-right" onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">
+            Clear History
+          </button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade" id="modal_history_info">
+  </div>
+  <!-- History Details Box -->
+  <div class="modal fade" id="modal_history_info">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">History Details</h4>
-            </div>
-            <div class="modal-body">
-                <div id="modal-info-content"></div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right" data-dismiss="modal">Close</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">History Details</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <div id="modal-info-content"></div>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default float-right" data-dismiss="modal">Close</button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<!-- /.modal -->
+  </div>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 4f3d73d76..537ba2a1c 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -1,90 +1,86 @@
-
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
-
 {% if len_histories >= lim %}
-<p style="color: rgb(224, 3, 3);"><b>Limit of loaded history records has been reached! Only {{lim}} history records are shown. </b></p>
+  <p style="color: rgb(224, 3, 3);">
+    <b>Limit of loaded history records has been reached! Only {{lim}} history records are shown.</b>
+  </p>
 {% endif %}
 
 <div class="box-body"></div>
-    <table id="tbl_history" class="table table-bordered table-striped">
-        <thead>
-            <tr>
-                <th>Changed by</th>
-                <th>Content</th>
-                <th>Time</th>
-                <th>Detail</th>
-            </tr>
-        </thead>
-        <tbody>
-            {% for history in histories %}
-            <tr class="odd gradeX">
-                <td>{{ history.history.created_by }}</td>
-                <td>{{ history.history.msg }}</td>
-                <td>{{ history.history.created_on }}</td>
-                
-                <td width="6%">
-                    <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                        {{ history.detailed_msg | safe }}
-                        {% if history.change_set %}
-                        <div class="content">
-                            <div id="change_index_definition"></div>
-                            {% call applied_change_macro.applied_change_template(history.change_set) %}
-                            {% endcall %}
-                        </div>
-                        {% endif %}
-                    </div>
-                    <button type="button" class="btn btn-flat btn-primary history-info-button"
-                        {% if history.detailed_msg == "" and history.change_set is none %}
-                        style="visibility: hidden;"
-			{% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
-                    </button>
-                </td>
-            </tr>
-            {% endfor %}
-        </tbody>
-    </table>
+  <table id="tbl_history" class="table table-bordered table-striped">
+    <thead>
+      <tr>
+        <th>Changed by</th>
+        <th>Content</th>
+        <th>Time</th>
+        <th>Detail</th>
+      </tr>
+    </thead>
+    <tbody>
+      {% for history in histories %}
+        <tr class="odd gradeX">
+          <td>{{ history.history.created_by }}</td>
+          <td>{{ history.history.msg }}</td>
+          <td>{{ history.history.created_on }}</td>
+          <td width="6%">
+            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+              {{ history.detailed_msg | safe }}
+              {% if history.change_set %}
+                <div class="content">
+                  <div id="change_index_definition"></div>
+                  {% call applied_change_macro.applied_change_template(history.change_set) %}
+                  {% endcall %}
+                </div>
+              {% endif %}
+            </div>
+            <button type="button" class="btn btn-primary history-info-button"
+              {% if history.detailed_msg == "" and history.change_set is none %}
+                style="visibility: hidden;"
+              {% endif %} value="{{ loop.index0 }}">
+              <i class="fa fa-info"></i>
+              &nbsp;Info
+            </button>
+          </td>
+        </tr>
+      {% endfor %}
+    </tbody>
+  </table>
 </div>
 
 <script>
-var table;
-$(document).ready(function () {
-
-        table = $('#tbl_history').DataTable({
-            "order": [
-                [2, "desc"]
-            ],
-            "searching": true,
-            "columnDefs": [{
-                "type": "time",
-                "render": function (data, type, row) {
-                    return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
-                },
-                "targets": 2
-            }],
-            "info": true,
-            "autoWidth": false,
-            orderCellsTop: true,
-            fixedHeader: true
-        });
-
+  var table;
+  $(document).ready(function () {
+    table = $('#tbl_history').DataTable({
+      "order": [
+        [2, "desc"]
+      ],
+      "searching": true,
+      "columnDefs": [{
+        "type": "time",
+        "render": function (data, type, row) {
+          return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
+        },
+        "targets": 2
+      }],
+      "info": true,
+      "autoWidth": false,
+      orderCellsTop: true,
+      fixedHeader: true
+    });
     $(document.body).on('click', '.history-info-button', function () {
-        var modal = $("#modal_history_info");
-        var history_id = $(this).val();
-        var info = $("#history-info-div-" + history_id).html();
-        $('#modal-info-content').html(info);
-        modal.modal('show');
+      var modal = $("#modal_history_info");
+      var history_id = $(this).val();
+      var info = $("#history-info-div-" + history_id).html();
+      $('#modal-info-content').html(info);
+      modal.modal('show');
     });
-
     $(document.body).on("click", ".button-filter", function (e) {
-        e.stopPropagation();
-        var nextRow = $("#filter-table")
-        if (nextRow.css("visibility") == "visible")
-            nextRow.css("visibility", "collapse")
-        else
-            nextRow.css("visibility", "visible")
+      e.stopPropagation();
+      var nextRow = $("#filter-table")
+      if (nextRow.css("visibility") == "visible")
+          nextRow.css("visibility", "collapse")
+      else
+        nextRow.css("visibility", "visible")
     });
-
-});
-
-</script>
+  });
+</script>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index f1b6022f7..94c6aaf68 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -23,8 +23,9 @@ <h1 class="m-0 text-dark">
   </div>
 {% endblock %} {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
+        <div class="col-sm-12">
             <div class="card">
                 <div class="card-header with-border">
                     <h3 class="card-title">User Management</h3>
@@ -96,6 +97,7 @@ <h3 class="card-title">User Management</h3>
         <!-- /.col -->
     </div>
     <!-- /.row -->
+    </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index f3261dda6..6c4a81aa3 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html>
+<html lang="en" class>
 <head>
   {% block head %}
     <meta charset="utf-8">
@@ -28,7 +28,7 @@
   {% endblock %}
 </head>
 
-<body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
+<body class="hold-transition sidebar-mini text-sm {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
   {% set user_image_url = url_for('user.image', username=current_user.username) %}
   <div class="wrapper">
   {% block pageheader %}
@@ -41,10 +41,17 @@
             <i class="fas fa-bars"></i>
           </a>
         </li>
+        {% if current_user.id is defined %}
+          <li class="nav-item d-none d-inline-block">
+            <a class="nav-link" href="{{ url_for('index.logout') }}">
+              Logout
+            </a>
+          </li>
+        {% endif %}
       </ul>
 
         <ul class="navbar-nav ml-auto">
-          {% if current_user.id is defined %}
+<!--          {% if current_user.id is defined %}
           <li class="nav-item dropdown user-menu">
             <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">
               <img src="{{ user_image_url }}" class="user-image img-circle elevation-2" alt="User Image"/>
@@ -53,7 +60,7 @@
               </span>
             </a>
             <ul class="dropdown-menu">
-              <li class="user-header">
+              <li class="user-header bg-dark">
                 <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image"/>
                 <p>
                   {{ current_user.firstname }} {{ current_user.lastname }}
@@ -61,12 +68,13 @@
                 </p>
               </li>
               <li class="user-footer">
-                <a href="{{ url_for('user.profile') }}" class="btn btn-default">My Profile</a>
-                <a href="{{ url_for('index.logout') }}" class="btn btn-default float-right">Log out</a>
+                <a href="{{ url_for('user.profile') }}" class="btn btn-primary">My Profile</a>
+                <a href="{{ url_for('index.logout') }}" class="btn btn-warning float-right">Log out</a>
               </li>
             </ul>
           </li>
           {% endif %}
+-->          
         <li class="nav-item">
           <a class="nav-link" data-widget="fullscreen" href="#" role="button">
             <i class="fas fa-expand-arrows-alt"></i>
@@ -140,7 +148,7 @@
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
           <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fas fa-calendar"></i>
+            <i class="nav-icon fas fa-calendar-alt"></i>
             <p>History</p>
           </a>
         </li>
@@ -179,26 +187,26 @@
           <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
             <li class="nav-item">
               <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
-                <i class="nav-icon fas fa-circle"></i>
+                <i class="nav-icon far fa-circle"></i>
                 <p>Basic</p>
               </a>
             </li>
             <li class="nav-item">
               <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
-                <i class="nav-icon fas fa-circle"></i>
+                <i class="nav-icon far fa-circle"></i>
                 <p>Records</p>
               </a>
             </li>
             {% if current_user.role.name == 'Administrator' %}
               <li class="nav-item">
                 <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
-                  <i class="nav-icon fas fa-circle"></i>
+                  <i class="nav-icon far fa-circle"></i>
                   <p>PDNS</p>
                 </a>
               </li>
               <li class="nav-item">
                 <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
-                  <i class="nav-icon fas fa-circle"></i>
+                  <i class="nav-icon far fa-circle"></i>
                   <p>Authentication</p>
                 </a>
               </li>
@@ -208,9 +216,9 @@
         {% elif SETTING.get('allow_user_view_history') %}
         <li class="nav-header">ADMINISTRATION</li>
         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-          <a href="{{ url_for('admin.history') }}">
-            <i class="nav-icon fa fa-calendar"></i>
-            <span>History</span>
+          <a href="{{ url_for('admin.history') }}" class="nav-link">
+            <i class="nav-icon fas fa-calendar-alt"></i>
+            <p>History</p>
           </a>
         </li>
         {% endif %}
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 0e5b3b568..aca87ad6c 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -1,67 +1,78 @@
 {% extends "base.html" %}
+
 {% set active_page = "dashboard" %}
-{% block title %}<title>Dashboard - {{ SITE_NAME }}</title>{% endblock %}
 
+{% block title %}
+  <title>
+    Dashboard - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        Dashboard
-        <small>Info</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Dashboard</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Dashboard
+            <small>Info</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
- <!-- Main content -->
-    <section class="content">
+  <section class="content">
+    <div class="container-fluid">
       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-      <div class="row">
-        <div class="col-xs-3">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Statistics</h3>
-                </div>
-                <div class="box-body">
-                  <div class="row">
-                  <div class="col-lg-6">
-                      <!-- small box -->
-                      <div class="small-box bg-aqua">
-                        <div class="inner">
-                          <h3>{{ domain_count }}</h3>
-                          <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
-                        </div>
-                        <div class="icon">
-                          <i class="fa fa-book"></i>
-                        </div>
+        <div class="row">
+          <div class="col-3">
+            <div class="card">
+              <div class="card-header">
+                <h3 class="card-title">Statistics</h3>
+              </div>
+              <div class="card-body">
+                <div class="row">
+                  <div class="col-6">
+                    <!-- small box -->
+                    <div class="small-box bg-info">
+                      <div class="inner">
+                        <h3>{{ domain_count }}</h3>
+                        <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
+                      </div>
+                      <div class="icon">
+                        <i class="fa fa-book"></i>
                       </div>
                     </div>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-lg-6">
+                  </div>
+                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-6">
                       <a href="{{ url_for('admin.manage_user') }}">
-                      <div class="small-box bg-green">
-                        <div class="inner">
-                          <h3>{{ user_num }}</h3>
-                          <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
+                        <div class="small-box bg-green">
+                          <div class="inner">
+                            <h3>{{ user_num }}</h3>
+                            <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
+                          </div>
+                          <div class="icon">
+                            <i class="fa fa-users"></i>
+                          </div>
                         </div>
-                        <div class="icon">
-                          <i class="fa fa-users"></i>
-                        </div>
-                      </div>
                       </a>
                     </div>
-                    {% endif %}
-                    </div>
-                    <div class="row">
-                    <div class="col-lg-6">
-                      <a href="{{ url_for('admin.history') }}">
+                  {% endif %}
+                </div>
+                <div class="row">
+                  <div class="col-6">
+                    <a href="{{ url_for('admin.history') }}">
                       <div class="small-box bg-green">
                         <div class="inner">
                           <h3>{{ history_number }}</h3>
@@ -71,95 +82,108 @@ <h3>{{ history_number }}</h3>
                           <i class="fa fa-calendar"></i>
                         </div>
                       </div>
-                      </a>
-                    </div>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-lg-6">
+                    </a>
+                  </div>
+                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-6">
                       <a href="{{ url_for('admin.pdns_stats') }}">
-                      <div class="small-box bg-green">
-                        <div class="inner">
-                          <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
-                          <p>Uptime</p>
+                        <div class="small-box bg-green">
+                          <div class="inner">
+                            <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
+                            <p>Uptime</p>
+                          </div>
+                          <div class="icon">
+                            <i class="fa fa-clock"></i>
+                          </div>
                         </div>
-                        <div class="icon">
-                          <i class="fa fa-clock-o"></i>
-                        </div>
-                      </div>
                       </a>
                     </div>
-                    {% endif %}
-                    </div>
+                  {% endif %}
                 </div>
+              </div>
             </div>
-        </div>
-        <div class="col-xs-9">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Recent History</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_history" class="table table-bordered table-striped">
-                    <thead>
+          </div>
+          <div class="col-9">
+            <div class="card">
+              <div class="card-header">
+                <h3 class="card-title">Recent History</h3>
+              </div>
+              <div class="card-body">
+                <table id="tbl_history" class="table table-bordered table-striped">
+                  <thead>
                     <tr>
                       <th>Changed By</th>
                       <th>Content</th>
                       <th>Time</th>
                       <th>Detail</th>
                     </tr>
-                    </thead>
-                    <tbody>
+                  </thead>
+                  <tbody>
                     {% for history in histories %}
                       <tr class="odd">
-                          <td>{{ history.history.created_by }}</td>
-                          <td>{{ history.history.msg }}</td>
-                          <td>{{ history.history.created_on }}</td>
-                          <td width="6%">
-                            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                                {{ history.detailed_msg | safe }}
-                                {% if history.change_set %}
-                                <div class="content">
-                                    <div id="change_index_definition"></div>
-                                    {% call applied_change_macro.applied_change_template(history.change_set) %}
-                                    {% endcall %}
-                                </div>
-                                {% endif %}
-                            </div>
-                            <button type="button" class="btn btn-flat btn-primary history-info-button"
-                                {% if history.detailed_msg == "" and history.change_set is none %}
-                                style="visibility: hidden;"
-                                {% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
-                            </button>
-                          </td>
+                        <td>{{ history.history.created_by }}</td>
+                        <td>{{ history.history.msg }}</td>
+                        <td>{{ history.history.created_on }}</td>
+                        <td width="6%">
+                          <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+                            {{ history.detailed_msg | safe }}
+                            {% if history.change_set %}
+                              <div class="content">
+                                <div id="change_index_definition"></div>
+                                {% call applied_change_macro.applied_change_template(history.change_set) %}
+                                {% endcall %}
+                              </div>
+                            {% endif %}
+                          </div>
+                          <button type="button" class="btn btn-sm btn-primary history-info-button"
+                            {% if history.detailed_msg == "" and history.change_set is none %}
+                              style="visibility: hidden;"
+                            {% endif %} value="{{ loop.index0 }}">
+                            &nbsp;Info
+                          </button>
+                        </td>
                       </tr>
                     {% endfor %}
-                    </tbody>
-                  </table>
-                </div>
+                  </tbody>
+                </table>
+              </div>
             </div>
+          </div>
         </div>
-      </div>
       {% endif %}
-
-<!--SYBPATCH START-->
+      <!--SYBPATCH START-->
+      <row>
         <div class="nav-tabs-custom">
-            <ul class="nav nav-tabs">
-                <li class="active"><a href="#tab_{{custom_boxes.order[0]}}" data-toggle="tab">Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b></a></li>
+          <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+            <li class="nav-link">
+              <a href="#tab_{{custom_boxes.order[0]}}"data-toggle="pill" role="tab">
+                Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
+              </a>
+            </li>
             {% for boxId in custom_boxes.order[1:] %}
-                <li><a href="#tab_{{boxId}}" data-toggle="tab">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></a></li>
+              <li class="nav-link" >
+                <a href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
+              </li>
             {% endfor %}
-            </ul>
-            <div class="tab-content">
+          </ul>
+          <div class="tab-content">
             {% for boxId in custom_boxes.order %}
               <div class="tab-pane" id='tab_{{boxId}}'>
-                  <div class="row">
-                    <div class="col-xs-12">
-                      <div class="box">
-                        <div class="box-header">
-                            <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>{% if show_bg_domain_button %}<button type="button" class="btn btn-flat btn-primary refresh-bg-button pull-right"><i class="fa fa-refresh"></i> Sync domains </button>{% endif %}
-                        </div>
-                        <div class="box-body">
-                          <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
-                            <thead>
+                <div class="row">
+                  <div class="col-12">
+                    <div class="card">
+                      <div class="card-header">
+                        <h3 class="card-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
+                          {% if show_bg_domain_button %}
+                            <button type="button" class="btn btn-primary refresh-bg-button float-right">
+                              <i class="fas fa-sync"></i>
+                              &nbsp;Sync domains
+                            </button>
+                          {% endif %}
+                      </div>
+                      <div class="card-body">
+                        <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
+                          <thead>
                             <tr>
                               <th>Name</th>
                               <th>DNSSEC</th>
@@ -167,32 +191,33 @@ <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h
                               <th>Serial</th>
                               <th>Master</th>
                               <th>Account</th>
-                              <th {% if current_user.role.name not in ['Administrator','Operator'] %}width="6%"{% else %}width="25%"{% endif %}>Action</th>
+                              <th>Action</th>
                             </tr>
-                            </thead>
-                            <tbody>
-                            </tbody>
-                          </table>
-                        </div>
+                          </thead>
+                          <tbody>
+                          </tbody>
+                        </table>
                       </div>
-                    </div>
                   </div>
+                </div>
+                </div>
               </div>
             {% endfor %}
-            </div><!-- /.tab-content -->
+          </div><!-- /.tab-content -->
         </div><!-- custom tabs -->
-<!--SYBPATCH END-->
-
-    </section>
-    <!-- /.content -->
+        <!--SYBPATCH END-->
+      </row>
+  </div>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
 //SYBPATCH START//
     function setUpDomainList(id ,url){
         $(id).DataTable({
             "paging" : true,
-            "lengthChange" : true,
+            "lengthChange" : false,
             language: {
                 searchPlaceholder: "Use ^ and $ for start and end",
             },
@@ -230,7 +255,7 @@ <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h
         "searching" : false,
         "ordering" : false,
         "info" : false,
-        "autoWidth" : false,
+        "autoWidth" : true,
         "columnDefs": [
             {
                 "render": function ( data, type, row ) {
@@ -351,11 +376,10 @@ <h4 class="modal-title">Clone to template</h4>
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">DNSSEC</h4>
+              <h4 class="modal-title">DNSSEC</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                <span aria-hidden="true">&times;</span>
+              </button>
             </div>
             <div class="modal-body">
                 <p></p>
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index 4244c825e..86ae1c9ca 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -4,9 +4,9 @@
 
 {% macro dnssec(domain) %}
   {% if domain.dnssec %}
-  <td><span style="cursor:pointer" class="label label-success button_dnssec" id="{{ domain.name }}"><i class="fa fa-lock"></i>&nbsp;Enabled</span></td>
+  <td><span style="cursor:pointer" class="btn btn-lg btn-success button_dnssec" id="{{ domain.name }}"><i class="fa fa-lock"></i>&nbsp;Enabled</span></td>
   {% else %}
-  <td><span style="cursor:pointer" class="label label-primary button_dnssec" id="{{ domain.name }}"><i class="fa fa-unlock-alt"></i>&nbsp;Disabled</span></td>
+  <td><span style="cursor:pointer" class="btn btn-sm btn-danger button_dnssec" id="{{ domain.name }}"><i class="fa fa-unlock-alt"></i>&nbsp;Disabled</span></td>
   {% endif %}
 {% endmacro %}
 
@@ -30,30 +30,46 @@
 
 {% macro actions(domain) %}
   {% if current_user.role.name in ['Administrator', 'Operator'] %}
-    <td width="25%">
-      <button type="button" class="btn btn-flat btn-success button_template" id="{{ domain.name }}">
-        Template&nbsp;<i class="fa fa-clone"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-        Manage&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-        Admin&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-      </button>
+    <td width="6%">
+
+      <div class="dropdown">
+        <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+          Options
+        </button>
+        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+          <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
+            <i class="fa fa-clone"></i>&nbsp;Template
+          </button>
+          <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+            <i class="fa fa-cog"></i>&nbsp;Manage
+          </button>
+          <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+            <i class="fa fa-cog"></i>&nbsp;Admin
+          </button>
+          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Changelog
+          </button>
+        </div>
+      </div>
+
     </td>
     {% else %}
     <td width="6%">
-      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-        Manage&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      {% if allow_user_view_history %}
-      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-      </button>
-      {% endif %}
+      <div class="dropdown">
+        <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+          Options
+        </button>
+        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+          <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+            <i class="fa fa-cog"></i>&nbsp;Manage
+          </button>
+          {% if allow_user_view_history %}
+            <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+              <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Changelog
+            </button>
+          {% endif %}
+        </div>
+      </div>
     </td>
   {% endif %}  
 {% endmacro %}
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index f61696733..a058a8213 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -1,133 +1,135 @@
 {% extends "base.html" %}
-{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Manage domain: <b>{{ domain.name | pretty_domain_name }}</b>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
-                class="fa fa-dashboard"></i> Home</a></li>
-        <li>Domain</li>
-        <li class="active">{{ domain.name | pretty_domain_name }}</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain: <b>{{ domain.name | pretty_domain_name }}</b>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain: {{ domain.name | pretty_domain_name }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-body">
+      <div class="col-12">
+        <div class="card">
+          <div class="card-header">
+            {% if domain.type != 'Slave' %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_add_record" id="{{ domain.name }}">
+                <i class="fas fa-plus"></i>
+                &nbsp;Add Record
+              </button>
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
+                <i class="fas fa-save"></i>
+                &nbsp;Apply Changes
+              </button>
+            {% else %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_update_from_master" id="{{ domain.name }}">
+                <i class="fas fa-download"></i>
+                &nbsp;Update from Master
+              </button>
+            {% endif %}
+            {% if current_user.role.name in ['Administrator', 'Operator'] %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+                <i class="fas fa-cog"></i>
+                &nbsp;Admin
+              </button>
+            {% endif %}
+            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary button_changelog" id="{{ domain.name }}">
+                <i class="fas fa-history" aria-hidden="true"></i>
+                &nbsp;Changelog
+              </button>
+            {% endif %}
+          </div>
+          <div class="card-body">
+            <table id="tbl_records" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Type</th>
+                  <th>Status</th>
+                  <th>TTL</th>
+                  <th>Data</th>
+                  <th>Comment</th>
+                  <th>Edit</th>
+                  <th>Delete</th>
+                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                    <th >Changelog</th>
+                  {% endif %}
+                  <th>Invisible Sorting Column</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for record in records %}
+                  <tr class="odd row_record" id="{{ domain.name }}">
+                    <td>{{ (record.name,domain.name) | display_record_name | pretty_domain_name }}</td>
+                    <td>{{ record.type }}</td>
+                    <td>{{ record.status }}</td>
+                    <td>{{ record.ttl }}</td>
+                    <td>{{ record.data | pretty_domain_name }}</td>
+                    <td>{{ record.comment }}</td>
                     {% if domain.type != 'Slave' %}
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ domain.name }}">
-                        Add Record&nbsp;<i class="fa fa-plus"></i>
-                    </button>
-                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
-                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
-                    </button>
+                      <td width="6%">
+                        {% if record.is_allowed_edit() %}
+                          <button type="button" class="btn btn-warning button_edit"><i class="fa fa-edit"></i></button>
+                        {% else %}
+                          <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
+                        {% endif %}
+                      </td>
+                      <td width="6%">
+                        {% if record.is_allowed_delete() %}
+                          <button type="button" class="btn btn-danger button_delete"><i class="fa fa-trash"></i></button>
+                        {% endif %}
+                      </td>
                     {% else %}
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_update_from_master" id="{{ domain.name }}">
-                        Update from Master&nbsp;<i class="fa fa-download"></i>
-                    </button>
-                    {% endif %}
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary pull-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-                        Admin&nbsp;<i class="fa fa-cog"></i>
-                      </button>
+                      <td width="6%">
+                        <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
+                      </td>
+                      <td width="6%">
+                        <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
+                      </td>
                     {% endif %}
                     {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary button_changelog" id="{{ domain.name }}">
-                        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-                    </i>
-                    </button>
+                      <td width="6%">
+                        <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
+                          <i class="fa fa-history" aria-hidden="true"></i>
+                        </button>
+                      </td>
                     {% endif %}
-                </div>
-                <div class="box-body">
-                    <table id="tbl_records" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Type</th>
-                                <th>Status</th>
-                                <th>TTL</th>
-                                <th>Data</th>
-                                <th>Comment</th>
-                                <th>Edit</th>
-                                <th>Delete</th>
-                                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                                <th >Changelog</th>
-                                {% endif %}
-                                <th>Invisible Sorting Column</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                                {% for record in records %}
-                                <tr class="odd row_record" id="{{ domain.name }}">
-                                    <td>
-                                        {{ (record.name,domain.name) | display_record_name | pretty_domain_name }}
-                                    </td>
-                                    <td>
-                                        {{ record.type }}
-                                    </td>
-                                    <td>
-                                        {{ record.status }}
-                                    </td>
-                                    <td>
-                                        {{ record.ttl }}
-                                    </td>
-                                    <td>
-                                        {{ record.data | pretty_domain_name }}
-                                    </td>
-                                    <td>
-                                        {{ record.comment }}
-                                    </td>
-                                {% if domain.type != 'Slave' %}
-                                    <td width="6%">
-                                        {% if record.is_allowed_edit() %}
-                                            <button type="button" class="btn btn-flat btn-warning button_edit">Edit&nbsp;<i class="fa fa-edit"></i></button>
-                                        {% else %}
-                                            <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i></button>
-                                        {% endif %}
-                                    </td>
-                                    <td width="6%">
-                                        {% if record.is_allowed_delete() %}
-                                            <button type="button" class="btn btn-flat btn-danger button_delete">Delete&nbsp;<i class="fa fa-trash"></i></button>
-                                        {% endif %}
-                                    </td>
-                                {% else %}
-                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
-                                    </td>
-                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
-                                    </td>
-                                {% endif %}
-                                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                                    <td width="6%">
-                                        <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;
-                                                            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;&nbsp;&nbsp;
-                                        </button>
-                                    </td>
-                                    {% endif %}
-                                    <!-- hidden column that we can sort on -->
-                                    <td>1</td>
-                                </tr>
-                                {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+                    <!-- hidden column that we can sort on -->
+                    <td>1</td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     // superglobals
@@ -284,7 +286,7 @@ <h1>
             // add new row
             var default_type = records_allow_edit[0]
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-	        var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
+          var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
             var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             {% endif %}
@@ -553,72 +555,64 @@ <h1>
     {% endif %}
 </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary pull-left" id="button_delete_cancel" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-primary" id="modal_apply_changes">
+  </div>
+
+  <div class="modal fade modal-primary" id="modal_apply_changes">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-success" id="button_apply_confirm">Apply</button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-primary" id="modal_custom_record">
+  </div>
+
+  <div class="modal fade modal-primary" id="modal_custom_record">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Custom Record</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Custom Record</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary" id="button_save">Save</button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 607730f5b..d5003bc40 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -1,221 +1,239 @@
 {% extends "base.html" %}
+
 {% set active_page = "new_domain" %}
-{% block title %}<title>Add Domain - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Add Domain - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Domain
-        <small>Create new</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
-        <li class="active">Add Domain</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain
+            <small>New Domain</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain - New Domain</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Create new domain</h3>
+      <div class="col-md-4">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Create new domain</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('domain.add') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="card-body">
+              <div class="form-group">
+                <input type="text" class="form-control" name="domain_name" id="domain_name" placeholder="Enter a valid domain name (required)">
+              </div>
+              {% if domain_override_toggle == True %}
+                <div class="form-group">
+                  <label>Domain Override Record</label>
+                  <input type="checkbox" id="domain_override" name="domain_override" class="checkbox">
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" action="{{ url_for('domain.add') }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        <div class="form-group">
-                            <input type="text" class="form-control" name="domain_name" id="domain_name"
-                                placeholder="Enter a valid domain name (required)">
-                        </div>
-                        {% if domain_override_toggle == True %}
-                        <div class="form-group">
-                            <label>Domain Override Record</label>
-                            <input type="checkbox" id="domain_override" name="domain_override"
-                                class="checkbox">
-                        </div>
-                        {% endif %}
-                        <select name="accountid" class="form-control" style="width:15em;">
-                            <option value="0">- No Account -</option>
-                            {% for account in accounts %}
-                            <option value="{{ account.id }}">{{ account.name }}</option>
-                            {% endfor %}
-                        </select><br />
-                        <div class="form-group">
-                            <label>Type</label>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
-                                    Native
-                                </label>
-                                &nbsp;&nbsp;&nbsp;
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_master" value="master"> Master
-                                </label>
-                                &nbsp;&nbsp;&nbsp;
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_slave" value="slave">Slave
-                                </label>
-                            </div>
-                        </div>
-                        <div class="form-group">
-                            <label>Select a template</label>
-                            <select class="form-control" id="domain_template" name="domain_template">
-                                <option value="0">No template</option>
-                                {% for template in templates %}
-                                <option value="{{ template.id }}">{{ template.name }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                        <div class="form-group" style="display: none;" id="domain_master_address_div">
-                            <input type="text" class="form-control" name="domain_master_address"
-                                id="domain_master_address"
-                                placeholder="Enter valid master ip addresses (separated by commas)">
-                        </div>
-                        <div class="form-group">
-                            <label>SOA-EDIT-API</label>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default"
-                                        value="DEFAULT" checked> DEFAULT
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase"
-                                        value="INCREASE"> INCREASE
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
-                                    EPOCH
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
-                                </label>
-                            </div>
-                        </div>
-                    </div>
-                    <!-- /.box-body -->
-
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
-                        <button type="button" class="btn btn-flat btn-default"
-                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
-                    </div>
-                </form>
-            </div>
-            <!-- /.box -->
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with creating a new domain</h3>
+              {% endif %}
+              <select name="accountid" class="form-control" style="width:15em;">
+                <option value="0">- No Account -</option>
+                {% for account in accounts %}
+                  <option value="{{ account.id }}">{{ account.name }}</option>
+                {% endfor %}
+              </select>
+              <br />
+              <div class="form-group">
+                <label>Type</label>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
+                    Native
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_master" value="master">
+                    Primary
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_slave" value="slave">
+                    Secondary
+                  </label>
                 </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <dt>Domain name</dt>
-                        <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
-                            enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
-                            delegate sub-domain management to specific users.</dd>
-                        <dt>Type</dt>
-                        <dd>The type decides how the domain will be replicated across multiple DNS servers.
-                            <ul>
-                                <li>
-                                    Native - PowerDNS will not perform any replication. Use this if you only have one
-                                    PowerDNS server or you handle replication via your backend.
-                                </li>
-                                <li>
-                                    Master - This PowerDNS server will serve as the master and will send zone transfers
-                                    (AXFRs) to other servers configured as slaves.
-                                </li>
-                                <li>
-                                    Slave - This PowerDNS server will serve as the slave and will request and receive
-                                    zone transfers (AXFRs) from other servers configured as masters.
-                                </li>
-                            </ul>
-                        </dd>
-                        <dt>SOA-EDIT-API</dt>
-                        <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
-                            made to the domain.
-                            <ul>
-                                <li>
-                                    DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
-                                    the generated serial, use the generated serial. If the current serial is higher or
-                                    equal to the generated serial, increase the current serial by 1.
-                                </li>
-                                <li>
-                                    INCREASE - Increase the current serial by 1.
-                                </li>
-                                <li>
-                                    EPOCH - Change the serial to the number of seconds since the EPOCH, aka unixtime.
-                                </li>
-                                <li>
-                                    OFF - Disable automatic updates of the SOA serial.
-                                </li>
-                            </ul>
-                        </dd>
-                    </dl>
-                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                    </p>
+              </div>
+              <div class="form-group">
+                <label>Select a template</label>
+                <select class="form-control" id="domain_template" name="domain_template">
+                  <option value="0">No template</option>
+                  {% for template in templates %}
+                    <option value="{{ template.id }}">{{ template.name }}</option>
+                  {% endfor %}
+                </select>
+              </div>
+              <div class="form-group" style="display: none;" id="domain_master_address_div">
+                <input type="text" class="form-control" name="domain_master_address" id="domain_master_address" placeholder="Enter valid master ip addresses (separated by commas)">
+              </div>
+              <div class="form-group">
+                <label>SOA-EDIT-API</label>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default" value="DEFAULT" checked>
+                    DEFAULT
+                  </label>
                 </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase" value="INCREASE">
+                    INCREASE
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
+                    EPOCH
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
+                  </label>
+                </div>
+              </div>
+            </div>
+            <div class="card-footer">
+              <button type="submit" class="btn btn-primary">
+                Submit
+              </button>
+              <button type="button" class="btn btn-default" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                Cancel
+              </button>
             </div>
+          </form>
         </div>
+      </div>
+      <div class="col-md-8">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Help with creating a new domain</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Domain name</dt>
+                <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
+                    enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
+                    delegate sub-domain management to specific users.
+                </dd>
+              <dt>Type</dt>
+                <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                  <ul>
+                    <li>
+                      <b>Native - </b>{{ SITE_NAME }} will not perform any Primary or Secondary zone functions.
+                    </li>
+                    <li>
+                      <b>Primary - </b>{{ SITE_NAME }} will serve as the Primary and will send zone transfers
+                      (AXFRs) to other servers configured as secondaries.
+                    </li>
+                    <li>
+                      <b>Secondary - </b>{{ SITE_NAME }} will serve as the Secondary and will request and receive
+                      zone transfers (AXFRs) from other servers configured as Primaries.
+                    </li>
+                  </ul>
+                </dd>
+                <dt>SOA-EDIT-API</dt>
+                  <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
+                      made to the domain.
+                    <ul>
+                      <li>
+                        <b>DEFAULT - </b>Generate a soa serial of YYYYMMDD01. If the current serial is lower than
+                          the generated serial, use the generated serial. If the current serial is higher or
+                          equal to the generated serial, increase the current serial by 1.
+                      </li>
+                      <li>
+                        <b>INCREASE - </b>Increase the current serial by 1.
+                      </li>
+                      <li>
+                        <b>EPOCH - </b>Change the serial to the number of seconds since the EPOCH, aka unixtime.
+                      </li>
+                      <li>
+                        <b>OFF - </b>Disable automatic updates of the SOA serial.
+                      </li>
+                    </ul>
+                  </dd>
+                </dl>
+                <p>
+                  Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
+                </p>
+              </div>
+            </div>
+          </div>
+      </div>
     </div>
 </section>
+
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     $("input[name=radio_type]").change(function () {
-        var type = $(this).val();
-        if (type == "slave") {
-            $("#domain_master_address_div").show();
-        } else {
-            $("#domain_master_address_div").hide();
-        }
+      var type = $(this).val();
+      if (type == "slave") {
+        $("#domain_master_address_div").show();
+      } else {
+        $("#domain_master_address_div").hide();
+      }
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<script>
-{% if domain_override_message %}
-    $(document.body).ready(function () {
-        var modal = $("#modal_warning");
-        var info = "{{ domain_override_message }}";
-        modal.find('.modal-body p').text(info);
-        modal.modal('show');
-    });
-{% endif %}
-</script>
-</div>
-<div class="modal fade" id="modal_warning">
-  <div class="modal-dialog">
+  <script>
+    {% if domain_override_message %}
+      $(document.body).ready(function () {
+          var modal = $("#modal_warning");
+          var info = "{{ domain_override_message }}";
+          modal.find('.modal-body p').text(info);
+          modal.modal('show');
+      });
+    {% endif %}
+  </script>
+
+  <div class="modal fade" id="modal_warning">
+    <div class="modal-dialog">
       <div class="modal-content modal-sm">
-          <div class="modal-header alert-danger">
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-                  <span aria-hidden="true">&times;</span>
-              </button>
-              <h4 class="modal-title">WARNING</h4>
-          </div>
-          <div class="modal-body">
-              <p></p>
-          </div>
-          <div class="modal-footer">
-              <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
-                  CLOSE</button>
-          </div>
+        <div class="modal-header alert-danger">
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+            <span aria-hidden="true">&times;</span>
+          </button>
+          <h4 class="modal-title">
+            WARNING
+          </h4>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
+            CLOSE
+          </button>
+        </div>
       </div>
-      <!-- /.modal-content -->
+    </div>
   </div>
-  <!-- /.modal-dialog -->
-</div>
-{% endblock %}
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index a6b530a44..27b5bc44d 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -2,72 +2,79 @@
 {% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        {% if record_name and record_type %}
-        Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
-        {% else %}
-        Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
-        {% endif %}
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li>Domain</li>
-        <li class="active">{{ domain.name | pretty_domain_name }}</li>
-    </ol>
-</section>
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          {% if record_name and record_type %}
+          Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
+          {% else %}
+          Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
+          {% endif %}
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Changelog: {{ domain.name | pretty_domain_name }}</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-body">
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_show_records"
-                        id="{{ domain.name }}">
-                        Manage &nbsp;<i class="fa fa-arrow-left"></i>
-                    </button>
-                </div>
-                <div class="box-body">
-
-                    <table id="tbl_changelog" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Changed on</th>
-                                <th>Changed by</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for applied_change in allHistoryChanges %}
-
-                            <tr class="odd row_record" id="{{ domain.name }}">
-                                <td id="changed_on" class="changed_on">
-                                    {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
-                                </td>
-                                <td>
-                                    {{allHistoryChanges[applied_change][0].history_entry.created_by }}
-                                </td>
-                            </tr>
-                            <!-- Nested Table -->
-                            <tr style='visibility:collapse'>
-                                <td colspan="2">
-                                    <div class="content">
-                                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
-                                        {% endcall %}
-                                    </div>
-                                </td>
-                            </tr>
-                            <!-- end nested table -->
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-            </div>
+      <div class="col-xs-12">
+        <div class="card">
+          <div class="card-body">
+            <button type="button" class="btn btn-primary pull-left button_show_records" id="{{ domain.name }}">
+              <i class="fas fa-arrow-left"></i>          
+              &nbsp;Manage
+            </button>
+          </div>
+          <div class="card-body">
+            <table id="tbl_changelog" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Changed on</th>
+                  <th>Changed by</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for applied_change in allHistoryChanges %}
+                  <tr class="odd row_record" id="{{ domain.name }}">
+                    <td id="changed_on" class="changed_on">
+                      {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
+                    </td>
+                    <td>
+                      {{allHistoryChanges[applied_change][0].history_entry.created_by }}
+                    </td>
+                  </tr>
+                  <!-- Nested Table -->
+                  <tr style='visibility:collapse'>
+                    <td colspan="2">
+                      <div class="content">
+                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
+                        {% endcall %}
+                      </div>
+                    </td>
+                  </tr>
+                  <!-- end nested table -->
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 6ac540102..5c20f132f 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -1,127 +1,135 @@
 {% extends "base.html" %}
+
 {% set active_page = "remove_domain" %}
-{% block title %}<title>Remove Domain - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Remove Domain - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Domain
-        <small>Remove existing</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
-        <li class="active">Remove Domain</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain
+            <small>Remove</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain - Remove Domain</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Remove domain</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" action="{{ url_for('domain.remove') }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        <select id=domainid class="form-control" style="width:15em;">
-                            <option value="0">- Select Domain -</option>
-                            {% for domain in domainss %}
-                            <option value="{{ domain.id }}">{{ domain.name }}</option>
-                            {% endfor %}
-                        </select><br />
-
-                    </div>
-                    <!-- /.box-body -->
-
-                    <div class="box-footer">
-                        <button type="button" class="btn btn-flat btn-danger button_delete">Remove</button>
-                        <button type="button" class="btn btn-flat btn-default"
-                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
-                    </div>
-                </form>
+      <div class="col-md-4">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Remove domain</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('domain.remove') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="card-body">
+              <select id=domainid class="form-control" style="width:15em;">
+                <option value="0">- Select Domain -</option>
+                {% for domain in domainss %}
+                  <option value="{{ domain.id }}">{{ domain.name }}</option>
+                {% endfor %}
+              </select>
+              <br />
             </div>
-            <!-- /.box -->
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with removing a new domain</h3>
-                </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <dt>Domain name</dt>
-                        <dd>Select domain you wish to remove from DNS.</dd>
-                    </dl>
-                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                    </p>
-                </div>
+            <div class="card-footer">
+              <button type="button" class="btn btn-default" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                Cancel
+              </button>
+              <button type="button" class="btn btn-danger button_delete float-right">Remove</button>
             </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-md-8">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Help with removing a new domain</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Domain name</dt>
+              <dd>Select domain you wish to remove from DNS.</dd>
+            </dl>
+            <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a></p>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-    // handle delete button
-    $(document.body).on("click", ".button_delete", function(e) {
-        e.stopPropagation();
-        if ( $("#domainid").val() == 0 ){
-            showErrorModal("Please select domain to remove.");
-            return;
-        }
-
-
-        var modal = $("#modal_delete");
-        var domain = $("#domainid option:selected").text(); 
-        var info = "Are you sure you want to delete " + domain + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            $.post($SCRIPT_ROOT + '/domain/remove' , {
-                '_csrf_token': '{{ csrf_token() }}',
-                'domainid': domain,
-            }, function () {
-                window.location.href = '{{ url_for('dashboard.dashboard') }}';
-            });
-            modal.modal('hide');
-        })
-       modal.modal('show');
+  // handle delete button
+  $(document.body).on("click", ".button_delete", function(e) {
+    e.stopPropagation();
+    if ( $("#domainid").val() == 0 ){
+      showErrorModal("Please select domain to remove.");
+      return;
+    }
 
-        $("#button_delete_cancel").unbind().one('click', function(e) {
-            modal.modal('hide');
-        });
+    var modal = $("#modal_delete");
+    var domain = $("#domainid option:selected").text(); 
+    var info = "Are you sure you want to delete " + domain + "?";
+    modal.find('.modal-body p').text(info);
+    modal.find('#button_delete_confirm').click(function () {
+      $.post($SCRIPT_ROOT + '/domain/remove' , {
+        '_csrf_token': '{{ csrf_token() }}',
+        'domainid': domain,
+        }, function () {
+        window.location.href = '{{ url_for('dashboard.dashboard') }}';
+      });
+      modal.modal('hide');
+    })
+    modal.modal('show');
+    $("#button_delete_cancel").unbind().one('click', function(e) {
+      modal.modal('hide');
     });
+  });
 </script>
 {% endblock %}
 
 {% block modals %}
 <div class="modal fade modal-warning" id="modal_delete">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Confirmation</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-default" id="button_delete_cancel" data-dismiss="modal">
+          Close
+        </button>
+        <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
+          Delete
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index b2ca8648a..b6ea84c7f 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -2,7 +2,7 @@
 
 {% block title %}
   <title>
-    {{ SITE_NAME }} - 400 Error
+    400 Error - {{ SITE_NAME }}
   </title>
 {% endblock %}
 
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa fa-warning text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Bad request
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index f629eb8b2..44c75277f 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -2,7 +2,7 @@
 
 {% block title %}
   <title>
-    {{ SITE_NAME }} - 403 Error
+    403 Error - {{ SITE_NAME }}
   </title>
 {% endblock %}
 
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa fa-warning text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Access denied
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 858731f4b..70040a524 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -2,7 +2,7 @@
 
 {% block title %}
   <title>
-    {{ SITE_NAME }} - 404 Error
+    404 Error - {{ SITE_NAME }}
   </title>
 {% endblock %}
 
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa fa-warning text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! You're lost
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index 51142f0fe..c92c104dd 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -2,7 +2,7 @@
 
 {% block title %}
   <title>
-    {{ SITE_NAME }} - 500 Error
+    500 Error - {{ SITE_NAME }}
   </title>
 {% endblock %}
 
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa fa-warning text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index c77902257..a88c388ac 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -2,7 +2,7 @@
 
 {% block title %}
   <title>
-    {{ SITE_NAME }} - SAML Authentication Error
+    SAML Authentication Error - {{ SITE_NAME }}
   </title>
 {% endblock %}
 
@@ -39,7 +39,8 @@ <h1 class="headline text-yellow" style="font-size:46px;">
       <br/>
       <div class="error-content">
         <h3>
-          <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          Oops! Something went wrong
         </h3>
         <br>
         <p>
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 01008ad30..e5001b412 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -106,15 +106,23 @@
             <span class="help-block with-errors"></span>
           </div>
 
-
           {% if captcha_enable %}
-            <p class="login-box-msg">Please complete the CAPTCHA below</p>
-            <div class="form-group has-feedback">
+            <div class="input-group mb-3">
+              <p class="login-box-msg">Please complete the CAPTCHA below</p>
               {{ captcha() }}
-              <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha" data-error="Please complete the CAPTCHA" required>
-              <span class="help-block with-errors"></span>
+              <br>
+              <input type="text" class="form-control" placeholder="CAPTCHA" id="captcha" name="captcha" required>
+              <div class="input-group-append">
+                <div class="input-group-text">
+                  <span class="fas fa-lock"></span>
+                </div>
+              </div>
+              <div class="invalid-feedback">
+                Please complete the CAPTCHA
+              </div>
             </div>
           {% endif %}
+
           <div class="row">
             <div class="col-6">
               <button type="button" class="btn btn-block" id="button_back">Back</button>
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index bc1693be6..586874a32 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -38,19 +38,20 @@ <h4>
   </div>
   {% endif %} {% endwith %}
   <div class="row">
+    <div class="container-fluid">
     <div class="col-xs-12">
-      <div class="box">
-        <div class="box-header">
-          <h3 class="box-title">Templates</h3>
+      <div class="card">
+        <div class="card-header">
+          <h3 class="card-title">Templates</h3>
         </div>
-        <div class="box-body">
+        <div class="card-body">
           <a href="{{ url_for('admin.create_template') }}">
             <button type="button" class="btn btn-flat btn-primary pull-left">
               Create Template&nbsp;<i class="fa fa-plus"></i>
             </button>
           </a>
         </div>
-        <div class="box-body">
+        <div class="card-body">
           <table id="tbl_template_list" class="table table-bordered table-striped">
             <thead>
               <tr>
@@ -75,11 +76,11 @@ <h3 class="box-title">Templates</h3>
                 </td>
                 <td>
                   <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                    <button type="button" class="btn btn-flat btn-warning button_edit" id="btn_edit">
+                    <button type="button" class="btn btn-warning button_edit" id="btn_edit">
                       Edit&nbsp;<i class="fa fa-edit"></i>
                     </button>
                   </a>
-                  <button type="button" class="btn btn-flat btn-danger button_delete" id="{{template.name}}">
+                  <button type="button" class="btn btn-danger button_delete" id="{{template.name}}">
                     Delete&nbsp;<i class="fa fa-trash"></i>
                   </button>
                 </td>
@@ -94,6 +95,7 @@ <h3 class="box-title">Templates</h3>
     </div>
     <!-- /.col -->
   </div>
+  </div>
   <!-- /.row -->
 </section>
 <!-- /.content -->
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 8570f7e4e..327bfefd9 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -1,28 +1,42 @@
 {% extends "base.html" %}
-{% block title %}<title>My Profile - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    My Profile - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Profile
-        <small>Edit my profile</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li class="active">My Profile</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            User
+            <small>My Profile</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">My Profile</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
+
 {% block content %}
 <section class="content">
     <div class="row">
         <div class="col-lg-12">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -
+            <div class="card card-primary">
+                <div class="card-header with-border">
+                    <h3 class="card-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -
                         Authenticated externally]{% endif %}</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <!-- Custom Tabs -->
                     <div class="nav-tabs-custom" id="tabs">
                         <ul class="nav nav-tabs">
diff --git a/requirements.txt b/requirements.txt
index e830ff2b3..b54028902 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -29,6 +29,6 @@ Flask-Mail==0.9.1
 flask-session==0.4.0
 Jinja2==3.1.2
 itsdangerous==2.1.2
-werkzeug==2.1.3
+werkzeug==2.1.2
 cryptography==36.0.2
 flask_session_captcha==1.3.0
\ No newline at end of file

From d38a9196449c43ed343a0b565e1a95ee24acaa30 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 6 Feb 2023 15:49:39 +0000
Subject: [PATCH 183/475] Update yarn.lock packages

---
 yarn.lock | 2024 +++++++++++++++++++++++++++++++----------------------
 1 file changed, 1200 insertions(+), 824 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index a288bdb02..3fe87df10 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2,333 +2,339 @@
 # yarn lockfile v1
 
 
-JSONStream@^1.0.3:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.3.tgz#27b4b8fbbfeab4e71bcf551e7f27be8d952239bf"
+"@foliojs-fork/fontkit@^1.9.1":
+  version "1.9.1"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/fontkit/-/fontkit-1.9.1.tgz#8124649168eb5273f580f66697a139fb5041296b"
+  integrity sha512-U589voc2/ROnvx1CyH9aNzOQWJp127JGU1QAylXGQ7LoEAF6hMmahZLQ4eqAcgHUw+uyW4PjtCItq9qudPkK3A==
+  dependencies:
+    "@foliojs-fork/restructure" "^2.0.2"
+    brfs "^2.0.0"
+    brotli "^1.2.0"
+    browserify-optional "^1.0.1"
+    clone "^1.0.4"
+    deep-equal "^1.0.0"
+    dfa "^1.2.0"
+    tiny-inflate "^1.0.2"
+    unicode-properties "^1.2.2"
+    unicode-trie "^2.0.0"
+
+"@foliojs-fork/linebreak@^1.1.1":
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/linebreak/-/linebreak-1.1.1.tgz#93ecd695b7d2bb0334b9481058c3e610e019a4eb"
+  integrity sha512-pgY/+53GqGQI+mvDiyprvPWgkTlVBS8cxqee03ejm6gKAQNsR1tCYCIvN9FHy7otZajzMqCgPOgC4cHdt4JPig==
+  dependencies:
+    base64-js "1.3.1"
+    brfs "^2.0.2"
+    unicode-trie "^2.0.0"
+
+"@foliojs-fork/pdfkit@^0.13.0":
+  version "0.13.0"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/pdfkit/-/pdfkit-0.13.0.tgz#54f5368d8cf74d8edc81a175ccda1fd9655f2db9"
+  integrity sha512-YXeG1fml9k97YNC9K8e292Pj2JzGt9uOIiBFuQFxHsdQ45BlxW+JU3RQK6JAvXU7kjhjP8rCcYvpk36JLD33sQ==
   dependencies:
-    jsonparse "^1.2.0"
-    through ">=2.2.7 <3"
+    "@foliojs-fork/fontkit" "^1.9.1"
+    "@foliojs-fork/linebreak" "^1.1.1"
+    crypto-js "^4.0.0"
+    png-js "^1.0.0"
+
+"@foliojs-fork/restructure@^2.0.2":
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4"
+  integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA==
+
+"@fortawesome/fontawesome-free@^5.15.4":
+  version "5.15.4"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-5.15.4.tgz#ecda5712b61ac852c760d8b3c79c96adca5554e5"
+  integrity sha512-eYm8vijH/hpzr/6/1CJ/V/Eb1xQFW2nnUKArb3z+yUWv7HTwj6M7SP957oMjfZjAHU6qpoNc2wQvIxBLWYa/Jg==
+
+"@lgaitan/pace-progress@^1.0.7":
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/@lgaitan/pace-progress/-/pace-progress-1.0.7.tgz#c96fbbd9fd4cf528feed34ea0c8f9d8b3e98f0dd"
+  integrity sha512-GMoTcF6WBpno7a7Iyx7M79os26d5bCDbh7YTZmXZM8YuLR3DDtwo0/CBYddStGD6QIBTieFDz4IAQiO0dAdRGw==
+
+"@stencil/core@^2.18.0":
+  version "2.22.2"
+  resolved "https://registry.yarnpkg.com/@stencil/core/-/core-2.22.2.tgz#f518b6bfae85352c72cd07fcaf2f2b61e0581fd9"
+  integrity sha512-r+vbxsGNcBaV1VDOYW25lv4QfXTlNoIb5GpUX7rZ+cr59yqYCZC5tlV+IzX6YgHKW62ulCc9M3RYtTfHtNbNNw==
+
+"@sweetalert2/theme-bootstrap-4@^5.0.8":
+  version "5.0.15"
+  resolved "https://registry.yarnpkg.com/@sweetalert2/theme-bootstrap-4/-/theme-bootstrap-4-5.0.15.tgz#bede688c13784acf73e01352e00d3e7fb8d69e01"
+  integrity sha512-WsGXk67Yz3Txe3lJA4FNqQCKbQQ6yJLpVUknyGcoESVvwHm+UBBlIMHAcKuLvF+WXK9Rbq8gXhpDIU8ISoiPlQ==
+
+"@ttskch/select2-bootstrap4-theme@^1.5.2":
+  version "1.5.2"
+  resolved "https://registry.yarnpkg.com/@ttskch/select2-bootstrap4-theme/-/select2-bootstrap4-theme-1.5.2.tgz#3b4519b349f3e7831c28752a1e9617312a192656"
+  integrity sha512-gAj8qNy/VYwQDBkACm0USM66kxFai8flX83ayRXPNhzZckEgSqIBB9sM74SCM3ssgeX+ZVy4BifTnLis+KpIyg==
 
-acorn-node@^1.2.0, acorn-node@^1.3.0:
+acorn-node@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/acorn-node/-/acorn-node-1.3.0.tgz#5f86d73346743810ef1269b901dbcbded020861b"
   dependencies:
     acorn "^5.4.1"
     xtend "^4.0.1"
 
-acorn@^4.0.3:
-  version "4.0.13"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.13.tgz#105495ae5361d697bd195c825192e1ad7f253787"
-
 acorn@^5.4.1:
   version "5.6.2"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.6.2.tgz#b1da1d7be2ac1b4a327fb9eab851702c5045b4e7"
 
-admin-lte@2.4.9:
-  version "2.4.9"
-  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-2.4.9.tgz#effc04dbb587ccb7d674d4cf663cc141f925ed73"
-  integrity sha512-+u3zt5sWPPT8HmBvRg4F8IGZPaE5wD0K10+IjXoynfe/jEUrMMj+4eA1LGH9fMK6QulmFr1NCtc1Tk+mTgC24A==
-  dependencies:
-    bootstrap "^3.4.0"
-    bootstrap-colorpicker "^2.5.3"
-    bootstrap-datepicker "^1.8.0"
-    bootstrap-daterangepicker "^2.1.25"
-    bootstrap-slider "^9.8.0"
-    bootstrap-timepicker "^0.5.2"
-    chart.js "1.0.*"
-    ckeditor "^4.11.2"
-    datatables.net "^1.10.19"
-    datatables.net-bs "^1.10.19"
+admin-lte@3.2.0:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-3.2.0.tgz#9be383a6418c2323828466ab95af0eb083e4a597"
+  integrity sha512-IDUfoU8jo9DVlB59lDEASAJXTesAEXDZ68DOHI3qg93r5ehVTkMl2x0ixgIyff8NiHeNYXpcOZh3tr6oGbvu9g==
+  dependencies:
+    "@fortawesome/fontawesome-free" "^5.15.4"
+    "@lgaitan/pace-progress" "^1.0.7"
+    "@sweetalert2/theme-bootstrap-4" "^5.0.8"
+    "@ttskch/select2-bootstrap4-theme" "^1.5.2"
+    bootstrap "^4.6.1"
+    bootstrap-colorpicker "^3.4.0"
+    bootstrap-slider "^11.0.2"
+    bootstrap-switch "3.3.4"
+    bootstrap4-duallistbox "^4.0.2"
+    bs-custom-file-input "^1.3.4"
+    bs-stepper "^1.7.0"
+    chart.js "^2.9.4"
+    codemirror "^5.65.1"
+    datatables.net "^1.11.4"
+    datatables.net-autofill-bs4 "^2.3.9"
+    datatables.net-bs4 "^1.11.4"
+    datatables.net-buttons-bs4 "^2.2.2"
+    datatables.net-colreorder-bs4 "^1.5.5"
+    datatables.net-fixedcolumns-bs4 "^4.0.1"
+    datatables.net-fixedheader-bs4 "^3.2.1"
+    datatables.net-keytable-bs4 "^2.6.4"
+    datatables.net-responsive-bs4 "^2.2.9"
+    datatables.net-rowgroup-bs4 "^1.1.4"
+    datatables.net-rowreorder-bs4 "^1.2.8"
+    datatables.net-scroller-bs4 "^2.0.5"
+    datatables.net-searchbuilder-bs4 "^1.3.1"
+    datatables.net-searchpanes-bs4 "^1.4.0"
+    datatables.net-select-bs4 "^1.3.4"
+    daterangepicker "^3.1.0"
+    dropzone "^5.9.3"
+    ekko-lightbox "^5.3.0"
     fastclick "^1.0.6"
-    flot "^0.8.3"
-    font-awesome "^4.7.0"
-    fullcalendar "^3.10.0"
-    inputmask "^3.3.7"
-    ion-rangeslider "^2.3.0"
-    ionicons "^3.0.0"
-    jquery "^3.2.1"
-    jquery-knob "^1.2.11"
-    jquery-sparkline "^2.4.0"
-    jquery-ui "^1.12.1"
-    jvectormap "^1.2.2"
-    moment "^2.24.0"
-    morris.js "^0.5.0"
-    pace "0.0.4"
-    raphael "^2.2.7"
-    select2 "^4.0.3"
-    slimscroll "^0.9.1"
-
-almond@~0.3.1:
-  version "0.3.3"
-  resolved "https://registry.yarnpkg.com/almond/-/almond-0.3.3.tgz#a0e7c95ac7624d6417b4494b1e68bff693168a20"
-
-asn1.js@^4.0.0:
-  version "4.10.1"
-  resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
-  dependencies:
-    bn.js "^4.0.0"
-    inherits "^2.0.1"
-    minimalistic-assert "^1.0.0"
-
-assert@^1.4.0:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91"
-  dependencies:
-    util "0.10.3"
+    filterizr "^2.2.4"
+    flag-icon-css "^4.1.7"
+    flot "^4.2.2"
+    fs-extra "^10.0.0"
+    fullcalendar "^5.10.1"
+    icheck-bootstrap "^3.0.1"
+    inputmask "^5.0.7"
+    ion-rangeslider "^2.3.1"
+    jquery "^3.6.0"
+    jquery-knob-chif "^1.2.13"
+    jquery-mapael "^2.2.0"
+    jquery-mousewheel "^3.1.13"
+    jquery-ui-dist "^1.13.0"
+    jquery-validation "^1.19.3"
+    jqvmap-novulnerability "^1.5.1"
+    jsgrid "^1.5.3"
+    jszip "^3.7.1"
+    moment "^2.29.1"
+    overlayscrollbars "^1.13.1"
+    pdfmake "^0.2.4"
+    popper.js "^1.16.1"
+    raphael "^2.3.0"
+    select2 "^4.0.13"
+    sparklines "^1.3.0"
+    summernote "^0.8.20"
+    sweetalert2 "^11.4.0"
+    tempusdominus-bootstrap-4 "^5.39.0"
+    toastr "^2.1.4"
+    uplot "^1.6.18"
+
+amdefine@>=0.0.4:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5"
+  integrity sha512-S2Hw0TtNkMJhIabBwIojKL9YHO5T0n5eNqWJ7Lrlel/zDbftQpxpapi8tZs3X1HWa+u+QeydGmzzNU0m09+Rcg==
 
-astw@^2.0.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/astw/-/astw-2.2.0.tgz#7bd41784d32493987aeb239b6b4e1c57a873b917"
+array-from@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/array-from/-/array-from-2.1.1.tgz#cfe9d8c26628b9dc5aecc62a9f5d8f1f352c1195"
+  integrity sha512-GQTc6Uupx1FCavi5mPzBvVT7nEOeWMmUA9P95wpfpW1XwMSKs+KaymD5C2Up7KAUKg/mYwbsUYzdZWcoajlNZg==
+
+ast-transform@0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/ast-transform/-/ast-transform-0.0.0.tgz#74944058887d8283e189d954600947bc98fe0062"
+  integrity sha512-e/JfLiSoakfmL4wmTGPjv0HpTICVmxwXgYOB8x+mzozHL8v+dSfCbrJ8J8hJ0YBP0XcYu1aLZ6b/3TnxNK3P2A==
   dependencies:
-    acorn "^4.0.3"
+    escodegen "~1.2.0"
+    esprima "~1.0.4"
+    through "~2.3.4"
 
-balanced-match@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
+ast-types@^0.7.0:
+  version "0.7.8"
+  resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.7.8.tgz#902d2e0d60d071bdcd46dc115e1809ed11c138a9"
+  integrity sha512-RIOpVnVlltB6PcBJ5BMLx+H+6JJ/zjDGU0t7f0L6c2M1dqcK92VQopLBlPQ9R80AVXelfqYgjcPLtHtDbNFg0Q==
 
-base64-js@^1.0.2:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.0.tgz#cab1e6118f051095e58b5281aea8c1cd22bfc0e3"
+base64-js@1.3.1:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1"
+  integrity sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==
 
-bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.11.9:
-  version "4.12.0"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88"
-  integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
+base64-js@^1.1.2, base64-js@^1.3.0:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
+  integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
 
-bootstrap-colorpicker@^2.5.3:
-  version "2.5.3"
-  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-2.5.3.tgz#b50aff8590fbaa6b5aa63a5624e4213f1659a49d"
-  integrity sha512-xdllX8LSMvKULs3b8JrgRXTvyvjkSMHHHVuHjjN5FNMqr6kRe5NPiMHFmeAFjlgDF73MspikudLuEwR28LbzLw==
+bootstrap-colorpicker@^3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-3.4.0.tgz#3d1873071542755a9b31cf5b314f771e2fcc7727"
+  integrity sha512-7vA0hvLrat3ptobEKlT9+6amzBUJcDAoh6hJRQY/AD+5dVZYXXf1ivRfrTwmuwiVLJo9rZwM8YB4lYzp6agzqg==
   dependencies:
-    jquery ">=1.10"
+    bootstrap ">=4.0"
+    jquery ">=2.2"
+    popper.js ">=1.10"
 
-bootstrap-datepicker@^1.8.0:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.8.0.tgz#c63513931e6f09f16ae9f11b62f32d950df3958e"
-  integrity sha512-213St/G8KT3mjs4qu4qwww74KWysMaIeqgq5OhrboZjIjemIpyuxlSo9FNNI5+KzpkkxkRRba+oewiRGV42B1A==
+bootstrap-datepicker@^1.9.0:
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.9.0.tgz#e4bfce3fcce1967876b21dc6833ec5994aaed090"
+  integrity sha512-9rYYbaVOheGYxjOr/+bJCmRPihfy+LkLSg4fIFMT9Od8WwWB/MB50w0JO1eBgKUMbb7PFHQD5uAfI3ArAxZRXA==
   dependencies:
     jquery ">=1.7.1 <4.0.0"
 
-bootstrap-daterangepicker@^2.1.25:
-  version "2.1.30"
-  resolved "https://registry.yarnpkg.com/bootstrap-daterangepicker/-/bootstrap-daterangepicker-2.1.30.tgz#f893dbfff5a4d7dfaab75460e8ea6969bb89689a"
-  dependencies:
-    jquery ">=1.10"
-    moment "^2.9.0"
+bootstrap-slider@^11.0.2:
+  version "11.0.2"
+  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-11.0.2.tgz#4b167c165f322339cc66f0c7166b5a39e289e251"
+  integrity sha512-CdwS+Z6X79OkLes9RfDgPB9UIY/+81wTkm6ktdSB6hdyiRbjJLFQIjZdnEr55tDyXZfgC7U6yeSXkNN9ZdGqjA==
 
-bootstrap-slider@^9.8.0:
-  version "9.10.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-9.10.0.tgz#1103d6bc00cfbfa8cfc9a2599ab518c55643da3f"
-
-bootstrap-timepicker@^0.5.2:
-  version "0.5.2"
-  resolved "https://registry.yarnpkg.com/bootstrap-timepicker/-/bootstrap-timepicker-0.5.2.tgz#10ed9f2a2f0b8ccaefcde0fcf6a0738b919a3835"
+bootstrap-switch@3.3.4:
+  version "3.3.4"
+  resolved "https://registry.yarnpkg.com/bootstrap-switch/-/bootstrap-switch-3.3.4.tgz#70e0aeb2a877c0dc766991de108e2170fc29a2ff"
+  integrity sha512-7YQo+Ir6gCUqC36FFp1Zvec5dRF/+obq+1drMtdIMi9Xc84Kx63Evi0kdcp4HfiGsZpiz6IskyYDNlSKcxsL7w==
 
 bootstrap-validator@^0.11.9:
   version "0.11.9"
   resolved "https://registry.yarnpkg.com/bootstrap-validator/-/bootstrap-validator-0.11.9.tgz#fb7058eef53623e78f5aa7967026f98f875a9404"
 
-bootstrap@^3.4.0, bootstrap@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-3.4.1.tgz#c3a347d419e289ad11f4033e3c4132b87c081d72"
-  integrity sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==
+bootstrap4-duallistbox@^4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/bootstrap4-duallistbox/-/bootstrap4-duallistbox-4.0.2.tgz#c6942e34a39d0d05e436d51ebaf31c9349f119d3"
+  integrity sha512-vQdANVE2NN0HMaZO9qWJy0C7u04uTpAmtUGO3KLq3xAZKCboJweQ437hDTszI6pbYV2olJCGZMbdhvIkBNGeGQ==
 
-brace-expansion@^1.1.7:
-  version "1.1.11"
-  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
-  dependencies:
-    balanced-match "^1.0.0"
-    concat-map "0.0.1"
+bootstrap@4.6.2, bootstrap@^4.6.1:
+  version "4.6.2"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.6.2.tgz#8e0cd61611728a5bf65a3a2b8d6ff6c77d5d7479"
+  integrity sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==
 
-brorand@^1.0.1, brorand@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
-  integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=
+bootstrap@>=4.0:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-5.2.3.tgz#54739f4414de121b9785c5da3c87b37ff008322b"
+  integrity sha512-cEKPM+fwb3cT8NzQZYEu4HilJ3anCrWqh3CHAok1p9jXqMPsPTBhU25fBckEJHJ/p+tTxTFTsFQGM+gaHpi3QQ==
 
-browser-pack@^6.0.1:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/browser-pack/-/browser-pack-6.1.0.tgz#c34ba10d0b9ce162b5af227c7131c92c2ecd5774"
+brfs@^2.0.0, brfs@^2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/brfs/-/brfs-2.0.2.tgz#44237878fa82aa479ce4f5fe2c1796ec69f07845"
+  integrity sha512-IrFjVtwu4eTJZyu8w/V2gxU7iLTtcHih67sgEdzrhjLBMHp2uYefUBfdM4k2UvcuWMgV7PQDZHSLeNWnLFKWVQ==
   dependencies:
-    JSONStream "^1.0.3"
-    combine-source-map "~0.8.0"
-    defined "^1.0.0"
-    safe-buffer "^5.1.1"
+    quote-stream "^1.0.1"
+    resolve "^1.1.5"
+    static-module "^3.0.2"
     through2 "^2.0.0"
-    umd "^3.0.0"
 
-browser-resolve@^1.11.0, browser-resolve@^1.7.0:
-  version "1.11.2"
-  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.2.tgz#8ff09b0a2c421718a1051c260b32e48f442938ce"
+brotli@^1.2.0:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/brotli/-/brotli-1.3.3.tgz#7365d8cc00f12cf765d2b2c898716bcf4b604d48"
+  integrity sha512-oTKjJdShmDuGW94SyyaoQvAjf30dZaHnjJ8uAF+u2/vGJkJbJPJAT1gDiOJP5v1Zb6f9KEyW/1HpuaWIXtGHPg==
   dependencies:
-    resolve "1.1.7"
+    base64-js "^1.1.2"
 
-browserify-aes@^1.0.0, browserify-aes@^1.0.4:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/browserify-aes/-/browserify-aes-1.2.0.tgz#326734642f403dabc3003209853bb70ad428ef48"
+browser-resolve@^1.8.1:
+  version "1.11.3"
+  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.3.tgz#9b7cbb3d0f510e4cb86bdbd796124d28b5890af6"
+  integrity sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==
   dependencies:
-    buffer-xor "^1.0.3"
-    cipher-base "^1.0.0"
-    create-hash "^1.1.0"
-    evp_bytestokey "^1.0.3"
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+    resolve "1.1.7"
 
-browserify-cipher@^1.0.0:
+browserify-optional@^1.0.1:
   version "1.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-cipher/-/browserify-cipher-1.0.1.tgz#8d6474c1b870bfdabcd3bcfcc1934a10e94f15f0"
+  resolved "https://registry.yarnpkg.com/browserify-optional/-/browserify-optional-1.0.1.tgz#1e13722cfde0d85f121676c2a72ced533a018869"
+  integrity sha512-VrhjbZ+Ba5mDiSYEuPelekQMfTbhcA2DhLk2VQWqdcCROWeFqlTcXZ7yfRkXCIl8E+g4gINJYJiRB7WEtfomAQ==
   dependencies:
-    browserify-aes "^1.0.4"
-    browserify-des "^1.0.0"
-    evp_bytestokey "^1.0.0"
+    ast-transform "0.0.0"
+    ast-types "^0.7.0"
+    browser-resolve "^1.8.1"
 
-browserify-des@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-des/-/browserify-des-1.0.1.tgz#3343124db6d7ad53e26a8826318712bdc8450f9c"
-  dependencies:
-    cipher-base "^1.0.1"
-    des.js "^1.0.0"
-    inherits "^2.0.1"
+bs-custom-file-input@^1.3.4:
+  version "1.3.4"
+  resolved "https://registry.yarnpkg.com/bs-custom-file-input/-/bs-custom-file-input-1.3.4.tgz#c275cb8d4f1c02ba026324292509fa9a747dbda8"
+  integrity sha512-NBsQzTnef3OW1MvdKBbMHAYHssCd613MSeJV7z2McXznWtVMnJCy7Ckyc+PwxV6Pk16cu6YBcYWh/ZE0XWNKCA==
 
-browserify-rsa@^4.0.0:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-rsa/-/browserify-rsa-4.0.1.tgz#21e0abfaf6f2029cf2fafb133567a701d4135524"
-  dependencies:
-    bn.js "^4.1.0"
-    randombytes "^2.0.1"
-
-browserify-sign@^4.0.0:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.0.4.tgz#aa4eb68e5d7b658baa6bf6a57e630cbd7a93d298"
-  dependencies:
-    bn.js "^4.1.1"
-    browserify-rsa "^4.0.0"
-    create-hash "^1.1.0"
-    create-hmac "^1.1.2"
-    elliptic "^6.0.0"
-    inherits "^2.0.1"
-    parse-asn1 "^5.0.0"
-
-browserify-zlib@~0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/browserify-zlib/-/browserify-zlib-0.2.0.tgz#2869459d9aa3be245fe8fe2ca1f46e2e7f54d73f"
-  dependencies:
-    pako "~1.0.5"
-
-browserify@>=3.46.0:
-  version "16.2.2"
-  resolved "https://registry.yarnpkg.com/browserify/-/browserify-16.2.2.tgz#4b1f66ba0e54fa39dbc5aa4be9629142143d91b0"
-  dependencies:
-    JSONStream "^1.0.3"
-    assert "^1.4.0"
-    browser-pack "^6.0.1"
-    browser-resolve "^1.11.0"
-    browserify-zlib "~0.2.0"
-    buffer "^5.0.2"
-    cached-path-relative "^1.0.0"
-    concat-stream "^1.6.0"
-    console-browserify "^1.1.0"
-    constants-browserify "~1.0.0"
-    crypto-browserify "^3.0.0"
-    defined "^1.0.0"
-    deps-sort "^2.0.0"
-    domain-browser "^1.2.0"
-    duplexer2 "~0.1.2"
-    events "^2.0.0"
-    glob "^7.1.0"
-    has "^1.0.0"
-    htmlescape "^1.1.0"
-    https-browserify "^1.0.0"
-    inherits "~2.0.1"
-    insert-module-globals "^7.0.0"
-    labeled-stream-splicer "^2.0.0"
-    mkdirp "^0.5.0"
-    module-deps "^6.0.0"
-    os-browserify "~0.3.0"
-    parents "^1.0.1"
-    path-browserify "~0.0.0"
-    process "~0.11.0"
-    punycode "^1.3.2"
-    querystring-es3 "~0.2.0"
-    read-only-stream "^2.0.0"
-    readable-stream "^2.0.2"
-    resolve "^1.1.4"
-    shasum "^1.0.0"
-    shell-quote "^1.6.1"
-    stream-browserify "^2.0.0"
-    stream-http "^2.0.0"
-    string_decoder "^1.1.1"
-    subarg "^1.0.0"
-    syntax-error "^1.1.1"
-    through2 "^2.0.0"
-    timers-browserify "^1.0.1"
-    tty-browserify "0.0.1"
-    url "~0.11.0"
-    util "~0.10.1"
-    vm-browserify "^1.0.0"
-    xtend "^4.0.0"
+bs-stepper@^1.7.0:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/bs-stepper/-/bs-stepper-1.7.0.tgz#bfa4cc51c4e67957caae57f5bdcba1977186bac1"
+  integrity sha512-+DX7UKKgw2GI6ucsSCRd19VHYrxf/8znRCLs1lQVVLxz+h7EqgIOxoHcJ0/QTaaNoR9Cwg78ydo6hXIasyd3LA==
+
+buffer-equal@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-0.0.1.tgz#91bc74b11ea405bc916bc6aa908faafa5b4aac4b"
+  integrity sha512-RgSV6InVQ9ODPdLWJ5UAqBqJBOg370Nz6ZQtRzpt6nUjc8v0St97uJ4PYC6NztqIScrAXafKM3mZPMygSe1ggA==
 
 buffer-from@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.0.tgz#87fcaa3a298358e0ade6e442cfce840740d1ad04"
 
-buffer-xor@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/buffer-xor/-/buffer-xor-1.0.3.tgz#26e61ed1422fb70dd42e6e36729ed51d855fe8d9"
-
-buffer@^5.0.2:
-  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.1.0.tgz#c913e43678c7cb7c8bd16afbcddb6c5505e8f9fe"
+call-bind@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.2.tgz#b1d4e89e688119c3c9a903ad30abb2f6a919be3c"
+  integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==
   dependencies:
-    base64-js "^1.0.2"
-    ieee754 "^1.1.4"
-
-builtin-status-codes@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
-
-cached-path-relative@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.1.0.tgz#865576dfef39c0d6a7defde794d078f5308e3ef3"
-  integrity sha512-WF0LihfemtesFcJgO7xfOoOcnWzY/QHR4qeDqV44jPU3HTI54+LnfXK3SA27AVVGCdZFgjjFFaqUA9Jx7dMJZA==
+    function-bind "^1.1.1"
+    get-intrinsic "^1.0.2"
 
-charm@~0.1.0:
-  version "0.1.2"
-  resolved "https://registry.yarnpkg.com/charm/-/charm-0.1.2.tgz#06c21eed1a1b06aeb67553cdc53e23274bac2296"
+chart.js@^2.9.4:
+  version "2.9.4"
+  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-2.9.4.tgz#0827f9563faffb2dc5c06562f8eb10337d5b9684"
+  integrity sha512-B07aAzxcrikjAPyV+01j7BmOpxtQETxTSlQ26BEYJ+3iUkbNKaOJ/nDbT6JjyqYxseM0ON12COHYdU2cTIjC7A==
+  dependencies:
+    chartjs-color "^2.1.0"
+    moment "^2.10.2"
 
-chart.js@1.0.*:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-1.0.2.tgz#ad57d2229cfd8ccf5955147e8121b4911e69dfe7"
+chartjs-color-string@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/chartjs-color-string/-/chartjs-color-string-0.6.0.tgz#1df096621c0e70720a64f4135ea171d051402f71"
+  integrity sha512-TIB5OKn1hPJvO7JcteW4WY/63v6KwEdt6udfnDE9iCAZgy+V4SrbSxoIbTw/xkUIapjEI4ExGtD0+6D3KyFd7A==
+  dependencies:
+    color-name "^1.0.0"
 
-cipher-base@^1.0.0, cipher-base@^1.0.1, cipher-base@^1.0.3:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/cipher-base/-/cipher-base-1.0.4.tgz#8760e4ecc272f4c363532f926d874aae2c1397de"
+chartjs-color@^2.1.0:
+  version "2.4.1"
+  resolved "https://registry.yarnpkg.com/chartjs-color/-/chartjs-color-2.4.1.tgz#6118bba202fe1ea79dd7f7c0f9da93467296c3b0"
+  integrity sha512-haqOg1+Yebys/Ts/9bLo/BqUcONQOdr/hoEr2LLTRl6C5LXctUdHxsCYfvQVg5JIxITrfCNUDr4ntqmQk9+/0w==
   dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+    chartjs-color-string "^0.6.0"
+    color-convert "^1.9.3"
 
-ckeditor@^4.11.2:
-  version "4.11.3"
-  resolved "https://registry.yarnpkg.com/ckeditor/-/ckeditor-4.11.3.tgz#91f66d7ddb5bff3874514fe539779686874ed655"
-  integrity sha512-v6G+v16WAcukKuQH6m+trA9RCOQntFM2nxPO/GFiLYsdD/5IbZAZ2n7GwMxQmxDXpx4AixpnMWF+yAE1t9wq6Q==
+clone@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.4.tgz#da309cc263df15994c688ca902179ca3c7cd7c7e"
+  integrity sha512-JQHZ2QMW6l3aH/j6xCqQThY/9OH4D/9ls34cgkUBiEeocRTU04tHfKPBsUK1PqZCUQM7GiA0IIXJSuXHI64Kbg==
 
-classie@>=0.0.1:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/classie/-/classie-1.0.0.tgz#fc9b29b47e64e374a2062fb624d05a61cd703ab2"
+codemirror@^5.65.1:
+  version "5.65.11"
+  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.65.11.tgz#c818edc3274788c008f636520c5490a1f7009b4f"
+  integrity sha512-Gp62g2eKSCHYt10axmGhKq3WoJSvVpvhXmowNq7pZdRVowwtvBR/hi2LSP5srtctKkRT33T6/n8Kv1UGp7JW4A==
 
-combine-source-map@^0.8.0, combine-source-map@~0.8.0:
-  version "0.8.0"
-  resolved "https://registry.yarnpkg.com/combine-source-map/-/combine-source-map-0.8.0.tgz#a58d0df042c186fcf822a8e8015f5450d2d79a8b"
+color-convert@^1.9.3:
+  version "1.9.3"
+  resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.3.tgz#bb71850690e1f136567de629d2d5471deda4c1e8"
+  integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==
   dependencies:
-    convert-source-map "~1.1.0"
-    inline-source-map "~0.6.0"
-    lodash.memoize "~3.0.3"
-    source-map "~0.5.3"
+    color-name "1.1.3"
 
-concat-map@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
+color-name@1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25"
+  integrity sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==
 
-concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0:
+color-name@^1.0.0:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
+  integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
+
+concat-stream@~1.6.0:
   version "1.6.2"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
   dependencies:
@@ -337,331 +343,664 @@ concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0:
     readable-stream "^2.2.2"
     typedarray "^0.0.6"
 
-console-browserify@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/console-browserify/-/console-browserify-1.1.0.tgz#f0241c45730a9fc6323b206dbf38edc741d0bb10"
-  dependencies:
-    date-now "^0.1.4"
-
-constants-browserify@~1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/constants-browserify/-/constants-browserify-1.0.0.tgz#c20b96d8c617748aaf1c16021760cd27fcb8cb75"
-
-convert-source-map@~1.1.0:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.1.3.tgz#4829c877e9fe49b3161f3bf3673888e204699860"
+convert-source-map@^1.5.1:
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.9.0.tgz#7faae62353fb4213366d0ca98358d22e8368b05f"
+  integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==
 
 core-util-is@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
 
-create-ecdh@^4.0.0:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.3.tgz#c9111b6f33045c4697f144787f9254cdc77c45ff"
+crypto-js@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
+  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
+
+d@1, d@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/d/-/d-1.0.1.tgz#8698095372d58dbee346ffd0c7093f99f8f9eb5a"
+  integrity sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==
   dependencies:
-    bn.js "^4.1.0"
-    elliptic "^6.0.0"
+    es5-ext "^0.10.50"
+    type "^1.0.1"
 
-create-hash@^1.1.0, create-hash@^1.1.2:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
+dash-ast@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/dash-ast/-/dash-ast-2.0.1.tgz#8d0fd2e601c59bf874cc22877ee7dd889f54dee8"
+  integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
+
+datatables.net-autofill-bs4@^2.3.9:
+  version "2.5.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill-bs4/-/datatables.net-autofill-bs4-2.5.1.tgz#2c5fefe6076f95bf40313a8ec4cad4c36a4b20df"
+  integrity sha512-5oCgfpte/IEPFKBGGEuEKE0qVmSkKCJ8bkqNOKLghemado5ldOcU9WZysVyk3L72nQMHnXlB4CNex6qj9Snu5w==
   dependencies:
-    cipher-base "^1.0.1"
-    inherits "^2.0.1"
-    md5.js "^1.3.4"
-    ripemd160 "^2.0.1"
-    sha.js "^2.4.0"
+    datatables.net-autofill ">=2.4.0"
+    datatables.net-bs4 ">=1.12.1"
+    jquery ">=1.7"
 
-create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
-  version "1.1.7"
-  resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
-  dependencies:
-    cipher-base "^1.0.3"
-    create-hash "^1.1.0"
-    inherits "^2.0.1"
-    ripemd160 "^2.0.0"
-    safe-buffer "^5.0.1"
-    sha.js "^2.4.8"
-
-crypto-browserify@^3.0.0:
-  version "3.12.0"
-  resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-3.12.0.tgz#396cf9f3137f03e4b8e532c58f698254e00f80ec"
-  dependencies:
-    browserify-cipher "^1.0.0"
-    browserify-sign "^4.0.0"
-    create-ecdh "^4.0.0"
-    create-hash "^1.1.0"
-    create-hmac "^1.1.0"
-    diffie-hellman "^5.0.0"
-    inherits "^2.0.1"
-    pbkdf2 "^3.0.3"
-    public-encrypt "^4.0.0"
-    randombytes "^2.0.0"
-    randomfill "^1.0.3"
-
-datatables.net-bs@^1.10.19:
-  version "1.10.19"
-  resolved "https://registry.yarnpkg.com/datatables.net-bs/-/datatables.net-bs-1.10.19.tgz#08763b4e4d0cef1a427d019dc15e717c7ed67a4d"
-  integrity sha512-5gxoI2n+duZP06+4xVC2TtH6zcY369/TRKTZ1DdSgDcDUl4OYQsrXCuaLJmbVzna/5Y5lrMmK7CxgvYgIynICA==
-  dependencies:
-    datatables.net "1.10.19"
+datatables.net-autofill@>=2.4.0:
+  version "2.5.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill/-/datatables.net-autofill-2.5.1.tgz#8a92a180b9174c8061700d66e26dece2a650f9b1"
+  integrity sha512-HuBx0KOxQVmQooQahlsi3a9DXhZB+kvRtC5ZPjDVKiJ1rV3NCc4Q/s4Q6Go4TjKd013uFcifLca9GJnbpx4wng==
+  dependencies:
+    datatables.net ">=1.12.1"
     jquery ">=1.7"
 
-datatables.net-plugins@^1.10.19:
-  version "1.10.20"
-  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.10.20.tgz#c89f6bed3fa7e6605cbeaa35d60f223659e84c8c"
-  integrity sha512-rnhNmRHe9UEzvM7gtjBay1QodkWUmxLUhHNbmJMYhhUggjtm+BRSlE0PRilkeUkwckpNWzq+0fPd7/i0fpQgzA==
+datatables.net-bs4@>=1.10.25, datatables.net-bs4@>=1.12.1, datatables.net-bs4@^1.11.4:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-bs4/-/datatables.net-bs4-1.13.1.tgz#b704d9639bbe650c996e614dc37f529e8c09ff47"
+  integrity sha512-GBTOzUT8ooEUMPtjVHktvDk0MyakFGh89F8aHj8VwF1OFLbqTGEAPacO8XAgSfej/Ng3dbFJA6sjrk4gFra8kg==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-datatables.net@1.10.19, datatables.net@^1.10.19:
-  version "1.10.19"
-  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.10.19.tgz#97a1ed41c85e62d61040603481b59790a172dd1f"
-  integrity sha512-+ljXcI6Pj3PTGy5pesp3E5Dr3x3AV45EZe0o1r0gKENN2gafBKXodVnk2ypKwl2tTmivjxbkiqoWnipTefyBTA==
+datatables.net-buttons-bs4@^2.2.2:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs4/-/datatables.net-buttons-bs4-2.3.3.tgz#11655db6218f129dce04c043decbd4e36e02bf8c"
+  integrity sha512-u028LSQrwK7V+w1nIrQFcyFe8uNZriOzc8AuTvACF+cTlZeDq6ch40dXy5e8Vsaad2xSopJAQ189zPOIGdUlqw==
   dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-buttons ">=2.2.3"
     jquery ">=1.7"
 
-date-now@^0.1.4:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/date-now/-/date-now-0.1.4.tgz#eaf439fd4d4848ad74e5cc7dbef200672b9e345b"
+datatables.net-buttons@>=2.2.3:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-2.3.3.tgz#d54918ac82c681a0d58151d555ed690f40fef614"
+  integrity sha512-jK/hGF+NEj6CxDHKlpQiSu280G00VgL57SPyLbOA+DrmUd6wSGmdco0ztzYsbe9hzLJ3QnmB5LTpPPrBf8985Q==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-defined@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
+datatables.net-colreorder-bs4@^1.5.5:
+  version "1.6.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-colreorder-bs4/-/datatables.net-colreorder-bs4-1.6.1.tgz#01e8b0ffd47c832d4cf928f4486e42b0be90fe21"
+  integrity sha512-vdr0Padd26pDNdUhasFUGWK6WrYyoBSwoJ5Sq4294hgj1SqblP8pz1vIGUmFiFtlHlOsHaVor3rffeqyYH8Waw==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-colreorder ">=1.5.6"
+    jquery ">=1.7"
 
-deps-sort@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/deps-sort/-/deps-sort-2.0.0.tgz#091724902e84658260eb910748cccd1af6e21fb5"
+datatables.net-colreorder@>=1.5.6:
+  version "1.6.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-colreorder/-/datatables.net-colreorder-1.6.1.tgz#effecd14fb8c42299b4a120d31b6ab04ccdd5dca"
+  integrity sha512-ae0gdkG0OmrEGUrXYm0XgWDzDkuEhEuNrfvQsmtCTl0j+1nxtXPsecIiWBCqv/dM0X4x8PT0dJY8furqPCzXXw==
   dependencies:
-    JSONStream "^1.0.3"
-    shasum "^1.0.0"
-    subarg "^1.0.0"
-    through2 "^2.0.0"
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-des.js@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/des.js/-/des.js-1.0.0.tgz#c074d2e2aa6a8a9a07dbd61f9a15c2cd83ec8ecc"
+datatables.net-fixedcolumns-bs4@^4.0.1:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns-bs4/-/datatables.net-fixedcolumns-bs4-4.2.1.tgz#5c608b3b98654350745441a7306e9b0e02b111d5"
+  integrity sha512-RXI0weSNs9MlwKZujIKtih2wAdycjYgE7xunFYNTLJrjMzmRrisHs1FQ8AwZAQZu2CkvUbrUjdiAuaJXwKPyuA==
   dependencies:
-    inherits "^2.0.1"
-    minimalistic-assert "^1.0.0"
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-fixedcolumns ">=4.1.0"
+    jquery ">=1.7"
 
-detective@^5.0.2:
-  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/detective/-/detective-5.1.0.tgz#7a20d89236d7b331ccea65832e7123b5551bb7cb"
+datatables.net-fixedcolumns@>=4.1.0:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns/-/datatables.net-fixedcolumns-4.2.1.tgz#f73ec3369646487e74afab308d8eb90eca0a37d2"
+  integrity sha512-XCNM2UyWwLl8Qtaw23/wgMlUhQjIWEKXJSLqB67RTibeyfVUF7zsnNQECPtlPr6kqUN229Ep8UZG15Zc71MytQ==
   dependencies:
-    acorn-node "^1.3.0"
-    defined "^1.0.0"
-    minimist "^1.1.1"
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-diffie-hellman@^5.0.0:
-  version "5.0.3"
-  resolved "https://registry.yarnpkg.com/diffie-hellman/-/diffie-hellman-5.0.3.tgz#40e8ee98f55a2149607146921c63e1ae5f3d2875"
+datatables.net-fixedheader-bs4@^3.2.1:
+  version "3.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader-bs4/-/datatables.net-fixedheader-bs4-3.3.1.tgz#f60c85f8d0d846cff1368f2a2012229f3baa43b4"
+  integrity sha512-cTSh9VygiEoMwnkuR5xhex/NDCJ5CsgXCLG0VDdOqptUwjYIqlrrVf4hBCj2XnJCxHi/liV1sSW3qu7q1QnpwQ==
   dependencies:
-    bn.js "^4.1.0"
-    miller-rabin "^4.0.0"
-    randombytes "^2.0.0"
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-fixedheader ">=3.2.4"
+    jquery ">=1.7"
 
-domain-browser@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/domain-browser/-/domain-browser-1.2.0.tgz#3d31f50191a6749dd1375a7f522e823d42e54eda"
+datatables.net-fixedheader@>=3.2.4:
+  version "3.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader/-/datatables.net-fixedheader-3.3.1.tgz#71aafa169b91f0fc1b3fa353d50f575ad67ad50d"
+  integrity sha512-m1ip5dOOsdjaFw2e5G77o+XLjqy5wWKnBnp+BwbnFCq4J5hFbMqcIV1r5z9X+NeAiKlADqZqteeLoO2xYRXBVA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-keytable-bs4@^2.6.4:
+  version "2.8.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable-bs4/-/datatables.net-keytable-bs4-2.8.0.tgz#fa36bf33eb5591a998f0fe361851f496487e12ed"
+  integrity sha512-QzkT+CHndZNfUYzzwAMtzHbDRNw5M6yIwWhGClX6/9i9NJ/dLwFzE5pZumL+6EOYyRU5Bwz9fF5NgaIXKqBXAQ==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-keytable ">=2.7.0"
+    jquery ">=1.7"
+
+datatables.net-keytable@>=2.7.0:
+  version "2.8.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable/-/datatables.net-keytable-2.8.0.tgz#aabd44fbcb5e38a0b24d43718808a4955e0e6b2c"
+  integrity sha512-fZBCdBvB1hbJko80YhWcu30WmO7Mrpa2N9b9C8HOcbYjDGP8R3lkswtZj+RopQdFqh42cFn+/jXC9lC+xOWEtA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-plugins@^1.13.1:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.13.1.tgz#0ed233404fa3511bf46db7db8742b9fad6fd90a9"
+  integrity sha512-4UpaRl7ZiTmStjV1QTB3x9V0EKmgdMvF7Ms+HzZ6gSzv33kPrL9Cw76/Uxxl02Z+ajergobvfMN64ndlZ9AXzA==
+
+datatables.net-responsive-bs4@^2.2.9:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-responsive-bs4/-/datatables.net-responsive-bs4-2.4.0.tgz#4f4b3bc09a1f403baf9153067a49d9de66ad6f39"
+  integrity sha512-zCAxwcuaLneJd3Yy1eKZU3wksIj4IFvcaQEXrFeVBgsl6iH3H+uqW9apwdadDL8agsBHdsln08qYjkz8bYY7Bg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-responsive ">=2.3.0"
+    jquery ">=1.7"
+
+datatables.net-responsive@>=2.3.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-responsive/-/datatables.net-responsive-2.4.0.tgz#91658679483e3ef6cda8b9bc5c1b7eff076a8e70"
+  integrity sha512-Acws4aEPJZX/+CQsXpuDBHfrwgl3XxWEc/zlsnJCXE/GGbqjVAtQt7SM6EBcdReMv1FbyWUlF/Uw+de11NT46A==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-rowgroup-bs4@^1.1.4:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup-bs4/-/datatables.net-rowgroup-bs4-1.3.0.tgz#6ce865f6235df12989a07562e636e9065d3a2150"
+  integrity sha512-qw4PwsFgVNKazimL/ixYP9NGzsEgZtt1VQfFK/r+JF1uoV7/vVvG7qK/B+wFRAdTAXL+9v6uKlJ/8RI7bPAbvg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-rowgroup ">=1.2.0"
+    jquery ">=1.7"
+
+datatables.net-rowgroup@>=1.2.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup/-/datatables.net-rowgroup-1.3.0.tgz#3b330f0226e84054fd25684de9ceb3eeb6ee7f5d"
+  integrity sha512-kLzYxvMmy8wmISksXvHBbZrv0wD7hlmp8NaiZQ6rFMwbTIoMt9YzOA+tpKDZiw3MOnku44QAOBXdPtXwxjE0JA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-rowreorder-bs4@^1.2.8:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder-bs4/-/datatables.net-rowreorder-bs4-1.3.1.tgz#1ceaabb5d8b8b45b92f81531eeece3c6649439d9"
+  integrity sha512-wrprtbvyEG0Cg78NbG2pSjTo6KhoEAiI5LmsELv0e6zK4EXOUk+EVatrFaYwK1LARVVSFznpIvPAskZpsV2wBA==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-rowreorder ">=1.2.8"
+    jquery ">=1.7"
+
+datatables.net-rowreorder@>=1.2.8:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder/-/datatables.net-rowreorder-1.3.1.tgz#a745927bdd27412005ce6a38f88cf1e08380951c"
+  integrity sha512-HZXlyZOdm0riGm7MZK61RapBZUimooKL1GuVu7xuJE0Rpv3/1RasdMzWV3hfkUVKNKBhvEAD06SYI/kXxqABaw==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-scroller-bs4@^2.0.5:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-scroller-bs4/-/datatables.net-scroller-bs4-2.1.0.tgz#06c2850856340b88c5fb49294d45f83779a57a82"
+  integrity sha512-xZa2rhZjKbk1ebPQBrY6pqQRdc8/JTuAzzqhQjU7hDKwQqRyQ6WJuVjdJxJ6MHkB2fFVdj7v9H3VCvUJOuXTEQ==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-scroller ">=2.0.7"
+    jquery ">=1.7"
+
+datatables.net-scroller@>=2.0.7:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-scroller/-/datatables.net-scroller-2.1.0.tgz#0a96896bfa6f5f4f4266e41b652194cb9fdf2414"
+  integrity sha512-B/MxP8YPcFtoa1cexvlcK0PXQdzy6tz+HhQlyjNpRCoRc/8ZM5VcZg+ecYfP/pRBBXZORgkOJjWYkIdoChhE0w==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-searchbuilder-bs4@^1.3.1:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder-bs4/-/datatables.net-searchbuilder-bs4-1.4.0.tgz#24b98014e5de62b7e52d12169c986e28d341deb8"
+  integrity sha512-iEjhIkKLKoVD7wGWEVNSfpQaqBx+SXbiDTmH3t39h5hNWpYqoLtwEy/PhtaSdaF+hIhlrhcB4y8qHr/mW7KlSw==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-searchbuilder ">=1.3.4"
+    jquery ">=1.7"
 
-domhelper@~0.9.0:
-  version "0.9.1"
-  resolved "https://registry.yarnpkg.com/domhelper/-/domhelper-0.9.1.tgz#26554e5bac2c9e9585dca500978df5067d64bd00"
+datatables.net-searchbuilder@>=1.3.4:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder/-/datatables.net-searchbuilder-1.4.0.tgz#8eba2bac0ac702733c080d6dee0a5d6ae8181d4f"
+  integrity sha512-I6+a5EebX6uYFlWmc7TAk1oQvlfoGZqyLgdN4H9Rm6fL5VZv6SvWQ7y2+W9ebshMD0smKdtp8pedYc8PIh80kg==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-searchpanes-bs4@^1.4.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes-bs4/-/datatables.net-searchpanes-bs4-1.4.0.tgz#efe09f8093fabd5ef311467eac198480873fb9bd"
+  integrity sha512-Floxzmw2cQkUQdI7Vv4IWtLqLmwPrmY6MPncbEWq4YvkSeaZW7OHzSmZLLUjMn2P6Huvz59WUVcwL0lSDui6GQ==
   dependencies:
-    browserify ">=3.46.0"
-    classie ">=0.0.1"
-    util-extend "^1.0.1"
+    datatables.net-bs4 ">=1.10.25"
+    datatables.net-searchpanes ">=1.3.0"
+    jquery ">=1.7"
 
-duplexer2@^0.1.2, duplexer2@~0.1.0, duplexer2@~0.1.2:
+datatables.net-searchpanes@>=1.3.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes/-/datatables.net-searchpanes-2.1.0.tgz#e67fa2e8ce452a8c6fcebc69cddb101cf4208cf2"
+  integrity sha512-MA5rvXxqqCI0wBcAjrA0Bpp7QynWsjfpH2ZlhiTrBjsilYfn5oGPSSwsJxLO7unolmnhm+iuqethlWNyo9TC6Q==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-select-bs4@^1.3.4:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select-bs4/-/datatables.net-select-bs4-1.5.0.tgz#a4514dd49ea67c525c2083ef455c552a010ea6cb"
+  integrity sha512-x70tepWUQKDYFHejk2o1zR4HBqH7Idz4cMTemdeM8oT7lmRnGb9gbiUoYMgwc5h2S2jkDYeIkvQWWMsI17shCg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-select ">=1.4.0"
+    jquery ">=1.7"
+
+datatables.net-select@>=1.4.0:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select/-/datatables.net-select-1.5.0.tgz#e118438ad98e4857060d6dd66cb0fab215a54fda"
+  integrity sha512-PVYcX5phmu77r3a6miTyS1zF03cgX7Mx+BXH4wCJzZW+UHe2Xz9DAHgxvLQfE7j2M8LG45Ww7RxBhnkFKk1t7A==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net@>=1.12.1, datatables.net@^1.11.4:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.13.1.tgz#199f7cb63f4536c135e161f95254212835a1c130"
+  integrity sha512-cX5dDHsbVdLLYKsWOSE0MvuGUcV88zU5dZ/taK2puJV6F9Fw0CFsP3+U/kr+qpDSFOBLWISRyM4Q9wWWovPTNg==
+  dependencies:
+    jquery ">=1.7"
+
+daterangepicker@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/daterangepicker/-/daterangepicker-3.1.0.tgz#718d606614331df3e774c9aba82ccd8838d45da1"
+  integrity sha512-DxWXvvPq4srWLCqFugqSV+6CBt/CvQ0dnpXhQ3gl0autcIDAruG1PuGG3gC7yPRNytAD1oU1AcUOzaYhOawhTw==
+  dependencies:
+    jquery ">=1.10"
+    moment "^2.9.0"
+
+deep-equal@^1.0.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.1.1.tgz#b5c98c942ceffaf7cb051e24e1434a25a2e6076a"
+  integrity sha512-yd9c5AdiqVcR+JjcwUQb9DkhJc8ngNr0MahEBGvDiJw8puWab2yZlh+nkasOnZP+EGTAP6rRp2JzJhJZzvNF8g==
+  dependencies:
+    is-arguments "^1.0.4"
+    is-date-object "^1.0.1"
+    is-regex "^1.0.4"
+    object-is "^1.0.1"
+    object-keys "^1.1.1"
+    regexp.prototype.flags "^1.2.0"
+
+deep-is@~0.1.3:
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831"
+  integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==
+
+define-properties@^1.1.3:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1"
+  integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA==
+  dependencies:
+    has-property-descriptors "^1.0.0"
+    object-keys "^1.1.1"
+
+dfa@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/dfa/-/dfa-1.2.0.tgz#96ac3204e2d29c49ea5b57af8d92c2ae12790657"
+  integrity sha512-ED3jP8saaweFTjeGX8HQPjeC1YYyZs98jGNZx6IiBvxW7JG5v492kamAQB3m2wop07CvU/RQmzcKr6bgcC5D/Q==
+
+dropzone@^5.9.3:
+  version "5.9.3"
+  resolved "https://registry.yarnpkg.com/dropzone/-/dropzone-5.9.3.tgz#b3070ae090fa48cbc04c17535635537ca72d70d6"
+  integrity sha512-Azk8kD/2/nJIuVPK+zQ9sjKMRIpRvNyqn9XwbBHNq+iNuSccbJS6hwm1Woy0pMST0erSo0u4j+KJaodndDk4vA==
+
+duplexer2@~0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"
+  integrity sha512-asLFVfWWtJ90ZyOUHMqk7/S2w2guQKxUI2itj3d92ADHhxUSbCMGi1f1cBcJ7xM1To+pE/Khbwo1yuNbMEPKeA==
   dependencies:
     readable-stream "^2.0.2"
 
-elliptic@^6.0.0:
-  version "6.5.4"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb"
-  integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
+ekko-lightbox@^5.3.0:
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/ekko-lightbox/-/ekko-lightbox-5.3.0.tgz#fbfcd9df93a8d1cdbf8770adc8c05aaac4d24f56"
+  integrity sha512-mbacwySuVD3Ad6F2hTkjSTvJt59bcVv2l/TmBerp4xZnLak8tPtA4AScUn4DL42c1ksTiAO6sGhJZ52P/1Qgew==
+
+es5-ext@^0.10.35, es5-ext@^0.10.50, es5-ext@^0.10.62, es5-ext@~0.10.14:
+  version "0.10.62"
+  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5"
+  integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA==
+  dependencies:
+    es6-iterator "^2.0.3"
+    es6-symbol "^3.1.3"
+    next-tick "^1.1.0"
+
+es6-iterator@^2.0.3, es6-iterator@~2.0.1, es6-iterator@~2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.3.tgz#a7de889141a05a94b0854403b2d0a0fbfa98f3b7"
+  integrity sha512-zw4SRzoUkd+cl+ZoE15A9o1oQd920Bb0iOJMQkQhl3jNc03YqVjAhG7scf9C5KWRU/R13Orf588uCC6525o02g==
+  dependencies:
+    d "1"
+    es5-ext "^0.10.35"
+    es6-symbol "^3.1.1"
+
+es6-map@^0.1.5:
+  version "0.1.5"
+  resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0"
+  integrity sha512-mz3UqCh0uPCIqsw1SSAkB/p0rOzF/M0V++vyN7JqlPtSW/VsYgQBvVvqMLmfBuyMzTpLnNqi6JmcSizs4jy19A==
+  dependencies:
+    d "1"
+    es5-ext "~0.10.14"
+    es6-iterator "~2.0.1"
+    es6-set "~0.1.5"
+    es6-symbol "~3.1.1"
+    event-emitter "~0.3.5"
+
+es6-set@^0.1.5, es6-set@~0.1.5:
+  version "0.1.6"
+  resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.6.tgz#5669e3b2aa01d61a50ba79964f733673574983b8"
+  integrity sha512-TE3LgGLDIBX332jq3ypv6bcOpkLO0AslAQo7p2VqX/1N46YNsvIWgvjojjSEnWEGWMhr1qUbYeTSir5J6mFHOw==
+  dependencies:
+    d "^1.0.1"
+    es5-ext "^0.10.62"
+    es6-iterator "~2.0.3"
+    es6-symbol "^3.1.3"
+    event-emitter "^0.3.5"
+    type "^2.7.2"
+
+es6-symbol@^3.1.1, es6-symbol@^3.1.3, es6-symbol@~3.1.1:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"
+  integrity sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==
+  dependencies:
+    d "^1.0.1"
+    ext "^1.1.2"
+
+escodegen@^1.11.1:
+  version "1.14.3"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.14.3.tgz#4e7b81fba61581dc97582ed78cab7f0e8d63f503"
+  integrity sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw==
+  dependencies:
+    esprima "^4.0.1"
+    estraverse "^4.2.0"
+    esutils "^2.0.2"
+    optionator "^0.8.1"
+  optionalDependencies:
+    source-map "~0.6.1"
+
+escodegen@~1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.2.0.tgz#09de7967791cc958b7f89a2ddb6d23451af327e1"
+  integrity sha512-yLy3Cc+zAC0WSmoT2fig3J87TpQ8UaZGx8ahCAs9FL8qNbyV7CVyPKS74DG4bsHiL5ew9sxdYx131OkBQMFnvA==
   dependencies:
-    bn.js "^4.11.9"
-    brorand "^1.1.0"
-    hash.js "^1.0.0"
-    hmac-drbg "^1.0.1"
-    inherits "^2.0.4"
-    minimalistic-assert "^1.0.1"
-    minimalistic-crypto-utils "^1.0.1"
+    esprima "~1.0.4"
+    estraverse "~1.5.0"
+    esutils "~1.0.0"
+  optionalDependencies:
+    source-map "~0.1.30"
+
+esprima@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71"
+  integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==
+
+esprima@~1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-1.0.4.tgz#9f557e08fc3b4d26ece9dd34f8fbf476b62585ad"
+  integrity sha512-rp5dMKN8zEs9dfi9g0X1ClLmV//WRyk/R15mppFNICIFRG5P92VP7Z04p8pk++gABo9W2tY+kHyu6P1mEHgmTA==
+
+estraverse@^4.2.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.3.0.tgz#398ad3f3c5a24948be7725e83d11a7de28cdbd1d"
+  integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==
+
+estraverse@~1.5.0:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.5.1.tgz#867a3e8e58a9f84618afb6c2ddbcd916b7cbaf71"
+  integrity sha512-FpCjJDfmo3vsc/1zKSeqR5k42tcIhxFIlvq+h9j0fO2q/h2uLKyweq7rYJ+0CoVvrGQOxIS5wyBrW/+vF58BUQ==
+
+estree-is-function@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/estree-is-function/-/estree-is-function-1.0.0.tgz#c0adc29806d7f18a74db7df0f3b2666702e37ad2"
+  integrity sha512-nSCWn1jkSq2QAtkaVLJZY2ezwcFO161HVc174zL1KPW3RJ+O6C3eJb8Nx7OXzvhoEv+nLgSR1g71oWUHUDTrJA==
+
+esutils@^2.0.2:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
+  integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
+
+esutils@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/esutils/-/esutils-1.0.0.tgz#8151d358e20c8acc7fb745e7472c0025fe496570"
+  integrity sha512-x/iYH53X3quDwfHRz4y8rn4XcEwwCJeWsul9pF1zldMbGtgOtMNBEOuYWwB1EQlK2LRa1fev3YAgym/RElp5Cg==
+
+ev-emitter@^1.0.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/ev-emitter/-/ev-emitter-1.1.1.tgz#8f18b0ce5c76a5d18017f71c0a795c65b9138f2a"
+  integrity sha512-ipiDYhdQSCZ4hSbX4rMW+XzNKMD1prg/sTvoVmSLkuQ1MVlwjJQQA+sW8tMYR3BLUr9KjodFV4pvzunvRhd33Q==
 
 eve-raphael@0.5.0:
   version "0.5.0"
   resolved "https://registry.yarnpkg.com/eve-raphael/-/eve-raphael-0.5.0.tgz#17c754b792beef3fa6684d79cf5a47c63c4cda30"
 
-events@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/events/-/events-2.1.0.tgz#2a9a1e18e6106e0e812aa9ebd4a819b3c29c0ba5"
+event-emitter@^0.3.5, event-emitter@~0.3.5:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39"
+  integrity sha512-D9rRn9y7kLPnJ+hMq7S/nhvoKwwvVJahBi2BPmx3bvbsEdK3W9ii8cBSGjP+72/LnM4n6fo3+dkCX5FeTQruXA==
+  dependencies:
+    d "1"
+    es5-ext "~0.10.14"
 
-evp_bytestokey@^1.0.0, evp_bytestokey@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz#7fcbdb198dc71959432efe13842684e0525acb02"
+ext@^1.1.2:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/ext/-/ext-1.7.0.tgz#0ea4383c0103d60e70be99e9a7f11027a33c4f5f"
+  integrity sha512-6hxeJYaL110a9b5TEJSj0gojyHQAmA2ch5Os+ySCiA1QGdS697XWY1pzsrSjqA9LDEEgdB/KypIlR59RcLuHYw==
   dependencies:
-    md5.js "^1.3.4"
-    safe-buffer "^5.1.1"
+    type "^2.7.2"
+
+fast-levenshtein@~2.0.6:
+  version "2.0.6"
+  resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
+  integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
+
+fast-memoize@^2.5.1:
+  version "2.5.2"
+  resolved "https://registry.yarnpkg.com/fast-memoize/-/fast-memoize-2.5.2.tgz#79e3bb6a4ec867ea40ba0e7146816f6cdce9b57e"
+  integrity sha512-Ue0LwpDYErFbmNnZSF0UH6eImUwDmogUO1jyE+JbN2gsQz/jICm1Ve7t9QT0rNSsfJt+Hs4/S3GnsDVjL4HVrw==
 
 fastclick@^1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/fastclick/-/fastclick-1.0.6.tgz#161625b27b1a5806405936bda9a2c1926d06be6a"
 
-flot@^0.8.3:
-  version "0.8.3"
-  resolved "https://registry.yarnpkg.com/flot/-/flot-0.8.3.tgz#6d9b93c7aa2cfb30dfa1af9c1ec4c94070b1217f"
-  integrity sha512-xg2otcTJDvS+ERK+my4wxG/ASq90QURXtoM4LhacCq0jQW2jbyjdttbRNqU2cPykrpMvJ6b2uSp6SAgYAzj9tQ==
+filterizr@^2.2.4:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/filterizr/-/filterizr-2.2.4.tgz#02fd75cffd46ef7acc85f55e132064650ae90a14"
+  integrity sha512-hqyEdg7RrvJMVFOeF0yysS75HP6jLu0wBSUtSPAc3BysAtHpwcXaPnR1kYp2uZtd3YXyhH6JRfF9+H4SRvrqXg==
+  dependencies:
+    fast-memoize "^2.5.1"
+    imagesloaded "^4.1.4"
 
-font-awesome@^4.7.0:
-  version "4.7.0"
-  resolved "https://registry.yarnpkg.com/font-awesome/-/font-awesome-4.7.0.tgz#8fa8cf0411a1a31afd07b06d2902bb9fc815a133"
+flag-icon-css@^4.1.7:
+  version "4.1.7"
+  resolved "https://registry.yarnpkg.com/flag-icon-css/-/flag-icon-css-4.1.7.tgz#5471197f9ab965a3603b3e0face31dd513fec289"
+  integrity sha512-AFjSU+fv98XbU0vnTQ32vcLj89UEr1MhwDFcooQv14qWJCjg9fGZzfh9BVyDhAhIOZW/pGmJmq38RqpgPaeybQ==
 
-fs.realpath@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
+flot@^4.2.2:
+  version "4.2.3"
+  resolved "https://registry.yarnpkg.com/flot/-/flot-4.2.3.tgz#d327be738a06b6617deeaf346bcbfe0ee5242e48"
+  integrity sha512-r1t2gfhILE6dt7cnYDHX/D2VHERyD0YoV0UdFJg5dWbjkcu05MugfhNY7VspfBFTa+hjVNYVZw6/t9ZyYNen+w==
 
-fullcalendar@^3.10.0:
-  version "3.10.0"
-  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-3.10.0.tgz#cc5e87d518fd6550e142816a31dd191664847919"
-  integrity sha512-0OtsHhmdYhtFmQwXzyo8VqHzYgamg+zVOoytv5N13gI+iF6CGjevpCi/yBaQs0O4wY3OAp8I688IxdNYe0iAvw==
+fs-extra@^10.0.0:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf"
+  integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==
+  dependencies:
+    graceful-fs "^4.2.0"
+    jsonfile "^6.0.1"
+    universalify "^2.0.0"
+
+fullcalendar@^5.10.1:
+  version "5.11.4"
+  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-5.11.4.tgz#a4d218fa1d4617a67ee69d0bc7a99f6f96b90658"
+  integrity sha512-1TH40KkWFVlZBpqJ/eB69E7nPABleA0skoc7pTIXJNNNYyUuKPjiJg+TSMunjJ9faPLzvbvfCdgttGZnynPA3Q==
 
 function-bind@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
 
-glob@^7.1.0:
-  version "7.1.2"
-  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15"
-  dependencies:
-    fs.realpath "^1.0.0"
-    inflight "^1.0.4"
-    inherits "2"
-    minimatch "^3.0.4"
-    once "^1.3.0"
-    path-is-absolute "^1.0.0"
+functions-have-names@^1.2.2:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/functions-have-names/-/functions-have-names-1.2.3.tgz#0404fe4ee2ba2f607f0e0ec3c80bae994133b834"
+  integrity sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==
 
-has@^1.0.0:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+get-assigned-identifiers@^1.1.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/get-assigned-identifiers/-/get-assigned-identifiers-1.2.0.tgz#6dbf411de648cbaf8d9169ebb0d2d576191e2ff1"
+  integrity sha512-mBBwmeGTrxEMO4pMaaf/uUEFHnYtwr8FTe8Y/mer4rcV/bye0qGm6pw1bGZFGStxC5O76c5ZAVBGnqHmOaJpdQ==
+
+get-intrinsic@^1.0.2, get-intrinsic@^1.1.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.0.tgz#7ad1dc0535f3a2904bba075772763e5051f6d05f"
+  integrity sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q==
   dependencies:
     function-bind "^1.1.1"
+    has "^1.0.3"
+    has-symbols "^1.0.3"
 
-hash-base@^3.0.0:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.0.4.tgz#5fc8686847ecd73499403319a6b0a3f3f6ae4918"
-  dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+graceful-fs@^4.1.6, graceful-fs@^4.2.0:
+  version "4.2.10"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c"
+  integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==
 
-hash.js@^1.0.0, hash.js@^1.0.3:
-  version "1.1.7"
-  resolved "https://registry.yarnpkg.com/hash.js/-/hash.js-1.1.7.tgz#0babca538e8d4ee4a0f8988d68866537a003cf42"
-  integrity sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==
+has-property-descriptors@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz#610708600606d36961ed04c196193b6a607fa861"
+  integrity sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ==
   dependencies:
-    inherits "^2.0.3"
-    minimalistic-assert "^1.0.1"
+    get-intrinsic "^1.1.1"
 
-hmac-drbg@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
-  integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=
+has-symbols@^1.0.2, has-symbols@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8"
+  integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==
+
+has-tostringtag@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.0.tgz#7e133818a7d394734f941e73c3d3f9291e658b25"
+  integrity sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==
   dependencies:
-    hash.js "^1.0.3"
-    minimalistic-assert "^1.0.0"
-    minimalistic-crypto-utils "^1.0.1"
+    has-symbols "^1.0.2"
 
-htmlescape@^1.1.0:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351"
+has@^1.0.1, has@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+  integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+  dependencies:
+    function-bind "^1.1.1"
 
-https-browserify@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
+icheck-bootstrap@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/icheck-bootstrap/-/icheck-bootstrap-3.0.1.tgz#60c9c9a71524e1d9dd5bd05167a62fef05cc3a1b"
+  integrity sha512-Rj3SybdcMcayhsP4IJ+hmCNgCKclaFcs/5zwCuLXH1WMo468NegjhZVxbSNKhEjJjnwc4gKETogUmPYSQ9lEZQ==
 
 icheck@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/icheck/-/icheck-1.0.2.tgz#06d08da3d47ae448c153b2639b86e9ad7fdf7128"
 
-ieee754@^1.1.4:
-  version "1.1.12"
-  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.12.tgz#50bf24e5b9c8bb98af4964c941cdb0918da7b60b"
+iconv-lite@^0.6.3:
+  version "0.6.3"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
+  integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3.0.0"
 
-inflight@^1.0.4:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9"
+imagesloaded@^4.1.4:
+  version "4.1.4"
+  resolved "https://registry.yarnpkg.com/imagesloaded/-/imagesloaded-4.1.4.tgz#1376efcd162bb768c34c3727ac89cc04051f3cc7"
+  integrity sha512-ltiBVcYpc/TYTF5nolkMNsnREHW+ICvfQ3Yla2Sgr71YFwQ86bDwV9hgpFhFtrGPuwEx5+LqOHIrdXBdoWwwsA==
   dependencies:
-    once "^1.3.0"
-    wrappy "1"
+    ev-emitter "^1.0.0"
+
+immediate@~3.0.5:
+  version "3.0.6"
+  resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b"
+  integrity sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==
 
-inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3:
+inherits@^2.0.3, inherits@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
 
-inherits@2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1"
+inputmask@^5.0.7:
+  version "5.0.7"
+  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-5.0.7.tgz#b04d5d4e1c85018893c3c8edb1a9f074b051007f"
+  integrity sha512-rUxbRDS25KEib+c/Ow+K01oprU/+EK9t9SOPC8ov94/ftULGDqj1zOgRU/Hko6uzoKRMdwCfuhAafJ/Wk2wffQ==
 
-inherits@2.0.3:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
+ion-rangeslider@^2.3.1:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.1.tgz#92ade52cb56fc30b9162d0483ff02b6f9ed237c2"
+  integrity sha512-6V+24FD13/feliI485gnRHZYD9Ev64M5NAFTxnVib516ATHa9PlXQrC+nOiPngouRYTCLPJyokAJEi3e1Umi5g==
 
-inline-source-map@~0.6.0:
-  version "0.6.2"
-  resolved "https://registry.yarnpkg.com/inline-source-map/-/inline-source-map-0.6.2.tgz#f9393471c18a79d1724f863fa38b586370ade2a5"
+ionicons@^6.1.1:
+  version "6.1.1"
+  resolved "https://registry.yarnpkg.com/ionicons/-/ionicons-6.1.1.tgz#4c24c29aaf9ec235d741e7fe692e47ea814b1a7d"
+  integrity sha512-Qe6mx25DFNwA9UL1rhewI5StI3uD4+BqB2KdvLjyWhtvoUXwyAsmfHLZuDANAHQowIKtTt6BZCt5/g5NIQ635Q==
   dependencies:
-    source-map "~0.5.3"
-
-inputmask@^3.3.7:
-  version "3.3.11"
-  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-3.3.11.tgz#1421c94ae28c3dcd1b4d26337b508bb34998e2d8"
+    "@stencil/core" "^2.18.0"
 
-insert-module-globals@^7.0.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/insert-module-globals/-/insert-module-globals-7.1.0.tgz#dbb3cea71d3a43d5a07ef0310fe5f078aa4dbf35"
+is-arguments@^1.0.4:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/is-arguments/-/is-arguments-1.1.1.tgz#15b3f88fda01f2a97fec84ca761a560f123efa9b"
+  integrity sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==
   dependencies:
-    JSONStream "^1.0.3"
-    combine-source-map "^0.8.0"
-    concat-stream "^1.6.1"
-    is-buffer "^1.1.0"
-    lexical-scope "^1.2.0"
-    path-is-absolute "^1.0.1"
-    process "~0.11.0"
-    through2 "^2.0.0"
-    xtend "^4.0.0"
+    call-bind "^1.0.2"
+    has-tostringtag "^1.0.0"
 
-ion-rangeslider@^2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.0.tgz#7957ce2e78acfc956b8c43009373da91f743347e"
-  integrity sha512-7TtH9/X4Aq/xCzboWxjwlv20gVqR90Ysc3aehMlTuH2/ULaSxpB80hq+yvD1N0FwWbPDtxQpjQrz/iX+LWXKmg==
+is-core-module@^2.9.0:
+  version "2.11.0"
+  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.11.0.tgz#ad4cb3e3863e814523c96f3f58d26cc570ff0144"
+  integrity sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==
   dependencies:
-    jquery ">=1.8"
+    has "^1.0.3"
 
-ionicons@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/ionicons/-/ionicons-3.0.0.tgz#40b8daf4fd7a31150bd002160f66496e22a98c3c"
-
-is-buffer@^1.1.0:
-  version "1.1.6"
-  resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
+is-date-object@^1.0.1:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/is-date-object/-/is-date-object-1.0.5.tgz#0841d5536e724c25597bf6ea62e1bd38298df31f"
+  integrity sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==
+  dependencies:
+    has-tostringtag "^1.0.0"
 
-isarray@^2.0.4:
-  version "2.0.4"
-  resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.4.tgz#38e7bcbb0f3ba1b7933c86ba1894ddfc3781bbb7"
+is-regex@^1.0.4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958"
+  integrity sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==
+  dependencies:
+    call-bind "^1.0.2"
+    has-tostringtag "^1.0.0"
 
 isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
 
-jquery-knob@^1.2.11:
-  version "1.2.11"
-  resolved "https://registry.yarnpkg.com/jquery-knob/-/jquery-knob-1.2.11.tgz#f37c39dbc1c7a6a6c12cdb2ed4f6bffb683f10d6"
+jquery-knob-chif@^1.2.13:
+  version "1.2.13"
+  resolved "https://registry.yarnpkg.com/jquery-knob-chif/-/jquery-knob-chif-1.2.13.tgz#5f1e462ef3745d27a9fd66ce1141fe82b44a5762"
+  integrity sha512-dveq9MZCr68bRrsziuRusKS+/ciT1yOOHdENOSTcXVRM9MsEyCK/DjqR9nc7V3on41269PFdDE2Fuib8Cw4jAA==
 
-jquery-mousewheel@~3.1.13:
+jquery-mapael@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/jquery-mapael/-/jquery-mapael-2.2.0.tgz#a68850c680ef0ce3f8b865e8a48b2a018250ca73"
+  integrity sha512-B5cVcCkfs7Ezia1Zs8bEfVacYD/GvaASyqQeidApR/NJ1C4igcExk9VULVsgLcTPkxohcZrrz5uCaPXvuKeZWw==
+  dependencies:
+    jquery "^3.0 || ^2.0 || ^1.0"
+    raphael "^2.2.0 || ^2.1.1"
+  optionalDependencies:
+    jquery-mousewheel "^3.1"
+
+jquery-mousewheel@^3.1, jquery-mousewheel@^3.1.13:
   version "3.1.13"
   resolved "https://registry.yarnpkg.com/jquery-mousewheel/-/jquery-mousewheel-3.1.13.tgz#06f0335f16e353a695e7206bf50503cb523a6ee5"
+  integrity sha512-GXhSjfOPyDemM005YCEHvzrEALhKDIswtxSHSR2e4K/suHVJKJxxRCGz3skPjNxjJjQa9AVSGGlYjv1M3VLIPg==
 
 jquery-slimscroll@^1.3.8:
   version "1.3.8"
@@ -672,18 +1011,20 @@ jquery-slimscroll@^1.3.8:
 jquery-sparkline@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery-sparkline/-/jquery-sparkline-2.4.0.tgz#1be8b7b704dd3857152708aefb1d4a4b3a69fb33"
+  integrity sha512-SzjpMkOwlnqZpH4Ni2UbdRU5GxDl/BljgN8Smlun7CXUDqRhjPf2eolJ37KKcaG0/ufsMKY+XDERfPTV1hIcjg==
 
-jquery-ui-dist@^1.12.1:
-  version "1.12.1"
-  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.12.1.tgz#5c0815d3cc6f90ff5faaf5b268a6e23b4ca904fa"
-
-jquery-ui@^1.12.1:
-  version "1.13.0"
-  resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.13.0.tgz#ab5ac65f37ca093c51b3478c4097f55bbc008f36"
-  integrity sha512-Osf7ECXNTYHtKBkn9xzbIf9kifNrBhfywFEKxOeB/OVctVmLlouV9mfc2qXCp6uyO4Pn72PXKOnj09qXetopCw==
+jquery-ui-dist@^1.13.0, jquery-ui-dist@^1.13.2:
+  version "1.13.2"
+  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.13.2.tgz#899fbb3c6210de19ace10657cf844a3b97f3be70"
+  integrity sha512-oVDRd1NLtTbBwpRKAYdIRgpWVDzeBhfy7Gu0RmY6JEaZtmBq6kDn1pm5SgDiAotrnDS+RoTRXO6xvcNTxA9tOA==
   dependencies:
     jquery ">=1.8.0 <4.0.0"
 
+jquery-validation@^1.19.3:
+  version "1.19.5"
+  resolved "https://registry.yarnpkg.com/jquery-validation/-/jquery-validation-1.19.5.tgz#557495b7cad79716897057c4447ad3cd76fda811"
+  integrity sha512-X2SmnPq1mRiDecVYL8edWx+yTBZDyC8ohWXFhXdtqFHgU9Wd4KHkvcbCoIZ0JaSaumzS8s2gXSkP8F7ivg/8ZQ==
+
 jquery.quicksearch@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery.quicksearch/-/jquery.quicksearch-2.4.0.tgz#240c9f435e936c63bf8fbba355144ffdddf9ea26"
@@ -691,258 +1032,212 @@ jquery.quicksearch@^2.4.0:
   dependencies:
     jquery ">=1.8"
 
-"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.5, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0", jquery@^3.2.1:
+"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0":
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.0.tgz#c72a09f15c1bdce142f49dbf1170bdf8adac2470"
   integrity sha512-JVzAR/AjBvVt2BmYhxRCSYysDsPcssdmTFnzyLEts9qNwmjmu4JTAMYubEfwVOSwpQ1I1sKKFcxhZCI2buerfw==
 
-json-stable-stringify@~0.0.0:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-0.0.1.tgz#611c23e814db375527df851193db59dd2af27f45"
-  dependencies:
-    jsonify "~0.0.0"
+jquery@>=1.12.0, jquery@>=2.2, "jquery@^3.0 || ^2.0 || ^1.0", jquery@^3.4.0, jquery@^3.6.0:
+  version "3.6.3"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6"
+  integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg==
 
-jsonify@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73"
+jqvmap-novulnerability@^1.5.1:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/jqvmap-novulnerability/-/jqvmap-novulnerability-1.5.1.tgz#140c42623ebbe9b9076ea2dd3b8d155fe9f38ae7"
+  integrity sha512-O6Jr7AGiut9iNJMelPdy8pH83tNXadOqmhJm5FZy9gtaZ5uuhZK3VNu+YLFuTpXeZI8YXUvlFUYbJJi5XHA+tw==
+  dependencies:
+    jquery "^3.4.0"
 
-jsonparse@^1.2.0:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
+jsgrid@^1.5.3:
+  version "1.5.3"
+  resolved "https://registry.yarnpkg.com/jsgrid/-/jsgrid-1.5.3.tgz#b15fc426483153bee2b6b567312f675d92834a0d"
+  integrity sha512-/BJgQp7gZe8o/VgNelwXc21jHc9HN+l7WPOkBhC9b9jPXFtOrU9ftNLPVBmKYCNlIulAbGTW8SDJI0mpw7uWxQ==
 
-jtimeout@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.1.0.tgz#4cd65b28eff8b9f8c61d08889a9ac3abdf5d9893"
-  integrity sha512-xA2TlImMGj4c0yAiM9BUq+8aAFVYVYUX2tkcC8u8das9qoZSs13SxhVcfWqI4cHOsv3huj2D0VRNHeVCLO3mVQ==
+jsonfile@^6.0.1:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae"
+  integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==
   dependencies:
-    jquery ">=1.7.1 <4.0.0"
+    universalify "^2.0.0"
+  optionalDependencies:
+    graceful-fs "^4.1.6"
 
-jvectormap@^1.2.2:
-  version "1.2.2"
-  resolved "https://registry.yarnpkg.com/jvectormap/-/jvectormap-1.2.2.tgz#2e4408b24a60473ff106c1e7243e375ae5ca85da"
+jszip@^3.7.1:
+  version "3.10.1"
+  resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.10.1.tgz#34aee70eb18ea1faec2f589208a157d1feb091c2"
+  integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g==
   dependencies:
-    jquery ">=1.5"
+    lie "~3.3.0"
+    pako "~1.0.2"
+    readable-stream "~2.3.6"
+    setimmediate "^1.0.5"
 
-labeled-stream-splicer@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/labeled-stream-splicer/-/labeled-stream-splicer-2.0.1.tgz#9cffa32fd99e1612fd1d86a8db962416d5292926"
+jtimeout@^3.2.0:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.2.0.tgz#a27dd31652b7a97d4877674a2e9a25551c60d6ba"
+  integrity sha512-P/cEhmgr8P2Vd3V79uUk6pHAHpMSe+Px7B+mGEir4aZW3/J6C09uH97aAEXVpjqb9i9vHnUyIp7k0UoA+Hy0eg==
   dependencies:
-    inherits "^2.0.1"
-    isarray "^2.0.4"
-    stream-splicer "^2.0.0"
+    jquery ">=1.7.1 <4.0.0"
 
-lexical-scope@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/lexical-scope/-/lexical-scope-1.2.0.tgz#fcea5edc704a4b3a8796cdca419c3a0afaf22df4"
+levn@~0.3.0:
+  version "0.3.0"
+  resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee"
+  integrity sha512-0OO4y2iOHix2W6ujICbKIaEQXvFQHue65vUG3pb5EUomzPI90z9hsA1VsO/dbIIpC53J8gxM9Q4Oho0jrCM/yA==
   dependencies:
-    astw "^2.0.0"
+    prelude-ls "~1.1.2"
+    type-check "~0.3.2"
 
-lodash.memoize@~3.0.3:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-3.0.4.tgz#2dcbd2c287cbc0a55cc42328bd0c736150d53e3f"
-
-md5.js@^1.3.4:
-  version "1.3.4"
-  resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.4.tgz#e9bdbde94a20a5ac18b04340fc5764d5b09d901d"
+lie@~3.3.0:
+  version "3.3.0"
+  resolved "https://registry.yarnpkg.com/lie/-/lie-3.3.0.tgz#dcf82dee545f46074daf200c7c1c5a08e0f40f6a"
+  integrity sha512-UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ==
   dependencies:
-    hash-base "^3.0.0"
-    inherits "^2.0.1"
+    immediate "~3.0.5"
 
-miller-rabin@^4.0.0:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
+magic-string@0.25.1:
+  version "0.25.1"
+  resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.1.tgz#b1c248b399cd7485da0fe7385c2fc7011843266e"
+  integrity sha512-sCuTz6pYom8Rlt4ISPFn6wuFodbKMIHUMv4Qko9P17dpxb7s52KJTmRuZZqHdGmLCK9AOcDare039nRIcfdkEg==
   dependencies:
-    bn.js "^4.0.0"
-    brorand "^1.0.1"
-
-minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
-  integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
+    sourcemap-codec "^1.4.1"
 
-minimalistic-crypto-utils@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
-  integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=
-
-minimatch@^3.0.4:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
+merge-source-map@1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/merge-source-map/-/merge-source-map-1.0.4.tgz#a5de46538dae84d4114cc5ea02b4772a6346701f"
+  integrity sha512-PGSmS0kfnTnMJCzJ16BLLCEe6oeYCamKFFdQKshi4BmM6FUwipjVOcBFGxqtQtirtAG4iZvHlqST9CpZKqlRjA==
   dependencies:
-    brace-expansion "^1.1.7"
-
-minimist@0.0.8:
-  version "0.0.8"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d"
+    source-map "^0.5.6"
 
-minimist@^1.1.0, minimist@^1.1.1:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
+minimist@^1.1.3:
+  version "1.2.7"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18"
+  integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==
 
-mkdirp@^0.5.0:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903"
+moment-timezone@^0.5.34:
+  version "0.5.40"
+  resolved "https://registry.yarnpkg.com/moment-timezone/-/moment-timezone-0.5.40.tgz#c148f5149fd91dd3e29bf481abc8830ecba16b89"
+  integrity sha512-tWfmNkRYmBkPJz5mr9GVDn9vRlVZOTe6yqY92rFxiOdWXbjaR0+9LwQnZGGuNR63X456NqmEkbskte8tWL5ePg==
   dependencies:
-    minimist "0.0.8"
+    moment ">= 2.9.0"
 
-module-deps@^6.0.0:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/module-deps/-/module-deps-6.1.0.tgz#d1e1efc481c6886269f7112c52c3236188e16479"
-  dependencies:
-    JSONStream "^1.0.3"
-    browser-resolve "^1.7.0"
-    cached-path-relative "^1.0.0"
-    concat-stream "~1.6.0"
-    defined "^1.0.0"
-    detective "^5.0.2"
-    duplexer2 "^0.1.2"
-    inherits "^2.0.1"
-    parents "^1.0.0"
-    readable-stream "^2.0.2"
-    resolve "^1.4.0"
-    stream-combiner2 "^1.1.1"
-    subarg "^1.0.0"
-    through2 "^2.0.0"
-    xtend "^4.0.0"
+"moment@>= 2.9.0", moment@^2.10.2, moment@^2.29.1, moment@^2.29.2:
+  version "2.29.4"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108"
+  integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==
 
-moment@^2.24.0, moment@^2.9.0:
+moment@^2.9.0:
   version "2.29.2"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
   integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
 
-morris.js@^0.5.0:
-  version "0.5.0"
-  resolved "https://registry.yarnpkg.com/morris.js/-/morris.js-0.5.0.tgz#725767135cfae059aae75999bb2ce6a1c5d1b44b"
-
 multiselect@^0.9.12:
   version "0.9.12"
   resolved "https://registry.yarnpkg.com/multiselect/-/multiselect-0.9.12.tgz#d15536e986dd6a0029b160d6613bcedf81e4c7ed"
   dependencies:
     jquery ">= 1.7.1"
 
-once@^1.3.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
-  dependencies:
-    wrappy "1"
-
-os-browserify@~0.3.0:
-  version "0.3.0"
-  resolved "https://registry.yarnpkg.com/os-browserify/-/os-browserify-0.3.0.tgz#854373c7f5c2315914fc9bfc6bd8238fdda1ec27"
-
-pace@0.0.4:
-  version "0.0.4"
-  resolved "https://registry.yarnpkg.com/pace/-/pace-0.0.4.tgz#d66405d5f5bc12d25441a6e26c878dbc69e77a77"
-  dependencies:
-    charm "~0.1.0"
-
-pako@~1.0.5:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.6.tgz#0101211baa70c4bca4a0f63f2206e97b7dfaf258"
+next-tick@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/next-tick/-/next-tick-1.1.0.tgz#1836ee30ad56d67ef281b22bd199f709449b35eb"
+  integrity sha512-CXdUiJembsNjuToQvxayPZF9Vqht7hewsvy2sOWafLvi2awflj9mOC6bHIg50orX8IJvWKY9wYQ/zB2kogPslQ==
 
-parents@^1.0.0, parents@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/parents/-/parents-1.0.1.tgz#fedd4d2bf193a77745fe71e371d73c3307d9c751"
-  dependencies:
-    path-platform "~0.11.15"
+object-inspect@^1.6.0:
+  version "1.12.3"
+  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.3.tgz#ba62dffd67ee256c8c086dfae69e016cd1f198b9"
+  integrity sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==
 
-parse-asn1@^5.0.0:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.1.tgz#f6bf293818332bd0dab54efb16087724745e6ca8"
+object-is@^1.0.1:
+  version "1.1.5"
+  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.5.tgz#b9deeaa5fc7f1846a0faecdceec138e5778f53ac"
+  integrity sha512-3cyDsyHgtmi7I7DfSSI2LDp6SK2lwvtbg0p0R1e0RvTqF5ceGx+K2dfSjm1bKDMVCFEDAQvy+o8c6a7VujOddw==
   dependencies:
-    asn1.js "^4.0.0"
-    browserify-aes "^1.0.0"
-    create-hash "^1.1.0"
-    evp_bytestokey "^1.0.0"
-    pbkdf2 "^3.0.3"
-
-path-browserify@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/path-browserify/-/path-browserify-0.0.0.tgz#a0b870729aae214005b7d5032ec2cbbb0fb4451a"
+    call-bind "^1.0.2"
+    define-properties "^1.1.3"
 
-path-is-absolute@^1.0.0, path-is-absolute@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
+object-keys@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
+  integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
 
-path-parse@^1.0.5:
+optionator@^0.8.1:
+  version "0.8.3"
+  resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495"
+  integrity sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==
+  dependencies:
+    deep-is "~0.1.3"
+    fast-levenshtein "~2.0.6"
+    levn "~0.3.0"
+    prelude-ls "~1.1.2"
+    type-check "~0.3.2"
+    word-wrap "~1.2.3"
+
+overlayscrollbars@^1.13.1:
+  version "1.13.3"
+  resolved "https://registry.yarnpkg.com/overlayscrollbars/-/overlayscrollbars-1.13.3.tgz#992c96fd2c8535802d1e56c40bc12ec03076c626"
+  integrity sha512-1nB/B5kaakJuHXaLXLRK0bUIilWhUGT6q5g+l2s5vqYdLle/sd0kscBHkQC1kuuDg9p9WR4MTdySDOPbeL/86g==
+
+pako@^0.2.5:
+  version "0.2.9"
+  resolved "https://registry.yarnpkg.com/pako/-/pako-0.2.9.tgz#f3f7522f4ef782348da8161bad9ecfd51bf83a75"
+  integrity sha512-NUcwaKxUxWrZLpDG+z/xZaCgQITkA/Dv4V/T6bw7VON6l1Xz/VnrBqrYjZQ12TamKHzITTfOEIYUj48y2KXImA==
+
+pako@~1.0.2:
+  version "1.0.11"
+  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf"
+  integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==
+
+path-parse@^1.0.7:
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
   integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-path-platform@~0.11.15:
-  version "0.11.15"
-  resolved "https://registry.yarnpkg.com/path-platform/-/path-platform-0.11.15.tgz#e864217f74c36850f0852b78dc7bf7d4a5721bf2"
-
-pbkdf2@^3.0.3:
-  version "3.0.16"
-  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.0.16.tgz#7404208ec6b01b62d85bf83853a8064f8d9c2a5c"
-  dependencies:
-    create-hash "^1.1.2"
-    create-hmac "^1.1.4"
-    ripemd160 "^2.0.1"
-    safe-buffer "^5.0.1"
-    sha.js "^2.4.8"
-
-process-nextick-args@~2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
-
-process@~0.11.0:
-  version "0.11.10"
-  resolved "https://registry.yarnpkg.com/process/-/process-0.11.10.tgz#7332300e840161bda3e69a1d1d91a7d4bc16f182"
-
-public-encrypt@^4.0.0:
-  version "4.0.2"
-  resolved "https://registry.yarnpkg.com/public-encrypt/-/public-encrypt-4.0.2.tgz#46eb9107206bf73489f8b85b69d91334c6610994"
+pdfmake@^0.2.4:
+  version "0.2.7"
+  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.7.tgz#a7a46532ffde032674929988393c20b075cf65e3"
+  integrity sha512-ClLpgx30H5G3EDvRW1MrA1Xih6YxEaSgIVFrOyBMgAAt62V+hxsyWAi6JNP7u1Fc5JKYAbpb4RRVw8Rhvmz5cQ==
   dependencies:
-    bn.js "^4.1.0"
-    browserify-rsa "^4.0.0"
-    create-hash "^1.1.0"
-    parse-asn1 "^5.0.0"
-    randombytes "^2.0.1"
+    "@foliojs-fork/linebreak" "^1.1.1"
+    "@foliojs-fork/pdfkit" "^0.13.0"
+    iconv-lite "^0.6.3"
+    xmldoc "^1.1.2"
 
-punycode@1.3.2:
-  version "1.3.2"
-  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d"
-
-punycode@^1.3.2:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"
+png-js@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/png-js/-/png-js-1.0.0.tgz#e5484f1e8156996e383aceebb3789fd75df1874d"
+  integrity sha512-k+YsbhpA9e+EFfKjTCH3VW6aoKlyNYI6NYdTfDL4CIvFnvsuO84ttonmZE7rc+v23SLTH8XX+5w/Ak9v0xGY4g==
 
-querystring-es3@~0.2.0:
-  version "0.2.1"
-  resolved "https://registry.yarnpkg.com/querystring-es3/-/querystring-es3-0.2.1.tgz#9ec61f79049875707d69414596fd907a4d711e73"
+popper.js@>=1.10, popper.js@^1.16.1:
+  version "1.16.1"
+  resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
+  integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
 
-querystring@0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620"
+prelude-ls@~1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54"
+  integrity sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w==
 
-randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5:
-  version "2.0.6"
-  resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.0.6.tgz#d302c522948588848a8d300c932b44c24231da80"
-  dependencies:
-    safe-buffer "^5.1.0"
+process-nextick-args@~2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
 
-randomfill@^1.0.3:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/randomfill/-/randomfill-1.0.4.tgz#c92196fc86ab42be983f1bf31778224931d61458"
+quote-stream@^1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/quote-stream/-/quote-stream-1.0.2.tgz#84963f8c9c26b942e153feeb53aae74652b7e0b2"
+  integrity sha512-kKr2uQ2AokadPjvTyKJQad9xELbZwYzWlNfI3Uz2j/ib5u6H9lDP7fUUR//rMycd0gv4Z5P1qXMfXR8YpIxrjQ==
   dependencies:
-    randombytes "^2.0.5"
-    safe-buffer "^5.1.0"
+    buffer-equal "0.0.1"
+    minimist "^1.1.3"
+    through2 "^2.0.0"
 
-raphael@^2.2.7:
-  version "2.2.7"
-  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.2.7.tgz#231b19141f8d086986d8faceb66f8b562ee2c810"
+"raphael@^2.2.0 || ^2.1.1", raphael@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.3.0.tgz#eabeb09dba861a1d4cee077eaafb8c53f3131f89"
+  integrity sha512-w2yIenZAQnp257XUWGni4bLMVxpUpcIl7qgxEgDIXtmSypYtlNxfXWpOBxs7LBTps5sDwhRnrToJrMUrivqNTQ==
   dependencies:
     eve-raphael "0.5.0"
 
-read-only-stream@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/read-only-stream/-/read-only-stream-2.0.0.tgz#2724fd6a8113d73764ac288d4386270c1dbf17f0"
-  dependencies:
-    readable-stream "^2.0.2"
-
-readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.6:
+readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2:
   version "2.3.6"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
   dependencies:
@@ -954,114 +1249,168 @@ readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
+readable-stream@~2.3.3, readable-stream@~2.3.6:
+  version "2.3.7"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
+  integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.3"
+    isarray "~1.0.0"
+    process-nextick-args "~2.0.0"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.1.1"
+    util-deprecate "~1.0.1"
+
+regexp.prototype.flags@^1.2.0:
+  version "1.4.3"
+  resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.4.3.tgz#87cab30f80f66660181a3bb7bf5981a872b367ac"
+  integrity sha512-fjggEOO3slI6Wvgjwflkc4NFRCTZAu5CnNfBd5qOMYhWdn67nJBBu34/TkD++eeFmd8C9r9jfXJ27+nSiRkSUA==
+  dependencies:
+    call-bind "^1.0.2"
+    define-properties "^1.1.3"
+    functions-have-names "^1.2.2"
+
 resolve@1.1.7:
   version "1.1.7"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
 
-resolve@^1.1.4, resolve@^1.4.0:
-  version "1.7.1"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.7.1.tgz#aadd656374fd298aee895bc026b8297418677fd3"
-  dependencies:
-    path-parse "^1.0.5"
-
-ripemd160@^2.0.0, ripemd160@^2.0.1:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c"
+resolve@^1.1.5:
+  version "1.22.1"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.1.tgz#27cb2ebb53f91abb49470a928bba7558066ac177"
+  integrity sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==
   dependencies:
-    hash-base "^3.0.0"
-    inherits "^2.0.1"
+    is-core-module "^2.9.0"
+    path-parse "^1.0.7"
+    supports-preserve-symlinks-flag "^1.0.0"
 
-safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
 
-select2@^4.0.3:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.5.tgz#7aac50692561985b34d3b82ec55e226f8960d40a"
-  dependencies:
-    almond "~0.3.1"
-    jquery-mousewheel "~3.1.13"
-
-sha.js@^2.4.0, sha.js@^2.4.8, sha.js@~2.4.4:
-  version "2.4.11"
-  resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
-  dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
-
-shasum@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/shasum/-/shasum-1.0.2.tgz#e7012310d8f417f4deb5712150e5678b87ae565f"
-  dependencies:
-    json-stable-stringify "~0.0.0"
-    sha.js "~2.4.4"
+"safer-buffer@>= 2.1.2 < 3.0.0":
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
+  integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
+
+sax@^1.2.4:
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
+  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
+
+scope-analyzer@^2.0.1:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/scope-analyzer/-/scope-analyzer-2.1.2.tgz#b958162feb59823c2835c7b0229187a97c77e9cd"
+  integrity sha512-5cfCmsTYV/wPaRIItNxatw02ua/MThdIUNnUOCYp+3LSEJvnG804ANw2VLaavNILIfWXF1D1G2KNANkBBvInwQ==
+  dependencies:
+    array-from "^2.1.1"
+    dash-ast "^2.0.1"
+    es6-map "^0.1.5"
+    es6-set "^0.1.5"
+    es6-symbol "^3.1.1"
+    estree-is-function "^1.0.0"
+    get-assigned-identifiers "^1.1.0"
+
+select2@^4.0.13:
+  version "4.0.13"
+  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.13.tgz#0dbe377df3f96167c4c1626033e924372d8ef44d"
+  integrity sha512-1JeB87s6oN/TDxQQYCvS5EFoQyvV6eYMZZ0AeA4tdFDYWN3BAGZ8npr17UBFddU0lgAt3H0yjX3X6/ekOj1yjw==
 
-shell-quote@^1.6.1:
-  version "1.7.3"
-  resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.7.3.tgz#aa40edac170445b9a431e17bb62c0b881b9c4123"
-  integrity sha512-Vpfqwm4EnqGdlsBFNmHhxhElJYrdfcxPThu+ryKS5J8L/fhAwLazFZtq+S+TWZ9ANj2piSQLGj6NQg+lKPmxrw==
+setimmediate@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
+  integrity sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==
 
-slimscroll@^0.9.1:
-  version "0.9.1"
-  resolved "https://registry.yarnpkg.com/slimscroll/-/slimscroll-0.9.1.tgz#f675cdc601d80ada20f16004d227d156fd1187b2"
-  dependencies:
-    browserify ">=3.46.0"
-    classie ">=0.0.1"
-    domhelper "~0.9.0"
-    util-extend "^1.0.1"
+shallow-copy@~0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/shallow-copy/-/shallow-copy-0.0.1.tgz#415f42702d73d810330292cc5ee86eae1a11a170"
+  integrity sha512-b6i4ZpVuUxB9h5gfCxPiusKYkqTMOjEbBs4wMaFbkfia4yFv92UKZ6Df8WXcKbn08JNL/abvg3FnMAOfakDvUw==
 
-source-map@~0.5.3:
+source-map@^0.5.6:
   version "0.5.7"
   resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
+  integrity sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==
 
-stream-browserify@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/stream-browserify/-/stream-browserify-2.0.1.tgz#66266ee5f9bdb9940a4e4514cafb43bb71e5c9db"
+source-map@~0.1.30:
+  version "0.1.43"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.1.43.tgz#c24bc146ca517c1471f5dacbe2571b2b7f9e3346"
+  integrity sha512-VtCvB9SIQhk3aF6h+N85EaqIaBFIAfZ9Cu+NJHHVvc8BbEcnvDcFw6sqQ2dQrT6SlOrZq3tIvyD9+EGq/lJryQ==
   dependencies:
-    inherits "~2.0.1"
-    readable-stream "^2.0.2"
+    amdefine ">=0.0.4"
 
-stream-combiner2@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe"
-  dependencies:
-    duplexer2 "~0.1.0"
-    readable-stream "^2.0.2"
+source-map@~0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
+  integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
 
-stream-http@^2.0.0:
-  version "2.8.3"
-  resolved "https://registry.yarnpkg.com/stream-http/-/stream-http-2.8.3.tgz#b2d242469288a5a27ec4fe8933acf623de6514fc"
-  dependencies:
-    builtin-status-codes "^3.0.0"
-    inherits "^2.0.1"
-    readable-stream "^2.3.6"
-    to-arraybuffer "^1.0.0"
-    xtend "^4.0.0"
+sourcemap-codec@^1.4.1:
+  version "1.4.8"
+  resolved "https://registry.yarnpkg.com/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz#ea804bd94857402e6992d05a38ef1ae35a9ab4c4"
+  integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
 
-stream-splicer@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/stream-splicer/-/stream-splicer-2.0.0.tgz#1b63be438a133e4b671cc1935197600175910d83"
+sparklines@^1.3.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/sparklines/-/sparklines-1.3.0.tgz#08015a34c295b62196b91e98df53bfbcb1fde175"
+  integrity sha512-CkFtpDE3hmOeu1IJyIQIOH0AQtHnPj1c61ALxJZQ9cPEFKDgWC1fcNAHuwPi1i1klTDYvlKKseoYHSwe7JmdLA==
+
+static-eval@^2.0.5:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/static-eval/-/static-eval-2.1.0.tgz#a16dbe54522d7fa5ef1389129d813fd47b148014"
+  integrity sha512-agtxZ/kWSsCkI5E4QifRwsaPs0P0JmZV6dkLz6ILYfFYQGn+5plctanRN+IC8dJRiFkyXHrwEE3W9Wmx67uDbw==
   dependencies:
-    inherits "^2.0.1"
-    readable-stream "^2.0.2"
+    escodegen "^1.11.1"
 
-string_decoder@^1.1.1, string_decoder@~1.1.1:
+static-module@^3.0.2:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/static-module/-/static-module-3.0.4.tgz#bfbd1d1c38dd1fbbf0bb4af0c1b3ae18a93a2b68"
+  integrity sha512-gb0v0rrgpBkifXCa3yZXxqVmXDVE+ETXj6YlC/jt5VzOnGXR2C15+++eXuMDUYsePnbhf+lwW0pE1UXyOLtGCw==
+  dependencies:
+    acorn-node "^1.3.0"
+    concat-stream "~1.6.0"
+    convert-source-map "^1.5.1"
+    duplexer2 "~0.1.4"
+    escodegen "^1.11.1"
+    has "^1.0.1"
+    magic-string "0.25.1"
+    merge-source-map "1.0.4"
+    object-inspect "^1.6.0"
+    readable-stream "~2.3.3"
+    scope-analyzer "^2.0.1"
+    shallow-copy "~0.0.1"
+    static-eval "^2.0.5"
+    through2 "~2.0.3"
+
+string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
   dependencies:
     safe-buffer "~5.1.0"
 
-subarg@^1.0.0:
+summernote@^0.8.20:
+  version "0.8.20"
+  resolved "https://registry.yarnpkg.com/summernote/-/summernote-0.8.20.tgz#395905f2cec0aceebc712edc019d91b8ef88f7cf"
+  integrity sha512-W9RhjQjsn+b1s9xiJQgJbCiYGJaDAc9CdEqXo+D13WuStG8lCdtKaO5AiNiSSMJsQJN2EfGSwbBQt+SFE2B8Kw==
+
+supports-preserve-symlinks-flag@^1.0.0:
   version "1.0.0"
-  resolved "https://registry.yarnpkg.com/subarg/-/subarg-1.0.0.tgz#f62cf17581e996b48fc965699f54c06ae268b8d2"
-  dependencies:
-    minimist "^1.1.0"
+  resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09"
+  integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==
 
-syntax-error@^1.1.1:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/syntax-error/-/syntax-error-1.4.0.tgz#2d9d4ff5c064acb711594a3e3b95054ad51d907c"
+sweetalert2@^11.4.0:
+  version "11.7.1"
+  resolved "https://registry.yarnpkg.com/sweetalert2/-/sweetalert2-11.7.1.tgz#e015b824fec3dcd174babbfedd30d989118c6783"
+  integrity sha512-+1bnkbqBl64FnZmi3g4SzAi4F3pL3S2jF1YQvrysv4GbgizfeFqGkJopxR3FnV/eJm6w2SQ2oAmCxSIBjgP/ag==
+
+tempusdominus-bootstrap-4@^5.39.0:
+  version "5.39.2"
+  resolved "https://registry.yarnpkg.com/tempusdominus-bootstrap-4/-/tempusdominus-bootstrap-4-5.39.2.tgz#f8f12194287eb6f159e9b9d94a441abb54daf94d"
+  integrity sha512-8Au4miSAsMGdsElPg87EUmsN7aGJFaRA5Y8Ale7dDTfhhnQL1Za53LclIJkq+t/7NO5+Ufr1jY7tmEPvWGHaVg==
   dependencies:
-    acorn-node "^1.2.0"
+    bootstrap "^4.6.1"
+    jquery "^3.6.0"
+    moment "^2.29.2"
+    moment-timezone "^0.5.34"
+    popper.js "^1.16.1"
 
 through2@^2.0.0:
   version "2.0.3"
@@ -1070,67 +1419,94 @@ through2@^2.0.0:
     readable-stream "^2.1.5"
     xtend "~4.0.1"
 
-"through@>=2.2.7 <3":
+through2@~2.0.3:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
+  integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
+  dependencies:
+    readable-stream "~2.3.6"
+    xtend "~4.0.1"
+
+through@~2.3.4:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
+  integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==
+
+tiny-inflate@^1.0.0, tiny-inflate@^1.0.2:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/tiny-inflate/-/tiny-inflate-1.0.3.tgz#122715494913a1805166aaf7c93467933eea26c4"
+  integrity sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==
 
-timers-browserify@^1.0.1:
-  version "1.4.2"
-  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-1.4.2.tgz#c9c58b575be8407375cb5e2462dacee74359f41d"
+toastr@^2.1.4:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/toastr/-/toastr-2.1.4.tgz#8b43be64fb9d0c414871446f2db8e8ca4e95f181"
+  integrity sha512-LIy77F5n+sz4tefMmFOntcJ6HL0Fv3k1TDnNmFZ0bU/GcvIIfy6eG2v7zQmMiYgaalAiUv75ttFrPn5s0gyqlA==
   dependencies:
-    process "~0.11.0"
+    jquery ">=1.12.0"
 
-to-arraybuffer@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43"
+type-check@~0.3.2:
+  version "0.3.2"
+  resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72"
+  integrity sha512-ZCmOJdvOWDBYJlzAoFkC+Q0+bUyEOS1ltgp1MGU03fqHG+dbi9tBFU2Rd9QKiDZFAYrhPh2JUf7rZRIuHRKtOg==
+  dependencies:
+    prelude-ls "~1.1.2"
 
-tty-browserify@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/tty-browserify/-/tty-browserify-0.0.1.tgz#3f05251ee17904dfd0677546670db9651682b811"
+type@^1.0.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/type/-/type-1.2.0.tgz#848dd7698dafa3e54a6c479e759c4bc3f18847a0"
+  integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==
+
+type@^2.7.2:
+  version "2.7.2"
+  resolved "https://registry.yarnpkg.com/type/-/type-2.7.2.tgz#2376a15a3a28b1efa0f5350dcf72d24df6ef98d0"
+  integrity sha512-dzlvlNlt6AXU7EBSfpAscydQ7gXB+pPGsPnfJnZpiNJBDj7IaJzQlBZYGdEi4R9HmPdBv2XmWJ6YUtoTa7lmCw==
 
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
 
-umd@^3.0.0:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/umd/-/umd-3.0.3.tgz#aa9fe653c42b9097678489c01000acb69f0b26cf"
+unicode-properties@^1.2.2:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/unicode-properties/-/unicode-properties-1.4.1.tgz#96a9cffb7e619a0dc7368c28da27e05fc8f9be5f"
+  integrity sha512-CLjCCLQ6UuMxWnbIylkisbRj31qxHPAurvena/0iwSVbQ2G1VY5/HjV0IRabOEbDHlzZlRdCrD4NhB0JtU40Pg==
+  dependencies:
+    base64-js "^1.3.0"
+    unicode-trie "^2.0.0"
 
-url@~0.11.0:
-  version "0.11.0"
-  resolved "https://registry.yarnpkg.com/url/-/url-0.11.0.tgz#3838e97cfc60521eb73c525a8e55bfdd9e2e28f1"
+unicode-trie@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/unicode-trie/-/unicode-trie-2.0.0.tgz#8fd8845696e2e14a8b67d78fa9e0dd2cad62fec8"
+  integrity sha512-x7bc76x0bm4prf1VLg79uhAzKw8DVboClSN5VxJuQ+LKDOVEW9CdH+VY7SP+vX7xCYQqzzgQpFqz15zeLvAtZQ==
   dependencies:
-    punycode "1.3.2"
-    querystring "0.2.0"
+    pako "^0.2.5"
+    tiny-inflate "^1.0.0"
+
+universalify@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717"
+  integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==
+
+uplot@^1.6.18:
+  version "1.6.24"
+  resolved "https://registry.yarnpkg.com/uplot/-/uplot-1.6.24.tgz#dfa213fa7da92763261920ea972ed1a5f9f6af12"
+  integrity sha512-WpH2BsrFrqxkMu+4XBvc0eCDsRBhzoq9crttYeSI0bfxpzR5YoSVzZXOKFVWcVC7sp/aDXrdDPbDZGCtck2PVg==
 
 util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
 
-util-extend@^1.0.1:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/util-extend/-/util-extend-1.0.3.tgz#a7c216d267545169637b3b6edc6ca9119e2ff93f"
-
-util@0.10.3:
-  version "0.10.3"
-  resolved "https://registry.yarnpkg.com/util/-/util-0.10.3.tgz#7afb1afe50805246489e3db7fe0ed379336ac0f9"
-  dependencies:
-    inherits "2.0.1"
+word-wrap@~1.2.3:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c"
+  integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==
 
-util@~0.10.1:
-  version "0.10.4"
-  resolved "https://registry.yarnpkg.com/util/-/util-0.10.4.tgz#3aa0125bfe668a4672de58857d3ace27ecb76901"
+xmldoc@^1.1.2:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/xmldoc/-/xmldoc-1.2.0.tgz#7554371bfd8c138287cff01841ae4566d26e5541"
+  integrity sha512-2eN8QhjBsMW2uVj7JHLHkMytpvGHLHxKXBy4J3fAT/HujsEtM6yU84iGjpESYGHg6XwK0Vu4l+KgqQ2dv2cCqg==
   dependencies:
-    inherits "2.0.3"
-
-vm-browserify@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.0.1.tgz#a15d7762c4c48fa6bf9f3309a21340f00ed23063"
-
-wrappy@1:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
+    sax "^1.2.4"
 
-xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1:
+xtend@^4.0.1, xtend@~4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"

From 0568a90ec1a3ffb2a9f25497297b6b3b31d5b7bc Mon Sep 17 00:00:00 2001
From: Vassilis Asteriou <vaster@it.auth.gr>
Date: Wed, 8 Feb 2023 15:27:45 +0200
Subject: [PATCH 184/475] Changed auto_ptr() logic to remove-then-add

---
 powerdnsadmin/models/record.py | 38 +++++++++++++++++-----------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index b6c3f5469..ae70a9e54 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -422,6 +422,25 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
                 ]
 
                 d = Domain()
+                for r in del_rrsets:
+                    for record in r['records']:
+                        # Format the reverse record name
+                        # It is the reverse of forward record's content.
+                        reverse_host_address = dns.reversename.from_address(
+                            record['content']).to_text()
+
+                        # Create the reverse domain name in PDNS
+                        domain_reverse_name = d.get_reverse_domain_name(
+                            reverse_host_address)
+                        d.create_reverse_domain(domain_name,
+                                                domain_reverse_name)
+
+                        # Delete the reverse zone
+                        self.name = reverse_host_address
+                        self.type = 'PTR'
+                        self.data = record['content']
+                        self.delete(domain_reverse_name)
+                
                 for r in new_rrsets:
                     for record in r['records']:
                         # Format the reverse record name
@@ -455,25 +474,6 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
                         # Format the rrset
                         rrset = {"rrsets": rrset_data}
                         self.add(domain_reverse_name, rrset)
-
-                for r in del_rrsets:
-                    for record in r['records']:
-                        # Format the reverse record name
-                        # It is the reverse of forward record's content.
-                        reverse_host_address = dns.reversename.from_address(
-                            record['content']).to_text()
-
-                        # Create the reverse domain name in PDNS
-                        domain_reverse_name = d.get_reverse_domain_name(
-                            reverse_host_address)
-                        d.create_reverse_domain(domain_name,
-                                                domain_reverse_name)
-
-                        # Delete the reverse zone
-                        self.name = reverse_host_address
-                        self.type = 'PTR'
-                        self.data = record['content']
-                        self.delete(domain_reverse_name)
                 return {
                     'status': 'ok',
                     'msg': 'Auto-PTR record was updated successfully'

From 02700ee7b0b53c7adb5b35f03efc6e4382cacd31 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <rauno@tuul.eu>
Date: Wed, 8 Feb 2023 17:03:35 +0200
Subject: [PATCH 185/475] Patch API record update/delete logging to match
 current logging format

---
 powerdnsadmin/routes/api.py | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 3df31e18e..0844c32c8 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1119,14 +1119,16 @@ def api_zone_forward(server_id, zone_id):
         if Setting().get('enable_api_rr_history'):
             if request.method in ['POST', 'PATCH']:
                 data = request.get_json(force=True)
-                for rrset_data in data['rrsets']:
-                    history = History(msg='{0} zone {1} record of {2}'.format(
-                        rrset_data['changetype'].lower(), rrset_data['type'],
-                        rrset_data['name'].rstrip('.')),
-                                    detail=json.dumps(data),
-                                    created_by=g.apikey.description,
-                                    domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
-                    history.add()
+                history = History(
+                    msg='Apply record changes to domain {0}'.format(zone_id.rstrip('.')),
+                    detail = json.dumps({
+                        'domain': zone_id.rstrip('.'),
+                        'add_rrsets': list(filter(lambda r: r['changetype'] == "REPLACE", data['rrsets'])),
+                        'del_rrsets': list(filter(lambda r: r['changetype'] == "DELETE", data['rrsets']))
+                    }),
+                    created_by=g.apikey.description,
+                    domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
+                history.add()
             elif request.method == 'DELETE':
                 history = History(msg='Deleted zone {0}'.format(zone_id.rstrip('.')),
                                   detail='',

From c00ddea2fc1a1e0a8e78a2e7011c5f4825924274 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 13 Feb 2023 03:57:21 +0000
Subject: [PATCH 186/475] More page formatting Added server-side logic for
 register.html validation Keep form firelds on register.html in the event of
 wrong input fields to save users from retyping info More button rounding

---
 powerdnsadmin/routes/index.py                 | 118 +++---
 .../templates/admin_edit_account.html         |  15 +-
 powerdnsadmin/templates/admin_edit_key.html   | 109 +++---
 .../templates/admin_global_search.html        | 323 ++++++++---------
 powerdnsadmin/templates/admin_history.html    |  19 +-
 .../templates/admin_history_table.html        |   2 +-
 .../templates/admin_manage_account.html       |  21 +-
 .../templates/admin_manage_keys.html          | 107 +++---
 .../templates/admin_manage_user.html          | 339 +++++++++---------
 powerdnsadmin/templates/admin_pdns_stats.html | 201 +++++------
 .../templates/admin_setting_basic.html        |  80 +++--
 .../templates/admin_setting_pdns.html         | 173 +++++----
 .../templates/admin_setting_records.html      | 148 ++++----
 powerdnsadmin/templates/base.html             |   4 +-
 powerdnsadmin/templates/dashboard.html        |  78 ++--
 powerdnsadmin/templates/domain_add.html       |   8 +-
 powerdnsadmin/templates/domain_changelog.html |   9 +-
 powerdnsadmin/templates/domain_remove.html    |  12 +-
 powerdnsadmin/templates/domain_setting.html   |  10 +-
 powerdnsadmin/templates/register.html         | 171 ++++-----
 powerdnsadmin/templates/template.html         | 196 +++++-----
 powerdnsadmin/templates/template_add.html     | 160 +++++----
 powerdnsadmin/templates/template_edit.html    |  10 +-
 powerdnsadmin/templates/user_profile.html     |   2 +-
 24 files changed, 1212 insertions(+), 1103 deletions(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 98664d6c7..cd9318144 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -400,7 +400,7 @@ def login():
             desc_prop = Setting().get('oidc_oauth_account_description_property')
 
             account_to_add = []
-	    #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
+      #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
             if name_prop in me and desc_prop in me:
                 accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
                 accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
@@ -415,7 +415,7 @@ def login():
                     account_to_add.append(account)
                 user_accounts = user.get_accounts()
 
-		# Add accounts
+    # Add accounts
                 for account in account_to_add:
                     if account not in user_accounts:
                         account.add_user(user)
@@ -651,55 +651,73 @@ def logout():
 
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
-    CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
-    if Setting().get('signup_enabled'):
-        if request.method == 'GET':
-            return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
-        elif request.method == 'POST':
-            username = request.form.get('username', '').strip()
-            password = request.form.get('password', '')
-            firstname = request.form.get('firstname', '').strip()
-            lastname = request.form.get('lastname', '').strip()
-            email = request.form.get('email', '').strip()
-            rpassword = request.form.get('rpassword', '')
-
-            if not username or not password or not email:
-                return render_template(
-                    'register.html', error='Please input required information', captcha_enable=CAPTCHA_ENABLE)
-
-            if password != rpassword:
-                return render_template(
-                    'register.html',
-                    error="Password confirmation does not match", captcha_enable=CAPTCHA_ENABLE)
-
-            if not captcha.validate():
-                return render_template(
-                    'register.html', error='Invalid CAPTCHA answer', captcha_enable=CAPTCHA_ENABLE)
-
-            user = User(username=username,
-                        plain_text_password=password,
-                        firstname=firstname,
-                        lastname=lastname,
-                        email=email)
-
-            try:
-                result = user.create_local_user()
-                if result and result['status']:
-                    if Setting().get('verify_user_email'):
-                        send_account_verification(email)
-                    if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
-                        user.update_profile(enable_otp=True)
-                        prepare_welcome_user(user.id)
-                        return redirect(url_for('index.welcome'))
-                    else:
-                        return redirect(url_for('index.login'))
-                else:
-                    return render_template('register.html',
-                                           error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
-            except Exception as e:
-                return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
+  CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
+  if Setting().get('signup_enabled'):
+    if current_user.is_authenticated:
+      return redirect(url_for('index.index'))
+    if request.method == 'GET':
+      return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
+    elif request.method == 'POST':
+      username = request.form.get('username', '').strip()
+      password = request.form.get('password', '')
+      firstname = request.form.get('firstname', '').strip()
+      lastname = request.form.get('lastname', '').strip()
+      email = request.form.get('email', '').strip()
+      rpassword = request.form.get('rpassword', '')
+
+      is_valid_email = re.compile(r'[\w\.-]+@[\w\.-]+')
+
+      error_messages = {}
+      if not firstname:
+        error_messages['firstname'] = 'First Name is required'
+      if not lastname:
+        error_messages['lastname'] = 'Last Name is required'
+      if not username:
+        error_messages['username'] = 'Username is required'
+      if not password:
+        error_messages['password'] = 'Password is required'
+      if not rpassword:
+        error_messages['rpassword'] = 'Password confirmation is required'
+      if not email:
+        error_messages['email'] = 'Email is required'
+      if not is_valid_email.match(email):
+        error_messages['email'] = 'Invalid email address'
+      if password != rpassword:
+        error_messages['password'] = 'Password confirmation does not match'
+        error_messages['rpassword'] = 'Password confirmation does not match'
+
+      if not captcha.validate():
+        return render_template(
+          'register.html', error='Invalid CAPTCHA answer', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
+
+      if error_messages:
+        return render_template('register.html', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
+
+      user = User(username=username,
+        plain_text_password=password,
+        firstname=firstname,
+        lastname=lastname,
+        email=email
+      )
+
+      try:
+        result = user.create_local_user()
+        if result and result['status']:
+          if Setting().get('verify_user_email'):
+            send_account_verification(email)
+          if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
+            user.update_profile(enable_otp=True)
+            prepare_welcome_user(user.id)
+            return redirect(url_for('index.welcome'))
+          else:
+            return redirect(url_for('index.login'))
+        else:
+          return render_template('register.html',
+            error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
+      except Exception as e:
+        return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
     else:
-        return render_template('errors/404.html'), 404
+      return render_template('errors/404.html'), 404
 
 
 # Show welcome page on first login if otp_force is enabled
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 0fc0b30a5..62ccf26be 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -1,9 +1,14 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_accounts" %}
-{% block title %}<title>Edit Account - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+<title>
+  Edit Account - {{ SITE_NAME }}
+</title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
   <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
@@ -30,7 +35,7 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-4">
-        <div class="card card-primary">
+        <div class="card shadow">
           <div class="card-header with-border">
             <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
           </div>
@@ -107,8 +112,8 @@ <h3 class="card-title">Access Control</h3>
           </form>
         </div>
       </div>
-      <div class="col-6">
-        <div class="card card-primary">
+      <div class="col-8">
+        <div class="card shadow">
           <div class="card-header with-border">
             <h3 class="card-title">Help with creating a new account</h3>
           </div>
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index a0e7a88cc..1d8e69636 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -1,12 +1,17 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_keys" %}
+
 {% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
+
 {% block title %}
-<title>Edit Key - {{ SITE_NAME }}</title>
+  <title>
+    Edit Key - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<div class="content-header">
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
@@ -25,61 +30,59 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
-
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
   <div class="row">
     <div class="col-4">
-            <div class="card card-primary">
-                <div class="card-header with-border">
-                    <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="card-body">
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="role">Role</label>
-                            <select class="key_role form-control" id="key_role" name="key_role">
-                                {% for role in roles %}
-                                <option value="{{ role.name }}"
-                                {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
-                                {% if (key is none) and (role.name=="User") %}selected{% endif %}
-                                >{{ role.name }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="description">Description</label>
-                            <input type="text" class="form-control" placeholder="Description" name="description"
-                                {% if key is not none %} value="{{ key.description }}" {% endif %}> <span
-                                class="glyphicon glyphicon-pencil form-control-feedback"></span>
-                        </div>
-                    </div>
-                    <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                      <h3 class="card-title">Accounts Access Control</h3>
-                    </div>
-                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                      <p>This key will be linked to the accounts on the right,</p>
-                      <p>thus granting access to domains owned by the selected accounts.</p>
-                      <p>Click on accounts to move between the columns.</p>
-                      <div class="form-group col-2">
-                          <select multiple="multiple" class="form-control" id="key_multi_account"
-                              name="key_multi_account">
-                              {% for account in accounts %}
-                                  <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
-                              {% endfor %}
-                          </select>
-                      </div>
-                    </div>
-                    <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                        <h3 class="card-title">Domain Access Control</h3>
-                    </div>
+      <div class="card card-primary">
+        <div class="card-header with-border">
+          <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
+        </div>
+        <form role="form" method="post"
+        action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
+          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+          <input type="hidden" name="create" value="{{ create }}">
+          <div class="card-body">
+            <div class="form-group has-feedback">
+              <label class="control-label" for="role">Role</label>
+              <select class="key_role form-control" id="key_role" name="key_role">
+                {% for role in roles %}
+                  <option value="{{ role.name }}"
+                  {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
+                  {% if (key is none) and (role.name=="User") %}selected{% endif %}>
+                    {{ role.name }}
+                  </option>
+                {% endfor %}
+              </select>
+            </div>
+            <div class="form-group has-feedback">
+              <label class="control-label" for="description">Description</label>
+                <input type="text" class="form-control" placeholder="Description" name="description"
+                {% if key is not none %} value="{{ key.description }}" {% endif %}>
+                <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
+              </div>
+            </div>
+            <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <h3 class="card-title">Accounts Access Control</h3>
+            </div>
+            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <p>This key will be linked to the accounts on the right,</p>
+              <p>thus granting access to domains owned by the selected accounts.</p>
+              <p>Click on accounts to move between the columns.</p>
+              <div class="form-group col-2">
+                <select multiple="multiple" class="form-control" id="key_multi_account" name="key_multi_account">
+                  {% for account in accounts %}
+                    <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
+                  {% endfor %}
+                </select>
+              </div>
+            </div>
+            <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <h3 class="card-title">Domain Access Control</h3>
+            </div>
                     <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                         <p>This key will have acess to the domains on the right.</p>
                         <p>Click on domains to move between the columns.</p>
@@ -115,8 +118,10 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
             </div>
         </div>
     </div>
+    </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     $('form').submit(function (e) {
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 815230cc1..4161ad3da 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -1,210 +1,201 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_global_search" %}
+
 {% block title %}
-<title>Global Search - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Global Search <small>Search for domains, records and comments directly from PDNS API</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Global Search</li>
-    </ol>
-</section>
+  <title>
+    Global Search - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
-<div class="content-header">
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
           <h1 class="m-0 text-dark">
-            Dashboard
-            <small>Control panel</small>
+            Global Search
+            <small>Search for domains, records and comments directly from PDNS API</small>
           </h1>
         </div>
         <div class="col-sm-6">
           <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="#">Home</a></li>
-            <li class="breadcrumb-item active">Dashboard v1</li>
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Global Search</li>
           </ol>
         </div>
       </div>
     </div>
   </div>
+{% endblock %}
 
-{% endblock %} {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box-body">
-                <!-- search form -->
-                <form action="" method="get">
-                    <div class="input-group">
-                        <input type="text" name="q" class="form-control" placeholder="Your keyword...">
-                        <div class="input-group-btn">
-                            <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
-                        </div>
-                    </div>
-                </form>
-                <div>
-                    <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
-                        a wildcard for a
-                        single character.</p>
+{% block content %}
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">Global Search</h3>
+            </div>
+            <div class="card-body">
+              <form action="" method="get">
+                <div class="input-group">
+                  <input type="text" name="q" class="form-control" placeholder="Your keyword...">
+                  <div class="input-group-btn">
+                    <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
+                  </div>
                 </div>
-                <!-- /.search form -->
+              </form>
+              <div>
+                <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
+                  a wildcard for a
+                  single character.
+                </p>
+              </div>
             </div>
+          </div>
         </div>
-    </div>
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Domains ({{ domains|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_domain" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Domain</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for domain in domains %}
-                            <tr class="odd gradeX">
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      </div>
+
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">Domains ({{ domains|length }})</h3>
+            </div>
+            <div class="card-body">
+              <table id="tbl_domain" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Domain</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for domain in domains %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
+      </div>
 
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Records ({{ records|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_record" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Type</th>
-                                <th>Status</th>
-                                <th>TTL</th>
-                                <th>Data</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for record in records %}
-                            <tr class="odd gradeX">
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
-                                </td>
-                                <td>{{ record['type'] }}</td>
-                                <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
-                                <td>{{ record['ttl'] }}</td>
-                                <td>{{ record['content'] }}</td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">Records ({{ records|length }})</h3>
+            </div>
+            <div class="card-body">
+              <table id="tbl_record" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Name</th>
+                    <th>Type</th>
+                    <th>Status</th>
+                    <th>TTL</th>
+                    <th>Data</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for record in records %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
+                      </td>
+                      <td>{{ record['type'] }}</td>
+                      <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
+                      <td>{{ record['ttl'] }}</td>
+                      <td>{{ record['content'] }}</td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
+      </div>
 
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Comments ({{ comments|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_comment" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Comment</th>
-                                <th>Record</th>
-                                <th>Domain</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for comment in comments %}
-                            <tr class="odd gradeX">
-                                <td>{{ comment['content'] }}</td>
-                                <td>{{ comment['name'] }}</td>
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">Comments ({{ comments|length }})</h3>
             </div>
-            <!-- /.box -->
+            <div class="card-body">
+              <table id="tbl_comment" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Comment</th>
+                    <th>Record</th>
+                    <th>Domain</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for comment in comments %}
+                    <tr class="odd gradeX">
+                      <td>{{ comment['content'] }}</td>
+                      <td>{{ comment['name'] }}</td>
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up domain result data table
     $("#tbl_domain").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
 
-<script>
     // set up domain result data table
     $("#tbl_record").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
 
-<script>
     // set up domain result data table
     $("#tbl_comment").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
+  </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 5b96c0909..21c275864 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -1,11 +1,15 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_history" %}
+
 {% block title %}
-<title>History - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
+  <title>
+    History - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
-<div class="content-header">
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
@@ -23,17 +27,14 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
-
 {% endblock %} 
+
 {% block content %}
 {% import 'applied_change_macro.html' as applied_change_macro %}
-
-
-
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-md-12">
+      <div class="col-12">
         <div class="card card-outline card-secondary">
           <div class="card-header with-border">
             <h3 class="card-title">History Management</h3>
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 537ba2a1c..146e7dbd4 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -6,7 +6,7 @@
   </p>
 {% endif %}
 
-<div class="box-body"></div>
+<div class="card-body"></div>
   <table id="tbl_history" class="table table-bordered table-striped">
     <thead>
       <tr>
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index e56705c9e..f0c79cc8c 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -1,9 +1,15 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_accounts" %}
+
 {% block title %}
-<title>Account Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<div class="content-header">
+  <title>
+    Account Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
@@ -21,12 +27,13 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
+{% endblock %}
 
-{% endblock %} {% block content %}
+{% block content %}
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-xs-12 col-md-12">
+      <div class="col-12">
         <div class="card card-primary">
           <div class="card-header with-border">
             <h3 class="card-title">Account Management</h3>
@@ -133,8 +140,8 @@ <h4 class="modal-title">Confirmation</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+                <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
             </div>
         </div>
         <!-- /.modal-content -->
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index 9f2c6825e..e303cd6d0 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -1,9 +1,15 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_keys" %}
+
 {% block title %}
-<title>Key Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<div class="content-header">
+  <title>
+    Key Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
@@ -21,7 +27,9 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
-{% endblock %} {% block content %}
+{% endblock %}
+
+{% block content %}
 <section class="content">
   <div class="container-fluid">
     <div class="card">
@@ -74,63 +82,62 @@ <h3 class="card-title">Key Management</h3>
   </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up key data table
     $("#tbl_keys").DataTable({
-        "paging": true,
-        "lengthChange": true,
-        "searching": true,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "lengthMenu": [
-            [10, 25, 50, 100, -1],
-            [10, 25, 50, 100, "All"]
-        ],
-        "pageLength": 10
+      "paging": true,
+      "lengthChange": true,
+      "searching": true,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "lengthMenu": [
+        [10, 25, 50, 100, -1],
+        [10, 25, 50, 100, "All"]
+      ],
+      "pageLength": 10
     });
 
     // handle deletion of keys
     $(document.body).on('click', '.button_delete', function () {
-        var modal = $("#modal_delete");
-        var key_id = $(this).prop('id');
-        var info = "Are you sure you want to delete key #" + key_id + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            var postdata = {
-                'action': 'delete_key',
-                'data': key_id,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
-
+      var modal = $("#modal_delete");
+      var key_id = $(this).prop('id');
+      var info = "Are you sure you want to delete key #" + key_id + "?";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_delete_confirm').click(function () {
+        var postdata = {
+          'action': 'delete_key',
+          'data': key_id,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+          <h4 class="modal-title">Confirmation</h4>
+        </div>
+        <div class="modal-body">
+          <p></p>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index 94c6aaf68..154acacb1 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -1,9 +1,15 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_users" %}
+
 {% block title %}
-<title>User Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<div class="content-header">
+  <title>
+    User Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
@@ -21,196 +27,195 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
-{% endblock %} {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-        <div class="col-sm-12">
-            <div class="card">
-                <div class="card-header with-border">
-                    <h3 class="card-title">User Management</h3>
-                </div>
-                <div class="card-body">
-                    <a href="{{ url_for('admin.edit_user') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_user">
-                            Add User&nbsp;<i class="fa fa-plus"></i>
+{% endblock %}
+
+{% block content %}
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header with-border">
+              <h3 class="card-title">User Management</h3>
+            </div>
+            <div class="card-body">
+              <a href="{{ url_for('admin.edit_user') }}">
+                <button type="button" class="btn btn-primary pull-left button_add_user">
+                  <i class="fa fa-plus"></i>&nbsp;Add User
+                </button>
+              </a>
+            </div>
+            <div class="card-body">
+              <table id="tbl_users" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Username</th>
+                    <th>First Name</th>
+                    <th>Last Name</th>
+                    <th>Email</th>
+                    <th>Role</th>
+                    <th>Privileges</th>
+                    <th>Action</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for user in users %}
+                    <tr class="odd gradeX">
+                      <td>{{ user.username }}</td>
+                      <td>{{ user.firstname }}</td>
+                      <td>{{ user.lastname }}</td>
+                      <td>{{ user.email }}</td>
+                      <td>
+                        <select id="{{ user.username }}" class="user_role"
+                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                          {% for role in roles %}
+                            <option value="{{ role.name }}"
+                              {% if role.id==user.role.id %}selected{% endif %}>
+                                {{ role.name }}
+                            </option>
+                          {% endfor %}
+                        </select>
+                      </td>
+                      <td width="6%">
+                        <button type="button" class="btn btn-warning button_revoke"
+                          id="{{ user.username }}"
+                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                            <i class="fa fa-lock"></i>&nbsp;Revoke
                         </button>
-                    </a>
-                </div>
-                <div class="card-body">
-                    <table id="tbl_users" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Username</th>
-                                <th>First Name</th>
-                                <th>Last Name</th>
-                                <th>Email</th>
-                                <th>Role</th>
-                                <th>Privileges</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for user in users %}
-                            <tr class="odd gradeX">
-                                <td>{{ user.username }}</td>
-                                <td>{{ user.firstname }}</td>
-                                <td>{{ user.lastname }}</td>
-                                <td>{{ user.email }}</td>
-                                <td>
-                                    <select id="{{ user.username }}" class="user_role"
-                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                                        {% for role in roles %}
-                                        <option value="{{ role.name }}"
-                                            {% if role.id==user.role.id %}selected{% endif %}>{{ role.name }}</option>
-                                        {% endfor %}
-                                    </select>
-                                </td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning button_revoke"
-                                        id="{{ user.username }}"
-                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                                        Revoke&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                </td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success button_edit"
-                                        onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'"
-                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                                        Edit&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ user.username }}"
-                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+                      </td>
+                      <td width="15%">
+                        <button type="button" class="btn btn-success button_edit"
+                          onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'"
+                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                            <i class="fa fa-lock"></i>&nbsp;Edit
+                        </button>
+                        <button type="button" class="btn btn-danger button_delete"
+                          id="{{ user.username }}"
+                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                            <i class="fa fa-trash"></i>&nbsp;Delete
+                        </button>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
-    <!-- /.row -->
+      </div>
     </div>
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up user data table
     $("#tbl_users").DataTable({
-        "paging": true,
-        "lengthChange": true,
-        "searching": true,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "lengthMenu": [
-            [10, 25, 50, 100, -1],
-            [10, 25, 50, 100, "All"]
-        ],
-        "pageLength": 10
+      "paging": true,
+      "lengthChange": true,
+      "searching": true,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "lengthMenu": [
+        [10, 25, 50, 100, -1],
+        [10, 25, 50, 100, "All"]
+      ],
+      "pageLength": 10
     });
 
     // handle revocation of privileges
     $(document.body).on('click', '.button_revoke', function () {
-        var modal = $("#modal_revoke");
-        var username = $(this).prop('id');
-        var info = "Are you sure you want to revoke all privileges for " + username +
-            ". They will not able to access any domain.";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_revoke_confirm').click(function () {
-            var postdata = {
-                'action': 'revoke_user_privileges',
-                'data': username,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
+      var modal = $("#modal_revoke");
+      var username = $(this).prop('id');
+      var info = "Are you sure you want to revoke all privileges for user " + username +
+        "? They will not able to access any domain.";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_revoke_confirm').click(function () {
+        var postdata = {
+          'action': 'revoke_user_privileges',
+          'data': username,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
+
     // handle deletion of user
     $(document.body).on('click', '.button_delete', function () {
-        var modal = $("#modal_delete");
-        var username = $(this).prop('id');
-        var info = "Are you sure you want to delete " + username + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            var postdata = {
-                'action': 'delete_user',
-                'data': username,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
-
+      var modal = $("#modal_delete");
+      var username = $(this).prop('id');
+      var info = "Are you sure you want to delete user " + username + "?";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_delete_confirm').click(function () {
+        var postdata = {
+          'action': 'delete_user',
+          'data': username,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
 
     // handle user role changing
     $(document.body).on('change', '.user_role', function () {
-        var role_name = this.value;
-        var username = $(this).prop('id');
-        var postdata = {
-            'action': 'update_user_role',
-            'data': {
-                'username': username,
-                'role_name': role_name
-            },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
+      var role_name = this.value;
+      var username = $(this).prop('id');
+      var postdata = {
+        'action': 'update_user_role',
+        'data': {
+          'username': username,
+          'role_name': role_name
+        },
+        '_csrf_token': '{{ csrf_token() }}'
+      };
+      applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_revoke">
+  <div class="modal fade modal-warning" id="modal_revoke">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_revoke_confirm">Revoke</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger" id="button_revoke_confirm">Revoke</button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-warning" id="modal_delete">
+  </div>
+
+  <div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index 84a1ec6c3..bc4983194 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -1,136 +1,127 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_console" %}
-{% block title %}<title>Admin Console - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        PowerDNS server configuration & statistics
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Admin Console</li>
-    </ol>
-</section>
+{% block title %}
+  <title>
+    Admin Console - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
-<div class="content-header">
+{% block dashboard_stat %}
+  <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
         <div class="col-sm-6">
           <h1 class="m-0 text-dark">
-            Dashboard
-            <small>Control panel</small>
+            PowerDNS
+            <small>Server Statistics & Configuration</small>
           </h1>
         </div>
         <div class="col-sm-6">
           <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="#">Home</a></li>
-            <li class="breadcrumb-item active">Dashboard v1</li>
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">PowerDNS Server Statistics & Configuration</li>
           </ol>
         </div>
       </div>
     </div>
   </div>
-
 {% endblock %}
 
 {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">PDNS Statistics</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_statistics" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th width="6%">Docs</th>
-                                <th>Statistic</th>
-                                <th>Value</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for statistic in statistics %}
-                            <tr class="odd gradeX">
-                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
-                                        target="_blank" class="btn btn-flat btn-xs blue"><i
-                                            class="fa fa-search"></i></a></td>
-                                <td>{{ statistic['name'] }}</td>
-                                <td>{{ statistic['value'] }}</td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">PowerDNS Server Statistics</h3>
             </div>
-            <!-- /.box -->
+            <div class="card-body">
+              <table id="tbl_statistics" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th width="30%">Statistic</th>
+                    <th>Value</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for statistic in statistics %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
+                        target="_blank" class="btn btn-primary">
+                          <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
+                        </a>
+                      </td>
+                      <td>{{ statistic['value'] }}</td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
-    <!-- /.row -->
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">PDNS Configuration</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_configuration" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th width="6%">Docs</th>
-                                <th>Statistic</th>
-                                <th>Value</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for config in configs %}
-                            <tr class="odd gradeX">
-                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
-                                        target="_blank" class="btn btn-flat btn-xs blue"><i
-                                            class="fa fa-search"></i></a></td>
-                                <td>{{ config['name'] }}</td>
-                                <td>
-                                    {{ config['value'] }}
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      </div>
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">PowerDNS Server Configuration</h3>
             </div>
-            <!-- /.box -->
+            <div class="card-body">
+              <table id="tbl_configuration" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th width="30%">Configuration</th>
+                    <th>Value</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for config in configs %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
+                        target="_blank" class="btn btn-primary">
+                          <i class="fa fa-search"></i>&nbsp;{{ config['name'] }}
+                        </a>
+                      </td>
+                      <td>
+                        {{ config['value'] }}
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-    // set up statistics data table
-    $("#tbl_statistics").DataTable({
-        "paging": true,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
-    });
+  // set up statistics data table
+  $("#tbl_statistics").DataTable({
+    "paging": true,
+    "lengthChange": true,
+    "searching": true,
+    "ordering": true,
+    "info": true,
+    "autoWidth": false
+  });
 
-    // set up configuration data table
-    $("#tbl_configuration").DataTable({
-        "paging": true,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
-    });
+  // set up configuration data table
+  $("#tbl_configuration").DataTable({
+    "paging": true,
+    "lengthChange": true,
+    "searching": true,
+    "ordering": true,
+    "info": true,
+    "autoWidth": false
+  });
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index 3df8fc060..dcfb29875 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -1,9 +1,14 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>Basic Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
+  <title>
+    Basic Settings - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
   <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
@@ -22,8 +27,9 @@ <h1 class="m-0 text-dark">
       </div>
     </div>
   </div>
+{% endblock %}
 
-{% endblock %} {% block content %}
+{% block content %}
 <section class="content">
   <div class="container-fluid">
     <div class="card">
@@ -34,9 +40,9 @@ <h3 class="card-title">Basic Settings</h3>
         <table id="tbl_settings" class="table table-bordered table-striped">
           <thead>
             <tr>
-              <th>Name</th>
-              <th>Value</th>
-              <th>Change</th>
+              <th>Setting Name</th>
+              <th>Current Value</th>
+              <th>Action</th>
             </tr>
           </thead>
           <tbody>
@@ -45,12 +51,18 @@ <h3 class="card-title">Basic Settings</h3>
                 <td>
                   {{ setting }}
                 </td>
-                {% if SETTING.get(setting) in [True, False] %}
+                {% if SETTING.get(setting) in [False] %}
                   <td>{{ SETTING.get(setting)|display_setting_state }}</td>
                   <td width="6%">
-                    <button type="button" class="btn btn-warning setting-toggle-button" id="{{ setting }}">
-                      Toggle
-                      <i class="fa fa-info"></i>
+                    <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
+                      <i class="fas fa-toggle-on"></i>&nbsp;Turn On
+                    </button>
+                  </td>
+                {% elif SETTING.get(setting) in [True] %}
+                  <td>{{ SETTING.get(setting)|display_setting_state }}</td>
+                  <td width="6%">
+                    <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
+                      <i class="fas fa-toggle-off"></i>&nbsp;Turn Off
                     </button>
                   </td>
                 {% else %}
@@ -58,9 +70,8 @@ <h3 class="card-title">Basic Settings</h3>
                     <input name="value" id="value" value="{{ SETTING.get(setting) }}">
                   </td>
                   <td width="6%">
-                    <button type="button" class="btn btn-warning setting-save-button" id="{{ setting }}">
-                      Save
-                      <i class="fa fa-info"></i>
+                    <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
+                      <i class="fas fa-save"></i>&nbsp;Save
                     </button>
                   </td>
                 {% endif %}
@@ -73,32 +84,33 @@ <h3 class="card-title">Basic Settings</h3>
   </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up history data table
     $("#tbl_settings").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
+      "paging": false,
+      "lengthChange": false,
+      "searching": true,
+      "ordering": true,
+      "info": true,
+      "autoWidth": false
     });
     $(document.body).on('click', '.setting-toggle-button', function () {
-        var setting = $(this).prop('id');
-        applyChanges({
-            '_csrf_token': '{{ csrf_token() }}'
-        }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
+      var setting = $(this).prop('id');
+      applyChanges({
+        '_csrf_token': '{{ csrf_token() }}'
+      }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
     });
 
     $(document.body).on('click', '.setting-save-button', function () {
-        var setting = $(this).prop('id');
-        var value = $(this).parents('tr').find('#value')[0].value;
-        var postdata = {
-            'value': value,
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
+      var setting = $(this).prop('id');
+      var value = $(this).parents('tr').find('#value')[0].value;
+      var postdata = {
+        'value': value,
+        '_csrf_token': '{{ csrf_token() }}'
+      };
+      applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
     });
-</script>
-{% endblock %}
+  </script>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index 08b42f12c..2b1f7ef21 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -1,93 +1,108 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>PDNS Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<div class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">PDNS</li>
-    </ol>
-</div>
+  <title>
+    PDNS Settings - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>PowerDNS Authoritative Server</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - PowerDNS Authoritative Server</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
 {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">PDNS Settings</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" data-toggle="validator">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            Please complete your PowerDNS API configuration before continuing
-                        </div>
-                        {% endif %}
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_api_url">PDNS API URL</label>
-                            <input type="url" class="form-control" placeholder="PowerDNS API url" name="pdns_api_url"
-                                data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_api_key">PDNS API KEY</label>
-                            <input type="password" class="form-control" placeholder="PowerDNS API key"
-                                name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
-                                value="{{ pdns_api_key }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_version">PDNS VERSION</label>
-                            <input type="text" class="form-control" placeholder="PowerDNS version" name="pdns_version"
-                                data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
-                    </div>
-                </form>
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-4">
+          <div class="card card-primary">
+            <div class="card-header with-border">
+              <h3 class="card-title">PDNS Settings</h3>
             </div>
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help</h3>
+            <form role="form" method="post" data-toggle="validator">
+              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+              <div class="card-body">
+                {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
+                  <div class="alert alert-danger alert-dismissible">
+                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                    <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                    Please complete your PowerDNS API configuration before continuing
+                  </div>
+                {% endif %}
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_api_url">PowerDNS API URL</label>
+                  <input type="url" class="form-control" placeholder="PowerDNS API URL" name="pdns_api_url"
+                  data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
+                  <span class="help-block with-errors"></span>
+                </div>
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_api_key">PowerDNS API Key</label>
+                  <input type="password" class="form-control" placeholder="PowerDNS API Key"
+                  name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
+                  value="{{ pdns_api_key }}">
+                  <span class="help-block with-errors"></span>
                 </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <p>You must configure the API connection information before PowerDNS-Admin can query your
-                            PowerDNS data. Following fields are required:</p>
-                        <dt>PDNS API URL</dt>
-                        <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
-                        <dt>PDNS API KEY</dt>
-                        <dd>Your PowerDNS API key.</dd>
-                        <dt>PDNS VERSION</dt>
-                        <dd>Your PowerDNS version number (eg. 4.1.1).</dd>
-                    </dl>
-                    <p>Find more details at <a
-                            href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
-                    </p>
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_version">PowerDNS Version</label>
+                  <input type="text" class="form-control" placeholder="PowerDNS Version" name="pdns_version"
+                  data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
+                  <span class="help-block with-errors"></span>
                 </div>
+              </div>
+              <div class="card-footer">
+                <button type="submit" class="btn btn-primary"><i class="fas fa-save"></i>&nbsp;Update</button>
+              </div>
+            </form>
+          </div>
+        </div>
+        <div class="col-8">
+          <div class="card card-primary">
+            <div class="card-header with-border">
+              <h3 class="card-title">Help</h3>
+            </div>
+            <div class="card-body">
+              <dl class="dl-horizontal">
+                <p>You must configure the API connection information before PowerDNS-Admin can query your
+                  PowerDNS data. Following fields are required:</p>
+                <dt>PowerDNS API URL</dt>
+                <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
+                <dt>PowerDNS API Key</dt>
+                <dd>Your PowerDNS API key.</dd>
+                <dt>PowerDNS Version</dt>
+                <dd>Your PowerDNS version number (eg. 4.1.1).</dd>
+              </dl>
+              <p>Find more details at
+                <a href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
+              </p>
             </div>
+          </div>
         </div>
+      </div>
     </div>
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-{% assets "js_validation" -%}
-<script type="text/javascript" src="{{ ASSET_URL }}"></script>
-{%- endassets %}
+  {% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_records.html b/powerdnsadmin/templates/admin_setting_records.html
index b4c920bc0..0803e412d 100644
--- a/powerdnsadmin/templates/admin_setting_records.html
+++ b/powerdnsadmin/templates/admin_setting_records.html
@@ -1,83 +1,99 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>DNS Records Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Records</li>
-    </ol>
-</section>
+  <title>
+    DNS Records Settings - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>Records</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - Records </li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-5">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">DNS record Settings</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        <table class="table table-bordered">
-                            <tr>
-                                <th style="width: 10px">#</th>
-                                <th style="width: 40px">Record</th>
-                                <th>Forward Zone</th>
-                                <th>Reverse Zone</th>
-                            </tr>
-                            {% for record in f_records %}
-                            <tr>
-                                <td>{{ loop.index }}</td>
-                                <td>{{ record }}</td>
-                                <td>
-                                    <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
-                                        class="checkbox" {% if f_records[record] %}checked{% endif %}>
-                                </td>
-                                <td>
-                                    <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
-                                        class="checkbox" {% if r_records[record] %}checked{% endif %}>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </table>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
-                    </div>
-                </form>
+      <div class="col-5">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">DNS record Settings</h3>
+          </div>
+          <form role="form" method="post">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              <table class="table table-bordered">
+                <tr>
+                  <th style="width: 10px">#</th>
+                  <th style="width: 40px">Record</th>
+                  <th>Forward Zone</th>
+                  <th>Reverse Zone</th>
+                </tr>
+                {% for record in f_records %}
+                  <tr>
+                    <td>{{ loop.index }}</td>
+                    <td>{{ record }}</td>
+                    <td>
+                      <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
+                      class="checkbox" {% if f_records[record] %}checked{% endif %}>
+                    </td>
+                    <td>
+                      <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
+                      class="checkbox" {% if r_records[record] %}checked{% endif %}>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </table>
             </div>
-        </div>
-        <div class="col-md-7">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help</h3>
-                </div>
-                <div class="box-body">
-                    <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
-                        <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
-                        full list of supported record types.</p>
-                </div>
+            <div class="card-footer">
+              <button type="submit" class="btn btn-flat btn-primary">Update</button>
             </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-7">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Help</h3>
+          </div>
+          <div class="card-body">
+            <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
+              <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
+              full list of supported record types.
+            </p>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     $('.checkbox').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        increaseArea: '20%'
+      checkboxClass: 'icheckbox_square-blue',
+      increaseArea: '20%'
     })
-</script>
+  </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 6c4a81aa3..49e4d3044 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -137,7 +137,7 @@
         <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
           <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
             <i class="nav-icon fas fa-info-circle"></i>
-            <p>PDNS</p>
+            <p>PowerDNS Info</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
@@ -201,7 +201,7 @@
               <li class="nav-item">
                 <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
                   <i class="nav-icon far fa-circle"></i>
-                  <p>PDNS</p>
+                  <p>PowerDNS Connection</p>
                 </a>
               </li>
               <li class="nav-item">
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index aca87ad6c..888d05d1e 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -36,7 +36,7 @@ <h1 class="m-0 text-dark">
       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
         <div class="row">
           <div class="col-3">
-            <div class="card">
+            <div class="card shadow card-outline card-secondary">
               <div class="card-header">
                 <h3 class="card-title">Statistics</h3>
               </div>
@@ -104,7 +104,7 @@ <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3
             </div>
           </div>
           <div class="col-9">
-            <div class="card">
+            <div class="card shadow card-outline card-secondary">
               <div class="card-header">
                 <h3 class="card-title">Recent History</h3>
               </div>
@@ -151,35 +151,34 @@ <h3 class="card-title">Recent History</h3>
           </div>
         </div>
       {% endif %}
-      <!--SYBPATCH START-->
-      <row>
-        <div class="nav-tabs-custom">
-          <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
-            <li class="nav-link">
-              <a href="#tab_{{custom_boxes.order[0]}}"data-toggle="pill" role="tab">
-                Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
-              </a>
-            </li>
-            {% for boxId in custom_boxes.order[1:] %}
-              <li class="nav-link" >
-                <a href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
-              </li>
-            {% endfor %}
-          </ul>
-          <div class="tab-content">
-            {% for boxId in custom_boxes.order %}
-              <div class="tab-pane" id='tab_{{boxId}}'>
-                <div class="row">
-                  <div class="col-12">
-                    <div class="card">
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow card-outline card-secondary">
+            <div class="card-header">
+              <div class="nav-tabs-custom">
+                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+                  <li class="nav-item">
+                    <a class="nav-link active" href="#tab_{{custom_boxes.order[0]}}" data-toggle="pill" role="tab">
+                      Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
+                    </a>
+                  </li>
+                  {% for boxId in custom_boxes.order[1:] %}
+                    <li class="nav-item" >
+                      <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
+                    </li>
+                  {% endfor %}
+                </ul>
+                <div class="tab-content">
+                  {% for boxId in custom_boxes.order %}
+                    <div class="tab-pane" id='tab_{{boxId}}'>
                       <div class="card-header">
-                        <h3 class="card-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
-                          {% if show_bg_domain_button %}
-                            <button type="button" class="btn btn-primary refresh-bg-button float-right">
-                              <i class="fas fa-sync"></i>
-                              &nbsp;Sync domains
-                            </button>
-                          {% endif %}
+                        <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
+                        {% if show_bg_domain_button %}
+                          <button type="button" class="btn btn-primary refresh-bg-button float-right">
+                            <i class="fas fa-sync"></i>
+                            &nbsp;Sync domains
+                          </button>
+                        {% endif %}
                       </div>
                       <div class="card-body">
                         <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
@@ -191,23 +190,22 @@ <h3 class="card-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></
                               <th>Serial</th>
                               <th>Master</th>
                               <th>Account</th>
-                              <th>Action</th>
+                              <th>Actions</th>
                             </tr>
                           </thead>
                           <tbody>
                           </tbody>
                         </table>
                       </div>
-                  </div>
-                </div>
+                    </div>
+                  {% endfor %}
                 </div>
               </div>
-            {% endfor %}
-          </div><!-- /.tab-content -->
-        </div><!-- custom tabs -->
-        <!--SYBPATCH END-->
-      </row>
-  </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
   </section>
 {% endblock %}
 
@@ -217,7 +215,7 @@ <h3 class="card-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></
     function setUpDomainList(id ,url){
         $(id).DataTable({
             "paging" : true,
-            "lengthChange" : false,
+            "lengthChange" : true,
             language: {
                 searchPlaceholder: "Use ^ and $ for start and end",
             },
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index d5003bc40..2e233d349 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -33,8 +33,8 @@ <h1 class="m-0 text-dark">
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-md-4">
-        <div class="card card-outline card-secondary">
+      <div class="col-4">
+        <div class="card shadow card-outline card-secondary">
           <div class="card-header with-border">
             <h3 class="card-title">Create new domain</h3>
           </div>
@@ -128,8 +128,8 @@ <h3 class="card-title">Create new domain</h3>
           </form>
         </div>
       </div>
-      <div class="col-md-8">
-        <div class="card card-outline card-secondary">
+      <div class="col-8">
+        <div class="card shadow card-outline card-secondary">
           <div class="card-header with-border">
             <h3 class="card-title">Help with creating a new domain</h3>
           </div>
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 27b5bc44d..056fa28b4 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -1,5 +1,10 @@
 {% extends "base.html" %}
-{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
 <div class="content-header">
@@ -31,7 +36,7 @@ <h1 class="m-0 text-dark">
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-xs-12">
+      <div class="col-12">
         <div class="card">
           <div class="card-body">
             <button type="button" class="btn btn-primary pull-left button_show_records" id="{{ domain.name }}">
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 5c20f132f..2dccd6fa6 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -33,9 +33,9 @@ <h1 class="m-0 text-dark">
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-md-4">
-        <div class="card card-outline card-secondary">
-          <div class="card-header with-border">
+      <div class="col-4">
+        <div class="card shadow card-outline card-secondary">
+          <div class="card-header">
             <h3 class="card-title">Remove domain</h3>
           </div>
           <form role="form" method="post" action="{{ url_for('domain.remove') }}">
@@ -58,9 +58,9 @@ <h3 class="card-title">Remove domain</h3>
           </form>
         </div>
       </div>
-      <div class="col-md-8">
-        <div class="card card-outline card-secondary">
-          <div class="card-header with-border">
+      <div class="col-8">
+        <div class="card shadow card-outline card-secondary">
+          <div class="card-header">
             <h3 class="card-title">Help with removing a new domain</h3>
           </div>
           <div class="card-body">
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 91358c89f..21d49b636 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -1,7 +1,13 @@
 {% extends "base.html" %}
-{% block title %}<title>Domain Management - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Domain Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
+
 {% if status %}
 {% if status.get('status') == 'ok' %}
 <div class="alert alert-success">
@@ -31,7 +37,7 @@ <h1>
 {% block content %}
 <section class="content">
     <div class="row">
-        <div class="col-xs-12">
+        <div class="col-12">
             <div class="box">
                 <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index e5001b412..631d54bfa 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -28,99 +28,122 @@
         </div>
         <div class="card-body">
           {% if error %}
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              {{ error }}
-            </div>
+          <div class="alert alert-danger alert-dismissible">
+            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+            {{ error }}
+          </div>
           {% endif %}
           <p class="login-box-msg">Enter your personal details below</p>
-          <form action="{{ url_for('index.register') }}" method="post" class="needs-validation" novalidate>
+          <form action="{{ url_for('index.register') }}" method="post" novalidate>
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
             
-            <div class="input-group mb-3">
-              <input type="text" class="form-control" placeholder="First Name" name="firstname" id="firstname" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-user"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please input your first name
+                <input type="text" class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}" placeholder="First Name" name="firstname" id="firstname" value="{{ request.form.firstname }}" required>
+                {% if 'firstname' in error_messages %}
+                  <div class="invalid-feedback">
+                    {{ error_messages['firstname'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
 
-            <div class="input-group mb-3">
-              <input type="text" class="form-control" placeholder="Last name" name="lastname" id="lastname" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-user"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please input your last name
+                <input type="text" class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}" placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}" required>
+                {% if 'lastname' in error_messages %}
+                  <div class="invalid-feedback">
+                    {{ error_messages['lastname'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
 
-            <div class="input-group mb-3">
-              <input type="email" class="form-control" placeholder="Email" name="email" id="email" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-envelope"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-envelope"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please input a valid email address
+                <input type="email" class="form-control {{ 'is-invalid' if 'email' in error_messages else '' }}" placeholder="Email" name="email" id="email" value="{{ request.form.email }}" required>
+                {% if 'email' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['email'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
 
             <p class="login-box-msg">Enter your account details below</p>
 
-            <div class="input-group mb-3">
-              <input type="text" class="form-control" placeholder="Username" name="username" id="username" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-user"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please input desired username
+                <input type="text" class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}" placeholder="Username" name="username" id="username" value="{{ request.form.username }}" required>
+                {% if 'email' in error_messages %}
+                  <div class="invalid-feedback">
+                    {{ error_messages['username'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
 
-            <div class="input-group mb-3">
-              <input type="password" class="form-control" placeholder="Password" id="password" name="password" id="password" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-lock"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-lock"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please input desired username
+                <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}" placeholder="Password" id="password" name="password" required>
+                {% if 'email' in error_messages %}
+                  <div class="invalid-feedback">
+                    {{ error_messages['password'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
 
-
-          <div class="form-group has-feedback">
-            <input type="password" class="form-control" placeholder="Retype password" name="rpassword" data-match="#password" data-match-error="Password confirmation does not match" required>
-            <span class="fas fa-lock form-control-feedback"></span>
-            <span class="help-block with-errors"></span>
-          </div>
-
-          {% if captcha_enable %}
-            <div class="input-group mb-3">
-              <p class="login-box-msg">Please complete the CAPTCHA below</p>
-              {{ captcha() }}
-              <br>
-              <input type="text" class="form-control" placeholder="CAPTCHA" id="captcha" name="captcha" required>
-              <div class="input-group-append">
-                <div class="input-group-text">
-                  <span class="fas fa-lock"></span>
+            <div class="form-group">
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-lock"></i>
+                  </span>
                 </div>
-              </div>
-              <div class="invalid-feedback">
-                Please complete the CAPTCHA
+                <input type="password" class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}" placeholder="Retype password" id="rpassword" name="rpassword" required>
+                {% if 'rpassword' in error_messages %}
+                  <div class="invalid-feedback">
+                    {{ error_messages['rpassword'] }}
+                  </div>
+                {% endif %}
               </div>
             </div>
+
+            {% if captcha_enable %}
+            <p class="login-box-msg">Please complete the CAPTCHA below</p>
+            <div class="form-group has-feedback">
+              {{ captcha() }}
+              <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha"
+                data-error="Please complete the CAPTCHA" required>
+              <span class="help-block with-errors"></span>
+            </div>
           {% endif %}
 
           <div class="row">
@@ -133,7 +156,7 @@
           </div>
         </form>
       </div>
-      <div class="login--footer">
+      <div class="login-box-footer">
         <center>
           <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
         </center>
@@ -151,24 +174,6 @@
           window.location.href = '{{ url_for('index.login') }}';
         })
       });
-      (function() {
-  'use strict';
-  window.addEventListener('load', function() {
-    // Fetch all the forms we want to apply custom Bootstrap validation styles to
-    var forms = document.getElementsByClassName('needs-validation');
-    // Loop over them and prevent submission
-    var validation = Array.prototype.filter.call(forms, function(form) {
-      form.addEventListener('submit', function(event) {
-        if (form.checkValidity() === false) {
-          event.preventDefault();
-          event.stopPropagation();
-        }
-        form.classList.add('was-validated');
-      }, false);
-    });
-  }, false);
-})();
-
     </script>
   </body>
 </html>
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index 586874a32..a37187e8a 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -1,108 +1,121 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Templates - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-  <h1>
-    Templates
-    <small>List</small>
-  </h1>
-  <ol class="breadcrumb">
-    <li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
-    <li class="active">List</li>
-  </ol>
-</section>
+{% block title %}
+  <title>
+    Templates - {{ SITE_NAME }}
+  </title>
 {% endblock %}
-{% block content %}
-<!-- Main content -->
-<section class="content">
-  {% with errors = get_flashed_messages(category_filter=["error"]) %} {% if errors %}
-  <div class="row">
-    <div class="col-md-12">
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        <h4>
-          <i class="icon fa fa-ban"></i> Error!
-        </h4>
-        <div class="alert-message block-message error">
-          <a class="close" href="#">x</a>
-          <ul>
-            {%- for msg in errors %}
-            <li>{{ msg }}</li> {% endfor -%}
-          </ul>
-        </div>
+
+{% block dashboard_stat %}
+
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Templates
+          <small>List</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Templates - List</li>
+        </ol>
       </div>
     </div>
   </div>
-  {% endif %} {% endwith %}
-  <div class="row">
-    <div class="container-fluid">
-    <div class="col-xs-12">
-      <div class="card">
-        <div class="card-header">
-          <h3 class="card-title">Templates</h3>
-        </div>
-        <div class="card-body">
-          <a href="{{ url_for('admin.create_template') }}">
-            <button type="button" class="btn btn-flat btn-primary pull-left">
-              Create Template&nbsp;<i class="fa fa-plus"></i>
-            </button>
-          </a>
+</div>
+
+{% endblock %}
+
+{% block content %}
+<section class="content">
+  <div class="container-fluid">
+    {% with errors = get_flashed_messages(category_filter=["error"]) %}
+      {% if errors %}
+        <div class="row">
+          <div class="col-12">
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              <h4>
+                <i class="icon fa fa-ban"></i> Error!
+              </h4>
+              <div class="alert-message block-message error">
+                <a class="close" href="#">x</a>
+                <ul>
+                  {%- for msg in errors %}
+                    <li>{{ msg }}</li>
+                  {% endfor -%}
+                </ul>
+              </div>
+            </div>
+          </div>
         </div>
-        <div class="card-body">
-          <table id="tbl_template_list" class="table table-bordered table-striped">
-            <thead>
-              <tr>
-                <th>Name</th>
-                <th>Description</th>
-                <th>Number of Records</th>
-                <th width="20%">Action</th>
-              </tr>
-            </thead>
-            <tbody>
-              {% for template in templates %}
-              <tr>
-                <td>
-                  <a
-                    href="{{ url_for('admin.edit_template', template=template.name) }}"><strong>{{ template.name }}</strong></a>
-                </td>
-                <td>
-                  {{ template.description }}
-                </td>
-                <td>
-                  {{ template.records|count }}
-                </td>
-                <td>
-                  <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                    <button type="button" class="btn btn-warning button_edit" id="btn_edit">
-                      Edit&nbsp;<i class="fa fa-edit"></i>
-                    </button>
-                  </a>
-                  <button type="button" class="btn btn-danger button_delete" id="{{template.name}}">
-                    Delete&nbsp;<i class="fa fa-trash"></i>
-                  </button>
-                </td>
-              </tr>
-              {% endfor %}
-            </tbody>
-          </table>
+      {% endif %}
+    {% endwith %}
+    <div class="row">
+      <div class="col-12">
+        <div class="card shadow card-outline card-secondary">
+          <div class="card-header">
+            <h3 class="card-title">Templates</h3>
+            <a href="{{ url_for('admin.create_template') }}">
+              <button type="button" class="btn btn-primary float-right">
+                <i class="fa fa-plus"></i>&nbsp;Create Template
+              </button>
+            </a>
+          </div>
+          <div class="card-body">
+            <table id="tbl_template_list" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Description</th>
+                  <th>Number of Records</th>
+                  <th width="20%">Action</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for template in templates %}
+                  <tr>
+                    <td>
+                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
+                        <strong>{{ template.name }}</strong>
+                      </a>
+                    </td>
+                    <td>
+                      {{ template.description }}
+                    </td>
+                    <td>
+                      {{ template.records|count }}
+                    </td>
+                    <td>
+                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
+                        <button type="button" class="btn btn-warning button_edit" id="btn_edit">
+                          Edit&nbsp;<i class="fa fa-edit"></i>
+                        </button>
+                      </a>
+                      <button type="button" class="btn btn-danger button_delete" id="{{template.name}}">
+                        Delete&nbsp;<i class="fa fa-trash"></i>
+                      </button>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.box-body -->
       </div>
-      <!-- /.box -->
     </div>
-    <!-- /.col -->
-  </div>
   </div>
-  <!-- /.row -->
 </section>
-<!-- /.content -->
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-  // set up history data table
+  // set up template data table
   $("#tbl_template_list").DataTable({
     "paging": true,
     "lengthChange": true,
@@ -111,6 +124,7 @@ <h3 class="card-title">Templates</h3>
     "info": false,
     "autoWidth": false
   });
+
   // handle delete button
   $(document.body).on("click", ".button_delete", function (e) {
     var template = $(this).prop('id');
@@ -119,9 +133,9 @@ <h3 class="card-title">Templates</h3>
     }, function () {
       window.location.href = '{{ url_for('admin.templates') }}';
     });
-
   });
 </script>
 {% endblock %}
+
 {% block modals %}
-{% endblock %}
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 84f96bd76..f713d8f1b 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -1,9 +1,14 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Create Template - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Create Template - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
 <div class="content-header">
   <div class="container-fluid">
     <div class="row mb-2">
@@ -22,91 +27,88 @@ <h1 class="m-0 text-dark">
     </div>
   </div>
 </div>
-
 {% endblock %}
 
 {% block content %}
 <section class="content">
-	{% with errors = get_flashed_messages(category_filter=["error"]) %} {%
-if errors %}
-	<div class="row">
-		<div class="col-md-12">
-			<div class="alert alert-danger alert-dismissible">
-				<button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-				<h4>
-					<i class="icon fa fa-ban"></i> Error!
-				</h4>
-				<div class="alert-message block-message error">
-					<a class="close" href="#">x</a>
-					<ul>
-						{%- for msg in errors %}
-						<li>{{ msg }}</li> {% endfor -%}
-					</ul>
-				</div>
-			</div>
-		</div>
-	</div>
-	{% endif %} {% endwith %}
+  {% with errors = get_flashed_messages(category_filter=["error"]) %}
+    {% if errors %}
+      <div class="row">
+        <div class="col-12">
+          <div class="alert alert-danger alert-dismissible">
+            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+            <h4>
+              <i class="icon fa fa-ban"></i> Error!
+            </h4>
+            <div class="alert-message block-message error">
+              <a class="close" href="#">x</a>
+            <ul>
+              {%- for msg in errors %}
+                <li>{{ msg }}</li>
+              {% endfor -%}
+            </ul>
+          </div>
+        </div>
+      </div>
+    {% endif %}
+  {% endwith %}
 
-	<div class="row">
-		<div class="col-md-4">
-			<div class="box box-primary">
-				<div class="box-header with-border">
-					<h3 class="box-title">Create new template</h3>
-				</div>
-				<!-- /.box-header -->
-				<!-- form start -->
-				<form role="form" method="post" action="{{ url_for('admin.create_template') }}">
-					<input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-					<div class="box-body">
-						<div class="form-group">
-							<input type="text" class="form-control" name="name" id="name"
-								placeholder="Enter a valid template name (required)">
-						</div>
-						<div class="form-group">
-							<input type="text" class="form-control" name="description" id="description"
-								placeholder="Enter a template description (optional)">
-						</div>
-					</div>
-					<div class="box-footer">
-						<button type="submit" class="btn btn-flat btn-primary">Submit</button>
-						<button type="button" class="btn btn-flat btn-default"
-							onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
-					</div>
-				</form>
-			</div>
-			<!-- /.box -->
-		</div>
-		<div class="col-md-8">
-			<div class="box box-primary">
-				<div class="box-header with-border">
-					<h3 class="box-title">Help with creating a new template</h3>
-				</div>
-				<div class="box-body">
-					<dl class="dl-horizontal">
-						<dt>Template name</dt>
-						<dd>Enter your template name, this is the name of the template that
-							will be shown to users. The name should not have any spaces but
-							can have symbols.</dd>
-						<dt>Template description</dt>
-						<dd>Enter your template description, this is to help better
-							identify the template.</dd>
-					</dl>
-				</div>
-			</div>
-		</div>
-	</div>
+  <div class="row">
+    <div class="col-4">
+      <div class="card card-primary">
+        <div class="card-header with-border">
+          <h3 class="card-title">Create new template</h3>
+        </div>
+        <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
+          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+          <div class="box-body">
+            <div class="form-group">
+              <input type="text" class="form-control" name="name" id="name"
+                placeholder="Enter a valid template name (required)">
+            </div>
+            <div class="form-group">
+              <input type="text" class="form-control" name="description" id="description"
+                placeholder="Enter a template description (optional)">
+            </div>
+          </div>
+          <div class="box-footer">
+            <button type="submit" class="btn btn-flat btn-primary">Submit</button>
+            <button type="button" class="btn btn-flat btn-default"
+              onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
+          </div>
+        </form>
+      </div>
+    </div>
+    <div class="col-8">
+      <div class="card card-primary">
+        <div class="card-header with-border">
+          <h3 class="card-title">Help with creating a new template</h3>
+        </div>
+        <div class="card-body">
+          <dl class="dl-horizontal">
+            <dt>Template name</dt>
+            <dd>Enter your template name, this is the name of the template that
+              will be shown to users. The name should not have any spaces but
+              can have symbols.</dd>
+            <dt>Template description</dt>
+            <dd>Enter your template description, this is to help better
+              identify the template.</dd>
+          </dl>
+        </div>
+      </div>
+    </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
-	$("input[name=radio_type]").change(function () {
-		var type = $(this).val();
-		if (type == "slave") {
-			$("#domain_master_address_div").show();
-		} else {
-			$("#domain_master_address_div").hide();
-		}
-	});
+  $("input[name=radio_type]").change(function () {
+    var type = $(this).val();
+    if (type == "slave") {
+      $("#domain_master_address_div").show();
+    } else {
+      $("#domain_master_address_div").hide();
+    }
+  });
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 89faebcd2..b4281b36f 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -1,6 +1,12 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Edit Template - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Edit Template - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
 <section class="content-header">
@@ -19,7 +25,7 @@ <h1>
 {% block content %}
 <section class="content">
     <div class="row">
-        <div class="col-xs-12">
+        <div class="col-12">
             <div class="box">
                 <div class="box-header">
                     <h3 class="box-title">Manage Template Records for {{ template }}</h3>
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 327bfefd9..1ccc2454b 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -30,7 +30,7 @@ <h1 class="m-0 text-dark">
 {% block content %}
 <section class="content">
     <div class="row">
-        <div class="col-lg-12">
+        <div class="col-12">
             <div class="card card-primary">
                 <div class="card-header with-border">
                     <h3 class="card-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -

From d6605790bd0d6a45e00bbf3610d66bdc6b9b7319 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 13 Feb 2023 04:38:54 +0000
Subject: [PATCH 187/475] More navigation Header Changes "container-fluid"
 aditions More button changes from flat to round and icon placement changes

---
 .../admin_setting_authentication.html         |  79 +++++-----
 powerdnsadmin/templates/domain_setting.html   | 145 ++++++++++--------
 powerdnsadmin/templates/template.html         |   4 +-
 powerdnsadmin/templates/template_add.html     | 113 +++++++-------
 powerdnsadmin/templates/template_edit.html    |  59 ++++---
 powerdnsadmin/templates/user_profile.html     |   4 +-
 6 files changed, 218 insertions(+), 186 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 0509cbb5b..e0e3a3f40 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1,9 +1,14 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>Authentication Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
+  <title>
+    Authentication Settings - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
   <div class="content-header">
     <div class="container-fluid">
       <div class="row mb-2">
@@ -19,45 +24,28 @@ <h1 class="m-0 text-dark">
             <li class="breadcrumb-item">Settings</li>
             <li class="breadcrumb-item active">Authentication</li>
           </ol>
-          <script>
-            function ldapSelection() {
-                if (document.getElementById('ldap').checked) {
-                    document.getElementById('ldap_openldap_fields').style.display = 'block';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                    document.getElementById('ldap_ad_fields').style.display = 'none';
-                } else {
-                    document.getElementById('ldap_openldap_fields').style.display = 'none';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                    document.getElementById('ldap_ad_fields').style.display = 'block';
-                }
-            }
-    
-            window.onload = function() {
-                ldapSelection();
-            }
-        </script>
         </div>
       </div>
     </div>
   </div>
-
 {% endblock %}
+
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-lg-12">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Authentication Settings</h3>
+        <div class="col-12">
+            <div class="card shadow">
+                <div class="card-header">
+                    <h3 class="card-title">Authentication Settings</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     {% if result %}
                     <div class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif%} alert-dismissible">
                         <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                         {{ result['msg'] }}
                     </div>
                     {% endif %}
-                    <!-- Custom Tabs -->
                     <div class="nav-tabs-custom" id="tabs">
                         <ul class="nav nav-tabs">
                             <li class="active"><a href="#tabs-general" data-toggle="tab">General</a></li>
@@ -88,7 +76,7 @@ <h3 class="box-title">Authentication Settings</h3>
                             </div>
                             <div class="tab-pane" id="tabs-ldap">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         {% if error %}
                                                 <div class="alert alert-danger alert-dismissible">
                                                     <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
@@ -249,7 +237,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <dl class="dl-horizontal">
                                             <dt>Enable LDAP Authentication</dt>
@@ -343,7 +331,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-google">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="google" name="config_tab" />
@@ -392,7 +380,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                         <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
@@ -401,7 +389,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-github">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="github" name="config_tab" />
@@ -450,7 +438,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -458,7 +446,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-azure">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="azure" name="config_tab" />
@@ -572,7 +560,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                         <p>You first need to define an Application Registration in your Azure Active Directory, with the appropriate HTTPS URL for this endpoint, and with the appropriate rights, as explained in the documentation.</p>
@@ -594,7 +582,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-oidc">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="oidc" name="config_tab" />
@@ -681,7 +669,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -693,14 +681,31 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
             </div>
         </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 {% assets "js_validation" -%}
   <script type="text/javascript" src="{{ ASSET_URL }}"></script>
 {%- endassets %}
 
 <script>
+            function ldapSelection() {
+                if (document.getElementById('ldap').checked) {
+                    document.getElementById('ldap_openldap_fields').style.display = 'block';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
+                    document.getElementById('ldap_ad_fields').style.display = 'none';
+                } else {
+                    document.getElementById('ldap_openldap_fields').style.display = 'none';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
+                    document.getElementById('ldap_ad_fields').style.display = 'block';
+                }
+            }
+    
+            window.onload = function() {
+                ldapSelection();
+            }
     
     $(function() {
         $('#tabs').tabs({
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 21d49b636..364b938ed 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -9,44 +9,58 @@
 {% block dashboard_stat %}
 
 {% if status %}
-{% if status.get('status') == 'ok' %}
-<div class="alert alert-success">
-    <strong>Success!</strong> {{ status.get('msg') }}
-</div>
-{% elif status.get('status') == 'error' %}
-<div class="alert alert-danger">
-    {% if status.get('msg') != None %}
-    <strong>Error!</strong> {{ status.get('msg') }}
-    {% else %}
-    <strong>Error!</strong> An undefined error occurred.
-    {% endif %}
-</div>
-{% endif %}
+  {% if status.get('status') == 'ok' %}
+    <div class="alert alert-success">
+      <strong>Success!</strong> {{ status.get('msg') }}
+    </div>
+  {% elif status.get('status') == 'error' %}
+    <div class="alert alert-danger">
+      {% if status.get('msg') != None %}
+        <strong>Error!</strong>
+        {{ status.get('msg') }}
+      {% else %}
+        <strong>Error!</strong>
+        An undefined error occurred.
+      {% endif %}
+    </div>
+  {% endif %}
 {% endif %}
-<section class="content-header">
-    <h1>
-        Manage domain <small>{{ domain.name | pretty_domain_name }}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Domain Management</li>
-    </ol>
-</section>
+
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Domain Settings
+          <small>{{ domain.name | pretty_domain_name }}</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Domain Settings: {{ domain.name | pretty_domain_name }}</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
+
 {% endblock %}
 
 {% block content %}
 <section class="content">
+    <div class="container-fluid">
     <div class="row">
         <div class="col-12">
-            <div class="box">
+            <div class="card">
                 <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-header">
-                        <h3 class="box-title">Domain Access Control</h3>
+                    <div class="card-header">
+                        <h3 class="card-title">Domain Access Control</h3>
                     </div>
-                    <div class="box-body">
+                    <div class="card-body">
                         <div class="row">
-                            <div class="col-xs-2">
+                            <div class="col-2">
                                 <p>Users on the right have access to manage the records in
                                     the {{ domain.name | pretty_domain_name }} domain.</p>
                                 <p>Click on users to move from between columns.</p>
@@ -55,7 +69,7 @@ <h3 class="box-title">Domain Access Control</h3>
                                     and already have access to <b>ALL</b> domains.
                                 </p>
                             </div>
-                            <div class="form-group col-xs-2">
+                            <div class="form-group col-2">
                                 <select multiple="multiple" class="form-control" id="domain_multi_user"
                                     name="domain_multi_user[]">
                                     {% for user in users %}
@@ -66,10 +80,10 @@ <h3 class="box-title">Domain Access Control</h3>
                                 </select>
                             </div>
                         </div>
-                        <div class="box-body">
-                            <div class="col-xs-offset-2">
+                        <div class="card-body">
+                            <div class="col-offset-2">
                                 <div class="form-group">
-                                    <button type="submit" class="btn btn-flat btn-primary"><i class="fa fa-check"></i>
+                                    <button type="submit" class="btn btn-primary"><i class="fa fa-check"></i>
                                         Save</button>
                                 </div>
                             </div>
@@ -80,13 +94,13 @@ <h3 class="box-title">Domain Access Control</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Account</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Account</h3>
                 </div>
-                <div class="box-body">
-                    <div class="col-xs-12">
+                <div class="card-body">
+                    <div class="col-12">
                         <div class="form-group">
                             <form method="post"
                                 action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
@@ -110,12 +124,12 @@ <h3 class="box-title">Account</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Auto PTR creation</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Auto PTR creation</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="auto_ptr_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked{% endif %}{% endfor %}
                             {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
@@ -129,12 +143,12 @@ <h3 class="box-title">Auto PTR creation</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">DynDNS 2 Settings</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">DynDNS 2 Settings</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="dyndns_on_demand_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked{% endif %}{% endfor %}>
                         &nbsp;Allow on-demand creation of records via DynDNS updates?</p>
@@ -143,12 +157,12 @@ <h3 class="box-title">DynDNS 2 Settings</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Change Type</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Change Type</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
                     <ul>
                         <li>
@@ -178,7 +192,7 @@ <h3 class="box-title">Change Type</h3>
                                 id="domain_master_address"
                                 placeholder="Enter valid master ip addresses (separated by commas)">
                         </div>
-                        <button type="submit" class="btn btn-flat btn-primary" id="change_type">
+                        <button type="submit" class="btn btn-primary" id="change_type">
                             <i class="fa fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
@@ -187,12 +201,12 @@ <h3 class="box-title">Change Type</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Change SOA-EDIT-API</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Change SOA-EDIT-API</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is made
                         to the domain.</p>
                     <ul>
@@ -221,7 +235,7 @@ <h3 class="box-title">Change SOA-EDIT-API</h3>
                             <option>EPOCH</option>
                             <option>OFF</option>
                         </select><br />
-                        <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
+                        <button type="submit" class="btn btn-primary" id="change_soa_edit_api">
                             <i class="fa fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
@@ -230,16 +244,16 @@ <h3 class="box-title">Change SOA-EDIT-API</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Domain Deletion</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Domain Deletion</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All records and
                         user privileges associated with this domain will also be removed. This change cannot be
                         reverted.</p>
-                    <button type="button" class="btn btn-flat btn-danger pull-left delete_domain"
+                    <button type="button" class="btn btn-danger pull-left delete_domain"
                         id="{{ domain.name }}">
                         <i class="fa fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
                     </button>
@@ -247,6 +261,7 @@ <h3 class="box-title">Domain Deletion</h3>
             </div>
         </div>
     </div>
+    </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index a37187e8a..08d2d28b4 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -94,11 +94,11 @@ <h3 class="card-title">Templates</h3>
                     <td>
                       <a href="{{ url_for('admin.edit_template', template=template.name) }}">
                         <button type="button" class="btn btn-warning button_edit" id="btn_edit">
-                          Edit&nbsp;<i class="fa fa-edit"></i>
+                          <i class="fa fa-edit"></i>&nbsp;Edit
                         </button>
                       </a>
                       <button type="button" class="btn btn-danger button_delete" id="{{template.name}}">
-                        Delete&nbsp;<i class="fa fa-trash"></i>
+                        <i class="fa fa-trash"></i>&nbsp;Delete
                       </button>
                     </td>
                   </tr>
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index f713d8f1b..0120ebc64 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -31,69 +31,70 @@ <h1 class="m-0 text-dark">
 
 {% block content %}
 <section class="content">
-  {% with errors = get_flashed_messages(category_filter=["error"]) %}
-    {% if errors %}
-      <div class="row">
-        <div class="col-12">
-          <div class="alert alert-danger alert-dismissible">
-            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-            <h4>
-              <i class="icon fa fa-ban"></i> Error!
-            </h4>
-            <div class="alert-message block-message error">
-              <a class="close" href="#">x</a>
-            <ul>
-              {%- for msg in errors %}
-                <li>{{ msg }}</li>
-              {% endfor -%}
-            </ul>
+  <div class="container-fluid">
+    {% with errors = get_flashed_messages(category_filter=["error"]) %}
+      {% if errors %}
+        <div class="row">
+          <div class="col-12">
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              <h4>
+                <i class="icon fa fa-ban"></i> Error!
+              </h4>
+              <div class="alert-message block-message error">
+                <a class="close" href="#">x</a>
+              <ul>
+                {%- for msg in errors %}
+                  <li>{{ msg }}</li>
+                {% endfor -%}
+              </ul>
+            </div>
           </div>
         </div>
-      </div>
-    {% endif %}
-  {% endwith %}
-
-  <div class="row">
-    <div class="col-4">
-      <div class="card card-primary">
-        <div class="card-header with-border">
-          <h3 class="card-title">Create new template</h3>
-        </div>
-        <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
-          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-          <div class="box-body">
-            <div class="form-group">
-              <input type="text" class="form-control" name="name" id="name"
+      {% endif %}
+    {% endwith %}
+    <div class="row">
+      <div class="col-4">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Create new template</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="box-body">
+              <div class="form-group">
+                <input type="text" class="form-control" name="name" id="name"
                 placeholder="Enter a valid template name (required)">
-            </div>
-            <div class="form-group">
-              <input type="text" class="form-control" name="description" id="description"
+              </div>
+              <div class="form-group">
+                <input type="text" class="form-control" name="description" id="description"
                 placeholder="Enter a template description (optional)">
+              </div>
             </div>
-          </div>
-          <div class="box-footer">
-            <button type="submit" class="btn btn-flat btn-primary">Submit</button>
-            <button type="button" class="btn btn-flat btn-default"
+            <div class="card-footer">
+              <button type="submit" class="btn btn-primary">Submit</button>
+              <button type="button" class="btn btn-default"
               onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
-          </div>
-        </form>
-      </div>
-    </div>
-    <div class="col-8">
-      <div class="card card-primary">
-        <div class="card-header with-border">
-          <h3 class="card-title">Help with creating a new template</h3>
+            </div>
+          </form>
         </div>
-        <div class="card-body">
-          <dl class="dl-horizontal">
-            <dt>Template name</dt>
-            <dd>Enter your template name, this is the name of the template that
-              will be shown to users. The name should not have any spaces but
-              can have symbols.</dd>
-            <dt>Template description</dt>
-            <dd>Enter your template description, this is to help better
-              identify the template.</dd>
-          </dl>
+      </div>
+      <div class="col-8">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">Help with creating a new template</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Template name</dt>
+              <dd>Enter your template name, this is the name of the template that
+                will be shown to users. The name should not have any spaces but
+                can have symbols.</dd>
+              <dt>Template description</dt>
+              <dd>Enter your template description, this is to help better
+                identify the template.</dd>
+            </dl>
+          </div>
         </div>
       </div>
     </div>
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index b4281b36f..263217200 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -9,36 +9,44 @@
 {% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Edit template <small>{{ template }}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
-                class="fa fa-dashboard"></i> Home</a></li>
-        <li>Templates</li>
-        <li class="active">{{ template }}</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Template Edit
+            <small>{{ template }}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+            <li class="breadcrumb-item active">Template Edit: {{ template }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
         <div class="col-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Manage Template Records for {{ template }}</h3>
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                 </div>
-                <div class="box-body">
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ template }}">
-                        Add Record&nbsp;<i class="fa fa-plus"></i>
+                <div class="card-body">
+                    <button type="button" class="btn btn-primary pull-left button_add_record" id="{{ template }}">
+                        <i class="fa fa-plus"></i>&nbsp;Add Record
                     </button>
-                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ template }}">
-                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
+                    <button type="button" class="btn btn-primary pull-right button_apply_changes" id="{{ template }}">
+                        <i class="fa fa-save"></i>&nbsp;Apply Changes
                     </button>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <table id="tbl_records" class="table table-bordered table-striped">
                         <thead>
                             <tr>
@@ -75,17 +83,17 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
                                         {{ record.comment }}
                                     </td>
                                     <td width="6%">
-                                         <button type="button" class="btn btn-flat btn-warning button_edit">
-                                            Edit&nbsp;<i class="fa fa-edit"></i>
+                                         <button type="button" class="btn btn-warning button_edit">
+                                            <i class="fa fa-edit"></i>&nbsp;Edit
                                         </button>
                                     </td>
                                     <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-danger button_delete">
-                                            Delete&nbsp;<i class="fa fa-trash"></i>
+                                        <button type="button" class="btn btn-danger button_delete">
+                                            <i class="fa fa-trash"></i>&nbsp;Delete
                                         </button>
                                     </td>
                                     <td>
-                                    	{{ record.id }}
+                                      {{ record.id }}
                                     </td>
                                     </td>
                                 </tr>
@@ -96,6 +104,7 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
             </div>
         </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 1ccc2454b..2b1b476b1 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -29,6 +29,7 @@ <h1 class="m-0 text-dark">
 
 {% block content %}
 <section class="content">
+    <div class="container-fluid">
     <div class="row">
         <div class="col-12">
             <div class="card card-primary">
@@ -70,7 +71,7 @@ <h3 class="card-title">Edit my profile{%  if session['authentication_type'] != '
                                             {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
                                     </div>{%  if session['authentication_type'] == 'LOCAL' %}
                                     <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
+                                        <button type="submit" class="btn btn-primary">Submit</button>
                                     </div>{% endif %}
                                 </form>
                             </div>
@@ -139,6 +140,7 @@ <h3 class="card-title">Edit my profile{%  if session['authentication_type'] != '
             </div>
         </div>
     </div>
+    </div>
 </section>
 {% endblock %}
 {% block extrascripts %}

From 16d7a4f71ea6be12b57ec2f5d76b5a9c88a5b863 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 13 Feb 2023 04:43:06 +0000
Subject: [PATCH 188/475] Add shadow element to some cards

---
 powerdnsadmin/templates/admin_pdns_stats.html   | 4 ++--
 powerdnsadmin/templates/admin_setting_pdns.html | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index bc4983194..1c5112913 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -34,7 +34,7 @@ <h1 class="m-0 text-dark">
     <div class="container-fluid">
       <div class="row">
         <div class="col-12">
-          <div class="card">
+          <div class="card shadow">
             <div class="card-header">
               <h3 class="card-title">PowerDNS Server Statistics</h3>
             </div>
@@ -66,7 +66,7 @@ <h3 class="card-title">PowerDNS Server Statistics</h3>
       </div>
       <div class="row">
         <div class="col-12">
-          <div class="card">
+          <div class="card shadow">
             <div class="card-header">
               <h3 class="card-title">PowerDNS Server Configuration</h3>
             </div>
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index 2b1f7ef21..e709350bb 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -34,8 +34,8 @@ <h1 class="m-0 text-dark">
     <div class="container-fluid">
       <div class="row">
         <div class="col-4">
-          <div class="card card-primary">
-            <div class="card-header with-border">
+          <div class="card shadow">
+            <div class="card-header">
               <h3 class="card-title">PDNS Settings</h3>
             </div>
             <form role="form" method="post" data-toggle="validator">
@@ -75,8 +75,8 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
           </div>
         </div>
         <div class="col-8">
-          <div class="card card-primary">
-            <div class="card-header with-border">
+          <div class="card shadow">
+            <div class="card-header">
               <h3 class="card-title">Help</h3>
             </div>
             <div class="card-body">

From 187b55e23a2236593866dd4da31fad132372c80d Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 8 Feb 2023 17:03:35 +0200
Subject: [PATCH 189/475] Patch API record update/delete logging to match
 current logging format

---
 powerdnsadmin/routes/api.py | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 3df31e18e..0844c32c8 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -1119,14 +1119,16 @@ def api_zone_forward(server_id, zone_id):
         if Setting().get('enable_api_rr_history'):
             if request.method in ['POST', 'PATCH']:
                 data = request.get_json(force=True)
-                for rrset_data in data['rrsets']:
-                    history = History(msg='{0} zone {1} record of {2}'.format(
-                        rrset_data['changetype'].lower(), rrset_data['type'],
-                        rrset_data['name'].rstrip('.')),
-                                    detail=json.dumps(data),
-                                    created_by=g.apikey.description,
-                                    domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
-                    history.add()
+                history = History(
+                    msg='Apply record changes to domain {0}'.format(zone_id.rstrip('.')),
+                    detail = json.dumps({
+                        'domain': zone_id.rstrip('.'),
+                        'add_rrsets': list(filter(lambda r: r['changetype'] == "REPLACE", data['rrsets'])),
+                        'del_rrsets': list(filter(lambda r: r['changetype'] == "DELETE", data['rrsets']))
+                    }),
+                    created_by=g.apikey.description,
+                    domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
+                history.add()
             elif request.method == 'DELETE':
                 history = History(msg='Deleted zone {0}'.format(zone_id.rstrip('.')),
                                   detail='',

From 7221271a7bddf4d4a5fe4852ac5f098628b9fb5b Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Mon, 13 Feb 2023 12:08:03 +0200
Subject: [PATCH 190/475] Preserve domain records history after domain
 deletion.

---
 powerdnsadmin/models/domain.py  | 11 ++++++-----
 powerdnsadmin/models/setting.py |  1 +
 powerdnsadmin/routes/admin.py   |  8 ++++++++
 3 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index ab154c147..a8b1023b6 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -548,11 +548,12 @@ def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
         domain.apikeys[:] = []
 
         # Remove history for domain
-        domain_history = History.query.filter(
-            History.domain_id == domain.id
-        )
-        if domain_history:
-           domain_history.delete()
+        if not Setting().get('preserve_history'):
+            domain_history = History.query.filter(
+                History.domain_id == domain.id
+            )
+            if domain_history:
+                domain_history.delete()
 
         # then remove domain
         Domain.query.filter(Domain.name == domain_name).delete()
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index a4016bf1a..d706842fd 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -31,6 +31,7 @@ class Setting(db.Model):
 	    'delete_sso_accounts': False,
         'bg_domain_updates': False,
         'enable_api_rr_history': True,
+        'preserve_history': False,
         'site_name': 'PowerDNS-Admin',
         'site_url': 'http://localhost:9191',
         'session_timeout': 10,
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 9474503a2..74598f481 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -927,6 +927,13 @@ def history():
 					'msg': 'You do not have permission to remove history.'
 				}), 401)
 
+		if Setting().get('preserve_history'):
+			return make_response(
+				jsonify({
+					'status': 'error',
+					'msg': 'History removal is not allowed (toggle preserve_history in settings).'
+				}), 401)
+
 		h = History()
 		result = h.remove_all()
 		if result:
@@ -1282,6 +1289,7 @@ def setting_basic():
         'otp_field_enabled',
         'otp_force',
         'pdns_api_timeout',
+        'preserve_history',
         'pretty_ipv6_ptr',
         'record_helper',
         'record_quick_edit',

From 642fb1605d4a863977d20f1902cde0e244a784cc Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Mon, 13 Feb 2023 14:43:22 +0200
Subject: [PATCH 191/475] Move pretty_ipv6_ptr setting retrieval out of record
 list loop

---
 powerdnsadmin/routes/domain.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 87d0be437..97427601e 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -89,14 +89,14 @@ def domain(domain_name):
     #   - Find a way to make it consistent, or
     #   - Only allow one comment for that case
     if StrictVersion(Setting().get('pdns_version')) >= StrictVersion('4.0.0'):
+        pretty_v6 = Setting().get('pretty_ipv6_ptr')
         for r in rrsets:
             if r['type'] in records_allow_to_edit:
                 r_name = r['name'].rstrip('.')
 
                 # If it is reverse zone and pretty_ipv6_ptr setting
                 # is enabled, we reformat the name for ipv6 records.
-                if Setting().get('pretty_ipv6_ptr') and r[
-                        'type'] == 'PTR' and 'ip6.arpa' in r_name and '*' not in r_name:
+                if pretty_v6 and r['type'] == 'PTR' and 'ip6.arpa' in r_name and '*' not in r_name:
                     r_name = dns.reversename.to_address(
                         dns.name.from_text(r_name))
 

From 48f80b37ed39365774cef09765a7980c063875cf Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Mon, 13 Feb 2023 15:38:33 +0000
Subject: [PATCH 192/475] potential regex code fix for email validation

---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index cd9318144..2c2dfbde4 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -665,7 +665,7 @@ def register():
       email = request.form.get('email', '').strip()
       rpassword = request.form.get('rpassword', '')
 
-      is_valid_email = re.compile(r'[\w\.-]+@[\w\.-]+')
+      is_valid_email = re.compile(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$')
 
       error_messages = {}
       if not firstname:

From e0f939813e8e3bcb36ad02faac09244d5984cf89 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Tue, 14 Feb 2023 02:11:13 +0000
Subject: [PATCH 193/475] Tabs on dashboard.html now fade effect when switching
 between First pass at HTML conversion from Master/Slave to Primary/Secondary
 (TODO: Backend) Start work on migrating admin_auth_settings to Bootstrap v4
 admin_setting_basic -> Change plain text for On/Off to toggles in current
 state, and changed "Action" column to the opposite toggle of current setting
 dashboard_domain -> Reduce deuplicate code for the new dropdown-menu for
 Actions register -> Add exclamation icon in front of error text template_add
 -> changed box-body to card-body user_profile -> Fixed tab naviation for
 Bootstrap v4. Tabs also fade between changes

---
 .../admin_setting_authentication.html         |  73 +++---
 .../templates/admin_setting_basic.html        |  12 +-
 .../templates/admin_setting_pdns.html         |   6 +-
 powerdnsadmin/templates/dashboard.html        |   2 +-
 powerdnsadmin/templates/dashboard_domain.html |  69 +++---
 powerdnsadmin/templates/domain.html           |  84 ++++---
 powerdnsadmin/templates/domain_add.html       |  14 +-
 powerdnsadmin/templates/domain_setting.html   |  28 +--
 powerdnsadmin/templates/register.html         |  35 ++-
 powerdnsadmin/templates/template_add.html     |   8 +-
 powerdnsadmin/templates/user_profile.html     | 217 +++++++++---------
 11 files changed, 293 insertions(+), 255 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index e0e3a3f40..4b8a446a3 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -35,7 +35,7 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
         <div class="col-12">
-            <div class="card shadow">
+            <div class="card">
                 <div class="card-header">
                     <h3 class="card-title">Authentication Settings</h3>
                 </div>
@@ -46,20 +46,36 @@ <h3 class="card-title">Authentication Settings</h3>
                         {{ result['msg'] }}
                     </div>
                     {% endif %}
-                    <div class="nav-tabs-custom" id="tabs">
-                        <ul class="nav nav-tabs">
-                            <li class="active"><a href="#tabs-general" data-toggle="tab">General</a></li>
-                            <li><a href="#tabs-ldap" data-toggle="tab">LDAP</a></li>
-                            <li><a href="#tabs-google" data-toggle="tab">Google OAuth</a></li>
-                            <li><a href="#tabs-github" data-toggle="tab">Github OAuth</a></li>
-                            <li><a href="#tabs-azure" data-toggle="tab">Microsoft OAuth</a></li>
-                            <li><a href="#tabs-oidc" data-toggle="tab">OpenID Connect OAuth</a></li>
+                    <div class="nav-tabs-custom">
+                        <ul class="nav nav-tabs" role="tablist">
+                            <li class="nav-item">
+                              <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID Connect OAuth</a>
+                            </li>
                         </ul>
                         <div class="tab-content">
                             <div class="tab-pane active" id="tabs-general">
                                 <form role="form" method="post">
                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                     <input type="hidden" value="general" name="config_tab" />
+                                    <div class="card-header">
+                                      <h3 class="card-title">Basic Settings</h3>
+                                    </div>
+                                    <div class="card-body">
                                     <div class="form-group">
                                         <input type="checkbox" id="local_db_enabled" name="local_db_enabled" class="checkbox" {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
                                         <label for="local_db_enabled">Local DB Authentication</label>
@@ -68,10 +84,8 @@ <h3 class="card-title">Authentication Settings</h3>
                                         <input type="checkbox" id="signup_enabled" name="signup_enabled" class="checkbox" {% if SETTING.get('signup_enabled') %}checked{% endif %}>
                                         <label for="signup_enabled">Allow users to sign up</label>
                                     </div>
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Save</button>
-                                    </div>
-                                    
+                                    <button type="submit" class="btn btn-primary">Save</button>
+                                  </div>
                                 </form>
                             </div>
                             <div class="tab-pane" id="tabs-ldap">
@@ -332,6 +346,8 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             <div class="tab-pane" id="tabs-google">
                                 <div class="row">
                                     <div class="col-4">
+                                      <div class="card">
+                                        <div class="card-body">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="google" name="config_tab" />
@@ -375,15 +391,23 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                                     <span class="help-block with-errors"></span>
                                                 </div>
                                             </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                            <div class="card-footer">
+                                                <button type="submit" class="btn btn-primary float-right">Save</button>
                                             </div>
                                         </form>
+                                        </div>
+                                      </div>
                                     </div>
                                     <div class="col-8">
-                                        <legend>Help</legend>
-                                        <p>Fill in all the fields in the left form.</p>
-                                        <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
+                                      <div class="card">
+                                        <div class="card-header">
+                                          <h3 class="card-title">Help</h3>
+                                        </div>
+                                        <div class="card-body">
+                                          <p>Fill in all the fields in the left form.</p>
+                                          <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
+                                        </div>
+                                      </div>
                                     </div>
                                 </div>
                             </div>
@@ -1084,16 +1108,13 @@ <h4 class="modal-title">Confirmation</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
-                <button type="button" class="btn btn-flat btn-success" id="button_confirm">Confirm</button>
+                <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
+                <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 
-
 <div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
     <div class="modal-dialog">
         <div class="modal-content">
@@ -1107,13 +1128,9 @@ <h4 class="modal-title">Warning</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-success" id="button_warning_confirm">Yes I understand</button>
+                <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
-
-
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index dcfb29875..f62d43ac2 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -52,15 +52,15 @@ <h3 class="card-title">Basic Settings</h3>
                   {{ setting }}
                 </td>
                 {% if SETTING.get(setting) in [False] %}
-                  <td>{{ SETTING.get(setting)|display_setting_state }}</td>
-                  <td width="6%">
+                  <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
+                  <td width="20%">
                     <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
                       <i class="fas fa-toggle-on"></i>&nbsp;Turn On
                     </button>
                   </td>
                 {% elif SETTING.get(setting) in [True] %}
-                  <td>{{ SETTING.get(setting)|display_setting_state }}</td>
-                  <td width="6%">
+                  <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
+                  <td width="20%">
                     <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
                       <i class="fas fa-toggle-off"></i>&nbsp;Turn Off
                     </button>
@@ -69,7 +69,7 @@ <h3 class="card-title">Basic Settings</h3>
                   <td>
                     <input name="value" id="value" value="{{ SETTING.get(setting) }}">
                   </td>
-                  <td width="6%">
+                  <td width="20%">
                     <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
                       <i class="fas fa-save"></i>&nbsp;Save
                     </button>
@@ -87,7 +87,7 @@ <h3 class="card-title">Basic Settings</h3>
 
 {% block extrascripts %}
   <script>
-    // set up history data table
+    // set up settings table
     $("#tbl_settings").DataTable({
       "paging": false,
       "lengthChange": false,
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index e709350bb..03cd27390 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -34,7 +34,7 @@ <h1 class="m-0 text-dark">
     <div class="container-fluid">
       <div class="row">
         <div class="col-4">
-          <div class="card shadow">
+          <div class="card shadow card-outline card-secondary">
             <div class="card-header">
               <h3 class="card-title">PDNS Settings</h3>
             </div>
@@ -75,7 +75,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
           </div>
         </div>
         <div class="col-8">
-          <div class="card shadow">
+          <div class="card shadow card-outline card-secondary">
             <div class="card-header">
               <h3 class="card-title">Help</h3>
             </div>
@@ -88,7 +88,7 @@ <h3 class="card-title">Help</h3>
                 <dt>PowerDNS API Key</dt>
                 <dd>Your PowerDNS API key.</dd>
                 <dt>PowerDNS Version</dt>
-                <dd>Your PowerDNS version number (eg. 4.1.1).</dd>
+                <dd>Your PowerDNS version number (eg. 4.7.0).</dd>
               </dl>
               <p>Find more details at
                 <a href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 888d05d1e..727f5b5a5 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -170,7 +170,7 @@ <h3 class="card-title">Recent History</h3>
                 </ul>
                 <div class="tab-content">
                   {% for boxId in custom_boxes.order %}
-                    <div class="tab-pane" id='tab_{{boxId}}'>
+                    <div class="tab-pane fade show" id='tab_{{boxId}}'>
                       <div class="card-header">
                         <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
                         {% if show_bg_domain_button %}
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index 86ae1c9ca..86338a9bb 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -29,47 +29,36 @@
 {% endmacro %}
 
 {% macro actions(domain) %}
-  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-    <td width="6%">
-
-      <div class="dropdown">
-        <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-          Options
+<td width="6%">
+  <div class="dropdown">
+    <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+      Options
+    </button>
+    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+      {% if current_user.role.name in ['Administrator', 'Operator'] %}
+        <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
+          <i class="fa fa-clone"></i>&nbsp;Clone to Template
         </button>
-        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-          <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
-            <i class="fa fa-clone"></i>&nbsp;Template
-          </button>
-          <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-            <i class="fa fa-cog"></i>&nbsp;Manage
-          </button>
-          <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-            <i class="fa fa-cog"></i>&nbsp;Admin
-          </button>
-          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Changelog
-          </button>
-        </div>
-      </div>
-
-    </td>
-    {% else %}
-    <td width="6%">
-      <div class="dropdown">
-        <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-          Options
+        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+          <i class="fa fa-cog"></i>&nbsp;Manage Domain
+        </button>
+        <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+          <i class="fa fa-cog"></i>&nbsp;Admin Settings
+        </button>
+        <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+          <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
         </button>
-        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-          <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-            <i class="fa fa-cog"></i>&nbsp;Manage
+      {% else %}
+        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+          <i class="fa fa-cog"></i>&nbsp;Manage Domain
+        </button>
+        {% if allow_user_view_history %}
+          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
           </button>
-          {% if allow_user_view_history %}
-            <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-              <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Changelog
-            </button>
-          {% endif %}
-        </div>
-      </div>
-    </td>
-  {% endif %}  
+        {% endif %}
+      {% endif %}  
+    </div>
+  </div>
+</td>
 {% endmacro %}
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index a058a8213..10f12ee95 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -33,7 +33,7 @@ <h1 class="m-0 text-dark">
       <div class="col-12">
         <div class="card">
           <div class="card-header">
-            {% if domain.type != 'Slave' %}
+            {% if domain.type != 'Secondary' %}
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_add_record" id="{{ domain.name }}">
                 <i class="fas fa-plus"></i>
                 &nbsp;Add Record
@@ -43,9 +43,9 @@ <h1 class="m-0 text-dark">
                 &nbsp;Apply Changes
               </button>
             {% else %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_update_from_master" id="{{ domain.name }}">
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_update_from_primary" id="{{ domain.name }}">
                 <i class="fas fa-download"></i>
-                &nbsp;Update from Master
+                &nbsp;Update from Primary
               </button>
             {% endif %}
             {% if current_user.role.name in ['Administrator', 'Operator'] %}
@@ -70,13 +70,16 @@ <h1 class="m-0 text-dark">
                   <th>Status</th>
                   <th>TTL</th>
                   <th>Data</th>
-                  <th>Comment</th>
-                  <th>Edit</th>
-                  <th>Delete</th>
-                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                    <th >Changelog</th>
+                  {% if domain.type != 'Secondary' %}
+                    <th>Comment</th>
+                    <th>Edit</th>
+                    <th>Delete</th>
+                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                      <th >Changelog</th>
+                    {% endif %}
+                  {% else %}
+                    <th>Invisible Sorting Column</th>
                   {% endif %}
-                  <th>Invisible Sorting Column</th>
                 </tr>
               </thead>
               <tbody>
@@ -87,13 +90,17 @@ <h1 class="m-0 text-dark">
                     <td>{{ record.status }}</td>
                     <td>{{ record.ttl }}</td>
                     <td>{{ record.data | pretty_domain_name }}</td>
-                    <td>{{ record.comment }}</td>
-                    {% if domain.type != 'Slave' %}
+                    {% if domain.type != 'Secondary' %}
+                      <td>{{ record.comment }}</td>
                       <td width="6%">
                         {% if record.is_allowed_edit() %}
-                          <button type="button" class="btn btn-warning button_edit"><i class="fa fa-edit"></i></button>
+                          <button type="button" class="btn btn-warning button_edit">
+                            <i class="fa fa-edit"></i>
+                          </button>
                         {% else %}
-                          <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
+                          <button type="button" class="btn btn-warning">
+                            <i class="fa fa-exclamation-circle"></i>
+                          </button>
                         {% endif %}
                       </td>
                       <td width="6%">
@@ -101,20 +108,13 @@ <h1 class="m-0 text-dark">
                           <button type="button" class="btn btn-danger button_delete"><i class="fa fa-trash"></i></button>
                         {% endif %}
                       </td>
-                    {% else %}
-                      <td width="6%">
-                        <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
-                      </td>
-                      <td width="6%">
-                        <button type="button" class="btn btn-warning"><i class="fa fa-exclamation-circle"></i></button>
-                      </td>
-                    {% endif %}
-                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                      <td width="6%">
-                        <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
-                          <i class="fa fa-history" aria-hidden="true"></i>
-                        </button>
-                      </td>
+                      {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                        <td width="6%">
+                          <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
+                            <i class="fa fa-history" aria-hidden="true"></i>
+                          </button>
+                        </td>
+                      {% endif %}
                     {% endif %}
                     <!-- hidden column that we can sort on -->
                     <td>1</td>
@@ -171,10 +171,14 @@ <h1 class="m-0 text-dark">
                 // hidden column so that we can add new records on top
                 // regardless of whatever sorting is done. See orderFixed
                 visible: false,
-                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                targets: [ 9 ]
+                {% if domain.type != 'Secondary' %}
+                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                    targets: [ 9 ]
+                  {% else %}
+                    targets: [ 8 ]
+                  {% endif %}
                 {% else %}
-                targets: [ 8 ]
+                  targets: [ 5 ]
                 {% endif %}
             },
             {
@@ -182,10 +186,14 @@ <h1 class="m-0 text-dark">
                 targets: [ 4, 5 ]
             }
         ],
-        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-        "orderFixed": [[9, 'asc']]
+        {% if domain.type != 'Secondary' %}
+          {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+            "orderFixed": [[9, 'asc']]
+          {% else %}
+            "orderFixed": [[8, 'asc']]
+          {% endif %}
         {% else %}
-        "orderFixed": [[8, 'asc']]
+          "orderFixed": [[5, 'asc']]
         {% endif %}
     });
 
@@ -221,7 +229,8 @@ <h1 class="m-0 text-dark">
         });
     });
     // handle edit button and record click
-    $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
+    {% if domain.type != 'Secondary' %}
+      $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
          e.stopPropagation();
          if ($(this).is('tr')) {
             var nRow = $(this)[0];
@@ -248,7 +257,8 @@ <h1 class="m-0 text-dark">
              editRow(table, nRow);
              nEditing = nRow;
          }
-    });
+      });
+    {% endif %}
 
     // handle apply changes button
     $(document.body).on("click",".button_apply_changes", function() {
@@ -319,8 +329,8 @@ <h1 class="m-0 text-dark">
             nNew = false;
         });
 
-    //handle update_from_master button
-    $(document.body).on("click", ".button_update_from_master", function (e) {
+    //handle update_from_primary button
+    $(document.body).on("click", ".button_update_from_primary", function (e) {
             var domain = $(this).prop('id');
             applyChanges({'domain': domain, '_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
     });
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 2e233d349..d736ca8ee 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -67,13 +67,13 @@ <h3 class="card-title">Create new domain</h3>
                 </div>
                 <div class="radio">
                   <label>
-                    <input type="radio" name="radio_type" id="radio_type_master" value="master">
+                    <input type="radio" name="radio_type" id="radio_type_primary" value="primary">
                     Primary
                   </label>
                 </div>
                 <div class="radio">
                   <label>
-                    <input type="radio" name="radio_type" id="radio_type_slave" value="slave">
+                    <input type="radio" name="radio_type" id="radio_type_secondary" value="secondary">
                     Secondary
                   </label>
                 </div>
@@ -87,8 +87,8 @@ <h3 class="card-title">Create new domain</h3>
                   {% endfor %}
                 </select>
               </div>
-              <div class="form-group" style="display: none;" id="domain_master_address_div">
-                <input type="text" class="form-control" name="domain_master_address" id="domain_master_address" placeholder="Enter valid master ip addresses (separated by commas)">
+              <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                <input type="text" class="form-control" name="domain_primary_address" id="domain_primary_address" placeholder="Enter valid Primary Server IP addresses (separated by commas)">
               </div>
               <div class="form-group">
                 <label>SOA-EDIT-API</label>
@@ -193,10 +193,10 @@ <h3 class="card-title">Help with creating a new domain</h3>
   <script>
     $("input[name=radio_type]").change(function () {
       var type = $(this).val();
-      if (type == "slave") {
-        $("#domain_master_address_div").show();
+      if (type == "secondary") {
+        $("#domain_primary_address_div").show();
       } else {
-        $("#domain_master_address_div").hide();
+        $("#domain_primary_address_div").hide();
       }
     });
   </script>
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 364b938ed..cc677d4ef 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -170,12 +170,12 @@ <h3 class="card-title">Change Type</h3>
                             PowerDNS server or you handle replication via your backend.
                         </li>
                         <li>
-                            Master - This PowerDNS server will serve as the master and will send zone transfers
-                            (AXFRs) to other servers configured as slaves.
+                            Primary - This PowerDNS server will serve as the primary and will send zone transfers
+                            (AXFRs) to other servers configured as secondaries.
                         </li>
                         <li>
-                            Slave - This PowerDNS server will serve as the slave and will request and receive
-                            zone transfers (AXFRs) from other servers configured as masters.
+                            Secondary - This PowerDNS server will serve as the secondaries and will request and receive
+                            zone transfers (AXFRs) from other servers configured as primaries.
                         </li>
                     </ul>
                     <b>New Domain Type Setting:</b>
@@ -184,13 +184,13 @@ <h3 class="card-title">Change Type</h3>
                         <select name="domain_type" class="form-control" style="width:15em;">
                             <option selected value="0">- Unchanged -</option>
                             <option value="native">Native</option>
-                            <option value="master">Master</option>
-                            <option value="slave">Slave</option>
+                            <option value="priamry">Primary</option>
+                            <option value="secondary">Secondary</option>
                         </select><br />
-                        <div class="form-group" style="display: none;" id="domain_master_address_div">
-                            <input type="text" class="form-control" name="domain_master_address"
-                                id="domain_master_address"
-                                placeholder="Enter valid master ip addresses (separated by commas)">
+                        <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                            <input type="text" class="form-control" name="domain_primary_address"
+                                id="domain_primary_address"
+                                placeholder="Enter valid Primary Server IP addresses (separated by commas)">
                         </div>
                         <button type="submit" class="btn btn-primary" id="change_type">
                             <i class="fa fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
@@ -357,13 +357,13 @@ <h3 class="card-title">Domain Deletion</h3>
         modal.modal('show');
     });
 
-    // domain master address input handeling
+    // domain primary address input handeling
     $("select[name=domain_type]").change(function () {
         var type = $(this).val();
-        if (type == "slave") {
-            $("#domain_master_address_div").show();
+        if (type == "secondary") {
+            $("#domain_primary_address_div").show();
         } else {
-            $("#domain_master_address_div").hide();
+            $("#domain_primary_address_div").hide();
         }
     });
 
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 631d54bfa..9257d7520 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -47,6 +47,7 @@
                 <input type="text" class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}" placeholder="First Name" name="firstname" id="firstname" value="{{ request.form.firstname }}" required>
                 {% if 'firstname' in error_messages %}
                   <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
                     {{ error_messages['firstname'] }}
                   </div>
                 {% endif %}
@@ -63,6 +64,7 @@
                 <input type="text" class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}" placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}" required>
                 {% if 'lastname' in error_messages %}
                   <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
                     {{ error_messages['lastname'] }}
                   </div>
                 {% endif %}
@@ -96,8 +98,9 @@
                   </span>
                 </div>
                 <input type="text" class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}" placeholder="Username" name="username" id="username" value="{{ request.form.username }}" required>
-                {% if 'email' in error_messages %}
+                {% if 'username' in error_messages %}
                   <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
                     {{ error_messages['username'] }}
                   </div>
                 {% endif %}
@@ -112,8 +115,9 @@
                   </span>
                 </div>
                 <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}" placeholder="Password" id="password" name="password" required>
-                {% if 'email' in error_messages %}
+                {% if 'password' in error_messages %}
                   <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
                     {{ error_messages['password'] }}
                   </div>
                 {% endif %}
@@ -130,6 +134,7 @@
                 <input type="password" class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}" placeholder="Retype password" id="rpassword" name="rpassword" required>
                 {% if 'rpassword' in error_messages %}
                   <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
                     {{ error_messages['rpassword'] }}
                   </div>
                 {% endif %}
@@ -138,20 +143,28 @@
 
             {% if captcha_enable %}
             <p class="login-box-msg">Please complete the CAPTCHA below</p>
-            <div class="form-group has-feedback">
+            <div class="form-group">
               {{ captcha() }}
-              <input type="text" class="form-control" placeholder="CAPTCHA"  name="captcha"
-                data-error="Please complete the CAPTCHA" required>
-              <span class="help-block with-errors"></span>
+              <div class="input-group mb-3">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-shield-alt"></i>
+                  </span>
+                </div>
+              <input type="text" class="form-control {{ 'is-invalid' if 'captcha_result' in error_messages else '' }}" placeholder="CAPTCHA"  id="captcha" name="captcha" required>
+              {% if 'captcha_result' in error_messages %}
+                <div class="invalid-feedback">
+                  <i class="fas fa-exclamation-triangle"></i>
+                  {{ error_messages['captcha_result'] }}
+                </div>
+              {% endif %}
             </div>
           {% endif %}
 
           <div class="row">
-            <div class="col-6">
-              <button type="button" class="btn btn-block" id="button_back">Back</button>
-            </div>
-            <div class="col-4">
-              <button type="submit" class="btn btn-primary btn-block">Register</button>
+            <div class="d-flex justify-content-between mx-auto mt-3">
+              <button type="button" class="btn btn-secondary" id="button_back">Back</button>
+              <button type="submit" class="btn btn-primary mx-3">Register</button>
             </div>
           </div>
         </form>
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 0120ebc64..8bbedc37a 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -61,7 +61,7 @@ <h3 class="card-title">Create new template</h3>
           </div>
           <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="box-body">
+            <div class="card-body">
               <div class="form-group">
                 <input type="text" class="form-control" name="name" id="name"
                 placeholder="Enter a valid template name (required)">
@@ -105,10 +105,10 @@ <h3 class="card-title">Help with creating a new template</h3>
 <script>
   $("input[name=radio_type]").change(function () {
     var type = $(this).val();
-    if (type == "slave") {
-      $("#domain_master_address_div").show();
+    if (type == "secondary") {
+      $("#domain_primary_address_div").show();
     } else {
-      $("#domain_master_address_div").hide();
+      $("#domain_primary_address_div").hide();
     }
   });
 </script>
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 2b1b476b1..286760ed3 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -29,118 +29,127 @@ <h1 class="m-0 text-dark">
 
 {% block content %}
 <section class="content">
-    <div class="container-fluid">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-12">
-            <div class="card card-primary">
-                <div class="card-header with-border">
-                    <h3 class="card-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -
-                        Authenticated externally]{% endif %}</h3>
+      <div class="col-12">
+        <div class="card card-primary">
+          <div class="card-header with-border">
+            <h3 class="card-title">
+              Edit my profile {%  if session['authentication_type'] != 'LOCAL' %} [Disabled - Authenticated externally]{% endif %}
+            </h3>
+          </div>
+          <div class="card-body">
+            <div class="nav-tabs-custom">
+              <ul class="nav nav-tabs" role="tablist">
+                <li class="nav-item">
+                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">Personal Info</a>
+                </li>
+                {%  if session['authentication_type'] == 'LOCAL' %}
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-password" data-toggle="tab">Change Password</a>
+                  </li>
+                {% endif %}
+                {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">Authentication</a>
+                  </li>
+                {% endif %}
+              </ul>
+              <div class="tab-content">
+                <div class="tab-pane fade show active" id="tabs-personal">
+                  <form role="form" method="post" action="{{ user_profile }}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="form-group">
+                      <label for="firstname">First Name</label>
+                      <input type="text" class="form-control" name="firstname" id="firstname"
+                      placeholder="{{ current_user.firstname }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    <div class="form-group">
+                      <label for="lastname">Last Name</label>
+                      <input type="text" class="form-control" name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    <div class="form-group">
+                      <label for="email">E-mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    {%  if session['authentication_type'] == 'LOCAL' %}
+                      <div class="form-group">
+                        <button type="submit" class="btn btn-primary">Submit</button>
+                      </div>
+                    {% endif %}
+                  </form>
                 </div>
-                <div class="card-body">
-                    <!-- Custom Tabs -->
-                    <div class="nav-tabs-custom" id="tabs">
-                        <ul class="nav nav-tabs">
-                            <li class="active"><a href="#tabs-personal" data-toggle="tab">Personal
-                                    Info</a></li>
-                            {%  if session['authentication_type'] == 'LOCAL' %}
-                            <li><a href="#tabs-password" data-toggle="tab">Change Password</a></li>
-                            {% endif %}
-                            {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
-                            <li><a href="#tabs-authentication" data-toggle="tab">Authentication</a></li>
-                            {% endif %}
-                        </ul>
-                        <div class="tab-content">
-                            <div class="tab-pane active" id="tabs-personal">
-                                <form role="form" method="post" action="{{ user_profile }}">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <label for="firstname">First Name</label> <input type="text"
-                                            class="form-control" name="firstname" id="firstname"
-                                            placeholder="{{ current_user.firstname }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="lastname">Last Name</label> <input type="text" class="form-control"
-                                            name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="email">E-mail</label> <input type="email" class="form-control"
-                                            name="email" id="email" placeholder="{{ current_user.email }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>{%  if session['authentication_type'] == 'LOCAL' %}
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-primary">Submit</button>
-                                    </div>{% endif %}
-                                </form>
-                            </div>
-                            {% if session['authentication_type'] == 'LOCAL' %}
-                            <div class="tab-pane" id="tabs-password">
-                                {% if not current_user.password %}
-                                Your account password is managed via LDAP which isn't supported to change here.
-                                {% else %}
-                                <form action="{{ user_profile }}" method="post">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <label for="password">New Password</label> <input type="password"
-                                            class="form-control" name="password" id="newpassword" />
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="rpassword">Re-type New Password</label> <input type="password"
-                                            class="form-control" name="rpassword" id="rpassword" />
-                                    </div>
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Change Password</button>
-                                    </div>
-                                </form>
-                                {% endif %}
-                            </div>
-                            {% endif %}
-                            <!-- {% if session['authentication_type'] in ['LOCAL', 'LDAP'] %} -->
-                            <div class="tab-pane" id="tabs-authentication">
-                                <form action="{{ user_profile }}" method="post">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <input type="checkbox" id="otp_toggle" class="otp_toggle"
-                                            {% if current_user.otp_secret %}checked{% endif %}>
-                                        <label for="otp_toggle">Enable Two Factor Authentication</label>
-                                        {% if current_user.otp_secret %}
-                                        <div id="token_information">
-                                            <p><img id="qrcode" src="{{ url_for('user.qrcode') }}"></p>
-                                            <div style="position: relative; left: 15px">
-                                                Your secret key is: <br />
-                                                <form>
-                                                    <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
-                                                    <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
-                                                    <br /><font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
-                                                </form>
-                                            </div>
-                                            You can use Google Authenticator (<a target="_blank"
-                                                href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
-                                            - <a target="_blank"
-                                                href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
-                                            or FreeOTP (<a target="_blank"
-                                                href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
-                                            - <a target="_blank"
-                                                href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>)
-                                            on your smartphone to scan the QR code.
-                                            <br />
-                                            <font color="red"><strong><i>Make sure only you can see this QR Code and secret key and
-                                                        nobody can capture them.</i></strong></font>
-                                        </div>
-                                        {% endif %}
-                                    </div>
-                                </form>
-                            </div>
-                            <!-- {% endif %} -->
+                {% if session['authentication_type'] == 'LOCAL' %}
+                  <div class="tab-pane fade" id="tabs-password">
+                    {% if not current_user.password %}
+                      Your account password is managed via LDAP which isn't supported to change here.
+                    {% else %}
+                      <form action="{{ user_profile }}" method="post">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="form-group">
+                          <label for="password">New Password</label> <input type="password" class="form-control" name="password" id="newpassword">
+                        </div>
+                        <div class="form-group">
+                          <label for="rpassword">Re-type New Password</label>
+                          <input type="password" class="form-control" name="rpassword" id="rpassword">
                         </div>
+                        <div class="form-group">
+                          <button type="submit" class="btn btn-primary">Change Password</button>
+                        </div>
+                      </form>
+                    {% endif %}
+                  </div>
+                {% endif %}
+                <div class="tab-pane fade" id="tabs-authentication">
+                  <form action="{{ user_profile }}" method="post">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="form-group">
+                      <input type="checkbox" id="otp_toggle" class="otp_toggle" {% if current_user.otp_secret %}checked{% endif %}>
+                      <label for="otp_toggle">Enable Two Factor Authentication</label>
+                      {% if current_user.otp_secret %}
+                        <div id="token_information">
+                          <p>
+                            <img id="qrcode" src="{{ url_for('user.qrcode') }}">
+                          </p>
+                          <div style="position: relative; left: 15px">
+                            Your secret key is:
+                            <br />
+                              <form>
+                                <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
+                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
+                                <br />
+                                <font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
+                              </form>
+                          </div>
+                          You can use Google Authenticator 
+                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
+                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
+                           or FreeOTP 
+                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
+                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>) 
+                           on your smartphone to scan the QR code.
+                           <br />
+                          <font color="red">
+                            <strong>
+                              <i>Make sure only you can see this QR Code and secret key and
+                                nobody can capture them.
+                              </i>
+                            </strong>
+                          </font>
+                        </div>
+                      {% endif %}
                     </div>
+                  </form>
                 </div>
+              </div>
             </div>
+          </div>
         </div>
+      </div>
     </div>
-    </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}

From f888bd79f8bc2a169286df32c947522f3072d3b3 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Tue, 14 Feb 2023 18:25:06 +0000
Subject: [PATCH 194/475] domain -> Changed pull-* to float-*

---
 powerdnsadmin/templates/domain.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 10f12ee95..4c03a9721 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -34,22 +34,22 @@ <h1 class="m-0 text-dark">
         <div class="card">
           <div class="card-header">
             {% if domain.type != 'Secondary' %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_add_record" id="{{ domain.name }}">
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_add_record" id="{{ domain.name }}">
                 <i class="fas fa-plus"></i>
                 &nbsp;Add Record
               </button>
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
                 <i class="fas fa-save"></i>
                 &nbsp;Apply Changes
               </button>
             {% else %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left button_update_from_primary" id="{{ domain.name }}">
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_update_from_primary" id="{{ domain.name }}">
                 <i class="fas fa-download"></i>
                 &nbsp;Update from Primary
               </button>
             {% endif %}
             {% if current_user.role.name in ['Administrator', 'Operator'] %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary pull-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
                 <i class="fas fa-cog"></i>
                 &nbsp;Admin
               </button>

From e1bbe10fc31b9ef93492ad584e6af48a7fd99bdd Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 21:52:55 +0000
Subject: [PATCH 195/475] Error pages updated for Font Awesome v6 - fa-solid

---
 powerdnsadmin/templates/errors/400.html  | 2 +-
 powerdnsadmin/templates/errors/403.html  | 2 +-
 powerdnsadmin/templates/errors/404.html  | 2 +-
 powerdnsadmin/templates/errors/500.html  | 2 +-
 powerdnsadmin/templates/errors/SAML.html | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index b6ea84c7f..d04363660 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Bad request
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index 44c75277f..a1063927b 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Access denied
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 70040a524..1e89d15c1 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! You're lost
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index c92c104dd..076548c63 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index a88c388ac..72a583f64 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -39,7 +39,7 @@ <h1 class="headline text-yellow" style="font-size:46px;">
       <br/>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <br>

From 62d95e874a34caa8733130cd6f5225720783a5f7 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 22:25:11 +0000
Subject: [PATCH 196/475] Final page edits for bootstrap v4 and Admin LTE v3.2

---
 .../templates/admin_edit_account.html         |  42 +--
 powerdnsadmin/templates/admin_edit_key.html   |  92 ++++---
 powerdnsadmin/templates/admin_edit_user.html  |  33 ++-
 .../templates/admin_global_search.html        |   8 +-
 powerdnsadmin/templates/admin_history.html    |   2 +-
 .../templates/admin_history_table.html        |   2 +-
 .../templates/admin_manage_account.html       |  40 +--
 .../templates/admin_manage_keys.html          |  42 +--
 .../templates/admin_manage_user.html          |  58 ++--
 powerdnsadmin/templates/admin_pdns_stats.html |   2 +-
 .../templates/admin_setting_basic.html        |   6 +-
 .../templates/admin_setting_pdns.html         |   4 +-
 .../templates/admin_setting_records.html      |  12 +-
 powerdnsadmin/templates/base.html             | 133 ++++-----
 powerdnsadmin/templates/dashboard.html        | 258 +++++++++---------
 powerdnsadmin/templates/dashboard_domain.html |  35 ++-
 powerdnsadmin/templates/domain.html           |  68 +++--
 powerdnsadmin/templates/domain_add.html       |  24 +-
 powerdnsadmin/templates/domain_changelog.html |   6 +-
 powerdnsadmin/templates/domain_remove.html    |  26 +-
 powerdnsadmin/templates/domain_setting.html   |  30 +-
 powerdnsadmin/templates/login.html            |   9 +-
 powerdnsadmin/templates/register.html         |  18 +-
 powerdnsadmin/templates/register_otp.html     |   2 +-
 powerdnsadmin/templates/template.html         |  30 +-
 powerdnsadmin/templates/template_add.html     |  19 +-
 powerdnsadmin/templates/template_edit.html    |  56 ++--
 powerdnsadmin/templates/user_profile.html     |  89 +++---
 28 files changed, 606 insertions(+), 540 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 62ccf26be..10ff01fa9 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -14,15 +14,15 @@
       <div class="row mb-2">
         <div class="col-sm-6">
           <h1 class="m-0 text-dark">
-            Account
-            <small>{% if create %}New account{% else %}{{ account.name }}{% endif %}</small>
+            {% if create %}Add Account{% else %}Edit Account{% endif %}
+            <small>{% if create %}Account{% else %}{{ account.name }}{% endif %}</small>
           </h1>
         </div>
         <div class="col-sm-6">
           <ol class="breadcrumb float-sm-right">
             <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
             <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add{% else %}Edit{% endif %} account</li>
+            <li class="breadcrumb-item active">{% if create %}Add Account{% else %}Edit Account: {{ account.name }}{% endif %}</li>
           </ol>
         </div>
       </div>
@@ -35,9 +35,9 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-4">
-        <div class="card shadow">
-          <div class="card-header with-border">
-            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Account</h3>
           </div>
           <form role="form" method="post" action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
@@ -46,7 +46,7 @@ <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
               {% if error %}
                 <div class="alert alert-danger alert-dismissible">
                   <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
                   {{ error }}
                 </div>
                 <span class="help-block">{{ error }}</span>
@@ -55,36 +55,36 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                 <label class="control-label" for="accountname">Name</label>
                 <input type="text" class="form-control" placeholder="Account Name (required)"
                   name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
-                  {% if not create %}disabled{% endif %}>
-                <span class="fa fa-cog form-control-feedback"></span>
+                  {% if not create %}disabled{% endif %} required>
+                <span class="form-control-feedback"></span>
                 {% if invalid_accountname %}
-                  <span class="help-block">Cannot be blank and must only contain alphanumeric
+                  <span class="help-block text-danger">Cannot be blank and must only contain alphanumeric
                     characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.
                   </span>
                 {% elif duplicate_accountname %}
-                  <span class="help-block">Account name already in use.</span>
+                  <span class="help-block text-danger">Account name already in use.</span>
                 {% endif %}
               </div>
               <div class="form-group has-feedback">
                 <label class="control-label" for="accountdescription">Description</label>
                 <input type="text" class="form-control" placeholder="Account Description (optional)"
                   name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
-                <span class="fa fa-industry form-control-feedback"></span>
+                <span class="orm-control-feedback"></span>
               </div>
               <div class="form-group has-feedback">
                 <label class="control-label" for="accountcontact">Contact Person</label>
                 <input type="text" class="form-control" placeholder="Contact Person (optional)"
                   name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
-                <span class="fa fa-user form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
               <div class="form-group has-feedback">
                 <label class="control-label" for="accountmail">Mail Address</label>
                 <input type="email" class="form-control" placeholder="Mail Address (optional)"
                   name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
-                <span class="fa fa-envelope form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
             </div>
-            <div class="card-header with-border">
+            <div class="card-header">
               <h3 class="card-title">Access Control</h3>
             </div>
             <div class="card-body">
@@ -104,17 +104,19 @@ <h3 class="card-title">Access Control</h3>
               </div>
             </div>
             <div class="card-footer">
-              <button type="submit"
-                class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
-                Account
+              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
+                Cancel
+              </button>
+              <button type="submit" class="btn btn-primary float-right">
+                {% if create %}Create{% else %}Update{% endif %} Account
               </button>
             </div>
           </form>
         </div>
       </div>
       <div class="col-8">
-        <div class="card shadow">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Help with creating a new account</h3>
           </div>
           <div class="card-body">
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 1d8e69636..23f58d33a 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -37,8 +37,8 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
   <div class="row">
     <div class="col-4">
-      <div class="card card-primary">
-        <div class="card-header with-border">
+      <div class="card ">
+        <div class="card-header">
           <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
         </div>
         <form role="form" method="post"
@@ -65,7 +65,7 @@ <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
                 <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
               </div>
             </div>
-            <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
               <h3 class="card-title">Accounts Access Control</h3>
             </div>
             <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
@@ -80,7 +80,7 @@ <h3 class="card-title">Accounts Access Control</h3>
                 </select>
               </div>
             </div>
-            <div class="card-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
               <h3 class="card-title">Domain Access Control</h3>
             </div>
                     <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
@@ -96,16 +96,19 @@ <h3 class="card-title">Domain Access Control</h3>
                         </div>
                     </div>
                     <div class="card-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary float-right" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
-                            Key</button>
+                      <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_keys') }}'">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                      </button>
+                      <button type="submit" class="btn btn-primary float-right" id="key_submit">
+                        <i class="fa-solid fa-save"></i>&nbsp;{% if create %}Create{% else %}Update{% endif %} Key
+                      </button>
                     </div>
                 </form>
             </div>
         </div>
         <div class="col-8">
-            <div class="card card-primary">
-                <div class="card-header with-border">
+            <div class="card">
+                <div class="card-header">
                     <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
                     </h3>
                 </div>
@@ -239,7 +242,7 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
     {% if plain_key %}
     $(document.body).ready(function () {
         var modal = $("#modal_show_key");
-        var info = "{{ plain_key }}";
+        var info = "Please copy this key to a secure location. You will be unable to view it again once you close this window: {{ plain_key }}";
         modal.find('.modal-body p').text(info);
         modal.find('#button_key_confirm').click(redirect_modal);
         modal.find('#button_close_modal').click(redirect_modal);
@@ -255,45 +258,46 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
 {% endblock %}
 {% block modals %}
 <div class="modal fade" id="modal_show_key">
-    <div class="modal-dialog">
-        <div class="modal-content modal-sm">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Your API key</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm">
-                    Confirm</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">New API Key</h5>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-primary" id="button_key_confirm">
+          Confirm
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 <div class="modal fade" id="modal_warning">
   <div class="modal-dialog">
-      <div class="modal-content modal-sm">
-          <div class="modal-header">
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-                  <span aria-hidden="true">&times;</span>
-              </button>
-              <h4 class="modal-title">WARNING</h4>
-          </div>
-          <div class="modal-body">
-              <p></p>
-          </div>
-          <div class="modal-footer">
-              <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm_warn">
-                  OK</button>
-          </div>
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">WARNING</h5>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+          <span aria-hidden="true">&times;</span>
+        </button>
       </div>
-      <!-- /.modal-content -->
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary close" data-dismiss="modal" id="button_close_modal">
+          Close
+        </button>
+        <button type="button" class="btn btn-primary" id="button_key_confirm_warn">
+          OK
+        </button>
+      </div>
+    </div>
   </div>
-  <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index b871b31e5..9e954fe74 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -47,7 +47,7 @@ <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
               {% if error %}
                 <div class="alert alert-danger alert-dismissible">
                   <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
                   {{ error }}
                 </div>
                 <span class="help-block">{{ error }}</span>
@@ -56,19 +56,19 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                 <label class="control-label" for="firstname">First Name</label>
                 <input type="text" class="form-control" placeholder="First Name" name="firstname"
                   {% if user %}value="{{ user.firstname }}" {% endif %}>
-                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
               <div class="form-group has-feedback">
                 <label class="control-label" for="lastname">Last Name</label>
                 <input type="text" class="form-control" placeholder="Last name" name="lastname"
                   {% if user %}value="{{ user.lastname }}" {% endif %}>
-                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
               <div class="form-group has-feedback">
                 <label class="control-label" for="email">E-mail address</label>
                 <input type="email" class="form-control" placeholder="Email" name="email" id="email"
                   {% if user %}value="{{ user.email }}" {% endif %}>
-                <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
               <p class="login-box-msg">Enter the account details below</p>
               <div class="form-group has-feedback">
@@ -76,14 +76,14 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                 <input type="text" class="form-control" placeholder="Username" name="username"
                   {% if user %}value="{{ user.username }}" {% endif %}
                   {% if not create %}disabled{% endif %}>
-                <span class="glyphicon glyphicon-user form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
               </div>
               <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
                 <label class="control-label" for="username">Password</label>
                 <input type="password" class="form-control"
                   placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
                   name="password">
-                <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+                <span class="form-control-feedback"></span>
                 {% if blank_password %}
                   <span class="help-block">The password cannot be blank.</span>
                 {% endif %}
@@ -98,8 +98,8 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
         </div>
         {% if not create %}
           {% if user.otp_secret %}
-            <div class="card card-secondary">
-              <div class="card-header with-border">
+            <div class="card">
+              <div class="card-header">
                 <h3 class="card-title">Two Factor Authentication</h3>
               </div>
               <div class="card-body">
@@ -119,8 +119,8 @@ <h3 class="card-title">Two Factor Authentication</h3>
         {% endif %}
       </div>
       <div class="col-8">
-        <div class="card card-secondary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">
               Help with {% if create %}creating a new{% else%}editing a{% endif %} user
             </h3>
@@ -168,18 +168,21 @@ <h3 class="card-title">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_otp_disable_confirm">Disable Two Factor
-                    Authentication</button>
+                <button type="button" class="btn btn-default" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-danger float-right" id="button_otp_disable_confirm">
+                  Disable Two Factor Authentication
+                </button>
             </div>
         </div>
     </div>
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 4161ad3da..dfe14a67c 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -34,7 +34,7 @@ <h1 class="m-0 text-dark">
     <div class="container-fluid">
       <div class="row">
         <div class="col-12">
-          <div class="card shadow">
+          <div class="card">
             <div class="card-header">
               <h3 class="card-title">Global Search</h3>
             </div>
@@ -60,7 +60,7 @@ <h3 class="card-title">Global Search</h3>
 
       <div class="row">
         <div class="col-12">
-          <div class="card shadow">
+          <div class="card">
             <div class="card-header">
               <h3 class="card-title">Domains ({{ domains|length }})</h3>
             </div>
@@ -88,7 +88,7 @@ <h3 class="card-title">Domains ({{ domains|length }})</h3>
 
       <div class="row">
         <div class="col-12">
-          <div class="card shadow">
+          <div class="card">
             <div class="card-header">
               <h3 class="card-title">Records ({{ records|length }})</h3>
             </div>
@@ -124,7 +124,7 @@ <h3 class="card-title">Records ({{ records|length }})</h3>
 
       <div class="row">
         <div class="col-12">
-          <div class="card shadow">
+          <div class="card">
             <div class="card-header">
               <h3 class="card-title">Comments ({{ comments|length }})</h3>
             </div>
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 21c275864..f2a86196c 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -40,7 +40,7 @@ <h1 class="m-0 text-dark">
             <h3 class="card-title">History Management</h3>
             {% if current_user.role.name != 'User' %}
               <button type="button" class="btn btn-danger float-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                <i class="fas fa-trash"></i>  
+                <i class="fa-solid fa-trash"></i>  
                 &nbsp;Clear History
               </button>
             {% endif %}
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 146e7dbd4..8f1d25f7d 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -37,7 +37,7 @@
               {% if history.detailed_msg == "" and history.change_set is none %}
                 style="visibility: hidden;"
               {% endif %} value="{{ loop.index0 }}">
-              <i class="fa fa-info"></i>
+              <i class="fa-solid fa-info"></i>
               &nbsp;Info
             </button>
           </td>
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index f0c79cc8c..c02a18c10 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -34,14 +34,12 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-12">
-        <div class="card card-primary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Account Management</h3>
-          </div>
-          <div class="card-body">
             <a href="{{ url_for('admin.edit_account') }}">
-              <button type="button" class="btn btn-flat btn-primary pull-left button_add_account">
-                Add Account&nbsp;<i class="fa fa-plus"></i>
+              <button type="button" class="btn btn-primary float-right button_add_account">
+                <i class="fa-solid fa-plus"></i>&nbsp;Add Account
               </button>
             </a>
           </div>
@@ -68,12 +66,22 @@ <h3 class="card-title">Account Management</h3>
                     <td>{{ account.user_num }}</td>
                     <td>{{ account.domains|length }}</td>
                     <td width="15%">
-                      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
-                        Edit&nbsp;<i class="fa fa-cog"></i>
-                      </button>
-                      <button type="button" class="btn btn-flat btn-danger button_delete" id="{{ account.name }}">
-                        Delete&nbsp;<i class="fa fa-trash"></i>
-                      </button>
+                      <div class="dropdown">
+                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                        </button>
+                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
+                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Account
+                          </button>
+                          <div class="dropdown-divider"></div>
+                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ account.name }}">
+                            <font color="red">
+                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Account
+                            </font>
+                          </button>
+                         </div>
+                      </div>
                     </td>
                   </tr>
                 {% endfor %}
@@ -127,20 +135,20 @@ <h3 class="card-title">Account Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+<div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
                 <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
             </div>
         </div>
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index e303cd6d0..87a36b058 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -35,11 +35,9 @@ <h1 class="m-0 text-dark">
     <div class="card">
       <div class="card-header with-border">
         <h3 class="card-title">Key Management</h3>
-      </div>
-      <div class="card-body">
         <a href="{{ url_for('admin.edit_key') }}">
-          <button type="button" class="btn btn-primary pull-left button_add_key">
-            Add Key&nbsp;<i class="fa fa-plus"></i>
+          <button type="button" class="btn btn-primary float-right button_add_key">
+            <i class="fa-solid fa-plus"></i>&nbsp;Add Key
           </button>
         </a>
       </div>
@@ -52,7 +50,7 @@ <h3 class="card-title">Key Management</h3>
               <th>Description</th>
               <th>Domains</th>
               <th>Accounts</th>
-              <th>Action</th>
+              <th>Actions</th>
             </tr>
           </thead>
           <tbody>
@@ -64,14 +62,22 @@ <h3 class="card-title">Key Management</h3>
                 <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
                 <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
                 <td width="15%">
-                  <button type="button" class="btn btn-flat btn-success button_edit"
-                    onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
-                    Edit&nbsp;<i class="fa fa-lock"></i>
-                  </button>
-                  <button type="button" class="btn btn-flat btn-danger button_delete"
-                    id="{{ key.id }}">
-                    Delete&nbsp;<i class="fa fa-trash"></i>
-                  </button>
+                  <div class="dropdown">
+                    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                      <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                    </button>
+                    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                      <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
+                        <i class="fa-solid fa-edit"></i>&nbsp;Edit API Key
+                      </button>
+                      <div class="dropdown-divider"></div>
+                      <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ key.id }}">
+                        <font color="red">
+                          <i class="fa-solid fa-trash"></i>&nbsp;Delete API Key
+                        </font>
+                      </button>
+                     </div>
+                  </div>
                 </td>
               </tr>
             {% endfor %}
@@ -125,17 +131,21 @@ <h3 class="card-title">Key Management</h3>
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
           <button type="button" class="close" data-dismiss="modal" aria-label="Close">
             <span aria-hidden="true">&times;</span>
           </button>
-          <h4 class="modal-title">Confirmation</h4>
         </div>
         <div class="modal-body">
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">
+            Delete
+          </button>
         </div>
       </div>
     </div>
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index 154acacb1..ba978a115 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -35,13 +35,11 @@ <h1 class="m-0 text-dark">
       <div class="row">
         <div class="col-12">
           <div class="card">
-            <div class="card-header with-border">
+            <div class="card-header">
               <h3 class="card-title">User Management</h3>
-            </div>
-            <div class="card-body">
               <a href="{{ url_for('admin.edit_user') }}">
-                <button type="button" class="btn btn-primary pull-left button_add_user">
-                  <i class="fa fa-plus"></i>&nbsp;Add User
+                <button type="button" class="btn btn-primary float-right button_add_user">
+                  <i class="fa-solid fa-plus"></i>&nbsp;Add User
                 </button>
               </a>
             </div>
@@ -80,20 +78,30 @@ <h3 class="card-title">User Management</h3>
                         <button type="button" class="btn btn-warning button_revoke"
                           id="{{ user.username }}"
                           {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa fa-lock"></i>&nbsp;Revoke
+                            <i class="fa-solid fa-link-slash"></i>&nbsp;Revoke
                         </button>
                       </td>
                       <td width="15%">
-                        <button type="button" class="btn btn-success button_edit"
-                          onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'"
+
+                        <div class="dropdown">
+                          <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"
                           {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa fa-lock"></i>&nbsp;Edit
-                        </button>
-                        <button type="button" class="btn btn-danger button_delete"
-                          id="{{ user.username }}"
-                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                            <i class="fa fa-trash"></i>&nbsp;Delete
-                        </button>
+                            <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                          </button>
+                          <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                            <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'">
+                              <i class="fa-solid fa-edit"></i>&nbsp;Edit User
+                            </button>
+                            {% if not user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}
+                              <div class="dropdown-divider"></div>
+                              <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ user.username }}">
+                                <font color="red">
+                                  <i class="fa-solid fa-trash"></i>&nbsp;Delete User
+                                </font>
+                              </button>
+                            {% endif %}
+                           </div>
+                        </div>
                       </td>
                     </tr>
                   {% endfor %}
@@ -179,7 +187,7 @@ <h3 class="card-title">User Management</h3>
 {% endblock %}
 
 {% block modals %}
-  <div class="modal fade modal-warning" id="modal_revoke">
+  <div class="modal fade" id="modal_revoke">
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
@@ -192,14 +200,18 @@ <h4 class="modal-title">Confirmation</h4>
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger" id="button_revoke_confirm">Revoke</button>
+          <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger float-right" id="button_revoke_confirm">
+            Revoke
+          </button>
         </div>
       </div>
     </div>
   </div>
 
-  <div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
@@ -212,8 +224,12 @@ <h4 class="modal-title">Confirmation</h4>
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-default pull-left" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+          <button type="button" class="btn btn-default float-right" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
+            Delete
+          </button>
         </div>
       </div>
     </div>
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index 1c5112913..b0e52f482 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -84,7 +84,7 @@ <h3 class="card-title">PowerDNS Server Configuration</h3>
                       <td>
                         <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
                         target="_blank" class="btn btn-primary">
-                          <i class="fa fa-search"></i>&nbsp;{{ config['name'] }}
+                          <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
                         </a>
                       </td>
                       <td>
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index f62d43ac2..bb801e38a 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -55,14 +55,14 @@ <h3 class="card-title">Basic Settings</h3>
                   <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
                   <td width="20%">
                     <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
-                      <i class="fas fa-toggle-on"></i>&nbsp;Turn On
+                      <i class="fa-solid fa-toggle-on"></i>&nbsp;Turn On
                     </button>
                   </td>
                 {% elif SETTING.get(setting) in [True] %}
                   <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
                   <td width="20%">
                     <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
-                      <i class="fas fa-toggle-off"></i>&nbsp;Turn Off
+                      <i class="fa-solid fa-toggle-off"></i>&nbsp;Turn Off
                     </button>
                   </td>
                 {% else %}
@@ -71,7 +71,7 @@ <h3 class="card-title">Basic Settings</h3>
                   </td>
                   <td width="20%">
                     <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
-                      <i class="fas fa-save"></i>&nbsp;Save
+                      <i class="fa-solid fa-save"></i>&nbsp;Save
                     </button>
                   </td>
                 {% endif %}
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index 03cd27390..c4b894700 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -69,7 +69,9 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                 </div>
               </div>
               <div class="card-footer">
-                <button type="submit" class="btn btn-primary"><i class="fas fa-save"></i>&nbsp;Update</button>
+                <button type="submit" class="btn btn-primary float-right">
+                  <i class="fa-solid fa-save"></i>&nbsp;Save
+                </button>
               </div>
             </form>
           </div>
diff --git a/powerdnsadmin/templates/admin_setting_records.html b/powerdnsadmin/templates/admin_setting_records.html
index 0803e412d..3fea6a52f 100644
--- a/powerdnsadmin/templates/admin_setting_records.html
+++ b/powerdnsadmin/templates/admin_setting_records.html
@@ -34,8 +34,8 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-5">
-        <div class="card card-primary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">DNS record Settings</h3>
           </div>
           <form role="form" method="post">
@@ -66,14 +66,16 @@ <h3 class="card-title">DNS record Settings</h3>
               </table>
             </div>
             <div class="card-footer">
-              <button type="submit" class="btn btn-flat btn-primary">Update</button>
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Save
+              </button>
             </div>
           </form>
         </div>
       </div>
       <div class="col-7">
-        <div class="card card-primary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Help</h3>
           </div>
           <div class="card-body">
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 49e4d3044..54bb019bf 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -14,7 +14,6 @@
     <!--  Get Google Fonts we like -->
     <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
     <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
     <!-- Tell the browser to be responsive to screen width -->
     <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
     <!-- Tell Safari to not recognise telephone numbers -->
@@ -28,56 +27,24 @@
   {% endblock %}
 </head>
 
-<body class="hold-transition sidebar-mini text-sm {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
+<body class="hold-transition sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
   {% set user_image_url = url_for('user.image', username=current_user.username) %}
   <div class="wrapper">
   {% block pageheader %}
-    <nav class="main-header navbar navbar-expand navbar-dark">
+    <nav class="main-header navbar navbar-expand navbar-white navbar-light">
       <!-- Header Navbar: style can be found in header.less -->
       <!-- Sidebar toggle button-->
       <ul class="navbar-nav">
         <li class="nav-item">
           <a class="nav-link" data-widget="pushmenu" href="#" role="button">
-            <i class="fas fa-bars"></i>
+            <i class="fa-solid fa-bars"></i>
           </a>
         </li>
-        {% if current_user.id is defined %}
-          <li class="nav-item d-none d-inline-block">
-            <a class="nav-link" href="{{ url_for('index.logout') }}">
-              Logout
-            </a>
-          </li>
-        {% endif %}
       </ul>
-
         <ul class="navbar-nav ml-auto">
-<!--          {% if current_user.id is defined %}
-          <li class="nav-item dropdown user-menu">
-            <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">
-              <img src="{{ user_image_url }}" class="user-image img-circle elevation-2" alt="User Image"/>
-              <span class="d-none d-md-inline">
-                {{ current_user.firstname }} {{ current_user.lastname }}
-              </span>
-            </a>
-            <ul class="dropdown-menu">
-              <li class="user-header bg-dark">
-                <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image"/>
-                <p>
-                  {{ current_user.firstname }} {{ current_user.lastname }}
-                  <small>{{ current_user.role.name }}</small>
-                </p>
-              </li>
-              <li class="user-footer">
-                <a href="{{ url_for('user.profile') }}" class="btn btn-primary">My Profile</a>
-                <a href="{{ url_for('index.logout') }}" class="btn btn-warning float-right">Log out</a>
-              </li>
-            </ul>
-          </li>
-          {% endif %}
--->          
         <li class="nav-item">
           <a class="nav-link" data-widget="fullscreen" href="#" role="button">
-            <i class="fas fa-expand-arrows-alt"></i>
+            <i class="fa-solid fa-expand-arrows-alt"></i>
           </a>
         </li>
       </ul>
@@ -88,6 +55,7 @@
   <aside class="main-sidebar sidebar-dark-primary">
     <!-- Logo -->
     <a href="{{ url_for('index.index') }}" class="brand-link">
+      <img src="{{ url_for('static', filename='img/favicon.png') }}" alt="PowerDNS-Admin FavIcon" class="brand-image img-circle elevation-3" style="opacity: .8">
       <span class="brand-text font-weight-light">
         {% if SETTING.get('site_name') %}
           <b>{{ SITE_NAME }}</b>
@@ -109,17 +77,29 @@
       </div>
       <!-- sidebar menu: : style can be found in sidebar.less -->
       <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
-        <li class="nav-header">USER ACTIONS</li>
+        <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
+          <a href="{{ url_for('user.profile') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-user"></i>
+            <p>Profile</p>
+          </a>
+        </li>
+        <li class="nav-item">
+          <a href="{{ url_for('index.logout') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
+            <p>Logout</p>
+          </a>
+        </li>
+        <li class="nav-header">Zone Management</li>
         <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
           <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
-            <i class="nav-icon fas fa-tachometer-alt"></i>
+            <i class="nav-icon fa-solid fa-tachometer-alt"></i>
             <p>Dashboard</p>
           </a>
         </li>
         {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
         <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
           <a href="{{ url_for('domain.add') }}" class="nav-link">
-            <i class="nav-icon fas fa-plus"></i>
+            <i class="nav-icon fa-solid fa-plus"></i>
             <p>New Domain</p>
           </a>
         </li>
@@ -127,86 +107,86 @@
         {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
         <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
           <a href="{{ url_for('domain.remove') }}" class="nav-link">
-            <i class="nav-icon fas fa-trash-alt"></i>
+            <i class="nav-icon fa-solid fa-trash-alt"></i>
             <p>Remove Domain</p>
           </a>
         </li>
         {% endif %}
         {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="nav-header">ADMINISTRATION</li>
+        <li class="nav-header">Administration</li>
         <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
           <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
-            <i class="nav-icon fas fa-info-circle"></i>
+            <i class="nav-icon fa-solid fa-info-circle"></i>
             <p>PowerDNS Info</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
           <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-            <i class="nav-icon fas fa-search"></i>
+            <i class="nav-icon fa-solid fa-search"></i>
             <p>Global Search</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
           <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fas fa-calendar-alt"></i>
+            <i class="nav-icon fa-solid fa-calendar-alt"></i>
             <p>History</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
           <a href="{{ url_for('admin.templates') }}" class="nav-link">
-            <i class="nav-icon fas fa-clone"></i>
+            <i class="nav-icon fa-solid fa-clone"></i>
             <p>Domain Templates</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
           <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
-            <i class="nav-icon fas fa-industry"></i>
+            <i class="nav-icon fa-solid fa-industry"></i>
             <p>Accounts</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
           <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
-            <i class="nav-icon fas fa-users"></i>
+            <i class="nav-icon fa-solid fa-users"></i>
             <p>Users</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
           <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
-            <i class="nav-icon fas fa-key"></i>
+            <i class="nav-icon fa-solid fa-key"></i>
             <p>API Keys</p>
           </a>
         </li>
         <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
           <a href="#" class="nav-link">
-            <i class="nav-icon fas fa-cog"></i>
+            <i class="nav-icon fa-solid fa-cog"></i>
             <p>
               Settings
-              <i class="right fas fa-angle-left"></i>
+              <i class="right fa-solid fa-angle-left"></i>
             </p>
           </a>
           <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
             <li class="nav-item">
               <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
-                <i class="nav-icon far fa-circle"></i>
+                <i class="nav-icon fa-solid fa-circle"></i>
                 <p>Basic</p>
               </a>
             </li>
             <li class="nav-item">
               <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
-                <i class="nav-icon far fa-circle"></i>
+                <i class="nav-icon fa-solid fa-circle"></i>
                 <p>Records</p>
               </a>
             </li>
             {% if current_user.role.name == 'Administrator' %}
               <li class="nav-item">
                 <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
-                  <i class="nav-icon far fa-circle"></i>
+                  <i class="nav-icon fa-solid fa-circle"></i>
                   <p>PowerDNS Connection</p>
                 </a>
               </li>
               <li class="nav-item">
                 <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
-                  <i class="nav-icon far fa-circle"></i>
+                  <i class="nav-icon fa-solid fa-circle"></i>
                   <p>Authentication</p>
                 </a>
               </li>
@@ -214,10 +194,10 @@
           </ul>
         </li>
         {% elif SETTING.get('allow_user_view_history') %}
-        <li class="nav-header">ADMINISTRATION</li>
+        <li class="nav-header">Administration</li>
         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
           <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fas fa-calendar-alt"></i>
+            <i class="nav-icon fa-solid fa-calendar-alt"></i>
             <p>History</p>
           </a>
         </li>
@@ -383,49 +363,43 @@ <h1 class="m-0 text-dark">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <button type="button" class="close" data-dismiss="modal"
-          aria-label="Close">
+        <h4 class="modal-title">Error</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
-        <h4 class="modal-title">Error</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-default pull-right"
-          data-dismiss="modal">Close</button>
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
       </div>
     </div>
-    <!-- /.modal-content -->
   </div>
-  <!-- /.modal-dialog -->
 </div>
 <!-- /.modal -->
 <div class="modal fade modal-success" id="modal_success">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <button type="button" class="close" data-dismiss="modal"
-          aria-label="Close">
+        <h4 class="modal-title">Success</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
-        <h4 class="modal-title">Success</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-default pull-right"
-          data-dismiss="modal">Close</button>
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
       </div>
     </div>
-    <!-- /.modal-content -->
   </div>
-  <!-- /.modal-dialog -->
 </div>
-<!-- /.modal -->
-<!-- /.session-warning-modal -->
 <div class="modal fade modal-warning" data-backdrop="static" id="modal_session_warning">
   <div class="modal-dialog">
     <div class="modal-content">
@@ -438,17 +412,16 @@ <h3><span id="modal-time"></span></h3>
         <p>To coninue your ssession, select <strong>Stay Signed In</strong></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-danger pull-left button_stay_signed_in"
-          data-dismiss="modal">Stay Signed In</button>
-        <button type="button" class="btn btn-flat btn-default pull-right button_sign_out"
-          data-dismiss="modal">Sign Out</button>
+        <button type="button" class="btn btn-success float-right button_stay_signed_in" data-dismiss="modal">
+          Stay Signed In
+        </button>
+        <button type="button" class="btn btn-danger float-left button_sign_out" data-dismiss="modal">
+          Sign Out
+        </button>
       </div>
     </div>
-    <!-- /.session-warning-modal-content -->
   </div>
-  <!-- /.session-warning-modal-dialog -->
 </div>
-<!-- /.session-warning-modal -->
 {% endblock %}
 {% block modals %}
 {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 727f5b5a5..ddf369715 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -36,7 +36,7 @@ <h1 class="m-0 text-dark">
       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
         <div class="row">
           <div class="col-3">
-            <div class="card shadow card-outline card-secondary">
+            <div class="card">
               <div class="card-header">
                 <h3 class="card-title">Statistics</h3>
               </div>
@@ -50,7 +50,7 @@ <h3>{{ domain_count }}</h3>
                         <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
                       </div>
                       <div class="icon">
-                        <i class="fa fa-book"></i>
+                        <i class="fa-solid fa-book"></i>
                       </div>
                     </div>
                   </div>
@@ -63,7 +63,7 @@ <h3>{{ user_num }}</h3>
                             <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
                           </div>
                           <div class="icon">
-                            <i class="fa fa-users"></i>
+                            <i class="fa-solid fa-users"></i>
                           </div>
                         </div>
                       </a>
@@ -79,7 +79,7 @@ <h3>{{ history_number }}</h3>
                           <p>{% if history_number > 1 %}Histories{% else %}History{% endif %}</p>
                         </div>
                         <div class="icon">
-                          <i class="fa fa-calendar"></i>
+                          <i class="fa-solid fa-calendar"></i>
                         </div>
                       </div>
                     </a>
@@ -93,7 +93,7 @@ <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3
                             <p>Uptime</p>
                           </div>
                           <div class="icon">
-                            <i class="fa fa-clock"></i>
+                            <i class="fa-solid fa-clock"></i>
                           </div>
                         </div>
                       </a>
@@ -104,7 +104,7 @@ <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3
             </div>
           </div>
           <div class="col-9">
-            <div class="card shadow card-outline card-secondary">
+            <div class="card">
               <div class="card-header">
                 <h3 class="card-title">Recent History</h3>
               </div>
@@ -139,7 +139,7 @@ <h3 class="card-title">Recent History</h3>
                             {% if history.detailed_msg == "" and history.change_set is none %}
                               style="visibility: hidden;"
                             {% endif %} value="{{ loop.index0 }}">
-                            &nbsp;Info
+                            <i class="fa-solid fa-info-circle"></i>&nbsp;Info
                           </button>
                         </td>
                       </tr>
@@ -153,56 +153,59 @@ <h3 class="card-title">Recent History</h3>
       {% endif %}
       <div class="row">
         <div class="col-12">
-          <div class="card shadow card-outline card-secondary">
+          <div class="card">
             <div class="card-header">
               <div class="nav-tabs-custom">
-                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
                   <li class="nav-item">
                     <a class="nav-link active" href="#tab_{{custom_boxes.order[0]}}" data-toggle="pill" role="tab">
                       Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
                     </a>
                   </li>
                   {% for boxId in custom_boxes.order[1:] %}
-                    <li class="nav-item" >
-                      <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
-                    </li>
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
+                  </li>
                   {% endfor %}
                 </ul>
-                <div class="tab-content">
-                  {% for boxId in custom_boxes.order %}
-                    <div class="tab-pane fade show" id='tab_{{boxId}}'>
-                      <div class="card-header">
-                        <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
-                        {% if show_bg_domain_button %}
-                          <button type="button" class="btn btn-primary refresh-bg-button float-right">
-                            <i class="fas fa-sync"></i>
-                            &nbsp;Sync domains
-                          </button>
-                        {% endif %}
-                      </div>
-                      <div class="card-body">
-                        <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
-                          <thead>
-                            <tr>
-                              <th>Name</th>
-                              <th>DNSSEC</th>
-                              <th>Type</th>
-                              <th>Serial</th>
-                              <th>Master</th>
-                              <th>Account</th>
-                              <th>Actions</th>
-                            </tr>
-                          </thead>
-                          <tbody>
-                          </tbody>
-                        </table>
-                      </div>
-                    </div>
-                  {% endfor %}
+              </div>
+            </div>
+            <div class="card-body">
+              <div class="tab-content">
+                {% for boxId in custom_boxes.order %}
+                <div class="tab-pane fade show" id='tab_{{boxId}}'>
+                  <div class="card-header">
+                    <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
+                    {% if show_bg_domain_button %}
+                    <button type="button" class="btn btn-primary refresh-bg-button float-right">
+                      <i class="fa-solid fa-sync"></i>
+                      &nbsp;Sync Domains
+                    </button>
+                    {% endif %}
+                  </div>
+                  <div class="card-body">
+                    <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
+                      <thead>
+                        <tr>
+                          <th>Name</th>
+                          <th>DNSSEC</th>
+                          <th>Type</th>
+                          <th>Serial</th>
+                          <th>Primary</th>
+                          <th>Account</th>
+                          <th>Actions</th>
+                        </tr>
+                      </thead>
+                      <tbody>
+                      </tbody>
+                    </table>
+                  </div>
                 </div>
+                {% endfor %}
               </div>
             </div>
           </div>
+
         </div>
       </div>
     </div>
@@ -304,117 +307,112 @@ <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h
     });
 
     {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
-    $(document.body).on("click", ".button_dnssec", function() {
+      $(document.body).on("click", ".button_dnssec", function() {
         var domain = $(this).prop('id');
         getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
-    });
+      });
 
-    $(document.body).on("click", ".button_dnssec_enable", function() {
+      $(document.body).on("click", ".button_dnssec_enable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
+      });
 
-    });
-
-    $(document.body).on("click", ".button_dnssec_disable", function() {
+      $(document.body).on("click", ".button_dnssec_disable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
-
-    });
+      });
     {% endif %}
 </script>
 {% endblock %}
+
 {% block modals %}
 <div class="modal fade" id="modal_history_info">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">History Details</h4>
-            </div>
-            <div class="modal-body">
-              <div id="modal-info-content"></div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">History Details</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <div id="modal-info-content">
         </div>
-        <!-- /.modal-content -->
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
+
 <div class="modal fade modal-primary" id="modal_template">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Clone to template</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    id="button_close" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Clone to template</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" id="button_close" data-dismiss="modal">
+          Close
+        </button>
+        <button type="button" class="btn btn-primary float-right" id="button_save">
+          Save
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
-<!-- /.modal -->
+
 <div class="modal fade" id="modal_dnssec_info">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">DNSSEC</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                <span aria-hidden="true">&times;</span>
-              </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">DNSSEC</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
-<!-- /.modal -->
-<div class="modal fade" id="modal_bg_reload">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Sync domains from nameserver</h4>
-            </div>
-            <div class="modal-body">
 
-                <div class="overlay">
-                  <div id="modal_bg_reload_content"><i class="fa fa-refresh fa-spin"></i> Update in progress ..</div>
-                </div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
+<div class="modal fade" id="modal_bg_reload">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Sync Domains from backend</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <div id="modal_bg_reload_content">
+          <i class="fa fa-refresh fa-spin"></i> Update in progress ..
         </div>
-        <!-- /.modal-content -->
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index 86338a9bb..a7df38cde 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -4,9 +4,9 @@
 
 {% macro dnssec(domain) %}
   {% if domain.dnssec %}
-  <td><span style="cursor:pointer" class="btn btn-lg btn-success button_dnssec" id="{{ domain.name }}"><i class="fa fa-lock"></i>&nbsp;Enabled</span></td>
+  <td><span style="cursor:pointer" class="badge badge-success button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock"></i>&nbsp;Enabled</span></td>
   {% else %}
-  <td><span style="cursor:pointer" class="btn btn-sm btn-danger button_dnssec" id="{{ domain.name }}"><i class="fa fa-unlock-alt"></i>&nbsp;Disabled</span></td>
+  <td><span style="cursor:pointer" class="badge badge-danger button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock-open"></i>&nbsp;Disabled</span></td>
   {% endif %}
 {% endmacro %}
 
@@ -31,30 +31,45 @@
 {% macro actions(domain) %}
 <td width="6%">
   <div class="dropdown">
-    <button class="btn btn-secondary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-      Options
+    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+      <i class="fa-solid fa-bars"></i>&nbsp;Actions
     </button>
     <div class="dropdown-menu" aria-labelledby="dropdownMenu">
       {% if current_user.role.name in ['Administrator', 'Operator'] %}
         <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
-          <i class="fa fa-clone"></i>&nbsp;Clone to Template
+          <i class="fa-solid fa-clone"></i>&nbsp;Clone to Template
         </button>
         <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa fa-cog"></i>&nbsp;Manage Domain
+          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
         </button>
         <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-          <i class="fa fa-cog"></i>&nbsp;Admin Settings
+          <i class="fa-solid fa-cog"></i>&nbsp;Admin Settings
         </button>
         <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-          <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
+          <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
         </button>
+        <div class="dropdown-divider"></div>
+        <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
+          <font color="red">
+            <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
+          </font>
+        </button>
+       </div>
       {% else %}
         <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa fa-cog"></i>&nbsp;Manage Domain
+          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
         </button>
         {% if allow_user_view_history %}
           <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
+            <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
+          </button>
+        {% endif %}
+        {% if allow_user_remove_domain %}
+          <div class="dropdown-divider"></div>
+          <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
+            <font color="red">
+              <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
+            </font>
           </button>
         {% endif %}
       {% endif %}  
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 4c03a9721..4cd1c1544 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -33,30 +33,30 @@ <h1 class="m-0 text-dark">
       <div class="col-12">
         <div class="card">
           <div class="card-header">
-            {% if domain.type != 'Secondary' %}
+            {% if domain.type != 'Slave' %}
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_add_record" id="{{ domain.name }}">
-                <i class="fas fa-plus"></i>
+                <i class="fa-solid fa-plus"></i>
                 &nbsp;Add Record
               </button>
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
-                <i class="fas fa-save"></i>
+                <i class="fa-solid fa-save"></i>
                 &nbsp;Apply Changes
               </button>
             {% else %}
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_update_from_primary" id="{{ domain.name }}">
-                <i class="fas fa-download"></i>
+                <i class="fa-solid fa-sync"></i>
                 &nbsp;Update from Primary
               </button>
             {% endif %}
             {% if current_user.role.name in ['Administrator', 'Operator'] %}
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-                <i class="fas fa-cog"></i>
+                <i class="fa-solid fa-toolbox"></i>
                 &nbsp;Admin
               </button>
             {% endif %}
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
               <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary button_changelog" id="{{ domain.name }}">
-                <i class="fas fa-history" aria-hidden="true"></i>
+                <i class="fa-solid fa-history" aria-hidden="true"></i>
                 &nbsp;Changelog
               </button>
             {% endif %}
@@ -70,7 +70,7 @@ <h1 class="m-0 text-dark">
                   <th>Status</th>
                   <th>TTL</th>
                   <th>Data</th>
-                  {% if domain.type != 'Secondary' %}
+                  {% if domain.type != 'Slave' %}
                     <th>Comment</th>
                     <th>Edit</th>
                     <th>Delete</th>
@@ -95,23 +95,25 @@ <h1 class="m-0 text-dark">
                       <td width="6%">
                         {% if record.is_allowed_edit() %}
                           <button type="button" class="btn btn-warning button_edit">
-                            <i class="fa fa-edit"></i>
+                            <i class="fa-solid fa-edit"></i>
                           </button>
                         {% else %}
                           <button type="button" class="btn btn-warning">
-                            <i class="fa fa-exclamation-circle"></i>
+                            <i class="fa-solid fa-exclamation-circle"></i>
                           </button>
                         {% endif %}
                       </td>
                       <td width="6%">
                         {% if record.is_allowed_delete() %}
-                          <button type="button" class="btn btn-danger button_delete"><i class="fa fa-trash"></i></button>
+                          <button type="button" class="btn btn-danger button_delete">
+                            <i class="fa-solid fa-trash"></i>
+                          </button>
                         {% endif %}
                       </td>
                       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                         <td width="6%">
                           <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
-                            <i class="fa fa-history" aria-hidden="true"></i>
+                            <i class="fa-solid fa-history" aria-hidden="true"></i>
                           </button>
                         </td>
                       {% endif %}
@@ -171,7 +173,7 @@ <h1 class="m-0 text-dark">
                 // hidden column so that we can add new records on top
                 // regardless of whatever sorting is done. See orderFixed
                 visible: false,
-                {% if domain.type != 'Secondary' %}
+                {% if domain.type != 'Slave' %}
                   {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                     targets: [ 9 ]
                   {% else %}
@@ -186,7 +188,7 @@ <h1 class="m-0 text-dark">
                 targets: [ 4, 5 ]
             }
         ],
-        {% if domain.type != 'Secondary' %}
+        {% if domain.type != 'Slave' %}
           {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
             "orderFixed": [[9, 'asc']]
           {% else %}
@@ -229,7 +231,7 @@ <h1 class="m-0 text-dark">
         });
     });
     // handle edit button and record click
-    {% if domain.type != 'Secondary' %}
+    {% if domain.type != 'Slave' %}
       $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
          e.stopPropagation();
          if ($(this).is('tr')) {
@@ -296,9 +298,9 @@ <h1 class="m-0 text-dark">
             // add new row
             var default_type = records_allow_edit[0]
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-          var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
+              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
-            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
+              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             {% endif %}
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
@@ -563,11 +565,16 @@ <h1 class="m-0 text-dark">
         }
     });
     {% endif %}
+
+    window.onload = function() {
+    document.getElementById("loading-spinner").style.display = "none";
+  }
+
 </script>
 {% endblock %}
 
 {% block modals %}
-  <div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
@@ -580,14 +587,18 @@ <h4 class="modal-title">Confirmation</h4>
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-primary pull-left" id="button_delete_cancel" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+          <button type="button" class="btn btn-secondary pull-left" id="button_delete_cancel" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">
+            <i class="fa-solid fa-trash"></i>&nbsp;Delete
+          </button>
         </div>
       </div>
     </div>
   </div>
 
-  <div class="modal fade modal-primary" id="modal_apply_changes">
+  <div class="modal fade" id="modal_apply_changes">
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
@@ -600,14 +611,18 @@ <h4 class="modal-title">Confirmation</h4>
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-success" id="button_apply_confirm">Apply</button>
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-success" id="button_apply_confirm">
+            <i class="fa-solid fa-save"></i>&nbsp;Apply Changes
+          </button>
         </div>
       </div>
     </div>
   </div>
 
-  <div class="modal fade modal-primary" id="modal_custom_record">
+  <div class="modal fade bg-primary" id="modal_custom_record">
     <div class="modal-dialog">
       <div class="modal-content">
         <div class="modal-header">
@@ -620,7 +635,12 @@ <h4 class="modal-title">Custom Record</h4>
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-primary" id="button_save">Save</button>
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-success" id="button_save">
+            <i class="fa-solid fa-save"></i>&nbsp;Save
+          </button>
         </div>
       </div>
     </div>
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index d736ca8ee..3f8525783 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -34,8 +34,8 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-4">
-        <div class="card shadow card-outline card-secondary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Create new domain</h3>
           </div>
           <form role="form" method="post" action="{{ url_for('domain.add') }}">
@@ -118,19 +118,19 @@ <h3 class="card-title">Create new domain</h3>
               </div>
             </div>
             <div class="card-footer">
-              <button type="submit" class="btn btn-primary">
-                Submit
+              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
               </button>
-              <button type="button" class="btn btn-default" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                Cancel
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Create
               </button>
             </div>
           </form>
         </div>
       </div>
       <div class="col-8">
-        <div class="card shadow card-outline card-secondary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Help with creating a new domain</h3>
           </div>
           <div class="card-body">
@@ -218,18 +218,18 @@ <h3 class="card-title">Help with creating a new domain</h3>
     <div class="modal-dialog">
       <div class="modal-content modal-sm">
         <div class="modal-header alert-danger">
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-            <span aria-hidden="true">&times;</span>
-          </button>
           <h4 class="modal-title">
             WARNING
           </h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
         <div class="modal-body">
           <p></p>
         </div>
         <div class="modal-footer">
-          <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
+          <button type="button" class="btn btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
             CLOSE
           </button>
         </div>
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 056fa28b4..6fdea69bb 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -39,9 +39,9 @@ <h1 class="m-0 text-dark">
       <div class="col-12">
         <div class="card">
           <div class="card-body">
-            <button type="button" class="btn btn-primary pull-left button_show_records" id="{{ domain.name }}">
-              <i class="fas fa-arrow-left"></i>          
-              &nbsp;Manage
+            <button type="button" class="btn btn-primary float-left button_show_records" id="{{ domain.name }}">
+              <i class="fa-solid fa-arrow-left"></i>          
+              &nbsp;Manage Domain {{ domain.name }}
             </button>
           </div>
           <div class="card-body">
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 2dccd6fa6..a2da906ac 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -34,9 +34,9 @@ <h1 class="m-0 text-dark">
   <div class="container-fluid">
     <div class="row">
       <div class="col-4">
-        <div class="card shadow card-outline card-secondary">
+        <div class="card">
           <div class="card-header">
-            <h3 class="card-title">Remove domain</h3>
+            <h3 class="card-title">Remove Domain</h3>
           </div>
           <form role="form" method="post" action="{{ url_for('domain.remove') }}">
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
@@ -50,23 +50,25 @@ <h3 class="card-title">Remove domain</h3>
               <br />
             </div>
             <div class="card-footer">
-              <button type="button" class="btn btn-default" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                Cancel
+              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+              </button>
+              <button type="button" class="btn btn-danger button_delete float-right">
+                <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
               </button>
-              <button type="button" class="btn btn-danger button_delete float-right">Remove</button>
             </div>
           </form>
         </div>
       </div>
       <div class="col-8">
-        <div class="card shadow card-outline card-secondary">
+        <div class="card">
           <div class="card-header">
-            <h3 class="card-title">Help with removing a new domain</h3>
+            <h3 class="card-title">Help with removing a domain</h3>
           </div>
           <div class="card-body">
             <dl class="dl-horizontal">
-              <dt>Domain name</dt>
-              <dd>Select domain you wish to remove from DNS.</dd>
+              <dt>Domain Name</dt>
+              <dd>Select the domain you wish to remove from the system.</dd>
             </dl>
             <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a></p>
           </div>
@@ -122,11 +124,11 @@ <h4 class="modal-title">Confirmation</h4>
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-default" id="button_delete_cancel" data-dismiss="modal">
-          Close
+        <button type="button" class="btn btn-secondary" id="button_delete_cancel" data-dismiss="modal">
+          <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
         </button>
         <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
-          Delete
+          <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
         </button>
       </div>
     </div>
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index cc677d4ef..1d68388d6 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -83,8 +83,10 @@ <h3 class="card-title">Domain Access Control</h3>
                         <div class="card-body">
                             <div class="col-offset-2">
                                 <div class="form-group">
-                                    <button type="submit" class="btn btn-primary"><i class="fa fa-check"></i>
-                                        Save</button>
+                                    <button type="submit" class="btn btn-primary">
+                                      <i class="fa-solid fa-check"></i>
+                                      Save
+                                    </button>
                                 </div>
                             </div>
                         </div>
@@ -114,7 +116,7 @@ <h3 class="card-title">Account</h3>
                                     {% endfor %}
                                 </select><br />
                                 <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
-                                    <i class="fa fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
+                                    <i class="fa-solid fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
                                 </button>
                             </form>
                         </div>
@@ -193,7 +195,7 @@ <h3 class="card-title">Change Type</h3>
                                 placeholder="Enter valid Primary Server IP addresses (separated by commas)">
                         </div>
                         <button type="submit" class="btn btn-primary" id="change_type">
-                            <i class="fa fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
+                            <i class="fa-solid fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -236,7 +238,7 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                             <option>OFF</option>
                         </select><br />
                         <button type="submit" class="btn btn-primary" id="change_soa_edit_api">
-                            <i class="fa fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
+                            <i class="fa-solid fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -253,9 +255,9 @@ <h3 class="card-title">Domain Deletion</h3>
                     <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All records and
                         user privileges associated with this domain will also be removed. This change cannot be
                         reverted.</p>
-                    <button type="button" class="btn btn-danger pull-left delete_domain"
+                    <button type="button" class="btn btn-danger float-left delete_domain"
                         id="{{ domain.name }}">
-                        <i class="fa fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
+                        <i class="fa-solid fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
                     </button>
                 </div>
             </div>
@@ -370,26 +372,24 @@ <h3 class="card-title">Domain Deletion</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete_domain">
+<div class="modal fade" id="modal_delete_domain">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                  <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">
+                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">
                     Delete</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 02f3e41f8..e84bb8e61 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -8,7 +8,6 @@
     <!-- Tell the browser to be responsive to screen width -->
     <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
     <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
     {% assets "css_login" -%}
       <link rel="stylesheet" href="{{ ASSET_URL }}">
     {%- endassets %}
@@ -103,25 +102,25 @@
               {% endif %}
               {% if SETTING.get('oidc_oauth_enabled') %}
                 <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat">
-                  <i class="fa fa-openid"></i>
+                  <i class="fa-brands fa-openid"></i>
                   Sign in using OpenID Connect
                 </a>
               {% endif %}
               {% if SETTING.get('github_oauth_enabled') %}
                 <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat">
-                  <i class="fa fa-github"></i>
+                  <i class="fa-brands fa-github"></i>
                   Sign in using Github
                 </a>
               {% endif %}
               {% if SETTING.get('google_oauth_enabled') %}
                 <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat">
-                  <i class="fa fa-google"></i>
+                  <i class="fa-brands fa-google"></i>
                   Sign in using Google
                 </a>
               {% endif %}
               {% if SETTING.get('azure_oauth_enabled') %}
                 <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat">
-                  <i class="fa fa-windows"></i>
+                  <i class="fa-brands fa-windows"></i>
                   Sign in using Microsoft Azure
                 </a>
               {% endif %}
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 9257d7520..81c833f99 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -34,11 +34,11 @@
           </div>
           {% endif %}
           <p class="login-box-msg">Enter your personal details below</p>
-          <form action="{{ url_for('index.register') }}" method="post" novalidate>
+          <form action="{{ url_for('index.register') }}" method="post" validator>
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
             
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
@@ -55,7 +55,7 @@
             </div>
 
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
@@ -72,7 +72,7 @@
             </div>
 
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-envelope"></i>
@@ -91,7 +91,7 @@
             <p class="login-box-msg">Enter your account details below</p>
 
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
@@ -108,7 +108,7 @@
             </div>
 
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-lock"></i>
@@ -125,7 +125,7 @@
             </div>
 
             <div class="form-group">
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-lock"></i>
@@ -145,7 +145,7 @@
             <p class="login-box-msg">Please complete the CAPTCHA below</p>
             <div class="form-group">
               {{ captcha() }}
-              <div class="input-group mb-3">
+              <div class="input-group">
                 <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-shield-alt"></i>
@@ -164,7 +164,7 @@
           <div class="row">
             <div class="d-flex justify-content-between mx-auto mt-3">
               <button type="button" class="btn btn-secondary" id="button_back">Back</button>
-              <button type="submit" class="btn btn-primary mx-3">Register</button>
+              <button type="submit" class="btn btn-primary btn-block mx-3">Register</button>
             </div>
           </div>
         </form>
diff --git a/powerdnsadmin/templates/register_otp.html b/powerdnsadmin/templates/register_otp.html
index 87ec027e3..2e8478653 100755
--- a/powerdnsadmin/templates/register_otp.html
+++ b/powerdnsadmin/templates/register_otp.html
@@ -69,7 +69,7 @@
           </div>
           <div class="row">
             <div class="col-xs-4">
-              <button type="submit" class="btn btn-flat btn-primary btn-block">Continue</button>
+              <button type="submit" class="btn btn-primary btn-block">Continue</button>
             </div>
           </div>
         </form>
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index 08d2d28b4..165d828f4 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -41,7 +41,7 @@ <h1 class="m-0 text-dark">
             <div class="alert alert-danger alert-dismissible">
               <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
               <h4>
-                <i class="icon fa fa-ban"></i> Error!
+                <i class="fa-solid fa-ban"></i> Error!
               </h4>
               <div class="alert-message block-message error">
                 <a class="close" href="#">x</a>
@@ -58,12 +58,12 @@ <h4>
     {% endwith %}
     <div class="row">
       <div class="col-12">
-        <div class="card shadow card-outline card-secondary">
+        <div class="card">
           <div class="card-header">
             <h3 class="card-title">Templates</h3>
             <a href="{{ url_for('admin.create_template') }}">
               <button type="button" class="btn btn-primary float-right">
-                <i class="fa fa-plus"></i>&nbsp;Create Template
+                <i class="fa-solid fa-plus"></i>&nbsp;Create Template
               </button>
             </a>
           </div>
@@ -74,7 +74,7 @@ <h3 class="card-title">Templates</h3>
                   <th>Name</th>
                   <th>Description</th>
                   <th>Number of Records</th>
-                  <th width="20%">Action</th>
+                  <th width="20%">Actions</th>
                 </tr>
               </thead>
               <tbody>
@@ -92,14 +92,22 @@ <h3 class="card-title">Templates</h3>
                       {{ template.records|count }}
                     </td>
                     <td>
-                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                        <button type="button" class="btn btn-warning button_edit" id="btn_edit">
-                          <i class="fa fa-edit"></i>&nbsp;Edit
+                      <div class="dropdown">
+                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
                         </button>
-                      </a>
-                      <button type="button" class="btn btn-danger button_delete" id="{{template.name}}">
-                        <i class="fa fa-trash"></i>&nbsp;Delete
-                      </button>
+                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_template', template=template.name) }}'">
+                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Template
+                          </button>
+                          <div class="dropdown-divider"></div>
+                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{template.name}}">
+                            <font color="red">
+                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Template
+                            </font>
+                          </button>
+                         </div>
+                      </div>
                     </td>
                   </tr>
                 {% endfor %}
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 8bbedc37a..6b06ccf5d 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -39,7 +39,7 @@ <h1 class="m-0 text-dark">
             <div class="alert alert-danger alert-dismissible">
               <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
               <h4>
-                <i class="icon fa fa-ban"></i> Error!
+                <i class="fa-solid fa-ban"></i> Error!
               </h4>
               <div class="alert-message block-message error">
                 <a class="close" href="#">x</a>
@@ -55,8 +55,8 @@ <h4>
     {% endwith %}
     <div class="row">
       <div class="col-4">
-        <div class="card card-primary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Create new template</h3>
           </div>
           <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
@@ -72,16 +72,19 @@ <h3 class="card-title">Create new template</h3>
               </div>
             </div>
             <div class="card-footer">
-              <button type="submit" class="btn btn-primary">Submit</button>
-              <button type="button" class="btn btn-default"
-              onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
+              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.templates') }}'">
+                Cancel
+              </button>
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Save
+              </button>
             </div>
           </form>
         </div>
       </div>
       <div class="col-8">
-        <div class="card card-primary">
-          <div class="card-header with-border">
+        <div class="card">
+          <div class="card-header">
             <h3 class="card-title">Help with creating a new template</h3>
           </div>
           <div class="card-body">
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 263217200..92addf107 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -39,11 +39,11 @@ <h1 class="m-0 text-dark">
                     <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                 </div>
                 <div class="card-body">
-                    <button type="button" class="btn btn-primary pull-left button_add_record" id="{{ template }}">
-                        <i class="fa fa-plus"></i>&nbsp;Add Record
+                    <button type="button" class="btn btn-primary float-left button_add_record" id="{{ template }}">
+                        <i class="fa-solid fa-plus"></i>&nbsp;Add Record
                     </button>
-                    <button type="button" class="btn btn-primary pull-right button_apply_changes" id="{{ template }}">
-                        <i class="fa fa-save"></i>&nbsp;Apply Changes
+                    <button type="button" class="btn btn-primary float-right button_apply_changes" id="{{ template }}">
+                        <i class="fa-solid fa-save"></i>&nbsp;Save Changes
                     </button>
                 </div>
                 <div class="card-body">
@@ -84,12 +84,12 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                     </td>
                                     <td width="6%">
                                          <button type="button" class="btn btn-warning button_edit">
-                                            <i class="fa fa-edit"></i>&nbsp;Edit
+                                            <i class="fa-solid fa-edit"></i>&nbsp;Edit
                                         </button>
                                     </td>
                                     <td width="6%">
                                         <button type="button" class="btn btn-danger button_delete">
-                                            <i class="fa fa-trash"></i>&nbsp;Delete
+                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete
                                         </button>
                                     </td>
                                     <td>
@@ -110,8 +110,8 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
 {% block extrascripts %}
 <script>
     // superglobals
-    window.records_allow_edit = {{ editable_records|tojson }};
-    window.ttl_options = {{ ttl_options|tojson }};
+    window.records_allow_edit = {{ editable_records | tojson }};
+    window.ttl_options = {{ ttl_options | tojson }};
     window.nEditing = null;
     window.nNew = false;
 
@@ -238,7 +238,7 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
 
             // add new row
             var default_type = records_allow_edit[0]
-            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', 3600, '', '', '', '', '0']);
+            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
             nEditing = nRow;
@@ -430,67 +430,67 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+                <button type="button" class="btn btn-secondary float-left" id="button_delete_cancel" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                  Delete
+                </button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_apply_changes">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
+                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-primary" id="button_apply_confirm">
+                  Apply
+                </button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_custom_record">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Custom Record</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Custom Record</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
+                <button type="button" class="btn btn-primary" id="button_save">Save</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 286760ed3..b7bf69f3b 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -1,5 +1,7 @@
 {% extends "base.html" %}
 
+{% set active_page = "user_profile" %}
+
 {% block title %}
   <title>
     My Profile - {{ SITE_NAME }}
@@ -31,38 +33,39 @@ <h1 class="m-0 text-dark">
 <section class="content">
   <div class="container-fluid">
     <div class="row">
-      <div class="col-12">
-        <div class="card card-primary">
-          <div class="card-header with-border">
-            <h3 class="card-title">
-              Edit my profile {%  if session['authentication_type'] != 'LOCAL' %} [Disabled - Authenticated externally]{% endif %}
-            </h3>
-          </div>
-          <div class="card-body">
+      <div class="col-6">
+        <div class="card">
+          <div class="card-header">
             <div class="nav-tabs-custom">
               <ul class="nav nav-tabs" role="tablist">
                 <li class="nav-item">
-                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">Personal Info</a>
+                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
+                    Personal Info
+                  </a>
                 </li>
                 {%  if session['authentication_type'] == 'LOCAL' %}
                   <li class="nav-item">
-                    <a class="nav-link" href="#tabs-password" data-toggle="tab">Change Password</a>
+                    <a class="nav-link" href="#tabs-password" data-toggle="tab">
+                      Change Password
+                    </a>
                   </li>
                 {% endif %}
                 {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
                   <li class="nav-item">
-                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">Authentication</a>
+                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">
+                      Authentication
+                    </a>
                   </li>
                 {% endif %}
               </ul>
+              <div class="card-body">
               <div class="tab-content">
                 <div class="tab-pane fade show active" id="tabs-personal">
                   <form role="form" method="post" action="{{ user_profile }}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                     <div class="form-group">
                       <label for="firstname">First Name</label>
-                      <input type="text" class="form-control" name="firstname" id="firstname"
-                      placeholder="{{ current_user.firstname }}"
+                      <input type="text" class="form-control" name="firstname" id="firstname" placeholder="{{ current_user.firstname }}"
                       {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
                     </div>
                     <div class="form-group">
@@ -71,12 +74,14 @@ <h3 class="card-title">
                       {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
                     </div>
                     <div class="form-group">
-                      <label for="email">E-mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
+                      <label for="email">E-Mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
                       {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
                     </div>
                     {%  if session['authentication_type'] == 'LOCAL' %}
                       <div class="form-group">
-                        <button type="submit" class="btn btn-primary">Submit</button>
+                        <button type="submit" class="btn btn-primary">
+                          <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
+                        </button>
                       </div>
                     {% endif %}
                   </form>
@@ -89,14 +94,17 @@ <h3 class="card-title">
                       <form action="{{ user_profile }}" method="post">
                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                         <div class="form-group">
-                          <label for="password">New Password</label> <input type="password" class="form-control" name="password" id="newpassword">
+                          <label for="password">New Password</label>
+                          <input type="password" class="form-control" name="password" id="newpassword">
                         </div>
                         <div class="form-group">
                           <label for="rpassword">Re-type New Password</label>
                           <input type="password" class="form-control" name="rpassword" id="rpassword">
                         </div>
                         <div class="form-group">
-                          <button type="submit" class="btn btn-primary">Change Password</button>
+                          <button type="submit" class="btn btn-primary">
+                            <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
+                          </button>
                         </div>
                       </form>
                     {% endif %}
@@ -118,17 +126,19 @@ <h3 class="card-title">
                             <br />
                               <form>
                                 <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
-                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
+                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()">
+                                  <i class="fa-solid fa-clipboard"></i>
+                                </button>
                                 <br />
                                 <font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
                               </form>
                           </div>
                           You can use Google Authenticator 
-                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
-                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
+                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><i class="fa-brands fa-google-play"></i>Android</a>
+                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605"><i class="fa-brands fa-app-store-ios"></i>iOS</a>)
                            or FreeOTP 
-                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
-                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>) 
+                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en"><i class="fa-brands fa-google-play"></i>Android</a>
+                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8"><i class="fa-brands fa-app-store-ios"></i>iOS</a>) 
                            on your smartphone to scan the QR code.
                            <br />
                           <font color="red">
@@ -153,19 +163,7 @@ <h3 class="card-title">
 </section>
 {% endblock %}
 {% block extrascripts %}
-<!-- TODO: add password and password confirmation comparison check -->
 <script>
-    $(function () {
-        $('#tabs').tabs({
-            // add url anchor tags
-            activate: function (event, ui) {
-                window.location.hash = ui.newPanel.attr('id');
-            }
-        });
-        // re-set active tab (ui)
-        var activeTabIdx = $('#tabs').tabs('option', 'active');
-        $('#tabs li:eq(' + activeTabIdx + ')').tab('show')
-    });
 
     // initialize pretty checkboxes
     $('.otp_toggle').iCheck({
@@ -174,16 +172,19 @@ <h3 class="card-title">
     });
 
     // handle checkbox toggling
-    $('.otp_toggle').on('ifToggled', function (event) {
-        var enable_otp = $(this).prop('checked');
-        var postdata = {
-            'action': 'enable_otp',
-            'data': {
-                'enable_otp': enable_otp
-            },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true);
+    $('.otp_toggle').on('ifToggled', function(event) {
+    var enable_otp = $(this).prop('checked');
+    var postdata = {
+        'action': 'enable_otp',
+        'data': {
+            'enable_otp': enable_otp
+        },
+        '_csrf_token': '{{ csrf_token() }}'
+    };
+    applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true, function() {
+        window.location.reload();
+        $('#tabs li:eq(2) a').tab('show');
     });
+  });
 </script>
 {% endblock %}

From a3681240406da5d28bfbd0b1097f5f7b4b8e72e2 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 22:35:46 +0000
Subject: [PATCH 197/475] Font Awesome v6

---
 package.json            | 2 +-
 powerdnsadmin/assets.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 044e28d73..f6724c3ed 100644
--- a/package.json
+++ b/package.json
@@ -1,12 +1,12 @@
 {
   "dependencies": {
+    "@fortawesome/fontawesome-free": "6.3.0",
     "admin-lte": "3.2.0",
     "bootstrap": "4.6.2",
     "bootstrap-datepicker": "^1.9.0",
     "bootstrap-validator": "^0.11.9",
     "datatables.net-plugins": "^1.13.1",
     "icheck": "^1.0.2",
-    "ionicons": "^6.1.1",
     "jquery-slimscroll": "^1.3.8",
     "jquery-sparkline": "^2.4.0",
     "jquery-ui-dist": "^1.13.2",
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index ac48610c9..7ad973f31 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -12,7 +12,7 @@ def concat(self, out, hunks, **kw):
     out.write(';'.join([h.data() for h, info in hunks]))
 
 css_login = Bundle(
-  'node_modules/ionicons/dist/collection/components/icon/icon.css',
+  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
   'node_modules/icheck/skins/square/blue.css',
   'node_modules/admin-lte/dist/css/adminlte.css',
   filters=('cssmin', 'cssrewrite'),
@@ -31,6 +31,7 @@ def concat(self, out, hunks, **kw):
   output='generated/validation.js')
 
 css_main = Bundle(
+  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
   'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.min.css',
   'node_modules/icheck/skins/square/blue.css',
   'node_modules/multiselect/css/multi-select.css',

From d0961ca5e7813159fbebe2597c248316dc42325c Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 22:47:23 +0000
Subject: [PATCH 198/475] Fix user auth history modal and provide more info

---
 powerdnsadmin/routes/admin.py | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 9474503a2..5b8af61ff 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -769,7 +769,7 @@ def __init__(self, history, change_set):
         if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a domain creation
             self.detailed_msg = render_template_string("""
                     <table class="table table-bordered table-striped">
-                        <tr><td>Domain type:</td><td>{{ domaintype }}</td></tr>
+                        <tr><td>Domain Type:</td><td>{{ domaintype }}</td></tr>
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
@@ -778,22 +778,23 @@ def __init__(self, history, change_set):
 
         elif 'authenticator' in detail_dict: # this is a user authentication
             self.detailed_msg = render_template_string("""
-                <table class="table table-bordered table-striped" style="width:565px;">
-                    <thead>
+                <table class="table table-bordered table-striped"">
+                    <tbody>
                         <tr>
-                            <th colspan="3" style="background: rgba({{ background_rgba }});">
-                                <p style="color:white;">User {{ username }} authentication {{ auth_result }}</p>
-                            </th>
+                            <td>Username:</td>
+                            <td>{{ username }}</td>
+                        </tr>
+                        <tr>
+                            <td>Authentication Result:</td>
+                            <td>{{ auth_result }}</td>
                         </tr>
-                    </thead>
-                    <tbody>
                         <tr>
                             <td>Authenticator Type:</td>
-                            <td colspan="2">{{ authenticator }}</td>
+                            <td>{{ authenticator }}</td>
                         </tr>
                         <tr>
-                            <td>IP Address</td>
-                            <td colspan="2">{{ ip_address }}</td>
+                            <td>IP Address:</td>
+                            <td>{{ ip_address }}</td>
                         </tr>
                     </tbody>
                 </table>

From 9b696a42a4fab7300281cd20810612a55692930c Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 22:53:08 +0000
Subject: [PATCH 199/475] PR Conflict resolution

---
 .../templates/admin_edit_account.html         | 92 ++++++++++++-------
 1 file changed, 59 insertions(+), 33 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 10ff01fa9..8080733f4 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -103,6 +103,28 @@ <h3 class="card-title">Access Control</h3>
                 </select>
               </div>
             </div>
+            <div class="card-body">
+              <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
+                  Moving already associated domains to this account will overwrite the previous associated account.
+              </p>
+              <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
+              <div class="form-group col-2">
+                  <select multiple="multiple" class="form-control" id="account_domains"
+                      name="account_domains">
+                      {% for domain in domains %}
+                          {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                              {% with account_id=domain.account_id %}
+                                  <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}"
+                                      value="{{ domain.name }}">{{ domain.name }}</option>
+                              {% endwith %}
+                          {% else %}
+                              <option {% if account.id == domain.account_id %}selected{% endif %}
+                                  value="{{ domain.name }}">{{ domain.name }}</option>
+                          {% endif %}
+                      {% endfor %}
+                  </select>
+              </div>
+          </div>
             <div class="card-footer">
               <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
                 Cancel
@@ -145,40 +167,44 @@ <h3 class="card-title">Help with creating a new account</h3>
 {% endblock %}
 {% block extrascripts %}
 <script>
-    $("#account_multi_user").multiSelect({
-        selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        afterInit: function (ms) {
-            var that = this,
-                $selectableSearch = that.$selectableUl.prev(),
-                $selectionSearch = that.$selectionUl.prev(),
-                selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+    function addMultiSelect(id, placeholder) {
+        $(id).multiSelect({
+            selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                .on('keydown', function (e) {
-                    if (e.which === 40) {
-                        that.$selectableUl.focus();
-                        return false;
-                    }
-                });
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-            that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                .on('keydown', function (e) {
-                    if (e.which == 40) {
-                        that.$selectionUl.focus();
-                        return false;
-                    }
-                });
-        },
-        afterSelect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        },
-        afterDeselect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        }
-    });
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
+            },
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            },
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            }
+        });
+    }
+    addMultiSelect("#account_multi_user", "Username")
+    addMultiSelect("#account_domains", "Domain")
 </script>
 {% endblock %}

From 9a7bd27fe32b4d0d797bc92a44f47bbbf437256f Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Fri, 17 Feb 2023 23:07:36 +0000
Subject: [PATCH 200/475] Formatting changes

---
 .../templates/admin_edit_account.html         | 103 +++++++++---------
 1 file changed, 52 insertions(+), 51 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 8080733f4..046866cd3 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -109,21 +109,22 @@ <h3 class="card-title">Access Control</h3>
               </p>
               <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
               <div class="form-group col-2">
-                  <select multiple="multiple" class="form-control" id="account_domains"
-                      name="account_domains">
-                      {% for domain in domains %}
-                          {% if account != None and domain.account_id != None and account.id != domain.account_id %}
-                              {% with account_id=domain.account_id %}
-                                  <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}"
-                                      value="{{ domain.name }}">{{ domain.name }}</option>
-                              {% endwith %}
-                          {% else %}
-                              <option {% if account.id == domain.account_id %}selected{% endif %}
-                                  value="{{ domain.name }}">{{ domain.name }}</option>
-                          {% endif %}
-                      {% endfor %}
-                  </select>
-              </div>
+                <select multiple="multiple" class="form-control" id="account_domains" name="account_domains">
+                  {% for domain in domains %}
+                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                      {% with account_id=domain.account_id %}
+                        <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}" value="{{ domain.name }}">
+                          {{ domain.name }}
+                        </option>
+                      {% endwith %}
+                    {% else %}
+                      <option {% if account.id == domain.account_id %}selected{% endif %} value="{{ domain.name }}">
+                        {{ domain.name }}
+                      </option>
+                    {% endif %}
+                  {% endfor %}
+                </select>
+            </div>
           </div>
             <div class="card-footer">
               <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
@@ -167,44 +168,44 @@ <h3 class="card-title">Help with creating a new account</h3>
 {% endblock %}
 {% block extrascripts %}
 <script>
-    function addMultiSelect(id, placeholder) {
-        $(id).multiSelect({
-            selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-            selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-            afterInit: function (ms) {
-                var that = this,
-                    $selectableSearch = that.$selectableUl.prev(),
-                    $selectionSearch = that.$selectionUl.prev(),
-                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+  function addMultiSelect(id, placeholder) {
+    $(id).multiSelect({
+      selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+      selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+      afterInit: function (ms) {
+        var that = this,
+          $selectableSearch = that.$selectableUl.prev(),
+          $selectionSearch = that.$selectionUl.prev(),
+          selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+          selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                    .on('keydown', function (e) {
-                        if (e.which === 40) {
-                            that.$selectableUl.focus();
-                            return false;
-                        }
-                    });
+        that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+          .on('keydown', function (e) {
+            if (e.which === 40) {
+              that.$selectableUl.focus();
+              return false;
+            }
+          });
 
-                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                    .on('keydown', function (e) {
-                        if (e.which == 40) {
-                            that.$selectionUl.focus();
-                            return false;
-                        }
-                    });
-            },
-            afterSelect: function () {
-                this.qs1.cache();
-                this.qs2.cache();
-            },
-            afterDeselect: function () {
-                this.qs1.cache();
-                this.qs2.cache();
+        that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+          .on('keydown', function (e) {
+            if (e.which == 40) {
+              that.$selectionUl.focus();
+              return false;
             }
-        });
-    }
-    addMultiSelect("#account_multi_user", "Username")
-    addMultiSelect("#account_domains", "Domain")
+          });
+      },
+      afterSelect: function () {
+        this.qs1.cache();
+        this.qs2.cache();
+      },
+      afterDeselect: function () {
+        this.qs1.cache();
+        this.qs2.cache();
+      }
+    });
+  }
+  addMultiSelect("#account_multi_user", "Username")
+  addMultiSelect("#account_domains", "Domain")
 </script>
 {% endblock %}

From d12f03c734b47656e34280ff25c49cd10987dfeb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Feb 2023 18:32:36 -0500
Subject: [PATCH 201/475] Corrected dependency conflicts with the recently
 merged requirements.txt file.

Updated minor formatting issue with app's run.py file.
---
 requirements.txt | 4 ++--
 run.py           | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index ca5af4111..37740b177 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -40,7 +40,7 @@ Flask-SeaSurf==1.1.1
 PyYAML==6.0
 Jinja2==3.1.2
 itsdangerous==2.1.2
-werkzeug==2.1.2
-cryptography==36.0.2
+werkzeug==2.2.2
+cryptography==38.0.0
 flask_session_captcha==1.3.0
 lxml==4.6.5
\ No newline at end of file
diff --git a/run.py b/run.py
index 5512724d7..5ffcde31a 100755
--- a/run.py
+++ b/run.py
@@ -3,4 +3,4 @@
 
 if __name__ == '__main__':
     app = create_app()
-    app.run(debug = True, host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))
+    app.run(debug=True, host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))

From e82759cbc4f38320e3283dfdbaf49990257def46 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Feb 2023 19:00:09 -0500
Subject: [PATCH 202/475] Updated Docker file to include npm as a new
 requirement for the admin-lte npm module.

Also added session persistence setting to default and docker configuration files.

Changed the default persistence configuration of the default config file to use SQLite instead of MySQL.
---
 configs/docker_config.py        | 1 +
 docker/Dockerfile               | 1 +
 powerdnsadmin/default_config.py | 4 ++--
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 1099a4a4f..42fffd58c 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -4,6 +4,7 @@
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
+FILESYSTEM_SESSIONS_ENABLED = True
 
 legal_envvars = (
     'SECRET_KEY',
diff --git a/docker/Dockerfile b/docker/Dockerfile
index e9905d6d2..461823996 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -7,6 +7,7 @@ ARG BUILD_DEPENDENCIES="build-base \
     openldap-dev \
     python3-dev \
     xmlsec-dev \
+    npm \
     yarn \
     cargo"
 
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 81d0e323c..952e0d544 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,7 +8,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-FILESYSTEM_SESSIONS_ENABLED = False
+FILESYSTEM_SESSIONS_ENABLED = True
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 
@@ -28,7 +28,7 @@
 )
 
 ### DATABASE - SQLite
-# SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
+SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
 
 # SAML Authnetication
 SAML_ENABLED = False

From d2f135cc6e1716e717e8713d1b80cd97366f9890 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Feb 2023 19:07:05 -0500
Subject: [PATCH 203/475] Removed temporary style from login form that was used
 for recent development.

---
 powerdnsadmin/templates/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index e84bb8e61..f7ef1589c 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -17,7 +17,7 @@
   </head>
   <body class="hold-transition login-page">
     <div class="login-box">
-      <div class="card card-outline card-primary alert-danger">
+      <div class="card card-outline card-primary">
         <div class="card-header text-center">
           <a href="{{ url_for('index.index') }}" class="h3">
             {% if SETTING.get('site_name') %}

From 47b50e5e1e909326b410eacbc9dc97fdfcd8cc83 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Feb 2023 19:35:36 -0500
Subject: [PATCH 204/475] Updated default app config to comment out MySQL
 default settings.

---
 powerdnsadmin/default_config.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 952e0d544..fd21b989d 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -20,12 +20,12 @@
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 
 ### DATABASE - MySQL
-SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
-    urllib.parse.quote_plus(SQLA_DB_USER),
-    urllib.parse.quote_plus(SQLA_DB_PASSWORD),
-    SQLA_DB_HOST,
-    SQLA_DB_NAME
-)
+# SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
+#     urllib.parse.quote_plus(SQLA_DB_USER),
+#     urllib.parse.quote_plus(SQLA_DB_PASSWORD),
+#     SQLA_DB_HOST,
+#     SQLA_DB_NAME
+# )
 
 ### DATABASE - SQLite
 SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')

From 8ae8d33c1298f76c6f112e68ff761b4856170760 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Feb 2023 20:10:34 -0500
Subject: [PATCH 205/475] Removed duplicate entries from requirements.txt file.

---
 requirements.txt |  2 --
 yarn.lock        | 17 +++++------------
 2 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 37740b177..9087be43d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -35,8 +35,6 @@ pyasn1==0.4.8
 webcolors==1.12
 zipp==3.11.0
 pyOpenSSL==22.1.0
-Authlib==1.2.0
-Flask-SeaSurf==1.1.1
 PyYAML==6.0
 Jinja2==3.1.2
 itsdangerous==2.1.2
diff --git a/yarn.lock b/yarn.lock
index 3fe87df10..6225dfe8a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -42,6 +42,11 @@
   resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4"
   integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA==
 
+"@fortawesome/fontawesome-free@6.3.0":
+  version "6.3.0"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.3.0.tgz#b5877182692a6f7a39d1108837bec24247ba4bd7"
+  integrity sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA==
+
 "@fortawesome/fontawesome-free@^5.15.4":
   version "5.15.4"
   resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-5.15.4.tgz#ecda5712b61ac852c760d8b3c79c96adca5554e5"
@@ -52,11 +57,6 @@
   resolved "https://registry.yarnpkg.com/@lgaitan/pace-progress/-/pace-progress-1.0.7.tgz#c96fbbd9fd4cf528feed34ea0c8f9d8b3e98f0dd"
   integrity sha512-GMoTcF6WBpno7a7Iyx7M79os26d5bCDbh7YTZmXZM8YuLR3DDtwo0/CBYddStGD6QIBTieFDz4IAQiO0dAdRGw==
 
-"@stencil/core@^2.18.0":
-  version "2.22.2"
-  resolved "https://registry.yarnpkg.com/@stencil/core/-/core-2.22.2.tgz#f518b6bfae85352c72cd07fcaf2f2b61e0581fd9"
-  integrity sha512-r+vbxsGNcBaV1VDOYW25lv4QfXTlNoIb5GpUX7rZ+cr59yqYCZC5tlV+IzX6YgHKW62ulCc9M3RYtTfHtNbNNw==
-
 "@sweetalert2/theme-bootstrap-4@^5.0.8":
   version "5.0.15"
   resolved "https://registry.yarnpkg.com/@sweetalert2/theme-bootstrap-4/-/theme-bootstrap-4-5.0.15.tgz#bede688c13784acf73e01352e00d3e7fb8d69e01"
@@ -941,13 +941,6 @@ ion-rangeslider@^2.3.1:
   resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.1.tgz#92ade52cb56fc30b9162d0483ff02b6f9ed237c2"
   integrity sha512-6V+24FD13/feliI485gnRHZYD9Ev64M5NAFTxnVib516ATHa9PlXQrC+nOiPngouRYTCLPJyokAJEi3e1Umi5g==
 
-ionicons@^6.1.1:
-  version "6.1.1"
-  resolved "https://registry.yarnpkg.com/ionicons/-/ionicons-6.1.1.tgz#4c24c29aaf9ec235d741e7fe692e47ea814b1a7d"
-  integrity sha512-Qe6mx25DFNwA9UL1rhewI5StI3uD4+BqB2KdvLjyWhtvoUXwyAsmfHLZuDANAHQowIKtTt6BZCt5/g5NIQ635Q==
-  dependencies:
-    "@stencil/core" "^2.18.0"
-
 is-arguments@^1.0.4:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/is-arguments/-/is-arguments-1.1.1.tgz#15b3f88fda01f2a97fec84ca761a560f123efa9b"

From 35493fc218d1a27bfc36c2f6b056fb134542a26f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Feb 2023 08:53:46 -0500
Subject: [PATCH 206/475] Revert "Error pages updated for Font Awesome v6 -
 fa-solid"

This reverts commit e1bbe10fc31b9ef93492ad584e6af48a7fd99bdd.
---
 powerdnsadmin/templates/errors/400.html  | 2 +-
 powerdnsadmin/templates/errors/403.html  | 2 +-
 powerdnsadmin/templates/errors/404.html  | 2 +-
 powerdnsadmin/templates/errors/500.html  | 2 +-
 powerdnsadmin/templates/errors/SAML.html | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index d04363660..b6ea84c7f 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Bad request
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index a1063927b..44c75277f 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Access denied
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 1e89d15c1..70040a524 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! You're lost
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index 076548c63..c92c104dd 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index 72a583f64..a88c388ac 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -39,7 +39,7 @@ <h1 class="headline text-yellow" style="font-size:46px;">
       <br/>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <br>

From e2ad3e200179dd02bd8dfe42913b59bae9bd4263 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Feb 2023 09:04:37 -0500
Subject: [PATCH 207/475] Revert "Merge pull request #1371 from
 AgentTNT/AdminLTE-Upgrade"

This reverts commit 929cb6302da6bc0d78e2a7af9deb77cee9d80732, reversing
changes made to 0418edddd9e5ddba0fdbe2b2abd2cf016cf887a3.
---
 configs/development.py                        |   11 -
 package.json                                  |   14 +-
 powerdnsadmin/assets.py                       |  106 +-
 powerdnsadmin/routes/__init__.py              |    3 +-
 powerdnsadmin/routes/admin.py                 |   23 +-
 powerdnsadmin/routes/base.py                  |    2 -
 powerdnsadmin/routes/index.py                 |  115 +-
 powerdnsadmin/static/custom/js/custom.js      |   16 +-
 .../templates/admin_edit_account.html         |  357 ++-
 powerdnsadmin/templates/admin_edit_key.html   |  236 +-
 powerdnsadmin/templates/admin_edit_user.html  |  246 +-
 .../templates/admin_global_search.html        |  333 ++-
 powerdnsadmin/templates/admin_history.html    |  258 +--
 .../templates/admin_history_table.html        |  152 +-
 .../templates/admin_manage_account.html       |  161 +-
 .../templates/admin_manage_keys.html          |  244 +-
 .../templates/admin_manage_user.html          |  378 ++-
 powerdnsadmin/templates/admin_pdns_stats.html |  207 +-
 .../admin_setting_authentication.html         |  176 +-
 .../templates/admin_setting_basic.html        |  183 +-
 .../templates/admin_setting_pdns.html         |  175 +-
 .../templates/admin_setting_records.html      |  150 +-
 powerdnsadmin/templates/base.html             |  348 ++-
 powerdnsadmin/templates/dashboard.html        |  478 ++--
 powerdnsadmin/templates/dashboard_domain.html |   78 +-
 powerdnsadmin/templates/domain.html           |  396 ++--
 powerdnsadmin/templates/domain_add.html       |  410 ++--
 powerdnsadmin/templates/domain_changelog.html |  128 +-
 powerdnsadmin/templates/domain_remove.html    |  210 +-
 powerdnsadmin/templates/domain_setting.html   |  209 +-
 powerdnsadmin/templates/errors/400.html       |   77 +-
 powerdnsadmin/templates/errors/403.html       |   69 +-
 powerdnsadmin/templates/errors/404.html       |   69 +-
 powerdnsadmin/templates/errors/500.html       |   69 +-
 powerdnsadmin/templates/errors/SAML.html      |   90 +-
 powerdnsadmin/templates/login.html            |  313 ++-
 powerdnsadmin/templates/register.html         |  276 +--
 powerdnsadmin/templates/register_otp.html     |    2 +-
 powerdnsadmin/templates/template.html         |  202 +-
 powerdnsadmin/templates/template_add.html     |  193 +-
 powerdnsadmin/templates/template_edit.html    |  113 +-
 powerdnsadmin/templates/user_profile.html     |  298 ++-
 requirements.txt                              |   39 +-
 yarn.lock                                     | 2019 +++++++----------
 44 files changed, 4282 insertions(+), 5350 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index b848d0c86..d4bd24f23 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -15,17 +15,6 @@
 SQLA_DB_NAME = 'pda'
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 
-#CAPTCHA Config
-CAPTCHA_ENABLE = True
-CAPTCHA_LENGTH = 6
-CAPTCHA_WIDTH = 160
-CAPTCHA_HEIGHT = 60
-CAPTCHA_SESSION_KEY = 'captcha_image'
-
-#Server side sessions tracking
-#Set to TRUE for CAPTCHA, or enable another stateful session tracking system
-FILESYSTEM_SESSIONS_ENABLED = True
-
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #    urllib.parse.quote_plus(SQLA_DB_USER),
diff --git a/package.json b/package.json
index f6724c3ed..76982c81c 100644
--- a/package.json
+++ b/package.json
@@ -1,17 +1,15 @@
 {
   "dependencies": {
-    "@fortawesome/fontawesome-free": "6.3.0",
-    "admin-lte": "3.2.0",
-    "bootstrap": "4.6.2",
-    "bootstrap-datepicker": "^1.9.0",
+    "admin-lte": "2.4.9",
+    "bootstrap": "^3.4.1",
+    "bootstrap-datepicker": "^1.8.0",
     "bootstrap-validator": "^0.11.9",
-    "datatables.net-plugins": "^1.13.1",
+    "datatables.net-plugins": "^1.10.19",
     "icheck": "^1.0.2",
     "jquery-slimscroll": "^1.3.8",
-    "jquery-sparkline": "^2.4.0",
-    "jquery-ui-dist": "^1.13.2",
+    "jquery-ui-dist": "^1.12.1",
     "jquery.quicksearch": "^2.4.0",
-    "jtimeout": "^3.2.0",
+    "jtimeout": "^3.1.0",
     "multiselect": "^0.9.12"
   }
 }
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 7ad973f31..233e23adf 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -2,65 +2,67 @@
 
 
 class ConcatFilter(Filter):
-  """
-  Filter that merges files, placing a semicolon between them.
+    """
+    Filter that merges files, placing a semicolon between them.
 
-  Fixes issues caused by missing semicolons at end of JS assets, for example
-  with last statement of jquery.pjax.js.
-  """
-  def concat(self, out, hunks, **kw):
-    out.write(';'.join([h.data() for h, info in hunks]))
+    Fixes issues caused by missing semicolons at end of JS assets, for example
+    with last statement of jquery.pjax.js.
+    """
+    def concat(self, out, hunks, **kw):
+        out.write(';'.join([h.data() for h, info in hunks]))
 
-css_login = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
-  'node_modules/icheck/skins/square/blue.css',
-  'node_modules/admin-lte/dist/css/adminlte.css',
-  filters=('cssmin', 'cssrewrite'),
-  output='generated/login.css')
 
-js_login = Bundle(
-  'node_modules/jquery/dist/jquery.js',
-  'node_modules/bootstrap/dist/js/bootstrap.js',
-  'node_modules/icheck/icheck.js',
-  'custom/js/custom.js',
-  filters=(ConcatFilter, 'rjsmin'),
-  output='generated/login.js')
+css_login = Bundle('node_modules/bootstrap/dist/css/bootstrap.css',
+                   'node_modules/font-awesome/css/font-awesome.css',
+                   'node_modules/ionicons/dist/css/ionicons.css',
+                   'node_modules/icheck/skins/square/blue.css',
+                   'node_modules/admin-lte/dist/css/AdminLTE.css',
+                   filters=('cssmin', 'cssrewrite'),
+                   output='generated/login.css')
 
-js_validation = Bundle(
-  'node_modules/bootstrap-validator/dist/validator.js',
-  output='generated/validation.js')
+js_login = Bundle('node_modules/jquery/dist/jquery.js',
+                  'node_modules/bootstrap/dist/js/bootstrap.js',
+                  'node_modules/icheck/icheck.js',
+                  'custom/js/custom.js',
+                  filters=(ConcatFilter, 'rjsmin'),
+                  output='generated/login.js')
+
+js_validation = Bundle('node_modules/bootstrap-validator/dist/validator.js',
+                       output='generated/validation.js')
 
 css_main = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
-  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.min.css',
-  'node_modules/icheck/skins/square/blue.css',
-  'node_modules/multiselect/css/multi-select.css',
-  'node_modules/admin-lte/dist/css/adminlte.css',
-  'custom/css/custom.css',
-  'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-  filters=('cssmin', 'cssrewrite'),
-  output='generated/main.css')
+    'node_modules/bootstrap/dist/css/bootstrap.css',
+    'node_modules/font-awesome/css/font-awesome.css',
+    'node_modules/ionicons/dist/css/ionicons.css',
+    'node_modules/datatables.net-bs/css/dataTables.bootstrap.css',
+    'node_modules/icheck/skins/square/blue.css',
+    'node_modules/multiselect/css/multi-select.css',
+    'node_modules/admin-lte/dist/css/AdminLTE.css',
+    'node_modules/admin-lte/dist/css/skins/_all-skins.css',
+    'custom/css/custom.css',
+    'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
+    filters=('cssmin', 'cssrewrite'),
+    output='generated/main.css')
 
-js_main = Bundle(
-  'node_modules/jquery/dist/jquery.js',
-  'node_modules/jquery-ui-dist/jquery-ui.js',
-  'node_modules/bootstrap/dist/js/bootstrap.bundle.js',
-  'node_modules/datatables.net/js/jquery.dataTables.js',
-  'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
-  'node_modules/jquery-sparkline/jquery.sparkline.js',
-  'node_modules/jquery-slimscroll/jquery.slimscroll.js',
-  'node_modules/icheck/icheck.js',
-  'node_modules/fastclick/lib/fastclick.js',
-  'node_modules/moment/moment.js',
-  'node_modules/admin-lte/dist/js/adminlte.js',
-  'node_modules/multiselect/js/jquery.multi-select.js',
-  'node_modules/datatables.net-plugins/sorting/natural.js',
-  'node_modules/jtimeout/src/jTimeout.js',
-  'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
-  'custom/js/custom.js',
-  'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
-  filters=(ConcatFilter, 'rjsmin'),
-  output='generated/main.js')
+js_main = Bundle('node_modules/jquery/dist/jquery.js',
+                 'node_modules/jquery-ui-dist/jquery-ui.js',
+                 'node_modules/bootstrap/dist/js/bootstrap.js',
+                 'node_modules/datatables.net/js/jquery.dataTables.js',
+                 'node_modules/datatables.net-bs/js/dataTables.bootstrap.js',
+                 'node_modules/jquery-sparkline/jquery.sparkline.js',
+                 'node_modules/jquery-slimscroll/jquery.slimscroll.js',
+                 'node_modules/icheck/icheck.js',
+                 'node_modules/fastclick/lib/fastclick.js',
+                 'node_modules/moment/moment.js',
+                 'node_modules/admin-lte/dist/js/adminlte.js',
+                 'node_modules/multiselect/js/jquery.multi-select.js',
+                 'node_modules/datatables.net-plugins/sorting/natural.js',
+                 'node_modules/jtimeout/src/jTimeout.js',
+                 'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
+                 'custom/js/custom.js',
+                 'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
+                 filters=(ConcatFilter, 'rjsmin'),
+                 output='generated/main.js')
 
 assets = Environment()
 assets.register('js_login', js_login)
diff --git a/powerdnsadmin/routes/__init__.py b/powerdnsadmin/routes/__init__.py
index 598b17a7b..7d8aa9a46 100644
--- a/powerdnsadmin/routes/__init__.py
+++ b/powerdnsadmin/routes/__init__.py
@@ -1,5 +1,5 @@
 from .base import (
-    captcha, csrf, login_manager, handle_bad_request, handle_unauthorized_access,
+    csrf, login_manager, handle_bad_request, handle_unauthorized_access,
     handle_access_forbidden, handle_page_not_found, handle_internal_server_error
 )
 
@@ -14,7 +14,6 @@
 def init_app(app):
     login_manager.init_app(app)
     csrf.init_app(app)
-    captcha.init_app(app)
 
     app.register_blueprint(index_bp)
     app.register_blueprint(user_bp)
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 98f4ef9e2..e419fa888 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -795,7 +795,7 @@ def __init__(self, history, change_set):
         if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a domain creation
             self.detailed_msg = render_template_string("""
                     <table class="table table-bordered table-striped">
-                        <tr><td>Domain Type:</td><td>{{ domaintype }}</td></tr>
+                        <tr><td>Domain type:</td><td>{{ domaintype }}</td></tr>
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
@@ -804,23 +804,22 @@ def __init__(self, history, change_set):
 
         elif 'authenticator' in detail_dict: # this is a user authentication
             self.detailed_msg = render_template_string("""
-                <table class="table table-bordered table-striped"">
-                    <tbody>
-                        <tr>
-                            <td>Username:</td>
-                            <td>{{ username }}</td>
-                        </tr>
+                <table class="table table-bordered table-striped" style="width:565px;">
+                    <thead>
                         <tr>
-                            <td>Authentication Result:</td>
-                            <td>{{ auth_result }}</td>
+                            <th colspan="3" style="background: rgba({{ background_rgba }});">
+                                <p style="color:white;">User {{ username }} authentication {{ auth_result }}</p>
+                            </th>
                         </tr>
+                    </thead>
+                    <tbody>
                         <tr>
                             <td>Authenticator Type:</td>
-                            <td>{{ authenticator }}</td>
+                            <td colspan="2">{{ authenticator }}</td>
                         </tr>
                         <tr>
-                            <td>IP Address:</td>
-                            <td>{{ ip_address }}</td>
+                            <td>IP Address</td>
+                            <td colspan="2">{{ ip_address }}</td>
                         </tr>
                     </tbody>
                 </table>
diff --git a/powerdnsadmin/routes/base.py b/powerdnsadmin/routes/base.py
index 7af342ce3..16ed00ae8 100644
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@@ -3,12 +3,10 @@
 from flask import render_template, url_for, redirect, session, request, current_app
 from flask_login import LoginManager
 from flask_seasurf import SeaSurf
-from flask_session_captcha import FlaskSessionCaptcha
 
 from ..models.user import User
 
 
-captcha = FlaskSessionCaptcha()
 csrf = SeaSurf()
 login_manager = LoginManager()
 
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 14ad2754c..117fe14b5 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -10,7 +10,7 @@
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
 from flask_login import login_user, logout_user, login_required, current_user
 
-from .base import captcha, csrf, login_manager
+from .base import csrf, login_manager
 from ..lib import utils
 from ..decorators import dyndns_login_required
 from ..models.base import db
@@ -400,7 +400,7 @@ def login():
             desc_prop = Setting().get('oidc_oauth_account_description_property')
 
             account_to_add = []
-      #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
+	    #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
             if name_prop in me and desc_prop in me:
                 accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
                 accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
@@ -415,7 +415,7 @@ def login():
                     account_to_add.append(account)
                 user_accounts = user.get_accounts()
 
-    # Add accounts
+		# Add accounts
                 for account in account_to_add:
                     if account not in user_accounts:
                         account.add_user(user)
@@ -651,73 +651,50 @@ def logout():
 
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
-  CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
-  if Setting().get('signup_enabled'):
-    if current_user.is_authenticated:
-      return redirect(url_for('index.index'))
-    if request.method == 'GET':
-      return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
-    elif request.method == 'POST':
-      username = request.form.get('username', '').strip()
-      password = request.form.get('password', '')
-      firstname = request.form.get('firstname', '').strip()
-      lastname = request.form.get('lastname', '').strip()
-      email = request.form.get('email', '').strip()
-      rpassword = request.form.get('rpassword', '')
-
-      is_valid_email = re.compile(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$')
-
-      error_messages = {}
-      if not firstname:
-        error_messages['firstname'] = 'First Name is required'
-      if not lastname:
-        error_messages['lastname'] = 'Last Name is required'
-      if not username:
-        error_messages['username'] = 'Username is required'
-      if not password:
-        error_messages['password'] = 'Password is required'
-      if not rpassword:
-        error_messages['rpassword'] = 'Password confirmation is required'
-      if not email:
-        error_messages['email'] = 'Email is required'
-      if not is_valid_email.match(email):
-        error_messages['email'] = 'Invalid email address'
-      if password != rpassword:
-        error_messages['password'] = 'Password confirmation does not match'
-        error_messages['rpassword'] = 'Password confirmation does not match'
-
-      if not captcha.validate():
-        return render_template(
-          'register.html', error='Invalid CAPTCHA answer', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
-
-      if error_messages:
-        return render_template('register.html', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
-
-      user = User(username=username,
-        plain_text_password=password,
-        firstname=firstname,
-        lastname=lastname,
-        email=email
-      )
-
-      try:
-        result = user.create_local_user()
-        if result and result['status']:
-          if Setting().get('verify_user_email'):
-            send_account_verification(email)
-          if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
-            user.update_profile(enable_otp=True)
-            prepare_welcome_user(user.id)
-            return redirect(url_for('index.welcome'))
-          else:
-            return redirect(url_for('index.login'))
-        else:
-          return render_template('register.html',
-            error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
-      except Exception as e:
-        return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
+    if Setting().get('signup_enabled'):
+        if request.method == 'GET':
+            return render_template('register.html')
+        elif request.method == 'POST':
+            username = request.form.get('username', '').strip()
+            password = request.form.get('password', '')
+            firstname = request.form.get('firstname', '').strip()
+            lastname = request.form.get('lastname', '').strip()
+            email = request.form.get('email', '').strip()
+            rpassword = request.form.get('rpassword', '')
+
+            if not username or not password or not email:
+                return render_template(
+                    'register.html', error='Please input required information')
+
+            if password != rpassword:
+                return render_template(
+                    'register.html',
+                    error="Password confirmation does not match")
+
+            user = User(username=username,
+                        plain_text_password=password,
+                        firstname=firstname,
+                        lastname=lastname,
+                        email=email)
+
+            try:
+                result = user.create_local_user()
+                if result and result['status']:
+                    if Setting().get('verify_user_email'):
+                        send_account_verification(email)
+                    if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
+                        user.update_profile(enable_otp=True)
+                        prepare_welcome_user(user.id)
+                        return redirect(url_for('index.welcome'))
+                    else:
+                        return redirect(url_for('index.login'))
+                else:
+                    return render_template('register.html',
+                                           error=result['msg'])
+            except Exception as e:
+                return render_template('register.html', error=e)
     else:
-      return render_template('errors/404.html'), 404
+        return render_template('errors/404.html'), 404
 
 
 # Show welcome page on first login if otp_force is enabled
diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index 0f096bf05..e4b72b16e 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -287,18 +287,4 @@ function copy_otp_secret_to_clipboard() {
     navigator.clipboard.writeText(copyBox.value);
     $("#copy_tooltip").css("visibility", "visible");
     setTimeout(function(){ $("#copy_tooltip").css("visibility", "collapse"); }, 2000);
-  }
-
-// Side menu nav bar active selection
-/** add active class and stay opened when selected */
-var url = window.location;
-
-// for sidebar menu entirely but not cover treeview
-$('ul.nav-sidebar a').filter(function() {
-    return this.href == url;
-}).addClass('active');
-
-// for treeview
-$('ul.nav-treeview a').filter(function() {
-    return this.href == url;
-}).parentsUntil(".nav-sidebar > .nav-treeview").addClass('menu-open').prev('a').addClass('active');
+  }
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 046866cd3..ee8d1be6e 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -1,211 +1,192 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_accounts" %}
-
-{% block title %}
-<title>
-  Edit Account - {{ SITE_NAME }}
-</title>
-{% endblock %}
+{% block title %}<title>Edit Account - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            {% if create %}Add Account{% else %}Edit Account{% endif %}
-            <small>{% if create %}Account{% else %}{{ account.name }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add Account{% else %}Edit Account: {{ account.name }}{% endif %}</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Account
+        <small>{% if create %}New account{% else %}{{ account.name }}{% endif %}</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
+        <li class="active">{% if create %}Add{% else %}Edit{% endif %} account</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Account</h3>
-          </div>
-          <form role="form" method="post" action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              {% if error %}
-                <div class="alert alert-danger alert-dismissible">
-                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
-                  {{ error }}
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
                 </div>
-                <span class="help-block">{{ error }}</span>
-              {% endif %}
-              <div class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
-                <label class="control-label" for="accountname">Name</label>
-                <input type="text" class="form-control" placeholder="Account Name (required)"
-                  name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
-                  {% if not create %}disabled{% endif %} required>
-                <span class="form-control-feedback"></span>
-                {% if invalid_accountname %}
-                  <span class="help-block text-danger">Cannot be blank and must only contain alphanumeric
-                    characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.
-                  </span>
-                {% elif duplicate_accountname %}
-                  <span class="help-block text-danger">Account name already in use.</span>
-                {% endif %}
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountdescription">Description</label>
-                <input type="text" class="form-control" placeholder="Account Description (optional)"
-                  name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
-                <span class="orm-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountcontact">Contact Person</label>
-                <input type="text" class="form-control" placeholder="Contact Person (optional)"
-                  name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountmail">Mail Address</label>
-                <input type="email" class="form-control" placeholder="Mail Address (optional)"
-                  name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-            </div>
-            <div class="card-header">
-              <h3 class="card-title">Access Control</h3>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post"
+                    action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="create" value="{{ create }}">
+                    <div class="box-body">
+                        {% if error %}
+                        <div class="alert alert-danger alert-dismissible">
+                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                            {{ error }}
+                        </div>
+                        <span class="help-block">{{ error }}</span>
+                        {% endif %}
+                        <div
+                            class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
+                            <label class="control-label" for="accountname">Name</label>
+                            <input type="text" class="form-control" placeholder="Account Name (required)"
+                                name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
+                                {% if not create %}disabled{% endif %}>
+                            <span class="fa fa-cog form-control-feedback"></span>
+                            {% if invalid_accountname %}
+                            <span class="help-block">Cannot be blank and must only contain alphanumeric
+                                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.</span>
+                            {% elif duplicate_accountname %}
+                            <span class="help-block">Account name already in use.</span>
+                            {% endif %}
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="accountdescription">Description</label>
+                            <input type="text" class="form-control" placeholder="Account Description (optional)"
+                                name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
+                            <span class="fa fa-industry form-control-feedback"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="accountcontact">Contact Person</label>
+                            <input type="text" class="form-control" placeholder="Contact Person (optional)"
+                                name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
+                            <span class="fa fa-user form-control-feedback"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="accountmail">Mail Address</label>
+                            <input type="email" class="form-control" placeholder="Mail Address (optional)"
+                                name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
+                            <span class="fa fa-envelope form-control-feedback"></span>
+                        </div>
+                    </div>
+                    <div class="box-header with-border">
+                        <h3 class="box-title">Access Control</h3>
+                    </div>
+                    <div class="box-body">
+                        <p>Users on the right have access to manage records in all domains
+                            associated with the account.</p>
+                        <p>Click on users to move between columns.</p>
+                        <div class="form-group col-xs-2">
+                            <select multiple="multiple" class="form-control" id="account_multi_user"
+                                name="account_multi_user">
+                                {% for user in users %}
+                                <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
+                                    value="{{ user.username }}">{{ user.username }}</option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
+                    <div class="box-body">
+                        <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
+                            Moving already associated domains to this account will overwrite the previous associated account.
+                        </p>
+                        <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
+                        <div class="form-group col-xs-2">
+                            <select multiple="multiple" class="form-control" id="account_domains"
+                                name="account_domains">
+                                {% for domain in domains %}
+                                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                                        {% with account_id=domain.account_id %}
+                                            <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}"
+                                                value="{{ domain.name }}">{{ domain.name }}</option>
+                                        {% endwith %}
+                                    {% else %}
+                                        <option {% if account.id == domain.account_id %}selected{% endif %}
+                                            value="{{ domain.name }}">{{ domain.name }}</option>
+                                    {% endif %}
+                                {% endfor %}
+                            </select>
+                        </div>
+                    </div>
+                    <div class="box-footer">
+                        <button type="submit"
+                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
+                            Account</button>
+                    </div>
+                </form>
             </div>
-            <div class="card-body">
-              <p>Users on the right have access to manage records in all domains
-                associated with the account.
-              </p>
-              <p>Click on users to move between columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="account_multi_user"
-                  name="account_multi_user">
-                  {% for user in users %}
-                    <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
-                      value="{{ user.username }}">{{ user.username }}
-                    </option>
-                  {% endfor %}
-                </select>
-              </div>
-            </div>
-            <div class="card-body">
-              <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
-                  Moving already associated domains to this account will overwrite the previous associated account.
-              </p>
-              <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="account_domains" name="account_domains">
-                  {% for domain in domains %}
-                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
-                      {% with account_id=domain.account_id %}
-                        <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}" value="{{ domain.name }}">
-                          {{ domain.name }}
-                        </option>
-                      {% endwith %}
-                    {% else %}
-                      <option {% if account.id == domain.account_id %}selected{% endif %} value="{{ domain.name }}">
-                        {{ domain.name }}
-                      </option>
-                    {% endif %}
-                  {% endfor %}
-                </select>
-            </div>
-          </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
-                Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                {% if create %}Create{% else %}Update{% endif %} Account
-              </button>
-            </div>
-          </form>
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new account</h3>
-          </div>
-          <div class="card-body">
-            <p>
-              An account allows grouping of domains belonging to a particular entity, such as a customer or
-              department.
-              <br />
-              A domain can be assigned to an account upon domain creation or through the domain administration
-              page.
-            </p>
-            <p>Fill in all the fields to the in the form to the left.</p>
-            <p>
-              <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
-                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
-                {% else %} (no extra character is allowed){% endif %}.<br />
-              <strong>Description</strong> is a user friendly name for this account.<br />
-              <strong>Contact person</strong> is the name of a contact person at the account.<br />
-              <strong>Mail Address</strong> is an e-mail address for the contact person.
-            </p>
-          </div>
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help with creating a new account</h3>
+                </div>
+                <div class="box-body">
+                    <p>
+                        An account allows grouping of domains belonging to a particular entity, such as a customer or
+                        department.<br />
+                        A domain can be assigned to an account upon domain creation or through the domain administration
+                        page.
+                    </p>
+                    <p>Fill in all the fields to the in the form to the left.</p>
+                    <p>
+                        <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
+                        characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
+                        {% else %} (no extra character is allowed){% endif %}.<br />
+                        <strong>Description</strong> is a user friendly name for this account.<br />
+                        <strong>Contact person</strong> is the name of a contact person at the account.<br />
+                        <strong>Mail Address</strong> is an e-mail address for the contact person.
+                    </p>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
-  function addMultiSelect(id, placeholder) {
-    $(id).multiSelect({
-      selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-      selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-      afterInit: function (ms) {
-        var that = this,
-          $selectableSearch = that.$selectableUl.prev(),
-          $selectionSearch = that.$selectionUl.prev(),
-          selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-          selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+    function addMultiSelect(id, placeholder) {
+        $(id).multiSelect({
+            selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-        that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-          .on('keydown', function (e) {
-            if (e.which === 40) {
-              that.$selectableUl.focus();
-              return false;
-            }
-          });
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-        that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-          .on('keydown', function (e) {
-            if (e.which == 40) {
-              that.$selectionUl.focus();
-              return false;
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
+            },
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            },
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
             }
-          });
-      },
-      afterSelect: function () {
-        this.qs1.cache();
-        this.qs2.cache();
-      },
-      afterDeselect: function () {
-        this.qs1.cache();
-        this.qs2.cache();
-      }
-    });
-  }
-  addMultiSelect("#account_multi_user", "Username")
-  addMultiSelect("#account_domains", "Domain")
+        });
+    }
+    addMultiSelect("#account_multi_user", "Username")
+    addMultiSelect("#account_domains", "Domain")
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 23f58d33a..6a9434025 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -1,92 +1,80 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_keys" %}
-
 {% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
-
 {% block title %}
-  <title>
-    Edit Key - {{ SITE_NAME }}
-  </title>
+<title>Edit Key - {{ SITE_NAME }}</title>
 {% endblock %}
-
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            API Keys
-            <small>{% if create %}Add API Key{% else %}Edit API Key - {{ key.id }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_keys') }}">API Keys</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add API Key{% else %}Edit API Key - {% endif %}{{ key.id }}</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Key
+        <small>{% if create %}New key{% else %}{{ key.id }}{% endif %}</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li><a href="{{ url_for('admin.manage_keys') }}">Key</a></li>
+        <li class="active">{% if create %}Add{% else %}Edit{% endif %} key</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
-  <div class="row">
-    <div class="col-4">
-      <div class="card ">
-        <div class="card-header">
-          <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
-        </div>
-        <form role="form" method="post"
-        action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
-          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-          <input type="hidden" name="create" value="{{ create }}">
-          <div class="card-body">
-            <div class="form-group has-feedback">
-              <label class="control-label" for="role">Role</label>
-              <select class="key_role form-control" id="key_role" name="key_role">
-                {% for role in roles %}
-                  <option value="{{ role.name }}"
-                  {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
-                  {% if (key is none) and (role.name=="User") %}selected{% endif %}>
-                    {{ role.name }}
-                  </option>
-                {% endfor %}
-              </select>
-            </div>
-            <div class="form-group has-feedback">
-              <label class="control-label" for="description">Description</label>
-                <input type="text" class="form-control" placeholder="Description" name="description"
-                {% if key is not none %} value="{{ key.description }}" {% endif %}>
-                <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
-              </div>
-            </div>
-            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <h3 class="card-title">Accounts Access Control</h3>
-            </div>
-            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <p>This key will be linked to the accounts on the right,</p>
-              <p>thus granting access to domains owned by the selected accounts.</p>
-              <p>Click on accounts to move between the columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="key_multi_account" name="key_multi_account">
-                  {% for account in accounts %}
-                    <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
-                  {% endfor %}
-                </select>
-              </div>
-            </div>
-            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <h3 class="card-title">Domain Access Control</h3>
-            </div>
-                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+    <div class="row">
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
+                </div>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post"
+                    action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="create" value="{{ create }}">
+                    <div class="box-body">
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="role">Role</label>
+                            <select class="key_role form-control" id="key_role" name="key_role">
+                                {% for role in roles %}
+                                <option value="{{ role.name }}"
+                                {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
+                                {% if (key is none) and (role.name=="User") %}selected{% endif %}
+                                >{{ role.name }}</option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="description">Description</label>
+                            <input type="text" class="form-control" placeholder="Description" name="description"
+                                {% if key is not none %} value="{{ key.description }}" {% endif %}> <span
+                                class="glyphicon glyphicon-pencil form-control-feedback"></span>
+                        </div>
+                    </div>
+                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                      <h3 class="box-title">Accounts Access Control</h3>
+                    </div>
+                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                      <p>This key will be linked to the accounts on the right,</p>
+                      <p>thus granting access to domains owned by the selected accounts.</p>
+                      <p>Click on accounts to move between the columns.</p>
+                      <div class="form-group col-xs-2">
+                          <select multiple="multiple" class="form-control" id="key_multi_account"
+                              name="key_multi_account">
+                              {% for account in accounts %}
+                                  <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
+                              {% endfor %}
+                          </select>
+                      </div>
+                    </div>
+                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                        <h3 class="box-title">Domain Access Control</h3>
+                    </div>
+                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                         <p>This key will have acess to the domains on the right.</p>
                         <p>Click on domains to move between the columns.</p>
-                        <div class="form-group col-2">
+                        <div class="form-group col-xs-2">
                             <select multiple="multiple" class="form-control" id="key_multi_domain"
                                 name="key_multi_domain">
                                 {% for domain in domains %}
@@ -95,24 +83,21 @@ <h3 class="card-title">Domain Access Control</h3>
                             </select>
                         </div>
                     </div>
-                    <div class="card-footer">
-                      <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_keys') }}'">
-                        <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-                      </button>
-                      <button type="submit" class="btn btn-primary float-right" id="key_submit">
-                        <i class="fa-solid fa-save"></i>&nbsp;{% if create %}Create{% else %}Update{% endif %} Key
-                      </button>
+                    <div class="box-footer">
+                        <button type="submit"
+                            class="btn btn-flat btn-primary" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
+                            Key</button>
                     </div>
                 </form>
             </div>
         </div>
-        <div class="col-8">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
                     </h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p>Fill in all the fields in the form to the left.</p>
                     <p><strong>Role</strong> The role of the key.</p>
                     <p><strong>Description</strong> The key description.</p>
@@ -121,10 +106,8 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
             </div>
         </div>
     </div>
-    </div>
 </section>
 {% endblock %}
-
 {% block extrascripts %}
 <script>
     $('form').submit(function (e) {
@@ -242,7 +225,7 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
     {% if plain_key %}
     $(document.body).ready(function () {
         var modal = $("#modal_show_key");
-        var info = "Please copy this key to a secure location. You will be unable to view it again once you close this window: {{ plain_key }}";
+        var info = "{{ plain_key }}";
         modal.find('.modal-body p').text(info);
         modal.find('#button_key_confirm').click(redirect_modal);
         modal.find('#button_close_modal').click(redirect_modal);
@@ -258,46 +241,45 @@ <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating
 {% endblock %}
 {% block modals %}
 <div class="modal fade" id="modal_show_key">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h5 class="modal-title">New API Key</h5>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-primary" id="button_key_confirm">
-          Confirm
-        </button>
-      </div>
+    <div class="modal-dialog">
+        <div class="modal-content modal-sm">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Your API key</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm">
+                    Confirm</button>
+            </div>
+        </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade" id="modal_warning">
   <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h5 class="modal-title">WARNING</h5>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
+      <div class="modal-content modal-sm">
+          <div class="modal-header">
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+                  <span aria-hidden="true">&times;</span>
+              </button>
+              <h4 class="modal-title">WARNING</h4>
+          </div>
+          <div class="modal-body">
+              <p></p>
+          </div>
+          <div class="modal-footer">
+              <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm_warn">
+                  OK</button>
+          </div>
       </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary close" data-dismiss="modal" id="button_close_modal">
-          Close
-        </button>
-        <button type="button" class="btn btn-primary" id="button_key_confirm_warn">
-          OK
-        </button>
-      </div>
-    </div>
+      <!-- /.modal-content -->
   </div>
+  <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 9e954fe74..34f4272bc 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -1,148 +1,127 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_users" %}
-
-{% block title %}
-  <title>
-    {% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %} - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Edit User - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Users
-            <small>{% if create %}New user{% else %}Edit user {{ user.username }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_user') }}">Users</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %}</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        User
+        <small>{% if create %}New user{% else %}{{ user.username }}{% endif %}</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li><a href="{{ url_for('admin.manage_user') }}">User</a></li>
+        <li class="active">{% if create %}Add{% else %}Edit{% endif %} user</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-4">
-        <div class="card card-secondary">
-          <div class="card-header with-border">
-            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
-          </div>
-          <form role="form" method="post"
-            action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              {% if error %}
-                <div class="alert alert-danger alert-dismissible">
-                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
-                  {{ error }}
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
                 </div>
-                <span class="help-block">{{ error }}</span>
-              {% endif %}
-              <div class="form-group has-feedback">
-                <label class="control-label" for="firstname">First Name</label>
-                <input type="text" class="form-control" placeholder="First Name" name="firstname"
-                  {% if user %}value="{{ user.firstname }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="lastname">Last Name</label>
-                <input type="text" class="form-control" placeholder="Last name" name="lastname"
-                  {% if user %}value="{{ user.lastname }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="email">E-mail address</label>
-                <input type="email" class="form-control" placeholder="Email" name="email" id="email"
-                  {% if user %}value="{{ user.email }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <p class="login-box-msg">Enter the account details below</p>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="username">Username</label>
-                <input type="text" class="form-control" placeholder="Username" name="username"
-                  {% if user %}value="{{ user.username }}" {% endif %}
-                  {% if not create %}disabled{% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
-                <label class="control-label" for="username">Password</label>
-                <input type="password" class="form-control"
-                  placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
-                  name="password">
-                <span class="form-control-feedback"></span>
-                {% if blank_password %}
-                  <span class="help-block">The password cannot be blank.</span>
-                {% endif %}
-              </div>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post"
+                    action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="create" value="{{ create }}">
+                    <div class="box-body">
+                        {% if error %}
+                        <div class="alert alert-danger alert-dismissible">
+                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                            {{ error }}
+                        </div>
+                        <span class="help-block">{{ error }}</span>
+                        {% endif %}
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="firstname">First Name</label>
+                            <input type="text" class="form-control" placeholder="First Name" name="firstname"
+                                {% if user %}value="{{ user.firstname }}" {% endif %}> <span
+                                class="glyphicon glyphicon-user form-control-feedback"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="lastname">Last Name</label>
+                            <input type="text" class="form-control" placeholder="Last name" name="lastname"
+                                {% if user %}value="{{ user.lastname }}" {% endif %}> <span
+                                class="glyphicon glyphicon-user form-control-feedback"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="email">E-mail address</label>
+                            <input type="email" class="form-control" placeholder="Email" name="email" id="email"
+                                {% if user %}value="{{ user.email }}" {% endif %}> <span
+                                class="glyphicon glyphicon-envelope form-control-feedback"></span>
+                        </div>
+                        <p class="login-box-msg">Enter the account details below</p>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="username">Username</label>
+                            <input type="text" class="form-control" placeholder="Username" name="username"
+                                {% if user %}value="{{ user.username }}" {% endif %}
+                                {% if not create %}disabled{% endif %}> <span
+                                class="glyphicon glyphicon-user form-control-feedback"></span>
+                        </div>
+                        <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
+                            <label class="control-label" for="username">Password</label>
+                            <input type="password" class="form-control"
+                                placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
+                                name="password"> <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+                            {% if blank_password %}
+                            <span class="help-block">The password cannot be blank.</span>
+                            {% endif %}
+                        </div>
+                    </div>
+                    <div class="box-footer">
+                        <button type="submit"
+                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
+                            User</button>
+                    </div>
+                </form>
             </div>
-            <div class="card-footer">
-              <button type="submit" class="btn btn-primary">
-                {% if create %}Create{% else %}Update{% endif %} User
-              </button>
+            {% if not create %}
+            <div class="box box-secondary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Two Factor Authentication</h3>
+                </div>
+                <div class="box-body">
+                    <p>If two factor authentication was configured and is causing problems due to a lost device or
+                        technical issue, it can be disabled here.</p>
+                    <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
+                    <p><strong>Beware: This could compromise security!</strong></p>
+                </div>
+                <div class="box-footer">
+                    <button type="button" class="btn btn-flat btn-warning button_otp_disable" id="{{ user.username }}"
+                        {% if not user.otp_secret %}disabled{% endif %}>Disable Two Factor Authentication</button>
+                </div>
             </div>
-          </form>
+            {% endif %}
         </div>
-        {% if not create %}
-          {% if user.otp_secret %}
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Two Factor Authentication</h3>
-              </div>
-              <div class="card-body">
-                <p>If two factor authentication is configured for this user and is causing problems due to a lost device or
-                  technical issue, it can be disabled here.
-                </p>
-                <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
-                <p><strong>Beware: This could compromise security!</strong></p>
-              </div>
-              <div class="card-footer">
-                <button type="button" class="btn btn-warning button_otp_disable" id="{{ user.username }}">
-                  Disable Two Factor Authentication
-                </button>
-              </div>
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} user
+                    </h3>
+                </div>
+                <div class="box-body">
+                    <p>Fill in all the fields to the in the form to the left.</p>
+                    {% if create %}
+                    <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
+                        access to the user once it is created via the domain management buttons on the dashboard.</p>
+                    {% else %}
+                    <p><strong>Password</strong> can be left empty to keep the current password.</p>
+                    <p><strong>Username</strong> cannot be changed.</p>
+                    {% endif %}
+                </div>
             </div>
-          {% endif %}
-        {% endif %}
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">
-              Help with {% if create %}creating a new{% else%}editing a{% endif %} user
-            </h3>
-          </div>
-          <div class="card-body">
-            <p>Fill in all the fields to the in the form to the left.</p>
-            {% if create %}
-              <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
-                access to the user once it is created via the domain management buttons on the dashboard.
-              </p>
-            {% else %}
-              <p><strong>Username</strong> cannot be changed.</p>
-              <p><strong>Password</strong> can be left empty to keep the current password.</p>
-            {% endif %}
-          </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
-
 {% block extrascripts %}
 <script>
     // handle disabling two factor authentication
@@ -168,21 +147,18 @@ <h3 class="card-title">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-default" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-danger float-right" id="button_otp_disable_confirm">
-                  Disable Two Factor Authentication
-                </button>
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_otp_disable_confirm">Disable Two Factor
+                    Authentication</button>
             </div>
         </div>
     </div>
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index dfe14a67c..2e38bf191 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -1,201 +1,190 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_global_search" %}
-
 {% block title %}
-  <title>
-    Global Search - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Global Search
-            <small>Search for domains, records and comments directly from PDNS API</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Global Search</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Global Search</h3>
-            </div>
-            <div class="card-body">
-              <form action="" method="get">
-                <div class="input-group">
-                  <input type="text" name="q" class="form-control" placeholder="Your keyword...">
-                  <div class="input-group-btn">
-                    <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
-                  </div>
+<title>Global Search - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Global Search <small>Search for domains, records and comments directly from PDNS API</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Global Search</li>
+    </ol>
+</section>
+{% endblock %} {% block content %}
+<section class="content">
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box-body">
+                <!-- search form -->
+                <form action="" method="get">
+                    <div class="input-group">
+                        <input type="text" name="q" class="form-control" placeholder="Your keyword...">
+                        <div class="input-group-btn">
+                            <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
+                        </div>
+                    </div>
+                </form>
+                <div>
+                    <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
+                        a wildcard for a
+                        single character.</p>
                 </div>
-              </form>
-              <div>
-                <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
-                  a wildcard for a
-                  single character.
-                </p>
-              </div>
+                <!-- /.search form -->
             </div>
-          </div>
         </div>
-      </div>
-
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Domains ({{ domains|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_domain" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Domain</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for domain in domains %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+    </div>
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Domains ({{ domains|length }})</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_domain" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Domain</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for domain in domains %}
+                            <tr class="odd gradeX">
+                                <td>
+                                    <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
+    </div>
 
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Records ({{ records|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_record" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Name</th>
-                    <th>Type</th>
-                    <th>Status</th>
-                    <th>TTL</th>
-                    <th>Data</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for record in records %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
-                      </td>
-                      <td>{{ record['type'] }}</td>
-                      <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
-                      <td>{{ record['ttl'] }}</td>
-                      <td>{{ record['content'] }}</td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Records ({{ records|length }})</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_record" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Name</th>
+                                <th>Type</th>
+                                <th>Status</th>
+                                <th>TTL</th>
+                                <th>Data</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for record in records %}
+                            <tr class="odd gradeX">
+                                <td>
+                                    <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
+                                </td>
+                                <td>{{ record['type'] }}</td>
+                                <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
+                                <td>{{ record['ttl'] }}</td>
+                                <td>{{ record['content'] }}</td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
+    </div>
 
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Comments ({{ comments|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_comment" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Comment</th>
-                    <th>Record</th>
-                    <th>Domain</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for comment in comments %}
-                    <tr class="odd gradeX">
-                      <td>{{ comment['content'] }}</td>
-                      <td>{{ comment['name'] }}</td>
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Comments ({{ comments|length }})</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_comment" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Comment</th>
+                                <th>Record</th>
+                                <th>Domain</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for comment in comments %}
+                            <tr class="odd gradeX">
+                                <td>{{ comment['content'] }}</td>
+                                <td>{{ comment['name'] }}</td>
+                                <td>
+                                    <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
     </div>
-  </section>
+</section>
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
+<script>
     // set up domain result data table
     $("#tbl_domain").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
+        "paging": false,
+        "lengthChange": false,
+        "searching": false,
+        "ordering": true,
+        "info": false,
+        "autoWidth": false,
+        "order": [
+            [0, "asc"]
+        ]
     });
+</script>
 
+<script>
     // set up domain result data table
     $("#tbl_record").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
+        "paging": false,
+        "lengthChange": false,
+        "searching": false,
+        "ordering": true,
+        "info": false,
+        "autoWidth": false,
+        "order": [
+            [0, "asc"]
+        ]
     });
+</script>
 
+<script>
     // set up domain result data table
     $("#tbl_comment").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
+        "paging": false,
+        "lengthChange": false,
+        "searching": false,
+        "ordering": true,
+        "info": false,
+        "autoWidth": false,
+        "order": [
+            [0, "asc"]
+        ]
     });
-  </script>
+</script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index f2a86196c..aa16c4a72 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -1,108 +1,81 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_history" %}
-
 {% block title %}
-  <title>
-    History - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            History
-            <small>Recent Events</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">History</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<title>History - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        History <small>Recent events</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">History</li>
+    </ol>
+</section>
 {% endblock %} 
-
 {% block content %}
 {% import 'applied_change_macro.html' as applied_change_macro %}
+
+
+
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-12">
-        <div class="card card-outline card-secondary">
-          <div class="card-header with-border">
-            <h3 class="card-title">History Management</h3>
-            {% if current_user.role.name != 'User' %}
-              <button type="button" class="btn btn-danger float-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                <i class="fa-solid fa-trash"></i>  
-                &nbsp;Clear History
-              </button>
-            {% endif %}
-          </div>
-          <div class="card-body clearfix">
-            <form id="history-search-form" autocomplete="off">
-                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
-                  <li class="nav-item">
-                    <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
-                      Search for All Activity
-                    </a>
-                  </li>
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
-                      Search By Domain
-                    </a>
-                  </li>
-                  <li class="nav-item">
-                    <a class="nav-link with-border" href="#tabs-account" data-toggle="pill" role="tab">
-                      Search By Account
-                    </a>
-                  </li>
-                  {% if current_user.role.name != 'User' %}
-                    <li class="nav-item">
-                      <a class="nav-link" href="#tabs-auth" data-toggle="pill" role="tab">
-                        Search for User Authentication
-                      </a>
-                    </li>
-                  {% endif %}
-                </ul>
-            <div class="tab-content">
-              <div class="tab-pane" id="tabs-act">
-            </div>
-            <div class="tab-pane" id="tabs-domain">
-              <td>
-                <label>Domain Name</label>
-              </td>
-              <td>
-                <div class="autocomplete" style="width:250px;">
-                  <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">History Management</h3>
                 </div>
-              </td>
-              <td>
-<div style="position: relative; top:10px;">
-<td>Record Changelog only &nbsp</td>
-<td>
-<input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
-class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-</td>
-</div>
-</td>
-</div>
-<div class="tab-pane" id="tabs-account">
-<td><label>Account Name</label></td>
-<td>
-<div class="autocomplete" style="width:250px;">
-<input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
-</div>
-</td>
-</div>
-<div class="tab-pane" id="tabs-auth">
-<td><label>Username</label></td>
+                <div class="box-body clearfix">
+                    <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal"
+                        data-target="#modal_clear_history"
+                        {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
+                        Clear History&nbsp;<i class="fa fa-trash"></i>
+                    </button>
+                </div>
+
+                <div class="box-body clearfix">
+                    <form id="history-search-form" autocomplete="off">
+                        <!-- Custom Tabs -->
+                        <div class="nav-tabs-custom" id="tabs">
+                            <ul class="nav nav-tabs" id="nav_nav_tabs" name="nav_nav_tabs">
+                                <li id="activity_tab" class="active"><a href="#tabs-act"    data-toggle="tab">Search for All Activity</a></li>
+                                <li id="domain_tab"><a href="#tabs-domain"   data-toggle="tab">Search By Domain</a></li>
+                                <li id="account_tab"><a href="#tabs-account" data-toggle="tab">Search By Account</a></li>
+                                {% if current_user.role.name != 'User' %}
+                                <li id="user_auth_tab"><a href="#tabs-auth"  data-toggle="tab">Search for User Authentication</a></li>
+                                {% endif %}
+                            </ul>
+                            <div class="tab-content">
+                                <div class="tab-pane" id="tabs-act">
+                                </div>
+                                <div class="tab-pane" id="tabs-domain">
+                                    <td><label>Domain Name</label></td>
+                                    <td>
+                                        <div class="autocomplete" style="width:250px;">
+                                            <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
+                                        </div>
+                                    </td>
+                                    <td>
+                                        <div style="position: relative; top:10px;">
+                                            <td>Record Changelog only &nbsp</td>
+                                                <td>
+                                                    <input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
+                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
+                                                </td>
+                                        </div>
+                                    </td>
+                                </div>
+                                <div class="tab-pane" id="tabs-account">
+                                    <td><label>Account Name</label></td>
+                                    <td>
+                                        <div class="autocomplete" style="width:250px;">
+                                            <input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
+                                        </div>
+                                    </td>
+                                </div>
+                                <div class="tab-pane" id="tabs-auth">
+                                    <td><label>Username</label></td>
                                     <td>
                                         <div class="autocomplete" style="width:250px;">
                                             <input type="text" class="form-control" id="auth_name_filter" name="auth_name_filter" placeholder="Enter * to search for any username" value=""> 
@@ -136,7 +109,9 @@ <h3 class="card-title">History Management</h3>
                                     </td>
                                 </div>
                         </div>
-                        <div class="card-body">
+                        <!-- End Custom Tabs -->
+
+                        <div class="box-body">
                             <table id="Filters-Table">
                                 <thead>
                                     <th>Filters</th>
@@ -170,18 +145,29 @@ <h3 class="card-title">History Management</h3>
                                     <tr><td>&nbsp</td></tr>
                                     <tr>
                                         <td>
-                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search</button>
+                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-flat btn-primary button-filter">Search&nbsp;<i class="fa fa-search"></i></button>
                                         </td>
                                         <td>
-                                            <button id="clear-filters" name="clear-filters" class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear Filters</button>
+                                            <!-- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -->
+                                            <button id="clear-filters" name="clear-filters" class="btn btn-flat btn-warning button-clearf">Clear Filters&nbsp;<i class="fa fa-trash"></i></button>
                                         </td>
                                     </tr>
                                 </tbody>
                             </table>
+                        </div>
                     </form>
                 </div>
+
                 <div id="table_from_ajax"></div>
+
+
+                <!-- /.box-body -->
             </div>
+            <!-- /.box -->
+        </div>
+        <!-- /.col -->
+    </div>
+    <!-- /.row -->
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -485,45 +471,49 @@ <h3 class="card-title">History Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-  <!-- Clear History Confirmation Box -->
-  <div class="modal fade modal-warning" id="modal_clear_history">
+<!-- Clear History Confirmation Box -->
+<div class="modal fade modal-warning" id="modal_clear_history">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p>Are you sure you want to remove all history?</p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger float-right" onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">
-            Clear History
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p>Are you sure you want to remove all history?</p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger"
+                    onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">Clear
+                    History</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
-  <!-- History Details Box -->
-  <div class="modal fade" id="modal_history_info">
+    <!-- /.modal-dialog -->
+</div>
+<div class="modal fade" id="modal_history_info">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">History Details</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <div id="modal-info-content"></div>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-default float-right" data-dismiss="modal">Close</button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">History Details</h4>
+            </div>
+            <div class="modal-body">
+                <div id="modal-info-content"></div>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-right" data-dismiss="modal">Close</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
+</div>
+<!-- /.modal -->
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 8f1d25f7d..4f3d73d76 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -1,86 +1,90 @@
+
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
+
 {% if len_histories >= lim %}
-  <p style="color: rgb(224, 3, 3);">
-    <b>Limit of loaded history records has been reached! Only {{lim}} history records are shown.</b>
-  </p>
+<p style="color: rgb(224, 3, 3);"><b>Limit of loaded history records has been reached! Only {{lim}} history records are shown. </b></p>
 {% endif %}
 
-<div class="card-body"></div>
-  <table id="tbl_history" class="table table-bordered table-striped">
-    <thead>
-      <tr>
-        <th>Changed by</th>
-        <th>Content</th>
-        <th>Time</th>
-        <th>Detail</th>
-      </tr>
-    </thead>
-    <tbody>
-      {% for history in histories %}
-        <tr class="odd gradeX">
-          <td>{{ history.history.created_by }}</td>
-          <td>{{ history.history.msg }}</td>
-          <td>{{ history.history.created_on }}</td>
-          <td width="6%">
-            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-              {{ history.detailed_msg | safe }}
-              {% if history.change_set %}
-                <div class="content">
-                  <div id="change_index_definition"></div>
-                  {% call applied_change_macro.applied_change_template(history.change_set) %}
-                  {% endcall %}
-                </div>
-              {% endif %}
-            </div>
-            <button type="button" class="btn btn-primary history-info-button"
-              {% if history.detailed_msg == "" and history.change_set is none %}
-                style="visibility: hidden;"
-              {% endif %} value="{{ loop.index0 }}">
-              <i class="fa-solid fa-info"></i>
-              &nbsp;Info
-            </button>
-          </td>
-        </tr>
-      {% endfor %}
-    </tbody>
-  </table>
+<div class="box-body"></div>
+    <table id="tbl_history" class="table table-bordered table-striped">
+        <thead>
+            <tr>
+                <th>Changed by</th>
+                <th>Content</th>
+                <th>Time</th>
+                <th>Detail</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for history in histories %}
+            <tr class="odd gradeX">
+                <td>{{ history.history.created_by }}</td>
+                <td>{{ history.history.msg }}</td>
+                <td>{{ history.history.created_on }}</td>
+                
+                <td width="6%">
+                    <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+                        {{ history.detailed_msg | safe }}
+                        {% if history.change_set %}
+                        <div class="content">
+                            <div id="change_index_definition"></div>
+                            {% call applied_change_macro.applied_change_template(history.change_set) %}
+                            {% endcall %}
+                        </div>
+                        {% endif %}
+                    </div>
+                    <button type="button" class="btn btn-flat btn-primary history-info-button"
+                        {% if history.detailed_msg == "" and history.change_set is none %}
+                        style="visibility: hidden;"
+			{% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
+                    </button>
+                </td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
 </div>
 
 <script>
-  var table;
-  $(document).ready(function () {
-    table = $('#tbl_history').DataTable({
-      "order": [
-        [2, "desc"]
-      ],
-      "searching": true,
-      "columnDefs": [{
-        "type": "time",
-        "render": function (data, type, row) {
-          return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
-        },
-        "targets": 2
-      }],
-      "info": true,
-      "autoWidth": false,
-      orderCellsTop: true,
-      fixedHeader: true
-    });
+var table;
+$(document).ready(function () {
+
+        table = $('#tbl_history').DataTable({
+            "order": [
+                [2, "desc"]
+            ],
+            "searching": true,
+            "columnDefs": [{
+                "type": "time",
+                "render": function (data, type, row) {
+                    return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
+                },
+                "targets": 2
+            }],
+            "info": true,
+            "autoWidth": false,
+            orderCellsTop: true,
+            fixedHeader: true
+        });
+
     $(document.body).on('click', '.history-info-button', function () {
-      var modal = $("#modal_history_info");
-      var history_id = $(this).val();
-      var info = $("#history-info-div-" + history_id).html();
-      $('#modal-info-content').html(info);
-      modal.modal('show');
+        var modal = $("#modal_history_info");
+        var history_id = $(this).val();
+        var info = $("#history-info-div-" + history_id).html();
+        $('#modal-info-content').html(info);
+        modal.modal('show');
     });
+
     $(document.body).on("click", ".button-filter", function (e) {
-      e.stopPropagation();
-      var nextRow = $("#filter-table")
-      if (nextRow.css("visibility") == "visible")
-          nextRow.css("visibility", "collapse")
-      else
-        nextRow.css("visibility", "visible")
+        e.stopPropagation();
+        var nextRow = $("#filter-table")
+        if (nextRow.css("visibility") == "visible")
+            nextRow.css("visibility", "collapse")
+        else
+            nextRow.css("visibility", "visible")
     });
-  });
-</script>
\ No newline at end of file
+
+});
+
+</script>
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index c02a18c10..5aabbc17b 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -1,97 +1,76 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_accounts" %}
-
 {% block title %}
-  <title>
-    Account Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Accounts
-            <small>Manage</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">Accounts</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
+<title>Account Management - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<section class="content-header">
+    <h1>
+        Accounts <small>Manage accounts</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Accounts</li>
+    </ol>
+</section>
+{% endblock %} {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Account Management</h3>
-            <a href="{{ url_for('admin.edit_account') }}">
-              <button type="button" class="btn btn-primary float-right button_add_account">
-                <i class="fa-solid fa-plus"></i>&nbsp;Add Account
-              </button>
-            </a>
-          </div>
-          <div class="card-body">
-            <table id="tbl_accounts" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Description</th>
-                  <th>Contact</th>
-                  <th>Mail</th>
-                  <th>Member</th>
-                  <th>Domain</th>
-                  <th>Action</th>
-                </tr>
-              </thead>
-              <tbody>
-                {% for account in accounts %}
-                  <tr class="odd gradeX">
-                    <td>{{ account.name }}</td>
-                    <td>{{ account.description }}</td>
-                    <td>{{ account.contact }}</td>
-                    <td>{{ account.mail }}</td>
-                    <td>{{ account.user_num }}</td>
-                    <td>{{ account.domains|length }}</td>
-                    <td width="15%">
-                      <div class="dropdown">
-                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Account Management</h3>
+                </div>
+                <div class="box-body">
+                    <a href="{{ url_for('admin.edit_account') }}">
+                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_account">
+                            Add Account&nbsp;<i class="fa fa-plus"></i>
                         </button>
-                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
-                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Account
-                          </button>
-                          <div class="dropdown-divider"></div>
-                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ account.name }}">
-                            <font color="red">
-                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Account
-                            </font>
-                          </button>
-                         </div>
-                      </div>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+                    </a>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_accounts" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Name</th>
+                                <th>Description</th>
+                                <th>Contact</th>
+                                <th>Mail</th>
+                                <th>Member</th>
+                                <th>Domain</th>
+                                <th>Action</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for account in accounts %}
+                            <tr class="odd gradeX">
+                                <td>{{ account.name }}</td>
+                                <td>{{ account.description }}</td>
+                                <td>{{ account.contact }}</td>
+                                <td>{{ account.mail }}</td>
+                                <td>{{ account.user_num }}</td>
+                                <td>{{ account.domains|length }}</td>
+                                <td width="15%">
+                                    <button type="button" class="btn btn-flat btn-success"
+                                        onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
+                                        Edit&nbsp;<i class="fa fa-cog"></i>
+                                    </button>
+                                    <button type="button" class="btn btn-flat btn-danger button_delete"
+                                        id="{{ account.name }}">
+                                        Delete&nbsp;<i class="fa fa-trash"></i>
+                                    </button>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
+            </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
     </div>
-  </div>
+    <!-- /.row -->
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -135,21 +114,21 @@ <h3 class="card-title">Account Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade" id="modal_delete">
+<div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
             </div>
         </div>
         <!-- /.modal-content -->
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index 87a36b058..dadc2a0f0 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -1,153 +1,133 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_keys" %}
-
 {% block title %}
-  <title>
-    Key Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            API Keys
-            <small>Management</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">API Keys</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
+<title>Key Management - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<section class="content-header">
+    <h1>
+        Key <small>Manage API keys</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Key</li>
+    </ol>
+</section>
+{% endblock %} {% block content %}
 <section class="content">
-  <div class="container-fluid">
-    <div class="card">
-      <div class="card-header with-border">
-        <h3 class="card-title">Key Management</h3>
-        <a href="{{ url_for('admin.edit_key') }}">
-          <button type="button" class="btn btn-primary float-right button_add_key">
-            <i class="fa-solid fa-plus"></i>&nbsp;Add Key
-          </button>
-        </a>
-      </div>
-      <div class="card-body">
-        <table id="tbl_keys" class="table table-bordered table-striped">
-          <thead>
-            <tr>
-              <th>Id</th>
-              <th>Role</th>
-              <th>Description</th>
-              <th>Domains</th>
-              <th>Accounts</th>
-              <th>Actions</th>
-            </tr>
-          </thead>
-          <tbody>
-            {% for key in keys %}
-              <tr class="odd gradeX">
-                <td>{{ key.id }}</td>
-                <td>{{ key.role.name }}</td>
-                <td>{{ key.description }}</td>
-                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                <td width="15%">
-                  <div class="dropdown">
-                    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                      <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                    </button>
-                    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                      <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
-                        <i class="fa-solid fa-edit"></i>&nbsp;Edit API Key
-                      </button>
-                      <div class="dropdown-divider"></div>
-                      <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ key.id }}">
-                        <font color="red">
-                          <i class="fa-solid fa-trash"></i>&nbsp;Delete API Key
-                        </font>
-                      </button>
-                     </div>
-                  </div>
-                </td>
-              </tr>
-            {% endfor %}
-          </tbody>
-        </table>
-      </div>
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Key Management</h3>
+                </div>
+                <div class="box-body">
+                    <a href="{{ url_for('admin.edit_key') }}">
+                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_key">
+                            Add Key&nbsp;<i class="fa fa-plus"></i>
+                        </button>
+                    </a>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_keys" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Id</th>
+                                <th>Role</th>
+                                <th>Description</th>
+                                <th>Domains</th>
+                                <th>Accounts</th>
+                                <th>Action</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for key in keys %}
+                            <tr class="odd gradeX">
+                                <td>{{ key.id }}</td>
+                                <td>{{ key.role.name }}</td>
+                                <td>{{ key.description }}</td>
+                                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                                <td width="15%">
+                                    <button type="button" class="btn btn-flat btn-success button_edit"
+                                        onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
+                                        Edit&nbsp;<i class="fa fa-lock"></i>
+                                    </button>
+                                    <button type="button" class="btn btn-flat btn-danger button_delete"
+                                        id="{{ key.id }}">
+                                        Delete&nbsp;<i class="fa fa-trash"></i>
+                                    </button>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
+            </div>
+            <!-- /.box -->
+        </div>
+        <!-- /.col -->
     </div>
-  </div>
+    <!-- /.row -->
 </section>
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
+<script>
     // set up key data table
     $("#tbl_keys").DataTable({
-      "paging": true,
-      "lengthChange": true,
-      "searching": true,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "lengthMenu": [
-        [10, 25, 50, 100, -1],
-        [10, 25, 50, 100, "All"]
-      ],
-      "pageLength": 10
+        "paging": true,
+        "lengthChange": true,
+        "searching": true,
+        "ordering": true,
+        "info": false,
+        "autoWidth": false,
+        "lengthMenu": [
+            [10, 25, 50, 100, -1],
+            [10, 25, 50, 100, "All"]
+        ],
+        "pageLength": 10
     });
 
     // handle deletion of keys
     $(document.body).on('click', '.button_delete', function () {
-      var modal = $("#modal_delete");
-      var key_id = $(this).prop('id');
-      var info = "Are you sure you want to delete key #" + key_id + "?";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_delete_confirm').click(function () {
-        var postdata = {
-          'action': 'delete_key',
-          'data': key_id,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
+        var modal = $("#modal_delete");
+        var key_id = $(this).prop('id');
+        var info = "Are you sure you want to delete key #" + key_id + "?";
+        modal.find('.modal-body p').text(info);
+        modal.find('#button_delete_confirm').click(function () {
+            var postdata = {
+                'action': 'delete_key',
+                'data': key_id,
+                '_csrf_token': '{{ csrf_token() }}'
+            }
+            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
+            modal.modal('hide');
+        })
+        modal.modal('show');
+
     });
-  </script>
+</script>
 {% endblock %}
-
 {% block modals %}
-  <div class="modal fade modal-warning" id="modal_delete">
+<div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">
-            Delete
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
+</div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index ba978a115..d6a720421 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -1,237 +1,205 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_users" %}
-
 {% block title %}
-  <title>
-    User Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            User
-            <small>Manage user privileges</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">User</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">User Management</h3>
-              <a href="{{ url_for('admin.edit_user') }}">
-                <button type="button" class="btn btn-primary float-right button_add_user">
-                  <i class="fa-solid fa-plus"></i>&nbsp;Add User
-                </button>
-              </a>
-            </div>
-            <div class="card-body">
-              <table id="tbl_users" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Username</th>
-                    <th>First Name</th>
-                    <th>Last Name</th>
-                    <th>Email</th>
-                    <th>Role</th>
-                    <th>Privileges</th>
-                    <th>Action</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for user in users %}
-                    <tr class="odd gradeX">
-                      <td>{{ user.username }}</td>
-                      <td>{{ user.firstname }}</td>
-                      <td>{{ user.lastname }}</td>
-                      <td>{{ user.email }}</td>
-                      <td>
-                        <select id="{{ user.username }}" class="user_role"
-                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                          {% for role in roles %}
-                            <option value="{{ role.name }}"
-                              {% if role.id==user.role.id %}selected{% endif %}>
-                                {{ role.name }}
-                            </option>
-                          {% endfor %}
-                        </select>
-                      </td>
-                      <td width="6%">
-                        <button type="button" class="btn btn-warning button_revoke"
-                          id="{{ user.username }}"
-                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa-solid fa-link-slash"></i>&nbsp;Revoke
+<title>User Management - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<section class="content-header">
+    <h1>
+        User <small>Manage user privileges</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">User</li>
+    </ol>
+</section>
+{% endblock %} {% block content %}
+<section class="content">
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">User Management</h3>
+                </div>
+                <div class="box-body">
+                    <a href="{{ url_for('admin.edit_user') }}">
+                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_user">
+                            Add User&nbsp;<i class="fa fa-plus"></i>
                         </button>
-                      </td>
-                      <td width="15%">
-
-                        <div class="dropdown">
-                          <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"
-                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                          </button>
-                          <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                            <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'">
-                              <i class="fa-solid fa-edit"></i>&nbsp;Edit User
-                            </button>
-                            {% if not user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}
-                              <div class="dropdown-divider"></div>
-                              <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ user.username }}">
-                                <font color="red">
-                                  <i class="fa-solid fa-trash"></i>&nbsp;Delete User
-                                </font>
-                              </button>
-                            {% endif %}
-                           </div>
-                        </div>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+                    </a>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_users" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Username</th>
+                                <th>First Name</th>
+                                <th>Last Name</th>
+                                <th>Email</th>
+                                <th>Role</th>
+                                <th>Privileges</th>
+                                <th>Action</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for user in users %}
+                            <tr class="odd gradeX">
+                                <td>{{ user.username }}</td>
+                                <td>{{ user.firstname }}</td>
+                                <td>{{ user.lastname }}</td>
+                                <td>{{ user.email }}</td>
+                                <td>
+                                    <select id="{{ user.username }}" class="user_role"
+                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                                        {% for role in roles %}
+                                        <option value="{{ role.name }}"
+                                            {% if role.id==user.role.id %}selected{% endif %}>{{ role.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </td>
+                                <td width="6%">
+                                    <button type="button" class="btn btn-flat btn-warning button_revoke"
+                                        id="{{ user.username }}"
+                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                                        Revoke&nbsp;<i class="fa fa-lock"></i>
+                                    </button>
+                                </td>
+                                <td width="15%">
+                                    <button type="button" class="btn btn-flat btn-success button_edit"
+                                        onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'"
+                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                                        Edit&nbsp;<i class="fa fa-lock"></i>
+                                    </button>
+                                    <button type="button" class="btn btn-flat btn-danger button_delete"
+                                        id="{{ user.username }}"
+                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                                        Delete&nbsp;<i class="fa fa-trash"></i>
+                                    </button>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
     </div>
-  </section>
+    <!-- /.row -->
+</section>
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
+<script>
     // set up user data table
     $("#tbl_users").DataTable({
-      "paging": true,
-      "lengthChange": true,
-      "searching": true,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "lengthMenu": [
-        [10, 25, 50, 100, -1],
-        [10, 25, 50, 100, "All"]
-      ],
-      "pageLength": 10
+        "paging": true,
+        "lengthChange": true,
+        "searching": true,
+        "ordering": true,
+        "info": false,
+        "autoWidth": false,
+        "lengthMenu": [
+            [10, 25, 50, 100, -1],
+            [10, 25, 50, 100, "All"]
+        ],
+        "pageLength": 10
     });
 
     // handle revocation of privileges
     $(document.body).on('click', '.button_revoke', function () {
-      var modal = $("#modal_revoke");
-      var username = $(this).prop('id');
-      var info = "Are you sure you want to revoke all privileges for user " + username +
-        "? They will not able to access any domain.";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_revoke_confirm').click(function () {
-        var postdata = {
-          'action': 'revoke_user_privileges',
-          'data': username,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
+        var modal = $("#modal_revoke");
+        var username = $(this).prop('id');
+        var info = "Are you sure you want to revoke all privileges for " + username +
+            ". They will not able to access any domain.";
+        modal.find('.modal-body p').text(info);
+        modal.find('#button_revoke_confirm').click(function () {
+            var postdata = {
+                'action': 'revoke_user_privileges',
+                'data': username,
+                '_csrf_token': '{{ csrf_token() }}'
+            }
+            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
+            modal.modal('hide');
+        })
+        modal.modal('show');
     });
-
     // handle deletion of user
     $(document.body).on('click', '.button_delete', function () {
-      var modal = $("#modal_delete");
-      var username = $(this).prop('id');
-      var info = "Are you sure you want to delete user " + username + "?";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_delete_confirm').click(function () {
-        var postdata = {
-          'action': 'delete_user',
-          'data': username,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
+        var modal = $("#modal_delete");
+        var username = $(this).prop('id');
+        var info = "Are you sure you want to delete " + username + "?";
+        modal.find('.modal-body p').text(info);
+        modal.find('#button_delete_confirm').click(function () {
+            var postdata = {
+                'action': 'delete_user',
+                'data': username,
+                '_csrf_token': '{{ csrf_token() }}'
+            }
+            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
+            modal.modal('hide');
+        })
+        modal.modal('show');
+
     });
 
     // handle user role changing
     $(document.body).on('change', '.user_role', function () {
-      var role_name = this.value;
-      var username = $(this).prop('id');
-      var postdata = {
-        'action': 'update_user_role',
-        'data': {
-          'username': username,
-          'role_name': role_name
-        },
-        '_csrf_token': '{{ csrf_token() }}'
-      };
-      applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
+        var role_name = this.value;
+        var username = $(this).prop('id');
+        var postdata = {
+            'action': 'update_user_role',
+            'data': {
+                'username': username,
+                'role_name': role_name
+            },
+            '_csrf_token': '{{ csrf_token() }}'
+        };
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
     });
-  </script>
+</script>
 {% endblock %}
-
 {% block modals %}
-  <div class="modal fade" id="modal_revoke">
+<div class="modal fade modal-warning" id="modal_revoke">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger float-right" id="button_revoke_confirm">
-            Revoke
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_revoke_confirm">Revoke</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
-
-  <div class="modal fade" id="modal_delete">
+    <!-- /.modal-dialog -->
+</div>
+<div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-default float-right" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
-            Delete
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
+</div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index b0e52f482..cd5a00003 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -1,127 +1,116 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_console" %}
-
-{% block title %}
-  <title>
-    Admin Console - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Admin Console - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            PowerDNS
-            <small>Server Statistics & Configuration</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">PowerDNS Server Statistics & Configuration</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        PowerDNS server configuration & statistics
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Admin Console</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card shadow">
-            <div class="card-header">
-              <h3 class="card-title">PowerDNS Server Statistics</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_statistics" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th width="30%">Statistic</th>
-                    <th>Value</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for statistic in statistics %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
-                        target="_blank" class="btn btn-primary">
-                          <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
-                        </a>
-                      </td>
-                      <td>{{ statistic['value'] }}</td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+<section class="content">
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">PDNS Statistics</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_statistics" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th width="6%">Docs</th>
+                                <th>Statistic</th>
+                                <th>Value</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for statistic in statistics %}
+                            <tr class="odd gradeX">
+                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
+                                        target="_blank" class="btn btn-flat btn-xs blue"><i
+                                            class="fa fa-search"></i></a></td>
+                                <td>{{ statistic['name'] }}</td>
+                                <td>{{ statistic['value'] }}</td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
-      <div class="row">
-        <div class="col-12">
-          <div class="card shadow">
-            <div class="card-header">
-              <h3 class="card-title">PowerDNS Server Configuration</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_configuration" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th width="30%">Configuration</th>
-                    <th>Value</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for config in configs %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
-                        target="_blank" class="btn btn-primary">
-                          <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
-                        </a>
-                      </td>
-                      <td>
-                        {{ config['value'] }}
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+        <!-- /.col -->
+    </div>
+    <!-- /.row -->
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">PDNS Configuration</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_configuration" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th width="6%">Docs</th>
+                                <th>Statistic</th>
+                                <th>Value</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for config in configs %}
+                            <tr class="odd gradeX">
+                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
+                                        target="_blank" class="btn btn-flat btn-xs blue"><i
+                                            class="fa fa-search"></i></a></td>
+                                <td>{{ config['name'] }}</td>
+                                <td>
+                                    {{ config['value'] }}
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
             </div>
-          </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
     </div>
-  </section>
+    <!-- /.row -->
+</section>
 {% endblock %}
-
 {% block extrascripts %}
 <script>
-  // set up statistics data table
-  $("#tbl_statistics").DataTable({
-    "paging": true,
-    "lengthChange": true,
-    "searching": true,
-    "ordering": true,
-    "info": true,
-    "autoWidth": false
-  });
+    // set up statistics data table
+    $("#tbl_statistics").DataTable({
+        "paging": true,
+        "lengthChange": false,
+        "searching": true,
+        "ordering": true,
+        "info": true,
+        "autoWidth": false
+    });
 
-  // set up configuration data table
-  $("#tbl_configuration").DataTable({
-    "paging": true,
-    "lengthChange": true,
-    "searching": true,
-    "ordering": true,
-    "info": true,
-    "autoWidth": false
-  });
+    // set up configuration data table
+    $("#tbl_configuration").DataTable({
+        "paging": true,
+        "lengthChange": false,
+        "searching": true,
+        "ordering": true,
+        "info": true,
+        "autoWidth": false
+    });
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 4b8a446a3..5d0fd1020 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1,81 +1,67 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
 {% block title %}
-  <title>
-    Authentication Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+<title>Authentication Settings - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Settings <small>PowerDNS-Admin settings</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li><a href="#">Setting</a></li>
+        <li class="active">Authentication</li>
+    </ol>
+    <script>
+        function ldapSelection() {
+            if (document.getElementById('ldap').checked) {
+                document.getElementById('ldap_openldap_fields').style.display = 'block';
+                document.getElementById('ldap_openldap_group_filters').style.display = 'block';
+                document.getElementById('ldap_ad_fields').style.display = 'none';
+            } else {
+                document.getElementById('ldap_openldap_fields').style.display = 'none';
+                document.getElementById('ldap_openldap_group_filters').style.display = 'none';
+                document.getElementById('ldap_ad_fields').style.display = 'block';
+            }
+        }
 
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>PowerDNS-Admin Settings</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item">Settings</li>
-            <li class="breadcrumb-item active">Authentication</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+        window.onload = function() {
+            ldapSelection();
+        }
+    </script>
+</section>
 {% endblock %}
-
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Authentication Settings</h3>
+        <div class="col-lg-12">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Authentication Settings</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     {% if result %}
                     <div class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif%} alert-dismissible">
                         <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                         {{ result['msg'] }}
                     </div>
                     {% endif %}
-                    <div class="nav-tabs-custom">
-                        <ul class="nav nav-tabs" role="tablist">
-                            <li class="nav-item">
-                              <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID Connect OAuth</a>
-                            </li>
+                    <!-- Custom Tabs -->
+                    <div class="nav-tabs-custom" id="tabs">
+                        <ul class="nav nav-tabs">
+                            <li class="active"><a href="#tabs-general" data-toggle="tab">General</a></li>
+                            <li><a href="#tabs-ldap" data-toggle="tab">LDAP</a></li>
+                            <li><a href="#tabs-google" data-toggle="tab">Google OAuth</a></li>
+                            <li><a href="#tabs-github" data-toggle="tab">Github OAuth</a></li>
+                            <li><a href="#tabs-azure" data-toggle="tab">Microsoft OAuth</a></li>
+                            <li><a href="#tabs-oidc" data-toggle="tab">OpenID Connect OAuth</a></li>
                         </ul>
                         <div class="tab-content">
                             <div class="tab-pane active" id="tabs-general">
                                 <form role="form" method="post">
                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                     <input type="hidden" value="general" name="config_tab" />
-                                    <div class="card-header">
-                                      <h3 class="card-title">Basic Settings</h3>
-                                    </div>
-                                    <div class="card-body">
                                     <div class="form-group">
                                         <input type="checkbox" id="local_db_enabled" name="local_db_enabled" class="checkbox" {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
                                         <label for="local_db_enabled">Local DB Authentication</label>
@@ -84,13 +70,15 @@ <h3 class="card-title">Basic Settings</h3>
                                         <input type="checkbox" id="signup_enabled" name="signup_enabled" class="checkbox" {% if SETTING.get('signup_enabled') %}checked{% endif %}>
                                         <label for="signup_enabled">Allow users to sign up</label>
                                     </div>
-                                    <button type="submit" class="btn btn-primary">Save</button>
-                                  </div>
+                                    <div class="form-group">
+                                        <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                    </div>
+                                    
                                 </form>
                             </div>
                             <div class="tab-pane" id="tabs-ldap">
                                 <div class="row">
-                                    <div class="col-4">
+                                    <div class="col-md-4">
                                         {% if error %}
                                                 <div class="alert alert-danger alert-dismissible">
                                                     <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
@@ -251,7 +239,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-8">
+                                    <div class="col-md-8">
                                         <legend>Help</legend>
                                         <dl class="dl-horizontal">
                                             <dt>Enable LDAP Authentication</dt>
@@ -345,9 +333,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-google">
                                 <div class="row">
-                                    <div class="col-4">
-                                      <div class="card">
-                                        <div class="card-body">
+                                    <div class="col-md-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="google" name="config_tab" />
@@ -391,29 +377,21 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                                     <span class="help-block with-errors"></span>
                                                 </div>
                                             </fieldset>
-                                            <div class="card-footer">
-                                                <button type="submit" class="btn btn-primary float-right">Save</button>
+                                            <div class="form-group">
+                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
                                             </div>
                                         </form>
-                                        </div>
-                                      </div>
                                     </div>
-                                    <div class="col-8">
-                                      <div class="card">
-                                        <div class="card-header">
-                                          <h3 class="card-title">Help</h3>
-                                        </div>
-                                        <div class="card-body">
-                                          <p>Fill in all the fields in the left form.</p>
-                                          <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
-                                        </div>
-                                      </div>
+                                    <div class="col-md-8">
+                                        <legend>Help</legend>
+                                        <p>Fill in all the fields in the left form.</p>
+                                        <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
                                     </div>
                                 </div>
                             </div>
                             <div class="tab-pane" id="tabs-github">
                                 <div class="row">
-                                    <div class="col-4">
+                                    <div class="col-md-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="github" name="config_tab" />
@@ -462,7 +440,7 @@ <h3 class="card-title">Help</h3>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-8">
+                                    <div class="col-md-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -470,7 +448,7 @@ <h3 class="card-title">Help</h3>
                             </div>
                             <div class="tab-pane" id="tabs-azure">
                                 <div class="row">
-                                    <div class="col-4">
+                                    <div class="col-md-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="azure" name="config_tab" />
@@ -584,7 +562,7 @@ <h3 class="card-title">Help</h3>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-8">
+                                    <div class="col-md-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                         <p>You first need to define an Application Registration in your Azure Active Directory, with the appropriate HTTPS URL for this endpoint, and with the appropriate rights, as explained in the documentation.</p>
@@ -606,7 +584,7 @@ <h3 class="card-title">Help</h3>
                             </div>
                             <div class="tab-pane" id="tabs-oidc">
                                 <div class="row">
-                                    <div class="col-4">
+                                    <div class="col-md-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="oidc" name="config_tab" />
@@ -693,7 +671,7 @@ <h3 class="card-title">Help</h3>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-8">
+                                    <div class="col-md-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -705,31 +683,14 @@ <h3 class="card-title">Help</h3>
             </div>
         </div>
     </div>
-  </div>
 </section>
 {% endblock %}
-
 {% block extrascripts %}
 {% assets "js_validation" -%}
   <script type="text/javascript" src="{{ ASSET_URL }}"></script>
 {%- endassets %}
 
 <script>
-            function ldapSelection() {
-                if (document.getElementById('ldap').checked) {
-                    document.getElementById('ldap_openldap_fields').style.display = 'block';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                    document.getElementById('ldap_ad_fields').style.display = 'none';
-                } else {
-                    document.getElementById('ldap_openldap_fields').style.display = 'none';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                    document.getElementById('ldap_ad_fields').style.display = 'block';
-                }
-            }
-    
-            window.onload = function() {
-                ldapSelection();
-            }
     
     $(function() {
         $('#tabs').tabs({
@@ -1108,13 +1069,16 @@ <h4 class="modal-title">Confirmation</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
-                <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
+                <button type="button" class="btn btn-flat btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
+                <button type="button" class="btn btn-flat btn-success" id="button_confirm">Confirm</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
 
+
 <div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
     <div class="modal-dialog">
         <div class="modal-content">
@@ -1128,9 +1092,13 @@ <h4 class="modal-title">Warning</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
+                <button type="button" class="btn btn-flat btn-success" id="button_warning_confirm">Yes I understand</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
+
+
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index bb801e38a..d3d0905ea 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -1,116 +1,97 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
 {% block title %}
-  <title>
-    Basic Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>Basic</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - Basic</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
+<title>Basic Settings - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Settings <small>PowerDNS-Admin settings</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li><a href="#">Setting</a></li>
+        <li class="active">Basic</li>
+    </ol>
+</section>
+{% endblock %} {% block content %}
 <section class="content">
-  <div class="container-fluid">
-    <div class="card">
-      <div class="card-header with-border">
-        <h3 class="card-title">Basic Settings</h3>
-      </div>
-      <div class="card-body">
-        <table id="tbl_settings" class="table table-bordered table-striped">
-          <thead>
-            <tr>
-              <th>Setting Name</th>
-              <th>Current Value</th>
-              <th>Action</th>
-            </tr>
-          </thead>
-          <tbody>
-            {% for setting in settings %}
-              <tr class="odd">
-                <td>
-                  {{ setting }}
-                </td>
-                {% if SETTING.get(setting) in [False] %}
-                  <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
-                      <i class="fa-solid fa-toggle-on"></i>&nbsp;Turn On
-                    </button>
-                  </td>
-                {% elif SETTING.get(setting) in [True] %}
-                  <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
-                      <i class="fa-solid fa-toggle-off"></i>&nbsp;Turn Off
-                    </button>
-                  </td>
-                {% else %}
-                  <td>
-                    <input name="value" id="value" value="{{ SETTING.get(setting) }}">
-                  </td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
-                      <i class="fa-solid fa-save"></i>&nbsp;Save
-                    </button>
-                  </td>
-                {% endif %}
-              </tr>
-            {% endfor %}
-          </tbody>
-        </table>
-      </div>
+    <div class="row">
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Basic Settings</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_settings" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Name</th>
+                                <th>Value</th>
+                                <th>Change</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for setting in settings %}
+                            <tr class="odd ">
+                                <td>{{ setting }}</td>
+                                {% if SETTING.get(setting) in [True, False] %}
+                                <td>{{ SETTING.get(setting)|display_setting_state }}</td>
+                                <td width="6%">
+                                    <button type="button" class="btn btn-flat btn-warning setting-toggle-button"
+                                        id="{{ setting }}">
+                                        Toggle&nbsp;<i class="fa fa-info"></i>
+                                    </button>
+                                </td>
+                                {% else %}
+                                <td><input name="value" id="value" value="{{ SETTING.get(setting) }}"></td>
+                                <td width="6%">
+                                    <button type="button" class="btn btn-flat btn-warning setting-save-button"
+                                        id="{{ setting }}">
+                                        Save&nbsp;<i class="fa fa-info"></i>
+                                    </button>
+                                </td>
+                                {% endif %}
+                            </tr>
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
+            </div>
+            <!-- /.box -->
+        </div>
+        <!-- /.col -->
     </div>
-  </div>
+    <!-- /.row -->
 </section>
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
-    // set up settings table
+<script>
+    // set up history data table
     $("#tbl_settings").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": true,
-      "ordering": true,
-      "info": true,
-      "autoWidth": false
+        "paging": false,
+        "lengthChange": false,
+        "searching": true,
+        "ordering": true,
+        "info": true,
+        "autoWidth": false
     });
     $(document.body).on('click', '.setting-toggle-button', function () {
-      var setting = $(this).prop('id');
-      applyChanges({
-        '_csrf_token': '{{ csrf_token() }}'
-      }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
+        var setting = $(this).prop('id');
+        applyChanges({
+            '_csrf_token': '{{ csrf_token() }}'
+        }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
     });
 
     $(document.body).on('click', '.setting-save-button', function () {
-      var setting = $(this).prop('id');
-      var value = $(this).parents('tr').find('#value')[0].value;
-      var postdata = {
-        'value': value,
-        '_csrf_token': '{{ csrf_token() }}'
-      };
-      applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
+        var setting = $(this).prop('id');
+        var value = $(this).parents('tr').find('#value')[0].value;
+        var postdata = {
+            'value': value,
+            '_csrf_token': '{{ csrf_token() }}'
+        };
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
     });
-  </script>
-{% endblock %}
\ No newline at end of file
+</script>
+{% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index c4b894700..84f86a9c7 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -1,110 +1,93 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
 {% block title %}
-  <title>
-    PDNS Settings - {{ SITE_NAME }}
-  </title>
+<title>PDNS Settings - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Settings <small>PowerDNS-Admin settings</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li><a href="#">Setting</a></li>
+        <li class="active">PDNS</li>
+    </ol>
+</section>
 {% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>PowerDNS Authoritative Server</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - PowerDNS Authoritative Server</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-4">
-          <div class="card shadow card-outline card-secondary">
-            <div class="card-header">
-              <h3 class="card-title">PDNS Settings</h3>
-            </div>
-            <form role="form" method="post" data-toggle="validator">
-              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-              <div class="card-body">
-                {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
-                  <div class="alert alert-danger alert-dismissible">
-                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                    <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                    Please complete your PowerDNS API configuration before continuing
-                  </div>
-                {% endif %}
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_api_url">PowerDNS API URL</label>
-                  <input type="url" class="form-control" placeholder="PowerDNS API URL" name="pdns_api_url"
-                  data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
-                  <span class="help-block with-errors"></span>
+<section class="content">
+    <div class="row">
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">PDNS Settings</h3>
                 </div>
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_api_key">PowerDNS API Key</label>
-                  <input type="password" class="form-control" placeholder="PowerDNS API Key"
-                  name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
-                  value="{{ pdns_api_key }}">
-                  <span class="help-block with-errors"></span>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post" data-toggle="validator">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="box-body">
+                        {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
+                        <div class="alert alert-danger alert-dismissible">
+                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                            Please complete your PowerDNS API configuration before continuing
+                        </div>
+                        {% endif %}
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="pdns_api_url">PDNS API URL</label>
+                            <input type="url" class="form-control" placeholder="PowerDNS API url" name="pdns_api_url"
+                                data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
+                            <span class="help-block with-errors"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="pdns_api_key">PDNS API KEY</label>
+                            <input type="password" class="form-control" placeholder="PowerDNS API key"
+                                name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
+                                value="{{ pdns_api_key }}">
+                            <span class="help-block with-errors"></span>
+                        </div>
+                        <div class="form-group has-feedback">
+                            <label class="control-label" for="pdns_version">PDNS VERSION</label>
+                            <input type="text" class="form-control" placeholder="PowerDNS version" name="pdns_version"
+                                data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
+                            <span class="help-block with-errors"></span>
+                        </div>
+                    </div>
+                    <div class="box-footer">
+                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
+                    </div>
+                </form>
+            </div>
+        </div>
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help</h3>
                 </div>
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_version">PowerDNS Version</label>
-                  <input type="text" class="form-control" placeholder="PowerDNS Version" name="pdns_version"
-                  data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
-                  <span class="help-block with-errors"></span>
+                <div class="box-body">
+                    <dl class="dl-horizontal">
+                        <p>You must configure the API connection information before PowerDNS-Admin can query your
+                            PowerDNS data. Following fields are required:</p>
+                        <dt>PDNS API URL</dt>
+                        <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
+                        <dt>PDNS API KEY</dt>
+                        <dd>Your PowerDNS API key.</dd>
+                        <dt>PDNS VERSION</dt>
+                        <dd>Your PowerDNS version number (eg. 4.1.1).</dd>
+                    </dl>
+                    <p>Find more details at <a
+                            href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
+                    </p>
                 </div>
-              </div>
-              <div class="card-footer">
-                <button type="submit" class="btn btn-primary float-right">
-                  <i class="fa-solid fa-save"></i>&nbsp;Save
-                </button>
-              </div>
-            </form>
-          </div>
-        </div>
-        <div class="col-8">
-          <div class="card shadow card-outline card-secondary">
-            <div class="card-header">
-              <h3 class="card-title">Help</h3>
-            </div>
-            <div class="card-body">
-              <dl class="dl-horizontal">
-                <p>You must configure the API connection information before PowerDNS-Admin can query your
-                  PowerDNS data. Following fields are required:</p>
-                <dt>PowerDNS API URL</dt>
-                <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
-                <dt>PowerDNS API Key</dt>
-                <dd>Your PowerDNS API key.</dd>
-                <dt>PowerDNS Version</dt>
-                <dd>Your PowerDNS version number (eg. 4.7.0).</dd>
-              </dl>
-              <p>Find more details at
-                <a href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
-              </p>
             </div>
-          </div>
         </div>
-      </div>
     </div>
-  </section>
+</section>
 {% endblock %}
-
 {% block extrascripts %}
-  {% assets "js_validation" -%}
-    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
+{% assets "js_validation" -%}
+<script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_records.html b/powerdnsadmin/templates/admin_setting_records.html
index 3fea6a52f..b4c920bc0 100644
--- a/powerdnsadmin/templates/admin_setting_records.html
+++ b/powerdnsadmin/templates/admin_setting_records.html
@@ -1,101 +1,83 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
 {% block title %}
-  <title>
-    DNS Records Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>Records</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - Records </li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<title>DNS Records Settings - {{ SITE_NAME }}</title>
+{% endblock %} {% block dashboard_stat %}
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Settings <small>PowerDNS-Admin settings</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li><a href="#">Setting</a></li>
+        <li class="active">Records</li>
+    </ol>
+</section>
 {% endblock %}
-
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-5">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">DNS record Settings</h3>
-          </div>
-          <form role="form" method="post">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              <table class="table table-bordered">
-                <tr>
-                  <th style="width: 10px">#</th>
-                  <th style="width: 40px">Record</th>
-                  <th>Forward Zone</th>
-                  <th>Reverse Zone</th>
-                </tr>
-                {% for record in f_records %}
-                  <tr>
-                    <td>{{ loop.index }}</td>
-                    <td>{{ record }}</td>
-                    <td>
-                      <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
-                      class="checkbox" {% if f_records[record] %}checked{% endif %}>
-                    </td>
-                    <td>
-                      <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
-                      class="checkbox" {% if r_records[record] %}checked{% endif %}>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </table>
-            </div>
-            <div class="card-footer">
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Save
-              </button>
+        <div class="col-md-5">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">DNS record Settings</h3>
+                </div>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="create" value="{{ create }}">
+                    <div class="box-body">
+                        <table class="table table-bordered">
+                            <tr>
+                                <th style="width: 10px">#</th>
+                                <th style="width: 40px">Record</th>
+                                <th>Forward Zone</th>
+                                <th>Reverse Zone</th>
+                            </tr>
+                            {% for record in f_records %}
+                            <tr>
+                                <td>{{ loop.index }}</td>
+                                <td>{{ record }}</td>
+                                <td>
+                                    <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
+                                        class="checkbox" {% if f_records[record] %}checked{% endif %}>
+                                </td>
+                                <td>
+                                    <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
+                                        class="checkbox" {% if r_records[record] %}checked{% endif %}>
+                                </td>
+                            </tr>
+                            {% endfor %}
+                        </table>
+                    </div>
+                    <div class="box-footer">
+                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
+                    </div>
+                </form>
             </div>
-          </form>
         </div>
-      </div>
-      <div class="col-7">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help</h3>
-          </div>
-          <div class="card-body">
-            <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
-              <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
-              full list of supported record types.
-            </p>
-          </div>
+        <div class="col-md-7">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help</h3>
+                </div>
+                <div class="box-body">
+                    <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
+                        <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
+                        full list of supported record types.</p>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
+<script>
     $('.checkbox').iCheck({
-      checkboxClass: 'icheckbox_square-blue',
-      increaseArea: '20%'
+        checkboxClass: 'icheckbox_square-blue',
+        increaseArea: '20%'
     })
-  </script>
+</script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 54bb019bf..35bfc51b3 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -1,62 +1,38 @@
 <!DOCTYPE html>
-<html lang="en" class>
+<html>
 <head>
   {% block head %}
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-    {% block title %}
-      <title>
-        {{ SITE_NAME }}
-      </title>
-    {% endblock %}
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
-    <!--  Get Google Fonts we like -->
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-    <!-- Tell the browser to be responsive to screen width -->
-    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-    <!-- Tell Safari to not recognise telephone numbers -->
-    <meta name="format-detection" content="telephone=no">
-    {% assets "css_main" -%}
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+  {% block title %}<title>{{ SITE_NAME }}</title>{% endblock %}
+  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
+  <!--  Get Google Fonts we like -->
+  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
+  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
+  <!-- Tell the browser to be responsive to screen width -->
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+  <!-- Tell Safari to not recognise telephone numbers -->
+  <meta name="format-detection" content="telephone=no">
+  {% assets "css_main" -%}
       <link rel="stylesheet" href="{{ ASSET_URL }}">
-    {%- endassets %}
-    {% if SETTING.get('custom_css') %}
-      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-    {% endif %}
+  {%- endassets %}
+{% if SETTING.get('custom_css') %}
+  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+{% endif %}
   {% endblock %}
 </head>
-
-<body class="hold-transition sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
-  {% set user_image_url = url_for('user.image', username=current_user.username) %}
-  <div class="wrapper">
+<body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
+{% set user_image_url = url_for('user.image', username=current_user.username) %}
+<div class="wrapper">
   {% block pageheader %}
-    <nav class="main-header navbar navbar-expand navbar-white navbar-light">
-      <!-- Header Navbar: style can be found in header.less -->
-      <!-- Sidebar toggle button-->
-      <ul class="navbar-nav">
-        <li class="nav-item">
-          <a class="nav-link" data-widget="pushmenu" href="#" role="button">
-            <i class="fa-solid fa-bars"></i>
-          </a>
-        </li>
-      </ul>
-        <ul class="navbar-nav ml-auto">
-        <li class="nav-item">
-          <a class="nav-link" data-widget="fullscreen" href="#" role="button">
-            <i class="fa-solid fa-expand-arrows-alt"></i>
-          </a>
-        </li>
-      </ul>
-    </nav>
-
-  {% endblock %}
-  <!-- Left side column. contains the logo and sidebar -->
-  <aside class="main-sidebar sidebar-dark-primary">
+  <header class="main-header">
     <!-- Logo -->
-    <a href="{{ url_for('index.index') }}" class="brand-link">
-      <img src="{{ url_for('static', filename='img/favicon.png') }}" alt="PowerDNS-Admin FavIcon" class="brand-image img-circle elevation-3" style="opacity: .8">
-      <span class="brand-text font-weight-light">
+    <a href="{{ url_for('index.index') }}" class="logo">
+      <!-- mini logo for sidebar mini 50x50 pixels -->
+      <span class="logo-mini"><b>PD</b>A</span>
+      <!-- logo for regular state and mobile devices -->
+      <span class="logo-lg">
         {% if SETTING.get('site_name') %}
           <b>{{ SITE_NAME }}</b>
         {% else %}
@@ -64,147 +40,128 @@
         {% endif %}
       </span>
     </a>
+    <!-- Header Navbar: style can be found in header.less -->
+    <nav class="navbar navbar-static-top">
+      <!-- Sidebar toggle button-->
+      <a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button">
+        <span class="sr-only">Toggle navigation</span>
+      </a>
+
+      <div class="navbar-custom-menu">
+        {% if current_user.id is defined %}
+        <ul class="nav navbar-nav">
+          <!-- User Account: style can be found in dropdown.less -->
+          <li class="dropdown user user-menu">
+            <a href="#" class="dropdown-toggle" data-toggle="dropdown">
+              <img src="{{ user_image_url }}" class="user-image" alt="User Image"/>
+              <span class="hidden-xs">
+                {{ current_user.firstname }}
+              </span>
+            </a>
+            <ul class="dropdown-menu">
+                <li class="user-header">
+                  <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
+                  <p>
+                    {{ current_user.firstname }} {{ current_user.lastname }}
+                    <small>{{ current_user.role.name }}</small>
+                  </p>
+                </li>
+
+              <!-- Menu Footer-->
+              <li class="user-footer">
+                <div class="pull-left">
+                  <a href="{{ url_for('user.profile') }}" class="btn btn-flat btn-primary">My Profile</a>
+                </div>
+                <div class="pull-right">
+                  <a href="{{ url_for('index.logout') }}" class="btn btn-flat btn-warning">Log out</a>
+                </div>
+              </li>
+            </ul>
+          </li>
+        </ul>
+        {% endif %}
+      </div>
+    </nav>
+  </header>
+  {% endblock %}
+  <!-- Left side column. contains the logo and sidebar -->
+  <aside class="main-sidebar">
     <!-- sidebar: style can be found in sidebar.less -->
-    <div class="sidebar">
+    <section class="sidebar">
     {% if current_user.id is defined %}
-      <div class="user-panel mt-3 pb-3 mb-3 d-flex">
-        <div class="image">
-          <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
+      <div class="user-panel">
+        <div class="pull-left image">
+          <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
         </div>
-        <div class="info">
-          <a href="{{ url_for('user.profile') }}" class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
+        <div class="pull-left info">
+          <p>{{ current_user.firstname }} {{ current_user.lastname }}</p>
+          <a href="#"><i class="fa fa-circle text-success"></i> Logged In</a>
         </div>
       </div>
       <!-- sidebar menu: : style can be found in sidebar.less -->
-      <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
-        <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
-          <a href="{{ url_for('user.profile') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-user"></i>
-            <p>Profile</p>
-          </a>
-        </li>
-        <li class="nav-item">
-          <a href="{{ url_for('index.logout') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
-            <p>Logout</p>
-          </a>
-        </li>
-        <li class="nav-header">Zone Management</li>
-        <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
-          <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-tachometer-alt"></i>
-            <p>Dashboard</p>
-          </a>
+      <ul class="sidebar-menu" data-widget="tree">
+        <li class="header">USER ACTIONS</li>
+        <li class="{{ 'active' if active_page == 'dashboard' else '' }}">
+          <a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> <span>Dashboard</span></a>
         </li>
         {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
-          <a href="{{ url_for('domain.add') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-plus"></i>
-            <p>New Domain</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'new_domain' else '' }}">
+          <a href="{{ url_for('domain.add') }}"><i class="fa fa-plus"></i> <span>New Domain</span></a>
         </li>
         {% endif %}
         {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
-          <a href="{{ url_for('domain.remove') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-trash-alt"></i>
-            <p>Remove Domain</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'remove_domain' else '' }}">
+          <a href="{{ url_for('domain.remove') }}"><i class="fa fa-trash-o"></i> <span>Remove Domain</span></a>
         </li>
         {% endif %}
         {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="nav-header">Administration</li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
-          <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-info-circle"></i>
-            <p>PowerDNS Info</p>
-          </a>
+        <li class="header">ADMINISTRATION</li>
+        <li class="{{ 'active' if active_page == 'admin_console' else '' }}">
+          <a href="{{ url_for('admin.pdns_stats') }}"><i class="fa fa-info-circle"></i> <span>PDNS</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
-          <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-search"></i>
-            <p>Global Search</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_global_search' else '' }}">
+          <a href="{{ url_for('admin.global_search') }}"><i class="fa fa-search"></i> <span>Global Search</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-          <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-calendar-alt"></i>
-            <p>History</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
+          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
-          <a href="{{ url_for('admin.templates') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-clone"></i>
-            <p>Domain Templates</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_domain_template' else '' }}">
+          <a href="{{ url_for('admin.templates') }}"><i class="fa fa-clone"></i> <span>Domain Templates</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-industry"></i>
-            <p>Accounts</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_accounts' else '' }}">
+          <a href="{{ url_for('admin.manage_account') }}"><i class="fa fa-industry"></i> <span>Accounts</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-users"></i>
-            <p>Users</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_users' else '' }}">
+          <a href="{{ url_for('admin.manage_user') }}"><i class="fa fa-users"></i> <span>Users</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-key"></i>
-            <p>API Keys</p>
-          </a>
+        <li class="{{ 'active' if active_page == 'admin_keys' else '' }}">
+          <a href="{{ url_for('admin.manage_keys') }}"><i class="fa fa-key"></i> <span>API Keys</span></a>
         </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
-          <a href="#" class="nav-link">
-            <i class="nav-icon fa-solid fa-cog"></i>
-            <p>
-              Settings
-              <i class="right fa-solid fa-angle-left"></i>
-            </p>
+        <li class="{{ 'treeview active' if active_page == 'admin_settings' else 'treeview' }}">
+          <a href="#">
+            <i class="fa fa-cog"></i> <span>Settings</span>
+            <span class="pull-right-container">
+              <i class="fa fa-angle-left pull-right"></i>
+            </span>
           </a>
-          <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
-            <li class="nav-item">
-              <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
-                <i class="nav-icon fa-solid fa-circle"></i>
-                <p>Basic</p>
-              </a>
-            </li>
-            <li class="nav-item">
-              <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
-                <i class="nav-icon fa-solid fa-circle"></i>
-                <p>Records</p>
-              </a>
-            </li>
+          <ul class="treeview-menu" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
+            <li><a href="{{ url_for('admin.setting_basic') }}"><i class="fa fa-circle-o"></i></i> <span>Basic</span></a></li>
+            <li><a href="{{ url_for('admin.setting_records') }}"><i class="fa fa-circle-o"></i> <span>Records</span></a></li>
             {% if current_user.role.name == 'Administrator' %}
-              <li class="nav-item">
-                <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
-                  <i class="nav-icon fa-solid fa-circle"></i>
-                  <p>PowerDNS Connection</p>
-                </a>
-              </li>
-              <li class="nav-item">
-                <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
-                  <i class="nav-icon fa-solid fa-circle"></i>
-                  <p>Authentication</p>
-                </a>
-              </li>
+            <li><a href="{{ url_for('admin.setting_pdns') }}"><i class="fa fa-circle-o"></i> <span>PDNS</a></li>
+            <li><a href="{{ url_for('admin.setting_authentication') }}"><i class="fa fa-circle-o"></i> <span>Authentication</span></a></li>
             {% endif %}
           </ul>
         </li>
         {% elif SETTING.get('allow_user_view_history') %}
-        <li class="nav-header">Administration</li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-          <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-calendar-alt"></i>
-            <p>History</p>
-          </a>
+        <li class="header">ADMINISTRATION</li>
+        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
+          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
         </li>
         {% endif %}
       </ul>
     {% endif %}
-    </div>
+    </section>
     <!-- /.sidebar -->
   </aside>
 
@@ -212,24 +169,16 @@
   <div class="content-wrapper">
     {% block dashboard_stat %}
     <!-- Content Header (Page header) -->
-    <div class="content-header">
-      <div class="container-fluid">
-        <div class="row mb-2">
-          <div class="col-sm-6">
-            <h1 class="m-0 text-dark">
-              Dashboard
-              <small>Control panel</small>
-            </h1>
-          </div>
-          <div class="col-sm-6">
-            <ol class="breadcrumb float-sm-right">
-              <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-              <li class="breadcrumb-item active">Dashboard</li>
-            </ol>
-          </div>
-        </div>
-      </div>
-    </div>
+    <section class="content-header">
+      <h1>
+        Dashboard
+        <small>Control panel</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Dashboard</li>
+      </ol>
+    </section>
     {% endblock %}
     {% block content %}
     {% endblock %}
@@ -363,43 +312,49 @@ <h1 class="m-0 text-dark">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <h4 class="modal-title">Error</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+        <button type="button" class="close" data-dismiss="modal"
+          aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
+        <h4 class="modal-title">Error</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
+        <button type="button" class="btn btn-flat btn-default pull-right"
+          data-dismiss="modal">Close</button>
       </div>
     </div>
+    <!-- /.modal-content -->
   </div>
+  <!-- /.modal-dialog -->
 </div>
 <!-- /.modal -->
 <div class="modal fade modal-success" id="modal_success">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <h4 class="modal-title">Success</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+        <button type="button" class="close" data-dismiss="modal"
+          aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
+        <h4 class="modal-title">Success</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
+        <button type="button" class="btn btn-flat btn-default pull-right"
+          data-dismiss="modal">Close</button>
       </div>
     </div>
+    <!-- /.modal-content -->
   </div>
+  <!-- /.modal-dialog -->
 </div>
+<!-- /.modal -->
+<!-- /.session-warning-modal -->
 <div class="modal fade modal-warning" data-backdrop="static" id="modal_session_warning">
   <div class="modal-dialog">
     <div class="modal-content">
@@ -412,18 +367,19 @@ <h3><span id="modal-time"></span></h3>
         <p>To coninue your ssession, select <strong>Stay Signed In</strong></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-success float-right button_stay_signed_in" data-dismiss="modal">
-          Stay Signed In
-        </button>
-        <button type="button" class="btn btn-danger float-left button_sign_out" data-dismiss="modal">
-          Sign Out
-        </button>
+        <button type="button" class="btn btn-flat btn-danger pull-left button_stay_signed_in"
+          data-dismiss="modal">Stay Signed In</button>
+        <button type="button" class="btn btn-flat btn-default pull-right button_sign_out"
+          data-dismiss="modal">Sign Out</button>
       </div>
     </div>
+    <!-- /.session-warning-modal-content -->
   </div>
+  <!-- /.session-warning-modal-dialog -->
 </div>
+<!-- /.session-warning-modal -->
 {% endblock %}
 {% block modals %}
 {% endblock %}
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index ddf369715..0e5b3b568 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -1,217 +1,191 @@
 {% extends "base.html" %}
-
 {% set active_page = "dashboard" %}
+{% block title %}<title>Dashboard - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block title %}
-  <title>
-    Dashboard - {{ SITE_NAME }}
-  </title>
-{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Dashboard
-            <small>Info</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        Dashboard
+        <small>Info</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Dashboard</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
+ <!-- Main content -->
+    <section class="content">
       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-        <div class="row">
-          <div class="col-3">
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Statistics</h3>
-              </div>
-              <div class="card-body">
-                <div class="row">
-                  <div class="col-6">
-                    <!-- small box -->
-                    <div class="small-box bg-info">
-                      <div class="inner">
-                        <h3>{{ domain_count }}</h3>
-                        <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
-                      </div>
-                      <div class="icon">
-                        <i class="fa-solid fa-book"></i>
+      <div class="row">
+        <div class="col-xs-3">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Statistics</h3>
+                </div>
+                <div class="box-body">
+                  <div class="row">
+                  <div class="col-lg-6">
+                      <!-- small box -->
+                      <div class="small-box bg-aqua">
+                        <div class="inner">
+                          <h3>{{ domain_count }}</h3>
+                          <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
+                        </div>
+                        <div class="icon">
+                          <i class="fa fa-book"></i>
+                        </div>
                       </div>
                     </div>
-                  </div>
-                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-6">
+                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-lg-6">
                       <a href="{{ url_for('admin.manage_user') }}">
-                        <div class="small-box bg-green">
-                          <div class="inner">
-                            <h3>{{ user_num }}</h3>
-                            <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
-                          </div>
-                          <div class="icon">
-                            <i class="fa-solid fa-users"></i>
-                          </div>
+                      <div class="small-box bg-green">
+                        <div class="inner">
+                          <h3>{{ user_num }}</h3>
+                          <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
+                        </div>
+                        <div class="icon">
+                          <i class="fa fa-users"></i>
                         </div>
+                      </div>
                       </a>
                     </div>
-                  {% endif %}
-                </div>
-                <div class="row">
-                  <div class="col-6">
-                    <a href="{{ url_for('admin.history') }}">
+                    {% endif %}
+                    </div>
+                    <div class="row">
+                    <div class="col-lg-6">
+                      <a href="{{ url_for('admin.history') }}">
                       <div class="small-box bg-green">
                         <div class="inner">
                           <h3>{{ history_number }}</h3>
                           <p>{% if history_number > 1 %}Histories{% else %}History{% endif %}</p>
                         </div>
                         <div class="icon">
-                          <i class="fa-solid fa-calendar"></i>
+                          <i class="fa fa-calendar"></i>
                         </div>
                       </div>
-                    </a>
-                  </div>
-                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-6">
+                      </a>
+                    </div>
+                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-lg-6">
                       <a href="{{ url_for('admin.pdns_stats') }}">
-                        <div class="small-box bg-green">
-                          <div class="inner">
-                            <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
-                            <p>Uptime</p>
-                          </div>
-                          <div class="icon">
-                            <i class="fa-solid fa-clock"></i>
-                          </div>
+                      <div class="small-box bg-green">
+                        <div class="inner">
+                          <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
+                          <p>Uptime</p>
+                        </div>
+                        <div class="icon">
+                          <i class="fa fa-clock-o"></i>
                         </div>
+                      </div>
                       </a>
                     </div>
-                  {% endif %}
+                    {% endif %}
+                    </div>
                 </div>
-              </div>
             </div>
-          </div>
-          <div class="col-9">
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Recent History</h3>
-              </div>
-              <div class="card-body">
-                <table id="tbl_history" class="table table-bordered table-striped">
-                  <thead>
+        </div>
+        <div class="col-xs-9">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Recent History</h3>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_history" class="table table-bordered table-striped">
+                    <thead>
                     <tr>
                       <th>Changed By</th>
                       <th>Content</th>
                       <th>Time</th>
                       <th>Detail</th>
                     </tr>
-                  </thead>
-                  <tbody>
+                    </thead>
+                    <tbody>
                     {% for history in histories %}
                       <tr class="odd">
-                        <td>{{ history.history.created_by }}</td>
-                        <td>{{ history.history.msg }}</td>
-                        <td>{{ history.history.created_on }}</td>
-                        <td width="6%">
-                          <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                            {{ history.detailed_msg | safe }}
-                            {% if history.change_set %}
-                              <div class="content">
-                                <div id="change_index_definition"></div>
-                                {% call applied_change_macro.applied_change_template(history.change_set) %}
-                                {% endcall %}
-                              </div>
-                            {% endif %}
-                          </div>
-                          <button type="button" class="btn btn-sm btn-primary history-info-button"
-                            {% if history.detailed_msg == "" and history.change_set is none %}
-                              style="visibility: hidden;"
-                            {% endif %} value="{{ loop.index0 }}">
-                            <i class="fa-solid fa-info-circle"></i>&nbsp;Info
-                          </button>
-                        </td>
+                          <td>{{ history.history.created_by }}</td>
+                          <td>{{ history.history.msg }}</td>
+                          <td>{{ history.history.created_on }}</td>
+                          <td width="6%">
+                            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+                                {{ history.detailed_msg | safe }}
+                                {% if history.change_set %}
+                                <div class="content">
+                                    <div id="change_index_definition"></div>
+                                    {% call applied_change_macro.applied_change_template(history.change_set) %}
+                                    {% endcall %}
+                                </div>
+                                {% endif %}
+                            </div>
+                            <button type="button" class="btn btn-flat btn-primary history-info-button"
+                                {% if history.detailed_msg == "" and history.change_set is none %}
+                                style="visibility: hidden;"
+                                {% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
+                            </button>
+                          </td>
                       </tr>
                     {% endfor %}
-                  </tbody>
-                </table>
-              </div>
+                    </tbody>
+                  </table>
+                </div>
             </div>
-          </div>
         </div>
+      </div>
       {% endif %}
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <div class="nav-tabs-custom">
-                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
-                  <li class="nav-item">
-                    <a class="nav-link active" href="#tab_{{custom_boxes.order[0]}}" data-toggle="pill" role="tab">
-                      Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
-                    </a>
-                  </li>
-                  {% for boxId in custom_boxes.order[1:] %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
-                  </li>
-                  {% endfor %}
-                </ul>
-              </div>
-            </div>
-            <div class="card-body">
-              <div class="tab-content">
-                {% for boxId in custom_boxes.order %}
-                <div class="tab-pane fade show" id='tab_{{boxId}}'>
-                  <div class="card-header">
-                    <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
-                    {% if show_bg_domain_button %}
-                    <button type="button" class="btn btn-primary refresh-bg-button float-right">
-                      <i class="fa-solid fa-sync"></i>
-                      &nbsp;Sync Domains
-                    </button>
-                    {% endif %}
-                  </div>
-                  <div class="card-body">
-                    <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
-                      <thead>
-                        <tr>
-                          <th>Name</th>
-                          <th>DNSSEC</th>
-                          <th>Type</th>
-                          <th>Serial</th>
-                          <th>Primary</th>
-                          <th>Account</th>
-                          <th>Actions</th>
-                        </tr>
-                      </thead>
-                      <tbody>
-                      </tbody>
-                    </table>
+
+<!--SYBPATCH START-->
+        <div class="nav-tabs-custom">
+            <ul class="nav nav-tabs">
+                <li class="active"><a href="#tab_{{custom_boxes.order[0]}}" data-toggle="tab">Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b></a></li>
+            {% for boxId in custom_boxes.order[1:] %}
+                <li><a href="#tab_{{boxId}}" data-toggle="tab">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></a></li>
+            {% endfor %}
+            </ul>
+            <div class="tab-content">
+            {% for boxId in custom_boxes.order %}
+              <div class="tab-pane" id='tab_{{boxId}}'>
+                  <div class="row">
+                    <div class="col-xs-12">
+                      <div class="box">
+                        <div class="box-header">
+                            <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>{% if show_bg_domain_button %}<button type="button" class="btn btn-flat btn-primary refresh-bg-button pull-right"><i class="fa fa-refresh"></i> Sync domains </button>{% endif %}
+                        </div>
+                        <div class="box-body">
+                          <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
+                            <thead>
+                            <tr>
+                              <th>Name</th>
+                              <th>DNSSEC</th>
+                              <th>Type</th>
+                              <th>Serial</th>
+                              <th>Master</th>
+                              <th>Account</th>
+                              <th {% if current_user.role.name not in ['Administrator','Operator'] %}width="6%"{% else %}width="25%"{% endif %}>Action</th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            </tbody>
+                          </table>
+                        </div>
+                      </div>
+                    </div>
                   </div>
-                </div>
-                {% endfor %}
               </div>
-            </div>
-          </div>
+            {% endfor %}
+            </div><!-- /.tab-content -->
+        </div><!-- custom tabs -->
+<!--SYBPATCH END-->
 
-        </div>
-      </div>
-    </div>
-  </section>
+    </section>
+    <!-- /.content -->
 {% endblock %}
-
 {% block extrascripts %}
 <script>
 //SYBPATCH START//
@@ -256,7 +230,7 @@ <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h
         "searching" : false,
         "ordering" : false,
         "info" : false,
-        "autoWidth" : true,
+        "autoWidth" : false,
         "columnDefs": [
             {
                 "render": function ( data, type, row ) {
@@ -307,112 +281,118 @@ <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h
     });
 
     {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
-      $(document.body).on("click", ".button_dnssec", function() {
+    $(document.body).on("click", ".button_dnssec", function() {
         var domain = $(this).prop('id');
         getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
-      });
+    });
 
-      $(document.body).on("click", ".button_dnssec_enable", function() {
+    $(document.body).on("click", ".button_dnssec_enable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
-      });
 
-      $(document.body).on("click", ".button_dnssec_disable", function() {
+    });
+
+    $(document.body).on("click", ".button_dnssec_disable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
-      });
+
+    });
     {% endif %}
 </script>
 {% endblock %}
-
 {% block modals %}
 <div class="modal fade" id="modal_history_info">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">History Details</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <div id="modal-info-content">
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">History Details</h4>
+            </div>
+            <div class="modal-body">
+              <div id="modal-info-content"></div>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-right"
+                    data-dismiss="modal">Close</button>
+            </div>
         </div>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
-
 <div class="modal fade modal-primary" id="modal_template">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Clone to template</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" id="button_close" data-dismiss="modal">
-          Close
-        </button>
-        <button type="button" class="btn btn-primary float-right" id="button_save">
-          Save
-        </button>
-      </div>
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Clone to template</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left"
+                    id="button_close" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
+            </div>
+        </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
-
+<!-- /.modal -->
 <div class="modal fade" id="modal_dnssec_info">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">DNSSEC</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">DNSSEC</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-right"
+                    data-dismiss="modal">Close</button>
+            </div>
+        </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
-
+<!-- /.modal -->
 <div class="modal fade" id="modal_bg_reload">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Sync Domains from backend</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <div id="modal_bg_reload_content">
-          <i class="fa fa-refresh fa-spin"></i> Update in progress ..
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Sync domains from nameserver</h4>
+            </div>
+            <div class="modal-body">
+
+                <div class="overlay">
+                  <div id="modal_bg_reload_content"><i class="fa fa-refresh fa-spin"></i> Update in progress ..</div>
+                </div>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-right"
+                    data-dismiss="modal">Close</button>
+            </div>
         </div>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index a7df38cde..4244c825e 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -4,9 +4,9 @@
 
 {% macro dnssec(domain) %}
   {% if domain.dnssec %}
-  <td><span style="cursor:pointer" class="badge badge-success button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock"></i>&nbsp;Enabled</span></td>
+  <td><span style="cursor:pointer" class="label label-success button_dnssec" id="{{ domain.name }}"><i class="fa fa-lock"></i>&nbsp;Enabled</span></td>
   {% else %}
-  <td><span style="cursor:pointer" class="badge badge-danger button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock-open"></i>&nbsp;Disabled</span></td>
+  <td><span style="cursor:pointer" class="label label-primary button_dnssec" id="{{ domain.name }}"><i class="fa fa-unlock-alt"></i>&nbsp;Disabled</span></td>
   {% endif %}
 {% endmacro %}
 
@@ -29,51 +29,31 @@
 {% endmacro %}
 
 {% macro actions(domain) %}
-<td width="6%">
-  <div class="dropdown">
-    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-      <i class="fa-solid fa-bars"></i>&nbsp;Actions
-    </button>
-    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-      {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
-          <i class="fa-solid fa-clone"></i>&nbsp;Clone to Template
-        </button>
-        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
-        </button>
-        <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Admin Settings
-        </button>
-        <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
-        </button>
-        <div class="dropdown-divider"></div>
-        <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
-          <font color="red">
-            <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
-          </font>
-        </button>
-       </div>
-      {% else %}
-        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
-        </button>
-        {% if allow_user_view_history %}
-          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-            <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
-          </button>
-        {% endif %}
-        {% if allow_user_remove_domain %}
-          <div class="dropdown-divider"></div>
-          <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
-            <font color="red">
-              <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
-            </font>
-          </button>
-        {% endif %}
-      {% endif %}  
-    </div>
-  </div>
-</td>
+  {% if current_user.role.name in ['Administrator', 'Operator'] %}
+    <td width="25%">
+      <button type="button" class="btn btn-flat btn-success button_template" id="{{ domain.name }}">
+        Template&nbsp;<i class="fa fa-clone"></i>
+      </button>
+      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+        Manage&nbsp;<i class="fa fa-cog"></i>
+      </button>
+      <button type="button" class="btn btn-flat btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+        Admin&nbsp;<i class="fa fa-cog"></i>
+      </button>
+      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
+      </button>
+    </td>
+    {% else %}
+    <td width="6%">
+      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+        Manage&nbsp;<i class="fa fa-cog"></i>
+      </button>
+      {% if allow_user_view_history %}
+      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
+      </button>
+      {% endif %}
+    </td>
+  {% endif %}  
 {% endmacro %}
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 4cd1c1544..f61696733 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -1,137 +1,133 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain: <b>{{ domain.name | pretty_domain_name }}</b>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain: {{ domain.name | pretty_domain_name }}</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<section class="content-header">
+    <h1>
+        Manage domain: <b>{{ domain.name | pretty_domain_name }}</b>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
+                class="fa fa-dashboard"></i> Home</a></li>
+        <li>Domain</li>
+        <li class="active">{{ domain.name | pretty_domain_name }}</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            {% if domain.type != 'Slave' %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_add_record" id="{{ domain.name }}">
-                <i class="fa-solid fa-plus"></i>
-                &nbsp;Add Record
-              </button>
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
-                <i class="fa-solid fa-save"></i>
-                &nbsp;Apply Changes
-              </button>
-            {% else %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_update_from_primary" id="{{ domain.name }}">
-                <i class="fa-solid fa-sync"></i>
-                &nbsp;Update from Primary
-              </button>
-            {% endif %}
-            {% if current_user.role.name in ['Administrator', 'Operator'] %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-                <i class="fa-solid fa-toolbox"></i>
-                &nbsp;Admin
-              </button>
-            {% endif %}
-            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary button_changelog" id="{{ domain.name }}">
-                <i class="fa-solid fa-history" aria-hidden="true"></i>
-                &nbsp;Changelog
-              </button>
-            {% endif %}
-          </div>
-          <div class="card-body">
-            <table id="tbl_records" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Type</th>
-                  <th>Status</th>
-                  <th>TTL</th>
-                  <th>Data</th>
-                  {% if domain.type != 'Slave' %}
-                    <th>Comment</th>
-                    <th>Edit</th>
-                    <th>Delete</th>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                      <th >Changelog</th>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-body">
+                    {% if domain.type != 'Slave' %}
+                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ domain.name }}">
+                        Add Record&nbsp;<i class="fa fa-plus"></i>
+                    </button>
+                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
+                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
+                    </button>
+                    {% else %}
+                    <button type="button" class="btn btn-flat btn-primary pull-left button_update_from_master" id="{{ domain.name }}">
+                        Update from Master&nbsp;<i class="fa fa-download"></i>
+                    </button>
+                    {% endif %}
+                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary pull-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+                        Admin&nbsp;<i class="fa fa-cog"></i>
+                      </button>
                     {% endif %}
-                  {% else %}
-                    <th>Invisible Sorting Column</th>
-                  {% endif %}
-                </tr>
-              </thead>
-              <tbody>
-                {% for record in records %}
-                  <tr class="odd row_record" id="{{ domain.name }}">
-                    <td>{{ (record.name,domain.name) | display_record_name | pretty_domain_name }}</td>
-                    <td>{{ record.type }}</td>
-                    <td>{{ record.status }}</td>
-                    <td>{{ record.ttl }}</td>
-                    <td>{{ record.data | pretty_domain_name }}</td>
-                    {% if domain.type != 'Secondary' %}
-                      <td>{{ record.comment }}</td>
-                      <td width="6%">
-                        {% if record.is_allowed_edit() %}
-                          <button type="button" class="btn btn-warning button_edit">
-                            <i class="fa-solid fa-edit"></i>
-                          </button>
-                        {% else %}
-                          <button type="button" class="btn btn-warning">
-                            <i class="fa-solid fa-exclamation-circle"></i>
-                          </button>
-                        {% endif %}
-                      </td>
-                      <td width="6%">
-                        {% if record.is_allowed_delete() %}
-                          <button type="button" class="btn btn-danger button_delete">
-                            <i class="fa-solid fa-trash"></i>
-                          </button>
-                        {% endif %}
-                      </td>
-                      {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                        <td width="6%">
-                          <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
-                            <i class="fa-solid fa-history" aria-hidden="true"></i>
-                          </button>
-                        </td>
-                      {% endif %}
+                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary button_changelog" id="{{ domain.name }}">
+                        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
+                    </i>
+                    </button>
                     {% endif %}
-                    <!-- hidden column that we can sort on -->
-                    <td>1</td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+                </div>
+                <div class="box-body">
+                    <table id="tbl_records" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Name</th>
+                                <th>Type</th>
+                                <th>Status</th>
+                                <th>TTL</th>
+                                <th>Data</th>
+                                <th>Comment</th>
+                                <th>Edit</th>
+                                <th>Delete</th>
+                                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                <th >Changelog</th>
+                                {% endif %}
+                                <th>Invisible Sorting Column</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                                {% for record in records %}
+                                <tr class="odd row_record" id="{{ domain.name }}">
+                                    <td>
+                                        {{ (record.name,domain.name) | display_record_name | pretty_domain_name }}
+                                    </td>
+                                    <td>
+                                        {{ record.type }}
+                                    </td>
+                                    <td>
+                                        {{ record.status }}
+                                    </td>
+                                    <td>
+                                        {{ record.ttl }}
+                                    </td>
+                                    <td>
+                                        {{ record.data | pretty_domain_name }}
+                                    </td>
+                                    <td>
+                                        {{ record.comment }}
+                                    </td>
+                                {% if domain.type != 'Slave' %}
+                                    <td width="6%">
+                                        {% if record.is_allowed_edit() %}
+                                            <button type="button" class="btn btn-flat btn-warning button_edit">Edit&nbsp;<i class="fa fa-edit"></i></button>
+                                        {% else %}
+                                            <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i></button>
+                                        {% endif %}
+                                    </td>
+                                    <td width="6%">
+                                        {% if record.is_allowed_delete() %}
+                                            <button type="button" class="btn btn-flat btn-danger button_delete">Delete&nbsp;<i class="fa fa-trash"></i></button>
+                                        {% endif %}
+                                    </td>
+                                {% else %}
+                                    <td width="6%">
+                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
+                                    </td>
+                                    <td width="6%">
+                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
+                                    </td>
+                                {% endif %}
+                                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                    <td width="6%">
+                                        <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;
+                                                            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;&nbsp;&nbsp;
+                                        </button>
+                                    </td>
+                                    {% endif %}
+                                    <!-- hidden column that we can sort on -->
+                                    <td>1</td>
+                                </tr>
+                                {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.box-body -->
+            </div>
+            <!-- /.box -->
         </div>
-      </div>
+        <!-- /.col -->
     </div>
-  </div>
+    <!-- /.row -->
 </section>
 {% endblock %}
-
 {% block extrascripts %}
 <script>
     // superglobals
@@ -173,14 +169,10 @@ <h1 class="m-0 text-dark">
                 // hidden column so that we can add new records on top
                 // regardless of whatever sorting is done. See orderFixed
                 visible: false,
-                {% if domain.type != 'Slave' %}
-                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                    targets: [ 9 ]
-                  {% else %}
-                    targets: [ 8 ]
-                  {% endif %}
+                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                targets: [ 9 ]
                 {% else %}
-                  targets: [ 5 ]
+                targets: [ 8 ]
                 {% endif %}
             },
             {
@@ -188,14 +180,10 @@ <h1 class="m-0 text-dark">
                 targets: [ 4, 5 ]
             }
         ],
-        {% if domain.type != 'Slave' %}
-          {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-            "orderFixed": [[9, 'asc']]
-          {% else %}
-            "orderFixed": [[8, 'asc']]
-          {% endif %}
+        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+        "orderFixed": [[9, 'asc']]
         {% else %}
-          "orderFixed": [[5, 'asc']]
+        "orderFixed": [[8, 'asc']]
         {% endif %}
     });
 
@@ -231,8 +219,7 @@ <h1 class="m-0 text-dark">
         });
     });
     // handle edit button and record click
-    {% if domain.type != 'Slave' %}
-      $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
+    $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
          e.stopPropagation();
          if ($(this).is('tr')) {
             var nRow = $(this)[0];
@@ -259,8 +246,7 @@ <h1 class="m-0 text-dark">
              editRow(table, nRow);
              nEditing = nRow;
          }
-      });
-    {% endif %}
+    });
 
     // handle apply changes button
     $(document.body).on("click",".button_apply_changes", function() {
@@ -298,9 +284,9 @@ <h1 class="m-0 text-dark">
             // add new row
             var default_type = records_allow_edit[0]
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
+	        var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
-              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
+            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             {% endif %}
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
@@ -331,8 +317,8 @@ <h1 class="m-0 text-dark">
             nNew = false;
         });
 
-    //handle update_from_primary button
-    $(document.body).on("click", ".button_update_from_primary", function (e) {
+    //handle update_from_master button
+    $(document.body).on("click", ".button_update_from_master", function (e) {
             var domain = $(this).prop('id');
             applyChanges({'domain': domain, '_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
     });
@@ -565,84 +551,74 @@ <h1 class="m-0 text-dark">
         }
     });
     {% endif %}
-
-    window.onload = function() {
-    document.getElementById("loading-spinner").style.display = "none";
-  }
-
 </script>
 {% endblock %}
-
 {% block modals %}
-  <div class="modal fade" id="modal_delete">
+<div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
+                    data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+            </div>
         </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary pull-left" id="button_delete_cancel" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">
-            <i class="fa-solid fa-trash"></i>&nbsp;Delete
-          </button>
-        </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
-
-  <div class="modal fade" id="modal_apply_changes">
+    <!-- /.modal-dialog -->
+</div>
+<div class="modal fade modal-primary" id="modal_apply_changes">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-success" id="button_apply_confirm">
-            <i class="fa-solid fa-save"></i>&nbsp;Apply Changes
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left"
+                    data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
-
-  <div class="modal fade bg-primary" id="modal_custom_record">
+    <!-- /.modal-dialog -->
+</div>
+<div class="modal fade modal-primary" id="modal_custom_record">
     <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Custom Record</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-success" id="button_save">
-            <i class="fa-solid fa-save"></i>&nbsp;Save
-          </button>
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Custom Record</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
+            </div>
         </div>
-      </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
+</div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 3f8525783..607730f5b 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -1,239 +1,221 @@
 {% extends "base.html" %}
-
 {% set active_page = "new_domain" %}
-
-{% block title %}
-  <title>
-    Add Domain - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Add Domain - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain
-            <small>New Domain</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain - New Domain</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Domain
+        <small>Create new</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
+        <li class="active">Add Domain</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Create new domain</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('domain.add') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <div class="form-group">
-                <input type="text" class="form-control" name="domain_name" id="domain_name" placeholder="Enter a valid domain name (required)">
-              </div>
-              {% if domain_override_toggle == True %}
-                <div class="form-group">
-                  <label>Domain Override Record</label>
-                  <input type="checkbox" id="domain_override" name="domain_override" class="checkbox">
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Create new domain</h3>
                 </div>
-              {% endif %}
-              <select name="accountid" class="form-control" style="width:15em;">
-                <option value="0">- No Account -</option>
-                {% for account in accounts %}
-                  <option value="{{ account.id }}">{{ account.name }}</option>
-                {% endfor %}
-              </select>
-              <br />
-              <div class="form-group">
-                <label>Type</label>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
-                    Native
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_primary" value="primary">
-                    Primary
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_secondary" value="secondary">
-                    Secondary
-                  </label>
-                </div>
-              </div>
-              <div class="form-group">
-                <label>Select a template</label>
-                <select class="form-control" id="domain_template" name="domain_template">
-                  <option value="0">No template</option>
-                  {% for template in templates %}
-                    <option value="{{ template.id }}">{{ template.name }}</option>
-                  {% endfor %}
-                </select>
-              </div>
-              <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                <input type="text" class="form-control" name="domain_primary_address" id="domain_primary_address" placeholder="Enter valid Primary Server IP addresses (separated by commas)">
-              </div>
-              <div class="form-group">
-                <label>SOA-EDIT-API</label>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default" value="DEFAULT" checked>
-                    DEFAULT
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase" value="INCREASE">
-                    INCREASE
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
-                    EPOCH
-                  </label>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post" action="{{ url_for('domain.add') }}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="box-body">
+                        <div class="form-group">
+                            <input type="text" class="form-control" name="domain_name" id="domain_name"
+                                placeholder="Enter a valid domain name (required)">
+                        </div>
+                        {% if domain_override_toggle == True %}
+                        <div class="form-group">
+                            <label>Domain Override Record</label>
+                            <input type="checkbox" id="domain_override" name="domain_override"
+                                class="checkbox">
+                        </div>
+                        {% endif %}
+                        <select name="accountid" class="form-control" style="width:15em;">
+                            <option value="0">- No Account -</option>
+                            {% for account in accounts %}
+                            <option value="{{ account.id }}">{{ account.name }}</option>
+                            {% endfor %}
+                        </select><br />
+                        <div class="form-group">
+                            <label>Type</label>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
+                                    Native
+                                </label>
+                                &nbsp;&nbsp;&nbsp;
+                                <label>
+                                    <input type="radio" name="radio_type" id="radio_type_master" value="master"> Master
+                                </label>
+                                &nbsp;&nbsp;&nbsp;
+                                <label>
+                                    <input type="radio" name="radio_type" id="radio_type_slave" value="slave">Slave
+                                </label>
+                            </div>
+                        </div>
+                        <div class="form-group">
+                            <label>Select a template</label>
+                            <select class="form-control" id="domain_template" name="domain_template">
+                                <option value="0">No template</option>
+                                {% for template in templates %}
+                                <option value="{{ template.id }}">{{ template.name }}</option>
+                                {% endfor %}
+                            </select>
+                        </div>
+                        <div class="form-group" style="display: none;" id="domain_master_address_div">
+                            <input type="text" class="form-control" name="domain_master_address"
+                                id="domain_master_address"
+                                placeholder="Enter valid master ip addresses (separated by commas)">
+                        </div>
+                        <div class="form-group">
+                            <label>SOA-EDIT-API</label>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default"
+                                        value="DEFAULT" checked> DEFAULT
+                                </label>
+                            </div>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase"
+                                        value="INCREASE"> INCREASE
+                                </label>
+                            </div>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
+                                    EPOCH
+                                </label>
+                            </div>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+                    <!-- /.box-body -->
+
+                    <div class="box-footer">
+                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
+                        <button type="button" class="btn btn-flat btn-default"
+                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
+                    </div>
+                </form>
+            </div>
+            <!-- /.box -->
+        </div>
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help with creating a new domain</h3>
                 </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
-                  </label>
+                <div class="box-body">
+                    <dl class="dl-horizontal">
+                        <dt>Domain name</dt>
+                        <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
+                            enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
+                            delegate sub-domain management to specific users.</dd>
+                        <dt>Type</dt>
+                        <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                            <ul>
+                                <li>
+                                    Native - PowerDNS will not perform any replication. Use this if you only have one
+                                    PowerDNS server or you handle replication via your backend.
+                                </li>
+                                <li>
+                                    Master - This PowerDNS server will serve as the master and will send zone transfers
+                                    (AXFRs) to other servers configured as slaves.
+                                </li>
+                                <li>
+                                    Slave - This PowerDNS server will serve as the slave and will request and receive
+                                    zone transfers (AXFRs) from other servers configured as masters.
+                                </li>
+                            </ul>
+                        </dd>
+                        <dt>SOA-EDIT-API</dt>
+                        <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
+                            made to the domain.
+                            <ul>
+                                <li>
+                                    DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
+                                    the generated serial, use the generated serial. If the current serial is higher or
+                                    equal to the generated serial, increase the current serial by 1.
+                                </li>
+                                <li>
+                                    INCREASE - Increase the current serial by 1.
+                                </li>
+                                <li>
+                                    EPOCH - Change the serial to the number of seconds since the EPOCH, aka unixtime.
+                                </li>
+                                <li>
+                                    OFF - Disable automatic updates of the SOA serial.
+                                </li>
+                            </ul>
+                        </dd>
+                    </dl>
+                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
+                    </p>
                 </div>
-              </div>
-            </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Create
-              </button>
             </div>
-          </form>
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new domain</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Domain name</dt>
-                <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
-                    enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
-                    delegate sub-domain management to specific users.
-                </dd>
-              <dt>Type</dt>
-                <dd>The type decides how the domain will be replicated across multiple DNS servers.
-                  <ul>
-                    <li>
-                      <b>Native - </b>{{ SITE_NAME }} will not perform any Primary or Secondary zone functions.
-                    </li>
-                    <li>
-                      <b>Primary - </b>{{ SITE_NAME }} will serve as the Primary and will send zone transfers
-                      (AXFRs) to other servers configured as secondaries.
-                    </li>
-                    <li>
-                      <b>Secondary - </b>{{ SITE_NAME }} will serve as the Secondary and will request and receive
-                      zone transfers (AXFRs) from other servers configured as Primaries.
-                    </li>
-                  </ul>
-                </dd>
-                <dt>SOA-EDIT-API</dt>
-                  <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
-                      made to the domain.
-                    <ul>
-                      <li>
-                        <b>DEFAULT - </b>Generate a soa serial of YYYYMMDD01. If the current serial is lower than
-                          the generated serial, use the generated serial. If the current serial is higher or
-                          equal to the generated serial, increase the current serial by 1.
-                      </li>
-                      <li>
-                        <b>INCREASE - </b>Increase the current serial by 1.
-                      </li>
-                      <li>
-                        <b>EPOCH - </b>Change the serial to the number of seconds since the EPOCH, aka unixtime.
-                      </li>
-                      <li>
-                        <b>OFF - </b>Disable automatic updates of the SOA serial.
-                      </li>
-                    </ul>
-                  </dd>
-                </dl>
-                <p>
-                  Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                </p>
-              </div>
-            </div>
-          </div>
-      </div>
     </div>
 </section>
-
 {% endblock %}
-
 {% block extrascripts %}
-  <script>
+<script>
     $("input[name=radio_type]").change(function () {
-      var type = $(this).val();
-      if (type == "secondary") {
-        $("#domain_primary_address_div").show();
-      } else {
-        $("#domain_primary_address_div").hide();
-      }
+        var type = $(this).val();
+        if (type == "slave") {
+            $("#domain_master_address_div").show();
+        } else {
+            $("#domain_master_address_div").hide();
+        }
     });
-  </script>
+</script>
 {% endblock %}
-
 {% block modals %}
-  <script>
-    {% if domain_override_message %}
-      $(document.body).ready(function () {
-          var modal = $("#modal_warning");
-          var info = "{{ domain_override_message }}";
-          modal.find('.modal-body p').text(info);
-          modal.modal('show');
-      });
-    {% endif %}
-  </script>
-
-  <div class="modal fade" id="modal_warning">
-    <div class="modal-dialog">
+<script>
+{% if domain_override_message %}
+    $(document.body).ready(function () {
+        var modal = $("#modal_warning");
+        var info = "{{ domain_override_message }}";
+        modal.find('.modal-body p').text(info);
+        modal.modal('show');
+    });
+{% endif %}
+</script>
+</div>
+<div class="modal fade" id="modal_warning">
+  <div class="modal-dialog">
       <div class="modal-content modal-sm">
-        <div class="modal-header alert-danger">
-          <h4 class="modal-title">
-            WARNING
-          </h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
-            CLOSE
-          </button>
-        </div>
+          <div class="modal-header alert-danger">
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+                  <span aria-hidden="true">&times;</span>
+              </button>
+              <h4 class="modal-title">WARNING</h4>
+          </div>
+          <div class="modal-body">
+              <p></p>
+          </div>
+          <div class="modal-footer">
+              <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
+                  CLOSE</button>
+          </div>
       </div>
-    </div>
+      <!-- /.modal-content -->
   </div>
-{% endblock %}
\ No newline at end of file
+  <!-- /.modal-dialog -->
+</div>
+{% endblock %}
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 6fdea69bb..a6b530a44 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -1,85 +1,73 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          {% if record_name and record_type %}
-          Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
-          {% else %}
-          Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
-          {% endif %}
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          <li class="breadcrumb-item active">Changelog: {{ domain.name | pretty_domain_name }}</li>
-        </ol>
-      </div>
-    </div>
-  </div>
-</div>
+<section class="content-header">
+    <h1>
+        {% if record_name and record_type %}
+        Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
+        {% else %}
+        Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
+        {% endif %}
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li>Domain</li>
+        <li class="active">{{ domain.name | pretty_domain_name }}</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-body">
-            <button type="button" class="btn btn-primary float-left button_show_records" id="{{ domain.name }}">
-              <i class="fa-solid fa-arrow-left"></i>          
-              &nbsp;Manage Domain {{ domain.name }}
-            </button>
-          </div>
-          <div class="card-body">
-            <table id="tbl_changelog" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Changed on</th>
-                  <th>Changed by</th>
-                </tr>
-              </thead>
-              <tbody>
-                {% for applied_change in allHistoryChanges %}
-                  <tr class="odd row_record" id="{{ domain.name }}">
-                    <td id="changed_on" class="changed_on">
-                      {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
-                    </td>
-                    <td>
-                      {{allHistoryChanges[applied_change][0].history_entry.created_by }}
-                    </td>
-                  </tr>
-                  <!-- Nested Table -->
-                  <tr style='visibility:collapse'>
-                    <td colspan="2">
-                      <div class="content">
-                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
-                        {% endcall %}
-                      </div>
-                    </td>
-                  </tr>
-                  <!-- end nested table -->
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-body">
+                    <button type="button" class="btn btn-flat btn-primary pull-left button_show_records"
+                        id="{{ domain.name }}">
+                        Manage &nbsp;<i class="fa fa-arrow-left"></i>
+                    </button>
+                </div>
+                <div class="box-body">
+
+                    <table id="tbl_changelog" class="table table-bordered table-striped">
+                        <thead>
+                            <tr>
+                                <th>Changed on</th>
+                                <th>Changed by</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {% for applied_change in allHistoryChanges %}
+
+                            <tr class="odd row_record" id="{{ domain.name }}">
+                                <td id="changed_on" class="changed_on">
+                                    {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
+                                </td>
+                                <td>
+                                    {{allHistoryChanges[applied_change][0].history_entry.created_by }}
+                                </td>
+                            </tr>
+                            <!-- Nested Table -->
+                            <tr style='visibility:collapse'>
+                                <td colspan="2">
+                                    <div class="content">
+                                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
+                                        {% endcall %}
+                                    </div>
+                                </td>
+                            </tr>
+                            <!-- end nested table -->
+                            {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
 
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index a2da906ac..6ac540102 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -1,137 +1,127 @@
 {% extends "base.html" %}
-
 {% set active_page = "remove_domain" %}
-
-{% block title %}
-  <title>
-    Remove Domain - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Remove Domain - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain
-            <small>Remove</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain - Remove Domain</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Domain
+        <small>Remove existing</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
+        <li class="active">Remove Domain</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Remove Domain</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('domain.remove') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <select id=domainid class="form-control" style="width:15em;">
-                <option value="0">- Select Domain -</option>
-                {% for domain in domainss %}
-                  <option value="{{ domain.id }}">{{ domain.name }}</option>
-                {% endfor %}
-              </select>
-              <br />
-            </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-              </button>
-              <button type="button" class="btn btn-danger button_delete float-right">
-                <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
-              </button>
+        <div class="col-md-4">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Remove domain</h3>
+                </div>
+                <!-- /.box-header -->
+                <!-- form start -->
+                <form role="form" method="post" action="{{ url_for('domain.remove') }}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="box-body">
+                        <select id=domainid class="form-control" style="width:15em;">
+                            <option value="0">- Select Domain -</option>
+                            {% for domain in domainss %}
+                            <option value="{{ domain.id }}">{{ domain.name }}</option>
+                            {% endfor %}
+                        </select><br />
+
+                    </div>
+                    <!-- /.box-body -->
+
+                    <div class="box-footer">
+                        <button type="button" class="btn btn-flat btn-danger button_delete">Remove</button>
+                        <button type="button" class="btn btn-flat btn-default"
+                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
+                    </div>
+                </form>
             </div>
-          </form>
+            <!-- /.box -->
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with removing a domain</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Domain Name</dt>
-              <dd>Select the domain you wish to remove from the system.</dd>
-            </dl>
-            <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a></p>
-          </div>
+        <div class="col-md-8">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Help with removing a new domain</h3>
+                </div>
+                <div class="box-body">
+                    <dl class="dl-horizontal">
+                        <dt>Domain name</dt>
+                        <dd>Select domain you wish to remove from DNS.</dd>
+                    </dl>
+                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
+                    </p>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
-
 {% block extrascripts %}
 <script>
-  // handle delete button
-  $(document.body).on("click", ".button_delete", function(e) {
-    e.stopPropagation();
-    if ( $("#domainid").val() == 0 ){
-      showErrorModal("Please select domain to remove.");
-      return;
-    }
+    // handle delete button
+    $(document.body).on("click", ".button_delete", function(e) {
+        e.stopPropagation();
+        if ( $("#domainid").val() == 0 ){
+            showErrorModal("Please select domain to remove.");
+            return;
+        }
+
+
+        var modal = $("#modal_delete");
+        var domain = $("#domainid option:selected").text(); 
+        var info = "Are you sure you want to delete " + domain + "?";
+        modal.find('.modal-body p').text(info);
+        modal.find('#button_delete_confirm').click(function () {
+            $.post($SCRIPT_ROOT + '/domain/remove' , {
+                '_csrf_token': '{{ csrf_token() }}',
+                'domainid': domain,
+            }, function () {
+                window.location.href = '{{ url_for('dashboard.dashboard') }}';
+            });
+            modal.modal('hide');
+        })
+       modal.modal('show');
 
-    var modal = $("#modal_delete");
-    var domain = $("#domainid option:selected").text(); 
-    var info = "Are you sure you want to delete " + domain + "?";
-    modal.find('.modal-body p').text(info);
-    modal.find('#button_delete_confirm').click(function () {
-      $.post($SCRIPT_ROOT + '/domain/remove' , {
-        '_csrf_token': '{{ csrf_token() }}',
-        'domainid': domain,
-        }, function () {
-        window.location.href = '{{ url_for('dashboard.dashboard') }}';
-      });
-      modal.modal('hide');
-    })
-    modal.modal('show');
-    $("#button_delete_cancel").unbind().one('click', function(e) {
-      modal.modal('hide');
+        $("#button_delete_cancel").unbind().one('click', function(e) {
+            modal.modal('hide');
+        });
     });
-  });
 </script>
 {% endblock %}
 
 {% block modals %}
 <div class="modal fade modal-warning" id="modal_delete">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Confirmation</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary" id="button_delete_cancel" data-dismiss="modal">
-          <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-        </button>
-        <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
-          <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
-        </button>
-      </div>
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal"
+                    aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
+                </button>
+                <h4 class="modal-title">Confirmation</h4>
+            </div>
+            <div class="modal-body">
+                <p></p>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
+                    data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+            </div>
+        </div>
+        <!-- /.modal-content -->
     </div>
-  </div>
+    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 1d68388d6..91358c89f 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -1,66 +1,46 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    Domain Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Domain Management - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-
 {% if status %}
-  {% if status.get('status') == 'ok' %}
-    <div class="alert alert-success">
-      <strong>Success!</strong> {{ status.get('msg') }}
-    </div>
-  {% elif status.get('status') == 'error' %}
-    <div class="alert alert-danger">
-      {% if status.get('msg') != None %}
-        <strong>Error!</strong>
-        {{ status.get('msg') }}
-      {% else %}
-        <strong>Error!</strong>
-        An undefined error occurred.
-      {% endif %}
-    </div>
-  {% endif %}
-{% endif %}
-
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Domain Settings
-          <small>{{ domain.name | pretty_domain_name }}</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          <li class="breadcrumb-item active">Domain Settings: {{ domain.name | pretty_domain_name }}</li>
-        </ol>
-      </div>
-    </div>
-  </div>
+{% if status.get('status') == 'ok' %}
+<div class="alert alert-success">
+    <strong>Success!</strong> {{ status.get('msg') }}
 </div>
-
+{% elif status.get('status') == 'error' %}
+<div class="alert alert-danger">
+    {% if status.get('msg') != None %}
+    <strong>Error!</strong> {{ status.get('msg') }}
+    {% else %}
+    <strong>Error!</strong> An undefined error occurred.
+    {% endif %}
+</div>
+{% endif %}
+{% endif %}
+<section class="content-header">
+    <h1>
+        Manage domain <small>{{ domain.name | pretty_domain_name }}</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
+        <li class="active">Domain Management</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-    <div class="container-fluid">
     <div class="row">
-        <div class="col-12">
-            <div class="card">
+        <div class="col-xs-12">
+            <div class="box">
                 <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="card-header">
-                        <h3 class="card-title">Domain Access Control</h3>
+                    <div class="box-header">
+                        <h3 class="box-title">Domain Access Control</h3>
                     </div>
-                    <div class="card-body">
+                    <div class="box-body">
                         <div class="row">
-                            <div class="col-2">
+                            <div class="col-xs-2">
                                 <p>Users on the right have access to manage the records in
                                     the {{ domain.name | pretty_domain_name }} domain.</p>
                                 <p>Click on users to move from between columns.</p>
@@ -69,7 +49,7 @@ <h3 class="card-title">Domain Access Control</h3>
                                     and already have access to <b>ALL</b> domains.
                                 </p>
                             </div>
-                            <div class="form-group col-2">
+                            <div class="form-group col-xs-2">
                                 <select multiple="multiple" class="form-control" id="domain_multi_user"
                                     name="domain_multi_user[]">
                                     {% for user in users %}
@@ -80,13 +60,11 @@ <h3 class="card-title">Domain Access Control</h3>
                                 </select>
                             </div>
                         </div>
-                        <div class="card-body">
-                            <div class="col-offset-2">
+                        <div class="box-body">
+                            <div class="col-xs-offset-2">
                                 <div class="form-group">
-                                    <button type="submit" class="btn btn-primary">
-                                      <i class="fa-solid fa-check"></i>
-                                      Save
-                                    </button>
+                                    <button type="submit" class="btn btn-flat btn-primary"><i class="fa fa-check"></i>
+                                        Save</button>
                                 </div>
                             </div>
                         </div>
@@ -96,13 +74,13 @@ <h3 class="card-title">Domain Access Control</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Account</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Account</h3>
                 </div>
-                <div class="card-body">
-                    <div class="col-12">
+                <div class="box-body">
+                    <div class="col-xs-12">
                         <div class="form-group">
                             <form method="post"
                                 action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
@@ -116,7 +94,7 @@ <h3 class="card-title">Account</h3>
                                     {% endfor %}
                                 </select><br />
                                 <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
-                                    <i class="fa-solid fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
+                                    <i class="fa fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
                                 </button>
                             </form>
                         </div>
@@ -126,12 +104,12 @@ <h3 class="card-title">Account</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Auto PTR creation</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Auto PTR creation</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="auto_ptr_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked{% endif %}{% endfor %}
                             {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
@@ -145,12 +123,12 @@ <h3 class="card-title">Auto PTR creation</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">DynDNS 2 Settings</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">DynDNS 2 Settings</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="dyndns_on_demand_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked{% endif %}{% endfor %}>
                         &nbsp;Allow on-demand creation of records via DynDNS updates?</p>
@@ -159,12 +137,12 @@ <h3 class="card-title">DynDNS 2 Settings</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Change Type</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Change Type</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
                     <ul>
                         <li>
@@ -172,12 +150,12 @@ <h3 class="card-title">Change Type</h3>
                             PowerDNS server or you handle replication via your backend.
                         </li>
                         <li>
-                            Primary - This PowerDNS server will serve as the primary and will send zone transfers
-                            (AXFRs) to other servers configured as secondaries.
+                            Master - This PowerDNS server will serve as the master and will send zone transfers
+                            (AXFRs) to other servers configured as slaves.
                         </li>
                         <li>
-                            Secondary - This PowerDNS server will serve as the secondaries and will request and receive
-                            zone transfers (AXFRs) from other servers configured as primaries.
+                            Slave - This PowerDNS server will serve as the slave and will request and receive
+                            zone transfers (AXFRs) from other servers configured as masters.
                         </li>
                     </ul>
                     <b>New Domain Type Setting:</b>
@@ -186,16 +164,16 @@ <h3 class="card-title">Change Type</h3>
                         <select name="domain_type" class="form-control" style="width:15em;">
                             <option selected value="0">- Unchanged -</option>
                             <option value="native">Native</option>
-                            <option value="priamry">Primary</option>
-                            <option value="secondary">Secondary</option>
+                            <option value="master">Master</option>
+                            <option value="slave">Slave</option>
                         </select><br />
-                        <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                            <input type="text" class="form-control" name="domain_primary_address"
-                                id="domain_primary_address"
-                                placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+                        <div class="form-group" style="display: none;" id="domain_master_address_div">
+                            <input type="text" class="form-control" name="domain_master_address"
+                                id="domain_master_address"
+                                placeholder="Enter valid master ip addresses (separated by commas)">
                         </div>
-                        <button type="submit" class="btn btn-primary" id="change_type">
-                            <i class="fa-solid fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
+                        <button type="submit" class="btn btn-flat btn-primary" id="change_type">
+                            <i class="fa fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -203,12 +181,12 @@ <h3 class="card-title">Change Type</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Change SOA-EDIT-API</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Change SOA-EDIT-API</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is made
                         to the domain.</p>
                     <ul>
@@ -237,8 +215,8 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                             <option>EPOCH</option>
                             <option>OFF</option>
                         </select><br />
-                        <button type="submit" class="btn btn-primary" id="change_soa_edit_api">
-                            <i class="fa-solid fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
+                        <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
+                            <i class="fa fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -246,24 +224,23 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Domain Deletion</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Domain Deletion</h3>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All records and
                         user privileges associated with this domain will also be removed. This change cannot be
                         reverted.</p>
-                    <button type="button" class="btn btn-danger float-left delete_domain"
+                    <button type="button" class="btn btn-flat btn-danger pull-left delete_domain"
                         id="{{ domain.name }}">
-                        <i class="fa-solid fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
+                        <i class="fa fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
                     </button>
                 </div>
             </div>
         </div>
     </div>
-    </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -359,37 +336,39 @@ <h3 class="card-title">Domain Deletion</h3>
         modal.modal('show');
     });
 
-    // domain primary address input handeling
+    // domain master address input handeling
     $("select[name=domain_type]").change(function () {
         var type = $(this).val();
-        if (type == "secondary") {
-            $("#domain_primary_address_div").show();
+        if (type == "slave") {
+            $("#domain_master_address_div").show();
         } else {
-            $("#domain_primary_address_div").hide();
+            $("#domain_master_address_div").hide();
         }
     });
 
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade" id="modal_delete_domain">
+<div class="modal fade modal-warning" id="modal_delete_domain">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                  <span aria-hidden="true">&times;</span>
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                    <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">
                     Delete</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index b6ea84c7f..ec53684de 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -1,52 +1,41 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    400 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>PowerDNS-Admin - 400 Error</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            400
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">400 Error</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        400
+        <small>Error</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li>400</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
+<!-- Main content -->
+<section class="content">
     <div class="error-page">
-      <h2 class="headline text-yellow">
-        400
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
-          Oops! Bad request
-        </h3>
-        <p>
-          {% if msg %}
-            {{ msg }}
-          {% else %}
-            The server refused to process your request and return a 400 error.
-          {% endif %}
-          <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
+        <h2 class="headline text-yellow">400</h2>
+        <div class="error-content">
+            <h3>
+                <i class="fa fa-warning text-yellow"></i> Oops! Bad request
+            </h3>
+            <p>
+                {% if msg %}
+                  {{ msg }}
+                {% else %}
+                  The server refused to process your request and return a 400 error.
+                {% endif %}
+                <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+            </p>
+        </div>
+        <!-- /.error-content -->
     </div>
-  </section>
-{% endblock %}
\ No newline at end of file
+    <!-- /.error-page -->
+</section>
+<!-- /.content -->
+{% endblock %}
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index 44c75277f..ffe96bf53 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -1,48 +1,37 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    403 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>PowerDNS-Admin - 403 Error</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            403
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">403 Error</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        403
+        <small>Error</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li>403</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
+<!-- Main content -->
+<section class="content">
     <div class="error-page">
-      <h2 class="headline text-yellow">
-        403
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
-          Oops! Access denied
-        </h3>
-        <p>
-          You don't have permission to access this page
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
+        <h2 class="headline text-yellow">403</h2>
+        <div class="error-content">
+            <h3>
+                <i class="fa fa-warning text-yellow"></i> Oops! Access denied
+            </h3>
+            <p>
+                You don't have permission to access this page
+                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+            </p>
+        </div>
+        <!-- /.error-content -->
     </div>
-  </section>
-{% endblock %}
\ No newline at end of file
+    <!-- /.error-page -->
+</section>
+<!-- /.content -->
+{% endblock %}
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 70040a524..a93c73133 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -1,48 +1,37 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    404 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>PowerDNS-Admin - 404 Error</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            404
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">404 Error</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        404
+        <small>Error</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li>404</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
+<!-- Main content -->
+<section class="content">
     <div class="error-page">
-      <h2 class="headline text-yellow">
-        404
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
-          Oops! You're lost
-        </h3>
-        <p>
-          The page you requested could not be found.
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
+        <h2 class="headline text-yellow">404</h2>
+        <div class="error-content">
+            <h3>
+                <i class="fa fa-warning text-yellow"></i> Oops! You're lost
+            </h3>
+            <p>
+                The page you requested could not be found.
+                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+            </p>
+        </div>
+        <!-- /.error-content -->
     </div>
-  </section>
-{% endblock %}
\ No newline at end of file
+    <!-- /.error-page -->
+</section>
+<!-- /.content -->
+{% endblock %}
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index c92c104dd..d223b0b48 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -1,48 +1,37 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    500 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>PowerDNS-Admin - 500 Error</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            500
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">500 Error</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        500
+        <small>Error</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li>500</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
+<!-- Main content -->
+<section class="content">
     <div class="error-page">
-      <h2 class="headline text-yellow">
-        500
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
-          Oops! Something went wrong
-        </h3>
-        <p>
-          Try again later.
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
+        <h2 class="headline text-yellow">500</h2>
+        <div class="error-content">
+            <h3>
+                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
+            </h3>
+            <p>
+                Try again later.
+                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+            </p>
+        </div>
+        <!-- /.error-content -->
     </div>
-  </section>
-{% endblock %}
\ No newline at end of file
+    <!-- /.error-page -->
+</section>
+<!-- /.content -->
+{% endblock %}
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index a88c388ac..2cfacbd82 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -1,61 +1,45 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    SAML Authentication Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>PowerDNS-Admin - SAML Authentication Error</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            SAML
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">SAML Authentication Error</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+    <!-- Content Header (Page header) -->
+    <section class="content-header">
+      <h1>
+        SAML
+        <small>Error</small>
+      </h1>
+      <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li>SAML</li>
+      </ol>
+    </section>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
+<!-- Main content -->
+<section class="content">
     <div class="error-page">
-      <div>
-        <h1 class="headline text-yellow" style="font-size:46px;">
-          SAML Authentication Error
-        </h1>
-      </div>
-      <br/>
-      <br/>
-      <div class="error-content">
-        <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
-          Oops! Something went wrong
-        </h3>
-        <br>
-        <p>
-          Login failed.
-          <br>
-          Error(s) when processing SAML Response:
-          <br>
-          <ul>
-            {% for error in errors %}
-              <li>{{ error }}</li>
-            {% endfor %}
-          </ul>
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
+        <div>
+        <h1 class="headline text-yellow" style="font-size:46px;">SAML Authentication Error</h1></div><br/><br/>
+        <div class="error-content">
+            <h3>
+                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
+            </h3><br>
+            <p>
+                Login failed.<br>
+                Error(s) when processing SAML Response:<br>
+                <ul>
+                    {% for error in errors %}
+                    <li>{{ error }}</li>
+                    {% endfor %}
+                </ul>
+
+                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+            </p>
+        </div>
+        <!-- /.error-content -->
     </div>
-  </section>
-{% endblock %}
\ No newline at end of file
+    <!-- /.error-page -->
+</section>
+<!-- /.content -->
+{% endblock %}
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index f7ef1589c..0c1470131 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -1,170 +1,165 @@
 <!DOCTYPE html>
 <html>
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <title>Log In - {{ SITE_NAME }}</title>
-    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-    <!-- Tell the browser to be responsive to screen width -->
-    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-    <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
-    {% assets "css_login" -%}
-      <link rel="stylesheet" href="{{ ASSET_URL }}">
-    {%- endassets %}
-    {% if SETTING.get('custom_css') %}
-      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-    {% endif %}
-  </head>
-  <body class="hold-transition login-page">
-    <div class="login-box">
-      <div class="card card-outline card-primary">
-        <div class="card-header text-center">
-          <a href="{{ url_for('index.index') }}" class="h3">
-            {% if SETTING.get('site_name') %}
-              {{ SITE_NAME }}
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <title>Log In - {{ SITE_NAME }}</title>
+  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+  <!-- Tell the browser to be responsive to screen width -->
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+  <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
+  {% assets "css_login" -%}
+  <link rel="stylesheet" href="{{ ASSET_URL }}">
+  {%- endassets %}
+{% if SETTING.get('custom_css') %}
+  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+{% endif %}
+</head>
+
+<body class="hold-transition login-page">
+  <div class="login-box">
+    <div class="login-logo">
+      <a href="{{ url_for('index.index') }}">
+        {% if SETTING.get('site_name') %}
+          <b>{{ SITE_NAME }}</b>
+        {% else %}
+          <b>PowerDNS</b>-Admin
+        {% endif %}
+      </a>
+    </div>
+    <!-- /.login-logo -->
+    <div class="login-box-body">
+      {% if error %}
+      <div class="alert alert-danger alert-dismissible">
+        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+        {{ error }}
+      </div>
+      {% endif %}
+      {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+      <form action="" method="post" data-toggle="validator">
+        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+        <div class="form-group">
+          <input type="text" class="form-control" placeholder="Username" name="username"
+            data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
+          <span class="help-block with-errors"></span>
+        </div>
+        <div class="form-group">
+          <input type="password" class="form-control" placeholder="Password" name="password"
+            data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
+          <span class="help-block with-errors"></span>
+        </div>
+        {% if SETTING.get('otp_field_enabled') %}
+        <div class="form-group">
+          <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
+        </div>
+        {% endif %}
+        {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
+        <div class="form-group">
+          <select class="form-control" name="auth_method">
+            <option value="LOCAL">LOCAL Authentication</option>
+            {% if SETTING.get('login_ldap_first') %}
+            <option value="LDAP" selected="selected">LDAP Authentication</option>
             {% else %}
-              <b>PowerDNS</b>-Admin
+            <option value="LDAP">LDAP Authentication</option>
             {% endif %}
-          </a>
+          </select>
         </div>
-        <div class="card-body login-card-body">
-          {% if error %}
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              {{ error }}
-            </div>
-          {% endif %}
-          {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-            <form action="" method="post" data-toggle="validator">
-              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-              <div class="form-group">
-                <input type="text" class="form-control" placeholder="Username" name="username" data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
-                <span class="help-block with-errors"></span>
-              </div>
-              <div class="form-group">
-                <input type="password" class="form-control" placeholder="Password" name="password" data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
-                <span class="help-block with-errors"></span>
-              </div>
-              {% if SETTING.get('otp_field_enabled') %}
-                <div class="form-group">
-                  <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
-                </div>
-              {% endif %}
-              {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
-                <div class="form-group">
-                  <select class="form-control" name="auth_method">
-                    <option value="LOCAL">
-                      LOCAL Authentication
-                    </option>
-                    {% if SETTING.get('login_ldap_first') %}
-                      <option value="LDAP" selected="selected">
-                        LDAP Authentication
-                      </option>
-                    {% else %}
-                      <option value="LDAP">
-                        LDAP Authentication
-                      </option>
-                    {% endif %}
-                  </select>
-                </div>
-              {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LDAP">
-                </div>
-              {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LOCAL">
-                </div>
-              {% else %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LOCAL">
-                </div>
-              {% endif %}
-              <div class="row">
-                <div class="col-8">
-                  <div class="icheck-primary">
-                    <input type="checkbox" id="remember">
-                    <label for="remember">
-                      Remember Me
-                    </label>
-                  </div>
-                </div>
-                <div class="col-4">
-                  <button type="submit" class="btn btn-primary btn-block">Sign In</button>
-                </div>
-              </div>
-            </form>
-          {% endif %}
-          {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
-            <div class="social-auth-links text-center">
-              {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-                <p>- OR -</p>
-              {% endif %}
-              {% if SETTING.get('oidc_oauth_enabled') %}
-                <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat">
-                  <i class="fa-brands fa-openid"></i>
-                  Sign in using OpenID Connect
-                </a>
-              {% endif %}
-              {% if SETTING.get('github_oauth_enabled') %}
-                <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat">
-                  <i class="fa-brands fa-github"></i>
-                  Sign in using Github
-                </a>
-              {% endif %}
-              {% if SETTING.get('google_oauth_enabled') %}
-                <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat">
-                  <i class="fa-brands fa-google"></i>
-                  Sign in using Google
-                </a>
-              {% endif %}
-              {% if SETTING.get('azure_oauth_enabled') %}
-                <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat">
-                  <i class="fa-brands fa-windows"></i>
-                  Sign in using Microsoft Azure
-                </a>
-              {% endif %}
+        {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
+        <div class="form-group">
+          <input type="hidden" name="auth_method" value="LDAP">
+        </div>
+        {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
+        <div class="form-group">
+          <input type="hidden" name="auth_method" value="LOCAL">
+        </div>
+        {% else %}
+        <div class="form-group">
+          <input type="hidden" name="auth_method" value="LOCAL">
+        </div>
+        {% endif %}
+
+        <div class="row">
+          <div class="col-xs-8">
+            <div class="checkbox icheck">
+              <label>
+                <input type="checkbox" name="remember"> Remember Me
+              </label>
             </div>
-          {% endif %}
-          {% if saml_enabled %}
-            <a href="{{ url_for('index.saml_login') }}">
-              SAML login
-            </a>
-          {% endif %}
-          {% if SETTING.get('signup_enabled') %}
-            <br>
-            <a href="{{ url_for('index.register') }}" class="text-center">
-              Create an account
-            </a>
-            {% if SETTING.get('verify_user_email') %}
-              <br/>
-              <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">
-                Resend confirmation email
-              </a>
-            {% endif %}
-          {% endif %}
+          </div>
+          <!-- /.col -->
+          <div class="col-xs-4">
+            <button type="submit" class="btn btn-flat btn-primary btn-block">Sign In</button>
+          </div>
+          <!-- /.col -->
         </div>
+      </form>
+      {% endif %}
+      {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
+      <div class="social-auth-links text-center">
+        {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+        <p>- OR -</p>
+        {% endif %}
+        {% if SETTING.get('oidc_oauth_enabled') %}
+        <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat"><i
+            class="fa fa-openid"></i> Sign in using
+          OpenID Connect</a>
+        {% endif %}
+        {% if SETTING.get('github_oauth_enabled') %}
+        <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat"><i
+            class="fa fa-github"></i> Sign in using
+          Github</a>
+        {% endif %}
+        {% if SETTING.get('google_oauth_enabled') %}
+        <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat"><i
+            class="fa fa-google"></i> Sign in using
+          Google</a>
+        {% endif %}
+        {% if SETTING.get('azure_oauth_enabled') %}
+        <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat"><i
+          class="fa fa-windows"></i> Sign in using
+        Microsoft Azure</a>
+      {% endif %}
       </div>
-      <div class="login-box-footer">
-        <center>
-          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-        </center>
-      </div>
+      {% endif %}
+
+      {% if saml_enabled %}
+      <a href="{{ url_for('index.saml_login') }}">SAML login</a>
+      {% endif %}
+
+      {% if SETTING.get('signup_enabled') %}
+      <br>
+      <a href="{{ url_for('index.register') }}" class="text-center">Create an account </a>
+        {% if SETTING.get('verify_user_email') %}
+          <br/>
+          <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">Resend confirmation email</a>
+        {% endif %}
+      {% endif %}
+    </div>
+    <!-- /.login-box-body -->
+    <div class="login-box-footer">
+      <center>
+        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+      </center>
     </div>
-    {% assets "js_login" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    {% assets "js_validation" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    <script>
-      $(function () {
-        $('input').iCheck({
-          checkboxClass: 'icheckbox_square-blue',
-          radioClass: 'iradio_square-blue',
-          increaseArea: '20%' // optional
-        });
+  </div>
+  <!-- /.login-box -->
+
+  {% assets "js_login" -%}
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
+  {% assets "js_validation" -%}
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
+
+  <script>
+    $(function () {
+      $('input').iCheck({
+        checkboxClass: 'icheckbox_square-blue',
+        radioClass: 'iradio_square-blue',
+        increaseArea: '20%' // optional
       });
-    </script>
-  </body>
+    });
+  </script>
+</body>
+
 </html>
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 81c833f99..9a25fbb22 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -1,192 +1,102 @@
 <!DOCTYPE html>
 <html>
 
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <title>Register - {{ SITE_NAME }}</title>
-    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-    <!-- Tell the browser to be responsive to screen width -->
-    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
-    {% assets "css_login" -%}
-      <link rel="stylesheet" href="{{ ASSET_URL }}">
-    {%- endassets %}
-  </head>
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <title>Register - {{ SITE_NAME }}</title>
+  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+  <!-- Tell the browser to be responsive to screen width -->
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+  {% assets "css_login" -%}
+  <link rel="stylesheet" href="{{ ASSET_URL }}">
+  {%- endassets %}
+</head>
 
-  <body class="hold-transition register-page">
-    <div class="register-box">
-      <div class="card card-outline card-primary">
-        <div class="card-header text-center">
-          <a href="{{ url_for('index.index') }}" class="h3">
-            {% if SETTING.get('site_name') %}
-              {{ SITE_NAME }}
-            {% else %}
-              <b>PowerDNS</b>-Admin
-            {% endif %}
-          </a>
+<body class="hold-transition register-page">
+  <div class="register-box">
+    <div class="register-logo">
+      <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
+    </div>
+    <div class="register-box-body">
+      {% if error %}
+      <div class="alert alert-danger alert-dismissible">
+        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+        {{ error }}
+      </div>
+      {% endif %}
+      <p class="login-box-msg">Enter your personal details below</p>
+      <form action="{{ url_for('index.register') }}" method="post" data-toggle="validator">
+        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+        <div class="form-group has-feedback">
+          <input type="text" class="form-control" placeholder="First Name" name="firstname"
+            data-error="Please input your first name" required>
+          <span class="glyphicon glyphicon-user form-control-feedback"></span>
+          <span class="help-block with-errors"></span>
+        </div>
+        <div class="form-group has-feedback">
+          <input type="text" class="form-control" placeholder="Last name" name="lastname"
+            data-error="Please input your last name" required>
+          <span class="glyphicon glyphicon-user form-control-feedback"></span>
+          <span class="help-block with-errors"></span>
+        </div>
+        <div class="form-group has-feedback">
+          <input type="email" class="form-control" placeholder="Email" name="email"
+            data-error="Please input your valid email address" required>
+          <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
+          <span class="help-block with-errors"></span>
+        </div>
+        <p class="login-box-msg">Enter your account details below</p>
+        <div class="form-group has-feedback">
+          <input type="text" class="form-control" placeholder="Username" name="username"
+            data-error="Please input your username" required>
+          <span class="glyphicon glyphicon-user form-control-feedback"></span>
+          <span class="help-block with-errors"></span>
+        </div>
+        <div class="form-group has-feedback">
+          <input type="password" class="form-control" placeholder="Password" id="password" name="password"
+            data-error="Please input your password" required>
+          <span class="glyphicon glyphicon-lock form-control-feedback"></span>
         </div>
-        <div class="card-body">
-          {% if error %}
-          <div class="alert alert-danger alert-dismissible">
-            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-            {{ error }}
+        <div class="form-group has-feedback">
+          <input type="password" class="form-control" placeholder="Retype password" name="rpassword"
+            data-match="#password" data-match-error="Password confirmation does not match" required>
+          <span class="glyphicon glyphicon-log-in form-control-feedback"></span>
+          <span class="help-block with-errors"></span>
+        </div>
+        <div class="row">
+          <div class="col-xs-4 pull-left">
+            <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
           </div>
-          {% endif %}
-          <p class="login-box-msg">Enter your personal details below</p>
-          <form action="{{ url_for('index.register') }}" method="post" validator>
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-user"></i>
-                  </span>
-                </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}" placeholder="First Name" name="firstname" id="firstname" value="{{ request.form.firstname }}" required>
-                {% if 'firstname' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['firstname'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-user"></i>
-                  </span>
-                </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}" placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}" required>
-                {% if 'lastname' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['lastname'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-envelope"></i>
-                  </span>
-                </div>
-                <input type="email" class="form-control {{ 'is-invalid' if 'email' in error_messages else '' }}" placeholder="Email" name="email" id="email" value="{{ request.form.email }}" required>
-                {% if 'email' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['email'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            <p class="login-box-msg">Enter your account details below</p>
-
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-user"></i>
-                  </span>
-                </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}" placeholder="Username" name="username" id="username" value="{{ request.form.username }}" required>
-                {% if 'username' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['username'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-lock"></i>
-                  </span>
-                </div>
-                <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}" placeholder="Password" id="password" name="password" required>
-                {% if 'password' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['password'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-lock"></i>
-                  </span>
-                </div>
-                <input type="password" class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}" placeholder="Retype password" id="rpassword" name="rpassword" required>
-                {% if 'rpassword' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['rpassword'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
-
-            {% if captcha_enable %}
-            <p class="login-box-msg">Please complete the CAPTCHA below</p>
-            <div class="form-group">
-              {{ captcha() }}
-              <div class="input-group">
-                <div class="input-group-prepend">
-                  <span class="input-group-text">
-                    <i class="fas fa-shield-alt"></i>
-                  </span>
-                </div>
-              <input type="text" class="form-control {{ 'is-invalid' if 'captcha_result' in error_messages else '' }}" placeholder="CAPTCHA"  id="captcha" name="captcha" required>
-              {% if 'captcha_result' in error_messages %}
-                <div class="invalid-feedback">
-                  <i class="fas fa-exclamation-triangle"></i>
-                  {{ error_messages['captcha_result'] }}
-                </div>
-              {% endif %}
-            </div>
-          {% endif %}
-
-          <div class="row">
-            <div class="d-flex justify-content-between mx-auto mt-3">
-              <button type="button" class="btn btn-secondary" id="button_back">Back</button>
-              <button type="submit" class="btn btn-primary btn-block mx-3">Register</button>
-            </div>
+          <div class="col-xs-4 pull-right">
+            <button type="submit" class="btn btn-flat btn-primary btn-block">Register</button>
           </div>
-        </form>
-      </div>
-      <div class="login-box-footer">
-        <center>
-          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-        </center>
-      </div>
+          <!-- /.col -->
+        </div>
+      </form>
+    </div>
+    <!-- /.form-box -->
+    <div class="login-box-footer">
+      <center>
+        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+      </center>
     </div>
-    {% assets "js_login" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    {% assets "js_validation" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    <script>
-      $(function () {
-        $('#button_back').click(function () {
-          window.location.href = '{{ url_for('index.login') }}';
-        })
-      });
-    </script>
-  </body>
+  </div>
+  <!-- /.login-box -->
+
+  {% assets "js_login" -%}
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
+  {% assets "js_validation" -%}
+  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
+  <script>
+    $(function () {
+      $('#button_back').click(function () {
+        window.location.href = '{{ url_for('index.login') }}';
+      })
+    });
+  </script>
+</body>
+
 </html>
diff --git a/powerdnsadmin/templates/register_otp.html b/powerdnsadmin/templates/register_otp.html
index 2e8478653..87ec027e3 100755
--- a/powerdnsadmin/templates/register_otp.html
+++ b/powerdnsadmin/templates/register_otp.html
@@ -69,7 +69,7 @@
           </div>
           <div class="row">
             <div class="col-xs-4">
-              <button type="submit" class="btn btn-primary btn-block">Continue</button>
+              <button type="submit" class="btn btn-flat btn-primary btn-block">Continue</button>
             </div>
           </div>
         </form>
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index 165d828f4..bc1693be6 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -1,129 +1,106 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Templates - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Templates - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Templates
-          <small>List</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          <li class="breadcrumb-item active">Templates - List</li>
-        </ol>
-      </div>
-    </div>
-  </div>
-</div>
-
+<!-- Content Header (Page header) -->
+<section class="content-header">
+  <h1>
+    Templates
+    <small>List</small>
+  </h1>
+  <ol class="breadcrumb">
+    <li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
+    <li class="active">List</li>
+  </ol>
+</section>
 {% endblock %}
-
 {% block content %}
+<!-- Main content -->
 <section class="content">
-  <div class="container-fluid">
-    {% with errors = get_flashed_messages(category_filter=["error"]) %}
-      {% if errors %}
-        <div class="row">
-          <div class="col-12">
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              <h4>
-                <i class="fa-solid fa-ban"></i> Error!
-              </h4>
-              <div class="alert-message block-message error">
-                <a class="close" href="#">x</a>
-                <ul>
-                  {%- for msg in errors %}
-                    <li>{{ msg }}</li>
-                  {% endfor -%}
-                </ul>
-              </div>
-            </div>
-          </div>
+  {% with errors = get_flashed_messages(category_filter=["error"]) %} {% if errors %}
+  <div class="row">
+    <div class="col-md-12">
+      <div class="alert alert-danger alert-dismissible">
+        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+        <h4>
+          <i class="icon fa fa-ban"></i> Error!
+        </h4>
+        <div class="alert-message block-message error">
+          <a class="close" href="#">x</a>
+          <ul>
+            {%- for msg in errors %}
+            <li>{{ msg }}</li> {% endfor -%}
+          </ul>
         </div>
-      {% endif %}
-    {% endwith %}
-    <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Templates</h3>
-            <a href="{{ url_for('admin.create_template') }}">
-              <button type="button" class="btn btn-primary float-right">
-                <i class="fa-solid fa-plus"></i>&nbsp;Create Template
-              </button>
-            </a>
-          </div>
-          <div class="card-body">
-            <table id="tbl_template_list" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Description</th>
-                  <th>Number of Records</th>
-                  <th width="20%">Actions</th>
-                </tr>
-              </thead>
-              <tbody>
-                {% for template in templates %}
-                  <tr>
-                    <td>
-                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                        <strong>{{ template.name }}</strong>
-                      </a>
-                    </td>
-                    <td>
-                      {{ template.description }}
-                    </td>
-                    <td>
-                      {{ template.records|count }}
-                    </td>
-                    <td>
-                      <div class="dropdown">
-                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                        </button>
-                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_template', template=template.name) }}'">
-                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Template
-                          </button>
-                          <div class="dropdown-divider"></div>
-                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{template.name}}">
-                            <font color="red">
-                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Template
-                            </font>
-                          </button>
-                         </div>
-                      </div>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+      </div>
+    </div>
+  </div>
+  {% endif %} {% endwith %}
+  <div class="row">
+    <div class="col-xs-12">
+      <div class="box">
+        <div class="box-header">
+          <h3 class="box-title">Templates</h3>
+        </div>
+        <div class="box-body">
+          <a href="{{ url_for('admin.create_template') }}">
+            <button type="button" class="btn btn-flat btn-primary pull-left">
+              Create Template&nbsp;<i class="fa fa-plus"></i>
+            </button>
+          </a>
+        </div>
+        <div class="box-body">
+          <table id="tbl_template_list" class="table table-bordered table-striped">
+            <thead>
+              <tr>
+                <th>Name</th>
+                <th>Description</th>
+                <th>Number of Records</th>
+                <th width="20%">Action</th>
+              </tr>
+            </thead>
+            <tbody>
+              {% for template in templates %}
+              <tr>
+                <td>
+                  <a
+                    href="{{ url_for('admin.edit_template', template=template.name) }}"><strong>{{ template.name }}</strong></a>
+                </td>
+                <td>
+                  {{ template.description }}
+                </td>
+                <td>
+                  {{ template.records|count }}
+                </td>
+                <td>
+                  <a href="{{ url_for('admin.edit_template', template=template.name) }}">
+                    <button type="button" class="btn btn-flat btn-warning button_edit" id="btn_edit">
+                      Edit&nbsp;<i class="fa fa-edit"></i>
+                    </button>
+                  </a>
+                  <button type="button" class="btn btn-flat btn-danger button_delete" id="{{template.name}}">
+                    Delete&nbsp;<i class="fa fa-trash"></i>
+                  </button>
+                </td>
+              </tr>
+              {% endfor %}
+            </tbody>
+          </table>
         </div>
+        <!-- /.box-body -->
       </div>
+      <!-- /.box -->
     </div>
+    <!-- /.col -->
   </div>
+  <!-- /.row -->
 </section>
+<!-- /.content -->
 {% endblock %}
-
 {% block extrascripts %}
 <script>
-  // set up template data table
+  // set up history data table
   $("#tbl_template_list").DataTable({
     "paging": true,
     "lengthChange": true,
@@ -132,7 +109,6 @@ <h3 class="card-title">Templates</h3>
     "info": false,
     "autoWidth": false
   });
-
   // handle delete button
   $(document.body).on("click", ".button_delete", function (e) {
     var template = $(this).prop('id');
@@ -141,9 +117,9 @@ <h3 class="card-title">Templates</h3>
     }, function () {
       window.location.href = '{{ url_for('admin.templates') }}';
     });
+
   });
 </script>
 {% endblock %}
-
 {% block modals %}
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 6b06ccf5d..0ec265cac 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -1,118 +1,103 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Create Template - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Create Template - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Template
-          <small>Create</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
-          <li class="breadcrumb-item active">Create</li>
-        </ol>
-      </div>
-    </div>
-  </div>
-</div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+	<h1>
+		Template
+		<small>Create</small>
+	</h1>
+	<ol class="breadcrumb">
+		<li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
+		<li class="active">Create</li>
+	</ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
-    {% with errors = get_flashed_messages(category_filter=["error"]) %}
-      {% if errors %}
-        <div class="row">
-          <div class="col-12">
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              <h4>
-                <i class="fa-solid fa-ban"></i> Error!
-              </h4>
-              <div class="alert-message block-message error">
-                <a class="close" href="#">x</a>
-              <ul>
-                {%- for msg in errors %}
-                  <li>{{ msg }}</li>
-                {% endfor -%}
-              </ul>
-            </div>
-          </div>
-        </div>
-      {% endif %}
-    {% endwith %}
-    <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Create new template</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <div class="form-group">
-                <input type="text" class="form-control" name="name" id="name"
-                placeholder="Enter a valid template name (required)">
-              </div>
-              <div class="form-group">
-                <input type="text" class="form-control" name="description" id="description"
-                placeholder="Enter a template description (optional)">
-              </div>
-            </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.templates') }}'">
-                Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Save
-              </button>
-            </div>
-          </form>
-        </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new template</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Template name</dt>
-              <dd>Enter your template name, this is the name of the template that
-                will be shown to users. The name should not have any spaces but
-                can have symbols.</dd>
-              <dt>Template description</dt>
-              <dd>Enter your template description, this is to help better
-                identify the template.</dd>
-            </dl>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
+	{% with errors = get_flashed_messages(category_filter=["error"]) %} {%
+if errors %}
+	<div class="row">
+		<div class="col-md-12">
+			<div class="alert alert-danger alert-dismissible">
+				<button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+				<h4>
+					<i class="icon fa fa-ban"></i> Error!
+				</h4>
+				<div class="alert-message block-message error">
+					<a class="close" href="#">x</a>
+					<ul>
+						{%- for msg in errors %}
+						<li>{{ msg }}</li> {% endfor -%}
+					</ul>
+				</div>
+			</div>
+		</div>
+	</div>
+	{% endif %} {% endwith %}
+
+	<div class="row">
+		<div class="col-md-4">
+			<div class="box box-primary">
+				<div class="box-header with-border">
+					<h3 class="box-title">Create new template</h3>
+				</div>
+				<!-- /.box-header -->
+				<!-- form start -->
+				<form role="form" method="post" action="{{ url_for('admin.create_template') }}">
+					<input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+					<div class="box-body">
+						<div class="form-group">
+							<input type="text" class="form-control" name="name" id="name"
+								placeholder="Enter a valid template name (required)">
+						</div>
+						<div class="form-group">
+							<input type="text" class="form-control" name="description" id="description"
+								placeholder="Enter a template description (optional)">
+						</div>
+					</div>
+					<div class="box-footer">
+						<button type="submit" class="btn btn-flat btn-primary">Submit</button>
+						<button type="button" class="btn btn-flat btn-default"
+							onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
+					</div>
+				</form>
+			</div>
+			<!-- /.box -->
+		</div>
+		<div class="col-md-8">
+			<div class="box box-primary">
+				<div class="box-header with-border">
+					<h3 class="box-title">Help with creating a new template</h3>
+				</div>
+				<div class="box-body">
+					<dl class="dl-horizontal">
+						<dt>Template name</dt>
+						<dd>Enter your template name, this is the name of the template that
+							will be shown to users. The name should not have any spaces but
+							can have symbols.</dd>
+						<dt>Template description</dt>
+						<dd>Enter your template description, this is to help better
+							identify the template.</dd>
+					</dl>
+				</div>
+			</div>
+		</div>
+	</div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
-  $("input[name=radio_type]").change(function () {
-    var type = $(this).val();
-    if (type == "secondary") {
-      $("#domain_primary_address_div").show();
-    } else {
-      $("#domain_primary_address_div").hide();
-    }
-  });
+	$("input[name=radio_type]").change(function () {
+		var type = $(this).val();
+		if (type == "slave") {
+			$("#domain_master_address_div").show();
+		} else {
+			$("#domain_master_address_div").hide();
+		}
+	});
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 92addf107..89faebcd2 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -1,52 +1,38 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Edit Template - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Edit Template - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Template Edit
-            <small>{{ template }}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
-            <li class="breadcrumb-item active">Template Edit: {{ template }}</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<section class="content-header">
+    <h1>
+        Edit template <small>{{ template }}</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
+                class="fa fa-dashboard"></i> Home</a></li>
+        <li>Templates</li>
+        <li class="active">{{ template }}</li>
+    </ol>
+</section>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Manage Template Records for {{ template }}</h3>
+        <div class="col-xs-12">
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">Manage Template Records for {{ template }}</h3>
                 </div>
-                <div class="card-body">
-                    <button type="button" class="btn btn-primary float-left button_add_record" id="{{ template }}">
-                        <i class="fa-solid fa-plus"></i>&nbsp;Add Record
+                <div class="box-body">
+                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ template }}">
+                        Add Record&nbsp;<i class="fa fa-plus"></i>
                     </button>
-                    <button type="button" class="btn btn-primary float-right button_apply_changes" id="{{ template }}">
-                        <i class="fa-solid fa-save"></i>&nbsp;Save Changes
+                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ template }}">
+                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
                     </button>
                 </div>
-                <div class="card-body">
+                <div class="box-body">
                     <table id="tbl_records" class="table table-bordered table-striped">
                         <thead>
                             <tr>
@@ -83,17 +69,17 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                         {{ record.comment }}
                                     </td>
                                     <td width="6%">
-                                         <button type="button" class="btn btn-warning button_edit">
-                                            <i class="fa-solid fa-edit"></i>&nbsp;Edit
+                                         <button type="button" class="btn btn-flat btn-warning button_edit">
+                                            Edit&nbsp;<i class="fa fa-edit"></i>
                                         </button>
                                     </td>
                                     <td width="6%">
-                                        <button type="button" class="btn btn-danger button_delete">
-                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete
+                                        <button type="button" class="btn btn-flat btn-danger button_delete">
+                                            Delete&nbsp;<i class="fa fa-trash"></i>
                                         </button>
                                     </td>
                                     <td>
-                                      {{ record.id }}
+                                    	{{ record.id }}
                                     </td>
                                     </td>
                                 </tr>
@@ -104,14 +90,13 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
             </div>
         </div>
     </div>
-  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
     // superglobals
-    window.records_allow_edit = {{ editable_records | tojson }};
-    window.ttl_options = {{ ttl_options | tojson }};
+    window.records_allow_edit = {{ editable_records|tojson }};
+    window.ttl_options = {{ ttl_options|tojson }};
     window.nEditing = null;
     window.nNew = false;
 
@@ -238,7 +223,7 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
 
             // add new row
             var default_type = records_allow_edit[0]
-            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
+            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', 3600, '', '', '', '', '0']);
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
             nEditing = nRow;
@@ -430,67 +415,67 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal"
+                <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" id="button_delete_cancel" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">
-                  Delete
-                </button>
+                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
+                    data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_apply_changes">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal"
+                <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-primary" id="button_apply_confirm">
-                  Apply
-                </button>
+                <button type="button" class="btn btn-flat btn-default pull-left"
+                    data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_custom_record">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-              <h4 class="modal-title">Custom Record</h4>
-              <button type="button" class="close" data-dismiss="modal"
+                <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
+                <h4 class="modal-title">Custom Record</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-primary" id="button_save">Save</button>
+                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
             </div>
         </div>
+        <!-- /.modal-content -->
     </div>
+    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index b7bf69f3b..8570f7e4e 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -1,169 +1,146 @@
 {% extends "base.html" %}
-
-{% set active_page = "user_profile" %}
-
-{% block title %}
-  <title>
-    My Profile - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
+{% block title %}<title>My Profile - {{ SITE_NAME }}</title>{% endblock %}
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            User
-            <small>My Profile</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">My Profile</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
+<!-- Content Header (Page header) -->
+<section class="content-header">
+    <h1>
+        Profile
+        <small>Edit my profile</small>
+    </h1>
+    <ol class="breadcrumb">
+        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
+        <li class="active">My Profile</li>
+    </ol>
+</section>
 {% endblock %}
-
 {% block content %}
 <section class="content">
-  <div class="container-fluid">
     <div class="row">
-      <div class="col-6">
-        <div class="card">
-          <div class="card-header">
-            <div class="nav-tabs-custom">
-              <ul class="nav nav-tabs" role="tablist">
-                <li class="nav-item">
-                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
-                    Personal Info
-                  </a>
-                </li>
-                {%  if session['authentication_type'] == 'LOCAL' %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-password" data-toggle="tab">
-                      Change Password
-                    </a>
-                  </li>
-                {% endif %}
-                {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">
-                      Authentication
-                    </a>
-                  </li>
-                {% endif %}
-              </ul>
-              <div class="card-body">
-              <div class="tab-content">
-                <div class="tab-pane fade show active" id="tabs-personal">
-                  <form role="form" method="post" action="{{ user_profile }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="form-group">
-                      <label for="firstname">First Name</label>
-                      <input type="text" class="form-control" name="firstname" id="firstname" placeholder="{{ current_user.firstname }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    <div class="form-group">
-                      <label for="lastname">Last Name</label>
-                      <input type="text" class="form-control" name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    <div class="form-group">
-                      <label for="email">E-Mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    {%  if session['authentication_type'] == 'LOCAL' %}
-                      <div class="form-group">
-                        <button type="submit" class="btn btn-primary">
-                          <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
-                        </button>
-                      </div>
-                    {% endif %}
-                  </form>
+        <div class="col-lg-12">
+            <div class="box box-primary">
+                <div class="box-header with-border">
+                    <h3 class="box-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -
+                        Authenticated externally]{% endif %}</h3>
                 </div>
-                {% if session['authentication_type'] == 'LOCAL' %}
-                  <div class="tab-pane fade" id="tabs-password">
-                    {% if not current_user.password %}
-                      Your account password is managed via LDAP which isn't supported to change here.
-                    {% else %}
-                      <form action="{{ user_profile }}" method="post">
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <div class="form-group">
-                          <label for="password">New Password</label>
-                          <input type="password" class="form-control" name="password" id="newpassword">
+                <div class="box-body">
+                    <!-- Custom Tabs -->
+                    <div class="nav-tabs-custom" id="tabs">
+                        <ul class="nav nav-tabs">
+                            <li class="active"><a href="#tabs-personal" data-toggle="tab">Personal
+                                    Info</a></li>
+                            {%  if session['authentication_type'] == 'LOCAL' %}
+                            <li><a href="#tabs-password" data-toggle="tab">Change Password</a></li>
+                            {% endif %}
+                            {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
+                            <li><a href="#tabs-authentication" data-toggle="tab">Authentication</a></li>
+                            {% endif %}
+                        </ul>
+                        <div class="tab-content">
+                            <div class="tab-pane active" id="tabs-personal">
+                                <form role="form" method="post" action="{{ user_profile }}">
+                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                    <div class="form-group">
+                                        <label for="firstname">First Name</label> <input type="text"
+                                            class="form-control" name="firstname" id="firstname"
+                                            placeholder="{{ current_user.firstname }}"
+                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                    </div>
+                                    <div class="form-group">
+                                        <label for="lastname">Last Name</label> <input type="text" class="form-control"
+                                            name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
+                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                    </div>
+                                    <div class="form-group">
+                                        <label for="email">E-mail</label> <input type="email" class="form-control"
+                                            name="email" id="email" placeholder="{{ current_user.email }}"
+                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                    </div>{%  if session['authentication_type'] == 'LOCAL' %}
+                                    <div class="form-group">
+                                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
+                                    </div>{% endif %}
+                                </form>
+                            </div>
+                            {% if session['authentication_type'] == 'LOCAL' %}
+                            <div class="tab-pane" id="tabs-password">
+                                {% if not current_user.password %}
+                                Your account password is managed via LDAP which isn't supported to change here.
+                                {% else %}
+                                <form action="{{ user_profile }}" method="post">
+                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                    <div class="form-group">
+                                        <label for="password">New Password</label> <input type="password"
+                                            class="form-control" name="password" id="newpassword" />
+                                    </div>
+                                    <div class="form-group">
+                                        <label for="rpassword">Re-type New Password</label> <input type="password"
+                                            class="form-control" name="rpassword" id="rpassword" />
+                                    </div>
+                                    <div class="form-group">
+                                        <button type="submit" class="btn btn-flat btn-primary">Change Password</button>
+                                    </div>
+                                </form>
+                                {% endif %}
+                            </div>
+                            {% endif %}
+                            <!-- {% if session['authentication_type'] in ['LOCAL', 'LDAP'] %} -->
+                            <div class="tab-pane" id="tabs-authentication">
+                                <form action="{{ user_profile }}" method="post">
+                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                    <div class="form-group">
+                                        <input type="checkbox" id="otp_toggle" class="otp_toggle"
+                                            {% if current_user.otp_secret %}checked{% endif %}>
+                                        <label for="otp_toggle">Enable Two Factor Authentication</label>
+                                        {% if current_user.otp_secret %}
+                                        <div id="token_information">
+                                            <p><img id="qrcode" src="{{ url_for('user.qrcode') }}"></p>
+                                            <div style="position: relative; left: 15px">
+                                                Your secret key is: <br />
+                                                <form>
+                                                    <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
+                                                    <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
+                                                    <br /><font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
+                                                </form>
+                                            </div>
+                                            You can use Google Authenticator (<a target="_blank"
+                                                href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
+                                            - <a target="_blank"
+                                                href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
+                                            or FreeOTP (<a target="_blank"
+                                                href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
+                                            - <a target="_blank"
+                                                href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>)
+                                            on your smartphone to scan the QR code.
+                                            <br />
+                                            <font color="red"><strong><i>Make sure only you can see this QR Code and secret key and
+                                                        nobody can capture them.</i></strong></font>
+                                        </div>
+                                        {% endif %}
+                                    </div>
+                                </form>
+                            </div>
+                            <!-- {% endif %} -->
                         </div>
-                        <div class="form-group">
-                          <label for="rpassword">Re-type New Password</label>
-                          <input type="password" class="form-control" name="rpassword" id="rpassword">
-                        </div>
-                        <div class="form-group">
-                          <button type="submit" class="btn btn-primary">
-                            <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
-                          </button>
-                        </div>
-                      </form>
-                    {% endif %}
-                  </div>
-                {% endif %}
-                <div class="tab-pane fade" id="tabs-authentication">
-                  <form action="{{ user_profile }}" method="post">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="form-group">
-                      <input type="checkbox" id="otp_toggle" class="otp_toggle" {% if current_user.otp_secret %}checked{% endif %}>
-                      <label for="otp_toggle">Enable Two Factor Authentication</label>
-                      {% if current_user.otp_secret %}
-                        <div id="token_information">
-                          <p>
-                            <img id="qrcode" src="{{ url_for('user.qrcode') }}">
-                          </p>
-                          <div style="position: relative; left: 15px">
-                            Your secret key is:
-                            <br />
-                              <form>
-                                <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
-                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()">
-                                  <i class="fa-solid fa-clipboard"></i>
-                                </button>
-                                <br />
-                                <font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
-                              </form>
-                          </div>
-                          You can use Google Authenticator 
-                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><i class="fa-brands fa-google-play"></i>Android</a>
-                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605"><i class="fa-brands fa-app-store-ios"></i>iOS</a>)
-                           or FreeOTP 
-                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en"><i class="fa-brands fa-google-play"></i>Android</a>
-                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8"><i class="fa-brands fa-app-store-ios"></i>iOS</a>) 
-                           on your smartphone to scan the QR code.
-                           <br />
-                          <font color="red">
-                            <strong>
-                              <i>Make sure only you can see this QR Code and secret key and
-                                nobody can capture them.
-                              </i>
-                            </strong>
-                          </font>
-                        </div>
-                      {% endif %}
                     </div>
-                  </form>
                 </div>
-              </div>
             </div>
-          </div>
         </div>
-      </div>
     </div>
-  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
+<!-- TODO: add password and password confirmation comparison check -->
 <script>
+    $(function () {
+        $('#tabs').tabs({
+            // add url anchor tags
+            activate: function (event, ui) {
+                window.location.hash = ui.newPanel.attr('id');
+            }
+        });
+        // re-set active tab (ui)
+        var activeTabIdx = $('#tabs').tabs('option', 'active');
+        $('#tabs li:eq(' + activeTabIdx + ')').tab('show')
+    });
 
     // initialize pretty checkboxes
     $('.otp_toggle').iCheck({
@@ -172,19 +149,16 @@ <h1 class="m-0 text-dark">
     });
 
     // handle checkbox toggling
-    $('.otp_toggle').on('ifToggled', function(event) {
-    var enable_otp = $(this).prop('checked');
-    var postdata = {
-        'action': 'enable_otp',
-        'data': {
-            'enable_otp': enable_otp
-        },
-        '_csrf_token': '{{ csrf_token() }}'
-    };
-    applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true, function() {
-        window.location.reload();
-        $('#tabs li:eq(2) a').tab('show');
+    $('.otp_toggle').on('ifToggled', function (event) {
+        var enable_otp = $(this).prop('checked');
+        var postdata = {
+            'action': 'enable_otp',
+            'data': {
+                'enable_otp': enable_otp
+            },
+            '_csrf_token': '{{ csrf_token() }}'
+        };
+        applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true);
     });
-  });
 </script>
 {% endblock %}
diff --git a/requirements.txt b/requirements.txt
index 9087be43d..595d9da1f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,31 +1,21 @@
-Flask==2.2.2
-Flask-Assets==2.0
-Flask-Login==0.6.2
-Flask-SQLAlchemy==3.0.2
-Flask-Migrate==4.0.0
-Flask-Mail==0.9.1
-Flask-SSLify==0.1.5
-Flask-Session==0.4.0
-Flask-SeaSurf==1.1.1
-SQLAlchemy==1.4.45
 mysqlclient==2.1.1
-configobj==5.0.8
+configobj==5.0.6
 bcrypt==4.0.1
-requests==2.28.2
+requests==2.28.1
 python-ldap==3.4.3
 pyotp==2.8.0
 qrcode==7.3.1
-dnspython>=2.3.0
+dnspython>=1.16.0
 gunicorn==20.1.0
 python3-saml==1.14.0
-pytz==2022.7.1
+pytz==2022.7
 cssmin==0.2.0
 rjsmin==1.2.1
 Authlib==1.2.0
+Flask-SeaSurf==1.1.1
 bravado-core==5.17.1
-lima==0.5
-pytest==7.2.1
 jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
+lima==0.5
 pytimeparse==1.1.8
 alembic==1.9.0
 certifi==2022.12.7
@@ -34,11 +24,16 @@ passlib==1.7.4
 pyasn1==0.4.8
 webcolors==1.12
 zipp==3.11.0
+Flask==2.2.2
+Flask-Assets==2.0
+Flask-Login==0.6.2
+Flask-SQLAlchemy==3.0.2
+Flask-Migrate==4.0.0
+SQLAlchemy==1.4.45
 pyOpenSSL==22.1.0
 PyYAML==6.0
-Jinja2==3.1.2
-itsdangerous==2.1.2
-werkzeug==2.2.2
-cryptography==38.0.0
-flask_session_captcha==1.3.0
-lxml==4.6.5
\ No newline at end of file
+Flask-Mail==0.9.1
+Flask-SSLify==0.1.5
+Flask-Session==0.4.0
+lxml==4.6.5
+pytest==7.2.0
diff --git a/yarn.lock b/yarn.lock
index 6225dfe8a..733fb83c1 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2,339 +2,333 @@
 # yarn lockfile v1
 
 
-"@foliojs-fork/fontkit@^1.9.1":
-  version "1.9.1"
-  resolved "https://registry.yarnpkg.com/@foliojs-fork/fontkit/-/fontkit-1.9.1.tgz#8124649168eb5273f580f66697a139fb5041296b"
-  integrity sha512-U589voc2/ROnvx1CyH9aNzOQWJp127JGU1QAylXGQ7LoEAF6hMmahZLQ4eqAcgHUw+uyW4PjtCItq9qudPkK3A==
-  dependencies:
-    "@foliojs-fork/restructure" "^2.0.2"
-    brfs "^2.0.0"
-    brotli "^1.2.0"
-    browserify-optional "^1.0.1"
-    clone "^1.0.4"
-    deep-equal "^1.0.0"
-    dfa "^1.2.0"
-    tiny-inflate "^1.0.2"
-    unicode-properties "^1.2.2"
-    unicode-trie "^2.0.0"
-
-"@foliojs-fork/linebreak@^1.1.1":
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/@foliojs-fork/linebreak/-/linebreak-1.1.1.tgz#93ecd695b7d2bb0334b9481058c3e610e019a4eb"
-  integrity sha512-pgY/+53GqGQI+mvDiyprvPWgkTlVBS8cxqee03ejm6gKAQNsR1tCYCIvN9FHy7otZajzMqCgPOgC4cHdt4JPig==
-  dependencies:
-    base64-js "1.3.1"
-    brfs "^2.0.2"
-    unicode-trie "^2.0.0"
-
-"@foliojs-fork/pdfkit@^0.13.0":
-  version "0.13.0"
-  resolved "https://registry.yarnpkg.com/@foliojs-fork/pdfkit/-/pdfkit-0.13.0.tgz#54f5368d8cf74d8edc81a175ccda1fd9655f2db9"
-  integrity sha512-YXeG1fml9k97YNC9K8e292Pj2JzGt9uOIiBFuQFxHsdQ45BlxW+JU3RQK6JAvXU7kjhjP8rCcYvpk36JLD33sQ==
+JSONStream@^1.0.3:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.3.tgz#27b4b8fbbfeab4e71bcf551e7f27be8d952239bf"
   dependencies:
-    "@foliojs-fork/fontkit" "^1.9.1"
-    "@foliojs-fork/linebreak" "^1.1.1"
-    crypto-js "^4.0.0"
-    png-js "^1.0.0"
-
-"@foliojs-fork/restructure@^2.0.2":
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4"
-  integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA==
-
-"@fortawesome/fontawesome-free@6.3.0":
-  version "6.3.0"
-  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.3.0.tgz#b5877182692a6f7a39d1108837bec24247ba4bd7"
-  integrity sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA==
-
-"@fortawesome/fontawesome-free@^5.15.4":
-  version "5.15.4"
-  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-5.15.4.tgz#ecda5712b61ac852c760d8b3c79c96adca5554e5"
-  integrity sha512-eYm8vijH/hpzr/6/1CJ/V/Eb1xQFW2nnUKArb3z+yUWv7HTwj6M7SP957oMjfZjAHU6qpoNc2wQvIxBLWYa/Jg==
-
-"@lgaitan/pace-progress@^1.0.7":
-  version "1.0.7"
-  resolved "https://registry.yarnpkg.com/@lgaitan/pace-progress/-/pace-progress-1.0.7.tgz#c96fbbd9fd4cf528feed34ea0c8f9d8b3e98f0dd"
-  integrity sha512-GMoTcF6WBpno7a7Iyx7M79os26d5bCDbh7YTZmXZM8YuLR3DDtwo0/CBYddStGD6QIBTieFDz4IAQiO0dAdRGw==
-
-"@sweetalert2/theme-bootstrap-4@^5.0.8":
-  version "5.0.15"
-  resolved "https://registry.yarnpkg.com/@sweetalert2/theme-bootstrap-4/-/theme-bootstrap-4-5.0.15.tgz#bede688c13784acf73e01352e00d3e7fb8d69e01"
-  integrity sha512-WsGXk67Yz3Txe3lJA4FNqQCKbQQ6yJLpVUknyGcoESVvwHm+UBBlIMHAcKuLvF+WXK9Rbq8gXhpDIU8ISoiPlQ==
-
-"@ttskch/select2-bootstrap4-theme@^1.5.2":
-  version "1.5.2"
-  resolved "https://registry.yarnpkg.com/@ttskch/select2-bootstrap4-theme/-/select2-bootstrap4-theme-1.5.2.tgz#3b4519b349f3e7831c28752a1e9617312a192656"
-  integrity sha512-gAj8qNy/VYwQDBkACm0USM66kxFai8flX83ayRXPNhzZckEgSqIBB9sM74SCM3ssgeX+ZVy4BifTnLis+KpIyg==
+    jsonparse "^1.2.0"
+    through ">=2.2.7 <3"
 
-acorn-node@^1.3.0:
+acorn-node@^1.2.0, acorn-node@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/acorn-node/-/acorn-node-1.3.0.tgz#5f86d73346743810ef1269b901dbcbded020861b"
   dependencies:
     acorn "^5.4.1"
     xtend "^4.0.1"
 
+acorn@^4.0.3:
+  version "4.0.13"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.13.tgz#105495ae5361d697bd195c825192e1ad7f253787"
+
 acorn@^5.4.1:
   version "5.6.2"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.6.2.tgz#b1da1d7be2ac1b4a327fb9eab851702c5045b4e7"
 
-admin-lte@3.2.0:
-  version "3.2.0"
-  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-3.2.0.tgz#9be383a6418c2323828466ab95af0eb083e4a597"
-  integrity sha512-IDUfoU8jo9DVlB59lDEASAJXTesAEXDZ68DOHI3qg93r5ehVTkMl2x0ixgIyff8NiHeNYXpcOZh3tr6oGbvu9g==
-  dependencies:
-    "@fortawesome/fontawesome-free" "^5.15.4"
-    "@lgaitan/pace-progress" "^1.0.7"
-    "@sweetalert2/theme-bootstrap-4" "^5.0.8"
-    "@ttskch/select2-bootstrap4-theme" "^1.5.2"
-    bootstrap "^4.6.1"
-    bootstrap-colorpicker "^3.4.0"
-    bootstrap-slider "^11.0.2"
-    bootstrap-switch "3.3.4"
-    bootstrap4-duallistbox "^4.0.2"
-    bs-custom-file-input "^1.3.4"
-    bs-stepper "^1.7.0"
-    chart.js "^2.9.4"
-    codemirror "^5.65.1"
-    datatables.net "^1.11.4"
-    datatables.net-autofill-bs4 "^2.3.9"
-    datatables.net-bs4 "^1.11.4"
-    datatables.net-buttons-bs4 "^2.2.2"
-    datatables.net-colreorder-bs4 "^1.5.5"
-    datatables.net-fixedcolumns-bs4 "^4.0.1"
-    datatables.net-fixedheader-bs4 "^3.2.1"
-    datatables.net-keytable-bs4 "^2.6.4"
-    datatables.net-responsive-bs4 "^2.2.9"
-    datatables.net-rowgroup-bs4 "^1.1.4"
-    datatables.net-rowreorder-bs4 "^1.2.8"
-    datatables.net-scroller-bs4 "^2.0.5"
-    datatables.net-searchbuilder-bs4 "^1.3.1"
-    datatables.net-searchpanes-bs4 "^1.4.0"
-    datatables.net-select-bs4 "^1.3.4"
-    daterangepicker "^3.1.0"
-    dropzone "^5.9.3"
-    ekko-lightbox "^5.3.0"
+admin-lte@2.4.9:
+  version "2.4.9"
+  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-2.4.9.tgz#effc04dbb587ccb7d674d4cf663cc141f925ed73"
+  integrity sha512-+u3zt5sWPPT8HmBvRg4F8IGZPaE5wD0K10+IjXoynfe/jEUrMMj+4eA1LGH9fMK6QulmFr1NCtc1Tk+mTgC24A==
+  dependencies:
+    bootstrap "^3.4.0"
+    bootstrap-colorpicker "^2.5.3"
+    bootstrap-datepicker "^1.8.0"
+    bootstrap-daterangepicker "^2.1.25"
+    bootstrap-slider "^9.8.0"
+    bootstrap-timepicker "^0.5.2"
+    chart.js "1.0.*"
+    ckeditor "^4.11.2"
+    datatables.net "^1.10.19"
+    datatables.net-bs "^1.10.19"
     fastclick "^1.0.6"
-    filterizr "^2.2.4"
-    flag-icon-css "^4.1.7"
-    flot "^4.2.2"
-    fs-extra "^10.0.0"
-    fullcalendar "^5.10.1"
-    icheck-bootstrap "^3.0.1"
-    inputmask "^5.0.7"
-    ion-rangeslider "^2.3.1"
-    jquery "^3.6.0"
-    jquery-knob-chif "^1.2.13"
-    jquery-mapael "^2.2.0"
-    jquery-mousewheel "^3.1.13"
-    jquery-ui-dist "^1.13.0"
-    jquery-validation "^1.19.3"
-    jqvmap-novulnerability "^1.5.1"
-    jsgrid "^1.5.3"
-    jszip "^3.7.1"
-    moment "^2.29.1"
-    overlayscrollbars "^1.13.1"
-    pdfmake "^0.2.4"
-    popper.js "^1.16.1"
-    raphael "^2.3.0"
-    select2 "^4.0.13"
-    sparklines "^1.3.0"
-    summernote "^0.8.20"
-    sweetalert2 "^11.4.0"
-    tempusdominus-bootstrap-4 "^5.39.0"
-    toastr "^2.1.4"
-    uplot "^1.6.18"
-
-amdefine@>=0.0.4:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5"
-  integrity sha512-S2Hw0TtNkMJhIabBwIojKL9YHO5T0n5eNqWJ7Lrlel/zDbftQpxpapi8tZs3X1HWa+u+QeydGmzzNU0m09+Rcg==
-
-array-from@^2.1.1:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/array-from/-/array-from-2.1.1.tgz#cfe9d8c26628b9dc5aecc62a9f5d8f1f352c1195"
-  integrity sha512-GQTc6Uupx1FCavi5mPzBvVT7nEOeWMmUA9P95wpfpW1XwMSKs+KaymD5C2Up7KAUKg/mYwbsUYzdZWcoajlNZg==
+    flot "^0.8.3"
+    font-awesome "^4.7.0"
+    fullcalendar "^3.10.0"
+    inputmask "^3.3.7"
+    ion-rangeslider "^2.3.0"
+    ionicons "^3.0.0"
+    jquery "^3.2.1"
+    jquery-knob "^1.2.11"
+    jquery-sparkline "^2.4.0"
+    jquery-ui "^1.12.1"
+    jvectormap "^1.2.2"
+    moment "^2.24.0"
+    morris.js "^0.5.0"
+    pace "0.0.4"
+    raphael "^2.2.7"
+    select2 "^4.0.3"
+    slimscroll "^0.9.1"
+
+almond@~0.3.1:
+  version "0.3.3"
+  resolved "https://registry.yarnpkg.com/almond/-/almond-0.3.3.tgz#a0e7c95ac7624d6417b4494b1e68bff693168a20"
+
+asn1.js@^4.0.0:
+  version "4.10.1"
+  resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
+  dependencies:
+    bn.js "^4.0.0"
+    inherits "^2.0.1"
+    minimalistic-assert "^1.0.0"
+
+assert@^1.4.0:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91"
+  dependencies:
+    util "0.10.3"
 
-ast-transform@0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/ast-transform/-/ast-transform-0.0.0.tgz#74944058887d8283e189d954600947bc98fe0062"
-  integrity sha512-e/JfLiSoakfmL4wmTGPjv0HpTICVmxwXgYOB8x+mzozHL8v+dSfCbrJ8J8hJ0YBP0XcYu1aLZ6b/3TnxNK3P2A==
+astw@^2.0.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/astw/-/astw-2.2.0.tgz#7bd41784d32493987aeb239b6b4e1c57a873b917"
   dependencies:
-    escodegen "~1.2.0"
-    esprima "~1.0.4"
-    through "~2.3.4"
+    acorn "^4.0.3"
 
-ast-types@^0.7.0:
-  version "0.7.8"
-  resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.7.8.tgz#902d2e0d60d071bdcd46dc115e1809ed11c138a9"
-  integrity sha512-RIOpVnVlltB6PcBJ5BMLx+H+6JJ/zjDGU0t7f0L6c2M1dqcK92VQopLBlPQ9R80AVXelfqYgjcPLtHtDbNFg0Q==
+balanced-match@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
 
-base64-js@1.3.1:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1"
-  integrity sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==
+base64-js@^1.0.2:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.0.tgz#cab1e6118f051095e58b5281aea8c1cd22bfc0e3"
 
-base64-js@^1.1.2, base64-js@^1.3.0:
-  version "1.5.1"
-  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
-  integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
+bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.11.9:
+  version "4.12.0"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88"
+  integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
 
-bootstrap-colorpicker@^3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-3.4.0.tgz#3d1873071542755a9b31cf5b314f771e2fcc7727"
-  integrity sha512-7vA0hvLrat3ptobEKlT9+6amzBUJcDAoh6hJRQY/AD+5dVZYXXf1ivRfrTwmuwiVLJo9rZwM8YB4lYzp6agzqg==
+bootstrap-colorpicker@^2.5.3:
+  version "2.5.3"
+  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-2.5.3.tgz#b50aff8590fbaa6b5aa63a5624e4213f1659a49d"
+  integrity sha512-xdllX8LSMvKULs3b8JrgRXTvyvjkSMHHHVuHjjN5FNMqr6kRe5NPiMHFmeAFjlgDF73MspikudLuEwR28LbzLw==
   dependencies:
-    bootstrap ">=4.0"
-    jquery ">=2.2"
-    popper.js ">=1.10"
+    jquery ">=1.10"
 
-bootstrap-datepicker@^1.9.0:
-  version "1.9.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.9.0.tgz#e4bfce3fcce1967876b21dc6833ec5994aaed090"
-  integrity sha512-9rYYbaVOheGYxjOr/+bJCmRPihfy+LkLSg4fIFMT9Od8WwWB/MB50w0JO1eBgKUMbb7PFHQD5uAfI3ArAxZRXA==
+bootstrap-datepicker@^1.8.0:
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.8.0.tgz#c63513931e6f09f16ae9f11b62f32d950df3958e"
+  integrity sha512-213St/G8KT3mjs4qu4qwww74KWysMaIeqgq5OhrboZjIjemIpyuxlSo9FNNI5+KzpkkxkRRba+oewiRGV42B1A==
   dependencies:
     jquery ">=1.7.1 <4.0.0"
 
-bootstrap-slider@^11.0.2:
-  version "11.0.2"
-  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-11.0.2.tgz#4b167c165f322339cc66f0c7166b5a39e289e251"
-  integrity sha512-CdwS+Z6X79OkLes9RfDgPB9UIY/+81wTkm6ktdSB6hdyiRbjJLFQIjZdnEr55tDyXZfgC7U6yeSXkNN9ZdGqjA==
+bootstrap-daterangepicker@^2.1.25:
+  version "2.1.30"
+  resolved "https://registry.yarnpkg.com/bootstrap-daterangepicker/-/bootstrap-daterangepicker-2.1.30.tgz#f893dbfff5a4d7dfaab75460e8ea6969bb89689a"
+  dependencies:
+    jquery ">=1.10"
+    moment "^2.9.0"
 
-bootstrap-switch@3.3.4:
-  version "3.3.4"
-  resolved "https://registry.yarnpkg.com/bootstrap-switch/-/bootstrap-switch-3.3.4.tgz#70e0aeb2a877c0dc766991de108e2170fc29a2ff"
-  integrity sha512-7YQo+Ir6gCUqC36FFp1Zvec5dRF/+obq+1drMtdIMi9Xc84Kx63Evi0kdcp4HfiGsZpiz6IskyYDNlSKcxsL7w==
+bootstrap-slider@^9.8.0:
+  version "9.10.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-9.10.0.tgz#1103d6bc00cfbfa8cfc9a2599ab518c55643da3f"
+
+bootstrap-timepicker@^0.5.2:
+  version "0.5.2"
+  resolved "https://registry.yarnpkg.com/bootstrap-timepicker/-/bootstrap-timepicker-0.5.2.tgz#10ed9f2a2f0b8ccaefcde0fcf6a0738b919a3835"
 
 bootstrap-validator@^0.11.9:
   version "0.11.9"
   resolved "https://registry.yarnpkg.com/bootstrap-validator/-/bootstrap-validator-0.11.9.tgz#fb7058eef53623e78f5aa7967026f98f875a9404"
 
-bootstrap4-duallistbox@^4.0.2:
-  version "4.0.2"
-  resolved "https://registry.yarnpkg.com/bootstrap4-duallistbox/-/bootstrap4-duallistbox-4.0.2.tgz#c6942e34a39d0d05e436d51ebaf31c9349f119d3"
-  integrity sha512-vQdANVE2NN0HMaZO9qWJy0C7u04uTpAmtUGO3KLq3xAZKCboJweQ437hDTszI6pbYV2olJCGZMbdhvIkBNGeGQ==
+bootstrap@^3.4.0, bootstrap@^3.4.1:
+  version "3.4.1"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-3.4.1.tgz#c3a347d419e289ad11f4033e3c4132b87c081d72"
+  integrity sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==
 
-bootstrap@4.6.2, bootstrap@^4.6.1:
-  version "4.6.2"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.6.2.tgz#8e0cd61611728a5bf65a3a2b8d6ff6c77d5d7479"
-  integrity sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==
+brace-expansion@^1.1.7:
+  version "1.1.11"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
+  dependencies:
+    balanced-match "^1.0.0"
+    concat-map "0.0.1"
 
-bootstrap@>=4.0:
-  version "5.2.3"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-5.2.3.tgz#54739f4414de121b9785c5da3c87b37ff008322b"
-  integrity sha512-cEKPM+fwb3cT8NzQZYEu4HilJ3anCrWqh3CHAok1p9jXqMPsPTBhU25fBckEJHJ/p+tTxTFTsFQGM+gaHpi3QQ==
+brorand@^1.0.1, brorand@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
+  integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=
 
-brfs@^2.0.0, brfs@^2.0.2:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/brfs/-/brfs-2.0.2.tgz#44237878fa82aa479ce4f5fe2c1796ec69f07845"
-  integrity sha512-IrFjVtwu4eTJZyu8w/V2gxU7iLTtcHih67sgEdzrhjLBMHp2uYefUBfdM4k2UvcuWMgV7PQDZHSLeNWnLFKWVQ==
+browser-pack@^6.0.1:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/browser-pack/-/browser-pack-6.1.0.tgz#c34ba10d0b9ce162b5af227c7131c92c2ecd5774"
   dependencies:
-    quote-stream "^1.0.1"
-    resolve "^1.1.5"
-    static-module "^3.0.2"
+    JSONStream "^1.0.3"
+    combine-source-map "~0.8.0"
+    defined "^1.0.0"
+    safe-buffer "^5.1.1"
     through2 "^2.0.0"
+    umd "^3.0.0"
 
-brotli@^1.2.0:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/brotli/-/brotli-1.3.3.tgz#7365d8cc00f12cf765d2b2c898716bcf4b604d48"
-  integrity sha512-oTKjJdShmDuGW94SyyaoQvAjf30dZaHnjJ8uAF+u2/vGJkJbJPJAT1gDiOJP5v1Zb6f9KEyW/1HpuaWIXtGHPg==
+browser-resolve@^1.11.0, browser-resolve@^1.7.0:
+  version "1.11.2"
+  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.2.tgz#8ff09b0a2c421718a1051c260b32e48f442938ce"
   dependencies:
-    base64-js "^1.1.2"
+    resolve "1.1.7"
 
-browser-resolve@^1.8.1:
-  version "1.11.3"
-  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.3.tgz#9b7cbb3d0f510e4cb86bdbd796124d28b5890af6"
-  integrity sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==
+browserify-aes@^1.0.0, browserify-aes@^1.0.4:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/browserify-aes/-/browserify-aes-1.2.0.tgz#326734642f403dabc3003209853bb70ad428ef48"
   dependencies:
-    resolve "1.1.7"
+    buffer-xor "^1.0.3"
+    cipher-base "^1.0.0"
+    create-hash "^1.1.0"
+    evp_bytestokey "^1.0.3"
+    inherits "^2.0.1"
+    safe-buffer "^5.0.1"
 
-browserify-optional@^1.0.1:
+browserify-cipher@^1.0.0:
   version "1.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-optional/-/browserify-optional-1.0.1.tgz#1e13722cfde0d85f121676c2a72ced533a018869"
-  integrity sha512-VrhjbZ+Ba5mDiSYEuPelekQMfTbhcA2DhLk2VQWqdcCROWeFqlTcXZ7yfRkXCIl8E+g4gINJYJiRB7WEtfomAQ==
+  resolved "https://registry.yarnpkg.com/browserify-cipher/-/browserify-cipher-1.0.1.tgz#8d6474c1b870bfdabcd3bcfcc1934a10e94f15f0"
   dependencies:
-    ast-transform "0.0.0"
-    ast-types "^0.7.0"
-    browser-resolve "^1.8.1"
-
-bs-custom-file-input@^1.3.4:
-  version "1.3.4"
-  resolved "https://registry.yarnpkg.com/bs-custom-file-input/-/bs-custom-file-input-1.3.4.tgz#c275cb8d4f1c02ba026324292509fa9a747dbda8"
-  integrity sha512-NBsQzTnef3OW1MvdKBbMHAYHssCd613MSeJV7z2McXznWtVMnJCy7Ckyc+PwxV6Pk16cu6YBcYWh/ZE0XWNKCA==
+    browserify-aes "^1.0.4"
+    browserify-des "^1.0.0"
+    evp_bytestokey "^1.0.0"
 
-bs-stepper@^1.7.0:
-  version "1.7.0"
-  resolved "https://registry.yarnpkg.com/bs-stepper/-/bs-stepper-1.7.0.tgz#bfa4cc51c4e67957caae57f5bdcba1977186bac1"
-  integrity sha512-+DX7UKKgw2GI6ucsSCRd19VHYrxf/8znRCLs1lQVVLxz+h7EqgIOxoHcJ0/QTaaNoR9Cwg78ydo6hXIasyd3LA==
+browserify-des@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/browserify-des/-/browserify-des-1.0.1.tgz#3343124db6d7ad53e26a8826318712bdc8450f9c"
+  dependencies:
+    cipher-base "^1.0.1"
+    des.js "^1.0.0"
+    inherits "^2.0.1"
 
-buffer-equal@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-0.0.1.tgz#91bc74b11ea405bc916bc6aa908faafa5b4aac4b"
-  integrity sha512-RgSV6InVQ9ODPdLWJ5UAqBqJBOg370Nz6ZQtRzpt6nUjc8v0St97uJ4PYC6NztqIScrAXafKM3mZPMygSe1ggA==
+browserify-rsa@^4.0.0:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/browserify-rsa/-/browserify-rsa-4.0.1.tgz#21e0abfaf6f2029cf2fafb133567a701d4135524"
+  dependencies:
+    bn.js "^4.1.0"
+    randombytes "^2.0.1"
+
+browserify-sign@^4.0.0:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.0.4.tgz#aa4eb68e5d7b658baa6bf6a57e630cbd7a93d298"
+  dependencies:
+    bn.js "^4.1.1"
+    browserify-rsa "^4.0.0"
+    create-hash "^1.1.0"
+    create-hmac "^1.1.2"
+    elliptic "^6.0.0"
+    inherits "^2.0.1"
+    parse-asn1 "^5.0.0"
+
+browserify-zlib@~0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/browserify-zlib/-/browserify-zlib-0.2.0.tgz#2869459d9aa3be245fe8fe2ca1f46e2e7f54d73f"
+  dependencies:
+    pako "~1.0.5"
+
+browserify@>=3.46.0:
+  version "16.2.2"
+  resolved "https://registry.yarnpkg.com/browserify/-/browserify-16.2.2.tgz#4b1f66ba0e54fa39dbc5aa4be9629142143d91b0"
+  dependencies:
+    JSONStream "^1.0.3"
+    assert "^1.4.0"
+    browser-pack "^6.0.1"
+    browser-resolve "^1.11.0"
+    browserify-zlib "~0.2.0"
+    buffer "^5.0.2"
+    cached-path-relative "^1.0.0"
+    concat-stream "^1.6.0"
+    console-browserify "^1.1.0"
+    constants-browserify "~1.0.0"
+    crypto-browserify "^3.0.0"
+    defined "^1.0.0"
+    deps-sort "^2.0.0"
+    domain-browser "^1.2.0"
+    duplexer2 "~0.1.2"
+    events "^2.0.0"
+    glob "^7.1.0"
+    has "^1.0.0"
+    htmlescape "^1.1.0"
+    https-browserify "^1.0.0"
+    inherits "~2.0.1"
+    insert-module-globals "^7.0.0"
+    labeled-stream-splicer "^2.0.0"
+    mkdirp "^0.5.0"
+    module-deps "^6.0.0"
+    os-browserify "~0.3.0"
+    parents "^1.0.1"
+    path-browserify "~0.0.0"
+    process "~0.11.0"
+    punycode "^1.3.2"
+    querystring-es3 "~0.2.0"
+    read-only-stream "^2.0.0"
+    readable-stream "^2.0.2"
+    resolve "^1.1.4"
+    shasum "^1.0.0"
+    shell-quote "^1.6.1"
+    stream-browserify "^2.0.0"
+    stream-http "^2.0.0"
+    string_decoder "^1.1.1"
+    subarg "^1.0.0"
+    syntax-error "^1.1.1"
+    through2 "^2.0.0"
+    timers-browserify "^1.0.1"
+    tty-browserify "0.0.1"
+    url "~0.11.0"
+    util "~0.10.1"
+    vm-browserify "^1.0.0"
+    xtend "^4.0.0"
 
 buffer-from@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.0.tgz#87fcaa3a298358e0ade6e442cfce840740d1ad04"
 
-call-bind@^1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.2.tgz#b1d4e89e688119c3c9a903ad30abb2f6a919be3c"
-  integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==
-  dependencies:
-    function-bind "^1.1.1"
-    get-intrinsic "^1.0.2"
+buffer-xor@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/buffer-xor/-/buffer-xor-1.0.3.tgz#26e61ed1422fb70dd42e6e36729ed51d855fe8d9"
 
-chart.js@^2.9.4:
-  version "2.9.4"
-  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-2.9.4.tgz#0827f9563faffb2dc5c06562f8eb10337d5b9684"
-  integrity sha512-B07aAzxcrikjAPyV+01j7BmOpxtQETxTSlQ26BEYJ+3iUkbNKaOJ/nDbT6JjyqYxseM0ON12COHYdU2cTIjC7A==
+buffer@^5.0.2:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.1.0.tgz#c913e43678c7cb7c8bd16afbcddb6c5505e8f9fe"
   dependencies:
-    chartjs-color "^2.1.0"
-    moment "^2.10.2"
+    base64-js "^1.0.2"
+    ieee754 "^1.1.4"
 
-chartjs-color-string@^0.6.0:
-  version "0.6.0"
-  resolved "https://registry.yarnpkg.com/chartjs-color-string/-/chartjs-color-string-0.6.0.tgz#1df096621c0e70720a64f4135ea171d051402f71"
-  integrity sha512-TIB5OKn1hPJvO7JcteW4WY/63v6KwEdt6udfnDE9iCAZgy+V4SrbSxoIbTw/xkUIapjEI4ExGtD0+6D3KyFd7A==
-  dependencies:
-    color-name "^1.0.0"
+builtin-status-codes@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
 
-chartjs-color@^2.1.0:
-  version "2.4.1"
-  resolved "https://registry.yarnpkg.com/chartjs-color/-/chartjs-color-2.4.1.tgz#6118bba202fe1ea79dd7f7c0f9da93467296c3b0"
-  integrity sha512-haqOg1+Yebys/Ts/9bLo/BqUcONQOdr/hoEr2LLTRl6C5LXctUdHxsCYfvQVg5JIxITrfCNUDr4ntqmQk9+/0w==
-  dependencies:
-    chartjs-color-string "^0.6.0"
-    color-convert "^1.9.3"
+cached-path-relative@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.1.0.tgz#865576dfef39c0d6a7defde794d078f5308e3ef3"
+  integrity sha512-WF0LihfemtesFcJgO7xfOoOcnWzY/QHR4qeDqV44jPU3HTI54+LnfXK3SA27AVVGCdZFgjjFFaqUA9Jx7dMJZA==
 
-clone@^1.0.4:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.4.tgz#da309cc263df15994c688ca902179ca3c7cd7c7e"
-  integrity sha512-JQHZ2QMW6l3aH/j6xCqQThY/9OH4D/9ls34cgkUBiEeocRTU04tHfKPBsUK1PqZCUQM7GiA0IIXJSuXHI64Kbg==
+charm@~0.1.0:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/charm/-/charm-0.1.2.tgz#06c21eed1a1b06aeb67553cdc53e23274bac2296"
 
-codemirror@^5.65.1:
-  version "5.65.11"
-  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.65.11.tgz#c818edc3274788c008f636520c5490a1f7009b4f"
-  integrity sha512-Gp62g2eKSCHYt10axmGhKq3WoJSvVpvhXmowNq7pZdRVowwtvBR/hi2LSP5srtctKkRT33T6/n8Kv1UGp7JW4A==
+chart.js@1.0.*:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-1.0.2.tgz#ad57d2229cfd8ccf5955147e8121b4911e69dfe7"
 
-color-convert@^1.9.3:
-  version "1.9.3"
-  resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.3.tgz#bb71850690e1f136567de629d2d5471deda4c1e8"
-  integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==
+cipher-base@^1.0.0, cipher-base@^1.0.1, cipher-base@^1.0.3:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/cipher-base/-/cipher-base-1.0.4.tgz#8760e4ecc272f4c363532f926d874aae2c1397de"
   dependencies:
-    color-name "1.1.3"
+    inherits "^2.0.1"
+    safe-buffer "^5.0.1"
 
-color-name@1.1.3:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25"
-  integrity sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==
+ckeditor@^4.11.2:
+  version "4.11.3"
+  resolved "https://registry.yarnpkg.com/ckeditor/-/ckeditor-4.11.3.tgz#91f66d7ddb5bff3874514fe539779686874ed655"
+  integrity sha512-v6G+v16WAcukKuQH6m+trA9RCOQntFM2nxPO/GFiLYsdD/5IbZAZ2n7GwMxQmxDXpx4AixpnMWF+yAE1t9wq6Q==
+
+classie@>=0.0.1:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/classie/-/classie-1.0.0.tgz#fc9b29b47e64e374a2062fb624d05a61cd703ab2"
+
+combine-source-map@^0.8.0, combine-source-map@~0.8.0:
+  version "0.8.0"
+  resolved "https://registry.yarnpkg.com/combine-source-map/-/combine-source-map-0.8.0.tgz#a58d0df042c186fcf822a8e8015f5450d2d79a8b"
+  dependencies:
+    convert-source-map "~1.1.0"
+    inline-source-map "~0.6.0"
+    lodash.memoize "~3.0.3"
+    source-map "~0.5.3"
 
-color-name@^1.0.0:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
-  integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
+concat-map@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
 
-concat-stream@~1.6.0:
+concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0:
   version "1.6.2"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
   dependencies:
@@ -343,604 +337,278 @@ concat-stream@~1.6.0:
     readable-stream "^2.2.2"
     typedarray "^0.0.6"
 
-convert-source-map@^1.5.1:
-  version "1.9.0"
-  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.9.0.tgz#7faae62353fb4213366d0ca98358d22e8368b05f"
-  integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==
-
-core-util-is@~1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
-
-crypto-js@^4.0.0:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
-  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
-
-d@1, d@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/d/-/d-1.0.1.tgz#8698095372d58dbee346ffd0c7093f99f8f9eb5a"
-  integrity sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==
-  dependencies:
-    es5-ext "^0.10.50"
-    type "^1.0.1"
-
-dash-ast@^2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/dash-ast/-/dash-ast-2.0.1.tgz#8d0fd2e601c59bf874cc22877ee7dd889f54dee8"
-  integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
-
-datatables.net-autofill-bs4@^2.3.9:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-autofill-bs4/-/datatables.net-autofill-bs4-2.5.1.tgz#2c5fefe6076f95bf40313a8ec4cad4c36a4b20df"
-  integrity sha512-5oCgfpte/IEPFKBGGEuEKE0qVmSkKCJ8bkqNOKLghemado5ldOcU9WZysVyk3L72nQMHnXlB4CNex6qj9Snu5w==
-  dependencies:
-    datatables.net-autofill ">=2.4.0"
-    datatables.net-bs4 ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-autofill@>=2.4.0:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-autofill/-/datatables.net-autofill-2.5.1.tgz#8a92a180b9174c8061700d66e26dece2a650f9b1"
-  integrity sha512-HuBx0KOxQVmQooQahlsi3a9DXhZB+kvRtC5ZPjDVKiJ1rV3NCc4Q/s4Q6Go4TjKd013uFcifLca9GJnbpx4wng==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-bs4@>=1.10.25, datatables.net-bs4@>=1.12.1, datatables.net-bs4@^1.11.4:
-  version "1.13.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-bs4/-/datatables.net-bs4-1.13.1.tgz#b704d9639bbe650c996e614dc37f529e8c09ff47"
-  integrity sha512-GBTOzUT8ooEUMPtjVHktvDk0MyakFGh89F8aHj8VwF1OFLbqTGEAPacO8XAgSfej/Ng3dbFJA6sjrk4gFra8kg==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-buttons-bs4@^2.2.2:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs4/-/datatables.net-buttons-bs4-2.3.3.tgz#11655db6218f129dce04c043decbd4e36e02bf8c"
-  integrity sha512-u028LSQrwK7V+w1nIrQFcyFe8uNZriOzc8AuTvACF+cTlZeDq6ch40dXy5e8Vsaad2xSopJAQ189zPOIGdUlqw==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-buttons ">=2.2.3"
-    jquery ">=1.7"
-
-datatables.net-buttons@>=2.2.3:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-2.3.3.tgz#d54918ac82c681a0d58151d555ed690f40fef614"
-  integrity sha512-jK/hGF+NEj6CxDHKlpQiSu280G00VgL57SPyLbOA+DrmUd6wSGmdco0ztzYsbe9hzLJ3QnmB5LTpPPrBf8985Q==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-colreorder-bs4@^1.5.5:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-colreorder-bs4/-/datatables.net-colreorder-bs4-1.6.1.tgz#01e8b0ffd47c832d4cf928f4486e42b0be90fe21"
-  integrity sha512-vdr0Padd26pDNdUhasFUGWK6WrYyoBSwoJ5Sq4294hgj1SqblP8pz1vIGUmFiFtlHlOsHaVor3rffeqyYH8Waw==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-colreorder ">=1.5.6"
-    jquery ">=1.7"
-
-datatables.net-colreorder@>=1.5.6:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-colreorder/-/datatables.net-colreorder-1.6.1.tgz#effecd14fb8c42299b4a120d31b6ab04ccdd5dca"
-  integrity sha512-ae0gdkG0OmrEGUrXYm0XgWDzDkuEhEuNrfvQsmtCTl0j+1nxtXPsecIiWBCqv/dM0X4x8PT0dJY8furqPCzXXw==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-fixedcolumns-bs4@^4.0.1:
-  version "4.2.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns-bs4/-/datatables.net-fixedcolumns-bs4-4.2.1.tgz#5c608b3b98654350745441a7306e9b0e02b111d5"
-  integrity sha512-RXI0weSNs9MlwKZujIKtih2wAdycjYgE7xunFYNTLJrjMzmRrisHs1FQ8AwZAQZu2CkvUbrUjdiAuaJXwKPyuA==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-fixedcolumns ">=4.1.0"
-    jquery ">=1.7"
-
-datatables.net-fixedcolumns@>=4.1.0:
-  version "4.2.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns/-/datatables.net-fixedcolumns-4.2.1.tgz#f73ec3369646487e74afab308d8eb90eca0a37d2"
-  integrity sha512-XCNM2UyWwLl8Qtaw23/wgMlUhQjIWEKXJSLqB67RTibeyfVUF7zsnNQECPtlPr6kqUN229Ep8UZG15Zc71MytQ==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-fixedheader-bs4@^3.2.1:
-  version "3.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader-bs4/-/datatables.net-fixedheader-bs4-3.3.1.tgz#f60c85f8d0d846cff1368f2a2012229f3baa43b4"
-  integrity sha512-cTSh9VygiEoMwnkuR5xhex/NDCJ5CsgXCLG0VDdOqptUwjYIqlrrVf4hBCj2XnJCxHi/liV1sSW3qu7q1QnpwQ==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-fixedheader ">=3.2.4"
-    jquery ">=1.7"
-
-datatables.net-fixedheader@>=3.2.4:
-  version "3.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader/-/datatables.net-fixedheader-3.3.1.tgz#71aafa169b91f0fc1b3fa353d50f575ad67ad50d"
-  integrity sha512-m1ip5dOOsdjaFw2e5G77o+XLjqy5wWKnBnp+BwbnFCq4J5hFbMqcIV1r5z9X+NeAiKlADqZqteeLoO2xYRXBVA==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-keytable-bs4@^2.6.4:
-  version "2.8.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-keytable-bs4/-/datatables.net-keytable-bs4-2.8.0.tgz#fa36bf33eb5591a998f0fe361851f496487e12ed"
-  integrity sha512-QzkT+CHndZNfUYzzwAMtzHbDRNw5M6yIwWhGClX6/9i9NJ/dLwFzE5pZumL+6EOYyRU5Bwz9fF5NgaIXKqBXAQ==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-keytable ">=2.7.0"
-    jquery ">=1.7"
-
-datatables.net-keytable@>=2.7.0:
-  version "2.8.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-keytable/-/datatables.net-keytable-2.8.0.tgz#aabd44fbcb5e38a0b24d43718808a4955e0e6b2c"
-  integrity sha512-fZBCdBvB1hbJko80YhWcu30WmO7Mrpa2N9b9C8HOcbYjDGP8R3lkswtZj+RopQdFqh42cFn+/jXC9lC+xOWEtA==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-plugins@^1.13.1:
-  version "1.13.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.13.1.tgz#0ed233404fa3511bf46db7db8742b9fad6fd90a9"
-  integrity sha512-4UpaRl7ZiTmStjV1QTB3x9V0EKmgdMvF7Ms+HzZ6gSzv33kPrL9Cw76/Uxxl02Z+ajergobvfMN64ndlZ9AXzA==
-
-datatables.net-responsive-bs4@^2.2.9:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-responsive-bs4/-/datatables.net-responsive-bs4-2.4.0.tgz#4f4b3bc09a1f403baf9153067a49d9de66ad6f39"
-  integrity sha512-zCAxwcuaLneJd3Yy1eKZU3wksIj4IFvcaQEXrFeVBgsl6iH3H+uqW9apwdadDL8agsBHdsln08qYjkz8bYY7Bg==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-responsive ">=2.3.0"
-    jquery ">=1.7"
-
-datatables.net-responsive@>=2.3.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-responsive/-/datatables.net-responsive-2.4.0.tgz#91658679483e3ef6cda8b9bc5c1b7eff076a8e70"
-  integrity sha512-Acws4aEPJZX/+CQsXpuDBHfrwgl3XxWEc/zlsnJCXE/GGbqjVAtQt7SM6EBcdReMv1FbyWUlF/Uw+de11NT46A==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
-
-datatables.net-rowgroup-bs4@^1.1.4:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup-bs4/-/datatables.net-rowgroup-bs4-1.3.0.tgz#6ce865f6235df12989a07562e636e9065d3a2150"
-  integrity sha512-qw4PwsFgVNKazimL/ixYP9NGzsEgZtt1VQfFK/r+JF1uoV7/vVvG7qK/B+wFRAdTAXL+9v6uKlJ/8RI7bPAbvg==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-rowgroup ">=1.2.0"
-    jquery ">=1.7"
-
-datatables.net-rowgroup@>=1.2.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup/-/datatables.net-rowgroup-1.3.0.tgz#3b330f0226e84054fd25684de9ceb3eeb6ee7f5d"
-  integrity sha512-kLzYxvMmy8wmISksXvHBbZrv0wD7hlmp8NaiZQ6rFMwbTIoMt9YzOA+tpKDZiw3MOnku44QAOBXdPtXwxjE0JA==
+console-browserify@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/console-browserify/-/console-browserify-1.1.0.tgz#f0241c45730a9fc6323b206dbf38edc741d0bb10"
   dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
+    date-now "^0.1.4"
 
-datatables.net-rowreorder-bs4@^1.2.8:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder-bs4/-/datatables.net-rowreorder-bs4-1.3.1.tgz#1ceaabb5d8b8b45b92f81531eeece3c6649439d9"
-  integrity sha512-wrprtbvyEG0Cg78NbG2pSjTo6KhoEAiI5LmsELv0e6zK4EXOUk+EVatrFaYwK1LARVVSFznpIvPAskZpsV2wBA==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-rowreorder ">=1.2.8"
-    jquery ">=1.7"
+constants-browserify@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/constants-browserify/-/constants-browserify-1.0.0.tgz#c20b96d8c617748aaf1c16021760cd27fcb8cb75"
 
-datatables.net-rowreorder@>=1.2.8:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder/-/datatables.net-rowreorder-1.3.1.tgz#a745927bdd27412005ce6a38f88cf1e08380951c"
-  integrity sha512-HZXlyZOdm0riGm7MZK61RapBZUimooKL1GuVu7xuJE0Rpv3/1RasdMzWV3hfkUVKNKBhvEAD06SYI/kXxqABaw==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
+convert-source-map@~1.1.0:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.1.3.tgz#4829c877e9fe49b3161f3bf3673888e204699860"
 
-datatables.net-scroller-bs4@^2.0.5:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-scroller-bs4/-/datatables.net-scroller-bs4-2.1.0.tgz#06c2850856340b88c5fb49294d45f83779a57a82"
-  integrity sha512-xZa2rhZjKbk1ebPQBrY6pqQRdc8/JTuAzzqhQjU7hDKwQqRyQ6WJuVjdJxJ6MHkB2fFVdj7v9H3VCvUJOuXTEQ==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-scroller ">=2.0.7"
-    jquery ">=1.7"
+core-util-is@~1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
 
-datatables.net-scroller@>=2.0.7:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-scroller/-/datatables.net-scroller-2.1.0.tgz#0a96896bfa6f5f4f4266e41b652194cb9fdf2414"
-  integrity sha512-B/MxP8YPcFtoa1cexvlcK0PXQdzy6tz+HhQlyjNpRCoRc/8ZM5VcZg+ecYfP/pRBBXZORgkOJjWYkIdoChhE0w==
+create-ecdh@^4.0.0:
+  version "4.0.3"
+  resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.3.tgz#c9111b6f33045c4697f144787f9254cdc77c45ff"
   dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
+    bn.js "^4.1.0"
+    elliptic "^6.0.0"
 
-datatables.net-searchbuilder-bs4@^1.3.1:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder-bs4/-/datatables.net-searchbuilder-bs4-1.4.0.tgz#24b98014e5de62b7e52d12169c986e28d341deb8"
-  integrity sha512-iEjhIkKLKoVD7wGWEVNSfpQaqBx+SXbiDTmH3t39h5hNWpYqoLtwEy/PhtaSdaF+hIhlrhcB4y8qHr/mW7KlSw==
+create-hash@^1.1.0, create-hash@^1.1.2:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
   dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-searchbuilder ">=1.3.4"
-    jquery ">=1.7"
+    cipher-base "^1.0.1"
+    inherits "^2.0.1"
+    md5.js "^1.3.4"
+    ripemd160 "^2.0.1"
+    sha.js "^2.4.0"
 
-datatables.net-searchbuilder@>=1.3.4:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder/-/datatables.net-searchbuilder-1.4.0.tgz#8eba2bac0ac702733c080d6dee0a5d6ae8181d4f"
-  integrity sha512-I6+a5EebX6uYFlWmc7TAk1oQvlfoGZqyLgdN4H9Rm6fL5VZv6SvWQ7y2+W9ebshMD0smKdtp8pedYc8PIh80kg==
-  dependencies:
-    datatables.net ">=1.12.1"
+create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
+  version "1.1.7"
+  resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
+  dependencies:
+    cipher-base "^1.0.3"
+    create-hash "^1.1.0"
+    inherits "^2.0.1"
+    ripemd160 "^2.0.0"
+    safe-buffer "^5.0.1"
+    sha.js "^2.4.8"
+
+crypto-browserify@^3.0.0:
+  version "3.12.0"
+  resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-3.12.0.tgz#396cf9f3137f03e4b8e532c58f698254e00f80ec"
+  dependencies:
+    browserify-cipher "^1.0.0"
+    browserify-sign "^4.0.0"
+    create-ecdh "^4.0.0"
+    create-hash "^1.1.0"
+    create-hmac "^1.1.0"
+    diffie-hellman "^5.0.0"
+    inherits "^2.0.1"
+    pbkdf2 "^3.0.3"
+    public-encrypt "^4.0.0"
+    randombytes "^2.0.0"
+    randomfill "^1.0.3"
+
+datatables.net-bs@^1.10.19:
+  version "1.10.19"
+  resolved "https://registry.yarnpkg.com/datatables.net-bs/-/datatables.net-bs-1.10.19.tgz#08763b4e4d0cef1a427d019dc15e717c7ed67a4d"
+  integrity sha512-5gxoI2n+duZP06+4xVC2TtH6zcY369/TRKTZ1DdSgDcDUl4OYQsrXCuaLJmbVzna/5Y5lrMmK7CxgvYgIynICA==
+  dependencies:
+    datatables.net "1.10.19"
     jquery ">=1.7"
 
-datatables.net-searchpanes-bs4@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes-bs4/-/datatables.net-searchpanes-bs4-1.4.0.tgz#efe09f8093fabd5ef311467eac198480873fb9bd"
-  integrity sha512-Floxzmw2cQkUQdI7Vv4IWtLqLmwPrmY6MPncbEWq4YvkSeaZW7OHzSmZLLUjMn2P6Huvz59WUVcwL0lSDui6GQ==
-  dependencies:
-    datatables.net-bs4 ">=1.10.25"
-    datatables.net-searchpanes ">=1.3.0"
-    jquery ">=1.7"
+datatables.net-plugins@^1.10.19:
+  version "1.10.20"
+  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.10.20.tgz#c89f6bed3fa7e6605cbeaa35d60f223659e84c8c"
+  integrity sha512-rnhNmRHe9UEzvM7gtjBay1QodkWUmxLUhHNbmJMYhhUggjtm+BRSlE0PRilkeUkwckpNWzq+0fPd7/i0fpQgzA==
 
-datatables.net-searchpanes@>=1.3.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes/-/datatables.net-searchpanes-2.1.0.tgz#e67fa2e8ce452a8c6fcebc69cddb101cf4208cf2"
-  integrity sha512-MA5rvXxqqCI0wBcAjrA0Bpp7QynWsjfpH2ZlhiTrBjsilYfn5oGPSSwsJxLO7unolmnhm+iuqethlWNyo9TC6Q==
+datatables.net@1.10.19, datatables.net@^1.10.19:
+  version "1.10.19"
+  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.10.19.tgz#97a1ed41c85e62d61040603481b59790a172dd1f"
+  integrity sha512-+ljXcI6Pj3PTGy5pesp3E5Dr3x3AV45EZe0o1r0gKENN2gafBKXodVnk2ypKwl2tTmivjxbkiqoWnipTefyBTA==
   dependencies:
-    datatables.net ">=1.12.1"
     jquery ">=1.7"
 
-datatables.net-select-bs4@^1.3.4:
-  version "1.5.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-select-bs4/-/datatables.net-select-bs4-1.5.0.tgz#a4514dd49ea67c525c2083ef455c552a010ea6cb"
-  integrity sha512-x70tepWUQKDYFHejk2o1zR4HBqH7Idz4cMTemdeM8oT7lmRnGb9gbiUoYMgwc5h2S2jkDYeIkvQWWMsI17shCg==
-  dependencies:
-    datatables.net-bs4 ">=1.12.1"
-    datatables.net-select ">=1.4.0"
-    jquery ">=1.7"
+date-now@^0.1.4:
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/date-now/-/date-now-0.1.4.tgz#eaf439fd4d4848ad74e5cc7dbef200672b9e345b"
 
-datatables.net-select@>=1.4.0:
-  version "1.5.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-select/-/datatables.net-select-1.5.0.tgz#e118438ad98e4857060d6dd66cb0fab215a54fda"
-  integrity sha512-PVYcX5phmu77r3a6miTyS1zF03cgX7Mx+BXH4wCJzZW+UHe2Xz9DAHgxvLQfE7j2M8LG45Ww7RxBhnkFKk1t7A==
-  dependencies:
-    datatables.net ">=1.12.1"
-    jquery ">=1.7"
+defined@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
 
-datatables.net@>=1.12.1, datatables.net@^1.11.4:
-  version "1.13.1"
-  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.13.1.tgz#199f7cb63f4536c135e161f95254212835a1c130"
-  integrity sha512-cX5dDHsbVdLLYKsWOSE0MvuGUcV88zU5dZ/taK2puJV6F9Fw0CFsP3+U/kr+qpDSFOBLWISRyM4Q9wWWovPTNg==
+deps-sort@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/deps-sort/-/deps-sort-2.0.0.tgz#091724902e84658260eb910748cccd1af6e21fb5"
   dependencies:
-    jquery ">=1.7"
+    JSONStream "^1.0.3"
+    shasum "^1.0.0"
+    subarg "^1.0.0"
+    through2 "^2.0.0"
 
-daterangepicker@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/daterangepicker/-/daterangepicker-3.1.0.tgz#718d606614331df3e774c9aba82ccd8838d45da1"
-  integrity sha512-DxWXvvPq4srWLCqFugqSV+6CBt/CvQ0dnpXhQ3gl0autcIDAruG1PuGG3gC7yPRNytAD1oU1AcUOzaYhOawhTw==
+des.js@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/des.js/-/des.js-1.0.0.tgz#c074d2e2aa6a8a9a07dbd61f9a15c2cd83ec8ecc"
   dependencies:
-    jquery ">=1.10"
-    moment "^2.9.0"
+    inherits "^2.0.1"
+    minimalistic-assert "^1.0.0"
 
-deep-equal@^1.0.0:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.1.1.tgz#b5c98c942ceffaf7cb051e24e1434a25a2e6076a"
-  integrity sha512-yd9c5AdiqVcR+JjcwUQb9DkhJc8ngNr0MahEBGvDiJw8puWab2yZlh+nkasOnZP+EGTAP6rRp2JzJhJZzvNF8g==
+detective@^5.0.2:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/detective/-/detective-5.1.0.tgz#7a20d89236d7b331ccea65832e7123b5551bb7cb"
   dependencies:
-    is-arguments "^1.0.4"
-    is-date-object "^1.0.1"
-    is-regex "^1.0.4"
-    object-is "^1.0.1"
-    object-keys "^1.1.1"
-    regexp.prototype.flags "^1.2.0"
-
-deep-is@~0.1.3:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831"
-  integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==
+    acorn-node "^1.3.0"
+    defined "^1.0.0"
+    minimist "^1.1.1"
 
-define-properties@^1.1.3:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1"
-  integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA==
+diffie-hellman@^5.0.0:
+  version "5.0.3"
+  resolved "https://registry.yarnpkg.com/diffie-hellman/-/diffie-hellman-5.0.3.tgz#40e8ee98f55a2149607146921c63e1ae5f3d2875"
   dependencies:
-    has-property-descriptors "^1.0.0"
-    object-keys "^1.1.1"
+    bn.js "^4.1.0"
+    miller-rabin "^4.0.0"
+    randombytes "^2.0.0"
 
-dfa@^1.2.0:
+domain-browser@^1.2.0:
   version "1.2.0"
-  resolved "https://registry.yarnpkg.com/dfa/-/dfa-1.2.0.tgz#96ac3204e2d29c49ea5b57af8d92c2ae12790657"
-  integrity sha512-ED3jP8saaweFTjeGX8HQPjeC1YYyZs98jGNZx6IiBvxW7JG5v492kamAQB3m2wop07CvU/RQmzcKr6bgcC5D/Q==
+  resolved "https://registry.yarnpkg.com/domain-browser/-/domain-browser-1.2.0.tgz#3d31f50191a6749dd1375a7f522e823d42e54eda"
 
-dropzone@^5.9.3:
-  version "5.9.3"
-  resolved "https://registry.yarnpkg.com/dropzone/-/dropzone-5.9.3.tgz#b3070ae090fa48cbc04c17535635537ca72d70d6"
-  integrity sha512-Azk8kD/2/nJIuVPK+zQ9sjKMRIpRvNyqn9XwbBHNq+iNuSccbJS6hwm1Woy0pMST0erSo0u4j+KJaodndDk4vA==
+domhelper@~0.9.0:
+  version "0.9.1"
+  resolved "https://registry.yarnpkg.com/domhelper/-/domhelper-0.9.1.tgz#26554e5bac2c9e9585dca500978df5067d64bd00"
+  dependencies:
+    browserify ">=3.46.0"
+    classie ">=0.0.1"
+    util-extend "^1.0.1"
 
-duplexer2@~0.1.4:
+duplexer2@^0.1.2, duplexer2@~0.1.0, duplexer2@~0.1.2:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"
-  integrity sha512-asLFVfWWtJ90ZyOUHMqk7/S2w2guQKxUI2itj3d92ADHhxUSbCMGi1f1cBcJ7xM1To+pE/Khbwo1yuNbMEPKeA==
   dependencies:
     readable-stream "^2.0.2"
 
-ekko-lightbox@^5.3.0:
-  version "5.3.0"
-  resolved "https://registry.yarnpkg.com/ekko-lightbox/-/ekko-lightbox-5.3.0.tgz#fbfcd9df93a8d1cdbf8770adc8c05aaac4d24f56"
-  integrity sha512-mbacwySuVD3Ad6F2hTkjSTvJt59bcVv2l/TmBerp4xZnLak8tPtA4AScUn4DL42c1ksTiAO6sGhJZ52P/1Qgew==
-
-es5-ext@^0.10.35, es5-ext@^0.10.50, es5-ext@^0.10.62, es5-ext@~0.10.14:
-  version "0.10.62"
-  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5"
-  integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA==
-  dependencies:
-    es6-iterator "^2.0.3"
-    es6-symbol "^3.1.3"
-    next-tick "^1.1.0"
-
-es6-iterator@^2.0.3, es6-iterator@~2.0.1, es6-iterator@~2.0.3:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.3.tgz#a7de889141a05a94b0854403b2d0a0fbfa98f3b7"
-  integrity sha512-zw4SRzoUkd+cl+ZoE15A9o1oQd920Bb0iOJMQkQhl3jNc03YqVjAhG7scf9C5KWRU/R13Orf588uCC6525o02g==
-  dependencies:
-    d "1"
-    es5-ext "^0.10.35"
-    es6-symbol "^3.1.1"
-
-es6-map@^0.1.5:
-  version "0.1.5"
-  resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0"
-  integrity sha512-mz3UqCh0uPCIqsw1SSAkB/p0rOzF/M0V++vyN7JqlPtSW/VsYgQBvVvqMLmfBuyMzTpLnNqi6JmcSizs4jy19A==
-  dependencies:
-    d "1"
-    es5-ext "~0.10.14"
-    es6-iterator "~2.0.1"
-    es6-set "~0.1.5"
-    es6-symbol "~3.1.1"
-    event-emitter "~0.3.5"
-
-es6-set@^0.1.5, es6-set@~0.1.5:
-  version "0.1.6"
-  resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.6.tgz#5669e3b2aa01d61a50ba79964f733673574983b8"
-  integrity sha512-TE3LgGLDIBX332jq3ypv6bcOpkLO0AslAQo7p2VqX/1N46YNsvIWgvjojjSEnWEGWMhr1qUbYeTSir5J6mFHOw==
-  dependencies:
-    d "^1.0.1"
-    es5-ext "^0.10.62"
-    es6-iterator "~2.0.3"
-    es6-symbol "^3.1.3"
-    event-emitter "^0.3.5"
-    type "^2.7.2"
-
-es6-symbol@^3.1.1, es6-symbol@^3.1.3, es6-symbol@~3.1.1:
-  version "3.1.3"
-  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"
-  integrity sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==
-  dependencies:
-    d "^1.0.1"
-    ext "^1.1.2"
-
-escodegen@^1.11.1:
-  version "1.14.3"
-  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.14.3.tgz#4e7b81fba61581dc97582ed78cab7f0e8d63f503"
-  integrity sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw==
-  dependencies:
-    esprima "^4.0.1"
-    estraverse "^4.2.0"
-    esutils "^2.0.2"
-    optionator "^0.8.1"
-  optionalDependencies:
-    source-map "~0.6.1"
-
-escodegen@~1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.2.0.tgz#09de7967791cc958b7f89a2ddb6d23451af327e1"
-  integrity sha512-yLy3Cc+zAC0WSmoT2fig3J87TpQ8UaZGx8ahCAs9FL8qNbyV7CVyPKS74DG4bsHiL5ew9sxdYx131OkBQMFnvA==
+elliptic@^6.0.0:
+  version "6.5.4"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb"
+  integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
   dependencies:
-    esprima "~1.0.4"
-    estraverse "~1.5.0"
-    esutils "~1.0.0"
-  optionalDependencies:
-    source-map "~0.1.30"
-
-esprima@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71"
-  integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==
-
-esprima@~1.0.4:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/esprima/-/esprima-1.0.4.tgz#9f557e08fc3b4d26ece9dd34f8fbf476b62585ad"
-  integrity sha512-rp5dMKN8zEs9dfi9g0X1ClLmV//WRyk/R15mppFNICIFRG5P92VP7Z04p8pk++gABo9W2tY+kHyu6P1mEHgmTA==
-
-estraverse@^4.2.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.3.0.tgz#398ad3f3c5a24948be7725e83d11a7de28cdbd1d"
-  integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==
-
-estraverse@~1.5.0:
-  version "1.5.1"
-  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.5.1.tgz#867a3e8e58a9f84618afb6c2ddbcd916b7cbaf71"
-  integrity sha512-FpCjJDfmo3vsc/1zKSeqR5k42tcIhxFIlvq+h9j0fO2q/h2uLKyweq7rYJ+0CoVvrGQOxIS5wyBrW/+vF58BUQ==
-
-estree-is-function@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/estree-is-function/-/estree-is-function-1.0.0.tgz#c0adc29806d7f18a74db7df0f3b2666702e37ad2"
-  integrity sha512-nSCWn1jkSq2QAtkaVLJZY2ezwcFO161HVc174zL1KPW3RJ+O6C3eJb8Nx7OXzvhoEv+nLgSR1g71oWUHUDTrJA==
-
-esutils@^2.0.2:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
-  integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
-
-esutils@~1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/esutils/-/esutils-1.0.0.tgz#8151d358e20c8acc7fb745e7472c0025fe496570"
-  integrity sha512-x/iYH53X3quDwfHRz4y8rn4XcEwwCJeWsul9pF1zldMbGtgOtMNBEOuYWwB1EQlK2LRa1fev3YAgym/RElp5Cg==
-
-ev-emitter@^1.0.0:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/ev-emitter/-/ev-emitter-1.1.1.tgz#8f18b0ce5c76a5d18017f71c0a795c65b9138f2a"
-  integrity sha512-ipiDYhdQSCZ4hSbX4rMW+XzNKMD1prg/sTvoVmSLkuQ1MVlwjJQQA+sW8tMYR3BLUr9KjodFV4pvzunvRhd33Q==
+    bn.js "^4.11.9"
+    brorand "^1.1.0"
+    hash.js "^1.0.0"
+    hmac-drbg "^1.0.1"
+    inherits "^2.0.4"
+    minimalistic-assert "^1.0.1"
+    minimalistic-crypto-utils "^1.0.1"
 
 eve-raphael@0.5.0:
   version "0.5.0"
   resolved "https://registry.yarnpkg.com/eve-raphael/-/eve-raphael-0.5.0.tgz#17c754b792beef3fa6684d79cf5a47c63c4cda30"
 
-event-emitter@^0.3.5, event-emitter@~0.3.5:
-  version "0.3.5"
-  resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39"
-  integrity sha512-D9rRn9y7kLPnJ+hMq7S/nhvoKwwvVJahBi2BPmx3bvbsEdK3W9ii8cBSGjP+72/LnM4n6fo3+dkCX5FeTQruXA==
-  dependencies:
-    d "1"
-    es5-ext "~0.10.14"
+events@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/events/-/events-2.1.0.tgz#2a9a1e18e6106e0e812aa9ebd4a819b3c29c0ba5"
 
-ext@^1.1.2:
-  version "1.7.0"
-  resolved "https://registry.yarnpkg.com/ext/-/ext-1.7.0.tgz#0ea4383c0103d60e70be99e9a7f11027a33c4f5f"
-  integrity sha512-6hxeJYaL110a9b5TEJSj0gojyHQAmA2ch5Os+ySCiA1QGdS697XWY1pzsrSjqA9LDEEgdB/KypIlR59RcLuHYw==
+evp_bytestokey@^1.0.0, evp_bytestokey@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz#7fcbdb198dc71959432efe13842684e0525acb02"
   dependencies:
-    type "^2.7.2"
-
-fast-levenshtein@~2.0.6:
-  version "2.0.6"
-  resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
-  integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
-
-fast-memoize@^2.5.1:
-  version "2.5.2"
-  resolved "https://registry.yarnpkg.com/fast-memoize/-/fast-memoize-2.5.2.tgz#79e3bb6a4ec867ea40ba0e7146816f6cdce9b57e"
-  integrity sha512-Ue0LwpDYErFbmNnZSF0UH6eImUwDmogUO1jyE+JbN2gsQz/jICm1Ve7t9QT0rNSsfJt+Hs4/S3GnsDVjL4HVrw==
+    md5.js "^1.3.4"
+    safe-buffer "^5.1.1"
 
 fastclick@^1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/fastclick/-/fastclick-1.0.6.tgz#161625b27b1a5806405936bda9a2c1926d06be6a"
 
-filterizr@^2.2.4:
-  version "2.2.4"
-  resolved "https://registry.yarnpkg.com/filterizr/-/filterizr-2.2.4.tgz#02fd75cffd46ef7acc85f55e132064650ae90a14"
-  integrity sha512-hqyEdg7RrvJMVFOeF0yysS75HP6jLu0wBSUtSPAc3BysAtHpwcXaPnR1kYp2uZtd3YXyhH6JRfF9+H4SRvrqXg==
-  dependencies:
-    fast-memoize "^2.5.1"
-    imagesloaded "^4.1.4"
-
-flag-icon-css@^4.1.7:
-  version "4.1.7"
-  resolved "https://registry.yarnpkg.com/flag-icon-css/-/flag-icon-css-4.1.7.tgz#5471197f9ab965a3603b3e0face31dd513fec289"
-  integrity sha512-AFjSU+fv98XbU0vnTQ32vcLj89UEr1MhwDFcooQv14qWJCjg9fGZzfh9BVyDhAhIOZW/pGmJmq38RqpgPaeybQ==
+flot@^0.8.3:
+  version "0.8.3"
+  resolved "https://registry.yarnpkg.com/flot/-/flot-0.8.3.tgz#6d9b93c7aa2cfb30dfa1af9c1ec4c94070b1217f"
+  integrity sha512-xg2otcTJDvS+ERK+my4wxG/ASq90QURXtoM4LhacCq0jQW2jbyjdttbRNqU2cPykrpMvJ6b2uSp6SAgYAzj9tQ==
 
-flot@^4.2.2:
-  version "4.2.3"
-  resolved "https://registry.yarnpkg.com/flot/-/flot-4.2.3.tgz#d327be738a06b6617deeaf346bcbfe0ee5242e48"
-  integrity sha512-r1t2gfhILE6dt7cnYDHX/D2VHERyD0YoV0UdFJg5dWbjkcu05MugfhNY7VspfBFTa+hjVNYVZw6/t9ZyYNen+w==
+font-awesome@^4.7.0:
+  version "4.7.0"
+  resolved "https://registry.yarnpkg.com/font-awesome/-/font-awesome-4.7.0.tgz#8fa8cf0411a1a31afd07b06d2902bb9fc815a133"
 
-fs-extra@^10.0.0:
-  version "10.1.0"
-  resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf"
-  integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==
-  dependencies:
-    graceful-fs "^4.2.0"
-    jsonfile "^6.0.1"
-    universalify "^2.0.0"
+fs.realpath@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
 
-fullcalendar@^5.10.1:
-  version "5.11.4"
-  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-5.11.4.tgz#a4d218fa1d4617a67ee69d0bc7a99f6f96b90658"
-  integrity sha512-1TH40KkWFVlZBpqJ/eB69E7nPABleA0skoc7pTIXJNNNYyUuKPjiJg+TSMunjJ9faPLzvbvfCdgttGZnynPA3Q==
+fullcalendar@^3.10.0:
+  version "3.10.0"
+  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-3.10.0.tgz#cc5e87d518fd6550e142816a31dd191664847919"
+  integrity sha512-0OtsHhmdYhtFmQwXzyo8VqHzYgamg+zVOoytv5N13gI+iF6CGjevpCi/yBaQs0O4wY3OAp8I688IxdNYe0iAvw==
 
 function-bind@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
 
-functions-have-names@^1.2.2:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/functions-have-names/-/functions-have-names-1.2.3.tgz#0404fe4ee2ba2f607f0e0ec3c80bae994133b834"
-  integrity sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==
-
-get-assigned-identifiers@^1.1.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/get-assigned-identifiers/-/get-assigned-identifiers-1.2.0.tgz#6dbf411de648cbaf8d9169ebb0d2d576191e2ff1"
-  integrity sha512-mBBwmeGTrxEMO4pMaaf/uUEFHnYtwr8FTe8Y/mer4rcV/bye0qGm6pw1bGZFGStxC5O76c5ZAVBGnqHmOaJpdQ==
+glob@^7.1.0:
+  version "7.1.2"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15"
+  dependencies:
+    fs.realpath "^1.0.0"
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "^3.0.4"
+    once "^1.3.0"
+    path-is-absolute "^1.0.0"
 
-get-intrinsic@^1.0.2, get-intrinsic@^1.1.1:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.0.tgz#7ad1dc0535f3a2904bba075772763e5051f6d05f"
-  integrity sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q==
+has@^1.0.0:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
   dependencies:
     function-bind "^1.1.1"
-    has "^1.0.3"
-    has-symbols "^1.0.3"
-
-graceful-fs@^4.1.6, graceful-fs@^4.2.0:
-  version "4.2.10"
-  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c"
-  integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==
 
-has-property-descriptors@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz#610708600606d36961ed04c196193b6a607fa861"
-  integrity sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ==
+hash-base@^3.0.0:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.0.4.tgz#5fc8686847ecd73499403319a6b0a3f3f6ae4918"
   dependencies:
-    get-intrinsic "^1.1.1"
-
-has-symbols@^1.0.2, has-symbols@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8"
-  integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==
+    inherits "^2.0.1"
+    safe-buffer "^5.0.1"
 
-has-tostringtag@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.0.tgz#7e133818a7d394734f941e73c3d3f9291e658b25"
-  integrity sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==
+hash.js@^1.0.0, hash.js@^1.0.3:
+  version "1.1.7"
+  resolved "https://registry.yarnpkg.com/hash.js/-/hash.js-1.1.7.tgz#0babca538e8d4ee4a0f8988d68866537a003cf42"
+  integrity sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==
   dependencies:
-    has-symbols "^1.0.2"
+    inherits "^2.0.3"
+    minimalistic-assert "^1.0.1"
 
-has@^1.0.1, has@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
-  integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+hmac-drbg@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
+  integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=
   dependencies:
-    function-bind "^1.1.1"
+    hash.js "^1.0.3"
+    minimalistic-assert "^1.0.0"
+    minimalistic-crypto-utils "^1.0.1"
+
+htmlescape@^1.1.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351"
 
-icheck-bootstrap@^3.0.1:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/icheck-bootstrap/-/icheck-bootstrap-3.0.1.tgz#60c9c9a71524e1d9dd5bd05167a62fef05cc3a1b"
-  integrity sha512-Rj3SybdcMcayhsP4IJ+hmCNgCKclaFcs/5zwCuLXH1WMo468NegjhZVxbSNKhEjJjnwc4gKETogUmPYSQ9lEZQ==
+https-browserify@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
 
 icheck@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/icheck/-/icheck-1.0.2.tgz#06d08da3d47ae448c153b2639b86e9ad7fdf7128"
 
-iconv-lite@^0.6.3:
-  version "0.6.3"
-  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
-  integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
-  dependencies:
-    safer-buffer ">= 2.1.2 < 3.0.0"
+ieee754@^1.1.4:
+  version "1.1.12"
+  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.12.tgz#50bf24e5b9c8bb98af4964c941cdb0918da7b60b"
 
-imagesloaded@^4.1.4:
-  version "4.1.4"
-  resolved "https://registry.yarnpkg.com/imagesloaded/-/imagesloaded-4.1.4.tgz#1376efcd162bb768c34c3727ac89cc04051f3cc7"
-  integrity sha512-ltiBVcYpc/TYTF5nolkMNsnREHW+ICvfQ3Yla2Sgr71YFwQ86bDwV9hgpFhFtrGPuwEx5+LqOHIrdXBdoWwwsA==
+inflight@^1.0.4:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9"
   dependencies:
-    ev-emitter "^1.0.0"
+    once "^1.3.0"
+    wrappy "1"
 
-immediate@~3.0.5:
-  version "3.0.6"
-  resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b"
-  integrity sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==
-
-inherits@^2.0.3, inherits@~2.0.3:
+inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
 
-inputmask@^5.0.7:
-  version "5.0.7"
-  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-5.0.7.tgz#b04d5d4e1c85018893c3c8edb1a9f074b051007f"
-  integrity sha512-rUxbRDS25KEib+c/Ow+K01oprU/+EK9t9SOPC8ov94/ftULGDqj1zOgRU/Hko6uzoKRMdwCfuhAafJ/Wk2wffQ==
+inherits@2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1"
 
-ion-rangeslider@^2.3.1:
-  version "2.3.1"
-  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.1.tgz#92ade52cb56fc30b9162d0483ff02b6f9ed237c2"
-  integrity sha512-6V+24FD13/feliI485gnRHZYD9Ev64M5NAFTxnVib516ATHa9PlXQrC+nOiPngouRYTCLPJyokAJEi3e1Umi5g==
+inherits@2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
 
+<<<<<<< HEAD
 is-arguments@^1.0.4:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/is-arguments/-/is-arguments-1.1.1.tgz#15b3f88fda01f2a97fec84ca761a560f123efa9b"
@@ -948,52 +616,62 @@ is-arguments@^1.0.4:
   dependencies:
     call-bind "^1.0.2"
     has-tostringtag "^1.0.0"
+=======
+inline-source-map@~0.6.0:
+  version "0.6.2"
+  resolved "https://registry.yarnpkg.com/inline-source-map/-/inline-source-map-0.6.2.tgz#f9393471c18a79d1724f863fa38b586370ade2a5"
+  dependencies:
+    source-map "~0.5.3"
+
+inputmask@^3.3.7:
+  version "3.3.11"
+  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-3.3.11.tgz#1421c94ae28c3dcd1b4d26337b508bb34998e2d8"
+>>>>>>> parent of 929cb63 (Merge pull request #1371 from AgentTNT/AdminLTE-Upgrade)
+
+insert-module-globals@^7.0.0:
+  version "7.1.0"
+  resolved "https://registry.yarnpkg.com/insert-module-globals/-/insert-module-globals-7.1.0.tgz#dbb3cea71d3a43d5a07ef0310fe5f078aa4dbf35"
+  dependencies:
+    JSONStream "^1.0.3"
+    combine-source-map "^0.8.0"
+    concat-stream "^1.6.1"
+    is-buffer "^1.1.0"
+    lexical-scope "^1.2.0"
+    path-is-absolute "^1.0.1"
+    process "~0.11.0"
+    through2 "^2.0.0"
+    xtend "^4.0.0"
 
-is-core-module@^2.9.0:
-  version "2.11.0"
-  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.11.0.tgz#ad4cb3e3863e814523c96f3f58d26cc570ff0144"
-  integrity sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==
+ion-rangeslider@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.0.tgz#7957ce2e78acfc956b8c43009373da91f743347e"
+  integrity sha512-7TtH9/X4Aq/xCzboWxjwlv20gVqR90Ysc3aehMlTuH2/ULaSxpB80hq+yvD1N0FwWbPDtxQpjQrz/iX+LWXKmg==
   dependencies:
-    has "^1.0.3"
+    jquery ">=1.8"
 
-is-date-object@^1.0.1:
-  version "1.0.5"
-  resolved "https://registry.yarnpkg.com/is-date-object/-/is-date-object-1.0.5.tgz#0841d5536e724c25597bf6ea62e1bd38298df31f"
-  integrity sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==
-  dependencies:
-    has-tostringtag "^1.0.0"
+ionicons@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/ionicons/-/ionicons-3.0.0.tgz#40b8daf4fd7a31150bd002160f66496e22a98c3c"
 
-is-regex@^1.0.4:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958"
-  integrity sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==
-  dependencies:
-    call-bind "^1.0.2"
-    has-tostringtag "^1.0.0"
+is-buffer@^1.1.0:
+  version "1.1.6"
+  resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
+
+isarray@^2.0.4:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.4.tgz#38e7bcbb0f3ba1b7933c86ba1894ddfc3781bbb7"
 
 isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
 
-jquery-knob-chif@^1.2.13:
-  version "1.2.13"
-  resolved "https://registry.yarnpkg.com/jquery-knob-chif/-/jquery-knob-chif-1.2.13.tgz#5f1e462ef3745d27a9fd66ce1141fe82b44a5762"
-  integrity sha512-dveq9MZCr68bRrsziuRusKS+/ciT1yOOHdENOSTcXVRM9MsEyCK/DjqR9nc7V3on41269PFdDE2Fuib8Cw4jAA==
-
-jquery-mapael@^2.2.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/jquery-mapael/-/jquery-mapael-2.2.0.tgz#a68850c680ef0ce3f8b865e8a48b2a018250ca73"
-  integrity sha512-B5cVcCkfs7Ezia1Zs8bEfVacYD/GvaASyqQeidApR/NJ1C4igcExk9VULVsgLcTPkxohcZrrz5uCaPXvuKeZWw==
-  dependencies:
-    jquery "^3.0 || ^2.0 || ^1.0"
-    raphael "^2.2.0 || ^2.1.1"
-  optionalDependencies:
-    jquery-mousewheel "^3.1"
+jquery-knob@^1.2.11:
+  version "1.2.11"
+  resolved "https://registry.yarnpkg.com/jquery-knob/-/jquery-knob-1.2.11.tgz#f37c39dbc1c7a6a6c12cdb2ed4f6bffb683f10d6"
 
-jquery-mousewheel@^3.1, jquery-mousewheel@^3.1.13:
+jquery-mousewheel@~3.1.13:
   version "3.1.13"
   resolved "https://registry.yarnpkg.com/jquery-mousewheel/-/jquery-mousewheel-3.1.13.tgz#06f0335f16e353a695e7206bf50503cb523a6ee5"
-  integrity sha512-GXhSjfOPyDemM005YCEHvzrEALhKDIswtxSHSR2e4K/suHVJKJxxRCGz3skPjNxjJjQa9AVSGGlYjv1M3VLIPg==
 
 jquery-slimscroll@^1.3.8:
   version "1.3.8"
@@ -1004,20 +682,18 @@ jquery-slimscroll@^1.3.8:
 jquery-sparkline@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery-sparkline/-/jquery-sparkline-2.4.0.tgz#1be8b7b704dd3857152708aefb1d4a4b3a69fb33"
-  integrity sha512-SzjpMkOwlnqZpH4Ni2UbdRU5GxDl/BljgN8Smlun7CXUDqRhjPf2eolJ37KKcaG0/ufsMKY+XDERfPTV1hIcjg==
 
-jquery-ui-dist@^1.13.0, jquery-ui-dist@^1.13.2:
-  version "1.13.2"
-  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.13.2.tgz#899fbb3c6210de19ace10657cf844a3b97f3be70"
-  integrity sha512-oVDRd1NLtTbBwpRKAYdIRgpWVDzeBhfy7Gu0RmY6JEaZtmBq6kDn1pm5SgDiAotrnDS+RoTRXO6xvcNTxA9tOA==
+jquery-ui-dist@^1.12.1:
+  version "1.12.1"
+  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.12.1.tgz#5c0815d3cc6f90ff5faaf5b268a6e23b4ca904fa"
+
+jquery-ui@^1.12.1:
+  version "1.13.0"
+  resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.13.0.tgz#ab5ac65f37ca093c51b3478c4097f55bbc008f36"
+  integrity sha512-Osf7ECXNTYHtKBkn9xzbIf9kifNrBhfywFEKxOeB/OVctVmLlouV9mfc2qXCp6uyO4Pn72PXKOnj09qXetopCw==
   dependencies:
     jquery ">=1.8.0 <4.0.0"
 
-jquery-validation@^1.19.3:
-  version "1.19.5"
-  resolved "https://registry.yarnpkg.com/jquery-validation/-/jquery-validation-1.19.5.tgz#557495b7cad79716897057c4447ad3cd76fda811"
-  integrity sha512-X2SmnPq1mRiDecVYL8edWx+yTBZDyC8ohWXFhXdtqFHgU9Wd4KHkvcbCoIZ0JaSaumzS8s2gXSkP8F7ivg/8ZQ==
-
 jquery.quicksearch@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery.quicksearch/-/jquery.quicksearch-2.4.0.tgz#240c9f435e936c63bf8fbba355144ffdddf9ea26"
@@ -1025,227 +701,260 @@ jquery.quicksearch@^2.4.0:
   dependencies:
     jquery ">=1.8"
 
-"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0":
+"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.5, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0", jquery@^3.2.1:
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.0.tgz#c72a09f15c1bdce142f49dbf1170bdf8adac2470"
   integrity sha512-JVzAR/AjBvVt2BmYhxRCSYysDsPcssdmTFnzyLEts9qNwmjmu4JTAMYubEfwVOSwpQ1I1sKKFcxhZCI2buerfw==
 
-jquery@>=1.12.0, jquery@>=2.2, "jquery@^3.0 || ^2.0 || ^1.0", jquery@^3.4.0, jquery@^3.6.0:
-  version "3.6.3"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6"
-  integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg==
-
-jqvmap-novulnerability@^1.5.1:
-  version "1.5.1"
-  resolved "https://registry.yarnpkg.com/jqvmap-novulnerability/-/jqvmap-novulnerability-1.5.1.tgz#140c42623ebbe9b9076ea2dd3b8d155fe9f38ae7"
-  integrity sha512-O6Jr7AGiut9iNJMelPdy8pH83tNXadOqmhJm5FZy9gtaZ5uuhZK3VNu+YLFuTpXeZI8YXUvlFUYbJJi5XHA+tw==
+json-stable-stringify@~0.0.0:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-0.0.1.tgz#611c23e814db375527df851193db59dd2af27f45"
   dependencies:
-    jquery "^3.4.0"
+    jsonify "~0.0.0"
+
+jsonify@~0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73"
 
-jsgrid@^1.5.3:
-  version "1.5.3"
-  resolved "https://registry.yarnpkg.com/jsgrid/-/jsgrid-1.5.3.tgz#b15fc426483153bee2b6b567312f675d92834a0d"
-  integrity sha512-/BJgQp7gZe8o/VgNelwXc21jHc9HN+l7WPOkBhC9b9jPXFtOrU9ftNLPVBmKYCNlIulAbGTW8SDJI0mpw7uWxQ==
+jsonparse@^1.2.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
 
-jsonfile@^6.0.1:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae"
-  integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==
+jtimeout@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.1.0.tgz#4cd65b28eff8b9f8c61d08889a9ac3abdf5d9893"
+  integrity sha512-xA2TlImMGj4c0yAiM9BUq+8aAFVYVYUX2tkcC8u8das9qoZSs13SxhVcfWqI4cHOsv3huj2D0VRNHeVCLO3mVQ==
   dependencies:
-    universalify "^2.0.0"
-  optionalDependencies:
-    graceful-fs "^4.1.6"
+    jquery ">=1.7.1 <4.0.0"
 
-jszip@^3.7.1:
-  version "3.10.1"
-  resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.10.1.tgz#34aee70eb18ea1faec2f589208a157d1feb091c2"
-  integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g==
+jvectormap@^1.2.2:
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/jvectormap/-/jvectormap-1.2.2.tgz#2e4408b24a60473ff106c1e7243e375ae5ca85da"
   dependencies:
-    lie "~3.3.0"
-    pako "~1.0.2"
-    readable-stream "~2.3.6"
-    setimmediate "^1.0.5"
+    jquery ">=1.5"
 
-jtimeout@^3.2.0:
-  version "3.2.0"
-  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.2.0.tgz#a27dd31652b7a97d4877674a2e9a25551c60d6ba"
-  integrity sha512-P/cEhmgr8P2Vd3V79uUk6pHAHpMSe+Px7B+mGEir4aZW3/J6C09uH97aAEXVpjqb9i9vHnUyIp7k0UoA+Hy0eg==
+labeled-stream-splicer@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/labeled-stream-splicer/-/labeled-stream-splicer-2.0.1.tgz#9cffa32fd99e1612fd1d86a8db962416d5292926"
   dependencies:
-    jquery ">=1.7.1 <4.0.0"
+    inherits "^2.0.1"
+    isarray "^2.0.4"
+    stream-splicer "^2.0.0"
 
-levn@~0.3.0:
-  version "0.3.0"
-  resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee"
-  integrity sha512-0OO4y2iOHix2W6ujICbKIaEQXvFQHue65vUG3pb5EUomzPI90z9hsA1VsO/dbIIpC53J8gxM9Q4Oho0jrCM/yA==
+lexical-scope@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/lexical-scope/-/lexical-scope-1.2.0.tgz#fcea5edc704a4b3a8796cdca419c3a0afaf22df4"
   dependencies:
-    prelude-ls "~1.1.2"
-    type-check "~0.3.2"
+    astw "^2.0.0"
 
-lie@~3.3.0:
-  version "3.3.0"
-  resolved "https://registry.yarnpkg.com/lie/-/lie-3.3.0.tgz#dcf82dee545f46074daf200c7c1c5a08e0f40f6a"
-  integrity sha512-UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ==
+lodash.memoize@~3.0.3:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-3.0.4.tgz#2dcbd2c287cbc0a55cc42328bd0c736150d53e3f"
+
+md5.js@^1.3.4:
+  version "1.3.4"
+  resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.4.tgz#e9bdbde94a20a5ac18b04340fc5764d5b09d901d"
   dependencies:
-    immediate "~3.0.5"
+    hash-base "^3.0.0"
+    inherits "^2.0.1"
 
-magic-string@0.25.1:
-  version "0.25.1"
-  resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.1.tgz#b1c248b399cd7485da0fe7385c2fc7011843266e"
-  integrity sha512-sCuTz6pYom8Rlt4ISPFn6wuFodbKMIHUMv4Qko9P17dpxb7s52KJTmRuZZqHdGmLCK9AOcDare039nRIcfdkEg==
+miller-rabin@^4.0.0:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
   dependencies:
-    sourcemap-codec "^1.4.1"
+    bn.js "^4.0.0"
+    brorand "^1.0.1"
 
-merge-source-map@1.0.4:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/merge-source-map/-/merge-source-map-1.0.4.tgz#a5de46538dae84d4114cc5ea02b4772a6346701f"
-  integrity sha512-PGSmS0kfnTnMJCzJ16BLLCEe6oeYCamKFFdQKshi4BmM6FUwipjVOcBFGxqtQtirtAG4iZvHlqST9CpZKqlRjA==
+minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
+  integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
+
+minimalistic-crypto-utils@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
+  integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=
+
+minimatch@^3.0.4:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
   dependencies:
-    source-map "^0.5.6"
+    brace-expansion "^1.1.7"
+
+minimist@0.0.8:
+  version "0.0.8"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d"
 
-minimist@^1.1.3:
-  version "1.2.7"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18"
-  integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==
+minimist@^1.1.0, minimist@^1.1.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
 
-moment-timezone@^0.5.34:
-  version "0.5.40"
-  resolved "https://registry.yarnpkg.com/moment-timezone/-/moment-timezone-0.5.40.tgz#c148f5149fd91dd3e29bf481abc8830ecba16b89"
-  integrity sha512-tWfmNkRYmBkPJz5mr9GVDn9vRlVZOTe6yqY92rFxiOdWXbjaR0+9LwQnZGGuNR63X456NqmEkbskte8tWL5ePg==
+mkdirp@^0.5.0:
+  version "0.5.1"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903"
   dependencies:
-    moment ">= 2.9.0"
+    minimist "0.0.8"
 
-"moment@>= 2.9.0", moment@^2.10.2, moment@^2.29.1, moment@^2.29.2:
-  version "2.29.4"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108"
-  integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==
+module-deps@^6.0.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/module-deps/-/module-deps-6.1.0.tgz#d1e1efc481c6886269f7112c52c3236188e16479"
+  dependencies:
+    JSONStream "^1.0.3"
+    browser-resolve "^1.7.0"
+    cached-path-relative "^1.0.0"
+    concat-stream "~1.6.0"
+    defined "^1.0.0"
+    detective "^5.0.2"
+    duplexer2 "^0.1.2"
+    inherits "^2.0.1"
+    parents "^1.0.0"
+    readable-stream "^2.0.2"
+    resolve "^1.4.0"
+    stream-combiner2 "^1.1.1"
+    subarg "^1.0.0"
+    through2 "^2.0.0"
+    xtend "^4.0.0"
 
-moment@^2.9.0:
+moment@^2.24.0, moment@^2.9.0:
   version "2.29.2"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
   integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
 
+morris.js@^0.5.0:
+  version "0.5.0"
+  resolved "https://registry.yarnpkg.com/morris.js/-/morris.js-0.5.0.tgz#725767135cfae059aae75999bb2ce6a1c5d1b44b"
+
 multiselect@^0.9.12:
   version "0.9.12"
   resolved "https://registry.yarnpkg.com/multiselect/-/multiselect-0.9.12.tgz#d15536e986dd6a0029b160d6613bcedf81e4c7ed"
   dependencies:
     jquery ">= 1.7.1"
 
-next-tick@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/next-tick/-/next-tick-1.1.0.tgz#1836ee30ad56d67ef281b22bd199f709449b35eb"
-  integrity sha512-CXdUiJembsNjuToQvxayPZF9Vqht7hewsvy2sOWafLvi2awflj9mOC6bHIg50orX8IJvWKY9wYQ/zB2kogPslQ==
+once@^1.3.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
+  dependencies:
+    wrappy "1"
 
-object-inspect@^1.6.0:
-  version "1.12.3"
-  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.3.tgz#ba62dffd67ee256c8c086dfae69e016cd1f198b9"
-  integrity sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==
+os-browserify@~0.3.0:
+  version "0.3.0"
+  resolved "https://registry.yarnpkg.com/os-browserify/-/os-browserify-0.3.0.tgz#854373c7f5c2315914fc9bfc6bd8238fdda1ec27"
 
-object-is@^1.0.1:
-  version "1.1.5"
-  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.5.tgz#b9deeaa5fc7f1846a0faecdceec138e5778f53ac"
-  integrity sha512-3cyDsyHgtmi7I7DfSSI2LDp6SK2lwvtbg0p0R1e0RvTqF5ceGx+K2dfSjm1bKDMVCFEDAQvy+o8c6a7VujOddw==
+pace@0.0.4:
+  version "0.0.4"
+  resolved "https://registry.yarnpkg.com/pace/-/pace-0.0.4.tgz#d66405d5f5bc12d25441a6e26c878dbc69e77a77"
   dependencies:
-    call-bind "^1.0.2"
-    define-properties "^1.1.3"
+    charm "~0.1.0"
 
-object-keys@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
-  integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
+pako@~1.0.5:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.6.tgz#0101211baa70c4bca4a0f63f2206e97b7dfaf258"
 
-optionator@^0.8.1:
-  version "0.8.3"
-  resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495"
-  integrity sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==
-  dependencies:
-    deep-is "~0.1.3"
-    fast-levenshtein "~2.0.6"
-    levn "~0.3.0"
-    prelude-ls "~1.1.2"
-    type-check "~0.3.2"
-    word-wrap "~1.2.3"
-
-overlayscrollbars@^1.13.1:
-  version "1.13.3"
-  resolved "https://registry.yarnpkg.com/overlayscrollbars/-/overlayscrollbars-1.13.3.tgz#992c96fd2c8535802d1e56c40bc12ec03076c626"
-  integrity sha512-1nB/B5kaakJuHXaLXLRK0bUIilWhUGT6q5g+l2s5vqYdLle/sd0kscBHkQC1kuuDg9p9WR4MTdySDOPbeL/86g==
-
-pako@^0.2.5:
-  version "0.2.9"
-  resolved "https://registry.yarnpkg.com/pako/-/pako-0.2.9.tgz#f3f7522f4ef782348da8161bad9ecfd51bf83a75"
-  integrity sha512-NUcwaKxUxWrZLpDG+z/xZaCgQITkA/Dv4V/T6bw7VON6l1Xz/VnrBqrYjZQ12TamKHzITTfOEIYUj48y2KXImA==
-
-pako@~1.0.2:
-  version "1.0.11"
-  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf"
-  integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==
-
-path-parse@^1.0.7:
-  version "1.0.7"
-  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
-  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
+parents@^1.0.0, parents@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/parents/-/parents-1.0.1.tgz#fedd4d2bf193a77745fe71e371d73c3307d9c751"
+  dependencies:
+    path-platform "~0.11.15"
 
-pdfmake@^0.2.4:
-  version "0.2.7"
-  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.7.tgz#a7a46532ffde032674929988393c20b075cf65e3"
-  integrity sha512-ClLpgx30H5G3EDvRW1MrA1Xih6YxEaSgIVFrOyBMgAAt62V+hxsyWAi6JNP7u1Fc5JKYAbpb4RRVw8Rhvmz5cQ==
+parse-asn1@^5.0.0:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.1.tgz#f6bf293818332bd0dab54efb16087724745e6ca8"
   dependencies:
-    "@foliojs-fork/linebreak" "^1.1.1"
-    "@foliojs-fork/pdfkit" "^0.13.0"
-    iconv-lite "^0.6.3"
-    xmldoc "^1.1.2"
+    asn1.js "^4.0.0"
+    browserify-aes "^1.0.0"
+    create-hash "^1.1.0"
+    evp_bytestokey "^1.0.0"
+    pbkdf2 "^3.0.3"
 
-png-js@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/png-js/-/png-js-1.0.0.tgz#e5484f1e8156996e383aceebb3789fd75df1874d"
-  integrity sha512-k+YsbhpA9e+EFfKjTCH3VW6aoKlyNYI6NYdTfDL4CIvFnvsuO84ttonmZE7rc+v23SLTH8XX+5w/Ak9v0xGY4g==
+path-browserify@~0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/path-browserify/-/path-browserify-0.0.0.tgz#a0b870729aae214005b7d5032ec2cbbb0fb4451a"
+
+path-is-absolute@^1.0.0, path-is-absolute@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
+
+path-parse@^1.0.5:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
+  integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-popper.js@>=1.10, popper.js@^1.16.1:
-  version "1.16.1"
-  resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
-  integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
+path-platform@~0.11.15:
+  version "0.11.15"
+  resolved "https://registry.yarnpkg.com/path-platform/-/path-platform-0.11.15.tgz#e864217f74c36850f0852b78dc7bf7d4a5721bf2"
 
-prelude-ls@~1.1.2:
-  version "1.1.2"
-  resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54"
-  integrity sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w==
+pbkdf2@^3.0.3:
+  version "3.0.16"
+  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.0.16.tgz#7404208ec6b01b62d85bf83853a8064f8d9c2a5c"
+  dependencies:
+    create-hash "^1.1.2"
+    create-hmac "^1.1.4"
+    ripemd160 "^2.0.1"
+    safe-buffer "^5.0.1"
+    sha.js "^2.4.8"
 
 process-nextick-args@~2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
 
-quote-stream@^1.0.1:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/quote-stream/-/quote-stream-1.0.2.tgz#84963f8c9c26b942e153feeb53aae74652b7e0b2"
-  integrity sha512-kKr2uQ2AokadPjvTyKJQad9xELbZwYzWlNfI3Uz2j/ib5u6H9lDP7fUUR//rMycd0gv4Z5P1qXMfXR8YpIxrjQ==
+process@~0.11.0:
+  version "0.11.10"
+  resolved "https://registry.yarnpkg.com/process/-/process-0.11.10.tgz#7332300e840161bda3e69a1d1d91a7d4bc16f182"
+
+public-encrypt@^4.0.0:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/public-encrypt/-/public-encrypt-4.0.2.tgz#46eb9107206bf73489f8b85b69d91334c6610994"
   dependencies:
-    buffer-equal "0.0.1"
-    minimist "^1.1.3"
-    through2 "^2.0.0"
+    bn.js "^4.1.0"
+    browserify-rsa "^4.0.0"
+    create-hash "^1.1.0"
+    parse-asn1 "^5.0.0"
+    randombytes "^2.0.1"
 
-"raphael@^2.2.0 || ^2.1.1", raphael@^2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.3.0.tgz#eabeb09dba861a1d4cee077eaafb8c53f3131f89"
-  integrity sha512-w2yIenZAQnp257XUWGni4bLMVxpUpcIl7qgxEgDIXtmSypYtlNxfXWpOBxs7LBTps5sDwhRnrToJrMUrivqNTQ==
+punycode@1.3.2:
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d"
+
+punycode@^1.3.2:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"
+
+querystring-es3@~0.2.0:
+  version "0.2.1"
+  resolved "https://registry.yarnpkg.com/querystring-es3/-/querystring-es3-0.2.1.tgz#9ec61f79049875707d69414596fd907a4d711e73"
+
+querystring@0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620"
+
+randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5:
+  version "2.0.6"
+  resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.0.6.tgz#d302c522948588848a8d300c932b44c24231da80"
+  dependencies:
+    safe-buffer "^5.1.0"
+
+randomfill@^1.0.3:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/randomfill/-/randomfill-1.0.4.tgz#c92196fc86ab42be983f1bf31778224931d61458"
+  dependencies:
+    randombytes "^2.0.5"
+    safe-buffer "^5.1.0"
+
+raphael@^2.2.7:
+  version "2.2.7"
+  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.2.7.tgz#231b19141f8d086986d8faceb66f8b562ee2c810"
   dependencies:
     eve-raphael "0.5.0"
 
-readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2:
-  version "2.3.6"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
+read-only-stream@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/read-only-stream/-/read-only-stream-2.0.0.tgz#2724fd6a8113d73764ac288d4386270c1dbf17f0"
   dependencies:
-    core-util-is "~1.0.0"
-    inherits "~2.0.3"
-    isarray "~1.0.0"
-    process-nextick-args "~2.0.0"
-    safe-buffer "~5.1.1"
-    string_decoder "~1.1.1"
-    util-deprecate "~1.0.1"
+    readable-stream "^2.0.2"
 
-readable-stream@~2.3.3, readable-stream@~2.3.6:
-  version "2.3.7"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
-  integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.6:
+  version "2.3.6"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
   dependencies:
     core-util-is "~1.0.0"
     inherits "~2.0.3"
@@ -1255,155 +964,114 @@ readable-stream@~2.3.3, readable-stream@~2.3.6:
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
-regexp.prototype.flags@^1.2.0:
-  version "1.4.3"
-  resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.4.3.tgz#87cab30f80f66660181a3bb7bf5981a872b367ac"
-  integrity sha512-fjggEOO3slI6Wvgjwflkc4NFRCTZAu5CnNfBd5qOMYhWdn67nJBBu34/TkD++eeFmd8C9r9jfXJ27+nSiRkSUA==
-  dependencies:
-    call-bind "^1.0.2"
-    define-properties "^1.1.3"
-    functions-have-names "^1.2.2"
-
 resolve@1.1.7:
   version "1.1.7"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
 
-resolve@^1.1.5:
-  version "1.22.1"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.1.tgz#27cb2ebb53f91abb49470a928bba7558066ac177"
-  integrity sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==
+resolve@^1.1.4, resolve@^1.4.0:
+  version "1.7.1"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.7.1.tgz#aadd656374fd298aee895bc026b8297418677fd3"
+  dependencies:
+    path-parse "^1.0.5"
+
+ripemd160@^2.0.0, ripemd160@^2.0.1:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c"
   dependencies:
-    is-core-module "^2.9.0"
-    path-parse "^1.0.7"
-    supports-preserve-symlinks-flag "^1.0.0"
+    hash-base "^3.0.0"
+    inherits "^2.0.1"
 
-safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
 
-"safer-buffer@>= 2.1.2 < 3.0.0":
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
-  integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
-
-sax@^1.2.4:
-  version "1.2.4"
-  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
-  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
-
-scope-analyzer@^2.0.1:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/scope-analyzer/-/scope-analyzer-2.1.2.tgz#b958162feb59823c2835c7b0229187a97c77e9cd"
-  integrity sha512-5cfCmsTYV/wPaRIItNxatw02ua/MThdIUNnUOCYp+3LSEJvnG804ANw2VLaavNILIfWXF1D1G2KNANkBBvInwQ==
-  dependencies:
-    array-from "^2.1.1"
-    dash-ast "^2.0.1"
-    es6-map "^0.1.5"
-    es6-set "^0.1.5"
-    es6-symbol "^3.1.1"
-    estree-is-function "^1.0.0"
-    get-assigned-identifiers "^1.1.0"
-
-select2@^4.0.13:
-  version "4.0.13"
-  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.13.tgz#0dbe377df3f96167c4c1626033e924372d8ef44d"
-  integrity sha512-1JeB87s6oN/TDxQQYCvS5EFoQyvV6eYMZZ0AeA4tdFDYWN3BAGZ8npr17UBFddU0lgAt3H0yjX3X6/ekOj1yjw==
+select2@^4.0.3:
+  version "4.0.5"
+  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.5.tgz#7aac50692561985b34d3b82ec55e226f8960d40a"
+  dependencies:
+    almond "~0.3.1"
+    jquery-mousewheel "~3.1.13"
 
-setimmediate@^1.0.5:
-  version "1.0.5"
-  resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
-  integrity sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==
+sha.js@^2.4.0, sha.js@^2.4.8, sha.js@~2.4.4:
+  version "2.4.11"
+  resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
+  dependencies:
+    inherits "^2.0.1"
+    safe-buffer "^5.0.1"
 
-shallow-copy@~0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/shallow-copy/-/shallow-copy-0.0.1.tgz#415f42702d73d810330292cc5ee86eae1a11a170"
-  integrity sha512-b6i4ZpVuUxB9h5gfCxPiusKYkqTMOjEbBs4wMaFbkfia4yFv92UKZ6Df8WXcKbn08JNL/abvg3FnMAOfakDvUw==
+shasum@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/shasum/-/shasum-1.0.2.tgz#e7012310d8f417f4deb5712150e5678b87ae565f"
+  dependencies:
+    json-stable-stringify "~0.0.0"
+    sha.js "~2.4.4"
 
-source-map@^0.5.6:
-  version "0.5.7"
-  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
-  integrity sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==
+shell-quote@^1.6.1:
+  version "1.7.3"
+  resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.7.3.tgz#aa40edac170445b9a431e17bb62c0b881b9c4123"
+  integrity sha512-Vpfqwm4EnqGdlsBFNmHhxhElJYrdfcxPThu+ryKS5J8L/fhAwLazFZtq+S+TWZ9ANj2piSQLGj6NQg+lKPmxrw==
 
-source-map@~0.1.30:
-  version "0.1.43"
-  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.1.43.tgz#c24bc146ca517c1471f5dacbe2571b2b7f9e3346"
-  integrity sha512-VtCvB9SIQhk3aF6h+N85EaqIaBFIAfZ9Cu+NJHHVvc8BbEcnvDcFw6sqQ2dQrT6SlOrZq3tIvyD9+EGq/lJryQ==
+slimscroll@^0.9.1:
+  version "0.9.1"
+  resolved "https://registry.yarnpkg.com/slimscroll/-/slimscroll-0.9.1.tgz#f675cdc601d80ada20f16004d227d156fd1187b2"
   dependencies:
-    amdefine ">=0.0.4"
+    browserify ">=3.46.0"
+    classie ">=0.0.1"
+    domhelper "~0.9.0"
+    util-extend "^1.0.1"
 
-source-map@~0.6.1:
-  version "0.6.1"
-  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
-  integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
+source-map@~0.5.3:
+  version "0.5.7"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
 
-sourcemap-codec@^1.4.1:
-  version "1.4.8"
-  resolved "https://registry.yarnpkg.com/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz#ea804bd94857402e6992d05a38ef1ae35a9ab4c4"
-  integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
+stream-browserify@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/stream-browserify/-/stream-browserify-2.0.1.tgz#66266ee5f9bdb9940a4e4514cafb43bb71e5c9db"
+  dependencies:
+    inherits "~2.0.1"
+    readable-stream "^2.0.2"
 
-sparklines@^1.3.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/sparklines/-/sparklines-1.3.0.tgz#08015a34c295b62196b91e98df53bfbcb1fde175"
-  integrity sha512-CkFtpDE3hmOeu1IJyIQIOH0AQtHnPj1c61ALxJZQ9cPEFKDgWC1fcNAHuwPi1i1klTDYvlKKseoYHSwe7JmdLA==
+stream-combiner2@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe"
+  dependencies:
+    duplexer2 "~0.1.0"
+    readable-stream "^2.0.2"
 
-static-eval@^2.0.5:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/static-eval/-/static-eval-2.1.0.tgz#a16dbe54522d7fa5ef1389129d813fd47b148014"
-  integrity sha512-agtxZ/kWSsCkI5E4QifRwsaPs0P0JmZV6dkLz6ILYfFYQGn+5plctanRN+IC8dJRiFkyXHrwEE3W9Wmx67uDbw==
+stream-http@^2.0.0:
+  version "2.8.3"
+  resolved "https://registry.yarnpkg.com/stream-http/-/stream-http-2.8.3.tgz#b2d242469288a5a27ec4fe8933acf623de6514fc"
   dependencies:
-    escodegen "^1.11.1"
+    builtin-status-codes "^3.0.0"
+    inherits "^2.0.1"
+    readable-stream "^2.3.6"
+    to-arraybuffer "^1.0.0"
+    xtend "^4.0.0"
 
-static-module@^3.0.2:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/static-module/-/static-module-3.0.4.tgz#bfbd1d1c38dd1fbbf0bb4af0c1b3ae18a93a2b68"
-  integrity sha512-gb0v0rrgpBkifXCa3yZXxqVmXDVE+ETXj6YlC/jt5VzOnGXR2C15+++eXuMDUYsePnbhf+lwW0pE1UXyOLtGCw==
+stream-splicer@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/stream-splicer/-/stream-splicer-2.0.0.tgz#1b63be438a133e4b671cc1935197600175910d83"
   dependencies:
-    acorn-node "^1.3.0"
-    concat-stream "~1.6.0"
-    convert-source-map "^1.5.1"
-    duplexer2 "~0.1.4"
-    escodegen "^1.11.1"
-    has "^1.0.1"
-    magic-string "0.25.1"
-    merge-source-map "1.0.4"
-    object-inspect "^1.6.0"
-    readable-stream "~2.3.3"
-    scope-analyzer "^2.0.1"
-    shallow-copy "~0.0.1"
-    static-eval "^2.0.5"
-    through2 "~2.0.3"
-
-string_decoder@~1.1.1:
+    inherits "^2.0.1"
+    readable-stream "^2.0.2"
+
+string_decoder@^1.1.1, string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
   dependencies:
     safe-buffer "~5.1.0"
 
-summernote@^0.8.20:
-  version "0.8.20"
-  resolved "https://registry.yarnpkg.com/summernote/-/summernote-0.8.20.tgz#395905f2cec0aceebc712edc019d91b8ef88f7cf"
-  integrity sha512-W9RhjQjsn+b1s9xiJQgJbCiYGJaDAc9CdEqXo+D13WuStG8lCdtKaO5AiNiSSMJsQJN2EfGSwbBQt+SFE2B8Kw==
-
-supports-preserve-symlinks-flag@^1.0.0:
+subarg@^1.0.0:
   version "1.0.0"
-  resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09"
-  integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==
-
-sweetalert2@^11.4.0:
-  version "11.7.1"
-  resolved "https://registry.yarnpkg.com/sweetalert2/-/sweetalert2-11.7.1.tgz#e015b824fec3dcd174babbfedd30d989118c6783"
-  integrity sha512-+1bnkbqBl64FnZmi3g4SzAi4F3pL3S2jF1YQvrysv4GbgizfeFqGkJopxR3FnV/eJm6w2SQ2oAmCxSIBjgP/ag==
+  resolved "https://registry.yarnpkg.com/subarg/-/subarg-1.0.0.tgz#f62cf17581e996b48fc965699f54c06ae268b8d2"
+  dependencies:
+    minimist "^1.1.0"
 
-tempusdominus-bootstrap-4@^5.39.0:
-  version "5.39.2"
-  resolved "https://registry.yarnpkg.com/tempusdominus-bootstrap-4/-/tempusdominus-bootstrap-4-5.39.2.tgz#f8f12194287eb6f159e9b9d94a441abb54daf94d"
-  integrity sha512-8Au4miSAsMGdsElPg87EUmsN7aGJFaRA5Y8Ale7dDTfhhnQL1Za53LclIJkq+t/7NO5+Ufr1jY7tmEPvWGHaVg==
+syntax-error@^1.1.1:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/syntax-error/-/syntax-error-1.4.0.tgz#2d9d4ff5c064acb711594a3e3b95054ad51d907c"
   dependencies:
-    bootstrap "^4.6.1"
-    jquery "^3.6.0"
-    moment "^2.29.2"
-    moment-timezone "^0.5.34"
-    popper.js "^1.16.1"
+    acorn-node "^1.2.0"
 
 through2@^2.0.0:
   version "2.0.3"
@@ -1412,94 +1080,67 @@ through2@^2.0.0:
     readable-stream "^2.1.5"
     xtend "~4.0.1"
 
-through2@~2.0.3:
-  version "2.0.5"
-  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
-  integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
-  dependencies:
-    readable-stream "~2.3.6"
-    xtend "~4.0.1"
-
-through@~2.3.4:
+"through@>=2.2.7 <3":
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
-  integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==
-
-tiny-inflate@^1.0.0, tiny-inflate@^1.0.2:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/tiny-inflate/-/tiny-inflate-1.0.3.tgz#122715494913a1805166aaf7c93467933eea26c4"
-  integrity sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==
-
-toastr@^2.1.4:
-  version "2.1.4"
-  resolved "https://registry.yarnpkg.com/toastr/-/toastr-2.1.4.tgz#8b43be64fb9d0c414871446f2db8e8ca4e95f181"
-  integrity sha512-LIy77F5n+sz4tefMmFOntcJ6HL0Fv3k1TDnNmFZ0bU/GcvIIfy6eG2v7zQmMiYgaalAiUv75ttFrPn5s0gyqlA==
-  dependencies:
-    jquery ">=1.12.0"
 
-type-check@~0.3.2:
-  version "0.3.2"
-  resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72"
-  integrity sha512-ZCmOJdvOWDBYJlzAoFkC+Q0+bUyEOS1ltgp1MGU03fqHG+dbi9tBFU2Rd9QKiDZFAYrhPh2JUf7rZRIuHRKtOg==
+timers-browserify@^1.0.1:
+  version "1.4.2"
+  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-1.4.2.tgz#c9c58b575be8407375cb5e2462dacee74359f41d"
   dependencies:
-    prelude-ls "~1.1.2"
+    process "~0.11.0"
 
-type@^1.0.1:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/type/-/type-1.2.0.tgz#848dd7698dafa3e54a6c479e759c4bc3f18847a0"
-  integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==
+to-arraybuffer@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43"
 
-type@^2.7.2:
-  version "2.7.2"
-  resolved "https://registry.yarnpkg.com/type/-/type-2.7.2.tgz#2376a15a3a28b1efa0f5350dcf72d24df6ef98d0"
-  integrity sha512-dzlvlNlt6AXU7EBSfpAscydQ7gXB+pPGsPnfJnZpiNJBDj7IaJzQlBZYGdEi4R9HmPdBv2XmWJ6YUtoTa7lmCw==
+tty-browserify@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/tty-browserify/-/tty-browserify-0.0.1.tgz#3f05251ee17904dfd0677546670db9651682b811"
 
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
 
-unicode-properties@^1.2.2:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/unicode-properties/-/unicode-properties-1.4.1.tgz#96a9cffb7e619a0dc7368c28da27e05fc8f9be5f"
-  integrity sha512-CLjCCLQ6UuMxWnbIylkisbRj31qxHPAurvena/0iwSVbQ2G1VY5/HjV0IRabOEbDHlzZlRdCrD4NhB0JtU40Pg==
-  dependencies:
-    base64-js "^1.3.0"
-    unicode-trie "^2.0.0"
+umd@^3.0.0:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/umd/-/umd-3.0.3.tgz#aa9fe653c42b9097678489c01000acb69f0b26cf"
 
-unicode-trie@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/unicode-trie/-/unicode-trie-2.0.0.tgz#8fd8845696e2e14a8b67d78fa9e0dd2cad62fec8"
-  integrity sha512-x7bc76x0bm4prf1VLg79uhAzKw8DVboClSN5VxJuQ+LKDOVEW9CdH+VY7SP+vX7xCYQqzzgQpFqz15zeLvAtZQ==
+url@~0.11.0:
+  version "0.11.0"
+  resolved "https://registry.yarnpkg.com/url/-/url-0.11.0.tgz#3838e97cfc60521eb73c525a8e55bfdd9e2e28f1"
   dependencies:
-    pako "^0.2.5"
-    tiny-inflate "^1.0.0"
-
-universalify@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717"
-  integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==
-
-uplot@^1.6.18:
-  version "1.6.24"
-  resolved "https://registry.yarnpkg.com/uplot/-/uplot-1.6.24.tgz#dfa213fa7da92763261920ea972ed1a5f9f6af12"
-  integrity sha512-WpH2BsrFrqxkMu+4XBvc0eCDsRBhzoq9crttYeSI0bfxpzR5YoSVzZXOKFVWcVC7sp/aDXrdDPbDZGCtck2PVg==
+    punycode "1.3.2"
+    querystring "0.2.0"
 
 util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
 
-word-wrap@~1.2.3:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c"
-  integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==
+util-extend@^1.0.1:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/util-extend/-/util-extend-1.0.3.tgz#a7c216d267545169637b3b6edc6ca9119e2ff93f"
 
-xmldoc@^1.1.2:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/xmldoc/-/xmldoc-1.2.0.tgz#7554371bfd8c138287cff01841ae4566d26e5541"
-  integrity sha512-2eN8QhjBsMW2uVj7JHLHkMytpvGHLHxKXBy4J3fAT/HujsEtM6yU84iGjpESYGHg6XwK0Vu4l+KgqQ2dv2cCqg==
+util@0.10.3:
+  version "0.10.3"
+  resolved "https://registry.yarnpkg.com/util/-/util-0.10.3.tgz#7afb1afe50805246489e3db7fe0ed379336ac0f9"
   dependencies:
-    sax "^1.2.4"
+    inherits "2.0.1"
+
+util@~0.10.1:
+  version "0.10.4"
+  resolved "https://registry.yarnpkg.com/util/-/util-0.10.4.tgz#3aa0125bfe668a4672de58857d3ace27ecb76901"
+  dependencies:
+    inherits "2.0.3"
+
+vm-browserify@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.0.1.tgz#a15d7762c4c48fa6bf9f3309a21340f00ed23063"
+
+wrappy@1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
 
-xtend@^4.0.1, xtend@~4.0.1:
+xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"

From 839c1ecf178286fdbaae7b19bf632e11a7c758eb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Feb 2023 11:02:47 -0500
Subject: [PATCH 208/475] Revert "Revert "Error pages updated for Font Awesome
 v6 - fa-solid""

This reverts commit 35493fc218d1a27bfc36c2f6b056fb134542a26f.
---
 powerdnsadmin/templates/errors/400.html  | 32 +++++++++--------
 powerdnsadmin/templates/errors/403.html  | 24 +++++++------
 powerdnsadmin/templates/errors/404.html  | 24 +++++++------
 powerdnsadmin/templates/errors/500.html  | 24 +++++++------
 powerdnsadmin/templates/errors/SAML.html | 45 ++++++++++++++----------
 5 files changed, 82 insertions(+), 67 deletions(-)

diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index ec53684de..edf6d6dcb 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -19,21 +19,23 @@ <h1>
 <!-- Main content -->
 <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">400</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Bad request
-            </h3>
-            <p>
-                {% if msg %}
-                  {{ msg }}
-                {% else %}
-                  The server refused to process your request and return a 400 error.
-                {% endif %}
-                <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        400
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          Oops! Bad request
+        </h3>
+        <p>
+          {% if msg %}
+            {{ msg }}
+          {% else %}
+            The server refused to process your request and return a 400 error.
+          {% endif %}
+          <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
     <!-- /.error-page -->
 </section>
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index ffe96bf53..ddc35176c 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -19,17 +19,19 @@ <h1>
 <!-- Main content -->
 <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">403</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Access denied
-            </h3>
-            <p>
-                You don't have permission to access this page
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        403
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          Oops! Access denied
+        </h3>
+        <p>
+          You don't have permission to access this page
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
     <!-- /.error-page -->
 </section>
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index a93c73133..430bf9617 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -19,17 +19,19 @@ <h1>
 <!-- Main content -->
 <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">404</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! You're lost
-            </h3>
-            <p>
-                The page you requested could not be found.
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        404
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          Oops! You're lost
+        </h3>
+        <p>
+          The page you requested could not be found.
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
     <!-- /.error-page -->
 </section>
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index d223b0b48..da8b6b853 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -19,17 +19,19 @@ <h1>
 <!-- Main content -->
 <section class="content">
     <div class="error-page">
-        <h2 class="headline text-yellow">500</h2>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
-            </h3>
-            <p>
-                Try again later.
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <h2 class="headline text-yellow">
+        500
+      </h2>
+      <div class="error-content">
+        <h3>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          Oops! Something went wrong
+        </h3>
+        <p>
+          Try again later.
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
     <!-- /.error-page -->
 </section>
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index 2cfacbd82..db35c5db5 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -19,25 +19,32 @@ <h1>
 <!-- Main content -->
 <section class="content">
     <div class="error-page">
-        <div>
-        <h1 class="headline text-yellow" style="font-size:46px;">SAML Authentication Error</h1></div><br/><br/>
-        <div class="error-content">
-            <h3>
-                <i class="fa fa-warning text-yellow"></i> Oops! Something went wrong
-            </h3><br>
-            <p>
-                Login failed.<br>
-                Error(s) when processing SAML Response:<br>
-                <ul>
-                    {% for error in errors %}
-                    <li>{{ error }}</li>
-                    {% endfor %}
-                </ul>
-
-                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-            </p>
-        </div>
-        <!-- /.error-content -->
+      <div>
+        <h1 class="headline text-yellow" style="font-size:46px;">
+          SAML Authentication Error
+        </h1>
+      </div>
+      <br/>
+      <br/>
+      <div class="error-content">
+        <h3>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          Oops! Something went wrong
+        </h3>
+        <br>
+        <p>
+          Login failed.
+          <br>
+          Error(s) when processing SAML Response:
+          <br>
+          <ul>
+            {% for error in errors %}
+              <li>{{ error }}</li>
+            {% endfor %}
+          </ul>
+          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+        </p>
+      </div>
     </div>
     <!-- /.error-page -->
 </section>

From 516bc52c2f95353c1c1653427ffd0627acaff1e4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Feb 2023 11:04:14 -0500
Subject: [PATCH 209/475] Revert "Revert "Merge pull request #1371 from
 AgentTNT/AdminLTE-Upgrade""

This reverts commit e2ad3e200179dd02bd8dfe42913b59bae9bd4263.
---
 configs/development.py                        |   11 +
 package.json                                  |   14 +-
 powerdnsadmin/assets.py                       |  106 +-
 powerdnsadmin/routes/__init__.py              |    3 +-
 powerdnsadmin/routes/admin.py                 |   23 +-
 powerdnsadmin/routes/base.py                  |    2 +
 powerdnsadmin/routes/index.py                 |  115 +-
 powerdnsadmin/static/custom/js/custom.js      |   16 +-
 .../templates/admin_edit_account.html         |  357 +--
 powerdnsadmin/templates/admin_edit_key.html   |  236 +-
 powerdnsadmin/templates/admin_edit_user.html  |  246 +-
 .../templates/admin_global_search.html        |  333 +--
 powerdnsadmin/templates/admin_history.html    |  258 ++-
 .../templates/admin_history_table.html        |  152 +-
 .../templates/admin_manage_account.html       |  161 +-
 .../templates/admin_manage_keys.html          |  244 +-
 .../templates/admin_manage_user.html          |  378 +--
 powerdnsadmin/templates/admin_pdns_stats.html |  207 +-
 .../admin_setting_authentication.html         |  176 +-
 .../templates/admin_setting_basic.html        |  183 +-
 .../templates/admin_setting_pdns.html         |  175 +-
 .../templates/admin_setting_records.html      |  150 +-
 powerdnsadmin/templates/base.html             |  348 +--
 powerdnsadmin/templates/dashboard.html        |  478 ++--
 powerdnsadmin/templates/dashboard_domain.html |   78 +-
 powerdnsadmin/templates/domain.html           |  396 ++--
 powerdnsadmin/templates/domain_add.html       |  410 ++--
 powerdnsadmin/templates/domain_changelog.html |  128 +-
 powerdnsadmin/templates/domain_remove.html    |  210 +-
 powerdnsadmin/templates/domain_setting.html   |  209 +-
 powerdnsadmin/templates/errors/400.html       |   47 +-
 powerdnsadmin/templates/errors/403.html       |   47 +-
 powerdnsadmin/templates/errors/404.html       |   47 +-
 powerdnsadmin/templates/errors/500.html       |   47 +-
 powerdnsadmin/templates/errors/SAML.html      |   47 +-
 powerdnsadmin/templates/login.html            |  313 +--
 powerdnsadmin/templates/register.html         |  276 ++-
 powerdnsadmin/templates/register_otp.html     |    2 +-
 powerdnsadmin/templates/template.html         |  202 +-
 powerdnsadmin/templates/template_add.html     |  193 +-
 powerdnsadmin/templates/template_edit.html    |  113 +-
 powerdnsadmin/templates/user_profile.html     |  298 +--
 requirements.txt                              |   39 +-
 yarn.lock                                     | 2019 ++++++++++-------
 44 files changed, 5273 insertions(+), 4220 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index d4bd24f23..b848d0c86 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -15,6 +15,17 @@
 SQLA_DB_NAME = 'pda'
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 
+#CAPTCHA Config
+CAPTCHA_ENABLE = True
+CAPTCHA_LENGTH = 6
+CAPTCHA_WIDTH = 160
+CAPTCHA_HEIGHT = 60
+CAPTCHA_SESSION_KEY = 'captcha_image'
+
+#Server side sessions tracking
+#Set to TRUE for CAPTCHA, or enable another stateful session tracking system
+FILESYSTEM_SESSIONS_ENABLED = True
+
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #    urllib.parse.quote_plus(SQLA_DB_USER),
diff --git a/package.json b/package.json
index 76982c81c..f6724c3ed 100644
--- a/package.json
+++ b/package.json
@@ -1,15 +1,17 @@
 {
   "dependencies": {
-    "admin-lte": "2.4.9",
-    "bootstrap": "^3.4.1",
-    "bootstrap-datepicker": "^1.8.0",
+    "@fortawesome/fontawesome-free": "6.3.0",
+    "admin-lte": "3.2.0",
+    "bootstrap": "4.6.2",
+    "bootstrap-datepicker": "^1.9.0",
     "bootstrap-validator": "^0.11.9",
-    "datatables.net-plugins": "^1.10.19",
+    "datatables.net-plugins": "^1.13.1",
     "icheck": "^1.0.2",
     "jquery-slimscroll": "^1.3.8",
-    "jquery-ui-dist": "^1.12.1",
+    "jquery-sparkline": "^2.4.0",
+    "jquery-ui-dist": "^1.13.2",
     "jquery.quicksearch": "^2.4.0",
-    "jtimeout": "^3.1.0",
+    "jtimeout": "^3.2.0",
     "multiselect": "^0.9.12"
   }
 }
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 233e23adf..7ad973f31 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -2,67 +2,65 @@
 
 
 class ConcatFilter(Filter):
-    """
-    Filter that merges files, placing a semicolon between them.
+  """
+  Filter that merges files, placing a semicolon between them.
 
-    Fixes issues caused by missing semicolons at end of JS assets, for example
-    with last statement of jquery.pjax.js.
-    """
-    def concat(self, out, hunks, **kw):
-        out.write(';'.join([h.data() for h, info in hunks]))
+  Fixes issues caused by missing semicolons at end of JS assets, for example
+  with last statement of jquery.pjax.js.
+  """
+  def concat(self, out, hunks, **kw):
+    out.write(';'.join([h.data() for h, info in hunks]))
 
+css_login = Bundle(
+  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
+  'node_modules/icheck/skins/square/blue.css',
+  'node_modules/admin-lte/dist/css/adminlte.css',
+  filters=('cssmin', 'cssrewrite'),
+  output='generated/login.css')
 
-css_login = Bundle('node_modules/bootstrap/dist/css/bootstrap.css',
-                   'node_modules/font-awesome/css/font-awesome.css',
-                   'node_modules/ionicons/dist/css/ionicons.css',
-                   'node_modules/icheck/skins/square/blue.css',
-                   'node_modules/admin-lte/dist/css/AdminLTE.css',
-                   filters=('cssmin', 'cssrewrite'),
-                   output='generated/login.css')
+js_login = Bundle(
+  'node_modules/jquery/dist/jquery.js',
+  'node_modules/bootstrap/dist/js/bootstrap.js',
+  'node_modules/icheck/icheck.js',
+  'custom/js/custom.js',
+  filters=(ConcatFilter, 'rjsmin'),
+  output='generated/login.js')
 
-js_login = Bundle('node_modules/jquery/dist/jquery.js',
-                  'node_modules/bootstrap/dist/js/bootstrap.js',
-                  'node_modules/icheck/icheck.js',
-                  'custom/js/custom.js',
-                  filters=(ConcatFilter, 'rjsmin'),
-                  output='generated/login.js')
-
-js_validation = Bundle('node_modules/bootstrap-validator/dist/validator.js',
-                       output='generated/validation.js')
+js_validation = Bundle(
+  'node_modules/bootstrap-validator/dist/validator.js',
+  output='generated/validation.js')
 
 css_main = Bundle(
-    'node_modules/bootstrap/dist/css/bootstrap.css',
-    'node_modules/font-awesome/css/font-awesome.css',
-    'node_modules/ionicons/dist/css/ionicons.css',
-    'node_modules/datatables.net-bs/css/dataTables.bootstrap.css',
-    'node_modules/icheck/skins/square/blue.css',
-    'node_modules/multiselect/css/multi-select.css',
-    'node_modules/admin-lte/dist/css/AdminLTE.css',
-    'node_modules/admin-lte/dist/css/skins/_all-skins.css',
-    'custom/css/custom.css',
-    'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-    filters=('cssmin', 'cssrewrite'),
-    output='generated/main.css')
+  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
+  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.min.css',
+  'node_modules/icheck/skins/square/blue.css',
+  'node_modules/multiselect/css/multi-select.css',
+  'node_modules/admin-lte/dist/css/adminlte.css',
+  'custom/css/custom.css',
+  'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
+  filters=('cssmin', 'cssrewrite'),
+  output='generated/main.css')
 
-js_main = Bundle('node_modules/jquery/dist/jquery.js',
-                 'node_modules/jquery-ui-dist/jquery-ui.js',
-                 'node_modules/bootstrap/dist/js/bootstrap.js',
-                 'node_modules/datatables.net/js/jquery.dataTables.js',
-                 'node_modules/datatables.net-bs/js/dataTables.bootstrap.js',
-                 'node_modules/jquery-sparkline/jquery.sparkline.js',
-                 'node_modules/jquery-slimscroll/jquery.slimscroll.js',
-                 'node_modules/icheck/icheck.js',
-                 'node_modules/fastclick/lib/fastclick.js',
-                 'node_modules/moment/moment.js',
-                 'node_modules/admin-lte/dist/js/adminlte.js',
-                 'node_modules/multiselect/js/jquery.multi-select.js',
-                 'node_modules/datatables.net-plugins/sorting/natural.js',
-                 'node_modules/jtimeout/src/jTimeout.js',
-                 'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
-                 'custom/js/custom.js',
-                 'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
-                 filters=(ConcatFilter, 'rjsmin'),
-                 output='generated/main.js')
+js_main = Bundle(
+  'node_modules/jquery/dist/jquery.js',
+  'node_modules/jquery-ui-dist/jquery-ui.js',
+  'node_modules/bootstrap/dist/js/bootstrap.bundle.js',
+  'node_modules/datatables.net/js/jquery.dataTables.js',
+  'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
+  'node_modules/jquery-sparkline/jquery.sparkline.js',
+  'node_modules/jquery-slimscroll/jquery.slimscroll.js',
+  'node_modules/icheck/icheck.js',
+  'node_modules/fastclick/lib/fastclick.js',
+  'node_modules/moment/moment.js',
+  'node_modules/admin-lte/dist/js/adminlte.js',
+  'node_modules/multiselect/js/jquery.multi-select.js',
+  'node_modules/datatables.net-plugins/sorting/natural.js',
+  'node_modules/jtimeout/src/jTimeout.js',
+  'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
+  'custom/js/custom.js',
+  'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
+  filters=(ConcatFilter, 'rjsmin'),
+  output='generated/main.js')
 
 assets = Environment()
 assets.register('js_login', js_login)
diff --git a/powerdnsadmin/routes/__init__.py b/powerdnsadmin/routes/__init__.py
index 7d8aa9a46..598b17a7b 100644
--- a/powerdnsadmin/routes/__init__.py
+++ b/powerdnsadmin/routes/__init__.py
@@ -1,5 +1,5 @@
 from .base import (
-    csrf, login_manager, handle_bad_request, handle_unauthorized_access,
+    captcha, csrf, login_manager, handle_bad_request, handle_unauthorized_access,
     handle_access_forbidden, handle_page_not_found, handle_internal_server_error
 )
 
@@ -14,6 +14,7 @@
 def init_app(app):
     login_manager.init_app(app)
     csrf.init_app(app)
+    captcha.init_app(app)
 
     app.register_blueprint(index_bp)
     app.register_blueprint(user_bp)
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index e419fa888..98f4ef9e2 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -795,7 +795,7 @@ def __init__(self, history, change_set):
         if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a domain creation
             self.detailed_msg = render_template_string("""
                     <table class="table table-bordered table-striped">
-                        <tr><td>Domain type:</td><td>{{ domaintype }}</td></tr>
+                        <tr><td>Domain Type:</td><td>{{ domaintype }}</td></tr>
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
@@ -804,22 +804,23 @@ def __init__(self, history, change_set):
 
         elif 'authenticator' in detail_dict: # this is a user authentication
             self.detailed_msg = render_template_string("""
-                <table class="table table-bordered table-striped" style="width:565px;">
-                    <thead>
+                <table class="table table-bordered table-striped"">
+                    <tbody>
                         <tr>
-                            <th colspan="3" style="background: rgba({{ background_rgba }});">
-                                <p style="color:white;">User {{ username }} authentication {{ auth_result }}</p>
-                            </th>
+                            <td>Username:</td>
+                            <td>{{ username }}</td>
+                        </tr>
+                        <tr>
+                            <td>Authentication Result:</td>
+                            <td>{{ auth_result }}</td>
                         </tr>
-                    </thead>
-                    <tbody>
                         <tr>
                             <td>Authenticator Type:</td>
-                            <td colspan="2">{{ authenticator }}</td>
+                            <td>{{ authenticator }}</td>
                         </tr>
                         <tr>
-                            <td>IP Address</td>
-                            <td colspan="2">{{ ip_address }}</td>
+                            <td>IP Address:</td>
+                            <td>{{ ip_address }}</td>
                         </tr>
                     </tbody>
                 </table>
diff --git a/powerdnsadmin/routes/base.py b/powerdnsadmin/routes/base.py
index 16ed00ae8..7af342ce3 100644
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@@ -3,10 +3,12 @@
 from flask import render_template, url_for, redirect, session, request, current_app
 from flask_login import LoginManager
 from flask_seasurf import SeaSurf
+from flask_session_captcha import FlaskSessionCaptcha
 
 from ..models.user import User
 
 
+captcha = FlaskSessionCaptcha()
 csrf = SeaSurf()
 login_manager = LoginManager()
 
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 117fe14b5..14ad2754c 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -10,7 +10,7 @@
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
 from flask_login import login_user, logout_user, login_required, current_user
 
-from .base import csrf, login_manager
+from .base import captcha, csrf, login_manager
 from ..lib import utils
 from ..decorators import dyndns_login_required
 from ..models.base import db
@@ -400,7 +400,7 @@ def login():
             desc_prop = Setting().get('oidc_oauth_account_description_property')
 
             account_to_add = []
-	    #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
+      #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
             if name_prop in me and desc_prop in me:
                 accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
                 accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
@@ -415,7 +415,7 @@ def login():
                     account_to_add.append(account)
                 user_accounts = user.get_accounts()
 
-		# Add accounts
+    # Add accounts
                 for account in account_to_add:
                     if account not in user_accounts:
                         account.add_user(user)
@@ -651,50 +651,73 @@ def logout():
 
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
-    if Setting().get('signup_enabled'):
-        if request.method == 'GET':
-            return render_template('register.html')
-        elif request.method == 'POST':
-            username = request.form.get('username', '').strip()
-            password = request.form.get('password', '')
-            firstname = request.form.get('firstname', '').strip()
-            lastname = request.form.get('lastname', '').strip()
-            email = request.form.get('email', '').strip()
-            rpassword = request.form.get('rpassword', '')
-
-            if not username or not password or not email:
-                return render_template(
-                    'register.html', error='Please input required information')
-
-            if password != rpassword:
-                return render_template(
-                    'register.html',
-                    error="Password confirmation does not match")
-
-            user = User(username=username,
-                        plain_text_password=password,
-                        firstname=firstname,
-                        lastname=lastname,
-                        email=email)
-
-            try:
-                result = user.create_local_user()
-                if result and result['status']:
-                    if Setting().get('verify_user_email'):
-                        send_account_verification(email)
-                    if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
-                        user.update_profile(enable_otp=True)
-                        prepare_welcome_user(user.id)
-                        return redirect(url_for('index.welcome'))
-                    else:
-                        return redirect(url_for('index.login'))
-                else:
-                    return render_template('register.html',
-                                           error=result['msg'])
-            except Exception as e:
-                return render_template('register.html', error=e)
+  CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
+  if Setting().get('signup_enabled'):
+    if current_user.is_authenticated:
+      return redirect(url_for('index.index'))
+    if request.method == 'GET':
+      return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
+    elif request.method == 'POST':
+      username = request.form.get('username', '').strip()
+      password = request.form.get('password', '')
+      firstname = request.form.get('firstname', '').strip()
+      lastname = request.form.get('lastname', '').strip()
+      email = request.form.get('email', '').strip()
+      rpassword = request.form.get('rpassword', '')
+
+      is_valid_email = re.compile(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$')
+
+      error_messages = {}
+      if not firstname:
+        error_messages['firstname'] = 'First Name is required'
+      if not lastname:
+        error_messages['lastname'] = 'Last Name is required'
+      if not username:
+        error_messages['username'] = 'Username is required'
+      if not password:
+        error_messages['password'] = 'Password is required'
+      if not rpassword:
+        error_messages['rpassword'] = 'Password confirmation is required'
+      if not email:
+        error_messages['email'] = 'Email is required'
+      if not is_valid_email.match(email):
+        error_messages['email'] = 'Invalid email address'
+      if password != rpassword:
+        error_messages['password'] = 'Password confirmation does not match'
+        error_messages['rpassword'] = 'Password confirmation does not match'
+
+      if not captcha.validate():
+        return render_template(
+          'register.html', error='Invalid CAPTCHA answer', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
+
+      if error_messages:
+        return render_template('register.html', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
+
+      user = User(username=username,
+        plain_text_password=password,
+        firstname=firstname,
+        lastname=lastname,
+        email=email
+      )
+
+      try:
+        result = user.create_local_user()
+        if result and result['status']:
+          if Setting().get('verify_user_email'):
+            send_account_verification(email)
+          if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
+            user.update_profile(enable_otp=True)
+            prepare_welcome_user(user.id)
+            return redirect(url_for('index.welcome'))
+          else:
+            return redirect(url_for('index.login'))
+        else:
+          return render_template('register.html',
+            error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
+      except Exception as e:
+        return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
     else:
-        return render_template('errors/404.html'), 404
+      return render_template('errors/404.html'), 404
 
 
 # Show welcome page on first login if otp_force is enabled
diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index e4b72b16e..0f096bf05 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -287,4 +287,18 @@ function copy_otp_secret_to_clipboard() {
     navigator.clipboard.writeText(copyBox.value);
     $("#copy_tooltip").css("visibility", "visible");
     setTimeout(function(){ $("#copy_tooltip").css("visibility", "collapse"); }, 2000);
-  }
\ No newline at end of file
+  }
+
+// Side menu nav bar active selection
+/** add active class and stay opened when selected */
+var url = window.location;
+
+// for sidebar menu entirely but not cover treeview
+$('ul.nav-sidebar a').filter(function() {
+    return this.href == url;
+}).addClass('active');
+
+// for treeview
+$('ul.nav-treeview a').filter(function() {
+    return this.href == url;
+}).parentsUntil(".nav-sidebar > .nav-treeview").addClass('menu-open').prev('a').addClass('active');
diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index ee8d1be6e..046866cd3 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -1,192 +1,211 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_accounts" %}
-{% block title %}<title>Edit Account - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+<title>
+  Edit Account - {{ SITE_NAME }}
+</title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Account
-        <small>{% if create %}New account{% else %}{{ account.name }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} account</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            {% if create %}Add Account{% else %}Edit Account{% endif %}
+            <small>{% if create %}Account{% else %}{{ account.name }}{% endif %}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add Account{% else %}Edit Account: {{ account.name }}{% endif %}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} account</h3>
+      <div class="col-4">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Account</h3>
+          </div>
+          <form role="form" method="post" action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
+                  {{ error }}
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        {% if error %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            {{ error }}
-                        </div>
-                        <span class="help-block">{{ error }}</span>
-                        {% endif %}
-                        <div
-                            class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
-                            <label class="control-label" for="accountname">Name</label>
-                            <input type="text" class="form-control" placeholder="Account Name (required)"
-                                name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
-                                {% if not create %}disabled{% endif %}>
-                            <span class="fa fa-cog form-control-feedback"></span>
-                            {% if invalid_accountname %}
-                            <span class="help-block">Cannot be blank and must only contain alphanumeric
-                                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.</span>
-                            {% elif duplicate_accountname %}
-                            <span class="help-block">Account name already in use.</span>
-                            {% endif %}
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountdescription">Description</label>
-                            <input type="text" class="form-control" placeholder="Account Description (optional)"
-                                name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
-                            <span class="fa fa-industry form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountcontact">Contact Person</label>
-                            <input type="text" class="form-control" placeholder="Contact Person (optional)"
-                                name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
-                            <span class="fa fa-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="accountmail">Mail Address</label>
-                            <input type="email" class="form-control" placeholder="Mail Address (optional)"
-                                name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
-                            <span class="fa fa-envelope form-control-feedback"></span>
-                        </div>
-                    </div>
-                    <div class="box-header with-border">
-                        <h3 class="box-title">Access Control</h3>
-                    </div>
-                    <div class="box-body">
-                        <p>Users on the right have access to manage records in all domains
-                            associated with the account.</p>
-                        <p>Click on users to move between columns.</p>
-                        <div class="form-group col-xs-2">
-                            <select multiple="multiple" class="form-control" id="account_multi_user"
-                                name="account_multi_user">
-                                {% for user in users %}
-                                <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
-                                    value="{{ user.username }}">{{ user.username }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                    </div>
-                    <div class="box-body">
-                        <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
-                            Moving already associated domains to this account will overwrite the previous associated account.
-                        </p>
-                        <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
-                        <div class="form-group col-xs-2">
-                            <select multiple="multiple" class="form-control" id="account_domains"
-                                name="account_domains">
-                                {% for domain in domains %}
-                                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
-                                        {% with account_id=domain.account_id %}
-                                            <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}"
-                                                value="{{ domain.name }}">{{ domain.name }}</option>
-                                        {% endwith %}
-                                    {% else %}
-                                        <option {% if account.id == domain.account_id %}selected{% endif %}
-                                            value="{{ domain.name }}">{{ domain.name }}</option>
-                                    {% endif %}
-                                {% endfor %}
-                            </select>
-                        </div>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
-                            Account</button>
-                    </div>
-                </form>
+                <span class="help-block">{{ error }}</span>
+              {% endif %}
+              <div class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
+                <label class="control-label" for="accountname">Name</label>
+                <input type="text" class="form-control" placeholder="Account Name (required)"
+                  name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
+                  {% if not create %}disabled{% endif %} required>
+                <span class="form-control-feedback"></span>
+                {% if invalid_accountname %}
+                  <span class="help-block text-danger">Cannot be blank and must only contain alphanumeric
+                    characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.
+                  </span>
+                {% elif duplicate_accountname %}
+                  <span class="help-block text-danger">Account name already in use.</span>
+                {% endif %}
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountdescription">Description</label>
+                <input type="text" class="form-control" placeholder="Account Description (optional)"
+                  name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
+                <span class="orm-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountcontact">Contact Person</label>
+                <input type="text" class="form-control" placeholder="Contact Person (optional)"
+                  name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="accountmail">Mail Address</label>
+                <input type="email" class="form-control" placeholder="Mail Address (optional)"
+                  name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
             </div>
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with creating a new account</h3>
-                </div>
-                <div class="box-body">
-                    <p>
-                        An account allows grouping of domains belonging to a particular entity, such as a customer or
-                        department.<br />
-                        A domain can be assigned to an account upon domain creation or through the domain administration
-                        page.
-                    </p>
-                    <p>Fill in all the fields to the in the form to the left.</p>
-                    <p>
-                        <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
-                        characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
-                        {% else %} (no extra character is allowed){% endif %}.<br />
-                        <strong>Description</strong> is a user friendly name for this account.<br />
-                        <strong>Contact person</strong> is the name of a contact person at the account.<br />
-                        <strong>Mail Address</strong> is an e-mail address for the contact person.
-                    </p>
-                </div>
+            <div class="card-header">
+              <h3 class="card-title">Access Control</h3>
+            </div>
+            <div class="card-body">
+              <p>Users on the right have access to manage records in all domains
+                associated with the account.
+              </p>
+              <p>Click on users to move between columns.</p>
+              <div class="form-group col-2">
+                <select multiple="multiple" class="form-control" id="account_multi_user"
+                  name="account_multi_user">
+                  {% for user in users %}
+                    <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
+                      value="{{ user.username }}">{{ user.username }}
+                    </option>
+                  {% endfor %}
+                </select>
+              </div>
+            </div>
+            <div class="card-body">
+              <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
+                  Moving already associated domains to this account will overwrite the previous associated account.
+              </p>
+              <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
+              <div class="form-group col-2">
+                <select multiple="multiple" class="form-control" id="account_domains" name="account_domains">
+                  {% for domain in domains %}
+                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                      {% with account_id=domain.account_id %}
+                        <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}" value="{{ domain.name }}">
+                          {{ domain.name }}
+                        </option>
+                      {% endwith %}
+                    {% else %}
+                      <option {% if account.id == domain.account_id %}selected{% endif %} value="{{ domain.name }}">
+                        {{ domain.name }}
+                      </option>
+                    {% endif %}
+                  {% endfor %}
+                </select>
             </div>
+          </div>
+            <div class="card-footer">
+              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
+                Cancel
+              </button>
+              <button type="submit" class="btn btn-primary float-right">
+                {% if create %}Create{% else %}Update{% endif %} Account
+              </button>
+            </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-8">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Help with creating a new account</h3>
+          </div>
+          <div class="card-body">
+            <p>
+              An account allows grouping of domains belonging to a particular entity, such as a customer or
+              department.
+              <br />
+              A domain can be assigned to an account upon domain creation or through the domain administration
+              page.
+            </p>
+            <p>Fill in all the fields to the in the form to the left.</p>
+            <p>
+              <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
+                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
+                {% else %} (no extra character is allowed){% endif %}.<br />
+              <strong>Description</strong> is a user friendly name for this account.<br />
+              <strong>Contact person</strong> is the name of a contact person at the account.<br />
+              <strong>Mail Address</strong> is an e-mail address for the contact person.
+            </p>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
-    function addMultiSelect(id, placeholder) {
-        $(id).multiSelect({
-            selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-            selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-            afterInit: function (ms) {
-                var that = this,
-                    $selectableSearch = that.$selectableUl.prev(),
-                    $selectionSearch = that.$selectionUl.prev(),
-                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+  function addMultiSelect(id, placeholder) {
+    $(id).multiSelect({
+      selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+      selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+      afterInit: function (ms) {
+        var that = this,
+          $selectableSearch = that.$selectableUl.prev(),
+          $selectionSearch = that.$selectionUl.prev(),
+          selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+          selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                    .on('keydown', function (e) {
-                        if (e.which === 40) {
-                            that.$selectableUl.focus();
-                            return false;
-                        }
-                    });
+        that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+          .on('keydown', function (e) {
+            if (e.which === 40) {
+              that.$selectableUl.focus();
+              return false;
+            }
+          });
 
-                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                    .on('keydown', function (e) {
-                        if (e.which == 40) {
-                            that.$selectionUl.focus();
-                            return false;
-                        }
-                    });
-            },
-            afterSelect: function () {
-                this.qs1.cache();
-                this.qs2.cache();
-            },
-            afterDeselect: function () {
-                this.qs1.cache();
-                this.qs2.cache();
+        that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+          .on('keydown', function (e) {
+            if (e.which == 40) {
+              that.$selectionUl.focus();
+              return false;
             }
-        });
-    }
-    addMultiSelect("#account_multi_user", "Username")
-    addMultiSelect("#account_domains", "Domain")
+          });
+      },
+      afterSelect: function () {
+        this.qs1.cache();
+        this.qs2.cache();
+      },
+      afterDeselect: function () {
+        this.qs1.cache();
+        this.qs2.cache();
+      }
+    });
+  }
+  addMultiSelect("#account_multi_user", "Username")
+  addMultiSelect("#account_domains", "Domain")
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 6a9434025..23f58d33a 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -1,80 +1,92 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_keys" %}
+
 {% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
+
 {% block title %}
-<title>Edit Key - {{ SITE_NAME }}</title>
+  <title>
+    Edit Key - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Key
-        <small>{% if create %}New key{% else %}{{ key.id }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_keys') }}">Key</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} key</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            API Keys
+            <small>{% if create %}Add API Key{% else %}Edit API Key - {{ key.id }}{% endif %}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_keys') }}">API Keys</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add API Key{% else %}Edit API Key - {% endif %}{{ key.id }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-    <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} key</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="role">Role</label>
-                            <select class="key_role form-control" id="key_role" name="key_role">
-                                {% for role in roles %}
-                                <option value="{{ role.name }}"
-                                {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
-                                {% if (key is none) and (role.name=="User") %}selected{% endif %}
-                                >{{ role.name }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="description">Description</label>
-                            <input type="text" class="form-control" placeholder="Description" name="description"
-                                {% if key is not none %} value="{{ key.description }}" {% endif %}> <span
-                                class="glyphicon glyphicon-pencil form-control-feedback"></span>
-                        </div>
-                    </div>
-                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                      <h3 class="box-title">Accounts Access Control</h3>
-                    </div>
-                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                      <p>This key will be linked to the accounts on the right,</p>
-                      <p>thus granting access to domains owned by the selected accounts.</p>
-                      <p>Click on accounts to move between the columns.</p>
-                      <div class="form-group col-xs-2">
-                          <select multiple="multiple" class="form-control" id="key_multi_account"
-                              name="key_multi_account">
-                              {% for account in accounts %}
-                                  <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
-                              {% endfor %}
-                          </select>
-                      </div>
-                    </div>
-                    <div class="box-header with-border key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                        <h3 class="box-title">Domain Access Control</h3>
-                    </div>
-                    <div class="box-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+  <div class="container-fluid">
+  <div class="row">
+    <div class="col-4">
+      <div class="card ">
+        <div class="card-header">
+          <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
+        </div>
+        <form role="form" method="post"
+        action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
+          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+          <input type="hidden" name="create" value="{{ create }}">
+          <div class="card-body">
+            <div class="form-group has-feedback">
+              <label class="control-label" for="role">Role</label>
+              <select class="key_role form-control" id="key_role" name="key_role">
+                {% for role in roles %}
+                  <option value="{{ role.name }}"
+                  {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
+                  {% if (key is none) and (role.name=="User") %}selected{% endif %}>
+                    {{ role.name }}
+                  </option>
+                {% endfor %}
+              </select>
+            </div>
+            <div class="form-group has-feedback">
+              <label class="control-label" for="description">Description</label>
+                <input type="text" class="form-control" placeholder="Description" name="description"
+                {% if key is not none %} value="{{ key.description }}" {% endif %}>
+                <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
+              </div>
+            </div>
+            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <h3 class="card-title">Accounts Access Control</h3>
+            </div>
+            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <p>This key will be linked to the accounts on the right,</p>
+              <p>thus granting access to domains owned by the selected accounts.</p>
+              <p>Click on accounts to move between the columns.</p>
+              <div class="form-group col-2">
+                <select multiple="multiple" class="form-control" id="key_multi_account" name="key_multi_account">
+                  {% for account in accounts %}
+                    <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
+                  {% endfor %}
+                </select>
+              </div>
+            </div>
+            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+              <h3 class="card-title">Domain Access Control</h3>
+            </div>
+                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                         <p>This key will have acess to the domains on the right.</p>
                         <p>Click on domains to move between the columns.</p>
-                        <div class="form-group col-xs-2">
+                        <div class="form-group col-2">
                             <select multiple="multiple" class="form-control" id="key_multi_domain"
                                 name="key_multi_domain">
                                 {% for domain in domains %}
@@ -83,21 +95,24 @@ <h3 class="box-title">Domain Access Control</h3>
                             </select>
                         </div>
                     </div>
-                    <div class="box-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary" id="key_submit">{% if create %}Create{% else %}Update{% endif %}
-                            Key</button>
+                    <div class="card-footer">
+                      <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_keys') }}'">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                      </button>
+                      <button type="submit" class="btn btn-primary float-right" id="key_submit">
+                        <i class="fa-solid fa-save"></i>&nbsp;{% if create %}Create{% else %}Update{% endif %} Key
+                      </button>
                     </div>
                 </form>
             </div>
         </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
+        <div class="col-8">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
                     </h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>Fill in all the fields in the form to the left.</p>
                     <p><strong>Role</strong> The role of the key.</p>
                     <p><strong>Description</strong> The key description.</p>
@@ -106,8 +121,10 @@ <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a
             </div>
         </div>
     </div>
+    </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     $('form').submit(function (e) {
@@ -225,7 +242,7 @@ <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a
     {% if plain_key %}
     $(document.body).ready(function () {
         var modal = $("#modal_show_key");
-        var info = "{{ plain_key }}";
+        var info = "Please copy this key to a secure location. You will be unable to view it again once you close this window: {{ plain_key }}";
         modal.find('.modal-body p').text(info);
         modal.find('#button_key_confirm').click(redirect_modal);
         modal.find('#button_close_modal').click(redirect_modal);
@@ -241,45 +258,46 @@ <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a
 {% endblock %}
 {% block modals %}
 <div class="modal fade" id="modal_show_key">
-    <div class="modal-dialog">
-        <div class="modal-content modal-sm">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Your API key</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm">
-                    Confirm</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">New API Key</h5>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-primary" id="button_key_confirm">
+          Confirm
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 <div class="modal fade" id="modal_warning">
   <div class="modal-dialog">
-      <div class="modal-content modal-sm">
-          <div class="modal-header">
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-                  <span aria-hidden="true">&times;</span>
-              </button>
-              <h4 class="modal-title">WARNING</h4>
-          </div>
-          <div class="modal-body">
-              <p></p>
-          </div>
-          <div class="modal-footer">
-              <button type="button" class="btn btn-flat btn-primary center-block" id="button_key_confirm_warn">
-                  OK</button>
-          </div>
+    <div class="modal-content">
+      <div class="modal-header">
+        <h5 class="modal-title">WARNING</h5>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
       </div>
-      <!-- /.modal-content -->
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary close" data-dismiss="modal" id="button_close_modal">
+          Close
+        </button>
+        <button type="button" class="btn btn-primary" id="button_key_confirm_warn">
+          OK
+        </button>
+      </div>
+    </div>
   </div>
-  <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 34f4272bc..9e954fe74 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -1,127 +1,148 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_users" %}
-{% block title %}<title>Edit User - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        User
-        <small>{% if create %}New user{% else %}{{ user.username }}{% endif %}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('admin.manage_user') }}">User</a></li>
-        <li class="active">{% if create %}Add{% else %}Edit{% endif %} user</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Users
+            <small>{% if create %}New user{% else %}Edit user {{ user.username }}{% endif %}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_user') }}">Users</a></li>
+            <li class="breadcrumb-item active">{% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
+      <div class="col-4">
+        <div class="card card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
+          </div>
+          <form role="form" method="post"
+            action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
+                  {{ error }}
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post"
-                    action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        {% if error %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            {{ error }}
-                        </div>
-                        <span class="help-block">{{ error }}</span>
-                        {% endif %}
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="firstname">First Name</label>
-                            <input type="text" class="form-control" placeholder="First Name" name="firstname"
-                                {% if user %}value="{{ user.firstname }}" {% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="lastname">Last Name</label>
-                            <input type="text" class="form-control" placeholder="Last name" name="lastname"
-                                {% if user %}value="{{ user.lastname }}" {% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="email">E-mail address</label>
-                            <input type="email" class="form-control" placeholder="Email" name="email" id="email"
-                                {% if user %}value="{{ user.email }}" {% endif %}> <span
-                                class="glyphicon glyphicon-envelope form-control-feedback"></span>
-                        </div>
-                        <p class="login-box-msg">Enter the account details below</p>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="username">Username</label>
-                            <input type="text" class="form-control" placeholder="Username" name="username"
-                                {% if user %}value="{{ user.username }}" {% endif %}
-                                {% if not create %}disabled{% endif %}> <span
-                                class="glyphicon glyphicon-user form-control-feedback"></span>
-                        </div>
-                        <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
-                            <label class="control-label" for="username">Password</label>
-                            <input type="password" class="form-control"
-                                placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
-                                name="password"> <span class="glyphicon glyphicon-lock form-control-feedback"></span>
-                            {% if blank_password %}
-                            <span class="help-block">The password cannot be blank.</span>
-                            {% endif %}
-                        </div>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit"
-                            class="btn btn-flat btn-primary">{% if create %}Create{% else %}Update{% endif %}
-                            User</button>
-                    </div>
-                </form>
+                <span class="help-block">{{ error }}</span>
+              {% endif %}
+              <div class="form-group has-feedback">
+                <label class="control-label" for="firstname">First Name</label>
+                <input type="text" class="form-control" placeholder="First Name" name="firstname"
+                  {% if user %}value="{{ user.firstname }}" {% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="lastname">Last Name</label>
+                <input type="text" class="form-control" placeholder="Last name" name="lastname"
+                  {% if user %}value="{{ user.lastname }}" {% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="email">E-mail address</label>
+                <input type="email" class="form-control" placeholder="Email" name="email" id="email"
+                  {% if user %}value="{{ user.email }}" {% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
+              <p class="login-box-msg">Enter the account details below</p>
+              <div class="form-group has-feedback">
+                <label class="control-label" for="username">Username</label>
+                <input type="text" class="form-control" placeholder="Username" name="username"
+                  {% if user %}value="{{ user.username }}" {% endif %}
+                  {% if not create %}disabled{% endif %}>
+                <span class="form-control-feedback"></span>
+              </div>
+              <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
+                <label class="control-label" for="username">Password</label>
+                <input type="password" class="form-control"
+                  placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
+                  name="password">
+                <span class="form-control-feedback"></span>
+                {% if blank_password %}
+                  <span class="help-block">The password cannot be blank.</span>
+                {% endif %}
+              </div>
             </div>
-            {% if not create %}
-            <div class="box box-secondary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Two Factor Authentication</h3>
-                </div>
-                <div class="box-body">
-                    <p>If two factor authentication was configured and is causing problems due to a lost device or
-                        technical issue, it can be disabled here.</p>
-                    <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
-                    <p><strong>Beware: This could compromise security!</strong></p>
-                </div>
-                <div class="box-footer">
-                    <button type="button" class="btn btn-flat btn-warning button_otp_disable" id="{{ user.username }}"
-                        {% if not user.otp_secret %}disabled{% endif %}>Disable Two Factor Authentication</button>
-                </div>
+            <div class="card-footer">
+              <button type="submit" class="btn btn-primary">
+                {% if create %}Create{% else %}Update{% endif %} User
+              </button>
             </div>
-            {% endif %}
+          </form>
         </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} user
-                    </h3>
-                </div>
-                <div class="box-body">
-                    <p>Fill in all the fields to the in the form to the left.</p>
-                    {% if create %}
-                    <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
-                        access to the user once it is created via the domain management buttons on the dashboard.</p>
-                    {% else %}
-                    <p><strong>Password</strong> can be left empty to keep the current password.</p>
-                    <p><strong>Username</strong> cannot be changed.</p>
-                    {% endif %}
-                </div>
+        {% if not create %}
+          {% if user.otp_secret %}
+            <div class="card">
+              <div class="card-header">
+                <h3 class="card-title">Two Factor Authentication</h3>
+              </div>
+              <div class="card-body">
+                <p>If two factor authentication is configured for this user and is causing problems due to a lost device or
+                  technical issue, it can be disabled here.
+                </p>
+                <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
+                <p><strong>Beware: This could compromise security!</strong></p>
+              </div>
+              <div class="card-footer">
+                <button type="button" class="btn btn-warning button_otp_disable" id="{{ user.username }}">
+                  Disable Two Factor Authentication
+                </button>
+              </div>
             </div>
+          {% endif %}
+        {% endif %}
+      </div>
+      <div class="col-8">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">
+              Help with {% if create %}creating a new{% else%}editing a{% endif %} user
+            </h3>
+          </div>
+          <div class="card-body">
+            <p>Fill in all the fields to the in the form to the left.</p>
+            {% if create %}
+              <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
+                access to the user once it is created via the domain management buttons on the dashboard.
+              </p>
+            {% else %}
+              <p><strong>Username</strong> cannot be changed.</p>
+              <p><strong>Password</strong> can be left empty to keep the current password.</p>
+            {% endif %}
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     // handle disabling two factor authentication
@@ -147,18 +168,21 @@ <h3 class="box-title">Help with {% if create %}creating a new{% else%}updating a
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_otp_disable_confirm">Disable Two Factor
-                    Authentication</button>
+                <button type="button" class="btn btn-default" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-danger float-right" id="button_otp_disable_confirm">
+                  Disable Two Factor Authentication
+                </button>
             </div>
         </div>
     </div>
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 2e38bf191..dfe14a67c 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -1,190 +1,201 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_global_search" %}
+
 {% block title %}
-<title>Global Search - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Global Search <small>Search for domains, records and comments directly from PDNS API</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Global Search</li>
-    </ol>
-</section>
-{% endblock %} {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box-body">
-                <!-- search form -->
-                <form action="" method="get">
-                    <div class="input-group">
-                        <input type="text" name="q" class="form-control" placeholder="Your keyword...">
-                        <div class="input-group-btn">
-                            <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
-                        </div>
-                    </div>
-                </form>
-                <div>
-                    <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
-                        a wildcard for a
-                        single character.</p>
-                </div>
-                <!-- /.search form -->
-            </div>
+  <title>
+    Global Search - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Global Search
+            <small>Search for domains, records and comments directly from PDNS API</small>
+          </h1>
         </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Global Search</li>
+          </ol>
+        </div>
+      </div>
     </div>
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Domains ({{ domains|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_domain" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Domain</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for domain in domains %}
-                            <tr class="odd gradeX">
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
+  </div>
+{% endblock %}
+
+{% block content %}
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">Global Search</h3>
+            </div>
+            <div class="card-body">
+              <form action="" method="get">
+                <div class="input-group">
+                  <input type="text" name="q" class="form-control" placeholder="Your keyword...">
+                  <div class="input-group-btn">
+                    <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
+                  </div>
                 </div>
-                <!-- /.box-body -->
+              </form>
+              <div>
+                <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
+                  a wildcard for a
+                  single character.
+                </p>
+              </div>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
+      </div>
 
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Records ({{ records|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_record" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Type</th>
-                                <th>Status</th>
-                                <th>TTL</th>
-                                <th>Data</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for record in records %}
-                            <tr class="odd gradeX">
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
-                                </td>
-                                <td>{{ record['type'] }}</td>
-                                <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
-                                <td>{{ record['ttl'] }}</td>
-                                <td>{{ record['content'] }}</td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">Domains ({{ domains|length }})</h3>
+            </div>
+            <div class="card-body">
+              <table id="tbl_domain" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Domain</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for domain in domains %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
+      </div>
 
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Comments ({{ comments|length }})</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_comment" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Comment</th>
-                                <th>Record</th>
-                                <th>Domain</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for comment in comments %}
-                            <tr class="odd gradeX">
-                                <td>{{ comment['content'] }}</td>
-                                <td>{{ comment['name'] }}</td>
-                                <td>
-                                    <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">Records ({{ records|length }})</h3>
             </div>
-            <!-- /.box -->
+            <div class="card-body">
+              <table id="tbl_record" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Name</th>
+                    <th>Type</th>
+                    <th>Status</th>
+                    <th>TTL</th>
+                    <th>Data</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for record in records %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
+                      </td>
+                      <td>{{ record['type'] }}</td>
+                      <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
+                      <td>{{ record['ttl'] }}</td>
+                      <td>{{ record['content'] }}</td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">Comments ({{ comments|length }})</h3>
+            </div>
+            <div class="card-body">
+              <table id="tbl_comment" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Comment</th>
+                    <th>Record</th>
+                    <th>Domain</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for comment in comments %}
+                    <tr class="odd gradeX">
+                      <td>{{ comment['content'] }}</td>
+                      <td>{{ comment['name'] }}</td>
+                      <td>
+                        <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up domain result data table
     $("#tbl_domain").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
 
-<script>
     // set up domain result data table
     $("#tbl_record").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
 
-<script>
     // set up domain result data table
     $("#tbl_comment").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": false,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "order": [
-            [0, "asc"]
-        ]
+      "paging": false,
+      "lengthChange": false,
+      "searching": false,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "order": [
+        [0, "asc"]
+      ]
     });
-</script>
+  </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index aa16c4a72..f2a86196c 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -1,81 +1,108 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_history" %}
+
 {% block title %}
-<title>History - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        History <small>Recent events</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">History</li>
-    </ol>
-</section>
+  <title>
+    History - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            History
+            <small>Recent Events</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">History</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %} 
+
 {% block content %}
 {% import 'applied_change_macro.html' as applied_change_macro %}
-
-
-
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">History Management</h3>
-                </div>
-                <div class="box-body clearfix">
-                    <button type="button" class="btn btn-flat btn-danger pull-right" data-toggle="modal"
-                        data-target="#modal_clear_history"
-                        {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                        Clear History&nbsp;<i class="fa fa-trash"></i>
-                    </button>
+      <div class="col-12">
+        <div class="card card-outline card-secondary">
+          <div class="card-header with-border">
+            <h3 class="card-title">History Management</h3>
+            {% if current_user.role.name != 'User' %}
+              <button type="button" class="btn btn-danger float-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
+                <i class="fa-solid fa-trash"></i>  
+                &nbsp;Clear History
+              </button>
+            {% endif %}
+          </div>
+          <div class="card-body clearfix">
+            <form id="history-search-form" autocomplete="off">
+                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+                  <li class="nav-item">
+                    <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
+                      Search for All Activity
+                    </a>
+                  </li>
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
+                      Search By Domain
+                    </a>
+                  </li>
+                  <li class="nav-item">
+                    <a class="nav-link with-border" href="#tabs-account" data-toggle="pill" role="tab">
+                      Search By Account
+                    </a>
+                  </li>
+                  {% if current_user.role.name != 'User' %}
+                    <li class="nav-item">
+                      <a class="nav-link" href="#tabs-auth" data-toggle="pill" role="tab">
+                        Search for User Authentication
+                      </a>
+                    </li>
+                  {% endif %}
+                </ul>
+            <div class="tab-content">
+              <div class="tab-pane" id="tabs-act">
+            </div>
+            <div class="tab-pane" id="tabs-domain">
+              <td>
+                <label>Domain Name</label>
+              </td>
+              <td>
+                <div class="autocomplete" style="width:250px;">
+                  <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
                 </div>
-
-                <div class="box-body clearfix">
-                    <form id="history-search-form" autocomplete="off">
-                        <!-- Custom Tabs -->
-                        <div class="nav-tabs-custom" id="tabs">
-                            <ul class="nav nav-tabs" id="nav_nav_tabs" name="nav_nav_tabs">
-                                <li id="activity_tab" class="active"><a href="#tabs-act"    data-toggle="tab">Search for All Activity</a></li>
-                                <li id="domain_tab"><a href="#tabs-domain"   data-toggle="tab">Search By Domain</a></li>
-                                <li id="account_tab"><a href="#tabs-account" data-toggle="tab">Search By Account</a></li>
-                                {% if current_user.role.name != 'User' %}
-                                <li id="user_auth_tab"><a href="#tabs-auth"  data-toggle="tab">Search for User Authentication</a></li>
-                                {% endif %}
-                            </ul>
-                            <div class="tab-content">
-                                <div class="tab-pane" id="tabs-act">
-                                </div>
-                                <div class="tab-pane" id="tabs-domain">
-                                    <td><label>Domain Name</label></td>
-                                    <td>
-                                        <div class="autocomplete" style="width:250px;">
-                                            <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
-                                        </div>
-                                    </td>
-                                    <td>
-                                        <div style="position: relative; top:10px;">
-                                            <td>Record Changelog only &nbsp</td>
-                                                <td>
-                                                    <input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                                </td>
-                                        </div>
-                                    </td>
-                                </div>
-                                <div class="tab-pane" id="tabs-account">
-                                    <td><label>Account Name</label></td>
-                                    <td>
-                                        <div class="autocomplete" style="width:250px;">
-                                            <input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
-                                        </div>
-                                    </td>
-                                </div>
-                                <div class="tab-pane" id="tabs-auth">
-                                    <td><label>Username</label></td>
+              </td>
+              <td>
+<div style="position: relative; top:10px;">
+<td>Record Changelog only &nbsp</td>
+<td>
+<input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
+class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
+</td>
+</div>
+</td>
+</div>
+<div class="tab-pane" id="tabs-account">
+<td><label>Account Name</label></td>
+<td>
+<div class="autocomplete" style="width:250px;">
+<input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
+</div>
+</td>
+</div>
+<div class="tab-pane" id="tabs-auth">
+<td><label>Username</label></td>
                                     <td>
                                         <div class="autocomplete" style="width:250px;">
                                             <input type="text" class="form-control" id="auth_name_filter" name="auth_name_filter" placeholder="Enter * to search for any username" value=""> 
@@ -109,9 +136,7 @@ <h3 class="box-title">History Management</h3>
                                     </td>
                                 </div>
                         </div>
-                        <!-- End Custom Tabs -->
-
-                        <div class="box-body">
+                        <div class="card-body">
                             <table id="Filters-Table">
                                 <thead>
                                     <th>Filters</th>
@@ -145,29 +170,18 @@ <h3 class="box-title">History Management</h3>
                                     <tr><td>&nbsp</td></tr>
                                     <tr>
                                         <td>
-                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-flat btn-primary button-filter">Search&nbsp;<i class="fa fa-search"></i></button>
+                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search</button>
                                         </td>
                                         <td>
-                                            <!-- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -->
-                                            <button id="clear-filters" name="clear-filters" class="btn btn-flat btn-warning button-clearf">Clear Filters&nbsp;<i class="fa fa-trash"></i></button>
+                                            <button id="clear-filters" name="clear-filters" class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear Filters</button>
                                         </td>
                                     </tr>
                                 </tbody>
                             </table>
-                        </div>
                     </form>
                 </div>
-
                 <div id="table_from_ajax"></div>
-
-
-                <!-- /.box-body -->
             </div>
-            <!-- /.box -->
-        </div>
-        <!-- /.col -->
-    </div>
-    <!-- /.row -->
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -471,49 +485,45 @@ <h3 class="box-title">History Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<!-- Clear History Confirmation Box -->
-<div class="modal fade modal-warning" id="modal_clear_history">
+  <!-- Clear History Confirmation Box -->
+  <div class="modal fade modal-warning" id="modal_clear_history">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p>Are you sure you want to remove all history?</p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger"
-                    onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">Clear
-                    History</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-body">
+          <p>Are you sure you want to remove all history?</p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
+          <button type="button" class="btn btn-danger float-right" onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">
+            Clear History
+          </button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade" id="modal_history_info">
+  </div>
+  <!-- History Details Box -->
+  <div class="modal fade" id="modal_history_info">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">History Details</h4>
-            </div>
-            <div class="modal-body">
-                <div id="modal-info-content"></div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right" data-dismiss="modal">Close</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">History Details</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-body">
+          <div id="modal-info-content"></div>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default float-right" data-dismiss="modal">Close</button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<!-- /.modal -->
+  </div>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 4f3d73d76..8f1d25f7d 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -1,90 +1,86 @@
-
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
-
 {% if len_histories >= lim %}
-<p style="color: rgb(224, 3, 3);"><b>Limit of loaded history records has been reached! Only {{lim}} history records are shown. </b></p>
+  <p style="color: rgb(224, 3, 3);">
+    <b>Limit of loaded history records has been reached! Only {{lim}} history records are shown.</b>
+  </p>
 {% endif %}
 
-<div class="box-body"></div>
-    <table id="tbl_history" class="table table-bordered table-striped">
-        <thead>
-            <tr>
-                <th>Changed by</th>
-                <th>Content</th>
-                <th>Time</th>
-                <th>Detail</th>
-            </tr>
-        </thead>
-        <tbody>
-            {% for history in histories %}
-            <tr class="odd gradeX">
-                <td>{{ history.history.created_by }}</td>
-                <td>{{ history.history.msg }}</td>
-                <td>{{ history.history.created_on }}</td>
-                
-                <td width="6%">
-                    <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                        {{ history.detailed_msg | safe }}
-                        {% if history.change_set %}
-                        <div class="content">
-                            <div id="change_index_definition"></div>
-                            {% call applied_change_macro.applied_change_template(history.change_set) %}
-                            {% endcall %}
-                        </div>
-                        {% endif %}
-                    </div>
-                    <button type="button" class="btn btn-flat btn-primary history-info-button"
-                        {% if history.detailed_msg == "" and history.change_set is none %}
-                        style="visibility: hidden;"
-			{% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
-                    </button>
-                </td>
-            </tr>
-            {% endfor %}
-        </tbody>
-    </table>
+<div class="card-body"></div>
+  <table id="tbl_history" class="table table-bordered table-striped">
+    <thead>
+      <tr>
+        <th>Changed by</th>
+        <th>Content</th>
+        <th>Time</th>
+        <th>Detail</th>
+      </tr>
+    </thead>
+    <tbody>
+      {% for history in histories %}
+        <tr class="odd gradeX">
+          <td>{{ history.history.created_by }}</td>
+          <td>{{ history.history.msg }}</td>
+          <td>{{ history.history.created_on }}</td>
+          <td width="6%">
+            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+              {{ history.detailed_msg | safe }}
+              {% if history.change_set %}
+                <div class="content">
+                  <div id="change_index_definition"></div>
+                  {% call applied_change_macro.applied_change_template(history.change_set) %}
+                  {% endcall %}
+                </div>
+              {% endif %}
+            </div>
+            <button type="button" class="btn btn-primary history-info-button"
+              {% if history.detailed_msg == "" and history.change_set is none %}
+                style="visibility: hidden;"
+              {% endif %} value="{{ loop.index0 }}">
+              <i class="fa-solid fa-info"></i>
+              &nbsp;Info
+            </button>
+          </td>
+        </tr>
+      {% endfor %}
+    </tbody>
+  </table>
 </div>
 
 <script>
-var table;
-$(document).ready(function () {
-
-        table = $('#tbl_history').DataTable({
-            "order": [
-                [2, "desc"]
-            ],
-            "searching": true,
-            "columnDefs": [{
-                "type": "time",
-                "render": function (data, type, row) {
-                    return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
-                },
-                "targets": 2
-            }],
-            "info": true,
-            "autoWidth": false,
-            orderCellsTop: true,
-            fixedHeader: true
-        });
-
+  var table;
+  $(document).ready(function () {
+    table = $('#tbl_history').DataTable({
+      "order": [
+        [2, "desc"]
+      ],
+      "searching": true,
+      "columnDefs": [{
+        "type": "time",
+        "render": function (data, type, row) {
+          return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
+        },
+        "targets": 2
+      }],
+      "info": true,
+      "autoWidth": false,
+      orderCellsTop: true,
+      fixedHeader: true
+    });
     $(document.body).on('click', '.history-info-button', function () {
-        var modal = $("#modal_history_info");
-        var history_id = $(this).val();
-        var info = $("#history-info-div-" + history_id).html();
-        $('#modal-info-content').html(info);
-        modal.modal('show');
+      var modal = $("#modal_history_info");
+      var history_id = $(this).val();
+      var info = $("#history-info-div-" + history_id).html();
+      $('#modal-info-content').html(info);
+      modal.modal('show');
     });
-
     $(document.body).on("click", ".button-filter", function (e) {
-        e.stopPropagation();
-        var nextRow = $("#filter-table")
-        if (nextRow.css("visibility") == "visible")
-            nextRow.css("visibility", "collapse")
-        else
-            nextRow.css("visibility", "visible")
+      e.stopPropagation();
+      var nextRow = $("#filter-table")
+      if (nextRow.css("visibility") == "visible")
+          nextRow.css("visibility", "collapse")
+      else
+        nextRow.css("visibility", "visible")
     });
-
-});
-
-</script>
+  });
+</script>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index 5aabbc17b..c02a18c10 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -1,76 +1,97 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_accounts" %}
+
 {% block title %}
-<title>Account Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Accounts <small>Manage accounts</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Accounts</li>
-    </ol>
-</section>
-{% endblock %} {% block content %}
+  <title>
+    Account Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Accounts
+            <small>Manage</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">Accounts</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
+{% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Account Management</h3>
-                </div>
-                <div class="box-body">
-                    <a href="{{ url_for('admin.edit_account') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_account">
-                            Add Account&nbsp;<i class="fa fa-plus"></i>
+      <div class="col-12">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Account Management</h3>
+            <a href="{{ url_for('admin.edit_account') }}">
+              <button type="button" class="btn btn-primary float-right button_add_account">
+                <i class="fa-solid fa-plus"></i>&nbsp;Add Account
+              </button>
+            </a>
+          </div>
+          <div class="card-body">
+            <table id="tbl_accounts" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Description</th>
+                  <th>Contact</th>
+                  <th>Mail</th>
+                  <th>Member</th>
+                  <th>Domain</th>
+                  <th>Action</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for account in accounts %}
+                  <tr class="odd gradeX">
+                    <td>{{ account.name }}</td>
+                    <td>{{ account.description }}</td>
+                    <td>{{ account.contact }}</td>
+                    <td>{{ account.mail }}</td>
+                    <td>{{ account.user_num }}</td>
+                    <td>{{ account.domains|length }}</td>
+                    <td width="15%">
+                      <div class="dropdown">
+                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
                         </button>
-                    </a>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_accounts" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Description</th>
-                                <th>Contact</th>
-                                <th>Mail</th>
-                                <th>Member</th>
-                                <th>Domain</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for account in accounts %}
-                            <tr class="odd gradeX">
-                                <td>{{ account.name }}</td>
-                                <td>{{ account.description }}</td>
-                                <td>{{ account.contact }}</td>
-                                <td>{{ account.mail }}</td>
-                                <td>{{ account.user_num }}</td>
-                                <td>{{ account.domains|length }}</td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success"
-                                        onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
-                                        Edit&nbsp;<i class="fa fa-cog"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ account.name }}">
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
+                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Account
+                          </button>
+                          <div class="dropdown-divider"></div>
+                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ account.name }}">
+                            <font color="red">
+                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Account
+                            </font>
+                          </button>
+                         </div>
+                      </div>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -114,21 +135,21 @@ <h3 class="box-title">Account Management</h3>
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+<div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+                <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
             </div>
         </div>
         <!-- /.modal-content -->
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index dadc2a0f0..87a36b058 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -1,133 +1,153 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_keys" %}
+
 {% block title %}
-<title>Key Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Key <small>Manage API keys</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Key</li>
-    </ol>
-</section>
-{% endblock %} {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Key Management</h3>
-                </div>
-                <div class="box-body">
-                    <a href="{{ url_for('admin.edit_key') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_key">
-                            Add Key&nbsp;<i class="fa fa-plus"></i>
-                        </button>
-                    </a>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_keys" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Id</th>
-                                <th>Role</th>
-                                <th>Description</th>
-                                <th>Domains</th>
-                                <th>Accounts</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for key in keys %}
-                            <tr class="odd gradeX">
-                                <td>{{ key.id }}</td>
-                                <td>{{ key.role.name }}</td>
-                                <td>{{ key.description }}</td>
-                                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success button_edit"
-                                        onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
-                                        Edit&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ key.id }}">
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+  <title>
+    Key Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            API Keys
+            <small>Management</small>
+          </h1>
         </div>
-        <!-- /.col -->
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">API Keys</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
+{% block content %}
+<section class="content">
+  <div class="container-fluid">
+    <div class="card">
+      <div class="card-header with-border">
+        <h3 class="card-title">Key Management</h3>
+        <a href="{{ url_for('admin.edit_key') }}">
+          <button type="button" class="btn btn-primary float-right button_add_key">
+            <i class="fa-solid fa-plus"></i>&nbsp;Add Key
+          </button>
+        </a>
+      </div>
+      <div class="card-body">
+        <table id="tbl_keys" class="table table-bordered table-striped">
+          <thead>
+            <tr>
+              <th>Id</th>
+              <th>Role</th>
+              <th>Description</th>
+              <th>Domains</th>
+              <th>Accounts</th>
+              <th>Actions</th>
+            </tr>
+          </thead>
+          <tbody>
+            {% for key in keys %}
+              <tr class="odd gradeX">
+                <td>{{ key.id }}</td>
+                <td>{{ key.role.name }}</td>
+                <td>{{ key.description }}</td>
+                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
+                <td width="15%">
+                  <div class="dropdown">
+                    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                      <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                    </button>
+                    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                      <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
+                        <i class="fa-solid fa-edit"></i>&nbsp;Edit API Key
+                      </button>
+                      <div class="dropdown-divider"></div>
+                      <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ key.id }}">
+                        <font color="red">
+                          <i class="fa-solid fa-trash"></i>&nbsp;Delete API Key
+                        </font>
+                      </button>
+                     </div>
+                  </div>
+                </td>
+              </tr>
+            {% endfor %}
+          </tbody>
+        </table>
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up key data table
     $("#tbl_keys").DataTable({
-        "paging": true,
-        "lengthChange": true,
-        "searching": true,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "lengthMenu": [
-            [10, 25, 50, 100, -1],
-            [10, 25, 50, 100, "All"]
-        ],
-        "pageLength": 10
+      "paging": true,
+      "lengthChange": true,
+      "searching": true,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "lengthMenu": [
+        [10, 25, 50, 100, -1],
+        [10, 25, 50, 100, "All"]
+      ],
+      "pageLength": 10
     });
 
     // handle deletion of keys
     $(document.body).on('click', '.button_delete', function () {
-        var modal = $("#modal_delete");
-        var key_id = $(this).prop('id');
-        var info = "Are you sure you want to delete key #" + key_id + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            var postdata = {
-                'action': 'delete_key',
-                'data': key_id,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
-
+      var modal = $("#modal_delete");
+      var key_id = $(this).prop('id');
+      var info = "Are you sure you want to delete key #" + key_id + "?";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_delete_confirm').click(function () {
+        var postdata = {
+          'action': 'delete_key',
+          'data': key_id,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade modal-warning" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">
+            Delete
+          </button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index d6a720421..ba978a115 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -1,205 +1,237 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_users" %}
+
 {% block title %}
-<title>User Management - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        User <small>Manage user privileges</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">User</li>
-    </ol>
-</section>
-{% endblock %} {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">User Management</h3>
-                </div>
-                <div class="box-body">
-                    <a href="{{ url_for('admin.edit_user') }}">
-                        <button type="button" class="btn btn-flat btn-primary pull-left button_add_user">
-                            Add User&nbsp;<i class="fa fa-plus"></i>
+  <title>
+    User Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            User
+            <small>Manage user privileges</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item active">User</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
+{% block content %}
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <h3 class="card-title">User Management</h3>
+              <a href="{{ url_for('admin.edit_user') }}">
+                <button type="button" class="btn btn-primary float-right button_add_user">
+                  <i class="fa-solid fa-plus"></i>&nbsp;Add User
+                </button>
+              </a>
+            </div>
+            <div class="card-body">
+              <table id="tbl_users" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th>Username</th>
+                    <th>First Name</th>
+                    <th>Last Name</th>
+                    <th>Email</th>
+                    <th>Role</th>
+                    <th>Privileges</th>
+                    <th>Action</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for user in users %}
+                    <tr class="odd gradeX">
+                      <td>{{ user.username }}</td>
+                      <td>{{ user.firstname }}</td>
+                      <td>{{ user.lastname }}</td>
+                      <td>{{ user.email }}</td>
+                      <td>
+                        <select id="{{ user.username }}" class="user_role"
+                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                          {% for role in roles %}
+                            <option value="{{ role.name }}"
+                              {% if role.id==user.role.id %}selected{% endif %}>
+                                {{ role.name }}
+                            </option>
+                          {% endfor %}
+                        </select>
+                      </td>
+                      <td width="6%">
+                        <button type="button" class="btn btn-warning button_revoke"
+                          id="{{ user.username }}"
+                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                            <i class="fa-solid fa-link-slash"></i>&nbsp;Revoke
                         </button>
-                    </a>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_users" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Username</th>
-                                <th>First Name</th>
-                                <th>Last Name</th>
-                                <th>Email</th>
-                                <th>Role</th>
-                                <th>Privileges</th>
-                                <th>Action</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for user in users %}
-                            <tr class="odd gradeX">
-                                <td>{{ user.username }}</td>
-                                <td>{{ user.firstname }}</td>
-                                <td>{{ user.lastname }}</td>
-                                <td>{{ user.email }}</td>
-                                <td>
-                                    <select id="{{ user.username }}" class="user_role"
-                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                                        {% for role in roles %}
-                                        <option value="{{ role.name }}"
-                                            {% if role.id==user.role.id %}selected{% endif %}>{{ role.name }}</option>
-                                        {% endfor %}
-                                    </select>
-                                </td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning button_revoke"
-                                        id="{{ user.username }}"
-                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                                        Revoke&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                </td>
-                                <td width="15%">
-                                    <button type="button" class="btn btn-flat btn-success button_edit"
-                                        onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'"
-                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                                        Edit&nbsp;<i class="fa fa-lock"></i>
-                                    </button>
-                                    <button type="button" class="btn btn-flat btn-danger button_delete"
-                                        id="{{ user.username }}"
-                                        {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                                        Delete&nbsp;<i class="fa fa-trash"></i>
-                                    </button>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+                      </td>
+                      <td width="15%">
+
+                        <div class="dropdown">
+                          <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"
+                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                            <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                          </button>
+                          <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                            <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'">
+                              <i class="fa-solid fa-edit"></i>&nbsp;Edit User
+                            </button>
+                            {% if not user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}
+                              <div class="dropdown-divider"></div>
+                              <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ user.username }}">
+                                <font color="red">
+                                  <i class="fa-solid fa-trash"></i>&nbsp;Delete User
+                                </font>
+                              </button>
+                            {% endif %}
+                           </div>
+                        </div>
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     // set up user data table
     $("#tbl_users").DataTable({
-        "paging": true,
-        "lengthChange": true,
-        "searching": true,
-        "ordering": true,
-        "info": false,
-        "autoWidth": false,
-        "lengthMenu": [
-            [10, 25, 50, 100, -1],
-            [10, 25, 50, 100, "All"]
-        ],
-        "pageLength": 10
+      "paging": true,
+      "lengthChange": true,
+      "searching": true,
+      "ordering": true,
+      "info": false,
+      "autoWidth": false,
+      "lengthMenu": [
+        [10, 25, 50, 100, -1],
+        [10, 25, 50, 100, "All"]
+      ],
+      "pageLength": 10
     });
 
     // handle revocation of privileges
     $(document.body).on('click', '.button_revoke', function () {
-        var modal = $("#modal_revoke");
-        var username = $(this).prop('id');
-        var info = "Are you sure you want to revoke all privileges for " + username +
-            ". They will not able to access any domain.";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_revoke_confirm').click(function () {
-            var postdata = {
-                'action': 'revoke_user_privileges',
-                'data': username,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
+      var modal = $("#modal_revoke");
+      var username = $(this).prop('id');
+      var info = "Are you sure you want to revoke all privileges for user " + username +
+        "? They will not able to access any domain.";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_revoke_confirm').click(function () {
+        var postdata = {
+          'action': 'revoke_user_privileges',
+          'data': username,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
+
     // handle deletion of user
     $(document.body).on('click', '.button_delete', function () {
-        var modal = $("#modal_delete");
-        var username = $(this).prop('id');
-        var info = "Are you sure you want to delete " + username + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            var postdata = {
-                'action': 'delete_user',
-                'data': username,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
-
+      var modal = $("#modal_delete");
+      var username = $(this).prop('id');
+      var info = "Are you sure you want to delete user " + username + "?";
+      modal.find('.modal-body p').text(info);
+      modal.find('#button_delete_confirm').click(function () {
+        var postdata = {
+          'action': 'delete_user',
+          'data': username,
+          '_csrf_token': '{{ csrf_token() }}'
+        }
+        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
+        modal.modal('hide');
+      })
+      modal.modal('show');
     });
 
     // handle user role changing
     $(document.body).on('change', '.user_role', function () {
-        var role_name = this.value;
-        var username = $(this).prop('id');
-        var postdata = {
-            'action': 'update_user_role',
-            'data': {
-                'username': username,
-                'role_name': role_name
-            },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
+      var role_name = this.value;
+      var username = $(this).prop('id');
+      var postdata = {
+        'action': 'update_user_role',
+        'data': {
+          'username': username,
+          'role_name': role_name
+        },
+        '_csrf_token': '{{ csrf_token() }}'
+      };
+      applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_revoke">
+  <div class="modal fade" id="modal_revoke">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_revoke_confirm">Revoke</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger float-right" id="button_revoke_confirm">
+            Revoke
+          </button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-warning" id="modal_delete">
+  </div>
+
+  <div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-default float-right" data-dismiss="modal">
+            Close
+          </button>
+          <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
+            Delete
+          </button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
index cd5a00003..b0e52f482 100644
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ b/powerdnsadmin/templates/admin_pdns_stats.html
@@ -1,116 +1,127 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_console" %}
-{% block title %}<title>Admin Console - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Admin Console - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        PowerDNS server configuration & statistics
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Admin Console</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            PowerDNS
+            <small>Server Statistics & Configuration</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">PowerDNS Server Statistics & Configuration</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">PDNS Statistics</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_statistics" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th width="6%">Docs</th>
-                                <th>Statistic</th>
-                                <th>Value</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for statistic in statistics %}
-                            <tr class="odd gradeX">
-                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
-                                        target="_blank" class="btn btn-flat btn-xs blue"><i
-                                            class="fa fa-search"></i></a></td>
-                                <td>{{ statistic['name'] }}</td>
-                                <td>{{ statistic['value'] }}</td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">PowerDNS Server Statistics</h3>
+            </div>
+            <div class="card-body">
+              <table id="tbl_statistics" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th width="30%">Statistic</th>
+                    <th>Value</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for statistic in statistics %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
+                        target="_blank" class="btn btn-primary">
+                          <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
+                        </a>
+                      </td>
+                      <td>{{ statistic['value'] }}</td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
             </div>
-            <!-- /.box -->
+          </div>
         </div>
-        <!-- /.col -->
-    </div>
-    <!-- /.row -->
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">PDNS Configuration</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_configuration" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th width="6%">Docs</th>
-                                <th>Statistic</th>
-                                <th>Value</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for config in configs %}
-                            <tr class="odd gradeX">
-                                <td><a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
-                                        target="_blank" class="btn btn-flat btn-xs blue"><i
-                                            class="fa fa-search"></i></a></td>
-                                <td>{{ config['name'] }}</td>
-                                <td>
-                                    {{ config['value'] }}
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
+      </div>
+      <div class="row">
+        <div class="col-12">
+          <div class="card shadow">
+            <div class="card-header">
+              <h3 class="card-title">PowerDNS Server Configuration</h3>
             </div>
-            <!-- /.box -->
+            <div class="card-body">
+              <table id="tbl_configuration" class="table table-bordered table-striped">
+                <thead>
+                  <tr>
+                    <th width="30%">Configuration</th>
+                    <th>Value</th>
+                  </tr>
+                </thead>
+                <tbody>
+                  {% for config in configs %}
+                    <tr class="odd gradeX">
+                      <td>
+                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
+                        target="_blank" class="btn btn-primary">
+                          <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
+                        </a>
+                      </td>
+                      <td>
+                        {{ config['value'] }}
+                      </td>
+                    </tr>
+                  {% endfor %}
+                </tbody>
+              </table>
+            </div>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-    // set up statistics data table
-    $("#tbl_statistics").DataTable({
-        "paging": true,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
-    });
+  // set up statistics data table
+  $("#tbl_statistics").DataTable({
+    "paging": true,
+    "lengthChange": true,
+    "searching": true,
+    "ordering": true,
+    "info": true,
+    "autoWidth": false
+  });
 
-    // set up configuration data table
-    $("#tbl_configuration").DataTable({
-        "paging": true,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
-    });
+  // set up configuration data table
+  $("#tbl_configuration").DataTable({
+    "paging": true,
+    "lengthChange": true,
+    "searching": true,
+    "ordering": true,
+    "info": true,
+    "autoWidth": false
+  });
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 5d0fd1020..4b8a446a3 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1,67 +1,81 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>Authentication Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Authentication</li>
-    </ol>
-    <script>
-        function ldapSelection() {
-            if (document.getElementById('ldap').checked) {
-                document.getElementById('ldap_openldap_fields').style.display = 'block';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                document.getElementById('ldap_ad_fields').style.display = 'none';
-            } else {
-                document.getElementById('ldap_openldap_fields').style.display = 'none';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                document.getElementById('ldap_ad_fields').style.display = 'block';
-            }
-        }
+  <title>
+    Authentication Settings - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
-        window.onload = function() {
-            ldapSelection();
-        }
-    </script>
-</section>
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>PowerDNS-Admin Settings</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+            <li class="breadcrumb-item">Settings</li>
+            <li class="breadcrumb-item active">Authentication</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
+
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-lg-12">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Authentication Settings</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Authentication Settings</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     {% if result %}
                     <div class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif%} alert-dismissible">
                         <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
                         {{ result['msg'] }}
                     </div>
                     {% endif %}
-                    <!-- Custom Tabs -->
-                    <div class="nav-tabs-custom" id="tabs">
-                        <ul class="nav nav-tabs">
-                            <li class="active"><a href="#tabs-general" data-toggle="tab">General</a></li>
-                            <li><a href="#tabs-ldap" data-toggle="tab">LDAP</a></li>
-                            <li><a href="#tabs-google" data-toggle="tab">Google OAuth</a></li>
-                            <li><a href="#tabs-github" data-toggle="tab">Github OAuth</a></li>
-                            <li><a href="#tabs-azure" data-toggle="tab">Microsoft OAuth</a></li>
-                            <li><a href="#tabs-oidc" data-toggle="tab">OpenID Connect OAuth</a></li>
+                    <div class="nav-tabs-custom">
+                        <ul class="nav nav-tabs" role="tablist">
+                            <li class="nav-item">
+                              <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft OAuth</a>
+                            </li>
+                            <li class="nav-item">
+                              <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID Connect OAuth</a>
+                            </li>
                         </ul>
                         <div class="tab-content">
                             <div class="tab-pane active" id="tabs-general">
                                 <form role="form" method="post">
                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                     <input type="hidden" value="general" name="config_tab" />
+                                    <div class="card-header">
+                                      <h3 class="card-title">Basic Settings</h3>
+                                    </div>
+                                    <div class="card-body">
                                     <div class="form-group">
                                         <input type="checkbox" id="local_db_enabled" name="local_db_enabled" class="checkbox" {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
                                         <label for="local_db_enabled">Local DB Authentication</label>
@@ -70,15 +84,13 @@ <h3 class="box-title">Authentication Settings</h3>
                                         <input type="checkbox" id="signup_enabled" name="signup_enabled" class="checkbox" {% if SETTING.get('signup_enabled') %}checked{% endif %}>
                                         <label for="signup_enabled">Allow users to sign up</label>
                                     </div>
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Save</button>
-                                    </div>
-                                    
+                                    <button type="submit" class="btn btn-primary">Save</button>
+                                  </div>
                                 </form>
                             </div>
                             <div class="tab-pane" id="tabs-ldap">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         {% if error %}
                                                 <div class="alert alert-danger alert-dismissible">
                                                     <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
@@ -239,7 +251,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <dl class="dl-horizontal">
                                             <dt>Enable LDAP Authentication</dt>
@@ -333,7 +345,9 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-google">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
+                                      <div class="card">
+                                        <div class="card-body">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="google" name="config_tab" />
@@ -377,21 +391,29 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                                     <span class="help-block with-errors"></span>
                                                 </div>
                                             </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                            <div class="card-footer">
+                                                <button type="submit" class="btn btn-primary float-right">Save</button>
                                             </div>
                                         </form>
+                                        </div>
+                                      </div>
                                     </div>
-                                    <div class="col-md-8">
-                                        <legend>Help</legend>
-                                        <p>Fill in all the fields in the left form.</p>
-                                        <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
+                                    <div class="col-8">
+                                      <div class="card">
+                                        <div class="card-header">
+                                          <h3 class="card-title">Help</h3>
+                                        </div>
+                                        <div class="card-body">
+                                          <p>Fill in all the fields in the left form.</p>
+                                          <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
+                                        </div>
+                                      </div>
                                     </div>
                                 </div>
                             </div>
                             <div class="tab-pane" id="tabs-github">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="github" name="config_tab" />
@@ -440,7 +462,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -448,7 +470,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-azure">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="azure" name="config_tab" />
@@ -562,7 +584,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                         <p>You first need to define an Application Registration in your Azure Active Directory, with the appropriate HTTPS URL for this endpoint, and with the appropriate rights, as explained in the documentation.</p>
@@ -584,7 +606,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                             </div>
                             <div class="tab-pane" id="tabs-oidc">
                                 <div class="row">
-                                    <div class="col-md-4">
+                                    <div class="col-4">
                                         <form role="form" method="post" data-toggle="validator">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                             <input type="hidden" value="oidc" name="config_tab" />
@@ -671,7 +693,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                             </div>
                                         </form>
                                     </div>
-                                    <div class="col-md-8">
+                                    <div class="col-8">
                                         <legend>Help</legend>
                                         <p>Fill in all the fields in the left form.</p>
                                     </div>
@@ -683,14 +705,31 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
             </div>
         </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 {% assets "js_validation" -%}
   <script type="text/javascript" src="{{ ASSET_URL }}"></script>
 {%- endassets %}
 
 <script>
+            function ldapSelection() {
+                if (document.getElementById('ldap').checked) {
+                    document.getElementById('ldap_openldap_fields').style.display = 'block';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
+                    document.getElementById('ldap_ad_fields').style.display = 'none';
+                } else {
+                    document.getElementById('ldap_openldap_fields').style.display = 'none';
+                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
+                    document.getElementById('ldap_ad_fields').style.display = 'block';
+                }
+            }
+    
+            window.onload = function() {
+                ldapSelection();
+            }
     
     $(function() {
         $('#tabs').tabs({
@@ -1069,16 +1108,13 @@ <h4 class="modal-title">Confirmation</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
-                <button type="button" class="btn btn-flat btn-success" id="button_confirm">Confirm</button>
+                <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
+                <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 
-
 <div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
     <div class="modal-dialog">
         <div class="modal-content">
@@ -1092,13 +1128,9 @@ <h4 class="modal-title">Warning</h4>
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-success" id="button_warning_confirm">Yes I understand</button>
+                <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
-
-
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index d3d0905ea..bb801e38a 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -1,97 +1,116 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>Basic Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Basic</li>
-    </ol>
-</section>
-{% endblock %} {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Basic Settings</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_settings" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Value</th>
-                                <th>Change</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for setting in settings %}
-                            <tr class="odd ">
-                                <td>{{ setting }}</td>
-                                {% if SETTING.get(setting) in [True, False] %}
-                                <td>{{ SETTING.get(setting)|display_setting_state }}</td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning setting-toggle-button"
-                                        id="{{ setting }}">
-                                        Toggle&nbsp;<i class="fa fa-info"></i>
-                                    </button>
-                                </td>
-                                {% else %}
-                                <td><input name="value" id="value" value="{{ SETTING.get(setting) }}"></td>
-                                <td width="6%">
-                                    <button type="button" class="btn btn-flat btn-warning setting-save-button"
-                                        id="{{ setting }}">
-                                        Save&nbsp;<i class="fa fa-info"></i>
-                                    </button>
-                                </td>
-                                {% endif %}
-                            </tr>
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+  <title>
+    Basic Settings - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>Basic</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - Basic</li>
+          </ol>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
+{% endblock %}
+
+{% block content %}
+<section class="content">
+  <div class="container-fluid">
+    <div class="card">
+      <div class="card-header with-border">
+        <h3 class="card-title">Basic Settings</h3>
+      </div>
+      <div class="card-body">
+        <table id="tbl_settings" class="table table-bordered table-striped">
+          <thead>
+            <tr>
+              <th>Setting Name</th>
+              <th>Current Value</th>
+              <th>Action</th>
+            </tr>
+          </thead>
+          <tbody>
+            {% for setting in settings %}
+              <tr class="odd">
+                <td>
+                  {{ setting }}
+                </td>
+                {% if SETTING.get(setting) in [False] %}
+                  <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
+                  <td width="20%">
+                    <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
+                      <i class="fa-solid fa-toggle-on"></i>&nbsp;Turn On
+                    </button>
+                  </td>
+                {% elif SETTING.get(setting) in [True] %}
+                  <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
+                  <td width="20%">
+                    <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
+                      <i class="fa-solid fa-toggle-off"></i>&nbsp;Turn Off
+                    </button>
+                  </td>
+                {% else %}
+                  <td>
+                    <input name="value" id="value" value="{{ SETTING.get(setting) }}">
+                  </td>
+                  <td width="20%">
+                    <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
+                      <i class="fa-solid fa-save"></i>&nbsp;Save
+                    </button>
+                  </td>
+                {% endif %}
+              </tr>
+            {% endfor %}
+          </tbody>
+        </table>
+      </div>
+    </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-    // set up history data table
+  <script>
+    // set up settings table
     $("#tbl_settings").DataTable({
-        "paging": false,
-        "lengthChange": false,
-        "searching": true,
-        "ordering": true,
-        "info": true,
-        "autoWidth": false
+      "paging": false,
+      "lengthChange": false,
+      "searching": true,
+      "ordering": true,
+      "info": true,
+      "autoWidth": false
     });
     $(document.body).on('click', '.setting-toggle-button', function () {
-        var setting = $(this).prop('id');
-        applyChanges({
-            '_csrf_token': '{{ csrf_token() }}'
-        }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
+      var setting = $(this).prop('id');
+      applyChanges({
+        '_csrf_token': '{{ csrf_token() }}'
+      }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
     });
 
     $(document.body).on('click', '.setting-save-button', function () {
-        var setting = $(this).prop('id');
-        var value = $(this).parents('tr').find('#value')[0].value;
-        var postdata = {
-            'value': value,
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
+      var setting = $(this).prop('id');
+      var value = $(this).parents('tr').find('#value')[0].value;
+      var postdata = {
+        'value': value,
+        '_csrf_token': '{{ csrf_token() }}'
+      };
+      applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
     });
-</script>
-{% endblock %}
+  </script>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index 84f86a9c7..c4b894700 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -1,93 +1,110 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>PDNS Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">PDNS</li>
-    </ol>
-</section>
+  <title>
+    PDNS Settings - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>PowerDNS Authoritative Server</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - PowerDNS Authoritative Server</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
 {% block content %}
-<section class="content">
-    <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">PDNS Settings</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" data-toggle="validator">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
-                        <div class="alert alert-danger alert-dismissible">
-                            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                            Please complete your PowerDNS API configuration before continuing
-                        </div>
-                        {% endif %}
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_api_url">PDNS API URL</label>
-                            <input type="url" class="form-control" placeholder="PowerDNS API url" name="pdns_api_url"
-                                data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_api_key">PDNS API KEY</label>
-                            <input type="password" class="form-control" placeholder="PowerDNS API key"
-                                name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
-                                value="{{ pdns_api_key }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                        <div class="form-group has-feedback">
-                            <label class="control-label" for="pdns_version">PDNS VERSION</label>
-                            <input type="text" class="form-control" placeholder="PowerDNS version" name="pdns_version"
-                                data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
-                            <span class="help-block with-errors"></span>
-                        </div>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
-                    </div>
-                </form>
+  <section class="content">
+    <div class="container-fluid">
+      <div class="row">
+        <div class="col-4">
+          <div class="card shadow card-outline card-secondary">
+            <div class="card-header">
+              <h3 class="card-title">PDNS Settings</h3>
             </div>
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help</h3>
+            <form role="form" method="post" data-toggle="validator">
+              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+              <div class="card-body">
+                {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
+                  <div class="alert alert-danger alert-dismissible">
+                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                    <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                    Please complete your PowerDNS API configuration before continuing
+                  </div>
+                {% endif %}
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_api_url">PowerDNS API URL</label>
+                  <input type="url" class="form-control" placeholder="PowerDNS API URL" name="pdns_api_url"
+                  data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
+                  <span class="help-block with-errors"></span>
+                </div>
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_api_key">PowerDNS API Key</label>
+                  <input type="password" class="form-control" placeholder="PowerDNS API Key"
+                  name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
+                  value="{{ pdns_api_key }}">
+                  <span class="help-block with-errors"></span>
                 </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <p>You must configure the API connection information before PowerDNS-Admin can query your
-                            PowerDNS data. Following fields are required:</p>
-                        <dt>PDNS API URL</dt>
-                        <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
-                        <dt>PDNS API KEY</dt>
-                        <dd>Your PowerDNS API key.</dd>
-                        <dt>PDNS VERSION</dt>
-                        <dd>Your PowerDNS version number (eg. 4.1.1).</dd>
-                    </dl>
-                    <p>Find more details at <a
-                            href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
-                    </p>
+                <div class="form-group has-feedback">
+                  <label class="control-label" for="pdns_version">PowerDNS Version</label>
+                  <input type="text" class="form-control" placeholder="PowerDNS Version" name="pdns_version"
+                  data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
+                  <span class="help-block with-errors"></span>
                 </div>
+              </div>
+              <div class="card-footer">
+                <button type="submit" class="btn btn-primary float-right">
+                  <i class="fa-solid fa-save"></i>&nbsp;Save
+                </button>
+              </div>
+            </form>
+          </div>
+        </div>
+        <div class="col-8">
+          <div class="card shadow card-outline card-secondary">
+            <div class="card-header">
+              <h3 class="card-title">Help</h3>
+            </div>
+            <div class="card-body">
+              <dl class="dl-horizontal">
+                <p>You must configure the API connection information before PowerDNS-Admin can query your
+                  PowerDNS data. Following fields are required:</p>
+                <dt>PowerDNS API URL</dt>
+                <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
+                <dt>PowerDNS API Key</dt>
+                <dd>Your PowerDNS API key.</dd>
+                <dt>PowerDNS Version</dt>
+                <dd>Your PowerDNS version number (eg. 4.7.0).</dd>
+              </dl>
+              <p>Find more details at
+                <a href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
+              </p>
             </div>
+          </div>
         </div>
+      </div>
     </div>
-</section>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
-{% assets "js_validation" -%}
-<script type="text/javascript" src="{{ ASSET_URL }}"></script>
-{%- endassets %}
+  {% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+  {%- endassets %}
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_setting_records.html b/powerdnsadmin/templates/admin_setting_records.html
index b4c920bc0..3fea6a52f 100644
--- a/powerdnsadmin/templates/admin_setting_records.html
+++ b/powerdnsadmin/templates/admin_setting_records.html
@@ -1,83 +1,101 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_settings" %}
+
 {% block title %}
-<title>DNS Records Settings - {{ SITE_NAME }}</title>
-{% endblock %} {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Settings <small>PowerDNS-Admin settings</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li><a href="#">Setting</a></li>
-        <li class="active">Records</li>
-    </ol>
-</section>
+  <title>
+    DNS Records Settings - {{ SITE_NAME }}
+  </title>
 {% endblock %}
+
+{% block dashboard_stat %}
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Settings
+            <small>Records</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Settings - Records </li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
+{% endblock %}
+
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-5">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">DNS record Settings</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <input type="hidden" name="create" value="{{ create }}">
-                    <div class="box-body">
-                        <table class="table table-bordered">
-                            <tr>
-                                <th style="width: 10px">#</th>
-                                <th style="width: 40px">Record</th>
-                                <th>Forward Zone</th>
-                                <th>Reverse Zone</th>
-                            </tr>
-                            {% for record in f_records %}
-                            <tr>
-                                <td>{{ loop.index }}</td>
-                                <td>{{ record }}</td>
-                                <td>
-                                    <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
-                                        class="checkbox" {% if f_records[record] %}checked{% endif %}>
-                                </td>
-                                <td>
-                                    <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
-                                        class="checkbox" {% if r_records[record] %}checked{% endif %}>
-                                </td>
-                            </tr>
-                            {% endfor %}
-                        </table>
-                    </div>
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Update</button>
-                    </div>
-                </form>
+      <div class="col-5">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">DNS record Settings</h3>
+          </div>
+          <form role="form" method="post">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <input type="hidden" name="create" value="{{ create }}">
+            <div class="card-body">
+              <table class="table table-bordered">
+                <tr>
+                  <th style="width: 10px">#</th>
+                  <th style="width: 40px">Record</th>
+                  <th>Forward Zone</th>
+                  <th>Reverse Zone</th>
+                </tr>
+                {% for record in f_records %}
+                  <tr>
+                    <td>{{ loop.index }}</td>
+                    <td>{{ record }}</td>
+                    <td>
+                      <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
+                      class="checkbox" {% if f_records[record] %}checked{% endif %}>
+                    </td>
+                    <td>
+                      <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
+                      class="checkbox" {% if r_records[record] %}checked{% endif %}>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </table>
             </div>
-        </div>
-        <div class="col-md-7">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help</h3>
-                </div>
-                <div class="box-body">
-                    <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
-                        <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
-                        full list of supported record types.</p>
-                </div>
+            <div class="card-footer">
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Save
+              </button>
             </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-7">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Help</h3>
+          </div>
+          <div class="card-body">
+            <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
+              <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
+              full list of supported record types.
+            </p>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     $('.checkbox').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        increaseArea: '20%'
+      checkboxClass: 'icheckbox_square-blue',
+      increaseArea: '20%'
     })
-</script>
+  </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 35bfc51b3..54bb019bf 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -1,38 +1,62 @@
 <!DOCTYPE html>
-<html>
+<html lang="en" class>
 <head>
   {% block head %}
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  {% block title %}<title>{{ SITE_NAME }}</title>{% endblock %}
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
-  <!--  Get Google Fonts we like -->
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
-  <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  <!-- Tell Safari to not recognise telephone numbers -->
-  <meta name="format-detection" content="telephone=no">
-  {% assets "css_main" -%}
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    {% block title %}
+      <title>
+        {{ SITE_NAME }}
+      </title>
+    {% endblock %}
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
+    <!--  Get Google Fonts we like -->
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
+    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <!-- Tell Safari to not recognise telephone numbers -->
+    <meta name="format-detection" content="telephone=no">
+    {% assets "css_main" -%}
       <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-{% if SETTING.get('custom_css') %}
-  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-{% endif %}
+    {%- endassets %}
+    {% if SETTING.get('custom_css') %}
+      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+    {% endif %}
   {% endblock %}
 </head>
-<body class="hold-transition skin-blue sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
-{% set user_image_url = url_for('user.image', username=current_user.username) %}
-<div class="wrapper">
+
+<body class="hold-transition sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
+  {% set user_image_url = url_for('user.image', username=current_user.username) %}
+  <div class="wrapper">
   {% block pageheader %}
-  <header class="main-header">
+    <nav class="main-header navbar navbar-expand navbar-white navbar-light">
+      <!-- Header Navbar: style can be found in header.less -->
+      <!-- Sidebar toggle button-->
+      <ul class="navbar-nav">
+        <li class="nav-item">
+          <a class="nav-link" data-widget="pushmenu" href="#" role="button">
+            <i class="fa-solid fa-bars"></i>
+          </a>
+        </li>
+      </ul>
+        <ul class="navbar-nav ml-auto">
+        <li class="nav-item">
+          <a class="nav-link" data-widget="fullscreen" href="#" role="button">
+            <i class="fa-solid fa-expand-arrows-alt"></i>
+          </a>
+        </li>
+      </ul>
+    </nav>
+
+  {% endblock %}
+  <!-- Left side column. contains the logo and sidebar -->
+  <aside class="main-sidebar sidebar-dark-primary">
     <!-- Logo -->
-    <a href="{{ url_for('index.index') }}" class="logo">
-      <!-- mini logo for sidebar mini 50x50 pixels -->
-      <span class="logo-mini"><b>PD</b>A</span>
-      <!-- logo for regular state and mobile devices -->
-      <span class="logo-lg">
+    <a href="{{ url_for('index.index') }}" class="brand-link">
+      <img src="{{ url_for('static', filename='img/favicon.png') }}" alt="PowerDNS-Admin FavIcon" class="brand-image img-circle elevation-3" style="opacity: .8">
+      <span class="brand-text font-weight-light">
         {% if SETTING.get('site_name') %}
           <b>{{ SITE_NAME }}</b>
         {% else %}
@@ -40,128 +64,147 @@
         {% endif %}
       </span>
     </a>
-    <!-- Header Navbar: style can be found in header.less -->
-    <nav class="navbar navbar-static-top">
-      <!-- Sidebar toggle button-->
-      <a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button">
-        <span class="sr-only">Toggle navigation</span>
-      </a>
-
-      <div class="navbar-custom-menu">
-        {% if current_user.id is defined %}
-        <ul class="nav navbar-nav">
-          <!-- User Account: style can be found in dropdown.less -->
-          <li class="dropdown user user-menu">
-            <a href="#" class="dropdown-toggle" data-toggle="dropdown">
-              <img src="{{ user_image_url }}" class="user-image" alt="User Image"/>
-              <span class="hidden-xs">
-                {{ current_user.firstname }}
-              </span>
-            </a>
-            <ul class="dropdown-menu">
-                <li class="user-header">
-                  <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
-                  <p>
-                    {{ current_user.firstname }} {{ current_user.lastname }}
-                    <small>{{ current_user.role.name }}</small>
-                  </p>
-                </li>
-
-              <!-- Menu Footer-->
-              <li class="user-footer">
-                <div class="pull-left">
-                  <a href="{{ url_for('user.profile') }}" class="btn btn-flat btn-primary">My Profile</a>
-                </div>
-                <div class="pull-right">
-                  <a href="{{ url_for('index.logout') }}" class="btn btn-flat btn-warning">Log out</a>
-                </div>
-              </li>
-            </ul>
-          </li>
-        </ul>
-        {% endif %}
-      </div>
-    </nav>
-  </header>
-  {% endblock %}
-  <!-- Left side column. contains the logo and sidebar -->
-  <aside class="main-sidebar">
     <!-- sidebar: style can be found in sidebar.less -->
-    <section class="sidebar">
+    <div class="sidebar">
     {% if current_user.id is defined %}
-      <div class="user-panel">
-        <div class="pull-left image">
-          <img src="{{ user_image_url }}" class="img-circle" alt="User Image"/>
+      <div class="user-panel mt-3 pb-3 mb-3 d-flex">
+        <div class="image">
+          <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
         </div>
-        <div class="pull-left info">
-          <p>{{ current_user.firstname }} {{ current_user.lastname }}</p>
-          <a href="#"><i class="fa fa-circle text-success"></i> Logged In</a>
+        <div class="info">
+          <a href="{{ url_for('user.profile') }}" class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
         </div>
       </div>
       <!-- sidebar menu: : style can be found in sidebar.less -->
-      <ul class="sidebar-menu" data-widget="tree">
-        <li class="header">USER ACTIONS</li>
-        <li class="{{ 'active' if active_page == 'dashboard' else '' }}">
-          <a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> <span>Dashboard</span></a>
+      <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
+        <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
+          <a href="{{ url_for('user.profile') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-user"></i>
+            <p>Profile</p>
+          </a>
+        </li>
+        <li class="nav-item">
+          <a href="{{ url_for('index.logout') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
+            <p>Logout</p>
+          </a>
+        </li>
+        <li class="nav-header">Zone Management</li>
+        <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
+          <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-tachometer-alt"></i>
+            <p>Dashboard</p>
+          </a>
         </li>
         {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'active' if active_page == 'new_domain' else '' }}">
-          <a href="{{ url_for('domain.add') }}"><i class="fa fa-plus"></i> <span>New Domain</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
+          <a href="{{ url_for('domain.add') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-plus"></i>
+            <p>New Domain</p>
+          </a>
         </li>
         {% endif %}
         {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'active' if active_page == 'remove_domain' else '' }}">
-          <a href="{{ url_for('domain.remove') }}"><i class="fa fa-trash-o"></i> <span>Remove Domain</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
+          <a href="{{ url_for('domain.remove') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-trash-alt"></i>
+            <p>Remove Domain</p>
+          </a>
         </li>
         {% endif %}
         {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="header">ADMINISTRATION</li>
-        <li class="{{ 'active' if active_page == 'admin_console' else '' }}">
-          <a href="{{ url_for('admin.pdns_stats') }}"><i class="fa fa-info-circle"></i> <span>PDNS</span></a>
+        <li class="nav-header">Administration</li>
+        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
+          <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-info-circle"></i>
+            <p>PowerDNS Info</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_global_search' else '' }}">
-          <a href="{{ url_for('admin.global_search') }}"><i class="fa fa-search"></i> <span>Global Search</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+          <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-search"></i>
+            <p>Global Search</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
-          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+          <a href="{{ url_for('admin.history') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-calendar-alt"></i>
+            <p>History</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_domain_template' else '' }}">
-          <a href="{{ url_for('admin.templates') }}"><i class="fa fa-clone"></i> <span>Domain Templates</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
+          <a href="{{ url_for('admin.templates') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-clone"></i>
+            <p>Domain Templates</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_accounts' else '' }}">
-          <a href="{{ url_for('admin.manage_account') }}"><i class="fa fa-industry"></i> <span>Accounts</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-industry"></i>
+            <p>Accounts</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_users' else '' }}">
-          <a href="{{ url_for('admin.manage_user') }}"><i class="fa fa-users"></i> <span>Users</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-users"></i>
+            <p>Users</p>
+          </a>
         </li>
-        <li class="{{ 'active' if active_page == 'admin_keys' else '' }}">
-          <a href="{{ url_for('admin.manage_keys') }}"><i class="fa fa-key"></i> <span>API Keys</span></a>
+        <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
+          <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-key"></i>
+            <p>API Keys</p>
+          </a>
         </li>
-        <li class="{{ 'treeview active' if active_page == 'admin_settings' else 'treeview' }}">
-          <a href="#">
-            <i class="fa fa-cog"></i> <span>Settings</span>
-            <span class="pull-right-container">
-              <i class="fa fa-angle-left pull-right"></i>
-            </span>
+        <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
+          <a href="#" class="nav-link">
+            <i class="nav-icon fa-solid fa-cog"></i>
+            <p>
+              Settings
+              <i class="right fa-solid fa-angle-left"></i>
+            </p>
           </a>
-          <ul class="treeview-menu" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
-            <li><a href="{{ url_for('admin.setting_basic') }}"><i class="fa fa-circle-o"></i></i> <span>Basic</span></a></li>
-            <li><a href="{{ url_for('admin.setting_records') }}"><i class="fa fa-circle-o"></i> <span>Records</span></a></li>
+          <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
+            <li class="nav-item">
+              <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
+                <i class="nav-icon fa-solid fa-circle"></i>
+                <p>Basic</p>
+              </a>
+            </li>
+            <li class="nav-item">
+              <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
+                <i class="nav-icon fa-solid fa-circle"></i>
+                <p>Records</p>
+              </a>
+            </li>
             {% if current_user.role.name == 'Administrator' %}
-            <li><a href="{{ url_for('admin.setting_pdns') }}"><i class="fa fa-circle-o"></i> <span>PDNS</a></li>
-            <li><a href="{{ url_for('admin.setting_authentication') }}"><i class="fa fa-circle-o"></i> <span>Authentication</span></a></li>
+              <li class="nav-item">
+                <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
+                  <i class="nav-icon fa-solid fa-circle"></i>
+                  <p>PowerDNS Connection</p>
+                </a>
+              </li>
+              <li class="nav-item">
+                <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
+                  <i class="nav-icon fa-solid fa-circle"></i>
+                  <p>Authentication</p>
+                </a>
+              </li>
             {% endif %}
           </ul>
         </li>
         {% elif SETTING.get('allow_user_view_history') %}
-        <li class="header">ADMINISTRATION</li>
-        <li class="{{ 'active' if active_page == 'admin_history' else '' }}">
-          <a href="{{ url_for('admin.history') }}"><i class="fa fa-calendar"></i> <span>History</span></a>
+        <li class="nav-header">Administration</li>
+        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+          <a href="{{ url_for('admin.history') }}" class="nav-link">
+            <i class="nav-icon fa-solid fa-calendar-alt"></i>
+            <p>History</p>
+          </a>
         </li>
         {% endif %}
       </ul>
     {% endif %}
-    </section>
+    </div>
     <!-- /.sidebar -->
   </aside>
 
@@ -169,16 +212,24 @@
   <div class="content-wrapper">
     {% block dashboard_stat %}
     <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        Dashboard
-        <small>Control panel</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Dashboard</li>
-      </ol>
-    </section>
+    <div class="content-header">
+      <div class="container-fluid">
+        <div class="row mb-2">
+          <div class="col-sm-6">
+            <h1 class="m-0 text-dark">
+              Dashboard
+              <small>Control panel</small>
+            </h1>
+          </div>
+          <div class="col-sm-6">
+            <ol class="breadcrumb float-sm-right">
+              <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+              <li class="breadcrumb-item active">Dashboard</li>
+            </ol>
+          </div>
+        </div>
+      </div>
+    </div>
     {% endblock %}
     {% block content %}
     {% endblock %}
@@ -312,49 +363,43 @@ <h1>
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <button type="button" class="close" data-dismiss="modal"
-          aria-label="Close">
+        <h4 class="modal-title">Error</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
-        <h4 class="modal-title">Error</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-default pull-right"
-          data-dismiss="modal">Close</button>
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
       </div>
     </div>
-    <!-- /.modal-content -->
   </div>
-  <!-- /.modal-dialog -->
 </div>
 <!-- /.modal -->
 <div class="modal fade modal-success" id="modal_success">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
-        <button type="button" class="close" data-dismiss="modal"
-          aria-label="Close">
+        <h4 class="modal-title">Success</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
           <span aria-hidden="true">&times;</span>
         </button>
-        <h4 class="modal-title">Success</h4>
       </div>
       <div class="modal-body">
         <p></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-default pull-right"
-          data-dismiss="modal">Close</button>
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
       </div>
     </div>
-    <!-- /.modal-content -->
   </div>
-  <!-- /.modal-dialog -->
 </div>
-<!-- /.modal -->
-<!-- /.session-warning-modal -->
 <div class="modal fade modal-warning" data-backdrop="static" id="modal_session_warning">
   <div class="modal-dialog">
     <div class="modal-content">
@@ -367,19 +412,18 @@ <h3><span id="modal-time"></span></h3>
         <p>To coninue your ssession, select <strong>Stay Signed In</strong></p>
       </div>
       <div class="modal-footer">
-        <button type="button" class="btn btn-flat btn-danger pull-left button_stay_signed_in"
-          data-dismiss="modal">Stay Signed In</button>
-        <button type="button" class="btn btn-flat btn-default pull-right button_sign_out"
-          data-dismiss="modal">Sign Out</button>
+        <button type="button" class="btn btn-success float-right button_stay_signed_in" data-dismiss="modal">
+          Stay Signed In
+        </button>
+        <button type="button" class="btn btn-danger float-left button_sign_out" data-dismiss="modal">
+          Sign Out
+        </button>
       </div>
     </div>
-    <!-- /.session-warning-modal-content -->
   </div>
-  <!-- /.session-warning-modal-dialog -->
 </div>
-<!-- /.session-warning-modal -->
 {% endblock %}
 {% block modals %}
 {% endblock %}
 </body>
-</html>
+</html>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 0e5b3b568..ddf369715 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -1,191 +1,217 @@
 {% extends "base.html" %}
+
 {% set active_page = "dashboard" %}
-{% block title %}<title>Dashboard - {{ SITE_NAME }}</title>{% endblock %}
 
+{% block title %}
+  <title>
+    Dashboard - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        Dashboard
-        <small>Info</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Dashboard</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Dashboard
+            <small>Info</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
- <!-- Main content -->
-    <section class="content">
+  <section class="content">
+    <div class="container-fluid">
       {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-      <div class="row">
-        <div class="col-xs-3">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Statistics</h3>
-                </div>
-                <div class="box-body">
-                  <div class="row">
-                  <div class="col-lg-6">
-                      <!-- small box -->
-                      <div class="small-box bg-aqua">
-                        <div class="inner">
-                          <h3>{{ domain_count }}</h3>
-                          <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
-                        </div>
-                        <div class="icon">
-                          <i class="fa fa-book"></i>
-                        </div>
+        <div class="row">
+          <div class="col-3">
+            <div class="card">
+              <div class="card-header">
+                <h3 class="card-title">Statistics</h3>
+              </div>
+              <div class="card-body">
+                <div class="row">
+                  <div class="col-6">
+                    <!-- small box -->
+                    <div class="small-box bg-info">
+                      <div class="inner">
+                        <h3>{{ domain_count }}</h3>
+                        <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
+                      </div>
+                      <div class="icon">
+                        <i class="fa-solid fa-book"></i>
                       </div>
                     </div>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-lg-6">
+                  </div>
+                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-6">
                       <a href="{{ url_for('admin.manage_user') }}">
-                      <div class="small-box bg-green">
-                        <div class="inner">
-                          <h3>{{ user_num }}</h3>
-                          <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
-                        </div>
-                        <div class="icon">
-                          <i class="fa fa-users"></i>
+                        <div class="small-box bg-green">
+                          <div class="inner">
+                            <h3>{{ user_num }}</h3>
+                            <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
+                          </div>
+                          <div class="icon">
+                            <i class="fa-solid fa-users"></i>
+                          </div>
                         </div>
-                      </div>
                       </a>
                     </div>
-                    {% endif %}
-                    </div>
-                    <div class="row">
-                    <div class="col-lg-6">
-                      <a href="{{ url_for('admin.history') }}">
+                  {% endif %}
+                </div>
+                <div class="row">
+                  <div class="col-6">
+                    <a href="{{ url_for('admin.history') }}">
                       <div class="small-box bg-green">
                         <div class="inner">
                           <h3>{{ history_number }}</h3>
                           <p>{% if history_number > 1 %}Histories{% else %}History{% endif %}</p>
                         </div>
                         <div class="icon">
-                          <i class="fa fa-calendar"></i>
+                          <i class="fa-solid fa-calendar"></i>
                         </div>
                       </div>
-                      </a>
-                    </div>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-lg-6">
+                    </a>
+                  </div>
+                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <div class="col-6">
                       <a href="{{ url_for('admin.pdns_stats') }}">
-                      <div class="small-box bg-green">
-                        <div class="inner">
-                          <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
-                          <p>Uptime</p>
-                        </div>
-                        <div class="icon">
-                          <i class="fa fa-clock-o"></i>
+                        <div class="small-box bg-green">
+                          <div class="inner">
+                            <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
+                            <p>Uptime</p>
+                          </div>
+                          <div class="icon">
+                            <i class="fa-solid fa-clock"></i>
+                          </div>
                         </div>
-                      </div>
                       </a>
                     </div>
-                    {% endif %}
-                    </div>
+                  {% endif %}
                 </div>
+              </div>
             </div>
-        </div>
-        <div class="col-xs-9">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Recent History</h3>
-                </div>
-                <div class="box-body">
-                    <table id="tbl_history" class="table table-bordered table-striped">
-                    <thead>
+          </div>
+          <div class="col-9">
+            <div class="card">
+              <div class="card-header">
+                <h3 class="card-title">Recent History</h3>
+              </div>
+              <div class="card-body">
+                <table id="tbl_history" class="table table-bordered table-striped">
+                  <thead>
                     <tr>
                       <th>Changed By</th>
                       <th>Content</th>
                       <th>Time</th>
                       <th>Detail</th>
                     </tr>
-                    </thead>
-                    <tbody>
+                  </thead>
+                  <tbody>
                     {% for history in histories %}
                       <tr class="odd">
-                          <td>{{ history.history.created_by }}</td>
-                          <td>{{ history.history.msg }}</td>
-                          <td>{{ history.history.created_on }}</td>
-                          <td width="6%">
-                            <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                                {{ history.detailed_msg | safe }}
-                                {% if history.change_set %}
-                                <div class="content">
-                                    <div id="change_index_definition"></div>
-                                    {% call applied_change_macro.applied_change_template(history.change_set) %}
-                                    {% endcall %}
-                                </div>
-                                {% endif %}
-                            </div>
-                            <button type="button" class="btn btn-flat btn-primary history-info-button"
-                                {% if history.detailed_msg == "" and history.change_set is none %}
-                                style="visibility: hidden;"
-                                {% endif %} value="{{ loop.index0 }}">Info&nbsp;<i class="fa fa-info"></i>
-                            </button>
-                          </td>
+                        <td>{{ history.history.created_by }}</td>
+                        <td>{{ history.history.msg }}</td>
+                        <td>{{ history.history.created_on }}</td>
+                        <td width="6%">
+                          <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+                            {{ history.detailed_msg | safe }}
+                            {% if history.change_set %}
+                              <div class="content">
+                                <div id="change_index_definition"></div>
+                                {% call applied_change_macro.applied_change_template(history.change_set) %}
+                                {% endcall %}
+                              </div>
+                            {% endif %}
+                          </div>
+                          <button type="button" class="btn btn-sm btn-primary history-info-button"
+                            {% if history.detailed_msg == "" and history.change_set is none %}
+                              style="visibility: hidden;"
+                            {% endif %} value="{{ loop.index0 }}">
+                            <i class="fa-solid fa-info-circle"></i>&nbsp;Info
+                          </button>
+                        </td>
                       </tr>
                     {% endfor %}
-                    </tbody>
-                  </table>
-                </div>
+                  </tbody>
+                </table>
+              </div>
             </div>
+          </div>
         </div>
-      </div>
       {% endif %}
-
-<!--SYBPATCH START-->
-        <div class="nav-tabs-custom">
-            <ul class="nav nav-tabs">
-                <li class="active"><a href="#tab_{{custom_boxes.order[0]}}" data-toggle="tab">Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b></a></li>
-            {% for boxId in custom_boxes.order[1:] %}
-                <li><a href="#tab_{{boxId}}" data-toggle="tab">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></a></li>
-            {% endfor %}
-            </ul>
-            <div class="tab-content">
-            {% for boxId in custom_boxes.order %}
-              <div class="tab-pane" id='tab_{{boxId}}'>
-                  <div class="row">
-                    <div class="col-xs-12">
-                      <div class="box">
-                        <div class="box-header">
-                            <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>{% if show_bg_domain_button %}<button type="button" class="btn btn-flat btn-primary refresh-bg-button pull-right"><i class="fa fa-refresh"></i> Sync domains </button>{% endif %}
-                        </div>
-                        <div class="box-body">
-                          <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
-                            <thead>
-                            <tr>
-                              <th>Name</th>
-                              <th>DNSSEC</th>
-                              <th>Type</th>
-                              <th>Serial</th>
-                              <th>Master</th>
-                              <th>Account</th>
-                              <th {% if current_user.role.name not in ['Administrator','Operator'] %}width="6%"{% else %}width="25%"{% endif %}>Action</th>
-                            </tr>
-                            </thead>
-                            <tbody>
-                            </tbody>
-                          </table>
-                        </div>
-                      </div>
-                    </div>
+      <div class="row">
+        <div class="col-12">
+          <div class="card">
+            <div class="card-header">
+              <div class="nav-tabs-custom">
+                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
+                  <li class="nav-item">
+                    <a class="nav-link active" href="#tab_{{custom_boxes.order[0]}}" data-toggle="pill" role="tab">
+                      Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
+                    </a>
+                  </li>
+                  {% for boxId in custom_boxes.order[1:] %}
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
+                  </li>
+                  {% endfor %}
+                </ul>
+              </div>
+            </div>
+            <div class="card-body">
+              <div class="tab-content">
+                {% for boxId in custom_boxes.order %}
+                <div class="tab-pane fade show" id='tab_{{boxId}}'>
+                  <div class="card-header">
+                    <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
+                    {% if show_bg_domain_button %}
+                    <button type="button" class="btn btn-primary refresh-bg-button float-right">
+                      <i class="fa-solid fa-sync"></i>
+                      &nbsp;Sync Domains
+                    </button>
+                    {% endif %}
+                  </div>
+                  <div class="card-body">
+                    <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
+                      <thead>
+                        <tr>
+                          <th>Name</th>
+                          <th>DNSSEC</th>
+                          <th>Type</th>
+                          <th>Serial</th>
+                          <th>Primary</th>
+                          <th>Account</th>
+                          <th>Actions</th>
+                        </tr>
+                      </thead>
+                      <tbody>
+                      </tbody>
+                    </table>
                   </div>
+                </div>
+                {% endfor %}
               </div>
-            {% endfor %}
-            </div><!-- /.tab-content -->
-        </div><!-- custom tabs -->
-<!--SYBPATCH END-->
+            </div>
+          </div>
 
-    </section>
-    <!-- /.content -->
+        </div>
+      </div>
+    </div>
+  </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
 //SYBPATCH START//
@@ -230,7 +256,7 @@ <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h
         "searching" : false,
         "ordering" : false,
         "info" : false,
-        "autoWidth" : false,
+        "autoWidth" : true,
         "columnDefs": [
             {
                 "render": function ( data, type, row ) {
@@ -281,118 +307,112 @@ <h3 class="box-title">Hosted Domains  <b>{{custom_boxes.boxes[boxId][0]}}</b></h
     });
 
     {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
-    $(document.body).on("click", ".button_dnssec", function() {
+      $(document.body).on("click", ".button_dnssec", function() {
         var domain = $(this).prop('id');
         getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
-    });
+      });
 
-    $(document.body).on("click", ".button_dnssec_enable", function() {
+      $(document.body).on("click", ".button_dnssec_enable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
+      });
 
-    });
-
-    $(document.body).on("click", ".button_dnssec_disable", function() {
+      $(document.body).on("click", ".button_dnssec_disable", function() {
         var domain = $(this).prop('id');
         enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
-
-    });
+      });
     {% endif %}
 </script>
 {% endblock %}
+
 {% block modals %}
 <div class="modal fade" id="modal_history_info">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">History Details</h4>
-            </div>
-            <div class="modal-body">
-              <div id="modal-info-content"></div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">History Details</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <div id="modal-info-content">
         </div>
-        <!-- /.modal-content -->
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
+
 <div class="modal fade modal-primary" id="modal_template">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Clone to template</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    id="button_close" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Clone to template</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" id="button_close" data-dismiss="modal">
+          Close
+        </button>
+        <button type="button" class="btn btn-primary float-right" id="button_save">
+          Save
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
-<!-- /.modal -->
+
 <div class="modal fade" id="modal_dnssec_info">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">DNSSEC</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">DNSSEC</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
-<!-- /.modal -->
-<div class="modal fade" id="modal_bg_reload">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Sync domains from nameserver</h4>
-            </div>
-            <div class="modal-body">
 
-                <div class="overlay">
-                  <div id="modal_bg_reload_content"><i class="fa fa-refresh fa-spin"></i> Update in progress ..</div>
-                </div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-right"
-                    data-dismiss="modal">Close</button>
-            </div>
+<div class="modal fade" id="modal_bg_reload">
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Sync Domains from backend</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <div id="modal_bg_reload_content">
+          <i class="fa fa-refresh fa-spin"></i> Update in progress ..
         </div>
-        <!-- /.modal-content -->
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+          Close
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index 4244c825e..a7df38cde 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -4,9 +4,9 @@
 
 {% macro dnssec(domain) %}
   {% if domain.dnssec %}
-  <td><span style="cursor:pointer" class="label label-success button_dnssec" id="{{ domain.name }}"><i class="fa fa-lock"></i>&nbsp;Enabled</span></td>
+  <td><span style="cursor:pointer" class="badge badge-success button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock"></i>&nbsp;Enabled</span></td>
   {% else %}
-  <td><span style="cursor:pointer" class="label label-primary button_dnssec" id="{{ domain.name }}"><i class="fa fa-unlock-alt"></i>&nbsp;Disabled</span></td>
+  <td><span style="cursor:pointer" class="badge badge-danger button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock-open"></i>&nbsp;Disabled</span></td>
   {% endif %}
 {% endmacro %}
 
@@ -29,31 +29,51 @@
 {% endmacro %}
 
 {% macro actions(domain) %}
-  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-    <td width="25%">
-      <button type="button" class="btn btn-flat btn-success button_template" id="{{ domain.name }}">
-        Template&nbsp;<i class="fa fa-clone"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-        Manage&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-        Admin&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-      </button>
-    </td>
-    {% else %}
-    <td width="6%">
-      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-        Manage&nbsp;<i class="fa fa-cog"></i>
-      </button>
-      {% if allow_user_view_history %}
-      <button type="button" class="btn btn-flat btn-primary" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-      </button>
-      {% endif %}
-    </td>
-  {% endif %}  
+<td width="6%">
+  <div class="dropdown">
+    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+      <i class="fa-solid fa-bars"></i>&nbsp;Actions
+    </button>
+    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+      {% if current_user.role.name in ['Administrator', 'Operator'] %}
+        <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
+          <i class="fa-solid fa-clone"></i>&nbsp;Clone to Template
+        </button>
+        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
+        </button>
+        <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+          <i class="fa-solid fa-cog"></i>&nbsp;Admin Settings
+        </button>
+        <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+          <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
+        </button>
+        <div class="dropdown-divider"></div>
+        <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
+          <font color="red">
+            <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
+          </font>
+        </button>
+       </div>
+      {% else %}
+        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
+        </button>
+        {% if allow_user_view_history %}
+          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+            <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
+          </button>
+        {% endif %}
+        {% if allow_user_remove_domain %}
+          <div class="dropdown-divider"></div>
+          <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
+            <font color="red">
+              <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
+            </font>
+          </button>
+        {% endif %}
+      {% endif %}  
+    </div>
+  </div>
+</td>
 {% endmacro %}
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index f61696733..4cd1c1544 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -1,133 +1,137 @@
 {% extends "base.html" %}
-{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Manage domain: <b>{{ domain.name | pretty_domain_name }}</b>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
-                class="fa fa-dashboard"></i> Home</a></li>
-        <li>Domain</li>
-        <li class="active">{{ domain.name | pretty_domain_name }}</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain: <b>{{ domain.name | pretty_domain_name }}</b>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain: {{ domain.name | pretty_domain_name }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-body">
-                    {% if domain.type != 'Slave' %}
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ domain.name }}">
-                        Add Record&nbsp;<i class="fa fa-plus"></i>
-                    </button>
-                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
-                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
-                    </button>
-                    {% else %}
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_update_from_master" id="{{ domain.name }}">
-                        Update from Master&nbsp;<i class="fa fa-download"></i>
-                    </button>
-                    {% endif %}
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary pull-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-                        Admin&nbsp;<i class="fa fa-cog"></i>
-                      </button>
-                    {% endif %}
+      <div class="col-12">
+        <div class="card">
+          <div class="card-header">
+            {% if domain.type != 'Slave' %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_add_record" id="{{ domain.name }}">
+                <i class="fa-solid fa-plus"></i>
+                &nbsp;Add Record
+              </button>
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
+                <i class="fa-solid fa-save"></i>
+                &nbsp;Apply Changes
+              </button>
+            {% else %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_update_from_primary" id="{{ domain.name }}">
+                <i class="fa-solid fa-sync"></i>
+                &nbsp;Update from Primary
+              </button>
+            {% endif %}
+            {% if current_user.role.name in ['Administrator', 'Operator'] %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+                <i class="fa-solid fa-toolbox"></i>
+                &nbsp;Admin
+              </button>
+            {% endif %}
+            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary button_changelog" id="{{ domain.name }}">
+                <i class="fa-solid fa-history" aria-hidden="true"></i>
+                &nbsp;Changelog
+              </button>
+            {% endif %}
+          </div>
+          <div class="card-body">
+            <table id="tbl_records" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Type</th>
+                  <th>Status</th>
+                  <th>TTL</th>
+                  <th>Data</th>
+                  {% if domain.type != 'Slave' %}
+                    <th>Comment</th>
+                    <th>Edit</th>
+                    <th>Delete</th>
                     {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                    <button type="button" style="position: relative; margin-left: 20px" class="btn btn-flat btn-primary button_changelog" id="{{ domain.name }}">
-                        Changelog&nbsp;<i class="fa fa-history" aria-hidden="true"></i>
-                    </i>
-                    </button>
+                      <th >Changelog</th>
+                    {% endif %}
+                  {% else %}
+                    <th>Invisible Sorting Column</th>
+                  {% endif %}
+                </tr>
+              </thead>
+              <tbody>
+                {% for record in records %}
+                  <tr class="odd row_record" id="{{ domain.name }}">
+                    <td>{{ (record.name,domain.name) | display_record_name | pretty_domain_name }}</td>
+                    <td>{{ record.type }}</td>
+                    <td>{{ record.status }}</td>
+                    <td>{{ record.ttl }}</td>
+                    <td>{{ record.data | pretty_domain_name }}</td>
+                    {% if domain.type != 'Secondary' %}
+                      <td>{{ record.comment }}</td>
+                      <td width="6%">
+                        {% if record.is_allowed_edit() %}
+                          <button type="button" class="btn btn-warning button_edit">
+                            <i class="fa-solid fa-edit"></i>
+                          </button>
+                        {% else %}
+                          <button type="button" class="btn btn-warning">
+                            <i class="fa-solid fa-exclamation-circle"></i>
+                          </button>
+                        {% endif %}
+                      </td>
+                      <td width="6%">
+                        {% if record.is_allowed_delete() %}
+                          <button type="button" class="btn btn-danger button_delete">
+                            <i class="fa-solid fa-trash"></i>
+                          </button>
+                        {% endif %}
+                      </td>
+                      {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                        <td width="6%">
+                          <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
+                            <i class="fa-solid fa-history" aria-hidden="true"></i>
+                          </button>
+                        </td>
+                      {% endif %}
                     {% endif %}
-                </div>
-                <div class="box-body">
-                    <table id="tbl_records" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Type</th>
-                                <th>Status</th>
-                                <th>TTL</th>
-                                <th>Data</th>
-                                <th>Comment</th>
-                                <th>Edit</th>
-                                <th>Delete</th>
-                                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                                <th >Changelog</th>
-                                {% endif %}
-                                <th>Invisible Sorting Column</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                                {% for record in records %}
-                                <tr class="odd row_record" id="{{ domain.name }}">
-                                    <td>
-                                        {{ (record.name,domain.name) | display_record_name | pretty_domain_name }}
-                                    </td>
-                                    <td>
-                                        {{ record.type }}
-                                    </td>
-                                    <td>
-                                        {{ record.status }}
-                                    </td>
-                                    <td>
-                                        {{ record.ttl }}
-                                    </td>
-                                    <td>
-                                        {{ record.data | pretty_domain_name }}
-                                    </td>
-                                    <td>
-                                        {{ record.comment }}
-                                    </td>
-                                {% if domain.type != 'Slave' %}
-                                    <td width="6%">
-                                        {% if record.is_allowed_edit() %}
-                                            <button type="button" class="btn btn-flat btn-warning button_edit">Edit&nbsp;<i class="fa fa-edit"></i></button>
-                                        {% else %}
-                                            <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i></button>
-                                        {% endif %}
-                                    </td>
-                                    <td width="6%">
-                                        {% if record.is_allowed_delete() %}
-                                            <button type="button" class="btn btn-flat btn-danger button_delete">Delete&nbsp;<i class="fa fa-trash"></i></button>
-                                        {% endif %}
-                                    </td>
-                                {% else %}
-                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
-                                    </td>
-                                    <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
-                                    </td>
-                                {% endif %}
-                                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                                    <td width="6%">
-                                        <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-flat btn-primary">&nbsp;&nbsp;
-                                                            <i class="fa fa-history" aria-hidden="true"></i>&nbsp;&nbsp;&nbsp;
-                                        </button>
-                                    </td>
-                                    {% endif %}
-                                    <!-- hidden column that we can sort on -->
-                                    <td>1</td>
-                                </tr>
-                                {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-                <!-- /.box-body -->
-            </div>
-            <!-- /.box -->
+                    <!-- hidden column that we can sort on -->
+                    <td>1</td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.col -->
+      </div>
     </div>
-    <!-- /.row -->
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
     // superglobals
@@ -169,10 +173,14 @@ <h1>
                 // hidden column so that we can add new records on top
                 // regardless of whatever sorting is done. See orderFixed
                 visible: false,
-                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                targets: [ 9 ]
+                {% if domain.type != 'Slave' %}
+                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                    targets: [ 9 ]
+                  {% else %}
+                    targets: [ 8 ]
+                  {% endif %}
                 {% else %}
-                targets: [ 8 ]
+                  targets: [ 5 ]
                 {% endif %}
             },
             {
@@ -180,10 +188,14 @@ <h1>
                 targets: [ 4, 5 ]
             }
         ],
-        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-        "orderFixed": [[9, 'asc']]
+        {% if domain.type != 'Slave' %}
+          {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+            "orderFixed": [[9, 'asc']]
+          {% else %}
+            "orderFixed": [[8, 'asc']]
+          {% endif %}
         {% else %}
-        "orderFixed": [[8, 'asc']]
+          "orderFixed": [[5, 'asc']]
         {% endif %}
     });
 
@@ -219,7 +231,8 @@ <h1>
         });
     });
     // handle edit button and record click
-    $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
+    {% if domain.type != 'Slave' %}
+      $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
          e.stopPropagation();
          if ($(this).is('tr')) {
             var nRow = $(this)[0];
@@ -246,7 +259,8 @@ <h1>
              editRow(table, nRow);
              nEditing = nRow;
          }
-    });
+      });
+    {% endif %}
 
     // handle apply changes button
     $(document.body).on("click",".button_apply_changes", function() {
@@ -284,9 +298,9 @@ <h1>
             // add new row
             var default_type = records_allow_edit[0]
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-	        var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
+              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
-            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
+              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             {% endif %}
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
@@ -317,8 +331,8 @@ <h1>
             nNew = false;
         });
 
-    //handle update_from_master button
-    $(document.body).on("click", ".button_update_from_master", function (e) {
+    //handle update_from_primary button
+    $(document.body).on("click", ".button_update_from_primary", function (e) {
             var domain = $(this).prop('id');
             applyChanges({'domain': domain, '_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
     });
@@ -551,74 +565,84 @@ <h1>
         }
     });
     {% endif %}
+
+    window.onload = function() {
+    document.getElementById("loading-spinner").style.display = "none";
+  }
+
 </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
+  <div class="modal fade" id="modal_delete">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
         </div>
-        <!-- /.modal-content -->
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary pull-left" id="button_delete_cancel" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-danger" id="button_delete_confirm">
+            <i class="fa-solid fa-trash"></i>&nbsp;Delete
+          </button>
+        </div>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-primary" id="modal_apply_changes">
+  </div>
+
+  <div class="modal fade" id="modal_apply_changes">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Confirmation</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-success" id="button_apply_confirm">
+            <i class="fa-solid fa-save"></i>&nbsp;Apply Changes
+          </button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
-<div class="modal fade modal-primary" id="modal_custom_record">
+  </div>
+
+  <div class="modal fade bg-primary" id="modal_custom_record">
     <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Custom Record</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
-            </div>
+      <div class="modal-content">
+        <div class="modal-header">
+          <h4 class="modal-title">Custom Record</h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-dismiss="modal">
+            <i class="fa-solid fa-window-close"></i>&nbsp;Close
+          </button>
+          <button type="button" class="btn btn-success" id="button_save">
+            <i class="fa-solid fa-save"></i>&nbsp;Save
+          </button>
         </div>
-        <!-- /.modal-content -->
+      </div>
     </div>
-    <!-- /.modal-dialog -->
-</div>
+  </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 607730f5b..3f8525783 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -1,221 +1,239 @@
 {% extends "base.html" %}
+
 {% set active_page = "new_domain" %}
-{% block title %}<title>Add Domain - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Add Domain - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Domain
-        <small>Create new</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
-        <li class="active">Add Domain</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain
+            <small>New Domain</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain - New Domain</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Create new domain</h3>
+      <div class="col-4">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Create new domain</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('domain.add') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="card-body">
+              <div class="form-group">
+                <input type="text" class="form-control" name="domain_name" id="domain_name" placeholder="Enter a valid domain name (required)">
+              </div>
+              {% if domain_override_toggle == True %}
+                <div class="form-group">
+                  <label>Domain Override Record</label>
+                  <input type="checkbox" id="domain_override" name="domain_override" class="checkbox">
                 </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" action="{{ url_for('domain.add') }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        <div class="form-group">
-                            <input type="text" class="form-control" name="domain_name" id="domain_name"
-                                placeholder="Enter a valid domain name (required)">
-                        </div>
-                        {% if domain_override_toggle == True %}
-                        <div class="form-group">
-                            <label>Domain Override Record</label>
-                            <input type="checkbox" id="domain_override" name="domain_override"
-                                class="checkbox">
-                        </div>
-                        {% endif %}
-                        <select name="accountid" class="form-control" style="width:15em;">
-                            <option value="0">- No Account -</option>
-                            {% for account in accounts %}
-                            <option value="{{ account.id }}">{{ account.name }}</option>
-                            {% endfor %}
-                        </select><br />
-                        <div class="form-group">
-                            <label>Type</label>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
-                                    Native
-                                </label>
-                                &nbsp;&nbsp;&nbsp;
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_master" value="master"> Master
-                                </label>
-                                &nbsp;&nbsp;&nbsp;
-                                <label>
-                                    <input type="radio" name="radio_type" id="radio_type_slave" value="slave">Slave
-                                </label>
-                            </div>
-                        </div>
-                        <div class="form-group">
-                            <label>Select a template</label>
-                            <select class="form-control" id="domain_template" name="domain_template">
-                                <option value="0">No template</option>
-                                {% for template in templates %}
-                                <option value="{{ template.id }}">{{ template.name }}</option>
-                                {% endfor %}
-                            </select>
-                        </div>
-                        <div class="form-group" style="display: none;" id="domain_master_address_div">
-                            <input type="text" class="form-control" name="domain_master_address"
-                                id="domain_master_address"
-                                placeholder="Enter valid master ip addresses (separated by commas)">
-                        </div>
-                        <div class="form-group">
-                            <label>SOA-EDIT-API</label>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default"
-                                        value="DEFAULT" checked> DEFAULT
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase"
-                                        value="INCREASE"> INCREASE
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
-                                    EPOCH
-                                </label>
-                            </div>
-                            <div class="radio">
-                                <label>
-                                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
-                                </label>
-                            </div>
-                        </div>
-                    </div>
-                    <!-- /.box-body -->
-
-                    <div class="box-footer">
-                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
-                        <button type="button" class="btn btn-flat btn-default"
-                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
-                    </div>
-                </form>
-            </div>
-            <!-- /.box -->
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with creating a new domain</h3>
+              {% endif %}
+              <select name="accountid" class="form-control" style="width:15em;">
+                <option value="0">- No Account -</option>
+                {% for account in accounts %}
+                  <option value="{{ account.id }}">{{ account.name }}</option>
+                {% endfor %}
+              </select>
+              <br />
+              <div class="form-group">
+                <label>Type</label>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
+                    Native
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_primary" value="primary">
+                    Primary
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type" id="radio_type_secondary" value="secondary">
+                    Secondary
+                  </label>
                 </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <dt>Domain name</dt>
-                        <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
-                            enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
-                            delegate sub-domain management to specific users.</dd>
-                        <dt>Type</dt>
-                        <dd>The type decides how the domain will be replicated across multiple DNS servers.
-                            <ul>
-                                <li>
-                                    Native - PowerDNS will not perform any replication. Use this if you only have one
-                                    PowerDNS server or you handle replication via your backend.
-                                </li>
-                                <li>
-                                    Master - This PowerDNS server will serve as the master and will send zone transfers
-                                    (AXFRs) to other servers configured as slaves.
-                                </li>
-                                <li>
-                                    Slave - This PowerDNS server will serve as the slave and will request and receive
-                                    zone transfers (AXFRs) from other servers configured as masters.
-                                </li>
-                            </ul>
-                        </dd>
-                        <dt>SOA-EDIT-API</dt>
-                        <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
-                            made to the domain.
-                            <ul>
-                                <li>
-                                    DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
-                                    the generated serial, use the generated serial. If the current serial is higher or
-                                    equal to the generated serial, increase the current serial by 1.
-                                </li>
-                                <li>
-                                    INCREASE - Increase the current serial by 1.
-                                </li>
-                                <li>
-                                    EPOCH - Change the serial to the number of seconds since the EPOCH, aka unixtime.
-                                </li>
-                                <li>
-                                    OFF - Disable automatic updates of the SOA serial.
-                                </li>
-                            </ul>
-                        </dd>
-                    </dl>
-                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                    </p>
+              </div>
+              <div class="form-group">
+                <label>Select a template</label>
+                <select class="form-control" id="domain_template" name="domain_template">
+                  <option value="0">No template</option>
+                  {% for template in templates %}
+                    <option value="{{ template.id }}">{{ template.name }}</option>
+                  {% endfor %}
+                </select>
+              </div>
+              <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                <input type="text" class="form-control" name="domain_primary_address" id="domain_primary_address" placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+              </div>
+              <div class="form-group">
+                <label>SOA-EDIT-API</label>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default" value="DEFAULT" checked>
+                    DEFAULT
+                  </label>
                 </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase" value="INCREASE">
+                    INCREASE
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
+                    EPOCH
+                  </label>
+                </div>
+                <div class="radio">
+                  <label>
+                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
+                  </label>
+                </div>
+              </div>
+            </div>
+            <div class="card-footer">
+              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+              </button>
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Create
+              </button>
             </div>
+          </form>
         </div>
+      </div>
+      <div class="col-8">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Help with creating a new domain</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Domain name</dt>
+                <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
+                    enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
+                    delegate sub-domain management to specific users.
+                </dd>
+              <dt>Type</dt>
+                <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                  <ul>
+                    <li>
+                      <b>Native - </b>{{ SITE_NAME }} will not perform any Primary or Secondary zone functions.
+                    </li>
+                    <li>
+                      <b>Primary - </b>{{ SITE_NAME }} will serve as the Primary and will send zone transfers
+                      (AXFRs) to other servers configured as secondaries.
+                    </li>
+                    <li>
+                      <b>Secondary - </b>{{ SITE_NAME }} will serve as the Secondary and will request and receive
+                      zone transfers (AXFRs) from other servers configured as Primaries.
+                    </li>
+                  </ul>
+                </dd>
+                <dt>SOA-EDIT-API</dt>
+                  <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
+                      made to the domain.
+                    <ul>
+                      <li>
+                        <b>DEFAULT - </b>Generate a soa serial of YYYYMMDD01. If the current serial is lower than
+                          the generated serial, use the generated serial. If the current serial is higher or
+                          equal to the generated serial, increase the current serial by 1.
+                      </li>
+                      <li>
+                        <b>INCREASE - </b>Increase the current serial by 1.
+                      </li>
+                      <li>
+                        <b>EPOCH - </b>Change the serial to the number of seconds since the EPOCH, aka unixtime.
+                      </li>
+                      <li>
+                        <b>OFF - </b>Disable automatic updates of the SOA serial.
+                      </li>
+                    </ul>
+                  </dd>
+                </dl>
+                <p>
+                  Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
+                </p>
+              </div>
+            </div>
+          </div>
+      </div>
     </div>
 </section>
+
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+  <script>
     $("input[name=radio_type]").change(function () {
-        var type = $(this).val();
-        if (type == "slave") {
-            $("#domain_master_address_div").show();
-        } else {
-            $("#domain_master_address_div").hide();
-        }
+      var type = $(this).val();
+      if (type == "secondary") {
+        $("#domain_primary_address_div").show();
+      } else {
+        $("#domain_primary_address_div").hide();
+      }
     });
-</script>
+  </script>
 {% endblock %}
+
 {% block modals %}
-<script>
-{% if domain_override_message %}
-    $(document.body).ready(function () {
-        var modal = $("#modal_warning");
-        var info = "{{ domain_override_message }}";
-        modal.find('.modal-body p').text(info);
-        modal.modal('show');
-    });
-{% endif %}
-</script>
-</div>
-<div class="modal fade" id="modal_warning">
-  <div class="modal-dialog">
+  <script>
+    {% if domain_override_message %}
+      $(document.body).ready(function () {
+          var modal = $("#modal_warning");
+          var info = "{{ domain_override_message }}";
+          modal.find('.modal-body p').text(info);
+          modal.modal('show');
+      });
+    {% endif %}
+  </script>
+
+  <div class="modal fade" id="modal_warning">
+    <div class="modal-dialog">
       <div class="modal-content modal-sm">
-          <div class="modal-header alert-danger">
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-                  <span aria-hidden="true">&times;</span>
-              </button>
-              <h4 class="modal-title">WARNING</h4>
-          </div>
-          <div class="modal-body">
-              <p></p>
-          </div>
-          <div class="modal-footer">
-              <button type="button" class="btn btn-flat btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
-                  CLOSE</button>
-          </div>
+        <div class="modal-header alert-danger">
+          <h4 class="modal-title">
+            WARNING
+          </h4>
+          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+        <div class="modal-body">
+          <p></p>
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
+            CLOSE
+          </button>
+        </div>
       </div>
-      <!-- /.modal-content -->
+    </div>
   </div>
-  <!-- /.modal-dialog -->
-</div>
-{% endblock %}
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index a6b530a44..6fdea69bb 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -1,73 +1,85 @@
 {% extends "base.html" %}
-{% block title %}<title>{{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        {% if record_name and record_type %}
-        Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
-        {% else %}
-        Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
-        {% endif %}
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li>Domain</li>
-        <li class="active">{{ domain.name | pretty_domain_name }}</li>
-    </ol>
-</section>
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          {% if record_name and record_type %}
+          Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
+          {% else %}
+          Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
+          {% endif %}
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Changelog: {{ domain.name | pretty_domain_name }}</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-body">
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_show_records"
-                        id="{{ domain.name }}">
-                        Manage &nbsp;<i class="fa fa-arrow-left"></i>
-                    </button>
-                </div>
-                <div class="box-body">
-
-                    <table id="tbl_changelog" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Changed on</th>
-                                <th>Changed by</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            {% for applied_change in allHistoryChanges %}
-
-                            <tr class="odd row_record" id="{{ domain.name }}">
-                                <td id="changed_on" class="changed_on">
-                                    {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
-                                </td>
-                                <td>
-                                    {{allHistoryChanges[applied_change][0].history_entry.created_by }}
-                                </td>
-                            </tr>
-                            <!-- Nested Table -->
-                            <tr style='visibility:collapse'>
-                                <td colspan="2">
-                                    <div class="content">
-                                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
-                                        {% endcall %}
-                                    </div>
-                                </td>
-                            </tr>
-                            <!-- end nested table -->
-                            {% endfor %}
-                        </tbody>
-                    </table>
-                </div>
-            </div>
+      <div class="col-12">
+        <div class="card">
+          <div class="card-body">
+            <button type="button" class="btn btn-primary float-left button_show_records" id="{{ domain.name }}">
+              <i class="fa-solid fa-arrow-left"></i>          
+              &nbsp;Manage Domain {{ domain.name }}
+            </button>
+          </div>
+          <div class="card-body">
+            <table id="tbl_changelog" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Changed on</th>
+                  <th>Changed by</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for applied_change in allHistoryChanges %}
+                  <tr class="odd row_record" id="{{ domain.name }}">
+                    <td id="changed_on" class="changed_on">
+                      {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
+                    </td>
+                    <td>
+                      {{allHistoryChanges[applied_change][0].history_entry.created_by }}
+                    </td>
+                  </tr>
+                  <!-- Nested Table -->
+                  <tr style='visibility:collapse'>
+                    <td colspan="2">
+                      <div class="content">
+                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
+                        {% endcall %}
+                      </div>
+                    </td>
+                  </tr>
+                  <!-- end nested table -->
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 6ac540102..a2da906ac 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -1,127 +1,137 @@
 {% extends "base.html" %}
+
 {% set active_page = "remove_domain" %}
-{% block title %}<title>Remove Domain - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Remove Domain - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Domain
-        <small>Remove existing</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li><a href="{{ url_for('dashboard.dashboard') }}">Domain</a></li>
-        <li class="active">Remove Domain</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Domain
+            <small>Remove</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">Domain - Remove Domain</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-md-4">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Remove domain</h3>
-                </div>
-                <!-- /.box-header -->
-                <!-- form start -->
-                <form role="form" method="post" action="{{ url_for('domain.remove') }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-body">
-                        <select id=domainid class="form-control" style="width:15em;">
-                            <option value="0">- Select Domain -</option>
-                            {% for domain in domainss %}
-                            <option value="{{ domain.id }}">{{ domain.name }}</option>
-                            {% endfor %}
-                        </select><br />
-
-                    </div>
-                    <!-- /.box-body -->
-
-                    <div class="box-footer">
-                        <button type="button" class="btn btn-flat btn-danger button_delete">Remove</button>
-                        <button type="button" class="btn btn-flat btn-default"
-                            onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">Cancel</button>
-                    </div>
-                </form>
+      <div class="col-4">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Remove Domain</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('domain.remove') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="card-body">
+              <select id=domainid class="form-control" style="width:15em;">
+                <option value="0">- Select Domain -</option>
+                {% for domain in domainss %}
+                  <option value="{{ domain.id }}">{{ domain.name }}</option>
+                {% endfor %}
+              </select>
+              <br />
             </div>
-            <!-- /.box -->
-        </div>
-        <div class="col-md-8">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Help with removing a new domain</h3>
-                </div>
-                <div class="box-body">
-                    <dl class="dl-horizontal">
-                        <dt>Domain name</dt>
-                        <dd>Select domain you wish to remove from DNS.</dd>
-                    </dl>
-                    <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                    </p>
-                </div>
+            <div class="card-footer">
+              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+              </button>
+              <button type="button" class="btn btn-danger button_delete float-right">
+                <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
+              </button>
             </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-8">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Help with removing a domain</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Domain Name</dt>
+              <dd>Select the domain you wish to remove from the system.</dd>
+            </dl>
+            <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a></p>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-    // handle delete button
-    $(document.body).on("click", ".button_delete", function(e) {
-        e.stopPropagation();
-        if ( $("#domainid").val() == 0 ){
-            showErrorModal("Please select domain to remove.");
-            return;
-        }
-
-
-        var modal = $("#modal_delete");
-        var domain = $("#domainid option:selected").text(); 
-        var info = "Are you sure you want to delete " + domain + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            $.post($SCRIPT_ROOT + '/domain/remove' , {
-                '_csrf_token': '{{ csrf_token() }}',
-                'domainid': domain,
-            }, function () {
-                window.location.href = '{{ url_for('dashboard.dashboard') }}';
-            });
-            modal.modal('hide');
-        })
-       modal.modal('show');
+  // handle delete button
+  $(document.body).on("click", ".button_delete", function(e) {
+    e.stopPropagation();
+    if ( $("#domainid").val() == 0 ){
+      showErrorModal("Please select domain to remove.");
+      return;
+    }
 
-        $("#button_delete_cancel").unbind().one('click', function(e) {
-            modal.modal('hide');
-        });
+    var modal = $("#modal_delete");
+    var domain = $("#domainid option:selected").text(); 
+    var info = "Are you sure you want to delete " + domain + "?";
+    modal.find('.modal-body p').text(info);
+    modal.find('#button_delete_confirm').click(function () {
+      $.post($SCRIPT_ROOT + '/domain/remove' , {
+        '_csrf_token': '{{ csrf_token() }}',
+        'domainid': domain,
+        }, function () {
+        window.location.href = '{{ url_for('dashboard.dashboard') }}';
+      });
+      modal.modal('hide');
+    })
+    modal.modal('show');
+    $("#button_delete_cancel").unbind().one('click', function(e) {
+      modal.modal('hide');
     });
+  });
 </script>
 {% endblock %}
 
 {% block modals %}
 <div class="modal fade modal-warning" id="modal_delete">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
-            </div>
-        </div>
-        <!-- /.modal-content -->
+  <div class="modal-dialog">
+    <div class="modal-content">
+      <div class="modal-header">
+        <h4 class="modal-title">Confirmation</h4>
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+      <div class="modal-body">
+        <p></p>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-secondary" id="button_delete_cancel" data-dismiss="modal">
+          <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+        </button>
+        <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
+          <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
+        </button>
+      </div>
     </div>
-    <!-- /.modal-dialog -->
+  </div>
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 91358c89f..1d68388d6 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -1,46 +1,66 @@
 {% extends "base.html" %}
-{% block title %}<title>Domain Management - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Domain Management - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
+
 {% if status %}
-{% if status.get('status') == 'ok' %}
-<div class="alert alert-success">
-    <strong>Success!</strong> {{ status.get('msg') }}
-</div>
-{% elif status.get('status') == 'error' %}
-<div class="alert alert-danger">
-    {% if status.get('msg') != None %}
-    <strong>Error!</strong> {{ status.get('msg') }}
-    {% else %}
-    <strong>Error!</strong> An undefined error occurred.
-    {% endif %}
-</div>
-{% endif %}
+  {% if status.get('status') == 'ok' %}
+    <div class="alert alert-success">
+      <strong>Success!</strong> {{ status.get('msg') }}
+    </div>
+  {% elif status.get('status') == 'error' %}
+    <div class="alert alert-danger">
+      {% if status.get('msg') != None %}
+        <strong>Error!</strong>
+        {{ status.get('msg') }}
+      {% else %}
+        <strong>Error!</strong>
+        An undefined error occurred.
+      {% endif %}
+    </div>
+  {% endif %}
 {% endif %}
-<section class="content-header">
-    <h1>
-        Manage domain <small>{{ domain.name | pretty_domain_name }}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i> Home</a></li>
-        <li class="active">Domain Management</li>
-    </ol>
-</section>
+
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Domain Settings
+          <small>{{ domain.name | pretty_domain_name }}</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Domain Settings: {{ domain.name | pretty_domain_name }}</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
+
 {% endblock %}
 
 {% block content %}
 <section class="content">
+    <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
+        <div class="col-12">
+            <div class="card">
                 <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="box-header">
-                        <h3 class="box-title">Domain Access Control</h3>
+                    <div class="card-header">
+                        <h3 class="card-title">Domain Access Control</h3>
                     </div>
-                    <div class="box-body">
+                    <div class="card-body">
                         <div class="row">
-                            <div class="col-xs-2">
+                            <div class="col-2">
                                 <p>Users on the right have access to manage the records in
                                     the {{ domain.name | pretty_domain_name }} domain.</p>
                                 <p>Click on users to move from between columns.</p>
@@ -49,7 +69,7 @@ <h3 class="box-title">Domain Access Control</h3>
                                     and already have access to <b>ALL</b> domains.
                                 </p>
                             </div>
-                            <div class="form-group col-xs-2">
+                            <div class="form-group col-2">
                                 <select multiple="multiple" class="form-control" id="domain_multi_user"
                                     name="domain_multi_user[]">
                                     {% for user in users %}
@@ -60,11 +80,13 @@ <h3 class="box-title">Domain Access Control</h3>
                                 </select>
                             </div>
                         </div>
-                        <div class="box-body">
-                            <div class="col-xs-offset-2">
+                        <div class="card-body">
+                            <div class="col-offset-2">
                                 <div class="form-group">
-                                    <button type="submit" class="btn btn-flat btn-primary"><i class="fa fa-check"></i>
-                                        Save</button>
+                                    <button type="submit" class="btn btn-primary">
+                                      <i class="fa-solid fa-check"></i>
+                                      Save
+                                    </button>
                                 </div>
                             </div>
                         </div>
@@ -74,13 +96,13 @@ <h3 class="box-title">Domain Access Control</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Account</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Account</h3>
                 </div>
-                <div class="box-body">
-                    <div class="col-xs-12">
+                <div class="card-body">
+                    <div class="col-12">
                         <div class="form-group">
                             <form method="post"
                                 action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
@@ -94,7 +116,7 @@ <h3 class="box-title">Account</h3>
                                     {% endfor %}
                                 </select><br />
                                 <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
-                                    <i class="fa fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
+                                    <i class="fa-solid fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
                                 </button>
                             </form>
                         </div>
@@ -104,12 +126,12 @@ <h3 class="box-title">Account</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Auto PTR creation</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Auto PTR creation</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="auto_ptr_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked{% endif %}{% endfor %}
                             {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
@@ -123,12 +145,12 @@ <h3 class="box-title">Auto PTR creation</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">DynDNS 2 Settings</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">DynDNS 2 Settings</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p><input type="checkbox" id="{{ domain.name }}" class="dyndns_on_demand_toggle"
                             {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked{% endif %}{% endfor %}>
                         &nbsp;Allow on-demand creation of records via DynDNS updates?</p>
@@ -137,12 +159,12 @@ <h3 class="box-title">DynDNS 2 Settings</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Change Type</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Change Type</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
                     <ul>
                         <li>
@@ -150,12 +172,12 @@ <h3 class="box-title">Change Type</h3>
                             PowerDNS server or you handle replication via your backend.
                         </li>
                         <li>
-                            Master - This PowerDNS server will serve as the master and will send zone transfers
-                            (AXFRs) to other servers configured as slaves.
+                            Primary - This PowerDNS server will serve as the primary and will send zone transfers
+                            (AXFRs) to other servers configured as secondaries.
                         </li>
                         <li>
-                            Slave - This PowerDNS server will serve as the slave and will request and receive
-                            zone transfers (AXFRs) from other servers configured as masters.
+                            Secondary - This PowerDNS server will serve as the secondaries and will request and receive
+                            zone transfers (AXFRs) from other servers configured as primaries.
                         </li>
                     </ul>
                     <b>New Domain Type Setting:</b>
@@ -164,16 +186,16 @@ <h3 class="box-title">Change Type</h3>
                         <select name="domain_type" class="form-control" style="width:15em;">
                             <option selected value="0">- Unchanged -</option>
                             <option value="native">Native</option>
-                            <option value="master">Master</option>
-                            <option value="slave">Slave</option>
+                            <option value="priamry">Primary</option>
+                            <option value="secondary">Secondary</option>
                         </select><br />
-                        <div class="form-group" style="display: none;" id="domain_master_address_div">
-                            <input type="text" class="form-control" name="domain_master_address"
-                                id="domain_master_address"
-                                placeholder="Enter valid master ip addresses (separated by commas)">
+                        <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                            <input type="text" class="form-control" name="domain_primary_address"
+                                id="domain_primary_address"
+                                placeholder="Enter valid Primary Server IP addresses (separated by commas)">
                         </div>
-                        <button type="submit" class="btn btn-flat btn-primary" id="change_type">
-                            <i class="fa fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
+                        <button type="submit" class="btn btn-primary" id="change_type">
+                            <i class="fa-solid fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -181,12 +203,12 @@ <h3 class="box-title">Change Type</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Change SOA-EDIT-API</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Change SOA-EDIT-API</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is made
                         to the domain.</p>
                     <ul>
@@ -215,8 +237,8 @@ <h3 class="box-title">Change SOA-EDIT-API</h3>
                             <option>EPOCH</option>
                             <option>OFF</option>
                         </select><br />
-                        <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
-                            <i class="fa fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
+                        <button type="submit" class="btn btn-primary" id="change_soa_edit_api">
+                            <i class="fa-solid fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
                         </button>
                     </form>
                 </div>
@@ -224,23 +246,24 @@ <h3 class="box-title">Change SOA-EDIT-API</h3>
         </div>
     </div>
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Domain Deletion</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Domain Deletion</h3>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All records and
                         user privileges associated with this domain will also be removed. This change cannot be
                         reverted.</p>
-                    <button type="button" class="btn btn-flat btn-danger pull-left delete_domain"
+                    <button type="button" class="btn btn-danger float-left delete_domain"
                         id="{{ domain.name }}">
-                        <i class="fa fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
+                        <i class="fa-solid fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
                     </button>
                 </div>
             </div>
         </div>
     </div>
+    </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
@@ -336,39 +359,37 @@ <h3 class="box-title">Domain Deletion</h3>
         modal.modal('show');
     });
 
-    // domain master address input handeling
+    // domain primary address input handeling
     $("select[name=domain_type]").change(function () {
         var type = $(this).val();
-        if (type == "slave") {
-            $("#domain_master_address_div").show();
+        if (type == "secondary") {
+            $("#domain_primary_address_div").show();
         } else {
-            $("#domain_master_address_div").hide();
+            $("#domain_primary_address_div").hide();
         }
     });
 
 </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete_domain">
+<div class="modal fade" id="modal_delete_domain">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                  <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">
+                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">
                     Delete</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index edf6d6dcb..b6ea84c7f 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -1,30 +1,41 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 400 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    400 Error - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        400
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>400</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            400
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">400 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
       <h2 class="headline text-yellow">
         400
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Bad request
         </h3>
         <p>
@@ -37,7 +48,5 @@ <h3>
         </p>
       </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index ddc35176c..44c75277f 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -1,30 +1,41 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 403 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    403 Error - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        403
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>403</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            403
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">403 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
       <h2 class="headline text-yellow">
         403
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Access denied
         </h3>
         <p>
@@ -33,7 +44,5 @@ <h3>
         </p>
       </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 430bf9617..70040a524 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -1,30 +1,41 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 404 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    404 Error - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        404
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>404</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            404
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">404 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
       <h2 class="headline text-yellow">
         404
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! You're lost
         </h3>
         <p>
@@ -33,7 +44,5 @@ <h3>
         </p>
       </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index da8b6b853..c92c104dd 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -1,30 +1,41 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - 500 Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    500 Error - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        500
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>500</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            500
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">500 Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
       <h2 class="headline text-yellow">
         500
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <p>
@@ -33,7 +44,5 @@ <h3>
         </p>
       </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index db35c5db5..a88c388ac 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -1,23 +1,34 @@
 {% extends "base.html" %}
-{% block title %}<title>PowerDNS-Admin - SAML Authentication Error</title>{% endblock %}
+
+{% block title %}
+  <title>
+    SAML Authentication Error - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <section class="content-header">
-      <h1>
-        SAML
-        <small>Error</small>
-      </h1>
-      <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li>SAML</li>
-      </ol>
-    </section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            SAML
+            <small>Error</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">SAML Authentication Error</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
-<!-- Main content -->
-<section class="content">
+  <section class="content">
     <div class="error-page">
       <div>
         <h1 class="headline text-yellow" style="font-size:46px;">
@@ -28,7 +39,7 @@ <h1 class="headline text-yellow" style="font-size:46px;">
       <br/>
       <div class="error-content">
         <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+          <i class="fas fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <br>
@@ -46,7 +57,5 @@ <h3>
         </p>
       </div>
     </div>
-    <!-- /.error-page -->
-</section>
-<!-- /.content -->
-{% endblock %}
+  </section>
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 0c1470131..f7ef1589c 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -1,165 +1,170 @@
 <!DOCTYPE html>
 <html>
-<head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Log In - {{ SITE_NAME }}</title>
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-{% if SETTING.get('custom_css') %}
-  <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-{% endif %}
-</head>
-
-<body class="hold-transition login-page">
-  <div class="login-box">
-    <div class="login-logo">
-      <a href="{{ url_for('index.index') }}">
-        {% if SETTING.get('site_name') %}
-          <b>{{ SITE_NAME }}</b>
-        {% else %}
-          <b>PowerDNS</b>-Admin
-        {% endif %}
-      </a>
-    </div>
-    <!-- /.login-logo -->
-    <div class="login-box-body">
-      {% if error %}
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        {{ error }}
-      </div>
-      {% endif %}
-      {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-      <form action="" method="post" data-toggle="validator">
-        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-        <div class="form-group">
-          <input type="text" class="form-control" placeholder="Username" name="username"
-            data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group">
-          <input type="password" class="form-control" placeholder="Password" name="password"
-            data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
-          <span class="help-block with-errors"></span>
-        </div>
-        {% if SETTING.get('otp_field_enabled') %}
-        <div class="form-group">
-          <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
-        </div>
-        {% endif %}
-        {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
-        <div class="form-group">
-          <select class="form-control" name="auth_method">
-            <option value="LOCAL">LOCAL Authentication</option>
-            {% if SETTING.get('login_ldap_first') %}
-            <option value="LDAP" selected="selected">LDAP Authentication</option>
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Log In - {{ SITE_NAME }}</title>
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
+    {% assets "css_login" -%}
+      <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+    {% if SETTING.get('custom_css') %}
+      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+    {% endif %}
+  </head>
+  <body class="hold-transition login-page">
+    <div class="login-box">
+      <div class="card card-outline card-primary">
+        <div class="card-header text-center">
+          <a href="{{ url_for('index.index') }}" class="h3">
+            {% if SETTING.get('site_name') %}
+              {{ SITE_NAME }}
             {% else %}
-            <option value="LDAP">LDAP Authentication</option>
+              <b>PowerDNS</b>-Admin
             {% endif %}
-          </select>
-        </div>
-        {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LDAP">
+          </a>
         </div>
-        {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LOCAL">
-        </div>
-        {% else %}
-        <div class="form-group">
-          <input type="hidden" name="auth_method" value="LOCAL">
-        </div>
-        {% endif %}
-
-        <div class="row">
-          <div class="col-xs-8">
-            <div class="checkbox icheck">
-              <label>
-                <input type="checkbox" name="remember"> Remember Me
-              </label>
+        <div class="card-body login-card-body">
+          {% if error %}
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              {{ error }}
+            </div>
+          {% endif %}
+          {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+            <form action="" method="post" data-toggle="validator">
+              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+              <div class="form-group">
+                <input type="text" class="form-control" placeholder="Username" name="username" data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
+                <span class="help-block with-errors"></span>
+              </div>
+              <div class="form-group">
+                <input type="password" class="form-control" placeholder="Password" name="password" data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
+                <span class="help-block with-errors"></span>
+              </div>
+              {% if SETTING.get('otp_field_enabled') %}
+                <div class="form-group">
+                  <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
+                </div>
+              {% endif %}
+              {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
+                <div class="form-group">
+                  <select class="form-control" name="auth_method">
+                    <option value="LOCAL">
+                      LOCAL Authentication
+                    </option>
+                    {% if SETTING.get('login_ldap_first') %}
+                      <option value="LDAP" selected="selected">
+                        LDAP Authentication
+                      </option>
+                    {% else %}
+                      <option value="LDAP">
+                        LDAP Authentication
+                      </option>
+                    {% endif %}
+                  </select>
+                </div>
+              {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LDAP">
+                </div>
+              {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LOCAL">
+                </div>
+              {% else %}
+                <div class="form-group">
+                  <input type="hidden" name="auth_method" value="LOCAL">
+                </div>
+              {% endif %}
+              <div class="row">
+                <div class="col-8">
+                  <div class="icheck-primary">
+                    <input type="checkbox" id="remember">
+                    <label for="remember">
+                      Remember Me
+                    </label>
+                  </div>
+                </div>
+                <div class="col-4">
+                  <button type="submit" class="btn btn-primary btn-block">Sign In</button>
+                </div>
+              </div>
+            </form>
+          {% endif %}
+          {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
+            <div class="social-auth-links text-center">
+              {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+                <p>- OR -</p>
+              {% endif %}
+              {% if SETTING.get('oidc_oauth_enabled') %}
+                <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat">
+                  <i class="fa-brands fa-openid"></i>
+                  Sign in using OpenID Connect
+                </a>
+              {% endif %}
+              {% if SETTING.get('github_oauth_enabled') %}
+                <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat">
+                  <i class="fa-brands fa-github"></i>
+                  Sign in using Github
+                </a>
+              {% endif %}
+              {% if SETTING.get('google_oauth_enabled') %}
+                <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat">
+                  <i class="fa-brands fa-google"></i>
+                  Sign in using Google
+                </a>
+              {% endif %}
+              {% if SETTING.get('azure_oauth_enabled') %}
+                <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat">
+                  <i class="fa-brands fa-windows"></i>
+                  Sign in using Microsoft Azure
+                </a>
+              {% endif %}
             </div>
-          </div>
-          <!-- /.col -->
-          <div class="col-xs-4">
-            <button type="submit" class="btn btn-flat btn-primary btn-block">Sign In</button>
-          </div>
-          <!-- /.col -->
+          {% endif %}
+          {% if saml_enabled %}
+            <a href="{{ url_for('index.saml_login') }}">
+              SAML login
+            </a>
+          {% endif %}
+          {% if SETTING.get('signup_enabled') %}
+            <br>
+            <a href="{{ url_for('index.register') }}" class="text-center">
+              Create an account
+            </a>
+            {% if SETTING.get('verify_user_email') %}
+              <br/>
+              <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">
+                Resend confirmation email
+              </a>
+            {% endif %}
+          {% endif %}
         </div>
-      </form>
-      {% endif %}
-      {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
-      <div class="social-auth-links text-center">
-        {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-        <p>- OR -</p>
-        {% endif %}
-        {% if SETTING.get('oidc_oauth_enabled') %}
-        <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat"><i
-            class="fa fa-openid"></i> Sign in using
-          OpenID Connect</a>
-        {% endif %}
-        {% if SETTING.get('github_oauth_enabled') %}
-        <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat"><i
-            class="fa fa-github"></i> Sign in using
-          Github</a>
-        {% endif %}
-        {% if SETTING.get('google_oauth_enabled') %}
-        <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat"><i
-            class="fa fa-google"></i> Sign in using
-          Google</a>
-        {% endif %}
-        {% if SETTING.get('azure_oauth_enabled') %}
-        <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat"><i
-          class="fa fa-windows"></i> Sign in using
-        Microsoft Azure</a>
-      {% endif %}
       </div>
-      {% endif %}
-
-      {% if saml_enabled %}
-      <a href="{{ url_for('index.saml_login') }}">SAML login</a>
-      {% endif %}
-
-      {% if SETTING.get('signup_enabled') %}
-      <br>
-      <a href="{{ url_for('index.register') }}" class="text-center">Create an account </a>
-        {% if SETTING.get('verify_user_email') %}
-          <br/>
-          <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">Resend confirmation email</a>
-        {% endif %}
-      {% endif %}
-    </div>
-    <!-- /.login-box-body -->
-    <div class="login-box-footer">
-      <center>
-        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-      </center>
+      <div class="login-box-footer">
+        <center>
+          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+        </center>
+      </div>
     </div>
-  </div>
-  <!-- /.login-box -->
-
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-
-  <script>
-    $(function () {
-      $('input').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        radioClass: 'iradio_square-blue',
-        increaseArea: '20%' // optional
+    {% assets "js_login" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    {% assets "js_validation" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    <script>
+      $(function () {
+        $('input').iCheck({
+          checkboxClass: 'icheckbox_square-blue',
+          radioClass: 'iradio_square-blue',
+          increaseArea: '20%' // optional
+        });
       });
-    });
-  </script>
-</body>
-
+    </script>
+  </body>
 </html>
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 9a25fbb22..81c833f99 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -1,102 +1,192 @@
 <!DOCTYPE html>
 <html>
 
-<head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Register - {{ SITE_NAME }}</title>
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-</head>
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Register - {{ SITE_NAME }}</title>
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
+    {% assets "css_login" -%}
+      <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+  </head>
 
-<body class="hold-transition register-page">
-  <div class="register-box">
-    <div class="register-logo">
-      <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
-    </div>
-    <div class="register-box-body">
-      {% if error %}
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        {{ error }}
-      </div>
-      {% endif %}
-      <p class="login-box-msg">Enter your personal details below</p>
-      <form action="{{ url_for('index.register') }}" method="post" data-toggle="validator">
-        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="First Name" name="firstname"
-            data-error="Please input your first name" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="Last name" name="lastname"
-            data-error="Please input your last name" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="email" class="form-control" placeholder="Email" name="email"
-            data-error="Please input your valid email address" required>
-          <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <p class="login-box-msg">Enter your account details below</p>
-        <div class="form-group has-feedback">
-          <input type="text" class="form-control" placeholder="Username" name="username"
-            data-error="Please input your username" required>
-          <span class="glyphicon glyphicon-user form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="form-group has-feedback">
-          <input type="password" class="form-control" placeholder="Password" id="password" name="password"
-            data-error="Please input your password" required>
-          <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+  <body class="hold-transition register-page">
+    <div class="register-box">
+      <div class="card card-outline card-primary">
+        <div class="card-header text-center">
+          <a href="{{ url_for('index.index') }}" class="h3">
+            {% if SETTING.get('site_name') %}
+              {{ SITE_NAME }}
+            {% else %}
+              <b>PowerDNS</b>-Admin
+            {% endif %}
+          </a>
         </div>
-        <div class="form-group has-feedback">
-          <input type="password" class="form-control" placeholder="Retype password" name="rpassword"
-            data-match="#password" data-match-error="Password confirmation does not match" required>
-          <span class="glyphicon glyphicon-log-in form-control-feedback"></span>
-          <span class="help-block with-errors"></span>
-        </div>
-        <div class="row">
-          <div class="col-xs-4 pull-left">
-            <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
-          </div>
-          <div class="col-xs-4 pull-right">
-            <button type="submit" class="btn btn-flat btn-primary btn-block">Register</button>
+        <div class="card-body">
+          {% if error %}
+          <div class="alert alert-danger alert-dismissible">
+            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+            {{ error }}
           </div>
-          <!-- /.col -->
-        </div>
-      </form>
-    </div>
-    <!-- /.form-box -->
-    <div class="login-box-footer">
-      <center>
-        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-      </center>
-    </div>
-  </div>
-  <!-- /.login-box -->
+          {% endif %}
+          <p class="login-box-msg">Enter your personal details below</p>
+          <form action="{{ url_for('index.register') }}" method="post" validator>
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
+                </div>
+                <input type="text" class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}" placeholder="First Name" name="firstname" id="firstname" value="{{ request.form.firstname }}" required>
+                {% if 'firstname' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['firstname'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
 
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  <script>
-    $(function () {
-      $('#button_back').click(function () {
-        window.location.href = '{{ url_for('index.login') }}';
-      })
-    });
-  </script>
-</body>
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
+                </div>
+                <input type="text" class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}" placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}" required>
+                {% if 'lastname' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['lastname'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
 
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-envelope"></i>
+                  </span>
+                </div>
+                <input type="email" class="form-control {{ 'is-invalid' if 'email' in error_messages else '' }}" placeholder="Email" name="email" id="email" value="{{ request.form.email }}" required>
+                {% if 'email' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['email'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
+
+            <p class="login-box-msg">Enter your account details below</p>
+
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-user"></i>
+                  </span>
+                </div>
+                <input type="text" class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}" placeholder="Username" name="username" id="username" value="{{ request.form.username }}" required>
+                {% if 'username' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['username'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
+
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-lock"></i>
+                  </span>
+                </div>
+                <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}" placeholder="Password" id="password" name="password" required>
+                {% if 'password' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['password'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
+
+            <div class="form-group">
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-lock"></i>
+                  </span>
+                </div>
+                <input type="password" class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}" placeholder="Retype password" id="rpassword" name="rpassword" required>
+                {% if 'rpassword' in error_messages %}
+                  <div class="invalid-feedback">
+                    <i class="fas fa-exclamation-triangle"></i>
+                    {{ error_messages['rpassword'] }}
+                  </div>
+                {% endif %}
+              </div>
+            </div>
+
+            {% if captcha_enable %}
+            <p class="login-box-msg">Please complete the CAPTCHA below</p>
+            <div class="form-group">
+              {{ captcha() }}
+              <div class="input-group">
+                <div class="input-group-prepend">
+                  <span class="input-group-text">
+                    <i class="fas fa-shield-alt"></i>
+                  </span>
+                </div>
+              <input type="text" class="form-control {{ 'is-invalid' if 'captcha_result' in error_messages else '' }}" placeholder="CAPTCHA"  id="captcha" name="captcha" required>
+              {% if 'captcha_result' in error_messages %}
+                <div class="invalid-feedback">
+                  <i class="fas fa-exclamation-triangle"></i>
+                  {{ error_messages['captcha_result'] }}
+                </div>
+              {% endif %}
+            </div>
+          {% endif %}
+
+          <div class="row">
+            <div class="d-flex justify-content-between mx-auto mt-3">
+              <button type="button" class="btn btn-secondary" id="button_back">Back</button>
+              <button type="submit" class="btn btn-primary btn-block mx-3">Register</button>
+            </div>
+          </div>
+        </form>
+      </div>
+      <div class="login-box-footer">
+        <center>
+          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
+        </center>
+      </div>
+    </div>
+    {% assets "js_login" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    {% assets "js_validation" -%}
+      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
+    <script>
+      $(function () {
+        $('#button_back').click(function () {
+          window.location.href = '{{ url_for('index.login') }}';
+        })
+      });
+    </script>
+  </body>
 </html>
diff --git a/powerdnsadmin/templates/register_otp.html b/powerdnsadmin/templates/register_otp.html
index 87ec027e3..2e8478653 100755
--- a/powerdnsadmin/templates/register_otp.html
+++ b/powerdnsadmin/templates/register_otp.html
@@ -69,7 +69,7 @@
           </div>
           <div class="row">
             <div class="col-xs-4">
-              <button type="submit" class="btn btn-flat btn-primary btn-block">Continue</button>
+              <button type="submit" class="btn btn-primary btn-block">Continue</button>
             </div>
           </div>
         </form>
diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index bc1693be6..165d828f4 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -1,106 +1,129 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Templates - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-  <h1>
-    Templates
-    <small>List</small>
-  </h1>
-  <ol class="breadcrumb">
-    <li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
-    <li class="active">List</li>
-  </ol>
-</section>
+{% block title %}
+  <title>
+    Templates - {{ SITE_NAME }}
+  </title>
 {% endblock %}
-{% block content %}
-<!-- Main content -->
-<section class="content">
-  {% with errors = get_flashed_messages(category_filter=["error"]) %} {% if errors %}
-  <div class="row">
-    <div class="col-md-12">
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        <h4>
-          <i class="icon fa fa-ban"></i> Error!
-        </h4>
-        <div class="alert-message block-message error">
-          <a class="close" href="#">x</a>
-          <ul>
-            {%- for msg in errors %}
-            <li>{{ msg }}</li> {% endfor -%}
-          </ul>
-        </div>
+
+{% block dashboard_stat %}
+
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Templates
+          <small>List</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+          <li class="breadcrumb-item active">Templates - List</li>
+        </ol>
       </div>
     </div>
   </div>
-  {% endif %} {% endwith %}
-  <div class="row">
-    <div class="col-xs-12">
-      <div class="box">
-        <div class="box-header">
-          <h3 class="box-title">Templates</h3>
-        </div>
-        <div class="box-body">
-          <a href="{{ url_for('admin.create_template') }}">
-            <button type="button" class="btn btn-flat btn-primary pull-left">
-              Create Template&nbsp;<i class="fa fa-plus"></i>
-            </button>
-          </a>
+</div>
+
+{% endblock %}
+
+{% block content %}
+<section class="content">
+  <div class="container-fluid">
+    {% with errors = get_flashed_messages(category_filter=["error"]) %}
+      {% if errors %}
+        <div class="row">
+          <div class="col-12">
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              <h4>
+                <i class="fa-solid fa-ban"></i> Error!
+              </h4>
+              <div class="alert-message block-message error">
+                <a class="close" href="#">x</a>
+                <ul>
+                  {%- for msg in errors %}
+                    <li>{{ msg }}</li>
+                  {% endfor -%}
+                </ul>
+              </div>
+            </div>
+          </div>
         </div>
-        <div class="box-body">
-          <table id="tbl_template_list" class="table table-bordered table-striped">
-            <thead>
-              <tr>
-                <th>Name</th>
-                <th>Description</th>
-                <th>Number of Records</th>
-                <th width="20%">Action</th>
-              </tr>
-            </thead>
-            <tbody>
-              {% for template in templates %}
-              <tr>
-                <td>
-                  <a
-                    href="{{ url_for('admin.edit_template', template=template.name) }}"><strong>{{ template.name }}</strong></a>
-                </td>
-                <td>
-                  {{ template.description }}
-                </td>
-                <td>
-                  {{ template.records|count }}
-                </td>
-                <td>
-                  <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                    <button type="button" class="btn btn-flat btn-warning button_edit" id="btn_edit">
-                      Edit&nbsp;<i class="fa fa-edit"></i>
-                    </button>
-                  </a>
-                  <button type="button" class="btn btn-flat btn-danger button_delete" id="{{template.name}}">
-                    Delete&nbsp;<i class="fa fa-trash"></i>
-                  </button>
-                </td>
-              </tr>
-              {% endfor %}
-            </tbody>
-          </table>
+      {% endif %}
+    {% endwith %}
+    <div class="row">
+      <div class="col-12">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Templates</h3>
+            <a href="{{ url_for('admin.create_template') }}">
+              <button type="button" class="btn btn-primary float-right">
+                <i class="fa-solid fa-plus"></i>&nbsp;Create Template
+              </button>
+            </a>
+          </div>
+          <div class="card-body">
+            <table id="tbl_template_list" class="table table-bordered table-striped">
+              <thead>
+                <tr>
+                  <th>Name</th>
+                  <th>Description</th>
+                  <th>Number of Records</th>
+                  <th width="20%">Actions</th>
+                </tr>
+              </thead>
+              <tbody>
+                {% for template in templates %}
+                  <tr>
+                    <td>
+                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
+                        <strong>{{ template.name }}</strong>
+                      </a>
+                    </td>
+                    <td>
+                      {{ template.description }}
+                    </td>
+                    <td>
+                      {{ template.records|count }}
+                    </td>
+                    <td>
+                      <div class="dropdown">
+                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                        </button>
+                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_template', template=template.name) }}'">
+                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Template
+                          </button>
+                          <div class="dropdown-divider"></div>
+                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{template.name}}">
+                            <font color="red">
+                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Template
+                            </font>
+                          </button>
+                         </div>
+                      </div>
+                    </td>
+                  </tr>
+                {% endfor %}
+              </tbody>
+            </table>
+          </div>
         </div>
-        <!-- /.box-body -->
       </div>
-      <!-- /.box -->
     </div>
-    <!-- /.col -->
   </div>
-  <!-- /.row -->
 </section>
-<!-- /.content -->
 {% endblock %}
+
 {% block extrascripts %}
 <script>
-  // set up history data table
+  // set up template data table
   $("#tbl_template_list").DataTable({
     "paging": true,
     "lengthChange": true,
@@ -109,6 +132,7 @@ <h3 class="box-title">Templates</h3>
     "info": false,
     "autoWidth": false
   });
+
   // handle delete button
   $(document.body).on("click", ".button_delete", function (e) {
     var template = $(this).prop('id');
@@ -117,9 +141,9 @@ <h3 class="box-title">Templates</h3>
     }, function () {
       window.location.href = '{{ url_for('admin.templates') }}';
     });
-
   });
 </script>
 {% endblock %}
+
 {% block modals %}
-{% endblock %}
+{% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 0ec265cac..6b06ccf5d 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -1,103 +1,118 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Create Template - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Create Template - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-	<h1>
-		Template
-		<small>Create</small>
-	</h1>
-	<ol class="breadcrumb">
-		<li><a href="{{ url_for('admin.templates') }}"><i class="fa fa-dashboard"></i> Templates</a></li>
-		<li class="active">Create</li>
-	</ol>
-</section>
+<div class="content-header">
+  <div class="container-fluid">
+    <div class="row mb-2">
+      <div class="col-sm-6">
+        <h1 class="m-0 text-dark">
+          Template
+          <small>Create</small>
+        </h1>
+      </div>
+      <div class="col-sm-6">
+        <ol class="breadcrumb float-sm-right">
+          <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+          <li class="breadcrumb-item active">Create</li>
+        </ol>
+      </div>
+    </div>
+  </div>
+</div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
-	{% with errors = get_flashed_messages(category_filter=["error"]) %} {%
-if errors %}
-	<div class="row">
-		<div class="col-md-12">
-			<div class="alert alert-danger alert-dismissible">
-				<button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-				<h4>
-					<i class="icon fa fa-ban"></i> Error!
-				</h4>
-				<div class="alert-message block-message error">
-					<a class="close" href="#">x</a>
-					<ul>
-						{%- for msg in errors %}
-						<li>{{ msg }}</li> {% endfor -%}
-					</ul>
-				</div>
-			</div>
-		</div>
-	</div>
-	{% endif %} {% endwith %}
-
-	<div class="row">
-		<div class="col-md-4">
-			<div class="box box-primary">
-				<div class="box-header with-border">
-					<h3 class="box-title">Create new template</h3>
-				</div>
-				<!-- /.box-header -->
-				<!-- form start -->
-				<form role="form" method="post" action="{{ url_for('admin.create_template') }}">
-					<input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-					<div class="box-body">
-						<div class="form-group">
-							<input type="text" class="form-control" name="name" id="name"
-								placeholder="Enter a valid template name (required)">
-						</div>
-						<div class="form-group">
-							<input type="text" class="form-control" name="description" id="description"
-								placeholder="Enter a template description (optional)">
-						</div>
-					</div>
-					<div class="box-footer">
-						<button type="submit" class="btn btn-flat btn-primary">Submit</button>
-						<button type="button" class="btn btn-flat btn-default"
-							onclick="window.location.href='{{ url_for('admin.templates') }}'">Cancel</button>
-					</div>
-				</form>
-			</div>
-			<!-- /.box -->
-		</div>
-		<div class="col-md-8">
-			<div class="box box-primary">
-				<div class="box-header with-border">
-					<h3 class="box-title">Help with creating a new template</h3>
-				</div>
-				<div class="box-body">
-					<dl class="dl-horizontal">
-						<dt>Template name</dt>
-						<dd>Enter your template name, this is the name of the template that
-							will be shown to users. The name should not have any spaces but
-							can have symbols.</dd>
-						<dt>Template description</dt>
-						<dd>Enter your template description, this is to help better
-							identify the template.</dd>
-					</dl>
-				</div>
-			</div>
-		</div>
-	</div>
+  <div class="container-fluid">
+    {% with errors = get_flashed_messages(category_filter=["error"]) %}
+      {% if errors %}
+        <div class="row">
+          <div class="col-12">
+            <div class="alert alert-danger alert-dismissible">
+              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+              <h4>
+                <i class="fa-solid fa-ban"></i> Error!
+              </h4>
+              <div class="alert-message block-message error">
+                <a class="close" href="#">x</a>
+              <ul>
+                {%- for msg in errors %}
+                  <li>{{ msg }}</li>
+                {% endfor -%}
+              </ul>
+            </div>
+          </div>
+        </div>
+      {% endif %}
+    {% endwith %}
+    <div class="row">
+      <div class="col-4">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Create new template</h3>
+          </div>
+          <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="card-body">
+              <div class="form-group">
+                <input type="text" class="form-control" name="name" id="name"
+                placeholder="Enter a valid template name (required)">
+              </div>
+              <div class="form-group">
+                <input type="text" class="form-control" name="description" id="description"
+                placeholder="Enter a template description (optional)">
+              </div>
+            </div>
+            <div class="card-footer">
+              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.templates') }}'">
+                Cancel
+              </button>
+              <button type="submit" class="btn btn-primary float-right">
+                <i class="fa-solid fa-save"></i>&nbsp;Save
+              </button>
+            </div>
+          </form>
+        </div>
+      </div>
+      <div class="col-8">
+        <div class="card">
+          <div class="card-header">
+            <h3 class="card-title">Help with creating a new template</h3>
+          </div>
+          <div class="card-body">
+            <dl class="dl-horizontal">
+              <dt>Template name</dt>
+              <dd>Enter your template name, this is the name of the template that
+                will be shown to users. The name should not have any spaces but
+                can have symbols.</dd>
+              <dt>Template description</dt>
+              <dd>Enter your template description, this is to help better
+                identify the template.</dd>
+            </dl>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
-	$("input[name=radio_type]").change(function () {
-		var type = $(this).val();
-		if (type == "slave") {
-			$("#domain_master_address_div").show();
-		} else {
-			$("#domain_master_address_div").hide();
-		}
-	});
+  $("input[name=radio_type]").change(function () {
+    var type = $(this).val();
+    if (type == "secondary") {
+      $("#domain_primary_address_div").show();
+    } else {
+      $("#domain_primary_address_div").hide();
+    }
+  });
 </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 89faebcd2..92addf107 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -1,38 +1,52 @@
 {% extends "base.html" %}
+
 {% set active_page = "admin_domain_template" %}
-{% block title %}<title>Edit Template - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block title %}
+  <title>
+    Edit Template - {{ SITE_NAME }}
+  </title>
+{% endblock %}
 
 {% block dashboard_stat %}
-<section class="content-header">
-    <h1>
-        Edit template <small>{{ template }}</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i
-                class="fa fa-dashboard"></i> Home</a></li>
-        <li>Templates</li>
-        <li class="active">{{ template }}</li>
-    </ol>
-</section>
+<div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            Template Edit
+            <small>{{ template }}</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+            <li class="breadcrumb-item active">Template Edit: {{ template }}</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
 
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-xs-12">
-            <div class="box">
-                <div class="box-header">
-                    <h3 class="box-title">Manage Template Records for {{ template }}</h3>
+        <div class="col-12">
+            <div class="card">
+                <div class="card-header">
+                    <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                 </div>
-                <div class="box-body">
-                    <button type="button" class="btn btn-flat btn-primary pull-left button_add_record" id="{{ template }}">
-                        Add Record&nbsp;<i class="fa fa-plus"></i>
+                <div class="card-body">
+                    <button type="button" class="btn btn-primary float-left button_add_record" id="{{ template }}">
+                        <i class="fa-solid fa-plus"></i>&nbsp;Add Record
                     </button>
-                    <button type="button" class="btn btn-flat btn-primary pull-right button_apply_changes" id="{{ template }}">
-                        Apply Changes&nbsp;<i class="fa fa-floppy-o"></i>
+                    <button type="button" class="btn btn-primary float-right button_apply_changes" id="{{ template }}">
+                        <i class="fa-solid fa-save"></i>&nbsp;Save Changes
                     </button>
                 </div>
-                <div class="box-body">
+                <div class="card-body">
                     <table id="tbl_records" class="table table-bordered table-striped">
                         <thead>
                             <tr>
@@ -69,17 +83,17 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
                                         {{ record.comment }}
                                     </td>
                                     <td width="6%">
-                                         <button type="button" class="btn btn-flat btn-warning button_edit">
-                                            Edit&nbsp;<i class="fa fa-edit"></i>
+                                         <button type="button" class="btn btn-warning button_edit">
+                                            <i class="fa-solid fa-edit"></i>&nbsp;Edit
                                         </button>
                                     </td>
                                     <td width="6%">
-                                        <button type="button" class="btn btn-flat btn-danger button_delete">
-                                            Delete&nbsp;<i class="fa fa-trash"></i>
+                                        <button type="button" class="btn btn-danger button_delete">
+                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete
                                         </button>
                                     </td>
                                     <td>
-                                    	{{ record.id }}
+                                      {{ record.id }}
                                     </td>
                                     </td>
                                 </tr>
@@ -90,13 +104,14 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
             </div>
         </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
 <script>
     // superglobals
-    window.records_allow_edit = {{ editable_records|tojson }};
-    window.ttl_options = {{ ttl_options|tojson }};
+    window.records_allow_edit = {{ editable_records | tojson }};
+    window.ttl_options = {{ ttl_options | tojson }};
     window.nEditing = null;
     window.nNew = false;
 
@@ -223,7 +238,7 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
 
             // add new row
             var default_type = records_allow_edit[0]
-            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', 3600, '', '', '', '', '0']);
+            var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
             nEditing = nRow;
@@ -415,67 +430,67 @@ <h3 class="box-title">Manage Template Records for {{ template }}</h3>
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left" id="button_delete_cancel"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-danger" id="button_delete_confirm">Delete</button>
+                <button type="button" class="btn btn-secondary float-left" id="button_delete_cancel" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                  Delete
+                </button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_apply_changes">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Confirmation</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Confirmation</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-default pull-left"
-                    data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-flat btn-primary" id="button_apply_confirm">Apply</button>
+                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">
+                  Close
+                </button>
+                <button type="button" class="btn btn-primary" id="button_apply_confirm">
+                  Apply
+                </button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 <div class="modal fade modal-primary" id="modal_custom_record">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal"
+              <h4 class="modal-title">Custom Record</h4>
+              <button type="button" class="close" data-dismiss="modal"
                     aria-label="Close">
                     <span aria-hidden="true">&times;</span>
                 </button>
-                <h4 class="modal-title">Custom Record</h4>
             </div>
             <div class="modal-body">
                 <p></p>
             </div>
             <div class="modal-footer">
-                <button type="button" class="btn btn-flat btn-primary" id="button_save">Save</button>
+                <button type="button" class="btn btn-primary" id="button_save">Save</button>
             </div>
         </div>
-        <!-- /.modal-content -->
     </div>
-    <!-- /.modal-dialog -->
 </div>
 {% endblock %}
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 8570f7e4e..b7bf69f3b 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -1,146 +1,169 @@
 {% extends "base.html" %}
-{% block title %}<title>My Profile - {{ SITE_NAME }}</title>{% endblock %}
+
+{% set active_page = "user_profile" %}
+
+{% block title %}
+  <title>
+    My Profile - {{ SITE_NAME }}
+  </title>
+{% endblock %}
+
 {% block dashboard_stat %}
-<!-- Content Header (Page header) -->
-<section class="content-header">
-    <h1>
-        Profile
-        <small>Edit my profile</small>
-    </h1>
-    <ol class="breadcrumb">
-        <li><a href="{{ url_for('dashboard.dashboard') }}"><i class="fa fa-dashboard"></i>Home</a></li>
-        <li class="active">My Profile</li>
-    </ol>
-</section>
+  <div class="content-header">
+    <div class="container-fluid">
+      <div class="row mb-2">
+        <div class="col-sm-6">
+          <h1 class="m-0 text-dark">
+            User
+            <small>My Profile</small>
+          </h1>
+        </div>
+        <div class="col-sm-6">
+          <ol class="breadcrumb float-sm-right">
+            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+            <li class="breadcrumb-item active">My Profile</li>
+          </ol>
+        </div>
+      </div>
+    </div>
+  </div>
 {% endblock %}
+
 {% block content %}
 <section class="content">
+  <div class="container-fluid">
     <div class="row">
-        <div class="col-lg-12">
-            <div class="box box-primary">
-                <div class="box-header with-border">
-                    <h3 class="box-title">Edit my profile{%  if session['authentication_type'] != 'LOCAL' %} [Disabled -
-                        Authenticated externally]{% endif %}</h3>
+      <div class="col-6">
+        <div class="card">
+          <div class="card-header">
+            <div class="nav-tabs-custom">
+              <ul class="nav nav-tabs" role="tablist">
+                <li class="nav-item">
+                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
+                    Personal Info
+                  </a>
+                </li>
+                {%  if session['authentication_type'] == 'LOCAL' %}
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-password" data-toggle="tab">
+                      Change Password
+                    </a>
+                  </li>
+                {% endif %}
+                {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
+                  <li class="nav-item">
+                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">
+                      Authentication
+                    </a>
+                  </li>
+                {% endif %}
+              </ul>
+              <div class="card-body">
+              <div class="tab-content">
+                <div class="tab-pane fade show active" id="tabs-personal">
+                  <form role="form" method="post" action="{{ user_profile }}">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="form-group">
+                      <label for="firstname">First Name</label>
+                      <input type="text" class="form-control" name="firstname" id="firstname" placeholder="{{ current_user.firstname }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    <div class="form-group">
+                      <label for="lastname">Last Name</label>
+                      <input type="text" class="form-control" name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    <div class="form-group">
+                      <label for="email">E-Mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
+                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                    </div>
+                    {%  if session['authentication_type'] == 'LOCAL' %}
+                      <div class="form-group">
+                        <button type="submit" class="btn btn-primary">
+                          <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
+                        </button>
+                      </div>
+                    {% endif %}
+                  </form>
                 </div>
-                <div class="box-body">
-                    <!-- Custom Tabs -->
-                    <div class="nav-tabs-custom" id="tabs">
-                        <ul class="nav nav-tabs">
-                            <li class="active"><a href="#tabs-personal" data-toggle="tab">Personal
-                                    Info</a></li>
-                            {%  if session['authentication_type'] == 'LOCAL' %}
-                            <li><a href="#tabs-password" data-toggle="tab">Change Password</a></li>
-                            {% endif %}
-                            {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
-                            <li><a href="#tabs-authentication" data-toggle="tab">Authentication</a></li>
-                            {% endif %}
-                        </ul>
-                        <div class="tab-content">
-                            <div class="tab-pane active" id="tabs-personal">
-                                <form role="form" method="post" action="{{ user_profile }}">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <label for="firstname">First Name</label> <input type="text"
-                                            class="form-control" name="firstname" id="firstname"
-                                            placeholder="{{ current_user.firstname }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="lastname">Last Name</label> <input type="text" class="form-control"
-                                            name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="email">E-mail</label> <input type="email" class="form-control"
-                                            name="email" id="email" placeholder="{{ current_user.email }}"
-                                            {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                                    </div>{%  if session['authentication_type'] == 'LOCAL' %}
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Submit</button>
-                                    </div>{% endif %}
-                                </form>
-                            </div>
-                            {% if session['authentication_type'] == 'LOCAL' %}
-                            <div class="tab-pane" id="tabs-password">
-                                {% if not current_user.password %}
-                                Your account password is managed via LDAP which isn't supported to change here.
-                                {% else %}
-                                <form action="{{ user_profile }}" method="post">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <label for="password">New Password</label> <input type="password"
-                                            class="form-control" name="password" id="newpassword" />
-                                    </div>
-                                    <div class="form-group">
-                                        <label for="rpassword">Re-type New Password</label> <input type="password"
-                                            class="form-control" name="rpassword" id="rpassword" />
-                                    </div>
-                                    <div class="form-group">
-                                        <button type="submit" class="btn btn-flat btn-primary">Change Password</button>
-                                    </div>
-                                </form>
-                                {% endif %}
-                            </div>
-                            {% endif %}
-                            <!-- {% if session['authentication_type'] in ['LOCAL', 'LDAP'] %} -->
-                            <div class="tab-pane" id="tabs-authentication">
-                                <form action="{{ user_profile }}" method="post">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <div class="form-group">
-                                        <input type="checkbox" id="otp_toggle" class="otp_toggle"
-                                            {% if current_user.otp_secret %}checked{% endif %}>
-                                        <label for="otp_toggle">Enable Two Factor Authentication</label>
-                                        {% if current_user.otp_secret %}
-                                        <div id="token_information">
-                                            <p><img id="qrcode" src="{{ url_for('user.qrcode') }}"></p>
-                                            <div style="position: relative; left: 15px">
-                                                Your secret key is: <br />
-                                                <form>
-                                                    <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
-                                                    <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
-                                                    <br /><font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
-                                                </form>
-                                            </div>
-                                            You can use Google Authenticator (<a target="_blank"
-                                                href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
-                                            - <a target="_blank"
-                                                href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
-                                            or FreeOTP (<a target="_blank"
-                                                href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
-                                            - <a target="_blank"
-                                                href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>)
-                                            on your smartphone to scan the QR code.
-                                            <br />
-                                            <font color="red"><strong><i>Make sure only you can see this QR Code and secret key and
-                                                        nobody can capture them.</i></strong></font>
-                                        </div>
-                                        {% endif %}
-                                    </div>
-                                </form>
-                            </div>
-                            <!-- {% endif %} -->
+                {% if session['authentication_type'] == 'LOCAL' %}
+                  <div class="tab-pane fade" id="tabs-password">
+                    {% if not current_user.password %}
+                      Your account password is managed via LDAP which isn't supported to change here.
+                    {% else %}
+                      <form action="{{ user_profile }}" method="post">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="form-group">
+                          <label for="password">New Password</label>
+                          <input type="password" class="form-control" name="password" id="newpassword">
                         </div>
+                        <div class="form-group">
+                          <label for="rpassword">Re-type New Password</label>
+                          <input type="password" class="form-control" name="rpassword" id="rpassword">
+                        </div>
+                        <div class="form-group">
+                          <button type="submit" class="btn btn-primary">
+                            <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
+                          </button>
+                        </div>
+                      </form>
+                    {% endif %}
+                  </div>
+                {% endif %}
+                <div class="tab-pane fade" id="tabs-authentication">
+                  <form action="{{ user_profile }}" method="post">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="form-group">
+                      <input type="checkbox" id="otp_toggle" class="otp_toggle" {% if current_user.otp_secret %}checked{% endif %}>
+                      <label for="otp_toggle">Enable Two Factor Authentication</label>
+                      {% if current_user.otp_secret %}
+                        <div id="token_information">
+                          <p>
+                            <img id="qrcode" src="{{ url_for('user.qrcode') }}">
+                          </p>
+                          <div style="position: relative; left: 15px">
+                            Your secret key is:
+                            <br />
+                              <form>
+                                <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
+                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()">
+                                  <i class="fa-solid fa-clipboard"></i>
+                                </button>
+                                <br />
+                                <font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
+                              </form>
+                          </div>
+                          You can use Google Authenticator 
+                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><i class="fa-brands fa-google-play"></i>Android</a>
+                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605"><i class="fa-brands fa-app-store-ios"></i>iOS</a>)
+                           or FreeOTP 
+                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en"><i class="fa-brands fa-google-play"></i>Android</a>
+                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8"><i class="fa-brands fa-app-store-ios"></i>iOS</a>) 
+                           on your smartphone to scan the QR code.
+                           <br />
+                          <font color="red">
+                            <strong>
+                              <i>Make sure only you can see this QR Code and secret key and
+                                nobody can capture them.
+                              </i>
+                            </strong>
+                          </font>
+                        </div>
+                      {% endif %}
                     </div>
+                  </form>
                 </div>
+              </div>
             </div>
+          </div>
         </div>
+      </div>
     </div>
+  </div>
 </section>
 {% endblock %}
 {% block extrascripts %}
-<!-- TODO: add password and password confirmation comparison check -->
 <script>
-    $(function () {
-        $('#tabs').tabs({
-            // add url anchor tags
-            activate: function (event, ui) {
-                window.location.hash = ui.newPanel.attr('id');
-            }
-        });
-        // re-set active tab (ui)
-        var activeTabIdx = $('#tabs').tabs('option', 'active');
-        $('#tabs li:eq(' + activeTabIdx + ')').tab('show')
-    });
 
     // initialize pretty checkboxes
     $('.otp_toggle').iCheck({
@@ -149,16 +172,19 @@ <h3 class="box-title">Edit my profile{%  if session['authentication_type'] != 'L
     });
 
     // handle checkbox toggling
-    $('.otp_toggle').on('ifToggled', function (event) {
-        var enable_otp = $(this).prop('checked');
-        var postdata = {
-            'action': 'enable_otp',
-            'data': {
-                'enable_otp': enable_otp
-            },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true);
+    $('.otp_toggle').on('ifToggled', function(event) {
+    var enable_otp = $(this).prop('checked');
+    var postdata = {
+        'action': 'enable_otp',
+        'data': {
+            'enable_otp': enable_otp
+        },
+        '_csrf_token': '{{ csrf_token() }}'
+    };
+    applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true, function() {
+        window.location.reload();
+        $('#tabs li:eq(2) a').tab('show');
     });
+  });
 </script>
 {% endblock %}
diff --git a/requirements.txt b/requirements.txt
index 595d9da1f..9087be43d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,21 +1,31 @@
+Flask==2.2.2
+Flask-Assets==2.0
+Flask-Login==0.6.2
+Flask-SQLAlchemy==3.0.2
+Flask-Migrate==4.0.0
+Flask-Mail==0.9.1
+Flask-SSLify==0.1.5
+Flask-Session==0.4.0
+Flask-SeaSurf==1.1.1
+SQLAlchemy==1.4.45
 mysqlclient==2.1.1
-configobj==5.0.6
+configobj==5.0.8
 bcrypt==4.0.1
-requests==2.28.1
+requests==2.28.2
 python-ldap==3.4.3
 pyotp==2.8.0
 qrcode==7.3.1
-dnspython>=1.16.0
+dnspython>=2.3.0
 gunicorn==20.1.0
 python3-saml==1.14.0
-pytz==2022.7
+pytz==2022.7.1
 cssmin==0.2.0
 rjsmin==1.2.1
 Authlib==1.2.0
-Flask-SeaSurf==1.1.1
 bravado-core==5.17.1
-jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
+pytest==7.2.1
+jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 pytimeparse==1.1.8
 alembic==1.9.0
 certifi==2022.12.7
@@ -24,16 +34,11 @@ passlib==1.7.4
 pyasn1==0.4.8
 webcolors==1.12
 zipp==3.11.0
-Flask==2.2.2
-Flask-Assets==2.0
-Flask-Login==0.6.2
-Flask-SQLAlchemy==3.0.2
-Flask-Migrate==4.0.0
-SQLAlchemy==1.4.45
 pyOpenSSL==22.1.0
 PyYAML==6.0
-Flask-Mail==0.9.1
-Flask-SSLify==0.1.5
-Flask-Session==0.4.0
-lxml==4.6.5
-pytest==7.2.0
+Jinja2==3.1.2
+itsdangerous==2.1.2
+werkzeug==2.2.2
+cryptography==38.0.0
+flask_session_captcha==1.3.0
+lxml==4.6.5
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 733fb83c1..6225dfe8a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2,333 +2,339 @@
 # yarn lockfile v1
 
 
-JSONStream@^1.0.3:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.3.tgz#27b4b8fbbfeab4e71bcf551e7f27be8d952239bf"
+"@foliojs-fork/fontkit@^1.9.1":
+  version "1.9.1"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/fontkit/-/fontkit-1.9.1.tgz#8124649168eb5273f580f66697a139fb5041296b"
+  integrity sha512-U589voc2/ROnvx1CyH9aNzOQWJp127JGU1QAylXGQ7LoEAF6hMmahZLQ4eqAcgHUw+uyW4PjtCItq9qudPkK3A==
+  dependencies:
+    "@foliojs-fork/restructure" "^2.0.2"
+    brfs "^2.0.0"
+    brotli "^1.2.0"
+    browserify-optional "^1.0.1"
+    clone "^1.0.4"
+    deep-equal "^1.0.0"
+    dfa "^1.2.0"
+    tiny-inflate "^1.0.2"
+    unicode-properties "^1.2.2"
+    unicode-trie "^2.0.0"
+
+"@foliojs-fork/linebreak@^1.1.1":
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/linebreak/-/linebreak-1.1.1.tgz#93ecd695b7d2bb0334b9481058c3e610e019a4eb"
+  integrity sha512-pgY/+53GqGQI+mvDiyprvPWgkTlVBS8cxqee03ejm6gKAQNsR1tCYCIvN9FHy7otZajzMqCgPOgC4cHdt4JPig==
+  dependencies:
+    base64-js "1.3.1"
+    brfs "^2.0.2"
+    unicode-trie "^2.0.0"
+
+"@foliojs-fork/pdfkit@^0.13.0":
+  version "0.13.0"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/pdfkit/-/pdfkit-0.13.0.tgz#54f5368d8cf74d8edc81a175ccda1fd9655f2db9"
+  integrity sha512-YXeG1fml9k97YNC9K8e292Pj2JzGt9uOIiBFuQFxHsdQ45BlxW+JU3RQK6JAvXU7kjhjP8rCcYvpk36JLD33sQ==
   dependencies:
-    jsonparse "^1.2.0"
-    through ">=2.2.7 <3"
+    "@foliojs-fork/fontkit" "^1.9.1"
+    "@foliojs-fork/linebreak" "^1.1.1"
+    crypto-js "^4.0.0"
+    png-js "^1.0.0"
+
+"@foliojs-fork/restructure@^2.0.2":
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4"
+  integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA==
+
+"@fortawesome/fontawesome-free@6.3.0":
+  version "6.3.0"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.3.0.tgz#b5877182692a6f7a39d1108837bec24247ba4bd7"
+  integrity sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA==
+
+"@fortawesome/fontawesome-free@^5.15.4":
+  version "5.15.4"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-5.15.4.tgz#ecda5712b61ac852c760d8b3c79c96adca5554e5"
+  integrity sha512-eYm8vijH/hpzr/6/1CJ/V/Eb1xQFW2nnUKArb3z+yUWv7HTwj6M7SP957oMjfZjAHU6qpoNc2wQvIxBLWYa/Jg==
+
+"@lgaitan/pace-progress@^1.0.7":
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/@lgaitan/pace-progress/-/pace-progress-1.0.7.tgz#c96fbbd9fd4cf528feed34ea0c8f9d8b3e98f0dd"
+  integrity sha512-GMoTcF6WBpno7a7Iyx7M79os26d5bCDbh7YTZmXZM8YuLR3DDtwo0/CBYddStGD6QIBTieFDz4IAQiO0dAdRGw==
+
+"@sweetalert2/theme-bootstrap-4@^5.0.8":
+  version "5.0.15"
+  resolved "https://registry.yarnpkg.com/@sweetalert2/theme-bootstrap-4/-/theme-bootstrap-4-5.0.15.tgz#bede688c13784acf73e01352e00d3e7fb8d69e01"
+  integrity sha512-WsGXk67Yz3Txe3lJA4FNqQCKbQQ6yJLpVUknyGcoESVvwHm+UBBlIMHAcKuLvF+WXK9Rbq8gXhpDIU8ISoiPlQ==
+
+"@ttskch/select2-bootstrap4-theme@^1.5.2":
+  version "1.5.2"
+  resolved "https://registry.yarnpkg.com/@ttskch/select2-bootstrap4-theme/-/select2-bootstrap4-theme-1.5.2.tgz#3b4519b349f3e7831c28752a1e9617312a192656"
+  integrity sha512-gAj8qNy/VYwQDBkACm0USM66kxFai8flX83ayRXPNhzZckEgSqIBB9sM74SCM3ssgeX+ZVy4BifTnLis+KpIyg==
 
-acorn-node@^1.2.0, acorn-node@^1.3.0:
+acorn-node@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/acorn-node/-/acorn-node-1.3.0.tgz#5f86d73346743810ef1269b901dbcbded020861b"
   dependencies:
     acorn "^5.4.1"
     xtend "^4.0.1"
 
-acorn@^4.0.3:
-  version "4.0.13"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.13.tgz#105495ae5361d697bd195c825192e1ad7f253787"
-
 acorn@^5.4.1:
   version "5.6.2"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.6.2.tgz#b1da1d7be2ac1b4a327fb9eab851702c5045b4e7"
 
-admin-lte@2.4.9:
-  version "2.4.9"
-  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-2.4.9.tgz#effc04dbb587ccb7d674d4cf663cc141f925ed73"
-  integrity sha512-+u3zt5sWPPT8HmBvRg4F8IGZPaE5wD0K10+IjXoynfe/jEUrMMj+4eA1LGH9fMK6QulmFr1NCtc1Tk+mTgC24A==
-  dependencies:
-    bootstrap "^3.4.0"
-    bootstrap-colorpicker "^2.5.3"
-    bootstrap-datepicker "^1.8.0"
-    bootstrap-daterangepicker "^2.1.25"
-    bootstrap-slider "^9.8.0"
-    bootstrap-timepicker "^0.5.2"
-    chart.js "1.0.*"
-    ckeditor "^4.11.2"
-    datatables.net "^1.10.19"
-    datatables.net-bs "^1.10.19"
+admin-lte@3.2.0:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/admin-lte/-/admin-lte-3.2.0.tgz#9be383a6418c2323828466ab95af0eb083e4a597"
+  integrity sha512-IDUfoU8jo9DVlB59lDEASAJXTesAEXDZ68DOHI3qg93r5ehVTkMl2x0ixgIyff8NiHeNYXpcOZh3tr6oGbvu9g==
+  dependencies:
+    "@fortawesome/fontawesome-free" "^5.15.4"
+    "@lgaitan/pace-progress" "^1.0.7"
+    "@sweetalert2/theme-bootstrap-4" "^5.0.8"
+    "@ttskch/select2-bootstrap4-theme" "^1.5.2"
+    bootstrap "^4.6.1"
+    bootstrap-colorpicker "^3.4.0"
+    bootstrap-slider "^11.0.2"
+    bootstrap-switch "3.3.4"
+    bootstrap4-duallistbox "^4.0.2"
+    bs-custom-file-input "^1.3.4"
+    bs-stepper "^1.7.0"
+    chart.js "^2.9.4"
+    codemirror "^5.65.1"
+    datatables.net "^1.11.4"
+    datatables.net-autofill-bs4 "^2.3.9"
+    datatables.net-bs4 "^1.11.4"
+    datatables.net-buttons-bs4 "^2.2.2"
+    datatables.net-colreorder-bs4 "^1.5.5"
+    datatables.net-fixedcolumns-bs4 "^4.0.1"
+    datatables.net-fixedheader-bs4 "^3.2.1"
+    datatables.net-keytable-bs4 "^2.6.4"
+    datatables.net-responsive-bs4 "^2.2.9"
+    datatables.net-rowgroup-bs4 "^1.1.4"
+    datatables.net-rowreorder-bs4 "^1.2.8"
+    datatables.net-scroller-bs4 "^2.0.5"
+    datatables.net-searchbuilder-bs4 "^1.3.1"
+    datatables.net-searchpanes-bs4 "^1.4.0"
+    datatables.net-select-bs4 "^1.3.4"
+    daterangepicker "^3.1.0"
+    dropzone "^5.9.3"
+    ekko-lightbox "^5.3.0"
     fastclick "^1.0.6"
-    flot "^0.8.3"
-    font-awesome "^4.7.0"
-    fullcalendar "^3.10.0"
-    inputmask "^3.3.7"
-    ion-rangeslider "^2.3.0"
-    ionicons "^3.0.0"
-    jquery "^3.2.1"
-    jquery-knob "^1.2.11"
-    jquery-sparkline "^2.4.0"
-    jquery-ui "^1.12.1"
-    jvectormap "^1.2.2"
-    moment "^2.24.0"
-    morris.js "^0.5.0"
-    pace "0.0.4"
-    raphael "^2.2.7"
-    select2 "^4.0.3"
-    slimscroll "^0.9.1"
-
-almond@~0.3.1:
-  version "0.3.3"
-  resolved "https://registry.yarnpkg.com/almond/-/almond-0.3.3.tgz#a0e7c95ac7624d6417b4494b1e68bff693168a20"
-
-asn1.js@^4.0.0:
-  version "4.10.1"
-  resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
-  dependencies:
-    bn.js "^4.0.0"
-    inherits "^2.0.1"
-    minimalistic-assert "^1.0.0"
-
-assert@^1.4.0:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91"
-  dependencies:
-    util "0.10.3"
+    filterizr "^2.2.4"
+    flag-icon-css "^4.1.7"
+    flot "^4.2.2"
+    fs-extra "^10.0.0"
+    fullcalendar "^5.10.1"
+    icheck-bootstrap "^3.0.1"
+    inputmask "^5.0.7"
+    ion-rangeslider "^2.3.1"
+    jquery "^3.6.0"
+    jquery-knob-chif "^1.2.13"
+    jquery-mapael "^2.2.0"
+    jquery-mousewheel "^3.1.13"
+    jquery-ui-dist "^1.13.0"
+    jquery-validation "^1.19.3"
+    jqvmap-novulnerability "^1.5.1"
+    jsgrid "^1.5.3"
+    jszip "^3.7.1"
+    moment "^2.29.1"
+    overlayscrollbars "^1.13.1"
+    pdfmake "^0.2.4"
+    popper.js "^1.16.1"
+    raphael "^2.3.0"
+    select2 "^4.0.13"
+    sparklines "^1.3.0"
+    summernote "^0.8.20"
+    sweetalert2 "^11.4.0"
+    tempusdominus-bootstrap-4 "^5.39.0"
+    toastr "^2.1.4"
+    uplot "^1.6.18"
+
+amdefine@>=0.0.4:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5"
+  integrity sha512-S2Hw0TtNkMJhIabBwIojKL9YHO5T0n5eNqWJ7Lrlel/zDbftQpxpapi8tZs3X1HWa+u+QeydGmzzNU0m09+Rcg==
 
-astw@^2.0.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/astw/-/astw-2.2.0.tgz#7bd41784d32493987aeb239b6b4e1c57a873b917"
+array-from@^2.1.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/array-from/-/array-from-2.1.1.tgz#cfe9d8c26628b9dc5aecc62a9f5d8f1f352c1195"
+  integrity sha512-GQTc6Uupx1FCavi5mPzBvVT7nEOeWMmUA9P95wpfpW1XwMSKs+KaymD5C2Up7KAUKg/mYwbsUYzdZWcoajlNZg==
+
+ast-transform@0.0.0:
+  version "0.0.0"
+  resolved "https://registry.yarnpkg.com/ast-transform/-/ast-transform-0.0.0.tgz#74944058887d8283e189d954600947bc98fe0062"
+  integrity sha512-e/JfLiSoakfmL4wmTGPjv0HpTICVmxwXgYOB8x+mzozHL8v+dSfCbrJ8J8hJ0YBP0XcYu1aLZ6b/3TnxNK3P2A==
   dependencies:
-    acorn "^4.0.3"
+    escodegen "~1.2.0"
+    esprima "~1.0.4"
+    through "~2.3.4"
 
-balanced-match@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
+ast-types@^0.7.0:
+  version "0.7.8"
+  resolved "https://registry.yarnpkg.com/ast-types/-/ast-types-0.7.8.tgz#902d2e0d60d071bdcd46dc115e1809ed11c138a9"
+  integrity sha512-RIOpVnVlltB6PcBJ5BMLx+H+6JJ/zjDGU0t7f0L6c2M1dqcK92VQopLBlPQ9R80AVXelfqYgjcPLtHtDbNFg0Q==
 
-base64-js@^1.0.2:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.0.tgz#cab1e6118f051095e58b5281aea8c1cd22bfc0e3"
+base64-js@1.3.1:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1"
+  integrity sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==
 
-bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.11.9:
-  version "4.12.0"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88"
-  integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
+base64-js@^1.1.2, base64-js@^1.3.0:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
+  integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
 
-bootstrap-colorpicker@^2.5.3:
-  version "2.5.3"
-  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-2.5.3.tgz#b50aff8590fbaa6b5aa63a5624e4213f1659a49d"
-  integrity sha512-xdllX8LSMvKULs3b8JrgRXTvyvjkSMHHHVuHjjN5FNMqr6kRe5NPiMHFmeAFjlgDF73MspikudLuEwR28LbzLw==
+bootstrap-colorpicker@^3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-colorpicker/-/bootstrap-colorpicker-3.4.0.tgz#3d1873071542755a9b31cf5b314f771e2fcc7727"
+  integrity sha512-7vA0hvLrat3ptobEKlT9+6amzBUJcDAoh6hJRQY/AD+5dVZYXXf1ivRfrTwmuwiVLJo9rZwM8YB4lYzp6agzqg==
   dependencies:
-    jquery ">=1.10"
+    bootstrap ">=4.0"
+    jquery ">=2.2"
+    popper.js ">=1.10"
 
-bootstrap-datepicker@^1.8.0:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.8.0.tgz#c63513931e6f09f16ae9f11b62f32d950df3958e"
-  integrity sha512-213St/G8KT3mjs4qu4qwww74KWysMaIeqgq5OhrboZjIjemIpyuxlSo9FNNI5+KzpkkxkRRba+oewiRGV42B1A==
+bootstrap-datepicker@^1.9.0:
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/bootstrap-datepicker/-/bootstrap-datepicker-1.9.0.tgz#e4bfce3fcce1967876b21dc6833ec5994aaed090"
+  integrity sha512-9rYYbaVOheGYxjOr/+bJCmRPihfy+LkLSg4fIFMT9Od8WwWB/MB50w0JO1eBgKUMbb7PFHQD5uAfI3ArAxZRXA==
   dependencies:
     jquery ">=1.7.1 <4.0.0"
 
-bootstrap-daterangepicker@^2.1.25:
-  version "2.1.30"
-  resolved "https://registry.yarnpkg.com/bootstrap-daterangepicker/-/bootstrap-daterangepicker-2.1.30.tgz#f893dbfff5a4d7dfaab75460e8ea6969bb89689a"
-  dependencies:
-    jquery ">=1.10"
-    moment "^2.9.0"
+bootstrap-slider@^11.0.2:
+  version "11.0.2"
+  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-11.0.2.tgz#4b167c165f322339cc66f0c7166b5a39e289e251"
+  integrity sha512-CdwS+Z6X79OkLes9RfDgPB9UIY/+81wTkm6ktdSB6hdyiRbjJLFQIjZdnEr55tDyXZfgC7U6yeSXkNN9ZdGqjA==
 
-bootstrap-slider@^9.8.0:
-  version "9.10.0"
-  resolved "https://registry.yarnpkg.com/bootstrap-slider/-/bootstrap-slider-9.10.0.tgz#1103d6bc00cfbfa8cfc9a2599ab518c55643da3f"
-
-bootstrap-timepicker@^0.5.2:
-  version "0.5.2"
-  resolved "https://registry.yarnpkg.com/bootstrap-timepicker/-/bootstrap-timepicker-0.5.2.tgz#10ed9f2a2f0b8ccaefcde0fcf6a0738b919a3835"
+bootstrap-switch@3.3.4:
+  version "3.3.4"
+  resolved "https://registry.yarnpkg.com/bootstrap-switch/-/bootstrap-switch-3.3.4.tgz#70e0aeb2a877c0dc766991de108e2170fc29a2ff"
+  integrity sha512-7YQo+Ir6gCUqC36FFp1Zvec5dRF/+obq+1drMtdIMi9Xc84Kx63Evi0kdcp4HfiGsZpiz6IskyYDNlSKcxsL7w==
 
 bootstrap-validator@^0.11.9:
   version "0.11.9"
   resolved "https://registry.yarnpkg.com/bootstrap-validator/-/bootstrap-validator-0.11.9.tgz#fb7058eef53623e78f5aa7967026f98f875a9404"
 
-bootstrap@^3.4.0, bootstrap@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-3.4.1.tgz#c3a347d419e289ad11f4033e3c4132b87c081d72"
-  integrity sha512-yN5oZVmRCwe5aKwzRj6736nSmKDX7pLYwsXiCj/EYmo16hODaBiT4En5btW/jhBF/seV+XMx3aYwukYC3A49DA==
+bootstrap4-duallistbox@^4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/bootstrap4-duallistbox/-/bootstrap4-duallistbox-4.0.2.tgz#c6942e34a39d0d05e436d51ebaf31c9349f119d3"
+  integrity sha512-vQdANVE2NN0HMaZO9qWJy0C7u04uTpAmtUGO3KLq3xAZKCboJweQ437hDTszI6pbYV2olJCGZMbdhvIkBNGeGQ==
 
-brace-expansion@^1.1.7:
-  version "1.1.11"
-  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.11.tgz#3c7fcbf529d87226f3d2f52b966ff5271eb441dd"
-  dependencies:
-    balanced-match "^1.0.0"
-    concat-map "0.0.1"
+bootstrap@4.6.2, bootstrap@^4.6.1:
+  version "4.6.2"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.6.2.tgz#8e0cd61611728a5bf65a3a2b8d6ff6c77d5d7479"
+  integrity sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==
 
-brorand@^1.0.1, brorand@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
-  integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=
+bootstrap@>=4.0:
+  version "5.2.3"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-5.2.3.tgz#54739f4414de121b9785c5da3c87b37ff008322b"
+  integrity sha512-cEKPM+fwb3cT8NzQZYEu4HilJ3anCrWqh3CHAok1p9jXqMPsPTBhU25fBckEJHJ/p+tTxTFTsFQGM+gaHpi3QQ==
 
-browser-pack@^6.0.1:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/browser-pack/-/browser-pack-6.1.0.tgz#c34ba10d0b9ce162b5af227c7131c92c2ecd5774"
+brfs@^2.0.0, brfs@^2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/brfs/-/brfs-2.0.2.tgz#44237878fa82aa479ce4f5fe2c1796ec69f07845"
+  integrity sha512-IrFjVtwu4eTJZyu8w/V2gxU7iLTtcHih67sgEdzrhjLBMHp2uYefUBfdM4k2UvcuWMgV7PQDZHSLeNWnLFKWVQ==
   dependencies:
-    JSONStream "^1.0.3"
-    combine-source-map "~0.8.0"
-    defined "^1.0.0"
-    safe-buffer "^5.1.1"
+    quote-stream "^1.0.1"
+    resolve "^1.1.5"
+    static-module "^3.0.2"
     through2 "^2.0.0"
-    umd "^3.0.0"
 
-browser-resolve@^1.11.0, browser-resolve@^1.7.0:
-  version "1.11.2"
-  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.2.tgz#8ff09b0a2c421718a1051c260b32e48f442938ce"
+brotli@^1.2.0:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/brotli/-/brotli-1.3.3.tgz#7365d8cc00f12cf765d2b2c898716bcf4b604d48"
+  integrity sha512-oTKjJdShmDuGW94SyyaoQvAjf30dZaHnjJ8uAF+u2/vGJkJbJPJAT1gDiOJP5v1Zb6f9KEyW/1HpuaWIXtGHPg==
   dependencies:
-    resolve "1.1.7"
+    base64-js "^1.1.2"
 
-browserify-aes@^1.0.0, browserify-aes@^1.0.4:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/browserify-aes/-/browserify-aes-1.2.0.tgz#326734642f403dabc3003209853bb70ad428ef48"
+browser-resolve@^1.8.1:
+  version "1.11.3"
+  resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.3.tgz#9b7cbb3d0f510e4cb86bdbd796124d28b5890af6"
+  integrity sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==
   dependencies:
-    buffer-xor "^1.0.3"
-    cipher-base "^1.0.0"
-    create-hash "^1.1.0"
-    evp_bytestokey "^1.0.3"
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+    resolve "1.1.7"
 
-browserify-cipher@^1.0.0:
+browserify-optional@^1.0.1:
   version "1.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-cipher/-/browserify-cipher-1.0.1.tgz#8d6474c1b870bfdabcd3bcfcc1934a10e94f15f0"
+  resolved "https://registry.yarnpkg.com/browserify-optional/-/browserify-optional-1.0.1.tgz#1e13722cfde0d85f121676c2a72ced533a018869"
+  integrity sha512-VrhjbZ+Ba5mDiSYEuPelekQMfTbhcA2DhLk2VQWqdcCROWeFqlTcXZ7yfRkXCIl8E+g4gINJYJiRB7WEtfomAQ==
   dependencies:
-    browserify-aes "^1.0.4"
-    browserify-des "^1.0.0"
-    evp_bytestokey "^1.0.0"
+    ast-transform "0.0.0"
+    ast-types "^0.7.0"
+    browser-resolve "^1.8.1"
 
-browserify-des@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-des/-/browserify-des-1.0.1.tgz#3343124db6d7ad53e26a8826318712bdc8450f9c"
-  dependencies:
-    cipher-base "^1.0.1"
-    des.js "^1.0.0"
-    inherits "^2.0.1"
+bs-custom-file-input@^1.3.4:
+  version "1.3.4"
+  resolved "https://registry.yarnpkg.com/bs-custom-file-input/-/bs-custom-file-input-1.3.4.tgz#c275cb8d4f1c02ba026324292509fa9a747dbda8"
+  integrity sha512-NBsQzTnef3OW1MvdKBbMHAYHssCd613MSeJV7z2McXznWtVMnJCy7Ckyc+PwxV6Pk16cu6YBcYWh/ZE0XWNKCA==
 
-browserify-rsa@^4.0.0:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/browserify-rsa/-/browserify-rsa-4.0.1.tgz#21e0abfaf6f2029cf2fafb133567a701d4135524"
-  dependencies:
-    bn.js "^4.1.0"
-    randombytes "^2.0.1"
-
-browserify-sign@^4.0.0:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.0.4.tgz#aa4eb68e5d7b658baa6bf6a57e630cbd7a93d298"
-  dependencies:
-    bn.js "^4.1.1"
-    browserify-rsa "^4.0.0"
-    create-hash "^1.1.0"
-    create-hmac "^1.1.2"
-    elliptic "^6.0.0"
-    inherits "^2.0.1"
-    parse-asn1 "^5.0.0"
-
-browserify-zlib@~0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/browserify-zlib/-/browserify-zlib-0.2.0.tgz#2869459d9aa3be245fe8fe2ca1f46e2e7f54d73f"
-  dependencies:
-    pako "~1.0.5"
-
-browserify@>=3.46.0:
-  version "16.2.2"
-  resolved "https://registry.yarnpkg.com/browserify/-/browserify-16.2.2.tgz#4b1f66ba0e54fa39dbc5aa4be9629142143d91b0"
-  dependencies:
-    JSONStream "^1.0.3"
-    assert "^1.4.0"
-    browser-pack "^6.0.1"
-    browser-resolve "^1.11.0"
-    browserify-zlib "~0.2.0"
-    buffer "^5.0.2"
-    cached-path-relative "^1.0.0"
-    concat-stream "^1.6.0"
-    console-browserify "^1.1.0"
-    constants-browserify "~1.0.0"
-    crypto-browserify "^3.0.0"
-    defined "^1.0.0"
-    deps-sort "^2.0.0"
-    domain-browser "^1.2.0"
-    duplexer2 "~0.1.2"
-    events "^2.0.0"
-    glob "^7.1.0"
-    has "^1.0.0"
-    htmlescape "^1.1.0"
-    https-browserify "^1.0.0"
-    inherits "~2.0.1"
-    insert-module-globals "^7.0.0"
-    labeled-stream-splicer "^2.0.0"
-    mkdirp "^0.5.0"
-    module-deps "^6.0.0"
-    os-browserify "~0.3.0"
-    parents "^1.0.1"
-    path-browserify "~0.0.0"
-    process "~0.11.0"
-    punycode "^1.3.2"
-    querystring-es3 "~0.2.0"
-    read-only-stream "^2.0.0"
-    readable-stream "^2.0.2"
-    resolve "^1.1.4"
-    shasum "^1.0.0"
-    shell-quote "^1.6.1"
-    stream-browserify "^2.0.0"
-    stream-http "^2.0.0"
-    string_decoder "^1.1.1"
-    subarg "^1.0.0"
-    syntax-error "^1.1.1"
-    through2 "^2.0.0"
-    timers-browserify "^1.0.1"
-    tty-browserify "0.0.1"
-    url "~0.11.0"
-    util "~0.10.1"
-    vm-browserify "^1.0.0"
-    xtend "^4.0.0"
+bs-stepper@^1.7.0:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/bs-stepper/-/bs-stepper-1.7.0.tgz#bfa4cc51c4e67957caae57f5bdcba1977186bac1"
+  integrity sha512-+DX7UKKgw2GI6ucsSCRd19VHYrxf/8znRCLs1lQVVLxz+h7EqgIOxoHcJ0/QTaaNoR9Cwg78ydo6hXIasyd3LA==
+
+buffer-equal@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-0.0.1.tgz#91bc74b11ea405bc916bc6aa908faafa5b4aac4b"
+  integrity sha512-RgSV6InVQ9ODPdLWJ5UAqBqJBOg370Nz6ZQtRzpt6nUjc8v0St97uJ4PYC6NztqIScrAXafKM3mZPMygSe1ggA==
 
 buffer-from@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.0.tgz#87fcaa3a298358e0ade6e442cfce840740d1ad04"
 
-buffer-xor@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/buffer-xor/-/buffer-xor-1.0.3.tgz#26e61ed1422fb70dd42e6e36729ed51d855fe8d9"
-
-buffer@^5.0.2:
-  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.1.0.tgz#c913e43678c7cb7c8bd16afbcddb6c5505e8f9fe"
+call-bind@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/call-bind/-/call-bind-1.0.2.tgz#b1d4e89e688119c3c9a903ad30abb2f6a919be3c"
+  integrity sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==
   dependencies:
-    base64-js "^1.0.2"
-    ieee754 "^1.1.4"
-
-builtin-status-codes@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
-
-cached-path-relative@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.1.0.tgz#865576dfef39c0d6a7defde794d078f5308e3ef3"
-  integrity sha512-WF0LihfemtesFcJgO7xfOoOcnWzY/QHR4qeDqV44jPU3HTI54+LnfXK3SA27AVVGCdZFgjjFFaqUA9Jx7dMJZA==
+    function-bind "^1.1.1"
+    get-intrinsic "^1.0.2"
 
-charm@~0.1.0:
-  version "0.1.2"
-  resolved "https://registry.yarnpkg.com/charm/-/charm-0.1.2.tgz#06c21eed1a1b06aeb67553cdc53e23274bac2296"
+chart.js@^2.9.4:
+  version "2.9.4"
+  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-2.9.4.tgz#0827f9563faffb2dc5c06562f8eb10337d5b9684"
+  integrity sha512-B07aAzxcrikjAPyV+01j7BmOpxtQETxTSlQ26BEYJ+3iUkbNKaOJ/nDbT6JjyqYxseM0ON12COHYdU2cTIjC7A==
+  dependencies:
+    chartjs-color "^2.1.0"
+    moment "^2.10.2"
 
-chart.js@1.0.*:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/chart.js/-/chart.js-1.0.2.tgz#ad57d2229cfd8ccf5955147e8121b4911e69dfe7"
+chartjs-color-string@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/chartjs-color-string/-/chartjs-color-string-0.6.0.tgz#1df096621c0e70720a64f4135ea171d051402f71"
+  integrity sha512-TIB5OKn1hPJvO7JcteW4WY/63v6KwEdt6udfnDE9iCAZgy+V4SrbSxoIbTw/xkUIapjEI4ExGtD0+6D3KyFd7A==
+  dependencies:
+    color-name "^1.0.0"
 
-cipher-base@^1.0.0, cipher-base@^1.0.1, cipher-base@^1.0.3:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/cipher-base/-/cipher-base-1.0.4.tgz#8760e4ecc272f4c363532f926d874aae2c1397de"
+chartjs-color@^2.1.0:
+  version "2.4.1"
+  resolved "https://registry.yarnpkg.com/chartjs-color/-/chartjs-color-2.4.1.tgz#6118bba202fe1ea79dd7f7c0f9da93467296c3b0"
+  integrity sha512-haqOg1+Yebys/Ts/9bLo/BqUcONQOdr/hoEr2LLTRl6C5LXctUdHxsCYfvQVg5JIxITrfCNUDr4ntqmQk9+/0w==
   dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+    chartjs-color-string "^0.6.0"
+    color-convert "^1.9.3"
 
-ckeditor@^4.11.2:
-  version "4.11.3"
-  resolved "https://registry.yarnpkg.com/ckeditor/-/ckeditor-4.11.3.tgz#91f66d7ddb5bff3874514fe539779686874ed655"
-  integrity sha512-v6G+v16WAcukKuQH6m+trA9RCOQntFM2nxPO/GFiLYsdD/5IbZAZ2n7GwMxQmxDXpx4AixpnMWF+yAE1t9wq6Q==
+clone@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.4.tgz#da309cc263df15994c688ca902179ca3c7cd7c7e"
+  integrity sha512-JQHZ2QMW6l3aH/j6xCqQThY/9OH4D/9ls34cgkUBiEeocRTU04tHfKPBsUK1PqZCUQM7GiA0IIXJSuXHI64Kbg==
 
-classie@>=0.0.1:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/classie/-/classie-1.0.0.tgz#fc9b29b47e64e374a2062fb624d05a61cd703ab2"
+codemirror@^5.65.1:
+  version "5.65.11"
+  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.65.11.tgz#c818edc3274788c008f636520c5490a1f7009b4f"
+  integrity sha512-Gp62g2eKSCHYt10axmGhKq3WoJSvVpvhXmowNq7pZdRVowwtvBR/hi2LSP5srtctKkRT33T6/n8Kv1UGp7JW4A==
 
-combine-source-map@^0.8.0, combine-source-map@~0.8.0:
-  version "0.8.0"
-  resolved "https://registry.yarnpkg.com/combine-source-map/-/combine-source-map-0.8.0.tgz#a58d0df042c186fcf822a8e8015f5450d2d79a8b"
+color-convert@^1.9.3:
+  version "1.9.3"
+  resolved "https://registry.yarnpkg.com/color-convert/-/color-convert-1.9.3.tgz#bb71850690e1f136567de629d2d5471deda4c1e8"
+  integrity sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==
   dependencies:
-    convert-source-map "~1.1.0"
-    inline-source-map "~0.6.0"
-    lodash.memoize "~3.0.3"
-    source-map "~0.5.3"
+    color-name "1.1.3"
 
-concat-map@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
+color-name@1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25"
+  integrity sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==
 
-concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0:
+color-name@^1.0.0:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
+  integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
+
+concat-stream@~1.6.0:
   version "1.6.2"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
   dependencies:
@@ -337,278 +343,604 @@ concat-stream@^1.6.0, concat-stream@^1.6.1, concat-stream@~1.6.0:
     readable-stream "^2.2.2"
     typedarray "^0.0.6"
 
-console-browserify@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/console-browserify/-/console-browserify-1.1.0.tgz#f0241c45730a9fc6323b206dbf38edc741d0bb10"
-  dependencies:
-    date-now "^0.1.4"
-
-constants-browserify@~1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/constants-browserify/-/constants-browserify-1.0.0.tgz#c20b96d8c617748aaf1c16021760cd27fcb8cb75"
-
-convert-source-map@~1.1.0:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.1.3.tgz#4829c877e9fe49b3161f3bf3673888e204699860"
+convert-source-map@^1.5.1:
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.9.0.tgz#7faae62353fb4213366d0ca98358d22e8368b05f"
+  integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==
 
 core-util-is@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
 
-create-ecdh@^4.0.0:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.3.tgz#c9111b6f33045c4697f144787f9254cdc77c45ff"
+crypto-js@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
+  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
+
+d@1, d@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/d/-/d-1.0.1.tgz#8698095372d58dbee346ffd0c7093f99f8f9eb5a"
+  integrity sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==
   dependencies:
-    bn.js "^4.1.0"
-    elliptic "^6.0.0"
+    es5-ext "^0.10.50"
+    type "^1.0.1"
 
-create-hash@^1.1.0, create-hash@^1.1.2:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
+dash-ast@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/dash-ast/-/dash-ast-2.0.1.tgz#8d0fd2e601c59bf874cc22877ee7dd889f54dee8"
+  integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
+
+datatables.net-autofill-bs4@^2.3.9:
+  version "2.5.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill-bs4/-/datatables.net-autofill-bs4-2.5.1.tgz#2c5fefe6076f95bf40313a8ec4cad4c36a4b20df"
+  integrity sha512-5oCgfpte/IEPFKBGGEuEKE0qVmSkKCJ8bkqNOKLghemado5ldOcU9WZysVyk3L72nQMHnXlB4CNex6qj9Snu5w==
   dependencies:
-    cipher-base "^1.0.1"
-    inherits "^2.0.1"
-    md5.js "^1.3.4"
-    ripemd160 "^2.0.1"
-    sha.js "^2.4.0"
+    datatables.net-autofill ">=2.4.0"
+    datatables.net-bs4 ">=1.12.1"
+    jquery ">=1.7"
 
-create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
-  version "1.1.7"
-  resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
-  dependencies:
-    cipher-base "^1.0.3"
-    create-hash "^1.1.0"
-    inherits "^2.0.1"
-    ripemd160 "^2.0.0"
-    safe-buffer "^5.0.1"
-    sha.js "^2.4.8"
-
-crypto-browserify@^3.0.0:
-  version "3.12.0"
-  resolved "https://registry.yarnpkg.com/crypto-browserify/-/crypto-browserify-3.12.0.tgz#396cf9f3137f03e4b8e532c58f698254e00f80ec"
-  dependencies:
-    browserify-cipher "^1.0.0"
-    browserify-sign "^4.0.0"
-    create-ecdh "^4.0.0"
-    create-hash "^1.1.0"
-    create-hmac "^1.1.0"
-    diffie-hellman "^5.0.0"
-    inherits "^2.0.1"
-    pbkdf2 "^3.0.3"
-    public-encrypt "^4.0.0"
-    randombytes "^2.0.0"
-    randomfill "^1.0.3"
-
-datatables.net-bs@^1.10.19:
-  version "1.10.19"
-  resolved "https://registry.yarnpkg.com/datatables.net-bs/-/datatables.net-bs-1.10.19.tgz#08763b4e4d0cef1a427d019dc15e717c7ed67a4d"
-  integrity sha512-5gxoI2n+duZP06+4xVC2TtH6zcY369/TRKTZ1DdSgDcDUl4OYQsrXCuaLJmbVzna/5Y5lrMmK7CxgvYgIynICA==
-  dependencies:
-    datatables.net "1.10.19"
+datatables.net-autofill@>=2.4.0:
+  version "2.5.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill/-/datatables.net-autofill-2.5.1.tgz#8a92a180b9174c8061700d66e26dece2a650f9b1"
+  integrity sha512-HuBx0KOxQVmQooQahlsi3a9DXhZB+kvRtC5ZPjDVKiJ1rV3NCc4Q/s4Q6Go4TjKd013uFcifLca9GJnbpx4wng==
+  dependencies:
+    datatables.net ">=1.12.1"
     jquery ">=1.7"
 
-datatables.net-plugins@^1.10.19:
-  version "1.10.20"
-  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.10.20.tgz#c89f6bed3fa7e6605cbeaa35d60f223659e84c8c"
-  integrity sha512-rnhNmRHe9UEzvM7gtjBay1QodkWUmxLUhHNbmJMYhhUggjtm+BRSlE0PRilkeUkwckpNWzq+0fPd7/i0fpQgzA==
+datatables.net-bs4@>=1.10.25, datatables.net-bs4@>=1.12.1, datatables.net-bs4@^1.11.4:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-bs4/-/datatables.net-bs4-1.13.1.tgz#b704d9639bbe650c996e614dc37f529e8c09ff47"
+  integrity sha512-GBTOzUT8ooEUMPtjVHktvDk0MyakFGh89F8aHj8VwF1OFLbqTGEAPacO8XAgSfej/Ng3dbFJA6sjrk4gFra8kg==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-datatables.net@1.10.19, datatables.net@^1.10.19:
-  version "1.10.19"
-  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.10.19.tgz#97a1ed41c85e62d61040603481b59790a172dd1f"
-  integrity sha512-+ljXcI6Pj3PTGy5pesp3E5Dr3x3AV45EZe0o1r0gKENN2gafBKXodVnk2ypKwl2tTmivjxbkiqoWnipTefyBTA==
+datatables.net-buttons-bs4@^2.2.2:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs4/-/datatables.net-buttons-bs4-2.3.3.tgz#11655db6218f129dce04c043decbd4e36e02bf8c"
+  integrity sha512-u028LSQrwK7V+w1nIrQFcyFe8uNZriOzc8AuTvACF+cTlZeDq6ch40dXy5e8Vsaad2xSopJAQ189zPOIGdUlqw==
   dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-buttons ">=2.2.3"
     jquery ">=1.7"
 
-date-now@^0.1.4:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/date-now/-/date-now-0.1.4.tgz#eaf439fd4d4848ad74e5cc7dbef200672b9e345b"
+datatables.net-buttons@>=2.2.3:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-2.3.3.tgz#d54918ac82c681a0d58151d555ed690f40fef614"
+  integrity sha512-jK/hGF+NEj6CxDHKlpQiSu280G00VgL57SPyLbOA+DrmUd6wSGmdco0ztzYsbe9hzLJ3QnmB5LTpPPrBf8985Q==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-defined@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
+datatables.net-colreorder-bs4@^1.5.5:
+  version "1.6.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-colreorder-bs4/-/datatables.net-colreorder-bs4-1.6.1.tgz#01e8b0ffd47c832d4cf928f4486e42b0be90fe21"
+  integrity sha512-vdr0Padd26pDNdUhasFUGWK6WrYyoBSwoJ5Sq4294hgj1SqblP8pz1vIGUmFiFtlHlOsHaVor3rffeqyYH8Waw==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-colreorder ">=1.5.6"
+    jquery ">=1.7"
 
-deps-sort@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/deps-sort/-/deps-sort-2.0.0.tgz#091724902e84658260eb910748cccd1af6e21fb5"
+datatables.net-colreorder@>=1.5.6:
+  version "1.6.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-colreorder/-/datatables.net-colreorder-1.6.1.tgz#effecd14fb8c42299b4a120d31b6ab04ccdd5dca"
+  integrity sha512-ae0gdkG0OmrEGUrXYm0XgWDzDkuEhEuNrfvQsmtCTl0j+1nxtXPsecIiWBCqv/dM0X4x8PT0dJY8furqPCzXXw==
   dependencies:
-    JSONStream "^1.0.3"
-    shasum "^1.0.0"
-    subarg "^1.0.0"
-    through2 "^2.0.0"
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-des.js@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/des.js/-/des.js-1.0.0.tgz#c074d2e2aa6a8a9a07dbd61f9a15c2cd83ec8ecc"
+datatables.net-fixedcolumns-bs4@^4.0.1:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns-bs4/-/datatables.net-fixedcolumns-bs4-4.2.1.tgz#5c608b3b98654350745441a7306e9b0e02b111d5"
+  integrity sha512-RXI0weSNs9MlwKZujIKtih2wAdycjYgE7xunFYNTLJrjMzmRrisHs1FQ8AwZAQZu2CkvUbrUjdiAuaJXwKPyuA==
   dependencies:
-    inherits "^2.0.1"
-    minimalistic-assert "^1.0.0"
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-fixedcolumns ">=4.1.0"
+    jquery ">=1.7"
 
-detective@^5.0.2:
-  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/detective/-/detective-5.1.0.tgz#7a20d89236d7b331ccea65832e7123b5551bb7cb"
+datatables.net-fixedcolumns@>=4.1.0:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedcolumns/-/datatables.net-fixedcolumns-4.2.1.tgz#f73ec3369646487e74afab308d8eb90eca0a37d2"
+  integrity sha512-XCNM2UyWwLl8Qtaw23/wgMlUhQjIWEKXJSLqB67RTibeyfVUF7zsnNQECPtlPr6kqUN229Ep8UZG15Zc71MytQ==
   dependencies:
-    acorn-node "^1.3.0"
-    defined "^1.0.0"
-    minimist "^1.1.1"
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-diffie-hellman@^5.0.0:
-  version "5.0.3"
-  resolved "https://registry.yarnpkg.com/diffie-hellman/-/diffie-hellman-5.0.3.tgz#40e8ee98f55a2149607146921c63e1ae5f3d2875"
+datatables.net-fixedheader-bs4@^3.2.1:
+  version "3.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader-bs4/-/datatables.net-fixedheader-bs4-3.3.1.tgz#f60c85f8d0d846cff1368f2a2012229f3baa43b4"
+  integrity sha512-cTSh9VygiEoMwnkuR5xhex/NDCJ5CsgXCLG0VDdOqptUwjYIqlrrVf4hBCj2XnJCxHi/liV1sSW3qu7q1QnpwQ==
   dependencies:
-    bn.js "^4.1.0"
-    miller-rabin "^4.0.0"
-    randombytes "^2.0.0"
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-fixedheader ">=3.2.4"
+    jquery ">=1.7"
 
-domain-browser@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/domain-browser/-/domain-browser-1.2.0.tgz#3d31f50191a6749dd1375a7f522e823d42e54eda"
+datatables.net-fixedheader@>=3.2.4:
+  version "3.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-fixedheader/-/datatables.net-fixedheader-3.3.1.tgz#71aafa169b91f0fc1b3fa353d50f575ad67ad50d"
+  integrity sha512-m1ip5dOOsdjaFw2e5G77o+XLjqy5wWKnBnp+BwbnFCq4J5hFbMqcIV1r5z9X+NeAiKlADqZqteeLoO2xYRXBVA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
 
-domhelper@~0.9.0:
-  version "0.9.1"
-  resolved "https://registry.yarnpkg.com/domhelper/-/domhelper-0.9.1.tgz#26554e5bac2c9e9585dca500978df5067d64bd00"
+datatables.net-keytable-bs4@^2.6.4:
+  version "2.8.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable-bs4/-/datatables.net-keytable-bs4-2.8.0.tgz#fa36bf33eb5591a998f0fe361851f496487e12ed"
+  integrity sha512-QzkT+CHndZNfUYzzwAMtzHbDRNw5M6yIwWhGClX6/9i9NJ/dLwFzE5pZumL+6EOYyRU5Bwz9fF5NgaIXKqBXAQ==
   dependencies:
-    browserify ">=3.46.0"
-    classie ">=0.0.1"
-    util-extend "^1.0.1"
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-keytable ">=2.7.0"
+    jquery ">=1.7"
 
-duplexer2@^0.1.2, duplexer2@~0.1.0, duplexer2@~0.1.2:
+datatables.net-keytable@>=2.7.0:
+  version "2.8.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable/-/datatables.net-keytable-2.8.0.tgz#aabd44fbcb5e38a0b24d43718808a4955e0e6b2c"
+  integrity sha512-fZBCdBvB1hbJko80YhWcu30WmO7Mrpa2N9b9C8HOcbYjDGP8R3lkswtZj+RopQdFqh42cFn+/jXC9lC+xOWEtA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-plugins@^1.13.1:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-plugins/-/datatables.net-plugins-1.13.1.tgz#0ed233404fa3511bf46db7db8742b9fad6fd90a9"
+  integrity sha512-4UpaRl7ZiTmStjV1QTB3x9V0EKmgdMvF7Ms+HzZ6gSzv33kPrL9Cw76/Uxxl02Z+ajergobvfMN64ndlZ9AXzA==
+
+datatables.net-responsive-bs4@^2.2.9:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-responsive-bs4/-/datatables.net-responsive-bs4-2.4.0.tgz#4f4b3bc09a1f403baf9153067a49d9de66ad6f39"
+  integrity sha512-zCAxwcuaLneJd3Yy1eKZU3wksIj4IFvcaQEXrFeVBgsl6iH3H+uqW9apwdadDL8agsBHdsln08qYjkz8bYY7Bg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-responsive ">=2.3.0"
+    jquery ">=1.7"
+
+datatables.net-responsive@>=2.3.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-responsive/-/datatables.net-responsive-2.4.0.tgz#91658679483e3ef6cda8b9bc5c1b7eff076a8e70"
+  integrity sha512-Acws4aEPJZX/+CQsXpuDBHfrwgl3XxWEc/zlsnJCXE/GGbqjVAtQt7SM6EBcdReMv1FbyWUlF/Uw+de11NT46A==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-rowgroup-bs4@^1.1.4:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup-bs4/-/datatables.net-rowgroup-bs4-1.3.0.tgz#6ce865f6235df12989a07562e636e9065d3a2150"
+  integrity sha512-qw4PwsFgVNKazimL/ixYP9NGzsEgZtt1VQfFK/r+JF1uoV7/vVvG7qK/B+wFRAdTAXL+9v6uKlJ/8RI7bPAbvg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-rowgroup ">=1.2.0"
+    jquery ">=1.7"
+
+datatables.net-rowgroup@>=1.2.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowgroup/-/datatables.net-rowgroup-1.3.0.tgz#3b330f0226e84054fd25684de9ceb3eeb6ee7f5d"
+  integrity sha512-kLzYxvMmy8wmISksXvHBbZrv0wD7hlmp8NaiZQ6rFMwbTIoMt9YzOA+tpKDZiw3MOnku44QAOBXdPtXwxjE0JA==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-rowreorder-bs4@^1.2.8:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder-bs4/-/datatables.net-rowreorder-bs4-1.3.1.tgz#1ceaabb5d8b8b45b92f81531eeece3c6649439d9"
+  integrity sha512-wrprtbvyEG0Cg78NbG2pSjTo6KhoEAiI5LmsELv0e6zK4EXOUk+EVatrFaYwK1LARVVSFznpIvPAskZpsV2wBA==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-rowreorder ">=1.2.8"
+    jquery ">=1.7"
+
+datatables.net-rowreorder@>=1.2.8:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder/-/datatables.net-rowreorder-1.3.1.tgz#a745927bdd27412005ce6a38f88cf1e08380951c"
+  integrity sha512-HZXlyZOdm0riGm7MZK61RapBZUimooKL1GuVu7xuJE0Rpv3/1RasdMzWV3hfkUVKNKBhvEAD06SYI/kXxqABaw==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-scroller-bs4@^2.0.5:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-scroller-bs4/-/datatables.net-scroller-bs4-2.1.0.tgz#06c2850856340b88c5fb49294d45f83779a57a82"
+  integrity sha512-xZa2rhZjKbk1ebPQBrY6pqQRdc8/JTuAzzqhQjU7hDKwQqRyQ6WJuVjdJxJ6MHkB2fFVdj7v9H3VCvUJOuXTEQ==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-scroller ">=2.0.7"
+    jquery ">=1.7"
+
+datatables.net-scroller@>=2.0.7:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-scroller/-/datatables.net-scroller-2.1.0.tgz#0a96896bfa6f5f4f4266e41b652194cb9fdf2414"
+  integrity sha512-B/MxP8YPcFtoa1cexvlcK0PXQdzy6tz+HhQlyjNpRCoRc/8ZM5VcZg+ecYfP/pRBBXZORgkOJjWYkIdoChhE0w==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-searchbuilder-bs4@^1.3.1:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder-bs4/-/datatables.net-searchbuilder-bs4-1.4.0.tgz#24b98014e5de62b7e52d12169c986e28d341deb8"
+  integrity sha512-iEjhIkKLKoVD7wGWEVNSfpQaqBx+SXbiDTmH3t39h5hNWpYqoLtwEy/PhtaSdaF+hIhlrhcB4y8qHr/mW7KlSw==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-searchbuilder ">=1.3.4"
+    jquery ">=1.7"
+
+datatables.net-searchbuilder@>=1.3.4:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchbuilder/-/datatables.net-searchbuilder-1.4.0.tgz#8eba2bac0ac702733c080d6dee0a5d6ae8181d4f"
+  integrity sha512-I6+a5EebX6uYFlWmc7TAk1oQvlfoGZqyLgdN4H9Rm6fL5VZv6SvWQ7y2+W9ebshMD0smKdtp8pedYc8PIh80kg==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-searchpanes-bs4@^1.4.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes-bs4/-/datatables.net-searchpanes-bs4-1.4.0.tgz#efe09f8093fabd5ef311467eac198480873fb9bd"
+  integrity sha512-Floxzmw2cQkUQdI7Vv4IWtLqLmwPrmY6MPncbEWq4YvkSeaZW7OHzSmZLLUjMn2P6Huvz59WUVcwL0lSDui6GQ==
+  dependencies:
+    datatables.net-bs4 ">=1.10.25"
+    datatables.net-searchpanes ">=1.3.0"
+    jquery ">=1.7"
+
+datatables.net-searchpanes@>=1.3.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes/-/datatables.net-searchpanes-2.1.0.tgz#e67fa2e8ce452a8c6fcebc69cddb101cf4208cf2"
+  integrity sha512-MA5rvXxqqCI0wBcAjrA0Bpp7QynWsjfpH2ZlhiTrBjsilYfn5oGPSSwsJxLO7unolmnhm+iuqethlWNyo9TC6Q==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net-select-bs4@^1.3.4:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select-bs4/-/datatables.net-select-bs4-1.5.0.tgz#a4514dd49ea67c525c2083ef455c552a010ea6cb"
+  integrity sha512-x70tepWUQKDYFHejk2o1zR4HBqH7Idz4cMTemdeM8oT7lmRnGb9gbiUoYMgwc5h2S2jkDYeIkvQWWMsI17shCg==
+  dependencies:
+    datatables.net-bs4 ">=1.12.1"
+    datatables.net-select ">=1.4.0"
+    jquery ">=1.7"
+
+datatables.net-select@>=1.4.0:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select/-/datatables.net-select-1.5.0.tgz#e118438ad98e4857060d6dd66cb0fab215a54fda"
+  integrity sha512-PVYcX5phmu77r3a6miTyS1zF03cgX7Mx+BXH4wCJzZW+UHe2Xz9DAHgxvLQfE7j2M8LG45Ww7RxBhnkFKk1t7A==
+  dependencies:
+    datatables.net ">=1.12.1"
+    jquery ">=1.7"
+
+datatables.net@>=1.12.1, datatables.net@^1.11.4:
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.13.1.tgz#199f7cb63f4536c135e161f95254212835a1c130"
+  integrity sha512-cX5dDHsbVdLLYKsWOSE0MvuGUcV88zU5dZ/taK2puJV6F9Fw0CFsP3+U/kr+qpDSFOBLWISRyM4Q9wWWovPTNg==
+  dependencies:
+    jquery ">=1.7"
+
+daterangepicker@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/daterangepicker/-/daterangepicker-3.1.0.tgz#718d606614331df3e774c9aba82ccd8838d45da1"
+  integrity sha512-DxWXvvPq4srWLCqFugqSV+6CBt/CvQ0dnpXhQ3gl0autcIDAruG1PuGG3gC7yPRNytAD1oU1AcUOzaYhOawhTw==
+  dependencies:
+    jquery ">=1.10"
+    moment "^2.9.0"
+
+deep-equal@^1.0.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.1.1.tgz#b5c98c942ceffaf7cb051e24e1434a25a2e6076a"
+  integrity sha512-yd9c5AdiqVcR+JjcwUQb9DkhJc8ngNr0MahEBGvDiJw8puWab2yZlh+nkasOnZP+EGTAP6rRp2JzJhJZzvNF8g==
+  dependencies:
+    is-arguments "^1.0.4"
+    is-date-object "^1.0.1"
+    is-regex "^1.0.4"
+    object-is "^1.0.1"
+    object-keys "^1.1.1"
+    regexp.prototype.flags "^1.2.0"
+
+deep-is@~0.1.3:
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.4.tgz#a6f2dce612fadd2ef1f519b73551f17e85199831"
+  integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==
+
+define-properties@^1.1.3:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1"
+  integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA==
+  dependencies:
+    has-property-descriptors "^1.0.0"
+    object-keys "^1.1.1"
+
+dfa@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/dfa/-/dfa-1.2.0.tgz#96ac3204e2d29c49ea5b57af8d92c2ae12790657"
+  integrity sha512-ED3jP8saaweFTjeGX8HQPjeC1YYyZs98jGNZx6IiBvxW7JG5v492kamAQB3m2wop07CvU/RQmzcKr6bgcC5D/Q==
+
+dropzone@^5.9.3:
+  version "5.9.3"
+  resolved "https://registry.yarnpkg.com/dropzone/-/dropzone-5.9.3.tgz#b3070ae090fa48cbc04c17535635537ca72d70d6"
+  integrity sha512-Azk8kD/2/nJIuVPK+zQ9sjKMRIpRvNyqn9XwbBHNq+iNuSccbJS6hwm1Woy0pMST0erSo0u4j+KJaodndDk4vA==
+
+duplexer2@~0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"
+  integrity sha512-asLFVfWWtJ90ZyOUHMqk7/S2w2guQKxUI2itj3d92ADHhxUSbCMGi1f1cBcJ7xM1To+pE/Khbwo1yuNbMEPKeA==
   dependencies:
     readable-stream "^2.0.2"
 
-elliptic@^6.0.0:
-  version "6.5.4"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb"
-  integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
+ekko-lightbox@^5.3.0:
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/ekko-lightbox/-/ekko-lightbox-5.3.0.tgz#fbfcd9df93a8d1cdbf8770adc8c05aaac4d24f56"
+  integrity sha512-mbacwySuVD3Ad6F2hTkjSTvJt59bcVv2l/TmBerp4xZnLak8tPtA4AScUn4DL42c1ksTiAO6sGhJZ52P/1Qgew==
+
+es5-ext@^0.10.35, es5-ext@^0.10.50, es5-ext@^0.10.62, es5-ext@~0.10.14:
+  version "0.10.62"
+  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.62.tgz#5e6adc19a6da524bf3d1e02bbc8960e5eb49a9a5"
+  integrity sha512-BHLqn0klhEpnOKSrzn/Xsz2UIW8j+cGmo9JLzr8BiUapV8hPL9+FliFqjwr9ngW7jWdnxv6eO+/LqyhJVqgrjA==
+  dependencies:
+    es6-iterator "^2.0.3"
+    es6-symbol "^3.1.3"
+    next-tick "^1.1.0"
+
+es6-iterator@^2.0.3, es6-iterator@~2.0.1, es6-iterator@~2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.3.tgz#a7de889141a05a94b0854403b2d0a0fbfa98f3b7"
+  integrity sha512-zw4SRzoUkd+cl+ZoE15A9o1oQd920Bb0iOJMQkQhl3jNc03YqVjAhG7scf9C5KWRU/R13Orf588uCC6525o02g==
+  dependencies:
+    d "1"
+    es5-ext "^0.10.35"
+    es6-symbol "^3.1.1"
+
+es6-map@^0.1.5:
+  version "0.1.5"
+  resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0"
+  integrity sha512-mz3UqCh0uPCIqsw1SSAkB/p0rOzF/M0V++vyN7JqlPtSW/VsYgQBvVvqMLmfBuyMzTpLnNqi6JmcSizs4jy19A==
+  dependencies:
+    d "1"
+    es5-ext "~0.10.14"
+    es6-iterator "~2.0.1"
+    es6-set "~0.1.5"
+    es6-symbol "~3.1.1"
+    event-emitter "~0.3.5"
+
+es6-set@^0.1.5, es6-set@~0.1.5:
+  version "0.1.6"
+  resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.6.tgz#5669e3b2aa01d61a50ba79964f733673574983b8"
+  integrity sha512-TE3LgGLDIBX332jq3ypv6bcOpkLO0AslAQo7p2VqX/1N46YNsvIWgvjojjSEnWEGWMhr1qUbYeTSir5J6mFHOw==
+  dependencies:
+    d "^1.0.1"
+    es5-ext "^0.10.62"
+    es6-iterator "~2.0.3"
+    es6-symbol "^3.1.3"
+    event-emitter "^0.3.5"
+    type "^2.7.2"
+
+es6-symbol@^3.1.1, es6-symbol@^3.1.3, es6-symbol@~3.1.1:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"
+  integrity sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==
+  dependencies:
+    d "^1.0.1"
+    ext "^1.1.2"
+
+escodegen@^1.11.1:
+  version "1.14.3"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.14.3.tgz#4e7b81fba61581dc97582ed78cab7f0e8d63f503"
+  integrity sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw==
+  dependencies:
+    esprima "^4.0.1"
+    estraverse "^4.2.0"
+    esutils "^2.0.2"
+    optionator "^0.8.1"
+  optionalDependencies:
+    source-map "~0.6.1"
+
+escodegen@~1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.2.0.tgz#09de7967791cc958b7f89a2ddb6d23451af327e1"
+  integrity sha512-yLy3Cc+zAC0WSmoT2fig3J87TpQ8UaZGx8ahCAs9FL8qNbyV7CVyPKS74DG4bsHiL5ew9sxdYx131OkBQMFnvA==
   dependencies:
-    bn.js "^4.11.9"
-    brorand "^1.1.0"
-    hash.js "^1.0.0"
-    hmac-drbg "^1.0.1"
-    inherits "^2.0.4"
-    minimalistic-assert "^1.0.1"
-    minimalistic-crypto-utils "^1.0.1"
+    esprima "~1.0.4"
+    estraverse "~1.5.0"
+    esutils "~1.0.0"
+  optionalDependencies:
+    source-map "~0.1.30"
+
+esprima@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.1.tgz#13b04cdb3e6c5d19df91ab6987a8695619b0aa71"
+  integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==
+
+esprima@~1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-1.0.4.tgz#9f557e08fc3b4d26ece9dd34f8fbf476b62585ad"
+  integrity sha512-rp5dMKN8zEs9dfi9g0X1ClLmV//WRyk/R15mppFNICIFRG5P92VP7Z04p8pk++gABo9W2tY+kHyu6P1mEHgmTA==
+
+estraverse@^4.2.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.3.0.tgz#398ad3f3c5a24948be7725e83d11a7de28cdbd1d"
+  integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==
+
+estraverse@~1.5.0:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.5.1.tgz#867a3e8e58a9f84618afb6c2ddbcd916b7cbaf71"
+  integrity sha512-FpCjJDfmo3vsc/1zKSeqR5k42tcIhxFIlvq+h9j0fO2q/h2uLKyweq7rYJ+0CoVvrGQOxIS5wyBrW/+vF58BUQ==
+
+estree-is-function@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/estree-is-function/-/estree-is-function-1.0.0.tgz#c0adc29806d7f18a74db7df0f3b2666702e37ad2"
+  integrity sha512-nSCWn1jkSq2QAtkaVLJZY2ezwcFO161HVc174zL1KPW3RJ+O6C3eJb8Nx7OXzvhoEv+nLgSR1g71oWUHUDTrJA==
+
+esutils@^2.0.2:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
+  integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
+
+esutils@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/esutils/-/esutils-1.0.0.tgz#8151d358e20c8acc7fb745e7472c0025fe496570"
+  integrity sha512-x/iYH53X3quDwfHRz4y8rn4XcEwwCJeWsul9pF1zldMbGtgOtMNBEOuYWwB1EQlK2LRa1fev3YAgym/RElp5Cg==
+
+ev-emitter@^1.0.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/ev-emitter/-/ev-emitter-1.1.1.tgz#8f18b0ce5c76a5d18017f71c0a795c65b9138f2a"
+  integrity sha512-ipiDYhdQSCZ4hSbX4rMW+XzNKMD1prg/sTvoVmSLkuQ1MVlwjJQQA+sW8tMYR3BLUr9KjodFV4pvzunvRhd33Q==
 
 eve-raphael@0.5.0:
   version "0.5.0"
   resolved "https://registry.yarnpkg.com/eve-raphael/-/eve-raphael-0.5.0.tgz#17c754b792beef3fa6684d79cf5a47c63c4cda30"
 
-events@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/events/-/events-2.1.0.tgz#2a9a1e18e6106e0e812aa9ebd4a819b3c29c0ba5"
+event-emitter@^0.3.5, event-emitter@~0.3.5:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39"
+  integrity sha512-D9rRn9y7kLPnJ+hMq7S/nhvoKwwvVJahBi2BPmx3bvbsEdK3W9ii8cBSGjP+72/LnM4n6fo3+dkCX5FeTQruXA==
+  dependencies:
+    d "1"
+    es5-ext "~0.10.14"
 
-evp_bytestokey@^1.0.0, evp_bytestokey@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz#7fcbdb198dc71959432efe13842684e0525acb02"
+ext@^1.1.2:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/ext/-/ext-1.7.0.tgz#0ea4383c0103d60e70be99e9a7f11027a33c4f5f"
+  integrity sha512-6hxeJYaL110a9b5TEJSj0gojyHQAmA2ch5Os+ySCiA1QGdS697XWY1pzsrSjqA9LDEEgdB/KypIlR59RcLuHYw==
   dependencies:
-    md5.js "^1.3.4"
-    safe-buffer "^5.1.1"
+    type "^2.7.2"
+
+fast-levenshtein@~2.0.6:
+  version "2.0.6"
+  resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
+  integrity sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==
+
+fast-memoize@^2.5.1:
+  version "2.5.2"
+  resolved "https://registry.yarnpkg.com/fast-memoize/-/fast-memoize-2.5.2.tgz#79e3bb6a4ec867ea40ba0e7146816f6cdce9b57e"
+  integrity sha512-Ue0LwpDYErFbmNnZSF0UH6eImUwDmogUO1jyE+JbN2gsQz/jICm1Ve7t9QT0rNSsfJt+Hs4/S3GnsDVjL4HVrw==
 
 fastclick@^1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/fastclick/-/fastclick-1.0.6.tgz#161625b27b1a5806405936bda9a2c1926d06be6a"
 
-flot@^0.8.3:
-  version "0.8.3"
-  resolved "https://registry.yarnpkg.com/flot/-/flot-0.8.3.tgz#6d9b93c7aa2cfb30dfa1af9c1ec4c94070b1217f"
-  integrity sha512-xg2otcTJDvS+ERK+my4wxG/ASq90QURXtoM4LhacCq0jQW2jbyjdttbRNqU2cPykrpMvJ6b2uSp6SAgYAzj9tQ==
+filterizr@^2.2.4:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/filterizr/-/filterizr-2.2.4.tgz#02fd75cffd46ef7acc85f55e132064650ae90a14"
+  integrity sha512-hqyEdg7RrvJMVFOeF0yysS75HP6jLu0wBSUtSPAc3BysAtHpwcXaPnR1kYp2uZtd3YXyhH6JRfF9+H4SRvrqXg==
+  dependencies:
+    fast-memoize "^2.5.1"
+    imagesloaded "^4.1.4"
 
-font-awesome@^4.7.0:
-  version "4.7.0"
-  resolved "https://registry.yarnpkg.com/font-awesome/-/font-awesome-4.7.0.tgz#8fa8cf0411a1a31afd07b06d2902bb9fc815a133"
+flag-icon-css@^4.1.7:
+  version "4.1.7"
+  resolved "https://registry.yarnpkg.com/flag-icon-css/-/flag-icon-css-4.1.7.tgz#5471197f9ab965a3603b3e0face31dd513fec289"
+  integrity sha512-AFjSU+fv98XbU0vnTQ32vcLj89UEr1MhwDFcooQv14qWJCjg9fGZzfh9BVyDhAhIOZW/pGmJmq38RqpgPaeybQ==
 
-fs.realpath@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
+flot@^4.2.2:
+  version "4.2.3"
+  resolved "https://registry.yarnpkg.com/flot/-/flot-4.2.3.tgz#d327be738a06b6617deeaf346bcbfe0ee5242e48"
+  integrity sha512-r1t2gfhILE6dt7cnYDHX/D2VHERyD0YoV0UdFJg5dWbjkcu05MugfhNY7VspfBFTa+hjVNYVZw6/t9ZyYNen+w==
+
+fs-extra@^10.0.0:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf"
+  integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==
+  dependencies:
+    graceful-fs "^4.2.0"
+    jsonfile "^6.0.1"
+    universalify "^2.0.0"
 
-fullcalendar@^3.10.0:
-  version "3.10.0"
-  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-3.10.0.tgz#cc5e87d518fd6550e142816a31dd191664847919"
-  integrity sha512-0OtsHhmdYhtFmQwXzyo8VqHzYgamg+zVOoytv5N13gI+iF6CGjevpCi/yBaQs0O4wY3OAp8I688IxdNYe0iAvw==
+fullcalendar@^5.10.1:
+  version "5.11.4"
+  resolved "https://registry.yarnpkg.com/fullcalendar/-/fullcalendar-5.11.4.tgz#a4d218fa1d4617a67ee69d0bc7a99f6f96b90658"
+  integrity sha512-1TH40KkWFVlZBpqJ/eB69E7nPABleA0skoc7pTIXJNNNYyUuKPjiJg+TSMunjJ9faPLzvbvfCdgttGZnynPA3Q==
 
 function-bind@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
 
-glob@^7.1.0:
-  version "7.1.2"
-  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15"
-  dependencies:
-    fs.realpath "^1.0.0"
-    inflight "^1.0.4"
-    inherits "2"
-    minimatch "^3.0.4"
-    once "^1.3.0"
-    path-is-absolute "^1.0.0"
+functions-have-names@^1.2.2:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/functions-have-names/-/functions-have-names-1.2.3.tgz#0404fe4ee2ba2f607f0e0ec3c80bae994133b834"
+  integrity sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==
 
-has@^1.0.0:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+get-assigned-identifiers@^1.1.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/get-assigned-identifiers/-/get-assigned-identifiers-1.2.0.tgz#6dbf411de648cbaf8d9169ebb0d2d576191e2ff1"
+  integrity sha512-mBBwmeGTrxEMO4pMaaf/uUEFHnYtwr8FTe8Y/mer4rcV/bye0qGm6pw1bGZFGStxC5O76c5ZAVBGnqHmOaJpdQ==
+
+get-intrinsic@^1.0.2, get-intrinsic@^1.1.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.2.0.tgz#7ad1dc0535f3a2904bba075772763e5051f6d05f"
+  integrity sha512-L049y6nFOuom5wGyRc3/gdTLO94dySVKRACj1RmJZBQXlbTMhtNIgkWkUHq+jYmZvKf14EW1EoJnnjbmoHij0Q==
   dependencies:
     function-bind "^1.1.1"
+    has "^1.0.3"
+    has-symbols "^1.0.3"
 
-hash-base@^3.0.0:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.0.4.tgz#5fc8686847ecd73499403319a6b0a3f3f6ae4918"
-  dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+graceful-fs@^4.1.6, graceful-fs@^4.2.0:
+  version "4.2.10"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c"
+  integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==
 
-hash.js@^1.0.0, hash.js@^1.0.3:
-  version "1.1.7"
-  resolved "https://registry.yarnpkg.com/hash.js/-/hash.js-1.1.7.tgz#0babca538e8d4ee4a0f8988d68866537a003cf42"
-  integrity sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==
+has-property-descriptors@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz#610708600606d36961ed04c196193b6a607fa861"
+  integrity sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ==
   dependencies:
-    inherits "^2.0.3"
-    minimalistic-assert "^1.0.1"
+    get-intrinsic "^1.1.1"
 
-hmac-drbg@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
-  integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=
+has-symbols@^1.0.2, has-symbols@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.3.tgz#bb7b2c4349251dce87b125f7bdf874aa7c8b39f8"
+  integrity sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==
+
+has-tostringtag@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.0.tgz#7e133818a7d394734f941e73c3d3f9291e658b25"
+  integrity sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==
   dependencies:
-    hash.js "^1.0.3"
-    minimalistic-assert "^1.0.0"
-    minimalistic-crypto-utils "^1.0.1"
+    has-symbols "^1.0.2"
 
-htmlescape@^1.1.0:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351"
+has@^1.0.1, has@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+  integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+  dependencies:
+    function-bind "^1.1.1"
 
-https-browserify@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
+icheck-bootstrap@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/icheck-bootstrap/-/icheck-bootstrap-3.0.1.tgz#60c9c9a71524e1d9dd5bd05167a62fef05cc3a1b"
+  integrity sha512-Rj3SybdcMcayhsP4IJ+hmCNgCKclaFcs/5zwCuLXH1WMo468NegjhZVxbSNKhEjJjnwc4gKETogUmPYSQ9lEZQ==
 
 icheck@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/icheck/-/icheck-1.0.2.tgz#06d08da3d47ae448c153b2639b86e9ad7fdf7128"
 
-ieee754@^1.1.4:
-  version "1.1.12"
-  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.12.tgz#50bf24e5b9c8bb98af4964c941cdb0918da7b60b"
+iconv-lite@^0.6.3:
+  version "0.6.3"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
+  integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3.0.0"
 
-inflight@^1.0.4:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9"
+imagesloaded@^4.1.4:
+  version "4.1.4"
+  resolved "https://registry.yarnpkg.com/imagesloaded/-/imagesloaded-4.1.4.tgz#1376efcd162bb768c34c3727ac89cc04051f3cc7"
+  integrity sha512-ltiBVcYpc/TYTF5nolkMNsnREHW+ICvfQ3Yla2Sgr71YFwQ86bDwV9hgpFhFtrGPuwEx5+LqOHIrdXBdoWwwsA==
   dependencies:
-    once "^1.3.0"
-    wrappy "1"
+    ev-emitter "^1.0.0"
 
-inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3:
+immediate@~3.0.5:
+  version "3.0.6"
+  resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b"
+  integrity sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==
+
+inherits@^2.0.3, inherits@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
 
-inherits@2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1"
+inputmask@^5.0.7:
+  version "5.0.7"
+  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-5.0.7.tgz#b04d5d4e1c85018893c3c8edb1a9f074b051007f"
+  integrity sha512-rUxbRDS25KEib+c/Ow+K01oprU/+EK9t9SOPC8ov94/ftULGDqj1zOgRU/Hko6uzoKRMdwCfuhAafJ/Wk2wffQ==
 
-inherits@2.0.3:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
+ion-rangeslider@^2.3.1:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.1.tgz#92ade52cb56fc30b9162d0483ff02b6f9ed237c2"
+  integrity sha512-6V+24FD13/feliI485gnRHZYD9Ev64M5NAFTxnVib516ATHa9PlXQrC+nOiPngouRYTCLPJyokAJEi3e1Umi5g==
 
-<<<<<<< HEAD
 is-arguments@^1.0.4:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/is-arguments/-/is-arguments-1.1.1.tgz#15b3f88fda01f2a97fec84ca761a560f123efa9b"
@@ -616,62 +948,52 @@ is-arguments@^1.0.4:
   dependencies:
     call-bind "^1.0.2"
     has-tostringtag "^1.0.0"
-=======
-inline-source-map@~0.6.0:
-  version "0.6.2"
-  resolved "https://registry.yarnpkg.com/inline-source-map/-/inline-source-map-0.6.2.tgz#f9393471c18a79d1724f863fa38b586370ade2a5"
-  dependencies:
-    source-map "~0.5.3"
-
-inputmask@^3.3.7:
-  version "3.3.11"
-  resolved "https://registry.yarnpkg.com/inputmask/-/inputmask-3.3.11.tgz#1421c94ae28c3dcd1b4d26337b508bb34998e2d8"
->>>>>>> parent of 929cb63 (Merge pull request #1371 from AgentTNT/AdminLTE-Upgrade)
-
-insert-module-globals@^7.0.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/insert-module-globals/-/insert-module-globals-7.1.0.tgz#dbb3cea71d3a43d5a07ef0310fe5f078aa4dbf35"
-  dependencies:
-    JSONStream "^1.0.3"
-    combine-source-map "^0.8.0"
-    concat-stream "^1.6.1"
-    is-buffer "^1.1.0"
-    lexical-scope "^1.2.0"
-    path-is-absolute "^1.0.1"
-    process "~0.11.0"
-    through2 "^2.0.0"
-    xtend "^4.0.0"
 
-ion-rangeslider@^2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/ion-rangeslider/-/ion-rangeslider-2.3.0.tgz#7957ce2e78acfc956b8c43009373da91f743347e"
-  integrity sha512-7TtH9/X4Aq/xCzboWxjwlv20gVqR90Ysc3aehMlTuH2/ULaSxpB80hq+yvD1N0FwWbPDtxQpjQrz/iX+LWXKmg==
+is-core-module@^2.9.0:
+  version "2.11.0"
+  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.11.0.tgz#ad4cb3e3863e814523c96f3f58d26cc570ff0144"
+  integrity sha512-RRjxlvLDkD1YJwDbroBHMb+cukurkDWNyHx7D3oNB5x9rb5ogcksMC5wHCadcXoo67gVr/+3GFySh3134zi6rw==
   dependencies:
-    jquery ">=1.8"
+    has "^1.0.3"
 
-ionicons@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/ionicons/-/ionicons-3.0.0.tgz#40b8daf4fd7a31150bd002160f66496e22a98c3c"
-
-is-buffer@^1.1.0:
-  version "1.1.6"
-  resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
+is-date-object@^1.0.1:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/is-date-object/-/is-date-object-1.0.5.tgz#0841d5536e724c25597bf6ea62e1bd38298df31f"
+  integrity sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==
+  dependencies:
+    has-tostringtag "^1.0.0"
 
-isarray@^2.0.4:
-  version "2.0.4"
-  resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.4.tgz#38e7bcbb0f3ba1b7933c86ba1894ddfc3781bbb7"
+is-regex@^1.0.4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958"
+  integrity sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==
+  dependencies:
+    call-bind "^1.0.2"
+    has-tostringtag "^1.0.0"
 
 isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
 
-jquery-knob@^1.2.11:
-  version "1.2.11"
-  resolved "https://registry.yarnpkg.com/jquery-knob/-/jquery-knob-1.2.11.tgz#f37c39dbc1c7a6a6c12cdb2ed4f6bffb683f10d6"
+jquery-knob-chif@^1.2.13:
+  version "1.2.13"
+  resolved "https://registry.yarnpkg.com/jquery-knob-chif/-/jquery-knob-chif-1.2.13.tgz#5f1e462ef3745d27a9fd66ce1141fe82b44a5762"
+  integrity sha512-dveq9MZCr68bRrsziuRusKS+/ciT1yOOHdENOSTcXVRM9MsEyCK/DjqR9nc7V3on41269PFdDE2Fuib8Cw4jAA==
+
+jquery-mapael@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/jquery-mapael/-/jquery-mapael-2.2.0.tgz#a68850c680ef0ce3f8b865e8a48b2a018250ca73"
+  integrity sha512-B5cVcCkfs7Ezia1Zs8bEfVacYD/GvaASyqQeidApR/NJ1C4igcExk9VULVsgLcTPkxohcZrrz5uCaPXvuKeZWw==
+  dependencies:
+    jquery "^3.0 || ^2.0 || ^1.0"
+    raphael "^2.2.0 || ^2.1.1"
+  optionalDependencies:
+    jquery-mousewheel "^3.1"
 
-jquery-mousewheel@~3.1.13:
+jquery-mousewheel@^3.1, jquery-mousewheel@^3.1.13:
   version "3.1.13"
   resolved "https://registry.yarnpkg.com/jquery-mousewheel/-/jquery-mousewheel-3.1.13.tgz#06f0335f16e353a695e7206bf50503cb523a6ee5"
+  integrity sha512-GXhSjfOPyDemM005YCEHvzrEALhKDIswtxSHSR2e4K/suHVJKJxxRCGz3skPjNxjJjQa9AVSGGlYjv1M3VLIPg==
 
 jquery-slimscroll@^1.3.8:
   version "1.3.8"
@@ -682,18 +1004,20 @@ jquery-slimscroll@^1.3.8:
 jquery-sparkline@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery-sparkline/-/jquery-sparkline-2.4.0.tgz#1be8b7b704dd3857152708aefb1d4a4b3a69fb33"
+  integrity sha512-SzjpMkOwlnqZpH4Ni2UbdRU5GxDl/BljgN8Smlun7CXUDqRhjPf2eolJ37KKcaG0/ufsMKY+XDERfPTV1hIcjg==
 
-jquery-ui-dist@^1.12.1:
-  version "1.12.1"
-  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.12.1.tgz#5c0815d3cc6f90ff5faaf5b268a6e23b4ca904fa"
-
-jquery-ui@^1.12.1:
-  version "1.13.0"
-  resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.13.0.tgz#ab5ac65f37ca093c51b3478c4097f55bbc008f36"
-  integrity sha512-Osf7ECXNTYHtKBkn9xzbIf9kifNrBhfywFEKxOeB/OVctVmLlouV9mfc2qXCp6uyO4Pn72PXKOnj09qXetopCw==
+jquery-ui-dist@^1.13.0, jquery-ui-dist@^1.13.2:
+  version "1.13.2"
+  resolved "https://registry.yarnpkg.com/jquery-ui-dist/-/jquery-ui-dist-1.13.2.tgz#899fbb3c6210de19ace10657cf844a3b97f3be70"
+  integrity sha512-oVDRd1NLtTbBwpRKAYdIRgpWVDzeBhfy7Gu0RmY6JEaZtmBq6kDn1pm5SgDiAotrnDS+RoTRXO6xvcNTxA9tOA==
   dependencies:
     jquery ">=1.8.0 <4.0.0"
 
+jquery-validation@^1.19.3:
+  version "1.19.5"
+  resolved "https://registry.yarnpkg.com/jquery-validation/-/jquery-validation-1.19.5.tgz#557495b7cad79716897057c4447ad3cd76fda811"
+  integrity sha512-X2SmnPq1mRiDecVYL8edWx+yTBZDyC8ohWXFhXdtqFHgU9Wd4KHkvcbCoIZ0JaSaumzS8s2gXSkP8F7ivg/8ZQ==
+
 jquery.quicksearch@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/jquery.quicksearch/-/jquery.quicksearch-2.4.0.tgz#240c9f435e936c63bf8fbba355144ffdddf9ea26"
@@ -701,258 +1025,212 @@ jquery.quicksearch@^2.4.0:
   dependencies:
     jquery ">=1.8"
 
-"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.5, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0", jquery@^3.2.1:
+"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0":
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.0.tgz#c72a09f15c1bdce142f49dbf1170bdf8adac2470"
   integrity sha512-JVzAR/AjBvVt2BmYhxRCSYysDsPcssdmTFnzyLEts9qNwmjmu4JTAMYubEfwVOSwpQ1I1sKKFcxhZCI2buerfw==
 
-json-stable-stringify@~0.0.0:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/json-stable-stringify/-/json-stable-stringify-0.0.1.tgz#611c23e814db375527df851193db59dd2af27f45"
-  dependencies:
-    jsonify "~0.0.0"
+jquery@>=1.12.0, jquery@>=2.2, "jquery@^3.0 || ^2.0 || ^1.0", jquery@^3.4.0, jquery@^3.6.0:
+  version "3.6.3"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6"
+  integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg==
 
-jsonify@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73"
+jqvmap-novulnerability@^1.5.1:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/jqvmap-novulnerability/-/jqvmap-novulnerability-1.5.1.tgz#140c42623ebbe9b9076ea2dd3b8d155fe9f38ae7"
+  integrity sha512-O6Jr7AGiut9iNJMelPdy8pH83tNXadOqmhJm5FZy9gtaZ5uuhZK3VNu+YLFuTpXeZI8YXUvlFUYbJJi5XHA+tw==
+  dependencies:
+    jquery "^3.4.0"
 
-jsonparse@^1.2.0:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
+jsgrid@^1.5.3:
+  version "1.5.3"
+  resolved "https://registry.yarnpkg.com/jsgrid/-/jsgrid-1.5.3.tgz#b15fc426483153bee2b6b567312f675d92834a0d"
+  integrity sha512-/BJgQp7gZe8o/VgNelwXc21jHc9HN+l7WPOkBhC9b9jPXFtOrU9ftNLPVBmKYCNlIulAbGTW8SDJI0mpw7uWxQ==
 
-jtimeout@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.1.0.tgz#4cd65b28eff8b9f8c61d08889a9ac3abdf5d9893"
-  integrity sha512-xA2TlImMGj4c0yAiM9BUq+8aAFVYVYUX2tkcC8u8das9qoZSs13SxhVcfWqI4cHOsv3huj2D0VRNHeVCLO3mVQ==
+jsonfile@^6.0.1:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-6.1.0.tgz#bc55b2634793c679ec6403094eb13698a6ec0aae"
+  integrity sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==
   dependencies:
-    jquery ">=1.7.1 <4.0.0"
+    universalify "^2.0.0"
+  optionalDependencies:
+    graceful-fs "^4.1.6"
 
-jvectormap@^1.2.2:
-  version "1.2.2"
-  resolved "https://registry.yarnpkg.com/jvectormap/-/jvectormap-1.2.2.tgz#2e4408b24a60473ff106c1e7243e375ae5ca85da"
+jszip@^3.7.1:
+  version "3.10.1"
+  resolved "https://registry.yarnpkg.com/jszip/-/jszip-3.10.1.tgz#34aee70eb18ea1faec2f589208a157d1feb091c2"
+  integrity sha512-xXDvecyTpGLrqFrvkrUSoxxfJI5AH7U8zxxtVclpsUtMCq4JQ290LY8AW5c7Ggnr/Y/oK+bQMbqK2qmtk3pN4g==
   dependencies:
-    jquery ">=1.5"
+    lie "~3.3.0"
+    pako "~1.0.2"
+    readable-stream "~2.3.6"
+    setimmediate "^1.0.5"
 
-labeled-stream-splicer@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/labeled-stream-splicer/-/labeled-stream-splicer-2.0.1.tgz#9cffa32fd99e1612fd1d86a8db962416d5292926"
+jtimeout@^3.2.0:
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/jtimeout/-/jtimeout-3.2.0.tgz#a27dd31652b7a97d4877674a2e9a25551c60d6ba"
+  integrity sha512-P/cEhmgr8P2Vd3V79uUk6pHAHpMSe+Px7B+mGEir4aZW3/J6C09uH97aAEXVpjqb9i9vHnUyIp7k0UoA+Hy0eg==
   dependencies:
-    inherits "^2.0.1"
-    isarray "^2.0.4"
-    stream-splicer "^2.0.0"
+    jquery ">=1.7.1 <4.0.0"
 
-lexical-scope@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/lexical-scope/-/lexical-scope-1.2.0.tgz#fcea5edc704a4b3a8796cdca419c3a0afaf22df4"
+levn@~0.3.0:
+  version "0.3.0"
+  resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee"
+  integrity sha512-0OO4y2iOHix2W6ujICbKIaEQXvFQHue65vUG3pb5EUomzPI90z9hsA1VsO/dbIIpC53J8gxM9Q4Oho0jrCM/yA==
   dependencies:
-    astw "^2.0.0"
+    prelude-ls "~1.1.2"
+    type-check "~0.3.2"
 
-lodash.memoize@~3.0.3:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-3.0.4.tgz#2dcbd2c287cbc0a55cc42328bd0c736150d53e3f"
-
-md5.js@^1.3.4:
-  version "1.3.4"
-  resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.4.tgz#e9bdbde94a20a5ac18b04340fc5764d5b09d901d"
+lie@~3.3.0:
+  version "3.3.0"
+  resolved "https://registry.yarnpkg.com/lie/-/lie-3.3.0.tgz#dcf82dee545f46074daf200c7c1c5a08e0f40f6a"
+  integrity sha512-UaiMJzeWRlEujzAuw5LokY1L5ecNQYZKfmyZ9L7wDHb/p5etKaxXhohBcrw0EYby+G/NA52vRSN4N39dxHAIwQ==
   dependencies:
-    hash-base "^3.0.0"
-    inherits "^2.0.1"
+    immediate "~3.0.5"
 
-miller-rabin@^4.0.0:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
+magic-string@0.25.1:
+  version "0.25.1"
+  resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.1.tgz#b1c248b399cd7485da0fe7385c2fc7011843266e"
+  integrity sha512-sCuTz6pYom8Rlt4ISPFn6wuFodbKMIHUMv4Qko9P17dpxb7s52KJTmRuZZqHdGmLCK9AOcDare039nRIcfdkEg==
   dependencies:
-    bn.js "^4.0.0"
-    brorand "^1.0.1"
-
-minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
-  integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
+    sourcemap-codec "^1.4.1"
 
-minimalistic-crypto-utils@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
-  integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=
-
-minimatch@^3.0.4:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
+merge-source-map@1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/merge-source-map/-/merge-source-map-1.0.4.tgz#a5de46538dae84d4114cc5ea02b4772a6346701f"
+  integrity sha512-PGSmS0kfnTnMJCzJ16BLLCEe6oeYCamKFFdQKshi4BmM6FUwipjVOcBFGxqtQtirtAG4iZvHlqST9CpZKqlRjA==
   dependencies:
-    brace-expansion "^1.1.7"
-
-minimist@0.0.8:
-  version "0.0.8"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d"
+    source-map "^0.5.6"
 
-minimist@^1.1.0, minimist@^1.1.1:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
+minimist@^1.1.3:
+  version "1.2.7"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18"
+  integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==
 
-mkdirp@^0.5.0:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903"
+moment-timezone@^0.5.34:
+  version "0.5.40"
+  resolved "https://registry.yarnpkg.com/moment-timezone/-/moment-timezone-0.5.40.tgz#c148f5149fd91dd3e29bf481abc8830ecba16b89"
+  integrity sha512-tWfmNkRYmBkPJz5mr9GVDn9vRlVZOTe6yqY92rFxiOdWXbjaR0+9LwQnZGGuNR63X456NqmEkbskte8tWL5ePg==
   dependencies:
-    minimist "0.0.8"
+    moment ">= 2.9.0"
 
-module-deps@^6.0.0:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/module-deps/-/module-deps-6.1.0.tgz#d1e1efc481c6886269f7112c52c3236188e16479"
-  dependencies:
-    JSONStream "^1.0.3"
-    browser-resolve "^1.7.0"
-    cached-path-relative "^1.0.0"
-    concat-stream "~1.6.0"
-    defined "^1.0.0"
-    detective "^5.0.2"
-    duplexer2 "^0.1.2"
-    inherits "^2.0.1"
-    parents "^1.0.0"
-    readable-stream "^2.0.2"
-    resolve "^1.4.0"
-    stream-combiner2 "^1.1.1"
-    subarg "^1.0.0"
-    through2 "^2.0.0"
-    xtend "^4.0.0"
+"moment@>= 2.9.0", moment@^2.10.2, moment@^2.29.1, moment@^2.29.2:
+  version "2.29.4"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108"
+  integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==
 
-moment@^2.24.0, moment@^2.9.0:
+moment@^2.9.0:
   version "2.29.2"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
   integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
 
-morris.js@^0.5.0:
-  version "0.5.0"
-  resolved "https://registry.yarnpkg.com/morris.js/-/morris.js-0.5.0.tgz#725767135cfae059aae75999bb2ce6a1c5d1b44b"
-
 multiselect@^0.9.12:
   version "0.9.12"
   resolved "https://registry.yarnpkg.com/multiselect/-/multiselect-0.9.12.tgz#d15536e986dd6a0029b160d6613bcedf81e4c7ed"
   dependencies:
     jquery ">= 1.7.1"
 
-once@^1.3.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
-  dependencies:
-    wrappy "1"
-
-os-browserify@~0.3.0:
-  version "0.3.0"
-  resolved "https://registry.yarnpkg.com/os-browserify/-/os-browserify-0.3.0.tgz#854373c7f5c2315914fc9bfc6bd8238fdda1ec27"
-
-pace@0.0.4:
-  version "0.0.4"
-  resolved "https://registry.yarnpkg.com/pace/-/pace-0.0.4.tgz#d66405d5f5bc12d25441a6e26c878dbc69e77a77"
-  dependencies:
-    charm "~0.1.0"
-
-pako@~1.0.5:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.6.tgz#0101211baa70c4bca4a0f63f2206e97b7dfaf258"
+next-tick@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/next-tick/-/next-tick-1.1.0.tgz#1836ee30ad56d67ef281b22bd199f709449b35eb"
+  integrity sha512-CXdUiJembsNjuToQvxayPZF9Vqht7hewsvy2sOWafLvi2awflj9mOC6bHIg50orX8IJvWKY9wYQ/zB2kogPslQ==
 
-parents@^1.0.0, parents@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/parents/-/parents-1.0.1.tgz#fedd4d2bf193a77745fe71e371d73c3307d9c751"
-  dependencies:
-    path-platform "~0.11.15"
+object-inspect@^1.6.0:
+  version "1.12.3"
+  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.12.3.tgz#ba62dffd67ee256c8c086dfae69e016cd1f198b9"
+  integrity sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==
 
-parse-asn1@^5.0.0:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.1.tgz#f6bf293818332bd0dab54efb16087724745e6ca8"
+object-is@^1.0.1:
+  version "1.1.5"
+  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.5.tgz#b9deeaa5fc7f1846a0faecdceec138e5778f53ac"
+  integrity sha512-3cyDsyHgtmi7I7DfSSI2LDp6SK2lwvtbg0p0R1e0RvTqF5ceGx+K2dfSjm1bKDMVCFEDAQvy+o8c6a7VujOddw==
   dependencies:
-    asn1.js "^4.0.0"
-    browserify-aes "^1.0.0"
-    create-hash "^1.1.0"
-    evp_bytestokey "^1.0.0"
-    pbkdf2 "^3.0.3"
-
-path-browserify@~0.0.0:
-  version "0.0.0"
-  resolved "https://registry.yarnpkg.com/path-browserify/-/path-browserify-0.0.0.tgz#a0b870729aae214005b7d5032ec2cbbb0fb4451a"
+    call-bind "^1.0.2"
+    define-properties "^1.1.3"
 
-path-is-absolute@^1.0.0, path-is-absolute@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
+object-keys@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
+  integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
 
-path-parse@^1.0.5:
+optionator@^0.8.1:
+  version "0.8.3"
+  resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495"
+  integrity sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==
+  dependencies:
+    deep-is "~0.1.3"
+    fast-levenshtein "~2.0.6"
+    levn "~0.3.0"
+    prelude-ls "~1.1.2"
+    type-check "~0.3.2"
+    word-wrap "~1.2.3"
+
+overlayscrollbars@^1.13.1:
+  version "1.13.3"
+  resolved "https://registry.yarnpkg.com/overlayscrollbars/-/overlayscrollbars-1.13.3.tgz#992c96fd2c8535802d1e56c40bc12ec03076c626"
+  integrity sha512-1nB/B5kaakJuHXaLXLRK0bUIilWhUGT6q5g+l2s5vqYdLle/sd0kscBHkQC1kuuDg9p9WR4MTdySDOPbeL/86g==
+
+pako@^0.2.5:
+  version "0.2.9"
+  resolved "https://registry.yarnpkg.com/pako/-/pako-0.2.9.tgz#f3f7522f4ef782348da8161bad9ecfd51bf83a75"
+  integrity sha512-NUcwaKxUxWrZLpDG+z/xZaCgQITkA/Dv4V/T6bw7VON6l1Xz/VnrBqrYjZQ12TamKHzITTfOEIYUj48y2KXImA==
+
+pako@~1.0.2:
+  version "1.0.11"
+  resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf"
+  integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==
+
+path-parse@^1.0.7:
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735"
   integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==
 
-path-platform@~0.11.15:
-  version "0.11.15"
-  resolved "https://registry.yarnpkg.com/path-platform/-/path-platform-0.11.15.tgz#e864217f74c36850f0852b78dc7bf7d4a5721bf2"
-
-pbkdf2@^3.0.3:
-  version "3.0.16"
-  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.0.16.tgz#7404208ec6b01b62d85bf83853a8064f8d9c2a5c"
-  dependencies:
-    create-hash "^1.1.2"
-    create-hmac "^1.1.4"
-    ripemd160 "^2.0.1"
-    safe-buffer "^5.0.1"
-    sha.js "^2.4.8"
-
-process-nextick-args@~2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
-
-process@~0.11.0:
-  version "0.11.10"
-  resolved "https://registry.yarnpkg.com/process/-/process-0.11.10.tgz#7332300e840161bda3e69a1d1d91a7d4bc16f182"
-
-public-encrypt@^4.0.0:
-  version "4.0.2"
-  resolved "https://registry.yarnpkg.com/public-encrypt/-/public-encrypt-4.0.2.tgz#46eb9107206bf73489f8b85b69d91334c6610994"
+pdfmake@^0.2.4:
+  version "0.2.7"
+  resolved "https://registry.yarnpkg.com/pdfmake/-/pdfmake-0.2.7.tgz#a7a46532ffde032674929988393c20b075cf65e3"
+  integrity sha512-ClLpgx30H5G3EDvRW1MrA1Xih6YxEaSgIVFrOyBMgAAt62V+hxsyWAi6JNP7u1Fc5JKYAbpb4RRVw8Rhvmz5cQ==
   dependencies:
-    bn.js "^4.1.0"
-    browserify-rsa "^4.0.0"
-    create-hash "^1.1.0"
-    parse-asn1 "^5.0.0"
-    randombytes "^2.0.1"
+    "@foliojs-fork/linebreak" "^1.1.1"
+    "@foliojs-fork/pdfkit" "^0.13.0"
+    iconv-lite "^0.6.3"
+    xmldoc "^1.1.2"
 
-punycode@1.3.2:
-  version "1.3.2"
-  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d"
-
-punycode@^1.3.2:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"
+png-js@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/png-js/-/png-js-1.0.0.tgz#e5484f1e8156996e383aceebb3789fd75df1874d"
+  integrity sha512-k+YsbhpA9e+EFfKjTCH3VW6aoKlyNYI6NYdTfDL4CIvFnvsuO84ttonmZE7rc+v23SLTH8XX+5w/Ak9v0xGY4g==
 
-querystring-es3@~0.2.0:
-  version "0.2.1"
-  resolved "https://registry.yarnpkg.com/querystring-es3/-/querystring-es3-0.2.1.tgz#9ec61f79049875707d69414596fd907a4d711e73"
+popper.js@>=1.10, popper.js@^1.16.1:
+  version "1.16.1"
+  resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
+  integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
 
-querystring@0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.0.tgz#b209849203bb25df820da756e747005878521620"
+prelude-ls@~1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54"
+  integrity sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w==
 
-randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5:
-  version "2.0.6"
-  resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.0.6.tgz#d302c522948588848a8d300c932b44c24231da80"
-  dependencies:
-    safe-buffer "^5.1.0"
+process-nextick-args@~2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
 
-randomfill@^1.0.3:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/randomfill/-/randomfill-1.0.4.tgz#c92196fc86ab42be983f1bf31778224931d61458"
+quote-stream@^1.0.1:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/quote-stream/-/quote-stream-1.0.2.tgz#84963f8c9c26b942e153feeb53aae74652b7e0b2"
+  integrity sha512-kKr2uQ2AokadPjvTyKJQad9xELbZwYzWlNfI3Uz2j/ib5u6H9lDP7fUUR//rMycd0gv4Z5P1qXMfXR8YpIxrjQ==
   dependencies:
-    randombytes "^2.0.5"
-    safe-buffer "^5.1.0"
+    buffer-equal "0.0.1"
+    minimist "^1.1.3"
+    through2 "^2.0.0"
 
-raphael@^2.2.7:
-  version "2.2.7"
-  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.2.7.tgz#231b19141f8d086986d8faceb66f8b562ee2c810"
+"raphael@^2.2.0 || ^2.1.1", raphael@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/raphael/-/raphael-2.3.0.tgz#eabeb09dba861a1d4cee077eaafb8c53f3131f89"
+  integrity sha512-w2yIenZAQnp257XUWGni4bLMVxpUpcIl7qgxEgDIXtmSypYtlNxfXWpOBxs7LBTps5sDwhRnrToJrMUrivqNTQ==
   dependencies:
     eve-raphael "0.5.0"
 
-read-only-stream@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/read-only-stream/-/read-only-stream-2.0.0.tgz#2724fd6a8113d73764ac288d4386270c1dbf17f0"
-  dependencies:
-    readable-stream "^2.0.2"
-
-readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.6:
+readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2:
   version "2.3.6"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
   dependencies:
@@ -964,114 +1242,168 @@ readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
+readable-stream@~2.3.3, readable-stream@~2.3.6:
+  version "2.3.7"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
+  integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.3"
+    isarray "~1.0.0"
+    process-nextick-args "~2.0.0"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.1.1"
+    util-deprecate "~1.0.1"
+
+regexp.prototype.flags@^1.2.0:
+  version "1.4.3"
+  resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.4.3.tgz#87cab30f80f66660181a3bb7bf5981a872b367ac"
+  integrity sha512-fjggEOO3slI6Wvgjwflkc4NFRCTZAu5CnNfBd5qOMYhWdn67nJBBu34/TkD++eeFmd8C9r9jfXJ27+nSiRkSUA==
+  dependencies:
+    call-bind "^1.0.2"
+    define-properties "^1.1.3"
+    functions-have-names "^1.2.2"
+
 resolve@1.1.7:
   version "1.1.7"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
 
-resolve@^1.1.4, resolve@^1.4.0:
-  version "1.7.1"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.7.1.tgz#aadd656374fd298aee895bc026b8297418677fd3"
-  dependencies:
-    path-parse "^1.0.5"
-
-ripemd160@^2.0.0, ripemd160@^2.0.1:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-2.0.2.tgz#a1c1a6f624751577ba5d07914cbc92850585890c"
+resolve@^1.1.5:
+  version "1.22.1"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.1.tgz#27cb2ebb53f91abb49470a928bba7558066ac177"
+  integrity sha512-nBpuuYuY5jFsli/JIs1oldw6fOQCBioohqWZg/2hiaOybXOft4lonv85uDOKXdf8rhyK159cxU5cDcK/NKk8zw==
   dependencies:
-    hash-base "^3.0.0"
-    inherits "^2.0.1"
+    is-core-module "^2.9.0"
+    path-parse "^1.0.7"
+    supports-preserve-symlinks-flag "^1.0.0"
 
-safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
 
-select2@^4.0.3:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.5.tgz#7aac50692561985b34d3b82ec55e226f8960d40a"
-  dependencies:
-    almond "~0.3.1"
-    jquery-mousewheel "~3.1.13"
-
-sha.js@^2.4.0, sha.js@^2.4.8, sha.js@~2.4.4:
-  version "2.4.11"
-  resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
-  dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
-
-shasum@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/shasum/-/shasum-1.0.2.tgz#e7012310d8f417f4deb5712150e5678b87ae565f"
-  dependencies:
-    json-stable-stringify "~0.0.0"
-    sha.js "~2.4.4"
+"safer-buffer@>= 2.1.2 < 3.0.0":
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
+  integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
+
+sax@^1.2.4:
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
+  integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
+
+scope-analyzer@^2.0.1:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/scope-analyzer/-/scope-analyzer-2.1.2.tgz#b958162feb59823c2835c7b0229187a97c77e9cd"
+  integrity sha512-5cfCmsTYV/wPaRIItNxatw02ua/MThdIUNnUOCYp+3LSEJvnG804ANw2VLaavNILIfWXF1D1G2KNANkBBvInwQ==
+  dependencies:
+    array-from "^2.1.1"
+    dash-ast "^2.0.1"
+    es6-map "^0.1.5"
+    es6-set "^0.1.5"
+    es6-symbol "^3.1.1"
+    estree-is-function "^1.0.0"
+    get-assigned-identifiers "^1.1.0"
+
+select2@^4.0.13:
+  version "4.0.13"
+  resolved "https://registry.yarnpkg.com/select2/-/select2-4.0.13.tgz#0dbe377df3f96167c4c1626033e924372d8ef44d"
+  integrity sha512-1JeB87s6oN/TDxQQYCvS5EFoQyvV6eYMZZ0AeA4tdFDYWN3BAGZ8npr17UBFddU0lgAt3H0yjX3X6/ekOj1yjw==
 
-shell-quote@^1.6.1:
-  version "1.7.3"
-  resolved "https://registry.yarnpkg.com/shell-quote/-/shell-quote-1.7.3.tgz#aa40edac170445b9a431e17bb62c0b881b9c4123"
-  integrity sha512-Vpfqwm4EnqGdlsBFNmHhxhElJYrdfcxPThu+ryKS5J8L/fhAwLazFZtq+S+TWZ9ANj2piSQLGj6NQg+lKPmxrw==
+setimmediate@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
+  integrity sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==
 
-slimscroll@^0.9.1:
-  version "0.9.1"
-  resolved "https://registry.yarnpkg.com/slimscroll/-/slimscroll-0.9.1.tgz#f675cdc601d80ada20f16004d227d156fd1187b2"
-  dependencies:
-    browserify ">=3.46.0"
-    classie ">=0.0.1"
-    domhelper "~0.9.0"
-    util-extend "^1.0.1"
+shallow-copy@~0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/shallow-copy/-/shallow-copy-0.0.1.tgz#415f42702d73d810330292cc5ee86eae1a11a170"
+  integrity sha512-b6i4ZpVuUxB9h5gfCxPiusKYkqTMOjEbBs4wMaFbkfia4yFv92UKZ6Df8WXcKbn08JNL/abvg3FnMAOfakDvUw==
 
-source-map@~0.5.3:
+source-map@^0.5.6:
   version "0.5.7"
   resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
+  integrity sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==
 
-stream-browserify@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/stream-browserify/-/stream-browserify-2.0.1.tgz#66266ee5f9bdb9940a4e4514cafb43bb71e5c9db"
+source-map@~0.1.30:
+  version "0.1.43"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.1.43.tgz#c24bc146ca517c1471f5dacbe2571b2b7f9e3346"
+  integrity sha512-VtCvB9SIQhk3aF6h+N85EaqIaBFIAfZ9Cu+NJHHVvc8BbEcnvDcFw6sqQ2dQrT6SlOrZq3tIvyD9+EGq/lJryQ==
   dependencies:
-    inherits "~2.0.1"
-    readable-stream "^2.0.2"
+    amdefine ">=0.0.4"
 
-stream-combiner2@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe"
-  dependencies:
-    duplexer2 "~0.1.0"
-    readable-stream "^2.0.2"
+source-map@~0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
+  integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
 
-stream-http@^2.0.0:
-  version "2.8.3"
-  resolved "https://registry.yarnpkg.com/stream-http/-/stream-http-2.8.3.tgz#b2d242469288a5a27ec4fe8933acf623de6514fc"
-  dependencies:
-    builtin-status-codes "^3.0.0"
-    inherits "^2.0.1"
-    readable-stream "^2.3.6"
-    to-arraybuffer "^1.0.0"
-    xtend "^4.0.0"
+sourcemap-codec@^1.4.1:
+  version "1.4.8"
+  resolved "https://registry.yarnpkg.com/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz#ea804bd94857402e6992d05a38ef1ae35a9ab4c4"
+  integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
 
-stream-splicer@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/stream-splicer/-/stream-splicer-2.0.0.tgz#1b63be438a133e4b671cc1935197600175910d83"
+sparklines@^1.3.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/sparklines/-/sparklines-1.3.0.tgz#08015a34c295b62196b91e98df53bfbcb1fde175"
+  integrity sha512-CkFtpDE3hmOeu1IJyIQIOH0AQtHnPj1c61ALxJZQ9cPEFKDgWC1fcNAHuwPi1i1klTDYvlKKseoYHSwe7JmdLA==
+
+static-eval@^2.0.5:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/static-eval/-/static-eval-2.1.0.tgz#a16dbe54522d7fa5ef1389129d813fd47b148014"
+  integrity sha512-agtxZ/kWSsCkI5E4QifRwsaPs0P0JmZV6dkLz6ILYfFYQGn+5plctanRN+IC8dJRiFkyXHrwEE3W9Wmx67uDbw==
   dependencies:
-    inherits "^2.0.1"
-    readable-stream "^2.0.2"
+    escodegen "^1.11.1"
 
-string_decoder@^1.1.1, string_decoder@~1.1.1:
+static-module@^3.0.2:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/static-module/-/static-module-3.0.4.tgz#bfbd1d1c38dd1fbbf0bb4af0c1b3ae18a93a2b68"
+  integrity sha512-gb0v0rrgpBkifXCa3yZXxqVmXDVE+ETXj6YlC/jt5VzOnGXR2C15+++eXuMDUYsePnbhf+lwW0pE1UXyOLtGCw==
+  dependencies:
+    acorn-node "^1.3.0"
+    concat-stream "~1.6.0"
+    convert-source-map "^1.5.1"
+    duplexer2 "~0.1.4"
+    escodegen "^1.11.1"
+    has "^1.0.1"
+    magic-string "0.25.1"
+    merge-source-map "1.0.4"
+    object-inspect "^1.6.0"
+    readable-stream "~2.3.3"
+    scope-analyzer "^2.0.1"
+    shallow-copy "~0.0.1"
+    static-eval "^2.0.5"
+    through2 "~2.0.3"
+
+string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
   dependencies:
     safe-buffer "~5.1.0"
 
-subarg@^1.0.0:
+summernote@^0.8.20:
+  version "0.8.20"
+  resolved "https://registry.yarnpkg.com/summernote/-/summernote-0.8.20.tgz#395905f2cec0aceebc712edc019d91b8ef88f7cf"
+  integrity sha512-W9RhjQjsn+b1s9xiJQgJbCiYGJaDAc9CdEqXo+D13WuStG8lCdtKaO5AiNiSSMJsQJN2EfGSwbBQt+SFE2B8Kw==
+
+supports-preserve-symlinks-flag@^1.0.0:
   version "1.0.0"
-  resolved "https://registry.yarnpkg.com/subarg/-/subarg-1.0.0.tgz#f62cf17581e996b48fc965699f54c06ae268b8d2"
-  dependencies:
-    minimist "^1.1.0"
+  resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09"
+  integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==
 
-syntax-error@^1.1.1:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/syntax-error/-/syntax-error-1.4.0.tgz#2d9d4ff5c064acb711594a3e3b95054ad51d907c"
+sweetalert2@^11.4.0:
+  version "11.7.1"
+  resolved "https://registry.yarnpkg.com/sweetalert2/-/sweetalert2-11.7.1.tgz#e015b824fec3dcd174babbfedd30d989118c6783"
+  integrity sha512-+1bnkbqBl64FnZmi3g4SzAi4F3pL3S2jF1YQvrysv4GbgizfeFqGkJopxR3FnV/eJm6w2SQ2oAmCxSIBjgP/ag==
+
+tempusdominus-bootstrap-4@^5.39.0:
+  version "5.39.2"
+  resolved "https://registry.yarnpkg.com/tempusdominus-bootstrap-4/-/tempusdominus-bootstrap-4-5.39.2.tgz#f8f12194287eb6f159e9b9d94a441abb54daf94d"
+  integrity sha512-8Au4miSAsMGdsElPg87EUmsN7aGJFaRA5Y8Ale7dDTfhhnQL1Za53LclIJkq+t/7NO5+Ufr1jY7tmEPvWGHaVg==
   dependencies:
-    acorn-node "^1.2.0"
+    bootstrap "^4.6.1"
+    jquery "^3.6.0"
+    moment "^2.29.2"
+    moment-timezone "^0.5.34"
+    popper.js "^1.16.1"
 
 through2@^2.0.0:
   version "2.0.3"
@@ -1080,67 +1412,94 @@ through2@^2.0.0:
     readable-stream "^2.1.5"
     xtend "~4.0.1"
 
-"through@>=2.2.7 <3":
+through2@~2.0.3:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
+  integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
+  dependencies:
+    readable-stream "~2.3.6"
+    xtend "~4.0.1"
+
+through@~2.3.4:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
+  integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==
+
+tiny-inflate@^1.0.0, tiny-inflate@^1.0.2:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/tiny-inflate/-/tiny-inflate-1.0.3.tgz#122715494913a1805166aaf7c93467933eea26c4"
+  integrity sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==
 
-timers-browserify@^1.0.1:
-  version "1.4.2"
-  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-1.4.2.tgz#c9c58b575be8407375cb5e2462dacee74359f41d"
+toastr@^2.1.4:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/toastr/-/toastr-2.1.4.tgz#8b43be64fb9d0c414871446f2db8e8ca4e95f181"
+  integrity sha512-LIy77F5n+sz4tefMmFOntcJ6HL0Fv3k1TDnNmFZ0bU/GcvIIfy6eG2v7zQmMiYgaalAiUv75ttFrPn5s0gyqlA==
   dependencies:
-    process "~0.11.0"
+    jquery ">=1.12.0"
 
-to-arraybuffer@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43"
+type-check@~0.3.2:
+  version "0.3.2"
+  resolved "https://registry.yarnpkg.com/type-check/-/type-check-0.3.2.tgz#5884cab512cf1d355e3fb784f30804b2b520db72"
+  integrity sha512-ZCmOJdvOWDBYJlzAoFkC+Q0+bUyEOS1ltgp1MGU03fqHG+dbi9tBFU2Rd9QKiDZFAYrhPh2JUf7rZRIuHRKtOg==
+  dependencies:
+    prelude-ls "~1.1.2"
 
-tty-browserify@0.0.1:
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/tty-browserify/-/tty-browserify-0.0.1.tgz#3f05251ee17904dfd0677546670db9651682b811"
+type@^1.0.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/type/-/type-1.2.0.tgz#848dd7698dafa3e54a6c479e759c4bc3f18847a0"
+  integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==
+
+type@^2.7.2:
+  version "2.7.2"
+  resolved "https://registry.yarnpkg.com/type/-/type-2.7.2.tgz#2376a15a3a28b1efa0f5350dcf72d24df6ef98d0"
+  integrity sha512-dzlvlNlt6AXU7EBSfpAscydQ7gXB+pPGsPnfJnZpiNJBDj7IaJzQlBZYGdEi4R9HmPdBv2XmWJ6YUtoTa7lmCw==
 
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
 
-umd@^3.0.0:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/umd/-/umd-3.0.3.tgz#aa9fe653c42b9097678489c01000acb69f0b26cf"
+unicode-properties@^1.2.2:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/unicode-properties/-/unicode-properties-1.4.1.tgz#96a9cffb7e619a0dc7368c28da27e05fc8f9be5f"
+  integrity sha512-CLjCCLQ6UuMxWnbIylkisbRj31qxHPAurvena/0iwSVbQ2G1VY5/HjV0IRabOEbDHlzZlRdCrD4NhB0JtU40Pg==
+  dependencies:
+    base64-js "^1.3.0"
+    unicode-trie "^2.0.0"
 
-url@~0.11.0:
-  version "0.11.0"
-  resolved "https://registry.yarnpkg.com/url/-/url-0.11.0.tgz#3838e97cfc60521eb73c525a8e55bfdd9e2e28f1"
+unicode-trie@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/unicode-trie/-/unicode-trie-2.0.0.tgz#8fd8845696e2e14a8b67d78fa9e0dd2cad62fec8"
+  integrity sha512-x7bc76x0bm4prf1VLg79uhAzKw8DVboClSN5VxJuQ+LKDOVEW9CdH+VY7SP+vX7xCYQqzzgQpFqz15zeLvAtZQ==
   dependencies:
-    punycode "1.3.2"
-    querystring "0.2.0"
+    pako "^0.2.5"
+    tiny-inflate "^1.0.0"
+
+universalify@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717"
+  integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==
+
+uplot@^1.6.18:
+  version "1.6.24"
+  resolved "https://registry.yarnpkg.com/uplot/-/uplot-1.6.24.tgz#dfa213fa7da92763261920ea972ed1a5f9f6af12"
+  integrity sha512-WpH2BsrFrqxkMu+4XBvc0eCDsRBhzoq9crttYeSI0bfxpzR5YoSVzZXOKFVWcVC7sp/aDXrdDPbDZGCtck2PVg==
 
 util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
 
-util-extend@^1.0.1:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/util-extend/-/util-extend-1.0.3.tgz#a7c216d267545169637b3b6edc6ca9119e2ff93f"
-
-util@0.10.3:
-  version "0.10.3"
-  resolved "https://registry.yarnpkg.com/util/-/util-0.10.3.tgz#7afb1afe50805246489e3db7fe0ed379336ac0f9"
-  dependencies:
-    inherits "2.0.1"
+word-wrap@~1.2.3:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c"
+  integrity sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==
 
-util@~0.10.1:
-  version "0.10.4"
-  resolved "https://registry.yarnpkg.com/util/-/util-0.10.4.tgz#3aa0125bfe668a4672de58857d3ace27ecb76901"
+xmldoc@^1.1.2:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/xmldoc/-/xmldoc-1.2.0.tgz#7554371bfd8c138287cff01841ae4566d26e5541"
+  integrity sha512-2eN8QhjBsMW2uVj7JHLHkMytpvGHLHxKXBy4J3fAT/HujsEtM6yU84iGjpESYGHg6XwK0Vu4l+KgqQ2dv2cCqg==
   dependencies:
-    inherits "2.0.3"
-
-vm-browserify@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.0.1.tgz#a15d7762c4c48fa6bf9f3309a21340f00ed23063"
-
-wrappy@1:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
+    sax "^1.2.4"
 
-xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1:
+xtend@^4.0.1, xtend@~4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"

From 7a61c56c4940f260a6feae540f985f56e3d56586 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Sat, 18 Feb 2023 17:38:43 +0000
Subject: [PATCH 210/475] Fix reqs and Flask Migrate Order

---
 migrations/env.py                             |  46 ++---
 ...add_unique_index_to_settings_table_keys.py |   6 +-
 powerdnsadmin/assets.py                       |   6 +-
 powerdnsadmin/templates/errors/400.html       |   2 +-
 powerdnsadmin/templates/errors/403.html       |   2 +-
 powerdnsadmin/templates/errors/404.html       |   2 +-
 powerdnsadmin/templates/errors/500.html       |   2 +-
 powerdnsadmin/templates/errors/SAML.html      |   2 +-
 requirements.txt                              |  62 +++---
 yarn.lock                                     | 191 +++++++++---------
 10 files changed, 155 insertions(+), 166 deletions(-)

diff --git a/migrations/env.py b/migrations/env.py
index 8b3fb3353..4742e1418 100755
--- a/migrations/env.py
+++ b/migrations/env.py
@@ -1,13 +1,8 @@
 from __future__ import with_statement
-
-import logging
-from logging.config import fileConfig
-
-from sqlalchemy import engine_from_config
-from sqlalchemy import pool
-from flask import current_app
-
 from alembic import context
+from sqlalchemy import engine_from_config, pool
+from logging.config import fileConfig
+import logging
 
 # this is the Alembic Config object, which provides
 # access to the values within the .ini file in use.
@@ -22,9 +17,9 @@
 # for 'autogenerate' support
 # from myapp import mymodel
 # target_metadata = mymodel.Base.metadata
-config.set_main_option(
-    'sqlalchemy.url',
-    str(current_app.extensions['migrate'].db.engine.url).replace('%', '%%'))
+from flask import current_app
+config.set_main_option('sqlalchemy.url',
+                       current_app.config.get('SQLALCHEMY_DATABASE_URI').replace("%","%%"))
 target_metadata = current_app.extensions['migrate'].db.metadata
 
 # other values from the config, defined by the needs of env.py,
@@ -46,9 +41,7 @@ def run_migrations_offline():
 
     """
     url = config.get_main_option("sqlalchemy.url")
-    context.configure(
-        url=url, target_metadata=target_metadata, literal_binds=True
-    )
+    context.configure(url=url)
 
     with context.begin_transaction():
         context.run_migrations()
@@ -72,23 +65,22 @@ def process_revision_directives(context, revision, directives):
                 directives[:] = []
                 logger.info('No changes in schema detected.')
 
-    connectable = engine_from_config(
-        config.get_section(config.config_ini_section),
-        prefix='sqlalchemy.',
-        poolclass=pool.NullPool,
-    )
+    engine = engine_from_config(config.get_section(config.config_ini_section),
+                                prefix='sqlalchemy.',
+                                poolclass=pool.NullPool)
 
-    with connectable.connect() as connection:
-        context.configure(
-            connection=connection,
-            target_metadata=target_metadata,
-            process_revision_directives=process_revision_directives,
-            **current_app.extensions['migrate'].configure_args
-        )
+    connection = engine.connect()
+    context.configure(connection=connection,
+                      target_metadata=target_metadata,
+                      process_revision_directives=process_revision_directives,
+                      render_as_batch=config.get_main_option('sqlalchemy.url').startswith('sqlite:'),
+                      **current_app.extensions['migrate'].configure_args)
 
+    try:
         with context.begin_transaction():
             context.run_migrations()
-
+    finally:
+        connection.close()
 
 if context.is_offline_mode():
     run_migrations_offline()
diff --git a/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py b/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py
index 48cfbe956..63ae3eb37 100644
--- a/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py
+++ b/migrations/versions/b24bf17725d2_add_unique_index_to_settings_table_keys.py
@@ -1,8 +1,8 @@
 """Add unique index to settings table keys
 
 Revision ID: b24bf17725d2
-Revises: 0967658d9c0d
-Create Date: 2021-12-12 20:29:17.103441
+Revises: f41520e41cee
+Create Date: 2023-02-18 00:00:00.000000
 
 """
 from alembic import op
@@ -11,7 +11,7 @@
 
 # revision identifiers, used by Alembic.
 revision = 'b24bf17725d2'
-down_revision = '0967658d9c0d'
+down_revision = 'f41520e41cee'
 branch_labels = None
 depends_on = None
 
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 7ad973f31..52e8d2698 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -12,7 +12,7 @@ def concat(self, out, hunks, **kw):
     out.write(';'.join([h.data() for h, info in hunks]))
 
 css_login = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
+  'node_modules/@fortawesome/fontawesome-free/css/all.css',
   'node_modules/icheck/skins/square/blue.css',
   'node_modules/admin-lte/dist/css/adminlte.css',
   filters=('cssmin', 'cssrewrite'),
@@ -31,8 +31,8 @@ def concat(self, out, hunks, **kw):
   output='generated/validation.js')
 
 css_main = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.min.css',
-  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.min.css',
+  'node_modules/@fortawesome/fontawesome-free/css/all.css',
+  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.css',
   'node_modules/icheck/skins/square/blue.css',
   'node_modules/multiselect/css/multi-select.css',
   'node_modules/admin-lte/dist/css/adminlte.css',
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index b6ea84c7f..d04363660 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Bad request
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index 44c75277f..a1063927b 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Access denied
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 70040a524..1e89d15c1 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! You're lost
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index c92c104dd..076548c63 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -35,7 +35,7 @@ <h2 class="headline text-yellow">
       </h2>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <p>
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index a88c388ac..72a583f64 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -39,7 +39,7 @@ <h1 class="headline text-yellow" style="font-size:46px;">
       <br/>
       <div class="error-content">
         <h3>
-          <i class="fas fa-exclamation-triangle text-yellow"></i>
+          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
           Oops! Something went wrong
         </h3>
         <br>
diff --git a/requirements.txt b/requirements.txt
index 9087be43d..b50683b7d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,44 +1,44 @@
-Flask==2.2.2
+Authlib==1.2.0
 Flask-Assets==2.0
 Flask-Login==0.6.2
-Flask-SQLAlchemy==3.0.2
-Flask-Migrate==4.0.0
 Flask-Mail==0.9.1
+Flask-Migrate==2.5.3
+Flask-SQLAlchemy==2.5.1
 Flask-SSLify==0.1.5
-Flask-Session==0.4.0
 Flask-SeaSurf==1.1.1
-SQLAlchemy==1.4.45
-mysqlclient==2.1.1
-configobj==5.0.8
+Flask-Session==0.4.0
+Flask==2.1.3
+Jinja2==3.1.2
+PyYAML==5.4
+SQLAlchemy==1.3.24
+#alembic==1.9.0
 bcrypt==4.0.1
-requests==2.28.2
-python-ldap==3.4.3
-pyotp==2.8.0
-qrcode==7.3.1
-dnspython>=2.3.0
-gunicorn==20.1.0
-python3-saml==1.14.0
-pytz==2022.7.1
-cssmin==0.2.0
-rjsmin==1.2.1
-Authlib==1.2.0
 bravado-core==5.17.1
-lima==0.5
-pytest==7.2.1
-jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
-pytimeparse==1.1.8
-alembic==1.9.0
 certifi==2022.12.7
 cffi==1.15.1
+configobj==5.0.8
+cryptography==36.0.2
+cssmin==0.2.0
+dnspython>=2.3.0
+flask_session_captcha==1.3.0
+gunicorn==20.1.0
+itsdangerous==2.1.2
+jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
+lima==0.5
+lxml==4.6.5
+mysqlclient==2.0.1
 passlib==1.7.4
+#pyOpenSSL==22.1.0
 pyasn1==0.4.8
+pyotp==2.8.0
+pytest==7.2.1
+python-ldap==3.4.3
+python3-saml==1.14.0
+pytimeparse==1.1.8
+pytz==2022.7.1
+qrcode==7.3.1
+requests==2.28.2
+rjsmin==1.2.1
 webcolors==1.12
+werkzeug==2.1.2
 zipp==3.11.0
-pyOpenSSL==22.1.0
-PyYAML==6.0
-Jinja2==3.1.2
-itsdangerous==2.1.2
-werkzeug==2.2.2
-cryptography==38.0.0
-flask_session_captcha==1.3.0
-lxml==4.6.5
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 6225dfe8a..566bbab7b 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -68,15 +68,23 @@
   integrity sha512-gAj8qNy/VYwQDBkACm0USM66kxFai8flX83ayRXPNhzZckEgSqIBB9sM74SCM3ssgeX+ZVy4BifTnLis+KpIyg==
 
 acorn-node@^1.3.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/acorn-node/-/acorn-node-1.3.0.tgz#5f86d73346743810ef1269b901dbcbded020861b"
+  version "1.8.2"
+  resolved "https://registry.yarnpkg.com/acorn-node/-/acorn-node-1.8.2.tgz#114c95d64539e53dede23de8b9d96df7c7ae2af8"
+  integrity sha512-8mt+fslDufLYntIoPAaIMUe/lrbrehIiwmR3t2k9LljIzoigEPF27eLk2hy8zSGzmR/ogr7zbRKINMo1u0yh5A==
   dependencies:
-    acorn "^5.4.1"
-    xtend "^4.0.1"
+    acorn "^7.0.0"
+    acorn-walk "^7.0.0"
+    xtend "^4.0.2"
+
+acorn-walk@^7.0.0:
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-7.2.0.tgz#0de889a601203909b0fbe07b8938dc21d2e967bc"
+  integrity sha512-OPdCF6GsMIP+Az+aWfAAOEt2/+iVDKE7oy6lJ098aoe59oAmK76qV6Gw60SbZ8jHuG2wH058GF4pLFbYamYrVA==
 
-acorn@^5.4.1:
-  version "5.6.2"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.6.2.tgz#b1da1d7be2ac1b4a327fb9eab851702c5045b4e7"
+acorn@^7.0.0:
+  version "7.4.1"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa"
+  integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==
 
 admin-lte@3.2.0:
   version "3.2.0"
@@ -208,6 +216,7 @@ bootstrap-switch@3.3.4:
 bootstrap-validator@^0.11.9:
   version "0.11.9"
   resolved "https://registry.yarnpkg.com/bootstrap-validator/-/bootstrap-validator-0.11.9.tgz#fb7058eef53623e78f5aa7967026f98f875a9404"
+  integrity sha512-BJlnaTeFNr5+SNtZ71DNaiFx7qY0X2c7m/KvZE1GiVXbyD8PihJlALvS6TeRGUs8mY8qga/LrhG80N9dw8UWqA==
 
 bootstrap4-duallistbox@^4.0.2:
   version "4.0.2"
@@ -273,8 +282,9 @@ buffer-equal@0.0.1:
   integrity sha512-RgSV6InVQ9ODPdLWJ5UAqBqJBOg370Nz6ZQtRzpt6nUjc8v0St97uJ4PYC6NztqIScrAXafKM3mZPMygSe1ggA==
 
 buffer-from@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.0.tgz#87fcaa3a298358e0ade6e442cfce840740d1ad04"
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.2.tgz#2b146a6fd72e80b4f55d255f35ed59a3a9a41bd5"
+  integrity sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==
 
 call-bind@^1.0.2:
   version "1.0.2"
@@ -337,6 +347,7 @@ color-name@^1.0.0:
 concat-stream@~1.6.0:
   version "1.6.2"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
+  integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==
   dependencies:
     buffer-from "^1.0.0"
     inherits "^2.0.3"
@@ -349,8 +360,9 @@ convert-source-map@^1.5.1:
   integrity sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==
 
 core-util-is@~1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85"
+  integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
 
 crypto-js@^4.0.0:
   version "4.1.1"
@@ -371,43 +383,43 @@ dash-ast@^2.0.1:
   integrity sha512-5TXltWJGc+RdnabUGzhRae1TRq6m4gr+3K2wQX0is5/F2yS6MJXJvLyI3ErAnsAXuJoGqvfVD5icRgim07DrxQ==
 
 datatables.net-autofill-bs4@^2.3.9:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-autofill-bs4/-/datatables.net-autofill-bs4-2.5.1.tgz#2c5fefe6076f95bf40313a8ec4cad4c36a4b20df"
-  integrity sha512-5oCgfpte/IEPFKBGGEuEKE0qVmSkKCJ8bkqNOKLghemado5ldOcU9WZysVyk3L72nQMHnXlB4CNex6qj9Snu5w==
+  version "2.5.2"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill-bs4/-/datatables.net-autofill-bs4-2.5.2.tgz#0257db3f67b3f0b53d843860313f3f59e038110d"
+  integrity sha512-k8SU+S0fa8iX2vJLdzfykpawIRNXRygX6pZJZ52zcEMh6pO7wYKFblH4A6N9ToPrkF22lW5kYHqshEb+GMZLiA==
   dependencies:
     datatables.net-autofill ">=2.4.0"
     datatables.net-bs4 ">=1.12.1"
     jquery ">=1.7"
 
 datatables.net-autofill@>=2.4.0:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-autofill/-/datatables.net-autofill-2.5.1.tgz#8a92a180b9174c8061700d66e26dece2a650f9b1"
-  integrity sha512-HuBx0KOxQVmQooQahlsi3a9DXhZB+kvRtC5ZPjDVKiJ1rV3NCc4Q/s4Q6Go4TjKd013uFcifLca9GJnbpx4wng==
+  version "2.5.2"
+  resolved "https://registry.yarnpkg.com/datatables.net-autofill/-/datatables.net-autofill-2.5.2.tgz#aded13e7373718ea0c8e154cf2d70e02219a9643"
+  integrity sha512-sMkHTVv3I8shEt4Qvf3y9Hfp3XLTe8wMi1tMclJw5OV9NOL5UkuHmBkQeJUegZWOBZ6sivYjOvOX7H8AI6OHMg==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
 
 datatables.net-bs4@>=1.10.25, datatables.net-bs4@>=1.12.1, datatables.net-bs4@^1.11.4:
-  version "1.13.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-bs4/-/datatables.net-bs4-1.13.1.tgz#b704d9639bbe650c996e614dc37f529e8c09ff47"
-  integrity sha512-GBTOzUT8ooEUMPtjVHktvDk0MyakFGh89F8aHj8VwF1OFLbqTGEAPacO8XAgSfej/Ng3dbFJA6sjrk4gFra8kg==
+  version "1.13.2"
+  resolved "https://registry.yarnpkg.com/datatables.net-bs4/-/datatables.net-bs4-1.13.2.tgz#681b77d5dfd755019dd1266aa8fa69ca2c2513b7"
+  integrity sha512-sr5D4pV+VqIfPGPh3oKQDu+denk/bZ3ObyAYp/EbQLoLw2U6dvVJifHeccCC5M+ZhYtucHVID/qpbswx90QQHA==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
 
 datatables.net-buttons-bs4@^2.2.2:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs4/-/datatables.net-buttons-bs4-2.3.3.tgz#11655db6218f129dce04c043decbd4e36e02bf8c"
-  integrity sha512-u028LSQrwK7V+w1nIrQFcyFe8uNZriOzc8AuTvACF+cTlZeDq6ch40dXy5e8Vsaad2xSopJAQ189zPOIGdUlqw==
+  version "2.3.4"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons-bs4/-/datatables.net-buttons-bs4-2.3.4.tgz#8c3de0f9b447828e55f8752c70889a83bf846ca8"
+  integrity sha512-rg1OpsPxbXeYStcsHHeh1NnvCIMKnnyKk0cnrNyGck5DJFFunKNySqJk2t1MkQrpEN1NibeuqyMCjfsAx5TQHg==
   dependencies:
     datatables.net-bs4 ">=1.12.1"
     datatables.net-buttons ">=2.2.3"
     jquery ">=1.7"
 
 datatables.net-buttons@>=2.2.3:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-2.3.3.tgz#d54918ac82c681a0d58151d555ed690f40fef614"
-  integrity sha512-jK/hGF+NEj6CxDHKlpQiSu280G00VgL57SPyLbOA+DrmUd6wSGmdco0ztzYsbe9hzLJ3QnmB5LTpPPrBf8985Q==
+  version "2.3.4"
+  resolved "https://registry.yarnpkg.com/datatables.net-buttons/-/datatables.net-buttons-2.3.4.tgz#85b88baed81d380cb04c06608d549c8868326ece"
+  integrity sha512-1fe/aiKBdKbwJ5j0OobP2dzhbg/alGOphnTfLFGaqlP5yVxDCfcZ9EsuglYeHRJ/KnU7DZ8BgsPFiTE0tOFx8Q==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
@@ -464,18 +476,18 @@ datatables.net-fixedheader@>=3.2.4:
     jquery ">=1.7"
 
 datatables.net-keytable-bs4@^2.6.4:
-  version "2.8.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-keytable-bs4/-/datatables.net-keytable-bs4-2.8.0.tgz#fa36bf33eb5591a998f0fe361851f496487e12ed"
-  integrity sha512-QzkT+CHndZNfUYzzwAMtzHbDRNw5M6yIwWhGClX6/9i9NJ/dLwFzE5pZumL+6EOYyRU5Bwz9fF5NgaIXKqBXAQ==
+  version "2.8.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable-bs4/-/datatables.net-keytable-bs4-2.8.1.tgz#be1f54e12a0d72e2288585fba9b0d87f404ad2ae"
+  integrity sha512-1RAE6oC8z7EnWXFfi1sbilYpeUyrK3j0MDCH5Bm6DfIsT7fnchjUEzgBy3Nr9+uE5edFUb7FNW0VQjTZKjFd2g==
   dependencies:
     datatables.net-bs4 ">=1.12.1"
     datatables.net-keytable ">=2.7.0"
     jquery ">=1.7"
 
 datatables.net-keytable@>=2.7.0:
-  version "2.8.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-keytable/-/datatables.net-keytable-2.8.0.tgz#aabd44fbcb5e38a0b24d43718808a4955e0e6b2c"
-  integrity sha512-fZBCdBvB1hbJko80YhWcu30WmO7Mrpa2N9b9C8HOcbYjDGP8R3lkswtZj+RopQdFqh42cFn+/jXC9lC+xOWEtA==
+  version "2.8.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-keytable/-/datatables.net-keytable-2.8.1.tgz#fc30e5646428fa2c2bd7ea38f50003ebcf9cb373"
+  integrity sha512-ch9O35OSUgwTCb9cJXV6ABRQ8l296cg/UEtPmLjto9CHVL/XF7o0ZwzvKWevnabXmTVbudfB647mrUtkFd/8og==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
@@ -520,18 +532,18 @@ datatables.net-rowgroup@>=1.2.0:
     jquery ">=1.7"
 
 datatables.net-rowreorder-bs4@^1.2.8:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder-bs4/-/datatables.net-rowreorder-bs4-1.3.1.tgz#1ceaabb5d8b8b45b92f81531eeece3c6649439d9"
-  integrity sha512-wrprtbvyEG0Cg78NbG2pSjTo6KhoEAiI5LmsELv0e6zK4EXOUk+EVatrFaYwK1LARVVSFznpIvPAskZpsV2wBA==
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder-bs4/-/datatables.net-rowreorder-bs4-1.3.2.tgz#488c883b103ebdf1190800bacd3c58998caf820c"
+  integrity sha512-tzPefl59gbw4qytRtwfPGTA49O6Gf2J7jL1xvhR2px2fcKHP2RqNJaHtnBk9nhqTJNWc9YPPy2wtbkIFIkswqQ==
   dependencies:
     datatables.net-bs4 ">=1.12.1"
     datatables.net-rowreorder ">=1.2.8"
     jquery ">=1.7"
 
 datatables.net-rowreorder@>=1.2.8:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder/-/datatables.net-rowreorder-1.3.1.tgz#a745927bdd27412005ce6a38f88cf1e08380951c"
-  integrity sha512-HZXlyZOdm0riGm7MZK61RapBZUimooKL1GuVu7xuJE0Rpv3/1RasdMzWV3hfkUVKNKBhvEAD06SYI/kXxqABaw==
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/datatables.net-rowreorder/-/datatables.net-rowreorder-1.3.2.tgz#ffd183ee68908cb9dad7dfd20ef1d4c761900e39"
+  integrity sha512-zF2nsYEdteqIPojl+8ADDF1uMR9v7WttQlMiYkz/5qaNMaMj6GUbrql4eXPFBFH87CKTqnN9fL0HH0CRvewKBg==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
@@ -580,34 +592,34 @@ datatables.net-searchpanes-bs4@^1.4.0:
     jquery ">=1.7"
 
 datatables.net-searchpanes@>=1.3.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes/-/datatables.net-searchpanes-2.1.0.tgz#e67fa2e8ce452a8c6fcebc69cddb101cf4208cf2"
-  integrity sha512-MA5rvXxqqCI0wBcAjrA0Bpp7QynWsjfpH2ZlhiTrBjsilYfn5oGPSSwsJxLO7unolmnhm+iuqethlWNyo9TC6Q==
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/datatables.net-searchpanes/-/datatables.net-searchpanes-2.1.1.tgz#c7d506636d5894b4304a6aa2be7172b17ab6e2f9"
+  integrity sha512-WsgnK8C/jCco9oRcpsVaImgTCiD7hk28dLHBmlpbvbIHMHCAhLPn0zVnCB3yInoNC/7kOGKpkeItpIpFHDMnhA==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
 
 datatables.net-select-bs4@^1.3.4:
-  version "1.5.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-select-bs4/-/datatables.net-select-bs4-1.5.0.tgz#a4514dd49ea67c525c2083ef455c552a010ea6cb"
-  integrity sha512-x70tepWUQKDYFHejk2o1zR4HBqH7Idz4cMTemdeM8oT7lmRnGb9gbiUoYMgwc5h2S2jkDYeIkvQWWMsI17shCg==
+  version "1.6.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select-bs4/-/datatables.net-select-bs4-1.6.0.tgz#56d37ba8f22bff02cf627819a76612e5625c0294"
+  integrity sha512-oHClu+R1IMpttFse0cAdUhl4uLHGgoHrFEU/QxpASOQLd1h4CtkiVnmDr0fFRvm6XZMRTNt5xgYgwr262YuXyQ==
   dependencies:
     datatables.net-bs4 ">=1.12.1"
     datatables.net-select ">=1.4.0"
     jquery ">=1.7"
 
 datatables.net-select@>=1.4.0:
-  version "1.5.0"
-  resolved "https://registry.yarnpkg.com/datatables.net-select/-/datatables.net-select-1.5.0.tgz#e118438ad98e4857060d6dd66cb0fab215a54fda"
-  integrity sha512-PVYcX5phmu77r3a6miTyS1zF03cgX7Mx+BXH4wCJzZW+UHe2Xz9DAHgxvLQfE7j2M8LG45Ww7RxBhnkFKk1t7A==
+  version "1.6.0"
+  resolved "https://registry.yarnpkg.com/datatables.net-select/-/datatables.net-select-1.6.0.tgz#e2d93943e374917e0192899bf67416effadbe449"
+  integrity sha512-1kj32GOXs/dSpjBL5iDV3pwRwHU0hhJLPnTW/NOUH8Vhv1rGR3/X3PMSCc/T+Fy7J1jCJFbk8hQDsruXQKfSzw==
   dependencies:
     datatables.net ">=1.12.1"
     jquery ">=1.7"
 
 datatables.net@>=1.12.1, datatables.net@^1.11.4:
-  version "1.13.1"
-  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.13.1.tgz#199f7cb63f4536c135e161f95254212835a1c130"
-  integrity sha512-cX5dDHsbVdLLYKsWOSE0MvuGUcV88zU5dZ/taK2puJV6F9Fw0CFsP3+U/kr+qpDSFOBLWISRyM4Q9wWWovPTNg==
+  version "1.13.2"
+  resolved "https://registry.yarnpkg.com/datatables.net/-/datatables.net-1.13.2.tgz#48f7035b1696a29cb70909db1f2e0ebd5f946f3e"
+  integrity sha512-u5nOU+C9SBp1SyPmd6G+niozZtrBwo1E8xzdOk3JJaAkFYgX/KxF3Gd79R8YLbUfmIs2OLnLe5gaz/qs5U8UDA==
   dependencies:
     jquery ">=1.7"
 
@@ -637,9 +649,9 @@ deep-is@~0.1.3:
   integrity sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==
 
 define-properties@^1.1.3:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.4.tgz#0b14d7bd7fbeb2f3572c3a7eda80ea5d57fb05b1"
-  integrity sha512-uckOqKcfaVvtBdsVkdPv3XjveQJsNQqmhXgRi8uhvWWuPYZCNlzT8qAyblUgNoXdHdjMTzAqeGjAoli8f+bzPA==
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.2.0.tgz#52988570670c9eacedd8064f4a990f2405849bd5"
+  integrity sha512-xvqAVKGfT1+UAvPwKTVw/njhdQ8ZhXK4lI0bCIuCMrp2up9nPnaDftrLtmpTazqd1o+UY4zgzU+avtMbDP+ldA==
   dependencies:
     has-property-descriptors "^1.0.0"
     object-keys "^1.1.1"
@@ -782,6 +794,7 @@ ev-emitter@^1.0.0:
 eve-raphael@0.5.0:
   version "0.5.0"
   resolved "https://registry.yarnpkg.com/eve-raphael/-/eve-raphael-0.5.0.tgz#17c754b792beef3fa6684d79cf5a47c63c4cda30"
+  integrity sha512-jrxnPsCGqng1UZuEp9DecX/AuSyAszATSjf4oEcRxvfxa1Oux4KkIPKBAAWWnpdwfARtr+Q0o9aPYWjsROD7ug==
 
 event-emitter@^0.3.5, event-emitter@~0.3.5:
   version "0.3.5"
@@ -811,6 +824,7 @@ fast-memoize@^2.5.1:
 fastclick@^1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/fastclick/-/fastclick-1.0.6.tgz#161625b27b1a5806405936bda9a2c1926d06be6a"
+  integrity sha512-cXyDBT4g0uWl/Xe75QspBDAgAWQ0lkPi/zgp6YFEUHj6WV6VIZl7R6TiDZhdOVU3W4ehp/8tG61Jev1jit+ztQ==
 
 filterizr@^2.2.4:
   version "2.2.4"
@@ -847,6 +861,7 @@ fullcalendar@^5.10.1:
 function-bind@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
+  integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==
 
 functions-have-names@^1.2.2:
   version "1.2.3"
@@ -906,6 +921,7 @@ icheck-bootstrap@^3.0.1:
 icheck@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/icheck/-/icheck-1.0.2.tgz#06d08da3d47ae448c153b2639b86e9ad7fdf7128"
+  integrity sha512-1oDqj9ikiH4csFWKZnfbD1S9IY/MqzEt4cir6PIfkT84D/8QYaAZFrplXoyz5eaATmaoawY3KMTkMAO+fP4wGg==
 
 iconv-lite@^0.6.3:
   version "0.6.3"
@@ -974,6 +990,7 @@ is-regex@^1.0.4:
 isarray@~1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
+  integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==
 
 jquery-knob-chif@^1.2.13:
   version "1.2.13"
@@ -998,6 +1015,7 @@ jquery-mousewheel@^3.1, jquery-mousewheel@^3.1.13:
 jquery-slimscroll@^1.3.8:
   version "1.3.8"
   resolved "https://registry.yarnpkg.com/jquery-slimscroll/-/jquery-slimscroll-1.3.8.tgz#8481c44e7a47687653908a28f7f70aed64c84e36"
+  integrity sha512-3cNGNCq6i3b+rZQOx1tSBlSFewk4X35eUuQmoRVSA4MSytw3rGPvCw6cEB2oEHf+u15RVzgfh4hN+/3dDNzwiQ==
   dependencies:
     jquery ">= 1.7"
 
@@ -1025,12 +1043,7 @@ jquery.quicksearch@^2.4.0:
   dependencies:
     jquery ">=1.8"
 
-"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0":
-  version "3.6.0"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.0.tgz#c72a09f15c1bdce142f49dbf1170bdf8adac2470"
-  integrity sha512-JVzAR/AjBvVt2BmYhxRCSYysDsPcssdmTFnzyLEts9qNwmjmu4JTAMYubEfwVOSwpQ1I1sKKFcxhZCI2buerfw==
-
-jquery@>=1.12.0, jquery@>=2.2, "jquery@^3.0 || ^2.0 || ^1.0", jquery@^3.4.0, jquery@^3.6.0:
+"jquery@>= 1.7", "jquery@>= 1.7.1", jquery@>=1.10, jquery@>=1.12.0, jquery@>=1.7, "jquery@>=1.7.1 <4.0.0", jquery@>=1.8, "jquery@>=1.8.0 <4.0.0", jquery@>=2.2, "jquery@^3.0 || ^2.0 || ^1.0", jquery@^3.4.0, jquery@^3.6.0:
   version "3.6.3"
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.6.3.tgz#23ed2ffed8a19e048814f13391a19afcdba160e6"
   integrity sha512-bZ5Sy3YzKo9Fyc8wH2iIQK4JImJ6R0GWI9kL1/k7Z91ZBNgkRXE6U0JfHIizZbort8ZunhSI3jw9I6253ahKfg==
@@ -1103,9 +1116,9 @@ merge-source-map@1.0.4:
     source-map "^0.5.6"
 
 minimist@^1.1.3:
-  version "1.2.7"
-  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18"
-  integrity sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==
+  version "1.2.8"
+  resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c"
+  integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==
 
 moment-timezone@^0.5.34:
   version "0.5.40"
@@ -1114,19 +1127,15 @@ moment-timezone@^0.5.34:
   dependencies:
     moment ">= 2.9.0"
 
-"moment@>= 2.9.0", moment@^2.10.2, moment@^2.29.1, moment@^2.29.2:
+"moment@>= 2.9.0", moment@^2.10.2, moment@^2.29.1, moment@^2.29.2, moment@^2.9.0:
   version "2.29.4"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108"
   integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==
 
-moment@^2.9.0:
-  version "2.29.2"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
-  integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
-
 multiselect@^0.9.12:
   version "0.9.12"
   resolved "https://registry.yarnpkg.com/multiselect/-/multiselect-0.9.12.tgz#d15536e986dd6a0029b160d6613bcedf81e4c7ed"
+  integrity sha512-JCuFC288lp9m5xNlxsgX10dhZZv+5lIQQt4kM4H8uLysbiMJTYQBi0LuYguRunCvlXlGjFvH8O/YpL8x2lu9EA==
   dependencies:
     jquery ">= 1.7.1"
 
@@ -1211,8 +1220,9 @@ prelude-ls@~1.1.2:
   integrity sha512-ESF23V4SKG6lVSGZgYNpbsiaAkdab6ZgOxe52p7+Kid3W3u3bxR4Vfd/o21dmN7jSt0IwgZ4v5MUd26FEtXE9w==
 
 process-nextick-args@~2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
+  integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
 
 quote-stream@^1.0.1:
   version "1.0.2"
@@ -1230,19 +1240,7 @@ quote-stream@^1.0.1:
   dependencies:
     eve-raphael "0.5.0"
 
-readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2:
-  version "2.3.6"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
-  dependencies:
-    core-util-is "~1.0.0"
-    inherits "~2.0.3"
-    isarray "~1.0.0"
-    process-nextick-args "~2.0.0"
-    safe-buffer "~5.1.1"
-    string_decoder "~1.1.1"
-    util-deprecate "~1.0.1"
-
-readable-stream@~2.3.3, readable-stream@~2.3.6:
+readable-stream@^2.0.2, readable-stream@^2.2.2, readable-stream@~2.3.3, readable-stream@~2.3.6:
   version "2.3.7"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
   integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
@@ -1267,6 +1265,7 @@ regexp.prototype.flags@^1.2.0:
 resolve@1.1.7:
   version "1.1.7"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
+  integrity sha512-9znBF0vBcaSN3W2j7wKvdERPwqTxSpCq+if5C0WoTCyV9n24rua28jeuQ2pL/HOf+yUe/Mef+H/5p60K0Id3bg==
 
 resolve@^1.1.5:
   version "1.22.1"
@@ -1280,6 +1279,7 @@ resolve@^1.1.5:
 safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
+  integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
 
 "safer-buffer@>= 2.1.2 < 3.0.0":
   version "2.1.2"
@@ -1376,6 +1376,7 @@ static-module@^3.0.2:
 string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
+  integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==
   dependencies:
     safe-buffer "~5.1.0"
 
@@ -1390,9 +1391,9 @@ supports-preserve-symlinks-flag@^1.0.0:
   integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==
 
 sweetalert2@^11.4.0:
-  version "11.7.1"
-  resolved "https://registry.yarnpkg.com/sweetalert2/-/sweetalert2-11.7.1.tgz#e015b824fec3dcd174babbfedd30d989118c6783"
-  integrity sha512-+1bnkbqBl64FnZmi3g4SzAi4F3pL3S2jF1YQvrysv4GbgizfeFqGkJopxR3FnV/eJm6w2SQ2oAmCxSIBjgP/ag==
+  version "11.7.2"
+  resolved "https://registry.yarnpkg.com/sweetalert2/-/sweetalert2-11.7.2.tgz#a9a5e7323beeb3283e1dd03af0e1cf460c5af112"
+  integrity sha512-atPjDa3fv/4xwZpiAt7FZUgAhR5VAASiLP2hu7HUeVDXx+v4/9nD1W0u8xal1e9f2/qGh0DwTxPXPV9XoZIBvg==
 
 tempusdominus-bootstrap-4@^5.39.0:
   version "5.39.2"
@@ -1405,14 +1406,7 @@ tempusdominus-bootstrap-4@^5.39.0:
     moment-timezone "^0.5.34"
     popper.js "^1.16.1"
 
-through2@^2.0.0:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be"
-  dependencies:
-    readable-stream "^2.1.5"
-    xtend "~4.0.1"
-
-through2@~2.0.3:
+through2@^2.0.0, through2@~2.0.3:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
   integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
@@ -1457,6 +1451,7 @@ type@^2.7.2:
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
+  integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==
 
 unicode-properties@^1.2.2:
   version "1.4.1"
@@ -1487,6 +1482,7 @@ uplot@^1.6.18:
 util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
+  integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==
 
 word-wrap@~1.2.3:
   version "1.2.3"
@@ -1500,6 +1496,7 @@ xmldoc@^1.1.2:
   dependencies:
     sax "^1.2.4"
 
-xtend@^4.0.1, xtend@~4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"
+xtend@^4.0.2, xtend@~4.0.1:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
+  integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==

From bad36b5e75039eceb1a1a4200a3132940b06ed03 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Feb 2023 19:18:59 -0500
Subject: [PATCH 211/475] Added default CAPTCHA settings to default
 configuration.

Added flash_sessions directory pattern to git ignore file.
---
 .gitignore                      | 2 ++
 powerdnsadmin/default_config.py | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/.gitignore b/.gitignore
index 539325fd0..91bfea922 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
+flask_session
+
 # gedit
 *~
 
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index fd21b989d..851391530 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -12,6 +12,13 @@
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 
+#CAPTCHA Config
+CAPTCHA_ENABLE = True
+CAPTCHA_LENGTH = 6
+CAPTCHA_WIDTH = 160
+CAPTCHA_HEIGHT = 60
+CAPTCHA_SESSION_KEY = 'captcha_image'
+
 ### DATABASE CONFIG
 SQLA_DB_USER = 'pda'
 SQLA_DB_PASSWORD = 'changeme'

From 58aabacd91c36946b35f5100640f0a2766cef27d Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 08:52:00 -0500
Subject: [PATCH 212/475] Re-formatted base view template to be more in-line
 with PEP8 standards.

Working on dashboard clean-up and redesign.

Added custom Jinja date/time formatting function to utils.py.
---
 powerdnsadmin/__init__.py              |   4 +-
 powerdnsadmin/lib/utils.py             |  10 +-
 powerdnsadmin/templates/base.html      | 765 ++++++++++++-------------
 powerdnsadmin/templates/dashboard.html | 751 ++++++++++++------------
 4 files changed, 776 insertions(+), 754 deletions(-)

diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index 5adf748cf..c8f3b4040 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -74,9 +74,9 @@ def create_app(config=None):
     app.jinja_env.filters['display_record_name'] = utils.display_record_name
     app.jinja_env.filters['display_master_name'] = utils.display_master_name
     app.jinja_env.filters['display_second_to_time'] = utils.display_time
-    app.jinja_env.filters[
-        'display_setting_state'] = utils.display_setting_state
+    app.jinja_env.filters['display_setting_state'] = utils.display_setting_state
     app.jinja_env.filters['pretty_domain_name'] = utils.pretty_domain_name
+    app.jinja_env.filters['format_datetime_local'] = utils.format_datetime
 
     # Register context proccessors
     from .models.setting import Setting
diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index f63a11cc7..c763bcb40 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -225,6 +225,7 @@ class customBoxes:
     }
     order = ["reverse", "ip6arpa", "inaddrarpa"]
 
+
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
     print("Received domain name:", domain_name)
@@ -258,9 +259,16 @@ def to_idna(value, action):
     elif action == 'decode':
         for split in splits:
             if not split.startswith('_') and not split.startswith('--'):
-                result.append(idna.decode(split))   
+                result.append(idna.decode(split))
             else:
                 result.append(split)
     else:
         raise Exception('No valid action received')
     return '.'.join(result)
+
+
+def format_datetime(value, format_str="%Y-%m-%d %I:%M %p"):
+    """Format a date time to (Default): YYYY-MM-DD HH:MM P"""
+    if value is None:
+        return ""
+    return value.strftime(format_str)
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 54bb019bf..4f050c98c 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -1,427 +1,424 @@
 <!DOCTYPE html>
 <html lang="en" class>
 <head>
-  {% block head %}
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-    {% block title %}
-      <title>
-        {{ SITE_NAME }}
-      </title>
+    {% block head %}
+        <meta charset="utf-8">
+        <meta http-equiv="X-UA-Compatible" content="IE=edge">
+        <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+        {% block title %}<title>{{ SITE_NAME }}</title>{% endblock %}
+        <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
+        <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
+        <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
+        <!-- Tell the browser to be responsive to screen width -->
+        <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+        <!-- Tell Safari to not recognise telephone numbers -->
+        <meta name="format-detection" content="telephone=no">
+        {% assets "css_main" -%}<link rel="stylesheet" href="{{ ASSET_URL }}">{%- endassets %}
+        {% if SETTING.get('custom_css') %}
+            <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+        {% endif %}
     {% endblock %}
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/style.css') }}">
-    <!--  Get Google Fonts we like -->
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/source_sans_pro.css') }}">
-    <link rel="stylesheet" href="{{ url_for('static', filename='assets/css/roboto_mono.css') }}">
-    <!-- Tell the browser to be responsive to screen width -->
-    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-    <!-- Tell Safari to not recognise telephone numbers -->
-    <meta name="format-detection" content="telephone=no">
-    {% assets "css_main" -%}
-      <link rel="stylesheet" href="{{ ASSET_URL }}">
-    {%- endassets %}
-    {% if SETTING.get('custom_css') %}
-      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
-    {% endif %}
-  {% endblock %}
 </head>
 
 <body class="hold-transition sidebar-mini {% if not SETTING.get('fullscreen_layout') %}layout-boxed{% endif %}">
-  {% set user_image_url = url_for('user.image', username=current_user.username) %}
-  <div class="wrapper">
-  {% block pageheader %}
-    <nav class="main-header navbar navbar-expand navbar-white navbar-light">
-      <!-- Header Navbar: style can be found in header.less -->
-      <!-- Sidebar toggle button-->
-      <ul class="navbar-nav">
-        <li class="nav-item">
-          <a class="nav-link" data-widget="pushmenu" href="#" role="button">
-            <i class="fa-solid fa-bars"></i>
-          </a>
-        </li>
-      </ul>
-        <ul class="navbar-nav ml-auto">
-        <li class="nav-item">
-          <a class="nav-link" data-widget="fullscreen" href="#" role="button">
-            <i class="fa-solid fa-expand-arrows-alt"></i>
-          </a>
-        </li>
-      </ul>
-    </nav>
+{% set user_image_url = url_for('user.image', username=current_user.username) %}
+<div class="wrapper">
+    {% block pageheader %}
+        <nav class="main-header navbar navbar-expand navbar-white navbar-light">
+            <!-- Header Navbar: style can be found in header.less -->
+            <!-- Sidebar toggle button-->
+            <ul class="navbar-nav">
+                <li class="nav-item">
+                    <a class="nav-link" data-widget="pushmenu" href="#" role="button">
+                        <i class="fa-solid fa-bars"></i>
+                    </a>
+                </li>
+            </ul>
+            <ul class="navbar-nav ml-auto">
+                <li class="nav-item">
+                    <a class="nav-link" data-widget="fullscreen" href="#" role="button">
+                        <i class="fa-solid fa-expand-arrows-alt"></i>
+                    </a>
+                </li>
+            </ul>
+        </nav>
 
-  {% endblock %}
-  <!-- Left side column. contains the logo and sidebar -->
-  <aside class="main-sidebar sidebar-dark-primary">
-    <!-- Logo -->
-    <a href="{{ url_for('index.index') }}" class="brand-link">
-      <img src="{{ url_for('static', filename='img/favicon.png') }}" alt="PowerDNS-Admin FavIcon" class="brand-image img-circle elevation-3" style="opacity: .8">
-      <span class="brand-text font-weight-light">
+    {% endblock %}
+    <!-- Left side column. contains the logo and sidebar -->
+    <aside class="main-sidebar sidebar-dark-primary">
+        <!-- Logo -->
+        <a href="{{ url_for('index.index') }}" class="brand-link">
+            <img src="{{ url_for('static', filename='img/favicon.png') }}" alt="PowerDNS-Admin FavIcon"
+                 class="brand-image img-circle elevation-3" style="opacity: .8">
+            <span class="brand-text font-weight-light">
         {% if SETTING.get('site_name') %}
-          <b>{{ SITE_NAME }}</b>
+            <b>{{ SITE_NAME }}</b>
         {% else %}
-          <b>PowerDNS</b>-Admin
+            <b>PowerDNS</b>-Admin
         {% endif %}
       </span>
-    </a>
-    <!-- sidebar: style can be found in sidebar.less -->
-    <div class="sidebar">
-    {% if current_user.id is defined %}
-      <div class="user-panel mt-3 pb-3 mb-3 d-flex">
-        <div class="image">
-          <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
-        </div>
-        <div class="info">
-          <a href="{{ url_for('user.profile') }}" class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
-        </div>
-      </div>
-      <!-- sidebar menu: : style can be found in sidebar.less -->
-      <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
-        <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
-          <a href="{{ url_for('user.profile') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-user"></i>
-            <p>Profile</p>
-          </a>
-        </li>
-        <li class="nav-item">
-          <a href="{{ url_for('index.logout') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
-            <p>Logout</p>
-          </a>
-        </li>
-        <li class="nav-header">Zone Management</li>
-        <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
-          <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-tachometer-alt"></i>
-            <p>Dashboard</p>
-          </a>
-        </li>
-        {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
-          <a href="{{ url_for('domain.add') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-plus"></i>
-            <p>New Domain</p>
-          </a>
-        </li>
-        {% endif %}
-        {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
-          <a href="{{ url_for('domain.remove') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-trash-alt"></i>
-            <p>Remove Domain</p>
-          </a>
-        </li>
-        {% endif %}
-        {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <li class="nav-header">Administration</li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
-          <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-info-circle"></i>
-            <p>PowerDNS Info</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
-          <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-search"></i>
-            <p>Global Search</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-          <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-calendar-alt"></i>
-            <p>History</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
-          <a href="{{ url_for('admin.templates') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-clone"></i>
-            <p>Domain Templates</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-industry"></i>
-            <p>Accounts</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-users"></i>
-            <p>Users</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
-          <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-key"></i>
-            <p>API Keys</p>
-          </a>
-        </li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
-          <a href="#" class="nav-link">
-            <i class="nav-icon fa-solid fa-cog"></i>
-            <p>
-              Settings
-              <i class="right fa-solid fa-angle-left"></i>
-            </p>
-          </a>
-          <ul class="nav nav-treeview" {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
-            <li class="nav-item">
-              <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
-                <i class="nav-icon fa-solid fa-circle"></i>
-                <p>Basic</p>
-              </a>
-            </li>
-            <li class="nav-item">
-              <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
-                <i class="nav-icon fa-solid fa-circle"></i>
-                <p>Records</p>
-              </a>
-            </li>
-            {% if current_user.role.name == 'Administrator' %}
-              <li class="nav-item">
-                <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
-                  <i class="nav-icon fa-solid fa-circle"></i>
-                  <p>PowerDNS Connection</p>
-                </a>
-              </li>
-              <li class="nav-item">
-                <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
-                  <i class="nav-icon fa-solid fa-circle"></i>
-                  <p>Authentication</p>
-                </a>
-              </li>
+        </a>
+        <!-- sidebar: style can be found in sidebar.less -->
+        <div class="sidebar">
+            {% if current_user.id is defined %}
+                <div class="user-panel mt-3 pb-3 mb-3 d-flex">
+                    <div class="image">
+                        <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
+                    </div>
+                    <div class="info">
+                        <a href="{{ url_for('user.profile') }}"
+                           class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
+                    </div>
+                </div>
+                <!-- sidebar menu: : style can be found in sidebar.less -->
+                <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
+                    <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
+                        <a href="{{ url_for('user.profile') }}" class="nav-link">
+                            <i class="nav-icon fa-solid fa-user"></i>
+                            <p>Profile</p>
+                        </a>
+                    </li>
+                    <li class="nav-item">
+                        <a href="{{ url_for('index.logout') }}" class="nav-link">
+                            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
+                            <p>Logout</p>
+                        </a>
+                    </li>
+                    <li class="nav-header">Zone Management</li>
+                    <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
+                        <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">
+                            <i class="nav-icon fa-solid fa-tachometer-alt"></i>
+                            <p>Dashboard</p>
+                        </a>
+                    </li>
+                    {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
+                        <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
+                            <a href="{{ url_for('domain.add') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-plus"></i>
+                                <p>New Domain</p>
+                            </a>
+                        </li>
+                    {% endif %}
+                    {% if SETTING.get('allow_user_remove_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
+                        <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
+                            <a href="{{ url_for('domain.remove') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-trash-alt"></i>
+                                <p>Remove Domain</p>
+                            </a>
+                        </li>
+                    {% endif %}
+                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                        <li class="nav-header">Administration</li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-info-circle"></i>
+                                <p>PowerDNS Info</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-search"></i>
+                                <p>Global Search</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.history') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-calendar-alt"></i>
+                                <p>History</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.templates') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-clone"></i>
+                                <p>Domain Templates</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-industry"></i>
+                                <p>Accounts</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_users' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.manage_user') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-users"></i>
+                                <p>Users</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_keys' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.manage_keys') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-key"></i>
+                                <p>API Keys</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
+                            <a href="#" class="nav-link">
+                                <i class="nav-icon fa-solid fa-cog"></i>
+                                <p>
+                                    Settings
+                                    <i class="right fa-solid fa-angle-left"></i>
+                                </p>
+                            </a>
+                            <ul class="nav nav-treeview"
+                                {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
+                                <li class="nav-item">
+                                    <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
+                                        <i class="nav-icon fa-solid fa-circle"></i>
+                                        <p>Basic</p>
+                                    </a>
+                                </li>
+                                <li class="nav-item">
+                                    <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
+                                        <i class="nav-icon fa-solid fa-circle"></i>
+                                        <p>Records</p>
+                                    </a>
+                                </li>
+                                {% if current_user.role.name == 'Administrator' %}
+                                    <li class="nav-item">
+                                        <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
+                                            <i class="nav-icon fa-solid fa-circle"></i>
+                                            <p>PowerDNS Connection</p>
+                                        </a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
+                                            <i class="nav-icon fa-solid fa-circle"></i>
+                                            <p>Authentication</p>
+                                        </a>
+                                    </li>
+                                {% endif %}
+                            </ul>
+                        </li>
+                    {% elif SETTING.get('allow_user_view_history') %}
+                        <li class="nav-header">Administration</li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.history') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-calendar-alt"></i>
+                                <p>History</p>
+                            </a>
+                        </li>
+                    {% endif %}
+                </ul>
             {% endif %}
-          </ul>
-        </li>
-        {% elif SETTING.get('allow_user_view_history') %}
-        <li class="nav-header">Administration</li>
-        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-          <a href="{{ url_for('admin.history') }}" class="nav-link">
-            <i class="nav-icon fa-solid fa-calendar-alt"></i>
-            <p>History</p>
-          </a>
-        </li>
-        {% endif %}
-      </ul>
-    {% endif %}
-    </div>
-    <!-- /.sidebar -->
-  </aside>
-
-  <!-- Content Wrapper. Contains page content -->
-  <div class="content-wrapper">
-    {% block dashboard_stat %}
-    <!-- Content Header (Page header) -->
-    <div class="content-header">
-      <div class="container-fluid">
-        <div class="row mb-2">
-          <div class="col-sm-6">
-            <h1 class="m-0 text-dark">
-              Dashboard
-              <small>Control panel</small>
-            </h1>
-          </div>
-          <div class="col-sm-6">
-            <ol class="breadcrumb float-sm-right">
-              <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-              <li class="breadcrumb-item active">Dashboard</li>
-            </ol>
-          </div>
         </div>
-      </div>
+        <!-- /.sidebar -->
+    </aside>
+
+    <!-- Content Wrapper. Contains page content -->
+    <div class="content-wrapper">
+        {% block dashboard_stat %}
+            <!-- Content Header (Page header) -->
+            <div class="content-header">
+                <div class="container-fluid">
+                    <div class="row mb-2">
+                        <div class="col-sm-6">
+                            <h1 class="m-0 text-dark">
+                                Dashboard
+                                <small>Control panel</small>
+                            </h1>
+                        </div>
+                        <div class="col-sm-6">
+                            <ol class="breadcrumb float-sm-right">
+                                <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                                <li class="breadcrumb-item active">Dashboard</li>
+                            </ol>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        {% endblock %}
+        {% block content %}
+        {% endblock %}
     </div>
-    {% endblock %}
-    {% block content %}
-    {% endblock %}
-  </div>
-  <!-- /.content-wrapper -->
-  <footer class="main-footer">
-    <strong><a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></strong> - A PowerDNS web interface with advanced features.
-  </footer>
+    <!-- /.content-wrapper -->
+    <footer class="main-footer">
+        <strong><a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></strong> - A PowerDNS web
+        interface with advanced features.
+    </footer>
 </div>
 <!-- ./wrapper -->
 <script type="text/javascript">
-  $SCRIPT_ROOT = {{ request.script_root|tojson|safe }};
-</script>
-<script type="text/javascript">
-  var PDNS_VERSION = '{{ pdns_version }}'
+    $SCRIPT_ROOT = {{ request.script_root|tojson|safe }};
+    var PDNS_VERSION = '{{ pdns_version }}';
 </script>
 {% block scripts %}
-{% assets "js_main" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {% if SETTING.get('warn_session_timeout') and current_user.is_authenticated %}
-  <script>
-    // close the session warning popup when receive
-    // a boradcast message
-    var bc = new BroadcastChannel('powerdnsadmin');
-    bc.addEventListener('message', function (e) {
-      if (e.data == 'close_session_timeout_modal'){
-        $("#modal_session_warning").modal('hide');
-      }
-    });
+    {% assets "js_main" -%}
+        <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+        {% if SETTING.get('warn_session_timeout') and current_user.is_authenticated %}
+            <script>
+                // close the session warning popup when receive
+                // a boradcast message
+                var bc = new BroadcastChannel('powerdnsadmin');
+                bc.addEventListener('message', function (e) {
+                    if (e.data == 'close_session_timeout_modal') {
+                        $("#modal_session_warning").modal('hide');
+                    }
+                });
 
-    // Stay Signed In button click event
-    $(document.body).on("click", ".button_stay_signed_in", function (e) {
-      $.get({
-          url: $.jTimeout().options.extendUrl,
-          cache: false,
-            success: function(){
-              $.jTimeout().resetExpiration();
-            }
-      });
-      $.jTimeout().options.onClickExtend();
-    });
+                // Stay Signed In button click event
+                $(document.body).on("click", ".button_stay_signed_in", function (e) {
+                    $.get({
+                        url: $.jTimeout().options.extendUrl,
+                        cache: false,
+                        success: function () {
+                            $.jTimeout().resetExpiration();
+                        }
+                    });
+                    $.jTimeout().options.onClickExtend();
+                });
 
-    // Sign Out button click event
-    $(document.body).on("click", ".button_sign_out", function (e) {
-      window.location.replace("{{ url_for('index.logout') }}");
-    });
+                // Sign Out button click event
+                $(document.body).on("click", ".button_sign_out", function (e) {
+                    window.location.replace("{{ url_for('index.logout') }}");
+                });
 
-    // Things happen when session warning popup shown
-    $(document).on('show.bs.modal','#modal_session_warning', function () {
-      var secondsLeft = jTimeout.getSecondsTillExpiration();
-      var t = timer($('#modal-time'), secondsLeft);
+                // Things happen when session warning popup shown
+                $(document).on('show.bs.modal', '#modal_session_warning', function () {
+                    var secondsLeft = jTimeout.getSecondsTillExpiration();
+                    var t = timer($('#modal-time'), secondsLeft);
 
-      $(this).on('hidden.bs.modal', function () {
-        clearInterval(t);
-        $('#modal-time').text("");
-        $(this).off('hidden.bs.modal');
-      });
+                    $(this).on('hidden.bs.modal', function () {
+                        clearInterval(t);
+                        $('#modal-time').text("");
+                        $(this).off('hidden.bs.modal');
+                    });
 
-    });
+                });
 
-    // jTimeout definition
-    $(function(){
-      $.jTimeout({
-        flashTitle: true,
-        flashTitleSpeed: 500,
-        flashingTitleText: '**WARNING**',
-        originalTitle: document.title,
-        timeoutAfter: {{ SETTING.get('session_timeout')|int * 60 }},
-        secondsPrior: 60,
-        heartbeat: 1,
-        extendOnMouseMove: true,
-        mouseDebounce: 30,
-        extendUrl: '{{ url_for("index.ping") }}',
-        logoutUrl: '{{ url_for("index.logout") }}',
-        loginUrl: '{{ url_for("index.login") }}',
+                // jTimeout definition
+                $(function () {
+                    $.jTimeout({
+                        flashTitle: true,
+                        flashTitleSpeed: 500,
+                        flashingTitleText: '**WARNING**',
+                        originalTitle: document.title,
+                        timeoutAfter: {{ SETTING.get('session_timeout')|int * 60 }},
+                        secondsPrior: 60,
+                        heartbeat: 1,
+                        extendOnMouseMove: true,
+                        mouseDebounce: 30,
+                        extendUrl: '{{ url_for("index.ping") }}',
+                        logoutUrl: '{{ url_for("index.logout") }}',
+                        loginUrl: '{{ url_for("index.login") }}',
 
-        onClickExtend: function(){
-          // broadcast a message to tell other tabes
-          // close the session warning popup
-          var bc = new BroadcastChannel('powerdnsadmin');
-          bc.postMessage('close_session_timeout_modal');
-        },
+                        onClickExtend: function () {
+                            // broadcast a message to tell other tabes
+                            // close the session warning popup
+                            var bc = new BroadcastChannel('powerdnsadmin');
+                            bc.postMessage('close_session_timeout_modal');
+                        },
 
-        onMouseMove: function(){
-          // if the mouse is moving while popup is present, we
-          // don't extend the session.
-          if (!$('#modal_session_warning').hasClass('in')) {
-            $.get({
-              url: $.jTimeout().options.extendUrl,
-              cache: false,
-              success: function () {
-                $.jTimeout().resetExpiration();
-              }
-            });
-          }
-        },
+                        onMouseMove: function () {
+                            // if the mouse is moving while popup is present, we
+                            // don't extend the session.
+                            if (!$('#modal_session_warning').hasClass('in')) {
+                                $.get({
+                                    url: $.jTimeout().options.extendUrl,
+                                    cache: false,
+                                    success: function () {
+                                        $.jTimeout().resetExpiration();
+                                    }
+                                });
+                            }
+                        },
 
-        onTimeout: function(jTimeout){
-          window.location.replace("{{ url_for('index.logout') }}");
-        },
+                        onTimeout: function (jTimeout) {
+                            window.location.replace("{{ url_for('index.logout') }}");
+                        },
 
-        onPriorCallback: function(jTimeout){
-          $("#modal_session_warning").modal('show');;
-        },
+                        onPriorCallback: function (jTimeout) {
+                            $("#modal_session_warning").modal('show');
+                            ;
+                        },
 
-        onSessionExtended:function(jTimeout){
-          $("#modal_session_warning").modal('hide');
-        }
-      });
-    });
+                        onSessionExtended: function (jTimeout) {
+                            $("#modal_session_warning").modal('hide');
+                        }
+                    });
+                });
 
-    function showErrorModal(message) {
-      var modal = $('#modal_error');
-      modal.find('.modal-body p').text(message);
-      modal.modal('show');
-    }
+                function showErrorModal(message) {
+                    var modal = $('#modal_error');
+                    modal.find('.modal-body p').text(message);
+                    modal.modal('show');
+                }
 
-    function showSuccessModal(message) {
-      var modal = $("#modal_success");
-      modal.find('.modal-body p').text(message);
-      modal.modal('show');
-    }
-  </script>
-  {% endif %}
-{%- endassets %}
+                function showSuccessModal(message) {
+                    var modal = $("#modal_success");
+                    modal.find('.modal-body p').text(message);
+                    modal.modal('show');
+                }
+            </script>
+        {% endif %}
+    {%- endassets %}
 {% endblock %}
 {% block extrascripts %}
 {% endblock %}
 {% block defaultmodals %}
-<div class="modal fade modal-danger" id="modal_error">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Error</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+    <div class="modal fade modal-danger" id="modal_error">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Error</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
-<!-- /.modal -->
-<div class="modal fade modal-success" id="modal_success">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Success</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+    <!-- /.modal -->
+    <div class="modal fade modal-success" id="modal_success">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Success</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
-<div class="modal fade modal-warning" data-backdrop="static" id="modal_session_warning">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Session timeout warning</h4>
-      </div>
-      <div class="modal-body">
-        <p>Your session is about to expire. You will be automatically signed out in</p>
-        <h3><span id="modal-time"></span></h3>
-        <p>To coninue your ssession, select <strong>Stay Signed In</strong></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-success float-right button_stay_signed_in" data-dismiss="modal">
-          Stay Signed In
-        </button>
-        <button type="button" class="btn btn-danger float-left button_sign_out" data-dismiss="modal">
-          Sign Out
-        </button>
-      </div>
+    <div class="modal fade modal-warning" data-backdrop="static" id="modal_session_warning">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Session timeout warning</h4>
+                </div>
+                <div class="modal-body">
+                    <p>Your session is about to expire. You will be automatically signed out in</p>
+                    <h3><span id="modal-time"></span></h3>
+                    <p>To coninue your ssession, select <strong>Stay Signed In</strong></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-success float-right button_stay_signed_in"
+                            data-dismiss="modal">
+                        Stay Signed In
+                    </button>
+                    <button type="button" class="btn btn-danger float-left button_sign_out" data-dismiss="modal">
+                        Sign Out
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 {% endblock %}
 {% block modals %}
 {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index ddf369715..52422162d 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -1,418 +1,435 @@
 {% extends "base.html" %}
-
 {% set active_page = "dashboard" %}
-
-{% block title %}
-  <title>
-    Dashboard - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Dashboard - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Dashboard
-            <small>Info</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Dashboard
+                        <small>Info</small>
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% import 'applied_change_macro.html' as applied_change_macro %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-        <div class="row">
-          <div class="col-3">
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Statistics</h3>
-              </div>
-              <div class="card-body">
-                <div class="row">
-                  <div class="col-6">
-                    <!-- small box -->
-                    <div class="small-box bg-info">
-                      <div class="inner">
-                        <h3>{{ domain_count }}</h3>
-                        <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
-                      </div>
-                      <div class="icon">
-                        <i class="fa-solid fa-book"></i>
-                      </div>
-                    </div>
-                  </div>
-                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-6">
-                      <a href="{{ url_for('admin.manage_user') }}">
-                        <div class="small-box bg-green">
-                          <div class="inner">
-                            <h3>{{ user_num }}</h3>
-                            <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
-                          </div>
-                          <div class="icon">
-                            <i class="fa-solid fa-users"></i>
-                          </div>
+    <section class="content">
+        <div class="container-fluid">
+
+            <div class="row">
+                <div class="col-lg-12">
+                    <div class="card card-outline card-secondary">
+                        <div class="card-header">
+                            <h3 class="card-title">Statistics</h3>
                         </div>
-                      </a>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <div class="row">
+                                <div class="col-6 col-sm-3">
+                                    <div class="small-box bg-info">
+                                        <div class="inner">
+                                            <h3>{{ domain_count }}</h3>
+                                            <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
+                                        </div>
+                                        <div class="icon">
+                                            <i class="fa-solid fa-book"></i>
+                                        </div>
+                                    </div>
+                                </div>
+                                <div class="col-6 col-sm-3">
+                                    <a href="{{ url_for('admin.history') }}">
+                                        <div class="small-box bg-green">
+                                            <div class="inner">
+                                                <h3>{{ history_number }}</h3>
+                                                <p>{% if history_number > 1 %}Histories{% else %}
+                                                    History{% endif %}</p>
+                                            </div>
+                                            <div class="icon">
+                                                <i class="fa-solid fa-calendar"></i>
+                                            </div>
+                                        </div>
+                                    </a>
+                                </div>
+                                {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                                    <div class="col-6 col-sm-3">
+                                        <a href="{{ url_for('admin.manage_user') }}">
+                                            <div class="small-box bg-green">
+                                                <div class="inner">
+                                                    <h3>{{ user_num }}</h3>
+                                                    <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
+                                                </div>
+                                                <div class="icon">
+                                                    <i class="fa-solid fa-users"></i>
+                                                </div>
+                                            </div>
+                                        </a>
+                                    </div>
+                                    <div class="col-6 col-sm-3">
+                                        <a href="{{ url_for('admin.pdns_stats') }}">
+                                            <div class="small-box bg-green">
+                                                <div class="inner">
+                                                    <h3><span
+                                                            style="font-size: 18px">{{ uptime|display_second_to_time }}</span>
+                                                    </h3>
+                                                    <p>Uptime</p>
+                                                </div>
+                                                <div class="icon">
+                                                    <i class="fa-solid fa-clock"></i>
+                                                </div>
+                                            </div>
+                                        </a>
+                                    </div>
+                                {% endif %}
+                            </div>
+                            <!-- /.row -->
+                        </div>
+                        <!-- /.card-body -->
                     </div>
-                  {% endif %}
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
+
+            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                 <div class="row">
-                  <div class="col-6">
-                    <a href="{{ url_for('admin.history') }}">
-                      <div class="small-box bg-green">
-                        <div class="inner">
-                          <h3>{{ history_number }}</h3>
-                          <p>{% if history_number > 1 %}Histories{% else %}History{% endif %}</p>
+                    <div class="col-12">
+                        <div class="card card-outline card-secondary">
+                            <div class="card-header">
+                                <h3 class="card-title">Recent History</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body table-responsive p-0">
+                                <table class="table table-striped table-hover">
+                                    <thead>
+                                    <tr>
+                                        <th>User</th>
+                                        <th>Log Message</th>
+                                        <th>Timestamp</th>
+                                        <th>Actions</th>
+                                    </tr>
+                                    </thead>
+                                    <tbody>
+                                    {% for history in histories %}
+                                        <tr class="odd">
+                                            <td>{{ history.history.created_by }}</td>
+                                            <td>{{ history.history.msg }}</td>
+                                            <td>{{ history.history.created_on | format_datetime_local }}</td>
+                                            <td>
+                                                <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
+                                                    {{ history.detailed_msg | safe }}
+                                                    {% if history.change_set %}
+                                                        <div class="content">
+                                                            <div id="change_index_definition"></div>
+                                                            {% call applied_change_macro.applied_change_template(history.change_set) %}
+                                                            {% endcall %}
+                                                        </div>
+                                                    {% endif %}
+                                                </div>
+                                                <button type="button" class="btn btn-sm btn-primary history-info-button"
+                                                        {% if history.detailed_msg == "" and history.change_set is none %}
+                                                        style="visibility: hidden;"
+                                                        {% endif %} value="{{ loop.index0 }}">
+                                                    <i class="fa-solid fa-info-circle"></i>&nbsp;Info
+                                                </button>
+                                            </td>
+                                        </tr>
+                                    {% endfor %}
+                                    </tbody>
+                                </table>
+                            </div>
+                            <!-- /.card-body -->
                         </div>
-                        <div class="icon">
-                          <i class="fa-solid fa-calendar"></i>
+                        <!-- /.card -->
+                    </div>
+                    <!-- /.col -->
+                </div>
+                <!-- /.row -->
+            {% endif %}
+
+            <div class="row">
+                <div class="col-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <div class="nav-tabs-custom">
+                                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
+                                    <li class="nav-item">
+                                        <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
+                                           data-toggle="pill" role="tab">
+                                            Hosted Domains <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
+                                        </a>
+                                    </li>
+                                    {% for boxId in custom_boxes.order[1:] %}
+                                        <li class="nav-item">
+                                            <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill" role="tab">Hosted
+                                                Domains <b>{{ custom_boxes.boxes[boxId][0] }}</b></a>
+                                        </li>
+                                    {% endfor %}
+                                </ul>
+                            </div>
                         </div>
-                      </div>
-                    </a>
-                  </div>
-                  {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                    <div class="col-6">
-                      <a href="{{ url_for('admin.pdns_stats') }}">
-                        <div class="small-box bg-green">
-                          <div class="inner">
-                            <h3><span style="font-size: 18px">{{ uptime|display_second_to_time }}</span></h3>
-                            <p>Uptime</p>
-                          </div>
-                          <div class="icon">
-                            <i class="fa-solid fa-clock"></i>
-                          </div>
+                        <div class="card-body">
+                            <div class="tab-content">
+                                {% for boxId in custom_boxes.order %}
+                                    <div class="tab-pane fade show" id='tab_{{ boxId }}'>
+                                        <div class="card-header">
+                                            <h3 class="card-title">Hosted Domains
+                                                <b>{{ custom_boxes.boxes[boxId][0] }}</b></h3>
+                                            {% if show_bg_domain_button %}
+                                                <button type="button"
+                                                        class="btn btn-primary refresh-bg-button float-right">
+                                                    <i class="fa-solid fa-sync"></i>
+                                                    &nbsp;Sync Domains
+                                                </button>
+                                            {% endif %}
+                                        </div>
+                                        <div class="card-body table-responsive p-0 pt-2">
+                                            <table id='tbl_domain_list_{{ boxId }}'
+                                                   class="table table-striped table-hover">
+                                                <thead>
+                                                <tr>
+                                                    <th>Name</th>
+                                                    <th>DNSSEC</th>
+                                                    <th>Type</th>
+                                                    <th>Serial</th>
+                                                    <th>Primary</th>
+                                                    <th>Account</th>
+                                                    <th>Actions</th>
+                                                </tr>
+                                                </thead>
+                                                <tbody>
+                                                </tbody>
+                                            </table>
+                                        </div>
+                                    </div>
+                                {% endfor %}
+                            </div>
                         </div>
-                      </a>
                     </div>
-                  {% endif %}
-                </div>
-              </div>
-            </div>
-          </div>
-          <div class="col-9">
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Recent History</h3>
-              </div>
-              <div class="card-body">
-                <table id="tbl_history" class="table table-bordered table-striped">
-                  <thead>
-                    <tr>
-                      <th>Changed By</th>
-                      <th>Content</th>
-                      <th>Time</th>
-                      <th>Detail</th>
-                    </tr>
-                  </thead>
-                  <tbody>
-                    {% for history in histories %}
-                      <tr class="odd">
-                        <td>{{ history.history.created_by }}</td>
-                        <td>{{ history.history.msg }}</td>
-                        <td>{{ history.history.created_on }}</td>
-                        <td width="6%">
-                          <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                            {{ history.detailed_msg | safe }}
-                            {% if history.change_set %}
-                              <div class="content">
-                                <div id="change_index_definition"></div>
-                                {% call applied_change_macro.applied_change_template(history.change_set) %}
-                                {% endcall %}
-                              </div>
-                            {% endif %}
-                          </div>
-                          <button type="button" class="btn btn-sm btn-primary history-info-button"
-                            {% if history.detailed_msg == "" and history.change_set is none %}
-                              style="visibility: hidden;"
-                            {% endif %} value="{{ loop.index0 }}">
-                            <i class="fa-solid fa-info-circle"></i>&nbsp;Info
-                          </button>
-                        </td>
-                      </tr>
-                    {% endfor %}
-                  </tbody>
-                </table>
-              </div>
-            </div>
-          </div>
-        </div>
-      {% endif %}
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <div class="nav-tabs-custom">
-                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
-                  <li class="nav-item">
-                    <a class="nav-link active" href="#tab_{{custom_boxes.order[0]}}" data-toggle="pill" role="tab">
-                      Hosted Domains <b>{{custom_boxes.boxes[custom_boxes.order[0]][0]}}</b>
-                    </a>
-                  </li>
-                  {% for boxId in custom_boxes.order[1:] %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tab_{{boxId}}" data-toggle="pill" role="tab">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></a>
-                  </li>
-                  {% endfor %}
-                </ul>
-              </div>
-            </div>
-            <div class="card-body">
-              <div class="tab-content">
-                {% for boxId in custom_boxes.order %}
-                <div class="tab-pane fade show" id='tab_{{boxId}}'>
-                  <div class="card-header">
-                    <h3 class="card-title">Hosted Domains <b>{{custom_boxes.boxes[boxId][0]}}</b></h3>
-                    {% if show_bg_domain_button %}
-                    <button type="button" class="btn btn-primary refresh-bg-button float-right">
-                      <i class="fa-solid fa-sync"></i>
-                      &nbsp;Sync Domains
-                    </button>
-                    {% endif %}
-                  </div>
-                  <div class="card-body">
-                    <table id='tbl_domain_list_{{boxId}}' class="table table-bordered table-striped">
-                      <thead>
-                        <tr>
-                          <th>Name</th>
-                          <th>DNSSEC</th>
-                          <th>Type</th>
-                          <th>Serial</th>
-                          <th>Primary</th>
-                          <th>Account</th>
-                          <th>Actions</th>
-                        </tr>
-                      </thead>
-                      <tbody>
-                      </tbody>
-                    </table>
-                  </div>
+
                 </div>
-                {% endfor %}
-              </div>
             </div>
-          </div>
-
         </div>
-      </div>
-    </div>
-  </section>
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-//SYBPATCH START//
-    function setUpDomainList(id ,url){
-        $(id).DataTable({
-            "paging" : true,
-            "lengthChange" : true,
-            language: {
-                searchPlaceholder: "Use ^ and $ for start and end",
-            },
-            "searching" : true,
-            "ordering" : true,
+    <script>
+        //SYBPATCH START//
+        function setUpDomainList(id, url) {
+            $(id).DataTable({
+                "paging": true,
+                "lengthChange": true,
+                language: {
+                    searchPlaceholder: "Use ^ and $ for start and end",
+                },
+                "searching": true,
+                "ordering": true,
+                "columnDefs": [
+                    {"orderable": false, "targets": [-1]}
+                    {% if current_user.role.name not in ['Administrator', 'Operator'] %},{
+                        "visible": false,
+                        "targets": [-2]
+                    }{% endif %}
+                ],
+                "processing": true,
+                "serverSide": true,
+                "ajax": url,
+                "info": false,
+                "autoWidth": false,
+                {% if SETTING.get('default_domain_table_size')|string in ['10','25','50','100'] %}
+                    "lengthMenu": [[10, 25, 50, 100, -1],
+                        [10, 25, 50, 100, "All"]],
+                {% else %}
+                    "lengthMenu": [[10, 25, 50, 100, {{ SETTING.get('default_domain_table_size') }}, -1],
+                        [10, 25, 50, 100, {{ SETTING.get('default_domain_table_size') }}, "All"]],
+                {% endif %}
+                "pageLength": {{ SETTING.get('default_domain_table_size') }}
+            });
+        }
+
+        $('#tab_{{custom_boxes.order[0]}}').addClass("active");
+        {% for boxId in custom_boxes.order %}
+            setUpDomainList("#tbl_domain_list_{{boxId}}", "{{url_for('dashboard.domains_custom',boxId=boxId)}}");
+        {% endfor %}
+        //SYBPATCH END//
+
+        // set up history data table
+        $("#tbl_history").DataTable({
+            "paging": false,
+            "lengthChange": false,
+            "searching": false,
+            "ordering": false,
+            "info": false,
+            "autoWidth": true,
             "columnDefs": [
-                { "orderable": false, "targets": [-1] }
-                {% if current_user.role.name not in ['Administrator', 'Operator'] %},{ "visible": false, "targets": [-2] }{% endif %}
-            ],
-            "processing" : true,
-            "serverSide" : true,
-            "ajax" : url,
-            "info" : false,
-            "autoWidth" : false,
-          {% if SETTING.get('default_domain_table_size')|string in ['10','25','50','100'] %}
-          "lengthMenu": [ [10, 25, 50, 100, -1],
-                          [10, 25, 50, 100, "All"]],
-          {% else %}
-          "lengthMenu": [ [10, 25, 50, 100, {{ SETTING.get('default_domain_table_size') }}, -1],
-                          [10, 25, 50, 100, {{ SETTING.get('default_domain_table_size') }}, "All"]],
-          {% endif %}
-          "pageLength": {{ SETTING.get('default_domain_table_size') }}
+                {
+                    "render": function (data, type, row) {
+                        return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
+                    },
+                    "targets": 2
+                }
+            ]
         });
-    }
-    $('#tab_{{custom_boxes.order[0]}}').addClass( "active" );
-    {% for boxId in custom_boxes.order %}
-    setUpDomainList("#tbl_domain_list_{{boxId}}", "{{url_for('dashboard.domains_custom',boxId=boxId)}}");
-    {% endfor %}
-//SYBPATCH END//
 
-    // set up history data table
-    $("#tbl_history").DataTable({
-        "paging" : false,
-        "lengthChange" : false,
-        "searching" : false,
-        "ordering" : false,
-        "info" : false,
-        "autoWidth" : true,
-        "columnDefs": [
-            {
-                "render": function ( data, type, row ) {
-                    return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
-                },
-                "targets": 2
-            }
-        ]
-    });
-
-    $(document.body).on('click', '.history-info-button', function () {
-        var modal = $("#modal_history_info");
-        var history_id = $(this).val();
-        var info = $("#history-info-div-" + history_id).html();
-        $('#modal-info-content').html(info);
-        modal.modal('show');
-    });
+        $(document.body).on('click', '.history-info-button', function () {
+            var modal = $("#modal_history_info");
+            var history_id = $(this).val();
+            var info = $("#history-info-div-" + history_id).html();
+            $('#modal-info-content').html(info);
+            modal.modal('show');
+        });
 
-    $(document.body).on('click', '.refresh-bg-button', function() {
-        var modal = $("#modal_bg_reload");
-        modal.modal('show');
-        reload_domains($SCRIPT_ROOT + '/dashboard/domains-updater');
-    });
+        $(document.body).on('click', '.refresh-bg-button', function () {
+            var modal = $("#modal_bg_reload");
+            modal.modal('show');
+            reload_domains($SCRIPT_ROOT + '/dashboard/domains-updater');
+        });
 
-    $(document.body).on("click", ".button_template", function (e) {
-        var modal = $("#modal_template");
-        var domain = $(this).prop('id');
-        var form = "    <label for=\"template_name\">Template name</label> \
+        $(document.body).on("click", ".button_template", function (e) {
+            var modal = $("#modal_template");
+            var domain = $(this).prop('id');
+            var form = "    <label for=\"template_name\">Template name</label> \
                         <input type=\"text\" class=\"form-control\" name=\"template_name\" id=\"template_name\" placeholder=\"Enter a valid template name (required)\"> \
                         <label for=\"template_description\">Template description</label> \
                         <input type=\"text\" class=\"form-control\" name=\"template_description\" id=\"template_description\" placeholder=\"Enter a template description (optional)\"> \
-                        <input id=\"domain\" name=\"domain\" type=\"hidden\" value=\""+domain+"\"> \
+                        <input id=\"domain\" name=\"domain\" type=\"hidden\" value=\"" + domain + "\"> \
                     ";
-        modal.find('.modal-body p').html(form);
-        modal.find('#button_save').click(function() {
-            var data = {'_csrf_token': '{{ csrf_token() }}'};
-            data['name'] = modal.find('#template_name').val();
-            data['description'] = modal.find('#template_description').val();
-            data['domain'] = modal.find('#domain').val();
-            applyChanges(data, "{{ url_for('admin.create_template_from_zone') }}", true);
-            modal.modal('hide');
-        })
-        modal.find('#button_close').click(function() {
-            modal.modal('hide');
-        })
+            modal.find('.modal-body p').html(form);
+            modal.find('#button_save').click(function () {
+                var data = {'_csrf_token': '{{ csrf_token() }}'};
+                data['name'] = modal.find('#template_name').val();
+                data['description'] = modal.find('#template_description').val();
+                data['domain'] = modal.find('#domain').val();
+                applyChanges(data, "{{ url_for('admin.create_template_from_zone') }}", true);
+                modal.modal('hide');
+            })
+            modal.find('#button_close').click(function () {
+                modal.modal('hide');
+            })
 
-        modal.modal('show');
-    });
+            modal.modal('show');
+        });
 
-    {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
-      $(document.body).on("click", ".button_dnssec", function() {
-        var domain = $(this).prop('id');
-        getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
-      });
+        {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
+            $(document.body).on("click", ".button_dnssec", function () {
+                var domain = $(this).prop('id');
+                getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
+            });
 
-      $(document.body).on("click", ".button_dnssec_enable", function() {
-        var domain = $(this).prop('id');
-        enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
-      });
+            $(document.body).on("click", ".button_dnssec_enable", function () {
+                var domain = $(this).prop('id');
+                enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
+            });
 
-      $(document.body).on("click", ".button_dnssec_disable", function() {
-        var domain = $(this).prop('id');
-        enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
-      });
-    {% endif %}
-</script>
+            $(document.body).on("click", ".button_dnssec_disable", function () {
+                var domain = $(this).prop('id');
+                enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
+            });
+        {% endif %}
+    </script>
 {% endblock %}
 
 {% block modals %}
-<div class="modal fade" id="modal_history_info">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">History Details</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <div id="modal-info-content">
+    <div class="modal fade" id="modal_history_info">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">History Details</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <div id="modal-info-content">
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
     </div>
-  </div>
-</div>
 
-<div class="modal fade modal-primary" id="modal_template">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Clone to template</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" id="button_close" data-dismiss="modal">
-          Close
-        </button>
-        <button type="button" class="btn btn-primary float-right" id="button_save">
-          Save
-        </button>
-      </div>
+    <div class="modal fade modal-primary" id="modal_template">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Clone to template</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" id="button_close" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-primary float-right" id="button_save">
+                        Save
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 
-<div class="modal fade" id="modal_dnssec_info">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">DNSSEC</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
+    <div class="modal fade" id="modal_dnssec_info">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">DNSSEC</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 
-<div class="modal fade" id="modal_bg_reload">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Sync Domains from backend</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <div id="modal_bg_reload_content">
-          <i class="fa fa-refresh fa-spin"></i> Update in progress ..
+    <div class="modal fade" id="modal_bg_reload">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Sync Domains from backend</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <div id="modal_bg_reload_content">
+                        <i class="fa fa-refresh fa-spin"></i> Update in progress ..
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-          Close
-        </button>
-      </div>
     </div>
-  </div>
-</div>
 {% endblock %}

From d70ded18c218d75912e5260879cb394e57e59443 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 09:11:44 -0500
Subject: [PATCH 213/475] Added head_styles Jinja block to base view template
 head section to allow for page specific style injections.

Continuing work on the re-design and clean-up of the dashboard view.
---
 powerdnsadmin/templates/base.html      |  1 +
 powerdnsadmin/templates/dashboard.html | 39 +++++++++++++-------------
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 4f050c98c..08c109946 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -17,6 +17,7 @@
         {% if SETTING.get('custom_css') %}
             <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
         {% endif %}
+        {% block head_styles %}{% endblock %}
     {% endblock %}
 </head>
 
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 52422162d..140972839 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -180,7 +180,8 @@ <h3 class="card-title">Recent History</h3>
                                 </ul>
                             </div>
                         </div>
-                        <div class="card-body">
+                        <!-- /.card-header -->
+                        <div class="card-body p-0">
                             <div class="tab-content">
                                 {% for boxId in custom_boxes.order %}
                                     <div class="tab-pane fade show" id='tab_{{ boxId }}'>
@@ -195,6 +196,7 @@ <h3 class="card-title">Hosted Domains
                                                 </button>
                                             {% endif %}
                                         </div>
+                                        <!-- /.card-header -->
                                         <div class="card-body table-responsive p-0 pt-2">
                                             <table id='tbl_domain_list_{{ boxId }}'
                                                    class="table table-striped table-hover">
@@ -213,18 +215,33 @@ <h3 class="card-title">Hosted Domains
                                                 </tbody>
                                             </table>
                                         </div>
+                                        <!-- /.card-body -->
                                     </div>
+                                    <!-- /.tab-pane -->
                                 {% endfor %}
                             </div>
+                            <!-- /.tab-content -->
                         </div>
+                        <!-- /.card-body -->
                     </div>
-
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
             </div>
+            <!-- /.row -->
         </div>
+        <!-- /.container-fluid -->
     </section>
 {% endblock %}
 
+{% block head_styles %}
+<style type="text/css">
+div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
+div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
+div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0!important; }
+</style>
+{% endblock %}
+
 {% block extrascripts %}
     <script>
         //SYBPATCH START//
@@ -266,24 +283,6 @@ <h3 class="card-title">Hosted Domains
         {% endfor %}
         //SYBPATCH END//
 
-        // set up history data table
-        $("#tbl_history").DataTable({
-            "paging": false,
-            "lengthChange": false,
-            "searching": false,
-            "ordering": false,
-            "info": false,
-            "autoWidth": true,
-            "columnDefs": [
-                {
-                    "render": function (data, type, row) {
-                        return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
-                    },
-                    "targets": 2
-                }
-            ]
-        });
-
         $(document.body).on('click', '.history-info-button', function () {
             var modal = $("#modal_history_info");
             var history_id = $(this).val();

From 4f83879e95f85a0905506d9e65b572029071faba Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 09:48:43 -0500
Subject: [PATCH 214/475] Added Jinja filter for handle formatting of zone type
 labels to enforce modern social standards.

Removed text label of dashboard domain list action menu to reduce size.

Continuing work on re-design and clean-up of dashboard view.
---
 powerdnsadmin/__init__.py                     |  1 +
 powerdnsadmin/lib/utils.py                    | 10 ++++++++++
 powerdnsadmin/templates/dashboard.html        |  5 ++++-
 powerdnsadmin/templates/dashboard_domain.html |  8 ++++----
 4 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index c8f3b4040..0b2c5a182 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -77,6 +77,7 @@ def create_app(config=None):
     app.jinja_env.filters['display_setting_state'] = utils.display_setting_state
     app.jinja_env.filters['pretty_domain_name'] = utils.pretty_domain_name
     app.jinja_env.filters['format_datetime_local'] = utils.format_datetime
+    app.jinja_env.filters['format_zone_type'] = utils.format_zone_type
 
     # Register context proccessors
     from .models.setting import Setting
diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index c763bcb40..f75a103e9 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -132,6 +132,16 @@ def display_master_name(data):
     return ", ".join(matches)
 
 
+def format_zone_type(data):
+    """Formats the given zone type for modern social standards."""
+    data = str(data).lower()
+    if data == 'master':
+        data = 'primary'
+    elif data == 'slave':
+        data = 'secondary'
+    return data.title()
+
+
 def display_time(amount, units='s', remove_seconds=True):
     """
     Convert timestamp to normal time format
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 140972839..a72c55bf7 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -199,7 +199,7 @@ <h3 class="card-title">Hosted Domains
                                         <!-- /.card-header -->
                                         <div class="card-body table-responsive p-0 pt-2">
                                             <table id='tbl_domain_list_{{ boxId }}'
-                                                   class="table table-striped table-hover">
+                                                   class="table table-striped table-hover records table-sm">
                                                 <thead>
                                                 <tr>
                                                     <th>Name</th>
@@ -236,6 +236,9 @@ <h3 class="card-title">Hosted Domains
 
 {% block head_styles %}
 <style type="text/css">
+table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
+table.records tbody td:first-of-type { text-align: left; }
+table.records thead th:last-of-type { width: 50px; }
 div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
 div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
 div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0!important; }
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index a7df38cde..d9acdeb8e 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -11,7 +11,7 @@
 {% endmacro %}
 
 {% macro type(domain) %}
-  {{ domain.type }}
+  {{ domain.type | format_zone_type }}
 {% endmacro %}
 
 {% macro serial(domain) %}
@@ -19,12 +19,12 @@
 {% endmacro %}
 
 {% macro master(domain) %}
-    {% if domain.master == '[]'%}-{% else %}{{ domain.master | display_master_name }}{% endif %}
+    {% if domain.master == '[]'%}N/A{% else %}{{ domain.master | display_master_name }}{% endif %}
 {% endmacro %}
 
 {% macro account(domain) %}
     {% if current_user.role.name in ['Administrator', 'Operator'] %}
-      {{ domain.account.name if domain.account else '-' }}
+      {{ domain.account.name if domain.account else 'None' }}
     {% endif %}
 {% endmacro %}
 
@@ -32,7 +32,7 @@
 <td width="6%">
   <div class="dropdown">
     <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-      <i class="fa-solid fa-bars"></i>&nbsp;Actions
+      <i class="fa-solid fa-bars"></i>
     </button>
     <div class="dropdown-menu" aria-labelledby="dropdownMenu">
       {% if current_user.role.name in ['Administrator', 'Operator'] %}

From 49bc8e948d277ae7788c52b24e4643212fce57ea Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 09:54:15 -0500
Subject: [PATCH 215/475] Continuing work on re-design and clean-up of
 dashboard view.

---
 powerdnsadmin/templates/dashboard.html | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index a72c55bf7..dc2b52c90 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -9,7 +9,6 @@
                 <div class="col-sm-6">
                     <h1 class="m-0 text-dark">
                         Dashboard
-                        <small>Info</small>
                     </h1>
                 </div>
                 <div class="col-sm-6">
@@ -236,12 +235,14 @@ <h3 class="card-title">Hosted Domains
 
 {% block head_styles %}
 <style type="text/css">
+/* Global Styles */
 table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
-table.records tbody td:first-of-type { text-align: left; }
 table.records thead th:last-of-type { width: 50px; }
 div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
 div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
 div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0!important; }
+/* Page Specific Overrides */
+table.records tbody td:first-of-type { text-align: left; }
 </style>
 {% endblock %}
 

From 4a5db674f4a4ffe24f0207bdee25415c0ae0e27c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 10:19:13 -0500
Subject: [PATCH 216/475] Working on condensing the zones list on the
 dashboard.

Changed the terminology for zones on the dashboard from domains to zones.
---
 powerdnsadmin/templates/dashboard.html | 76 +++++++++++++-------------
 1 file changed, 39 insertions(+), 37 deletions(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index dc2b52c90..c6ff50dd6 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -160,42 +160,44 @@ <h3 class="card-title">Recent History</h3>
 
             <div class="row">
                 <div class="col-12">
-                    <div class="card">
+                    <div class="card card-outline card-primary">
                         <div class="card-header">
-                            <div class="nav-tabs-custom">
-                                <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab" role="tablist">
-                                    <li class="nav-item">
-                                        <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
-                                           data-toggle="pill" role="tab">
-                                            Hosted Domains <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
-                                        </a>
-                                    </li>
-                                    {% for boxId in custom_boxes.order[1:] %}
+                            <h3 class="card-title">
+                                Zones
+                                {% if show_bg_domain_button %}
+                                    <button type="button" title="Synchronize Zones"
+                                            class="btn btn-tool refresh-bg-button">
+                                        <i class="fa-solid fa-sync"></i>
+                                    </button>
+                                {% endif %}
+                            </h3>
+                            <div class="card-tools">
+                                <div class="nav-tabs-custom">
+                                    <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab"
+                                        role="tablist">
                                         <li class="nav-item">
-                                            <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill" role="tab">Hosted
-                                                Domains <b>{{ custom_boxes.boxes[boxId][0] }}</b></a>
+                                            <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
+                                               data-toggle="pill" role="tab">
+                                                Zones <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
+                                            </a>
                                         </li>
-                                    {% endfor %}
-                                </ul>
+                                        {% for boxId in custom_boxes.order[1:] %}
+                                            <li class="nav-item">
+                                                <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill"
+                                                   role="tab">
+                                                    Zones <b>{{ custom_boxes.boxes[boxId][0] }}</b>
+                                                </a>
+                                            </li>
+                                        {% endfor %}
+                                    </ul>
+                                </div>
                             </div>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body p-0">
                             <div class="tab-content">
                                 {% for boxId in custom_boxes.order %}
-                                    <div class="tab-pane fade show" id='tab_{{ boxId }}'>
-                                        <div class="card-header">
-                                            <h3 class="card-title">Hosted Domains
-                                                <b>{{ custom_boxes.boxes[boxId][0] }}</b></h3>
-                                            {% if show_bg_domain_button %}
-                                                <button type="button"
-                                                        class="btn btn-primary refresh-bg-button float-right">
-                                                    <i class="fa-solid fa-sync"></i>
-                                                    &nbsp;Sync Domains
-                                                </button>
-                                            {% endif %}
-                                        </div>
-                                        <!-- /.card-header -->
+                                    <div class="tab-pane show" id='tab_{{ boxId }}'>
                                         <div class="card-body table-responsive p-0 pt-2">
                                             <table id='tbl_domain_list_{{ boxId }}'
                                                    class="table table-striped table-hover records table-sm">
@@ -234,16 +236,16 @@ <h3 class="card-title">Hosted Domains
 {% endblock %}
 
 {% block head_styles %}
-<style type="text/css">
-/* Global Styles */
-table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
-table.records thead th:last-of-type { width: 50px; }
-div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
-div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
-div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0!important; }
-/* Page Specific Overrides */
-table.records tbody td:first-of-type { text-align: left; }
-</style>
+    <style type="text/css">
+        /* Global Styles */
+        table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
+        table.records thead th:last-of-type { width: 50px; }
+        div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
+        div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
+        div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
+        /* Page Specific Overrides */
+        table.records tbody td:first-of-type { text-align: left; }
+    </style>
 {% endblock %}
 
 {% block extrascripts %}

From 1cd5ce9ccc9ce28d83bc8e2a18506b3eb4f57a7f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 10:45:19 -0500
Subject: [PATCH 217/475] Working on dashboard zone list action controls and
 styling.

---
 powerdnsadmin/templates/dashboard_domain.html | 110 +++++++++---------
 1 file changed, 54 insertions(+), 56 deletions(-)

diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index d9acdeb8e..53d1cfebd 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -1,17 +1,23 @@
 {% macro name(domain) %}
-  <a href="{{ url_for('domain.domain', domain_name=domain.name) }}"><strong>{{ domain.name | pretty_domain_name }}</strong></a>
+    <a href="{{ url_for('domain.domain', domain_name=domain.name) }}"><strong>{{ domain.name | pretty_domain_name }}</strong></a>
 {% endmacro %}
 
 {% macro dnssec(domain) %}
-  {% if domain.dnssec %}
-  <td><span style="cursor:pointer" class="badge badge-success button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock"></i>&nbsp;Enabled</span></td>
-  {% else %}
-  <td><span style="cursor:pointer" class="badge badge-danger button_dnssec" id="{{ domain.name }}"><i class="fa-solid fa-lock-open"></i>&nbsp;Disabled</span></td>
-  {% endif %}
+    {% if domain.dnssec %}
+        <td>
+            <button class="btn badge btn-success button_dnssec" title="Edit DNSSEC" id="{{ domain.name }}"><i
+                    class="fa-solid fa-lock"></i></button>
+        </td>
+    {% else %}
+        <td>
+            <button class="btn badge btn-danger button_dnssec" title="Enable DNSSEC" id="{{ domain.name }}"><i
+                    class="fa-solid fa-lock-open"></i></button>
+        </td>
+    {% endif %}
 {% endmacro %}
 
 {% macro type(domain) %}
-  {{ domain.type | format_zone_type }}
+    {{ domain.type | format_zone_type }}
 {% endmacro %}
 
 {% macro serial(domain) %}
@@ -19,61 +25,53 @@
 {% endmacro %}
 
 {% macro master(domain) %}
-    {% if domain.master == '[]'%}N/A{% else %}{{ domain.master | display_master_name }}{% endif %}
+    {% if domain.master == '[]' %}N/A{% else %}{{ domain.master | display_master_name }}{% endif %}
 {% endmacro %}
 
 {% macro account(domain) %}
     {% if current_user.role.name in ['Administrator', 'Operator'] %}
-      {{ domain.account.name if domain.account else 'None' }}
+        {{ domain.account.name if domain.account else 'None' }}
     {% endif %}
 {% endmacro %}
 
 {% macro actions(domain) %}
-<td width="6%">
-  <div class="dropdown">
-    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-      <i class="fa-solid fa-bars"></i>
-    </button>
-    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-      {% if current_user.role.name in ['Administrator', 'Operator'] %}
-        <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
-          <i class="fa-solid fa-clone"></i>&nbsp;Clone to Template
-        </button>
-        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
-        </button>
-        <button class="dropdown-item btn-danger" type="button" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Admin Settings
-        </button>
-        <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
-        </button>
-        <div class="dropdown-divider"></div>
-        <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
-          <font color="red">
-            <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
-          </font>
-        </button>
-       </div>
-      {% else %}
-        <button class="dropdown-item btn-success" type="button" onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
-          <i class="fa-solid fa-cog"></i>&nbsp;Manage Domain
-        </button>
-        {% if allow_user_view_history %}
-          <button class="dropdown-item btn-primary" type="button" onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
-            <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Domain Changelog
-          </button>
-        {% endif %}
-        {% if allow_user_remove_domain %}
-          <div class="dropdown-divider"></div>
-          <button type="button"class="dropdown-item btn-secondary button_delete" onclick="window.location.href='{{ url_for('domain.remove') }}'">
-            <font color="red">
-              <i class="fa-solid fa-trash"></i>&nbsp;Remove Domain
-            </font>
-          </button>
-        {% endif %}
-      {% endif %}  
-    </div>
-  </div>
-</td>
+    <td>
+        <div class="dropdown">
+            <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown"
+                    aria-haspopup="true" aria-expanded="false">
+                <i class="fa-solid fa-bars"></i>
+            </button>
+            <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                <button class="dropdown-item btn-success" type="button"
+                        onclick="window.location.href='{{ url_for('domain.domain', domain_name=domain.name) }}'">
+                    <i class="fa-solid fa-pencil"></i>&nbsp;Edit Records
+                </button>
+
+                {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                    <button class="dropdown-item btn-danger" type="button"
+                            onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+                        <i class="fa-solid fa-cog"></i>&nbsp;Zone Settings
+                    </button>
+                    <button class="dropdown-item btn-success button_template" id="{{ domain.name }}" type="button">
+                        <i class="fa-solid fa-clone"></i>&nbsp;Create Template
+                    </button>
+                {% endif %}
+
+                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
+                    <button class="dropdown-item btn-primary" type="button"
+                            onclick="window.location.href='{{ url_for('domain.changelog', domain_name=domain.name) }}'">
+                        <i class="fa-solid fa-history" aria-hidden="true"></i>&nbsp;Zone Changelog
+                    </button>
+                {% endif %}
+
+                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_remove_domain %}
+                    <div class="dropdown-divider"></div>
+                    <button type="button" class="dropdown-item btn-secondary button_delete"
+                            onclick="window.location.href='{{ url_for('domain.remove') }}'">
+                        <span style="color: red;"><i class="fa-solid fa-trash"></i>&nbsp;Remove Zone</span>
+                    </button>
+                {% endif %}
+            </div>
+        </div>
+    </td>
 {% endmacro %}

From abf1f4eca3fbde04a8da7e28d839c13ddce8adcf Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:03:33 -0500
Subject: [PATCH 218/475] Moved user profile edit and user logout navigation
 items into sidebar info block for a more condensed UI.

---
 powerdnsadmin/templates/base.html | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 08c109946..27c219c5a 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -13,10 +13,17 @@
         <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
         <!-- Tell Safari to not recognise telephone numbers -->
         <meta name="format-detection" content="telephone=no">
-        {% assets "css_main" -%}<link rel="stylesheet" href="{{ ASSET_URL }}">{%- endassets %}
+        {% assets "css_main" -%}
+            <link rel="stylesheet" href="{{ ASSET_URL }}">{%- endassets %}
         {% if SETTING.get('custom_css') %}
             <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
         {% endif %}
+        <style type="text/css">
+        .sidebar .image { padding-top: 0.7em; }
+        .sidebar .info { color: #fff; }
+        .sidebar .info p { margin: 0; }
+        .sidebar .info a { font-size: 0.8em; }
+        </style>
         {% block head_styles %}{% endblock %}
     {% endblock %}
 </head>
@@ -67,24 +74,16 @@
                         <img src="{{ user_image_url }}" class="img-circle elevation-2" alt="User Image">
                     </div>
                     <div class="info">
-                        <a href="{{ url_for('user.profile') }}"
-                           class="d-block">{{ current_user.firstname }} {{ current_user.lastname }}</a>
+                        <p>{{ current_user.firstname }} {{ current_user.lastname }}</p>
+                        <span>
+                            <a href="{{ url_for('user.profile') }}"><i class="nav-icon fa-solid fa-user"></i> Edit Profile</a>
+                            &nbsp;|&nbsp;
+                            <a href="{{ url_for('index.logout') }}"><i class="nav-icon fa-solid fa-sign-out-alt"></i> Logout</a>
+                        </span>
                     </div>
                 </div>
                 <!-- sidebar menu: : style can be found in sidebar.less -->
                 <ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu">
-                    <li class="{{ 'nav-item active' if active_page == 'user_profile' else 'nav-item' }}">
-                        <a href="{{ url_for('user.profile') }}" class="nav-link">
-                            <i class="nav-icon fa-solid fa-user"></i>
-                            <p>Profile</p>
-                        </a>
-                    </li>
-                    <li class="nav-item">
-                        <a href="{{ url_for('index.logout') }}" class="nav-link">
-                            <i class="nav-icon fa-solid fa-sign-out-alt"></i>
-                            <p>Logout</p>
-                        </a>
-                    </li>
                     <li class="nav-header">Zone Management</li>
                     <li class="{{ 'nav-item active' if active_page == 'nav-item dashboard' else 'nav-item' }}">
                         <a href="{{ url_for('dashboard.dashboard') }}" class="nav-link">

From c0799b95f829c34e4b5e445c8235136e67b1a085 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:04:45 -0500
Subject: [PATCH 219/475] Updated sidebar navigation to use updated terminology
 of zone instead of domain.

---
 powerdnsadmin/templates/base.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 27c219c5a..be5c99cee 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -95,7 +95,7 @@
                         <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
                             <a href="{{ url_for('domain.add') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-plus"></i>
-                                <p>New Domain</p>
+                                <p>New Zone</p>
                             </a>
                         </li>
                     {% endif %}
@@ -103,7 +103,7 @@
                         <li class="{{ 'nav-item active' if active_page == 'remove_domain' else 'nav-item' }}">
                             <a href="{{ url_for('domain.remove') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-trash-alt"></i>
-                                <p>Remove Domain</p>
+                                <p>Remove Zone</p>
                             </a>
                         </li>
                     {% endif %}
@@ -130,7 +130,7 @@
                         <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
                             <a href="{{ url_for('admin.templates') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-clone"></i>
-                                <p>Domain Templates</p>
+                                <p>Zone Templates</p>
                             </a>
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">

From b4a354b0f8ddc49fc93dd4bdf93c48c260804400 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:31:24 -0500
Subject: [PATCH 220/475] Updated icons for sidebar navigation as well as some
 labels.

Tweaked zone record list on dashboard to always include the account column, regardless of user role.
---
 powerdnsadmin/templates/base.html             | 16 ++++++++--------
 powerdnsadmin/templates/dashboard.html        |  4 ----
 powerdnsadmin/templates/dashboard_domain.html |  2 ++
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index be5c99cee..a95737c72 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -123,7 +123,7 @@
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
                             <a href="{{ url_for('admin.history') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-calendar-alt"></i>
+                                <i class="nav-icon fa-solid fa-timeline"></i>
                                 <p>History</p>
                             </a>
                         </li>
@@ -135,7 +135,7 @@
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_accounts' else 'nav-item' }}">
                             <a href="{{ url_for('admin.manage_account') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-industry"></i>
+                                <i class="nav-icon fa-solid fa-users-rectangle"></i>
                                 <p>Accounts</p>
                             </a>
                         </li>
@@ -163,26 +163,26 @@
                                 {% if active_page == 'admin_settings' %}style="display: block;"{% endif %}>
                                 <li class="nav-item">
                                     <a href="{{ url_for('admin.setting_basic') }}" class="nav-link">
-                                        <i class="nav-icon fa-solid fa-circle"></i>
+                                        <i class="nav-icon fa-solid fa-gears"></i>
                                         <p>Basic</p>
                                     </a>
                                 </li>
                                 <li class="nav-item">
                                     <a href="{{ url_for('admin.setting_records') }}" class="nav-link">
-                                        <i class="nav-icon fa-solid fa-circle"></i>
-                                        <p>Records</p>
+                                        <i class="nav-icon fa-regular fa-rectangle-list"></i>
+                                        <p>Zone Records</p>
                                     </a>
                                 </li>
                                 {% if current_user.role.name == 'Administrator' %}
                                     <li class="nav-item">
                                         <a href="{{ url_for('admin.setting_pdns') }}" class="nav-link">
-                                            <i class="nav-icon fa-solid fa-circle"></i>
-                                            <p>PowerDNS Connection</p>
+                                            <i class="nav-icon fa-solid fa-server"></i>
+                                            <p>Server</p>
                                         </a>
                                     </li>
                                     <li class="nav-item">
                                         <a href="{{ url_for('admin.setting_authentication') }}" class="nav-link">
-                                            <i class="nav-icon fa-solid fa-circle"></i>
+                                            <i class="nav-icon fa-solid fa-user-shield"></i>
                                             <p>Authentication</p>
                                         </a>
                                     </li>
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index c6ff50dd6..9cf0c5f87 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -262,10 +262,6 @@ <h3 class="card-title">
                 "ordering": true,
                 "columnDefs": [
                     {"orderable": false, "targets": [-1]}
-                    {% if current_user.role.name not in ['Administrator', 'Operator'] %},{
-                        "visible": false,
-                        "targets": [-2]
-                    }{% endif %}
                 ],
                 "processing": true,
                 "serverSide": true,
diff --git a/powerdnsadmin/templates/dashboard_domain.html b/powerdnsadmin/templates/dashboard_domain.html
index 53d1cfebd..489fdbcd5 100644
--- a/powerdnsadmin/templates/dashboard_domain.html
+++ b/powerdnsadmin/templates/dashboard_domain.html
@@ -31,6 +31,8 @@
 {% macro account(domain) %}
     {% if current_user.role.name in ['Administrator', 'Operator'] %}
         {{ domain.account.name if domain.account else 'None' }}
+    {% else %}
+        None
     {% endif %}
 {% endmacro %}
 

From b52b7d7e4f2995448860221f6a539c321b777fdc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:38:19 -0500
Subject: [PATCH 221/475] Wrapping up first-round changes to the dashboard
 view.

---
 powerdnsadmin/templates/dashboard.html | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 9cf0c5f87..f0b1a8748 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -111,21 +111,21 @@ <h3 class="card-title">Recent History</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body table-responsive p-0">
-                                <table class="table table-striped table-hover">
+                                <table class="table table-striped table-hover table-sm records">
                                     <thead>
                                     <tr>
-                                        <th>User</th>
                                         <th>Log Message</th>
                                         <th>Timestamp</th>
+                                        <th>User</th>
                                         <th>Actions</th>
                                     </tr>
                                     </thead>
                                     <tbody>
                                     {% for history in histories %}
                                         <tr class="odd">
-                                            <td>{{ history.history.created_by }}</td>
                                             <td>{{ history.history.msg }}</td>
                                             <td>{{ history.history.created_on | format_datetime_local }}</td>
+                                            <td>{{ history.history.created_by }}</td>
                                             <td>
                                                 <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
                                                     {{ history.detailed_msg | safe }}
@@ -138,10 +138,11 @@ <h3 class="card-title">Recent History</h3>
                                                     {% endif %}
                                                 </div>
                                                 <button type="button" class="btn btn-sm btn-primary history-info-button"
+                                                        title="View Additional Information"
                                                         {% if history.detailed_msg == "" and history.change_set is none %}
                                                         style="visibility: hidden;"
                                                         {% endif %} value="{{ loop.index0 }}">
-                                                    <i class="fa-solid fa-info-circle"></i>&nbsp;Info
+                                                    <i class="fa-solid fa-info-circle"></i>
                                                 </button>
                                             </td>
                                         </tr>
@@ -200,7 +201,7 @@ <h3 class="card-title">
                                     <div class="tab-pane show" id='tab_{{ boxId }}'>
                                         <div class="card-body table-responsive p-0 pt-2">
                                             <table id='tbl_domain_list_{{ boxId }}'
-                                                   class="table table-striped table-hover records table-sm">
+                                                   class="table table-striped table-hover table-sm records">
                                                 <thead>
                                                 <tr>
                                                     <th>Name</th>

From ec28e76ff5178f56f6ceda1d05685853eab5414b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:39:56 -0500
Subject: [PATCH 222/475] Moved global styles to base view template until
 permanently merged into global CSS file.

---
 powerdnsadmin/templates/base.html      | 6 ++++++
 powerdnsadmin/templates/dashboard.html | 6 ------
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index a95737c72..f11cf7866 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -23,6 +23,12 @@
         .sidebar .info { color: #fff; }
         .sidebar .info p { margin: 0; }
         .sidebar .info a { font-size: 0.8em; }
+        /* Global Styles */
+        table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
+        table.records thead th:last-of-type { width: 50px; }
+        div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
+        div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
+        div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
         </style>
         {% block head_styles %}{% endblock %}
     {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index f0b1a8748..addca6663 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -238,12 +238,6 @@ <h3 class="card-title">
 
 {% block head_styles %}
     <style type="text/css">
-        /* Global Styles */
-        table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
-        table.records thead th:last-of-type { width: 50px; }
-        div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
-        div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
-        div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
         /* Page Specific Overrides */
         table.records tbody td:first-of-type { text-align: left; }
     </style>

From 9548cbce1c5b1f665d978d0d5a8dbfcad7af7c75 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 11:42:39 -0500
Subject: [PATCH 223/475] Removed legacy style tag attribute.

---
 powerdnsadmin/templates/base.html       |  2 +-
 powerdnsadmin/templates/dashboard.html  |  2 +-
 powerdnsadmin/templates/domain_add.html | 13 ++++++-------
 3 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index f11cf7866..4712feef2 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -18,7 +18,7 @@
         {% if SETTING.get('custom_css') %}
             <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
         {% endif %}
-        <style type="text/css">
+        <style>
         .sidebar .image { padding-top: 0.7em; }
         .sidebar .info { color: #fff; }
         .sidebar .info p { margin: 0; }
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index addca6663..993d1962b 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -237,7 +237,7 @@ <h3 class="card-title">
 {% endblock %}
 
 {% block head_styles %}
-    <style type="text/css">
+    <style>
         /* Page Specific Overrides */
         table.records tbody td:first-of-type { text-align: left; }
     </style>
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 3f8525783..a104428e3 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -1,12 +1,6 @@
 {% extends "base.html" %}
-
 {% set active_page = "new_domain" %}
-
-{% block title %}
-  <title>
-    Add Domain - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Add Domain - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
   <div class="content-header">
@@ -186,7 +180,12 @@ <h3 class="card-title">Help with creating a new domain</h3>
       </div>
     </div>
 </section>
+{% endblock %}
 
+{% block head_styles %}
+    <style>
+        /* Page Specific Overrides */
+    </style>
 {% endblock %}
 
 {% block extrascripts %}

From 75e262e7e979c84530af9ac77c9b6d7e2b88d71b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 12:06:39 -0500
Subject: [PATCH 224/475] Completed first-found updates of the zone add view.

---
 powerdnsadmin/templates/domain_add.html | 468 +++++++++++++-----------
 1 file changed, 253 insertions(+), 215 deletions(-)

diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index a104428e3..d26d29704 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -1,238 +1,276 @@
 {% extends "base.html" %}
 {% set active_page = "new_domain" %}
-{% block title %}<title>Add Domain - {{ SITE_NAME }}</title>{% endblock %}
+{% block title %}<title>Create Zone - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain
-            <small>New Domain</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain - New Domain</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Create New Zone
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">New Zone</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Create new domain</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('domain.add') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <div class="form-group">
-                <input type="text" class="form-control" name="domain_name" id="domain_name" placeholder="Enter a valid domain name (required)">
-              </div>
-              {% if domain_override_toggle == True %}
-                <div class="form-group">
-                  <label>Domain Override Record</label>
-                  <input type="checkbox" id="domain_override" name="domain_override" class="checkbox">
-                </div>
-              {% endif %}
-              <select name="accountid" class="form-control" style="width:15em;">
-                <option value="0">- No Account -</option>
-                {% for account in accounts %}
-                  <option value="{{ account.id }}">{{ account.name }}</option>
-                {% endfor %}
-              </select>
-              <br />
-              <div class="form-group">
-                <label>Type</label>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_native" value="native" checked>
-                    Native
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_primary" value="primary">
-                    Primary
-                  </label>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" action="{{ url_for('domain.add') }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="card">
+                            <div class="card-header">
+                                <h3 class="card-title">Zone Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="form-group">
+                                    <label for="domain_name">Zone Name</label>
+                                    <input type="text" class="form-control" name="domain_name" id="domain_name"
+                                           placeholder="Enter a valid zone name (required)">
+                                </div>
+                                {% if domain_override_toggle == True %}
+                                    <div class="form-group">
+                                        <input type="checkbox" id="domain_override" name="domain_override"
+                                               class="checkbox">
+                                        &nbsp;
+                                        <label for="domain_override">Zone Override Record</label>
+                                    </div>
+                                {% endif %}
+                                <div class="form-group">
+                                    <label for="selAccount">Account</label>
+                                    <select name="accountid" id="selAccount" class="form-control">
+                                        <option value="0">- No Account -</option>
+                                        {% for account in accounts %}
+                                            <option value="{{ account.id }}">{{ account.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                                <div class="form-group">
+                                    <label>Zone Type</label>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type" id="radio_type_native" value="native"
+                                                   checked>
+                                            Native
+                                        </label>
+                                    </div>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type" id="radio_type_primary"
+                                                   value="primary">
+                                            Primary
+                                        </label>
+                                    </div>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type" id="radio_type_secondary"
+                                                   value="secondary">
+                                            Secondary
+                                        </label>
+                                    </div>
+                                </div>
+                                <div class="form-group">
+                                    <label for="domain_template">Zone Template</label>
+                                    <select class="form-control" id="domain_template" name="domain_template">
+                                        <option value="0">No template</option>
+                                        {% for template in templates %}
+                                            <option value="{{ template.id }}">{{ template.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                                <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                                    <input type="text" class="form-control" name="domain_primary_address"
+                                           id="domain_primary_address"
+                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+                                </div>
+                                <div class="form-group">
+                                    <label>SOA-EDIT-API</label>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type_soa_edit_api" id="radio_default"
+                                                   value="DEFAULT" checked>
+                                            DEFAULT
+                                        </label>
+                                    </div>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type_soa_edit_api" id="radio_increase"
+                                                   value="INCREASE">
+                                            INCREASE
+                                        </label>
+                                    </div>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch"
+                                                   value="EPOCH">
+                                            EPOCH
+                                        </label>
+                                    </div>
+                                    <div class="radio">
+                                        <label>
+                                            <input type="radio" name="radio_type_soa_edit_api" id="radio_off"
+                                                   value="OFF"> OFF
+                                        </label>
+                                    </div>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="button" title="Cancel" class="btn btn-danger"
+                                        onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                                    <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                                </button>
+                                <button type="submit" title="Create Zone" class="btn btn-primary float-right">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Create Zone
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
                 </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type" id="radio_type_secondary" value="secondary">
-                    Secondary
-                  </label>
+                <!-- /.col -->
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Field Details</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <dl class="dl-horizontal">
+                                <dt>Zone Name</dt>
+                                <dd>Enter your zone name in the format of name.tld (eg. powerdns-admin.com). You can
+                                    also enter sublevel zones to create delegate zones (eg. sub.powerdns-admin.com)
+                                    which can be useful for delegating control to other users.
+                                </dd>
+                                <dt>Zone Override Record</dt>
+                                <dd>When enabled, this will allow the user to by-pass validation errors if the user
+                                    doesn't have administration rights to a parent zone.
+                                </dd>
+                                <dt>Account</dt>
+                                <dd>Specifies the PowerDNS account value to use for the zone.</dd>
+                                <dt>Zone Type</dt>
+                                <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                                    <ul>
+                                        <li>
+                                            <strong>Native</strong> - The server will not perform any Primary or Secondary
+                                            zone functions.
+                                        </li>
+                                        <li>
+                                            <strong>Primary</strong> - The server will serve as the Primary and will send
+                                            zone transfers (AXFRs) to other servers configured as secondaries.
+                                        </li>
+                                        <li>
+                                            <strong>Secondary</strong> - The server will serve as the Secondary and will
+                                            request and receive zone transfers (AXFRs) from other servers configured as
+                                            Primaries.
+                                        </li>
+                                    </ul>
+                                </dd>
+                                <dt>Zone Template</dt>
+                                <dd>Specifies the existing zone template which this zone should initially be replicated
+                                    from.
+                                </dd>
+                                <dt>SOA-EDIT-API</dt>
+                                <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a
+                                    change is
+                                    made to the domain.
+                                    <ul>
+                                        <li>
+                                            <strong>DEFAULT</strong> - Generate a soa serial of YYYYMMDD01. If the current serial
+                                            is lower than
+                                            the generated serial, use the generated serial. If the current serial is
+                                            higher or
+                                            equal to the generated serial, increase the current serial by 1.
+                                        </li>
+                                        <li>
+                                            <strong>INCREASE</strong> - Increase the current serial by 1.
+                                        </li>
+                                        <li>
+                                            <strong>EPOCH</strong> - Change the serial to the number of seconds since the EPOCH,
+                                            AKA UNIX timestamps
+                                        </li>
+                                        <li>
+                                            <strong>OFF</strong> - Disable automatic updates of the SOA serial.
+                                        </li>
+                                    </ul>
+                                </dd>
+                            </dl>
+                            <p>
+                                Find more details at <a href="https://docs.powerdns.com/md/" target="_blank">https://docs.powerdns.com/md/</a>
+                            </p>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
                 </div>
-              </div>
-              <div class="form-group">
-                <label>Select a template</label>
-                <select class="form-control" id="domain_template" name="domain_template">
-                  <option value="0">No template</option>
-                  {% for template in templates %}
-                    <option value="{{ template.id }}">{{ template.name }}</option>
-                  {% endfor %}
-                </select>
-              </div>
-              <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                <input type="text" class="form-control" name="domain_primary_address" id="domain_primary_address" placeholder="Enter valid Primary Server IP addresses (separated by commas)">
-              </div>
-              <div class="form-group">
-                <label>SOA-EDIT-API</label>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_default" value="DEFAULT" checked>
-                    DEFAULT
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_increase" value="INCREASE">
-                    INCREASE
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_epoch" value="EPOCH">
-                    EPOCH
-                  </label>
-                </div>
-                <div class="radio">
-                  <label>
-                    <input type="radio" name="radio_type_soa_edit_api" id="radio_off" value="OFF"> OFF
-                  </label>
-                </div>
-              </div>
-            </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Create
-              </button>
+                <!-- /.col -->
             </div>
-          </form>
+            <!-- /.row -->
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new domain</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Domain name</dt>
-                <dd>Enter your domain name in the format of name.tld (eg. powerdns-admin.com). You can also
-                    enter sub-domains to create a sub-root zone (eg. sub.powerdns-admin.com) in case you want to
-                    delegate sub-domain management to specific users.
-                </dd>
-              <dt>Type</dt>
-                <dd>The type decides how the domain will be replicated across multiple DNS servers.
-                  <ul>
-                    <li>
-                      <b>Native - </b>{{ SITE_NAME }} will not perform any Primary or Secondary zone functions.
-                    </li>
-                    <li>
-                      <b>Primary - </b>{{ SITE_NAME }} will serve as the Primary and will send zone transfers
-                      (AXFRs) to other servers configured as secondaries.
-                    </li>
-                    <li>
-                      <b>Secondary - </b>{{ SITE_NAME }} will serve as the Secondary and will request and receive
-                      zone transfers (AXFRs) from other servers configured as Primaries.
-                    </li>
-                  </ul>
-                </dd>
-                <dt>SOA-EDIT-API</dt>
-                  <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is
-                      made to the domain.
-                    <ul>
-                      <li>
-                        <b>DEFAULT - </b>Generate a soa serial of YYYYMMDD01. If the current serial is lower than
-                          the generated serial, use the generated serial. If the current serial is higher or
-                          equal to the generated serial, increase the current serial by 1.
-                      </li>
-                      <li>
-                        <b>INCREASE - </b>Increase the current serial by 1.
-                      </li>
-                      <li>
-                        <b>EPOCH - </b>Change the serial to the number of seconds since the EPOCH, aka unixtime.
-                      </li>
-                      <li>
-                        <b>OFF - </b>Disable automatic updates of the SOA serial.
-                      </li>
-                    </ul>
-                  </dd>
-                </dl>
-                <p>
-                  Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a>
-                </p>
-              </div>
-            </div>
-          </div>
-      </div>
-    </div>
-</section>
-{% endblock %}
-
-{% block head_styles %}
-    <style>
-        /* Page Specific Overrides */
-    </style>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    $("input[name=radio_type]").change(function () {
-      var type = $(this).val();
-      if (type == "secondary") {
-        $("#domain_primary_address_div").show();
-      } else {
-        $("#domain_primary_address_div").hide();
-      }
-    });
-  </script>
+    <script>
+        $("input[name=radio_type]").change(function () {
+            var type = $(this).val();
+            if (type == "secondary") {
+                $("#domain_primary_address_div").show();
+            } else {
+                $("#domain_primary_address_div").hide();
+            }
+        });
+    </script>
 {% endblock %}
 
 {% block modals %}
-  <script>
-    {% if domain_override_message %}
-      $(document.body).ready(function () {
-          var modal = $("#modal_warning");
-          var info = "{{ domain_override_message }}";
-          modal.find('.modal-body p').text(info);
-          modal.modal('show');
-      });
-    {% endif %}
-  </script>
+    <script>
+        {% if domain_override_message %}
+            $(document.body).ready(function () {
+                var modal = $("#modal_warning");
+                var info = "{{ domain_override_message }}";
+                modal.find('.modal-body p').text(info);
+                modal.modal('show');
+            });
+        {% endif %}
+    </script>
 
-  <div class="modal fade" id="modal_warning">
-    <div class="modal-dialog">
-      <div class="modal-content modal-sm">
-        <div class="modal-header alert-danger">
-          <h4 class="modal-title">
-            WARNING
-          </h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-primary center-block" data-dismiss="modal" id="button_confirm_warn_modal">
-            CLOSE
-          </button>
+    <div class="modal fade" id="modal_warning">
+        <div class="modal-dialog">
+            <div class="modal-content modal-sm">
+                <div class="modal-header alert-danger">
+                    <h4 class="modal-title">
+                        WARNING
+                    </h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close"
+                            id="button_close_warn_modal">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-primary center-block" data-dismiss="modal"
+                            id="button_confirm_warn_modal">
+                        CLOSE
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
\ No newline at end of file

From 6e10f97e9da5b14b6252064c39ed388e5e17cd15 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 12:13:13 -0500
Subject: [PATCH 225/475] Completed first-found updates of the zone remove
 view.

Tweaked cancel button style and help text on the zone add view.
---
 powerdnsadmin/templates/domain_add.html    |   4 +-
 powerdnsadmin/templates/domain_remove.html | 234 ++++++++++-----------
 2 files changed, 119 insertions(+), 119 deletions(-)

diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index d26d29704..f1191442c 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -128,7 +128,7 @@ <h3 class="card-title">Zone Editor</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-footer">
-                                <button type="button" title="Cancel" class="btn btn-danger"
+                                <button type="button" title="Cancel" class="btn btn-secondary"
                                         onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
                                     <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
                                 </button>
@@ -145,7 +145,7 @@ <h3 class="card-title">Zone Editor</h3>
                 <div class="col-12 col-sm-6 col-lg-8">
                     <div class="card">
                         <div class="card-header">
-                            <h3 class="card-title">Zone Field Details</h3>
+                            <h3 class="card-title">Zone Editor Help</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index a2da906ac..7435168ce 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -1,137 +1,137 @@
 {% extends "base.html" %}
-
 {% set active_page = "remove_domain" %}
-
-{% block title %}
-  <title>
-    Remove Domain - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Remove Zone - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain
-            <small>Remove</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain - Remove Domain</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Remove Zone
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Remove Zone</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Remove Domain</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('domain.remove') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <select id=domainid class="form-control" style="width:15em;">
-                <option value="0">- Select Domain -</option>
-                {% for domain in domainss %}
-                  <option value="{{ domain.id }}">{{ domain.name }}</option>
-                {% endfor %}
-              </select>
-              <br />
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Selector</h3>
+                        </div>
+                        <form role="form" method="post" action="{{ url_for('domain.remove') }}">
+                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                            <div class="card-body">
+                                <div class="form-group">
+                                    <label for="domainid">Zone</label>
+                                    <select id=domainid class="form-control" style="width:15em;">
+                                        <option value="0">- Select Domain -</option>
+                                        {% for domain in domainss %}
+                                            <option value="{{ domain.id }}">{{ domain.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+                            <div class="card-footer">
+                                <button type="button" title="Cancel" class="btn btn-secondary"
+                                        onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
+                                    <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                                </button>
+                                <button type="button" title="Remove Zone"
+                                        class="btn btn-danger button_delete float-right">
+                                    <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove Zone
+                                </button>
+                            </div>
+                        </form>
+                    </div>
+                </div>
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Selector Help</h3>
+                        </div>
+                        <div class="card-body">
+                            <dl class="dl-horizontal">
+                                <dt>Zone</dt>
+                                <dd>Select the zone you wish to remove from the system.</dd>
+                            </dl>
+                            <p>Find more details at <a href="https://docs.powerdns.com/md/" target="_blank">https://docs.powerdns.com/md/</a>
+                            </p>
+                        </div>
+                    </div>
+                </div>
             </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary" onclick="window.location.href='{{ url_for('dashboard.dashboard') }}'">
-                <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-              </button>
-              <button type="button" class="btn btn-danger button_delete float-right">
-                <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
-              </button>
-            </div>
-          </form>
-        </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with removing a domain</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Domain Name</dt>
-              <dd>Select the domain you wish to remove from the system.</dd>
-            </dl>
-            <p>Find more details at <a href="https://docs.powerdns.com/md/">https://docs.powerdns.com/md/</a></p>
-          </div>
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-  // handle delete button
-  $(document.body).on("click", ".button_delete", function(e) {
-    e.stopPropagation();
-    if ( $("#domainid").val() == 0 ){
-      showErrorModal("Please select domain to remove.");
-      return;
-    }
+    <script>
+        // handle delete button
+        $(document.body).on("click", ".button_delete", function (e) {
+            e.stopPropagation();
+            if ($("#domainid").val() == 0) {
+                showErrorModal("Please select domain to remove.");
+                return;
+            }
 
-    var modal = $("#modal_delete");
-    var domain = $("#domainid option:selected").text(); 
-    var info = "Are you sure you want to delete " + domain + "?";
-    modal.find('.modal-body p').text(info);
-    modal.find('#button_delete_confirm').click(function () {
-      $.post($SCRIPT_ROOT + '/domain/remove' , {
-        '_csrf_token': '{{ csrf_token() }}',
-        'domainid': domain,
-        }, function () {
-        window.location.href = '{{ url_for('dashboard.dashboard') }}';
-      });
-      modal.modal('hide');
-    })
-    modal.modal('show');
-    $("#button_delete_cancel").unbind().one('click', function(e) {
-      modal.modal('hide');
-    });
-  });
-</script>
+            var modal = $("#modal_delete");
+            var domain = $("#domainid option:selected").text();
+            var info = "Are you sure you want to delete the zone " + domain + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_delete_confirm').click(function () {
+                $.post($SCRIPT_ROOT + '/domain/remove', {
+                    '_csrf_token': '{{ csrf_token() }}',
+                    'domainid': domain,
+                }, function () {
+                    window.location.href = '{{ url_for('dashboard.dashboard') }}';
+                });
+                modal.modal('hide');
+            })
+            modal.modal('show');
+            $("#button_delete_cancel").unbind().one('click', function (e) {
+                modal.modal('hide');
+            });
+        });
+    </script>
 {% endblock %}
 
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h4 class="modal-title">Confirmation</h4>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary" id="button_delete_cancel" data-dismiss="modal">
-          <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-        </button>
-        <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
-          <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove
-        </button>
-      </div>
+    <div class="modal fade modal-warning" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Zone Removal Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" title="Cancel" class="btn btn-secondary" id="button_delete_cancel"
+                            data-dismiss="modal">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                    </button>
+                    <button type="button" title="Remove Zone" class="btn btn-danger float-right"
+                            id="button_delete_confirm">
+                        <i class="fa-solid fa-trash-alt"></i>&nbsp;Remove Zone
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 {% endblock %}

From fd1bc4afa588590e511e45aad63949950c2e1d95 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 12:46:11 -0500
Subject: [PATCH 226/475] Working on the first-round updates for the domain
 settings management view.

---
 powerdnsadmin/templates/domain_setting.html | 751 +++++++++++---------
 1 file changed, 404 insertions(+), 347 deletions(-)

diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 1d68388d6..baccbff00 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -1,395 +1,452 @@
 {% extends "base.html" %}
+{% block title %}<title>Zone Settings - {{ SITE_NAME }}</title>{% endblock %}
 
-{% block title %}
-  <title>
-    Domain Management - {{ SITE_NAME }}
-  </title>
+{% block dashboard_stat %}
+    {% if status %}
+        {% if status.get('status') == 'ok' %}
+            <div class="alert alert-success">
+                <strong>Success!</strong> {{ status.get('msg') }}
+            </div>
+        {% elif status.get('status') == 'error' %}
+            <div class="alert alert-danger">
+                {% if status.get('msg') != None %}
+                    <strong>Error!</strong>
+                    {{ status.get('msg') }}
+                {% else %}
+                    <strong>Error!</strong>
+                    An undefined error occurred.
+                {% endif %}
+            </div>
+        {% endif %}
+    {% endif %}
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Zone Settings - {{ domain.name | pretty_domain_name }}
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Zone Settings - {{ domain.name | pretty_domain_name }}</li>
+                    </ol>
+                </div>
+            </div>
+        </div>
+    </div>
 {% endblock %}
 
-{% block dashboard_stat %}
+{% block content %}
+    <section class="content">
+        <div class="container-fluid">
 
-{% if status %}
-  {% if status.get('status') == 'ok' %}
-    <div class="alert alert-success">
-      <strong>Success!</strong> {{ status.get('msg') }}
-    </div>
-  {% elif status.get('status') == 'error' %}
-    <div class="alert alert-danger">
-      {% if status.get('msg') != None %}
-        <strong>Error!</strong>
-        {{ status.get('msg') }}
-      {% else %}
-        <strong>Error!</strong>
-        An undefined error occurred.
-      {% endif %}
-    </div>
-  {% endif %}
-{% endif %}
+            <div class="row">
 
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Domain Settings
-          <small>{{ domain.name | pretty_domain_name }}</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          <li class="breadcrumb-item active">Domain Settings: {{ domain.name | pretty_domain_name }}</li>
-        </ol>
-      </div>
-    </div>
-  </div>
-</div>
+                <div class="col-12 col-sm-4">
+                    <form method="post"
+                          action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="card">
+                            <div class="card-header">
+                                <h3 class="card-title">Change Zone Account</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="form-group">
+                                    <label for="selAccountId">Account</label>
+                                    <select id="selAccountId" name="accountid" class="form-control" style="width:15em;">
+                                        <option value="0">- No Account -</option>
+                                        {% for account in accounts %}
+                                            <option value="{{ account.id }}"
+                                                    {% if domain_account.id == account.id %}selected{% endif %}>{{ account.name }}
+                                            </option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                                <!-- /.form-group -->
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="submit" title="Update Account" class="btn btn-flat btn-primary"
+                                        id="change_soa_edit_api">
+                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update account
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
+                </div>
+                <!-- /.col -->
 
-{% endblock %}
+                <div class="col-12 col-sm-4">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Auto PTR creation</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <div class="form-group">
+                                <input type="checkbox" id="chkAutoPtr" class="auto_ptr_toggle"
+                                      {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked
+                                      {% endif %}{% endfor %}
+                                      {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
+                                &nbsp;
+                                <label for="chkAutoPtr">Allow automatic reverse pointer creation on record updates?</label>
+                                {% if SETTING.get('auto_ptr') %}
+                                    <p><code>Auto-ptr is enabled globally on the PDA system!</code></p>
+                                {% endif %}
+                            </div>
+                            <!-- /.form-group -->
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
 
-{% block content %}
-<section class="content">
-    <div class="container-fluid">
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="card-header">
-                        <h3 class="card-title">Domain Access Control</h3>
+                <div class="col-12 col-sm-4">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">DynDNS 2 Settings</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <div class="form-group">
+                                <input type="checkbox" id="chkDynDns" class="dyndns_on_demand_toggle"
+                                      {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked
+                                      {% endif %}{% endfor %}>
+                                &nbsp;
+                                <label for="chkDynDns">Allow on-demand creation of records via DynDNS updates?</label>
+                            </div>
+                            <!-- /.form-group -->
+                        </div>
+                        <!-- /.card-body -->
                     </div>
-                    <div class="card-body">
-                        <div class="row">
-                            <div class="col-2">
-                                <p>Users on the right have access to manage the records in
-                                    the {{ domain.name | pretty_domain_name }} domain.</p>
-                                <p>Click on users to move from between columns.</p>
-                                <p>
-                                    Users in <font style="color: red;">red</font> are Administrators
-                                    and already have access to <b>ALL</b> domains.
-                                </p>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
+
+            </div>
+            <!-- /.row -->
+
+            <div class="row">
+                <div class="col-12 col-sm-4">
+                    <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="card">
+                            <div class="card-header">
+                                <h3 class="card-title">Domain Access Control</h3>
                             </div>
-                            <div class="form-group col-2">
-                                <select multiple="multiple" class="form-control" id="domain_multi_user"
-                                    name="domain_multi_user[]">
-                                    {% for user in users %}
-                                    <option {% if user.id in
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="row">
+                                    <div class="col-12">
+                                        <p>Users on the right have access to manage the records in
+                                            the {{ domain.name | pretty_domain_name }} domain.</p>
+                                        <p>Click on users to move from between columns.</p>
+                                        <p>
+                                            Users in <font style="color: red;">red</font> are Administrators
+                                            and already have access to <b>ALL</b> domains.
+                                        </p>
+                                    </div>
+                                </div>
+                                <!-- /.row -->
+                                <div class="row">
+                                    <div class="col-12">
+                                        <div class="form-group">
+                                            <select multiple="multiple" class="form-control" id="domain_multi_user"
+                                                    name="domain_multi_user[]">
+                                                {% for user in users %}
+                                                    <option {% if user.id in
                                     domain_user_ids %}selected{% endif %} value="{{ user.username }}"
-                                        {% if user.role.name== 'Administrator' %}style="color: red" {% endif %}>{{
-                                    user.username}}</option> {% endfor %}
-                                </select>
+                                                            {% if user.role.name== 'Administrator' %}style="color: red" {% endif %}>{{ user.username }}</option> {% endfor %}
+                                            </select>
+                                        </div>
+                                        <!-- /.form-group -->
+                                    </div>
+                                </div>
+                                <!-- /.row -->
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="submit" title="Save Changes" class="btn btn-primary">
+                                    <i class="fa-solid fa-floppy-disk"></i>
+                                    Save Changes
+                                </button>
                             </div>
+                            <!-- /.card-footer -->
                         </div>
+                        <!-- /.card -->
+                    </form>
+                </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
+
+            <div class="row">
+                <div class="col-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Change Zone Type</h3>
+                        </div>
+                        <!-- /.card-header -->
                         <div class="card-body">
-                            <div class="col-offset-2">
-                                <div class="form-group">
-                                    <button type="submit" class="btn btn-primary">
-                                      <i class="fa-solid fa-check"></i>
-                                      Save
-                                    </button>
+                            <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
+                            <ul>
+                                <li>
+                                    Native - PowerDNS will not perform any replication. Use this if you only have one
+                                    PowerDNS server or you handle replication via your backend.
+                                </li>
+                                <li>
+                                    Primary - This PowerDNS server will serve as the primary and will send zone
+                                    transfers
+                                    (AXFRs) to other servers configured as secondaries.
+                                </li>
+                                <li>
+                                    Secondary - This PowerDNS server will serve as the secondaries and will request and
+                                    receive
+                                    zone transfers (AXFRs) from other servers configured as primaries.
+                                </li>
+                            </ul>
+                            <b>New Domain Type Setting:</b>
+                            <form method="post" action="{{ url_for('domain.change_type', domain_name=domain.name) }}">
+                                <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                <select name="domain_type" class="form-control" style="width:15em;">
+                                    <option selected value="0">- Unchanged -</option>
+                                    <option value="native">Native</option>
+                                    <option value="priamry">Primary</option>
+                                    <option value="secondary">Secondary</option>
+                                </select><br/>
+                                <div class="form-group" style="display: none;" id="domain_primary_address_div">
+                                    <input type="text" class="form-control" name="domain_primary_address"
+                                           id="domain_primary_address"
+                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)">
                                 </div>
-                            </div>
+                                <button type="submit" title="Update Zone Type" class="btn btn-primary" id="change_type">
+                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update Zone Type
+                                </button>
+                            </form>
                         </div>
+                        <!-- /.card-body -->
                     </div>
-                </form>
-            </div>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Account</h3>
+                    <!-- /.card -->
                 </div>
-                <div class="card-body">
-                    <div class="col-12">
-                        <div class="form-group">
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
+
+            <div class="row">
+                <div class="col-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Change SOA-EDIT-API</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change
+                                is made
+                                to the domain.</p>
+                            <ul>
+                                <li>
+                                    DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
+                                    the
+                                    generated serial, use the generated serial. If the current serial is higher or equal
+                                    to the
+                                    generated serial, increase the current serial by 1.
+                                </li>
+                                <li>
+                                    INCREASE - Increase the current serial by 1.
+                                </li>
+                                <li>
+                                    EPOCH - Change the serial to the number of seconds since the EPOCH, aka unixtime.
+                                </li>
+                                <li>
+                                    OFF - Disable automatic updates of the SOA serial.
+                                </li>
+                            </ul>
+                            <b>New SOA-EDIT-API Setting:</b>
                             <form method="post"
-                                action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
+                                  action="{{ url_for('domain.change_soa_edit_api', domain_name=domain.name) }}">
                                 <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                <select name="accountid" class="form-control" style="width:15em;">
-                                    <option value="0">- No Account -</option>
-                                    {% for account in accounts %}
-                                    <option value="{{ account.id }}"
-                                        {% if domain_account.id == account.id %}selected{% endif %}>{{ account.name }}
-                                    </option>
-                                    {% endfor %}
-                                </select><br />
-                                <button type="submit" class="btn btn-flat btn-primary" id="change_soa_edit_api">
-                                    <i class="fa-solid fa-check"></i>&nbsp;Change account for {{ domain.name | pretty_domain_name }}
+                                <select name="soa_edit_api" class="form-control" style="width:15em;">
+                                    <option selected value="0">- Unchanged -</option>
+                                    <option>DEFAULT</option>
+                                    <option>INCREASE</option>
+                                    <option>EPOCH</option>
+                                    <option>OFF</option>
+                                </select><br/>
+                                <button type="submit" title="Update SOA-EDIT-API" class="btn btn-primary" id="change_soa_edit_api">
+                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update SOA-EDIT-API
                                 </button>
                             </form>
                         </div>
+                        <!-- /.card-body -->
                     </div>
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
             </div>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Auto PTR creation</h3>
-                </div>
-                <div class="card-body">
-                    <p><input type="checkbox" id="{{ domain.name }}" class="auto_ptr_toggle"
-                            {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked{% endif %}{% endfor %}
-                            {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
-                        &nbsp;Allow automatic reverse pointer creation on record updates?
-                         {% if SETTING.get('auto_ptr') %}
-                             <br/><code>Auto-ptr is enabled globally on the PDA system!</code>
-                         {% endif %}
-                    </p>
-                </div>
-            </div>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">DynDNS 2 Settings</h3>
-                </div>
-                <div class="card-body">
-                    <p><input type="checkbox" id="{{ domain.name }}" class="dyndns_on_demand_toggle"
-                            {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked{% endif %}{% endfor %}>
-                        &nbsp;Allow on-demand creation of records via DynDNS updates?</p>
-                </div>
-            </div>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Change Type</h3>
-                </div>
-                <div class="card-body">
-                    <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
-                    <ul>
-                        <li>
-                            Native - PowerDNS will not perform any replication. Use this if you only have one
-                            PowerDNS server or you handle replication via your backend.
-                        </li>
-                        <li>
-                            Primary - This PowerDNS server will serve as the primary and will send zone transfers
-                            (AXFRs) to other servers configured as secondaries.
-                        </li>
-                        <li>
-                            Secondary - This PowerDNS server will serve as the secondaries and will request and receive
-                            zone transfers (AXFRs) from other servers configured as primaries.
-                        </li>
-                    </ul>
-                    <b>New Domain Type Setting:</b>
-                    <form method="post" action="{{ url_for('domain.change_type', domain_name=domain.name) }}">
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <select name="domain_type" class="form-control" style="width:15em;">
-                            <option selected value="0">- Unchanged -</option>
-                            <option value="native">Native</option>
-                            <option value="priamry">Primary</option>
-                            <option value="secondary">Secondary</option>
-                        </select><br />
-                        <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                            <input type="text" class="form-control" name="domain_primary_address"
-                                id="domain_primary_address"
-                                placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+            <!-- /.row -->
+
+            <div class="row">
+                <div class="col-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Remove Zone</h3>
                         </div>
-                        <button type="submit" class="btn btn-primary" id="change_type">
-                            <i class="fa-solid fa-check"></i>&nbsp;Change type for {{ domain.name | pretty_domain_name }}
-                        </button>
-                    </form>
-                </div>
-            </div>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Change SOA-EDIT-API</h3>
-                </div>
-                <div class="card-body">
-                    <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change is made
-                        to the domain.</p>
-                    <ul>
-                        <li>
-                            DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than the
-                            generated serial, use the generated serial. If the current serial is higher or equal to the
-                            generated serial, increase the current serial by 1.
-                        </li>
-                        <li>
-                            INCREASE - Increase the current serial by 1.
-                        </li>
-                        <li>
-                            EPOCH - Change the serial to the number of seconds since the EPOCH, aka unixtime.
-                        </li>
-                        <li>
-                            OFF - Disable automatic updates of the SOA serial.
-                        </li>
-                    </ul>
-                    <b>New SOA-EDIT-API Setting:</b>
-                    <form method="post" action="{{ url_for('domain.change_soa_edit_api', domain_name=domain.name) }}">
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <select name="soa_edit_api" class="form-control" style="width:15em;">
-                            <option selected value="0">- Unchanged -</option>
-                            <option>DEFAULT</option>
-                            <option>INCREASE</option>
-                            <option>EPOCH</option>
-                            <option>OFF</option>
-                        </select><br />
-                        <button type="submit" class="btn btn-primary" id="change_soa_edit_api">
-                            <i class="fa-solid fa-check"></i>&nbsp;Change SOA-EDIT-API setting for {{ domain.name | pretty_domain_name }}
-                        </button>
-                    </form>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All
+                                records and
+                                user privileges associated with this domain will also be removed. This change cannot be
+                                reverted.</p>
+                            <button type="button" title="Delete Zone" class="btn btn-danger float-left delete_domain"
+                                    id="{{ domain.name }}">
+                                <i class="fa-solid fa-trash"></i>&nbsp;Delete Zone
+                            </button>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
             </div>
+            <!-- /.row -->
         </div>
-    </div>
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Domain Deletion</h3>
-                </div>
-                <div class="card-body">
-                    <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All records and
-                        user privileges associated with this domain will also be removed. This change cannot be
-                        reverted.</p>
-                    <button type="button" class="btn btn-danger float-left delete_domain"
-                        id="{{ domain.name }}">
-                        <i class="fa-solid fa-trash"></i>&nbsp;DELETE DOMAIN {{ domain.name | pretty_domain_name }}
-                    </button>
-                </div>
-            </div>
+        <!-- /.container-fluid -->
         </div>
-    </div>
-    </div>
-</section>
+        <!-- /.content -->
+    </section>
 {% endblock %}
-{% block extrascripts %}
-<script>
-    //initialize pretty checkboxes
-    $('.dyndns_on_demand_toggle').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        increaseArea: '20%' // optional
-    });
-    $('.auto_ptr_toggle').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        increaseArea: '20%' // optional
-    });
 
-    $("#domain_multi_user").multiSelect({
-        selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
-        afterInit: function (ms) {
-            var that = this,
-                $selectableSearch = that.$selectableUl.prev(),
-                $selectionSearch = that.$selectionUl.prev(),
-                selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+{% block extrascripts %}
+    <script>
+        //initialize pretty checkboxes
+        $('.dyndns_on_demand_toggle').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%' // optional
+        });
+        $('.auto_ptr_toggle').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%' // optional
+        });
 
-            that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                .on('keydown', function (e) {
-                    if (e.which === 40) {
-                        that.$selectableUl.focus();
-                        return false;
-                    }
-                });
+        $("#domain_multi_user").multiSelect({
+            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
+            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Username'>",
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                .on('keydown', function (e) {
-                    if (e.which == 40) {
-                        that.$selectionUl.focus();
-                        return false;
-                    }
-                });
-        },
-        afterSelect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        },
-        afterDeselect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        }
-    });
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-    //handle checkbox toggling
-    $('.dyndns_on_demand_toggle').on('ifToggled', function (event) {
-        var is_checked = $(this).prop('checked');
-        var domain = $(this).prop('id');
-        postdata = {
-            'action': 'set_setting',
-            'data': {
-                'setting': 'create_via_dyndns',
-                'value': is_checked
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
             },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
-    });
-    $('.auto_ptr_toggle').on('ifToggled', function (event) {
-        var is_checked = $(this).prop('checked');
-        var domain = $(this).prop('id');
-        postdata = {
-            'action': 'set_setting',
-            'data': {
-                'setting': 'auto_ptr',
-                'value': is_checked
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
             },
-            '_csrf_token': '{{ csrf_token() }}'
-        };
-        applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
-    });
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            }
+        });
 
-    // handle deletion of domain
-    $(document.body).on('click', '.delete_domain', function () {
-        var modal = $("#modal_delete_domain");
-        var domain = $(this).prop('id');
-        var info = "Are you sure you want to delete " + domain + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            $.post($SCRIPT_ROOT + '/domain/setting/' + domain + '/delete', {
+        //handle checkbox toggling
+        $('.dyndns_on_demand_toggle').on('ifToggled', function (event) {
+            var is_checked = $(this).prop('checked');
+            var domain = $(this).prop('id');
+            postdata = {
+                'action': 'set_setting',
+                'data': {
+                    'setting': 'create_via_dyndns',
+                    'value': is_checked
+                },
+                '_csrf_token': '{{ csrf_token() }}'
+            };
+            applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
+        });
+        $('.auto_ptr_toggle').on('ifToggled', function (event) {
+            var is_checked = $(this).prop('checked');
+            var domain = $(this).prop('id');
+            postdata = {
+                'action': 'set_setting',
+                'data': {
+                    'setting': 'auto_ptr',
+                    'value': is_checked
+                },
                 '_csrf_token': '{{ csrf_token() }}'
-            }, function () {
-                window.location.href = '{{ url_for('dashboard.dashboard') }}';
-            });
-            modal.modal('hide');
-        })
-        modal.modal('show');
-    });
+            };
+            applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
+        });
 
-    // domain primary address input handeling
-    $("select[name=domain_type]").change(function () {
-        var type = $(this).val();
-        if (type == "secondary") {
-            $("#domain_primary_address_div").show();
-        } else {
-            $("#domain_primary_address_div").hide();
-        }
-    });
+        // handle deletion of domain
+        $(document.body).on('click', '.delete_domain', function () {
+            var modal = $("#modal_delete_domain");
+            var domain = $(this).prop('id');
+            var info = "Are you sure you want to delete " + domain + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_delete_confirm').click(function () {
+                $.post($SCRIPT_ROOT + '/domain/setting/' + domain + '/delete', {
+                    '_csrf_token': '{{ csrf_token() }}'
+                }, function () {
+                    window.location.href = '{{ url_for('dashboard.dashboard') }}';
+                });
+                modal.modal('hide');
+            })
+            modal.modal('show');
+        });
+
+        // domain primary address input handeling
+        $("select[name=domain_type]").change(function () {
+            var type = $(this).val();
+            if (type == "secondary") {
+                $("#domain_primary_address_div").show();
+            } else {
+                $("#domain_primary_address_div").hide();
+            }
+        });
 
-</script>
+    </script>
 {% endblock %}
 {% block modals %}
-<div class="modal fade" id="modal_delete_domain">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                  <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">
-                    Delete</button>
+    <div class="modal fade" id="modal_delete_domain">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">Close</button>
+                    <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                        Delete
+                    </button>
+                </div>
             </div>
         </div>
     </div>
-</div>
 {% endblock %}

From 55e4f5f829a24f4ba8916dc0e175d8afaa609541 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 13:19:26 -0500
Subject: [PATCH 227/475] Working on the first-round updates for the domain
 settings management view.

Tweaked sidebar navigation to reflect the latest terminology use in associated views.
---
 powerdnsadmin/templates/base.html           |  2 +-
 powerdnsadmin/templates/domain_add.html     |  2 +-
 powerdnsadmin/templates/domain_setting.html | 13 +++++++------
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 4712feef2..b3ff92c44 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -101,7 +101,7 @@
                         <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
                             <a href="{{ url_for('domain.add') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-plus"></i>
-                                <p>New Zone</p>
+                                <p>Create Zone</p>
                             </a>
                         </li>
                     {% endif %}
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index f1191442c..6d2be084b 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -8,7 +8,7 @@
             <div class="row mb-2">
                 <div class="col-sm-6">
                     <h1 class="m-0 text-dark">
-                        Create New Zone
+                        Create Zone
                     </h1>
                 </div>
                 <div class="col-sm-6">
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index baccbff00..50bda9564 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -1,5 +1,5 @@
 {% extends "base.html" %}
-{% block title %}<title>Zone Settings - {{ SITE_NAME }}</title>{% endblock %}
+{% block title %}<title>Edit Zone - {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
     {% if status %}
@@ -24,13 +24,13 @@
             <div class="row mb-2">
                 <div class="col-sm-6">
                     <h1 class="m-0 text-dark">
-                        Zone Settings - {{ domain.name | pretty_domain_name }}
+                        Edit Zone - {{ domain.name | pretty_domain_name }}
                     </h1>
                 </div>
                 <div class="col-sm-6">
                     <ol class="breadcrumb float-sm-right">
                         <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-                        <li class="breadcrumb-item active">Zone Settings - {{ domain.name | pretty_domain_name }}</li>
+                        <li class="breadcrumb-item active">Edit Zone - {{ domain.name | pretty_domain_name }}</li>
                     </ol>
                 </div>
             </div>
@@ -69,9 +69,9 @@ <h3 class="card-title">Change Zone Account</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-footer">
-                                <button type="submit" title="Update Account" class="btn btn-flat btn-primary"
+                                <button type="submit" title="Update Account" class="btn btn-primary"
                                         id="change_soa_edit_api">
-                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update account
+                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update Account
                                 </button>
                             </div>
                             <!-- /.card-footer -->
@@ -138,7 +138,7 @@ <h3 class="card-title">DynDNS 2 Settings</h3>
                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                         <div class="card">
                             <div class="card-header">
-                                <h3 class="card-title">Domain Access Control</h3>
+                                <h3 class="card-title">Zone Access Control</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body">
@@ -427,6 +427,7 @@ <h3 class="card-title">Remove Zone</h3>
 
     </script>
 {% endblock %}
+
 {% block modals %}
     <div class="modal fade" id="modal_delete_domain">
         <div class="modal-dialog">

From 65bfc53acb25c74053695bc5d98b141b04cf99a1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 15:04:30 -0500
Subject: [PATCH 228/475] Split the server statistics and configuration feature
 into separate pages.

---
 powerdnsadmin/routes/admin.py                 | 1049 +++++++++--------
 powerdnsadmin/templates/admin_pdns_stats.html |  127 --
 .../templates/admin_server_configuration.html |   84 ++
 .../templates/admin_server_statistics.html    |   82 ++
 powerdnsadmin/templates/base.html             |   14 +-
 5 files changed, 728 insertions(+), 628 deletions(-)
 delete mode 100644 powerdnsadmin/templates/admin_pdns_stats.html
 create mode 100644 powerdnsadmin/templates/admin_server_configuration.html
 create mode 100644 powerdnsadmin/templates/admin_server_statistics.html

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 98f4ef9e2..5a90e107f 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -4,7 +4,8 @@
 import re
 from base64 import b64encode
 from ast import literal_eval
-from flask import Blueprint, render_template, render_template_string, make_response, url_for, current_app, request, redirect, jsonify, abort, flash, session
+from flask import Blueprint, render_template, render_template_string, make_response, url_for, current_app, request, \
+    redirect, jsonify, abort, flash, session
 from flask_login import login_required, current_user
 
 from ..decorators import operator_role_required, admin_role_required, history_access_required
@@ -44,6 +45,8 @@
 Note: A change in "content", is considered a deletion and recreation of the same record,
 holding the new content value.
 """
+
+
 def get_record_changes(del_rrset, add_rrset):
     changeSet = []
     delSet = del_rrset['records'] if 'records' in del_rrset else []
@@ -54,15 +57,15 @@ def get_record_changes(del_rrset, add_rrset):
             if d['content'] == a['content']:
                 exists = True
                 if d['disabled'] != a['disabled']:
-                    changeSet.append( ({"disabled":d['disabled'],"content":d['content']},
-                                    {"disabled":a['disabled'],"content":a['content']},
-                                    "status") )
+                    changeSet.append(({"disabled": d['disabled'], "content": d['content']},
+                                      {"disabled": a['disabled'], "content": a['content']},
+                                      "status"))
                 break
 
-        if not exists: # deletion
-            changeSet.append( ({"disabled":d['disabled'],"content":d['content']},
-                            None,
-                            "deletion") )
+        if not exists:  # deletion
+            changeSet.append(({"disabled": d['disabled'], "content": d['content']},
+                              None,
+                              "deletion"))
 
     for a in addSet:  # get the additions
         exists = False
@@ -72,36 +75,36 @@ def get_record_changes(del_rrset, add_rrset):
                 # already checked for status change
                 break
         if not exists:
-            changeSet.append( (None, {"disabled":a['disabled'], "content":a['content']}, "addition") )
+            changeSet.append((None, {"disabled": a['disabled'], "content": a['content']}, "addition"))
             continue
 
     for a in addSet:  # get the unchanged
         exists = False
         for c in changeSet:
-            if c[1] != None and  c[1]["content"] == a['content']:
+            if c[1] != None and c[1]["content"] == a['content']:
                 exists = True
                 break
         if not exists:
-            changeSet.append( ( {"disabled":a['disabled'], "content":a['content']}, {"disabled":a['disabled'], "content":a['content']}, "unchanged") )
+            changeSet.append(({"disabled": a['disabled'], "content": a['content']},
+                              {"disabled": a['disabled'], "content": a['content']}, "unchanged"))
 
     return changeSet
 
+
 # out_changes is a list of  HistoryRecordEntry objects in which we will append the new changes
 # a HistoryRecordEntry represents a pair of add_rrset and del_rrset
 def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_num, record_name=None, record_type=None):
-
     if history_entry.detail is None:
         return
 
     if "add_rrsets" in history_entry.detail:
         detail_dict = json.loads(history_entry.detail)
-    else: # not a record entry
+    else:  # not a record entry
         return
 
     add_rrsets = detail_dict['add_rrsets']
     del_rrsets = detail_dict['del_rrsets']
 
-
     for add_rrset in add_rrsets:
         exists = False
         for del_rrset in del_rrsets:
@@ -114,7 +117,8 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
         if not exists:  # this is a new record
             if change_num not in out_changes:
                 out_changes[change_num] = []
-            out_changes[change_num].append(HistoryRecordEntry(history_entry, [], add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
+            out_changes[change_num].append(
+                HistoryRecordEntry(history_entry, [], add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
     for del_rrset in del_rrsets:
         exists = False
         for add_rrset in add_rrsets:
@@ -126,23 +130,23 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
                 out_changes[change_num] = []
             out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, [], "-"))
 
-
     # only used for changelog per record
-    if record_name != None and record_type != None: # then get only the records with the specific (record_name, record_type) tuple
+    if record_name != None and record_type != None:  # then get only the records with the specific (record_name, record_type) tuple
         if change_num in out_changes:
             changes_i = out_changes[change_num]
         else:
             return
-        for hre in changes_i: # for each history record entry in changes_i
-            if 'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset['type'] == record_type:
+        for hre in changes_i:  # for each history record entry in changes_i
+            if 'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset[
+                'type'] == record_type:
                 continue
-            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset['type'] == record_type:
+            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset[
+                'type'] == record_type:
                 continue
             else:
                 out_changes[change_num].remove(hre)
 
 
-
 # records with same (name,type) are considered as a single HistoryRecordEntry
 # history_entry is of type History - used to extract created_by and created_on
 # add_rrset is a dictionary of replace
@@ -155,16 +159,15 @@ def __init__(self, history_entry, del_rrset, add_rrset, change_type):
         self.add_rrset = add_rrset
         self.del_rrset = del_rrset
         self.change_type = change_type  # "*": edit or unchanged, "+" new tuple(name,type), "-" deleted (name,type) tuple
-        self.changed_fields = []   # contains a subset of : [ttl, name, type]
-        self.changeSet = []   # all changes for the records of this add_rrset-del_rrset pair
-
+        self.changed_fields = []  # contains a subset of : [ttl, name, type]
+        self.changeSet = []  # all changes for the records of this add_rrset-del_rrset pair
 
-        if change_type == "+": # addition
+        if change_type == "+":  # addition
             self.changed_fields.append("name")
             self.changed_fields.append("type")
             self.changed_fields.append("ttl")
             self.changeSet = get_record_changes(del_rrset, add_rrset)
-        elif change_type == "-": # removal
+        elif change_type == "-":  # removal
             self.changed_fields.append("name")
             self.changed_fields.append("type")
             self.changed_fields.append("ttl")
@@ -175,22 +178,21 @@ def __init__(self, history_entry, del_rrset, add_rrset, change_type):
                 self.changed_fields.append("ttl")
             self.changeSet = get_record_changes(del_rrset, add_rrset)
 
-
-
     def toDict(self):
         return {
-            "add_rrset" : self.add_rrset,
-            "del_rrset" : self.del_rrset,
-            "changed_fields" : self.changed_fields,
-            "created_on" : self.history_entry.created_on,
-            "created_by" : self.history_entry.created_by,
-            "change_type" : self.change_type,
-            "changeSet" : self.changeSet
+            "add_rrset": self.add_rrset,
+            "del_rrset": self.del_rrset,
+            "changed_fields": self.changed_fields,
+            "created_on": self.history_entry.created_on,
+            "created_by": self.history_entry.created_by,
+            "change_type": self.change_type,
+            "changeSet": self.changeSet
         }
 
-    def __eq__(self, obj2): # used for removal of objects from a list
+    def __eq__(self, obj2):  # used for removal of objects from a list
         return True if obj2.toDict() == self.toDict() else False
 
+
 @admin_bp.before_request
 def before_request():
     # Manage session timeout
@@ -198,15 +200,14 @@ def before_request():
     # current_app.permanent_session_lifetime = datetime.timedelta(
     #     minutes=int(Setting().get('session_timeout')))
     current_app.permanent_session_lifetime = datetime.timedelta(
-    minutes=int(Setting().get('session_timeout')))
+        minutes=int(Setting().get('session_timeout')))
     session.modified = True
 
 
-
-@admin_bp.route('/pdns', methods=['GET'])
+@admin_bp.route('/server/statistics', methods=['GET'])
 @login_required
 @operator_role_required
-def pdns_stats():
+def server_statistics():
     if not Setting().get('pdns_api_url') or not Setting().get(
             'pdns_api_key') or not Setting().get('pdns_version'):
         return redirect(url_for('admin.setting_pdns'))
@@ -215,7 +216,6 @@ def pdns_stats():
     users = User.query.all()
 
     server = Server(server_id='localhost')
-    configs = server.get_config()
     statistics = server.get_statistic()
     history_number = History.query.count()
 
@@ -226,15 +226,36 @@ def pdns_stats():
     else:
         uptime = 0
 
-    return render_template('admin_pdns_stats.html',
+    return render_template('admin_server_statistics.html',
                            domains=domains,
                            users=users,
-                           configs=configs,
                            statistics=statistics,
                            uptime=uptime,
                            history_number=history_number)
 
 
+@admin_bp.route('/server/configuration', methods=['GET'])
+@login_required
+@operator_role_required
+def server_configuration():
+    if not Setting().get('pdns_api_url') or not Setting().get(
+            'pdns_api_key') or not Setting().get('pdns_version'):
+        return redirect(url_for('admin.setting_pdns'))
+
+    domains = Domain.query.all()
+    users = User.query.all()
+
+    server = Server(server_id='localhost')
+    configs = server.get_config()
+    history_number = History.query.count()
+
+    return render_template('admin_server_configuration.html',
+                           domains=domains,
+                           users=users,
+                           configs=configs,
+                           history_number=history_number)
+
+
 @admin_bp.route('/user/edit/<user_username>', methods=['GET', 'POST'])
 @admin_bp.route('/user/edit', methods=['GET', 'POST'])
 @login_required
@@ -296,6 +317,7 @@ def edit_user(user_username=None):
                                create=create,
                                error=result['msg'])
 
+
 @admin_bp.route('/key/edit/<key_id>', methods=['GET', 'POST'])
 @admin_bp.route('/key/edit', methods=['GET', 'POST'])
 @login_required
@@ -350,26 +372,26 @@ def edit_key(key_id=None):
 
             plain_key = apikey_plain_schema.dump([apikey])[0]["plain_key"]
             plain_key = b64encode(plain_key.encode('utf-8')).decode('utf-8')
-            history_message =  "Created API key {0}".format(apikey.id)
+            history_message = "Created API key {0}".format(apikey.id)
 
         # Update existing apikey
         else:
             try:
                 if role != "User":
                     domain_list, account_list = [], []
-                apikey.update(role,description,domain_list, account_list)
-                history_message =  "Updated API key {0}".format(apikey.id)
+                apikey.update(role, description, domain_list, account_list)
+                history_message = "Updated API key {0}".format(apikey.id)
             except Exception as e:
                 current_app.logger.error('Error: {0}'.format(e))
 
         history = History(msg=history_message,
-                          detail = json.dumps({
-                                'key': apikey.id,
-                                'role': apikey.role.name,
-                                'description': apikey.description,
-                                'domains': [domain.name for domain in apikey.domains],
-                                'accounts': [a.name for a in apikey.accounts]
-                            }),
+                          detail=json.dumps({
+                              'key': apikey.id,
+                              'role': apikey.role.name,
+                              'description': apikey.description,
+                              'domains': [domain.name for domain in apikey.domains],
+                              'accounts': [a.name for a in apikey.accounts]
+                          }),
                           created_by=current_user.username)
         history.add()
 
@@ -381,6 +403,7 @@ def edit_key(key_id=None):
                                create=create,
                                plain_key=plain_key)
 
+
 @admin_bp.route('/manage-keys', methods=['GET', 'POST'])
 @login_required
 @operator_role_required
@@ -393,7 +416,7 @@ def manage_keys():
             abort(500)
 
         return render_template('admin_manage_keys.html',
-                                keys=apikeys)
+                               keys=apikeys)
 
     elif request.method == 'POST':
         jdata = request.json
@@ -404,7 +427,7 @@ def manage_keys():
                 history_apikey_id = apikey.id
                 history_apikey_role = apikey.role.name
                 history_apikey_description = apikey.description
-                history_apikey_domains = [ domain.name for domain in apikey.domains]
+                history_apikey_domains = [domain.name for domain in apikey.domains]
 
                 apikey.delete()
             except Exception as e:
@@ -412,20 +435,21 @@ def manage_keys():
 
             current_app.logger.info('Delete API key {0}'.format(apikey.id))
             history = History(msg='Delete API key {0}'.format(apikey.id),
-                              detail = json.dumps({
-                                    'key': history_apikey_id,
-                                    'role': history_apikey_role,
-                                    'description': history_apikey_description,
-                                    'domains': history_apikey_domains
-                                }),
+                              detail=json.dumps({
+                                  'key': history_apikey_id,
+                                  'role': history_apikey_role,
+                                  'description': history_apikey_description,
+                                  'domains': history_apikey_domains
+                              }),
                               created_by=current_user.username)
             history.add()
 
             return make_response(
-                        jsonify({
-                            'status': 'ok',
-                            'msg': 'Key has been removed.'
-                        }), 200)
+                jsonify({
+                    'status': 'ok',
+                    'msg': 'Key has been removed.'
+                }), 200)
+
 
 @admin_bp.route('/manage-user', methods=['GET', 'POST'])
 @login_required
@@ -459,17 +483,17 @@ def manage_user():
                     return make_response(
                         jsonify({
                             'status':
-                            'ok',
+                                'ok',
                             'msg':
-                            'Two factor authentication has been disabled for user.'
+                                'Two factor authentication has been disabled for user.'
                         }), 200)
                 else:
                     return make_response(
                         jsonify({
                             'status':
-                            'error',
+                                'error',
                             'msg':
-                            'Cannot disable two factor authentication for user.'
+                                'Cannot disable two factor authentication for user.'
                         }), 500)
 
             elif jdata['action'] == 'delete_user':
@@ -549,18 +573,18 @@ def manage_user():
                     return make_response(
                         jsonify({
                             'status':
-                            'error',
+                                'error',
                             'msg':
-                            'You do not have permission to change Administrator users role.'
+                                'You do not have permission to change Administrator users role.'
                         }), 400)
 
                 if role_name == 'Administrator' and current_user.role.name != 'Administrator':
                     return make_response(
                         jsonify({
                             'status':
-                            'error',
+                                'error',
                             'msg':
-                            'You do not have permission to promote a user to Administrator role.'
+                                'You do not have permission to promote a user to Administrator role.'
                         }), 400)
 
                 user = User(username=username)
@@ -580,10 +604,10 @@ def manage_user():
                     return make_response(
                         jsonify({
                             'status':
-                            'error',
+                                'error',
                             'msg':
-                            'Cannot change user role. {0}'.format(
-                                result['msg'])
+                                'Cannot change user role. {0}'.format(
+                                    result['msg'])
                         }), 500)
             else:
                 return make_response(
@@ -598,9 +622,9 @@ def manage_user():
             return make_response(
                 jsonify({
                     'status':
-                    'error',
+                        'error',
                     'msg':
-                    'There is something wrong, please contact Administrator.'
+                        'There is something wrong, please contact Administrator.'
                 }), 400)
 
 
@@ -693,7 +717,7 @@ def edit_account(account_name=None):
                     Domain.name == domain_name).first()
                 if account.id != domain.account_id:
                     Domain(name=domain_name).assoc_account(account.id)
-            
+
             for domain in old_domains:
                 if domain.name not in new_domain_list:
                     Domain(name=domain.name).assoc_account(None)
@@ -774,9 +798,9 @@ def manage_account():
             return make_response(
                 jsonify({
                     'status':
-                    'error',
+                        'error',
                     'msg':
-                    'There is something wrong, please contact Administrator.'
+                        'There is something wrong, please contact Administrator.'
                 }), 400)
 
 
@@ -799,10 +823,12 @@ def __init__(self, history, change_set):
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
-                domaintype=detail_dict['domain_type'],
-                account=Account.get_name_by_id(self=None, account_id=detail_dict['account_id']) if detail_dict['account_id'] != "0" else "None")
+                                                       domaintype=detail_dict['domain_type'],
+                                                       account=Account.get_name_by_id(self=None, account_id=detail_dict[
+                                                           'account_id']) if detail_dict[
+                                                                                 'account_id'] != "0" else "None")
 
-        elif 'authenticator' in detail_dict: # this is a user authentication
+        elif 'authenticator' in detail_dict:  # this is a user authentication
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped"">
                     <tbody>
@@ -825,28 +851,31 @@ def __init__(self, history, change_set):
                     </tbody>
                 </table>
                 """,
-                background_rgba="68,157,68" if detail_dict['success'] == 1 else "201,48,44",
-                username=detail_dict['username'],
-                auth_result="success" if detail_dict['success'] == 1 else "failure",
-                authenticator=detail_dict['authenticator'],
-                ip_address=detail_dict['ip_address'])
-
-        elif 'add_rrsets' in detail_dict: # this is a domain record change
+                                                       background_rgba="68,157,68" if detail_dict[
+                                                                                          'success'] == 1 else "201,48,44",
+                                                       username=detail_dict['username'],
+                                                       auth_result="success" if detail_dict[
+                                                                                    'success'] == 1 else "failure",
+                                                       authenticator=detail_dict['authenticator'],
+                                                       ip_address=detail_dict['ip_address'])
+
+        elif 'add_rrsets' in detail_dict:  # this is a domain record change
             # changes_set = []
             self.detailed_msg = ""
             # extract_changelogs_from_a_history_entry(changes_set, history, 0)
 
-        elif 'name' in detail_dict and 'template' in history.msg: # template creation / deletion
+        elif 'name' in detail_dict and 'template' in history.msg:  # template creation / deletion
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
                     <tr><td>Template name:</td><td>{{ template_name }}</td></tr>
                     <tr><td>Description:</td><td>{{ description }}</td></tr>
                 </table>
                 """,
-                template_name=DetailedHistory.get_key_val(detail_dict, "name"),
-                description=DetailedHistory.get_key_val(detail_dict, "description"))
+                                                       template_name=DetailedHistory.get_key_val(detail_dict, "name"),
+                                                       description=DetailedHistory.get_key_val(detail_dict,
+                                                                                               "description"))
 
-        elif 'Change domain' in history.msg and 'access control' in history.msg: # added or removed a user from a domain
+        elif 'Change domain' in history.msg and 'access control' in history.msg:  # added or removed a user from a domain
             users_with_access = DetailedHistory.get_key_val(detail_dict, "user_has_access")
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
@@ -854,7 +883,7 @@ def __init__(self, history, change_set):
                     <tr><td>Number of users:</td><td>{{ users_with_access | length }}</td><tr>
                 </table>
                 """,
-                users_with_access=users_with_access)
+                                                       users_with_access=users_with_access)
 
         elif 'Created API key' in history.msg or 'Updated API key' in history.msg:
             self.detailed_msg = render_template_string("""
@@ -866,11 +895,14 @@ def __init__(self, history, change_set):
                     <tr><td>Accessible accounts with this API key:</td><td>{{ linked_accounts }}</td></tr>
                 </table>
                 """,
-                keyname=DetailedHistory.get_key_val(detail_dict, "key"),
-                rolename=DetailedHistory.get_key_val(detail_dict, "role"),
-                description=DetailedHistory.get_key_val(detail_dict, "description"),
-                linked_domains=DetailedHistory.get_key_val(detail_dict, "domains" if "domains" in detail_dict else "domain_acl"),
-                linked_accounts=DetailedHistory.get_key_val(detail_dict, "accounts"))
+                                                       keyname=DetailedHistory.get_key_val(detail_dict, "key"),
+                                                       rolename=DetailedHistory.get_key_val(detail_dict, "role"),
+                                                       description=DetailedHistory.get_key_val(detail_dict,
+                                                                                               "description"),
+                                                       linked_domains=DetailedHistory.get_key_val(detail_dict,
+                                                                                                  "domains" if "domains" in detail_dict else "domain_acl"),
+                                                       linked_accounts=DetailedHistory.get_key_val(detail_dict,
+                                                                                                   "accounts"))
 
         elif 'Delete API key' in history.msg:
             self.detailed_msg = render_template_string("""
@@ -881,10 +913,12 @@ def __init__(self, history, change_set):
                     <tr><td>Accessible domains with this API key:</td><td>{{ linked_domains }}</td></tr>
                 </table>
                 """,
-                keyname=DetailedHistory.get_key_val(detail_dict, "key"),
-                rolename=DetailedHistory.get_key_val(detail_dict, "role"),
-                description=DetailedHistory.get_key_val(detail_dict, "description"),
-                linked_domains=DetailedHistory.get_key_val(detail_dict, "domains"))
+                                                       keyname=DetailedHistory.get_key_val(detail_dict, "key"),
+                                                       rolename=DetailedHistory.get_key_val(detail_dict, "role"),
+                                                       description=DetailedHistory.get_key_val(detail_dict,
+                                                                                               "description"),
+                                                       linked_domains=DetailedHistory.get_key_val(detail_dict,
+                                                                                                  "domains"))
 
         elif 'Update type for domain' in history.msg:
             self.detailed_msg = render_template_string("""
@@ -894,9 +928,9 @@ def __init__(self, history, change_set):
                     <tr><td>Masters:</td><td>{{ masters }}</td></tr>
                 </table>
                 """,
-                domain=DetailedHistory.get_key_val(detail_dict, "domain"),
-                domain_type=DetailedHistory.get_key_val(detail_dict, "type"),
-                masters=DetailedHistory.get_key_val(detail_dict, "masters"))
+                                                       domain=DetailedHistory.get_key_val(detail_dict, "domain"),
+                                                       domain_type=DetailedHistory.get_key_val(detail_dict, "type"),
+                                                       masters=DetailedHistory.get_key_val(detail_dict, "masters"))
 
         elif 'reverse' in history.msg:
             self.detailed_msg = render_template_string("""
@@ -905,8 +939,10 @@ def __init__(self, history, change_set):
                     <tr><td>Domain Master IPs:</td><td>{{ domain_master_ips }}</td></tr>
                 </table>
                 """,
-                domain_type=DetailedHistory.get_key_val(detail_dict, "domain_type"),
-                domain_master_ips=DetailedHistory.get_key_val(detail_dict, "domain_master_ips"))
+                                                       domain_type=DetailedHistory.get_key_val(detail_dict,
+                                                                                               "domain_type"),
+                                                       domain_master_ips=DetailedHistory.get_key_val(detail_dict,
+                                                                                                     "domain_master_ips"))
 
         elif DetailedHistory.get_key_val(detail_dict, 'msg') and DetailedHistory.get_key_val(detail_dict, 'status'):
             self.detailed_msg = render_template_string('''
@@ -915,18 +951,21 @@ def __init__(self, history, change_set):
                     <tr><td>Message:</td><td>{{ history_msg }}</td></tr>
                 </table>
                 ''',
-                history_status=DetailedHistory.get_key_val(detail_dict, 'status'),
-                history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
-        
-        elif 'Update domain' in history.msg and 'associate account' in history.msg: # When an account gets associated or dissociate with domains
+                                                       history_status=DetailedHistory.get_key_val(detail_dict,
+                                                                                                  'status'),
+                                                       history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
+
+        elif 'Update domain' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with domains
             self.detailed_msg = render_template_string('''
                 <table class="table table-bordered table-striped">
                     <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
                     <tr><td>Dissociate:</td><td>{{ history_dissoc_account }}</td></tr>
                 </table>
                 ''',
-                history_assoc_account=DetailedHistory.get_key_val(detail_dict, 'assoc_account'),
-                history_dissoc_account=DetailedHistory.get_key_val(detail_dict, 'dissoc_account'))
+                                                       history_assoc_account=DetailedHistory.get_key_val(detail_dict,
+                                                                                                         'assoc_account'),
+                                                       history_dissoc_account=DetailedHistory.get_key_val(detail_dict,
+                                                                                                          'dissoc_account'))
 
     # check for lower key as well for old databases
     @staticmethod
@@ -936,367 +975,383 @@ def get_key_val(_dict, key):
 
 # convert a list of History objects into DetailedHistory objects
 def convert_histories(histories):
-	changes_set = dict()
-	detailedHistories = []
-	j = 0
-	for i in range(len(histories)):
-		if histories[i].detail and ('add_rrsets' in histories[i].detail or 'del_rrsets' in histories[i].detail):
-			extract_changelogs_from_a_history_entry(changes_set, histories[i], j)
-			if j in changes_set:
-				detailedHistories.append(DetailedHistory(histories[i], changes_set[j]))
-			else: # no changes were found
-				detailedHistories.append(DetailedHistory(histories[i], None))
-			j += 1
-
-		else:
-			detailedHistories.append(DetailedHistory(histories[i], None))
-	return detailedHistories
+    changes_set = dict()
+    detailedHistories = []
+    j = 0
+    for i in range(len(histories)):
+        if histories[i].detail and ('add_rrsets' in histories[i].detail or 'del_rrsets' in histories[i].detail):
+            extract_changelogs_from_a_history_entry(changes_set, histories[i], j)
+            if j in changes_set:
+                detailedHistories.append(DetailedHistory(histories[i], changes_set[j]))
+            else:  # no changes were found
+                detailedHistories.append(DetailedHistory(histories[i], None))
+            j += 1
+
+        else:
+            detailedHistories.append(DetailedHistory(histories[i], None))
+    return detailedHistories
+
 
 @admin_bp.route('/history', methods=['GET', 'POST'])
 @login_required
 @history_access_required
 def history():
-	if request.method == 'POST':
-		if current_user.role.name != 'Administrator':
-			return make_response(
-				jsonify({
-					'status': 'error',
-					'msg': 'You do not have permission to remove history.'
-				}), 401)
-
-		if Setting().get('preserve_history'):
-			return make_response(
-				jsonify({
-					'status': 'error',
-					'msg': 'History removal is not allowed (toggle preserve_history in settings).'
-				}), 401)
-
-		h = History()
-		result = h.remove_all()
-		if result:
-			history = History(msg='Remove all histories',
-							  created_by=current_user.username)
-			history.add()
-			return make_response(
-				jsonify({
-					'status': 'ok',
-					'msg': 'Changed user role successfully.'
-				}), 200)
-		else:
-			return make_response(
-				jsonify({
-					'status': 'error',
-					'msg': 'Can not remove histories.'
-				}), 500)
-
-
-	if request.method == 'GET':
-		doms = accounts = users = ""
-		if current_user.role.name in [ 'Administrator', 'Operator']:
-			all_domain_names = Domain.query.all()
-			all_account_names = Account.query.all()
-			all_user_names = User.query.all()
-
-
-
-			for d in all_domain_names:
-				doms += d.name + " "
-			for acc in all_account_names:
-				accounts += acc.name + " "
-			for usr in all_user_names:
-				users += usr.username + " "
-		else: # special autocomplete for users
-			all_domain_names = db.session.query(Domain) \
-				.outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-				.outerjoin(Account, Domain.account_id == Account.id) \
-				.outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-				.filter(
-				db.or_(
-					DomainUser.user_id == current_user.id,
-					AccountUser.user_id == current_user.id
-				)).all()
-
-			all_account_names = db.session.query(Account) \
-				.outerjoin(Domain, Domain.account_id == Account.id) \
-				.outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-				.outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-				.filter(
-				db.or_(
-					DomainUser.user_id == current_user.id,
-					AccountUser.user_id == current_user.id
-				)).all()
-
-
-			all_user_names = []
-			for a in all_account_names:
-				temp =  db.session.query(User) \
-						.join(AccountUser, AccountUser.user_id == User.id) \
-						.outerjoin(Account, Account.id == AccountUser.account_id) \
-						.filter(
-							db.or_(
-								Account.id == a.id,
-								AccountUser.account_id == a.id
-							)
-						) \
-						.all()
-				for u in temp:
-					if u in all_user_names:
-						continue
-					all_user_names.append(u)
-
-			for d in all_domain_names:
-				doms += d.name + " "
-
-			for a in all_account_names:
-				accounts += a.name + " "
-			for u in all_user_names:
-				users += u.username + " "
-		return render_template('admin_history.html', all_domain_names=doms, all_account_names=accounts, all_usernames=users)
+    if request.method == 'POST':
+        if current_user.role.name != 'Administrator':
+            return make_response(
+                jsonify({
+                    'status': 'error',
+                    'msg': 'You do not have permission to remove history.'
+                }), 401)
+
+        if Setting().get('preserve_history'):
+            return make_response(
+                jsonify({
+                    'status': 'error',
+                    'msg': 'History removal is not allowed (toggle preserve_history in settings).'
+                }), 401)
+
+        h = History()
+        result = h.remove_all()
+        if result:
+            history = History(msg='Remove all histories',
+                              created_by=current_user.username)
+            history.add()
+            return make_response(
+                jsonify({
+                    'status': 'ok',
+                    'msg': 'Changed user role successfully.'
+                }), 200)
+        else:
+            return make_response(
+                jsonify({
+                    'status': 'error',
+                    'msg': 'Can not remove histories.'
+                }), 500)
+
+    if request.method == 'GET':
+        doms = accounts = users = ""
+        if current_user.role.name in ['Administrator', 'Operator']:
+            all_domain_names = Domain.query.all()
+            all_account_names = Account.query.all()
+            all_user_names = User.query.all()
+
+            for d in all_domain_names:
+                doms += d.name + " "
+            for acc in all_account_names:
+                accounts += acc.name + " "
+            for usr in all_user_names:
+                users += usr.username + " "
+        else:  # special autocomplete for users
+            all_domain_names = db.session.query(Domain) \
+                .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+                .outerjoin(Account, Domain.account_id == Account.id) \
+                .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+                .filter(
+                db.or_(
+                    DomainUser.user_id == current_user.id,
+                    AccountUser.user_id == current_user.id
+                )).all()
+
+            all_account_names = db.session.query(Account) \
+                .outerjoin(Domain, Domain.account_id == Account.id) \
+                .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+                .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+                .filter(
+                db.or_(
+                    DomainUser.user_id == current_user.id,
+                    AccountUser.user_id == current_user.id
+                )).all()
+
+            all_user_names = []
+            for a in all_account_names:
+                temp = db.session.query(User) \
+                    .join(AccountUser, AccountUser.user_id == User.id) \
+                    .outerjoin(Account, Account.id == AccountUser.account_id) \
+                    .filter(
+                    db.or_(
+                        Account.id == a.id,
+                        AccountUser.account_id == a.id
+                    )
+                ) \
+                    .all()
+                for u in temp:
+                    if u in all_user_names:
+                        continue
+                    all_user_names.append(u)
+
+            for d in all_domain_names:
+                doms += d.name + " "
+
+            for a in all_account_names:
+                accounts += a.name + " "
+            for u in all_user_names:
+                users += u.username + " "
+        return render_template('admin_history.html', all_domain_names=doms, all_account_names=accounts,
+                               all_usernames=users)
+
 
 # local_offset is the offset of the utc to the local time
 # offset must be int
 # return the date converted and simplified
 def from_utc_to_local(local_offset, timeframe):
-	offset = str(local_offset *(-1))
-	date_split = str(timeframe).split(".")[0]
-	date_converted = datetime.datetime.strptime(date_split, '%Y-%m-%d %H:%M:%S') + datetime.timedelta(minutes=int(offset))
-	return date_converted
+    offset = str(local_offset * (-1))
+    date_split = str(timeframe).split(".")[0]
+    date_converted = datetime.datetime.strptime(date_split, '%Y-%m-%d %H:%M:%S') + datetime.timedelta(
+        minutes=int(offset))
+    return date_converted
+
 
 @admin_bp.route('/history_table', methods=['GET', 'POST'])
 @login_required
 @history_access_required
-def history_table():    # ajax call data
-
-	if request.method == 'POST':
-		if current_user.role.name != 'Administrator':
-			return make_response(
-				jsonify({
-					'status': 'error',
-					'msg': 'You do not have permission to remove history.'
-				}), 401)
-
-		h = History()
-		result = h.remove_all()
-		if result:
-			history = History(msg='Remove all histories',
-							  created_by=current_user.username)
-			history.add()
-			return make_response(
-				jsonify({
-					'status': 'ok',
-					'msg': 'Changed user role successfully.'
-				}), 200)
-		else:
-			return make_response(
-				jsonify({
-					'status': 'error',
-					'msg': 'Can not remove histories.'
-				}), 500)
-
-	detailedHistories = []
-	lim = int(Setting().get('max_history_records'))  # max num of records
-
-	if request.method == 'GET':
-		if current_user.role.name in [ 'Administrator', 'Operator' ]:
-			base_query = History.query
-		else:
-			# if the user isn't an administrator or operator,
-			# allow_user_view_history must be enabled to get here,
-			# so include history for the domains for the user
-			base_query = db.session.query(History) \
-				.join(Domain, History.domain_id == Domain.id) \
-				.outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-				.outerjoin(Account, Domain.account_id == Account.id) \
-				.outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-				.filter(
-				db.or_(
-					DomainUser.user_id == current_user.id,
-					AccountUser.user_id == current_user.id
-				))
-
-		domain_name = request.args.get('domain_name_filter') if request.args.get('domain_name_filter') != None \
-															and len(request.args.get('domain_name_filter')) != 0 else None
-		account_name = request.args.get('account_name_filter') if request.args.get('account_name_filter') != None \
-															and len(request.args.get('account_name_filter')) != 0 else None
-		user_name = request.args.get('auth_name_filter') if request.args.get('auth_name_filter') != None \
-															and len(request.args.get('auth_name_filter')) != 0 else None
-
-		min_date = request.args.get('min') if request.args.get('min') != None and len( request.args.get('min')) != 0 else None
-		if min_date != None:    # get 1 day earlier, to check for timezone errors
-			min_date = str(datetime.datetime.strptime(min_date, '%Y-%m-%d') - datetime.timedelta(days=1))
-		max_date = request.args.get('max') if request.args.get('max') != None and len( request.args.get('max')) != 0 else None
-		if max_date != None:    # get 1 day later, to check for timezone errors
-			max_date = str(datetime.datetime.strptime(max_date, '%Y-%m-%d') + datetime.timedelta(days=1))
-		tzoffset = request.args.get('tzoffset') if request.args.get('tzoffset') != None and len(request.args.get('tzoffset')) != 0 else None
-		changed_by = request.args.get('user_name_filter') if  request.args.get('user_name_filter') != None \
-															and len(request.args.get('user_name_filter')) != 0 else None
-		"""
-			Auth methods: LOCAL, Github OAuth, Azure OAuth, SAML, OIDC OAuth, Google OAuth
-		"""
-		auth_methods = []
-		if (request.args.get('auth_local_only_checkbox') is None \
-														and request.args.get('auth_oauth_only_checkbox') is None \
-														and request.args.get('auth_saml_only_checkbox') is None and request.args.get('auth_all_checkbox') is None):
-			auth_methods = []
-		if request.args.get('auth_all_checkbox') == "on":
-			auth_methods.append("")
-		if request.args.get('auth_local_only_checkbox') == "on":
-			auth_methods.append("LOCAL")
-		if request.args.get('auth_oauth_only_checkbox') == "on":
-			auth_methods.append("OAuth")
-		if request.args.get('auth_saml_only_checkbox') == "on":
-			auth_methods.append("SAML")
-
-		if request.args.get('domain_changelog_only_checkbox') != None:
-			changelog_only = True if request.args.get('domain_changelog_only_checkbox') == "on" else False
-		else:
-			changelog_only = False
-
-
-
-
-		# users cannot search for authentication
-		if user_name != None and current_user.role.name not in [ 'Administrator', 'Operator']:
-			histories = []
-		elif domain_name != None:
-
-			if not changelog_only:
-				histories = base_query \
-				.filter(
-					db.and_(
-						db.or_(
-							History.msg.like("%domain "+ domain_name) if domain_name != "*" else History.msg.like("%domain%"),
-							History.msg.like("%domain "+ domain_name + " access control") if domain_name != "*" else History.msg.like("%domain%access control")
-						),
-						History.created_on <= max_date  if max_date != None else True,
-						History.created_on >= min_date if min_date != None else True,
-						History.created_by == changed_by if changed_by != None else True
-					)
-				).order_by(History.created_on.desc()).limit(lim).all()
-			else:
-				# search for records changes only
-				histories = base_query \
-							.filter(
-								db.and_(
-									History.msg.like("Apply record changes to domain " + domain_name) if domain_name != "*" \
-																			else History.msg.like("Apply record changes to domain%"),
-									History.created_on <= max_date  if max_date != None else True,
-									History.created_on >= min_date if min_date != None else True,
-									History.created_by == changed_by if changed_by != None else True
-
-								)
-							).order_by(History.created_on.desc()) \
-							.limit(lim).all()
-		elif account_name != None:
-			if current_user.role.name in ['Administrator', 'Operator']:
-				histories = base_query \
-					.join(Domain, History.domain_id == Domain.id) \
-					.outerjoin(Account, Domain.account_id == Account.id) \
-					.filter(
-						db.and_(
-							Account.id == Domain.account_id,
-							account_name == Account.name if account_name != "*" else True,
-							History.created_on <= max_date if max_date != None else True,
-							History.created_on >= min_date if min_date != None else True,
-							History.created_by == changed_by if changed_by != None else True
-						)
-					).order_by(History.created_on.desc()) \
-					.limit(lim).all()
-			else:
-				histories = base_query \
-							.filter(
-								db.and_(
-									Account.id == Domain.account_id,
-									account_name == Account.name if account_name != "*" else True,
-									History.created_on <= max_date if max_date != None else True,
-									History.created_on >= min_date if min_date != None else True,
-									History.created_by == changed_by if changed_by != None else True
-								)
-							).order_by(History.created_on.desc()) \
-							.limit(lim).all()
-		elif user_name != None and current_user.role.name in [ 'Administrator', 'Operator']: # only admins can see the user login-logouts
-
-			histories = History.query \
-					.filter(
-						db.and_(
-							db.or_(
-								History.msg.like("User "+ user_name + " authentication%") if user_name != "*" and user_name != None else History.msg.like("%authentication%"),
-								History.msg.like("User "+ user_name + " was not authorized%") if user_name != "*" and user_name != None else History.msg.like("User%was not authorized%")
-							),
-							History.created_on <= max_date if max_date != None else True,
-							History.created_on >= min_date if min_date != None else True,
-							History.created_by == changed_by if changed_by != None else True
-						)
-					) \
-					.order_by(History.created_on.desc()).limit(lim).all()
-			temp = []
-			for h in histories:
-				for method in auth_methods:
-					if method in h.detail:
-						temp.append(h)
-						break
-			histories = temp
-		elif (changed_by != None or max_date != None) and current_user.role.name in [ 'Administrator', 'Operator'] :   # select changed by and date filters only
-			histories = History.query \
-					.filter(
-						db.and_(
-							History.created_on <= max_date  if max_date != None else True,
-							History.created_on >= min_date if min_date != None else True,
-							History.created_by == changed_by if changed_by != None else True
-						)
-					) \
-					.order_by(History.created_on.desc()).limit(lim).all()
-		elif (changed_by != None or max_date != None): # special filtering for user because one user does not have access to log-ins logs
-			histories = base_query \
-					.filter(
-						db.and_(
-							History.created_on <= max_date if max_date != None else True,
-							History.created_on >= min_date if min_date != None else True,
-							History.created_by == changed_by if changed_by != None else True
-						)
-					) \
-					.order_by(History.created_on.desc()).limit(lim).all()
-		elif max_date != None:  # if changed by == null and only date is applied
-			histories = base_query.filter(
-							db.and_(
-								History.created_on <= max_date if max_date != None else True,
-								History.created_on >= min_date if min_date != None else True,
-							)
-			).order_by(History.created_on.desc()).limit(lim).all()
-		else:  # default view
-			if current_user.role.name in [ 'Administrator', 'Operator']:
-				histories = History.query.order_by(History.created_on.desc()).limit(lim).all()
-			else:
-				histories = db.session.query(History) \
-					.join(Domain, History.domain_id == Domain.id) \
-					.outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-					.outerjoin(Account, Domain.account_id == Account.id) \
-					.outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-					.order_by(History.created_on.desc()) \
-					.filter(
-					db.or_(
-						DomainUser.user_id == current_user.id,
-						AccountUser.user_id == current_user.id
-					)).limit(lim).all()
-
-		detailedHistories = convert_histories(histories)
-
-		# Remove dates from previous or next day that were brought over
-		if tzoffset != None:
-			if min_date != None:
-				min_date_split = min_date.split()[0]
-			if max_date != None:
-				max_date_split = max_date.split()[0]
-			for i, history_rec in enumerate(detailedHistories):
-				local_date = str(from_utc_to_local(int(tzoffset), history_rec.history.created_on).date())
-				if (min_date != None and local_date == min_date_split) or (max_date != None and local_date == max_date_split):
-					detailedHistories[i] = None
-
-		# Remove elements previously flagged as None
-		detailedHistories = [h for h in detailedHistories if h is not None]
-
-		return render_template('admin_history_table.html', histories=detailedHistories, len_histories=len(detailedHistories), lim=lim)
+def history_table():  # ajax call data
 
+    if request.method == 'POST':
+        if current_user.role.name != 'Administrator':
+            return make_response(
+                jsonify({
+                    'status': 'error',
+                    'msg': 'You do not have permission to remove history.'
+                }), 401)
+
+        h = History()
+        result = h.remove_all()
+        if result:
+            history = History(msg='Remove all histories',
+                              created_by=current_user.username)
+            history.add()
+            return make_response(
+                jsonify({
+                    'status': 'ok',
+                    'msg': 'Changed user role successfully.'
+                }), 200)
+        else:
+            return make_response(
+                jsonify({
+                    'status': 'error',
+                    'msg': 'Can not remove histories.'
+                }), 500)
+
+    detailedHistories = []
+    lim = int(Setting().get('max_history_records'))  # max num of records
+
+    if request.method == 'GET':
+        if current_user.role.name in ['Administrator', 'Operator']:
+            base_query = History.query
+        else:
+            # if the user isn't an administrator or operator,
+            # allow_user_view_history must be enabled to get here,
+            # so include history for the domains for the user
+            base_query = db.session.query(History) \
+                .join(Domain, History.domain_id == Domain.id) \
+                .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+                .outerjoin(Account, Domain.account_id == Account.id) \
+                .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+                .filter(
+                db.or_(
+                    DomainUser.user_id == current_user.id,
+                    AccountUser.user_id == current_user.id
+                ))
+
+        domain_name = request.args.get('domain_name_filter') if request.args.get('domain_name_filter') != None \
+                                                                and len(
+            request.args.get('domain_name_filter')) != 0 else None
+        account_name = request.args.get('account_name_filter') if request.args.get('account_name_filter') != None \
+                                                                  and len(
+            request.args.get('account_name_filter')) != 0 else None
+        user_name = request.args.get('auth_name_filter') if request.args.get('auth_name_filter') != None \
+                                                            and len(request.args.get('auth_name_filter')) != 0 else None
+
+        min_date = request.args.get('min') if request.args.get('min') != None and len(
+            request.args.get('min')) != 0 else None
+        if min_date != None:  # get 1 day earlier, to check for timezone errors
+            min_date = str(datetime.datetime.strptime(min_date, '%Y-%m-%d') - datetime.timedelta(days=1))
+        max_date = request.args.get('max') if request.args.get('max') != None and len(
+            request.args.get('max')) != 0 else None
+        if max_date != None:  # get 1 day later, to check for timezone errors
+            max_date = str(datetime.datetime.strptime(max_date, '%Y-%m-%d') + datetime.timedelta(days=1))
+        tzoffset = request.args.get('tzoffset') if request.args.get('tzoffset') != None and len(
+            request.args.get('tzoffset')) != 0 else None
+        changed_by = request.args.get('user_name_filter') if request.args.get('user_name_filter') != None \
+                                                             and len(
+            request.args.get('user_name_filter')) != 0 else None
+        """
+            Auth methods: LOCAL, Github OAuth, Azure OAuth, SAML, OIDC OAuth, Google OAuth
+        """
+        auth_methods = []
+        if (request.args.get('auth_local_only_checkbox') is None \
+                and request.args.get('auth_oauth_only_checkbox') is None \
+                and request.args.get('auth_saml_only_checkbox') is None and request.args.get(
+                    'auth_all_checkbox') is None):
+            auth_methods = []
+        if request.args.get('auth_all_checkbox') == "on":
+            auth_methods.append("")
+        if request.args.get('auth_local_only_checkbox') == "on":
+            auth_methods.append("LOCAL")
+        if request.args.get('auth_oauth_only_checkbox') == "on":
+            auth_methods.append("OAuth")
+        if request.args.get('auth_saml_only_checkbox') == "on":
+            auth_methods.append("SAML")
+
+        if request.args.get('domain_changelog_only_checkbox') != None:
+            changelog_only = True if request.args.get('domain_changelog_only_checkbox') == "on" else False
+        else:
+            changelog_only = False
+
+        # users cannot search for authentication
+        if user_name != None and current_user.role.name not in ['Administrator', 'Operator']:
+            histories = []
+        elif domain_name != None:
+
+            if not changelog_only:
+                histories = base_query \
+                    .filter(
+                    db.and_(
+                        db.or_(
+                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like(
+                                "%domain%"),
+                            History.msg.like(
+                                "%domain " + domain_name + " access control") if domain_name != "*" else History.msg.like(
+                                "%domain%access control")
+                        ),
+                        History.created_on <= max_date if max_date != None else True,
+                        History.created_on >= min_date if min_date != None else True,
+                        History.created_by == changed_by if changed_by != None else True
+                    )
+                ).order_by(History.created_on.desc()).limit(lim).all()
+            else:
+                # search for records changes only
+                histories = base_query \
+                    .filter(
+                    db.and_(
+                        History.msg.like("Apply record changes to domain " + domain_name) if domain_name != "*" \
+                            else History.msg.like("Apply record changes to domain%"),
+                        History.created_on <= max_date if max_date != None else True,
+                        History.created_on >= min_date if min_date != None else True,
+                        History.created_by == changed_by if changed_by != None else True
+
+                    )
+                ).order_by(History.created_on.desc()) \
+                    .limit(lim).all()
+        elif account_name != None:
+            if current_user.role.name in ['Administrator', 'Operator']:
+                histories = base_query \
+                    .join(Domain, History.domain_id == Domain.id) \
+                    .outerjoin(Account, Domain.account_id == Account.id) \
+                    .filter(
+                    db.and_(
+                        Account.id == Domain.account_id,
+                        account_name == Account.name if account_name != "*" else True,
+                        History.created_on <= max_date if max_date != None else True,
+                        History.created_on >= min_date if min_date != None else True,
+                        History.created_by == changed_by if changed_by != None else True
+                    )
+                ).order_by(History.created_on.desc()) \
+                    .limit(lim).all()
+            else:
+                histories = base_query \
+                    .filter(
+                    db.and_(
+                        Account.id == Domain.account_id,
+                        account_name == Account.name if account_name != "*" else True,
+                        History.created_on <= max_date if max_date != None else True,
+                        History.created_on >= min_date if min_date != None else True,
+                        History.created_by == changed_by if changed_by != None else True
+                    )
+                ).order_by(History.created_on.desc()) \
+                    .limit(lim).all()
+        elif user_name != None and current_user.role.name in ['Administrator',
+                                                              'Operator']:  # only admins can see the user login-logouts
+
+            histories = History.query \
+                .filter(
+                db.and_(
+                    db.or_(
+                        History.msg.like(
+                            "User " + user_name + " authentication%") if user_name != "*" and user_name != None else History.msg.like(
+                            "%authentication%"),
+                        History.msg.like(
+                            "User " + user_name + " was not authorized%") if user_name != "*" and user_name != None else History.msg.like(
+                            "User%was not authorized%")
+                    ),
+                    History.created_on <= max_date if max_date != None else True,
+                    History.created_on >= min_date if min_date != None else True,
+                    History.created_by == changed_by if changed_by != None else True
+                )
+            ) \
+                .order_by(History.created_on.desc()).limit(lim).all()
+            temp = []
+            for h in histories:
+                for method in auth_methods:
+                    if method in h.detail:
+                        temp.append(h)
+                        break
+            histories = temp
+        elif (changed_by != None or max_date != None) and current_user.role.name in ['Administrator',
+                                                                                     'Operator']:  # select changed by and date filters only
+            histories = History.query \
+                .filter(
+                db.and_(
+                    History.created_on <= max_date if max_date != None else True,
+                    History.created_on >= min_date if min_date != None else True,
+                    History.created_by == changed_by if changed_by != None else True
+                )
+            ) \
+                .order_by(History.created_on.desc()).limit(lim).all()
+        elif (
+                changed_by != None or max_date != None):  # special filtering for user because one user does not have access to log-ins logs
+            histories = base_query \
+                .filter(
+                db.and_(
+                    History.created_on <= max_date if max_date != None else True,
+                    History.created_on >= min_date if min_date != None else True,
+                    History.created_by == changed_by if changed_by != None else True
+                )
+            ) \
+                .order_by(History.created_on.desc()).limit(lim).all()
+        elif max_date != None:  # if changed by == null and only date is applied
+            histories = base_query.filter(
+                db.and_(
+                    History.created_on <= max_date if max_date != None else True,
+                    History.created_on >= min_date if min_date != None else True,
+                )
+            ).order_by(History.created_on.desc()).limit(lim).all()
+        else:  # default view
+            if current_user.role.name in ['Administrator', 'Operator']:
+                histories = History.query.order_by(History.created_on.desc()).limit(lim).all()
+            else:
+                histories = db.session.query(History) \
+                    .join(Domain, History.domain_id == Domain.id) \
+                    .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+                    .outerjoin(Account, Domain.account_id == Account.id) \
+                    .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+                    .order_by(History.created_on.desc()) \
+                    .filter(
+                    db.or_(
+                        DomainUser.user_id == current_user.id,
+                        AccountUser.user_id == current_user.id
+                    )).limit(lim).all()
+
+        detailedHistories = convert_histories(histories)
+
+        # Remove dates from previous or next day that were brought over
+        if tzoffset != None:
+            if min_date != None:
+                min_date_split = min_date.split()[0]
+            if max_date != None:
+                max_date_split = max_date.split()[0]
+            for i, history_rec in enumerate(detailedHistories):
+                local_date = str(from_utc_to_local(int(tzoffset), history_rec.history.created_on).date())
+                if (min_date != None and local_date == min_date_split) or (
+                        max_date != None and local_date == max_date_split):
+                    detailedHistories[i] = None
+
+        # Remove elements previously flagged as None
+        detailedHistories = [h for h in detailedHistories if h is not None]
+
+        return render_template('admin_history_table.html', histories=detailedHistories,
+                               len_histories=len(detailedHistories), lim=lim)
 
 
 @admin_bp.route('/setting/basic', methods=['GET'])
@@ -1477,9 +1532,9 @@ def setting_authentication():
             if not has_an_auth_method(local_db_enabled=local_db_enabled):
                 result = {
                     'status':
-                    False,
+                        False,
                     'msg':
-                    'Must have at least one authentication method enabled.'
+                        'Must have at least one authentication method enabled.'
                 }
             else:
                 Setting().set('local_db_enabled', local_db_enabled)
@@ -1528,20 +1583,19 @@ def setting_authentication():
                 Setting().set('autoprovisioning_attribute',
                               request.form.get('autoprovisioning_attribute'))
 
-                if request.form.get('autoprovisioning')=='ON':
-                    if  validateURN(request.form.get('urn_value')):
+                if request.form.get('autoprovisioning') == 'ON':
+                    if validateURN(request.form.get('urn_value')):
                         Setting().set('urn_value',
-                                       request.form.get('urn_value'))
+                                      request.form.get('urn_value'))
                     else:
                         return render_template('admin_setting_authentication.html',
-                                    error="Invalid urn")
+                                               error="Invalid urn")
                 else:
                     Setting().set('urn_value',
-                                       request.form.get('urn_value'))
+                                  request.form.get('urn_value'))
 
                 Setting().set('purge', True
-                    if request.form.get('purge') == 'ON' else False)
-
+                if request.form.get('purge') == 'ON' else False)
 
                 result = {'status': True, 'msg': 'Saved successfully'}
         elif conf_type == 'google':
@@ -1571,7 +1625,7 @@ def setting_authentication():
                 result = {
                     'status': True,
                     'msg':
-                    'Saved successfully. Please reload PDA to take effect.'
+                        'Saved successfully. Please reload PDA to take effect.'
                 }
         elif conf_type == 'github':
             github_oauth_enabled = True if request.form.get(
@@ -1600,7 +1654,7 @@ def setting_authentication():
                 result = {
                     'status': True,
                     'msg':
-                    'Saved successfully. Please reload PDA to take effect.'
+                        'Saved successfully. Please reload PDA to take effect.'
                 }
         elif conf_type == 'azure':
             azure_oauth_enabled = True if request.form.get(
@@ -1649,7 +1703,7 @@ def setting_authentication():
                 result = {
                     'status': True,
                     'msg':
-                    'Saved successfully. Please reload PDA to take effect.'
+                        'Saved successfully. Please reload PDA to take effect.'
                 }
         elif conf_type == 'oidc':
             oidc_oauth_enabled = True if request.form.get(
@@ -1694,7 +1748,7 @@ def setting_authentication():
                 result = {
                     'status': True,
                     'msg':
-                    'Saved successfully. Please reload PDA to take effect.'
+                        'Saved successfully. Please reload PDA to take effect.'
                 }
         else:
             return abort(400)
@@ -1738,10 +1792,10 @@ def create_template():
             result = t.create()
             if result['status'] == 'ok':
                 history = History(msg='Add domain template {0}'.format(name),
-                                  detail = json.dumps({
-                                        'name': name,
-                                        'description': description
-                                    }),
+                                  detail=json.dumps({
+                                      'name': name,
+                                      'description': description
+                                  }),
                                   created_by=current_user.username)
                 history.add()
                 return redirect(url_for('admin.templates'))
@@ -1776,19 +1830,19 @@ def create_template_from_zone():
             return make_response(
                 jsonify({
                     'status':
-                    'error',
+                        'error',
                     'msg':
-                    'A template with the name {0} already exists!'.format(name)
+                        'A template with the name {0} already exists!'.format(name)
                 }), 409)
 
         t = DomainTemplate(name=name, description=description)
         result = t.create()
         if result['status'] == 'ok':
             history = History(msg='Add domain template {0}'.format(name),
-                              detail = json.dumps({
-                                    'name': name,
-                                    'description': description
-                                }),
+                              detail=json.dumps({
+                                  'name': name,
+                                  'description': description
+                              }),
                               created_by=current_user.username)
             history.add()
 
@@ -1918,7 +1972,7 @@ def apply_records(template):
             history = History(
                 msg='Apply domain template record changes to domain template {0}'
                 .format(template),
-                detail = json.dumps(jdata),
+                detail=json.dumps(jdata),
                 created_by=current_user.username)
             history.add()
             return make_response(jsonify(result), 200)
@@ -1948,7 +2002,7 @@ def delete_template(template):
             if result['status'] == 'ok':
                 history = History(
                     msg='Deleted domain template {0}'.format(template),
-                    detail = json.dumps({'name': template}),
+                    detail=json.dumps({'name': template}),
                     created_by=current_user.username)
                 history.add()
                 return redirect(url_for('admin.templates'))
@@ -2003,28 +2057,29 @@ def global_search():
 
         return render_template('admin_global_search.html', domains=domains, records=records, comments=comments)
 
+
 def validateURN(value):
     NID_PATTERN = re.compile(r'^[0-9a-z][0-9a-z-]{1,31}$', flags=re.IGNORECASE)
     NSS_PCHAR = '[a-z0-9-._~]|%[a-f0-9]{2}|[!$&\'()*+,;=]|:|@'
     NSS_PATTERN = re.compile(fr'^({NSS_PCHAR})({NSS_PCHAR}|/|\?)*$', re.IGNORECASE)
 
-    prefix=value.split(':')
-    if (len(prefix)<3):
-        current_app.logger.warning( "Too small urn prefix" )
+    prefix = value.split(':')
+    if (len(prefix) < 3):
+        current_app.logger.warning("Too small urn prefix")
         return False
 
-    urn=prefix[0]
-    nid=prefix[1]
-    nss=value.replace(urn+":"+nid+":", "")
+    urn = prefix[0]
+    nid = prefix[1]
+    nss = value.replace(urn + ":" + nid + ":", "")
 
-    if not urn.lower()=="urn":
-        current_app.logger.warning( urn + ' contains invalid characters ' )
+    if not urn.lower() == "urn":
+        current_app.logger.warning(urn + ' contains invalid characters ')
         return False
     if not re.match(NID_PATTERN, nid.lower()):
-        current_app.logger.warning( nid + ' contains invalid characters ' )
+        current_app.logger.warning(nid + ' contains invalid characters ')
         return False
     if not re.match(NSS_PATTERN, nss):
-        current_app.logger.warning( nss + ' contains invalid characters ' )
+        current_app.logger.warning(nss + ' contains invalid characters ')
         return False
 
     return True
diff --git a/powerdnsadmin/templates/admin_pdns_stats.html b/powerdnsadmin/templates/admin_pdns_stats.html
deleted file mode 100644
index b0e52f482..000000000
--- a/powerdnsadmin/templates/admin_pdns_stats.html
+++ /dev/null
@@ -1,127 +0,0 @@
-{% extends "base.html" %}
-
-{% set active_page = "admin_console" %}
-
-{% block title %}
-  <title>
-    Admin Console - {{ SITE_NAME }}
-  </title>
-{% endblock %}
-
-{% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            PowerDNS
-            <small>Server Statistics & Configuration</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">PowerDNS Server Statistics & Configuration</li>
-          </ol>
-        </div>
-      </div>
-    </div>
-  </div>
-{% endblock %}
-
-{% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card shadow">
-            <div class="card-header">
-              <h3 class="card-title">PowerDNS Server Statistics</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_statistics" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th width="30%">Statistic</th>
-                    <th>Value</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for statistic in statistics %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
-                        target="_blank" class="btn btn-primary">
-                          <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
-                        </a>
-                      </td>
-                      <td>{{ statistic['value'] }}</td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
-            </div>
-          </div>
-        </div>
-      </div>
-      <div class="row">
-        <div class="col-12">
-          <div class="card shadow">
-            <div class="card-header">
-              <h3 class="card-title">PowerDNS Server Configuration</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_configuration" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th width="30%">Configuration</th>
-                    <th>Value</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for config in configs %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
-                        target="_blank" class="btn btn-primary">
-                          <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
-                        </a>
-                      </td>
-                      <td>
-                        {{ config['value'] }}
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
-            </div>
-          </div>
-        </div>
-      </div>
-    </div>
-  </section>
-{% endblock %}
-
-{% block extrascripts %}
-<script>
-  // set up statistics data table
-  $("#tbl_statistics").DataTable({
-    "paging": true,
-    "lengthChange": true,
-    "searching": true,
-    "ordering": true,
-    "info": true,
-    "autoWidth": false
-  });
-
-  // set up configuration data table
-  $("#tbl_configuration").DataTable({
-    "paging": true,
-    "lengthChange": true,
-    "searching": true,
-    "ordering": true,
-    "info": true,
-    "autoWidth": false
-  });
-</script>
-{% endblock %}
diff --git a/powerdnsadmin/templates/admin_server_configuration.html b/powerdnsadmin/templates/admin_server_configuration.html
new file mode 100644
index 000000000..a56bd1226
--- /dev/null
+++ b/powerdnsadmin/templates/admin_server_configuration.html
@@ -0,0 +1,84 @@
+{% extends "base.html" %}
+{% set active_page = "server_configuration" %}
+{% block title %}<title>Server Configuration - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block dashboard_stat %}
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Server Configuration
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Server Configuration</li>
+                    </ol>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
+
+{% block content %}
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Server Configuration</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_configuration" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th>Configuration</th>
+                                    <th>Value</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for config in configs %}
+                                    <tr class="odd gradeX">
+                                        <td>
+                                            <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
+                                               target="_blank" class="btn btn-primary">
+                                                <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
+                                            </a>
+                                        </td>
+                                        <td>
+                                            {{ config['value'] }}
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
+        </div>
+        <!-- /.container-fluid -->
+    </section>
+{% endblock %}
+
+{% block extrascripts %}
+    <script>
+        // Initialize DataTables
+        $("#tbl_configuration").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": true,
+            "autoWidth": false
+        });
+    </script>
+{% endblock %}
diff --git a/powerdnsadmin/templates/admin_server_statistics.html b/powerdnsadmin/templates/admin_server_statistics.html
new file mode 100644
index 000000000..16ff7d0eb
--- /dev/null
+++ b/powerdnsadmin/templates/admin_server_statistics.html
@@ -0,0 +1,82 @@
+{% extends "base.html" %}
+{% set active_page = "server_statistics" %}
+{% block title %}<title>Server Statistics - {{ SITE_NAME }}</title>{% endblock %}
+
+{% block dashboard_stat %}
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Server Statistics
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Server Statistics</li>
+                    </ol>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
+
+{% block content %}
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Server Statistics</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_statistics" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th width="30%">Statistic</th>
+                                    <th>Value</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for statistic in statistics %}
+                                    <tr class="odd gradeX">
+                                        <td>
+                                            <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
+                                               target="_blank" class="btn btn-primary">
+                                                <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
+                                            </a>
+                                        </td>
+                                        <td>{{ statistic['value'] }}</td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
+        </div>
+        <!-- /.container-fluid -->
+    </section>
+{% endblock %}
+
+{% block extrascripts %}
+    <script>
+        // Initialize DataTables
+        $("#tbl_statistics").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": true,
+            "autoWidth": false
+        });
+    </script>
+{% endblock %}
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index b3ff92c44..d23d6b323 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -115,10 +115,16 @@
                     {% endif %}
                     {% if current_user.role.name in ['Administrator', 'Operator'] %}
                         <li class="nav-header">Administration</li>
-                        <li class="{{ 'nav-item active' if active_page == 'admin_console' else 'nav-item' }}">
-                            <a href="{{ url_for('admin.pdns_stats') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-info-circle"></i>
-                                <p>PowerDNS Info</p>
+                        <li class="{{ 'nav-item active' if active_page == 'server_statistics' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.server_statistics') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-chart-simple"></i>
+                                <p>Server Statistics</p>
+                            </a>
+                        </li>
+                        <li class="{{ 'nav-item active' if active_page == 'server_configuration' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.server_configuration') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-cog"></i>
+                                <p>Server Configuration</p>
                             </a>
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">

From 62018686f58807f3be29a7bedfc5445b7af8d187 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 15:12:34 -0500
Subject: [PATCH 229/475] Updated global styles for record lists as well as
 general card styling.

---
 .../templates/admin_server_configuration.html      |  2 +-
 .../templates/admin_server_statistics.html         |  2 +-
 powerdnsadmin/templates/base.html                  |  6 +++---
 powerdnsadmin/templates/dashboard.html             | 12 ++++++------
 powerdnsadmin/templates/domain_add.html            |  4 ++--
 powerdnsadmin/templates/domain_remove.html         |  4 ++--
 powerdnsadmin/templates/domain_setting.html        | 14 +++++++-------
 7 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/powerdnsadmin/templates/admin_server_configuration.html b/powerdnsadmin/templates/admin_server_configuration.html
index a56bd1226..e45bf71b0 100644
--- a/powerdnsadmin/templates/admin_server_configuration.html
+++ b/powerdnsadmin/templates/admin_server_configuration.html
@@ -27,7 +27,7 @@ <h1 class="m-0 text-dark">
         <div class="container-fluid">
             <div class="row">
                 <div class="col-12">
-                    <div class="card shadow">
+                    <div class="card card-outline card-primary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Server Configuration</h3>
                         </div>
diff --git a/powerdnsadmin/templates/admin_server_statistics.html b/powerdnsadmin/templates/admin_server_statistics.html
index 16ff7d0eb..78fe7460e 100644
--- a/powerdnsadmin/templates/admin_server_statistics.html
+++ b/powerdnsadmin/templates/admin_server_statistics.html
@@ -27,7 +27,7 @@ <h1 class="m-0 text-dark">
         <div class="container-fluid">
             <div class="row">
                 <div class="col-12">
-                    <div class="card shadow">
+                    <div class="card card-outline card-primary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Server Statistics</h3>
                         </div>
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index d23d6b323..abd1a15d1 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -26,9 +26,9 @@
         /* Global Styles */
         table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
         table.records thead th:last-of-type { width: 50px; }
-        div.table-responsive > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
-        div.table-responsive > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
-        div.table-responsive > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
+        div.records > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
+        div.records > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
+        div.records > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
         </style>
         {% block head_styles %}{% endblock %}
     {% endblock %}
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 993d1962b..3ed9ee55e 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -29,7 +29,7 @@ <h1 class="m-0 text-dark">
 
             <div class="row">
                 <div class="col-lg-12">
-                    <div class="card card-outline card-secondary">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Statistics</h3>
                         </div>
@@ -76,7 +76,7 @@ <h3>{{ user_num }}</h3>
                                         </a>
                                     </div>
                                     <div class="col-6 col-sm-3">
-                                        <a href="{{ url_for('admin.pdns_stats') }}">
+                                        <a href="{{ url_for('admin.server_statistics') }}">
                                             <div class="small-box bg-green">
                                                 <div class="inner">
                                                     <h3><span
@@ -105,12 +105,12 @@ <h3><span
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                 <div class="row">
                     <div class="col-12">
-                        <div class="card card-outline card-secondary">
+                        <div class="card card-outline card-secondary shadow">
                             <div class="card-header">
                                 <h3 class="card-title">Recent History</h3>
                             </div>
                             <!-- /.card-header -->
-                            <div class="card-body table-responsive p-0">
+                            <div class="card-body table-responsive records p-0">
                                 <table class="table table-striped table-hover table-sm records">
                                     <thead>
                                     <tr>
@@ -161,7 +161,7 @@ <h3 class="card-title">Recent History</h3>
 
             <div class="row">
                 <div class="col-12">
-                    <div class="card card-outline card-primary">
+                    <div class="card card-outline card-primary shadow">
                         <div class="card-header">
                             <h3 class="card-title">
                                 Zones
@@ -199,7 +199,7 @@ <h3 class="card-title">
                             <div class="tab-content">
                                 {% for boxId in custom_boxes.order %}
                                     <div class="tab-pane show" id='tab_{{ boxId }}'>
-                                        <div class="card-body table-responsive p-0 pt-2">
+                                        <div class="card-body table-responsive records p-0 pt-2">
                                             <table id='tbl_domain_list_{{ boxId }}'
                                                    class="table table-striped table-hover table-sm records">
                                                 <thead>
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index 6d2be084b..cb76be1da 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -29,7 +29,7 @@ <h1 class="m-0 text-dark">
                 <div class="col-12 col-sm-6 col-lg-4">
                     <form role="form" method="post" action="{{ url_for('domain.add') }}">
                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <div class="card">
+                        <div class="card card-outline card-primary shadow">
                             <div class="card-header">
                                 <h3 class="card-title">Zone Editor</h3>
                             </div>
@@ -143,7 +143,7 @@ <h3 class="card-title">Zone Editor</h3>
                 </div>
                 <!-- /.col -->
                 <div class="col-12 col-sm-6 col-lg-8">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Zone Editor Help</h3>
                         </div>
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 7435168ce..75c3e26e7 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -27,7 +27,7 @@ <h1 class="m-0 text-dark">
         <div class="container-fluid">
             <div class="row">
                 <div class="col-12 col-sm-6 col-lg-4">
-                    <div class="card">
+                    <div class="card card-outline card-primary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Zone Selector</h3>
                         </div>
@@ -58,7 +58,7 @@ <h3 class="card-title">Zone Selector</h3>
                     </div>
                 </div>
                 <div class="col-12 col-sm-6 col-lg-8">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Zone Selector Help</h3>
                         </div>
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 50bda9564..0a172048d 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -48,7 +48,7 @@ <h1 class="m-0 text-dark">
                     <form method="post"
                           action="{{ url_for('domain.change_account', domain_name=domain.name) }}">
                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <div class="card">
+                        <div class="card card-outline card-secondary shadow">
                             <div class="card-header">
                                 <h3 class="card-title">Change Zone Account</h3>
                             </div>
@@ -82,7 +82,7 @@ <h3 class="card-title">Change Zone Account</h3>
                 <!-- /.col -->
 
                 <div class="col-12 col-sm-4">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Auto PTR creation</h3>
                         </div>
@@ -108,7 +108,7 @@ <h3 class="card-title">Auto PTR creation</h3>
                 <!-- /.col -->
 
                 <div class="col-12 col-sm-4">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">DynDNS 2 Settings</h3>
                         </div>
@@ -136,7 +136,7 @@ <h3 class="card-title">DynDNS 2 Settings</h3>
                 <div class="col-12 col-sm-4">
                     <form method="post" action="{{ url_for('domain.setting', domain_name=domain.name) }}">
                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <div class="card">
+                        <div class="card card-outline card-secondary shadow">
                             <div class="card-header">
                                 <h3 class="card-title">Zone Access Control</h3>
                             </div>
@@ -188,7 +188,7 @@ <h3 class="card-title">Zone Access Control</h3>
 
             <div class="row">
                 <div class="col-12">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Change Zone Type</h3>
                         </div>
@@ -240,7 +240,7 @@ <h3 class="card-title">Change Zone Type</h3>
 
             <div class="row">
                 <div class="col-12">
-                    <div class="card">
+                    <div class="card card-outline card-secondary shadow">
                         <div class="card-header">
                             <h3 class="card-title">Change SOA-EDIT-API</h3>
                         </div>
@@ -293,7 +293,7 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
 
             <div class="row">
                 <div class="col-12">
-                    <div class="card">
+                    <div class="card card-outline card-danger shadow">
                         <div class="card-header">
                             <h3 class="card-title">Remove Zone</h3>
                         </div>

From 67040ad9c2e5cf2b1e065efb65261d5a0dd6c8b2 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 15:16:50 -0500
Subject: [PATCH 230/475] Completed first-round of updates for the server
 statistics and configuration features.

---
 powerdnsadmin/templates/admin_server_configuration.html | 2 +-
 powerdnsadmin/templates/admin_server_statistics.html    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/templates/admin_server_configuration.html b/powerdnsadmin/templates/admin_server_configuration.html
index e45bf71b0..8317683fa 100644
--- a/powerdnsadmin/templates/admin_server_configuration.html
+++ b/powerdnsadmin/templates/admin_server_configuration.html
@@ -45,7 +45,7 @@ <h3 class="card-title">Server Configuration</h3>
                                     <tr class="odd gradeX">
                                         <td>
                                             <a href="https://doc.powerdns.com/authoritative/search.html?q={{ config['name'] }}"
-                                               target="_blank" class="btn btn-primary">
+                                               target="_blank" class="btn btn-primary" title="Search Documentation">
                                                 <i class="fa-solid fa-search"></i>&nbsp;{{ config['name'] }}
                                             </a>
                                         </td>
diff --git a/powerdnsadmin/templates/admin_server_statistics.html b/powerdnsadmin/templates/admin_server_statistics.html
index 78fe7460e..da6af78e2 100644
--- a/powerdnsadmin/templates/admin_server_statistics.html
+++ b/powerdnsadmin/templates/admin_server_statistics.html
@@ -36,7 +36,7 @@ <h3 class="card-title">Server Statistics</h3>
                             <table id="tbl_statistics" class="table table-bordered table-striped table-hover table-sm">
                                 <thead>
                                 <tr>
-                                    <th width="30%">Statistic</th>
+                                    <th>Statistic</th>
                                     <th>Value</th>
                                 </tr>
                                 </thead>
@@ -45,7 +45,7 @@ <h3 class="card-title">Server Statistics</h3>
                                     <tr class="odd gradeX">
                                         <td>
                                             <a href="https://doc.powerdns.com/authoritative/search.html?q={{ statistic['name'] }}"
-                                               target="_blank" class="btn btn-primary">
+                                               target="_blank" class="btn btn-primary" title="Search Documentation">
                                                 <i class="fa fa-search"></i>&nbsp;{{ statistic['name'] }}
                                             </a>
                                         </td>

From 14e534468aa659788937bdc8d17b795dfde4daf6 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 15:54:11 -0500
Subject: [PATCH 231/475] Working on first-round changes for the global search
 feature.

---
 powerdnsadmin/routes/admin.py                 |   9 +-
 .../templates/admin_global_search.html        | 411 ++++++++++--------
 2 files changed, 242 insertions(+), 178 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 5a90e107f..eb27950f6 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -2055,7 +2055,14 @@ def global_search():
                 else:
                     pass
 
-        return render_template('admin_global_search.html', domains=domains, records=records, comments=comments)
+        params: dict = {
+            'query': query if query is not None else '',
+            'domains': domains,
+            'records': records,
+            'comments': comments,
+        }
+
+        return render_template('admin_global_search.html', **params)
 
 
 def validateURN(value):
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index dfe14a67c..73de7855d 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -1,201 +1,258 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_global_search" %}
-
-{% block title %}
-  <title>
-    Global Search - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Global Search - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Global Search
-            <small>Search for domains, records and comments directly from PDNS API</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Global Search</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-6">
+                    <h1 class="m-0 text-dark">Global Search</h1>
+                </div>
+                <!-- /.col -->
+                <div class="col-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Global Search</li>
+                    </ol>
+                </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
         </div>
-      </div>
+        <!-- /.container-fluid -->
     </div>
-  </div>
+    <!-- /.content-header -->
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Global Search</h3>
-            </div>
-            <div class="card-body">
-              <form action="" method="get">
-                <div class="input-group">
-                  <input type="text" name="q" class="form-control" placeholder="Your keyword...">
-                  <div class="input-group-btn">
-                    <button type="submit" class="btn btn-success"><i class="fa fa-search"></i></button>
-                  </div>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <form action="" method="get">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Global Search</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="callout callout-info">
+                                    <p>This tool can be used to search for domains, records, and comments via the PDNS
+                                        API.</p>
+                                </div>
+                                <!-- /.callout -->
+                                <div class="form-group">
+                                    <div class="input-group">
+                                        <input type="text" name="q" class="form-control" value="{{ query }}"
+                                               placeholder="Enter search query...">
+                                        <button type="submit" class="btn btn-flat btn-success" title="Execute Query">
+                                            <i class="fa fa-search"></i>
+                                        </button>
+                                    </div>
+                                </div>
+                                <!-- /.form-group -->
+                                <div class="callout callout-warning">
+                                    <p>The * character can be used in your keyword as a wildcard character and the ?
+                                        character can be used as a wildcard for a single character.</p>
+                                </div>
+                                <!-- /.callout -->
+                            </div>
+                            <!-- /.card-body -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
                 </div>
-              </form>
-              <div>
-                <p><b>Hints:</b> The * character can be used in your keyword as a wildcard character and the ? character can be used as
-                  a wildcard for a
-                  single character.
-                </p>
-              </div>
+                <!-- /.col -->
             </div>
-          </div>
-        </div>
-      </div>
+            <!-- /.row -->
 
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Domains ({{ domains|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_domain" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Domain</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for domain in domains %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Zones ({{ domains|length }})</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_domain" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th>Zone Name</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for domain in domains %}
+                                    <tr class="odd gradeX">
+                                        <td>
+                                            <a href="{{ url_for('domain.domain', domain_name=domain['name']) }}">{{ domain['name'] }}</a>
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </div>
-        </div>
-      </div>
+            <!-- /.row -->
 
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Records ({{ records|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_record" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Name</th>
-                    <th>Type</th>
-                    <th>Status</th>
-                    <th>TTL</th>
-                    <th>Data</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for record in records %}
-                    <tr class="odd gradeX">
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
-                      </td>
-                      <td>{{ record['type'] }}</td>
-                      <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
-                      <td>{{ record['ttl'] }}</td>
-                      <td>{{ record['content'] }}</td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Records ({{ records|length }})</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_record" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th>Name</th>
+                                    <th>Type</th>
+                                    <th>Status</th>
+                                    <th>TTL</th>
+                                    <th>Data</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for record in records %}
+                                    <tr class="odd gradeX">
+                                        <td>
+                                            <a href="{{ url_for('domain.domain', domain_name=record['zone_id']) }}">{{ record['name'] }}</a>
+                                        </td>
+                                        <td>{{ record['type'] }}</td>
+                                        <td>{{ 'Disabled' if record['disabled'] else 'Active' }}</td>
+                                        <td>{{ record['ttl'] }}</td>
+                                        <td>{{ record['content'] }}</td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </div>
-        </div>
-      </div>
+            <!-- /.row -->
 
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">Comments ({{ comments|length }})</h3>
-            </div>
-            <div class="card-body">
-              <table id="tbl_comment" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Comment</th>
-                    <th>Record</th>
-                    <th>Domain</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for comment in comments %}
-                    <tr class="odd gradeX">
-                      <td>{{ comment['content'] }}</td>
-                      <td>{{ comment['name'] }}</td>
-                      <td>
-                        <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Comments ({{ comments|length }})</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_comment" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th>Comment</th>
+                                    <th>Record</th>
+                                    <th>Zone</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for comment in comments %}
+                                    <tr class="odd gradeX">
+                                        <td>{{ comment['content'] }}</td>
+                                        <td>{{ comment['name'] }}</td>
+                                        <td>
+                                            <a href="{{ url_for('domain.domain', domain_name=comment['zone_id']) }}">{{ comment['zone_id'] }}</a>
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </section>
+        <!-- /.container-fluid -->
+    </section>
+{% endblock %}
+
+{% block head_styles %}
+<style>
+table#tbl_record { table-layout: fixed; }
+table#tbl_record thead th:nth-child(0n+1) { width: 20%;}
+table#tbl_record thead th:nth-child(0n+2),
+table#tbl_record thead th:nth-child(0n+3),
+table#tbl_record thead th:nth-child(0n+4) { width: 5%; }
+table#tbl_record thead th:nth-child(0n+2),
+table#tbl_record thead th:nth-child(0n+3),
+table#tbl_record thead th:nth-child(0n+4),
+table#tbl_record tbody td:nth-child(0n+2),
+table#tbl_record tbody td:nth-child(0n+3),
+table#tbl_record tbody td:nth-child(0n+4) { text-align: center; }
+table#tbl_record tbody td:first-of-type,
+table#tbl_record tbody td:last-of-type { white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
+@media only screen and (max-device-width: 480px) {
+    table#tbl_record thead th:nth-child(0n+1) { width: 10%;}
+    table#tbl_record thead th:nth-child(0n+2),
+    table#tbl_record thead th:nth-child(0n+3),
+    table#tbl_record thead th:nth-child(0n+4) { width: 15%; }
+}
+@media only screen and (max-device-width: 992px) {
+    table#tbl_record { table-layout: auto; }
+}
+@media only screen and (min-device-width: 481px) and (max-device-width: 992px) {
+    table#tbl_record thead th:nth-child(0n+2),
+    table#tbl_record thead th:nth-child(0n+3),
+    table#tbl_record thead th:nth-child(0n+4) { width: 10%; }
+}
+</style>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    // set up domain result data table
-    $("#tbl_domain").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
-    });
+    <script>
+        // Initialize DataTables for zones
+        $("#tbl_domain").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false,
+            "order": [
+                [0, "asc"]
+            ]
+        });
 
-    // set up domain result data table
-    $("#tbl_record").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
-    });
+        // Initialize DataTables for zone records
+        $("#tbl_record").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false,
+            "order": [
+                [0, "asc"]
+            ]
+        });
 
-    // set up domain result data table
-    $("#tbl_comment").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": false,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "order": [
-        [0, "asc"]
-      ]
-    });
-  </script>
+        // Initialize DataTables for comments
+        $("#tbl_comment").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false,
+            "order": [
+                [0, "asc"]
+            ]
+        });
+    </script>
 {% endblock %}

From f48a6b8209e3f5c751a7e48a15dfb014489ff282 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 15:54:54 -0500
Subject: [PATCH 232/475] Working on first-round changes for the global search
 feature.

---
 powerdnsadmin/templates/admin_global_search.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 73de7855d..36262dbc4 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -33,7 +33,7 @@ <h1 class="m-0 text-dark">Global Search</h1>
                     <form action="" method="get">
                         <div class="card card-outline card-primary shadow">
                             <div class="card-header">
-                                <h3 class="card-title">Global Search</h3>
+                                <h3 class="card-title">Search Form</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body">

From e960326a58da9017fc44a778d55ce8274de76dfa Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 16:02:34 -0500
Subject: [PATCH 233/475] Working on first-round changes for the global search
 feature.

---
 .../templates/admin_global_search.html        | 62 ++++++++++---------
 1 file changed, 32 insertions(+), 30 deletions(-)

diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 36262dbc4..4c4e79dd1 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -44,7 +44,9 @@ <h3 class="card-title">Search Form</h3>
                                 <!-- /.callout -->
                                 <div class="form-group">
                                     <div class="input-group">
-                                        <input type="text" name="q" class="form-control" value="{{ query }}"
+                                        <label for="txtQuery" class="input-group-text">Search Query</label>
+                                        <input type="text" id="txtQuery" name="q" class="form-control"
+                                               value="{{ query }}"
                                                placeholder="Enter search query...">
                                         <button type="submit" class="btn btn-flat btn-success" title="Execute Query">
                                             <i class="fa fa-search"></i>
@@ -183,35 +185,35 @@ <h3 class="card-title">Comments ({{ comments|length }})</h3>
 {% endblock %}
 
 {% block head_styles %}
-<style>
-table#tbl_record { table-layout: fixed; }
-table#tbl_record thead th:nth-child(0n+1) { width: 20%;}
-table#tbl_record thead th:nth-child(0n+2),
-table#tbl_record thead th:nth-child(0n+3),
-table#tbl_record thead th:nth-child(0n+4) { width: 5%; }
-table#tbl_record thead th:nth-child(0n+2),
-table#tbl_record thead th:nth-child(0n+3),
-table#tbl_record thead th:nth-child(0n+4),
-table#tbl_record tbody td:nth-child(0n+2),
-table#tbl_record tbody td:nth-child(0n+3),
-table#tbl_record tbody td:nth-child(0n+4) { text-align: center; }
-table#tbl_record tbody td:first-of-type,
-table#tbl_record tbody td:last-of-type { white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
-@media only screen and (max-device-width: 480px) {
-    table#tbl_record thead th:nth-child(0n+1) { width: 10%;}
-    table#tbl_record thead th:nth-child(0n+2),
-    table#tbl_record thead th:nth-child(0n+3),
-    table#tbl_record thead th:nth-child(0n+4) { width: 15%; }
-}
-@media only screen and (max-device-width: 992px) {
-    table#tbl_record { table-layout: auto; }
-}
-@media only screen and (min-device-width: 481px) and (max-device-width: 992px) {
-    table#tbl_record thead th:nth-child(0n+2),
-    table#tbl_record thead th:nth-child(0n+3),
-    table#tbl_record thead th:nth-child(0n+4) { width: 10%; }
-}
-</style>
+    <style>
+        table#tbl_record { table-layout: fixed; }
+        table#tbl_record thead th:nth-child(0n+1) { width: 20%;}
+        table#tbl_record thead th:nth-child(0n+2),
+        table#tbl_record thead th:nth-child(0n+3),
+        table#tbl_record thead th:nth-child(0n+4) { width: 5%; }
+        table#tbl_record thead th:nth-child(0n+2),
+        table#tbl_record thead th:nth-child(0n+3),
+        table#tbl_record thead th:nth-child(0n+4),
+        table#tbl_record tbody td:nth-child(0n+2),
+        table#tbl_record tbody td:nth-child(0n+3),
+        table#tbl_record tbody td:nth-child(0n+4) { text-align: center; }
+        table#tbl_record tbody td:first-of-type,
+        table#tbl_record tbody td:last-of-type { white-space: nowrap; overflow: hidden; text-overflow: ellipsis; }
+        @media only screen and (max-device-width: 480px) {
+            table#tbl_record thead th:nth-child(0n+1) { width: 10%;}
+            table#tbl_record thead th:nth-child(0n+2),
+            table#tbl_record thead th:nth-child(0n+3),
+            table#tbl_record thead th:nth-child(0n+4) { width: 15%; }
+        }
+        @media only screen and (max-device-width: 992px) {
+            table#tbl_record { table-layout: auto; }
+        }
+        @media only screen and (min-device-width: 481px) and (max-device-width: 992px) {
+            table#tbl_record thead th:nth-child(0n+2),
+            table#tbl_record thead th:nth-child(0n+3),
+            table#tbl_record thead th:nth-child(0n+4) { width: 10%; }
+        }
+    </style>
 {% endblock %}
 
 {% block extrascripts %}

From 761909f0f8a6ee326390149488a9c76d62964b52 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 20:27:22 -0500
Subject: [PATCH 234/475] Updated client-side navigation matching to only
 compare the base path without the query string.

---
 powerdnsadmin/static/custom/js/custom.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index 0f096bf05..8b6d0787a 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -291,14 +291,13 @@ function copy_otp_secret_to_clipboard() {
 
 // Side menu nav bar active selection
 /** add active class and stay opened when selected */
-var url = window.location;
 
 // for sidebar menu entirely but not cover treeview
 $('ul.nav-sidebar a').filter(function() {
-    return this.href == url;
+    return this.href == window.location.href.split('?')[0];
 }).addClass('active');
 
 // for treeview
 $('ul.nav-treeview a').filter(function() {
-    return this.href == url;
+    return this.href == window.location.href.split('?')[0];
 }).parentsUntil(".nav-sidebar > .nav-treeview").addClass('menu-open').prev('a').addClass('active');

From c4d9bf3a9cfbd97f395cb47a750ccd79b984f84b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 20:41:26 -0500
Subject: [PATCH 235/475] Started first-round of updates on the activity
 feature AKA history, but it's a very broken implementation that will require
 a complete re-build. Saving that for later.

---
 powerdnsadmin/templates/admin_history.html | 901 +++++++++++----------
 powerdnsadmin/templates/base.html          |   2 +-
 2 files changed, 465 insertions(+), 438 deletions(-)

diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index f2a86196c..68f5f199e 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -1,529 +1,556 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_history" %}
-
-{% block title %}
-  <title>
-    History - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Activity - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            History
-            <small>Recent Events</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">History</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Activity</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item active">History</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
-{% endblock %} 
+{% endblock %}
 
 {% block content %}
-{% import 'applied_change_macro.html' as applied_change_macro %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-12">
-        <div class="card card-outline card-secondary">
-          <div class="card-header with-border">
-            <h3 class="card-title">History Management</h3>
-            {% if current_user.role.name != 'User' %}
-              <button type="button" class="btn btn-danger float-right" data-toggle="modal" data-target="#modal_clear_history" {% if current_user.role.name != 'Administrator' %}disabled{% endif %}>
-                <i class="fa-solid fa-trash"></i>  
-                &nbsp;Clear History
-              </button>
-            {% endif %}
-          </div>
-          <div class="card-body clearfix">
-            <form id="history-search-form" autocomplete="off">
-                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
-                  <li class="nav-item">
-                    <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
-                      Search for All Activity
-                    </a>
-                  </li>
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
-                      Search By Domain
-                    </a>
-                  </li>
-                  <li class="nav-item">
-                    <a class="nav-link with-border" href="#tabs-account" data-toggle="pill" role="tab">
-                      Search By Account
-                    </a>
-                  </li>
-                  {% if current_user.role.name != 'User' %}
-                    <li class="nav-item">
-                      <a class="nav-link" href="#tabs-auth" data-toggle="pill" role="tab">
-                        Search for User Authentication
-                      </a>
-                    </li>
-                  {% endif %}
-                </ul>
-            <div class="tab-content">
-              <div class="tab-pane" id="tabs-act">
-            </div>
-            <div class="tab-pane" id="tabs-domain">
-              <td>
-                <label>Domain Name</label>
-              </td>
-              <td>
-                <div class="autocomplete" style="width:250px;">
-                  <input type="text" class="form-control" id="domain_name_filter" name="domain_name_filter" placeholder="Enter * to search for any domain" value=""> 
-                </div>
-              </td>
-              <td>
-<div style="position: relative; top:10px;">
-<td>Record Changelog only &nbsp</td>
-<td>
-<input type="checkbox" id="domain_changelog_only_checkbox" name="domain_changelog_only_checkbox"
-class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-</td>
-</div>
-</td>
-</div>
-<div class="tab-pane" id="tabs-account">
-<td><label>Account Name</label></td>
-<td>
-<div class="autocomplete" style="width:250px;">
-<input type="text" class="form-control" id="account_name_filter" name="account_name_filter" placeholder="Enter * to search for any account" value=""> 
-</div>
-</td>
-</div>
-<div class="tab-pane" id="tabs-auth">
-<td><label>Username</label></td>
-                                    <td>
-                                        <div class="autocomplete" style="width:250px;">
-                                            <input type="text" class="form-control" id="auth_name_filter" name="auth_name_filter" placeholder="Enter * to search for any username" value=""> 
-                                        </div>
-                                    </td>
-                                    
-                                    <td>
-                                        <div style="position: relative; top:10px;">
-                                            <td>Authenticator Types: &nbsp</td>
-                                            <td>&nbsp All</td>
-                                            <td>
-                                                    <input type="checkbox" checked id="auth_all_checkbox" name="auth_all_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                            </td>
-                                            <td>&nbsp LOCAL</td>
-                                            <td>
-                                                    <input type="checkbox" checked id="auth_local_only_checkbox" name="auth_local_only_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                            </td>
-                                            <td>&nbsp OAuth</td>
-                                            <td>
-                                                    <input type="checkbox" checked id="auth_oauth_only_checkbox" name="auth_oauth_only_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                            </td>
-                                            <td>&nbsp SAML</td>
-                                            <td>
-                                                    <input type="checkbox" checked id="auth_saml_only_checkbox" name="auth_saml_only_checkbox"
-                                                            class="checkbox" style="border:2px dotted #00f;display:block;background:#ff0000;"> 
-                                            </td>
-                                        </div>
-                                    </td>
+    {% import 'applied_change_macro.html' as applied_change_macro %}
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-secondary">
+                        <div class="card-header with-border">
+                            <h3 class="card-title">Activity Search</h3>
+                            {% if current_user.role.name == 'Administrator' %}
+                                <div class="card-tools">
+                                    <button type="button" class="btn btn-danger" data-toggle="modal"
+                                            data-target="#modal_clear_history" title="Clear Activity">
+                                        <i class="fa-solid fa-trash"></i>
+                                        Clear Activity
+                                    </button>
                                 </div>
+                            {% endif %}
                         </div>
-                        <div class="card-body">
-                            <table id="Filters-Table">
-                                <thead>
-                                    <th>Filters</th>
-                                </thead>
-                                <tbody>
-                                    <tr>
-                                        <td><label>Changed by: &nbsp</label></td>
+                        <div class="card-body clearfix">
+                            <form id="history-search-form" autocomplete="off">
+                                <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
+                                    <li class="nav-item">
+                                        <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
+                                            Search for All Activity
+                                        </a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
+                                            Search By Domain
+                                        </a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link with-border" href="#tabs-account" data-toggle="pill"
+                                           role="tab">
+                                            Search By Account
+                                        </a>
+                                    </li>
+                                    {% if current_user.role.name != 'User' %}
+                                        <li class="nav-item">
+                                            <a class="nav-link" href="#tabs-auth" data-toggle="pill" role="tab">
+                                                Search for User Authentication
+                                            </a>
+                                        </li>
+                                    {% endif %}
+                                </ul>
+                                <div class="tab-content">
+                                    <div class="tab-pane" id="tabs-act">
+                                    </div>
+                                    <div class="tab-pane" id="tabs-domain">
+                                        <td>
+                                            <label>Domain Name</label>
+                                        </td>
                                         <td>
                                             <div class="autocomplete" style="width:250px;">
-                                                <input type="text" style=" border:1px solid #d2d6de; width:250px; height: 34px;" id="user_name_filter" name="user_name_filter" value="">
+                                                <input type="text" class="form-control" id="domain_name_filter"
+                                                       name="domain_name_filter"
+                                                       placeholder="Enter * to search for any domain" value="">
                                             </div>
                                         </td>
-                                    </tr>
-                                    <tr>
-                                        <td style="position: relative; top:10px;">
-                                            <label>Minimum date: &nbsp</label>
-                                        </td>
-                                        <td style="position: relative; top:10px;">
-                                            <input type="text" id="min" name="min" class="datepicker" autocomplete="off" style=" border:1px solid #d2d6de; width:250px; height: 34px;">
-                                        </td>
-                                    </tr>
-                                    <tr>
-                                        <td style="position: relative; top:20px;">
-                                            <label>Maximum date: &nbsp</label>
-                                        </td>
-                                        <td style="position: relative; top:20px;">
-                                            <input type="text" id="max" name="max" class="datepicker" autocomplete="off" style=" border:1px solid #d2d6de; width:250px; height: 34px;">
-                                        </td>
-                                    </tr>
-                                    <tr><td>&nbsp</td></tr>
-                                    <tr><td>&nbsp</td></tr>
-                                    <tr>
                                         <td>
-                                            <button type="submit" id="search-submit" name="search-submit" class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search</button>
-                                        </td>
+                                            <div style="position: relative; top:10px;">
+                                        <td>Record Changelog only &nbsp</td>
                                         <td>
-                                            <button id="clear-filters" name="clear-filters" class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear Filters</button>
+                                            <input type="checkbox" id="domain_changelog_only_checkbox"
+                                                   name="domain_changelog_only_checkbox"
+                                                   class="checkbox"
+                                                   style="border:2px dotted #00f;display:block;background:#ff0000;">
                                         </td>
-                                    </tr>
-                                </tbody>
-                            </table>
-                    </form>
+                                    </div>
+                                    </td>
+                                </div>
+                                <div class="tab-pane" id="tabs-account">
+                                    <td><label>Account Name</label></td>
+                                    <td>
+                                        <div class="autocomplete" style="width:250px;">
+                                            <input type="text" class="form-control" id="account_name_filter"
+                                                   name="account_name_filter"
+                                                   placeholder="Enter * to search for any account" value="">
+                                        </div>
+                                    </td>
+                                </div>
+                                <div class="tab-pane" id="tabs-auth">
+                                    <td><label>Username</label></td>
+                                    <td>
+                                        <div class="autocomplete" style="width:250px;">
+                                            <input type="text" class="form-control" id="auth_name_filter"
+                                                   name="auth_name_filter"
+                                                   placeholder="Enter * to search for any username" value="">
+                                        </div>
+                                    </td>
+
+                                    <td>
+                                        <div style="position: relative; top:10px;">
+                                    <td>Authenticator Types: &nbsp</td>
+                                    <td>&nbsp All</td>
+                                    <td>
+                                        <input type="checkbox" checked id="auth_all_checkbox" name="auth_all_checkbox"
+                                               class="checkbox"
+                                               style="border:2px dotted #00f;display:block;background:#ff0000;">
+                                    </td>
+                                    <td>&nbsp LOCAL</td>
+                                    <td>
+                                        <input type="checkbox" checked id="auth_local_only_checkbox"
+                                               name="auth_local_only_checkbox"
+                                               class="checkbox"
+                                               style="border:2px dotted #00f;display:block;background:#ff0000;">
+                                    </td>
+                                    <td>&nbsp OAuth</td>
+                                    <td>
+                                        <input type="checkbox" checked id="auth_oauth_only_checkbox"
+                                               name="auth_oauth_only_checkbox"
+                                               class="checkbox"
+                                               style="border:2px dotted #00f;display:block;background:#ff0000;">
+                                    </td>
+                                    <td>&nbsp SAML</td>
+                                    <td>
+                                        <input type="checkbox" checked id="auth_saml_only_checkbox"
+                                               name="auth_saml_only_checkbox"
+                                               class="checkbox"
+                                               style="border:2px dotted #00f;display:block;background:#ff0000;">
+                                    </td>
+                                </div>
+                                </td>
+                        </div>
+                    </div>
+                    <div class="card-body">
+                        <table id="Filters-Table">
+                            <thead>
+                            <th>Filters</th>
+                            </thead>
+                            <tbody>
+                            <tr>
+                                <td><label>Changed by: &nbsp</label></td>
+                                <td>
+                                    <div class="autocomplete" style="width:250px;">
+                                        <input type="text" style=" border:1px solid #d2d6de; width:250px; height: 34px;"
+                                               id="user_name_filter" name="user_name_filter" value="">
+                                    </div>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td style="position: relative; top:10px;">
+                                    <label>Minimum date: &nbsp</label>
+                                </td>
+                                <td style="position: relative; top:10px;">
+                                    <input type="text" id="min" name="min" class="datepicker" autocomplete="off"
+                                           style=" border:1px solid #d2d6de; width:250px; height: 34px;">
+                                </td>
+                            </tr>
+                            <tr>
+                                <td style="position: relative; top:20px;">
+                                    <label>Maximum date: &nbsp</label>
+                                </td>
+                                <td style="position: relative; top:20px;">
+                                    <input type="text" id="max" name="max" class="datepicker" autocomplete="off"
+                                           style=" border:1px solid #d2d6de; width:250px; height: 34px;">
+                                </td>
+                            </tr>
+                            <tr>
+                                <td>&nbsp</td>
+                            </tr>
+                            <tr>
+                                <td>&nbsp</td>
+                            </tr>
+                            <tr>
+                                <td>
+                                    <button type="submit" id="search-submit" name="search-submit"
+                                            class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search
+                                    </button>
+                                </td>
+                                <td>
+                                    <button id="clear-filters" name="clear-filters"
+                                            class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear
+                                        Filters
+                                    </button>
+                                </td>
+                            </tr>
+                            </tbody>
+                        </table>
+                        </form>
+                    </div>
+                    <div id="table_from_ajax"></div>
                 </div>
-                <div id="table_from_ajax"></div>
-            </div>
-</section>
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-
-    /* Don't let user search with a blank main field */
-    var canSearch=true;
-    
-    $(document).ready(function () {
-        $.ajax({
-            url: "/admin/history_table",
-            type: "get",
-            success: function(response) {
-                console.log('Submission was successful.');
-                $("#table_from_ajax").html(response);
-            },
-            error: function(xhr) {
-                console.log("Sending data: ", data, " failed")
-            }
+    <script>
+
+        /* Don't let user search with a blank main field */
+        var canSearch = true;
+
+        $(document).ready(function () {
+            $.ajax({
+                url: "/admin/history_table",
+                type: "get",
+                success: function (response) {
+                    console.log('Submission was successful.');
+                    $("#table_from_ajax").html(response);
+                },
+                error: function (xhr) {
+                    console.log("Sending data: ", data, " failed")
+                }
+            });
+
+            var minDate = $('#min');
+            var maxDate = $('#max');
+            domain_changelog = $('domain_changelog_only_checkbox');
+
+            // Show/hide filters
+            $('#domain_name_filter, #account_name_filter, #auth_name_filter').on('keyup change', function (e) {
+                if ($('#domain_name_filter').val() == "" && $('#account_name_filter').val() == "" && $('#auth_name_filter').val() == "")
+                    canSearch = false;
+                else
+                    canSearch = true;
+            });
+
+            // Handle giving later mindate than current max
+            $('#min').on('change', function () {
+                if (minDate.val() > maxDate.val())
+                    $('#max').datepicker('setDate', minDate.val());
+            });
+
+            // Handle giving earlier maxdate than current min
+            $('#max').on('keyup change', function () {
+                if (maxDate.val() < minDate.val())
+                    $('#min').datepicker('setDate', maxDate.val());
+            });
+
+            $(function () {
+                $(".datepicker").datepicker({
+                    changeMonth: true,
+                    changeYear: true,
+                    format: "yyyy-mm-dd",
+                    endDate: '+0'
+                });
+                // $(".datepicker").datepicker("option", "format", "yy-mm-dd")
+
+            });
         });
-        
-        var minDate = $('#min');
-        var maxDate = $('#max');
-        domain_changelog = $('domain_changelog_only_checkbox');
-
-        // Show/hide filters
-        $('#domain_name_filter, #account_name_filter, #auth_name_filter').on('keyup change', function (e) {            
-            if ( $('#domain_name_filter').val() == "" && $('#account_name_filter').val() == "" && $('#auth_name_filter').val() == "")
-                canSearch=false;
-            else
-                canSearch=true;
+
+        $('.checkbox,.radio').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            radioClass: 'iradio_square-blue',
+            increaseArea: '20%'
         });
 
-        // Handle giving later mindate than current max
-        $('#min').on('change', function () {
-            if (minDate.val() > maxDate.val())
-                $('#max').datepicker('setDate', minDate.val() );
+        //Handle "ALL" Checkbox
+        $('#auth_all_checkbox').on('ifChecked', function () {
+            $('#auth_local_only_checkbox').iCheck('check');
+            $('#auth_oauth_only_checkbox').iCheck('check');
+            $('#auth_saml_only_checkbox').iCheck('check');
         });
 
-        // Handle giving earlier maxdate than current min
-        $('#max').on('keyup change', function () {
-            if (maxDate.val() < minDate.val())
-                $('#min').datepicker('setDate', maxDate.val() );
+        $('#auth_all_checkbox').on('ifUnchecked', function () {
+            //check if all were checked
+            if ($('#auth_local_only_checkbox').is(':checked') && $('#auth_oauth_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked')) {
+                $('#auth_local_only_checkbox').iCheck('uncheck');
+                $('#auth_oauth_only_checkbox').iCheck('uncheck');
+                $('#auth_saml_only_checkbox').iCheck('uncheck');
+            }
         });
 
-        $(function() {
-            $( ".datepicker" ).datepicker({
-                changeMonth: true,
-                changeYear: true,
-                format: "yyyy-mm-dd",
-                endDate: '+0'
-            });
-            // $(".datepicker").datepicker("option", "format", "yy-mm-dd")
-            
+        //Handle other auth checkboxes
+        $('#auth_local_only_checkbox').on('ifChecked', function () {
+            //check if all others were checked
+            if ($('#auth_oauth_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked'))
+                $('#auth_all_checkbox').iCheck('check');
+        });
+        $('#auth_local_only_checkbox').on('ifUnchecked', function () {
+            $('#auth_all_checkbox').iCheck('uncheck');
         });
-    });
-
-    $('.checkbox,.radio').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        radioClass: 'iradio_square-blue',
-        increaseArea: '20%'
-    });
-
-    //Handle "ALL" Checkbox
-    $('#auth_all_checkbox').on('ifChecked',function() {
-        $('#auth_local_only_checkbox').iCheck('check');
-        $('#auth_oauth_only_checkbox').iCheck('check');
-        $('#auth_saml_only_checkbox').iCheck('check');
-    });
-
-    $('#auth_all_checkbox').on('ifUnchecked',function() {
-        //check if all were checked
-        if($('#auth_local_only_checkbox').is(':checked') && $('#auth_oauth_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked'))
-        {
-            $('#auth_local_only_checkbox').iCheck('uncheck');
-            $('#auth_oauth_only_checkbox').iCheck('uncheck');
-            $('#auth_saml_only_checkbox').iCheck('uncheck');
-        }
-    });
 
-    //Handle other auth checkboxes
-    $('#auth_local_only_checkbox').on('ifChecked',function() {
-        //check if all others were checked
-        if($('#auth_oauth_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked'))
-            $('#auth_all_checkbox').iCheck('check');
-    });
-    $('#auth_local_only_checkbox').on('ifUnchecked',function() {
-        $('#auth_all_checkbox').iCheck('uncheck');
-    });
+        $('#auth_oauth_only_checkbox').on('ifChecked', function () {
+            if ($('#auth_local_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked'))
+                $('#auth_all_checkbox').iCheck('check');
+        });
+        $('#auth_oauth_only_checkbox').on('ifUnchecked', function () {
+            $('#auth_all_checkbox').iCheck('uncheck');
+        });
 
-    $('#auth_oauth_only_checkbox').on('ifChecked',function() {
-        if($('#auth_local_only_checkbox').is(':checked') && $('#auth_saml_only_checkbox').is(':checked'))
-            $('#auth_all_checkbox').iCheck('check');
-    });
-    $('#auth_oauth_only_checkbox').on('ifUnchecked',function() {
-        $('#auth_all_checkbox').iCheck('uncheck');
-    });
+        $('#auth_saml_only_checkbox').on('ifChecked', function () {
+            if ($('#auth_local_only_checkbox').is(':checked') && $('#auth_oauth_only_checkbox').is(':checked'))
+                $('#auth_all_checkbox').iCheck('check');
+        });
+        $('#auth_saml_only_checkbox').on('ifUnchecked', function () {
+            $('#auth_all_checkbox').iCheck('uncheck');
+        });
 
-    $('#auth_saml_only_checkbox').on('ifChecked',function() {
-        if($('#auth_local_only_checkbox').is(':checked') && $('#auth_oauth_only_checkbox').is(':checked'))
+        $(document.body).on("click", ".button-clearf", function (e) {
+            e.preventDefault();
+
+            $('#user_name_filter').val('');
+            $('#min').val('');
+            $('#max').val('');
+            $('#domain_name_filter').val('');
+            $('#account_name_filter').val('');
+            $('#auth_name_filter').val('');
             $('#auth_all_checkbox').iCheck('check');
-    });
-    $('#auth_saml_only_checkbox').on('ifUnchecked',function() {
-        $('#auth_all_checkbox').iCheck('uncheck');
-    });
-
-    $(document.body).on("click", ".button-clearf", function (e) {
-        e.preventDefault();
-
-        $('#user_name_filter').val('');
-        $('#min').val('');
-        $('#max').val('');
-        $('#domain_name_filter').val('');
-        $('#account_name_filter').val('');
-        $('#auth_name_filter').val('');
-        $('#auth_all_checkbox').iCheck('check');
-        $('#domain_changelog_only_checkbox').iCheck('uncheck');
-    });
-
-    var all_doms = "{{all_domain_names}}".split(" ");
-    var all_accounts = "{{all_account_names}}".split(" ");
-    var all_usernames = "{{all_usernames}}".split(" ");
-    all_doms.pop(); // remove last element which is " "
-    all_accounts.pop();
-    all_usernames.pop();
-
-    function autocomplete(inp, arr) {
-        /*the autocomplete function takes two arguments,
-        the text field element and an array of possible autocompleted values:*/
-        var currentFocus;
-        /*execute a function when someone writes in the text field:*/
-        inp.addEventListener("input", function(e) {
-            var a, b, i, val = this.value;
-            /*close any already open lists of autocompleted values*/
-            closeAllLists();
-            if (!val) { return false;}
-            currentFocus = -1;
-            /*create a DIV element that will contain the items (values):*/
-            a = document.createElement("DIV");
-            a.setAttribute("id", this.id + "autocomplete-list");
-            a.setAttribute("class", "autocomplete-items");
-            /*append the DIV element as a child of the autocomplete container:*/
-            this.parentNode.appendChild(a);
-            /*for each item in the array...*/
-            for (i = 0; i < arr.length; i++) {
-                /*check if the item starts with the same letters as the text field value:*/
-                if (arr[i].substr(0, val.length).toUpperCase() == val.toUpperCase()) {
-                /*create a DIV element for each matching element:*/
-                b = document.createElement("DIV");
-                /*make the matching letters bold:*/
-                b.innerHTML = "<strong>" + arr[i].substr(0, val.length) + "</strong>";
-                b.innerHTML += arr[i].substr(val.length);
-                /*insert a input field that will hold the current array item's value:*/
-                b.innerHTML += "<input type='hidden' value='" + arr[i] + "'>";
-                /*execute a function when someone clicks on the item value (DIV element):*/
-                b.addEventListener("click", function(e) {
-                    /*insert the value for the autocomplete text field:*/
-                    inp.value = this.getElementsByTagName("input")[0].value;
-                    /*close the list of autocompleted values,
-                    (or any other open lists of autocompleted values:*/
-                    closeAllLists();
-                });
-                a.appendChild(b);
-                }
-            }
+            $('#domain_changelog_only_checkbox').iCheck('uncheck');
         });
-        /*execute a function presses a key on the keyboard:*/
-        inp.addEventListener("keydown", function(e) {
-            var x = document.getElementById(this.id + "autocomplete-list");
-            if (x) x = x.getElementsByTagName("div");
-            if (e.keyCode == 40) {
-                /*If the arrow DOWN key is pressed,
-                increase the currentFocus variable:*/
-                currentFocus++;
-                /*and and make the current item more visible:*/
-                addActive(x);
-            } else if (e.keyCode == 38) { //up
-                /*If the arrow UP key is pressed,
-                decrease the currentFocus variable:*/
-                currentFocus--;
-                /*and and make the current item more visible:*/
-                addActive(x);
-            } else if (e.keyCode == 13) {
-                /*If the ENTER key is pressed, prevent the form from being submitted,*/
-                e.preventDefault();
-                if (currentFocus > -1) {
-                /*and simulate a click on the "active" item:*/
-                if (x) x[currentFocus].click();
+
+        var all_doms = "{{all_domain_names}}".split(" ");
+        var all_accounts = "{{all_account_names}}".split(" ");
+        var all_usernames = "{{all_usernames}}".split(" ");
+        all_doms.pop(); // remove last element which is " "
+        all_accounts.pop();
+        all_usernames.pop();
+
+        function autocomplete(inp, arr) {
+            /*the autocomplete function takes two arguments,
+            the text field element and an array of possible autocompleted values:*/
+            var currentFocus;
+            /*execute a function when someone writes in the text field:*/
+            inp.addEventListener("input", function (e) {
+                var a, b, i, val = this.value;
+                /*close any already open lists of autocompleted values*/
+                closeAllLists();
+                if (!val) {
+                    return false;
                 }
+                currentFocus = -1;
+                /*create a DIV element that will contain the items (values):*/
+                a = document.createElement("DIV");
+                a.setAttribute("id", this.id + "autocomplete-list");
+                a.setAttribute("class", "autocomplete-items");
+                /*append the DIV element as a child of the autocomplete container:*/
+                this.parentNode.appendChild(a);
+                /*for each item in the array...*/
+                for (i = 0; i < arr.length; i++) {
+                    /*check if the item starts with the same letters as the text field value:*/
+                    if (arr[i].substr(0, val.length).toUpperCase() == val.toUpperCase()) {
+                        /*create a DIV element for each matching element:*/
+                        b = document.createElement("DIV");
+                        /*make the matching letters bold:*/
+                        b.innerHTML = "<strong>" + arr[i].substr(0, val.length) + "</strong>";
+                        b.innerHTML += arr[i].substr(val.length);
+                        /*insert a input field that will hold the current array item's value:*/
+                        b.innerHTML += "<input type='hidden' value='" + arr[i] + "'>";
+                        /*execute a function when someone clicks on the item value (DIV element):*/
+                        b.addEventListener("click", function (e) {
+                            /*insert the value for the autocomplete text field:*/
+                            inp.value = this.getElementsByTagName("input")[0].value;
+                            /*close the list of autocompleted values,
+                            (or any other open lists of autocompleted values:*/
+                            closeAllLists();
+                        });
+                        a.appendChild(b);
+                    }
+                }
+            });
+            /*execute a function presses a key on the keyboard:*/
+            inp.addEventListener("keydown", function (e) {
+                var x = document.getElementById(this.id + "autocomplete-list");
+                if (x) x = x.getElementsByTagName("div");
+                if (e.keyCode == 40) {
+                    /*If the arrow DOWN key is pressed,
+                    increase the currentFocus variable:*/
+                    currentFocus++;
+                    /*and and make the current item more visible:*/
+                    addActive(x);
+                } else if (e.keyCode == 38) { //up
+                    /*If the arrow UP key is pressed,
+                    decrease the currentFocus variable:*/
+                    currentFocus--;
+                    /*and and make the current item more visible:*/
+                    addActive(x);
+                } else if (e.keyCode == 13) {
+                    /*If the ENTER key is pressed, prevent the form from being submitted,*/
+                    e.preventDefault();
+                    if (currentFocus > -1) {
+                        /*and simulate a click on the "active" item:*/
+                        if (x) x[currentFocus].click();
+                    }
+                }
+            });
+
+            function addActive(x) {
+                /*a function to classify an item as "active":*/
+                if (!x) return false;
+                /*start by removing the "active" class on all items:*/
+                removeActive(x);
+                if (currentFocus >= x.length) currentFocus = 0;
+                if (currentFocus < 0) currentFocus = (x.length - 1);
+                /*add class "autocomplete-active":*/
+                x[currentFocus].classList.add("autocomplete-active");
             }
-        });
-        function addActive(x) {
-            /*a function to classify an item as "active":*/
-            if (!x) return false;
-            /*start by removing the "active" class on all items:*/
-            removeActive(x);
-            if (currentFocus >= x.length) currentFocus = 0;
-            if (currentFocus < 0) currentFocus = (x.length - 1);
-            /*add class "autocomplete-active":*/
-            x[currentFocus].classList.add("autocomplete-active");
-        }
-        function removeActive(x) {
-            /*a function to remove the "active" class from all autocomplete items:*/
-            for (var i = 0; i < x.length; i++) {
-            x[i].classList.remove("autocomplete-active");
-            }
-        }
-        function closeAllLists(elmnt) {
-            /*close all autocomplete lists in the document,
-            except the one passed as an argument:*/
-            var x = document.getElementsByClassName("autocomplete-items");
-            for (var i = 0; i < x.length; i++) {
-            if (elmnt != x[i] && elmnt != inp) {
-                x[i].parentNode.removeChild(x[i]);
+
+            function removeActive(x) {
+                /*a function to remove the "active" class from all autocomplete items:*/
+                for (var i = 0; i < x.length; i++) {
+                    x[i].classList.remove("autocomplete-active");
+                }
             }
+
+            function closeAllLists(elmnt) {
+                /*close all autocomplete lists in the document,
+                except the one passed as an argument:*/
+                var x = document.getElementsByClassName("autocomplete-items");
+                for (var i = 0; i < x.length; i++) {
+                    if (elmnt != x[i] && elmnt != inp) {
+                        x[i].parentNode.removeChild(x[i]);
+                    }
+                }
             }
+
+            /*execute a function when someone clicks in the document:*/
+            document.addEventListener("click", function (e) {
+                closeAllLists(e.target);
+            });
         }
-        /*execute a function when someone clicks in the document:*/
-        document.addEventListener("click", function (e) {
-            closeAllLists(e.target);
-        });
-    }
 
-    /*initiate the autocomplete function on the "myInput" element, and pass along the countries array as possible autocomplete values:*/
-    autocomplete(document.getElementById("domain_name_filter"), all_doms);
-    autocomplete(document.getElementById("account_name_filter"), all_accounts);
-    autocomplete(document.getElementById("auth_name_filter"), all_usernames);
-    autocomplete(document.getElementById("user_name_filter"), all_usernames);
+        /*initiate the autocomplete function on the "myInput" element, and pass along the countries array as possible autocomplete values:*/
+        autocomplete(document.getElementById("domain_name_filter"), all_doms);
+        autocomplete(document.getElementById("account_name_filter"), all_accounts);
+        autocomplete(document.getElementById("auth_name_filter"), all_usernames);
+        autocomplete(document.getElementById("user_name_filter"), all_usernames);
 
 
-    //  prevent multiple filter field at the same time
-    $('#domain_tab').click(function() {
+        //  prevent multiple filter field at the same time
+        $('#domain_tab').click(function () {
             $('#account_name_filter').val('');
             $('#auth_name_filter').val('');
             $('#user_name_filter').removeAttr('disabled');
-            canSearch=false;
-            main_field="Domain Name"
+            canSearch = false;
+            main_field = "Domain Name"
         });
 
-        $('#account_tab').click(function() {
+        $('#account_tab').click(function () {
             $('#domain_name_filter').val('');
             $('#auth_name_filter').val('');
             $('#user_name_filter').removeAttr('disabled');
-            canSearch=false;
-            main_field="Account Name"
+            canSearch = false;
+            main_field = "Account Name"
         });
 
-        $('#user_auth_tab').click( function() {
+        $('#user_auth_tab').click(function () {
             $('#domain_name_filter').val('');
             $('#account_name_filter').val('');
             $('#user_name_filter').val('');
-            $('#user_name_filter').attr('disabled','disabled');
-            canSearch=false;
-            main_field="Username"
+            $('#user_name_filter').attr('disabled', 'disabled');
+            canSearch = false;
+            main_field = "Username"
         });
 
-        $('#activity_tab').click( function() {
+        $('#activity_tab').click(function () {
             $('#domain_name_filter').val('');
             $('#account_name_filter').val('');
             $('#auth_name_filter').val('');
             $('#user_name_filter').removeAttr('disabled');
-            $('#search-submit').removeAttr('disabled','disabled');
-            canSearch=true;
-            main_field=""
+            $('#search-submit').removeAttr('disabled', 'disabled');
+            canSearch = true;
+            main_field = ""
         });
 
         // if search submit is pressed, and max date not initialized
         // then initialize it
-        $('#search-submit').on('click', function() {
+        $('#search-submit').on('click', function () {
             if ($('#max').val() === "" || $('#max').val() === undefined)
                 $('#max').datepicker('setDate', 'now');
         });
 
-        $("#history-search-form").submit(function(e){ // ajax call to load results on submition
+        $("#history-search-form").submit(function (e) { // ajax call to load results on submition
             e.preventDefault();  // prevent page reloading
-            
-            if(!canSearch)
-            {
+
+            if (!canSearch) {
                 showErrorModal("Please fill out the " + main_field + " field.");
-            }
-            else
-            {
+            } else {
                 var form = $(this);
                 var tzoffset = (new Date()).getTimezoneOffset();
                 $.ajax({
                     url: "/admin/history_table",
                     type: "get",
                     data: form.serialize() + "&tzoffset=" + tzoffset,
-                    success: function(response) {
+                    success: function (response) {
                         console.log('Submission was successful.');
                         $("#table_from_ajax").html(response);
 
                     },
-                    error: function(xhr) {
+                    error: function (xhr) {
                         console.log("Sending data: ", data, " failed")
                     }
                 });
             }
         });
-        
-</script>
+
+    </script>
 {% endblock %}
+
 {% block modals %}
-  <!-- Clear History Confirmation Box -->
-  <div class="modal fade modal-warning" id="modal_clear_history">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p>Are you sure you want to remove all history?</p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
-          <button type="button" class="btn btn-danger float-right" onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">
-            Clear History
-          </button>
+    <!-- Clear History Confirmation Box -->
+    <div class="modal fade modal-warning" id="modal_clear_history">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p>Are you sure you want to remove all history?</p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
+                    <button type="button" class="btn btn-danger float-right"
+                            onclick="applyChanges({'_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/admin/history', false, true);">
+                        Clear History
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
-  <!-- History Details Box -->
-  <div class="modal fade" id="modal_history_info">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">History Details</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <div id="modal-info-content"></div>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-default float-right" data-dismiss="modal">Close</button>
+    <!-- History Details Box -->
+    <div class="modal fade" id="modal_history_info">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">History Details</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <div id="modal-info-content"></div>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default float-right" data-dismiss="modal">Close</button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index abd1a15d1..83c6e331e 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -136,7 +136,7 @@
                         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
                             <a href="{{ url_for('admin.history') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-timeline"></i>
-                                <p>History</p>
+                                <p>Activity</p>
                             </a>
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">

From f1d17c166a6128517894de100cbae9c3a6cda606 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 20:50:27 -0500
Subject: [PATCH 236/475] Completed first-round of updates for the zone
 templates list view.

---
 powerdnsadmin/templates/template.html | 271 +++++++++++++-------------
 1 file changed, 140 insertions(+), 131 deletions(-)

diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index 165d828f4..3776d935f 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -1,148 +1,157 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Templates - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Zone Templates - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Templates
-          <small>List</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-          <li class="breadcrumb-item active">Templates - List</li>
-        </ol>
-      </div>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Zone Templates</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Zone Templates</li>
+                    </ol>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
-
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    {% with errors = get_flashed_messages(category_filter=["error"]) %}
-      {% if errors %}
-        <div class="row">
-          <div class="col-12">
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              <h4>
-                <i class="fa-solid fa-ban"></i> Error!
-              </h4>
-              <div class="alert-message block-message error">
-                <a class="close" href="#">x</a>
-                <ul>
-                  {%- for msg in errors %}
-                    <li>{{ msg }}</li>
-                  {% endfor -%}
-                </ul>
-              </div>
+    <section class="content">
+        <div class="container-fluid">
+            {% with errors = get_flashed_messages(category_filter=["error"]) %}
+                {% if errors %}
+                    <div class="row">
+                        <div class="col-12">
+                            <div class="alert alert-danger alert-dismissible">
+                                <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;
+                                </button>
+                                <h4>
+                                    <i class="fa-solid fa-ban"></i> Error!
+                                </h4>
+                                <div class="alert-message block-message error">
+                                    <a class="close" href="#">x</a>
+                                    <ul>
+                                        {%- for msg in errors %}
+                                            <li>{{ msg }}</li>
+                                        {% endfor -%}
+                                    </ul>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                {% endif %}
+            {% endwith %}
+
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Templates</h3>
+                            <div class="card-tools">
+                                <a href="{{ url_for('admin.create_template') }}">
+                                    <button type="button" class="btn btn-primary">
+                                        <i class="fa-solid fa-plus"></i> Create Template
+                                    </button>
+                                </a>
+                            </div>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_template_list"
+                                   class="table table-bordered table-striped table-hover table-sm records">
+                                <thead>
+                                <tr>
+                                    <th>Name</th>
+                                    <th>Description</th>
+                                    <th>Total Records</th>
+                                    <th>Actions</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for template in templates %}
+                                    <tr>
+                                        <td>
+                                            <a href="{{ url_for('admin.edit_template', template=template.name) }}">
+                                                <strong>{{ template.name }}</strong>
+                                            </a>
+                                        </td>
+                                        <td>{{ template.description }}</td>
+                                        <td>{{ template.records|count }}</td>
+                                        <td>
+                                            <div class="dropdown">
+                                                <button class="btn btn-primary dropdown-toggle" type="button"
+                                                        id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true"
+                                                        aria-expanded="false">
+                                                    <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                                                </button>
+                                                <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                                                    <button type="button" class="dropdown-item btn-warning"
+                                                            onclick="window.location.href='{{ url_for('admin.edit_template', template=template.name) }}'">
+                                                        <i class="fa-solid fa-edit"></i>&nbsp;Edit Template
+                                                    </button>
+                                                    <div class="dropdown-divider"></div>
+                                                    <button type="button"
+                                                            class="dropdown-item btn-secondary button_delete"
+                                                            id="{{ template.name }}">
+                                                        <span style="color: red;">
+                                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete Template
+                                                        </span>
+                                                    </button>
+                                                </div>
+                                            </div>
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </div>
-        </div>
-      {% endif %}
-    {% endwith %}
-    <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Templates</h3>
-            <a href="{{ url_for('admin.create_template') }}">
-              <button type="button" class="btn btn-primary float-right">
-                <i class="fa-solid fa-plus"></i>&nbsp;Create Template
-              </button>
-            </a>
-          </div>
-          <div class="card-body">
-            <table id="tbl_template_list" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Description</th>
-                  <th>Number of Records</th>
-                  <th width="20%">Actions</th>
-                </tr>
-              </thead>
-              <tbody>
-                {% for template in templates %}
-                  <tr>
-                    <td>
-                      <a href="{{ url_for('admin.edit_template', template=template.name) }}">
-                        <strong>{{ template.name }}</strong>
-                      </a>
-                    </td>
-                    <td>
-                      {{ template.description }}
-                    </td>
-                    <td>
-                      {{ template.records|count }}
-                    </td>
-                    <td>
-                      <div class="dropdown">
-                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                        </button>
-                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_template', template=template.name) }}'">
-                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Template
-                          </button>
-                          <div class="dropdown-divider"></div>
-                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{template.name}}">
-                            <font color="red">
-                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Template
-                            </font>
-                          </button>
-                         </div>
-                      </div>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
+{% endblock %}
+
+{% block head_styles %}
+    <style>
+        /* Page Specific Overrides */
+        table.records tbody td:first-of-type,
+        table.records tbody td:nth-child(0n+2) { text-align: left; }
+    </style>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-  // set up template data table
-  $("#tbl_template_list").DataTable({
-    "paging": true,
-    "lengthChange": true,
-    "searching": true,
-    "ordering": true,
-    "info": false,
-    "autoWidth": false
-  });
+    <script>
+        // Initialize DataTables
+        $("#tbl_template_list").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false
+        });
 
-  // handle delete button
-  $(document.body).on("click", ".button_delete", function (e) {
-    var template = $(this).prop('id');
-    $.post($SCRIPT_ROOT + '/admin/template/' + template + '/delete', {
-      '_csrf_token': '{{ csrf_token() }}'
-    }, function () {
-      window.location.href = '{{ url_for('admin.templates') }}';
-    });
-  });
-</script>
+        // handle delete button
+        $(document.body).on("click", ".button_delete", function (e) {
+            var template = $(this).prop('id');
+            $.post($SCRIPT_ROOT + '/admin/template/' + template + '/delete', {
+                '_csrf_token': '{{ csrf_token() }}'
+            }, function () {
+                window.location.href = '{{ url_for('admin.templates') }}';
+            });
+        });
+    </script>
 {% endblock %}
 
 {% block modals %}

From fe49651e814d44bb6cbdbb36aac9e968d04702ae Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 21:05:23 -0500
Subject: [PATCH 237/475] Completed first-found of updates for the zone
 template creation view.

---
 powerdnsadmin/templates/template_add.html | 227 ++++++++++++----------
 1 file changed, 122 insertions(+), 105 deletions(-)

diff --git a/powerdnsadmin/templates/template_add.html b/powerdnsadmin/templates/template_add.html
index 6b06ccf5d..5dcafef48 100644
--- a/powerdnsadmin/templates/template_add.html
+++ b/powerdnsadmin/templates/template_add.html
@@ -1,118 +1,135 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Create Template - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Create Zone Template - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<div class="content-header">
-  <div class="container-fluid">
-    <div class="row mb-2">
-      <div class="col-sm-6">
-        <h1 class="m-0 text-dark">
-          Template
-          <small>Create</small>
-        </h1>
-      </div>
-      <div class="col-sm-6">
-        <ol class="breadcrumb float-sm-right">
-          <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
-          <li class="breadcrumb-item active">Create</li>
-        </ol>
-      </div>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">
+                        Create Zone Template
+                    </h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+                        <li class="breadcrumb-item active">Create Zone Template</li>
+                    </ol>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    {% with errors = get_flashed_messages(category_filter=["error"]) %}
-      {% if errors %}
-        <div class="row">
-          <div class="col-12">
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              <h4>
-                <i class="fa-solid fa-ban"></i> Error!
-              </h4>
-              <div class="alert-message block-message error">
-                <a class="close" href="#">x</a>
-              <ul>
-                {%- for msg in errors %}
-                  <li>{{ msg }}</li>
-                {% endfor -%}
-              </ul>
-            </div>
-          </div>
-        </div>
-      {% endif %}
-    {% endwith %}
-    <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Create new template</h3>
-          </div>
-          <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <div class="card-body">
-              <div class="form-group">
-                <input type="text" class="form-control" name="name" id="name"
-                placeholder="Enter a valid template name (required)">
-              </div>
-              <div class="form-group">
-                <input type="text" class="form-control" name="description" id="description"
-                placeholder="Enter a template description (optional)">
-              </div>
-            </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.templates') }}'">
-                Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Save
-              </button>
+    <section class="content">
+        <div class="container-fluid">
+            {% with errors = get_flashed_messages(category_filter=["error"]) %}
+                {% if errors %}
+                    <div class="row">
+                        <div class="col-12">
+                            <div class="alert alert-danger alert-dismissible">
+                                <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;
+                                </button>
+                                <h4>
+                                    <i class="fa-solid fa-ban"></i> Error!
+                                </h4>
+                                <div class="alert-message block-message error">
+                                    <a class="close" href="#">x</a>
+                                    <ul>
+                                        {%- for msg in errors %}
+                                            <li>{{ msg }}</li>
+                                        {% endfor -%}
+                                    </ul>
+                                </div>
+                                <!-- /.alert-message -->
+                            </div>
+                            <!-- /.alert -->
+                        </div>
+                        <!-- /.col -->
+                    </div>
+                    <!-- /.row -->
+                {% endif %}
+            {% endwith %}
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" action="{{ url_for('admin.create_template') }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Zone Template Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="form-group">
+                                    <label for="name">Template Name</label>
+                                    <input type="text" class="form-control" name="name" id="name"
+                                           placeholder="Enter a valid template name (required)">
+                                </div>
+                                <div class="form-group">
+                                    <label for="description">Template Description</label>
+                                    <input type="text" class="form-control" name="description" id="description"
+                                           placeholder="Enter a template description (optional)">
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="button" class="btn btn-secondary float-left" title="Cancel"
+                                        onclick="window.location.href='{{ url_for('admin.templates') }}'">
+                                    Cancel
+                                </button>
+                                <button type="submit" class="btn btn-primary float-right" title="Save Template">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Save Template
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
+                </div>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Template Editor Help</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <dl class="dl-horizontal">
+                                <dt>Template Name</dt>
+                                <dd>Enter your template name, this is the name of the template that
+                                    will be shown to users. The name should not have any spaces but
+                                    can have symbols.
+                                </dd>
+                                <dt>Template Description</dt>
+                                <dd>Enter your template description, this is to help better
+                                    identify the template.
+                                </dd>
+                            </dl>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </form>
+            <!-- /.row -->
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new template</h3>
-          </div>
-          <div class="card-body">
-            <dl class="dl-horizontal">
-              <dt>Template name</dt>
-              <dd>Enter your template name, this is the name of the template that
-                will be shown to users. The name should not have any spaces but
-                can have symbols.</dd>
-              <dt>Template description</dt>
-              <dd>Enter your template description, this is to help better
-                identify the template.</dd>
-            </dl>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-  $("input[name=radio_type]").change(function () {
-    var type = $(this).val();
-    if (type == "secondary") {
-      $("#domain_primary_address_div").show();
-    } else {
-      $("#domain_primary_address_div").hide();
-    }
-  });
-</script>
+    <script>
+        $("input[name=radio_type]").change(function () {
+            var type = $(this).val();
+            if (type == "secondary") {
+                $("#domain_primary_address_div").show();
+            } else {
+                $("#domain_primary_address_div").hide();
+            }
+        });
+    </script>
 {% endblock %}

From 4d64076dac9b9a58146db643771832ba9c206091 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Feb 2023 21:20:23 -0500
Subject: [PATCH 238/475] Working on the first-round updates for the zone
 template editor.

---
 powerdnsadmin/templates/template_edit.html | 709 ++++++++++-----------
 1 file changed, 353 insertions(+), 356 deletions(-)

diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 92addf107..b841023a9 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -1,234 +1,229 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_domain_template" %}
-
-{% block title %}
-  <title>
-    Edit Template - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Edit Zone Template - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-<div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Template Edit
-            <small>{{ template }}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
-            <li class="breadcrumb-item active">Template Edit: {{ template }}</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Edit Zone Template</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('admin.templates') }}">Templates</a></li>
+                        <li class="breadcrumb-item active">Edit Zone Template</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Manage Template Records for {{ template }}</h3>
-                </div>
-                <div class="card-body">
-                    <button type="button" class="btn btn-primary float-left button_add_record" id="{{ template }}">
-                        <i class="fa-solid fa-plus"></i>&nbsp;Add Record
-                    </button>
-                    <button type="button" class="btn btn-primary float-right button_apply_changes" id="{{ template }}">
-                        <i class="fa-solid fa-save"></i>&nbsp;Save Changes
-                    </button>
-                </div>
-                <div class="card-body">
-                    <table id="tbl_records" class="table table-bordered table-striped">
-                        <thead>
-                            <tr>
-                                <th>Name</th>
-                                <th>Type</th>
-                                <th>Status</th>
-                                <th>TTL</th>
-                                <th>Data</th>
-                                <th>Comment</th>
-                                <th>Edit</th>
-                                <th>Delete</th>
-                                <th>ID</th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                                {% for record in records %}
-                                <tr class="odd row_record">
-                                    <td>
-                                        {{ record.name }}
-                                    </td>
-                                    <td>
-                                        {{ record.type }}
-                                    </td>
-                                    <td>
-                                         {{ record.status }}
-                                    </td>
-                                    <td>
-                                         {{ record.ttl }}
-                                    </td>
-                                    <td>
-                                         {{ record.data }}
-                                    </td>
-                                    <td>
-                                        {{ record.comment }}
-                                    </td>
-                                    <td width="6%">
-                                         <button type="button" class="btn btn-warning button_edit">
-                                            <i class="fa-solid fa-edit"></i>&nbsp;Edit
-                                        </button>
-                                    </td>
-                                    <td width="6%">
-                                        <button type="button" class="btn btn-danger button_delete">
-                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete
-                                        </button>
-                                    </td>
-                                    <td>
-                                      {{ record.id }}
-                                    </td>
-                                    </td>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Template Editor</h3>
+                            <div class="card-tools">
+                                <button type="button" class="btn btn-primary float-left button_add_record"
+                                        title="Add Record" id="{{ template }}">
+                                    <i class="fa-solid fa-plus"></i>&nbsp;Add Record
+                                </button>
+                                <button type="button" class="btn btn-primary float-right button_apply_changes ml-2"
+                                        title="Save Template" id="{{ template }}">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Save Template
+                                </button>
+                            </div>
+                        </div>
+                        <div class="card-body table-responsive">
+                            <table id="tbl_records"
+                                   class="table table-bordered table-striped table-hover table-sm records">
+                                <thead>
+                                <tr>
+                                    <th>Name</th>
+                                    <th>Type</th>
+                                    <th>Status</th>
+                                    <th>TTL</th>
+                                    <th>Data</th>
+                                    <th>Comment</th>
+                                    <th>Actions</th>
+                                    <th>ID</th>
                                 </tr>
+                                </thead>
+                                <tbody>
+                                {% for record in records %}
+                                    <tr class="odd row_record">
+                                        <td>
+                                            {{ record.name }}
+                                        </td>
+                                        <td>
+                                            {{ record.type }}
+                                        </td>
+                                        <td>
+                                            {{ record.status }}
+                                        </td>
+                                        <td>
+                                            {{ record.ttl }}
+                                        </td>
+                                        <td>
+                                            {{ record.data }}
+                                        </td>
+                                        <td>
+                                            {{ record.comment }}
+                                        </td>
+                                        <td>
+                                            <button type="button" class="btn btn-warning button_edit"
+                                                    title="Edit Record">
+                                                <i class="fa-solid fa-edit"></i>&nbsp;Edit
+                                            </button>
+                                            <button type="button" class="btn btn-danger button_delete"
+                                                    title="Delete Record">
+                                                <i class="fa-solid fa-trash"></i>&nbsp;Delete
+                                            </button>
+                                        </td>
+                                        <td>{{ id }}</td>
+                                    </tr>
                                 {% endfor %}
-                        </tbody>
-                    </table>
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
                 </div>
             </div>
         </div>
-    </div>
-  </div>
-</section>
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-    // superglobals
-    window.records_allow_edit = {{ editable_records | tojson }};
-    window.ttl_options = {{ ttl_options | tojson }};
-    window.nEditing = null;
-    window.nNew = false;
+    <script>
+        // superglobals
+        window.records_allow_edit = {{ editable_records | tojson }};
+        window.ttl_options = {{ ttl_options | tojson }};
+        window.nEditing = null;
+        window.nNew = false;
 
-    // set up user data table
-    $("#tbl_records").DataTable({
-        "paging" : true,
-        "lengthChange" : true,
-        "searching" : true,
-        "ordering" : true,
-        "info" : true,
-        "autoWidth" : false,
-        {% if SETTING.get('default_record_table_size')|string in ['5','15','20'] %}
-        "lengthMenu": [ [5, 15, 20, -1],
-                        [5, 15, 20, "All"]],
-        {% else %}
-        "lengthMenu": [ [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, -1],
-                        [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, "All"]],
-        {% endif %}
-        "pageLength": {{ SETTING.get('default_record_table_size') }},
-        "language": {
-            "lengthMenu": " _MENU_ records"
-        },
-        "retrieve" : true,
-        "columnDefs": [
-            {
-                type: 'natural',
-                targets: [0, 4]
-            },
-            {
-                // hidden column so that we can add new records on top
-                // regardless of whatever sorting is done. See orderFixed
-                visible: false,
-                targets: [ 8 ]
+        // Initialize DataTables
+        $("#tbl_records").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": true,
+            "autoWidth": false,
+            {% if SETTING.get('default_record_table_size')|string in ['5','15','20'] %}
+                "lengthMenu": [[5, 15, 20, -1],
+                    [5, 15, 20, "All"]],
+            {% else %}
+                "lengthMenu": [[5, 15, 20, {{ SETTING.get('default_record_table_size') }}, -1],
+                    [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, "All"]],
+            {% endif %}
+            "pageLength": {{ SETTING.get('default_record_table_size') }},
+            "language": {
+                "lengthMenu": " _MENU_ records"
             },
-            {
-                className: "length-break",
-                targets: [ 4, 5 ]
-            }
-        ],
-        "orderFixed": [[8, 'asc']]
-    });
+            "retrieve": true,
+            "columnDefs": [
+                {
+                    type: 'natural',
+                    targets: [0, 4]
+                },
+                {
+                    // hidden column so that we can add new records on top
+                    // regardless of whatever sorting is done. See orderFixed
+                    visible: false,
+                    targets: [7]
+                },
+                {
+                    className: "length-break",
+                    targets: [4, 5]
+                }
+            ],
+            "orderFixed": [[7, 'asc']]
+        });
 
-    // handle delete button
-    $(document.body).on("click", ".button_delete", function(e) {
-        e.stopPropagation();
-        var modal = $("#modal_delete");
-        var table = $("#tbl_records").DataTable();
-        var record = $(this).prop('id');
-        var nRow = $(this).parents('tr')[0];
-        var info = "Are you sure you want to delete " + record + "?";
-        modal.find('.modal-body p').text(info);
-        modal.modal('show');
+        // handle delete button
+        $(document.body).on("click", ".button_delete", function (e) {
+            e.stopPropagation();
+            var modal = $("#modal_delete");
+            var table = $("#tbl_records").DataTable();
+            var record = $(this).prop('id');
+            var nRow = $(this).parents('tr')[0];
+            var info = "Are you sure you want to delete " + record + "?";
+            modal.find('.modal-body p').text(info);
+            modal.modal('show');
 
-        $("#button_delete_confirm").unbind().one('click', function(e) {
-            table.row(nRow).remove().draw();
-            modal.modal('hide');
-        });
+            $("#button_delete_confirm").unbind().one('click', function (e) {
+                table.row(nRow).remove().draw();
+                modal.modal('hide');
+            });
 
-        $("#button_delete_cancel").unbind().one('click', function(e) {
-            modal.modal('hide');
+            $("#button_delete_cancel").unbind().one('click', function (e) {
+                modal.modal('hide');
+            });
         });
-    });
-    // handle edit button and record click
-    $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
-         e.stopPropagation();
-         if ($(this).is('tr')) {
-            var nRow = $(this)[0];
-         } else {
-            var nRow = $(this).parents('tr')[0];
-         }
-         var table = $("#tbl_records").DataTable();
 
-        if (nEditing == nRow) {
-            /* click on row already being edited, do nothing */
-        } else if (nEditing !== null && nEditing != nRow && nNew == false) {
-             /* Currently editing - but not this row - restore the old before continuing to edit mode */
-             restoreRow(table, nEditing);
-             editRow(table, nRow);
-             nEditing = nRow;
-         } else if (nNew == true) {
-             /* adding a new row, delete it and start editing */
-             table.row(nEditing).remove().draw();
-             nNew = false;
-             editRow(table, nRow);
-             nEditing = nRow;
-         } else {
-             /* No edit in progress - let's start one */
-             editRow(table, nRow);
-             nEditing = nRow;
-         }
-    });
+        // handle edit button and record click
+        $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function (e) {
+            e.stopPropagation();
+            if ($(this).is('tr')) {
+                var nRow = $(this)[0];
+            } else {
+                var nRow = $(this).parents('tr')[0];
+            }
+            var table = $("#tbl_records").DataTable();
+
+            if (nEditing == nRow) {
+                /* click on row already being edited, do nothing */
+            } else if (nEditing !== null && nEditing != nRow && nNew == false) {
+                /* Currently editing - but not this row - restore the old before continuing to edit mode */
+                restoreRow(table, nEditing);
+                editRow(table, nRow);
+                nEditing = nRow;
+            } else if (nNew == true) {
+                /* adding a new row, delete it and start editing */
+                table.row(nEditing).remove().draw();
+                nNew = false;
+                editRow(table, nRow);
+                nEditing = nRow;
+            } else {
+                /* No edit in progress - let's start one */
+                editRow(table, nRow);
+                nEditing = nRow;
+            }
+        });
 
-    // handle apply changes button
-    $(document.body).on("click",".button_apply_changes", function() {
-        if (nNew || nEditing) {
-            showErrorModal("Previous record not saved. Please save it before applying the changes.");
-            return;
-        }
+        // handle apply changes button
+        $(document.body).on("click", ".button_apply_changes", function () {
+            if (nNew || nEditing) {
+                showErrorModal("Previous record not saved. Please save it before applying the changes.");
+                return;
+            }
 
-        var modal = $("#modal_apply_changes");
-        var table = $("#tbl_records").DataTable();
-        var template = $(this).prop('id');
-        var info = "Are you sure you want to apply your changes?";
-        modal.find('.modal-body p').text(info);
+            var modal = $("#modal_apply_changes");
+            var table = $("#tbl_records").DataTable();
+            var template = $(this).prop('id');
+            var info = "Are you sure you want to apply your changes?";
+            modal.find('.modal-body p').text(info);
 
-        // following unbind("click") is to avoid multiple times execution
-        modal.find('#button_apply_confirm').unbind("click").click(function() {
-            var data = getTableData(table);
-            applyChanges( {'_csrf_token': '{{ csrf_token() }}', 'records': data}, $SCRIPT_ROOT + '/admin/template/' + template + '/apply', true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
+            // following unbind("click") is to avoid multiple times execution
+            modal.find('#button_apply_confirm').unbind("click").click(function () {
+                var data = getTableData(table);
+                applyChanges({
+                    '_csrf_token': '{{ csrf_token() }}',
+                    'records': data
+                }, $SCRIPT_ROOT + '/admin/template/' + template + '/apply', true);
+                modal.modal('hide');
+            })
+            modal.modal('show');
 
-    });
+        });
 
-    // handle add record button
-    $(document.body).on("click", ".button_add_record", function (e) {
+        // handle add record button
+        $(document.body).on("click", ".button_add_record", function (e) {
             if (nNew || nEditing) {
                 showErrorModal("Previous record not saved. Please save it before adding more record.");
                 return;
@@ -245,8 +240,8 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
             nNew = true;
         });
 
-    //handle cancel button
-    $(document.body).on("click", ".button_cancel", function (e) {
+        //handle cancel button
+        $(document.body).on("click", ".button_cancel", function (e) {
             e.stopPropagation();
             var oTable = $("#tbl_records").DataTable();
             if (nNew) {
@@ -259,8 +254,8 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
             }
         });
 
-    //handle save button
-    $(document.body).on("click", ".button_save", function (e) {
+        //handle save button
+        $(document.body).on("click", ".button_save", function (e) {
             e.stopPropagation();
             var table = $("#tbl_records").DataTable();
             saveRow(table, nEditing);
@@ -268,73 +263,73 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
             nNew = false;
         });
 
-    {% if SETTING.get('record_helper') %}
-    //handle wacky record types
-    $(document.body).on("focus", "#current_edit_record_data", function (e) {
-        var record_type = $(this).parents("tr").find('#record_type').val();
-        var record_data = $(this);
-        if (record_type == "CAA") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"caa_flag\">CAA Flag</label> \
+        {% if SETTING.get('record_helper') %}
+            //handle wacky record types
+            $(document.body).on("focus", "#current_edit_record_data", function (e) {
+                var record_type = $(this).parents("tr").find('#record_type').val();
+                var record_data = $(this);
+                if (record_type == "CAA") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"caa_flag\">CAA Flag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_flag\" id=\"caa_flag\" placeholder=\"0\"> \
                                 <label for=\"caa_tag\">CAA Tag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_tag\" id=\"caa_tag\" placeholder=\"issue\"> \
                                 <label for=\"caa_value\">CAA Value</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_value\" id=\"caa_value\" placeholder=\"eg. letsencrypt.org\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"caa_flag\">CAA Flag</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"caa_flag\">CAA Flag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_flag\" id=\"caa_flag\" placeholder=\"0\" value=\"" + parts[0] + "\"> \
                                 <label for=\"caa_tag\">CAA Tag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_tag\" id=\"caa_tag\" placeholder=\"issue\" value=\"" + parts[1] + "\"> \
                                 <label for=\"caa_value\">CAA Value</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_value\" id=\"caa_value\" placeholder=\"eg. letsencrypt.org\" value=\"" + parts[2] + "\"> \
                             ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                caa_flag = modal.find('#caa_flag').val();
-                caa_tag = modal.find('#caa_tag').val();
-                caa_value = modal.find('#caa_value').val();
-                data = caa_flag + " " + caa_tag + " " + '"' + caa_value + '"';
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "MX") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"mx_priority\">MX Priority</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        caa_flag = modal.find('#caa_flag').val();
+                        caa_tag = modal.find('#caa_tag').val();
+                        caa_value = modal.find('#caa_value').val();
+                        data = caa_flag + " " + caa_tag + " " + '"' + caa_value + '"';
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "MX") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"mx_priority\">MX Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_priority\" id=\"mx_priority\" placeholder=\"eg. 10\"> \
                                 <label for=\"mx_server\">MX Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_server\" id=\"mx_server\" placeholder=\"eg. postfix.example.com\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"mx_priority\">MX Priority</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"mx_priority\">MX Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_priority\" id=\"mx_priority\" placeholder=\"eg. 10\" value=\"" + parts[0] + "\"> \
                                 <label for=\"mx_server\">MX Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_server\" id=\"mx_server\" placeholder=\"eg. postfix.example.com\" value=\"" + parts[1] + "\"> \
                             ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                mx_server = modal.find('#mx_server').val();
-                mx_priority = modal.find('#mx_priority').val();
-                data = mx_priority + " " + mx_server;
-                if (data && !data.endsWith('.')) {
-                    data = data + '.'
-                }
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "SRV") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"srv_priority\">SRV Priority</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        mx_server = modal.find('#mx_server').val();
+                        mx_priority = modal.find('#mx_priority').val();
+                        data = mx_priority + " " + mx_server;
+                        if (data && !data.endsWith('.')) {
+                            data = data + '.'
+                        }
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "SRV") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"srv_priority\">SRV Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_priority\" id=\"srv_priority\" placeholder=\"0\"> \
                                 <label for=\"srv_weight\">SRV Weight</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_weight\" id=\"srv_weight\" placeholder=\"10\"> \
@@ -343,9 +338,9 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                 <label for=\"srv_target\">SRV Target</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_target\" id=\"srv_target\" placeholder=\"sip.example.com\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"srv_priority\">SRV Priority</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"srv_priority\">SRV Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_priority\" id=\"srv_priority\" placeholder=\"0\" value=\"" + parts[0] + "\"> \
                                 <label for=\"srv_weight\">SRV Weight</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_weight\" id=\"srv_weight\" placeholder=\"10\" value=\"" + parts[1] + "\"> \
@@ -354,25 +349,25 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                 <label for=\"srv_target\">SRV Target</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_target\" id=\"srv_target\" placeholder=\"sip.example.com\" value=\"" + parts[3] + "\"> \
                 ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                srv_priority = modal.find('#srv_priority').val();
-                srv_weight = modal.find('#srv_weight').val();
-                srv_port = modal.find('#srv_port').val();
-                srv_target = modal.find('#srv_target').val();
-                data = srv_priority + " " + srv_weight + " " + srv_port + " " + srv_target;
-                if (data && !data.endsWith('.')) {
-                    data = data + '.'
-                }
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-            } else if (record_type == "SOA") {
-                var modal = $("#modal_custom_record");
-                if (record_data.val() == "") {
-                    var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        srv_priority = modal.find('#srv_priority').val();
+                        srv_weight = modal.find('#srv_weight').val();
+                        srv_port = modal.find('#srv_port').val();
+                        srv_target = modal.find('#srv_target').val();
+                        data = srv_priority + " " + srv_weight + " " + srv_port + " " + srv_target;
+                        if (data && !data.endsWith('.')) {
+                            data = data + '.'
+                        }
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "SOA") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_primaryns\" id=\"soa_primaryns\" placeholder=\"ns1.example.com\"> \
                                     <label for=\"soa_adminemail\">Primary Contact</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_adminemail\" id=\"soa_adminemail\" placeholder=\"admin.example.com\"> \
@@ -387,9 +382,9 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                     <label for=\"soa_minimumttl\">Minimum TTL</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_minimumttl\" id=\"soa_minimumttl\" placeholder=\"300\"> \
                                 ";
-                } else {
-                    var parts = record_data.val().split(" ");
-                    var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_primaryns\" id=\"soa_primaryns\" value=\"" + parts[0] + "\"> \
                                     <label for=\"soa_adminemail\">Primary Contact</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_adminemail\" id=\"soa_adminemail\" value=\"" + parts[1] + "\"> \
@@ -404,93 +399,95 @@ <h3 class="card-title">Manage Template Records for {{ template }}</h3>
                                     <label for=\"soa_minimumttl\">Minimum TTL</label> \
                                     <input type=\"text\" class=\"form-control\" name=\"soa_minimumttl\" id=\"soa_minimumttl\" value=\"" + parts[6] + "\"> \
                     ";
-                }
-                modal.find('.modal-body p').html(form);
-                modal.find('#button_save').click(function() {
-                    soa_primaryns = modal.find('#soa_primaryns').val();
-                    soa_adminemail = modal.find('#soa_adminemail').val();
-                    soa_serial = modal.find('#soa_serial').val();
-                    soa_zonerefresh = modal.find('#soa_zonerefresh').val();
-                    soa_failedzonerefresh = modal.find('#soa_failedzonerefresh').val();
-                    soa_zoneexpiry = modal.find('#soa_zoneexpiry').val();
-                    soa_minimumttl = modal.find('#soa_minimumttl').val();
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        soa_primaryns = modal.find('#soa_primaryns').val();
+                        soa_adminemail = modal.find('#soa_adminemail').val();
+                        soa_serial = modal.find('#soa_serial').val();
+                        soa_zonerefresh = modal.find('#soa_zonerefresh').val();
+                        soa_failedzonerefresh = modal.find('#soa_failedzonerefresh').val();
+                        soa_zoneexpiry = modal.find('#soa_zoneexpiry').val();
+                        soa_minimumttl = modal.find('#soa_minimumttl').val();
 
-                    data = soa_primaryns + " " + soa_adminemail + " " + soa_serial + " " + soa_zonerefresh + " " + soa_failedzonerefresh + " " + soa_zoneexpiry + " " + soa_minimumttl;
-                    record_data.val(data);
-                    modal.modal('hide');
-                })
-            modal.modal('show');
-        }
-    });
-    {% endif %}
-</script>
+                        data = soa_primaryns + " " + soa_adminemail + " " + soa_serial + " " + soa_zonerefresh + " " + soa_failedzonerefresh + " " + soa_zoneexpiry + " " + soa_minimumttl;
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                }
+            });
+        {% endif %}
+    </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_delete">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" id="button_delete_cancel" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">
-                  Delete
-                </button>
+    <div class="modal fade modal-warning" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal"
+                            aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-left" id="button_delete_cancel"
+                            data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                        Delete
+                    </button>
+                </div>
             </div>
         </div>
     </div>
-</div>
-<div class="modal fade modal-primary" id="modal_apply_changes">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-primary" id="button_apply_confirm">
-                  Apply
-                </button>
+    <div class="modal fade modal-primary" id="modal_apply_changes">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal"
+                            aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-left" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-primary" id="button_apply_confirm">
+                        Apply
+                    </button>
+                </div>
             </div>
         </div>
     </div>
-</div>
-<div class="modal fade modal-primary" id="modal_custom_record">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Custom Record</h4>
-              <button type="button" class="close" data-dismiss="modal"
-                    aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-primary" id="button_save">Save</button>
+    <div class="modal fade modal-primary" id="modal_custom_record">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Custom Record</h4>
+                    <button type="button" class="close" data-dismiss="modal"
+                            aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-primary" id="button_save">Save</button>
+                </div>
             </div>
         </div>
     </div>
-</div>
 {% endblock %}

From e5269b56262339cc1f4a00fcc4cf8323038fe516 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 08:32:53 -0500
Subject: [PATCH 239/475] Removed text label from zone template list action
 dropdown control to reduce space consumption.

---
 powerdnsadmin/templates/template.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/template.html b/powerdnsadmin/templates/template.html
index 3776d935f..83538be8f 100644
--- a/powerdnsadmin/templates/template.html
+++ b/powerdnsadmin/templates/template.html
@@ -87,7 +87,7 @@ <h3 class="card-title">Templates</h3>
                                                 <button class="btn btn-primary dropdown-toggle" type="button"
                                                         id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true"
                                                         aria-expanded="false">
-                                                    <i class="fa-solid fa-bars"></i>&nbsp;Actions
+                                                    <i class="fa-solid fa-bars"></i>
                                                 </button>
                                                 <div class="dropdown-menu" aria-labelledby="dropdownMenu">
                                                     <button type="button" class="dropdown-item btn-warning"

From a42d61075976cbd336d0ced1a3fecf78ce83c48f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 08:43:49 -0500
Subject: [PATCH 240/475] Holding on remaining changes to zone template editor
 as a rebuild is also necessary here.

---
 powerdnsadmin/templates/template_edit.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index b841023a9..2f63fdf52 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -76,13 +76,13 @@ <h3 class="card-title">Zone Template Editor</h3>
                                             {{ record.comment }}
                                         </td>
                                         <td>
-                                            <button type="button" class="btn btn-warning button_edit"
+                                            <button type="button" class="btn btn-sm btn-warning button_edit"
                                                     title="Edit Record">
-                                                <i class="fa-solid fa-edit"></i>&nbsp;Edit
+                                                <i class="fa-solid fa-edit"></i>
                                             </button>
-                                            <button type="button" class="btn btn-danger button_delete"
+                                            <button type="button" class="btn btn-sm btn-danger button_delete"
                                                     title="Delete Record">
-                                                <i class="fa-solid fa-trash"></i>&nbsp;Delete
+                                                <i class="fa-solid fa-trash"></i>
                                             </button>
                                         </td>
                                         <td>{{ id }}</td>

From 8c6fc5e2622e8031859fa040b08627104022ad25 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 08:50:17 -0500
Subject: [PATCH 241/475] Completed first-found updates for the accounts list
 view.

---
 .../templates/admin_manage_account.html       | 288 +++++++++---------
 1 file changed, 148 insertions(+), 140 deletions(-)

diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index c02a18c10..fe2c5bb68 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -1,159 +1,167 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_accounts" %}
-
-{% block title %}
-  <title>
-    Account Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Accounts - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Accounts
-            <small>Manage</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">Accounts</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Accounts</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item active">Accounts</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Account Management</h3>
-            <a href="{{ url_for('admin.edit_account') }}">
-              <button type="button" class="btn btn-primary float-right button_add_account">
-                <i class="fa-solid fa-plus"></i>&nbsp;Add Account
-              </button>
-            </a>
-          </div>
-          <div class="card-body">
-            <table id="tbl_accounts" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Description</th>
-                  <th>Contact</th>
-                  <th>Mail</th>
-                  <th>Member</th>
-                  <th>Domain</th>
-                  <th>Action</th>
-                </tr>
-              </thead>
-              <tbody>
-                {% for account in accounts %}
-                  <tr class="odd gradeX">
-                    <td>{{ account.name }}</td>
-                    <td>{{ account.description }}</td>
-                    <td>{{ account.contact }}</td>
-                    <td>{{ account.mail }}</td>
-                    <td>{{ account.user_num }}</td>
-                    <td>{{ account.domains|length }}</td>
-                    <td width="15%">
-                      <div class="dropdown">
-                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                          <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                        </button>
-                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                          <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
-                            <i class="fa-solid fa-edit"></i>&nbsp;Edit Account
-                          </button>
-                          <div class="dropdown-divider"></div>
-                          <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ account.name }}">
-                            <font color="red">
-                              <i class="fa-solid fa-trash"></i>&nbsp;Delete Account
-                            </font>
-                          </button>
-                         </div>
-                      </div>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Accounts</h3>
+                            <div class="card-tools">
+                                <a href="{{ url_for('admin.edit_account') }}">
+                                    <button type="button" class="btn btn-primary button_add_account"
+                                            title="Add Account">
+                                        <i class="fa-solid fa-plus"></i>&nbsp;Add Account
+                                    </button>
+                                </a>
+                            </div>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_accounts"
+                                   class="table table-bordered table-striped table-hover table-sm records">
+                                <thead>
+                                <tr>
+                                    <th>Name</th>
+                                    <th>Description</th>
+                                    <th>Contact</th>
+                                    <th>Mail</th>
+                                    <th>Member</th>
+                                    <th>Domain</th>
+                                    <th>Action</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for account in accounts %}
+                                    <tr class="odd gradeX">
+                                        <td>{{ account.name }}</td>
+                                        <td>{{ account.description }}</td>
+                                        <td>{{ account.contact }}</td>
+                                        <td>{{ account.mail }}</td>
+                                        <td>{{ account.user_num }}</td>
+                                        <td>{{ account.domains|length }}</td>
+                                        <td>
+                                            <div class="dropdown">
+                                                <button class="btn btn-primary dropdown-toggle" type="button"
+                                                        id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true"
+                                                        aria-expanded="false">
+                                                    <i class="fa-solid fa-bars"></i>
+                                                </button>
+                                                <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                                                    <button type="button" class="dropdown-item btn-warning"
+                                                            onclick="window.location.href='{{ url_for('admin.edit_account', account_name=account.name) }}'">
+                                                        <i class="fa-solid fa-edit"></i>&nbsp;Edit Account
+                                                    </button>
+                                                    <div class="dropdown-divider"></div>
+                                                    <button type="button"
+                                                            class="dropdown-item btn-secondary button_delete"
+                                                            id="{{ account.name }}">
+                                                        <span style="color: red;">
+                                                            <i class="fa-solid fa-trash"></i>&nbsp;Delete Account
+                                                        </span>
+                                                    </button>
+                                                </div>
+                                            </div>
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
+            </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-    // set up accounts data table
-    $("#tbl_accounts").DataTable({
-        "paging": true,
-        "lengthChange": true,
-        "searching": true,
-        "ordering": true,
-        "columnDefs": [{
-            "orderable": false,
-            "targets": [-1]
-        }],
-        "info": false,
-        "autoWidth": false,
-        "lengthMenu": [
-            [10, 25, 50, 100, -1],
-            [10, 25, 50, 100, "All"]
-        ],
-        "pageLength": 10
-    });
+    <script>
+        // Intialize DataTable
+        $("#tbl_accounts").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "columnDefs": [{
+                "orderable": false,
+                "targets": [-1]
+            }],
+            "info": false,
+            "autoWidth": false,
+            "lengthMenu": [
+                [10, 25, 50, 100, -1],
+                [10, 25, 50, 100, "All"]
+            ],
+            "pageLength": 10
+        });
 
-    // handle deletion of account
-    $(document.body).on('click', '.button_delete', function () {
-        var modal = $("#modal_delete");
-        var accountname = $(this).prop('id');
-        var info = "Are you sure you want to delete " + accountname + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_delete_confirm').click(function () {
-            var postdata = {
-                'action': 'delete_account',
-                'data': accountname,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-account', false, true);
-            modal.modal('hide');
-        })
-        modal.modal('show');
-    });
-</script>
+        // handle deletion of account
+        $(document.body).on('click', '.button_delete', function () {
+            var modal = $("#modal_delete");
+            var accountname = $(this).prop('id');
+            var info = "Are you sure you want to delete " + accountname + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_delete_confirm').click(function () {
+                var postdata = {
+                    'action': 'delete_account',
+                    'data': accountname,
+                    '_csrf_token': '{{ csrf_token() }}'
+                }
+                applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-account', false, true);
+                modal.modal('hide');
+            })
+            modal.modal('show');
+        });
+    </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade" id="modal_delete">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
-                <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+    <div class="modal fade" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default float-left" data-dismiss="modal">Close</button>
+                    <button type="button" class="btn btn-danger" id="button_delete_confirm">Delete</button>
+                </div>
             </div>
+            <!-- /.modal-content -->
         </div>
-        <!-- /.modal-content -->
+        <!-- /.modal-dialog -->
     </div>
-    <!-- /.modal-dialog -->
-</div>
 {% endblock %}

From 0e67366c5fc69a32732767c9da22b2db7b97ee4d Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 09:07:07 -0500
Subject: [PATCH 242/475] Completed first-found updates for the account
 creation view.

---
 .../templates/admin_edit_account.html         | 422 ++++++++++--------
 1 file changed, 229 insertions(+), 193 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 046866cd3..4894df8bb 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -1,211 +1,247 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_accounts" %}
-
-{% block title %}
-<title>
-  Edit Account - {{ SITE_NAME }}
-</title>
-{% endblock %}
+{% if create %}
+    {% set action_label = 'Create' %}
+    {% set form_action = url_for('admin.edit_account') %}
+{% else %}
+    {% set action_label = 'Edit' %}
+    {% set form_action = url_for('admin.edit_account', account_name=account.name) %}
+{% endif %}
+{% block title %}<title>{{ action_label }} Account - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            {% if create %}Add Account{% else %}Edit Account{% endif %}
-            <small>{% if create %}Account{% else %}{{ account.name }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add Account{% else %}Edit Account: {{ account.name }}{% endif %}</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">{{ action_label }} Account</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_account') }}">Accounts</a></li>
+                        <li class="breadcrumb-item active">{{ action_label }} Account</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-4">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Account</h3>
-          </div>
-          <form role="form" method="post" action="{% if create %}{{ url_for('admin.edit_account') }}{% else %}{{ url_for('admin.edit_account', account_name=account.name) }}{% endif %}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              {% if error %}
-                <div class="alert alert-danger alert-dismissible">
-                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
-                  {{ error }}
-                </div>
-                <span class="help-block">{{ error }}</span>
-              {% endif %}
-              <div class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
-                <label class="control-label" for="accountname">Name</label>
-                <input type="text" class="form-control" placeholder="Account Name (required)"
-                  name="accountname" {% if account %}value="{{ account.name }}" {% endif %}
-                  {% if not create %}disabled{% endif %} required>
-                <span class="form-control-feedback"></span>
-                {% if invalid_accountname %}
-                  <span class="help-block text-danger">Cannot be blank and must only contain alphanumeric
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" action="{{ form_action }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <input type="hidden" name="create" value="{{ create }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Account Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                {% if error %}
+                                    <div class="alert alert-danger alert-dismissible">
+                                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
+                                            &times;
+                                        </button>
+                                        <h4><i class="fa-solid fa-ban"></i> Error!</h4>
+                                        {{ error }}
+                                    </div>
+                                    <span class="help-block">{{ error }}</span>
+                                {% endif %}
+                                <div
+                                    class="form-group has-feedback {% if invalid_accountname or duplicate_accountname %}has-error{% endif %}">
+                                    <label class="control-label" for="accountname">Name</label>
+                                    <input type="text" class="form-control" placeholder="Account Name (required)"
+                                           name="accountname" id="accountname"
+                                           {% if account %}value="{{ account.name }}" {% endif %}
+                                           {% if not create %}disabled{% endif %} required>
+                                    <span class="form-control-feedback"></span>
+                                    {% if invalid_accountname %}
+                                        <span class="help-block text-danger">Cannot be blank and must only contain alphanumeric
                     characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens or underscores{% endif %}.
                   </span>
-                {% elif duplicate_accountname %}
-                  <span class="help-block text-danger">Account name already in use.</span>
-                {% endif %}
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountdescription">Description</label>
-                <input type="text" class="form-control" placeholder="Account Description (optional)"
-                  name="accountdescription" {% if account %}value="{{ account.description }}" {% endif %}>
-                <span class="orm-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountcontact">Contact Person</label>
-                <input type="text" class="form-control" placeholder="Contact Person (optional)"
-                  name="accountcontact" {% if account %}value="{{ account.contact }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="accountmail">Mail Address</label>
-                <input type="email" class="form-control" placeholder="Mail Address (optional)"
-                  name="accountmail" {% if account %}value="{{ account.mail }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-            </div>
-            <div class="card-header">
-              <h3 class="card-title">Access Control</h3>
-            </div>
-            <div class="card-body">
-              <p>Users on the right have access to manage records in all domains
-                associated with the account.
-              </p>
-              <p>Click on users to move between columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="account_multi_user"
-                  name="account_multi_user">
-                  {% for user in users %}
-                    <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
-                      value="{{ user.username }}">{{ user.username }}
-                    </option>
-                  {% endfor %}
-                </select>
-              </div>
-            </div>
-            <div class="card-body">
-              <p>Domains on the right are associated with the account. Red marked domain names are already associated with other accounts.
-                  Moving already associated domains to this account will overwrite the previous associated account.
-              </p>
-              <p>Hover over the red domain names to show the associated account. Click on domains to move between columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="account_domains" name="account_domains">
-                  {% for domain in domains %}
-                    {% if account != None and domain.account_id != None and account.id != domain.account_id %}
-                      {% with account_id=domain.account_id %}
-                        <option style="color: red" data-toggle="tooltip" title="Associated with: {{ accounts[account_id].name }}" value="{{ domain.name }}">
-                          {{ domain.name }}
-                        </option>
-                      {% endwith %}
-                    {% else %}
-                      <option {% if account.id == domain.account_id %}selected{% endif %} value="{{ domain.name }}">
-                        {{ domain.name }}
-                      </option>
-                    {% endif %}
-                  {% endfor %}
-                </select>
-            </div>
-          </div>
-            <div class="card-footer">
-              <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
-                Cancel
-              </button>
-              <button type="submit" class="btn btn-primary float-right">
-                {% if create %}Create{% else %}Update{% endif %} Account
-              </button>
+                                    {% elif duplicate_accountname %}
+                                        <span class="help-block text-danger">Account name already in use.</span>
+                                    {% endif %}
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="accountdescription">Description</label>
+                                    <input type="text" class="form-control" placeholder="Account Description (optional)"
+                                           name="accountdescription" id="accountdescription"
+                                           {% if account %}value="{{ account.description }}" {% endif %}>
+                                    <span class="orm-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="accountcontact">Contact Person</label>
+                                    <input type="text" class="form-control" placeholder="Contact Person (optional)"
+                                           name="accountcontact" id="accountcontact"
+                                           {% if account %}value="{{ account.contact }}" {% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="accountmail">Mail Address</label>
+                                    <input type="email" class="form-control" placeholder="Mail Address (optional)"
+                                           name="accountmail" id="accountmail"
+                                           {% if account %}value="{{ account.mail }}" {% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-header">
+                                <h3 class="card-title">Access Control</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <p>Users on the right have access to manage records in all domains
+                                    associated with the account.
+                                </p>
+                                <p>Click on users to move between columns.</p>
+                                <div class="form-group col-2">
+                                    <select multiple="multiple" class="form-control" id="account_multi_user"
+                                            name="account_multi_user">
+                                        {% for user in users %}
+                                            <option {% if user.id in account_user_ids|default([]) %}selected{% endif %}
+                                                    value="{{ user.username }}">{{ user.username }}
+                                            </option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-body">
+                                <p>Domains on the right are associated with the account. Red marked domain names are
+                                    already associated with other accounts.
+                                    Moving already associated domains to this account will overwrite the previous
+                                    associated account.
+                                </p>
+                                <p>Hover over the red domain names to show the associated account. Click on domains to
+                                    move between columns.</p>
+                                <div class="form-group col-2">
+                                    <select multiple="multiple" class="form-control" id="account_domains"
+                                            name="account_domains">
+                                        {% for domain in domains %}
+                                            {% if account != None and domain.account_id != None and account.id != domain.account_id %}
+                                                {% with account_id=domain.account_id %}
+                                                    <option style="color: red" data-toggle="tooltip"
+                                                            title="Associated with: {{ accounts[account_id].name }}"
+                                                            value="{{ domain.name }}">
+                                                        {{ domain.name }}
+                                                    </option>
+                                                {% endwith %}
+                                            {% else %}
+                                                <option {% if account.id == domain.account_id %}selected{% endif %}
+                                                        value="{{ domain.name }}">
+                                                    {{ domain.name }}
+                                                </option>
+                                            {% endif %}
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="button" class="btn btn-secondary float-left" title="Cancel"
+                                        onclick="window.location.href='{{ url_for('admin.manage_account') }}'">
+                                    Cancel
+                                </button>
+                                <button type="submit" class="btn btn-primary float-right"
+                                        title="{{ action_label }} Account">
+                                    {{ action_label }} Account
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
+                </div>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Account Editor Help</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>
+                                An account allows grouping of domains belonging to a particular entity, such as a
+                                customer or
+                                department.
+                            </p>
+                            <p>
+                                A domain can be assigned to an account upon domain creation or through the domain
+                                administration
+                                page.
+                            </p>
+                            <p>Fill in all the fields to the in the form to the left.</p>
+                            <p>
+                                <strong>Name</strong> is an account identifier. It will be lowercase and can contain
+                                alphanumeric
+                                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and
+                                underscores (no space or other special character is allowed)
+                            {% else %} (no extra character is allowed){% endif %}.<br/>
+                                <strong>Description</strong> is a user-friendly name for this account.<br/>
+                                <strong>Contact person</strong> is the name of a contact person at the account.<br/>
+                                <strong>Mail Address</strong> is an e-mail address for the contact person.
+                            </p>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </form>
+            <!-- /.row -->
         </div>
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help with creating a new account</h3>
-          </div>
-          <div class="card-body">
-            <p>
-              An account allows grouping of domains belonging to a particular entity, such as a customer or
-              department.
-              <br />
-              A domain can be assigned to an account upon domain creation or through the domain administration
-              page.
-            </p>
-            <p>Fill in all the fields to the in the form to the left.</p>
-            <p>
-              <strong>Name</strong> is an account identifier. It will be lowercased and can contain alphanumeric
-                characters{% if SETTING.get('account_name_extra_chars') %}, dots, hyphens and underscores (no space or other special character is allowed)
-                {% else %} (no extra character is allowed){% endif %}.<br />
-              <strong>Description</strong> is a user friendly name for this account.<br />
-              <strong>Contact person</strong> is the name of a contact person at the account.<br />
-              <strong>Mail Address</strong> is an e-mail address for the contact person.
-            </p>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
-  function addMultiSelect(id, placeholder) {
-    $(id).multiSelect({
-      selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-      selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
-      afterInit: function (ms) {
-        var that = this,
-          $selectableSearch = that.$selectableUl.prev(),
-          $selectionSearch = that.$selectionUl.prev(),
-          selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-          selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+    <script>
+        function addMultiSelect(id, placeholder) {
+            $(id).multiSelect({
+                selectableHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+                selectionHeader: `<input type='text' class='search-input' autocomplete='off' placeholder='${placeholder}'>`,
+                afterInit: function (ms) {
+                    var that = this,
+                        $selectableSearch = that.$selectableUl.prev(),
+                        $selectionSearch = that.$selectionUl.prev(),
+                        selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                        selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+
+                    that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                        .on('keydown', function (e) {
+                            if (e.which === 40) {
+                                that.$selectableUl.focus();
+                                return false;
+                            }
+                        });
 
-        that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-          .on('keydown', function (e) {
-            if (e.which === 40) {
-              that.$selectableUl.focus();
-              return false;
-            }
-          });
+                    that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                        .on('keydown', function (e) {
+                            if (e.which == 40) {
+                                that.$selectionUl.focus();
+                                return false;
+                            }
+                        });
+                },
+                afterSelect: function () {
+                    this.qs1.cache();
+                    this.qs2.cache();
+                },
+                afterDeselect: function () {
+                    this.qs1.cache();
+                    this.qs2.cache();
+                }
+            });
+        }
 
-        that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-          .on('keydown', function (e) {
-            if (e.which == 40) {
-              that.$selectionUl.focus();
-              return false;
-            }
-          });
-      },
-      afterSelect: function () {
-        this.qs1.cache();
-        this.qs2.cache();
-      },
-      afterDeselect: function () {
-        this.qs1.cache();
-        this.qs2.cache();
-      }
-    });
-  }
-  addMultiSelect("#account_multi_user", "Username")
-  addMultiSelect("#account_domains", "Domain")
-</script>
+        addMultiSelect("#account_multi_user", "Username")
+        addMultiSelect("#account_domains", "Domain")
+    </script>
 {% endblock %}

From 9ac81363e364a27767db8d52a8054ae597991922 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 09:14:58 -0500
Subject: [PATCH 243/475] Completed first-found updates for the users list
 view.

---
 .../templates/admin_manage_user.html          | 426 +++++++++---------
 1 file changed, 216 insertions(+), 210 deletions(-)

diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index ba978a115..8d1ace8e6 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -1,237 +1,243 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_users" %}
-
-{% block title %}
-  <title>
-    User Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Users - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            User
-            <small>Manage user privileges</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item active">User</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Users</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item active">Users</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-12">
-          <div class="card">
-            <div class="card-header">
-              <h3 class="card-title">User Management</h3>
-              <a href="{{ url_for('admin.edit_user') }}">
-                <button type="button" class="btn btn-primary float-right button_add_user">
-                  <i class="fa-solid fa-plus"></i>&nbsp;Add User
-                </button>
-              </a>
-            </div>
-            <div class="card-body">
-              <table id="tbl_users" class="table table-bordered table-striped">
-                <thead>
-                  <tr>
-                    <th>Username</th>
-                    <th>First Name</th>
-                    <th>Last Name</th>
-                    <th>Email</th>
-                    <th>Role</th>
-                    <th>Privileges</th>
-                    <th>Action</th>
-                  </tr>
-                </thead>
-                <tbody>
-                  {% for user in users %}
-                    <tr class="odd gradeX">
-                      <td>{{ user.username }}</td>
-                      <td>{{ user.firstname }}</td>
-                      <td>{{ user.lastname }}</td>
-                      <td>{{ user.email }}</td>
-                      <td>
-                        <select id="{{ user.username }}" class="user_role"
-                          {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
-                          {% for role in roles %}
-                            <option value="{{ role.name }}"
-                              {% if role.id==user.role.id %}selected{% endif %}>
-                                {{ role.name }}
-                            </option>
-                          {% endfor %}
-                        </select>
-                      </td>
-                      <td width="6%">
-                        <button type="button" class="btn btn-warning button_revoke"
-                          id="{{ user.username }}"
-                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa-solid fa-link-slash"></i>&nbsp;Revoke
-                        </button>
-                      </td>
-                      <td width="15%">
-
-                        <div class="dropdown">
-                          <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"
-                          {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
-                            <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                          </button>
-                          <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                            <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'">
-                              <i class="fa-solid fa-edit"></i>&nbsp;Edit User
-                            </button>
-                            {% if not user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}
-                              <div class="dropdown-divider"></div>
-                              <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ user.username }}">
-                                <font color="red">
-                                  <i class="fa-solid fa-trash"></i>&nbsp;Delete User
-                                </font>
-                              </button>
-                            {% endif %}
-                           </div>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Users</h3>
+                            <div class="card-tools">
+                                <a href="{{ url_for('admin.edit_user') }}">
+                                    <button type="button" class="btn btn-primary button_add_user" title="Create User">
+                                        <i class="fa-solid fa-plus"></i>&nbsp;Create User
+                                    </button>
+                                </a>
+                            </div>
+                            <!-- /.card-tools -->
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body table-responsive">
+                            <table id="tbl_users"
+                                   class="table table-bordered table-striped table-hover table-sm records">
+                                <thead>
+                                <tr>
+                                    <th>Username</th>
+                                    <th>First Name</th>
+                                    <th>Last Name</th>
+                                    <th>Email</th>
+                                    <th>Role</th>
+                                    <th>Privileges</th>
+                                    <th>Action</th>
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for user in users %}
+                                    <tr class="odd gradeX">
+                                        <td>{{ user.username }}</td>
+                                        <td>{{ user.firstname }}</td>
+                                        <td>{{ user.lastname }}</td>
+                                        <td>{{ user.email }}</td>
+                                        <td>
+                                            <select id="{{ user.username }}" class="user_role"
+                                                    {% if user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}disabled{% endif %}>
+                                                {% for role in roles %}
+                                                    <option value="{{ role.name }}"
+                                                            {% if role.id==user.role.id %}selected{% endif %}>
+                                                        {{ role.name }}
+                                                    </option>
+                                                {% endfor %}
+                                            </select>
+                                        </td>
+                                        <td>
+                                            <button type="button" class="btn btn-warning button_revoke"
+                                                    title="Revoke Privileges"
+                                                    id="{{ user.username }}"
+                                                    {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                                                <i class="fa-solid fa-link-slash"></i>
+                                            </button>
+                                        </td>
+                                        <td>
+                                            <div class="dropdown">
+                                                <button class="btn btn-primary dropdown-toggle" type="button"
+                                                        id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true"
+                                                        aria-expanded="false"
+                                                        {% if current_user.role.name=='Operator' and user.role.name=='Administrator' %}disabled{% endif %}>
+                                                    <i class="fa-solid fa-bars"></i>
+                                                </button>
+                                                <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                                                    <button type="button" class="dropdown-item btn-warning"
+                                                            onclick="window.location.href='{{ url_for('admin.edit_user', user_username=user.username) }}'">
+                                                        <i class="fa-solid fa-edit"></i>&nbsp;Edit User
+                                                    </button>
+                                                    {% if not user.username==current_user.username or (current_user.role.name=='Operator' and user.role.name=='Administrator') %}
+                                                        <div class="dropdown-divider"></div>
+                                                        <button type="button"
+                                                                class="dropdown-item btn-secondary button_delete"
+                                                                id="{{ user.username }}">
+                                                            <span style="color: red;">
+                                                                <i class="fa-solid fa-trash"></i>&nbsp;Delete User
+                                                            </span>
+                                                        </button>
+                                                    {% endif %}
+                                                </div>
+                                            </div>
+                                        </td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
                         </div>
-                      </td>
-                    </tr>
-                  {% endfor %}
-                </tbody>
-              </table>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    // set up user data table
-    $("#tbl_users").DataTable({
-      "paging": true,
-      "lengthChange": true,
-      "searching": true,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "lengthMenu": [
-        [10, 25, 50, 100, -1],
-        [10, 25, 50, 100, "All"]
-      ],
-      "pageLength": 10
-    });
+    <script>
+        // set up user data table
+        $("#tbl_users").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false,
+            "lengthMenu": [
+                [10, 25, 50, 100, -1],
+                [10, 25, 50, 100, "All"]
+            ],
+            "pageLength": 10
+        });
 
-    // handle revocation of privileges
-    $(document.body).on('click', '.button_revoke', function () {
-      var modal = $("#modal_revoke");
-      var username = $(this).prop('id');
-      var info = "Are you sure you want to revoke all privileges for user " + username +
-        "? They will not able to access any domain.";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_revoke_confirm').click(function () {
-        var postdata = {
-          'action': 'revoke_user_privileges',
-          'data': username,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
-    });
+        // handle revocation of privileges
+        $(document.body).on('click', '.button_revoke', function () {
+            var modal = $("#modal_revoke");
+            var username = $(this).prop('id');
+            var info = "Are you sure you want to revoke all privileges for user " + username +
+                "? They will not able to access any domain.";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_revoke_confirm').click(function () {
+                var postdata = {
+                    'action': 'revoke_user_privileges',
+                    'data': username,
+                    '_csrf_token': '{{ csrf_token() }}'
+                }
+                applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', true);
+                modal.modal('hide');
+            })
+            modal.modal('show');
+        });
 
-    // handle deletion of user
-    $(document.body).on('click', '.button_delete', function () {
-      var modal = $("#modal_delete");
-      var username = $(this).prop('id');
-      var info = "Are you sure you want to delete user " + username + "?";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_delete_confirm').click(function () {
-        var postdata = {
-          'action': 'delete_user',
-          'data': username,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
-    });
+        // handle deletion of user
+        $(document.body).on('click', '.button_delete', function () {
+            var modal = $("#modal_delete");
+            var username = $(this).prop('id');
+            var info = "Are you sure you want to delete user " + username + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_delete_confirm').click(function () {
+                var postdata = {
+                    'action': 'delete_user',
+                    'data': username,
+                    '_csrf_token': '{{ csrf_token() }}'
+                }
+                applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
+                modal.modal('hide');
+            })
+            modal.modal('show');
+        });
 
-    // handle user role changing
-    $(document.body).on('change', '.user_role', function () {
-      var role_name = this.value;
-      var username = $(this).prop('id');
-      var postdata = {
-        'action': 'update_user_role',
-        'data': {
-          'username': username,
-          'role_name': role_name
-        },
-        '_csrf_token': '{{ csrf_token() }}'
-      };
-      applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
-    });
-  </script>
+        // handle user role changing
+        $(document.body).on('change', '.user_role', function () {
+            var role_name = this.value;
+            var username = $(this).prop('id');
+            var postdata = {
+                'action': 'update_user_role',
+                'data': {
+                    'username': username,
+                    'role_name': role_name
+                },
+                '_csrf_token': '{{ csrf_token() }}'
+            };
+            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', showResult = true);
+        });
+    </script>
 {% endblock %}
 
 {% block modals %}
-  <div class="modal fade" id="modal_revoke">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger float-right" id="button_revoke_confirm">
-            Revoke
-          </button>
+    <div class="modal fade" id="modal_revoke">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-danger float-right" id="button_revoke_confirm">
+                        Revoke
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 
-  <div class="modal fade" id="modal_delete">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-default float-right" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
-            Delete
-          </button>
+    <div class="modal fade" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default float-right" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-danger float-right" id="button_delete_confirm">
+                        Delete
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}

From 4a12d6282865d10c8b39393f1c4954f31c49dc13 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 09:22:41 -0500
Subject: [PATCH 244/475] Completed first-found updates for the user create /
 edit view.

---
 powerdnsadmin/templates/admin_edit_user.html | 353 ++++++++++---------
 1 file changed, 184 insertions(+), 169 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 9e954fe74..20e6af605 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -1,190 +1,205 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_users" %}
-
-{% block title %}
-  <title>
-    {% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %} - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% if create %}
+    {% set action_label = 'Create' %}
+    {% set form_action = url_for('admin.edit_user') %}
+{% else %}
+    {% set action_label = 'Edit' %}
+    {% set form_action = url_for('admin.edit_user', user_username=user.username) %}
+{% endif %}
+{% block title %}<title>{{ action_label }} User - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Users
-            <small>{% if create %}New user{% else %}Edit user {{ user.username }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_user') }}">Users</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add user{% else %}Edit user "{{ user.username }}"{% endif %}</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">{{ action_label }} User</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_user') }}">Users</a></li>
+                        <li class="breadcrumb-item active">{{ action_label }} User</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-4">
-        <div class="card card-secondary">
-          <div class="card-header with-border">
-            <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} user</h3>
-          </div>
-          <form role="form" method="post"
-            action="{% if create %}{{ url_for('admin.edit_user') }}{% else %}{{ url_for('admin.edit_user', user_username=user.username) }}{% endif %}">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              {% if error %}
-                <div class="alert alert-danger alert-dismissible">
-                  <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                  <h4><i class="fa-solid fa-ban"></i> Error!</h4>
-                  {{ error }}
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" action="{{ form_action }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <input type="hidden" name="create" value="{{ create }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header with-border">
+                                <h3 class="card-title">User Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                {% if error %}
+                                    <div class="alert alert-danger alert-dismissible">
+                                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
+                                            &times;
+                                        </button>
+                                        <h4><i class="fa-solid fa-ban"></i> Error!</h4>
+                                        {{ error }}
+                                    </div>
+                                    <span class="help-block">{{ error }}</span>
+                                {% endif %}
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="firstname">First Name</label>
+                                    <input type="text" class="form-control" placeholder="First Name" name="firstname"
+                                           id="firstname"
+                                           {% if user %}value="{{ user.firstname }}" {% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="lastname">Last Name</label>
+                                    <input type="text" class="form-control" placeholder="Last name" name="lastname"
+                                           id="lastname"
+                                           {% if user %}value="{{ user.lastname }}" {% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="email">E-mail address</label>
+                                    <input type="email" class="form-control" placeholder="Email" name="email" id="email"
+                                           {% if user %}value="{{ user.email }}" {% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="username">Username</label>
+                                    <input type="text" class="form-control" placeholder="Username" name="username"
+                                           id="username"
+                                           {% if user %}value="{{ user.username }}" {% endif %}
+                                           {% if not create %}disabled{% endif %}>
+                                    <span class="form-control-feedback"></span>
+                                </div>
+                                <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
+                                    <label class="control-label" for="password">Password</label>
+                                    <input type="password" class="form-control"
+                                           placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
+                                           name="password" id="password">
+                                    <span class="form-control-feedback"></span>
+                                    {% if blank_password %}
+                                        <span class="help-block">The password cannot be blank.</span>
+                                    {% endif %}
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="submit" class="btn btn-primary" title="{{ action_label }} User">
+                                    {{ action_label }} User
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                    </form>
+                    {% if not create %}
+                        {% if user.otp_secret %}
+                            <div class="card">
+                                <div class="card-header">
+                                    <h3 class="card-title">Two Factor Authentication</h3>
+                                </div>
+                                <div class="card-body">
+                                    <p>If two-factor authentication is configured for this user and is causing problems
+                                        due to a lost device or
+                                        technical issue, it can be disabled here.
+                                    </p>
+                                    <p>The user will need to reconfigure two-factor authentication, to re-enable it.</p>
+                                    <p><strong>Beware: This could compromise security!</strong></p>
+                                </div>
+                                <div class="card-footer">
+                                    <button type="button" class="btn btn-warning button_otp_disable"
+                                            id="{{ user.username }}">
+                                        Disable Two Factor Authentication
+                                    </button>
+                                </div>
+                            </div>
+                        {% endif %}
+                    {% endif %}
                 </div>
-                <span class="help-block">{{ error }}</span>
-              {% endif %}
-              <div class="form-group has-feedback">
-                <label class="control-label" for="firstname">First Name</label>
-                <input type="text" class="form-control" placeholder="First Name" name="firstname"
-                  {% if user %}value="{{ user.firstname }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="lastname">Last Name</label>
-                <input type="text" class="form-control" placeholder="Last name" name="lastname"
-                  {% if user %}value="{{ user.lastname }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="email">E-mail address</label>
-                <input type="email" class="form-control" placeholder="Email" name="email" id="email"
-                  {% if user %}value="{{ user.email }}" {% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <p class="login-box-msg">Enter the account details below</p>
-              <div class="form-group has-feedback">
-                <label class="control-label" for="username">Username</label>
-                <input type="text" class="form-control" placeholder="Username" name="username"
-                  {% if user %}value="{{ user.username }}" {% endif %}
-                  {% if not create %}disabled{% endif %}>
-                <span class="form-control-feedback"></span>
-              </div>
-              <div class="form-group has-feedback {% if blank_password %}has-error{% endif %}">
-                <label class="control-label" for="username">Password</label>
-                <input type="password" class="form-control"
-                  placeholder="Password {% if create %}(Required){% else %}(Leave blank to keep unchanged){% endif %}"
-                  name="password">
-                <span class="form-control-feedback"></span>
-                {% if blank_password %}
-                  <span class="help-block">The password cannot be blank.</span>
-                {% endif %}
-              </div>
-            </div>
-            <div class="card-footer">
-              <button type="submit" class="btn btn-primary">
-                {% if create %}Create{% else %}Update{% endif %} User
-              </button>
-            </div>
-          </form>
-        </div>
-        {% if not create %}
-          {% if user.otp_secret %}
-            <div class="card">
-              <div class="card-header">
-                <h3 class="card-title">Two Factor Authentication</h3>
-              </div>
-              <div class="card-body">
-                <p>If two factor authentication is configured for this user and is causing problems due to a lost device or
-                  technical issue, it can be disabled here.
-                </p>
-                <p>The user will need to reconfigure two factor authentication, to re-enable it.</p>
-                <p><strong>Beware: This could compromise security!</strong></p>
-              </div>
-              <div class="card-footer">
-                <button type="button" class="btn btn-warning button_otp_disable" id="{{ user.username }}">
-                  Disable Two Factor Authentication
-                </button>
-              </div>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">User Editor Help</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>Fill in all the fields to the in the form to the left.</p>
+                            {% if create %}
+                                <p><strong>Newly created users do not have access to any domains.</strong> You will need
+                                    to grant
+                                    access to the user once it is created via the domain management buttons on the
+                                    dashboard.
+                                </p>
+                            {% else %}
+                                <p><strong>Username</strong> cannot be changed.</p>
+                                <p><strong>Password</strong> can be left empty to keep the current password.</p>
+                            {% endif %}
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          {% endif %}
-        {% endif %}
-      </div>
-      <div class="col-8">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">
-              Help with {% if create %}creating a new{% else%}editing a{% endif %} user
-            </h3>
-          </div>
-          <div class="card-body">
-            <p>Fill in all the fields to the in the form to the left.</p>
-            {% if create %}
-              <p><strong>Newly created users do not have access to any domains.</strong> You will need to grant
-                access to the user once it is created via the domain management buttons on the dashboard.
-              </p>
-            {% else %}
-              <p><strong>Username</strong> cannot be changed.</p>
-              <p><strong>Password</strong> can be left empty to keep the current password.</p>
-            {% endif %}
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-    // handle disabling two factor authentication
-    $(document.body).on('click', '.button_otp_disable', function () {
-        var modal = $("#modal_otp_disable");
-        var username = $(this).prop('id');
-        var info = "Are you sure you want to disable two factor authentication for user " + username + "?";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_otp_disable_confirm').click(function () {
-            var postdata = {
-                'action': 'user_otp_disable',
-                'data': username,
-                '_csrf_token': '{{ csrf_token() }}'
-            }
-            applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
-        })
-        modal.modal('show');
-    });
-</script>
+    <script>
+        // handle disabling two-factor authentication
+        $(document.body).on('click', '.button_otp_disable', function () {
+            var modal = $("#modal_otp_disable");
+            var username = $(this).prop('id');
+            var info = "Are you sure you want to disable two factor authentication for user " + username + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_otp_disable_confirm').click(function () {
+                var postdata = {
+                    'action': 'user_otp_disable',
+                    'data': username,
+                    '_csrf_token': '{{ csrf_token() }}'
+                }
+                applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-user', false, true);
+            })
+            modal.modal('show');
+        });
+    </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_otp_disable">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-              <h4 class="modal-title">Confirmation</h4>
-              <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-default" data-dismiss="modal">
-                  Close
-                </button>
-                <button type="button" class="btn btn-danger float-right" id="button_otp_disable_confirm">
-                  Disable Two Factor Authentication
-                </button>
+    <div class="modal fade modal-warning" id="modal_otp_disable">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-danger float-right" id="button_otp_disable_confirm">
+                        Disable Two Factor Authentication
+                    </button>
+                </div>
             </div>
         </div>
     </div>
-</div>
 {% endblock %}

From db70e34c9859663488923c9cc196d6d6669b3694 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 09:39:13 -0500
Subject: [PATCH 245/475] Completed first-found updates for the API keys list
 view.

---
 .../templates/admin_manage_keys.html          | 271 +++++++++---------
 1 file changed, 137 insertions(+), 134 deletions(-)

diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index 87a36b058..bc75e1c00 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -1,153 +1,156 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_keys" %}
-
-{% block title %}
-  <title>
-    Key Management - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>API Keys - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            API Keys
-            <small>Management</small>
-          </h1>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">API Keys</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">API Keys</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">API Keys</li>
-          </ol>
-        </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="card">
-      <div class="card-header with-border">
-        <h3 class="card-title">Key Management</h3>
-        <a href="{{ url_for('admin.edit_key') }}">
-          <button type="button" class="btn btn-primary float-right button_add_key">
-            <i class="fa-solid fa-plus"></i>&nbsp;Add Key
-          </button>
-        </a>
-      </div>
-      <div class="card-body">
-        <table id="tbl_keys" class="table table-bordered table-striped">
-          <thead>
-            <tr>
-              <th>Id</th>
-              <th>Role</th>
-              <th>Description</th>
-              <th>Domains</th>
-              <th>Accounts</th>
-              <th>Actions</th>
-            </tr>
-          </thead>
-          <tbody>
-            {% for key in keys %}
-              <tr class="odd gradeX">
-                <td>{{ key.id }}</td>
-                <td>{{ key.role.name }}</td>
-                <td>{{ key.description }}</td>
-                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %}, {% endif %}{% endfor %}</td>
-                <td width="15%">
-                  <div class="dropdown">
-                    <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-                      <i class="fa-solid fa-bars"></i>&nbsp;Actions
-                    </button>
-                    <div class="dropdown-menu" aria-labelledby="dropdownMenu">
-                      <button type="button" class="dropdown-item btn-warning" onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
-                        <i class="fa-solid fa-edit"></i>&nbsp;Edit API Key
-                      </button>
-                      <div class="dropdown-divider"></div>
-                      <button type="button"class="dropdown-item btn-secondary button_delete" id="{{ key.id }}">
-                        <font color="red">
-                          <i class="fa-solid fa-trash"></i>&nbsp;Delete API Key
-                        </font>
-                      </button>
-                     </div>
-                  </div>
-                </td>
-              </tr>
-            {% endfor %}
-          </tbody>
-        </table>
-      </div>
-    </div>
-  </div>
-</section>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="card">
+                <div class="card-header with-border">
+                    <h3 class="card-title">API Keys</h3>
+                    <div class="card-tools">
+                        <a href="{{ url_for('admin.edit_key') }}">
+                            <button type="button" class="btn btn-primary float-right button_add_key" title="Create Key">
+                                <i class="fa-solid fa-plus"></i>&nbsp;Create Key
+                            </button>
+                        </a>
+                    </div>
+                    <!-- /.card-tools -->
+                </div>
+                <!-- /.card-header -->
+                <div class="card-body table-responsive">
+                    <table id="tbl_keys" class="table table-bordered table-striped table-hover table-sm records">
+                        <thead>
+                        <tr>
+                            <th>Id</th>
+                            <th>Role</th>
+                            <th>Description</th>
+                            <th>Domains</th>
+                            <th>Accounts</th>
+                            <th>Actions</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        {% for key in keys %}
+                            <tr class="odd gradeX">
+                                <td>{{ key.id }}</td>
+                                <td>{{ key.role.name }}</td>
+                                <td>{{ key.description }}</td>
+                                <td>{% for domain in key.domains %}{{ domain.name }}{% if not loop.last %},
+                                {% endif %}{% endfor %}</td>
+                                <td>{% for account in key.accounts %}{{ account.name }}{% if not loop.last %},
+                                {% endif %}{% endfor %}</td>
+                                <td>
+                                    <div class="dropdown">
+                                        <button class="btn btn-primary dropdown-toggle" type="button" id="dropdownMenu"
+                                                data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                                            <i class="fa-solid fa-bars"></i>
+                                        </button>
+                                        <div class="dropdown-menu" aria-labelledby="dropdownMenu">
+                                            <button type="button" class="dropdown-item btn-warning"
+                                                    onclick="window.location.href='{{ url_for('admin.edit_key', key_id=key.id) }}'">
+                                                <i class="fa-solid fa-edit"></i>&nbsp;Edit API Key
+                                            </button>
+                                            <div class="dropdown-divider"></div>
+                                            <button type="button" class="dropdown-item btn-secondary button_delete"
+                                                    id="{{ key.id }}">
+                                                <font color="red">
+                                                    <i class="fa-solid fa-trash"></i>&nbsp;Delete API Key
+                                                </font>
+                                            </button>
+                                        </div>
+                                    </div>
+                                </td>
+                            </tr>
+                        {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.card-body -->
+            </div>
+            <!-- /.card -->
+        </div>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    // set up key data table
-    $("#tbl_keys").DataTable({
-      "paging": true,
-      "lengthChange": true,
-      "searching": true,
-      "ordering": true,
-      "info": false,
-      "autoWidth": false,
-      "lengthMenu": [
-        [10, 25, 50, 100, -1],
-        [10, 25, 50, 100, "All"]
-      ],
-      "pageLength": 10
-    });
+    <script>
+        // set up key data table
+        $("#tbl_keys").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": false,
+            "autoWidth": false,
+            "lengthMenu": [
+                [10, 25, 50, 100, -1],
+                [10, 25, 50, 100, "All"]
+            ],
+            "pageLength": 10
+        });
 
-    // handle deletion of keys
-    $(document.body).on('click', '.button_delete', function () {
-      var modal = $("#modal_delete");
-      var key_id = $(this).prop('id');
-      var info = "Are you sure you want to delete key #" + key_id + "?";
-      modal.find('.modal-body p').text(info);
-      modal.find('#button_delete_confirm').click(function () {
-        var postdata = {
-          'action': 'delete_key',
-          'data': key_id,
-          '_csrf_token': '{{ csrf_token() }}'
-        }
-        applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
-        modal.modal('hide');
-      })
-      modal.modal('show');
-    });
-  </script>
+        // handle deletion of keys
+        $(document.body).on('click', '.button_delete', function () {
+            var modal = $("#modal_delete");
+            var key_id = $(this).prop('id');
+            var info = "Are you sure you want to delete key #" + key_id + "?";
+            modal.find('.modal-body p').text(info);
+            modal.find('#button_delete_confirm').click(function () {
+                var postdata = {
+                    'action': 'delete_key',
+                    'data': key_id,
+                    '_csrf_token': '{{ csrf_token() }}'
+                }
+                applyChanges(postdata, $SCRIPT_ROOT + '/admin/manage-keys', false, true);
+                modal.modal('hide');
+            })
+            modal.modal('show');
+        });
+    </script>
 {% endblock %}
 
 {% block modals %}
-  <div class="modal fade modal-warning" id="modal_delete">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            Close
-          </button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">
-            Delete
-          </button>
+    <div class="modal fade modal-warning" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary" data-dismiss="modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                        Delete
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}

From 5a4279d7b8426cafa443ce2d17cea6b750b68e06 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 09:56:26 -0500
Subject: [PATCH 246/475] Completed first-found updates for the API key
 add/edit view.

---
 powerdnsadmin/templates/admin_edit_key.html | 579 +++++++++++---------
 1 file changed, 307 insertions(+), 272 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index 23f58d33a..c7eeec97c 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -1,303 +1,338 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_keys" %}
-
-{% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{%else %}{% set hide_opts = False %}{% endif %}
-
-{% block title %}
-  <title>
-    Edit Key - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% if create %}
+    {% set action_label = 'Create' %}
+    {% set form_action = url_for('admin.edit_key') %}
+{% else %}
+    {% set action_label = 'Edit' %}
+    {% set form_action = url_for('admin.edit_key', key_id=key.id) %}
+{% endif %}
+{% if (key is not none and key.role.name != "User") %}{% set hide_opts = True %}{% else %}
+    {% set hide_opts = False %}{% endif %}
+{% block title %}<title>{{ action_label }} API Key - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            API Keys
-            <small>{% if create %}Add API Key{% else %}Edit API Key - {{ key.id }}{% endif %}</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_keys') }}">API Keys</a></li>
-            <li class="breadcrumb-item active">{% if create %}Add API Key{% else %}Edit API Key - {% endif %}{{ key.id }}</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">{{ action_label }} API Key</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item"><a href="{{ url_for('admin.manage_keys') }}">API Keys</a></li>
+                        <li class="breadcrumb-item active">{{ action_label }} API Key</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-  <div class="row">
-    <div class="col-4">
-      <div class="card ">
-        <div class="card-header">
-          <h3 class="card-title">{% if create %}Add{% else %}Edit{% endif %} Key</h3>
-        </div>
-        <form role="form" method="post"
-        action="{% if create %}{{ url_for('admin.edit_key') }}{% else %}{{ url_for('admin.edit_key', key_id=key.id) }}{% endif %}">
-          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-          <input type="hidden" name="create" value="{{ create }}">
-          <div class="card-body">
-            <div class="form-group has-feedback">
-              <label class="control-label" for="role">Role</label>
-              <select class="key_role form-control" id="key_role" name="key_role">
-                {% for role in roles %}
-                  <option value="{{ role.name }}"
-                  {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
-                  {% if (key is none) and (role.name=="User") %}selected{% endif %}>
-                    {{ role.name }}
-                  </option>
-                {% endfor %}
-              </select>
-            </div>
-            <div class="form-group has-feedback">
-              <label class="control-label" for="description">Description</label>
-                <input type="text" class="form-control" placeholder="Description" name="description"
-                {% if key is not none %} value="{{ key.description }}" {% endif %}>
-                <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
-              </div>
-            </div>
-            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <h3 class="card-title">Accounts Access Control</h3>
-            </div>
-            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <p>This key will be linked to the accounts on the right,</p>
-              <p>thus granting access to domains owned by the selected accounts.</p>
-              <p>Click on accounts to move between the columns.</p>
-              <div class="form-group col-2">
-                <select multiple="multiple" class="form-control" id="key_multi_account" name="key_multi_account">
-                  {% for account in accounts %}
-                    <option {% if key and account in key.accounts %}selected{% endif %} value="{{ account.name }}">{{ account.name }}</option>
-                  {% endfor %}
-                </select>
-              </div>
-            </div>
-            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-              <h3 class="card-title">Domain Access Control</h3>
-            </div>
-                    <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                        <p>This key will have acess to the domains on the right.</p>
-                        <p>Click on domains to move between the columns.</p>
-                        <div class="form-group col-2">
-                            <select multiple="multiple" class="form-control" id="key_multi_domain"
-                                name="key_multi_domain">
-                                {% for domain in domains %}
-                                    <option {% if key and domain in key.domains %}selected{% endif %} value="{{ domain.name }}">{{ domain.name }}</option>
-                                {% endfor %}
-                            </select>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" action="{{ form_action }}">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <input type="hidden" name="create" value="{{ create }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">API Key Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="role">Role</label>
+                                    <select class="key_role form-control" id="key_role" name="key_role">
+                                        {% for role in roles %}
+                                            <option value="{{ role.name }}"
+                                                    {% if (key is not none) and (role.id==key.role.id) %}selected{% endif %}
+                                                    {% if (key is none) and (role.name=="User") %}selected{% endif %}>
+                                                {{ role.name }}
+                                            </option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                                <!-- /.form-group -->
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="description">Description</label>
+                                    <input type="text" class="form-control" placeholder="Description" name="description"
+                                        {% if key is not none %} value="{{ key.description }}" {% endif %}>
+                                    <span class="glyphicon glyphicon-pencil form-control-feedback"></span>
+                                </div>
+                                <!-- /.form-group -->
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                                <h3 class="card-title">Accounts Access Control</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                                <p>This key will be linked to the accounts on the right,</p>
+                                <p>thus granting access to domains owned by the selected accounts.</p>
+                                <p>Click on accounts to move between the columns.</p>
+                                <div class="form-group col-2">
+                                    <select multiple="multiple" class="form-control" id="key_multi_account"
+                                            name="key_multi_account">
+                                        {% for account in accounts %}
+                                            <option {% if key and account in key.accounts %}selected{% endif %}
+                                                    value="{{ account.name }}">{{ account.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                                <!-- /.form-group -->
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                                <h3 class="card-title">Domain Access Control</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
+                                <p>This key will have access to the domains on the right.</p>
+                                <p>Click on domains to move between the columns.</p>
+                                <div class="form-group col-2">
+                                    <select multiple="multiple" class="form-control" id="key_multi_domain"
+                                            name="key_multi_domain">
+                                        {% for domain in domains %}
+                                            <option {% if key and domain in key.domains %}selected{% endif %}
+                                                    value="{{ domain.name }}">{{ domain.name }}</option>
+                                        {% endfor %}
+                                    </select>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="button" class="btn btn-secondary float-left" title="Cancel"
+                                        onclick="window.location.href='{{ url_for('admin.manage_keys') }}'">
+                                    <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
+                                </button>
+                                <button type="submit" class="btn btn-primary float-right"
+                                        title="{{ action_label }} API Key" id="key_submit">
+                                    <i class="fa-solid fa-save"></i>&nbsp;{{ action_label }} API Key
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
                         </div>
-                    </div>
-                    <div class="card-footer">
-                      <button type="button" class="btn btn-secondary float-left" onclick="window.location.href='{{ url_for('admin.manage_keys') }}'">
-                        <i class="fa-solid fa-window-close"></i>&nbsp;Cancel
-                      </button>
-                      <button type="submit" class="btn btn-primary float-right" id="key_submit">
-                        <i class="fa-solid fa-save"></i>&nbsp;{% if create %}Create{% else %}Update{% endif %} Key
-                      </button>
-                    </div>
-                </form>
-            </div>
-        </div>
-        <div class="col-8">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Help with {% if create %}creating a new{% else%}updating a{% endif %} key
-                    </h3>
+                        <!-- /.card -->
+                    </form>
                 </div>
-                <div class="card-body">
-                    <p>Fill in all the fields in the form to the left.</p>
-                    <p><strong>Role</strong> The role of the key.</p>
-                    <p><strong>Description</strong> The key description.</p>
-                    <p><strong>Access Control</strong> The domains or accounts which the key has access to.</p>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">API Key Editor Help</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>Fill in all the fields in the form to the left.</p>
+                            <p><strong>Role</strong> The role of the key.</p>
+                            <p><strong>Description</strong> The key description.</p>
+                            <p><strong>Access Control</strong> The domains or accounts which the key has access to.</p>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
             </div>
+            <!-- /.row -->
         </div>
-    </div>
-    </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-    $('form').submit(function (e) {
-        var selectedRole = $("#key_role").val();
-        var selectedDomains = $("#key_multi_domain option:selected").length;
-        var selectedAccounts = $("#key_multi_account option:selected").length;
-        var warn_modal = $("#modal_warning");
+    <script>
+        $('form').submit(function (e) {
+            var selectedRole = $("#key_role").val();
+            var selectedDomains = $("#key_multi_domain option:selected").length;
+            var selectedAccounts = $("#key_multi_account option:selected").length;
+            var warn_modal = $("#modal_warning");
 
-        if (selectedRole != "User" && selectedDomains > 0 && selectedAccounts > 0){
-          var warning = "Administrator and Operators have access to all domains. Your domain an account selection won't be saved.";
-          e.preventDefault(e);
-          warn_modal.modal('show');
-        }
+            if (selectedRole != "User" && selectedDomains > 0 && selectedAccounts > 0) {
+                var warning = "Administrator and Operators have access to all domains. Your domain an account selection won't be saved.";
+                e.preventDefault(e);
+                warn_modal.modal('show');
+            }
 
-        if (selectedRole == "User" && selectedDomains == 0 && selectedAccounts == 0){
-          var warning = "User role must have at least one account or one domain bound. None selected.";
-          e.preventDefault(e);
-          warn_modal.modal('show');
-        }
+            if (selectedRole == "User" && selectedDomains == 0 && selectedAccounts == 0) {
+                var warning = "User role must have at least one account or one domain bound. None selected.";
+                e.preventDefault(e);
+                warn_modal.modal('show');
+            }
 
-        warn_modal.find('.modal-body p').text(warning);
-        warn_modal.find('#button_key_confirm_warn').click(clearModal);
-    });
-    function clearModal(){
-      $("#modal_warning").modal('hide');
-    }
-    $('#key_role').on('change', function (e) {
-        var optionSelected = $("option:selected", this);
-        if (this.value != "User") {
-          // Clear the visible list
-          $('#ms-key_multi_domain .ms-selection li').each(function(){ $(this).css('display', 'none');})
-          $('#ms-key_multi_domain .ms-selectable li').each(function(){ $(this).css('display', '');})
-          $('#ms-key_multi_account .ms-selection li').each(function(){ $(this).css('display', 'none');})
-          $('#ms-key_multi_account .ms-selectable li').each(function(){ $(this).css('display', '');})
-          // Deselect invisible selectbox
-          $('#key_multi_domain option:selected').each(function(){ $(this).prop('selected', false);})
-          $('#key_multi_account option:selected').each(function(){ $(this).prop('selected', false);})
-          // Hide the lists
-          $(".key-opts").hide();
-        }
-        else {
-            $(".key-opts").show();
+            warn_modal.find('.modal-body p').text(warning);
+            warn_modal.find('#button_key_confirm_warn').click(clearModal);
+        });
+
+        function clearModal() {
+            $("#modal_warning").modal('hide');
         }
-    });
-    $("#key_multi_domain").multiSelect({
-        selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
-        selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
-        afterInit: function (ms) {
-            var that = this,
-                $selectableSearch = that.$selectableUl.prev(),
-                $selectionSearch = that.$selectionUl.prev(),
-                selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                .on('keydown', function (e) {
-                    if (e.which === 40) {
-                        that.$selectableUl.focus();
-                        return false;
-                    }
-                });
+        $('#key_role').on('change', function (e) {
+            var optionSelected = $("option:selected", this);
+            if (this.value != "User") {
+                // Clear the visible list
+                $('#ms-key_multi_domain .ms-selection li').each(function () {
+                    $(this).css('display', 'none');
+                })
+                $('#ms-key_multi_domain .ms-selectable li').each(function () {
+                    $(this).css('display', '');
+                })
+                $('#ms-key_multi_account .ms-selection li').each(function () {
+                    $(this).css('display', 'none');
+                })
+                $('#ms-key_multi_account .ms-selectable li').each(function () {
+                    $(this).css('display', '');
+                })
+                // Deselect invisible selectbox
+                $('#key_multi_domain option:selected').each(function () {
+                    $(this).prop('selected', false);
+                })
+                $('#key_multi_account option:selected').each(function () {
+                    $(this).prop('selected', false);
+                })
+                // Hide the lists
+                $(".key-opts").hide();
+            } else {
+                $(".key-opts").show();
+            }
+        });
+        $("#key_multi_domain").multiSelect({
+            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
+            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                .on('keydown', function (e) {
-                    if (e.which == 40) {
-                        that.$selectionUl.focus();
-                        return false;
-                    }
-                });
-        },
-        afterSelect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        },
-        afterDeselect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        }
-    });
-    $("#key_multi_account").multiSelect({
-        selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Account Name'>",
-        selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Account Name'>",
-        afterInit: function (ms) {
-            var that = this,
-                $selectableSearch = that.$selectableUl.prev(),
-                $selectionSearch = that.$selectionUl.prev(),
-                selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
-                selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-            that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
-                .on('keydown', function (e) {
-                    if (e.which === 40) {
-                        that.$selectableUl.focus();
-                        return false;
-                    }
-                });
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
+            },
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            },
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            }
+        });
+        $("#key_multi_account").multiSelect({
+            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Account Name'>",
+            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Account Name'>",
+            afterInit: function (ms) {
+                var that = this,
+                    $selectableSearch = that.$selectableUl.prev(),
+                    $selectionSearch = that.$selectionUl.prev(),
+                    selectableSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selectable:not(.ms-selected)',
+                    selectionSearchString = '#' + that.$container.attr('id') + ' .ms-elem-selection.ms-selected';
 
-            that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
-                .on('keydown', function (e) {
-                    if (e.which == 40) {
-                        that.$selectionUl.focus();
-                        return false;
-                    }
-                });
-        },
-        afterSelect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        },
-        afterDeselect: function () {
-            this.qs1.cache();
-            this.qs2.cache();
-        }
-    });
-    {% if plain_key %}
-    $(document.body).ready(function () {
-        var modal = $("#modal_show_key");
-        var info = "Please copy this key to a secure location. You will be unable to view it again once you close this window: {{ plain_key }}";
-        modal.find('.modal-body p').text(info);
-        modal.find('#button_key_confirm').click(redirect_modal);
-        modal.find('#button_close_modal').click(redirect_modal);
-        modal.modal('show');
-    });
+                that.qs1 = $selectableSearch.quicksearch(selectableSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which === 40) {
+                            that.$selectableUl.focus();
+                            return false;
+                        }
+                    });
 
-    function redirect_modal() {
-        window.location.href = '{{ url_for('admin.manage_keys') }}';
-        modal.modal('hide');
-    }
-    {% endif %}
-</script>
+                that.qs2 = $selectionSearch.quicksearch(selectionSearchString)
+                    .on('keydown', function (e) {
+                        if (e.which == 40) {
+                            that.$selectionUl.focus();
+                            return false;
+                        }
+                    });
+            },
+            afterSelect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            },
+            afterDeselect: function () {
+                this.qs1.cache();
+                this.qs2.cache();
+            }
+        });
+        {% if plain_key %}
+            $(document.body).ready(function () {
+                var modal = $("#modal_show_key");
+                var info = "Please copy this key to a secure location. You will be unable to view it again once you close this window: {{ plain_key }}";
+                modal.find('.modal-body p').text(info);
+                modal.find('#button_key_confirm').click(redirect_modal);
+                modal.find('#button_close_modal').click(redirect_modal);
+                modal.modal('show');
+            });
+
+            function redirect_modal() {
+                window.location.href = '{{ url_for('admin.manage_keys') }}';
+                modal.modal('hide');
+            }
+        {% endif %}
+    </script>
 {% endblock %}
+
 {% block modals %}
-<div class="modal fade" id="modal_show_key">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h5 class="modal-title">New API Key</h5>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-primary" id="button_key_confirm">
-          Confirm
-        </button>
-      </div>
+    <div class="modal fade" id="modal_show_key">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h5 class="modal-title">New API Key</h5>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_modal">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-primary" id="button_key_confirm">
+                        Confirm
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
-<div class="modal fade" id="modal_warning">
-  <div class="modal-dialog">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h5 class="modal-title">WARNING</h5>
-        <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="button_close_warn_modal">
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body">
-        <p></p>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-secondary close" data-dismiss="modal" id="button_close_modal">
-          Close
-        </button>
-        <button type="button" class="btn btn-primary" id="button_key_confirm_warn">
-          OK
-        </button>
-      </div>
+    <div class="modal fade" id="modal_warning">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h5 class="modal-title">WARNING</h5>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close"
+                            id="button_close_warn_modal">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary close" data-dismiss="modal" id="button_close_modal">
+                        Close
+                    </button>
+                    <button type="button" class="btn btn-primary" id="button_key_confirm_warn">
+                        OK
+                    </button>
+                </div>
+            </div>
+        </div>
     </div>
-  </div>
-</div>
 {% endblock %}

From a5d69e3e40d63727ca5d81f5007d7d1fd625d114 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 10:08:09 -0500
Subject: [PATCH 247/475] Completed first-found updates for the basic settings
 view.

---
 .../templates/admin_setting_basic.html        | 202 +++++++++---------
 1 file changed, 100 insertions(+), 102 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index bb801e38a..b0e2867d3 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -1,116 +1,114 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
-{% block title %}
-  <title>
-    Basic Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Basic Settings - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>Basic</small>
-          </h1>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Basic Settings</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Basic Settings</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - Basic</li>
-          </ol>
-        </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="card">
-      <div class="card-header with-border">
-        <h3 class="card-title">Basic Settings</h3>
-      </div>
-      <div class="card-body">
-        <table id="tbl_settings" class="table table-bordered table-striped">
-          <thead>
-            <tr>
-              <th>Setting Name</th>
-              <th>Current Value</th>
-              <th>Action</th>
-            </tr>
-          </thead>
-          <tbody>
-            {% for setting in settings %}
-              <tr class="odd">
-                <td>
-                  {{ setting }}
-                </td>
-                {% if SETTING.get(setting) in [False] %}
-                  <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-success setting-toggle-button" id="{{ setting }}">
-                      <i class="fa-solid fa-toggle-on"></i>&nbsp;Turn On
-                    </button>
-                  </td>
-                {% elif SETTING.get(setting) in [True] %}
-                  <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-danger setting-toggle-button" id="{{ setting }}">
-                      <i class="fa-solid fa-toggle-off"></i>&nbsp;Turn Off
-                    </button>
-                  </td>
-                {% else %}
-                  <td>
-                    <input name="value" id="value" value="{{ SETTING.get(setting) }}">
-                  </td>
-                  <td width="20%">
-                    <button type="button" class="btn btn-primary setting-save-button" id="{{ setting }}">
-                      <i class="fa-solid fa-save"></i>&nbsp;Save
-                    </button>
-                  </td>
-                {% endif %}
-              </tr>
-            {% endfor %}
-          </tbody>
-        </table>
-      </div>
-    </div>
-  </div>
-</section>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="card card-outline card-primary shadow">
+                <div class="card-header with-border">
+                    <h3 class="card-title">Settings Editor</h3>
+                </div>
+                <!-- /.card-header -->
+                <div class="card-body table-responsive">
+                    <table id="tbl_settings" class="table table-bordered table-striped table-hover table-sm">
+                        <thead>
+                        <tr>
+                            <th>Setting Name</th>
+                            <th>Current Value</th>
+                            <th>Action</th>
+                        </tr>
+                        </thead>
+                        <tbody>
+                        {% for setting in settings %}
+                            <tr class="odd">
+                                <td>
+                                    <label for="value{{ loop.index }}">{{ setting }}</label>
+                                </td>
+                                {% if SETTING.get(setting) in [False] %}
+                                    <td><i class="fas fa-toggle-off"></i>&nbsp;Off</td>
+                                    <td>
+                                        <button type="button" class="btn btn-success setting-toggle-button"
+                                                id="{{ setting }}">
+                                            <i class="fa-solid fa-toggle-on"></i>&nbsp;Turn On
+                                        </button>
+                                    </td>
+                                {% elif SETTING.get(setting) in [True] %}
+                                    <td><i class="fas fa-toggle-on"></i>&nbsp;On</td>
+                                    <td>
+                                        <button type="button" class="btn btn-danger setting-toggle-button"
+                                                id="{{ setting }}">
+                                            <i class="fa-solid fa-toggle-off"></i>&nbsp;Turn Off
+                                        </button>
+                                    </td>
+                                {% else %}
+                                    <td>
+                                        <input name="value" id="value{{ loop.index }}" value="{{ SETTING.get(setting) }}">
+                                    </td>
+                                    <td>
+                                        <button type="button" class="btn btn-primary setting-save-button"
+                                                id="{{ setting }}">
+                                            <i class="fa-solid fa-save"></i>&nbsp;Save
+                                        </button>
+                                    </td>
+                                {% endif %}
+                            </tr>
+                        {% endfor %}
+                        </tbody>
+                    </table>
+                </div>
+                <!-- /.card-body -->
+            </div>
+            <!-- /.card -->
+        </div>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    // set up settings table
-    $("#tbl_settings").DataTable({
-      "paging": false,
-      "lengthChange": false,
-      "searching": true,
-      "ordering": true,
-      "info": true,
-      "autoWidth": false
-    });
-    $(document.body).on('click', '.setting-toggle-button', function () {
-      var setting = $(this).prop('id');
-      applyChanges({
-        '_csrf_token': '{{ csrf_token() }}'
-      }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
-    });
+    <script>
+        // set up settings table
+        $("#tbl_settings").DataTable({
+            "paging": false,
+            "lengthChange": false,
+            "searching": true,
+            "ordering": true,
+            "info": true,
+            "autoWidth": false
+        });
+        $(document.body).on('click', '.setting-toggle-button', function () {
+            var setting = $(this).prop('id');
+            applyChanges({
+                '_csrf_token': '{{ csrf_token() }}'
+            }, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/toggle', false, true)
+        });
 
-    $(document.body).on('click', '.setting-save-button', function () {
-      var setting = $(this).prop('id');
-      var value = $(this).parents('tr').find('#value')[0].value;
-      var postdata = {
-        'value': value,
-        '_csrf_token': '{{ csrf_token() }}'
-      };
-      applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
-    });
-  </script>
+        $(document.body).on('click', '.setting-save-button', function () {
+            var setting = $(this).prop('id');
+            var value = $(this).parents('tr').find('#value')[0].value;
+            var postdata = {
+                'value': value,
+                '_csrf_token': '{{ csrf_token() }}'
+            };
+            applyChanges(postdata, $SCRIPT_ROOT + '/admin/setting/basic/' + setting + '/edit', false, true)
+        });
+    </script>
 {% endblock %}
\ No newline at end of file

From 09127fb326dfa112632216dc062e93a8c86c524e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 10:14:09 -0500
Subject: [PATCH 248/475] Completed first-found updates for the zone record
 settings view.

---
 .../templates/admin_setting_records.html      | 180 +++++++++---------
 1 file changed, 94 insertions(+), 86 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_records.html b/powerdnsadmin/templates/admin_setting_records.html
index 3fea6a52f..1e302c108 100644
--- a/powerdnsadmin/templates/admin_setting_records.html
+++ b/powerdnsadmin/templates/admin_setting_records.html
@@ -1,101 +1,109 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
-{% block title %}
-  <title>
-    DNS Records Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Zone Record Settings - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>Records</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - Records </li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Zone Record Settings</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Zone Record Settings</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-5">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">DNS record Settings</h3>
-          </div>
-          <form role="form" method="post">
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="hidden" name="create" value="{{ create }}">
-            <div class="card-body">
-              <table class="table table-bordered">
-                <tr>
-                  <th style="width: 10px">#</th>
-                  <th style="width: 40px">Record</th>
-                  <th>Forward Zone</th>
-                  <th>Reverse Zone</th>
-                </tr>
-                {% for record in f_records %}
-                  <tr>
-                    <td>{{ loop.index }}</td>
-                    <td>{{ record }}</td>
-                    <td>
-                      <input type="checkbox" id="fr_{{ record|lower }}" name="fr_{{ record|lower }}"
-                      class="checkbox" {% if f_records[record] %}checked{% endif %}>
-                    </td>
-                    <td>
-                      <input type="checkbox" id="rr_{{ record|lower }}" name="rr_{{ record|lower }}"
-                      class="checkbox" {% if r_records[record] %}checked{% endif %}>
-                    </td>
-                  </tr>
-                {% endfor %}
-              </table>
-            </div>
-            <div class="card-footer">
-              <button type="submit" class="btn btn-primary float-right">
-                <i class="fa-solid fa-save"></i>&nbsp;Save
-              </button>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <input type="hidden" name="create" value="{{ create }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Settings Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <table class="table table-bordered">
+                                    <tr>
+                                        <th>#</th>
+                                        <th>Record</th>
+                                        <th>Forward Zone</th>
+                                        <th>Reverse Zone</th>
+                                    </tr>
+                                    {% for record in f_records %}
+                                        <tr>
+                                            <td>{{ loop.index }}</td>
+                                            <td>{{ record }}</td>
+                                            <td>
+                                                <input type="checkbox" id="fr_{{ record|lower }}"
+                                                       name="fr_{{ record|lower }}"
+                                                       class="checkbox" {% if f_records[record] %}checked{% endif %}>
+                                            </td>
+                                            <td>
+                                                <input type="checkbox" id="rr_{{ record|lower }}"
+                                                       name="rr_{{ record|lower }}"
+                                                       class="checkbox" {% if r_records[record] %}checked{% endif %}>
+                                            </td>
+                                        </tr>
+                                    {% endfor %}
+                                </table>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="submit" class="btn btn-primary float-right" title="Save Settings">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
+                </div>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Settings Editor Help</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a
+                                look at
+                                <a href="https://doc.powerdns.com/authoritative/appendices/types.html" target="_blank">PowerDNS
+                                    docs</a>
+                                for
+                                full list of supported record types.
+                            </p>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
+                </div>
+                <!-- /.col -->
             </div>
-          </form>
+            <!-- /.row -->
         </div>
-      </div>
-      <div class="col-7">
-        <div class="card">
-          <div class="card-header">
-            <h3 class="card-title">Help</h3>
-          </div>
-          <div class="card-body">
-            <p>Select record types you allow user to edit in the forward zone and reverse zone. Take a look at
-              <a href="https://doc.powerdns.com/authoritative/appendices/types.html">PowerDNS docs</a> for
-              full list of supported record types.
-            </p>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  <script>
-    $('.checkbox').iCheck({
-      checkboxClass: 'icheckbox_square-blue',
-      increaseArea: '20%'
-    })
-  </script>
+    <script>
+        $('.checkbox').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        })
+    </script>
 {% endblock %}

From 25dcc81e03244073760b5e197d4e656162801f77 Mon Sep 17 00:00:00 2001
From: ichisuke55 <campistatrequartista10@gmail.com>
Date: Mon, 20 Feb 2023 23:22:25 +0900
Subject: [PATCH 249/475] fix: configurable CAPTCHA_ENABLE env when docker use

---
 configs/docker_config.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 42fffd58c..174f93c88 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -61,6 +61,7 @@
     'FILESYSTEM_SESSIONS_ENABLED',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
+    'CAPTCHA_ENABLE',
 )
 
 legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
@@ -84,6 +85,7 @@
     'FILESYSTEM_SESSIONS_ENABLED',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
+    'CAPTCHA_ENABLE',
 )
 
 # import everything from environment variables

From 4bd2519a76755b07e1a1730b544e9e01f69604fb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 10:18:41 -0500
Subject: [PATCH 250/475] Completed first-found updates for the server settings
 view.

---
 .../templates/admin_setting_pdns.html         | 198 ++++++++++--------
 1 file changed, 105 insertions(+), 93 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_pdns.html b/powerdnsadmin/templates/admin_setting_pdns.html
index c4b894700..f64f9e057 100644
--- a/powerdnsadmin/templates/admin_setting_pdns.html
+++ b/powerdnsadmin/templates/admin_setting_pdns.html
@@ -1,110 +1,122 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
-{% block title %}
-  <title>
-    PDNS Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Server Settings - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>PowerDNS Authoritative Server</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Settings - PowerDNS Authoritative Server</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Server Settings</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Server Settings</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="container-fluid">
-      <div class="row">
-        <div class="col-4">
-          <div class="card shadow card-outline card-secondary">
-            <div class="card-header">
-              <h3 class="card-title">PDNS Settings</h3>
-            </div>
-            <form role="form" method="post" data-toggle="validator">
-              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-              <div class="card-body">
-                {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
-                  <div class="alert alert-danger alert-dismissible">
-                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                    <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                    Please complete your PowerDNS API configuration before continuing
-                  </div>
-                {% endif %}
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_api_url">PowerDNS API URL</label>
-                  <input type="url" class="form-control" placeholder="PowerDNS API URL" name="pdns_api_url"
-                  data-error="Please input a valid PowerDNS API URL" required value="{{ pdns_api_url }}">
-                  <span class="help-block with-errors"></span>
-                </div>
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_api_key">PowerDNS API Key</label>
-                  <input type="password" class="form-control" placeholder="PowerDNS API Key"
-                  name="pdns_api_key" data-error="Please input a valid PowerDNS API key" required
-                  value="{{ pdns_api_key }}">
-                  <span class="help-block with-errors"></span>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6 col-lg-4">
+                    <form role="form" method="post" data-toggle="validator">
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Settings Editor</h3>
+                            </div>
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                {% if not SETTING.get('pdns_api_url') or not SETTING.get('pdns_api_key') or not SETTING.get('pdns_version') %}
+                                    <div class="alert alert-danger alert-dismissible">
+                                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
+                                            &times;
+                                        </button>
+                                        <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                                        Please complete your PowerDNS API configuration before continuing
+                                    </div>
+                                {% endif %}
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="pdns_api_url">PowerDNS API URL</label>
+                                    <input type="url" class="form-control" placeholder="PowerDNS API URL"
+                                           name="pdns_api_url" id="pdns_api_url"
+                                           data-error="Please input a valid PowerDNS API URL" required
+                                           value="{{ pdns_api_url }}">
+                                    <span class="help-block with-errors"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="pdns_api_key">PowerDNS API Key</label>
+                                    <input type="password" class="form-control" placeholder="PowerDNS API Key"
+                                           name="pdns_api_key" id="pdns_api_key"
+                                           data-error="Please input a valid PowerDNS API key"
+                                           required
+                                           value="{{ pdns_api_key }}">
+                                    <span class="help-block with-errors"></span>
+                                </div>
+                                <div class="form-group has-feedback">
+                                    <label class="control-label" for="pdns_version">PowerDNS Version</label>
+                                    <input type="text" class="form-control" placeholder="PowerDNS Version"
+                                           name="pdns_version" id="pdns_version"
+                                           data-error="Please input PowerDNS version" required
+                                           value="{{ pdns_version }}">
+                                    <span class="help-block with-errors"></span>
+                                </div>
+                            </div>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <button type="submit" class="btn btn-primary float-right" title="Save Settings">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
+                        </div>
+                        <!-- /.card -->
+                    </form>
                 </div>
-                <div class="form-group has-feedback">
-                  <label class="control-label" for="pdns_version">PowerDNS Version</label>
-                  <input type="text" class="form-control" placeholder="PowerDNS Version" name="pdns_version"
-                  data-error="Please input PowerDNS version" required value="{{ pdns_version }}">
-                  <span class="help-block with-errors"></span>
+                <!-- /.col -->
+
+                <div class="col-12 col-sm-6 col-lg-8">
+                    <div class="card card-outline card-secondary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Settings Editor</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <dl class="dl-horizontal">
+                                <p>You must configure the API connection information before PowerDNS-Admin can query
+                                    your
+                                    PowerDNS data. Following fields are required:</p>
+                                <dt>PowerDNS API URL</dt>
+                                <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
+                                <dt>PowerDNS API Key</dt>
+                                <dd>Your PowerDNS API key.</dd>
+                                <dt>PowerDNS Version</dt>
+                                <dd>Your PowerDNS version number (eg. 4.7.0).</dd>
+                            </dl>
+                            <p>Find more details at
+                                <a href="https://doc.powerdns.com/md/httpapi/README/" target="_blank">https://doc.powerdns.com/md/httpapi/README/</a>
+                            </p>
+                        </div>
+                        <!-- /.card-body -->
+                    </div>
+                    <!-- /.card -->
                 </div>
-              </div>
-              <div class="card-footer">
-                <button type="submit" class="btn btn-primary float-right">
-                  <i class="fa-solid fa-save"></i>&nbsp;Save
-                </button>
-              </div>
-            </form>
-          </div>
-        </div>
-        <div class="col-8">
-          <div class="card shadow card-outline card-secondary">
-            <div class="card-header">
-              <h3 class="card-title">Help</h3>
-            </div>
-            <div class="card-body">
-              <dl class="dl-horizontal">
-                <p>You must configure the API connection information before PowerDNS-Admin can query your
-                  PowerDNS data. Following fields are required:</p>
-                <dt>PowerDNS API URL</dt>
-                <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
-                <dt>PowerDNS API Key</dt>
-                <dd>Your PowerDNS API key.</dd>
-                <dt>PowerDNS Version</dt>
-                <dd>Your PowerDNS version number (eg. 4.7.0).</dd>
-              </dl>
-              <p>Find more details at
-                <a href="https://doc.powerdns.com/md/httpapi/README/">https://doc.powerdns.com/md/httpapi/README/</a>
-              </p>
+                <!-- /.col -->
             </div>
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-  {% assets "js_validation" -%}
-    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
+    {% assets "js_validation" -%}
+        <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
 {% endblock %}

From 772c1129f51eeec2721dd176083b2d798e53923c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 10:35:15 -0500
Subject: [PATCH 251/475] Working on first-round updates for the authentication
 settings view.

---
 .../admin_setting_authentication.html         | 2423 ++++++++++-------
 1 file changed, 1420 insertions(+), 1003 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 4b8a446a3..32fca2a97 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1,1058 +1,1498 @@
 {% extends "base.html" %}
-
 {% set active_page = "admin_settings" %}
-
-{% block title %}
-  <title>
-    Authentication Settings - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Authentication Settings - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Settings
-            <small>PowerDNS-Admin Settings</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-            <li class="breadcrumb-item">Settings</li>
-            <li class="breadcrumb-item active">Authentication</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Authentication Settings</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item active">Authentication Settings</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-        <div class="col-12">
-            <div class="card">
-                <div class="card-header">
-                    <h3 class="card-title">Authentication Settings</h3>
-                </div>
-                <div class="card-body">
-                    {% if result %}
-                    <div class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif%} alert-dismissible">
-                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                        {{ result['msg'] }}
-                    </div>
-                    {% endif %}
-                    <div class="nav-tabs-custom">
-                        <ul class="nav nav-tabs" role="tablist">
-                            <li class="nav-item">
-                              <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft OAuth</a>
-                            </li>
-                            <li class="nav-item">
-                              <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID Connect OAuth</a>
-                            </li>
-                        </ul>
-                        <div class="tab-content">
-                            <div class="tab-pane active" id="tabs-general">
-                                <form role="form" method="post">
-                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                    <input type="hidden" value="general" name="config_tab" />
-                                    <div class="card-header">
-                                      <h3 class="card-title">Basic Settings</h3>
-                                    </div>
-                                    <div class="card-body">
-                                    <div class="form-group">
-                                        <input type="checkbox" id="local_db_enabled" name="local_db_enabled" class="checkbox" {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
-                                        <label for="local_db_enabled">Local DB Authentication</label>
-                                    </div>
-                                    <div class="form-group">
-                                        <input type="checkbox" id="signup_enabled" name="signup_enabled" class="checkbox" {% if SETTING.get('signup_enabled') %}checked{% endif %}>
-                                        <label for="signup_enabled">Allow users to sign up</label>
-                                    </div>
-                                    <button type="submit" class="btn btn-primary">Save</button>
-                                  </div>
-                                </form>
-                            </div>
-                            <div class="tab-pane" id="tabs-ldap">
-                                <div class="row">
-                                    <div class="col-4">
-                                        {% if error %}
-                                                <div class="alert alert-danger alert-dismissible">
-                                                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-                                                    <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                                                    {{ error }}
-                                                </div>
-                                                {% endif %}
-                                        <form role="form" method="post" data-toggle="validator">
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Settings Editor</h3>
+                        </div>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            {% if result %}
+                                <div
+                                    class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif %} alert-dismissible">
+                                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
+                                        &times;
+                                    </button>
+                                    {{ result['msg'] }}
+                                </div>
+                            {% endif %}
+                            <div class="nav-tabs-custom">
+                                <ul class="nav nav-tabs" role="tablist">
+                                    <li class="nav-item">
+                                        <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google
+                                            OAuth</a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github
+                                            OAuth</a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft
+                                            OAuth</a>
+                                    </li>
+                                    <li class="nav-item">
+                                        <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID
+                                            Connect OAuth</a>
+                                    </li>
+                                </ul>
+                                <div class="tab-content">
+
+                                    <div class="tab-pane active" id="tabs-general">
+                                        <form role="form" method="post">
                                             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="ldap" name="config_tab" />
-                                            <fieldset>
-                                                <legend>GENERAL</legend>
-                                                <div class="form-group">
-                                                    <input type="checkbox" id="ldap_enabled" name="ldap_enabled" class="checkbox" {% if SETTING.get('ldap_enabled') %}checked{% endif %}>
-                                                    <label for="ldap_enabled">Enable LDAP Authentication</label>
+                                            <input type="hidden" value="general" name="config_tab"/>
+                                            <div class="card">
+                                                <div class="card-header">
+                                                    <h3 class="card-title">Basic Settings</h3>
                                                 </div>
-                                                <div class="form-group">
-                                                    <label>Type</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="ldap_type" id="ldap" onclick="javascript:ldapSelection();" value="ldap" {% if SETTING.get('ldap_type')=='ldap' %}checked{% endif %}> OpenLDAP
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="ldap_type" id="ad" onclick="javascript:ldapSelection();" value="ad" {% if SETTING.get('ldap_type')=='ad' %}checked{% endif %}> Active Directory
-                                                        </label>
-                                                    </div>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADMINISTRATOR INFO</legend>
-                                                <div class="form-group">
-                                                    <label for="ldap_uri">LDAP URI</label>
-                                                    <input type="text" class="form-control" name="ldap_uri" id="ldap_uri" placeholder="e.g. ldaps://your-ldap-server:636" data-error="Please input LDAP URI" value="{{ SETTING.get('ldap_uri') }}">
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="ldap_base_dn">LDAP Base DN</label>
-                                                    <input type="text" class="form-control" name="ldap_base_dn" id="ldap_base_dn" placeholder="e.g. dc=mydomain,dc=com" data-error="Please input LDAP Base DN" value="{{ SETTING.get('ldap_base_dn') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div id="ldap_openldap_fields">
+                                                <div class="card-body">
                                                     <div class="form-group">
-                                                        <label for="ldap_admin_username">LDAP admin username</label>
-                                                        <input type="text" class="form-control" name="ldap_admin_username" id="ldap_admin_username" placeholder="e.g. cn=admin,dc=mydomain,dc=com" data-error="Please input LDAP admin username" value="{{ SETTING.get('ldap_admin_username') }}">
-                                                        <span class="help-block with-errors"></span>
+                                                        <input type="checkbox" id="local_db_enabled"
+                                                               name="local_db_enabled"
+                                                               class="checkbox"
+                                                               {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
+                                                        <label for="local_db_enabled">Local DB Authentication</label>
                                                     </div>
                                                     <div class="form-group">
-                                                        <label for="ldap_admin_password">LDAP admin password</label>
-                                                        <input type="password" class="form-control" name="ldap_admin_password" id="ldap_admin_password" placeholder="LDAP Admin password" data-error="Please input LDAP admin password" value="{{ SETTING.get('ldap_admin_password') }}">
-                                                        <span class="help-block with-errors"></span>
+                                                        <input type="checkbox" id="signup_enabled" name="signup_enabled"
+                                                               class="checkbox"
+                                                               {% if SETTING.get('signup_enabled') %}checked{% endif %}>
+                                                        <label for="signup_enabled">Allow users to sign up</label>
                                                     </div>
+                                                    <button type="submit" class="btn btn-primary">Save</button>
                                                 </div>
-                                                <div id="ldap_ad_fields">
-                                                    <div class="form-group">
-                                                        <label for="ldap_domain">Active Directory domain</label>
-                                                        <input type="text" class="form-control" name="ldap_domain" id="ldap_domain" placeholder="Active Directory domain" data-error="Please input Actve Directory domain value" value="{{ SETTING.get('ldap_domain') }}">
-                                                        <span class="help-block with-errors"></span>
+                                            </div>
+                                        </form>
+                                    </div>
+                                    <!-- /.tab-pane -->
+
+                                    <div class="tab-pane" id="tabs-ldap">
+                                        <div class="row">
+                                            <div class="col-4">
+                                                {% if error %}
+                                                    <div class="alert alert-danger alert-dismissible">
+                                                        <button type="button" class="close" data-dismiss="alert"
+                                                                aria-hidden="true">&times;
+                                                        </button>
+                                                        <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                                                        {{ error }}
                                                     </div>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>FILTERS</legend>
-                                                <div class="form-group">
-                                                    <label for="ldap_filter_basic">Basic filter</label>
-                                                    <input type="text" class="form-control" name="ldap_filter_basic" id="ldap_filter_basic" placeholder="e.g. (objectClass=inetorgperson)" data-error="Please input LDAP filter" value="{{ SETTING.get('ldap_filter_basic') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="ldap_filter_username">Username field</label>
-                                                    <input type="text" class="form-control" name="ldap_filter_username" id="ldap_filter_username" placeholder="e.g. uid" data-error="Please input field for username filtering" value="{{ SETTING.get('ldap_filter_username') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div id="ldap_openldap_group_filters">
-                                                    <div class="form-group">
-                                                        <label for="ldap_filter_group">Group filter</label>
-                                                        <input type="text" class="form-control" name="ldap_filter_group" id="ldap_filter_group" placeholder="e.g. (objectclass=groupOfNames)" data-error="Please input LDAP filter" value="{{ SETTING.get('ldap_filter_group') }}">
-                                                        <span class="help-block with-errors"></span>
+                                                {% endif %}
+                                                <form role="form" method="post" data-toggle="validator">
+                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="ldap" name="config_tab"/>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">LDAP Settings</h3>
+                                                        </div>
+                                                        <div class="card-body">
+                                                            <fieldset>
+                                                                <legend>GENERAL</legend>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="ldap_enabled"
+                                                                           name="ldap_enabled"
+                                                                           class="checkbox"
+                                                                           {% if SETTING.get('ldap_enabled') %}checked{% endif %}>
+                                                                    <label for="ldap_enabled">Enable LDAP
+                                                                        Authentication</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label>Type</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio" name="ldap_type"
+                                                                                   id="ldap"
+                                                                                   onclick="javascript:ldapSelection();"
+                                                                                   value="ldap"
+                                                                                   {% if SETTING.get('ldap_type')=='ldap' %}checked{% endif %}>
+                                                                            OpenLDAP
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio" name="ldap_type" id="ad"
+                                                                                   onclick="javascript:ldapSelection();"
+                                                                                   value="ad"
+                                                                                   {% if SETTING.get('ldap_type')=='ad' %}checked{% endif %}>
+                                                                            Active Directory
+                                                                        </label>
+                                                                    </div>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADMINISTRATOR INFO</legend>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_uri">LDAP URI</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_uri"
+                                                                           id="ldap_uri"
+                                                                           placeholder="e.g. ldaps://your-ldap-server:636"
+                                                                           data-error="Please input LDAP URI"
+                                                                           value="{{ SETTING.get('ldap_uri') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_base_dn">LDAP Base DN</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_base_dn"
+                                                                           id="ldap_base_dn"
+                                                                           placeholder="e.g. dc=mydomain,dc=com"
+                                                                           data-error="Please input LDAP Base DN"
+                                                                           value="{{ SETTING.get('ldap_base_dn') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div id="ldap_openldap_fields">
+                                                                    <div class="form-group">
+                                                                        <label for="ldap_admin_username">LDAP admin
+                                                                            username</label>
+                                                                        <input type="text" class="form-control"
+                                                                               name="ldap_admin_username"
+                                                                               id="ldap_admin_username"
+                                                                               placeholder="e.g. cn=admin,dc=mydomain,dc=com"
+                                                                               data-error="Please input LDAP admin username"
+                                                                               value="{{ SETTING.get('ldap_admin_username') }}">
+                                                                        <span class="help-block with-errors"></span>
+                                                                    </div>
+                                                                    <div class="form-group">
+                                                                        <label for="ldap_admin_password">LDAP admin
+                                                                            password</label>
+                                                                        <input type="password" class="form-control"
+                                                                               name="ldap_admin_password"
+                                                                               id="ldap_admin_password"
+                                                                               placeholder="LDAP Admin password"
+                                                                               data-error="Please input LDAP admin password"
+                                                                               value="{{ SETTING.get('ldap_admin_password') }}">
+                                                                        <span class="help-block with-errors"></span>
+                                                                    </div>
+                                                                </div>
+                                                                <div id="ldap_ad_fields">
+                                                                    <div class="form-group">
+                                                                        <label for="ldap_domain">Active Directory
+                                                                            domain</label>
+                                                                        <input type="text" class="form-control"
+                                                                               name="ldap_domain" id="ldap_domain"
+                                                                               placeholder="Active Directory domain"
+                                                                               data-error="Please input Actve Directory domain value"
+                                                                               value="{{ SETTING.get('ldap_domain') }}">
+                                                                        <span class="help-block with-errors"></span>
+                                                                    </div>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>FILTERS</legend>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_filter_basic">Basic filter</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_filter_basic"
+                                                                           id="ldap_filter_basic"
+                                                                           placeholder="e.g. (objectClass=inetorgperson)"
+                                                                           data-error="Please input LDAP filter"
+                                                                           value="{{ SETTING.get('ldap_filter_basic') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_filter_username">Username
+                                                                        field</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_filter_username"
+                                                                           id="ldap_filter_username"
+                                                                           placeholder="e.g. uid"
+                                                                           data-error="Please input field for username filtering"
+                                                                           value="{{ SETTING.get('ldap_filter_username') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div id="ldap_openldap_group_filters">
+                                                                    <div class="form-group">
+                                                                        <label for="ldap_filter_group">Group
+                                                                            filter</label>
+                                                                        <input type="text" class="form-control"
+                                                                               name="ldap_filter_group"
+                                                                               id="ldap_filter_group"
+                                                                               placeholder="e.g. (objectclass=groupOfNames)"
+                                                                               data-error="Please input LDAP filter"
+                                                                               value="{{ SETTING.get('ldap_filter_group') }}">
+                                                                        <span class="help-block with-errors"></span>
+                                                                    </div>
+                                                                    <div class="form-group">
+                                                                        <label for="ldap_filter_groupname">Group name
+                                                                            field</label>
+                                                                        <input type="text" class="form-control"
+                                                                               name="ldap_filter_groupname"
+                                                                               id="ldap_filter_groupname"
+                                                                               placeholder="e.g. member"
+                                                                               data-error="Please input field for group name filtering"
+                                                                               value="{{ SETTING.get('ldap_filter_groupname') }}">
+                                                                        <span class="help-block with-errors"></span>
+                                                                    </div>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>GROUP SECURITY</legend>
+                                                                <div class="form-group">
+                                                                    <label>Status</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio" name="ldap_sg_enabled"
+                                                                                   id="ldap_sg_off" value="OFF"
+                                                                                   {% if not SETTING.get('ldap_sg_enabled') %}checked{% endif %}>
+                                                                            OFF
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio" name="ldap_sg_enabled"
+                                                                                   id="ldap_sg_on" value="ON"
+                                                                                   {% if SETTING.get('ldap_sg_enabled') %}checked{% endif %}>
+                                                                            ON
+                                                                        </label>
+                                                                    </div>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_admin_group">Admin group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_admin_group" id="ldap_admin_group"
+                                                                           placeholder="e.g. cn=sysops,dc=mydomain,dc=com"
+                                                                           data-error="Please input LDAP DN for Admin group"
+                                                                           value="{{ SETTING.get('ldap_admin_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_operator_group">Operator
+                                                                        group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_operator_group"
+                                                                           id="ldap_operator_group"
+                                                                           placeholder="e.g. cn=operators,dc=mydomain,dc=com"
+                                                                           data-error="Please input LDAP DN for Operator group"
+                                                                           value="{{ SETTING.get('ldap_operator_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="ldap_user_group">User group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_user_group" id="ldap_user_group"
+                                                                           placeholder="e.g. cn=users,dc=mydomain,dc=com"
+                                                                           data-error="Please input LDAP DN for User group"
+                                                                           value="{{ SETTING.get('ldap_user_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADVANCE</legend>
+                                                                <div class="form-group">
+                                                                    <label>Roles Autoprovisioning</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio" name="autoprovisioning"
+                                                                                   id="autoprovisioning_off" value="OFF"
+                                                                                   {% if not SETTING.get('autoprovisioning') %}checked{% endif %}>
+                                                                            OFF
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio" name="autoprovisioning"
+                                                                                   id="autoprovisioning_on" value="ON"
+
+                                                                                   {% if SETTING.get('autoprovisioning') %}checked{% endif %}>
+                                                                            ON
+                                                                    </div>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="autoprovisioning_attribute">Roles
+                                                                        provisioning
+                                                                        field</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="autoprovisioning_attribute"
+                                                                           id="autoprovisioning_attribute"
+                                                                           placeholder="e.g. eduPersonEntitlement"
+                                                                           data-error="    Please input field responsible for autoprovisioning"
+                                                                           value="{{ SETTING.get('autoprovisioning_attribute') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+
+                                                                <div
+                                                                    class="form-group {% if error %}has-error{% endif %}">
+                                                                    <label for="urn_value">Urn prefix</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="urn_value"
+                                                                           id="urn_value"
+                                                                           placeholder="e.g. urn:mace:<yourOrganization>"
+                                                                           data-error="Please fill this field"
+                                                                           value="{{ SETTING.get('urn_value') }}">
+                                                                    {% if error %}
+                                                                        <span class="help-block with-errors">Please input the correct prefix for your urn value</span>
+                                                                    {% endif %}
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label>Purge Roles If Empty</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio" name="purge"
+                                                                                   id="purge_off"
+                                                                                   value="OFF"
+                                                                                   {% if not SETTING.get('purge') %}checked{% endif %}>
+                                                                            OFF
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio" name="purge"
+                                                                                   id="purge_on"
+                                                                                   value="ON"
+                                                                                   {% if SETTING.get('purge') %}checked{% endif %}>
+                                                                            ON
+                                                                    </div>
+                                                                </div>
+                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <button type="submit" class="btn btn-flat btn-primary">
+                                                                    Save
+                                                                </button>
+                                                            </div>
+                                                        </div>
                                                     </div>
-                                                    <div class="form-group">
-                                                        <label for="ldap_filter_groupname">Group name field</label>
-                                                        <input type="text" class="form-control" name="ldap_filter_groupname" id="ldap_filter_groupname" placeholder="e.g. member" data-error="Please input field for group name filtering" value="{{ SETTING.get('ldap_filter_groupname') }}">
-                                                        <span class="help-block with-errors"></span>
+                                                </form>
+                                            </div>
+                                            <div class="col-8">
+                                                <legend>Help</legend>
+                                                <dl class="dl-horizontal">
+                                                    <dt>Enable LDAP Authentication</dt>
+                                                    <dd>Turn on / off the LDAP authentication.</dd>
+                                                    <dt>Type</dt>
+                                                    <dd>Select your current directory service type.
+                                                        <ul>
+                                                            <li>
+                                                                OpenLDAP - Open source implementation of the Lightweight
+                                                                Directory Access Protocol.
+                                                            </li>
+                                                            <li>
+                                                                Active Directory - Active Directory is a directory
+                                                                service that Microsoft developed for the Windows domain
+                                                                networks.
+                                                            </li>
+                                                        </ul>
+                                                    </dd>
+                                                    <dt>ADMINISTRATOR INFO</dt>
+                                                    <dd>Your LDAP connection string and admin credential used by PDA to
+                                                        query user information.
+                                                        <ul>
+                                                            <li>
+                                                                LDAP URI - The fully qualified domain names of your
+                                                                directory servers. (e.g. ldap://127.0.0.1:389)
+                                                            </li>
+                                                            <li>
+                                                                LDAP Base DN - The point from where a PDA will search
+                                                                for users.
+                                                            </li>
+                                                            <li>
+                                                                LDAP admin username - Your LDAP administrator user which
+                                                                has permission to query information in the Base DN
+                                                                above. Not needed for Active Directory authentication.
+                                                            </li>
+                                                            <li>
+                                                                LDAP admin password - The password of LDAP administrator
+                                                                user. Not needed for Active Directory authentication.
+                                                            </li>
+                                                            <li>
+                                                                Active Directory domain - Active Directory domain used.
+                                                            </li>
+                                                        </ul>
+                                                    </dd>
+                                                    <dt>FILTERS</dt>
+                                                    <dd>Define how you want to filter your user in LDAP query.
+                                                        <ul>
+                                                            <li>
+                                                                Basic filter - The filter that will be applied to all
+                                                                LDAP query by PDA. (e.g.
+                                                                <i>(objectClass=inetorgperson)</i> for OpenLDAP and <i>(objectClass=organizationalPerson)</i>
+                                                                for Active Directory)
+                                                            </li>
+                                                            <li>
+                                                                Username field - The field PDA will look for user's
+                                                                username. (e.g. <i>uid</i> for OpenLDAP and <i>sAMAccountName</i>
+                                                                for Active Directory)
+                                                            </li>
+                                                            <li>
+                                                                Group filter - The filter that will be applied to all
+                                                                LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i>
+                                                                for OpenLDAP)
+                                                            </li>
+                                                            <li>
+                                                                Group name field - The field PDA will look for group
+                                                                names. (e.g. <i>member</i> for OpenLDAP)
+                                                            </li>
+                                                        </ul>
+                                                    </dd>
+                                                    <dt>GROUP SECURITY</dt>
+                                                    <dd>User can be assigned to PDA's User or Admin group by matching
+                                                        following LDAP Group.
+                                                        <ul>
+                                                            <li>
+                                                                Status - Turn on / off group security feature.
+                                                            </li>
+                                                            <li>
+                                                                Admin group - Your LDAP admin group.
+                                                            </li>
+                                                            <li>
+                                                                Operator group - Your LDAP operator group.
+                                                            </li>
+                                                            <li>
+                                                                User group - Your LDAP user group.
+                                                            </li>
+                                                        </ul>
+                                                    </dd>
+                                                    <dt>ADVANCE</dt>
+                                                    <dd> Provision PDA user privileges based on LDAP Object Attributes.
+                                                        Alternative to Group Security Role Management.
+                                                        <ul>
+                                                            <li>
+                                                                Roles Autoprovisioning - If toggled on, the PDA Role and
+                                                                the associations of users found in the local db, will be
+                                                                instantly updated from the LDAP server every time they
+                                                                log in.
+                                                            </li>
+                                                            <li>
+                                                                Roles provisioning field - The attribute in the ldap
+                                                                server populated by the urn values where PDA will look
+                                                                for a new Role and/or new associations to
+                                                                domains/accounts.
+                                                            </li>
+                                                            <li>
+                                                                Urn prefix - The prefix used before the static keyword
+                                                                "powerdns-admin" for your entitlements in the ldap
+                                                                server. Must comply with RFC no.8141.
+                                                            </li>
+                                                            <li>
+                                                                Purge Roles If Empty - If toggled on, ldap entries that
+                                                                have no valid "powerdns-admin" records to their
+                                                                autoprovisioning field, will lose all their associations
+                                                                with any domain or account, also reverting to a User in
+                                                                the process, despite their current role in the local db.<br>
+                                                                If toggled off, in the same scenario they get to keep
+                                                                their existing associations and their current Role.
+
+                                                            </li>
+                                                        </ul>
+                                                    </dd>
+                                                </dl>
+                                            </div>
+                                        </div>
+                                    </div>
+                                    <!-- /.tab-pane -->
+
+                                    <div class="tab-pane" id="tabs-google">
+                                        <div class="row">
+                                            <div class="col-4">
+                                                <div class="card">
+                                                    <div class="card-body">
+                                                        <form role="form" method="post" data-toggle="validator">
+                                                            <input type="hidden" name="_csrf_token"
+                                                                   value="{{ csrf_token() }}">
+                                                            <input type="hidden" value="google" name="config_tab"/>
+                                                            <fieldset>
+                                                                <legend>GENERAL</legend>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="google_oauth_enabled"
+                                                                           name="google_oauth_enabled" class="checkbox"
+                                                                           {% if SETTING.get('google_oauth_enabled') %}checked{% endif %}>
+                                                                    <label for="google_oauth_enabled">Enable Google
+                                                                        OAuth</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_client_id">Client
+                                                                        ID</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_client_id"
+                                                                           id="google_oauth_client_id"
+                                                                           placeholder="Google OAuth client ID"
+                                                                           data-error="Please input Client ID"
+                                                                           value="{{ SETTING.get('google_oauth_client_id') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_client_secret">Client
+                                                                        secret</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_client_secret"
+                                                                           id="google_oauth_client_secret"
+                                                                           placeholder="Google OAuth client secret"
+                                                                           data-error="Please input Client secret"
+                                                                           value="{{ SETTING.get('google_oauth_client_secret') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADVANCE</legend>
+                                                                <div class="form-group">
+                                                                    <label for="google_token_url">Token URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_token_url" id="google_token_url"
+                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/token"
+                                                                           data-error="Please input token URL"
+                                                                           value="{{ SETTING.get('google_token_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_scope">Scope</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_scope"
+                                                                           id="google_oauth_scope"
+                                                                           placeholder="e.g. email profile"
+                                                                           data-error="Please input scope"
+                                                                           value="{{ SETTING.get('google_oauth_scope') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_authorize_url">Authorize
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_authorize_url"
+                                                                           id="google_authorize_url"
+                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/auth"
+                                                                           data-error="Please input Authorize URL"
+                                                                           value="{{ SETTING.get('google_authorize_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_base_url">Base URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_base_url" id="google_base_url"
+                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v1/"
+                                                                           data-error="Please input base URL"
+                                                                           value="{{ SETTING.get('google_base_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <div class="card-footer">
+                                                                <button type="submit"
+                                                                        class="btn btn-primary float-right">Save
+                                                                </button>
+                                                            </div>
+                                                        </form>
                                                     </div>
                                                 </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>GROUP SECURITY</legend>
-                                                <div class="form-group">
-                                                    <label>Status</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="ldap_sg_enabled" id="ldap_sg_off" value="OFF" {% if not SETTING.get('ldap_sg_enabled') %}checked{% endif %}> OFF
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="ldap_sg_enabled" id="ldap_sg_on" value="ON" {% if SETTING.get('ldap_sg_enabled') %}checked{% endif %}> ON
-                                                        </label>
+                                            </div>
+                                            <div class="col-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">Help</h3>
                                                     </div>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="ldap_admin_group">Admin group</label>
-                                                    <input type="text" class="form-control" name="ldap_admin_group" id="ldap_admin_group" placeholder="e.g. cn=sysops,dc=mydomain,dc=com"  data-error="Please input LDAP DN for Admin group" value="{{ SETTING.get('ldap_admin_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="ldap_operator_group">Operator group</label>
-                                                    <input type="text" class="form-control" name="ldap_operator_group" id="ldap_operator_group" placeholder="e.g. cn=operators,dc=mydomain,dc=com" data-error="Please input LDAP DN for Operator group" value="{{ SETTING.get('ldap_operator_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="ldap_user_group">User group</label>
-                                                    <input type="text" class="form-control" name="ldap_user_group" id="ldap_user_group" placeholder="e.g. cn=users,dc=mydomain,dc=com" data-error="Please input LDAP DN for User group" value="{{ SETTING.get('ldap_user_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADVANCE</legend>
-                                                <div class="form-group">
-                                                    <label>Roles Autoprovisioning</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="autoprovisioning" id="autoprovisioning_off" value="OFF" {% if not SETTING.get('autoprovisioning') %}checked{% endif %}> OFF
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="autoprovisioning" id="autoprovisioning_on" value="ON"
-
-                                                             {% if SETTING.get('autoprovisioning') %}checked{% endif %}> ON
+                                                    <div class="card-body">
+                                                        <p>Fill in all the fields in the left form.</p>
+                                                        <p>Make sure you add PDA redirection URI (e.g
+                                                            http://localhost:9191/google/authorized) to your Google App
+                                                            Credentials Restriction.</p>
                                                     </div>
                                                 </div>
-                                                <div class="form-group">
-                                                    <label for="autoprovisioning_attribute">Roles provisioning field</label>
-                                                    <input type="text" class="form-control" name="autoprovisioning_attribute" id="autoprovisioning_attribute" placeholder="e.g. eduPersonEntitlement"  data-error="    Please input field responsible for autoprovisioning" value="{{ SETTING.get('autoprovisioning_attribute') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
+                                            </div>
+                                        </div>
+                                    </div>
+                                    <!-- /.tab-pane -->
 
-                                                <div class="form-group {% if error %}has-error{% endif %}">
-                                                    <label for="urn_value">Urn prefix</label>
-                                                    <input type="text" class="form-control" name="urn_value" id="urn_value" placeholder="e.g. urn:mace:<yourOrganization>"   data-error="Please fill this field" value="{{ SETTING.get('urn_value') }}">
-                                                    {% if error %}
-                                                        <span class="help-block with-errors">Please input the correct prefix for your urn value</span>
-                                                    {% endif %}
-                                                </div>
-                                                <div class="form-group">
-                                                    <label>Purge Roles If Empty</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="purge" id="purge_off" value="OFF" {% if not SETTING.get('purge') %}checked{% endif %}> OFF
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="purge" id="purge_on" value="ON" {% if SETTING.get('purge') %}checked{% endif %}> ON
+                                    <div class="tab-pane" id="tabs-github">
+                                        <div class="row">
+                                            <div class="col-4">
+                                                <form role="form" method="post" data-toggle="validator">
+                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="github" name="config_tab"/>
+                                                    <fieldset>
+                                                        <legend>GENERAL</legend>
+                                                        <div class="form-group">
+                                                            <input type="checkbox" id="github_oauth_enabled"
+                                                                   name="github_oauth_enabled" class="checkbox"
+                                                                   {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
+                                                            <label for="github_oauth_enabled">Enable Github
+                                                                OAuth</label>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_key">Client key</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_key" id="github_oauth_key"
+                                                                   placeholder="Github OAuth client ID"
+                                                                   data-error="Please input Client key"
+                                                                   value="{{ SETTING.get('github_oauth_key') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_secret">Client secret</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_secret" id="github_oauth_secret"
+                                                                   placeholder="Github OAuth client secret"
+                                                                   data-error="Please input Client secret"
+                                                                   value="{{ SETTING.get('github_oauth_secret') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>ADVANCE</legend>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_scope">Scope</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_scope" id="github_oauth_scope"
+                                                                   placeholder="e.g. email"
+                                                                   data-error="Please input scope"
+                                                                   value="{{ SETTING.get('github_oauth_scope') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_api_url">API URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_api_url" id="github_oauth_api_url"
+                                                                   placeholder="e.g. https://api.github.com/user"
+                                                                   data-error="Please input API URL"
+                                                                   value="{{ SETTING.get('github_oauth_api_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_token_url">Token URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_token_url"
+                                                                   id="github_oauth_token_url"
+                                                                   placeholder="e.g. https://github.com/login/oauth/access_token"
+                                                                   data-error="Please input Token URL"
+                                                                   value="{{ SETTING.get('github_oauth_token_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="github_oauth_authorize_url">Authorize
+                                                                URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="github_oauth_authorize_url"
+                                                                   id="github_oauth_authorize_url"
+                                                                   placeholder="e.g. https://github.com/login/oauth/authorize"
+                                                                   data-error="Plesae input Authorize URL"
+                                                                   value="{{ SETTING.get('github_oauth_authorize_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <div class="form-group">
+                                                        <button type="submit" class="btn btn-flat btn-primary">Save
+                                                        </button>
                                                     </div>
-                                                </div>
-                                            </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                                </form>
                                             </div>
-                                        </form>
+                                            <div class="col-8">
+                                                <legend>Help</legend>
+                                                <p>Fill in all the fields in the left form.</p>
+                                            </div>
+                                        </div>
                                     </div>
-                                    <div class="col-8">
-                                        <legend>Help</legend>
-                                        <dl class="dl-horizontal">
-                                            <dt>Enable LDAP Authentication</dt>
-                                            <dd>Turn on / off the LDAP authentication.</dd>
-                                            <dt>Type</dt>
-                                            <dd>Select your current directory service type.
-                                                <ul>
-                                                    <li>
-                                                        OpenLDAP - Open source implementation of the Lightweight Directory Access Protocol.
-                                                    </li>
-                                                    <li>
-                                                        Active Directory - Active Directory is a directory service that Microsoft developed for the Windows domain networks.
-                                                    </li>
-                                                </ul>
-                                            </dd>
-                                            <dt>ADMINISTRATOR INFO</dt>
-                                            <dd>Your LDAP connection string and admin credential used by PDA to query user information.
-                                                <ul>
-                                                    <li>
-                                                        LDAP URI - The fully qualified domain names of your directory servers. (e.g. ldap://127.0.0.1:389)
-                                                    </li>
-                                                    <li>
-                                                        LDAP Base DN - The point from where a PDA will search for users.
-                                                    </li>
-                                                    <li>
-                                                        LDAP admin username - Your LDAP administrator user which has permission to query information in the Base DN above. Not needed for Active Directory authentication.
-                                                    </li>
-                                                    <li>
-                                                        LDAP admin password - The password of LDAP administrator user. Not needed for Active Directory authentication.
-                                                    </li>
-                                                    <li>
-                                                        Active Directory domain - Active Directory domain used.
-                                                    </li>
-                                                </ul>
-                                            </dd>
-                                            <dt>FILTERS</dt>
-                                            <dd>Define how you want to filter your user in LDAP query.
+                                    <!-- /.tab-pane -->
+
+                                    <div class="tab-pane" id="tabs-azure">
+                                        <div class="row">
+                                            <div class="col-4">
+                                                <form role="form" method="post" data-toggle="validator">
+                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="azure" name="config_tab"/>
+                                                    <fieldset>
+                                                        <legend>GENERAL</legend>
+                                                        <div class="form-group">
+                                                            <input type="checkbox" id="azure_oauth_enabled"
+                                                                   name="azure_oauth_enabled" class="checkbox"
+                                                                   {% if SETTING.get('azure_oauth_enabled') %}checked{% endif %}>
+                                                            <label for="azure_oauth_enabled">Enable Microsoft Azure
+                                                                OAuth</label>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_key">Client key</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_key" id="azure_oauth_key"
+                                                                   placeholder="Azure OAuth client ID"
+                                                                   data-error="Please input Client key"
+                                                                   value="{{ SETTING.get('azure_oauth_key') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_secret">Client secret</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_secret" id="azure_oauth_secret"
+                                                                   placeholder="Azure OAuth client secret"
+                                                                   data-error="Please input Client secret"
+                                                                   value="{{ SETTING.get('azure_oauth_secret') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>ADVANCED</legend>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_scope">Scope</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_scope" id="azure_oauth_scope"
+                                                                   placeholder="e.g. email"
+                                                                   data-error="Please input scope - e.g. User.Read"
+                                                                   value="{{ SETTING.get('azure_oauth_scope') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_api_url">API URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_api_url" id="azure_oauth_api_url"
+                                                                   placeholder="e.g. https://graph.microsoft.com/v1.0/"
+                                                                   data-error="Please input API URL"
+                                                                   value="{{ SETTING.get('azure_oauth_api_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_token_url">Token URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_token_url"
+                                                                   id="azure_oauth_token_url"
+                                                                   placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token"
+                                                                   data-error="Please input Token URL"
+                                                                   value="{{ SETTING.get('azure_oauth_token_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_oauth_authorize_url">Authorize URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_oauth_authorize_url"
+                                                                   id="azure_oauth_authorize_url"
+                                                                   placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize"
+                                                                   data-error="Please input Authorize URL"
+                                                                   value="{{ SETTING.get('azure_oauth_authorize_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>GROUP SECURITY</legend>
+                                                        <div class="form-group">
+                                                            <label>Status</label>
+                                                            <div class="radio">
+                                                                <label>
+                                                                    <input type="radio" name="azure_sg_enabled"
+                                                                           id="azure_sg_off" value="OFF"
+                                                                           {% if not SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                    OFF
+                                                                </label>
+                                                                &nbsp;&nbsp;&nbsp;
+                                                                <label>
+                                                                    <input type="radio" name="azure_sg_enabled"
+                                                                           id="azure_sg_on" value="ON"
+                                                                           {% if SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                    ON
+                                                                </label>
+                                                            </div>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_admin_group">Admin group</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_admin_group" id="azure_admin_group"
+                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                   data-error="Please input the ID for Admin group"
+                                                                   value="{{ SETTING.get('azure_admin_group') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_operator_group">Operator group</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_operator_group" id="azure_operator_group"
+                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                   data-error="Please input the ID for Operator group"
+                                                                   value="{{ SETTING.get('azure_operator_group') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_user_group">User group</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_user_group" id="azure_user_group"
+                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                   data-error="Please input the ID for User group"
+                                                                   value="{{ SETTING.get('azure_user_group') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>AZURE GROUP ACCOUNT SYNC/CREATION</legend>
+                                                        <div class="form-group">
+                                                            <label for="azure_group_accounts_enabled">Status</label>
+                                                            <div class="radio">
+                                                                <label>
+                                                                    <input type="radio"
+                                                                           name="azure_group_accounts_enabled"
+                                                                           id="azure_group_accounts_off" value="OFF"
+                                                                           {% if not SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                    OFF
+                                                                </label>
+                                                                &nbsp;&nbsp;&nbsp;
+                                                                <label>
+                                                                    <input type="radio"
+                                                                           name="azure_group_accounts_enabled"
+                                                                           id="azure_group_accounts_on" value="ON"
+                                                                           {% if SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                    ON
+                                                                </label>
+                                                            </div>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_group_accounts_name">Azure group name
+                                                                claim</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_group_accounts_name"
+                                                                   id="azure_group_accounts_name"
+                                                                   placeholder="e.g. displayName"
+                                                                   data-error="Please input the Claim for Azure group name"
+                                                                   value="{{ SETTING.get('azure_group_accounts_name') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_group_accounts_name_re">Azure group name
+                                                                claim regex</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_group_accounts_name_re"
+                                                                   id="azure_group_accounts_name_re"
+                                                                   placeholder="e.g. (.*)"
+                                                                   data-error="Please input the regex for Azure group name"
+                                                                   value="{{ SETTING.get('azure_group_accounts_name_re') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_group_accounts_description">Azure group
+                                                                description claim</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_group_accounts_description"
+                                                                   id="azure_group_accounts_description"
+                                                                   placeholder="e.g. description. If empty uses whole string"
+                                                                   data-error="Please input the Claim for Azure group description"
+                                                                   value="{{ SETTING.get('azure_group_accounts_description') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="azure_group_accounts_name_re">Azure group name
+                                                                description regex</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="azure_group_accounts_description_re"
+                                                                   id="azure_group_accounts_description_re"
+                                                                   placeholder="e.g. (.*). If empty uses whole string"
+                                                                   data-error="Please input the regex for Azure group description"
+                                                                   value="{{ SETTING.get('azure_group_accounts_description_re') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <div class="form-group">
+                                                        <button type="submit" class="btn btn-flat btn-primary">Save
+                                                        </button>
+                                                    </div>
+                                                </form>
+                                            </div>
+                                            <div class="col-8">
+                                                <legend>Help</legend>
+                                                <p>Fill in all the fields in the left form.</p>
+                                                <p>You first need to define an Application Registration in your Azure
+                                                    Active Directory, with the appropriate HTTPS URL for this endpoint,
+                                                    and with the appropriate rights, as explained in the
+                                                    documentation.</p>
+                                                <p>
                                                 <ul>
-                                                    <li>
-                                                        Basic filter - The filter that will be applied to all LDAP query by PDA. (e.g. <i>(objectClass=inetorgperson)</i> for OpenLDAP and <i>(objectClass=organizationalPerson)</i> for Active Directory)
-                                                    </li>
-                                                    <li>
-                                                        Username field - The field PDA will look for user's username. (e.g. <i>uid</i> for OpenLDAP and <i>sAMAccountName</i> for Active Directory)
+                                                    <li>Under the Azure Active Directory, select App Registrations, and
+                                                        create a new one. Give it any name you want, and the Redirect
+                                                        URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b>
+                                                        (replace the host name approriately).
                                                     </li>
-                                                    <li>
-                                                        Group filter - The filter that will be applied to all LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i> for OpenLDAP)
+                                                    <li>Select the newly-created registration</li>
+                                                    <li>On the Overview page, the Application ID is your new Client ID
+                                                        to use with PowerDNS-Admin
                                                     </li>
-                                                    <li>
-                                                        Group name field - The field PDA will look for group names. (e.g. <i>member</i> for OpenLDAP)
+                                                    <li>On the Overview page, make a note of your Directory/Tenant ID -
+                                                        you need it for the API URLs later
                                                     </li>
-                                                </ul>
-                                            </dd>
-                                            <dt>GROUP SECURITY</dt>
-                                            <dd>User can be assigned to PDA's User or Admin group by matching following LDAP Group.
-                                                <ul>
-                                                    <li>
-                                                        Status - Turn on / off group security feature.
+                                                    <li>Ensure Access Tokens are enabled in the Authentication section
                                                     </li>
-                                                    <li>
-                                                        Admin group - Your LDAP admin group.
+                                                    <li>Under Certificates and Secrets, create a new Client Secret. Note
+                                                        this secret as it is the new Client Secret to use with
+                                                        PowerDNS-Admin
                                                     </li>
-                                                    <li>
-                                                        Operator group - Your LDAP operator group.
+                                                    <li>Under API Permissions, you need to add permissions. Add
+                                                        permissions for Graph API, Delegated. Add: email, openid,
+                                                        profile, GroupMember.Read, User.Read and possibly User.Read.All.
+                                                        You then need to grant admin approval for your organisation.
                                                     </li>
-                                                    <li>
-                                                        User group - Your LDAP user group.
+                                                    <li>For the Scope, use <b>User.Read openid mail profile</b></li>
+                                                    <li>Replace the [tenantID] in the default URLs for authorize and
+                                                        token with your Tenant ID.
                                                     </li>
                                                 </ul>
-                                            </dd>
-                                            <dt>ADVANCE</dt>
-                                            <dd> Provision PDA user privileges based on LDAP Object Attributes. Alternative to Group Security Role Management.
-                                                <ul>
-                                                    <li>
-                                                        Roles Autoprovisioning - If toggled on, the PDA Role and the associations of users found in the local db, will be instantly updated from the LDAP server every time they log in.
-                                                    </li>
-                                                    <li>
-                                                        Roles provisioning field - The attribute in the ldap server populated by the urn values where PDA will look for a new Role and/or new associations to domains/accounts.
-                                                    </li>
-                                                    <li>
-                                                        Urn prefix - The prefix used before the static keyword "powerdns-admin" for your entitlements in the ldap server. Must comply with RFC no.8141.
-                                                    </li>
-                                                    <li>
-                                                         Purge Roles If Empty - If toggled on, ldap entries that have no valid "powerdns-admin" records to their autoprovisioning field, will lose all their associations with any domain or account, also reverting to a User in the process, despite their current role in the local db.<br> If toggled off, in the same scenario they get to keep their existing associations and their current Role.
+                                                </p>
+                                                <p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled, Accounts will
+                                                    be created automatically based on group membership. If an Account
+                                                    exists, an authenticated user with group membership is added to the
+                                                    Account</p>
 
-                                                    </li>
-                                                </ul>
-                                            </dd>
-                                        </dl>
-                                    </div>
-                                </div>
-                            </div>
-                            <div class="tab-pane" id="tabs-google">
-                                <div class="row">
-                                    <div class="col-4">
-                                      <div class="card">
-                                        <div class="card-body">
-                                        <form role="form" method="post" data-toggle="validator">
-                                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="google" name="config_tab" />
-                                            <fieldset>
-                                                <legend>GENERAL</legend>
-                                                <div class="form-group">
-                                                    <input type="checkbox" id="google_oauth_enabled" name="google_oauth_enabled" class="checkbox" {% if SETTING.get('google_oauth_enabled') %}checked{% endif %}>
-                                                    <label for="google_oauth_enabled">Enable Google OAuth</label>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="google_oauth_client_id">Client ID</label>
-                                                    <input type="text" class="form-control" name="google_oauth_client_id" id="google_oauth_client_id" placeholder="Google OAuth client ID" data-error="Please input Client ID" value="{{ SETTING.get('google_oauth_client_id') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="google_oauth_client_secret">Client secret</label>
-                                                    <input type="text" class="form-control" name="google_oauth_client_secret" id="google_oauth_client_secret" placeholder="Google OAuth client secret" data-error="Please input Client secret" value="{{ SETTING.get('google_oauth_client_secret') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADVANCE</legend>
-                                                <div class="form-group">
-                                                    <label for="google_token_url">Token URL</label>
-                                                    <input type="text" class="form-control" name="google_token_url" id="google_token_url" placeholder="e.g. https://accounts.google.com/o/oauth2/token" data-error="Please input token URL" value="{{ SETTING.get('google_token_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="google_oauth_scope">Scope</label>
-                                                    <input type="text" class="form-control" name="google_oauth_scope" id="google_oauth_scope" placeholder="e.g. email profile" data-error="Please input scope" value="{{ SETTING.get('google_oauth_scope') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="google_authorize_url">Authorize URL</label>
-                                                    <input type="text" class="form-control" name="google_authorize_url" id="google_authorize_url" placeholder="e.g. https://accounts.google.com/o/oauth2/auth" data-error="Please input Authorize URL" value="{{ SETTING.get('google_authorize_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="google_base_url">Base URL</label>
-                                                    <input type="text" class="form-control" name="google_base_url" id="google_base_url" placeholder="e.g. https://www.googleapis.com/oauth2/v1/" data-error="Please input base URL" value="{{ SETTING.get('google_base_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <div class="card-footer">
-                                                <button type="submit" class="btn btn-primary float-right">Save</button>
                                             </div>
-                                        </form>
                                         </div>
-                                      </div>
                                     </div>
-                                    <div class="col-8">
-                                      <div class="card">
-                                        <div class="card-header">
-                                          <h3 class="card-title">Help</h3>
-                                        </div>
-                                        <div class="card-body">
-                                          <p>Fill in all the fields in the left form.</p>
-                                          <p>Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.</p>
-                                        </div>
-                                      </div>
-                                    </div>
-                                </div>
-                            </div>
-                            <div class="tab-pane" id="tabs-github">
-                                <div class="row">
-                                    <div class="col-4">
-                                        <form role="form" method="post" data-toggle="validator">
-                                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="github" name="config_tab" />
-                                            <fieldset>
-                                                <legend>GENERAL</legend>
-                                                <div class="form-group">
-                                                    <input type="checkbox" id="github_oauth_enabled" name="github_oauth_enabled" class="checkbox" {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
-                                                    <label for="github_oauth_enabled">Enable Github OAuth</label>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_key">Client key</label>
-                                                    <input type="text" class="form-control" name="github_oauth_key" id="github_oauth_key" placeholder="Github OAuth client ID" data-error="Please input Client key" value="{{ SETTING.get('github_oauth_key') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_secret">Client secret</label>
-                                                    <input type="text" class="form-control" name="github_oauth_secret" id="github_oauth_secret" placeholder="Github OAuth client secret" data-error="Please input Client secret" value="{{ SETTING.get('github_oauth_secret') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADVANCE</legend>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_scope">Scope</label>
-                                                    <input type="text" class="form-control" name="github_oauth_scope" id="github_oauth_scope" placeholder="e.g. email" data-error="Please input scope" value="{{ SETTING.get('github_oauth_scope') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_api_url">API URL</label>
-                                                    <input type="text" class="form-control" name="github_oauth_api_url" id="github_oauth_api_url" placeholder="e.g. https://api.github.com/user" data-error="Please input API URL" value="{{ SETTING.get('github_oauth_api_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_token_url">Token URL</label>
-                                                    <input type="text" class="form-control" name="github_oauth_token_url" id="github_oauth_token_url" placeholder="e.g. https://github.com/login/oauth/access_token" data-error="Please input Token URL" value="{{ SETTING.get('github_oauth_token_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="github_oauth_authorize_url">Authorize URL</label>
-                                                    <input type="text" class="form-control" name="github_oauth_authorize_url" id="github_oauth_authorize_url" placeholder="e.g. https://github.com/login/oauth/authorize" data-error="Plesae input Authorize URL" value="{{ SETTING.get('github_oauth_authorize_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
-                                            </div>
-                                        </form>
-                                    </div>
-                                    <div class="col-8">
-                                        <legend>Help</legend>
-                                        <p>Fill in all the fields in the left form.</p>
-                                    </div>
-                                </div>
-                            </div>
-                            <div class="tab-pane" id="tabs-azure">
-                                <div class="row">
-                                    <div class="col-4">
-                                        <form role="form" method="post" data-toggle="validator">
-                                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="azure" name="config_tab" />
-                                            <fieldset>
-                                                <legend>GENERAL</legend>
-                                                <div class="form-group">
-                                                    <input type="checkbox" id="azure_oauth_enabled" name="azure_oauth_enabled" class="checkbox" {% if SETTING.get('azure_oauth_enabled') %}checked{% endif %}>
-                                                    <label for="azure_oauth_enabled">Enable Microsoft Azure OAuth</label>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_key">Client key</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_key" id="azure_oauth_key" placeholder="Azure OAuth client ID" data-error="Please input Client key" value="{{ SETTING.get('azure_oauth_key') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_secret">Client secret</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_secret" id="azure_oauth_secret" placeholder="Azure OAuth client secret" data-error="Please input Client secret" value="{{ SETTING.get('azure_oauth_secret') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADVANCED</legend>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_scope">Scope</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_scope" id="azure_oauth_scope" placeholder="e.g. email" data-error="Please input scope - e.g. User.Read" value="{{ SETTING.get('azure_oauth_scope') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_api_url">API URL</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_api_url" id="azure_oauth_api_url" placeholder="e.g. https://graph.microsoft.com/v1.0/" data-error="Please input API URL" value="{{ SETTING.get('azure_oauth_api_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_token_url">Token URL</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_token_url" id="azure_oauth_token_url" placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token" data-error="Please input Token URL" value="{{ SETTING.get('azure_oauth_token_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_oauth_authorize_url">Authorize URL</label>
-                                                    <input type="text" class="form-control" name="azure_oauth_authorize_url" id="azure_oauth_authorize_url" placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize" data-error="Please input Authorize URL" value="{{ SETTING.get('azure_oauth_authorize_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>GROUP SECURITY</legend>
-                                                <div class="form-group">
-                                                    <label>Status</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="azure_sg_enabled" id="azure_sg_off" value="OFF" {% if not SETTING.get('azure_sg_enabled') %}checked{% endif %}> OFF
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="azure_sg_enabled" id="azure_sg_on" value="ON" {% if SETTING.get('azure_sg_enabled') %}checked{% endif %}> ON
-                                                        </label>
-                                                    </div>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_admin_group">Admin group</label>
-                                                    <input type="text" class="form-control" name="azure_admin_group" id="azure_admin_group" placeholder="e.g. 00000000-0000-0000-0000-000000000000"  data-error="Please input the ID for Admin group" value="{{ SETTING.get('azure_admin_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_operator_group">Operator group</label>
-                                                    <input type="text" class="form-control" name="azure_operator_group" id="azure_operator_group" placeholder="e.g. 00000000-0000-0000-0000-000000000000" data-error="Please input the ID for Operator group" value="{{ SETTING.get('azure_operator_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_user_group">User group</label>
-                                                    <input type="text" class="form-control" name="azure_user_group" id="azure_user_group" placeholder="e.g. 00000000-0000-0000-0000-000000000000" data-error="Please input the ID for User group" value="{{ SETTING.get('azure_user_group') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>AZURE GROUP ACCOUNT SYNC/CREATION</legend>
-                                                <div class="form-group">
-                                                    <label for="azure_group_accounts_enabled">Status</label>
-                                                    <div class="radio">
-                                                        <label>
-                                                            <input type="radio" name="azure_group_accounts_enabled" id="azure_group_accounts_off" value="OFF" {% if not SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}> OFF
-                                                        </label>
-                                                        &nbsp;&nbsp;&nbsp;
-                                                        <label>
-                                                            <input type="radio" name="azure_group_accounts_enabled" id="azure_group_accounts_on" value="ON" {% if SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}> ON
-                                                        </label>
+                                    <!-- /.tab-pane -->
+
+                                    <div class="tab-pane" id="tabs-oidc">
+                                        <div class="row">
+                                            <div class="col-4">
+                                                <form role="form" method="post" data-toggle="validator">
+                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="oidc" name="config_tab"/>
+                                                    <fieldset>
+                                                        <legend>GENERAL</legend>
+                                                        <div class="form-group">
+                                                            <input type="checkbox" id="oidc_oauth_enabled"
+                                                                   name="oidc_oauth_enabled" class="checkbox"
+                                                                   {% if SETTING.get('oidc_oauth_enabled') %}checked{% endif %}>
+                                                            <label for="oidc_oauth_enabled">Enable OpenID Connect
+                                                                OAuth</label>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_key">Client key</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_key" id="oidc_oauth_key"
+                                                                   placeholder="OIDC OAuth client ID"
+                                                                   data-error="Please input Client key"
+                                                                   value="{{ SETTING.get('oidc_oauth_key') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_secret">Client secret</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_secret" id="oidc_oauth_secret"
+                                                                   placeholder="OIDC OAuth client secret"
+                                                                   data-error="Please input Client secret"
+                                                                   value="{{ SETTING.get('oidc_oauth_secret') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_scope">Scope</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_scope" id="oidc_oauth_scope"
+                                                                   placeholder="e.g. email"
+                                                                   data-error="Please input scope"
+                                                                   value="{{ SETTING.get('oidc_oauth_scope') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_api_url">API URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_api_url" id="oidc_oauth_api_url"
+                                                                   placeholder="e.g. https://api.oidc.com/user"
+                                                                   data-error="Please input API URL"
+                                                                   value="{{ SETTING.get('oidc_oauth_api_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_token_url">Token URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_token_url" id="oidc_oauth_token_url"
+                                                                   placeholder="e.g. https://oidc.com/login/oauth/access_token"
+                                                                   data-error="Please input Token URL"
+                                                                   value="{{ SETTING.get('oidc_oauth_token_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_authorize_url">Authorize URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_authorize_url"
+                                                                   id="oidc_oauth_authorize_url"
+                                                                   placeholder="e.g. https://oidc.com/login/oauth/authorize"
+                                                                   data-error="Plesae input Authorize URL"
+                                                                   value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_logout_url">Logout URL</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_logout_url"
+                                                                   id="oidc_oauth_logout_url"
+                                                                   placeholder="e.g. https://oidc.com/login/oauth/logout"
+                                                                   data-error="Please input Logout URL"
+                                                                   value="{{ SETTING.get('oidc_oauth_logout_url') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>CLAIMS</legend>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_username">Username</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_username" id="oidc_oauth_username"
+                                                                   placeholder="e.g. preferred_username"
+                                                                   data-error="Please input Username claim"
+                                                                   value="{{ SETTING.get('oidc_oauth_username') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_firstname">First Name</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_firstname" id="oidc_oauth_firstname"
+                                                                   placeholder="e.g. given_name"
+                                                                   data-error="Please input First Name claim"
+                                                                   value="{{ SETTING.get('oidc_oauth_firstname') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_last_name">Last Name</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_last_name" id="oidc_oauth_last_name"
+                                                                   placeholder="e.g. family_name"
+                                                                   data-error="Please input Last Name claim"
+                                                                   value="{{ SETTING.get('oidc_oauth_last_name') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_email">Email</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_email" id="oidc_oauth_email"
+                                                                   placeholder="e.g. email"
+                                                                   data-error="Plesae input Email claim"
+                                                                   value="{{ SETTING.get('oidc_oauth_email') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <fieldset>
+                                                        <legend>ADVANCE</legend>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_account_name_property">Autoprovision
+                                                                Account Name property</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_account_name_property"
+                                                                   id="oidc_oauth_account_name_property"
+                                                                   placeholder="e.g. account_name"
+                                                                   data-error="Please input property containing account_name"
+                                                                   value="{{ SETTING.get('oidc_oauth_account_name_property') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                        <div class="form-group">
+                                                            <label for="oidc_oauth_account_description_property">Autoprovision
+                                                                Account Description property</label>
+                                                            <input type="text" class="form-control"
+                                                                   name="oidc_oauth_account_description_property"
+                                                                   id="oidc_oauth_account_description_property"
+                                                                   placeholder="e.g. account_description"
+                                                                   data-error="Please input property containing account_description"
+                                                                   value="{{ SETTING.get('oidc_oauth_account_description_property') }}">
+                                                            <span class="help-block with-errors"></span>
+                                                        </div>
+                                                    </fieldset>
+                                                    <div class="form-group">
+                                                        <button type="submit" class="btn btn-flat btn-primary">Save
+                                                        </button>
                                                     </div>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_group_accounts_name">Azure group name claim</label>
-                                                    <input type="text" class="form-control" name="azure_group_accounts_name" id="azure_group_accounts_name" placeholder="e.g. displayName" data-error="Please input the Claim for Azure group name" value="{{ SETTING.get('azure_group_accounts_name') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_group_accounts_name_re">Azure group name claim regex</label>
-                                                    <input type="text" class="form-control" name="azure_group_accounts_name_re" id="azure_group_accounts_name_re" placeholder="e.g. (.*)" data-error="Please input the regex for Azure group name" value="{{ SETTING.get('azure_group_accounts_name_re') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_group_accounts_description">Azure group description claim</label>
-                                                    <input type="text" class="form-control" name="azure_group_accounts_description" id="azure_group_accounts_description" placeholder="e.g. description. If empty uses whole string" data-error="Please input the Claim for Azure group description" value="{{ SETTING.get('azure_group_accounts_description') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="azure_group_accounts_name_re">Azure group name description regex</label>
-                                                    <input type="text" class="form-control" name="azure_group_accounts_description_re" id="azure_group_accounts_description_re" placeholder="e.g. (.*). If empty uses whole string" data-error="Please input the regex for Azure group description" value="{{ SETTING.get('azure_group_accounts_description_re') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>                                                
-                                            </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                                </form>
                                             </div>
-                                        </form>
-                                    </div>
-                                    <div class="col-8">
-                                        <legend>Help</legend>
-                                        <p>Fill in all the fields in the left form.</p>
-                                        <p>You first need to define an Application Registration in your Azure Active Directory, with the appropriate HTTPS URL for this endpoint, and with the appropriate rights, as explained in the documentation.</p>
-<p><ul>
- <li>Under the Azure Active Directory, select App Registrations, and create a new one.  Give it any name you want, and the Redirect URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b> (replace the host name approriately).</li>
- <li>Select the newly-created registration</li>
- <li>On the Overview page, the Application ID is your new Client ID to use with PowerDNS-Admin</li>
- <li>On the Overview page, make a note of your Directory/Tenant ID - you need it for the API URLs later</li>
- <li>Ensure Access Tokens are enabled in the Authentication section</li>
- <li>Under Certificates and Secrets, create a new Client Secret.  Note this secret as it is the new Client Secret to use with PowerDNS-Admin</li>
- <li>Under API Permissions, you need to add permissions.  Add permissions for Graph API, Delegated.  Add: email, openid, profile, GroupMember.Read, User.Read and possibly User.Read.All.  You then need to grant admin approval for your organisation.</li>
- <li>For the Scope, use <b>User.Read openid mail profile</b></li>
- <li>Replace the [tenantID] in the default URLs for authorize and token with your Tenant ID.</li>
-</ul></p>
-<p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled, Accounts will be created automatically based on group membership. If an Account exists, an authenticated user with group membership is added to the Account</p>
-
-                                    </div>
-                                </div>
-                            </div>
-                            <div class="tab-pane" id="tabs-oidc">
-                                <div class="row">
-                                    <div class="col-4">
-                                        <form role="form" method="post" data-toggle="validator">
-                                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="oidc" name="config_tab" />
-                                            <fieldset>
-                                                <legend>GENERAL</legend>
-                                                <div class="form-group">
-                                                    <input type="checkbox" id="oidc_oauth_enabled" name="oidc_oauth_enabled" class="checkbox" {% if SETTING.get('oidc_oauth_enabled') %}checked{% endif %}>
-                                                    <label for="oidc_oauth_enabled">Enable OpenID Connect OAuth</label>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_key">Client key</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_key" id="oidc_oauth_key" placeholder="OIDC OAuth client ID" data-error="Please input Client key" value="{{ SETTING.get('oidc_oauth_key') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_secret">Client secret</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_secret" id="oidc_oauth_secret" placeholder="OIDC OAuth client secret" data-error="Please input Client secret" value="{{ SETTING.get('oidc_oauth_secret') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_scope">Scope</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_scope" id="oidc_oauth_scope" placeholder="e.g. email" data-error="Please input scope" value="{{ SETTING.get('oidc_oauth_scope') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_api_url">API URL</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_api_url" id="oidc_oauth_api_url" placeholder="e.g. https://api.oidc.com/user" data-error="Please input API URL" value="{{ SETTING.get('oidc_oauth_api_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_token_url">Token URL</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_token_url" id="oidc_oauth_token_url" placeholder="e.g. https://oidc.com/login/oauth/access_token" data-error="Please input Token URL" value="{{ SETTING.get('oidc_oauth_token_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_authorize_url">Authorize URL</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_authorize_url" id="oidc_oauth_authorize_url" placeholder="e.g. https://oidc.com/login/oauth/authorize" data-error="Plesae input Authorize URL" value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_logout_url">Logout URL</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_logout_url" id="oidc_oauth_logout_url" placeholder="e.g. https://oidc.com/login/oauth/logout" data-error="Please input Logout URL" value="{{ SETTING.get('oidc_oauth_logout_url') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>CLAIMS</legend>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_username">Username</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_username" id="oidc_oauth_username" placeholder="e.g. preferred_username" data-error="Please input Username claim" value="{{ SETTING.get('oidc_oauth_username') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_firstname">First Name</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_firstname" id="oidc_oauth_firstname" placeholder="e.g. given_name" data-error="Please input First Name claim" value="{{ SETTING.get('oidc_oauth_firstname') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_last_name">Last Name</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_last_name" id="oidc_oauth_last_name" placeholder="e.g. family_name" data-error="Please input Last Name claim" value="{{ SETTING.get('oidc_oauth_last_name') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_email">Email</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_email" id="oidc_oauth_email" placeholder="e.g. email" data-error="Plesae input Email claim" value="{{ SETTING.get('oidc_oauth_email') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <fieldset>
-                                                <legend>ADVANCE</legend>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_account_name_property">Autoprovision Account Name property</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_account_name_property" id="oidc_oauth_account_name_property" placeholder="e.g. account_name" data-error="Please input property containing account_name" value="{{ SETTING.get('oidc_oauth_account_name_property') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                                <div class="form-group">
-                                                    <label for="oidc_oauth_account_description_property">Autoprovision Account Description property</label>
-                                                    <input type="text" class="form-control" name="oidc_oauth_account_description_property" id="oidc_oauth_account_description_property" placeholder="e.g. account_description" data-error="Please input property containing account_description" value="{{ SETTING.get('oidc_oauth_account_description_property') }}">
-                                                    <span class="help-block with-errors"></span>
-                                                </div>
-                                            </fieldset>
-                                            <div class="form-group">
-                                                <button type="submit" class="btn btn-flat btn-primary">Save</button>
+                                            <div class="col-8">
+                                                <legend>Help</legend>
+                                                <p>Fill in all the fields in the left form.</p>
                                             </div>
-                                        </form>
-                                    </div>
-                                    <div class="col-8">
-                                        <legend>Help</legend>
-                                        <p>Fill in all the fields in the left form.</p>
+                                        </div>
                                     </div>
+                                    <!-- /.tab-pane -->
+
                                 </div>
+                                <!-- /.tab-content -->
                             </div>
+                            <!-- /.nav-tabs-custom -->
                         </div>
+                        <!-- /.card-body -->
                     </div>
+                    <!-- /.card -->
                 </div>
+                <!-- /.col -->
             </div>
+            <!-- /.row -->
         </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
 
 {% block extrascripts %}
-{% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-{%- endassets %}
+    {% assets "js_validation" -%}
+        <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+    {%- endassets %}
 
-<script>
-            function ldapSelection() {
-                if (document.getElementById('ldap').checked) {
-                    document.getElementById('ldap_openldap_fields').style.display = 'block';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                    document.getElementById('ldap_ad_fields').style.display = 'none';
+    <script>
+        function ldapSelection() {
+            if (document.getElementById('ldap').checked) {
+                document.getElementById('ldap_openldap_fields').style.display = 'block';
+                document.getElementById('ldap_openldap_group_filters').style.display = 'block';
+                document.getElementById('ldap_ad_fields').style.display = 'none';
+            } else {
+                document.getElementById('ldap_openldap_fields').style.display = 'none';
+                document.getElementById('ldap_openldap_group_filters').style.display = 'none';
+                document.getElementById('ldap_ad_fields').style.display = 'block';
+            }
+        }
+
+        window.onload = function () {
+            ldapSelection();
+        }
+
+        $(function () {
+            $('#tabs').tabs({
+                // add url anchor tags
+                activate: function (event, ui) {
+                    window.location.hash = ui.newPanel.attr('id');
+                }
+            });
+            // re-set active tab (ui)
+            var activeTabIdx = $('#tabs').tabs('option', 'active');
+            $('#tabs li:eq(' + activeTabIdx + ')').tab('show')
+        });
+
+        // START: General tab js
+        $('#local_db_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        })
+
+        $('#signup_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        })
+
+        $('#autoprovisioning').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        })
+        // END: General tab js
+
+        // START: LDAP tab js
+        // update validation requirement when checkbox is togged
+        $('#ldap_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        }).on('ifChanged', function (e) {
+            var is_enabled = e.currentTarget.checked;
+            if (is_enabled) {
+                $('#ldap_uri').prop('required', true);
+                $('#ldap_base_dn').prop('required', true);
+                if ($('#ldap').is(":checked")) {
+                    $('#ldap_admin_username').prop('required', true);
+                    $('#ldap_admin_password').prop('required', true);
+                    $('#ldap_domain').prop('required', false);
+                    $('#ldap_filter_group').prop('required', true);
+                    $('#ldap_filter_groupname').prop('required', true);
                 } else {
-                    document.getElementById('ldap_openldap_fields').style.display = 'none';
-                    document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                    document.getElementById('ldap_ad_fields').style.display = 'block';
+                    $('#ldap_admin_username').prop('required', false);
+                    $('#ldap_admin_password').prop('required', false);
+                    $('#ldap_domain').prop('required', true);
+                    $('#ldap_filter_group').prop('required', false);
+                    $('#ldap_filter_groupname').prop('required', false);
+                }
+                $('#ldap_filter_basic').prop('required', true);
+                $('#ldap_filter_username').prop('required', true);
+
+                if ($('#ldap_sg_on').is(":checked")) {
+                    $('#ldap_admin_group').prop('required', true);
+                    $('#ldap_operator_group').prop('required', true);
+                    $('#ldap_user_group').prop('required', true);
+                }
+                if ($('#autoprovisioning').is(":checked")) {
+                    $('#autoprovisioning_attribute').prop('required', true);
+                    $('#urn_value').prop('required', true);
+                }
+            } else {
+                $('#ldap_uri').prop('required', false);
+                $('#ldap_base_dn').prop('required', false);
+                $('#ldap_admin_username').prop('required', false);
+                $('#ldap_admin_password').prop('required', false);
+                $('#ldap_filter_basic').prop('required', false);
+                $('#ldap_filter_group').prop('required', false);
+                $('#ldap_filter_username').prop('required', false);
+                $('#ldap_filter_groupname').prop('required', false);
+
+                if ($('#ldap_sg_on').is(":checked")) {
+                    $('#ldap_admin_group').prop('required', false);
+                    $('#ldap_operator_group').prop('required', false);
+                    $('#ldap_user_group').prop('required', false);
+                }
+                if ($('#autoprovisioning').is(":checked")) {
+                    $('#autoprovisioning_attribute').prop('required', false);
+                    $('#urn_value').prop('required', true);
                 }
             }
-    
-            window.onload = function() {
-                ldapSelection();
+        });
+
+        $("input[name='ldap_sg_enabled']").change(function () {
+            if ($('#ldap_sg_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
+                $('#ldap_admin_group').prop('required', true);
+                $('#ldap_operator_group').prop('required', true);
+                $('#ldap_user_group').prop('required', true);
+            } else {
+                $('#ldap_admin_group').prop('required', false);
+                $('#ldap_operator_group').prop('required', false);
+                $('#ldap_user_group').prop('required', false);
             }
-    
-    $(function() {
-        $('#tabs').tabs({
-            // add url anchor tags
-            activate: function(event, ui) {
-                window.location.hash = ui.newPanel.attr('id');
+
+            if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")) {
+                document.getElementById('ldap_sg_on').checked = false;
+                document.getElementById('ldap_sg_off').checked = true;
+                var modal = $("#modal_warning");
+
+                var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Advance:Autoprovisioning first";
+                modal.find('.modal-body p').text(info);
+                modal.find('#button_warning_confirm').click(function () {
+                    modal.modal('hide');
+                })
+                modal.find('#warning_X').click(function () {
+                    modal.modal('hide');
+                })
+                modal.modal('show');
             }
         });
-        // re-set active tab (ui)
-        var activeTabIdx = $('#tabs').tabs('option','active');
-        $('#tabs li:eq('+activeTabIdx+')').tab('show')
-    });
 
-    // START: General tab js
-    $('#local_db_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    })
+        $("input[name='autoprovisioning']").change(function () {
+            if ($('#autoprovisioning_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
+                $('#autoprovisioning_attribute').prop('required', true);
+                $('#urn_value').prop('required', true);
+                $('#purge').prop('required', true);
+            } else {
+                $('#autoprovisioning_attribute').prop('required', false);
+                $('#urn_value').prop('required', false);
+                $('#purge').prop('required', false);
+            }
+            if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")) {
+                document.getElementById('autoprovisioning_on').checked = false;
+                document.getElementById('autoprovisioning_off').checked = true;
+                var modal = $("#modal_warning");
+                var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Group Security:Status first";
+                modal.find('.modal-body p').text(info);
+                modal.find('#button_warning_confirm').click(function () {
 
-    $('#signup_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    })
+                    modal.modal('hide');
+                })
+                modal.find('#warning_X').click(function () {
+                    modal.modal('hide');
+                })
+                modal.modal('show');
 
-    $('#autoprovisioning').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    })
-    // END: General tab js
+            }
+        });
+
+        $("input[name='purge']").change(function () {
+            if ($("#purge_on").is(":checked")) {
+                document.getElementById('purge_on').checked = false;
+                document.getElementById('purge_off').checked = true;
+                var modal = $("#modal_confirm");
+                var info = "Are you sure you want to do this? Users will lose their associated domains unless they already have their autoprovisioning field prepopulated.";
+                modal.find('.modal-body p').text(info);
+                modal.find('#button_confirm').click(function () {
+                    document.getElementById('purge_on').checked = true;
+                    document.getElementById('purge_off').checked = false;
+                    modal.modal('hide');
+                })
+                modal.find('#button_cancel').click(function () {
+                    modal.modal('hide');
+                })
+                modal.find('#X').click(function () {
+                    modal.modal('hide');
+                })
+                modal.modal('show');
+            }
+        });
 
-    // START: LDAP tab js
-    // update validation requirement when checkbox is togged
-    $('#ldap_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    }).on('ifChanged', function(e) {
-        var is_enabled = e.currentTarget.checked;
-        if (is_enabled){
+        $("input[name='ldap_type']").change(function () {
+            if ($('#ldap').is(":checked") && $('#ldap_enabled').is(":checked")) {
+                $('#ldap_admin_group').prop('required', true);
+                $('#ldap_operator_group').prop('required', true);
+                $('#ldap_user_group').prop('required', true);
+                $('#ldap_domain').prop('required', false);
+            } else {
+                $('#ldap_admin_group').prop('required', false);
+                $('#ldap_operator_group').prop('required', false);
+                $('#ldap_user_group').prop('required', false);
+                $('#ldap_domain').prop('required', true);
+            }
+        });
+
+        // init validation requirement at first time page load
+        {% if SETTING.get('ldap_enabled') %}
             $('#ldap_uri').prop('required', true);
             $('#ldap_base_dn').prop('required', true);
-            if ($('#ldap').is(":checked") ) {
+            if ($('#ldap').is(":checked")) {
                 $('#ldap_admin_username').prop('required', true);
                 $('#ldap_admin_password').prop('required', true);
                 $('#ldap_domain').prop('required', false);
-                $('#ldap_filter_group').prop('required', true);
-                $('#ldap_filter_groupname').prop('required', true);
             } else {
                 $('#ldap_admin_username').prop('required', false);
                 $('#ldap_admin_password').prop('required', false);
                 $('#ldap_domain').prop('required', true);
-                $('#ldap_filter_group').prop('required', false);
-                $('#ldap_filter_groupname').prop('required', false);
             }
             $('#ldap_filter_basic').prop('required', true);
+            $('#ldap_filter_group').prop('required', true);
             $('#ldap_filter_username').prop('required', true);
+            $('#ldap_filter_groupname').prop('required', true);
 
             if ($('#ldap_sg_on').is(":checked")) {
                 $('#ldap_admin_group').prop('required', true);
                 $('#ldap_operator_group').prop('required', true);
                 $('#ldap_user_group').prop('required', true);
             }
-            if ($('#autoprovisioning').is(":checked")) {
-                $('#autoprovisioning_attribute').prop('required', true);
-                $('#urn_value').prop('required', true);
-            }
-        } else {
-            $('#ldap_uri').prop('required', false);
-            $('#ldap_base_dn').prop('required', false);
-            $('#ldap_admin_username').prop('required', false);
-            $('#ldap_admin_password').prop('required', false);
-            $('#ldap_filter_basic').prop('required', false);
-            $('#ldap_filter_group').prop('required', false);
-            $('#ldap_filter_username').prop('required', false);
-            $('#ldap_filter_groupname').prop('required', false);
 
-            if ($('#ldap_sg_on').is(":checked")) {
-                $('#ldap_admin_group').prop('required', false);
-                $('#ldap_operator_group').prop('required', false);
-                $('#ldap_user_group').prop('required', false);
-            }
-            if ($('#autoprovisioning').is(":checked")) {
-                $('#autoprovisioning_attribute').prop('required', false);
+            if ($('#autoprovisioning_on').is(":checked")) {
+                $('#autoprovisioning_attribute').prop('required', true);
                 $('#urn_value').prop('required', true);
             }
-        }
-    });
 
-    $("input[name='ldap_sg_enabled']" ).change(function(){
-        if ($('#ldap_sg_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
-            $('#ldap_admin_group').prop('required', true);
-            $('#ldap_operator_group').prop('required', true);
-            $('#ldap_user_group').prop('required', true);
-        } else {
-            $('#ldap_admin_group').prop('required', false);
-            $('#ldap_operator_group').prop('required', false);
-            $('#ldap_user_group').prop('required', false);
-        }
-
-         if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")){
-             document.getElementById('ldap_sg_on').checked=false;
-             document.getElementById('ldap_sg_off').checked=true;
-             var modal = $("#modal_warning");
-
-             var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Advance:Autoprovisioning first" ;
-             modal.find('.modal-body p').text(info);
-              modal.find('#button_warning_confirm').click(function () {
-                  modal.modal('hide');
-              })
-              modal.find('#warning_X').click(function () {
-                 modal.modal('hide');
-             })
-             modal.modal('show');
-        }
-    });
-
-    $("input[name='autoprovisioning']" ).change(function(){
-        if ($('#autoprovisioning_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
-            $('#autoprovisioning_attribute').prop('required', true);
-            $('#urn_value').prop('required', true);
-            $('#purge').prop('required', true);
-        }
-        else{
-            $('#autoprovisioning_attribute').prop('required', false);
-            $('#urn_value').prop('required', false);
-            $('#purge').prop('required', false);
-        }
-        if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")){
-             document.getElementById('autoprovisioning_on').checked=false;
-             document.getElementById('autoprovisioning_off').checked=true;
-             var modal = $("#modal_warning");
-             var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Group Security:Status first" ;
-             modal.find('.modal-body p').text(info);
-              modal.find('#button_warning_confirm').click(function () {
-                  
-                  modal.modal('hide');
-              })
-              modal.find('#warning_X').click(function () {
-                 modal.modal('hide');
-             })
-             modal.modal('show');
-             
-        }
-    });
-
-     $("input[name='purge']" ).change(function(){
-         if ($("#purge_on").is(":checked")){
-            document.getElementById('purge_on').checked=false;
-            document.getElementById('purge_off').checked=true;
-             var modal = $("#modal_confirm");
-             var info = "Are you sure you want to do this? Users will lose their associated domains unless they already have their autoprovisioning field prepopulated." ;
-             modal.find('.modal-body p').text(info);
-             modal.find('#button_confirm').click(function () {
-                document.getElementById('purge_on').checked=true;
-                document.getElementById('purge_off').checked=false;
-                 modal.modal('hide');
-             })
-             modal.find('#button_cancel').click(function () {
-                 modal.modal('hide');
-             })
-             modal.find('#X').click(function () {
-                 modal.modal('hide');
-             })
-             modal.modal('show');
-         }
-     });
-
-    $("input[name='ldap_type']" ).change(function(){
-        if ($('#ldap').is(":checked") && $('#ldap_enabled').is(":checked")) {
-            $('#ldap_admin_group').prop('required', true);
-            $('#ldap_operator_group').prop('required', true);
-            $('#ldap_user_group').prop('required', true);
-            $('#ldap_domain').prop('required', false);
-        } else {
-            $('#ldap_admin_group').prop('required', false);
-            $('#ldap_operator_group').prop('required', false);
-            $('#ldap_user_group').prop('required', false);
-            $('#ldap_domain').prop('required', true);
-        }
-    });
-
-    // init validation requirement at first time page load
-    {% if SETTING.get('ldap_enabled') %}
-        $('#ldap_uri').prop('required', true);
-        $('#ldap_base_dn').prop('required', true);
-        if ($('#ldap').is(":checked") ) {
-            $('#ldap_admin_username').prop('required', true);
-            $('#ldap_admin_password').prop('required', true);
-            $('#ldap_domain').prop('required', false);
-        } else {
-            $('#ldap_admin_username').prop('required', false);
-            $('#ldap_admin_password').prop('required', false);
-            $('#ldap_domain').prop('required', true);
-        }
-        $('#ldap_filter_basic').prop('required', true);
-        $('#ldap_filter_group').prop('required', true);
-        $('#ldap_filter_username').prop('required', true);
-        $('#ldap_filter_groupname').prop('required', true);
-
-        if ($('#ldap_sg_on').is(":checked")) {
-            $('#ldap_admin_group').prop('required', true);
-            $('#ldap_operator_group').prop('required', true);
-            $('#ldap_user_group').prop('required', true);
-        }
-
-        if ($('#autoprovisioning_on').is(":checked")) {
-            $('#autoprovisioning_attribute').prop('required', true);
-            $('#urn_value').prop('required', true);
-        }
+        {% endif %}
 
-    {% endif %}
+        // END: LDAP tab js
 
-    // END: LDAP tab js
+        // START: Google tab js
+        // update validation requirement when checkbox is togged
+        $('#google_oauth_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        }).on('ifChanged', function (e) {
+            var is_enabled = e.currentTarget.checked;
+            if (is_enabled) {
+                $('#google_oauth_client_id').prop('required', true);
+                $('#google_oauth_client_secret').prop('required', true);
+                $('#google_token_url').prop('required', true);
+                $('#google_oauth_scope').prop('required', true);
+                $('#google_authorize_url').prop('required', true);
+                $('#google_base_url').prop('required', true);
+            } else {
+                $('#google_oauth_client_id').prop('required', false);
+                $('#google_oauth_client_secret').prop('required', false);
+                $('#google_token_url').prop('required', false);
+                $('#google_oauth_scope').prop('required', false);
+                $('#google_authorize_url').prop('required', false);
+                $('#google_base_url').prop('required', false);
+            }
+        });
 
-    // START: Google tab js
-    // update validation requirement when checkbox is togged
-    $('#google_oauth_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    }).on('ifChanged', function(e) {
-        var is_enabled = e.currentTarget.checked;
-        if (is_enabled){
+        // init validation requirement at first time page load
+        {% if SETTING.get('google_oauth_enabled') %}
             $('#google_oauth_client_id').prop('required', true);
             $('#google_oauth_client_secret').prop('required', true);
             $('#google_token_url').prop('required', true);
             $('#google_oauth_scope').prop('required', true);
             $('#google_authorize_url').prop('required', true);
             $('#google_base_url').prop('required', true);
-        } else {
-            $('#google_oauth_client_id').prop('required', false);
-            $('#google_oauth_client_secret').prop('required', false);
-            $('#google_token_url').prop('required', false);
-            $('#google_oauth_scope').prop('required', false);
-            $('#google_authorize_url').prop('required', false);
-            $('#google_base_url').prop('required', false);
-        }
-    });
+        {% endif %}
+        // END: Google tab js
 
-    // init validation requirement at first time page load
-    {% if SETTING.get('google_oauth_enabled') %}
-        $('#google_oauth_client_id').prop('required', true);
-        $('#google_oauth_client_secret').prop('required', true);
-        $('#google_token_url').prop('required', true);
-        $('#google_oauth_scope').prop('required', true);
-        $('#google_authorize_url').prop('required', true);
-        $('#google_base_url').prop('required', true);
-    {% endif %}
-    // END: Google tab js
-
-    // START: Github tab js
-    // update validation requirement when checkbox is togged
-    $('#github_oauth_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    }).on('ifChanged', function(e) {
-        var is_enabled = e.currentTarget.checked;
-        if (is_enabled){
+        // START: Github tab js
+        // update validation requirement when checkbox is togged
+        $('#github_oauth_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        }).on('ifChanged', function (e) {
+            var is_enabled = e.currentTarget.checked;
+            if (is_enabled) {
+                $('#github_oauth_key').prop('required', true);
+                $('#github_oauth_secret').prop('required', true);
+                $('#github_oauth_scope').prop('required', true);
+                $('#github_oauth_api_url').prop('required', true);
+                $('#github_oauth_token_url').prop('required', true);
+                $('#github_oauth_authorize_url').prop('required', true);
+            } else {
+                $('#github_oauth_key').prop('required', false);
+                $('#github_oauth_secret').prop('required', false);
+                $('#github_oauth_scope').prop('required', false);
+                $('#github_oauth_api_url').prop('required', false);
+                $('#github_oauth_token_url').prop('required', false);
+                $('#github_oauth_authorize_url').prop('required', false);
+            }
+        });
+        // init validation requirement at first time page load
+        {% if SETTING.get('github_oauth_enabled') %}
             $('#github_oauth_key').prop('required', true);
             $('#github_oauth_secret').prop('required', true);
             $('#github_oauth_scope').prop('required', true);
             $('#github_oauth_api_url').prop('required', true);
             $('#github_oauth_token_url').prop('required', true);
             $('#github_oauth_authorize_url').prop('required', true);
-        } else {
-            $('#github_oauth_key').prop('required', false);
-            $('#github_oauth_secret').prop('required', false);
-            $('#github_oauth_scope').prop('required', false);
-            $('#github_oauth_api_url').prop('required', false);
-            $('#github_oauth_token_url').prop('required', false);
-            $('#github_oauth_authorize_url').prop('required', false);
-        }
-    });
-    // init validation requirement at first time page load
-    {% if SETTING.get('github_oauth_enabled') %}
-        $('#github_oauth_key').prop('required', true);
-        $('#github_oauth_secret').prop('required', true);
-        $('#github_oauth_scope').prop('required', true);
-        $('#github_oauth_api_url').prop('required', true);
-        $('#github_oauth_token_url').prop('required', true);
-        $('#github_oauth_authorize_url').prop('required', true);
-    {% endif %}
-    // END: Github tab js
+        {% endif %}
+        // END: Github tab js
 
-    // START: Azure tab js
-    // update validation requirement when checkbox is togged
-    $('#azure_oauth_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    }).on('ifChanged', function(e) {
-        var is_enabled = e.currentTarget.checked;
-        if (is_enabled){
+        // START: Azure tab js
+        // update validation requirement when checkbox is togged
+        $('#azure_oauth_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        }).on('ifChanged', function (e) {
+            var is_enabled = e.currentTarget.checked;
+            if (is_enabled) {
+                $('#azure_oauth_key').prop('required', true);
+                $('#azure_oauth_secret').prop('required', true);
+                $('#azure_oauth_scope').prop('required', true);
+                $('#azure_oauth_api_url').prop('required', true);
+                $('#azure_oauth_token_url').prop('required', true);
+                $('#azure_oauth_authorize_url').prop('required', true);
+            } else {
+                $('#azure_oauth_key').prop('required', false);
+                $('#azure_oauth_secret').prop('required', false);
+                $('#azure_oauth_scope').prop('required', false);
+                $('#azure_oauth_api_url').prop('required', false);
+                $('#azure_oauth_token_url').prop('required', false);
+                $('#azure_oauth_authorize_url').prop('required', false);
+            }
+        });
+        // init validation requirement at first time page load
+        {% if SETTING.get('azure_oauth_enabled') %}
             $('#azure_oauth_key').prop('required', true);
             $('#azure_oauth_secret').prop('required', true);
             $('#azure_oauth_scope').prop('required', true);
             $('#azure_oauth_api_url').prop('required', true);
             $('#azure_oauth_token_url').prop('required', true);
             $('#azure_oauth_authorize_url').prop('required', true);
-        } else {
-            $('#azure_oauth_key').prop('required', false);
-            $('#azure_oauth_secret').prop('required', false);
-            $('#azure_oauth_scope').prop('required', false);
-            $('#azure_oauth_api_url').prop('required', false);
-            $('#azure_oauth_token_url').prop('required', false);
-            $('#azure_oauth_authorize_url').prop('required', false);
-        }
-    });
-    // init validation requirement at first time page load
-    {% if SETTING.get('azure_oauth_enabled') %}
-        $('#azure_oauth_key').prop('required', true);
-        $('#azure_oauth_secret').prop('required', true);
-        $('#azure_oauth_scope').prop('required', true);
-        $('#azure_oauth_api_url').prop('required', true);
-        $('#azure_oauth_token_url').prop('required', true);
-        $('#azure_oauth_authorize_url').prop('required', true);
-    {% endif %}
-    // END: Azure tab js
+        {% endif %}
+        // END: Azure tab js
 
-    // START: OIDC tab js
-    $('#oidc_oauth_enabled').iCheck({
-        checkboxClass : 'icheckbox_square-blue',
-        increaseArea : '20%'
-    }).on('ifChanged', function(e) {
-        var is_enabled = e.currentTarget.checked;
-        if (is_enabled){
+        // START: OIDC tab js
+        $('#oidc_oauth_enabled').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        }).on('ifChanged', function (e) {
+            var is_enabled = e.currentTarget.checked;
+            if (is_enabled) {
+                $('#oidc_oauth_key').prop('required', true);
+                $('#oidc_oauth_secret').prop('required', true);
+                $('#oidc_oauth_scope').prop('required', true);
+                $('#oidc_oauth_api_url').prop('required', true);
+                $('#oidc_oauth_token_url').prop('required', true);
+                $('#oidc_oauth_authorize_url').prop('required', true);
+                $('#oidc_oauth_username').prop('required', true);
+                $('#oidc_oauth_firstname').prop('required', true);
+                $('#oidc_oauth_last_name').prop('required', true);
+                $('#oidc_oauth_email').prop('required', true);
+            } else {
+                $('#oidc_oauth_key').prop('required', false);
+                $('#oidc_oauth_secret').prop('required', false);
+                $('#oidc_oauth_scope').prop('required', false);
+                $('#oidc_oauth_api_url').prop('required', false);
+                $('#oidc_oauth_token_url').prop('required', false);
+                $('#oidc_oauth_authorize_url').prop('required', false);
+                $('#oidc_oauth_username').prop('required', false);
+                $('#oidc_oauth_firstname').prop('required', false);
+                $('#oidc_oauth_last_name').prop('required', false);
+                $('#oidc_oauth_email').prop('required', false);
+            }
+        });
+        // init validation requirement at first time page load
+        {% if SETTING.get('oidc_oauth_enabled') %}
             $('#oidc_oauth_key').prop('required', true);
             $('#oidc_oauth_secret').prop('required', true);
             $('#oidc_oauth_scope').prop('required', true);
@@ -1063,74 +1503,51 @@ <h3 class="card-title">Help</h3>
             $('#oidc_oauth_firstname').prop('required', true);
             $('#oidc_oauth_last_name').prop('required', true);
             $('#oidc_oauth_email').prop('required', true);
-        } else {
-            $('#oidc_oauth_key').prop('required', false);
-            $('#oidc_oauth_secret').prop('required', false);
-            $('#oidc_oauth_scope').prop('required', false);
-            $('#oidc_oauth_api_url').prop('required', false);
-            $('#oidc_oauth_token_url').prop('required', false);
-            $('#oidc_oauth_authorize_url').prop('required', false);
-            $('#oidc_oauth_username').prop('required', false);
-            $('#oidc_oauth_firstname').prop('required', false);
-            $('#oidc_oauth_last_name').prop('required', false);
-            $('#oidc_oauth_email').prop('required', false);
-        }
-    });
-        // init validation requirement at first time page load
-        {% if SETTING.get('oidc_oauth_enabled') %}
-        $('#oidc_oauth_key').prop('required', true);
-        $('#oidc_oauth_secret').prop('required', true);
-        $('#oidc_oauth_scope').prop('required', true);
-        $('#oidc_oauth_api_url').prop('required', true);
-        $('#oidc_oauth_token_url').prop('required', true);
-        $('#oidc_oauth_authorize_url').prop('required', true);
-        $('#oidc_oauth_username').prop('required', true);
-        $('#oidc_oauth_firstname').prop('required', true);
-        $('#oidc_oauth_last_name').prop('required', true);
-        $('#oidc_oauth_email').prop('required', true);
-    {% endif %}
-    //END: OIDC Tab JS
+        {% endif %}
+        //END: OIDC Tab JS
 
-</script>
+    </script>
 {% endblock %}
 
 {% block modals %}
-<div class="modal fade modal-warning" id="modal_confirm" data-keyboard="false" data-backdrop="static">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="X" >
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Confirmation</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF" data-dismiss="modal" >Cancel</button>
-                <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
+    <div class="modal fade modal-warning" id="modal_confirm" data-keyboard="false" data-backdrop="static">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="X">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                    <h4 class="modal-title">Confirmation</h4>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF"
+                            data-dismiss="modal">Cancel
+                    </button>
+                    <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
+                </div>
             </div>
         </div>
     </div>
-</div>
 
-<div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
-    <div class="modal-dialog">
-        <div class="modal-content">
-            <div class="modal-header">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="warning_X" >
-                    <span aria-hidden="true">&times;</span>
-                </button>
-                <h4 class="modal-title">Warning</h4>
-            </div>
-            <div class="modal-body">
-                <p></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
+    <div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="warning_X">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                    <h4 class="modal-title">Warning</h4>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
+                </div>
             </div>
         </div>
     </div>
-</div>
 {% endblock %}

From 764b83b5d540fdbcd0c1c0e34ac9dfaca575181c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 10:42:25 -0500
Subject: [PATCH 252/475] Working on first-round updates for the authentication
 settings view.

---
 .../admin_setting_authentication.html         | 282 ++++++++++--------
 1 file changed, 160 insertions(+), 122 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 32fca2a97..9705169fc 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -98,7 +98,7 @@ <h3 class="card-title">Basic Settings</h3>
 
                                     <div class="tab-pane" id="tabs-ldap">
                                         <div class="row">
-                                            <div class="col-4">
+                                            <div class="col-12 col-sm-6 col-lg-4">
                                                 {% if error %}
                                                     <div class="alert alert-danger alert-dismissible">
                                                         <button type="button" class="close" data-dismiss="alert"
@@ -379,128 +379,166 @@ <h3 class="card-title">LDAP Settings</h3>
                                                     </div>
                                                 </form>
                                             </div>
-                                            <div class="col-8">
-                                                <legend>Help</legend>
-                                                <dl class="dl-horizontal">
-                                                    <dt>Enable LDAP Authentication</dt>
-                                                    <dd>Turn on / off the LDAP authentication.</dd>
-                                                    <dt>Type</dt>
-                                                    <dd>Select your current directory service type.
-                                                        <ul>
-                                                            <li>
-                                                                OpenLDAP - Open source implementation of the Lightweight
-                                                                Directory Access Protocol.
-                                                            </li>
-                                                            <li>
-                                                                Active Directory - Active Directory is a directory
-                                                                service that Microsoft developed for the Windows domain
-                                                                networks.
-                                                            </li>
-                                                        </ul>
-                                                    </dd>
-                                                    <dt>ADMINISTRATOR INFO</dt>
-                                                    <dd>Your LDAP connection string and admin credential used by PDA to
-                                                        query user information.
-                                                        <ul>
-                                                            <li>
-                                                                LDAP URI - The fully qualified domain names of your
-                                                                directory servers. (e.g. ldap://127.0.0.1:389)
-                                                            </li>
-                                                            <li>
-                                                                LDAP Base DN - The point from where a PDA will search
-                                                                for users.
-                                                            </li>
-                                                            <li>
-                                                                LDAP admin username - Your LDAP administrator user which
-                                                                has permission to query information in the Base DN
-                                                                above. Not needed for Active Directory authentication.
-                                                            </li>
-                                                            <li>
-                                                                LDAP admin password - The password of LDAP administrator
-                                                                user. Not needed for Active Directory authentication.
-                                                            </li>
-                                                            <li>
-                                                                Active Directory domain - Active Directory domain used.
-                                                            </li>
-                                                        </ul>
-                                                    </dd>
-                                                    <dt>FILTERS</dt>
-                                                    <dd>Define how you want to filter your user in LDAP query.
-                                                        <ul>
-                                                            <li>
-                                                                Basic filter - The filter that will be applied to all
-                                                                LDAP query by PDA. (e.g.
-                                                                <i>(objectClass=inetorgperson)</i> for OpenLDAP and <i>(objectClass=organizationalPerson)</i>
-                                                                for Active Directory)
-                                                            </li>
-                                                            <li>
-                                                                Username field - The field PDA will look for user's
-                                                                username. (e.g. <i>uid</i> for OpenLDAP and <i>sAMAccountName</i>
-                                                                for Active Directory)
-                                                            </li>
-                                                            <li>
-                                                                Group filter - The filter that will be applied to all
-                                                                LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i>
-                                                                for OpenLDAP)
-                                                            </li>
-                                                            <li>
-                                                                Group name field - The field PDA will look for group
-                                                                names. (e.g. <i>member</i> for OpenLDAP)
-                                                            </li>
-                                                        </ul>
-                                                    </dd>
-                                                    <dt>GROUP SECURITY</dt>
-                                                    <dd>User can be assigned to PDA's User or Admin group by matching
-                                                        following LDAP Group.
-                                                        <ul>
-                                                            <li>
-                                                                Status - Turn on / off group security feature.
-                                                            </li>
-                                                            <li>
-                                                                Admin group - Your LDAP admin group.
-                                                            </li>
-                                                            <li>
-                                                                Operator group - Your LDAP operator group.
-                                                            </li>
-                                                            <li>
-                                                                User group - Your LDAP user group.
-                                                            </li>
-                                                        </ul>
-                                                    </dd>
-                                                    <dt>ADVANCE</dt>
-                                                    <dd> Provision PDA user privileges based on LDAP Object Attributes.
-                                                        Alternative to Group Security Role Management.
-                                                        <ul>
-                                                            <li>
-                                                                Roles Autoprovisioning - If toggled on, the PDA Role and
-                                                                the associations of users found in the local db, will be
-                                                                instantly updated from the LDAP server every time they
-                                                                log in.
-                                                            </li>
-                                                            <li>
-                                                                Roles provisioning field - The attribute in the ldap
-                                                                server populated by the urn values where PDA will look
-                                                                for a new Role and/or new associations to
-                                                                domains/accounts.
-                                                            </li>
-                                                            <li>
-                                                                Urn prefix - The prefix used before the static keyword
-                                                                "powerdns-admin" for your entitlements in the ldap
-                                                                server. Must comply with RFC no.8141.
-                                                            </li>
-                                                            <li>
-                                                                Purge Roles If Empty - If toggled on, ldap entries that
-                                                                have no valid "powerdns-admin" records to their
-                                                                autoprovisioning field, will lose all their associations
-                                                                with any domain or account, also reverting to a User in
-                                                                the process, despite their current role in the local db.<br>
-                                                                If toggled off, in the same scenario they get to keep
-                                                                their existing associations and their current Role.
+                                            <div class="col-12 col-sm-6 col-lg-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">LDAP Settings Help</h3>
+                                                    </div>
+                                                    <div class="card-body">
+                                                        <dl class="dl-horizontal">
+                                                            <dt>Enable LDAP Authentication</dt>
+                                                            <dd>Turn on / off the LDAP authentication.</dd>
+                                                            <dt>Type</dt>
+                                                            <dd>Select your current directory service type.
+                                                                <ul>
+                                                                    <li>
+                                                                        OpenLDAP - Open source implementation of the
+                                                                        Lightweight
+                                                                        Directory Access Protocol.
+                                                                    </li>
+                                                                    <li>
+                                                                        Active Directory - Active Directory is a
+                                                                        directory
+                                                                        service that Microsoft developed for the Windows
+                                                                        domain
+                                                                        networks.
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                            <dt>ADMINISTRATOR INFO</dt>
+                                                            <dd>Your LDAP connection string and admin credential used by
+                                                                PDA to
+                                                                query user information.
+                                                                <ul>
+                                                                    <li>
+                                                                        LDAP URI - The fully qualified domain names of
+                                                                        your
+                                                                        directory servers. (e.g. ldap://127.0.0.1:389)
+                                                                    </li>
+                                                                    <li>
+                                                                        LDAP Base DN - The point from where a PDA will
+                                                                        search
+                                                                        for users.
+                                                                    </li>
+                                                                    <li>
+                                                                        LDAP admin username - Your LDAP administrator
+                                                                        user which
+                                                                        has permission to query information in the Base
+                                                                        DN
+                                                                        above. Not needed for Active Directory
+                                                                        authentication.
+                                                                    </li>
+                                                                    <li>
+                                                                        LDAP admin password - The password of LDAP
+                                                                        administrator
+                                                                        user. Not needed for Active Directory
+                                                                        authentication.
+                                                                    </li>
+                                                                    <li>
+                                                                        Active Directory domain - Active Directory
+                                                                        domain used.
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                            <dt>FILTERS</dt>
+                                                            <dd>Define how you want to filter your user in LDAP query.
+                                                                <ul>
+                                                                    <li>
+                                                                        Basic filter - The filter that will be applied
+                                                                        to all
+                                                                        LDAP query by PDA. (e.g.
+                                                                        <i>(objectClass=inetorgperson)</i> for OpenLDAP
+                                                                        and <i>(objectClass=organizationalPerson)</i>
+                                                                        for Active Directory)
+                                                                    </li>
+                                                                    <li>
+                                                                        Username field - The field PDA will look for
+                                                                        user's
+                                                                        username. (e.g. <i>uid</i> for OpenLDAP and <i>sAMAccountName</i>
+                                                                        for Active Directory)
+                                                                    </li>
+                                                                    <li>
+                                                                        Group filter - The filter that will be applied
+                                                                        to all
+                                                                        LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i>
+                                                                        for OpenLDAP)
+                                                                    </li>
+                                                                    <li>
+                                                                        Group name field - The field PDA will look for
+                                                                        group
+                                                                        names. (e.g. <i>member</i> for OpenLDAP)
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                            <dt>GROUP SECURITY</dt>
+                                                            <dd>User can be assigned to PDA's User or Admin group by
+                                                                matching
+                                                                following LDAP Group.
+                                                                <ul>
+                                                                    <li>
+                                                                        Status - Turn on / off group security feature.
+                                                                    </li>
+                                                                    <li>
+                                                                        Admin group - Your LDAP admin group.
+                                                                    </li>
+                                                                    <li>
+                                                                        Operator group - Your LDAP operator group.
+                                                                    </li>
+                                                                    <li>
+                                                                        User group - Your LDAP user group.
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                            <dt>ADVANCE</dt>
+                                                            <dd> Provision PDA user privileges based on LDAP Object
+                                                                Attributes.
+                                                                Alternative to Group Security Role Management.
+                                                                <ul>
+                                                                    <li>
+                                                                        Roles Autoprovisioning - If toggled on, the PDA
+                                                                        Role and
+                                                                        the associations of users found in the local db,
+                                                                        will be
+                                                                        instantly updated from the LDAP server every
+                                                                        time they
+                                                                        log in.
+                                                                    </li>
+                                                                    <li>
+                                                                        Roles provisioning field - The attribute in the
+                                                                        ldap
+                                                                        server populated by the urn values where PDA
+                                                                        will look
+                                                                        for a new Role and/or new associations to
+                                                                        domains/accounts.
+                                                                    </li>
+                                                                    <li>
+                                                                        Urn prefix - The prefix used before the static
+                                                                        keyword
+                                                                        "powerdns-admin" for your entitlements in the
+                                                                        ldap
+                                                                        server. Must comply with RFC no.8141.
+                                                                    </li>
+                                                                    <li>
+                                                                        Purge Roles If Empty - If toggled on, ldap
+                                                                        entries that
+                                                                        have no valid "powerdns-admin" records to their
+                                                                        autoprovisioning field, will lose all their
+                                                                        associations
+                                                                        with any domain or account, also reverting to a
+                                                                        User in
+                                                                        the process, despite their current role in the
+                                                                        local db.<br>
+                                                                        If toggled off, in the same scenario they get to
+                                                                        keep
+                                                                        their existing associations and their current
+                                                                        Role.
 
-                                                            </li>
-                                                        </ul>
-                                                    </dd>
-                                                </dl>
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                        </dl>
+                                                    </div>
+                                                </div>
                                             </div>
                                         </div>
                                     </div>

From 0e94e1848569e7c3f4e626a4c0988a23b12d1ffb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 11:25:25 -0500
Subject: [PATCH 253/475] Working on first-round updates for the authentication
 settings view.

---
 .../admin_setting_authentication.html         | 1070 +++++++++--------
 1 file changed, 586 insertions(+), 484 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 9705169fc..a3060fd85 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -53,7 +53,7 @@ <h3 class="card-title">Settings Editor</h3>
                                             OAuth</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">Github
+                                        <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">GitHub
                                             OAuth</a>
                                     </li>
                                     <li class="nav-item">
@@ -68,31 +68,48 @@ <h3 class="card-title">Settings Editor</h3>
                                 <div class="tab-content">
 
                                     <div class="tab-pane active" id="tabs-general">
-                                        <form role="form" method="post">
-                                            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                            <input type="hidden" value="general" name="config_tab"/>
-                                            <div class="card">
-                                                <div class="card-header">
-                                                    <h3 class="card-title">Basic Settings</h3>
-                                                </div>
-                                                <div class="card-body">
-                                                    <div class="form-group">
-                                                        <input type="checkbox" id="local_db_enabled"
-                                                               name="local_db_enabled"
-                                                               class="checkbox"
-                                                               {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
-                                                        <label for="local_db_enabled">Local DB Authentication</label>
+                                        <div class="row">
+                                            <div class="col-12 col-sm-6 col-lg-4">
+                                                <form role="form" method="post">
+                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="general" name="config_tab"/>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Basic Settings</h3>
+                                                        </div>
+                                                        <div class="card-body">
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="local_db_enabled"
+                                                                       name="local_db_enabled"
+                                                                       class="checkbox"
+                                                                       {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
+                                                                <label for="local_db_enabled">Local DB
+                                                                    Authentication</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="signup_enabled"
+                                                                       name="signup_enabled"
+                                                                       class="checkbox"
+                                                                       {% if SETTING.get('signup_enabled') %}checked{% endif %}>
+                                                                <label for="signup_enabled">Allow users to sign
+                                                                    up</label>
+                                                            </div>
+                                                            <button type="submit" class="btn btn-primary">Save</button>
+                                                        </div>
+                                                    </div>
+                                                </form>
+                                            </div>
+                                            <div class="col-12 col-sm-6 col-lg-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">Settings Help</h3>
                                                     </div>
-                                                    <div class="form-group">
-                                                        <input type="checkbox" id="signup_enabled" name="signup_enabled"
-                                                               class="checkbox"
-                                                               {% if SETTING.get('signup_enabled') %}checked{% endif %}>
-                                                        <label for="signup_enabled">Allow users to sign up</label>
+                                                    <div class="card-body">
+                                                        <p>Fill in all the fields in the left form.</p>
                                                     </div>
-                                                    <button type="submit" class="btn btn-primary">Save</button>
                                                 </div>
                                             </div>
-                                        </form>
+                                        </div>
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -117,7 +134,6 @@ <h3 class="card-title">LDAP Settings</h3>
                                                         </div>
                                                         <div class="card-body">
                                                             <fieldset>
-                                                                <legend>GENERAL</legend>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="ldap_enabled"
                                                                            name="ldap_enabled"
@@ -382,7 +398,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
-                                                        <h3 class="card-title">LDAP Settings Help</h3>
+                                                        <h3 class="card-title">Settings Help</h3>
                                                     </div>
                                                     <div class="card-body">
                                                         <dl class="dl-horizontal">
@@ -532,7 +548,6 @@ <h3 class="card-title">LDAP Settings Help</h3>
                                                                         keep
                                                                         their existing associations and their current
                                                                         Role.
-
                                                                     </li>
                                                                 </ul>
                                                             </dd>
@@ -546,15 +561,17 @@ <h3 class="card-title">LDAP Settings Help</h3>
 
                                     <div class="tab-pane" id="tabs-google">
                                         <div class="row">
-                                            <div class="col-4">
-                                                <div class="card">
-                                                    <div class="card-body">
-                                                        <form role="form" method="post" data-toggle="validator">
-                                                            <input type="hidden" name="_csrf_token"
-                                                                   value="{{ csrf_token() }}">
-                                                            <input type="hidden" value="google" name="config_tab"/>
+                                            <div class="col-12 col-sm-6 col-lg-4">
+                                                <form role="form" method="post" data-toggle="validator">
+                                                    <input type="hidden" name="_csrf_token"
+                                                           value="{{ csrf_token() }}">
+                                                    <input type="hidden" value="google" name="config_tab"/>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Google OAuth Settings</h3>
+                                                        </div>
+                                                        <div class="card-body">
                                                             <fieldset>
-                                                                <legend>GENERAL</legend>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="google_oauth_enabled"
                                                                            name="google_oauth_enabled" class="checkbox"
@@ -632,14 +649,14 @@ <h3 class="card-title">LDAP Settings Help</h3>
                                                                         class="btn btn-primary float-right">Save
                                                                 </button>
                                                             </div>
-                                                        </form>
+                                                        </div>
                                                     </div>
-                                                </div>
+                                                </form>
                                             </div>
-                                            <div class="col-8">
+                                            <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
-                                                        <h3 class="card-title">Help</h3>
+                                                        <h3 class="card-title">Settings Help</h3>
                                                     </div>
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
@@ -655,89 +672,107 @@ <h3 class="card-title">Help</h3>
 
                                     <div class="tab-pane" id="tabs-github">
                                         <div class="row">
-                                            <div class="col-4">
+                                            <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
                                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                                     <input type="hidden" value="github" name="config_tab"/>
-                                                    <fieldset>
-                                                        <legend>GENERAL</legend>
-                                                        <div class="form-group">
-                                                            <input type="checkbox" id="github_oauth_enabled"
-                                                                   name="github_oauth_enabled" class="checkbox"
-                                                                   {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
-                                                            <label for="github_oauth_enabled">Enable Github
-                                                                OAuth</label>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_key">Client key</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_key" id="github_oauth_key"
-                                                                   placeholder="Github OAuth client ID"
-                                                                   data-error="Please input Client key"
-                                                                   value="{{ SETTING.get('github_oauth_key') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_secret">Client secret</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_secret" id="github_oauth_secret"
-                                                                   placeholder="Github OAuth client secret"
-                                                                   data-error="Please input Client secret"
-                                                                   value="{{ SETTING.get('github_oauth_secret') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>ADVANCE</legend>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_scope">Scope</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_scope" id="github_oauth_scope"
-                                                                   placeholder="e.g. email"
-                                                                   data-error="Please input scope"
-                                                                   value="{{ SETTING.get('github_oauth_scope') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_api_url">API URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_api_url" id="github_oauth_api_url"
-                                                                   placeholder="e.g. https://api.github.com/user"
-                                                                   data-error="Please input API URL"
-                                                                   value="{{ SETTING.get('github_oauth_api_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_token_url">Token URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_token_url"
-                                                                   id="github_oauth_token_url"
-                                                                   placeholder="e.g. https://github.com/login/oauth/access_token"
-                                                                   data-error="Please input Token URL"
-                                                                   value="{{ SETTING.get('github_oauth_token_url') }}">
-                                                            <span class="help-block with-errors"></span>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">GitHub OAuth Settings</h3>
                                                         </div>
-                                                        <div class="form-group">
-                                                            <label for="github_oauth_authorize_url">Authorize
-                                                                URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="github_oauth_authorize_url"
-                                                                   id="github_oauth_authorize_url"
-                                                                   placeholder="e.g. https://github.com/login/oauth/authorize"
-                                                                   data-error="Plesae input Authorize URL"
-                                                                   value="{{ SETTING.get('github_oauth_authorize_url') }}">
-                                                            <span class="help-block with-errors"></span>
+                                                        <div class="card-body">
+                                                            <fieldset>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="github_oauth_enabled"
+                                                                           name="github_oauth_enabled" class="checkbox"
+                                                                           {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
+                                                                    <label for="github_oauth_enabled">Enable Github
+                                                                        OAuth</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_key">Client key</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_key" id="github_oauth_key"
+                                                                           placeholder="Github OAuth client ID"
+                                                                           data-error="Please input Client key"
+                                                                           value="{{ SETTING.get('github_oauth_key') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_secret">Client
+                                                                        secret</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_secret"
+                                                                           id="github_oauth_secret"
+                                                                           placeholder="Github OAuth client secret"
+                                                                           data-error="Please input Client secret"
+                                                                           value="{{ SETTING.get('github_oauth_secret') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADVANCE</legend>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_scope">Scope</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_scope"
+                                                                           id="github_oauth_scope"
+                                                                           placeholder="e.g. email"
+                                                                           data-error="Please input scope"
+                                                                           value="{{ SETTING.get('github_oauth_scope') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_api_url">API URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_api_url"
+                                                                           id="github_oauth_api_url"
+                                                                           placeholder="e.g. https://api.github.com/user"
+                                                                           data-error="Please input API URL"
+                                                                           value="{{ SETTING.get('github_oauth_api_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_token_url">Token
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_token_url"
+                                                                           id="github_oauth_token_url"
+                                                                           placeholder="e.g. https://github.com/login/oauth/access_token"
+                                                                           data-error="Please input Token URL"
+                                                                           value="{{ SETTING.get('github_oauth_token_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_authorize_url">Authorize
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_authorize_url"
+                                                                           id="github_oauth_authorize_url"
+                                                                           placeholder="e.g. https://github.com/login/oauth/authorize"
+                                                                           data-error="Plesae input Authorize URL"
+                                                                           value="{{ SETTING.get('github_oauth_authorize_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <button type="submit" class="btn btn-flat btn-primary">
+                                                                    Save
+                                                                </button>
+                                                            </div>
                                                         </div>
-                                                    </fieldset>
-                                                    <div class="form-group">
-                                                        <button type="submit" class="btn btn-flat btn-primary">Save
-                                                        </button>
                                                     </div>
                                                 </form>
                                             </div>
-                                            <div class="col-8">
-                                                <legend>Help</legend>
-                                                <p>Fill in all the fields in the left form.</p>
+                                            <div class="col-12 col-sm-6 col-lg-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">Settings Help</h3>
+                                                    </div>
+                                                    <div class="card-body">
+                                                        <p>Fill in all the fields in the left form.</p>
+                                                    </div>
+                                                </div>
                                             </div>
                                         </div>
                                     </div>
@@ -745,243 +780,287 @@ <h3 class="card-title">Help</h3>
 
                                     <div class="tab-pane" id="tabs-azure">
                                         <div class="row">
-                                            <div class="col-4">
+                                            <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
                                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                                     <input type="hidden" value="azure" name="config_tab"/>
-                                                    <fieldset>
-                                                        <legend>GENERAL</legend>
-                                                        <div class="form-group">
-                                                            <input type="checkbox" id="azure_oauth_enabled"
-                                                                   name="azure_oauth_enabled" class="checkbox"
-                                                                   {% if SETTING.get('azure_oauth_enabled') %}checked{% endif %}>
-                                                            <label for="azure_oauth_enabled">Enable Microsoft Azure
-                                                                OAuth</label>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_key">Client key</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_key" id="azure_oauth_key"
-                                                                   placeholder="Azure OAuth client ID"
-                                                                   data-error="Please input Client key"
-                                                                   value="{{ SETTING.get('azure_oauth_key') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_secret">Client secret</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_secret" id="azure_oauth_secret"
-                                                                   placeholder="Azure OAuth client secret"
-                                                                   data-error="Please input Client secret"
-                                                                   value="{{ SETTING.get('azure_oauth_secret') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>ADVANCED</legend>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_scope">Scope</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_scope" id="azure_oauth_scope"
-                                                                   placeholder="e.g. email"
-                                                                   data-error="Please input scope - e.g. User.Read"
-                                                                   value="{{ SETTING.get('azure_oauth_scope') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_api_url">API URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_api_url" id="azure_oauth_api_url"
-                                                                   placeholder="e.g. https://graph.microsoft.com/v1.0/"
-                                                                   data-error="Please input API URL"
-                                                                   value="{{ SETTING.get('azure_oauth_api_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_token_url">Token URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_token_url"
-                                                                   id="azure_oauth_token_url"
-                                                                   placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token"
-                                                                   data-error="Please input Token URL"
-                                                                   value="{{ SETTING.get('azure_oauth_token_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_oauth_authorize_url">Authorize URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_oauth_authorize_url"
-                                                                   id="azure_oauth_authorize_url"
-                                                                   placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize"
-                                                                   data-error="Please input Authorize URL"
-                                                                   value="{{ SETTING.get('azure_oauth_authorize_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>GROUP SECURITY</legend>
-                                                        <div class="form-group">
-                                                            <label>Status</label>
-                                                            <div class="radio">
-                                                                <label>
-                                                                    <input type="radio" name="azure_sg_enabled"
-                                                                           id="azure_sg_off" value="OFF"
-                                                                           {% if not SETTING.get('azure_sg_enabled') %}checked{% endif %}>
-                                                                    OFF
-                                                                </label>
-                                                                &nbsp;&nbsp;&nbsp;
-                                                                <label>
-                                                                    <input type="radio" name="azure_sg_enabled"
-                                                                           id="azure_sg_on" value="ON"
-                                                                           {% if SETTING.get('azure_sg_enabled') %}checked{% endif %}>
-                                                                    ON
-                                                                </label>
-                                                            </div>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_admin_group">Admin group</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_admin_group" id="azure_admin_group"
-                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                   data-error="Please input the ID for Admin group"
-                                                                   value="{{ SETTING.get('azure_admin_group') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_operator_group">Operator group</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_operator_group" id="azure_operator_group"
-                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                   data-error="Please input the ID for Operator group"
-                                                                   value="{{ SETTING.get('azure_operator_group') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_user_group">User group</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_user_group" id="azure_user_group"
-                                                                   placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                   data-error="Please input the ID for User group"
-                                                                   value="{{ SETTING.get('azure_user_group') }}">
-                                                            <span class="help-block with-errors"></span>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                         </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>AZURE GROUP ACCOUNT SYNC/CREATION</legend>
-                                                        <div class="form-group">
-                                                            <label for="azure_group_accounts_enabled">Status</label>
-                                                            <div class="radio">
-                                                                <label>
-                                                                    <input type="radio"
-                                                                           name="azure_group_accounts_enabled"
-                                                                           id="azure_group_accounts_off" value="OFF"
-                                                                           {% if not SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
-                                                                    OFF
-                                                                </label>
-                                                                &nbsp;&nbsp;&nbsp;
-                                                                <label>
-                                                                    <input type="radio"
-                                                                           name="azure_group_accounts_enabled"
-                                                                           id="azure_group_accounts_on" value="ON"
-                                                                           {% if SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
-                                                                    ON
-                                                                </label>
+                                                        <div class="card-body">
+                                                            <fieldset>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="azure_oauth_enabled"
+                                                                           name="azure_oauth_enabled" class="checkbox"
+                                                                           {% if SETTING.get('azure_oauth_enabled') %}checked{% endif %}>
+                                                                    <label for="azure_oauth_enabled">Enable Microsoft
+                                                                        Azure
+                                                                        OAuth</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_key">Client key</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_key" id="azure_oauth_key"
+                                                                           placeholder="Azure OAuth client ID"
+                                                                           data-error="Please input Client key"
+                                                                           value="{{ SETTING.get('azure_oauth_key') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_secret">Client
+                                                                        secret</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_secret"
+                                                                           id="azure_oauth_secret"
+                                                                           placeholder="Azure OAuth client secret"
+                                                                           data-error="Please input Client secret"
+                                                                           value="{{ SETTING.get('azure_oauth_secret') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADVANCED</legend>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_scope">Scope</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_scope"
+                                                                           id="azure_oauth_scope"
+                                                                           placeholder="e.g. email"
+                                                                           data-error="Please input scope - e.g. User.Read"
+                                                                           value="{{ SETTING.get('azure_oauth_scope') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_api_url">API URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_api_url"
+                                                                           id="azure_oauth_api_url"
+                                                                           placeholder="e.g. https://graph.microsoft.com/v1.0/"
+                                                                           data-error="Please input API URL"
+                                                                           value="{{ SETTING.get('azure_oauth_api_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_token_url">Token URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_token_url"
+                                                                           id="azure_oauth_token_url"
+                                                                           placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token"
+                                                                           data-error="Please input Token URL"
+                                                                           value="{{ SETTING.get('azure_oauth_token_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_authorize_url">Authorize
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_authorize_url"
+                                                                           id="azure_oauth_authorize_url"
+                                                                           placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize"
+                                                                           data-error="Please input Authorize URL"
+                                                                           value="{{ SETTING.get('azure_oauth_authorize_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>GROUP SECURITY</legend>
+                                                                <div class="form-group">
+                                                                    <label>Status</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio" name="azure_sg_enabled"
+                                                                                   id="azure_sg_off" value="OFF"
+                                                                                   {% if not SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                            OFF
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio" name="azure_sg_enabled"
+                                                                                   id="azure_sg_on" value="ON"
+                                                                                   {% if SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                            ON
+                                                                        </label>
+                                                                    </div>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_admin_group">Admin group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_admin_group"
+                                                                           id="azure_admin_group"
+                                                                           placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                           data-error="Please input the ID for Admin group"
+                                                                           value="{{ SETTING.get('azure_admin_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_operator_group">Operator
+                                                                        group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_operator_group"
+                                                                           id="azure_operator_group"
+                                                                           placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                           data-error="Please input the ID for Operator group"
+                                                                           value="{{ SETTING.get('azure_operator_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_user_group">User group</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_user_group" id="azure_user_group"
+                                                                           placeholder="e.g. 00000000-0000-0000-0000-000000000000"
+                                                                           data-error="Please input the ID for User group"
+                                                                           value="{{ SETTING.get('azure_user_group') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>AZURE GROUP ACCOUNT SYNC/CREATION</legend>
+                                                                <div class="form-group">
+                                                                    <label
+                                                                        for="azure_group_accounts_enabled">Status</label>
+                                                                    <div class="radio">
+                                                                        <label>
+                                                                            <input type="radio"
+                                                                                   name="azure_group_accounts_enabled"
+                                                                                   id="azure_group_accounts_off"
+                                                                                   value="OFF"
+                                                                                   {% if not SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                            OFF
+                                                                        </label>
+                                                                        &nbsp;&nbsp;&nbsp;
+                                                                        <label>
+                                                                            <input type="radio"
+                                                                                   name="azure_group_accounts_enabled"
+                                                                                   id="azure_group_accounts_on"
+                                                                                   value="ON"
+                                                                                   {% if SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                            ON
+                                                                        </label>
+                                                                    </div>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_group_accounts_name">Azure group
+                                                                        name
+                                                                        claim</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_group_accounts_name"
+                                                                           id="azure_group_accounts_name"
+                                                                           placeholder="e.g. displayName"
+                                                                           data-error="Please input the Claim for Azure group name"
+                                                                           value="{{ SETTING.get('azure_group_accounts_name') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_group_accounts_name_re">Azure
+                                                                        group name
+                                                                        claim regex</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_group_accounts_name_re"
+                                                                           id="azure_group_accounts_name_re"
+                                                                           placeholder="e.g. (.*)"
+                                                                           data-error="Please input the regex for Azure group name"
+                                                                           value="{{ SETTING.get('azure_group_accounts_name_re') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_group_accounts_description">Azure
+                                                                        group
+                                                                        description claim</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_group_accounts_description"
+                                                                           id="azure_group_accounts_description"
+                                                                           placeholder="e.g. description. If empty uses whole string"
+                                                                           data-error="Please input the Claim for Azure group description"
+                                                                           value="{{ SETTING.get('azure_group_accounts_description') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_group_accounts_name_re">Azure
+                                                                        group name
+                                                                        description regex</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_group_accounts_description_re"
+                                                                           id="azure_group_accounts_description_re"
+                                                                           placeholder="e.g. (.*). If empty uses whole string"
+                                                                           data-error="Please input the regex for Azure group description"
+                                                                           value="{{ SETTING.get('azure_group_accounts_description_re') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <button type="submit" class="btn btn-flat btn-primary">
+                                                                    Save
+                                                                </button>
                                                             </div>
                                                         </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_group_accounts_name">Azure group name
-                                                                claim</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_group_accounts_name"
-                                                                   id="azure_group_accounts_name"
-                                                                   placeholder="e.g. displayName"
-                                                                   data-error="Please input the Claim for Azure group name"
-                                                                   value="{{ SETTING.get('azure_group_accounts_name') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_group_accounts_name_re">Azure group name
-                                                                claim regex</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_group_accounts_name_re"
-                                                                   id="azure_group_accounts_name_re"
-                                                                   placeholder="e.g. (.*)"
-                                                                   data-error="Please input the regex for Azure group name"
-                                                                   value="{{ SETTING.get('azure_group_accounts_name_re') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_group_accounts_description">Azure group
-                                                                description claim</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_group_accounts_description"
-                                                                   id="azure_group_accounts_description"
-                                                                   placeholder="e.g. description. If empty uses whole string"
-                                                                   data-error="Please input the Claim for Azure group description"
-                                                                   value="{{ SETTING.get('azure_group_accounts_description') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="azure_group_accounts_name_re">Azure group name
-                                                                description regex</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="azure_group_accounts_description_re"
-                                                                   id="azure_group_accounts_description_re"
-                                                                   placeholder="e.g. (.*). If empty uses whole string"
-                                                                   data-error="Please input the regex for Azure group description"
-                                                                   value="{{ SETTING.get('azure_group_accounts_description_re') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <div class="form-group">
-                                                        <button type="submit" class="btn btn-flat btn-primary">Save
-                                                        </button>
                                                     </div>
                                                 </form>
                                             </div>
-                                            <div class="col-8">
-                                                <legend>Help</legend>
-                                                <p>Fill in all the fields in the left form.</p>
-                                                <p>You first need to define an Application Registration in your Azure
-                                                    Active Directory, with the appropriate HTTPS URL for this endpoint,
-                                                    and with the appropriate rights, as explained in the
-                                                    documentation.</p>
-                                                <p>
-                                                <ul>
-                                                    <li>Under the Azure Active Directory, select App Registrations, and
-                                                        create a new one. Give it any name you want, and the Redirect
-                                                        URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b>
-                                                        (replace the host name approriately).
-                                                    </li>
-                                                    <li>Select the newly-created registration</li>
-                                                    <li>On the Overview page, the Application ID is your new Client ID
-                                                        to use with PowerDNS-Admin
-                                                    </li>
-                                                    <li>On the Overview page, make a note of your Directory/Tenant ID -
-                                                        you need it for the API URLs later
-                                                    </li>
-                                                    <li>Ensure Access Tokens are enabled in the Authentication section
-                                                    </li>
-                                                    <li>Under Certificates and Secrets, create a new Client Secret. Note
-                                                        this secret as it is the new Client Secret to use with
-                                                        PowerDNS-Admin
-                                                    </li>
-                                                    <li>Under API Permissions, you need to add permissions. Add
-                                                        permissions for Graph API, Delegated. Add: email, openid,
-                                                        profile, GroupMember.Read, User.Read and possibly User.Read.All.
-                                                        You then need to grant admin approval for your organisation.
-                                                    </li>
-                                                    <li>For the Scope, use <b>User.Read openid mail profile</b></li>
-                                                    <li>Replace the [tenantID] in the default URLs for authorize and
-                                                        token with your Tenant ID.
-                                                    </li>
-                                                </ul>
-                                                </p>
-                                                <p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled, Accounts will
-                                                    be created automatically based on group membership. If an Account
-                                                    exists, an authenticated user with group membership is added to the
-                                                    Account</p>
-
+                                            <div class="col-12 col-sm-6 col-lg-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">Settings Help</h3>
+                                                    </div>
+                                                    <div class="card-body">
+                                                        <p>Fill in all the fields in the left form.</p>
+                                                        <p>You first need to define an Application Registration in your
+                                                            Azure
+                                                            Active Directory, with the appropriate HTTPS URL for this
+                                                            endpoint,
+                                                            and with the appropriate rights, as explained in the
+                                                            documentation.</p>
+                                                        <p>
+                                                        <ul>
+                                                            <li>Under the Azure Active Directory, select App
+                                                                Registrations, and
+                                                                create a new one. Give it any name you want, and the
+                                                                Redirect
+                                                                URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b>
+                                                                (replace the host name approriately).
+                                                            </li>
+                                                            <li>Select the newly-created registration</li>
+                                                            <li>On the Overview page, the Application ID is your new
+                                                                Client ID
+                                                                to use with PowerDNS-Admin
+                                                            </li>
+                                                            <li>On the Overview page, make a note of your
+                                                                Directory/Tenant ID -
+                                                                you need it for the API URLs later
+                                                            </li>
+                                                            <li>Ensure Access Tokens are enabled in the Authentication
+                                                                section
+                                                            </li>
+                                                            <li>Under Certificates and Secrets, create a new Client
+                                                                Secret. Note
+                                                                this secret as it is the new Client Secret to use with
+                                                                PowerDNS-Admin
+                                                            </li>
+                                                            <li>Under API Permissions, you need to add permissions. Add
+                                                                permissions for Graph API, Delegated. Add: email,
+                                                                openid,
+                                                                profile, GroupMember.Read, User.Read and possibly
+                                                                User.Read.All.
+                                                                You then need to grant admin approval for your
+                                                                organisation.
+                                                            </li>
+                                                            <li>For the Scope, use <b>User.Read openid mail profile</b>
+                                                            </li>
+                                                            <li>Replace the [tenantID] in the default URLs for authorize
+                                                                and
+                                                                token with your Tenant ID.
+                                                            </li>
+                                                        </ul>
+                                                        </p>
+                                                        <p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled,
+                                                            Accounts will
+                                                            be created automatically based on group membership. If an
+                                                            Account
+                                                            exists, an authenticated user with group membership is added
+                                                            to the
+                                                            Account</p>
+                                                    </div>
+                                                </div>
                                             </div>
                                         </div>
                                     </div>
@@ -989,158 +1068,181 @@ <h3 class="card-title">Help</h3>
 
                                     <div class="tab-pane" id="tabs-oidc">
                                         <div class="row">
-                                            <div class="col-4">
+                                            <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
                                                     <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                                     <input type="hidden" value="oidc" name="config_tab"/>
-                                                    <fieldset>
-                                                        <legend>GENERAL</legend>
-                                                        <div class="form-group">
-                                                            <input type="checkbox" id="oidc_oauth_enabled"
-                                                                   name="oidc_oauth_enabled" class="checkbox"
-                                                                   {% if SETTING.get('oidc_oauth_enabled') %}checked{% endif %}>
-                                                            <label for="oidc_oauth_enabled">Enable OpenID Connect
-                                                                OAuth</label>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_key">Client key</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_key" id="oidc_oauth_key"
-                                                                   placeholder="OIDC OAuth client ID"
-                                                                   data-error="Please input Client key"
-                                                                   value="{{ SETTING.get('oidc_oauth_key') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_secret">Client secret</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_secret" id="oidc_oauth_secret"
-                                                                   placeholder="OIDC OAuth client secret"
-                                                                   data-error="Please input Client secret"
-                                                                   value="{{ SETTING.get('oidc_oauth_secret') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_scope">Scope</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_scope" id="oidc_oauth_scope"
-                                                                   placeholder="e.g. email"
-                                                                   data-error="Please input scope"
-                                                                   value="{{ SETTING.get('oidc_oauth_scope') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_api_url">API URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_api_url" id="oidc_oauth_api_url"
-                                                                   placeholder="e.g. https://api.oidc.com/user"
-                                                                   data-error="Please input API URL"
-                                                                   value="{{ SETTING.get('oidc_oauth_api_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_token_url">Token URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_token_url" id="oidc_oauth_token_url"
-                                                                   placeholder="e.g. https://oidc.com/login/oauth/access_token"
-                                                                   data-error="Please input Token URL"
-                                                                   value="{{ SETTING.get('oidc_oauth_token_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_authorize_url">Authorize URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_authorize_url"
-                                                                   id="oidc_oauth_authorize_url"
-                                                                   placeholder="e.g. https://oidc.com/login/oauth/authorize"
-                                                                   data-error="Plesae input Authorize URL"
-                                                                   value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_logout_url">Logout URL</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_logout_url"
-                                                                   id="oidc_oauth_logout_url"
-                                                                   placeholder="e.g. https://oidc.com/login/oauth/logout"
-                                                                   data-error="Please input Logout URL"
-                                                                   value="{{ SETTING.get('oidc_oauth_logout_url') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>CLAIMS</legend>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_username">Username</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_username" id="oidc_oauth_username"
-                                                                   placeholder="e.g. preferred_username"
-                                                                   data-error="Please input Username claim"
-                                                                   value="{{ SETTING.get('oidc_oauth_username') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_firstname">First Name</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_firstname" id="oidc_oauth_firstname"
-                                                                   placeholder="e.g. given_name"
-                                                                   data-error="Please input First Name claim"
-                                                                   value="{{ SETTING.get('oidc_oauth_firstname') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_last_name">Last Name</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_last_name" id="oidc_oauth_last_name"
-                                                                   placeholder="e.g. family_name"
-                                                                   data-error="Please input Last Name claim"
-                                                                   value="{{ SETTING.get('oidc_oauth_last_name') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_email">Email</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_email" id="oidc_oauth_email"
-                                                                   placeholder="e.g. email"
-                                                                   data-error="Plesae input Email claim"
-                                                                   value="{{ SETTING.get('oidc_oauth_email') }}">
-                                                            <span class="help-block with-errors"></span>
-                                                        </div>
-                                                    </fieldset>
-                                                    <fieldset>
-                                                        <legend>ADVANCE</legend>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_account_name_property">Autoprovision
-                                                                Account Name property</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_account_name_property"
-                                                                   id="oidc_oauth_account_name_property"
-                                                                   placeholder="e.g. account_name"
-                                                                   data-error="Please input property containing account_name"
-                                                                   value="{{ SETTING.get('oidc_oauth_account_name_property') }}">
-                                                            <span class="help-block with-errors"></span>
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                         </div>
-                                                        <div class="form-group">
-                                                            <label for="oidc_oauth_account_description_property">Autoprovision
-                                                                Account Description property</label>
-                                                            <input type="text" class="form-control"
-                                                                   name="oidc_oauth_account_description_property"
-                                                                   id="oidc_oauth_account_description_property"
-                                                                   placeholder="e.g. account_description"
-                                                                   data-error="Please input property containing account_description"
-                                                                   value="{{ SETTING.get('oidc_oauth_account_description_property') }}">
-                                                            <span class="help-block with-errors"></span>
+                                                        <div class="card-body">
+                                                            <fieldset>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="oidc_oauth_enabled"
+                                                                           name="oidc_oauth_enabled" class="checkbox"
+                                                                           {% if SETTING.get('oidc_oauth_enabled') %}checked{% endif %}>
+                                                                    <label for="oidc_oauth_enabled">Enable OpenID
+                                                                        Connect
+                                                                        OAuth</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_key">Client key</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_key" id="oidc_oauth_key"
+                                                                           placeholder="OIDC OAuth client ID"
+                                                                           data-error="Please input Client key"
+                                                                           value="{{ SETTING.get('oidc_oauth_key') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_secret">Client secret</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_secret"
+                                                                           id="oidc_oauth_secret"
+                                                                           placeholder="OIDC OAuth client secret"
+                                                                           data-error="Please input Client secret"
+                                                                           value="{{ SETTING.get('oidc_oauth_secret') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_scope">Scope</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_scope" id="oidc_oauth_scope"
+                                                                           placeholder="e.g. email"
+                                                                           data-error="Please input scope"
+                                                                           value="{{ SETTING.get('oidc_oauth_scope') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_api_url">API URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_api_url"
+                                                                           id="oidc_oauth_api_url"
+                                                                           placeholder="e.g. https://api.oidc.com/user"
+                                                                           data-error="Please input API URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_api_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_token_url">Token URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_token_url"
+                                                                           id="oidc_oauth_token_url"
+                                                                           placeholder="e.g. https://oidc.com/login/oauth/access_token"
+                                                                           data-error="Please input Token URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_token_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_authorize_url">Authorize
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_authorize_url"
+                                                                           id="oidc_oauth_authorize_url"
+                                                                           placeholder="e.g. https://oidc.com/login/oauth/authorize"
+                                                                           data-error="Plesae input Authorize URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_logout_url">Logout
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_logout_url"
+                                                                           id="oidc_oauth_logout_url"
+                                                                           placeholder="e.g. https://oidc.com/login/oauth/logout"
+                                                                           data-error="Please input Logout URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_logout_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>CLAIMS</legend>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_username">Username</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_username"
+                                                                           id="oidc_oauth_username"
+                                                                           placeholder="e.g. preferred_username"
+                                                                           data-error="Please input Username claim"
+                                                                           value="{{ SETTING.get('oidc_oauth_username') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_firstname">First Name</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_firstname"
+                                                                           id="oidc_oauth_firstname"
+                                                                           placeholder="e.g. given_name"
+                                                                           data-error="Please input First Name claim"
+                                                                           value="{{ SETTING.get('oidc_oauth_firstname') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_last_name">Last Name</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_last_name"
+                                                                           id="oidc_oauth_last_name"
+                                                                           placeholder="e.g. family_name"
+                                                                           data-error="Please input Last Name claim"
+                                                                           value="{{ SETTING.get('oidc_oauth_last_name') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_email">Email</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_email" id="oidc_oauth_email"
+                                                                           placeholder="e.g. email"
+                                                                           data-error="Plesae input Email claim"
+                                                                           value="{{ SETTING.get('oidc_oauth_email') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <fieldset>
+                                                                <legend>ADVANCE</legend>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_account_name_property">Autoprovision
+                                                                        Account Name property</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_account_name_property"
+                                                                           id="oidc_oauth_account_name_property"
+                                                                           placeholder="e.g. account_name"
+                                                                           data-error="Please input property containing account_name"
+                                                                           value="{{ SETTING.get('oidc_oauth_account_name_property') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label
+                                                                        for="oidc_oauth_account_description_property">Autoprovision
+                                                                        Account Description property</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_account_description_property"
+                                                                           id="oidc_oauth_account_description_property"
+                                                                           placeholder="e.g. account_description"
+                                                                           data-error="Please input property containing account_description"
+                                                                           value="{{ SETTING.get('oidc_oauth_account_description_property') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <button type="submit" class="btn btn-flat btn-primary">
+                                                                    Save
+                                                                </button>
+                                                            </div>
                                                         </div>
-                                                    </fieldset>
-                                                    <div class="form-group">
-                                                        <button type="submit" class="btn btn-flat btn-primary">Save
-                                                        </button>
                                                     </div>
                                                 </form>
                                             </div>
-                                            <div class="col-8">
-                                                <legend>Help</legend>
-                                                <p>Fill in all the fields in the left form.</p>
+                                            <div class="col-12 col-sm-6 col-lg-8">
+                                                <div class="card">
+                                                    <div class="card-header">
+                                                        <h3 class="card-title">Settings Help</h3>
+                                                    </div>
+                                                    <div class="card-body">
+                                                        <p>Fill in all the fields in the left form.</p>
+                                                    </div>
+                                                </div>
                                             </div>
                                         </div>
                                     </div>

From 2980e5cec99e273aafc1a459a5c2617156993353 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 11:39:52 -0500
Subject: [PATCH 254/475] Completed first-round updates for the authentication
 settings view.

---
 .../admin_setting_authentication.html         | 129 ++++++++++++++----
 1 file changed, 102 insertions(+), 27 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index a3060fd85..56f4dd072 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -77,6 +77,7 @@ <h3 class="card-title">Settings Editor</h3>
                                                         <div class="card-header">
                                                             <h3 class="card-title">Basic Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <div class="form-group">
                                                                 <input type="checkbox" id="local_db_enabled"
@@ -94,22 +95,37 @@ <h3 class="card-title">Basic Settings</h3>
                                                                 <label for="signup_enabled">Allow users to sign
                                                                     up</label>
                                                             </div>
-                                                            <button type="submit" class="btn btn-primary">Save</button>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
+
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -132,6 +148,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                                         <div class="card-header">
                                                             <h3 class="card-title">LDAP Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <fieldset>
                                                                 <div class="form-group">
@@ -386,20 +403,27 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                     </div>
                                                                 </div>
                                                             </fieldset>
-                                                            <div class="form-group">
-                                                                <button type="submit" class="btn btn-flat btn-primary">
-                                                                    Save
-                                                                </button>
-                                                            </div>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
+
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <dl class="dl-horizontal">
                                                             <dt>Enable LDAP Authentication</dt>
@@ -553,9 +577,13 @@ <h3 class="card-title">Settings Help</h3>
                                                             </dd>
                                                         </dl>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -570,6 +598,7 @@ <h3 class="card-title">Settings Help</h3>
                                                         <div class="card-header">
                                                             <h3 class="card-title">Google OAuth Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <fieldset>
                                                                 <div class="form-group">
@@ -644,29 +673,40 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
-                                                            <div class="card-footer">
-                                                                <button type="submit"
-                                                                        class="btn btn-primary float-right">Save
-                                                                </button>
-                                                            </div>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
+
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
                                                         <p>Make sure you add PDA redirection URI (e.g
                                                             http://localhost:9191/google/authorized) to your Google App
                                                             Credentials Restriction.</p>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -680,6 +720,7 @@ <h3 class="card-title">Settings Help</h3>
                                                         <div class="card-header">
                                                             <h3 class="card-title">GitHub OAuth Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <fieldset>
                                                                 <div class="form-group">
@@ -755,26 +796,37 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
-                                                            <div class="form-group">
-                                                                <button type="submit" class="btn btn-flat btn-primary">
-                                                                    Save
-                                                                </button>
-                                                            </div>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
+
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -788,6 +840,7 @@ <h3 class="card-title">Settings Help</h3>
                                                         <div class="card-header">
                                                             <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <fieldset>
                                                                 <div class="form-group">
@@ -976,7 +1029,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="azure_group_accounts_name_re">Azure
+                                                                    <label for="azure_group_accounts_description_re">Azure
                                                                         group name
                                                                         description regex</label>
                                                                     <input type="text" class="form-control"
@@ -988,20 +1041,27 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
-                                                            <div class="form-group">
-                                                                <button type="submit" class="btn btn-flat btn-primary">
-                                                                    Save
-                                                                </button>
-                                                            </div>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
+
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
                                                         <p>You first need to define an Application Registration in your
@@ -1060,9 +1120,13 @@ <h3 class="card-title">Settings Help</h3>
                                                             to the
                                                             Account</p>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 
@@ -1076,6 +1140,7 @@ <h3 class="card-title">Settings Help</h3>
                                                         <div class="card-header">
                                                             <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                         </div>
+                                                        <!-- /.card-header -->
                                                         <div class="card-body">
                                                             <fieldset>
                                                                 <div class="form-group">
@@ -1225,26 +1290,36 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
-                                                            <div class="form-group">
-                                                                <button type="submit" class="btn btn-flat btn-primary">
-                                                                    Save
-                                                                </button>
-                                                            </div>
                                                         </div>
+                                                        <!-- /.card-body -->
+                                                        <div class="card-footer">
+                                                            <button type="submit" class="btn btn-primary"
+                                                                    title="Save Settings">
+                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                                            </button>
+                                                        </div>
+                                                        <!-- /.card-footer -->
                                                     </div>
+                                                    <!-- /.card -->
                                                 </form>
                                             </div>
+                                            <!-- /.col -->
                                             <div class="col-12 col-sm-6 col-lg-8">
                                                 <div class="card">
                                                     <div class="card-header">
                                                         <h3 class="card-title">Settings Help</h3>
                                                     </div>
+                                                    <!-- /.card-header -->
                                                     <div class="card-body">
                                                         <p>Fill in all the fields in the left form.</p>
                                                     </div>
+                                                    <!-- /.card-body -->
                                                 </div>
+                                                <!-- /.card -->
                                             </div>
+                                            <!-- /.col -->
                                         </div>
+                                        <!-- /.row -->
                                     </div>
                                     <!-- /.tab-pane -->
 

From f977a42ceac5fef2e2ab563209806b5a7da6d3de Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:08:32 -0500
Subject: [PATCH 255/475] Completed first-round updates for the user profile
 edit view.

---
 powerdnsadmin/templates/login.html        | 294 ++++++++---------
 powerdnsadmin/templates/maintenance.html  |  78 ++---
 powerdnsadmin/templates/register.html     | 293 +++++++++--------
 powerdnsadmin/templates/register_otp.html | 125 ++++----
 powerdnsadmin/templates/user_profile.html | 369 ++++++++++++----------
 5 files changed, 610 insertions(+), 549 deletions(-)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index f7ef1589c..0436e5d3c 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <html>
-  <head>
+<head>
     <meta charset="utf-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <title>Log In - {{ SITE_NAME }}</title>
@@ -9,162 +9,172 @@
     <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
     <META HTTP-EQUIV="REFRESH" CONTENT="{{ 60 * SETTING.get('session_timeout') }}">
     {% assets "css_login" -%}
-      <link rel="stylesheet" href="{{ ASSET_URL }}">
+        <link rel="stylesheet" href="{{ ASSET_URL }}">
     {%- endassets %}
     {% if SETTING.get('custom_css') %}
-      <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+        <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
     {% endif %}
-  </head>
-  <body class="hold-transition login-page">
-    <div class="login-box">
-      <div class="card card-outline card-primary">
+</head>
+<body class="hold-transition login-page">
+<div class="login-box">
+    <div class="card card-outline card-primary shadow">
         <div class="card-header text-center">
-          <a href="{{ url_for('index.index') }}" class="h3">
-            {% if SETTING.get('site_name') %}
-              {{ SITE_NAME }}
-            {% else %}
-              <b>PowerDNS</b>-Admin
-            {% endif %}
-          </a>
+            <a href="{{ url_for('index.index') }}" class="h3">
+                {% if SETTING.get('site_name') %}
+                    {{ SITE_NAME }}
+                {% else %}
+                    <b>PowerDNS</b>-Admin
+                {% endif %}
+            </a>
         </div>
         <div class="card-body login-card-body">
-          {% if error %}
-            <div class="alert alert-danger alert-dismissible">
-              <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-              {{ error }}
-            </div>
-          {% endif %}
-          {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-            <form action="" method="post" data-toggle="validator">
-              <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-              <div class="form-group">
-                <input type="text" class="form-control" placeholder="Username" name="username" data-error="Please input your username" required {% if username %}value="{{ username }}" {% endif %}>
-                <span class="help-block with-errors"></span>
-              </div>
-              <div class="form-group">
-                <input type="password" class="form-control" placeholder="Password" name="password" data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}>
-                <span class="help-block with-errors"></span>
-              </div>
-              {% if SETTING.get('otp_field_enabled') %}
-                <div class="form-group">
-                  <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken" autocomplete="off">
+            {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                    {{ error }}
                 </div>
-              {% endif %}
-              {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
-                <div class="form-group">
-                  <select class="form-control" name="auth_method">
-                    <option value="LOCAL">
-                      LOCAL Authentication
-                    </option>
-                    {% if SETTING.get('login_ldap_first') %}
-                      <option value="LDAP" selected="selected">
-                        LDAP Authentication
-                      </option>
+            {% endif %}
+            {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+                <form action="" method="post" data-toggle="validator">
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                    <div class="form-group">
+                        <input type="text" class="form-control" placeholder="Username" name="username"
+                               data-error="Please input your username" required
+                               {% if username %}value="{{ username }}" {% endif %}>
+                        <span class="help-block with-errors"></span>
+                    </div>
+                    <div class="form-group">
+                        <input type="password" class="form-control" placeholder="Password" name="password"
+                               data-error="Please input your password" required
+                               {% if password %}value="{{ password }}" {% endif %}>
+                        <span class="help-block with-errors"></span>
+                    </div>
+                    {% if SETTING.get('otp_field_enabled') %}
+                        <div class="form-group">
+                            <input type="otptoken" class="form-control" placeholder="OTP Token" name="otptoken"
+                                   autocomplete="off">
+                        </div>
+                    {% endif %}
+                    {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
+                        <div class="form-group">
+                            <select class="form-control" name="auth_method">
+                                <option value="LOCAL">
+                                    LOCAL Authentication
+                                </option>
+                                {% if SETTING.get('login_ldap_first') %}
+                                    <option value="LDAP" selected="selected">
+                                        LDAP Authentication
+                                    </option>
+                                {% else %}
+                                    <option value="LDAP">
+                                        LDAP Authentication
+                                    </option>
+                                {% endif %}
+                            </select>
+                        </div>
+                    {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
+                        <div class="form-group">
+                            <input type="hidden" name="auth_method" value="LDAP">
+                        </div>
+                    {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
+                        <div class="form-group">
+                            <input type="hidden" name="auth_method" value="LOCAL">
+                        </div>
                     {% else %}
-                      <option value="LDAP">
-                        LDAP Authentication
-                      </option>
+                        <div class="form-group">
+                            <input type="hidden" name="auth_method" value="LOCAL">
+                        </div>
+                    {% endif %}
+                    <div class="row">
+                        <div class="col-8">
+                            <div class="icheck-primary">
+                                <input type="checkbox" id="remember">
+                                <label for="remember">
+                                    Remember Me
+                                </label>
+                            </div>
+                        </div>
+                        <div class="col-4">
+                            <button type="submit" class="btn btn-primary btn-block">Sign In</button>
+                        </div>
+                    </div>
+                </form>
+            {% endif %}
+            {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
+                <div class="social-auth-links text-center">
+                    {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
+                        <p>- OR -</p>
+                    {% endif %}
+                    {% if SETTING.get('oidc_oauth_enabled') %}
+                        <a href="{{ url_for('index.oidc_login') }}"
+                           class="btn btn-block btn-social btn-openid btn-flat">
+                            <i class="fa-brands fa-openid"></i>
+                            Sign in using OpenID Connect
+                        </a>
+                    {% endif %}
+                    {% if SETTING.get('github_oauth_enabled') %}
+                        <a href="{{ url_for('index.github_login') }}"
+                           class="btn btn-block btn-social btn-github btn-flat">
+                            <i class="fa-brands fa-github"></i>
+                            Sign in using Github
+                        </a>
+                    {% endif %}
+                    {% if SETTING.get('google_oauth_enabled') %}
+                        <a href="{{ url_for('index.google_login') }}"
+                           class="btn btn-block btn-social btn-google btn-flat">
+                            <i class="fa-brands fa-google"></i>
+                            Sign in using Google
+                        </a>
+                    {% endif %}
+                    {% if SETTING.get('azure_oauth_enabled') %}
+                        <a href="{{ url_for('index.azure_login') }}"
+                           class="btn btn-block btn-social btn-microsoft btn-flat">
+                            <i class="fa-brands fa-windows"></i>
+                            Sign in using Microsoft Azure
+                        </a>
                     {% endif %}
-                  </select>
-                </div>
-              {% elif SETTING.get('ldap_enabled') and not SETTING.get('local_db_enabled') %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LDAP">
-                </div>
-              {% elif SETTING.get('local_db_enabled') and not SETTING.get('ldap_enabled') %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LOCAL">
-                </div>
-              {% else %}
-                <div class="form-group">
-                  <input type="hidden" name="auth_method" value="LOCAL">
-                </div>
-              {% endif %}
-              <div class="row">
-                <div class="col-8">
-                  <div class="icheck-primary">
-                    <input type="checkbox" id="remember">
-                    <label for="remember">
-                      Remember Me
-                    </label>
-                  </div>
-                </div>
-                <div class="col-4">
-                  <button type="submit" class="btn btn-primary btn-block">Sign In</button>
                 </div>
-              </div>
-            </form>
-          {% endif %}
-          {% if SETTING.get('google_oauth_enabled') or SETTING.get('github_oauth_enabled') or SETTING.get('oidc_oauth_enabled') or SETTING.get('azure_oauth_enabled') %}
-            <div class="social-auth-links text-center">
-              {% if SETTING.get('ldap_enabled') or SETTING.get('local_db_enabled') %}
-                <p>- OR -</p>
-              {% endif %}
-              {% if SETTING.get('oidc_oauth_enabled') %}
-                <a href="{{ url_for('index.oidc_login') }}" class="btn btn-block btn-social btn-openid btn-flat">
-                  <i class="fa-brands fa-openid"></i>
-                  Sign in using OpenID Connect
-                </a>
-              {% endif %}
-              {% if SETTING.get('github_oauth_enabled') %}
-                <a href="{{ url_for('index.github_login') }}" class="btn btn-block btn-social btn-github btn-flat">
-                  <i class="fa-brands fa-github"></i>
-                  Sign in using Github
-                </a>
-              {% endif %}
-              {% if SETTING.get('google_oauth_enabled') %}
-                <a href="{{ url_for('index.google_login') }}" class="btn btn-block btn-social btn-google btn-flat">
-                  <i class="fa-brands fa-google"></i>
-                  Sign in using Google
+            {% endif %}
+            {% if saml_enabled %}
+                <a href="{{ url_for('index.saml_login') }}">
+                    SAML login
                 </a>
-              {% endif %}
-              {% if SETTING.get('azure_oauth_enabled') %}
-                <a href="{{ url_for('index.azure_login') }}" class="btn btn-block btn-social btn-microsoft btn-flat">
-                  <i class="fa-brands fa-windows"></i>
-                  Sign in using Microsoft Azure
+            {% endif %}
+            {% if SETTING.get('signup_enabled') %}
+                <br>
+                <a href="{{ url_for('index.register') }}" class="text-center">
+                    Create an account
                 </a>
-              {% endif %}
-            </div>
-          {% endif %}
-          {% if saml_enabled %}
-            <a href="{{ url_for('index.saml_login') }}">
-              SAML login
-            </a>
-          {% endif %}
-          {% if SETTING.get('signup_enabled') %}
-            <br>
-            <a href="{{ url_for('index.register') }}" class="text-center">
-              Create an account
-            </a>
-            {% if SETTING.get('verify_user_email') %}
-              <br/>
-              <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">
-                Resend confirmation email
-              </a>
+                {% if SETTING.get('verify_user_email') %}
+                    <br/>
+                    <a href="{{ url_for('index.resend_confirmation_email') }}" class="text-center">
+                        Resend confirmation email
+                    </a>
+                {% endif %}
             {% endif %}
-          {% endif %}
         </div>
-      </div>
-      <div class="login-box-footer">
-        <center>
-          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-        </center>
-      </div>
+        <!-- /.card-body -->
     </div>
-    {% assets "js_login" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    {% assets "js_validation" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    <script>
-      $(function () {
+    <!-- /.card -->
+</div>
+<!-- /.login-box -->
+<div class="text-center pt-3">
+    <p>Powered by <a href="https://powerdnsadmin.org" target="_blank">PowerDNS-Admin</a></p>
+</div>
+{% assets "js_login" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+{% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+<script>
+    $(function () {
         $('input').iCheck({
-          checkboxClass: 'icheckbox_square-blue',
-          radioClass: 'iradio_square-blue',
-          increaseArea: '20%' // optional
+            checkboxClass: 'icheckbox_square-blue',
+            radioClass: 'iradio_square-blue',
+            increaseArea: '20%' // optional
         });
-      });
-    </script>
-  </body>
+    });
+</script>
+</body>
 </html>
diff --git a/powerdnsadmin/templates/maintenance.html b/powerdnsadmin/templates/maintenance.html
index a9839e5ea..6eb527ffd 100644
--- a/powerdnsadmin/templates/maintenance.html
+++ b/powerdnsadmin/templates/maintenance.html
@@ -1,43 +1,49 @@
-<!doctype html>
-<title>Site Maintenance</title>
-<style>
-  body {
-    text-align: center;
-    padding: 150px;
-  }
+<!DOCTYPE html>
+<html lang="en" class>
+<head>
+    <title>Site Maintenance</title>
+    <style>
+        body {
+            text-align: center;
+            padding: 150px;
+        }
 
-  h1 {
-    font-size: 50px;
-  }
+        h1 {
+            font-size: 50px;
+        }
 
-  body {
-    font: 20px Helvetica, sans-serif;
-    color: #333;
-  }
+        body {
+            font: 20px Helvetica, sans-serif;
+            color: #333;
+        }
 
-  article {
-    display: block;
-    text-align: left;
-    width: 650px;
-    margin: 0 auto;
-  }
+        article {
+            display: block;
+            text-align: left;
+            width: 650px;
+            margin: 0 auto;
+        }
 
-  a {
-    color: #dc8100;
-    text-decoration: none;
-  }
-
-  a:hover {
-    color: #333;
-    text-decoration: none;
-  }
-</style>
+        a {
+            color: #dc8100;
+            text-decoration: none;
+        }
 
+        a:hover {
+            color: #333;
+            text-decoration: none;
+        }
+    </style>
+</head>
+<body>
 <article>
-  <h1>We&rsquo;ll be back soon!</h1>
-  <div>
-    <p>Sorry for the inconvenience but we&rsquo;re performing some maintenance at the moment. Please contact the System
-      Administrator if you need more information, otherwise we&rsquo;ll be back online shortly!</p>
-    <p>&mdash; Team</p>
-  </div>
+    <h1>We&rsquo;ll be back soon!</h1>
+    <div>
+        <p>Sorry for the inconvenience but we&rsquo;re performing some maintenance at the moment. Please contact the
+            System
+            Administrator if you need more information, otherwise we&rsquo;ll be back online shortly!</p>
+        <p>&mdash; Team</p>
+    </div>
 </article>
+</body>
+</html>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/register.html b/powerdnsadmin/templates/register.html
index 81c833f99..0a5d6d5c3 100644
--- a/powerdnsadmin/templates/register.html
+++ b/powerdnsadmin/templates/register.html
@@ -1,7 +1,6 @@
 <!DOCTYPE html>
 <html>
-
-  <head>
+<head>
     <meta charset="utf-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <title>Register - {{ SITE_NAME }}</title>
@@ -10,183 +9,201 @@
     <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css">
     {% assets "css_login" -%}
-      <link rel="stylesheet" href="{{ ASSET_URL }}">
+        <link rel="stylesheet" href="{{ ASSET_URL }}">
     {%- endassets %}
-  </head>
+</head>
 
-  <body class="hold-transition register-page">
-    <div class="register-box">
-      <div class="card card-outline card-primary">
+<body class="hold-transition register-page">
+<div class="register-box">
+    <div class="card card-outline card-primary shadow">
         <div class="card-header text-center">
-          <a href="{{ url_for('index.index') }}" class="h3">
-            {% if SETTING.get('site_name') %}
-              {{ SITE_NAME }}
-            {% else %}
-              <b>PowerDNS</b>-Admin
-            {% endif %}
-          </a>
+            <a href="{{ url_for('index.index') }}" class="h3">
+                {% if SETTING.get('site_name') %}
+                    {{ SITE_NAME }}
+                {% else %}
+                    <b>PowerDNS</b>-Admin
+                {% endif %}
+            </a>
         </div>
         <div class="card-body">
-          {% if error %}
-          <div class="alert alert-danger alert-dismissible">
-            <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-            {{ error }}
-          </div>
-          {% endif %}
-          <p class="login-box-msg">Enter your personal details below</p>
-          <form action="{{ url_for('index.register') }}" method="post" validator>
-            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+            {% if error %}
+                <div class="alert alert-danger alert-dismissible">
+                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                    {{ error }}
+                </div>
+            {% endif %}
+            <p class="login-box-msg">Enter your personal details below</p>
+            <form action="{{ url_for('index.register') }}" method="post" validator>
+                <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
                   </span>
+                        </div>
+                        <input type="text"
+                               class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}"
+                               placeholder="First Name" name="firstname" id="firstname"
+                               value="{{ request.form.firstname }}" required>
+                        {% if 'firstname' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['firstname'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'firstname' in error_messages else '' }}" placeholder="First Name" name="firstname" id="firstname" value="{{ request.form.firstname }}" required>
-                {% if 'firstname' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['firstname'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
                   </span>
+                        </div>
+                        <input type="text"
+                               class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}"
+                               placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}"
+                               required>
+                        {% if 'lastname' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['lastname'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'lastname' in error_messages else '' }}" placeholder="Last name" name="lastname" id="lastname" value="{{ request.form.lastname }}" required>
-                {% if 'lastname' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['lastname'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-envelope"></i>
                   </span>
+                        </div>
+                        <input type="email" class="form-control {{ 'is-invalid' if 'email' in error_messages else '' }}"
+                               placeholder="Email" name="email" id="email" value="{{ request.form.email }}" required>
+                        {% if 'email' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['email'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="email" class="form-control {{ 'is-invalid' if 'email' in error_messages else '' }}" placeholder="Email" name="email" id="email" value="{{ request.form.email }}" required>
-                {% if 'email' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['email'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            <p class="login-box-msg">Enter your account details below</p>
+                <p class="login-box-msg">Enter your account details below</p>
 
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-user"></i>
                   </span>
+                        </div>
+                        <input type="text"
+                               class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}"
+                               placeholder="Username" name="username" id="username" value="{{ request.form.username }}"
+                               required>
+                        {% if 'username' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['username'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="text" class="form-control {{ 'is-invalid' if 'username' in error_messages else '' }}" placeholder="Username" name="username" id="username" value="{{ request.form.username }}" required>
-                {% if 'username' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['username'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-lock"></i>
                   </span>
+                        </div>
+                        <input type="password"
+                               class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}"
+                               placeholder="Password" id="password" name="password" required>
+                        {% if 'password' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['password'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}" placeholder="Password" id="password" name="password" required>
-                {% if 'password' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['password'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            <div class="form-group">
-              <div class="input-group">
-                <div class="input-group-prepend">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-lock"></i>
                   </span>
+                        </div>
+                        <input type="password"
+                               class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}"
+                               placeholder="Retype password" id="rpassword" name="rpassword" required>
+                        {% if 'rpassword' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['rpassword'] }}
+                            </div>
+                        {% endif %}
+                    </div>
                 </div>
-                <input type="password" class="form-control {{ 'is-invalid' if 'rpassword' in error_messages else '' }}" placeholder="Retype password" id="rpassword" name="rpassword" required>
-                {% if 'rpassword' in error_messages %}
-                  <div class="invalid-feedback">
-                    <i class="fas fa-exclamation-triangle"></i>
-                    {{ error_messages['rpassword'] }}
-                  </div>
-                {% endif %}
-              </div>
-            </div>
 
-            {% if captcha_enable %}
-            <p class="login-box-msg">Please complete the CAPTCHA below</p>
-            <div class="form-group">
-              {{ captcha() }}
-              <div class="input-group">
-                <div class="input-group-prepend">
+                {% if captcha_enable %}
+                    <p class="login-box-msg">Please complete the CAPTCHA below</p>
+                    <div class="form-group">
+                    {{ captcha() }}
+                    <div class="input-group">
+                        <div class="input-group-prepend">
                   <span class="input-group-text">
                     <i class="fas fa-shield-alt"></i>
                   </span>
-                </div>
-              <input type="text" class="form-control {{ 'is-invalid' if 'captcha_result' in error_messages else '' }}" placeholder="CAPTCHA"  id="captcha" name="captcha" required>
-              {% if 'captcha_result' in error_messages %}
-                <div class="invalid-feedback">
-                  <i class="fas fa-exclamation-triangle"></i>
-                  {{ error_messages['captcha_result'] }}
-                </div>
-              {% endif %}
-            </div>
-          {% endif %}
+                        </div>
+                        <input type="text"
+                               class="form-control {{ 'is-invalid' if 'captcha_result' in error_messages else '' }}"
+                               placeholder="CAPTCHA" id="captcha" name="captcha" required>
+                        {% if 'captcha_result' in error_messages %}
+                            <div class="invalid-feedback">
+                                <i class="fas fa-exclamation-triangle"></i>
+                                {{ error_messages['captcha_result'] }}
+                            </div>
+                        {% endif %}
+                    </div>
+                {% endif %}
 
-          <div class="row">
-            <div class="d-flex justify-content-between mx-auto mt-3">
-              <button type="button" class="btn btn-secondary" id="button_back">Back</button>
-              <button type="submit" class="btn btn-primary btn-block mx-3">Register</button>
-            </div>
-          </div>
-        </form>
-      </div>
-      <div class="login-box-footer">
-        <center>
-          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-        </center>
-      </div>
+                <div class="row">
+                    <div class="d-flex justify-content-between mx-auto mt-3">
+                        <button type="button" class="btn btn-secondary" id="button_back">Back</button>
+                        <button type="submit" class="btn btn-primary btn-block mx-3">Register</button>
+                    </div>
+                </div>
+            </form>
+        </div>
+        <!-- /.card-body -->
     </div>
-    {% assets "js_login" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    {% assets "js_validation" -%}
-      <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-    <script>
-      $(function () {
+    <!-- /.card -->
+</div>
+<!-- /.register-box -->
+<div class="text-center pt-3">
+    <p>Powered by <a href="https://powerdnsadmin.org" target="_blank">PowerDNS-Admin</a></p>
+</div>
+{% assets "js_login" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+{% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+<script>
+    $(function () {
         $('#button_back').click(function () {
-          window.location.href = '{{ url_for('index.login') }}';
+            window.location.href = '{{ url_for('index.login') }}';
         })
-      });
-    </script>
-  </body>
+    });
+</script>
+</body>
 </html>
diff --git a/powerdnsadmin/templates/register_otp.html b/powerdnsadmin/templates/register_otp.html
index 2e8478653..683bc7ff7 100755
--- a/powerdnsadmin/templates/register_otp.html
+++ b/powerdnsadmin/templates/register_otp.html
@@ -1,7 +1,6 @@
 <!DOCTYPE html>
 <html>
-
-  <head>
+<head>
     <meta charset="utf-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <title>Welcome - {{ SITE_NAME }}</title>
@@ -9,82 +8,82 @@
     <!-- Tell the browser to be responsive to screen width -->
     <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
     {% assets "css_login" -%}
-    <link rel="stylesheet" href="{{ ASSET_URL }}">
+        <link rel="stylesheet" href="{{ ASSET_URL }}">
     {%- endassets %}
     {% if SETTING.get('custom_css') %}
-    <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
+        <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
     {% endif %}
-  </head>
-
-  <body class="hold-transition register-page">
-    <div class="register-box">
-      <div class="register-logo">
+</head>
+<body class="hold-transition register-page">
+<div class="register-box">
+    <div class="register-logo">
         <a><b>PowerDNS</b>-Admin</a>
-      </div>
-      <div class="register-box-body">
+    </div>
+    <div class="register-box-body">
         {% if error %}
-        <div class="alert alert-danger alert-dismissible">
-          <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-          {{ error }}
-        </div>
+            <div class="alert alert-danger alert-dismissible">
+                <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                {{ error }}
+            </div>
         {% endif %}
-        Welcome, {{user.firstname}}! <br />
-        You will need a Token on login. <br />
+        Welcome, {{ user.firstname }}! <br/>
+        You will need a Token on login. <br/>
         Your QR code is:
         <div id="token_information">
-          {% if qrcode_image == None %}
-          <p><img id="qrcode" src="{{ url_for('user.qrcode') }}"></p>
-          {% else %}
-          <p><img id="qrcode" src="data:image/svg+xml;utf8;base64, {{qrcode_image}}"></p>
-          {% endif %}
-          <p>
-            Your secret key is: <br />
+            {% if qrcode_image == None %}
+                <p><img id="qrcode" src="{{ url_for('user.qrcode') }}"></p>
+            {% else %}
+                <p><img id="qrcode" src="data:image/svg+xml;utf8;base64, {{ qrcode_image }}"></p>
+            {% endif %}
+            <p>
+                Your secret key is: <br/>
             <form>
-              <input type=text id="otp_secret" value={{user.otp_secret}} readonly>
-              <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"> <i class="fa fa-clipboard"></i> </button>
-              <br /><font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
+                <input type=text id="otp_secret" value={{ user.otp_secret }} readonly>
+                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()"><i
+                    class="fa fa-clipboard"></i></button>
+                <br/><font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
             </form>
-          </p>
-          You can use Google Authenticator (<a target="_blank"
-              href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
-          - <a target="_blank"
-              href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
-          <br />
-          or FreeOTP (<a target="_blank"
-              href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
-          - <a target="_blank"
-              href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>)
-          on your smartphone <br /> to scan the QR code or type the secret key.
-          <br /> <br />
-          <font color="red"><strong><i>Make sure only you can see this QR Code <br />
-            and secret key, and nobody can capture them.</i></strong></font>
+            </p>
+            You can use Google Authenticator (<a target="_blank"
+                                                 href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a>
+            - <a target="_blank"
+                 href="https://apps.apple.com/us/app/google-authenticator/id388497605">iOS</a>)
+            <br/>
+            or FreeOTP (<a target="_blank"
+                           href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en">Android</a>
+            - <a target="_blank"
+                 href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8">iOS</a>)
+            on your smartphone <br/> to scan the QR code or type the secret key.
+            <br/> <br/>
+            <font color="red"><strong><i>Make sure only you can see this QR Code <br/>
+                and secret key, and nobody can capture them.</i></strong></font>
         </div>
         </br>
         Please input your OTP token to continue, to ensure the seed has been scanned correctly.
         <form action="" method="post" data-toggle="validator">
-          <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-          <div class="form-group">
-            <input type="text" class="form-control" placeholder="OTP Token" name="otptoken"
-              data-error="Please input your OTP token" required>
-          </div>
-          <div class="row">
-            <div class="col-xs-4">
-              <button type="submit" class="btn btn-primary btn-block">Continue</button>
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+            <div class="form-group">
+                <input type="text" class="form-control" placeholder="OTP Token" name="otptoken"
+                       data-error="Please input your OTP token" required>
+            </div>
+            <div class="row">
+                <div class="col-xs-4">
+                    <button type="submit" class="btn btn-primary btn-block">Continue</button>
+                </div>
             </div>
-          </div>
         </form>
-      </div>
-      <div class="login-box-footer">
-        <center>
-          <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-        </center>
-      </div>
     </div>
-  </body>
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
+    <!-- /.register-box-body -->
+    <div class="text-center">
+        <p>Powered by <a href="https://powerdnsadmin.org" target="_blank">PowerDNS-Admin</a></p>
+    </div>
+</div>
+<!-- /.register-box -->
+</body>
+{% assets "js_login" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+{% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
 </html>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index b7bf69f3b..3bb99714a 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -1,190 +1,219 @@
 {% extends "base.html" %}
-
 {% set active_page = "user_profile" %}
-
-{% block title %}
-  <title>
-    My Profile - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Edit Profile - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            User
-            <small>My Profile</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">My Profile</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Edit Profile</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Edit Profile</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-6">
-        <div class="card">
-          <div class="card-header">
-            <div class="nav-tabs-custom">
-              <ul class="nav nav-tabs" role="tablist">
-                <li class="nav-item">
-                  <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
-                    Personal Info
-                  </a>
-                </li>
-                {%  if session['authentication_type'] == 'LOCAL' %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-password" data-toggle="tab">
-                      Change Password
-                    </a>
-                  </li>
-                {% endif %}
-                {%  if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
-                  <li class="nav-item">
-                    <a class="nav-link" href="#tabs-authentication" data-toggle="tab">
-                      Authentication
-                    </a>
-                  </li>
-                {% endif %}
-              </ul>
-              <div class="card-body">
-              <div class="tab-content">
-                <div class="tab-pane fade show active" id="tabs-personal">
-                  <form role="form" method="post" action="{{ user_profile }}">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="form-group">
-                      <label for="firstname">First Name</label>
-                      <input type="text" class="form-control" name="firstname" id="firstname" placeholder="{{ current_user.firstname }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    <div class="form-group">
-                      <label for="lastname">Last Name</label>
-                      <input type="text" class="form-control" name="lastname" id="lastname" placeholder="{{ current_user.lastname }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    <div class="form-group">
-                      <label for="email">E-Mail</label> <input type="email" class="form-control" name="email" id="email" placeholder="{{ current_user.email }}"
-                      {%  if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
-                    </div>
-                    {%  if session['authentication_type'] == 'LOCAL' %}
-                      <div class="form-group">
-                        <button type="submit" class="btn btn-primary">
-                          <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
-                        </button>
-                      </div>
-                    {% endif %}
-                  </form>
-                </div>
-                {% if session['authentication_type'] == 'LOCAL' %}
-                  <div class="tab-pane fade" id="tabs-password">
-                    {% if not current_user.password %}
-                      Your account password is managed via LDAP which isn't supported to change here.
-                    {% else %}
-                      <form action="{{ user_profile }}" method="post">
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                        <div class="form-group">
-                          <label for="password">New Password</label>
-                          <input type="password" class="form-control" name="password" id="newpassword">
-                        </div>
-                        <div class="form-group">
-                          <label for="rpassword">Re-type New Password</label>
-                          <input type="password" class="form-control" name="rpassword" id="rpassword">
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12 col-sm-6">
+                    <div class="card card-outline card-primary shadow">
+                        <div class="card-header">
+                            <h3 class="card-title">Profile Editor</h3>
                         </div>
-                        <div class="form-group">
-                          <button type="submit" class="btn btn-primary">
-                            <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save
-                          </button>
-                        </div>
-                      </form>
-                    {% endif %}
-                  </div>
-                {% endif %}
-                <div class="tab-pane fade" id="tabs-authentication">
-                  <form action="{{ user_profile }}" method="post">
-                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                    <div class="form-group">
-                      <input type="checkbox" id="otp_toggle" class="otp_toggle" {% if current_user.otp_secret %}checked{% endif %}>
-                      <label for="otp_toggle">Enable Two Factor Authentication</label>
-                      {% if current_user.otp_secret %}
-                        <div id="token_information">
-                          <p>
-                            <img id="qrcode" src="{{ url_for('user.qrcode') }}">
-                          </p>
-                          <div style="position: relative; left: 15px">
-                            Your secret key is:
-                            <br />
-                              <form>
-                                <input type=text id="otp_secret" value={{current_user.otp_secret}} readonly>
-                                <button type=button style="position:relative; right:28px" onclick="copy_otp_secret_to_clipboard()">
-                                  <i class="fa-solid fa-clipboard"></i>
-                                </button>
-                                <br />
-                                <font color="red" id="copy_tooltip" style="visibility:collapse">Copied.</font>
-                              </form>
-                          </div>
-                          You can use Google Authenticator 
-                          (<a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><i class="fa-brands fa-google-play"></i>Android</a>
-                          - <a target="_blank" href="https://apps.apple.com/us/app/google-authenticator/id388497605"><i class="fa-brands fa-app-store-ios"></i>iOS</a>)
-                           or FreeOTP 
-                           (<a target="_blank" href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en"><i class="fa-brands fa-google-play"></i>Android</a>
-                           - <a target="_blank" href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8"><i class="fa-brands fa-app-store-ios"></i>iOS</a>) 
-                           on your smartphone to scan the QR code.
-                           <br />
-                          <font color="red">
-                            <strong>
-                              <i>Make sure only you can see this QR Code and secret key and
-                                nobody can capture them.
-                              </i>
-                            </strong>
-                          </font>
+                        <!-- /.card-header -->
+                        <div class="card-body">
+                            <div class="nav-tabs-custom mb-2">
+                                <ul class="nav nav-tabs" role="tablist">
+                                    <li class="nav-item">
+                                        <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
+                                            Personal Info
+                                        </a>
+                                    </li>
+                                    {% if session['authentication_type'] == 'LOCAL' %}
+                                        <li class="nav-item">
+                                            <a class="nav-link" href="#tabs-password" data-toggle="tab">
+                                                Change Password
+                                            </a>
+                                        </li>
+                                    {% endif %}
+                                    {% if session['authentication_type'] in ['LOCAL', 'LDAP'] %}
+                                        <li class="nav-item">
+                                            <a class="nav-link" href="#tabs-authentication" data-toggle="tab">
+                                                Authentication
+                                            </a>
+                                        </li>
+                                    {% endif %}
+                                </ul>
+                            </div>
+                            <!-- /.nav-tabs-custom -->
+
+                            <div class="tab-content">
+                                <div class="tab-pane fade show active" id="tabs-personal">
+                                    <form role="form" method="post" action="{{ user_profile }}">
+                                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                        <div class="form-group">
+                                            <label for="firstname">First Name</label>
+                                            <input type="text" class="form-control" name="firstname"
+                                                   id="firstname" placeholder="{{ current_user.firstname }}"
+                                                   {% if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                        </div>
+                                        <div class="form-group">
+                                            <label for="lastname">Last Name</label>
+                                            <input type="text" class="form-control" name="lastname"
+                                                   id="lastname" placeholder="{{ current_user.lastname }}"
+                                                   {% if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                        </div>
+                                        <div class="form-group">
+                                            <label for="email">E-Mail</label> <input type="email"
+                                                                                     class="form-control"
+                                                                                     name="email" id="email"
+                                                                                     placeholder="{{ current_user.email }}"
+                                                                                     {% if session['authentication_type'] != 'LOCAL' %}disabled{% endif %}>
+                                        </div>
+                                        {% if session['authentication_type'] == 'LOCAL' %}
+                                            <div class="form-group">
+                                                <button type="submit" class="btn btn-primary" title="Save Profile">
+                                                    <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save Profile
+                                                </button>
+                                            </div>
+                                        {% endif %}
+                                    </form>
+                                </div>
+                                <!-- /.tab-pane -->
+
+                                {% if session['authentication_type'] == 'LOCAL' %}
+                                    <div class="tab-pane fade" id="tabs-password">
+                                        {% if not current_user.password %}
+                                            Your account password is managed via LDAP which isn't supported to
+                                            change here.
+                                        {% else %}
+                                            <form action="{{ user_profile }}" method="post">
+                                                <input type="hidden" name="_csrf_token"
+                                                       value="{{ csrf_token() }}">
+                                                <div class="form-group">
+                                                    <label for="password">New Password</label>
+                                                    <input type="password" class="form-control" name="password"
+                                                           id="newpassword">
+                                                </div>
+                                                <div class="form-group">
+                                                    <label for="rpassword">Re-type New Password</label>
+                                                    <input type="password" class="form-control" name="rpassword"
+                                                           id="rpassword">
+                                                </div>
+                                                <div class="form-group">
+                                                    <button type="submit" class="btn btn-primary" title="Save Password">
+                                                        <i class="fa-solid fa-floppy-disk"></i>&nbsp;Save Password
+                                                    </button>
+                                                </div>
+                                            </form>
+                                        {% endif %}
+                                    </div>
+                                    <!-- /.tab-pane -->
+                                {% endif %}
+
+                                <div class="tab-pane fade" id="tabs-authentication">
+                                    <form action="{{ user_profile }}" method="post">
+                                        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                                        <div class="form-group">
+                                            <input type="checkbox" id="otp_toggle" class="otp_toggle"
+                                                   {% if current_user.otp_secret %}checked{% endif %}>
+                                            <label for="otp_toggle">Enable Two Factor Authentication</label>
+                                            {% if current_user.otp_secret %}
+                                                <div id="token_information">
+                                                    <p>
+                                                        <img id="qrcode" src="{{ url_for('user.qrcode') }}">
+                                                    </p>
+                                                    <div style="position: relative; left: 15px">
+                                                        Your secret key is:
+                                                        <br/>
+                                                        <form>
+                                                            <input type=text id="otp_secret"
+                                                                   value={{ current_user.otp_secret }} readonly>
+                                                            <button type=button
+                                                                    style="position:relative; right:28px"
+                                                                    onclick="copy_otp_secret_to_clipboard()">
+                                                                <i class="fa-solid fa-clipboard"></i>
+                                                            </button>
+                                                            <br/>
+                                                            <span style="color: red;" id="copy_tooltip"
+                                                                  style="visibility:collapse">Copied.</span>
+                                                        </form>
+                                                    </div>
+                                                    You can use Google Authenticator
+                                                    (<a target="_blank"
+                                                        href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><i
+                                                    class="fa-brands fa-google-play"></i>Android</a>
+                                                    - <a target="_blank"
+                                                         href="https://apps.apple.com/us/app/google-authenticator/id388497605"><i
+                                                    class="fa-brands fa-app-store-ios"></i>iOS</a>)
+                                                    or FreeOTP
+                                                    (<a target="_blank"
+                                                        href="https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp&hl=en"><i
+                                                    class="fa-brands fa-google-play"></i>Android</a>
+                                                    - <a target="_blank"
+                                                         href="https://itunes.apple.com/en/app/freeotp-authenticator/id872559395?mt=8"><i
+                                                    class="fa-brands fa-app-store-ios"></i>iOS</a>)
+                                                    on your smartphone to scan the QR code.
+                                                    <br/>
+                                                    <p style="color: red; font-style: italic; font-weight: bold;">
+                                                        Make sure only you can see this QR Code and
+                                                                secret key and
+                                                                nobody can capture them.
+                                                    </p>
+                                                </div>
+                                            {% endif %}
+                                        </div>
+                                        <!-- /.form-group -->
+                                    </form>
+                                </div>
+                                <!-- /.tab-pane -->
+                            </div>
+                            <!-- /.tab-content -->
                         </div>
-                      {% endif %}
+                        <!-- /.card-body -->
                     </div>
-                  </form>
+                    <!-- /.card -->
                 </div>
-              </div>
+                <!-- /.col -->
             </div>
-          </div>
+            <!-- /.row -->
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+        <!-- /.container-fluid -->
+    </section>
 {% endblock %}
+
 {% block extrascripts %}
-<script>
+    <script>
 
-    // initialize pretty checkboxes
-    $('.otp_toggle').iCheck({
-        checkboxClass: 'icheckbox_square-blue',
-        increaseArea: '20%'
-    });
+        // initialize pretty checkboxes
+        $('.otp_toggle').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            increaseArea: '20%'
+        });
 
-    // handle checkbox toggling
-    $('.otp_toggle').on('ifToggled', function(event) {
-    var enable_otp = $(this).prop('checked');
-    var postdata = {
-        'action': 'enable_otp',
-        'data': {
-            'enable_otp': enable_otp
-        },
-        '_csrf_token': '{{ csrf_token() }}'
-    };
-    applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true, function() {
-        window.location.reload();
-        $('#tabs li:eq(2) a').tab('show');
-    });
-  });
-</script>
+        // handle checkbox toggling
+        $('.otp_toggle').on('ifToggled', function (event) {
+            var enable_otp = $(this).prop('checked');
+            var postdata = {
+                'action': 'enable_otp',
+                'data': {
+                    'enable_otp': enable_otp
+                },
+                '_csrf_token': '{{ csrf_token() }}'
+            };
+            applyChanges(postdata, $SCRIPT_ROOT + '/user/profile', false, true, function () {
+                window.location.reload();
+                $('#tabs li:eq(2) a').tab('show');
+            });
+        });
+    </script>
 {% endblock %}

From b3c80df6745dd6cfa303cf741bf22091d485c8b7 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:12:22 -0500
Subject: [PATCH 256/475] Completed first-round updates for the email
 confirmation views.

---
 .../templates/email_confirmation.html         |  57 ++++----
 .../templates/resend_confirmation_email.html  | 138 +++++++++---------
 2 files changed, 96 insertions(+), 99 deletions(-)

diff --git a/powerdnsadmin/templates/email_confirmation.html b/powerdnsadmin/templates/email_confirmation.html
index 9a26c1467..3ecef244c 100644
--- a/powerdnsadmin/templates/email_confirmation.html
+++ b/powerdnsadmin/templates/email_confirmation.html
@@ -1,50 +1,51 @@
 <!DOCTYPE html>
 <html>
-
 <head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Email confirmation - {{ SITE_NAME }}</title>
-  <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-  <![endif]-->
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Email Confirmation - {{ SITE_NAME }}</title>
+    <link rel="icon" href="{{ url_for('static', filename='img/favicon.png') }}">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    {% assets "css_login" -%}
+        <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+    <![endif]-->
 </head>
-
 <body class="hold-transition register-page">
-    <section class="content">
-        <div class="error-page">
-            <div class="error-content">
-                {% if status == 1 %}
+<section class="content">
+    <div class="error-page">
+        <div class="error-content">
+            {% if status == 1 %}
                 <h3>
                     <i class="fa fa-thumbs-o-up text-success"></i> Email verification successful!
                 </h3>
                 <p>
-                  You have confirmed your account. <a href="{{ url_for('index.login') }}">Click here</a> to login.
+                    You have confirmed your account. <a href="{{ url_for('index.login') }}">Click here</a> to login.
                 </p>
-                {% elif status == 2 %}
+            {% elif status == 2 %}
                 <h3>
-                  <i class="fa fa-hand-stop-o text-info"></i> Already verified!
+                    <i class="fa fa-hand-stop-o text-info"></i> Already verified!
                 </h3>
                 <p>
-                  You have confirmed your account already. <a href="{{ url_for('index.login') }}">Click here</a> to login.
+                    You have confirmed your account already. <a href="{{ url_for('index.login') }}">Click here</a> to
+                    login.
                 </p>
-                {% else %}
+            {% else %}
                 <h3>
-                  <i class="fa fa-warning text-yellow"></i> Email verification failed!
+                    <i class="fa fa-warning text-yellow"></i> Email verification failed!
                 </h3>
                 <p>
-                  The confirmation link is invalid or has expired. <a href="{{ url_for('index.resend_confirmation_email') }}">Click here</a> if you want to resend a new link.
+                    The confirmation link is invalid or has expired. <a
+                    href="{{ url_for('index.resend_confirmation_email') }}">Click here</a> if you want to resend a new
+                    link.
                 </p>
-                {% endif %}
-            </div>
-            <!-- /.error-content -->
+            {% endif %}
         </div>
-        <!-- /.error-page -->
-    </section>
+        <!-- /.error-content -->
+    </div>
+    <!-- /.error-page -->
+</section>
 </body>
 
 </html>
diff --git a/powerdnsadmin/templates/resend_confirmation_email.html b/powerdnsadmin/templates/resend_confirmation_email.html
index fd05197f4..c39587fef 100644
--- a/powerdnsadmin/templates/resend_confirmation_email.html
+++ b/powerdnsadmin/templates/resend_confirmation_email.html
@@ -1,86 +1,82 @@
 <!DOCTYPE html>
 <html>
-
 <head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title>Resend a confirmation email - {{ SITE_NAME }}</title>
-  <link rel="icon" href="/static/img/favicon.png">
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
-  {% assets "css_login" -%}
-  <link rel="stylesheet" href="{{ ASSET_URL }}">
-  {%- endassets %}
-  <![endif]-->
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title>Resend Confirmation Email - {{ SITE_NAME }}</title>
+    <link rel="icon" href="/static/img/favicon.png">
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" name="viewport">
+    {% assets "css_login" -%}
+        <link rel="stylesheet" href="{{ ASSET_URL }}">
+    {%- endassets %}
+    <![endif]-->
 </head>
-
 <body class="hold-transition register-page">
-  <div class="register-box">
+<div class="register-box">
     <div class="register-logo">
-      <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
+        <a href="{{ url_for('index.index') }}"><b>PowerDNS</b>-Admin</a>
     </div>
     <div class="register-box-body">
-      {% if error %}
-      <div class="alert alert-danger alert-dismissible">
-        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
-        {{ error }}
-      </div>
-      {% endif %}
-          <p>
+        {% if error %}
+            <div class="alert alert-danger alert-dismissible">
+                <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+                {{ error }}
+            </div>
+        {% endif %}
+        <p>
             Enter your email address to get account confirmation link.
-          </p>
-      <form method="post" data-toggle="validator">
-        <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-        <div class="form-group has-feedback">
+        </p>
+        <form method="post" data-toggle="validator">
             <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-            <input type="email" name="email" class="form-control" placeholder="Email address" data-error="Please input your email" required>
-            <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
-            <span class="help-block with-errors"></span>
-        </div>
-        <div class="row">
-          <div class="col-xs-4 pull-left">
-            <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
-          </div>
-          <div class="col-xs-4 pull-right">
-            <button type="submit" class="btn btn-flat btn-primary btn-block">Resend</button>
-          </div>
-          <!-- /.col -->
-        </div>
-        <div class="form-group">
-            <p>
-              {% if status == 0 %}
-                <font color="red">Email not found!</font>
-              {% elif status == 1 %}
-                <font color="red">Email already confirmed!</font>
-              {% elif status == 2 %}
-                <font color="green">Confirmation email sent!</font>
-              {% endif %}
-            </p>
-        </div>
-      </form>
+            <div class="form-group has-feedback">
+                <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
+                <input type="email" name="email" class="form-control" placeholder="Email address"
+                       data-error="Please input your email" required>
+                <span class="glyphicon glyphicon-envelope form-control-feedback"></span>
+                <span class="help-block with-errors"></span>
+            </div>
+            <div class="row">
+                <div class="col-xs-4 pull-left">
+                    <button type="button" class="btn btn-flat btn-block" id="button_back">Back</button>
+                </div>
+                <div class="col-xs-4 pull-right">
+                    <button type="submit" class="btn btn-flat btn-primary btn-block">Resend</button>
+                </div>
+                <!-- /.col -->
+            </div>
+            <div class="form-group">
+                <p>
+                    {% if status == 0 %}
+                        <font color="red">Email not found!</font>
+                    {% elif status == 1 %}
+                        <font color="red">Email already confirmed!</font>
+                    {% elif status == 2 %}
+                        <font color="green">Confirmation email sent!</font>
+                    {% endif %}
+                </p>
+            </div>
+        </form>
     </div>
-    <!-- /.form-box -->
-    <div class="login-box-footer">
-      <center>
-        <p>Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></p>
-      </center>
-    </div>
-  </div>
-  <!-- /.login-box -->
+    <!-- /.register-box-body -->
+</div>
+<!-- /.register-box -->
+<div class="text-center pt-3">
+    <p>Powered by <a href="https://powerdnsadmin.org" target="_blank">PowerDNS-Admin</a></p>
+</div>
 
-  {% assets "js_login" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  {% assets "js_validation" -%}
-  <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-  {%- endassets %}
-  <script>
+{% assets "js_login" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+{% assets "js_validation" -%}
+    <script type="text/javascript" src="{{ ASSET_URL }}"></script>
+{%- endassets %}
+<script>
     $(function () {
-      $('#button_back').click(function () {
-        window.location.href = '{{ url_for('index.login') }}';
-      })
+        $('#button_back').click(function () {
+            window.location.href = '{{ url_for('index.login') }}';
+        })
     });
-  </script>
+</script>
 </body>
-
-</html>
+</html>
\ No newline at end of file

From 65b7b9a5c30ff74aa8e2465d51d213c502205906 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:28:56 -0500
Subject: [PATCH 257/475] Completed first-round updates for the error template
 views.

---
 .../emails/account_verification.html          | 221 +++++++++---------
 powerdnsadmin/templates/errors/400.html       |  76 +++---
 powerdnsadmin/templates/errors/403.html       |  69 +++---
 powerdnsadmin/templates/errors/404.html       |  68 +++---
 powerdnsadmin/templates/errors/500.html       |  68 +++---
 powerdnsadmin/templates/errors/SAML.html      |  94 ++++----
 6 files changed, 274 insertions(+), 322 deletions(-)

diff --git a/powerdnsadmin/templates/emails/account_verification.html b/powerdnsadmin/templates/emails/account_verification.html
index 000e80c10..5debdb5ab 100644
--- a/powerdnsadmin/templates/emails/account_verification.html
+++ b/powerdnsadmin/templates/emails/account_verification.html
@@ -1,10 +1,9 @@
 <!doctype html>
 <html>
-
 <head>
     <meta name="viewport" content="width=device-width">
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    <title>{{ SITE_NAME }} user verification email</title>
+    <title>{{ SITE_NAME }} User Verification Email</title>
     <style>
         @media only screen and (max-width: 620px) {
             table[class=body] h1 {
@@ -99,122 +98,122 @@
         }
     </style>
 </head>
-
 <body class=""
-    style="background-color: #f6f6f6; font-family: sans-serif; -webkit-font-smoothing: antialiased; font-size: 14px; line-height: 1.4; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;">
-    <span class="preheader"
-        style="color: transparent; display: none; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; mso-hide: all; visibility: hidden; width: 0;">This
+      style="background-color: #f6f6f6; font-family: sans-serif; -webkit-font-smoothing: antialiased; font-size: 14px; line-height: 1.4; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;">
+<span class="preheader"
+      style="color: transparent; display: none; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden; mso-hide: all; visibility: hidden; width: 0;">This
         is preheader text. Some clients will show this text as a preview.</span>
-    <table role="presentation" border="0" cellpadding="0" cellspacing="0" class="body"
-        style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #f6f6f6; width: 100%;"
-        width="100%" bgcolor="#f6f6f6">
-        <tr>
-            <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;" valign="top">&nbsp;</td>
-            <td class="container"
-                style="font-family: sans-serif; font-size: 14px; vertical-align: top; display: block; max-width: 580px; padding: 10px; width: 580px; margin: 0 auto;"
-                width="580" valign="top">
-                <div class="content"
-                    style="box-sizing: border-box; display: block; margin: 0 auto; max-width: 580px; padding: 10px;">
-
-                    <!-- START CENTERED WHITE CONTAINER -->
-                    <table role="presentation" class="main"
-                        style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background: #ffffff; border-radius: 3px; width: 100%;"
-                        width="100%">
-
-                        <!-- START MAIN CONTENT AREA -->
+<table role="presentation" border="0" cellpadding="0" cellspacing="0" class="body"
+       style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #f6f6f6; width: 100%;"
+       width="100%" bgcolor="#f6f6f6">
+    <tr>
+        <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;" valign="top">&nbsp;</td>
+        <td class="container"
+            style="font-family: sans-serif; font-size: 14px; vertical-align: top; display: block; max-width: 580px; padding: 10px; width: 580px; margin: 0 auto;"
+            width="580" valign="top">
+            <div class="content"
+                 style="box-sizing: border-box; display: block; margin: 0 auto; max-width: 580px; padding: 10px;">
+
+                <!-- START CENTERED WHITE CONTAINER -->
+                <table role="presentation" class="main"
+                       style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background: #ffffff; border-radius: 3px; width: 100%;"
+                       width="100%">
+
+                    <!-- START MAIN CONTENT AREA -->
+                    <tr>
+                        <td class="wrapper"
+                            style="font-family: sans-serif; font-size: 14px; vertical-align: top; box-sizing: border-box; padding: 20px;"
+                            valign="top">
+                            <table role="presentation" border="0" cellpadding="0" cellspacing="0"
+                                   style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"
+                                   width="100%">
+                                <tr>
+                                    <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;"
+                                        valign="top">
+                                        <p
+                                            style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
+                                            Hello!</p>
+                                        <p
+                                            style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
+                                            Please click the button below to verify your email address.</p>
+                                        <table role="presentation" border="0" cellpadding="0" cellspacing="0"
+                                               class="btn btn-primary"
+                                               style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; box-sizing: border-box; width: 100%;"
+                                               width="100%">
+                                            <tbody>
+                                            <tr>
+                                                <td align="left"
+                                                    style="font-family: sans-serif; font-size: 14px; vertical-align: top; padding-bottom: 15px;"
+                                                    valign="top">
+                                                    <table role="presentation" border="0" cellpadding="0"
+                                                           cellspacing="0"
+                                                           style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: auto;">
+                                                        <tbody>
+                                                        <tr>
+                                                            <td style="font-family: sans-serif; font-size: 14px; vertical-align: top; border-radius: 5px; text-align: center; background-color: #3498db;"
+                                                                valign="top" align="center"
+                                                                bgcolor="#3498db"><a
+                                                                href="{{ verification_link }}"
+                                                                target="_blank"
+                                                                rel="noopener noreferrer"
+                                                                style="border: solid 1px #3498db; border-radius: 5px; box-sizing: border-box; cursor: pointer; display: inline-block; font-size: 14px; font-weight: bold; margin: 0; padding: 12px 25px; text-decoration: none; text-transform: capitalize; background-color: #3498db; border-color: #3498db; color: #ffffff;">Verify
+                                                                Email Address</a></td>
+                                                        </tr>
+                                                        </tbody>
+                                                    </table>
+                                                </td>
+                                            </tr>
+                                            </tbody>
+                                        </table>
+                                        <p
+                                            style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
+                                            Your confirmation link will be expired in 24 hours. If you did not create an
+                                            account, no further action is required.</p>
+                                        <p
+                                            style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
+                                            Cheers!</p>
+                                    </td>
+                                </tr>
+                            </table>
+                        </td>
+                    </tr>
+
+                    <!-- END MAIN CONTENT AREA -->
+                </table>
+                <!-- END CENTERED WHITE CONTAINER -->
+
+                <!-- START FOOTER -->
+                <div class="footer" style="clear: both; margin-top: 10px; text-align: center; width: 100%;">
+                    <table role="presentation" border="0" cellpadding="0" cellspacing="0"
+                           style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"
+                           width="100%">
                         <tr>
-                            <td class="wrapper"
-                                style="font-family: sans-serif; font-size: 14px; vertical-align: top; box-sizing: border-box; padding: 20px;"
-                                valign="top">
-                                <table role="presentation" border="0" cellpadding="0" cellspacing="0"
-                                    style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"
-                                    width="100%">
-                                    <tr>
-                                        <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;"
-                                            valign="top">
-                                            <p
-                                                style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
-                                                Hello!</p>
-                                            <p
-                                                style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
-                                                Please click the button below to verify your email address.</p>
-                                            <table role="presentation" border="0" cellpadding="0" cellspacing="0"
-                                                class="btn btn-primary"
-                                                style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; box-sizing: border-box; width: 100%;"
-                                                width="100%">
-                                                <tbody>
-                                                    <tr>
-                                                        <td align="left"
-                                                            style="font-family: sans-serif; font-size: 14px; vertical-align: top; padding-bottom: 15px;"
-                                                            valign="top">
-                                                            <table role="presentation" border="0" cellpadding="0"
-                                                                cellspacing="0"
-                                                                style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: auto;">
-                                                                <tbody>
-                                                                    <tr>
-                                                                        <td style="font-family: sans-serif; font-size: 14px; vertical-align: top; border-radius: 5px; text-align: center; background-color: #3498db;"
-                                                                            valign="top" align="center"
-                                                                            bgcolor="#3498db"> <a
-                                                                                href="{{ verification_link }}"
-                                                                                target="_blank"
-                                                                                rel="noopener noreferrer"
-                                                                                style="border: solid 1px #3498db; border-radius: 5px; box-sizing: border-box; cursor: pointer; display: inline-block; font-size: 14px; font-weight: bold; margin: 0; padding: 12px 25px; text-decoration: none; text-transform: capitalize; background-color: #3498db; border-color: #3498db; color: #ffffff;">Verify
-                                                                                Email Address</a> </td>
-                                                                    </tr>
-                                                                </tbody>
-                                                            </table>
-                                                        </td>
-                                                    </tr>
-                                                </tbody>
-                                            </table>
-                                            <p
-                                                style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
-                                                Your confirmation link will be expired in 24 hours. If you did not create an account, no further action is required.</p>
-                                            <p
-                                                style="font-family: sans-serif; font-size: 14px; font-weight: normal; margin: 0; margin-bottom: 15px;">
-                                                Cheers!</p>
-                                        </td>
-                                    </tr>
-                                </table>
+                            <td class="content-block"
+                                style="font-family: sans-serif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; color: #999999; font-size: 12px; text-align: center;"
+                                valign="top" align="center">
+                                    <span class="apple-link"
+                                          style="color: #999999; font-size: 12px; text-align: center;">This email was sent
+                                        from <a href="{{ SETTING.get('site_url') }}"
+                                                target="_blank" rel="noopener noreferrer">{{ SITE_NAME }}</a></span>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td class="content-block powered-by"
+                                style="font-family: sans-serif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; color: #999999; font-size: 12px; text-align: center;"
+                                valign="top" align="center">
+                                Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin"
+                                              style="color: #999999; font-size: 12px; text-align: center; text-decoration: none;">PowerDNS-Admin</a>.
                             </td>
                         </tr>
-
-                        <!-- END MAIN CONTENT AREA -->
                     </table>
-                    <!-- END CENTERED WHITE CONTAINER -->
-
-                    <!-- START FOOTER -->
-                    <div class="footer" style="clear: both; margin-top: 10px; text-align: center; width: 100%;">
-                        <table role="presentation" border="0" cellpadding="0" cellspacing="0"
-                            style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%;"
-                            width="100%">
-                            <tr>
-                                <td class="content-block"
-                                    style="font-family: sans-serif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; color: #999999; font-size: 12px; text-align: center;"
-                                    valign="top" align="center">
-                                    <span class="apple-link"
-                                        style="color: #999999; font-size: 12px; text-align: center;">This email was sent
-                                        from <a href="{{ SETTING.get('site_url') }}"
-                                            target="_blank" rel="noopener noreferrer">{{ SITE_NAME }}</a></span>
-                                </td>
-                            </tr>
-                            <tr>
-                                <td class="content-block powered-by"
-                                    style="font-family: sans-serif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; color: #999999; font-size: 12px; text-align: center;"
-                                    valign="top" align="center">
-                                    Powered by <a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin"
-                                        style="color: #999999; font-size: 12px; text-align: center; text-decoration: none;">PowerDNS-Admin</a>.
-                                </td>
-                            </tr>
-                        </table>
-                    </div>
-                    <!-- END FOOTER -->
-
                 </div>
-            </td>
-            <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;" valign="top">&nbsp;</td>
-        </tr>
-    </table>
+                <!-- END FOOTER -->
+
+            </div>
+        </td>
+        <td style="font-family: sans-serif; font-size: 14px; vertical-align: top;" valign="top">&nbsp;</td>
+    </tr>
+</table>
 </body>
 
 </html>
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/400.html b/powerdnsadmin/templates/errors/400.html
index d04363660..d9b0273d9 100644
--- a/powerdnsadmin/templates/errors/400.html
+++ b/powerdnsadmin/templates/errors/400.html
@@ -1,52 +1,42 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    400 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>HTTP 400 Error - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            400
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">400 Error</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">HTTP 400 Error</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">HTTP 400 Error</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="error-page">
-      <h2 class="headline text-yellow">
-        400
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
-          Oops! Bad request
-        </h3>
-        <p>
-          {% if msg %}
-            {{ msg }}
-          {% else %}
-            The server refused to process your request and return a 400 error.
-          {% endif %}
-          <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
-    </div>
-  </section>
+    <section class="content">
+        <div class="error-page">
+            <h2 class="headline text-yellow">HTTP 400 Error</h2>
+            <div class="error-content">
+                <h3>
+                    <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+                    Oops! Bad Request
+                </h3>
+                <p>
+                    {% if msg %}
+                        {{ msg }}
+                    {% else %}
+                        The server refused to process your request and return a 400 error.
+                    {% endif %}
+                    <br/>You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+                </p>
+            </div>
+        </div>
+    </section>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/403.html b/powerdnsadmin/templates/errors/403.html
index a1063927b..fac0a0d61 100644
--- a/powerdnsadmin/templates/errors/403.html
+++ b/powerdnsadmin/templates/errors/403.html
@@ -1,48 +1,41 @@
 {% extends "base.html" %}
 
-{% block title %}
-  <title>
-    403 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>HTTP 403 Error - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            403
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">403 Error</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">HTTP 403 Error</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">HTTP 403 Error</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="error-page">
-      <h2 class="headline text-yellow">
-        403
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
-          Oops! Access denied
-        </h3>
-        <p>
-          You don't have permission to access this page
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
-    </div>
-  </section>
+    <section class="content">
+        <div class="error-page">
+            <h2 class="headline text-yellow">
+                HTTP 403 Error
+            </h2>
+            <div class="error-content">
+                <h3>
+                    <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+                    Oops! Access Denied
+                </h3>
+                <p>
+                    You don't have permission to access this page
+                    You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+                </p>
+            </div>
+        </div>
+    </section>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/404.html b/powerdnsadmin/templates/errors/404.html
index 1e89d15c1..9c0979983 100644
--- a/powerdnsadmin/templates/errors/404.html
+++ b/powerdnsadmin/templates/errors/404.html
@@ -1,48 +1,38 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    404 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>HTTP 404 Error - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            404
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">404 Error</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">HTTP 404 Error</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">HTTP 404 Error</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="error-page">
-      <h2 class="headline text-yellow">
-        404
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
-          Oops! You're lost
-        </h3>
-        <p>
-          The page you requested could not be found.
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
-    </div>
-  </section>
+    <section class="content">
+        <div class="error-page">
+            <h2 class="headline text-yellow">HTTP 404 Error</h2>
+            <div class="error-content">
+                <h3>
+                    <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+                    Oops! Page not found.
+                </h3>
+                <p>
+                    The page you requested could not be found.
+                    You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+                </p>
+            </div>
+        </div>
+    </section>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/500.html b/powerdnsadmin/templates/errors/500.html
index 076548c63..7bf8de87a 100644
--- a/powerdnsadmin/templates/errors/500.html
+++ b/powerdnsadmin/templates/errors/500.html
@@ -1,48 +1,38 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    500 Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>HTTP 500 Error - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            500
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">500 Error</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">HTTP 500 Error</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">HTTP 500 Error</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="error-page">
-      <h2 class="headline text-yellow">
-        500
-      </h2>
-      <div class="error-content">
-        <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
-          Oops! Something went wrong
-        </h3>
-        <p>
-          Try again later.
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
-    </div>
-  </section>
+    <section class="content">
+        <div class="error-page">
+            <h2 class="headline text-yellow">HTTP 500 Error</h2>
+            <div class="error-content">
+                <h3>
+                    <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+                    Oops! Something went wrong.
+                </h3>
+                <p>
+                    Try again later.
+                    You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+                </p>
+            </div>
+        </div>
+    </section>
 {% endblock %}
\ No newline at end of file
diff --git a/powerdnsadmin/templates/errors/SAML.html b/powerdnsadmin/templates/errors/SAML.html
index 72a583f64..8b6e610e7 100644
--- a/powerdnsadmin/templates/errors/SAML.html
+++ b/powerdnsadmin/templates/errors/SAML.html
@@ -1,61 +1,51 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    SAML Authentication Error - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>SAML Authentication Error - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            SAML
-            <small>Error</small>
-          </h1>
-        </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">SAML Authentication Error</li>
-          </ol>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">SAML Authentication Error</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">SAML Authentication Error</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-  <section class="content">
-    <div class="error-page">
-      <div>
-        <h1 class="headline text-yellow" style="font-size:46px;">
-          SAML Authentication Error
-        </h1>
-      </div>
-      <br/>
-      <br/>
-      <div class="error-content">
-        <h3>
-          <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
-          Oops! Something went wrong
-        </h3>
-        <br>
-        <p>
-          Login failed.
-          <br>
-          Error(s) when processing SAML Response:
-          <br>
-          <ul>
-            {% for error in errors %}
-              <li>{{ error }}</li>
-            {% endfor %}
-          </ul>
-          You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
-        </p>
-      </div>
-    </div>
-  </section>
+    <section class="content">
+        <div class="error-page">
+            <div>
+                <h1 class="headline text-yellow" style="font-size:46px;">SAML Authentication Error</h1>
+            </div>
+            <br/>
+            <br/>
+            <div class="error-content">
+                <h3>
+                    <i class="fa-solid fa-exclamation-triangle text-yellow"></i>
+                    Oops! Something went wrong with your authentication.
+                </h3>
+                <br>
+                <p>
+                    Login failed.
+                    <br>
+                    Error(s) when processing SAML Response:
+                    <br>
+                <ul>
+                    {% for error in errors %}
+                        <li>{{ error }}</li>
+                    {% endfor %}
+                </ul>
+                You may <a href="{{ url_for('dashboard.dashboard') }}">return to the dashboard</a>.
+                </p>
+            </div>
+        </div>
+    </section>
 {% endblock %}
\ No newline at end of file

From be827c2362367a0347e3a3152a26da2da7847f82 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:30:57 -0500
Subject: [PATCH 258/475] Partially reverted a UX change on zone template
 record editor view to keep things working until it gets a full rebuild.

---
 powerdnsadmin/templates/template_edit.html | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/templates/template_edit.html b/powerdnsadmin/templates/template_edit.html
index 2f63fdf52..7b617a45f 100644
--- a/powerdnsadmin/templates/template_edit.html
+++ b/powerdnsadmin/templates/template_edit.html
@@ -50,7 +50,8 @@ <h3 class="card-title">Zone Template Editor</h3>
                                     <th>TTL</th>
                                     <th>Data</th>
                                     <th>Comment</th>
-                                    <th>Actions</th>
+                                    <th>Edit</th>
+                                    <th>Delete</th>
                                     <th>ID</th>
                                 </tr>
                                 </thead>
@@ -80,6 +81,8 @@ <h3 class="card-title">Zone Template Editor</h3>
                                                     title="Edit Record">
                                                 <i class="fa-solid fa-edit"></i>
                                             </button>
+                                        </td>
+                                        <td>
                                             <button type="button" class="btn btn-sm btn-danger button_delete"
                                                     title="Delete Record">
                                                 <i class="fa-solid fa-trash"></i>
@@ -135,14 +138,14 @@ <h3 class="card-title">Zone Template Editor</h3>
                     // hidden column so that we can add new records on top
                     // regardless of whatever sorting is done. See orderFixed
                     visible: false,
-                    targets: [7]
+                    targets: [8]
                 },
                 {
                     className: "length-break",
                     targets: [4, 5]
                 }
             ],
-            "orderFixed": [[7, 'asc']]
+            "orderFixed": [[8, 'asc']]
         });
 
         // handle delete button

From 40034b2f2663da96e38a7fff4a4898dedf03c19a Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:37:22 -0500
Subject: [PATCH 259/475] Corrected minor styling issue for small mobile
 screens on the dashboard.

---
 powerdnsadmin/templates/dashboard.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 3ed9ee55e..22f083d58 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -163,7 +163,7 @@ <h3 class="card-title">Recent History</h3>
                 <div class="col-12">
                     <div class="card card-outline card-primary shadow">
                         <div class="card-header">
-                            <h3 class="card-title">
+                            <h3 class="card-title mb-2">
                                 Zones
                                 {% if show_bg_domain_button %}
                                     <button type="button" title="Synchronize Zones"

From 78b88c8e0e1c4f4822192a79f5ddf8ac902e37ee Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:43:49 -0500
Subject: [PATCH 260/475] Finished minor tweaks on the activity view, but it
 will still need a major re-work to correct the numerous mistakes present in
 the code.

---
 powerdnsadmin/templates/admin_history.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 68f5f199e..85f0db1e1 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -144,6 +144,7 @@ <h3 class="card-title">Activity Search</h3>
                                     </td>
                                 </div>
                                 </td>
+                            </form>
                         </div>
                     </div>
                     <div class="card-body">

From fcdbc45de7b463a13f117d36d1725c554de6d961 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 12:49:05 -0500
Subject: [PATCH 261/475] Moved temporary global styles out of base view
 template and into custom.css file to be properly included to asset
 generation.

---
 powerdnsadmin/static/custom/css/custom.css | 14 +++++++++++++-
 powerdnsadmin/templates/base.html          | 12 ------------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/powerdnsadmin/static/custom/css/custom.css b/powerdnsadmin/static/custom/css/custom.css
index 1cd372890..8b119ed5b 100644
--- a/powerdnsadmin/static/custom/css/custom.css
+++ b/powerdnsadmin/static/custom/css/custom.css
@@ -44,4 +44,16 @@ table td {
 
 .search-input {
     width: 100%;
-}
\ No newline at end of file
+}
+
+.sidebar .image { padding-top: 0.7em; }
+.sidebar .info { color: #fff; }
+.sidebar .info p { margin: 0; }
+.sidebar .info a { font-size: 0.8em; }
+
+/* Global Styles */
+table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
+table.records thead th:last-of-type { width: 50px; }
+div.records > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
+div.records > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
+div.records > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
\ No newline at end of file
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 83c6e331e..c2dc239db 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -18,18 +18,6 @@
         {% if SETTING.get('custom_css') %}
             <link rel="stylesheet" href="/static/custom/{{ SETTING.get('custom_css') }}">
         {% endif %}
-        <style>
-        .sidebar .image { padding-top: 0.7em; }
-        .sidebar .info { color: #fff; }
-        .sidebar .info p { margin: 0; }
-        .sidebar .info a { font-size: 0.8em; }
-        /* Global Styles */
-        table.records thead th, table.records tbody td { text-align: center; vertical-align: middle; }
-        table.records thead th:last-of-type { width: 50px; }
-        div.records > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
-        div.records > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
-        div.records > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
-        </style>
         {% block head_styles %}{% endblock %}
     {% endblock %}
 </head>

From 32c53cf2a184ad006e7745b93819ae1a1e3e0961 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 13:15:17 -0500
Subject: [PATCH 262/475] Tweaked markup generated from JS file to remove
 legacy btn-flat classes from various buttons.

---
 powerdnsadmin/static/custom/js/custom.js | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index 8b6d0787a..1b7a983dd 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -93,8 +93,8 @@ function saveRow(oTable, nRow) {
     oTable.cell(nRow,5).data(jqInputs[2].value);
 
     var record = jqInputs[0].value;
-    var button_edit = "<button type=\"button\" class=\"btn btn-flat btn-warning button_edit\" id=\"" + record +  "\">Edit&nbsp;<i class=\"fa fa-edit\"></i></button>"
-    var button_delete = "<button type=\"button\" class=\"btn btn-flat btn-danger button_delete\" id=\"" + record +  "\">Delete&nbsp;<i class=\"fa fa-trash\"></i></button>"
+    var button_edit = "<button type=\"button\" class=\"btn btn-warning button_edit\" id=\"" + record +  "\">Edit&nbsp;<i class=\"fa fa-edit\"></i></button>"
+    var button_delete = "<button type=\"button\" class=\"btn btn-danger button_delete\" id=\"" + record +  "\">Delete&nbsp;<i class=\"fa fa-trash\"></i></button>"
 
     oTable.cell(nRow,6).data(button_edit);
     oTable.cell(nRow,7).data(button_delete);
@@ -142,8 +142,8 @@ function editRow(oTable, nRow) {
     jqTds[3].innerHTML = '<select class="form-control" id="record_ttl" name="record_ttl" value="' + aData[3]  + '">' + ttl_opts + '</select>';
     jqTds[4].innerHTML = '<input type="text" style="display:table-cell; width:100% !important" id="current_edit_record_data" name="current_edit_record_data" class="form-control input-small advance-data" value="' + aData[4].replace(/\"/g,"&quot;") + '">';
     jqTds[5].innerHTML = '<input type="text" style="display:table-cell; width:100% !important" id="record_comment" name="record_comment" class="form-control input-small advance-data" value="' + aData[5].replace(/\"/g, "&quot;") + '">';
-    jqTds[6].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_save">Save</button>';
-    jqTds[7].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_cancel">Cancel</button>';
+    jqTds[6].innerHTML = '<button type="button" class="btn btn-primary button_save">Save</button>';
+    jqTds[7].innerHTML = '<button type="button" class="btn btn-primary button_cancel">Cancel</button>';
 
     // set current value of dropdown column
     if (aData[2] == 'Active'){
@@ -192,12 +192,12 @@ function getdnssec(url, domain){
             if (dnssec.length == 0 && parseFloat(PDNS_VERSION) >= 4.1) {
               dnssec_msg = '<h3>DNSSEC is disabled. Click on Enable to activate it.';
               modal.find('.modal-body p').html(dnssec_msg);
-              dnssec_footer = '<button type="button" class="btn btn-flat btn-success button_dnssec_enable pull-left" id="'+domain+'">Enable</button><button type="button" class="btn btn-flat btn-default pull-right" data-dismiss="modal">Cancel</button>';
+              dnssec_footer = '<button type="button" class="btn btn-success button_dnssec_enable pull-left" id="'+domain+'">Enable</button><button type="button" class="btn btn-default pull-right" data-dismiss="modal">Cancel</button>';
               modal.find('.modal-footer ').html(dnssec_footer);
             }
             else {
                 if (parseFloat(PDNS_VERSION) >= 4.1) {
-                  dnssec_footer = '<button type="button" class="btn btn-flat btn-danger button_dnssec_disable pull-left" id="'+domain+'">Disable DNSSEC</button><button type="button" class="btn btn-flat btn-default pull-right" data-dismiss="modal">Close</button>';
+                  dnssec_footer = '<button type="button" class="btn btn-danger button_dnssec_disable pull-left" id="'+domain+'">Disable DNSSEC</button><button type="button" class="btn btn-default pull-right" data-dismiss="modal">Close</button>';
                   modal.find('.modal-footer ').html(dnssec_footer);
                 }
                 for (var i = 0; i < dnssec.length; i++) {

From 3ee63aca8c3306ab59bce29cc37f2ae8fb63c464 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 14:52:01 -0500
Subject: [PATCH 263/475] Tweaked styling for global search query form to
 include curved edges in accordance with the latest styling.

---
 .../templates/admin_global_search.html        | 20 ++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 4c4e79dd1..9ec28d176 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -44,13 +44,19 @@ <h3 class="card-title">Search Form</h3>
                                 <!-- /.callout -->
                                 <div class="form-group">
                                     <div class="input-group">
-                                        <label for="txtQuery" class="input-group-text">Search Query</label>
-                                        <input type="text" id="txtQuery" name="q" class="form-control"
-                                               value="{{ query }}"
-                                               placeholder="Enter search query...">
-                                        <button type="submit" class="btn btn-flat btn-success" title="Execute Query">
-                                            <i class="fa fa-search"></i>
-                                        </button>
+                                        <div class="input-group-prepend">
+                                            <label id="txtQuery" class="input-group-text">
+                                                Search Query
+                                            </label>
+                                        </div>
+                                            <input type="text" id="txtQuery" name="q" class="form-control"
+                                                   value="{{ query }}"
+                                                    placeholder="Enter search query...">
+                                            <div class="input-group-append">
+                                            <button type="submit" class="btn btn-success" title="Execute Query">
+                                                <i class="fa-solid fa-search"></i>
+                                            </button>
+                                        </div>
                                     </div>
                                 </div>
                                 <!-- /.form-group -->

From 4d0cf87338ae8b4f63e81acdcc8c749b518c6d53 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 15:50:03 -0500
Subject: [PATCH 264/475] Cleaned up a UX issue with the zone records list
 editor view.

---
 powerdnsadmin/templates/domain.html | 977 ++++++++++++++--------------
 1 file changed, 499 insertions(+), 478 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 4cd1c1544..4318b299f 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -1,293 +1,310 @@
 {% extends "base.html" %}
-
-{% block title %}
-  <title>
-    {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}
-  </title>
-{% endblock %}
+{% block title %}<title>Zone Records - {{ domain.name | pretty_domain_name }} - {{ SITE_NAME }}</title>{% endblock %}
 
 {% block dashboard_stat %}
-  <div class="content-header">
-    <div class="container-fluid">
-      <div class="row mb-2">
-        <div class="col-sm-6">
-          <h1 class="m-0 text-dark">
-            Domain: <b>{{ domain.name | pretty_domain_name }}</b>
-          </h1>
+    <div class="content-header">
+        <div class="container-fluid">
+            <div class="row mb-2">
+                <div class="col-sm-6">
+                    <h1 class="m-0 text-dark">Zone Records - {{ domain.name | pretty_domain_name }}</h1>
+                </div>
+                <div class="col-sm-6">
+                    <ol class="breadcrumb float-sm-right">
+                        <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
+                        <li class="breadcrumb-item active">Zone Records - {{ domain.name | pretty_domain_name }}</li>
+                    </ol>
+                </div>
+            </div>
         </div>
-        <div class="col-sm-6">
-          <ol class="breadcrumb float-sm-right">
-            <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Dashboard</a></li>
-            <li class="breadcrumb-item active">Domain: {{ domain.name | pretty_domain_name }}</li>
-          </ol>
-        </div>
-      </div>
     </div>
-  </div>
 {% endblock %}
 
 {% block content %}
-<section class="content">
-  <div class="container-fluid">
-    <div class="row">
-      <div class="col-12">
-        <div class="card">
-          <div class="card-header">
-            {% if domain.type != 'Slave' %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_add_record" id="{{ domain.name }}">
-                <i class="fa-solid fa-plus"></i>
-                &nbsp;Add Record
-              </button>
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-right button_apply_changes" id="{{ domain.name }}" value="{{ domain.serial }}">
-                <i class="fa-solid fa-save"></i>
-                &nbsp;Apply Changes
-              </button>
-            {% else %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left button_update_from_primary" id="{{ domain.name }}">
-                <i class="fa-solid fa-sync"></i>
-                &nbsp;Update from Primary
-              </button>
-            {% endif %}
-            {% if current_user.role.name in ['Administrator', 'Operator'] %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary float-left btn-danger" onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
-                <i class="fa-solid fa-toolbox"></i>
-                &nbsp;Admin
-              </button>
-            {% endif %}
-            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-              <button type="button" style="position: relative; margin-left: 20px" class="btn btn-primary button_changelog" id="{{ domain.name }}">
-                <i class="fa-solid fa-history" aria-hidden="true"></i>
-                &nbsp;Changelog
-              </button>
-            {% endif %}
-          </div>
-          <div class="card-body">
-            <table id="tbl_records" class="table table-bordered table-striped">
-              <thead>
-                <tr>
-                  <th>Name</th>
-                  <th>Type</th>
-                  <th>Status</th>
-                  <th>TTL</th>
-                  <th>Data</th>
-                  {% if domain.type != 'Slave' %}
-                    <th>Comment</th>
-                    <th>Edit</th>
-                    <th>Delete</th>
-                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                      <th >Changelog</th>
-                    {% endif %}
-                  {% else %}
-                    <th>Invisible Sorting Column</th>
-                  {% endif %}
-                </tr>
-              </thead>
-              <tbody>
-                {% for record in records %}
-                  <tr class="odd row_record" id="{{ domain.name }}">
-                    <td>{{ (record.name,domain.name) | display_record_name | pretty_domain_name }}</td>
-                    <td>{{ record.type }}</td>
-                    <td>{{ record.status }}</td>
-                    <td>{{ record.ttl }}</td>
-                    <td>{{ record.data | pretty_domain_name }}</td>
-                    {% if domain.type != 'Secondary' %}
-                      <td>{{ record.comment }}</td>
-                      <td width="6%">
-                        {% if record.is_allowed_edit() %}
-                          <button type="button" class="btn btn-warning button_edit">
-                            <i class="fa-solid fa-edit"></i>
-                          </button>
-                        {% else %}
-                          <button type="button" class="btn btn-warning">
-                            <i class="fa-solid fa-exclamation-circle"></i>
-                          </button>
-                        {% endif %}
-                      </td>
-                      <td width="6%">
-                        {% if record.is_allowed_delete() %}
-                          <button type="button" class="btn btn-danger button_delete">
-                            <i class="fa-solid fa-trash"></i>
-                          </button>
-                        {% endif %}
-                      </td>
-                      {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                        <td width="6%">
-                          <button type="button" onclick="show_record_changelog('{{record.name}}','{{record.type}}',event)" class="btn btn-primary">
-                            <i class="fa-solid fa-history" aria-hidden="true"></i>
-                          </button>
-                        </td>
-                      {% endif %}
-                    {% endif %}
-                    <!-- hidden column that we can sort on -->
-                    <td>1</td>
-                  </tr>
-                {% endfor %}
-              </tbody>
-            </table>
-          </div>
+    <section class="content">
+        <div class="container-fluid">
+            <div class="row">
+                <div class="col-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <h3 class="card-title">Zone Editor</h3>
+                            <div class="card-tools">
+                                {% if current_user.role.name in ['Administrator', 'Operator'] %}
+                                    <button type="button" title="Zone Settings"
+                                            class="btn btn-primary btn-danger"
+                                            onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
+                                        <i class="fa-solid fa-toolbox"></i>
+                                        &nbsp;Zone Settings
+                                    </button>
+                                {% endif %}
+                                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                    <button type="button" title="Zone Changelog"
+                                            class="btn btn-primary ml-2 button_changelog" id="{{ domain.name }}">
+                                        <i class="fa-solid fa-history" aria-hidden="true"></i>
+                                        &nbsp;Changelog
+                                    </button>
+                                {% endif %}
+                                {% if domain.type != 'Slave' %}
+                                    <button type="button" title="Add Record"
+                                            class="btn btn-primary ml-2 button_add_record" id="{{ domain.name }}">
+                                        <i class="fa-solid fa-plus"></i>
+                                        &nbsp;Add Record
+                                    </button>
+                                    <button type="button" title="Save Changes"
+                                            class="btn btn-primary ml-2 button_apply_changes"
+                                            id="{{ domain.name }}"
+                                            value="{{ domain.serial }}">
+                                        <i class="fa-solid fa-save"></i>
+                                        &nbsp;Save Changes
+                                    </button>
+                                {% else %}
+                                    <button type="button" title="Update from Primary"
+                                            class="btn btn-primary ml-2 button_update_from_primary"
+                                            id="{{ domain.name }}">
+                                        <i class="fa-solid fa-sync"></i>
+                                        &nbsp;Update from Primary
+                                    </button>
+                                {% endif %}
+                            </div>
+                        </div>
+                        <div class="card-body table-responsive">
+                            <table id="tbl_records" class="table table-bordered table-striped table-hover table-sm">
+                                <thead>
+                                <tr>
+                                    <th>Name</th>
+                                    <th>Type</th>
+                                    <th>Status</th>
+                                    <th>TTL</th>
+                                    <th>Data</th>
+                                    {% if domain.type != 'Slave' %}
+                                        <th>Comment</th>
+                                        <th>Edit</th>
+                                        <th>Delete</th>
+                                        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                            <th>Changelog</th>
+                                        {% endif %}
+                                    {% else %}
+                                        <th>Invisible Sorting Column</th>
+                                    {% endif %}
+                                </tr>
+                                </thead>
+                                <tbody>
+                                {% for record in records %}
+                                    <tr class="odd row_record" id="{{ domain.name }}">
+                                        <td>{{ (record.name,domain.name) | display_record_name | pretty_domain_name }}</td>
+                                        <td>{{ record.type }}</td>
+                                        <td>{{ record.status }}</td>
+                                        <td>{{ record.ttl }}</td>
+                                        <td>{{ record.data | pretty_domain_name }}</td>
+                                        {% if domain.type != 'Slave' %}
+                                            <td>{{ record.comment }}</td>
+                                            <td>
+                                                {% if record.is_allowed_edit() %}
+                                                    <button type="button" class="btn btn-sm btn-warning button_edit">
+                                                        <i class="fa-solid fa-edit"></i>
+                                                    </button>
+                                                {% else %}
+                                                    <button type="button" class="btn btn-sm btn-warning">
+                                                        <i class="fa-solid fa-exclamation-circle"></i>
+                                                    </button>
+                                                {% endif %}
+                                            </td>
+                                            <td>
+                                                {% if record.is_allowed_delete() %}
+                                                    <button type="button" class="btn btn-sm btn-danger button_delete">
+                                                        <i class="fa-solid fa-trash"></i>
+                                                    </button>
+                                                {% endif %}
+                                            </td>
+                                            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                                <td>
+                                                    <button type="button"
+                                                            onclick="show_record_changelog('{{ record.name }}','{{ record.type }}',event)"
+                                                            class="btn btn-primary">
+                                                        <i class="fa-solid fa-history" aria-hidden="true"></i>
+                                                    </button>
+                                                </td>
+                                            {% endif %}
+                                        {% endif %}
+                                        <!-- hidden column that we can sort on -->
+                                        <td>1</td>
+                                    </tr>
+                                {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
+                </div>
+            </div>
         </div>
-      </div>
-    </div>
-  </div>
-</section>
+    </section>
+{% endblock %}
+
+{% block head_styles %}
+    <style>
+        /* Page Specific Overrides */
+        table#tbl_records thead th:nth-child(1),
+        table#tbl_records thead th:nth-child(2),
+        table#tbl_records thead th:nth-child(3),
+        table#tbl_records thead th:nth-child(4) { width: 100px; }
+        table#tbl_records tbody td { text-align: center; }
+        table#tbl_records tbody td:nth-child(0n+5),
+        table#tbl_records tbody td:nth-child(0n+6) { text-align: left; }
+    </style>
 {% endblock %}
 
 {% block extrascripts %}
-<script>
-    // superglobals
-    window.records_allow_edit = {{ editable_records | tojson }};
-    window.ttl_options = {{ ttl_options | tojson }};
-    window.nEditing = null;
-    window.nNew = false;
+    <script>
+        // superglobals
+        window.records_allow_edit = {{ editable_records | tojson }};
+        window.ttl_options = {{ ttl_options | tojson }};
+        window.nEditing = null;
+        window.nNew = false;
 
-    // set up user data table
-    $("#tbl_records").DataTable({
-        "paging" : true,
-        "lengthChange" : true,
-        "searching" : true,
-        "ordering" : true,
-        "info" : true,
-        "autoWidth" : false,
-        {% if SETTING.get('default_record_table_size') | string in ['5','15','20'] %}
-        "lengthMenu": [ [5, 15, 20, -1],
-                        [5, 15, 20, "All"]],
-        {% else %}
-        "lengthMenu": [ [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, -1],
-                        [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, "All"]],
-        {% endif %}
-        "pageLength": {{ SETTING.get('default_record_table_size') }},
-        "language": {
-            "lengthMenu": " _MENU_ records"
-        },
-        "retrieve" : true,
-        "columnDefs": [
-            {
-                type: 'natural',
-                targets: [0, 4]
-            },
-            {
-                targets: [0, 1, 2, 3, 4, 5],
-                render: $.fn.dataTable.render.text()
+        // set up user data table
+        $("#tbl_records").DataTable({
+            "paging": true,
+            "lengthChange": true,
+            "searching": true,
+            "ordering": true,
+            "info": true,
+            "autoWidth": false,
+            {% if SETTING.get('default_record_table_size') | string in ['5','15','20'] %}
+                "lengthMenu": [[5, 15, 20, -1],
+                    [5, 15, 20, "All"]],
+            {% else %}
+                "lengthMenu": [[5, 15, 20, {{ SETTING.get('default_record_table_size') }}, -1],
+                    [5, 15, 20, {{ SETTING.get('default_record_table_size') }}, "All"]],
+            {% endif %}
+            "pageLength": {{ SETTING.get('default_record_table_size') }},
+            "language": {
+                "lengthMenu": " _MENU_ records"
             },
-            {
-                // hidden column so that we can add new records on top
-                // regardless of whatever sorting is done. See orderFixed
-                visible: false,
-                {% if domain.type != 'Slave' %}
-                  {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                    targets: [ 9 ]
-                  {% else %}
-                    targets: [ 8 ]
-                  {% endif %}
+            "retrieve": true,
+            "columnDefs": [
+                {
+                    type: 'natural',
+                    targets: [0, 4]
+                },
+                {
+                    targets: [0, 1, 2, 3, 4, 5],
+                    render: $.fn.dataTable.render.text()
+                },
+                {
+                    // hidden column so that we can add new records on top
+                    // regardless of whatever sorting is done. See orderFixed
+                    visible: false,
+                    {% if domain.type != 'Slave' %}
+                        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                            targets: [9]
+                        {% else %}
+                            targets: [8]
+                        {% endif %}
+                    {% else %}
+                        targets: [5]
+                    {% endif %}
+                }
+            ],
+            {% if domain.type != 'Slave' %}
+                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                    "orderFixed": [[9, 'asc']]
                 {% else %}
-                  targets: [ 5 ]
+                    "orderFixed": [[8, 'asc']]
                 {% endif %}
-            },
-            {
-                className: "length-break",
-                targets: [ 4, 5 ]
-            }
-        ],
-        {% if domain.type != 'Slave' %}
-          {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-            "orderFixed": [[9, 'asc']]
-          {% else %}
-            "orderFixed": [[8, 'asc']]
-          {% endif %}
-        {% else %}
-          "orderFixed": [[5, 'asc']]
-        {% endif %}
-    });
-
+            {% else %}
+                "orderFixed": [[5, 'asc']]
+            {% endif %}
+        });
 
-    function show_record_changelog(record_name, record_type, e) {
-        e.stopPropagation();
-        window.location.href = "/domain/{{domain.name}}/changelog/" + record_name + "./" + record_type;
-    }
-    // handle changelog button
-    $(document.body).on("click", ".button_changelog", function(e) {
-        e.stopPropagation();
-        window.location.href = "/domain/{{domain.name}}/changelog";
-    });
 
-    // handle delete button
-    $(document.body).on("click", ".button_delete", function(e) {
-        e.stopPropagation();
-        var modal = $("#modal_delete");
-        var table = $("#tbl_records").DataTable();
-        var record = $(this).prop('id');
-        var nRow = $(this).parents('tr')[0];
-        var info = "Are you sure you want to delete " + record + "?";
-        modal.find('.modal-body p').text(info);
-        modal.modal('show');
+        function show_record_changelog(record_name, record_type, e) {
+            e.stopPropagation();
+            window.location.href = "/domain/{{domain.name}}/changelog/" + record_name + "./" + record_type;
+        }
 
-        $("#button_delete_confirm").unbind().one('click', function(e) {
-            table.row(nRow).remove().draw();
-            modal.modal('hide');
+        // handle changelog button
+        $(document.body).on("click", ".button_changelog", function (e) {
+            e.stopPropagation();
+            window.location.href = "/domain/{{domain.name}}/changelog";
         });
 
-        $("#button_delete_cancel").unbind().one('click', function(e) {
-            modal.modal('hide');
-        });
-    });
-    // handle edit button and record click
-    {% if domain.type != 'Slave' %}
-      $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function(e) {
-         e.stopPropagation();
-         if ($(this).is('tr')) {
-            var nRow = $(this)[0];
-         } else {
+        // handle delete button
+        $(document.body).on("click", ".button_delete", function (e) {
+            e.stopPropagation();
+            var modal = $("#modal_delete");
+            var table = $("#tbl_records").DataTable();
+            var record = $(this).prop('id');
             var nRow = $(this).parents('tr')[0];
-         }
-         var table = $("#tbl_records").DataTable();
+            var info = "Are you sure you want to delete " + record + "?";
+            modal.find('.modal-body p').text(info);
+            modal.modal('show');
 
-        if (nEditing == nRow) {
-            /* click on row already being edited, do nothing */
-        } else if (nEditing !== null && nEditing != nRow && nNew == false) {
-             /* Currently editing - but not this row - restore the old before continuing to edit mode */
-             restoreRow(table, nEditing);
-             editRow(table, nRow);
-             nEditing = nRow;
-         } else if (nNew == true) {
-             /* adding a new row, delete it and start editing */
-             table.row(nEditing).remove().draw();
-             nNew = false;
-             editRow(table, nRow);
-             nEditing = nRow;
-         } else {
-             /* No edit in progress - let's start one */
-             editRow(table, nRow);
-             nEditing = nRow;
-         }
-      });
-    {% endif %}
+            $("#button_delete_confirm").unbind().one('click', function (e) {
+                table.row(nRow).remove().draw();
+                modal.modal('hide');
+            });
 
-    // handle apply changes button
-    $(document.body).on("click",".button_apply_changes", function() {
-        if (nNew || nEditing) {
-            showErrorModal("Previous record not saved. Please save it before applying the changes.");
-            return;
-        }
+            $("#button_delete_cancel").unbind().one('click', function (e) {
+                modal.modal('hide');
+            });
+        });
+        // handle edit button and record click
+        {% if domain.type != 'Slave' %}
+            $(document.body).on("click", ".button_edit{% if quick_edit %}, .row_record{% endif %}", function (e) {
+                e.stopPropagation();
+                if ($(this).is('tr')) {
+                    var nRow = $(this)[0];
+                } else {
+                    var nRow = $(this).parents('tr')[0];
+                }
+                var table = $("#tbl_records").DataTable();
+
+                if (nEditing == nRow) {
+                    /* click on row already being edited, do nothing */
+                } else if (nEditing !== null && nEditing != nRow && nNew == false) {
+                    /* Currently editing - but not this row - restore the old before continuing to edit mode */
+                    restoreRow(table, nEditing);
+                    editRow(table, nRow);
+                    nEditing = nRow;
+                } else if (nNew == true) {
+                    /* adding a new row, delete it and start editing */
+                    table.row(nEditing).remove().draw();
+                    nNew = false;
+                    editRow(table, nRow);
+                    nEditing = nRow;
+                } else {
+                    /* No edit in progress - let's start one */
+                    editRow(table, nRow);
+                    nEditing = nRow;
+                }
+            });
+        {% endif %}
 
-        var modal = $("#modal_apply_changes");
-        var table = $("#tbl_records").DataTable();
-        var domain = $(this).prop('id');
-        var serial = $(".button_apply_changes").val();
-        var info = "Are you sure you want to apply your changes?";
-        modal.find('.modal-body p').text(info);
+        // handle apply changes button
+        $(document.body).on("click", ".button_apply_changes", function () {
+            if (nNew || nEditing) {
+                showErrorModal("Previous record not saved. Please save it before applying the changes.");
+                return;
+            }
 
-        // following unbind("click") is to avoid multiple times execution
-        modal.find('#button_apply_confirm').unbind("click").click(function() {
-            var data = {'serial': serial, 'record': getTableData(table), '_csrf_token': '{{ csrf_token() }}'};
-            applyRecordChanges(data, domain);
-            modal.modal('hide');
-        })
-        modal.modal('show');
+            var modal = $("#modal_apply_changes");
+            var table = $("#tbl_records").DataTable();
+            var domain = $(this).prop('id');
+            var serial = $(".button_apply_changes").val();
+            var info = "Are you sure you want to apply your changes?";
+            modal.find('.modal-body p').text(info);
+
+            // following unbind("click") is to avoid multiple times execution
+            modal.find('#button_apply_confirm').unbind("click").click(function () {
+                var data = {'serial': serial, 'record': getTableData(table), '_csrf_token': '{{ csrf_token() }}'};
+                applyRecordChanges(data, domain);
+                modal.modal('hide');
+            })
+            modal.modal('show');
 
-    });
+        });
 
-    // handle add record button
-    $(document.body).on("click", ".button_add_record", function (e) {
+        // handle add record button
+        $(document.body).on("click", ".button_add_record", function (e) {
             if (nNew || nEditing) {
                 showErrorModal("Previous record not saved. Please save it before adding more record.");
                 return;
@@ -298,9 +315,9 @@ <h1 class="m-0 text-dark">
             // add new row
             var default_type = records_allow_edit[0]
             {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
+                var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
-              var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
+                var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);
             {% endif %}
             editRow($("#tbl_records").DataTable(), nRow);
             document.getElementById("edit-row-focus").focus();
@@ -308,8 +325,8 @@ <h1 class="m-0 text-dark">
             nNew = true;
         });
 
-    //handle cancel button
-    $(document.body).on("click", ".button_cancel", function (e) {
+        //handle cancel button
+        $(document.body).on("click", ".button_cancel", function (e) {
             e.stopPropagation();
             var oTable = $("#tbl_records").DataTable();
             if (nNew) {
@@ -322,8 +339,8 @@ <h1 class="m-0 text-dark">
             }
         });
 
-    //handle save button
-    $(document.body).on("click", ".button_save", function (e) {
+        //handle save button
+        $(document.body).on("click", ".button_save", function (e) {
             e.stopPropagation();
             var table = $("#tbl_records").DataTable();
             saveRow(table, nEditing);
@@ -331,79 +348,82 @@ <h1 class="m-0 text-dark">
             nNew = false;
         });
 
-    //handle update_from_primary button
-    $(document.body).on("click", ".button_update_from_primary", function (e) {
+        //handle update_from_primary button
+        $(document.body).on("click", ".button_update_from_primary", function (e) {
             var domain = $(this).prop('id');
-            applyChanges({'domain': domain, '_csrf_token': '{{ csrf_token() }}'}, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
-    });
+            applyChanges({
+                'domain': domain,
+                '_csrf_token': '{{ csrf_token() }}'
+            }, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
+        });
 
-    {% if SETTING.get('record_helper') %}
-    //handle wacky record types
-    $(document.body).on("focus", "#current_edit_record_data", function (e) {
-        var record_type = $(this).parents("tr").find('#record_type').val();
-        var record_data = $(this);
-        if (record_type == "CAA") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"caa_flag\">CAA Flag</label> \
+        {% if SETTING.get('record_helper') %}
+            //handle wacky record types
+            $(document.body).on("focus", "#current_edit_record_data", function (e) {
+                var record_type = $(this).parents("tr").find('#record_type').val();
+                var record_data = $(this);
+                if (record_type == "CAA") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"caa_flag\">CAA Flag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_flag\" id=\"caa_flag\" placeholder=\"0\"> \
                                 <label for=\"caa_tag\">CAA Tag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_tag\" id=\"caa_tag\" placeholder=\"issue\"> \
                                 <label for=\"caa_value\">CAA Value</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_value\" id=\"caa_value\" placeholder=\"eg. letsencrypt.org\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"caa_flag\">CAA Flag</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"caa_flag\">CAA Flag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_flag\" id=\"caa_flag\" placeholder=\"0\" value=\"" + parts[0] + "\"> \
                                 <label for=\"caa_tag\">CAA Tag</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_tag\" id=\"caa_tag\" placeholder=\"issue\" value=\"" + parts[1] + "\"> \
                                 <label for=\"caa_value\">CAA Value</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"caa_value\" id=\"caa_value\" placeholder=\"eg. letsencrypt.org\" value=\"" + parts[2] + "\"> \
                             ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                caa_flag = modal.find('#caa_flag').val();
-                caa_tag = modal.find('#caa_tag').val();
-                caa_value = modal.find('#caa_value').val();
-                data = caa_flag + " " + caa_tag + " " + '"' + caa_value + '"';
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "MX") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"mx_priority\">MX Priority</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        caa_flag = modal.find('#caa_flag').val();
+                        caa_tag = modal.find('#caa_tag').val();
+                        caa_value = modal.find('#caa_value').val();
+                        data = caa_flag + " " + caa_tag + " " + '"' + caa_value + '"';
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "MX") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"mx_priority\">MX Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_priority\" id=\"mx_priority\" placeholder=\"eg. 10\"> \
                                 <label for=\"mx_server\">MX Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_server\" id=\"mx_server\" placeholder=\"eg. postfix.example.com\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"mx_priority\">MX Priority</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"mx_priority\">MX Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_priority\" id=\"mx_priority\" placeholder=\"eg. 10\" value=\"" + parts[0] + "\"> \
                                 <label for=\"mx_server\">MX Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"mx_server\" id=\"mx_server\" placeholder=\"eg. postfix.example.com\" value=\"" + parts[1] + "\"> \
                             ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                mx_server = modal.find('#mx_server').val();
-                mx_priority = modal.find('#mx_priority').val();
-                data = mx_priority + " " + mx_server;
-                if (data && !data.endsWith('.')) {
-                    data = data + '.'
-                }
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "SRV") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"srv_priority\">SRV Priority</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        mx_server = modal.find('#mx_server').val();
+                        mx_priority = modal.find('#mx_priority').val();
+                        data = mx_priority + " " + mx_server;
+                        if (data && !data.endsWith('.')) {
+                            data = data + '.'
+                        }
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "SRV") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"srv_priority\">SRV Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_priority\" id=\"srv_priority\" placeholder=\"0\"> \
                                 <label for=\"srv_weight\">SRV Weight</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_weight\" id=\"srv_weight\" placeholder=\"10\"> \
@@ -412,9 +432,9 @@ <h1 class="m-0 text-dark">
                                 <label for=\"srv_target\">SRV Target</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_target\" id=\"srv_target\" placeholder=\"sip.example.com\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"srv_priority\">SRV Priority</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"srv_priority\">SRV Priority</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_priority\" id=\"srv_priority\" placeholder=\"0\" value=\"" + parts[0] + "\"> \
                                 <label for=\"srv_weight\">SRV Weight</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_weight\" id=\"srv_weight\" placeholder=\"10\" value=\"" + parts[1] + "\"> \
@@ -423,25 +443,25 @@ <h1 class="m-0 text-dark">
                                 <label for=\"srv_target\">SRV Target</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"srv_target\" id=\"srv_target\" placeholder=\"sip.example.com\" value=\"" + parts[3] + "\"> \
                 ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                srv_priority = modal.find('#srv_priority').val();
-                srv_weight = modal.find('#srv_weight').val();
-                srv_port = modal.find('#srv_port').val();
-                srv_target = modal.find('#srv_target').val();
-                data = srv_priority + " " + srv_weight + " " + srv_port + " " + srv_target;
-                if (data && !data.endsWith('.')) {
-                    data = data + '.'
-                }
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "SOA") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        srv_priority = modal.find('#srv_priority').val();
+                        srv_weight = modal.find('#srv_weight').val();
+                        srv_port = modal.find('#srv_port').val();
+                        srv_target = modal.find('#srv_target').val();
+                        data = srv_priority + " " + srv_weight + " " + srv_port + " " + srv_target;
+                        if (data && !data.endsWith('.')) {
+                            data = data + '.'
+                        }
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "SOA") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_primaryns\" id=\"soa_primaryns\" placeholder=\"ns1.example.com\"> \
                                 <label for=\"soa_adminemail\">Primary Contact</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_adminemail\" id=\"soa_adminemail\" placeholder=\"admin.example.com\"> \
@@ -456,9 +476,9 @@ <h1 class="m-0 text-dark">
                                 <label for=\"soa_minimumttl\">Minimum TTL</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_minimumttl\" id=\"soa_minimumttl\" placeholder=\"300\"> \
                             ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"soa_primaryns\">Primary Name Server</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_primaryns\" id=\"soa_primaryns\" value=\"" + parts[0] + "\"> \
                                 <label for=\"soa_adminemail\">Primary Contact</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_adminemail\" id=\"soa_adminemail\" value=\"" + parts[1] + "\"> \
@@ -473,26 +493,26 @@ <h1 class="m-0 text-dark">
                                 <label for=\"soa_minimumttl\">Minimum TTL</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"soa_minimumttl\" id=\"soa_minimumttl\" value=\"" + parts[6] + "\"> \
                 ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                soa_primaryns = modal.find('#soa_primaryns').val();
-                soa_adminemail = modal.find('#soa_adminemail').val();
-                soa_serial = modal.find('#soa_serial').val();
-                soa_zonerefresh = modal.find('#soa_zonerefresh').val();
-                soa_failedzonerefresh = modal.find('#soa_failedzonerefresh').val();
-                soa_zoneexpiry = modal.find('#soa_zoneexpiry').val();
-                soa_minimumttl = modal.find('#soa_minimumttl').val();
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        soa_primaryns = modal.find('#soa_primaryns').val();
+                        soa_adminemail = modal.find('#soa_adminemail').val();
+                        soa_serial = modal.find('#soa_serial').val();
+                        soa_zonerefresh = modal.find('#soa_zonerefresh').val();
+                        soa_failedzonerefresh = modal.find('#soa_failedzonerefresh').val();
+                        soa_zoneexpiry = modal.find('#soa_zoneexpiry').val();
+                        soa_minimumttl = modal.find('#soa_minimumttl').val();
 
-                data = soa_primaryns + " " + soa_adminemail + " " + soa_serial + " " + soa_zonerefresh + " " + soa_failedzonerefresh + " " + soa_zoneexpiry + " " + soa_minimumttl;
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "TLSA") {
-            var modal = $("#modal_custom_record");
-            if (record_data.val() == "") {
-                var form = "    <label for=\"tlsa_certificate_usage\">TLSA Certificate Usage</label> \
+                        data = soa_primaryns + " " + soa_adminemail + " " + soa_serial + " " + soa_zonerefresh + " " + soa_failedzonerefresh + " " + soa_zoneexpiry + " " + soa_minimumttl;
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "TLSA") {
+                    var modal = $("#modal_custom_record");
+                    if (record_data.val() == "") {
+                        var form = "    <label for=\"tlsa_certificate_usage\">TLSA Certificate Usage</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_certificate_usage\" id=\"tlsa_certificate_usage\" placeholder=\"3\"> \
                                 <label for=\"tlsa_selector\">TLSA-Selector</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_selector\" id=\"tlsa_selector\" placeholder=\"1\"> \
@@ -501,9 +521,9 @@ <h1 class="m-0 text-dark">
                                 <label for=\"tlsa_hash\">Hash</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_hash\" id=\"tlsa_hash\" placeholder=\"HASH\"> \
                 ";
-            } else {
-                var parts = record_data.val().split(" ");
-                var form = "    <label for=\"tlsa_certificate_usage\">TLSA Certificate Usage</label> \
+                    } else {
+                        var parts = record_data.val().split(" ");
+                        var form = "    <label for=\"tlsa_certificate_usage\">TLSA Certificate Usage</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_certificate_usage\" id=\"tlsa_certificate_usage\" value=\"" + parts[0] + "\"> \
                                 <label for=\"tlsa_selector\">TLSA-Selector</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_selector\" id=\"tlsa_selector\" value=\"" + parts[1] + "\"> \
@@ -512,137 +532,138 @@ <h1 class="m-0 text-dark">
                                 <label for=\"tlsa_hash\">Hash</label> \
                                 <input type=\"text\" class=\"form-control\" name=\"tlsa_hash\" id=\"tlsa_hash\" value=\"" + parts[3] + "\"> \
                 ";
-            }
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                tlsa_certificate_usage = modal.find('#tlsa_certificate_usage').val();
-                tlsa_selector = modal.find('#tlsa_selector').val();
-                tlsa_matching = modal.find('#tlsa_matching').val();
-                tlsa_hash = modal.find('#tlsa_hash').val();
+                    }
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        tlsa_certificate_usage = modal.find('#tlsa_certificate_usage').val();
+                        tlsa_selector = modal.find('#tlsa_selector').val();
+                        tlsa_matching = modal.find('#tlsa_matching').val();
+                        tlsa_hash = modal.find('#tlsa_hash').val();
 
-                data = tlsa_certificate_usage + " " + tlsa_selector + " " + tlsa_matching + " " + tlsa_hash;
-                record_data.val(data);
-                modal.modal('hide');
-            })
-            modal.modal('show');
-        } else if (record_type == "TXT") {
-            var txt_data = record_data.val().replace(/"/g, '&quot;');
-            var modal = $("#modal_custom_record");
-            var form = "    <label for=\"txt_record\">TXT Record Data</label> \
+                        data = tlsa_certificate_usage + " " + tlsa_selector + " " + tlsa_matching + " " + tlsa_hash;
+                        record_data.val(data);
+                        modal.modal('hide');
+                    })
+                    modal.modal('show');
+                } else if (record_type == "TXT") {
+                    var txt_data = record_data.val().replace(/"/g, '&quot;');
+                    var modal = $("#modal_custom_record");
+                    var form = "    <label for=\"txt_record\">TXT Record Data</label> \
                             <textarea style=\"min-width: 100%;color: #333;\" placeholder=\"Your TXT record data\" rows=\"5\" id=\"txt_record\" name=\"txt_record\">" + txt_data + "</textarea> \
                        ";
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-                data = modal.find('#txt_record').val();
-                if (! /^".*"$/.test(data)) {
-                    data = '"' + data + '"';
-                }
-                record_data.val(data);
-                modal.modal('hide');
-            });
-            modal.modal('show');
-        } else if (record_type == "LUA") {
-            var lua_type = record_data.val().split(" ")[0];
-            var lua_data = record_data.val().substr(record_data.val().indexOf(" ") + 1).replace(/"/g, '&quot;');
-            var modal = $("#modal_custom_record");
-            var form = "    <label for=\"lua_type\">Lua Record Type</label> \
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        data = modal.find('#txt_record').val();
+                        if (!/^".*"$/.test(data)) {
+                            data = '"' + data + '"';
+                        }
+                        record_data.val(data);
+                        modal.modal('hide');
+                    });
+                    modal.modal('show');
+                } else if (record_type == "LUA") {
+                    var lua_type = record_data.val().split(" ")[0];
+                    var lua_data = record_data.val().substr(record_data.val().indexOf(" ") + 1).replace(/"/g, '&quot;');
+                    var modal = $("#modal_custom_record");
+                    var form = "    <label for=\"lua_type\">Lua Record Type</label> \
                             <input type=\"text\" class=\"form-control\" name=\"lua_type\" id=\"lua_type\" placeholder=\"Initial query type. Example: A, CNAME or PTR \" value=\"" + lua_type + "\"> \
                             <label for=\"lua_record\">Lua Record Data</label> \
                             <textarea style=\"min-width: 100%;color: #333;\" placeholder=\"Your LUA snippet\" rows=\"5\" id=\"lua_record\" name=\"lua_record\">" + lua_data + "</textarea> \
                        ";
-            modal.find('.modal-body p').html(form);
-            modal.find('#button_save').click(function() {
-              type = modal.find('#lua_type').val();
-              data = modal.find('#lua_record').val();
-              if (! /^".*"$/.test(data)) {
-                  data = '"' + data + '"';
-              }
-              data = type + ' ' + data;
-              record_data.val(data);
-              modal.modal('hide');
+                    modal.find('.modal-body p').html(form);
+                    modal.find('#button_save').click(function () {
+                        type = modal.find('#lua_type').val();
+                        data = modal.find('#lua_record').val();
+                        if (!/^".*"$/.test(data)) {
+                            data = '"' + data + '"';
+                        }
+                        data = type + ' ' + data;
+                        record_data.val(data);
+                        modal.modal('hide');
+                    });
+                    modal.modal('show');
+                }
             });
-            modal.modal('show');
-        }
-    });
-    {% endif %}
+        {% endif %}
 
-    window.onload = function() {
-    document.getElementById("loading-spinner").style.display = "none";
-  }
+        window.onload = function () {
+            document.getElementById("loading-spinner").style.display = "none";
+        }
 
-</script>
+    </script>
 {% endblock %}
 
 {% block modals %}
-  <div class="modal fade" id="modal_delete">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
+    <div class="modal fade" id="modal_delete">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary pull-left" id="button_delete_cancel"
+                            data-dismiss="modal">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Close
+                    </button>
+                    <button type="button" class="btn btn-danger" id="button_delete_confirm">
+                        <i class="fa-solid fa-trash"></i>&nbsp;Delete
+                    </button>
+                </div>
+            </div>
         </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary pull-left" id="button_delete_cancel" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-danger" id="button_delete_confirm">
-            <i class="fa-solid fa-trash"></i>&nbsp;Delete
-          </button>
-        </div>
-      </div>
     </div>
-  </div>
 
-  <div class="modal fade" id="modal_apply_changes">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Confirmation</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
+    <div class="modal fade" id="modal_apply_changes">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Confirmation</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary" data-dismiss="modal">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Close
+                    </button>
+                    <button type="button" class="btn btn-success" id="button_apply_confirm">
+                        <i class="fa-solid fa-save"></i>&nbsp;Apply Changes
+                    </button>
+                </div>
+            </div>
         </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-success" id="button_apply_confirm">
-            <i class="fa-solid fa-save"></i>&nbsp;Apply Changes
-          </button>
-        </div>
-      </div>
     </div>
-  </div>
 
-  <div class="modal fade bg-primary" id="modal_custom_record">
-    <div class="modal-dialog">
-      <div class="modal-content">
-        <div class="modal-header">
-          <h4 class="modal-title">Custom Record</h4>
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-            <span aria-hidden="true">&times;</span>
-          </button>
-        </div>
-        <div class="modal-body">
-          <p></p>
-        </div>
-        <div class="modal-footer">
-          <button type="button" class="btn btn-secondary" data-dismiss="modal">
-            <i class="fa-solid fa-window-close"></i>&nbsp;Close
-          </button>
-          <button type="button" class="btn btn-success" id="button_save">
-            <i class="fa-solid fa-save"></i>&nbsp;Save
-          </button>
+    <div class="modal fade bg-primary" id="modal_custom_record">
+        <div class="modal-dialog">
+            <div class="modal-content">
+                <div class="modal-header">
+                    <h4 class="modal-title">Custom Record</h4>
+                    <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                    </button>
+                </div>
+                <div class="modal-body">
+                    <p></p>
+                </div>
+                <div class="modal-footer">
+                    <button type="button" class="btn btn-secondary" data-dismiss="modal">
+                        <i class="fa-solid fa-window-close"></i>&nbsp;Close
+                    </button>
+                    <button type="button" class="btn btn-success" id="button_save">
+                        <i class="fa-solid fa-save"></i>&nbsp;Save
+                    </button>
+                </div>
+            </div>
         </div>
-      </div>
     </div>
-  </div>
 {% endblock %}

From b98bcc3bec3d80863befc666d8ae319f2f986c55 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 20 Feb 2023 15:52:00 -0500
Subject: [PATCH 265/475] Cleaned up a UX issue with the zone records list
 editor view.

---
 powerdnsadmin/templates/domain.html | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 4318b299f..05d7a1bfe 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -30,7 +30,7 @@ <h3 class="card-title">Zone Editor</h3>
                             <div class="card-tools">
                                 {% if current_user.role.name in ['Administrator', 'Operator'] %}
                                     <button type="button" title="Zone Settings"
-                                            class="btn btn-primary btn-danger"
+                                            class="btn btn-primary btn-danger mt-2 mb-2"
                                             onclick="window.location.href='{{ url_for('domain.setting', domain_name=domain.name) }}'">
                                         <i class="fa-solid fa-toolbox"></i>
                                         &nbsp;Zone Settings
@@ -38,19 +38,19 @@ <h3 class="card-title">Zone Editor</h3>
                                 {% endif %}
                                 {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
                                     <button type="button" title="Zone Changelog"
-                                            class="btn btn-primary ml-2 button_changelog" id="{{ domain.name }}">
+                                            class="btn btn-primary ml-2 mt-2 mb-2 button_changelog" id="{{ domain.name }}">
                                         <i class="fa-solid fa-history" aria-hidden="true"></i>
                                         &nbsp;Changelog
                                     </button>
                                 {% endif %}
                                 {% if domain.type != 'Slave' %}
                                     <button type="button" title="Add Record"
-                                            class="btn btn-primary ml-2 button_add_record" id="{{ domain.name }}">
+                                            class="btn btn-primary ml-2 mt-2 mb-2 button_add_record" id="{{ domain.name }}">
                                         <i class="fa-solid fa-plus"></i>
                                         &nbsp;Add Record
                                     </button>
                                     <button type="button" title="Save Changes"
-                                            class="btn btn-primary ml-2 button_apply_changes"
+                                            class="btn btn-primary ml-2 mt-2 mb-2 button_apply_changes"
                                             id="{{ domain.name }}"
                                             value="{{ domain.serial }}">
                                         <i class="fa-solid fa-save"></i>
@@ -58,7 +58,7 @@ <h3 class="card-title">Zone Editor</h3>
                                     </button>
                                 {% else %}
                                     <button type="button" title="Update from Primary"
-                                            class="btn btn-primary ml-2 button_update_from_primary"
+                                            class="btn btn-primary ml-2 mt-2 mb-2 button_update_from_primary"
                                             id="{{ domain.name }}">
                                         <i class="fa-solid fa-sync"></i>
                                         &nbsp;Update from Primary

From 182ef10a87bb5d4978df3a6fa1763e386123aa59 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 07:37:42 -0500
Subject: [PATCH 266/475] Updated primary Dockerfile to include additional
 command for Font Awesome NPM fonts.

---
 docker/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 461823996..603382bd3 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -46,6 +46,7 @@ RUN mv /build/powerdnsadmin/static /tmp/static && \
     cp -r /tmp/static/generated /build/powerdnsadmin/static && \
     cp -r /tmp/static/assets /build/powerdnsadmin/static && \
     cp -r /tmp/static/img /build/powerdnsadmin/static && \
+    find /tmp/static/node_modules -name 'webfonts' -exec cp -r {} /build/powerdnsadmin/static \; && \
     find /tmp/static/node_modules -name 'fonts' -exec cp -r {} /build/powerdnsadmin/static \; && \
     find /tmp/static/node_modules/icheck/skins/square -name '*.png' -exec cp {} /build/powerdnsadmin/static/generated \;
 

From 564e3932929196043ea74020f159d7c8abdec209 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 07:55:15 -0500
Subject: [PATCH 267/475] Fixed bug introduced by PR 1391 involving the saving
 up settings that have an associated text input.

---
 powerdnsadmin/templates/admin_setting_basic.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index b0e2867d3..5d1158a10 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -103,7 +103,7 @@ <h3 class="card-title">Settings Editor</h3>
 
         $(document.body).on('click', '.setting-save-button', function () {
             var setting = $(this).prop('id');
-            var value = $(this).parents('tr').find('#value')[0].value;
+            var value = $(this).parents('tr').find('input[type="text"]')[0].value;
             var postdata = {
                 'value': value,
                 '_csrf_token': '{{ csrf_token() }}'

From 8b0f00500683e3260e06cccca627fc24a922f5d2 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 07:57:59 -0500
Subject: [PATCH 268/475] Fixed bug introduced by PR 1391 involving the saving
 up settings that have an associated text input.

---
 powerdnsadmin/templates/admin_setting_basic.html | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_basic.html b/powerdnsadmin/templates/admin_setting_basic.html
index 5d1158a10..3a84bb071 100644
--- a/powerdnsadmin/templates/admin_setting_basic.html
+++ b/powerdnsadmin/templates/admin_setting_basic.html
@@ -65,7 +65,7 @@ <h3 class="card-title">Settings Editor</h3>
                                     </td>
                                     <td>
                                         <button type="button" class="btn btn-primary setting-save-button"
-                                                id="{{ setting }}">
+                                                id="{{ setting }}" data-target="value{{ loop.index }}">
                                             <i class="fa-solid fa-save"></i>&nbsp;Save
                                         </button>
                                     </td>
@@ -103,7 +103,8 @@ <h3 class="card-title">Settings Editor</h3>
 
         $(document.body).on('click', '.setting-save-button', function () {
             var setting = $(this).prop('id');
-            var value = $(this).parents('tr').find('input[type="text"]')[0].value;
+            var target = $(this).data('target');
+            var value = $('#' + target).val();
             var postdata = {
                 'value': value,
                 '_csrf_token': '{{ csrf_token() }}'

From b04ab933c64ac87c3b700f82622cf7fcefc04e9c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 08:03:06 -0500
Subject: [PATCH 269/475] Tweaked breadcrumb label for activity view that was
 missed in the recent mobile-first updates.

---
 powerdnsadmin/templates/admin_history.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 85f0db1e1..08ab67dab 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -12,7 +12,7 @@ <h1 class="m-0 text-dark">Activity</h1>
                 <div class="col-sm-6">
                     <ol class="breadcrumb float-sm-right">
                         <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
-                        <li class="breadcrumb-item active">History</li>
+                        <li class="breadcrumb-item active">Activity</li>
                     </ol>
                 </div>
             </div>

From c155a31857c16e9226b3d070ee7d02238b63b48f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 08:05:37 -0500
Subject: [PATCH 270/475] Updated labels.yml file to include additional
 definition that was added recently.

---
 .github/labels.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/labels.yml b/.github/labels.yml
index df15d03d6..c113abb1e 100644
--- a/.github/labels.yml
+++ b/.github/labels.yml
@@ -20,6 +20,9 @@ labels:
   - name: feature / request
     description: New feature or enhancement request
     color: '008672'
+  - name: feature / update
+    description: Existing feature modification
+    color: '008672'
   - name: help / deployment
     description: Questions regarding application deployment
     color: 'd876e3'

From 8fbf40a9d16bdd047509809580fc1e8e768f4d25 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 10:15:33 -0500
Subject: [PATCH 271/475] Added MegaLinter as a new GitHub action for the
 project.

---
 .github/workflows/mega-linter.yml | 83 +++++++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)
 create mode 100644 .github/workflows/mega-linter.yml

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
new file mode 100644
index 000000000..4c6129ada
--- /dev/null
+++ b/.github/workflows/mega-linter.yml
@@ -0,0 +1,83 @@
+---
+# MegaLinter GitHub Action configuration file
+# More info at https://megalinter.io
+name: MegaLinter
+
+on:
+  push:
+    branches-ignore:
+      - "dependabot/**"
+
+env: # Comment env block if you do not want to apply fixes
+  # Apply linter fixes configuration
+  APPLY_FIXES: all # When active, APPLY_FIXES must also be defined as environment variable (in github/workflows/mega-linter.yml or other CI tool)
+  APPLY_FIXES_EVENT: all # Decide which event triggers application of fixes in a commit or a PR (pull_request, push, all)
+  APPLY_FIXES_MODE: pull_request # If APPLY_FIXES is used, defines if the fixes are directly committed (commit) or posted in a PR (pull_request)
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+    steps:
+      # Git Checkout
+      - name: Checkout Code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+
+      # MegaLinter
+      - name: MegaLinter
+        id: ml
+        # You can override MegaLinter flavor used to have faster performances
+        # More info at https://megalinter.io/flavors/
+        uses: oxsecurity/megalinter@v6
+        env:
+          # All available variables are described in documentation
+          # https://megalinter.io/configuration/
+          VALIDATE_ALL_CODEBASE: true # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PAT: ${{ secrets.PAT }}
+          # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
+          # DISABLE: COPYPASTE,SPELL # Uncomment to disable copy-paste and spell checks
+
+      # Upload MegaLinter artifacts
+      - name: Archive production artifacts
+        if: ${{ success() }} || ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: MegaLinter reports
+          path: |
+            megalinter-reports
+            mega-linter.log
+
+      # Create pull request if applicable (for now works only on PR from same repository, not from forks)
+      - name: Create PR with applied fixes
+        id: cpr
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        uses: peter-evans/create-pull-request@v4
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+          commit-message: "[MegaLinter] Apply linters automatic fixes"
+          title: "[MegaLinter] Apply linters automatic fixes"
+          labels: bot
+
+      - name: Create PR output
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        run: |
+          echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
+          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
+
+      # Push new commit if applicable (for now works only on PR from same repository, not from forks)
+      - name: Prepare commit
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        run: sudo chown -Rc $UID .git/
+      - name: Commit and push applied linter fixes
+        if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'commit' && github.ref != 'refs/heads/main' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository)
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}
+          commit_message: "[MegaLinter] Apply linters fixes"
\ No newline at end of file

From 45d66b057a17ffa165275c8e889d4c80698bd37b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 10:16:50 -0500
Subject: [PATCH 272/475] Testing updated workflows.

---
 .github/workflows/mega-linter.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index 4c6129ada..087cf885f 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -80,4 +80,4 @@ jobs:
         uses: stefanzweifel/git-auto-commit-action@v4
         with:
           branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}
-          commit_message: "[MegaLinter] Apply linters fixes"
\ No newline at end of file
+          commit_message: "[MegaLinter] Apply linters fixes"

From c6ae3938947187b70acf03b50fb38b6864e34674 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Feb 2023 10:17:44 -0500
Subject: [PATCH 273/475] Testing updated workflows.

---
 .github/workflows/mega-linter.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index 087cf885f..fc445b9d7 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -81,3 +81,4 @@ jobs:
         with:
           branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}
           commit_message: "[MegaLinter] Apply linters fixes"
+

From 1cda4f774afbacdba2e59cb71a2a3ef97c17b916 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 22 Feb 2023 09:12:13 -0500
Subject: [PATCH 274/475] Updated card styles for API keys list view that was
 missed in the recent mobile-first PR.

---
 powerdnsadmin/templates/admin_manage_keys.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index bc75e1c00..8d79e10c9 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -23,7 +23,7 @@ <h1 class="m-0 text-dark">API Keys</h1>
 {% block content %}
     <section class="content">
         <div class="container-fluid">
-            <div class="card">
+            <div class="card card-outline card-primary shadow">
                 <div class="card-header with-border">
                     <h3 class="card-title">API Keys</h3>
                     <div class="card-tools">

From 5ad384bfe992cca433aa449ad6afc6c409ca6216 Mon Sep 17 00:00:00 2001
From: AdvanticGmbH <github@advantic.de>
Date: Thu, 23 Feb 2023 09:21:01 +0100
Subject: [PATCH 275/475] Add support for oidc_oauth_metadata_url configuration
 option

This commit adds support for the `oidc_oauth_metadata_url` configuration
option. This option specifies the URL of the OIDC server's
metadata endpoint, which contains information about the OIDC server's
endpoints, supported scopes, and other configuration details. By using this
option, we can ensure compatibility with different OIDC servers and reduce
the risk of errors due to manual endpoint configuration.
---
 configs/docker_config.py                              |  1 +
 docs/oauth.md                                         |  1 +
 docs/wiki/configuration/Environment-variables.md      |  1 +
 powerdnsadmin/models/setting.py                       |  1 +
 powerdnsadmin/routes/admin.py                         |  2 ++
 powerdnsadmin/services/oidc.py                        |  1 +
 .../templates/admin_setting_authentication.html       | 11 +++++++++++
 7 files changed, 18 insertions(+)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 174f93c88..e780882b0 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -11,6 +11,7 @@
     'OIDC_OAUTH_API_URL',
     'OIDC_OAUTH_TOKEN_URL',
     'OIDC_OAUTH_AUTHORIZE_URL',
+    'OIDC_OAUTH_METADATA_URL',
     'BIND_ADDRESS',
     'PORT',
     'LOG_LEVEL',
diff --git a/docs/oauth.md b/docs/oauth.md
index f84ac6999..b493f8762 100644
--- a/docs/oauth.md
+++ b/docs/oauth.md
@@ -51,6 +51,7 @@ Enable OpenID Connect OAuth option.
 * API URL, <oidc_provider_link>/auth (The ending can be different with each provider)
 * Token URL, <oidc_provider_link>/token 
 * Authorize URL, <oidc_provider_link>/auth
+* Metadata URL, <oidc_provider_link>/.well-known/openid-configuration
 * Logout URL, <oidc_provider_link>/logout
 
 * Username, This will be the claim that will be used as the username. (Usually preferred_username)
diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index 3ee84c493..b133ee687 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -20,6 +20,7 @@
 | OIDC_OAUTH_API_URL |  |  |  |
 | OIDC_OAUTH_AUTHORIZE_URL |
 | OIDC_OAUTH_TOKEN_URL |  |  |  |
+| OIDC_OAUTH_METADATA_URL |  |  |  |
 | PORT | 
 | REMOTE_USER_COOKIES |
 | REMOTE_USER_LOGOUT_URL |
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 71fec9817..e820af91d 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -104,6 +104,7 @@ class Setting(db.Model):
         'oidc_oauth_api_url': '',
         'oidc_oauth_token_url': '',
         'oidc_oauth_authorize_url': '',
+        'oidc_oauth_metadata_url': '',
         'oidc_oauth_logout_url': '',
         'oidc_oauth_username': 'preferred_username',
         'oidc_oauth_firstname': 'given_name',
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index eb27950f6..609f87578 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1731,6 +1731,8 @@ def setting_authentication():
                               request.form.get('oidc_oauth_token_url'))
                 Setting().set('oidc_oauth_authorize_url',
                               request.form.get('oidc_oauth_authorize_url'))
+                Setting().set('oidc_oauth_metadata_url',
+                              request.form.get('oidc_oauth_metadata_url'))
                 Setting().set('oidc_oauth_logout_url',
                               request.form.get('oidc_oauth_logout_url'))
                 Setting().set('oidc_oauth_username',
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 7e8172b6a..b5da89eb0 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -23,6 +23,7 @@ def update_token(token):
         request_token_url=None,
         access_token_url=Setting().get('oidc_oauth_token_url'),
         authorize_url=Setting().get('oidc_oauth_authorize_url'),
+        server_metadata_url=Setting().get('oidc_oauth_metadata_url'),
         client_kwargs={'scope': Setting().get('oidc_oauth_scope')},
         fetch_token=fetch_oidc_token,
         update_token=update_token)
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 56f4dd072..26d9a7294 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1210,6 +1210,17 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_metadata_url">Metadata
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_metadata_url"
+                                                                           id="oidc_oauth_metadata_url"
+                                                                           placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
+                                                                           data-error="Plesae input Metadata URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_logout_url">Logout
                                                                         URL</label>

From 74935359e46b81363f72337ec91f5132877bf07b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 23 Feb 2023 06:56:18 -0500
Subject: [PATCH 276/475] Tweaked activity logs card header on dashboard view
 to match the latest naming conventions.

---
 powerdnsadmin/templates/dashboard.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 22f083d58..fa4e26ead 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -107,7 +107,7 @@ <h3><span
                     <div class="col-12">
                         <div class="card card-outline card-secondary shadow">
                             <div class="card-header">
-                                <h3 class="card-title">Recent History</h3>
+                                <h3 class="card-title">Recent Activity</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body table-responsive records p-0">

From 5346bee291ce5050745099916496d8284e4957ba Mon Sep 17 00:00:00 2001
From: Mathieu <mathieu@matdesign-prod.com>
Date: Thu, 23 Feb 2023 22:01:49 +0100
Subject: [PATCH 277/475] Update domain_setting.html

correct value priamry in primary
---
 powerdnsadmin/templates/domain_setting.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 0a172048d..b1219a605 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -217,7 +217,7 @@ <h3 class="card-title">Change Zone Type</h3>
                                 <select name="domain_type" class="form-control" style="width:15em;">
                                     <option selected value="0">- Unchanged -</option>
                                     <option value="native">Native</option>
-                                    <option value="priamry">Primary</option>
+                                    <option value="primary">Primary</option>
                                     <option value="secondary">Secondary</option>
                                 </select><br/>
                                 <div class="form-group" style="display: none;" id="domain_primary_address_div">

From 63db17ec21cb13e11bd806037f1074d9239e0072 Mon Sep 17 00:00:00 2001
From: Ymage <heltem+git@o2php.com>
Date: Sun, 18 Dec 2022 12:50:59 +0100
Subject: [PATCH 278/475] Add missing OIDC env vars Set SAML_ENABLED default to
 false

---
 configs/docker_config.py      | 10 ++++++++++
 powerdnsadmin/routes/index.py |  8 ++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index e780882b0..0d006bd91 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -8,10 +8,19 @@
 
 legal_envvars = (
     'SECRET_KEY',
+    'OIDC_OAUTH_ENABLED',
+    'OIDC_OAUTH_KEY',
+    'OIDC_OAUTH_SECRET',
     'OIDC_OAUTH_API_URL',
     'OIDC_OAUTH_TOKEN_URL',
     'OIDC_OAUTH_AUTHORIZE_URL',
     'OIDC_OAUTH_METADATA_URL',
+    'OIDC_OAUTH_LOGOUT_URL',
+    'OIDC_OAUTH_SCOPE',
+    'OIDC_OAUTH_USERNAME',
+    'OIDC_OAUTH_FIRSTNAME',
+    'OIDC_OAUTH_LAST_NAME',
+    'OIDC_OAUTH_EMAIL',
     'BIND_ADDRESS',
     'PORT',
     'LOG_LEVEL',
@@ -73,6 +82,7 @@
     'MAIL_DEBUG',
     'MAIL_USE_TLS',
     'MAIL_USE_SSL',
+    'OIDC_OAUTH_ENABLED',
     'SAML_ENABLED',
     'SAML_DEBUG',
     'SAML_SIGN_REQUEST',
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 14ad2754c..72305a65e 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -140,7 +140,7 @@ def oidc_login():
 
 @index_bp.route('/login', methods=['GET', 'POST'])
 def login():
-    SAML_ENABLED = current_app.config.get('SAML_ENABLED')
+    SAML_ENABLED = current_app.config.get('SAML_ENABLED', False)
 
     if g.user is not None and current_user.is_authenticated:
         return redirect(url_for('dashboard.dashboard'))
@@ -956,7 +956,7 @@ def dyndns_update():
 ### START SAML AUTHENTICATION ###
 @index_bp.route('/saml/login')
 def saml_login():
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils
     req = saml.prepare_flask_request(request)
@@ -968,7 +968,7 @@ def saml_login():
 
 @index_bp.route('/saml/metadata')
 def saml_metadata():
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         current_app.logger.error("SAML authentication is disabled.")
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils
@@ -990,7 +990,7 @@ def saml_metadata():
 @csrf.exempt
 def saml_authorized():
     errors = []
-    if not current_app.config.get('SAML_ENABLED'):
+    if not current_app.config.get('SAML_ENABLED', False):
         current_app.logger.error("SAML authentication is disabled.")
         abort(400)
     from onelogin.saml2.utils import OneLogin_Saml2_Utils

From df94baa81e7532932c445e938e206478b387d2f8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 25 Feb 2023 16:50:08 -0500
Subject: [PATCH 279/475] Fixed a bug introduced by the recent updates for the
 mobile-first PR.

---
 powerdnsadmin/templates/domain_setting.html | 22 ++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index b1219a605..45423ef2a 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -90,11 +90,13 @@ <h3 class="card-title">Auto PTR creation</h3>
                         <div class="card-body">
                             <div class="form-group">
                                 <input type="checkbox" id="chkAutoPtr" class="auto_ptr_toggle"
-                                      {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked
-                                      {% endif %}{% endfor %}
-                                      {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
+                                       data-zone="{{ domain.name }}"
+                                       {% for setting in domain.settings %}{% if setting.setting=='auto_ptr' and setting.value=='True' %}checked
+                                       {% endif %}{% endfor %}
+                                       {% if SETTING.get('auto_ptr') %}disabled="True" {% endif %}>
                                 &nbsp;
-                                <label for="chkAutoPtr">Allow automatic reverse pointer creation on record updates?</label>
+                                <label for="chkAutoPtr">Allow automatic reverse pointer creation on record
+                                    updates?</label>
                                 {% if SETTING.get('auto_ptr') %}
                                     <p><code>Auto-ptr is enabled globally on the PDA system!</code></p>
                                 {% endif %}
@@ -116,8 +118,9 @@ <h3 class="card-title">DynDNS 2 Settings</h3>
                         <div class="card-body">
                             <div class="form-group">
                                 <input type="checkbox" id="chkDynDns" class="dyndns_on_demand_toggle"
-                                      {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked
-                                      {% endif %}{% endfor %}>
+                                       data-zone="{{ domain.name }}"
+                                       {% for setting in domain.settings %}{% if setting.setting=='create_via_dyndns' and setting.value=='True' %}checked
+                                       {% endif %}{% endfor %}>
                                 &nbsp;
                                 <label for="chkDynDns">Allow on-demand creation of records via DynDNS updates?</label>
                             </div>
@@ -278,7 +281,8 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                                     <option>EPOCH</option>
                                     <option>OFF</option>
                                 </select><br/>
-                                <button type="submit" title="Update SOA-EDIT-API" class="btn btn-primary" id="change_soa_edit_api">
+                                <button type="submit" title="Update SOA-EDIT-API" class="btn btn-primary"
+                                        id="change_soa_edit_api">
                                     <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update SOA-EDIT-API
                                 </button>
                             </form>
@@ -373,7 +377,7 @@ <h3 class="card-title">Remove Zone</h3>
         //handle checkbox toggling
         $('.dyndns_on_demand_toggle').on('ifToggled', function (event) {
             var is_checked = $(this).prop('checked');
-            var domain = $(this).prop('id');
+            var domain = $(this).data('zone')
             postdata = {
                 'action': 'set_setting',
                 'data': {
@@ -386,7 +390,7 @@ <h3 class="card-title">Remove Zone</h3>
         });
         $('.auto_ptr_toggle').on('ifToggled', function (event) {
             var is_checked = $(this).prop('checked');
-            var domain = $(this).prop('id');
+            var domain = $(this).data('zone')
             postdata = {
                 'action': 'set_setting',
                 'data': {

From 10f5bb7dc147917ec9f614fcf7adc6a87aee3817 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 26 Feb 2023 03:47:28 -0500
Subject: [PATCH 280/475] Updated project README to include a refreshed feature
 list.

Also updated project README Docker deployment instructions to reference the latest stable release version on Docker Hub.

Updated project license to include updated management organization references.
---
 LICENSE   |  1 +
 README.md | 62 +++++++++++++++++++++++++++++++++++--------------------
 2 files changed, 41 insertions(+), 22 deletions(-)

diff --git a/LICENSE b/LICENSE
index 6f51774bf..8375c2ed5 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,7 @@
 The MIT License (MIT)
 
 Copyright (c) 2016 Khanh Ngo - ngokhanhit[at]gmail.com
+Copyright (c) 2022 Azorian Solutions - legal[at]azorian.solutions
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index ce12f62a4..61e4df0a7 100644
--- a/README.md
+++ b/README.md
@@ -1,49 +1,65 @@
 # PowerDNS-Admin
+
 A PowerDNS web interface with advanced features.
 
 [![CodeQL](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/codeql-analysis.yml)
 [![Docker Image](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml/badge.svg?branch=master)](https://github.com/PowerDNS-Admin/PowerDNS-Admin/actions/workflows/build-and-publish.yml)
 
 #### Features:
-- Multiple domain management
-- Domain template
-- User management
-- User access management based on domain
-- User activity logging
-- Support Local DB / SAML / LDAP / Active Directory user authentication
-- Support Google / Github / Azure / OpenID OAuth
-- Support Two-factor authentication (TOTP)
-- Dashboard and pdns service statistics
+
+- Provides forward and reverse zone management
+- Provides zone templating features
+- Provides user management with role based access control
+- Provides zone specific access control
+- Provides activity logging
+- Authentication:
+  - Local User Support
+  - SAML Support
+  - LDAP Support: OpenLDAP / Active Directory
+  - OAuth Support: Google / GitHub / Azure / OpenID
+- Two-factor authentication support (TOTP)
+- PDNS Service Configuration & Statistics Monitoring
 - DynDNS 2 protocol support
-- Edit IPv6 PTRs using IPv6 addresses directly (no more editing of literal addresses!)
-- Limited API for manipulating zones and records
-- Full IDN/Punycode support
+- Easy IPv6 PTR record editing
+- Provides an API for zone and record management among other features
+- Provides full IDN/Punycode support
 
 ## Running PowerDNS-Admin
-There are several ways to run PowerDNS-Admin. The easiest way is to use Docker.
-If you are looking to install and run PowerDNS-Admin directly onto your system check out the [Wiki](https://github.com/PowerDNS-Admin/PowerDNS-Admin/wiki#installation-guides) for ways to do that.
+
+There are several ways to run PowerDNS-Admin. The quickest way is to use Docker.
+If you are looking to install and run PowerDNS-Admin directly onto your system, check out
+the [Wiki](https://github.com/PowerDNS-Admin/PowerDNS-Admin/wiki#installation-guides) for ways to do that.
 
 ### Docker
+
 Here are two options to run PowerDNS-Admin using Docker.
-To get started as quickly as possible, try option 1. If you want to make modifications to the configuration option 2 may be cleaner.
+To get started as quickly as possible, try option 1. If you want to make modifications to the configuration option 2 may
+be cleaner.
 
 #### Option 1: From Docker Hub
-The easiest is to just run the latest Docker image from Docker Hub:
+
+To run the application using the latest stable release on Docker Hub, run the following command:
+
 ```
 $ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    powerdnsadmin/pda-legacy:latest
+    powerdnsadmin/pda-legacy:v0.3.0
 ```
-This creates a volume called `pda-data` to persist the SQLite database with the configuration.
+
+This creates a volume named `pda-data` to persist the default SQLite database with app configuration.
 
 #### Option 2: Using docker-compose
+
 1. Update the configuration   
    Edit the `docker-compose.yml` file to update the database connection string in `SQLALCHEMY_DATABASE_URI`.
-   Other environment variables are mentioned in the [legal_envvars](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L46).
-   To use the Docker secrets feature it is possible to append `_FILE` to the environment variables and point to a file with the values stored in it.   
-   Make sure to set the environment variable `SECRET_KEY` to a long random string (https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)
+   Other environment variables are mentioned in
+   the [legal_envvars](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L46).
+   To use the Docker secrets feature it is possible to append `_FILE` to the environment variables and point to a file
+   with the values stored in it.   
+   Make sure to set the environment variable `SECRET_KEY` to a long random
+   string (https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)
 
 2. Start docker container
    ```
@@ -53,8 +69,10 @@ This creates a volume called `pda-data` to persist the SQLite database with the
 You can then access PowerDNS-Admin by pointing your browser to http://localhost:9191.
 
 ## Screenshots
+
 ![dashboard](https://user-images.githubusercontent.com/6447444/44068603-0d2d81f6-9fa5-11e8-83af-14e2ad79e370.png)
 
 ## LICENSE
-MIT. See [LICENSE](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE)
 
+This project is released under the MIT license. For additional
+information, [see here](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE)

From 1840a4ea60ed411266fe851bf2897cfce152fd9e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 26 Feb 2023 03:49:55 -0500
Subject: [PATCH 281/475] Updated project README to use direct wiki references
 instead of legacy wiki location which requires an additional click-through
 step.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 61e4df0a7..cdc0c6963 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ A PowerDNS web interface with advanced features.
 
 There are several ways to run PowerDNS-Admin. The quickest way is to use Docker.
 If you are looking to install and run PowerDNS-Admin directly onto your system, check out
-the [Wiki](https://github.com/PowerDNS-Admin/PowerDNS-Admin/wiki#installation-guides) for ways to do that.
+the [wiki](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/wiki/) for ways to do that.
 
 ### Docker
 

From 50339fda5529a93f95d095858daeccf2d09d3b29 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 26 Feb 2023 03:51:48 -0500
Subject: [PATCH 282/475] Updated wiki documentation for Docker installations
 to reference the latest stable release published to Docker Hub instead of the
 latest image built from the primary branch.

---
 docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
index 1e3ef50c1..50b2c3c84 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
@@ -10,5 +10,5 @@ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    powerdnsadmin/pda-legacy:latest
+    powerdnsadmin/pda-legacy:v0.3.0
 ```

From 9678b64ad78392ff5efa03df8e3a86cc47a3f42b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 26 Feb 2023 08:34:14 -0500
Subject: [PATCH 283/475] Disabling MegaLinter workflow on the primary project
 branch until further configuration can be made to get things into a passing
 state.

---
 .github/workflows/mega-linter.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index fc445b9d7..9091dc3fc 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -6,6 +6,8 @@ name: MegaLinter
 on:
   push:
     branches-ignore:
+      - "main"
+      - "master"
       - "dependabot/**"
 
 env: # Comment env block if you do not want to apply fixes

From 077bbb813cba4c3e6efd51de176ee15043897cdc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 26 Feb 2023 17:09:30 -0500
Subject: [PATCH 284/475] Corrected styling mistake introduced by recent
 Admin-LTE upgrades.

---
 powerdnsadmin/templates/domain.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 05d7a1bfe..026a89bdf 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -643,7 +643,7 @@ <h4 class="modal-title">Confirmation</h4>
         </div>
     </div>
 
-    <div class="modal fade bg-primary" id="modal_custom_record">
+    <div class="modal fade" id="modal_custom_record">
         <div class="modal-dialog">
             <div class="modal-content">
                 <div class="modal-header">

From 3688add76afe96e3366976edc4a1bfcbf2a8ae9b Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Mon, 13 Feb 2023 12:10:44 +0200
Subject: [PATCH 285/475] Global Search available for all users. Apply allowed
 domain filter for standard users search result.

---
 powerdnsadmin/routes/admin.py | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 609f87578..77c027dc5 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -2021,7 +2021,6 @@ def delete_template(template):
 
 @admin_bp.route('/global-search', methods=['GET'])
 @login_required
-@operator_role_required
 def global_search():
     if request.method == 'GET':
         domains = []
@@ -2033,6 +2032,22 @@ def global_search():
             server = Server(server_id='localhost')
             results = server.global_search(object_type='all', query=query)
 
+            # Filter results to domains to which the user has access permission
+            if current_user.role.name not in [ 'Administrator', 'Operator' ]:
+                allowed_domains = db.session.query(Domain) \
+                    .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+                    .outerjoin(Account, Domain.account_id == Account.id) \
+                    .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+                    .filter(
+                        db.or_(
+                            DomainUser.user_id == current_user.id,
+                            AccountUser.user_id == current_user.id
+                        )) \
+                    .with_entities(Domain.name) \
+                    .all()
+                allowed_domains = [value for value, in allowed_domains]
+                results = list(filter(lambda r: r['zone_id'][:-1] in allowed_domains, results))
+
             # Format the search result
             for result in results:
                 if result['object_type'] == 'zone':

From 524b6c6883f1778d8b83e4ad18e5818ef68d3bf5 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 1 Mar 2023 11:21:29 +0200
Subject: [PATCH 286/475] Move Global Search menu item next to dashboard.

---
 powerdnsadmin/templates/base.html | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index c2dc239db..0a526d58c 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -85,6 +85,12 @@
                             <p>Dashboard</p>
                         </a>
                     </li>
+                    <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+                        <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+                            <i class="nav-icon fa-solid fa-search"></i>
+                            <p>Global Search</p>
+                        </a>
+                    </li>
                     {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
                         <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
                             <a href="{{ url_for('domain.add') }}" class="nav-link">
@@ -115,12 +121,6 @@
                                 <p>Server Configuration</p>
                             </a>
                         </li>
-                        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
-                            <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-search"></i>
-                                <p>Global Search</p>
-                            </a>
-                        </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
                             <a href="{{ url_for('admin.history') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-timeline"></i>

From dc69f00094b47c52da3faf482e9b07c14c4b2807 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Mon, 13 Feb 2023 12:03:54 +0200
Subject: [PATCH 287/475] Fix dashboard MySQL performance with large history
 table and standard user privileges.

---
 powerdnsadmin/routes/dashboard.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 8cf1b1293..b4952ff99 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -166,6 +166,7 @@ def dashboard():
         history = History.query.order_by(History.created_on.desc()).limit(4).all()
     elif Setting().get('allow_user_view_history'):
         history = db.session.query(History) \
+            .with_hint(History, "FORCE INDEX (ix_history_created_on)", 'mysql') \
             .join(Domain, History.domain_id == Domain.id) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
             .outerjoin(Account, Domain.account_id == Account.id) \
@@ -175,9 +176,19 @@ def dashboard():
             db.or_(
                 DomainUser.user_id == current_user.id,
                 AccountUser.user_id == current_user.id
-            )).all()
-        history_number = len(history)  # history.count()
-        history = history[:4]
+            )) \
+            .limit(4) \
+            .all()
+        history_number = db.session.query(History) \
+            .join(Domain, History.domain_id == Domain.id) \
+            .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
+            .outerjoin(Account, Domain.account_id == Account.id) \
+            .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
+            .filter(
+            db.or_(
+                DomainUser.user_id == current_user.id,
+                AccountUser.user_id == current_user.id
+            )).count()
         domain_count = db.session.query(Domain) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
             .outerjoin(Account, Domain.account_id == Account.id) \

From ec687b13a5831dbfea72b4adc77039eb9f792c6c Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 1 Mar 2023 11:42:21 +0200
Subject: [PATCH 288/475] Dashboard history query performance related change to
 nested subquery (allowed domains for user).

---
 powerdnsadmin/routes/dashboard.py | 24 +++++++++---------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index b4952ff99..d75ce5077 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -165,30 +165,24 @@ def dashboard():
         history_number = History.query.count()
         history = History.query.order_by(History.created_on.desc()).limit(4).all()
     elif Setting().get('allow_user_view_history'):
-        history = db.session.query(History) \
-            .with_hint(History, "FORCE INDEX (ix_history_created_on)", 'mysql') \
-            .join(Domain, History.domain_id == Domain.id) \
+        allowed_domain_id_subquery = db.session.query(Domain.id) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
             .outerjoin(Account, Domain.account_id == Account.id) \
             .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-            .order_by(History.created_on.desc()) \
-            .filter(
-            db.or_(
+            .filter(db.or_(
                 DomainUser.user_id == current_user.id,
                 AccountUser.user_id == current_user.id
             )) \
+        .subquery()
+        history = db.session.query(History) \
+            .with_hint(History, "FORCE INDEX (ix_history_created_on)", 'mysql') \
+            .order_by(History.created_on.desc()) \
+            .filter(History.domain_id.in_(allowed_domain_id_subquery)) \
             .limit(4) \
             .all()
         history_number = db.session.query(History) \
-            .join(Domain, History.domain_id == Domain.id) \
-            .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-            .outerjoin(Account, Domain.account_id == Account.id) \
-            .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-            .filter(
-            db.or_(
-                DomainUser.user_id == current_user.id,
-                AccountUser.user_id == current_user.id
-            )).count()
+            .filter(History.domain_id.in_(allowed_domain_id_subquery)) \
+            .count()
         domain_count = db.session.query(Domain) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
             .outerjoin(Account, Domain.account_id == Account.id) \

From 68fe7c0e567aafeddefb8898ff1f83584b50033d Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 1 Mar 2023 18:43:47 +0200
Subject: [PATCH 289/475] Standard user domain records list performance loop
 improvement

---
 powerdnsadmin/routes/domain.py      |  3 ++-
 powerdnsadmin/templates/domain.html | 12 ++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 97427601e..5fef976f5 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -133,7 +133,8 @@ def domain(domain_name):
                            editable_records=editable_records,
                            quick_edit=quick_edit,
                            ttl_options=ttl_options,
-                           current_user=current_user)
+                           current_user=current_user,
+                           allow_user_view_history=Setting().get('allow_user_view_history'))
 
 
 @domain_bp.route('/remove', methods=['GET', 'POST'])
diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 026a89bdf..9660d38f2 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -36,7 +36,7 @@ <h3 class="card-title">Zone Editor</h3>
                                         &nbsp;Zone Settings
                                     </button>
                                 {% endif %}
-                                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                                     <button type="button" title="Zone Changelog"
                                             class="btn btn-primary ml-2 mt-2 mb-2 button_changelog" id="{{ domain.name }}">
                                         <i class="fa-solid fa-history" aria-hidden="true"></i>
@@ -79,7 +79,7 @@ <h3 class="card-title">Zone Editor</h3>
                                         <th>Comment</th>
                                         <th>Edit</th>
                                         <th>Delete</th>
-                                        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                        {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                                             <th>Changelog</th>
                                         {% endif %}
                                     {% else %}
@@ -115,7 +115,7 @@ <h3 class="card-title">Zone Editor</h3>
                                                     </button>
                                                 {% endif %}
                                             </td>
-                                            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                                            {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                                                 <td>
                                                     <button type="button"
                                                             onclick="show_record_changelog('{{ record.name }}','{{ record.type }}',event)"
@@ -194,7 +194,7 @@ <h3 class="card-title">Zone Editor</h3>
                     // regardless of whatever sorting is done. See orderFixed
                     visible: false,
                     {% if domain.type != 'Slave' %}
-                        {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                        {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                             targets: [9]
                         {% else %}
                             targets: [8]
@@ -205,7 +205,7 @@ <h3 class="card-title">Zone Editor</h3>
                 }
             ],
             {% if domain.type != 'Slave' %}
-                {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                     "orderFixed": [[9, 'asc']]
                 {% else %}
                     "orderFixed": [[8, 'asc']]
@@ -314,7 +314,7 @@ <h3 class="card-title">Zone Editor</h3>
 
             // add new row
             var default_type = records_allow_edit[0]
-            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+            {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
                 var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '', '0']);
             {% else %}
                 var nRow = jQuery('#tbl_records').dataTable().fnAddData(['', default_type, 'Active', window.ttl_options[0][0], '', '', '', '', '0']);

From 70073b926702b64ee4c7a15c16c1d8379e86b957 Mon Sep 17 00:00:00 2001
From: Dave <MDXDave@users.noreply.github.com>
Date: Thu, 2 Mar 2023 16:08:39 +0100
Subject: [PATCH 290/475] Fixed scrolling on long content

---
 powerdnsadmin/templates/domain.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 026a89bdf..7421066fc 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -148,7 +148,7 @@ <h3 class="card-title">Zone Editor</h3>
         table#tbl_records thead th:nth-child(4) { width: 100px; }
         table#tbl_records tbody td { text-align: center; }
         table#tbl_records tbody td:nth-child(0n+5),
-        table#tbl_records tbody td:nth-child(0n+6) { text-align: left; }
+        table#tbl_records tbody td:nth-child(0n+6) { text-align: left; word-break: break-all; }
     </style>
 {% endblock %}
 

From 8a40d21ea4707931e9499d745b50ac0ff9880de4 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 3 Mar 2023 13:22:29 +0100
Subject: [PATCH 291/475] Diff-ify changelog view for zone changes

Improve and document the diff-computation and presentation, so you can
easier see what changed.
---
 powerdnsadmin/routes/admin.py                 | 124 +++++++-----
 powerdnsadmin/static/custom/css/custom.css    |  25 ++-
 powerdnsadmin/templates/admin_history.html    |   4 +-
 .../templates/applied_change_macro.html       | 191 ++++++++----------
 4 files changed, 185 insertions(+), 159 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 609f87578..dc8ab520b 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -34,61 +34,77 @@
                      template_folder='templates',
                      url_prefix='/admin')
 
-"""
-changeSet is a list of tuples, in the following format
-(old_state, new_state, change_type)
-
-old_state: dictionary with "disabled" and "content" keys. {"disabled" : False, "content" : "1.1.1.1" }
-new_state: similarly
-change_type: "addition" or "deletion" or "status" for status change or "unchanged" for no change
-
-Note: A change in "content", is considered a deletion and recreation of the same record,
-holding the new content value.
-"""
-
 
 def get_record_changes(del_rrset, add_rrset):
-    changeSet = []
-    delSet = del_rrset['records'] if 'records' in del_rrset else []
-    addSet = add_rrset['records'] if 'records' in add_rrset else []
-    for d in delSet:  # get the deletions and status changes
-        exists = False
-        for a in addSet:
-            if d['content'] == a['content']:
-                exists = True
-                if d['disabled'] != a['disabled']:
-                    changeSet.append(({"disabled": d['disabled'], "content": d['content']},
-                                      {"disabled": a['disabled'], "content": a['content']},
-                                      "status"))
-                break
-
-        if not exists:  # deletion
-            changeSet.append(({"disabled": d['disabled'], "content": d['content']},
-                              None,
-                              "deletion"))
+    """Use the given deleted and added RRset to build a list of record changes.
+
+    Args:
+        del_rrset: The RRset with changetype DELETE, or None
+        add_rrset: The RRset with changetype REPLACE, or None
+
+    Returns:
+        A list of tuples in the format `(old_state, new_state, change_type)`. `old_state` and
+        `new_state` are dictionaries with the keys "disabled", "content" and "comment".
+        `change_type` can be "addition", "deletion", "edit" or "unchanged". When it's "addition"
+        then `old_state` is None, when it's "deletion" then `new_state` is None.
+    """
+
+    def get_records(rrset):
+        """For the given RRset return a combined list of records and comments."""
+        if not rrset or 'records' not in rrset:
+            return []
+        records = [dict(record) for record in rrset['records']]
+        for i, record in enumerate(records):
+            if 'comments' in rrset and len(rrset['comments']) > i:
+                record['comment'] = rrset['comments'][i].get('content', None)
+            else:
+                record['comment'] = None
+        return records
+
+    def record_is_unchanged(old, new):
+        """Returns True if the old record is not different from the new one."""
+        if old['content'] != new['content']:
+            raise ValueError("Can't compare records with different content")
+        # check everything except the content
+        return old['disabled'] == new['disabled'] and old['comment'] == new['comment']
+
+    def to_state(record):
+        """For the given record, return the state dict."""
+        return {
+            "disabled": record['disabled'],
+            "content":  record['content'],
+            "comment":  record.get('comment', ''),
+        }
 
-    for a in addSet:  # get the additions
-        exists = False
-        for d in delSet:
-            if d['content'] == a['content']:
-                exists = True
-                # already checked for status change
+    add_records = get_records(add_rrset)
+    del_records = get_records(del_rrset)
+    changeset = []
+
+    for add_record in add_records:
+        for del_record in list(del_records):
+            if add_record['content'] == del_record['content']:
+                # either edited or unchanged
+                if record_is_unchanged(del_record, add_record):
+                    # unchanged
+                    changeset.append((to_state(del_record), to_state(add_record), "unchanged"))
+                else:
+                    # edited
+                    changeset.append((to_state(del_record), to_state(add_record), "edit"))
+                del_records.remove(del_record)
                 break
-        if not exists:
-            changeSet.append((None, {"disabled": a['disabled'], "content": a['content']}, "addition"))
-            continue
+        else:  # not mis-indented, else block for the del_records for loop
+            # addition
+            changeset.append((None, to_state(add_record), "addition"))
 
-    for a in addSet:  # get the unchanged
-        exists = False
-        for c in changeSet:
-            if c[1] != None and c[1]["content"] == a['content']:
-                exists = True
-                break
-        if not exists:
-            changeSet.append(({"disabled": a['disabled'], "content": a['content']},
-                              {"disabled": a['disabled'], "content": a['content']}, "unchanged"))
+    # Because the first loop removed edit/unchanged records from the del_records list,
+    # it now only contains real deletions.
+    for del_record in del_records:
+        changeset.append((to_state(del_record), None, "deletion"))
 
-    return changeSet
+    # Sort them by the old content. For Additions the new state will be used.
+    changeset.sort(key=lambda change: change[0]['content'] if change[0] else change[1]['content'])
+
+    return changeset
 
 
 # out_changes is a list of  HistoryRecordEntry objects in which we will append the new changes
@@ -118,7 +134,7 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
             if change_num not in out_changes:
                 out_changes[change_num] = []
             out_changes[change_num].append(
-                HistoryRecordEntry(history_entry, [], add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
+                HistoryRecordEntry(history_entry, {}, add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
     for del_rrset in del_rrsets:
         exists = False
         for add_rrset in add_rrsets:
@@ -128,7 +144,13 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
         if not exists:  # this is a deletion
             if change_num not in out_changes:
                 out_changes[change_num] = []
-            out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, [], "-"))
+            out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, {}, "-"))
+
+    # Sort them by the record name
+    if change_num in out_changes:
+        out_changes[change_num].sort(key=lambda change:
+                change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
+        )
 
     # only used for changelog per record
     if record_name != None and record_type != None:  # then get only the records with the specific (record_name, record_type) tuple
diff --git a/powerdnsadmin/static/custom/css/custom.css b/powerdnsadmin/static/custom/css/custom.css
index 8b119ed5b..7c41c9578 100644
--- a/powerdnsadmin/static/custom/css/custom.css
+++ b/powerdnsadmin/static/custom/css/custom.css
@@ -56,4 +56,27 @@ table.records thead th, table.records tbody td { text-align: center; vertical-al
 table.records thead th:last-of-type { width: 50px; }
 div.records > div.dataTables_wrapper > div.row:first-of-type { margin: 0 0.5em 0 0.5em; }
 div.records > div.dataTables_wrapper > div.row:last-of-type { margin: 0.4em 0.5em 0.4em 0.5em; }
-div.records > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
\ No newline at end of file
+div.records > div.dataTables_wrapper table.dataTable { margin: 0 !important; }
+
+.diff {
+    font-family: monospace;
+    padding: 0 0.2em;
+}
+.diff::before {
+    content: "\00a0";
+    padding-right: 0.1em;
+}
+
+.diff-deletion {
+    background-color: lightcoral;
+}
+.diff-deletion::before {
+    content: "-";
+}
+
+.diff-addition {
+    background-color: lightgreen;
+}
+.diff-addition::before {
+    content: "+";
+}
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 08ab67dab..f311986c4 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -537,7 +537,7 @@ <h4 class="modal-title">Confirmation</h4>
     </div>
     <!-- History Details Box -->
     <div class="modal fade" id="modal_history_info">
-        <div class="modal-dialog">
+        <div class="modal-dialog modal-lg">
             <div class="modal-content">
                 <div class="modal-header">
                     <h4 class="modal-title">History Details</h4>
@@ -554,4 +554,4 @@ <h4 class="modal-title">History Details</h4>
             </div>
         </div>
     </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/applied_change_macro.html b/powerdnsadmin/templates/applied_change_macro.html
index 0b444b667..d4272bd47 100644
--- a/powerdnsadmin/templates/applied_change_macro.html
+++ b/powerdnsadmin/templates/applied_change_macro.html
@@ -4,129 +4,110 @@
 <table id="tbl_records" class="table table-bordered">
     <thead>
         <tr>
-            <th colspan="3">
-                {% if hist_rec_entry.change_type == "+" %}
-                <span
-                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrset['name']}}
-                    {{hist_rec_entry.add_rrset['type']}}</span>
-                {% elif hist_rec_entry.change_type == "-" %}
-                <s
-                    style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                    {{hist_rec_entry.del_rrset['name']}}
-                    {{hist_rec_entry.del_rrset['type']}}
-                </s>
+            <th scope="col" colspan="3">
+                {% if hist_rec_entry.change_type == '-' %}
+                    <span class="diff diff-deletion">{{
+                        hist_rec_entry.del_rrset['name'] }} {{ hist_rec_entry.del_rrset['type']
+                    }}</span>
+                {% elif hist_rec_entry.change_type == '+' %}
+                    <span class="diff diff-addition">{{
+                        hist_rec_entry.add_rrset['name'] }} {{ hist_rec_entry.add_rrset['type']
+                    }}</span>
                 {% else %}
-                {{hist_rec_entry.add_rrset['name']}}
-                {{hist_rec_entry.add_rrset['type']}}
+                    <span class="diff diff-unchanged">{{
+                        hist_rec_entry.add_rrset['name'] }} {{ hist_rec_entry.add_rrset['type']
+                    }}</span>
                 {% endif %}
 
-                , TTL:
-                {% if "ttl" in hist_rec_entry.changed_fields %}
-                <s
-                    style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                    {{hist_rec_entry.del_rrset['ttl']}}</s>
-                <span
-                    style="background-color:  lightgreen">{{hist_rec_entry.add_rrset['ttl']}}</span>
+                , TTL
+                {% if not 'ttl' in hist_rec_entry.changed_fields %}
+                    <span class="diff diff-unchanged">{{
+                        hist_rec_entry.add_rrset['ttl']
+                    }}</span>
                 {% else %}
-                {{hist_rec_entry.add_rrset['ttl']}}
+                    {% if hist_rec_entry.change_type in ['-', '*'] %}
+                        <span class="diff diff-deletion">{{
+                            hist_rec_entry.del_rrset['ttl']
+                        }}</span>
+                    {% endif %}
+                    {% if hist_rec_entry.change_type in ['+', '*'] %}
+                        <span class="diff diff-addition">{{
+                            hist_rec_entry.add_rrset['ttl']
+                        }}</span>
+                    {% endif %}
                 {% endif %}
 
             </th>
         </tr>
-        <tr>
-
-            <th style="width: 150px;">Status</th>
-            <th style="width: 400px;">Data</th>
-            <th style="width: 400px;">Comment</th>
 
+        <tr>
+            <th scope="col" style="width: 150px;">Status</th>
+            <th scope="col" style="width: 400px;">Data</th>
+            <th scope="col" style="width: 400px;">Comment</th>
         </tr>
     </thead>
     <tbody>
+        {% for changes in hist_rec_entry.changeSet %}
         <tr>
-            <td>
-                <table>
-                    <tbody>
-                        {% for changes in hist_rec_entry.changeSet %}
-                        <tr>
-                            {% if changes[2] == "unchanged" %}
-                            <td>{{ "Activated" if changes[0]['disabled'] ==
-                                False else
-                                "Disabled"}} </td>
-                            {% elif changes[2] == "addition" %}
-                            <td>
-                                <span style="background-color:  lightgreen">
-                                    {{ "Activated" if changes[1]['disabled'] ==
-                                    False else
-                                    "Disabled"}}
-                                </span>
-                            </td>
-                            {% elif changes[2] == "status" %}
-                            <td>
-                                <s
-                                    style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                                    {{ "Activated" if changes[0]['disabled'] ==
-                                    False else
-                                    "Disabled"}}</s>
-                                <span style="background-color:  lightgreen">{{
-                                    "Activated" if changes[1]['disabled'] ==
-                                    False else
-                                    "Disabled"}}</span>
-                            </td>
-                            {% elif changes[2] == "deletion" %}
-                            <td>
-                                <s
-                                    style="text-decoration-color: rgba(194, 10,10, 0.6); text-decoration-thickness: 2px;">
-                                    {{ "Activated" if changes[0]['disabled'] ==
-                                    False else
-                                    "Disabled"}}</s>
-                            </td>
-                            {% endif %}
-                        </tr>
-                        {% endfor %}
-                    </tbody>
-                </table>
+            <td style="word-break: break-all">
+                {% if changes[2] == "unchanged" or
+                    (changes[2] == "edit" and changes[0]['disabled'] == changes[1]['disabled']) %}
+                    <div class="diff diff-unchanged">{{
+                        "Disabled" if changes[1]['disabled'] else "Activated"
+                    }}</div>
+                {% else %}
+                    {% if changes[2] in ["deletion", "edit"] %}
+                        <div class="diff diff-deletion">{{
+                            "Disabled" if changes[0]['disabled'] else "Activated"
+                        }}</div>
+                    {% endif %}
+                    {% if changes[2] in ["addition", "edit"] %}
+                        <div class="diff diff-addition">{{
+                            "Disabled" if changes[1]['disabled'] else "Activated"
+                        }}</div>
+                    {% endif %}
+                {% endif %}
             </td>
-            <td>
-                <table>
-                    <tbody>
-                        {% for changes in hist_rec_entry.changeSet %}
-                        <tr>
-                            {% if changes[2] == "unchanged" %}
-                            <td style="word-break: break-all">
-                                {{changes[0]['content']}}
-                            </td>
-                            {% elif changes[2] == "addition" %}
-                            <td style="word-break: break-all">
-                                <span style="background-color:  lightgreen">
-                                    {{changes[1]['content']}}
-                                </span>
-                            </td>
-                            {% elif changes[2] == "deletion" %}
-                            <td style="word-break: break-all">
-                                <s
-                                    style="text-decoration-color: rgba(194, 10, 10, 0.6); text-decoration-thickness: 2px;">
-                                    {{changes[0]['content']}}
-                                </s>
-                            </td>
-                            {% elif changes[2] == "status" %}
-                            <td style="word-break: break-all">
-                                {{changes[0]['content']}}
-                            </td>
-                            {% endif %}
-                        </tr>
-                        {% endfor %}
-                    </tbody>
-
-                </table>
+            <td style="word-break: break-all">
+                {% if changes[2] == "unchanged" or
+                        (changes[2] == "edit" and changes[0]['content'] == changes[1]['content']) %}
+                    <div class="diff diff-unchanged">{{
+                        changes[1]['content']
+                    }}</div>
+                {% else %}
+                    {% if changes[2] in ["deletion", "edit"] %}
+                        <div class="diff diff-deletion">{{
+                            changes[0]['content']
+                        }}</div>
+                    {% endif %}
+                    {% if changes[2] in ["addition", "edit"] %}
+                        <div class="diff diff-addition">{{
+                            changes[1]['content']
+                        }}</div>
+                    {% endif %}
+                {% endif %}
             </td>
             <td style="word-break: break-all">
-                {% for comments in hist_rec_entry.add_rrset['comments'] %}
-                {{comments['content'] }}
-                <br/>
-                {% endfor %}
+                {% if changes[2] == "unchanged" or
+                        (changes[2] == "edit" and changes[0]['comment'] == changes[1]['comment']) %}
+                    <div class="diff diff-unchanged">{{
+                        changes[1]['comment']
+                    }}</div>
+                {% else %}
+                    {% if changes[2] in ["deletion", "edit"] and changes[0]['comment'] %}
+                        <div class="diff diff-deletion">{{
+                            changes[0]['comment']
+                        }}</div>
+                    {% endif %}
+                    {% if changes[2] in ["addition", "edit"] and changes[1]['comment'] %}
+                        <div class="diff diff-addition">{{
+                            changes[1]['comment']
+                        }}</div>
+                    {% endif %}
+                {% endif %}
             </td>
         </tr>
-
+        {% endfor %}
     </tbody>
 </table>
 {% endfor %}

From 934e4a7af3ec52dc7e8778c64a75f6fd1ec5f5e5 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 3 Mar 2023 13:35:14 +0100
Subject: [PATCH 292/475] Sort records label-wise reverse

Account for the hierarchical nature of DNS by sorting records by their
name label-wise from right to left. Also justify the record names to the
right, so they visually line up on label borders.
---
 powerdnsadmin/templates/domain.html | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 026a89bdf..373bbbdcc 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -202,6 +202,17 @@ <h3 class="card-title">Zone Editor</h3>
                     {% else %}
                         targets: [5]
                     {% endif %}
+                },
+                {
+                    targets: [0],
+                    className: "text-right",
+                    data: {
+                        '_': "0",
+                        'sort': function (row, _type, _set, _meta) {
+                            const data = row[0] || '';
+                            return data.split('.').reverse().join('.');
+                        },
+                    },
                 }
             ],
             {% if domain.type != 'Slave' %}

From fc39cc40ee4a8a188ff66c54bb269eda76a94f78 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Fri, 3 Mar 2023 14:34:13 +0100
Subject: [PATCH 293/475] Clean up dashboard zone tabs

* Rename `customBoxes` to be more descriptive and follow CamelCase name convention for classes
* Change the tab info from a tuple to a named tuple
* Change all access to the tab info tuple from index to (new) property name
* Rename/Relabel the tabs
* Add docstrings
* Simplify the domain filter logic
* Simplify/Unify the tab html template
---
 powerdnsadmin/lib/utils.py             |  9 -----
 powerdnsadmin/routes/dashboard.py      | 53 ++++++++++++++++++++------
 powerdnsadmin/templates/dashboard.html | 26 +++++--------
 3 files changed, 51 insertions(+), 37 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index f75a103e9..3b666ef8f 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -227,15 +227,6 @@ def ensure_list(l):
     yield from l
 
 
-class customBoxes:
-    boxes = {
-        "reverse": (" ", " "),
-        "ip6arpa": ("ip6", "%.ip6.arpa"),
-        "inaddrarpa": ("in-addr", "%.in-addr.arpa")
-    }
-    order = ["reverse", "ip6arpa", "inaddrarpa"]
-
-
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
     print("Received domain name:", domain_name)
diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 8cf1b1293..c3d972b33 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -1,10 +1,10 @@
 import datetime
-from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session
+from collections import namedtuple
+from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session, abort
 from flask_login import login_required, current_user, login_manager
 from sqlalchemy import not_
 
 from ..decorators import operator_role_required
-from ..lib.utils import customBoxes
 from ..models.user import User, Anonymous
 from ..models.account import Account
 from ..models.account_user import AccountUser
@@ -21,6 +21,31 @@
                          url_prefix='/dashboard')
 
 
+class ZoneTabs:
+    """Config data for the zone tabs on the dashboard."""
+
+    TabInfo = namedtuple('TabInfo', ['display_name', 'filter_pattern'])
+    """Info about a single tab.
+
+    `display_name` is the name on the tab.
+    `filter_pattern` is a SQL LIKE pattern , which is case-insensitively matched against the zone
+    name (without the final root-dot).
+
+    If a filter is present, the tab will show zones that match the filter.
+    If no filter is present, the tab will show zones that are not matched by any other tab filter.
+    """
+
+    tabs = {
+        'forward':      TabInfo("", None),
+        'reverse_ipv4': TabInfo("in-addr.arpa", '%.in-addr.arpa'),
+        'reverse_ipv6': TabInfo("ip6.arpa", '%.ip6.arpa'),
+    }
+    """Dict of unique tab id to a TabInfo."""
+
+    order = ['forward', 'reverse_ipv4', 'reverse_ipv6']
+    """List of tab ids in the order they will appear."""
+
+
 @dashboard_bp.before_request
 def before_request():
     # Check if user is anonymous
@@ -41,9 +66,12 @@ def before_request():
     session.modified = True
 
 
-@dashboard_bp.route('/domains-custom/<path:boxId>', methods=['GET'])
+@dashboard_bp.route('/domains-custom/<path:tab_id>', methods=['GET'])
 @login_required
-def domains_custom(boxId):
+def domains_custom(tab_id):
+    if tab_id not in ZoneTabs.tabs:
+        abort(404)
+
     if current_user.role.name in ['Administrator', 'Operator']:
         domains = Domain.query
     else:
@@ -83,14 +111,15 @@ def domains_custom(boxId):
     if order_by:
         domains = domains.order_by(*order_by)
 
-    if boxId == "reverse":
-        for boxId in customBoxes.order:
-            if boxId == "reverse": continue
-            domains = domains.filter(
-                not_(Domain.name.ilike(customBoxes.boxes[boxId][1])))
+    if ZoneTabs.tabs[tab_id].filter_pattern:
+        # If the tab has a filter, use only that
+        domains = domains.filter(Domain.name.ilike(ZoneTabs.tabs[tab_id].filter_pattern))
     else:
-        domains = domains.filter(Domain.name.ilike(
-            customBoxes.boxes[boxId][1]))
+        # If the tab has no filter, use all the other filters in negated form
+        for tab_info in ZoneTabs.tabs.values():
+            if not tab_info.filter_pattern:
+                continue
+            domains = domains.filter(not_(Domain.name.ilike(tab_info.filter_pattern)))
 
     total_count = domains.count()
 
@@ -202,7 +231,7 @@ def dashboard():
 
     # Add custom boxes to render_template
     return render_template('dashboard.html',
-                           custom_boxes=customBoxes,
+                           zone_tabs=ZoneTabs,
                            domain_count=domain_count,
                            user_num=user_num,
                            history_number=history_number,
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index fa4e26ead..c632e5a4b 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -176,17 +176,11 @@ <h3 class="card-title mb-2">
                                 <div class="nav-tabs-custom">
                                     <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab"
                                         role="tablist">
-                                        <li class="nav-item">
-                                            <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
-                                               data-toggle="pill" role="tab">
-                                                Zones <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
-                                            </a>
-                                        </li>
-                                        {% for boxId in custom_boxes.order[1:] %}
+                                        {% for tab_id in zone_tabs.order %}
                                             <li class="nav-item">
-                                                <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill"
-                                                   role="tab">
-                                                    Zones <b>{{ custom_boxes.boxes[boxId][0] }}</b>
+                                                <a class="nav-link {% if loop.first %}active{% endif %}"
+                                                   href="#tab_{{ tab_id }}" data-toggle="pill" role="tab">
+                                                    Zones <b>{{ zone_tabs.tabs[tab_id].display_name }}</b>
                                                 </a>
                                             </li>
                                         {% endfor %}
@@ -197,10 +191,11 @@ <h3 class="card-title mb-2">
                         <!-- /.card-header -->
                         <div class="card-body p-0">
                             <div class="tab-content">
-                                {% for boxId in custom_boxes.order %}
-                                    <div class="tab-pane show" id='tab_{{ boxId }}'>
+                                {% for tab_id in zone_tabs.order %}
+                                    <div id='tab_{{ tab_id }}'
+                                         class="tab-pane show {% if loop.first %}active{% endif %}">
                                         <div class="card-body table-responsive records p-0 pt-2">
-                                            <table id='tbl_domain_list_{{ boxId }}'
+                                            <table id='tbl_domain_list_{{ tab_id }}'
                                                    class="table table-striped table-hover table-sm records">
                                                 <thead>
                                                 <tr>
@@ -274,9 +269,8 @@ <h3 class="card-title mb-2">
             });
         }
 
-        $('#tab_{{custom_boxes.order[0]}}').addClass("active");
-        {% for boxId in custom_boxes.order %}
-            setUpDomainList("#tbl_domain_list_{{boxId}}", "{{url_for('dashboard.domains_custom',boxId=boxId)}}");
+        {% for tab_id in zone_tabs.order %}
+            setUpDomainList("#tbl_domain_list_{{tab_id}}", "{{url_for('dashboard.domains_custom',tab_id=tab_id)}}");
         {% endfor %}
         //SYBPATCH END//
 

From 5f2fc514df84b521ade5a5857a7522f637ade034 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 4 Mar 2023 11:27:44 -0500
Subject: [PATCH 294/475] Revert "Clean up dashboard zone tabs"

This reverts commit fc39cc40ee4a8a188ff66c54bb269eda76a94f78.
---
 powerdnsadmin/lib/utils.py             |  9 +++++
 powerdnsadmin/routes/dashboard.py      | 53 ++++++--------------------
 powerdnsadmin/templates/dashboard.html | 26 ++++++++-----
 3 files changed, 37 insertions(+), 51 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 3b666ef8f..f75a103e9 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -227,6 +227,15 @@ def ensure_list(l):
     yield from l
 
 
+class customBoxes:
+    boxes = {
+        "reverse": (" ", " "),
+        "ip6arpa": ("ip6", "%.ip6.arpa"),
+        "inaddrarpa": ("in-addr", "%.in-addr.arpa")
+    }
+    order = ["reverse", "ip6arpa", "inaddrarpa"]
+
+
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
     print("Received domain name:", domain_name)
diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 51dadfdf1..d75ce5077 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -1,10 +1,10 @@
 import datetime
-from collections import namedtuple
-from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session, abort
+from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session
 from flask_login import login_required, current_user, login_manager
 from sqlalchemy import not_
 
 from ..decorators import operator_role_required
+from ..lib.utils import customBoxes
 from ..models.user import User, Anonymous
 from ..models.account import Account
 from ..models.account_user import AccountUser
@@ -21,31 +21,6 @@
                          url_prefix='/dashboard')
 
 
-class ZoneTabs:
-    """Config data for the zone tabs on the dashboard."""
-
-    TabInfo = namedtuple('TabInfo', ['display_name', 'filter_pattern'])
-    """Info about a single tab.
-
-    `display_name` is the name on the tab.
-    `filter_pattern` is a SQL LIKE pattern , which is case-insensitively matched against the zone
-    name (without the final root-dot).
-
-    If a filter is present, the tab will show zones that match the filter.
-    If no filter is present, the tab will show zones that are not matched by any other tab filter.
-    """
-
-    tabs = {
-        'forward':      TabInfo("", None),
-        'reverse_ipv4': TabInfo("in-addr.arpa", '%.in-addr.arpa'),
-        'reverse_ipv6': TabInfo("ip6.arpa", '%.ip6.arpa'),
-    }
-    """Dict of unique tab id to a TabInfo."""
-
-    order = ['forward', 'reverse_ipv4', 'reverse_ipv6']
-    """List of tab ids in the order they will appear."""
-
-
 @dashboard_bp.before_request
 def before_request():
     # Check if user is anonymous
@@ -66,12 +41,9 @@ def before_request():
     session.modified = True
 
 
-@dashboard_bp.route('/domains-custom/<path:tab_id>', methods=['GET'])
+@dashboard_bp.route('/domains-custom/<path:boxId>', methods=['GET'])
 @login_required
-def domains_custom(tab_id):
-    if tab_id not in ZoneTabs.tabs:
-        abort(404)
-
+def domains_custom(boxId):
     if current_user.role.name in ['Administrator', 'Operator']:
         domains = Domain.query
     else:
@@ -111,15 +83,14 @@ def domains_custom(tab_id):
     if order_by:
         domains = domains.order_by(*order_by)
 
-    if ZoneTabs.tabs[tab_id].filter_pattern:
-        # If the tab has a filter, use only that
-        domains = domains.filter(Domain.name.ilike(ZoneTabs.tabs[tab_id].filter_pattern))
+    if boxId == "reverse":
+        for boxId in customBoxes.order:
+            if boxId == "reverse": continue
+            domains = domains.filter(
+                not_(Domain.name.ilike(customBoxes.boxes[boxId][1])))
     else:
-        # If the tab has no filter, use all the other filters in negated form
-        for tab_info in ZoneTabs.tabs.values():
-            if not tab_info.filter_pattern:
-                continue
-            domains = domains.filter(not_(Domain.name.ilike(tab_info.filter_pattern)))
+        domains = domains.filter(Domain.name.ilike(
+            customBoxes.boxes[boxId][1]))
 
     total_count = domains.count()
 
@@ -236,7 +207,7 @@ def dashboard():
 
     # Add custom boxes to render_template
     return render_template('dashboard.html',
-                           zone_tabs=ZoneTabs,
+                           custom_boxes=customBoxes,
                            domain_count=domain_count,
                            user_num=user_num,
                            history_number=history_number,
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index c632e5a4b..fa4e26ead 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -176,11 +176,17 @@ <h3 class="card-title mb-2">
                                 <div class="nav-tabs-custom">
                                     <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab"
                                         role="tablist">
-                                        {% for tab_id in zone_tabs.order %}
+                                        <li class="nav-item">
+                                            <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
+                                               data-toggle="pill" role="tab">
+                                                Zones <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
+                                            </a>
+                                        </li>
+                                        {% for boxId in custom_boxes.order[1:] %}
                                             <li class="nav-item">
-                                                <a class="nav-link {% if loop.first %}active{% endif %}"
-                                                   href="#tab_{{ tab_id }}" data-toggle="pill" role="tab">
-                                                    Zones <b>{{ zone_tabs.tabs[tab_id].display_name }}</b>
+                                                <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill"
+                                                   role="tab">
+                                                    Zones <b>{{ custom_boxes.boxes[boxId][0] }}</b>
                                                 </a>
                                             </li>
                                         {% endfor %}
@@ -191,11 +197,10 @@ <h3 class="card-title mb-2">
                         <!-- /.card-header -->
                         <div class="card-body p-0">
                             <div class="tab-content">
-                                {% for tab_id in zone_tabs.order %}
-                                    <div id='tab_{{ tab_id }}'
-                                         class="tab-pane show {% if loop.first %}active{% endif %}">
+                                {% for boxId in custom_boxes.order %}
+                                    <div class="tab-pane show" id='tab_{{ boxId }}'>
                                         <div class="card-body table-responsive records p-0 pt-2">
-                                            <table id='tbl_domain_list_{{ tab_id }}'
+                                            <table id='tbl_domain_list_{{ boxId }}'
                                                    class="table table-striped table-hover table-sm records">
                                                 <thead>
                                                 <tr>
@@ -269,8 +274,9 @@ <h3 class="card-title mb-2">
             });
         }
 
-        {% for tab_id in zone_tabs.order %}
-            setUpDomainList("#tbl_domain_list_{{tab_id}}", "{{url_for('dashboard.domains_custom',tab_id=tab_id)}}");
+        $('#tab_{{custom_boxes.order[0]}}').addClass("active");
+        {% for boxId in custom_boxes.order %}
+            setUpDomainList("#tbl_domain_list_{{boxId}}", "{{url_for('dashboard.domains_custom',boxId=boxId)}}");
         {% endfor %}
         //SYBPATCH END//
 

From fcda4977e2007e95a246bdf2a456263c39074201 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 5 Mar 2023 11:01:17 +0100
Subject: [PATCH 295/475] Fix migration issue #635 as proposed by @keesbos

---
 .../versions/3f76448bb6de_add_user_confirmed_column.py      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/migrations/versions/3f76448bb6de_add_user_confirmed_column.py b/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
index d1b6d2910..490aebec3 100644
--- a/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
+++ b/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
@@ -18,8 +18,12 @@
 def upgrade():
     with op.batch_alter_table('user') as batch_op:
         batch_op.add_column(
-            sa.Column('confirmed', sa.Boolean(), nullable=False,
+            sa.Column('confirmed', sa.Boolean(), nullable=True,
                       default=False))
+    with op.batch_alter_table('user') as batch_op:
+        user = sa.sql.table('user', sa.sql.column('confirmed'))
+        batch_op.execute(user.update().values(confirmed=False))
+        batch_op.alter_column('confirmed', nullable=False)
 
 
 def downgrade():

From 4933351ac18a3bd140e6abd87afb43e89d365ea8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 6 Mar 2023 08:30:00 -0500
Subject: [PATCH 296/475] Revert "Revert "Clean up dashboard zone tabs""

This reverts commit 5f2fc514df84b521ade5a5857a7522f637ade034.
---
 powerdnsadmin/lib/utils.py             |  9 -----
 powerdnsadmin/routes/dashboard.py      | 53 ++++++++++++++++++++------
 powerdnsadmin/templates/dashboard.html | 26 +++++--------
 3 files changed, 51 insertions(+), 37 deletions(-)

diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index f75a103e9..3b666ef8f 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -227,15 +227,6 @@ def ensure_list(l):
     yield from l
 
 
-class customBoxes:
-    boxes = {
-        "reverse": (" ", " "),
-        "ip6arpa": ("ip6", "%.ip6.arpa"),
-        "inaddrarpa": ("in-addr", "%.in-addr.arpa")
-    }
-    order = ["reverse", "ip6arpa", "inaddrarpa"]
-
-
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
     print("Received domain name:", domain_name)
diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index d75ce5077..51dadfdf1 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -1,10 +1,10 @@
 import datetime
-from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session
+from collections import namedtuple
+from flask import Blueprint, render_template, url_for, current_app, request, jsonify, redirect, g, session, abort
 from flask_login import login_required, current_user, login_manager
 from sqlalchemy import not_
 
 from ..decorators import operator_role_required
-from ..lib.utils import customBoxes
 from ..models.user import User, Anonymous
 from ..models.account import Account
 from ..models.account_user import AccountUser
@@ -21,6 +21,31 @@
                          url_prefix='/dashboard')
 
 
+class ZoneTabs:
+    """Config data for the zone tabs on the dashboard."""
+
+    TabInfo = namedtuple('TabInfo', ['display_name', 'filter_pattern'])
+    """Info about a single tab.
+
+    `display_name` is the name on the tab.
+    `filter_pattern` is a SQL LIKE pattern , which is case-insensitively matched against the zone
+    name (without the final root-dot).
+
+    If a filter is present, the tab will show zones that match the filter.
+    If no filter is present, the tab will show zones that are not matched by any other tab filter.
+    """
+
+    tabs = {
+        'forward':      TabInfo("", None),
+        'reverse_ipv4': TabInfo("in-addr.arpa", '%.in-addr.arpa'),
+        'reverse_ipv6': TabInfo("ip6.arpa", '%.ip6.arpa'),
+    }
+    """Dict of unique tab id to a TabInfo."""
+
+    order = ['forward', 'reverse_ipv4', 'reverse_ipv6']
+    """List of tab ids in the order they will appear."""
+
+
 @dashboard_bp.before_request
 def before_request():
     # Check if user is anonymous
@@ -41,9 +66,12 @@ def before_request():
     session.modified = True
 
 
-@dashboard_bp.route('/domains-custom/<path:boxId>', methods=['GET'])
+@dashboard_bp.route('/domains-custom/<path:tab_id>', methods=['GET'])
 @login_required
-def domains_custom(boxId):
+def domains_custom(tab_id):
+    if tab_id not in ZoneTabs.tabs:
+        abort(404)
+
     if current_user.role.name in ['Administrator', 'Operator']:
         domains = Domain.query
     else:
@@ -83,14 +111,15 @@ def domains_custom(boxId):
     if order_by:
         domains = domains.order_by(*order_by)
 
-    if boxId == "reverse":
-        for boxId in customBoxes.order:
-            if boxId == "reverse": continue
-            domains = domains.filter(
-                not_(Domain.name.ilike(customBoxes.boxes[boxId][1])))
+    if ZoneTabs.tabs[tab_id].filter_pattern:
+        # If the tab has a filter, use only that
+        domains = domains.filter(Domain.name.ilike(ZoneTabs.tabs[tab_id].filter_pattern))
     else:
-        domains = domains.filter(Domain.name.ilike(
-            customBoxes.boxes[boxId][1]))
+        # If the tab has no filter, use all the other filters in negated form
+        for tab_info in ZoneTabs.tabs.values():
+            if not tab_info.filter_pattern:
+                continue
+            domains = domains.filter(not_(Domain.name.ilike(tab_info.filter_pattern)))
 
     total_count = domains.count()
 
@@ -207,7 +236,7 @@ def dashboard():
 
     # Add custom boxes to render_template
     return render_template('dashboard.html',
-                           custom_boxes=customBoxes,
+                           zone_tabs=ZoneTabs,
                            domain_count=domain_count,
                            user_num=user_num,
                            history_number=history_number,
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index fa4e26ead..c632e5a4b 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -176,17 +176,11 @@ <h3 class="card-title mb-2">
                                 <div class="nav-tabs-custom">
                                     <ul class="nav nav-tabs card-header-tabs" id="custom-content-below-tab"
                                         role="tablist">
-                                        <li class="nav-item">
-                                            <a class="nav-link active" href="#tab_{{ custom_boxes.order[0] }}"
-                                               data-toggle="pill" role="tab">
-                                                Zones <b>{{ custom_boxes.boxes[custom_boxes.order[0]][0] }}</b>
-                                            </a>
-                                        </li>
-                                        {% for boxId in custom_boxes.order[1:] %}
+                                        {% for tab_id in zone_tabs.order %}
                                             <li class="nav-item">
-                                                <a class="nav-link" href="#tab_{{ boxId }}" data-toggle="pill"
-                                                   role="tab">
-                                                    Zones <b>{{ custom_boxes.boxes[boxId][0] }}</b>
+                                                <a class="nav-link {% if loop.first %}active{% endif %}"
+                                                   href="#tab_{{ tab_id }}" data-toggle="pill" role="tab">
+                                                    Zones <b>{{ zone_tabs.tabs[tab_id].display_name }}</b>
                                                 </a>
                                             </li>
                                         {% endfor %}
@@ -197,10 +191,11 @@ <h3 class="card-title mb-2">
                         <!-- /.card-header -->
                         <div class="card-body p-0">
                             <div class="tab-content">
-                                {% for boxId in custom_boxes.order %}
-                                    <div class="tab-pane show" id='tab_{{ boxId }}'>
+                                {% for tab_id in zone_tabs.order %}
+                                    <div id='tab_{{ tab_id }}'
+                                         class="tab-pane show {% if loop.first %}active{% endif %}">
                                         <div class="card-body table-responsive records p-0 pt-2">
-                                            <table id='tbl_domain_list_{{ boxId }}'
+                                            <table id='tbl_domain_list_{{ tab_id }}'
                                                    class="table table-striped table-hover table-sm records">
                                                 <thead>
                                                 <tr>
@@ -274,9 +269,8 @@ <h3 class="card-title mb-2">
             });
         }
 
-        $('#tab_{{custom_boxes.order[0]}}').addClass("active");
-        {% for boxId in custom_boxes.order %}
-            setUpDomainList("#tbl_domain_list_{{boxId}}", "{{url_for('dashboard.domains_custom',boxId=boxId)}}");
+        {% for tab_id in zone_tabs.order %}
+            setUpDomainList("#tbl_domain_list_{{tab_id}}", "{{url_for('dashboard.domains_custom',tab_id=tab_id)}}");
         {% endfor %}
         //SYBPATCH END//
 

From d055fd83c5d78ce59f90723c6e4d6cb152dc979d Mon Sep 17 00:00:00 2001
From: Lukas <->
Date: Wed, 8 Mar 2023 08:52:27 +0100
Subject: [PATCH 297/475] Documentation, Fix

---
 docker/Dockerfile                             |  2 +-
 docs/wiki/README.md                           |  7 +-
 docs/wiki/debug/build-process.md              | 61 ++++++++++++++++
 .../Running-Docker-Apache-Reverseproxy.md     | 73 +++++++++++++++++++
 powerdnsadmin/templates/admin_history.html    |  4 +-
 requirements.txt                              |  1 +
 6 files changed, 144 insertions(+), 4 deletions(-)
 create mode 100644 docs/wiki/debug/build-process.md
 create mode 100644 docs/wiki/web-server/Running-Docker-Apache-Reverseproxy.md

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 603382bd3..c9cab64cf 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -38,7 +38,7 @@ COPY . /build
 # Prepare assets
 RUN yarn install --pure-lockfile --production && \
     yarn cache clean && \
-    sed -i -r -e "s|'cssmin',\s?'cssrewrite'|'cssmin'|g" /build/powerdnsadmin/assets.py && \
+    sed -i -r -e "s|'cssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
     flask assets build
 
 RUN mv /build/powerdnsadmin/static /tmp/static && \
diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 62f1bf102..82025ea37 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -34,6 +34,7 @@
 - [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md)
 - [uWSGI](web-server/uWSGI-example.md)
 - [WSGI-Apache](web-server/WSGI-Apache-example.md)
+- [Docker-ApacheReverseProxy](webserver/Running-Docker-Apache-Reverseproxy.md)
 
 ## Using PowerDNS-Admin
 
@@ -43,4 +44,8 @@
 
 ## Feature usage
 
-- [DynDNS2](features/DynDNS2.md)
\ No newline at end of file
+- [DynDNS2](features/DynDNS2.md)
+
+## Debugging
+
+- [Debugging the build process](debug/build-process.md)
\ No newline at end of file
diff --git a/docs/wiki/debug/build-process.md b/docs/wiki/debug/build-process.md
new file mode 100644
index 000000000..28f1cfede
--- /dev/null
+++ b/docs/wiki/debug/build-process.md
@@ -0,0 +1,61 @@
+This discribes how to debug the buildprocess 
+
+
+docker-compose.yml
+
+```
+version: "3"
+services:
+  app:
+    image: powerdns/custom
+    container_name: powerdns
+    restart: always
+    build:
+        context: git
+        dockerfile: docker/Dockerfile
+    network_mode: "host"
+    logging:
+      driver: json-file
+      options:
+        max-size: 50m
+    environment:
+      - BIND_ADDRESS=127.0.0.1:8082
+      - SECRET_KEY='VerySecret'
+      - SQLALCHEMY_DATABASE_URI=mysql://pdnsadminuser:password@127.0.0.1/powerdnsadmin
+      - GUNICORN_TIMEOUT=60
+      - GUNICORN_WORKERS=2
+      - GUNICORN_LOGLEVEL=DEBUG
+      - OFFLINE_MODE=False
+      - CSRF_COOKIE_SECURE=False
+```
+
+Create a git folder in the location of the `docker-compose.yml` and clone the repo into it
+
+```
+mkdir git
+cd git 
+git clone https://github.com/PowerDNS-Admin/PowerDNS-Admin.git .
+```
+
+In case you are behind an SSL Filter like me, you can add the following to each stage of the `git/docker/Dockerfile`
+
+This installs the command `update-ca-certificates` from the alpine repo and adds an ssl cert to the trust chain, make sure you are getting the right version in case the base image version changes
+
+```
+RUN mkdir /tmp-pkg && cd /tmp-pkg && wget http://dl-cdn.alpinelinux.org/alpine/v3.17/main/x86_64/ca-certificates-20220614-r4.apk && apk add --allow-untrusted --no-network --no-cache /tmp-pkg/ca-certificates-20220614-r4.apk || true
+RUN rm -rf /tmp/pkg
+COPY MyCustomCerts.crt /usr/local/share/ca-certificates/MyCustomCerts.crt
+RUN update-ca-certificates
+COPY pip.conf /etc/pip.conf
+```
+
+`MyCustomCerts.crt` and `pip.conf` have to be placed inside the `git` folder.
+
+The content of `pip.conf` is:
+
+```
+[global]
+cert = /usr/local/share/ca-certificates/MyCustomCerts.crt
+```
+
+For easier debugging you can change the `CMD` of the `Dockerfile` to `CMD ["tail","-f", "/dev/null"]` though I expect you to be fluent in Docker in case you wish to debug
\ No newline at end of file
diff --git a/docs/wiki/web-server/Running-Docker-Apache-Reverseproxy.md b/docs/wiki/web-server/Running-Docker-Apache-Reverseproxy.md
new file mode 100644
index 000000000..e757ab7f9
--- /dev/null
+++ b/docs/wiki/web-server/Running-Docker-Apache-Reverseproxy.md
@@ -0,0 +1,73 @@
+This describes how to run Apache2 on the host system with a reverse proxy directing to the docker container
+
+This is usually used to add ssl certificates and prepend a subdirectory
+
+The network_mode host settings is not neccessary but used for ldap availability in this case
+
+
+docker-compose.yml
+
+```
+version: "3"
+services:
+  app:
+    image: powerdnsadmin/pda-legacy:latest
+    container_name: powerdns
+    restart: always
+    network_mode: "host"
+    logging:
+      driver: json-file
+      options:
+        max-size: 50m
+    environment:
+      - BIND_ADDRESS=127.0.0.1:8082
+      - SECRET_KEY='NotVerySecret'
+      - SQLALCHEMY_DATABASE_URI=mysql://pdnsadminuser:password@127.0.0.1/powerdnsadmin
+      - GUNICORN_TIMEOUT=60
+      - GUNICORN_WORKERS=2
+      - GUNICORN_LOGLEVEL=DEBUG
+      - OFFLINE_MODE=False
+      - CSRF_COOKIE_SECURE=False
+      - SCRIPT_NAME=/powerdns
+```
+
+After running the Container create the static directory and populate
+
+```
+mkdir -p /var/www/powerdns
+docker cp powerdns:/app/powerdnsadmin/static /var/www/powerdns/
+chown -R root:www-data /var/www/powerdns
+```
+
+Adjust the static reference, static/assets/css has a hardcoded reference
+
+```
+sed -i 's/\/static/\/powerdns\/static/' /var/www/powerdns/static/assets/css/*
+```
+
+Apache Config:
+
+You can set the SCRIPT_NAME environment using Apache as well, once is sufficient though
+
+```
+    <Location /powerdns>
+        RequestHeader set X-Forwarded-Proto "https"
+        RequestHeader set X-Forwarded-Port "443"
+        RequestHeader set SCRIPT_NAME "/powerdns"
+        ProxyPreserveHost On
+    </Location>
+
+    ProxyPass /powerdns/static !
+    ProxyPass /powerdns http://127.0.0.1:8082/powerdns
+    ProxyPassReverse /powerdns http://127.0.0.1:8082/powerdns
+
+    Alias /powerdns/static "/var/www/powerdns/static"
+
+    <Directory "/var/www/powerdns/static">
+        Options None
+        #Options +Indexes
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+    </Directory>
+```
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index f311986c4..81f6e5a98 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -216,7 +216,7 @@ <h3 class="card-title">Activity Search</h3>
 
         $(document).ready(function () {
             $.ajax({
-                url: "/admin/history_table",
+                url: '{{ url_for("admin.history_table") }}',
                 type: "get",
                 success: function (response) {
                     console.log('Submission was successful.');
@@ -493,7 +493,7 @@ <h3 class="card-title">Activity Search</h3>
                 var form = $(this);
                 var tzoffset = (new Date()).getTimezoneOffset();
                 $.ajax({
-                    url: "/admin/history_table",
+                    url: '{{ url_for("admin.history_table") }}',
                     type: "get",
                     data: form.serialize() + "&tzoffset=" + tzoffset,
                     success: function (response) {
diff --git a/requirements.txt b/requirements.txt
index b50683b7d..9753bf02d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -42,3 +42,4 @@ rjsmin==1.2.1
 webcolors==1.12
 werkzeug==2.1.2
 zipp==3.11.0
+rcssmin==1.1.1

From 622003a46ebeb6d77c3b18a704a94a9c0241378f Mon Sep 17 00:00:00 2001
From: Lukas <->
Date: Wed, 8 Mar 2023 10:51:01 +0100
Subject: [PATCH 298/475] Typo

---
 docs/wiki/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 82025ea37..7c5c7941e 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -34,7 +34,7 @@
 - [Systemd + Gunicorn + Apache](web-server/Running-PowerDNS-Admin-with-Systemd,-Gunicorn-and-Apache.md)
 - [uWSGI](web-server/uWSGI-example.md)
 - [WSGI-Apache](web-server/WSGI-Apache-example.md)
-- [Docker-ApacheReverseProxy](webserver/Running-Docker-Apache-Reverseproxy.md)
+- [Docker-ApacheReverseProxy](web-server/Running-Docker-Apache-Reverseproxy.md)
 
 ## Using PowerDNS-Admin
 
@@ -48,4 +48,4 @@
 
 ## Debugging
 
-- [Debugging the build process](debug/build-process.md)
\ No newline at end of file
+- [Debugging the build process](debug/build-process.md)

From 68d9fb37552266809d63732f7e82e4b9040713c8 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 8 Mar 2023 12:08:07 +0200
Subject: [PATCH 299/475] Support multiple Flask session types, not just
 filesystem. Set via generic SESSION_TYPE environment variable

---
 configs/development.py                           | 2 +-
 configs/docker_config.py                         | 6 +++---
 docs/wiki/configuration/Environment-variables.md | 2 +-
 powerdnsadmin/__init__.py                        | 6 ++----
 powerdnsadmin/default_config.py                  | 3 ++-
 5 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index b848d0c86..103656a33 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -24,7 +24,7 @@
 
 #Server side sessions tracking
 #Set to TRUE for CAPTCHA, or enable another stateful session tracking system
-FILESYSTEM_SESSIONS_ENABLED = True
+SESSION_TYPE = 'filesystem'
 
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
diff --git a/configs/docker_config.py b/configs/docker_config.py
index 0d006bd91..f045e95db 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -4,7 +4,7 @@
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
-FILESYSTEM_SESSIONS_ENABLED = True
+SESSION_TYPE = 'filesystem'
 
 legal_envvars = (
     'SECRET_KEY',
@@ -68,7 +68,7 @@
     'LDAP_ENABLED',
     'SAML_CERT',
     'SAML_KEY',
-    'FILESYSTEM_SESSIONS_ENABLED',
+    'SESSION_TYPE',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
@@ -93,7 +93,7 @@
     'SIGNUP_ENABLED',
     'LOCAL_DB_ENABLED',
     'LDAP_ENABLED',
-    'FILESYSTEM_SESSIONS_ENABLED',
+    'SESSION_TYPE',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index b133ee687..fbbedacdd 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -4,7 +4,7 @@
 | ---------| ----------- | -------- | ------------- |
 | BIND_ADDRESS | 
 | CSRF_COOKIE_SECURE | 
-| FILESYSTEM_SESSIONS_ENABLED | 
+| SESSION_TYPE | null|filesystem|sqlalchemy |  | filesystem | 
 | LDAP_ENABLED | 
 | LOCAL_DB_ENABLED | 
 | LOG_LEVEL | 
diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index 0b2c5a182..f3bca8386 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -56,10 +56,8 @@ def create_app(config=None):
         _sslify = SSLify(app)  # lgtm [py/unused-local-variable]
 
     # Load Flask-Session
-    if app.config.get('FILESYSTEM_SESSIONS_ENABLED'):
-        app.config['SESSION_TYPE'] = 'filesystem'
-        sess = Session()
-        sess.init_app(app)
+    sess = Session()
+    sess.init_app(app)
 
     # SMTP
     app.mail = Mail(app)
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 851391530..07de0f3f6 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,7 +8,8 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-FILESYSTEM_SESSIONS_ENABLED = True
+
+SESSION_TYPE = 'filesystem'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 

From aa709519642dcd3f65c2bbbe6c51c98a0d56549b Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Wed, 8 Mar 2023 17:05:32 +0200
Subject: [PATCH 300/475] Read flask session type from environment variable and
 create sessions table if not exist.

---
 configs/docker_config.py  |  1 -
 powerdnsadmin/__init__.py | 11 +++++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index f045e95db..030e8d2c3 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -93,7 +93,6 @@
     'SIGNUP_ENABLED',
     'LOCAL_DB_ENABLED',
     'LDAP_ENABLED',
-    'SESSION_TYPE',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index f3bca8386..d447a002c 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -56,8 +56,15 @@ def create_app(config=None):
         _sslify = SSLify(app)  # lgtm [py/unused-local-variable]
 
     # Load Flask-Session
-    sess = Session()
-    sess.init_app(app)
+    app.config['SESSION_TYPE'] = app.config.get('SESSION_TYPE')
+    if 'SESSION_TYPE' in os.environ:
+        app.config['SESSION_TYPE'] = os.environ.get('SESSION_TYPE')
+
+    sess = Session(app)
+
+    # create sessions table if using sqlalchemy backend
+    if os.environ.get('SESSION_TYPE') == 'sqlalchemy':
+        sess.app.session_interface.db.create_all()
 
     # SMTP
     app.mail = Mail(app)

From c707f1e1c58aae83e31693916266cf3412caada5 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Fri, 10 Mar 2023 15:20:18 +0200
Subject: [PATCH 301/475] Added support for dict/json environment variables for
 docker image

---
 configs/docker_config.py                         | 16 +++++++++++++++-
 docs/wiki/configuration/Environment-variables.md |  4 +++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index 030e8d2c3..347bc26ed 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -27,6 +27,7 @@
     'SALT',
     'SQLALCHEMY_TRACK_MODIFICATIONS',
     'SQLALCHEMY_DATABASE_URI',
+    'SQLALCHEMY_ENGINE_OPTIONS',
     'MAIL_SERVER',
     'MAIL_PORT',
     'MAIL_DEBUG',
@@ -98,14 +99,25 @@
     'CAPTCHA_ENABLE',
 )
 
+legal_envvars_dict = (
+    'SQLALCHEMY_ENGINE_OPTIONS',
+)
+
 # import everything from environment variables
 import os
 import sys
-
+import json
 
 def str2bool(v):
     return v.lower() in ("true", "yes", "1")
 
+def dictfromstr(v,ret):
+    try:
+        return json.loads(ret)
+    except Exception as e:
+        print('Cannot parse json {} for variable {}'.format(ret, v))
+        print(e)
+        raise ValueError
 
 for v in legal_envvars:
 
@@ -129,4 +141,6 @@ def str2bool(v):
             ret = str2bool(ret)
         if v in legal_envvars_int:
             ret = int(ret)
+        if v in legal_envvars_dict:
+            ret = dictfromstr(v, ret)
         sys.modules[__name__].__dict__[v] = ret
diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index fbbedacdd..d49f60f45 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -57,6 +57,8 @@
 | SESSION_COOKIE_SECURE | 
 | SIGNUP_ENABLED | 
 | SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
-| SQLALCHEMY_TRACK_MODIFICATIONS | 
+| SQLALCHEMY_TRACK_MODIFICATIONS |
+| SQLALCHEMY_ENGINE_OPTIONS | json string. e.g. '{"pool_recycle":600,"echo":1}' [^2] |
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)
+[^2]: See Flask-SQLAlchemy Documentation for all engine options.

From 6be6f3d3899a7eeb0777fecedd496f23208514ce Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 16:10:42 -0500
Subject: [PATCH 302/475] Updated core project to also use rcssmin filter.

---
 docker/Dockerfile       | 2 +-
 powerdnsadmin/assets.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index c9cab64cf..b55399860 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -38,7 +38,7 @@ COPY . /build
 # Prepare assets
 RUN yarn install --pure-lockfile --production && \
     yarn cache clean && \
-    sed -i -r -e "s|'cssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
+    sed -i -r -e "s|'rcssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
     flask assets build
 
 RUN mv /build/powerdnsadmin/static /tmp/static && \
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 52e8d2698..0db26d13b 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -38,7 +38,7 @@ def concat(self, out, hunks, **kw):
   'node_modules/admin-lte/dist/css/adminlte.css',
   'custom/css/custom.css',
   'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-  filters=('cssmin', 'cssrewrite'),
+  filters=('rcssmin', 'cssrewrite'),
   output='generated/main.css')
 
 js_main = Bundle(

From 26f3f79388a5e8587d9e8f704cc868398e022c94 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 16:23:33 -0500
Subject: [PATCH 303/475] Corrected unauthorized side navigation change
 regarding the placement of the "Global Search" feature.

Removed the statistics and recent activity / history data display from the dashboard view.
---
 powerdnsadmin/routes/dashboard.py      |  70 ++-----------
 powerdnsadmin/templates/base.html      |  12 +--
 powerdnsadmin/templates/dashboard.html | 135 -------------------------
 3 files changed, 14 insertions(+), 203 deletions(-)

diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 51dadfdf1..0f241211d 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -36,7 +36,7 @@ class ZoneTabs:
     """
 
     tabs = {
-        'forward':      TabInfo("", None),
+        'forward': TabInfo("", None),
         'reverse_ipv4': TabInfo("in-addr.arpa", '%.in-addr.arpa'),
         'reverse_ipv6': TabInfo("ip6.arpa", '%.ip6.arpa'),
     }
@@ -55,7 +55,7 @@ def before_request():
     # Check site is in maintenance mode
     maintenance = Setting().get('maintenance')
     if maintenance and current_user.is_authenticated and current_user.role.name not in [
-            'Administrator', 'Operator'
+        'Administrator', 'Operator'
     ]:
         return render_template('maintenance.html')
 
@@ -83,13 +83,14 @@ def domains_custom(tab_id):
             .outerjoin(Account, Domain.account_id == Account.id) \
             .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
             .filter(
-                db.or_(
-                    DomainUser.user_id == current_user.id,
-                    AccountUser.user_id == current_user.id
-                ))
+            db.or_(
+                DomainUser.user_id == current_user.id,
+                AccountUser.user_id == current_user.id
+            ))
 
     template = current_app.jinja_env.get_template("dashboard_domain.html")
-    render = template.make_module(vars={"current_user": current_user, "allow_user_view_history": Setting().get('allow_user_view_history')})
+    render = template.make_module(
+        vars={"current_user": current_user, "allow_user_view_history": Setting().get('allow_user_view_history')})
 
     columns = [
         Domain.name, Domain.dnssec, Domain.type, Domain.serial, Domain.master,
@@ -184,64 +185,9 @@ def dashboard():
     if BG_DOMAIN_UPDATE and current_user.role.name not in ['Administrator', 'Operator']:
         show_bg_domain_button = False
 
-    # Stats for dashboard
-    domain_count = 0
-    history_number = 0
-    history = []
-    user_num = User.query.count()
-    if current_user.role.name in ['Administrator', 'Operator']:
-        domain_count = Domain.query.count()
-        history_number = History.query.count()
-        history = History.query.order_by(History.created_on.desc()).limit(4).all()
-    elif Setting().get('allow_user_view_history'):
-        allowed_domain_id_subquery = db.session.query(Domain.id) \
-            .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-            .outerjoin(Account, Domain.account_id == Account.id) \
-            .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-            .filter(db.or_(
-                DomainUser.user_id == current_user.id,
-                AccountUser.user_id == current_user.id
-            )) \
-        .subquery()
-        history = db.session.query(History) \
-            .with_hint(History, "FORCE INDEX (ix_history_created_on)", 'mysql') \
-            .order_by(History.created_on.desc()) \
-            .filter(History.domain_id.in_(allowed_domain_id_subquery)) \
-            .limit(4) \
-            .all()
-        history_number = db.session.query(History) \
-            .filter(History.domain_id.in_(allowed_domain_id_subquery)) \
-            .count()
-        domain_count = db.session.query(Domain) \
-            .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-            .outerjoin(Account, Domain.account_id == Account.id) \
-            .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-            .filter(
-                db.or_(
-                    DomainUser.user_id == current_user.id,
-                    AccountUser.user_id == current_user.id
-                )).count()
-
-    from .admin import convert_histories, DetailedHistory
-    detailedHistories = convert_histories(history)
-    
-    server = Server(server_id='localhost')
-    statistics = server.get_statistic()
-    if statistics:
-        uptime = list([
-            uptime for uptime in statistics if uptime['name'] == 'uptime'
-        ])[0]['value']
-    else:
-        uptime = 0
-
     # Add custom boxes to render_template
     return render_template('dashboard.html',
                            zone_tabs=ZoneTabs,
-                           domain_count=domain_count,
-                           user_num=user_num,
-                           history_number=history_number,
-                           uptime=uptime,
-                           histories=detailedHistories,
                            show_bg_domain_button=show_bg_domain_button,
                            pdns_version=Setting().get('pdns_version'))
 
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 0a526d58c..0ba24cf87 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -85,12 +85,6 @@
                             <p>Dashboard</p>
                         </a>
                     </li>
-                    <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
-                        <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-                            <i class="nav-icon fa-solid fa-search"></i>
-                            <p>Global Search</p>
-                        </a>
-                    </li>
                     {% if SETTING.get('allow_user_create_domain') or current_user.role.name in ['Administrator', 'Operator'] %}
                         <li class="{{ 'nav-item active' if active_page == 'nav-item new_domain' else 'nav-item' }}">
                             <a href="{{ url_for('domain.add') }}" class="nav-link">
@@ -109,6 +103,12 @@
                     {% endif %}
                     {% if current_user.role.name in ['Administrator', 'Operator'] %}
                         <li class="nav-header">Administration</li>
+                        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-search"></i>
+                                <p>Global Search</p>
+                            </a>
+                        </li>
                         <li class="{{ 'nav-item active' if active_page == 'server_statistics' else 'nav-item' }}">
                             <a href="{{ url_for('admin.server_statistics') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-chart-simple"></i>
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index c632e5a4b..1dde5af06 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -21,144 +21,9 @@ <h1 class="m-0 text-dark">
     </div>
 {% endblock %}
 
-{% import 'applied_change_macro.html' as applied_change_macro %}
-
 {% block content %}
     <section class="content">
         <div class="container-fluid">
-
-            <div class="row">
-                <div class="col-lg-12">
-                    <div class="card card-outline card-secondary shadow">
-                        <div class="card-header">
-                            <h3 class="card-title">Statistics</h3>
-                        </div>
-                        <!-- /.card-header -->
-                        <div class="card-body">
-                            <div class="row">
-                                <div class="col-6 col-sm-3">
-                                    <div class="small-box bg-info">
-                                        <div class="inner">
-                                            <h3>{{ domain_count }}</h3>
-                                            <p>{% if domain_count > 1 %}Domains{% else %}Domain{% endif %}</p>
-                                        </div>
-                                        <div class="icon">
-                                            <i class="fa-solid fa-book"></i>
-                                        </div>
-                                    </div>
-                                </div>
-                                <div class="col-6 col-sm-3">
-                                    <a href="{{ url_for('admin.history') }}">
-                                        <div class="small-box bg-green">
-                                            <div class="inner">
-                                                <h3>{{ history_number }}</h3>
-                                                <p>{% if history_number > 1 %}Histories{% else %}
-                                                    History{% endif %}</p>
-                                            </div>
-                                            <div class="icon">
-                                                <i class="fa-solid fa-calendar"></i>
-                                            </div>
-                                        </div>
-                                    </a>
-                                </div>
-                                {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                                    <div class="col-6 col-sm-3">
-                                        <a href="{{ url_for('admin.manage_user') }}">
-                                            <div class="small-box bg-green">
-                                                <div class="inner">
-                                                    <h3>{{ user_num }}</h3>
-                                                    <p>{% if user_num > 1 %}Users{% else %}User{% endif %}</p>
-                                                </div>
-                                                <div class="icon">
-                                                    <i class="fa-solid fa-users"></i>
-                                                </div>
-                                            </div>
-                                        </a>
-                                    </div>
-                                    <div class="col-6 col-sm-3">
-                                        <a href="{{ url_for('admin.server_statistics') }}">
-                                            <div class="small-box bg-green">
-                                                <div class="inner">
-                                                    <h3><span
-                                                            style="font-size: 18px">{{ uptime|display_second_to_time }}</span>
-                                                    </h3>
-                                                    <p>Uptime</p>
-                                                </div>
-                                                <div class="icon">
-                                                    <i class="fa-solid fa-clock"></i>
-                                                </div>
-                                            </div>
-                                        </a>
-                                    </div>
-                                {% endif %}
-                            </div>
-                            <!-- /.row -->
-                        </div>
-                        <!-- /.card-body -->
-                    </div>
-                    <!-- /.card -->
-                </div>
-                <!-- /.col -->
-            </div>
-            <!-- /.row -->
-
-            {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
-                <div class="row">
-                    <div class="col-12">
-                        <div class="card card-outline card-secondary shadow">
-                            <div class="card-header">
-                                <h3 class="card-title">Recent Activity</h3>
-                            </div>
-                            <!-- /.card-header -->
-                            <div class="card-body table-responsive records p-0">
-                                <table class="table table-striped table-hover table-sm records">
-                                    <thead>
-                                    <tr>
-                                        <th>Log Message</th>
-                                        <th>Timestamp</th>
-                                        <th>User</th>
-                                        <th>Actions</th>
-                                    </tr>
-                                    </thead>
-                                    <tbody>
-                                    {% for history in histories %}
-                                        <tr class="odd">
-                                            <td>{{ history.history.msg }}</td>
-                                            <td>{{ history.history.created_on | format_datetime_local }}</td>
-                                            <td>{{ history.history.created_by }}</td>
-                                            <td>
-                                                <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
-                                                    {{ history.detailed_msg | safe }}
-                                                    {% if history.change_set %}
-                                                        <div class="content">
-                                                            <div id="change_index_definition"></div>
-                                                            {% call applied_change_macro.applied_change_template(history.change_set) %}
-                                                            {% endcall %}
-                                                        </div>
-                                                    {% endif %}
-                                                </div>
-                                                <button type="button" class="btn btn-sm btn-primary history-info-button"
-                                                        title="View Additional Information"
-                                                        {% if history.detailed_msg == "" and history.change_set is none %}
-                                                        style="visibility: hidden;"
-                                                        {% endif %} value="{{ loop.index0 }}">
-                                                    <i class="fa-solid fa-info-circle"></i>
-                                                </button>
-                                            </td>
-                                        </tr>
-                                    {% endfor %}
-                                    </tbody>
-                                </table>
-                            </div>
-                            <!-- /.card-body -->
-                        </div>
-                        <!-- /.card -->
-                    </div>
-                    <!-- /.col -->
-                </div>
-                <!-- /.row -->
-            {% endif %}
-
             <div class="row">
                 <div class="col-12">
                     <div class="card card-outline card-primary shadow">

From 356667f98904b77e230cd7e4fca7ac6805264c6c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 16:34:55 -0500
Subject: [PATCH 304/475] Tweaked PR to include the latest asset build changes
 for CSS minimizer. Also updated the default session storage to use SQLAlchemy
 instead of the file system.

---
 configs/development.py          | 2 +-
 configs/docker_config.py        | 2 +-
 powerdnsadmin/assets.py         | 2 +-
 powerdnsadmin/default_config.py | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index 103656a33..6d1dd0d5e 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -24,7 +24,7 @@
 
 #Server side sessions tracking
 #Set to TRUE for CAPTCHA, or enable another stateful session tracking system
-SESSION_TYPE = 'filesystem'
+SESSION_TYPE = 'sqlalchemy'
 
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
diff --git a/configs/docker_config.py b/configs/docker_config.py
index 347bc26ed..f934548ab 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -4,7 +4,7 @@
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
-SESSION_TYPE = 'filesystem'
+SESSION_TYPE = 'sqlalchemy'
 
 legal_envvars = (
     'SECRET_KEY',
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 52e8d2698..0db26d13b 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -38,7 +38,7 @@ def concat(self, out, hunks, **kw):
   'node_modules/admin-lte/dist/css/adminlte.css',
   'custom/css/custom.css',
   'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-  filters=('cssmin', 'cssrewrite'),
+  filters=('rcssmin', 'cssrewrite'),
   output='generated/main.css')
 
 js_main = Bundle(
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 07de0f3f6..55d28ef12 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -9,7 +9,7 @@
 PORT = 9191
 HSTS_ENABLED = False
 
-SESSION_TYPE = 'filesystem'
+SESSION_TYPE = 'sqlalchemy'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
 

From ff2b532c29947a0e55125559563331ac3abf5ffa Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 17:08:06 -0500
Subject: [PATCH 305/475] Updated MegaLinter workflow to ignore dev branch as
 well.

---
 .github/workflows/mega-linter.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index 9091dc3fc..4c005da54 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -6,6 +6,7 @@ name: MegaLinter
 on:
   push:
     branches-ignore:
+      - "dev"
       - "main"
       - "master"
       - "dependabot/**"

From b1b2a0c7b5c47cef099c6e098f0253d60857e643 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:08:24 -0500
Subject: [PATCH 306/475] Updated project documentation to use the "latest"
 Docker Hub image tag in preparation for the upcoming changeover where the
 "latest" tag will represent the current stable production release.

Updated the Docker image build workflow to include the new "dev" branch.
---
 .github/workflows/build-and-publish.yml               | 1 +
 README.md                                             | 2 +-
 docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 52649e6f9..8ef7287aa 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -4,6 +4,7 @@ on:
   workflow_dispatch:
   push:
     branches:
+      - 'dev'
       - 'master'
     tags:
       - 'v*.*.*'
diff --git a/README.md b/README.md
index cdc0c6963..f7c09d84c 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ $ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    powerdnsadmin/pda-legacy:v0.3.0
+    powerdnsadmin/pda-legacy:latest
 ```
 
 This creates a volume named `pda-data` to persist the default SQLite database with app configuration.
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
index 50b2c3c84..1e3ef50c1 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Docker.md
@@ -10,5 +10,5 @@ docker run -d \
     -e SECRET_KEY='a-very-secret-key' \
     -v pda-data:/data \
     -p 9191:80 \
-    powerdnsadmin/pda-legacy:v0.3.0
+    powerdnsadmin/pda-legacy:latest
 ```

From 913528d08f8d26cae3713884de1fa27cd81d7ee4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:10:10 -0500
Subject: [PATCH 307/475] Updated the CodeQL workflow to include the new "dev"
 branch.

---
 .github/workflows/codeql-analysis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index bba8c1f95..7f2f14816 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -14,10 +14,10 @@ name: "CodeQL"
 on:
   workflow_dispatch:
   push:
-    branches: [ master ]
+    branches: [ dev, master ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ master ]
+    branches: [ dev, master ]
   schedule:
     - cron: '45 2 * * 2'
 

From 2e61a1d44a3b8b037d27376d7175bcef4e7020f1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:13:54 -0500
Subject: [PATCH 308/475] Tweaked the Docker image build workflow to not be
 exclusive to only the master branch.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 8ef7287aa..6cb452e97 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -42,7 +42,7 @@ jobs:
 
       - name: Docker Image Build
         uses: docker/build-push-action@v2
-        if: github.ref == 'refs/heads/master'
+        #if: github.ref == 'refs/heads/master'
         with:
           context: ./
           file: ./docker/Dockerfile

From cb929c3265fa9fbc11b5346a9d1caa476c880acf Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:16:55 -0500
Subject: [PATCH 309/475] Tweaked the assets.py build script to switch to
 rcssmin for the login CSS build process.

---
 powerdnsadmin/assets.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 0db26d13b..cc1850a38 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -15,7 +15,7 @@ def concat(self, out, hunks, **kw):
   'node_modules/@fortawesome/fontawesome-free/css/all.css',
   'node_modules/icheck/skins/square/blue.css',
   'node_modules/admin-lte/dist/css/adminlte.css',
-  filters=('cssmin', 'cssrewrite'),
+  filters=('rcssmin', 'cssrewrite'),
   output='generated/login.css')
 
 js_login = Bundle(

From c0f1698a9af735113d155c28cc7428a2109fada7 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:22:42 -0500
Subject: [PATCH 310/475] Tweaked the Docker image build workflow to properly
 tag the image based on the repository branch name.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 6cb452e97..d51920f91 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -47,7 +47,7 @@ jobs:
           context: ./
           file: ./docker/Dockerfile
           push: true
-          tags: powerdnsadmin/pda-legacy:latest
+          tags: powerdnsadmin/pda-legacy:$(git rev-parse --abbrev-ref HEAD | sed 's/[^a-zA-Z0-9]/-/g')
 
       - name: Docker Image Release Tagging
         uses: docker/build-push-action@v2

From 7ef6ee4422dc270e8a59dd70d77be9e785d152f3 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:26:39 -0500
Subject: [PATCH 311/475] Tweaked the Docker image build workflow to properly
 tag the image based on the repository branch name.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index d51920f91..f76ed984b 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -47,7 +47,7 @@ jobs:
           context: ./
           file: ./docker/Dockerfile
           push: true
-          tags: powerdnsadmin/pda-legacy:$(git rev-parse --abbrev-ref HEAD | sed 's/[^a-zA-Z0-9]/-/g')
+          tags: powerdnsadmin/pda-legacy:${{ github.ref_name }}
 
       - name: Docker Image Release Tagging
         uses: docker/build-push-action@v2

From dd867eb4e8fa10420f0b92bbc24913665f263457 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:43:20 -0500
Subject: [PATCH 312/475] Added application version to base template footer,
 starting with the next planned production release of 0.4.0.

---
 powerdnsadmin/templates/base.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 0ba24cf87..5a47bd261 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -234,6 +234,7 @@ <h1 class="m-0 text-dark">
     <footer class="main-footer">
         <strong><a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></strong> - A PowerDNS web
         interface with advanced features.
+        <span class="float-right">Version 0.4.0</span>
     </footer>
 </div>
 <!-- ./wrapper -->

From 05e2f1370169f2fa2b049bf7ae7b9ec7a99635ef Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:53:07 -0500
Subject: [PATCH 313/475] Removed Docker image build line that updates the CSS
 asset build filters.

---
 docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index b55399860..43afea4b5 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -38,7 +38,7 @@ COPY . /build
 # Prepare assets
 RUN yarn install --pure-lockfile --production && \
     yarn cache clean && \
-    sed -i -r -e "s|'rcssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
+    #sed -i -r -e "s|'rcssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
     flask assets build
 
 RUN mv /build/powerdnsadmin/static /tmp/static && \

From 4c24fbaec6906e702587c0feb3d814d283deae94 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 10 Mar 2023 18:58:30 -0500
Subject: [PATCH 314/475] Revert "Removed Docker image build line that updates
 the CSS asset build filters."

This reverts commit 05e2f1370169f2fa2b049bf7ae7b9ec7a99635ef.
---
 docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 43afea4b5..b55399860 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -38,7 +38,7 @@ COPY . /build
 # Prepare assets
 RUN yarn install --pure-lockfile --production && \
     yarn cache clean && \
-    #sed -i -r -e "s|'rcssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
+    sed -i -r -e "s|'rcssmin',\s?'cssrewrite'|'rcssmin'|g" /build/powerdnsadmin/assets.py && \
     flask assets build
 
 RUN mv /build/powerdnsadmin/static /tmp/static && \

From 87891a3eb93d52c19cf8fcc614c6b4546d3ad406 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 08:48:19 -0500
Subject: [PATCH 315/475] Re-formatted the assets.py file to current PEP8
 standards.

Modified the yarn.lock file to remove what appears to be a dependency overwrite for Font Awesome icons which results in an older 5.x release overwriting the newer 6.x release.
---
 powerdnsadmin/assets.py | 94 ++++++++++++++++++++---------------------
 yarn.lock               |  5 ---
 2 files changed, 46 insertions(+), 53 deletions(-)

diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index cc1850a38..5e17d7f64 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -2,65 +2,63 @@
 
 
 class ConcatFilter(Filter):
-  """
-  Filter that merges files, placing a semicolon between them.
+    """
+    Filter that merges files, placing a semicolon between them.
+    """
+    def concat(self, out, hunks, **kw):
+        out.write(';'.join([h.data() for h, info in hunks]))
 
-  Fixes issues caused by missing semicolons at end of JS assets, for example
-  with last statement of jquery.pjax.js.
-  """
-  def concat(self, out, hunks, **kw):
-    out.write(';'.join([h.data() for h, info in hunks]))
 
 css_login = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.css',
-  'node_modules/icheck/skins/square/blue.css',
-  'node_modules/admin-lte/dist/css/adminlte.css',
-  filters=('rcssmin', 'cssrewrite'),
-  output='generated/login.css')
+    'node_modules/@fortawesome/fontawesome-free/css/all.css',
+    'node_modules/icheck/skins/square/blue.css',
+    'node_modules/admin-lte/dist/css/adminlte.css',
+    filters=('rcssmin', 'cssrewrite'),
+    output='generated/login.css')
 
 js_login = Bundle(
-  'node_modules/jquery/dist/jquery.js',
-  'node_modules/bootstrap/dist/js/bootstrap.js',
-  'node_modules/icheck/icheck.js',
-  'custom/js/custom.js',
-  filters=(ConcatFilter, 'rjsmin'),
-  output='generated/login.js')
+    'node_modules/jquery/dist/jquery.js',
+    'node_modules/bootstrap/dist/js/bootstrap.js',
+    'node_modules/icheck/icheck.js',
+    'custom/js/custom.js',
+    filters=(ConcatFilter, 'rjsmin'),
+    output='generated/login.js')
 
 js_validation = Bundle(
-  'node_modules/bootstrap-validator/dist/validator.js',
-  output='generated/validation.js')
+    'node_modules/bootstrap-validator/dist/validator.js',
+    output='generated/validation.js')
 
 css_main = Bundle(
-  'node_modules/@fortawesome/fontawesome-free/css/all.css',
-  'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.css',
-  'node_modules/icheck/skins/square/blue.css',
-  'node_modules/multiselect/css/multi-select.css',
-  'node_modules/admin-lte/dist/css/adminlte.css',
-  'custom/css/custom.css',
-  'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
-  filters=('rcssmin', 'cssrewrite'),
-  output='generated/main.css')
+    'node_modules/@fortawesome/fontawesome-free/css/all.css',
+    'node_modules/datatables.net-bs4/css/dataTables.bootstrap4.css',
+    'node_modules/icheck/skins/square/blue.css',
+    'node_modules/multiselect/css/multi-select.css',
+    'node_modules/admin-lte/dist/css/adminlte.css',
+    'custom/css/custom.css',
+    'node_modules/bootstrap-datepicker/dist/css/bootstrap-datepicker.css',
+    filters=('rcssmin', 'cssrewrite'),
+    output='generated/main.css')
 
 js_main = Bundle(
-  'node_modules/jquery/dist/jquery.js',
-  'node_modules/jquery-ui-dist/jquery-ui.js',
-  'node_modules/bootstrap/dist/js/bootstrap.bundle.js',
-  'node_modules/datatables.net/js/jquery.dataTables.js',
-  'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
-  'node_modules/jquery-sparkline/jquery.sparkline.js',
-  'node_modules/jquery-slimscroll/jquery.slimscroll.js',
-  'node_modules/icheck/icheck.js',
-  'node_modules/fastclick/lib/fastclick.js',
-  'node_modules/moment/moment.js',
-  'node_modules/admin-lte/dist/js/adminlte.js',
-  'node_modules/multiselect/js/jquery.multi-select.js',
-  'node_modules/datatables.net-plugins/sorting/natural.js',
-  'node_modules/jtimeout/src/jTimeout.js',
-  'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
-  'custom/js/custom.js',
-  'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
-  filters=(ConcatFilter, 'rjsmin'),
-  output='generated/main.js')
+    'node_modules/jquery/dist/jquery.js',
+    'node_modules/jquery-ui-dist/jquery-ui.js',
+    'node_modules/bootstrap/dist/js/bootstrap.bundle.js',
+    'node_modules/datatables.net/js/jquery.dataTables.js',
+    'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
+    'node_modules/jquery-sparkline/jquery.sparkline.js',
+    'node_modules/jquery-slimscroll/jquery.slimscroll.js',
+    'node_modules/icheck/icheck.js',
+    'node_modules/fastclick/lib/fastclick.js',
+    'node_modules/moment/moment.js',
+    'node_modules/admin-lte/dist/js/adminlte.js',
+    'node_modules/multiselect/js/jquery.multi-select.js',
+    'node_modules/datatables.net-plugins/sorting/natural.js',
+    'node_modules/jtimeout/src/jTimeout.js',
+    'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
+    'custom/js/custom.js',
+    'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
+    filters=(ConcatFilter, 'rjsmin'),
+    output='generated/main.js')
 
 assets = Environment()
 assets.register('js_login', js_login)
diff --git a/yarn.lock b/yarn.lock
index 566bbab7b..38a4fcd87 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -47,11 +47,6 @@
   resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.3.0.tgz#b5877182692a6f7a39d1108837bec24247ba4bd7"
   integrity sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA==
 
-"@fortawesome/fontawesome-free@^5.15.4":
-  version "5.15.4"
-  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-5.15.4.tgz#ecda5712b61ac852c760d8b3c79c96adca5554e5"
-  integrity sha512-eYm8vijH/hpzr/6/1CJ/V/Eb1xQFW2nnUKArb3z+yUWv7HTwj6M7SP957oMjfZjAHU6qpoNc2wQvIxBLWYa/Jg==
-
 "@lgaitan/pace-progress@^1.0.7":
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/@lgaitan/pace-progress/-/pace-progress-1.0.7.tgz#c96fbbd9fd4cf528feed34ea0c8f9d8b3e98f0dd"

From 5ed8d0c2f07e498da074bd698f9834518bf931c8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 09:08:12 -0500
Subject: [PATCH 316/475] Added a resolutions entry to the project's
 package.json file to deal with the Font Awesome icon issue created by
 AdminLTE's dependency on the older 5.x Font Awesome release.

---
 package.json | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package.json b/package.json
index f6724c3ed..42f866db8 100644
--- a/package.json
+++ b/package.json
@@ -13,5 +13,8 @@
     "jquery.quicksearch": "^2.4.0",
     "jtimeout": "^3.2.0",
     "multiselect": "^0.9.12"
+  },
+  "resolutions": {
+    "admin-lte/@fortawesome/fontawesome-free": "6.3.0"
   }
 }

From 22370d0a57df06b03bf932dc6c721a09ccc8a3bf Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 09:30:51 -0500
Subject: [PATCH 317/475] Added a CONTRIBUTING.md documentation file to the
 project's documentation.

---
 docs/CONTRIBUTING.md | 88 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 88 insertions(+)
 create mode 100644 docs/CONTRIBUTING.md

diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
new file mode 100644
index 000000000..df50ba2b0
--- /dev/null
+++ b/docs/CONTRIBUTING.md
@@ -0,0 +1,88 @@
+# Contributing
+
+Before submitting new contributions to this repository, it is a good idea to start a discussion with the repository
+maintainers on GitHub through the use of issues or discussions. This will help to ensure that your efforts don't get
+wasted if the submission is not desirable for the project.
+
+This is not to say that all contributions that have been discussed will be accepted either. As part of an ongoing
+effort to clean up the codebase, some contributions may be rejected if they do not meet the standards of the project
+which have not been fully defined yet. This is a work in progress.
+
+Please note we have a code of conduct, please follow it in all your interactions with the project.
+
+All pull requests should be based on the `dev` branch of this repository and not the `master` branch!
+
+## Code of Conduct
+
+### Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+### Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+### Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+### Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+### Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org). All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+### Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

From 16de70008c4a1a11a109de4b475ab29005e06276 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 09:32:55 -0500
Subject: [PATCH 318/475] Updated project README.md file to include
 contributing guidelines reference.

---
 README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f7c09d84c..d3377dd8c 100644
--- a/README.md
+++ b/README.md
@@ -72,7 +72,11 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](https://user-images.githubusercontent.com/6447444/44068603-0d2d81f6-9fa5-11e8-83af-14e2ad79e370.png)
 
-## LICENSE
+## Contributing
+
+Please see our [contributing guidelines](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+
+## License
 
 This project is released under the MIT license. For additional
 information, [see here](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE)

From b8ab0d3478364745fb93c5a6dc8c00fa384d2c52 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 10:21:36 -0500
Subject: [PATCH 319/475] Updated the project README with a refreshed
 screenshot of the dashboard.

---
 README.md                      |   2 +-
 docs/screenshots/dashboard.png | Bin 0 -> 201221 bytes
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 docs/screenshots/dashboard.png

diff --git a/README.md b/README.md
index d3377dd8c..5d07f932c 100644
--- a/README.md
+++ b/README.md
@@ -70,7 +70,7 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ## Screenshots
 
-![dashboard](https://user-images.githubusercontent.com/6447444/44068603-0d2d81f6-9fa5-11e8-83af-14e2ad79e370.png)
+![dashboard](docs/screenshots/dashboard.png)
 
 ## Contributing
 
diff --git a/docs/screenshots/dashboard.png b/docs/screenshots/dashboard.png
new file mode 100644
index 0000000000000000000000000000000000000000..e9d6ff105649dc2bd3a985975f28438107b73b71
GIT binary patch
literal 201221
zcmY&<2RNJG8@BFNjbDehR&`LdTeG%SRZ*ihF{<{6s99pPTC@}uBegdrMy<q(wAE63
zMi6^N#3n{ae6R2OI{vx1TzTKudCxh|bDr}&_kExDI$ElX^lbEWbaaerk00vN(VYsU
zqdQh|`Xq2=z7tsk{5kINKu!NN@bN!w^A7mV>ZxMvsRyz1^s#ccrL%X1fNh05tle#G
zT|FEio-4;N3cy1`hYu;c+gf=#LR_!uJA!TL^sGFu-MxEF)5`st=p9k9Yj^L++?AFQ
zy?5=t<~0>PeLX_<Z92MZbZQUp>%UA{9QAprZ$N8a>q5sq@q3_l`eV1OZtl&;pA%Hf
zAO2T|I9*;_ORC+gcn%>II$H}3>gem-S27BJK*vHv<8&UJ<+&~|woRjbvVp1Hx_%~;
z5-86u>ai?MNMp6x@?CG)=E(NwIu4=}cF+h)^g+Ub9{<13D|dAb4aDk|4e_F5zpv5J
zxt%<bvUK92EuJSLnz8ZTS%D*e?!DS*W@QefhSbF`Y2Rk}bD7Tm_D-?GASluI%<I1o
z?^~oIC$>F9(6cpM*YEs!_|^D@ibCE>@ZN{82Er8EpX+oPg_`LKqY!BP2@K)+pr3Hb
znZNh=v#)KEFVhUwR-q+f2m*!j_g04B&&IK-E^WRY`E-7#uKcQ_f9@&0?nU|t4`0<8
zYC+t1SOo?p*z!s7f_QtQ1Vp5a5?Og?THExLlrkPP-n=;P$$z6fDdqk*QBA#2tCV$l
zZ7-%j4bk1xD`}uC#BLSnuR{4VOTi|voRJZ;rEz%9V*8UJWbRj`{2K_Ij#)>O`f!8E
z3r049>4!<W(OlRV<x@6S@`9Bg7|1rf4o=ZhgIO7tJWE`?{HN`&Avxc_L2Q-BgTLaI
zyq&j8z%VevG}57Fef{Ejwmg|N#u>MJHnZDj&zvzZe)%@bn&faW#%-JOSWmx-O??cl
z2P>vTCbh&U`q&<Q_TBPNyL6Ys>3Q<v&jf(m*8SCFViNMe$vDKLjw=#Q1L~@JOnf&A
zlcw0k6B;L1Wyi!de_|mypV=h5W>${?59mrfe_j=^;g|YYBi?-GDvJfXJ?-zjR@24R
zO`)=`7l83VU!V0)zG;z(@iP;`dw#UKGF;(Ym(qFd=fHaroPU*5Gas*j2GkpD^ropp
zzt~R`JYH{MV!|5!zL-R`F@ag>e}=(Z|LHZMPCa!EDoT4W{^5e7(?DS{_o2y%yt>#T
z1H5}!NvPHBlKa+R6O5_!&=5U6lVM*1xYC34h*RNH(Wk-Mavs**ZJzcMf2P4r0aW8|
zTeFwoj39*T?+qiDc3Xqe(h>?U6f|RVeyWTq$f8_zQ+H0%pFS<PT@M2$`{H;;jJJ!)
zin(64U2)ut8=8Q_K$k6T7+Flj{<KS%QmVzaZ+L4{=vj@K`dD&Ko)G>ee#8|H{M@*K
zFmNllYIW{uIT%z@F9!il&lP(;TXC&14*|c${B0vpq|gOHn7WSu<A>4C$xgV)?ICYp
z%U-P$C&C=MO2Dn1?QueQy*z>Owd4Wc)&zO$$o&IWdipa@bsm3)Z7=G+xz&LVaB9YG
zq#WRLLbd}>Y?Lki?c=MnCW+r5zKCbkkOp7hn%1@s13%M3Caw{YHupB93*fiitEW{S
zJ}U4YrMMqI{_76I3LFd?u6K<$HS510>UhbO6O1n(5zbA2tVek-4)`3lNkYKpQ|Obv
z%!!X5_n~vQyIJ)MR&hx1gXe!oMM%{v*&%Z=;bp$~pn`+nuyC9&OuAb}f0`kVK^ZSu
zVnBV=VUtAjNkj^E`83{9-#WvfujBU4sp*H)^l-dWe`W5IzPPsd{12NK-0RF_Jg=F&
zAhWBlGrFDe`Ws!$KC3eZw&^W_x|>nMI2c%?rbgOntTt79Fv)N6)6vxXxuFd#=Pq8%
zDJo(xC_N`+uk-Oi<98Nw1QO|LCeY<B$QnvCPtQ-<nVA$hvbH<j+IG_E$0}*_hgg?0
zp(KYtQS2A7zfW6^AKsSBo92687>-b%`{Pz$YY0oI@qx+4uz=yL>};<U^tL)|%#S3L
zo0GF+7XAKxkNozCN7I0@g@Jcd>CBk`9zI@KP-dnT&(Z$Me(OR*v|ap&z>UJ%UcG39
zU!(&h+3E^CW3-O9VcvrW%C`8B$x=ll2DXfIjinn=UVwvXX!K<^@|o_m-JtH1viMC%
ziJM=k+l9(?NEkN=DJmu!Umt`?C^gPapX)HvaxKw52wwG^Ta>2w_u_cw_DGgZpP#-t
zS$ps;%zxNAD_deF>6=qeQ9+?WY2HoMD5s(IcuL@$i>-}~zC%Y4tC+gEj8E@@UFQJY
zGC=Q}ky+J~Fy(XSCf(~s-9P2M3uv?7-&q^3^MQmk{b+7>p7|A%@2K*}0eFq%Hsf<H
z37Nj+l7fuYKU^h2+G{d;zm;N~EW14TrhmK$c^d-15}O#4mvr}TJUTaeb@eo-y#JSn
zPzQ(VUhN#dd))de9)$A3K+LXpt!@;@(`QN<g+|f3`B9t_3!Qiaj77@$olP@1p|!91
z!mZXjnkp)fK6j`TOFZB4TJUfbp^~sTubE#x=dDj}t>pV|1P#!RozjvCdg57`#<ur`
zBTqTvlE_mhrz9tAc+Xc_05%(HB)`9-*V@@Bj5B=`9Ngbv4q8%lQyQ)HRv>+Y7#b$f
zwk8_OT|mCRzV=>1e};OmVrqI?!firnW#j&vlaAZVqb$O&WZCymVrGZtYG$rzv~ndR
zC+D-B!>YFvy=yLVoHtxEpq#sSo*#ubxbcgTiOKMhpD9g~2V`qR9Yz*ckp}i$Smda6
zT${fX4@zEB_lS7baRD(gg!+Jgp0TUO*&x0m!?ZQ(6ED)RiS?t=0?Y^2T;BA6p8O!7
zlfYE<bVxDa+Dg$cdUwOj#Ed7cCjDM6>J6hrhVV4o{)<&kJ@q4*rQBW%gBC}QFlo~K
z3YRfHACe@%S;crH+_}i${ef0n_DchCt*BP>-{W+<K3L~ddj7(N_>Uj2si{ACA}8{|
zvH-?{;R&|FcQTvEM^}hy|2hX!O|bQ?i`%NM4t7oes|~bt4ol2<*VxE#j9pSydQ~pk
z%Y#n<UlFArFyiJ=7?N&Cuyvfy>j1ix=%ino+1?%i%NaDi%O*3!R#o#kK1D0vdu0r<
z67(r|R=~)&xnXPltc>?!by^^e2MDQ;7|Ao%%+5ViJd_nE*Gs&t*J8%r3THOKf`XES
z3@xCWzho-+Z)FVtJ30sn#u<%2!ItEVj=eYtTr&|eL7JVtL@Sha#h7#?iTAvHZ|N|$
zAClXU_fsRGz_;%f+aM-=7zNJ8I^%pxPn<YKB=PlaqV|@bHg7Fex|5T7$KBOp&Yf%R
z=)lsb4cKo51qBpvORs42C0wzFJ$SrE12Ir!0NA9~i?}GY6Nvz+Hij`hB^e6My4O^`
zB#LrMo0hxR*hjn8LT5PHq~}CxD~+_xeRr>^ybW`1LoWFpG)BiKct0>=Zg@aFPx&?J
z=0HxWO1iVAk^Y4;E~0?Az}rji_Yk2}3Yj-N5VNO#PKMN5EDf9Gq>PveS(HDq3?xU6
zxcY=xNc}b=T_@+-+S=GFsk?W3@D`gddK3s*dNR{EOWQ9(hx^phVENd}CrxLgIOk;{
zk`cUg{Nw@EWk}TKWv@fF8#;7_)|J}{Dz&H=#P_cC>#L<rtd)h)u7i+)pCnX?MAq6$
z98c}R*xjU^S(}cejaY8SQ3~S%wjwMzI5;jg_NJQCXko7VhC8;_;A}dy(qT-$rlw{X
z84$)@;F>z@w?7%QFkd#Ev`M}=J2yw{9g`=|AIN_WQjjrhj^f;oii~{Uqs&Y*P=m@%
zZZv6vv?vxGmOBxLOWYeQvVJB|v#~!<2vlWDk{rGF{L?@Y$kOg(4e+hX8UF}p4vlO`
z6D@APh7runyzYdbyAdEum8}_dEjB?}nAdss{t)5a+efinHZrp2qUAs7>u0VA(tq?Q
z)D-1Z@Kyn>k-C@GbCZP~q_Ht4qBAPv<*63E%qG9C?OtOR{^4DBk+fogNng|9aLdcf
zH;IH;t=h4Kj%0)?PI$Q5HzF_S;EfCtlHYc6%cwQx<`^dEk6BU_fjtCU@9V+HCjR*S
z`}boRD2E9FwKHeVs6T$(y*N}+W!u)`QB#rma1~k(PNNzCX-q1nts;LBckaK>CnJ;F
zh@O6RCdgvIXa%;(QMR3sp#)@+W$|1wzD-<XJj(<oSq#brzU^+dwY6bOmXbG)S!(YK
z;J0irKMMoTz6}ZC=NHvI^7=^OQ*^B#d9frywh{-?NZ^;3H-~NJgCGfFzY0{F6|#?=
zlD9uAva@R>zut99{Q01c5U5O7HHrgU%gBz+_YskB9)3s~fPCbxa>YJ48)T6~3)s7@
zAgl%5_T_&Es&pvn0HJ)92V`CARGOo>aIswt6Y`ecz#8@=*5rGVxk~zhV76@T0q;x|
z_Znu<Or@D8t~`AT-R5a47y3C+XfT!3N9-rWHuPSImd|NB#n`>A*v{{j#$|W#`BF!+
z<0=ar0mTU?C08o}%R8&`0&gq&lG=j*3)K_Hk2~!0Yrn)ipLOyg^_mDJN%iG*gd99`
z#q2&haYCBBxpB}Nm0HKGRx!7qbFMLTp|$PQZYsVUEKlqA7~8%pC--Ctk2IJHPA3nu
zPuE+KH?*S-P{OHgEc*iy(S6C&W8~1eil7vPlqD5j>rLFOV-9SN=CYg|cY7ZlZ6D$A
z+um-5qtF%fShEVsN4W6XX1ts|jfrhWF<l1Vs%0q9inMJrbTF>=IXf3DqWaCdJ#@0q
zVybO(Q%tj>JuvM*oN&*wcilxcHerx=A`4nYeh0U=*@QUgMTp3kHUpkp>%E-AI)0F`
z#-;g@`{zSdgl|Qj=_dX>WL`kc6$R?U?A>PyQy#7Jj^QpI|DuL;0rmv5!@Re@-cgT=
zv?++XDqk33ii(?&j;OwmehD6|R)bySG}r4$mcT}PTtHjdev_AU8ObpeO5Q8l9bB7E
zqEVSyD5Nq$4c{7HdL|~}7ed#*W^&5<5DAu-h)IYNeSQ5n?gNOGg+-c0;1VPH?lLE*
ztoIWjAoc{&s9DR^OP5q0zJ=~db1<Daabnk>rMP-|Ah&{vOJPx-_a%9_3P?N_#;Ph%
z+K~%bY?iMW5b}E2DVH8=Xb6z2IyKBDHWZdeh|-O_`M&QJSX%2~-U6b4KOf;02^_ER
zN!QNx1YW(x!;5%CUf|_C``Z$9z!p=9^*B;D?}InY=qp%UWC&4t_;T+`==HFhN<$`z
z^o(b>r8GlkZ0uVmPv3sZk`fzV{7Namixs2d4c#JDh}<G}XEp*6K*n#enkhf$*OE6>
zxwY2INn`zZ&`+MFp_?rgES223`S}8Tj?t!br>Z)VBxAV2<7IluC|AAY2vf&_lyqR?
zFC^wQvhO!x*FIpV3CW&&LQ?V7U1iqI{%KtDensC2tuh=;(r;2)TRZt*6i-xX0sFR$
z<;YW<rPRZffYld?+r~)$+yo)Zf|Fztk=e*B@2v*30LX|o2V=W#i-~C*qwvh<oofte
zl9SuwTf)POR#)ACC911<Q2TgtGUPyhQGK{rI8}H6*a%z81+g7LmOjhsh273VCG)He
zwBgiFr5dvm_4edxy&)P@Wmfq26yD=PlLtUfJy{_qnK<SvupUoOfPui3BxWBa2^m||
z<MS`MS2cmNl>RIf5~4c46LS&!VGVte?P?}a-x-|Wx69c}=M@t(Klc=?Zdqz|(Yd@T
zV2^3($#6g~lp^0Z*aiCH+IZ6Zu0sY;Jy*F7JpiE~@V43BCe388>33G{_c#vI2T?Jx
zD#Tzw{*&aAc*H>5Cow6h(uW`wiO-hWp$tnMrC-Rr5<;4NcK)TLFlOu`7lB_&YCC7+
z*3ww^i<Kx`LNVTxq$%|olCD9fGFNQkr*g+OBF=KicpAg{bM;gKza$e!H3Iy$`S02T
zTX>Z#^<?61kY&8Q>XqLUL3dkIT|Hb^S2r#$ZpNd?b`6|<;lhO~Fdj+I72tcz;P#Ht
z-o7R1L>1=9k=L!Q?H|E-1<>B3M+P{cd=4)#M~OO<V-oz#u+9(R#+G)JGuU?}20DR7
z<qH9AsB@K-2e0g*gq`Z@^EkHth^`fnuXv>E=t;(gDR&8{ew|`dWcRQaiN_cDnu&?t
zu<;}rTV!$pJY4>BFYVIEP0<?<)ath5JZxEF-5eomy$ceg)<r2&bIoD4%viS-E%S0-
zr-opOe4guyCZ5C=a0;|sxRIYw&grpTV(xiE-h6t@cRXL7Tm0cRb=MV$pK3sq?~d75
zCj?9XDau|I8p>@7oes?XzPfG36p+h5yfB2grY6B~LMC;%3S4m`tB_CbhI-U1x{%N?
z0Usal_e#~G?&TFMY?n&v>*Z?9g>7^4`Gm-yj=l+|NBC(Yn?0mCW&DltK8yNYSIx=P
zb`zPG-4{ZEwO~#T6PWR?BjcxR$7n!yXXNTyVv2OgYl>udT9?w}Q47=4^}NTUa=FT>
zpox*)sTZf`zg!01V=^D!JKwR(*Tef*l3|)VbFYQGIA#zajDE;21s=%j0JScXyz3;^
zB3k@bA=`Wo&L6v~CMKSZ2Ca-H$=jD0mTVP2SsrXi<>r(24NBZlRe4mX5@BchW%Y7#
z*Z4y1=hQmyf{mY?<hA^C0cl^%VJKZ5t#w$~T=Cq0S;*bR+TD>PAx|VVCEg9(-=Pm0
z{Mp=Gp(6g<iSFeC_0-<m24Dpd{Bt3%^_T)RB5r0|PgjaK)-m+yw|=9R+d{Wh#?T(g
zH*O;M<V4l;8YdZFN1RMS%CXds5s*S{<#B1=W&mW-h8!6#vwdT8MbzdtP*6z^nS>*7
zpZmSi)KALMrq8hLttv`v#T@jt4|&9;rDcx6H}(5&MUrP{O1<v!{KVsC-5oa)iq+>w
zH4^ZL8)H50Fz7d&fwvMpof`8x6t;I(W4ks7m6;b>nz?#`MdfrrI~HDIqKAf(`+>TQ
z!l*{Q%bDl5HGiw|&P5j10&lRe?&0dOU$KaU`uNw(8CSTX4U0_>OiRO*6cG*%j-1sm
zcc@DZ&`N897O?M_)cDpET9&2>FArKkx0m{~-=A$wsdI*Fi8AU%zy&v;0c*XpY<FEg
z4<j9m4G_3PGfUX@r~0k;gvC{_+S}UNB8<A0>Cc`Oz&ZbMQ@U2`l`-^TgaSg=ZM7tM
z=$7v}iu%vsalJzRDxQ|r<Ml8OCcPuCUxyc3C^IIDZ+qjb0wT<OYh=6yRra=d;$=qX
zyacGoQz38FVGkN_^nY<Y3xO__Wy|>AF^Qt<(kN$a`S?QpJ*1~~CSVUHv6V>h8vW?(
zIcxjo;ygqD@+g$tRP9sg;@eVHg8%Xqj5o^x3cogB@4(|AgE<OlD4&Fo!CrW3Rh`ec
z!eRQs=HBs)jIKm||Nh-`X8tLaf`^^AKLY2ub4|x5x?UOSVry^fywVWxe=~1QvyA%s
z^>h}wwYC<gzS?+g{MvMZ-}=zy!vyWn-Kl$9F?~dRAPY^BS(5EYkx-T9mA+gJf_KWq
zq?JVG>R%PHsC{xXl+gfK{FP2*Qz6s(hd}CZSc(`OOsaFr2AUlvI$*rd{Cia{{%z7X
zqVm66!p|Q+=2s^h6~M_-kgby#5Hha4;`#IEoxg_pTjxi_z9ny^3GN65jv@siwk7Kb
z4<USOX@8Xs2)VU5l6MI#^YWO!kwqHP#W*_wEc5G5$M>={_Fv^-@aPxQ4pS7|@yad>
zdfmS(-FiA{)@iuBIOYERF|R{R5I|nrJU@vt01)o4_5+JM10QWZ<*l&0!G!X)y)>LA
z%)V^GeeI!tk>%U@m6hUZy{+-I2wUo1?Xleb4^u(Iy2ZmUh8uj*C~c)@85~SuS~<CX
z-%a}Bh;Bd`_Uqh#*TNdFs{u&Jb`5YvT>iQ%<xE$#QhuK-p|d#oA}2^SO*8$hk+RL-
zL}Ow*V<FhG@gu|T$<ok^7df)Nd^x=|QriQ~y&ro?eXLFcz?UAN-0DV$lPi@Yld851
zr<RA2Cf}}S0{K*Ye!=5amzmPP&Cv-z1NP2Ku3={X(byC+oo%YvfakDV9VA<m1ORQm
zc=c)~73ys`Z#Fq2f0!(mOnm%r2wBVtl5AzYSoGORg8tG}O%QFXbL_uQ|ANsc+Iaye
zUumHfBemHv{&MIJH%RxTeq15;-9Q2v;kEA&KE)>f)Y}`$#PwJhhi2j$EG=qhz&iKq
z7c@sXwNbF)MHb5Eu!Sv#_vb*|i$VlHfq%jJ39}1sg%_@@AFoT}Rq5K6uwh3M62Tgw
z*8zBLYC)>^8x`uc_{$3WAqpGQcxuLd7Jw%GL^ry&g@B}la|EU8=-AA10c50xmjadx
z!WA9bKrDG`40gGw&wlxg>wCAqi`?w9mh_I$vl&7i%;r}d*cisZinO`n9r&MM3z7vS
ztCavIIkeud84>1GOv(bF#zMoJrdE^ZU^yv^g1Po7-D@}b0KhcHDoG|#P(>o!xkdcR
zissp13+>z&_jjBrMgJPZhJ`+mvGKO=tx~BqazBkN6sU=L-;rm~yP!L58zXTxYI#<-
zW%7_N%I<X|0H~|uZC4wW#}UW9G*+c~J=2PwIa=S%;S<LZCe{;B84Z}pe-yScv4FE_
z(5_vw;1{>lKnv#ITLc|l%8FL;6z-1AAkqgx2xb`63vh;ZQOF!Ti(7JAp&0K#V}TR*
zIOwC_#R>5h`c<w7g)6MPP8QwBEVa2}7t<Va-=oJ2cYEw_gLIeQ@eeK3IPiSA-Xh7+
z(y8byb>MHQy+azJnIO5vf<A25+WZoBfA%H(c=H&$FTzvfZ3F-335ojG?mgtcGyXNC
zu(flC{Ht`cO8#|`5aRI;$ZfgA{EL7m?PC^R^>UQRRmvqs{{Vr&j_=)42Q~Wca@dBy
zy%5&t3AV%#b`reggX-*AN-09~&g!8&El6ATJch<~yE+&uJDmHQf-m?!=)NmRhX~S9
zSsWc664Yfhb3xN?jK>-r(c}5cN=^7b&1J!)=@`ST2w`<;9|t7mL+bN{hLC*tFSZvq
z%i@Ey+yc8zpCbt0H+;_?vuq@M82>Jm5qTq|;pF6Bi0{>Si24akt^w5#;ZJ>w87o=0
zsY_TI8W_6c(&hUV#*NorCdJa!MQtwW?<SmnV{ik=fFdJGx&9g0#lSb?vEc1RIA&D}
z6NT#>ZvfU6e*IykUEmLAe5gxfAC7%2A*FtmV?1kIvyo7{{em?UvTH&A?H}4~Lp2xW
zCoIIVB|UBgTf8w@>H;x#Ha>y<>K*vl<sxER=u_#nMWOX}@%>Gm7@>43#|1N+(Z8K=
zyI#;M7AVhy_KwMabl<#`0a8u!6&6$cQpE_F0r{aJw2@E<ViKQe^I7B9U*Dea$>^Uz
z$>HVqmh^1e2*C<zUvaR-?;cQeHUnNP&#aBC*Wvs))GA?dmUmM~yGn%R+uwI~O68la
zfed#93LewBsD~~QoiB%?yrpkiwpdO$?^IqIT^|~k`RhLu5A^L;L1~5Kx_h&bJu|mC
zNMJVaD~WYwE5wa52#sNEBOpN4P-R}@-oHlHx3%9-V56xkfD{RqtNV_Wrtj<UyO%{a
zgo-uzGKH-ER4R0@&YCN^jPAsG^P?AV!oB%6br|IHarJgRnIMqNUX7t$GNevh;K*I!
zXR_Oiig=Ab15uL3exOIJetPw$1=@x!lLINh5s(<?+4QoHkWi4HF(~F5y!-OyTGJkh
zuC4Qb{!K?~xqgv8x}dx`ErNf;W#Yzl#M9SzhQ@cwm;YJKn9H+Ffo%*P8bp!Q911G@
z*l_FdhPOZdv_jYEW2YixBxx)^I_YG)a)16G<2=yGoG>c%H};b`I-!>s+x;)An5ApK
zZ|I39Oj$=1wr}<1hyTyr9NllFo=%gHHQ&yQNB^PUE@#n0$Y%YC_b{l!6cN(#Kizm0
zE|WWf`dV|fFpWg|%ND=VdrAa`Cve&b@qCX^_+a9n-fd^J29F;lJfM5>KUZ^F-;5ts
zX~c=0J9=U3FR8eLmH~f*Jk1w4erxd$&qDV~?Bf0<14Cny$i-VD|6DFlU7J7&zODb$
zKRTTkb3+z?ztT<g|F{3Q^{>8B6MtuiuG8cAKQx?M+RdGR+TP&!Ci1tT6vFAie|%I<
zb@l8-u-7PAiqGn+ZPL!q9Qx?dI!OBYlR(XV1nx);jm)?5B1od}O952H_LKl5{LgG@
z1^;g!j@WO^A;I0fACSMb0DJx-5mr|e#*d`<Du+gP9|8cw4<0<Y$a=1zDUz+wx_PVC
zrCSMLJJM25{2tsZv8k8HiwEI)Fq_APto&Zls7)npRBcnL+@3%*3Vv^M>wK8xNHWMN
zy*fyi+^Yn4b%hwT$ZP+sPYo@h$mu{2(hyGH>}fRn`YC|PGf4oTHXFQm&4cma7eAYi
z-jfA7ppW+RGC){p3d1!{F?053{fv-UPTdxt$^((HIK9rT^S@{4E9;#}Q@G?f9HG{@
zevy@%G3me0E66Xz)giYg{y>ehz5?ebE){PHed@ZyQ26S#*kULtj5Lr8*;LS$hGpey
z7|pkpHt6d1x}vF_b?Re5O4|psUG^{Hf7@fi6LHlA;rdoz>boK8CHyGo5lY*^QSmP?
zN`ecoy%*G`f0>v40L3G{Z-cj&Et6Y%0lgpZ+Vcu^t+Gl;qZJ}@+KrPbY`cxOzhlKx
zPH9U@@s*fBtzBhFwg1N^jF{Fj%62TbW~!v7B29c-u(Z8V?x*(t__PT8(=ANoZx{Jo
zjoJ1jx`m2E@(F}?Usob^Hm?@L^*KpI2J4!lH|}zKpViYaO?<A7PQt&Vp!UGqY4Zae
zr@BarNVk=<6)bak<rM#xr51H9LW#3w6HVw5R1Ts@Dpk>D^(%0x6r1>!uIfJb9B2cx
z4%H|%oC?>I@@L7AF9^X!+o)R;Wcn#W`Ohuf`6siLie-&IG1jAhWRiGK&2LELCDED-
zoOw^E!@N0SOLhcx?utlbNpF;>^?Qpn7iy*9KIN?A2G`@z>y6@V441<#H%`_gi-S$h
z9%Ze2{L1X<<m6<Mlyhhx75skrVDDhp3}I3cO50vCI%FQ@ce<@v(&}zFH8(BLpeu%i
z2wDDa*3T>gMx@bg#eM)@)*=PGE<Atb%I5><>XD_9Dh)hpr8_L$zYr*B-S4T>Ko*<$
z=N-uyCDH)6yT@9U<-ZA?>`+Fp4udxm4ij{k4Z_Tf!#Yk+JZSR4(olsFOdsXSNnRLI
zRxYV|B;lmLjS<c#e0XgcXr5D=_XNAOgpUW<wMUF>4nN*as#jO~B$f(%o$T((ZWiAq
zl~zp<EWLJCtyCU9{H(m^UF-OR?9`j{qQDxAAE^JaOR*Z@01uU`B$}8U7Okl=Ui|=J
zgv|&<>o&WN)f<Qr+6Thp5pnMKRD6Zu3;j_B<8P0Tx>4@{5M}(8jm5Jf#OCxlr^Re$
zgyr~gYOO<=0@Wo8xioma@6INMwa=fXa7o0ZkgqS#aXM79wX@}^nVGryi=k_bHFHit
z8+^RH`R&_>+M~nIt1LDnc;P7xc0C63vGxmvonv-RF2SG<=i#LK&i>EDBegjeB~Gf3
zONHDWOv*EVD9*Ni+}t${JIWEVv7{lkx&NIG?VhM1Elk{k93#&?4@+AlZEg8_#VBiU
zdl54&T&WO50TjcmgZ?E)c3x~@UfGdUQY#2mzzAzkzV03LJwlnj{MyvhC@qD_k*J{8
zT+WF0@k+~5&gGqx@g!{02{j0GL8E`}J(;a$q>73fJ^hw;$M-9*R#hq3d7#+0^;dja
zYEY9TXp2-iItrNwb$&&OpRf);_0`}UO<gz48_dGOlH1?^{aug}=J;%l8A}pj>~6Nc
z5Wjj?!%jJ>SQS-5A&jr!K2A#Qa!z~7kOzV+2GY=bo6)LQ;oza#_4WH~d-KY*#I2Zk
zKlz^ln`8GhX?BGG^_1T(IiY|2<jIAEWY_*!ZAHY)j7_mg#UlV>UbV2SvWv6`SYlin
zt7yhwVq?o{Zx;k$@24awmwtd0_QDG_92km<Rd|jc3j(4ao=2_9+F9WCZJj!wm7aWA
zAIH{yN4D(&_P{s#ZSEu@!J>NvfS8w(kuE)luPTdH$O;VDi=!l6qOC_XBvOijwr1R3
z(#GfJd$N;cMV@Y47VIBvzWOwM46Xh__QefzZH0{#fT_RUvN3d#gQJLgifO)XC8(QO
z%$@{Hh{Q}ZZs&un=ln++b(r0>+_L~B#LfK>2)qD*H$QzQ-D#<oOxf1xf>V6qNeOuc
zefcD^)YujhKyzE!DW(az2lZ>nyrAvW?OK2-=}fH?KaA8KTPfqVxxb|$6a695xtnHP
z)5GU_jc}Lkzz4XtV%#O^O_GHk4q5JbuTO{kj88$A{!VTfv@T$do*CA_8ABMA^mFsj
zKrnrR(eKG8PV@>b390EuIH2a1#K}GUVH62(M<BW-;-3iB2xu2O`<DMWgPSYBCTj)M
z_x6A8Ob~|5?eebzn-eAI{O3ki-6x;&h2)L=Rtn{?^xJYlRH-mQ5M^^%E(E&JwW$Mv
z1H03g@UfravO?b=J>9sy(Q=@gmlBs|IdS9*ere0)a_Ygzoez5SK}G<E1Q1OQt*AaU
z_}Jbyw$Q+tUtF8)^pwA0!xQ*p8|8>C4`J&s&F|UXH&Bhb8qZy9QK!|pul}=e0>a1(
zx~#)`$cQvfe#9>gEL4&FgU7$VQUaVtb+pb0`^CA`pbiPX2t>AQ)u@GC_(8F4TY~d<
z`wLz}8Al2^*-4z+9sLjh?DbZ8^l&~t2>scvBS{_BtCiAyIrbK5uxvWluq$wNve_M!
zK=Z^G*G`qcra#M!OOhaM_6n5F@03lm9rQHYp2VbU?LR06RrPYBMzf+gWdTi2v00UA
zDUHCmq@gu%Rs>ySD3pXSEH)jxn_x?9v6s(;JbwI+=D&TLadBMx+qZA(T3Q28F8`b#
zyJt5kpy`XistXLbP;cG%{d=VsUh)tuma+&!*ZPnO-@S9QwYLX`kxtqW;dR^%XQ4PQ
z%dHFy{}cit%`ieHg-o2oq^)F#u9<&IdBs_T53j#u4?AT`b3Qx9XQZUM)+-)B4iDed
z^Hw`PHPw6p`X?(<Oc3IH0?!I}F|85N1okxLv#=+?1@}>1^-#j_IJDMt3I2Lv)iU4J
zl`xQcxejfG;0`(di%>K%uLDZf_4iOxEi?XNUX)w23(^!Bvgg0`WUSi=R(L{#b79c5
zzU#uidT%&2RKe1E0fo+svh}_7q(%JVg*jFu0pLNLSZQV&Sr9T075=;)nFkcCyY?GN
zyM!%69ss-Pn_Nv}G23j2m)`JMgXPw`C|SMJ6}a_?k-Z<+)B*CRNH`5DX-5a>E7BlI
z=k0^?;b~CybLY}9#DZAfg@tcM3jnFr-)lKXtb$v1TQgIYwIc%_uD$T80^lXn)oEs)
z<<vyt(1&_+e1!k7hlfW%8Z!X0Cy5fps7d!g=>hu<02NF?dy_h(9Gc=p$j(zPhXHM+
z%JlACQ%alM&!1RqpEXy{;VYJ7eBvDHc0)-5`)NmL$4{LSP$((k=JP!WOn1Iq<(m8c
zf<kXZmqNDIWgq=#83ZXyr~aZ$-m3u*@87=<@Mh{Mm~Q)#LvBEgx<}p!ZGZvUWM<FJ
zm44-e9cUuSce={R6E7rH0QeOBSw@5CWphAdBP-|pL~Ed7W=6M}xo+7MO{O3gMrvXS
z9?jxd;#8F1+OECrmC*8v3W-^~qk{EZr$+z!Y?}HwFISMh5p`1i#Hmvnu!VtQ1n*Vo
zL$nByPtA|I^rE$upTPuh#LX@CQexxwSkKoZ)cSN0z-!qg)|r3^rViVjuJ_F?*@dfM
z3IIIPk8CMYs2sKx{yxeOy>m~k_nY!5GVzB9w;GVC^#K%cR&{L}rgU}n4kN9Rh3%jd
zpWDg!|29-QCC7oQ;&JwBOU}@vSlgD++IoUMQp1l>C|Ar8o1c`qewD<=#V5p;m=8Zy
zTj@|*uyx?&<m*0kB8@lVh}b#<OaHrJ<P1bI`<L8`keF8o;k6T|wR2OXZ<6SZm7MJ}
z;ylem^1Z0H{N_=ZZd^Gyarb@;@mW$HAeAz_|I43#a%C#F?NI8VqKb>-W}HvY*gYF4
ze9m}#1+Q8MgL!sYa`npxQNw_QtFXt1rUnyVY{FN*Y!U6)3Ct5FLKCn0&)-F_t|JcR
zEl%SNHs-zCqGZg}!ujp7T5#RmE#dC7U2+9w(fjFud`CB{Yn2o_-vE7d$Vxi@5b|+o
z?I+ToVT|D(b)P0v`h=v29WPdhP54Jn*rY1I4Mh<|Ao}GYy#n7vKdGtl^`q><J=MnB
zHpjxa;0}BKy+$m4m{;WwANduw^l9b9R~!B(dg=1Hb0vVNK?8<d8JzSeHr3DJcARdC
zRJiWw%TVX~8PH0YWTBPokYmlKwzzJ4`G3!aQ>YAx%Ut<sqjhSqOF|Y?9^he5Z3!@;
zGqu0i8GhcHv9bG8kB=HmH#*;mc62<W&NWpgciF5vcjG54X9@3}P-~apS8$5voj&e$
zaK|HR#1#e5w#zlp%JH?Bn3#VJZb2E!+<8odQPNVD->@)|OCUsIpsPgDT+oNcxDp3f
z$6-d_g{NJ;rv&&dpE%)rzjG^_ll+#)3rcd8S=S5BYjq?Ta^2~d#&oeq9NP>+kJL^-
z*T5>b`lR2Ia4CK)IV(JJeVDK|q+<(`hqF-(*X72;?`Y~F!ENP&iLmXF@o?9@l-O8=
zWe_OqHI=du(PHVWbI{<om%6qvipbZ-0G#})uL8Jf`)~t*al_kq1cHQA5MHCMD3|!6
z3896_=JZ~!(yK+ukSiq!np+K!LFU0NcB8izNAnMPDCqWW^uZ+WSn+3{l_7x^y%R5S
zoG21tSf{OM4<5Br4B67Wzc!a9=a+NUZ&7U}z+4!$U51g&C^Sy6hXjN@-NGCkJH_lY
z-K05O=8?a}vw|xbt>aPS?bY7dted2e$Ze$&m5yzfB01zAHHI+)Ij;hsZn;M^Ro`QH
z7tTMjASb}v3`vi594gNZG}%lB6k0b?c%iVy%#;+4;_>RIu>J}VPPciW7-YoA)^7xq
za>d3~>Tp6()WySmMU!315l}Y`!&8bF*(D$I?_OoWA~o4na38jyU@TkL7I_I@rAJ=K
z-Ny+2|AkC9>n4crrd>dK=d=0QCn{GU6DdwF(~hoBzfQW2ytH(;itp#gHlaw+LU&Km
z_qA;M<DZQJG~Of`x3<T6bBguny8b-hF9pAM@xm=^L?yXXHw+fVo|I%+g-68{2S&P#
zDo7}mnlI}bXKX%v{whluJo=)n?iU*)qa)AKJ-hju6THznEA@lLhqW|{>!_#CWt4X=
zo8NN_>~f&lQv<gBOSVHuhJsc=&JlStsLj3&X?y96uM57U+ZS`FC1DS>%s-T6x)ht5
zHn<zSpD=<^HkWgOgypl!MqYS$I4qm~JK#d%vv^{X3^<gs+3;|CT=voQxUZhF>PTTI
z<AMM;w=qW0)a<z#K+&<BKVOu)i*LPTT<a1-dr6+qvjEbU=IDHN*o|y;!zeo&J15GA
z6$y_m7aktp;IXe?m4N*u-pY@Lt~GDqT8Lzm=oUB#R4c9Dss%XYJe)<49wZW~iWVjo
zOg4rV8bn-TvB-YP9aqx6wF=X(uwz`=+5Er&pbiVada}y}yC}}M61};d;VSF+xJnQo
zpQ`_`P@C@5{)r?>s%)`2#v;MC<qiY3z#L@v4Lak!m#hnG-498=$;StiGx+)2swv^1
z{Nukq>Wk^u=A`A;pa=y4OW)IL4ywXH&diAm)cYB1`W58)TvyK4+Z;jGAXFOYzYI(V
zgU-W`o|<Phf|j0Ax-isTC^O0eG}8?W2sM3#Px94BTVNRobe!szi%h+oF&TR-o|JG>
zqDq`}2_C!=+iN83Lrhya)=$G|dA+Y7uU~_o^gnMrC(mvKS72Z09jsvrKuYSEFAV!_
zw8lourWSJV2(f({+_k5uCp>9R46w>;ypEF9M)I_XqhCW*zK^E|Q8l9#HZww*YD^V7
zH8w+~RM4yK7o7UPydI;h?D=i|giGwSwvh=>eGG?4U%;UEX9EWS@q&bPD>r$5K;;zk
zRoIN;JYTJ<@0u_FN8e)xx8&s;p?0osD2)CkJb*wU?5gjRJ!TG_;!jtoL?j4{b~cg#
z4;up-9&I`DhdGh`p_O`}WGNhUdaSqA03q(&sSWJ;N*m`1&K6Vt<{nrB3MpV)fBv$3
zVX%SCc<4k%#(A7J^6Cm9j{e|?y}dmtra8SoJYE3st1QGRX2TT=d2FGrMo4I=!vd=B
zFp1<x+o5J_;3oT((BIZ;EinBON1Jc)iHl^4&l~+n=#$JbnCu$Z6R*VPTUo4G!E&Ir
zwO-mr<1ULp3|0#P?_J$2vU-`^i+Fo8I0pyVp{k8)xnhPJn5y%~xvi#$ly;2Ea61AO
z#+&55F_hd&3sE=s8|2%iuHBdiA*h$Gz11-#)M>2KSmk?Q_bGrhq?R0NR-yHdN$z!;
zU4~t|q}zk*HT70HfEeJC;JyKB)c?(L{hkO<NpsUc@2kKwwYyt&mA)iNj7POu$@%zB
z+Hg3KydyHM<-@#J){wb*sUK~JT3b4>Tb#0o$ilLDor6(eh|TLIS#N$`DWg<bFP+}y
z@6P5j=0#+7$<*H3SFN}GEWmqP;D8c&@}kFZ(8McYVvl*WBIQf)n>PaDD61>A)z+%!
zBW2mktYW5?{?clePblhrcI`SYE<%7z@nw8{==yL4u42~j;lt|S^*7^eSOioN%ETc^
zU3{iCX1VaL#H0_uwY<Yz`FvI#Tdb#Aie863cm8QeOv=7-BTkU`xQyTWw^`h1GPBh8
zRPdT$TcO*h!3HpU!1^~?HigaTh3<ypLnr0J99ULCa9cBPBHZqA=+Y9pY>O)d50a%p
zKuwFKFtTfyX=rx=Wsu>vt2xUB&SF4>ys!mw-6U2(yRLdIc55*%;PlK!WyX+zR(GM7
z_#9B#l>Vrfin@}gt>~`}OnSDk)2KQySN$4Y^0`2L>p(1LY5moHDD5k$QytCxW@J&~
zxAx+&q_3SuCdVfx<}xeN^n<R->jKpD(>D~d=gOz2PWZg4CbaCBy?KD2W!B)JX?RqL
zi4(gUKOnD^SZh;*<=oO_+jIF=FW`vsUL538tA%cUrVnfQ36x+Co8~vYMyr&$)jR?z
z#JD-c2NewUmYNd|xmv-0@18Lrmx<%<&`7ad7(DDBu7q1n7ZCQ=F9F)lkKCho0JDTO
z!1{9>tpTl!7pZkb_|HM56vaY-yZ*ct&keFo7a?{X>JYEx_vLpG8T!Sv<xDeupY#ci
z+`%FPa7J1h@Y3$3o6S4ugqWDjLt%0Wm*hjspu6|w>wNkmL@*0|_EVQFiQSWpNjqzM
zemh*uk70o(mBxzgN!f5q|3?rEEj%kL%fD%#(D8!Ol|0>#fpDSs2Auu2TAJg5Htz=c
zDw&w1T__npSiOMW{?-gAQoS`Pi#N>`7fp*TDzspmlf3CfG_%5h<$>rU%O^WZmwg;c
z>zYRLQ+G3A+-M2~?=<o`vtjpnaOg}rl~l_3xd_<F<u^t))H}!Lc02Kq?V7Z-nB{=Q
zI~s<QT(aI~b>1t&J;G{xu-N!yQV=36NkWdWXqwOWLoO|80TnR(VWkopoj>KX8gE1~
ztMgms;#PAWDCsK=>;%wm&`Q0m1rjU($V~%;mzK~8f!{Y2c4cKpfU{3a6vlYy^<81&
zq%=y7{IW1lGkp@J-BSqu<K4>$SaI6f!Ch>_qZ7*Ghmg31f6BPCms4}0N#8A&;q{?A
znl0rvm!%0PK_Zd3;I1~VTZ*AjKnh*<{)&2H4e7)_$%$6y`e^3-9Ebk&mF*f=lY}(?
zEfwO>W$IXCxu9mEq_SS#F0&PP*WTVP+>*E<f?0<K^cv}j6A^s5QI<7+k)cu5vpHZT
z6;3U+9!LayK0?jXS9u)dT6<p}>bXHQ!dS=yiZMW19C<K*LEh~kfS#FI&($^UJfRCG
zyAqU<ts0&1>0oC~pStwzK<}~J$46tnVSb*Z!dG-%&A5SL{3bT80G3l?E|Z>s+wK?Z
za@_I4Ev&bl<O7tn1qF^tw9#$K%kTNS+e=x1x@hME>%9z&U1wsp0m6_pblC#Pr?bT!
zl!6XHMrmo2m7txnIg!n`i0u!o#b3VMSs4T-&arKvIBCD*qL;(CmKSLt9*j3d+ZB)b
zZU+FOvDr8aZB$9>;Vu9ksZ@htHqzYP-Mwbx;fHo>X=zE?C+i2u22l7$|BxFgCixfl
zDf&Hg=>^U$hDs;ijDP+5RkTz#!r*B72OvV5Bs}r$q!<M5fMO~FkHjrUsKrWn4SNoi
z$H$~)*4KYm9|7Qq$g9%2Zw}m4-oF5}^|gV6UX=Ydwf~Qz=|?U|#3dyZ0tfHN0004u
zf%qm`VT%<w1)>KatHowD>d}g8aX{EL5V&QUm^h>^4ZES{G*DFFT9>;J^!~cI_(S;C
za&ec!fo^&LEmx{qxEmOtJY`i;!ykE%BQGs*>V^F7riW>nd#;7=k{6niE(IWTi^Wqu
z_c$mUqrjX_(5098jCdoi2KpCyFRAxNqG)P|h>DgsQdCq7klg9XukB>}EhG~7sY!r@
z{6e&1)+yTBM_6nu8HnJUz^}gr-V4Xn16aAzZ)sS4{M2vfPLVdyT?1XA1L^Mi=x-g$
z;(<WNa$a}6z6)58;9;}(3zGN?${I{ZEi=LaWs`4XTSmq;0P50+WS7#1Yo&VbX1rFw
zB7Tl~5z_l}Ufc|zcIX2V)Z&yB7r@FE$_Fp2YQ0E>KO^9AS1tg79cK}!)|McIYnN7Z
zS{f!FvMsM)zXs%#HI!SMJyk*VkF@NEFb{QE%gW09=DC7!UjqZk*!}|3I&U;kgaK$;
z>HTASq$I>iC?Yx{0?@z<9QfS_@(xl^g`G1gp%{qy`hf5cTcD@P$S%{rk~n?{rd3NF
zWJmM*7XnIfJ~1&pMiLHZ3uo-dzB$!4yN;RlQt6M1#O@sgXvAV@kKUiXwD6U7jGmre
z7cY64NSSQxF9Ea5?|s+E_y0q&yV+eyh2GM?QAqwGr~%{M0jM6NZ3`IWF7t-pziEY3
zTAu?{p9v0@Rer_Gl#Kuu3qURy#SzNa*nZH;94JsLJn`V;&U8@)`Y+!Z7b`0Qf>pZD
zwz>lh?#2Gj0~pwd-z?yuQQIG>9nX!z_g4Ef8@&|n6GwxzjbyODfqVeU-*_0GfEgZB
z<aY(mKLEJi@fBnb672l_hsfc{5p|K!f2r7&`|&Aj0xPVTw3P%~gTe)$eboz<9!4->
zE^#Hrj^xtBilCx?cY0*TEy`~KijHm-sw43Yau;c<7B8pa<2rSeM|h{^@k>z4-k$iN
zE{*kHax+sJfKP1!+=x^n>)J<dEHU`lS1>Xn7a;GIH0FDt47gJ2((G>nkB;uEG(x>=
zM`*&mj=x`Vve$yL7Uoz>&O1l%F2kdyWuM_%Pm`hUU>w=HMJ6l9{uqIduG8M&!oDBs
z>6X8b(Y2RLo-a<xZ}%HRCO|2Dte^9n6|!8-W#Q1y?|bY&2mW|H9o^+L{^A`8dfFF*
zWih|>t9zeQI=_nU9pd>zyjKNq{($hTT%L4o`F}=l`>ixHcmj6;H8*FM?%AHM8m(Xa
zY2LlVve-24YW2Zb>=tm)p~dp!)9O6>Lc`*utn4;a$#~t>(b|QY{HC-e+uy5>jt=8|
zBwuv!4#N=Ad}lC@0d<`<bi~)yL`x&j#1H9Do)8f5!~jR&@{BBl5d9>ev`Hl-Oy05m
z_3=qpZFmVv&??iamY4_XFSpfD>!ndoZ4&LdNMBzcV=?7b2M(3$!-dUR%q#K)@dHyo
zBjR8%cO?ApP|W@-%$Y*n(UF*K0Wq@X#l@QYVIcq|rl0LsML)_5oH@{Blj0})d3)zE
z^mznn&z70E1lY1m?)x3e`MnnU2U3IB`1(Bc9a4WvKn5NJ?UBZL)HIXDu{W6&4VNVh
z;z6zr23?BV!G7e0;-}fmhSAIN+-f&hIC7&nMHH5{x#XQHL(Qe01nh0;9RyObm5zOV
zf!e=k=hcDzN<(AzZQLEE18*t$>(@ihKbS}R5Yhba==n3U-i6=3v<Mtg|JGDyr5ql7
zJ6s(;rg8fS@xN>T$#8S$z(?hS7|xvG<No+yrlzaPs9daK++VEjJz=V4FYpE`+#j*?
z)8@Mk%DU+-*5zpOnPjZ`^XEr_GkA#>dxIatHaG&4p4@uG5EL9Ef=P3<1nzkwIAebv
zx4U2`icHfA2=E3ZqXkANi@c?Vz(D=e4BVT>4tW98y-`&luBo9<&{+miPpB$K+d<R%
z^0g}*dcIfgNxFT#=Dj@9G8O<8<=h)aKqiR96N8V{pFAgEWOt#<mNgcN(gsRObn*N~
zlc_%A-|Q;R1x_9%bf&lUU6IOi87kK=HjTt0j4F20Lk5c^VS2E>tvYD6*m})nlXB0y
z0P1QIwFb1i+E$dv(KZ!uTTsZfGUEwr&|Jq}-LJW8H~#s+;@Rl~OYJJ5lGf!zcdeUR
zVCL$-wE%WVSX|t@A(wAGJ$D<+BH6K+5)X0L{%d_mfZu|_&X;}a_;i>3Na;{Y{<B>_
z66CV5>925>Hg~zEG-1}L$OxX7&0Cd(l9CeXhAsTctrv^Nx0kOj%WZyrCgZvIqm`vi
zj3f5?tFGW=ge*KO>v0VSav6^iY4(_tV)kLCiwfhsdH3$!zQ6-f+Ro07+c^5zV=b-g
z_g+HttX)qEcS>W7{u#%O8!EG*Z^rw(du&9lPE{8!;65b2eS7cg2~|}>C9cN&=4yLX
zwsI4lw6t{0+qcKtKi#FsB}W=|HO=&XA9oJ<+QQeeI98E-k}P(zZSu0Po1CCv*G7?L
zse;cIG2%`3F`)i^jK6xt`1Pri^1s5S6(<_@PU;{G!Td%g5B&Y*xIVDQF1;+fTedic
zPNrw!r+XAJ2gaj%3#@sgI2D_?g7&p=!sd>nd7R$K@dgN^GVdie^|;lU$*{1A#l`l)
zyVF;;Cyh^zD82*!%Z~Mn_fl{CK=JU$I9U4#=Ag6uytLx+<Hsi!p8KC{jXz8G)kRXw
zVd7X$PR<u+9HxdX-;>xof<I8$ryjd^)%(K`hT8P=*J(N@Y>8&NEM<yla@5DihfZO4
z^X7Mvw;o;c)X(PmOi!Oa-6s<`9x#Q`-C5tgZ1Uxq!YO9fl_A-c`ev!vhCJQb*3HGC
zvv+!`UtG9#u*%7+o!Z_7`ky&>A6*yP(X^FJ{F2!5$>o{kP+21Qlgq91Q`2Q8OZV!o
zfYZ&*L{UMV*teV|MX2OYAC+`<kJ`nah#h(>Eio^VeAkj?b1skKvjxFSO)WkEa3Q*T
z&@I8fJZ-?~=NzK~0|ObZ+<C{R$Lq1b^TLl@f3s~ma1VURRvm7&yKakPFh*-ox~pGU
zBO#dc1Ktb$ArQ=N(qOf5k`&~A_M^z%#R_dVPq$}-v5oIfGuwBK$v;U~h_^ty5`xl$
z5~ih-B*9u8NmZX#*N&T+oB2BJ=y6E9e|r045$Du!^~jMU^*i6&OqMH*1?4s;o;B>+
zod<}!&KDdNL+#no3QY?Jh||NO@3%N*)>m&v-+3{We^2I~=sfNI{z}BbITn_dclqg)
zT^QQTCb4fMXq;}*TQ+-~T_smN-gjs6`jefPay@WiTWCo}hUN~1GBq)gVc7NW^t$)8
zzzw^MjHpSA-tBf@hB`iJzG8Kee5|hi)k!nYf0y1^Fu|EInWtjtLus^Bb2MkO9qPGg
zqDWYS-4i=8yN&p&01wboGQXs70;GYO1REOz`sYU5-*s-t+vY?Q15_b&K(e|^BshwL
zhd-nqEOT@J_<Um&1raeQ)UPQaac=!^Tl8k{x!dD{uZ<_O59BW4tF1W8UX;;^Lk5C#
zHQ@hog5SacGBC?G0zX(Gwaro|l!SV=HuV!|DfZ)kT`}3Jrx}XAW`2Bwlh|I&F{Icv
zfBW|O>(_N0L!f|BVQ`0&?Q|X^U6E-`FcTO*y<!=alf!-f{Dm{j7&@i-G9C4JeobTJ
zE1F5-R{irnYFcV@I=}8SU6p&B9U5s|=dDRI%Xs(C=kfJ6+=LVv+HSWfc_$e>c*hzU
zbBShJZ1^Dh>STw{nDviUtDQY~2iaFEU7-;k+b}yHbMsUCttYp{>?(HE=bc4$?fMKz
zdvlUI<aK_v5PB9jZ^^=#V@F#(D4TqpY4XWS&T}H4(j6l$S6~V$^66CP^&4K1<3-##
zAQ4m!N^0`lImfQX#;)n<QBiHe`qo;e<pIrD?*qO4WqW(tC|Y18wjuQFxygqrDpONa
zCttO=eCHcw>y|wjZ2<_fa;Wd2mEML~*4WjJYQ21TPho6qaTIkKurMY_`g@~@PO+1O
zBzX93KAg9u#qhcH^U`+SeYvr*vE7#;|GLhN5CO|z%U^l3Vs`Df*d;gOS8=XlRuzLg
z)}5C7v}TUhQwjONDMe4>$eCA35`}u-8{f=-y28XEcl_%*i-1YFi!|?dtt%`Im&EK!
z3O6MZzj_7;rEzj_)DV`T4n0$n?RFk{Q~)`A*3{1Gh^@o{C$l5r`SvAInn7Kz4`+Tx
z97gP^w`Et$N~5_hi#(e9Ka9O~R8`v-HjF`tfKt*RARtJ0V<0U^NOyNimy~paG>Aw@
zcf+BPJal&*x(;#ZclnO@-s^9C|9pE41`auUpS9PTYpxm3e5P4gUY^9QTH{NrrdeMc
z*CVQfaPs)GM)h%X!P7Ccmb{4D3)ohjc}bevz}5x0myI2#VSe!T!PVAci3n|M5|@RF
z!$!YZzwzUUh-Y(iLP4S7_gbKnkwXUEND^f^x^|5U;pxkxQE~_If5}6TgclG9g5N{O
z(->l#77)z~3)GaJh)yi0maoCFbaF?laTy4^Ue49it!|mC!LS|-+R%0TC295FDfA~z
z`JE2dzKcE&P)2I)VlB@n^W<ao<S<q%f;051v<0H(Dr}y-LwTYH&-nnBbGY2-EWQS8
zmAE68J}~amY0F7c0Rd1Wm1!}#Pb%bwCyt8B|9SIwBQm`Bf<I*-q*LDm18`uxEtx&g
z-L9nX5EWO<)PEll@KyUfRe?rB5y|%R=U#hn^Yvqpb4+4)lq%k51A8KimzRGCn0kM1
zy>i+Mj)>Se*-}g#FgBkoZU?GRQc_aZJ$%5JhL<-{xao=&7P<IK^%oUz5)Jn?4dxeu
z4$-#9iUH2x=}gT*P{C|`^%xlSSn($kR`rO*-&Zt$%TY`QQ1AhyZ94slOx%{-kBuA1
zm{o4ncg3Vl8#*J%aHm>7JDynFSKPkq|I*`6#Gz>ov&7rf_TD6U`ZUU5GbLZM4hbk(
zsgEB&0`%=90y&WlZUR6qz4_y>h|bm&f4-or@VHR$@VqG}bspIM^heL~S6V>>SG%L5
z5^V?S42|I523*`++3eRsbt}ruPZ`eEetdvuM!h>}zQL-t#-w^_ic2FXNO-X;(QnLw
zibei>*G08B-^Rgy<HQW?vD(!$fjsRdV(x<QKQeT@CW$1Qinf|!Lu+@k8I3`?H=gc(
zc2Rjio%MrI=u(ST?$!s?#zumfv%f~L<;bS_&Rcg|*ErnHsfj^&P-1&T6%?p|<Qq<u
za3sMeN%!j-C_qFhL|Q%}QP`7MKH&$FYMnW9q@bXGmkp0zYa6ovS8{0qSOi(?A0^9n
z;N4PbrU>`kGr<1qirz6YpQtxzJ}>!zxu5_+EuFO#`)N_3w|eZALPm1-nd$Q$QT-Ni
zT@n3WFcEHI`0Gi;Lf9i#Eo*4%<PgDk&jzeH$H{q69<(#T)PHRxRvgjvsj|KZxyk0B
zC*>ew@Tk`OQ^9b}!F<94TapUzj1RVlXZKT7UcYt)4*B5NFOmC88{1tKP$6guWMBm-
zMP#Ri6cBy6!#l+j{p)&>P}n0@W@>9|TdWgXf)DvsTzrij7Bykbqb}ly4I&4#!a7*q
zdp{2jJX~4Bq_kxc+I0*VpDV`OY}YxET;5OR_lzkmEv-D{r4x@_aP!ggdc;TCMwj8G
zWD0}B;T-BdI@<0t;{%v<sN#be0xG5sPyd=FY<fmyoa?t;hdifsX?=P{^ASQ^NL?u0
zxK4`Om(4^PLMgSW$U4?rmY_gL%hBf2VT0xb8ST-dWw2$}E-u$Ls@>0-&ByXu3rZSg
zH8n{kC4;XySLr}uP>7rP-(pX7QQQL5C;xRoUqBNrE^Px@sV<MsLdHDrmUhagrIbs-
zlFX88XSE__W9V&BUannV*(|)tq46)(^ZUcP@xY76oQQx|K9-k`-lKuFzxKX6IJlSB
z2cvt0PIL{tv794S8XJvz`_oqCuPL@R;xnRopQQ23<uHYz0EyS}Dm;vi3RzCC<nO0f
zt&3y1HK7CRD_*$tL(}1$zf_K;x?re8>+b<*_I<s-X02}AC_(3$6Po5`tBo7F!+UFC
zzJNM(KLASn=UP+#_Nmy_kvnFT4LK?Fnc3khDxQShx3h)Si>9v`|C$(u)St{2Df7)r
zd;yJ44NWa=I>->J`)kZ|O%w3BecZpklwP(N|I&DTg0BIo_WS?+SWLke=V3~Y3@dxX
zJ7f;|U~?$*Ur&xnPpC*!_u>|-mdR9c)QGre`^F!#;X(F6G$bwctxm&y#Jsi1!aa@$
zx3<P`$<Vhte|=XpqbN=Cl*dTh7m?H?=a$rO6+e5WO~!WsG=1%vQ_&F5=}yOhIo98P
zPmBgGkAUHCbp?DwL;<Jx+Ozl+sl~AaR4!Jy5yc_Pz3jQx@v@J(41bN#el%3>E4<8>
zpO~AJ!=zV#q{fRms2Ymy_5MZo5P`0tMwRokzXsJ4TtKb#(oE3$F(<a`mQ<emDL+Jg
zRYmmpy_400a&%941LS|irRaG<KTU4fh8R5pzpitAOh-6Z=k;G-PZiTth`vAKov}z1
zrY;mJkzC+?4}A2mZ>$sE;`mlLBLw65bR9CMZ?8C=B7E`*tmS`KjPvw5(`5d`X6<|g
zel(}b-F=1s`MbSmd7mnJ{)$R#$!{ixnwwSp>yUq>4zI8lAxg#aJ~lPg_ro1|LYF1`
z^5*7iNhnTj9Y4Y8XHn7Pe(M?-;c?DBWWug4`_JUZXa%KcWtaT7TG77v1Q{&>K`%X|
z+*Y=?!#WG`i51nXxK~zj`P_wl*|Qt%931Jl>4SsT)MVA9mGut7{agM_u{65(zXFS{
zy_QYr(IjN&?7+1BYwk0nF$ej6aiUC@=byLf{BRkT{e4CtH&=uVr!K$<e_Olhd#&%k
z0u${U8<*-^aDRZbuD(7hE>&S{^eJ{v#hfAYMN<1qF!{*YcQi3t7O=VEd;iJ)B-Fab
zfZ3m+bfw?J^+p;ydWE*2a9zEwKl~&3&ZL(o|FaTy0ZDb>QPCL1x5z&a|K8m%4$uW0
z>}n_O-NP@y+k7ax22k=&FLb(kwh5yC8zWfN=tk)QHJJpBiQGH&r^Q6q8!F#lfL&>U
zT#xSY?@WLVY&}=iws4K^S3-0h^4l8#f2@^5zY>Toxg!p->rc1S_HL2Ap_xv5>d3;8
zzHy0(qB5F-Nc+~swY&n^dkuJGehm#I&noKoLjPIkprAR1^8CvIhLfg+Lb2A8Aj7N2
zKfkLBCA@+`Pv~Pygh^PMF8Q;i<9`?r5MOu=w&9TB_Cc=R^12HPwx5l736GV0!la`U
z|5k+gL%B+7>{q7p<$n@Lb@ypYL&&6x1)?GR>W`#r72wo9udS~iss2!aF>5?{84riC
z9M1nNVI>%qnyP@cPgi;pC>LOgWW*pY;yMi3?I@{Y90;gX>-1iY7bqb;=i|!`GWlD`
z185q07p^h9Lrv<bsP5<q+S-#2k4%7N@f-w<6RL&S*rM%lg>#H%vBvUequfyiTXF{8
z5NS6UZm|<{o3&0?z+5&i2!2iG5f#lit_4!$8uLS0D!j5BYPA2{u;6)Brnj1daRs?s
z7U%!GC0kUFx#gfD0uZ%HI~GCVa=H$O)-s8v^No~y8r+$(;S6KN+DT3|Tsc;uVygYd
zSpNPSTMPfqc2LmTSFrMuvE#{*fMq{BTw5onmCk6W5$_#tyErR6K@G#*<E4(*Es?OW
zupr_vt55?%*}juypkM1f^zLMHBHrkZ@%!Su^HFOc?iA$i^$eSiH=HbMfuhgz{LG+B
zPSI>OhwEJi;b2mQ$vxFlTkKVl+qm3x(ykK7wM@oBO@;AZy{1mPPt->Rg+k6^ozU`Z
z4~|^{*9}3C18%h(F46o?$wX^>&|7CQKV_tvW(YfU2HZ*4T+ZY=GS~h%<m6_v2_>q3
z{FtPZb=b+~0{$1~GyyxP=K~@EYr)WsyEMJjM-&m+@8QNsf&we_%@_Nq+{noC1<D_&
zn6=kHn#*|20eZNG8+mW2QqtgdzADsg)O%w*LC5f*`6iBDEBWeR5A`)*7Jz>yla0WN
zW7?C}tz%C*qj~WHhm0h29_v{saz&4SWQ|IC7l4WVb49P@KA$)qhyasJ&o0^1(<o%l
z2_Qb}5wq?_Q#Eb_{DO1yTMI?fGu*K~9YW5h>+|Oeu#+SXL;_Pvb;;)~1+zr~K0f)8
zzR<@6ZTF@s%{YLGJ?EgZhygR5`N`IBzKb08@#3mSkx+O=E#2dqjhNdqD%awdN`ZRy
zRlYKV+_=;_oHPBe6_?QdqZ~-_4aW~^7H?X5Vsk<6)rS4g9{jGfrI2)so|6i}KKmLd
zZiohgbKEIq>P1MJXpu<YHJ}3Qq_K%{q65U^_e@7>u`9eUlI}b&xX$NzqWG&U*xbeh
zK#1-zc@mo>qa~BNTf)2GeqVemG}kc4KrT%va^9G(1#-gG{ja*}DWV@WVZVabsqJ4a
z?*yCO6+0D3OWd23S37Y3PI>KNlPL>JPEUFgThq2fwzMZ3;C-8}xSa9SrIt-*FX5Dp
zqS$9L;dN)s(@TX+*#nWRb)M1-(T%-(>9#BJZ5eX1#{2$y-tTtM524iWg;G*<^pvlB
z|EvTRVBdiiNG`Ik{G$8ylrYf@Qd7f2FsSppQpoXxHU-6jW=3E4Ebkd?OYx97i7m|0
z$w~IAS+5=C8gavu%4-)>BObo7Oc`0`)~V3g#DQA7MJ8gGOx-POJY`%l&5jIt6fF4=
z`5^OWZXo!&|9ADMoG*+f%(^@Em0I-&W_&FFnecY;b1IYVNoUxsa$sAO$kNtqh@ljp
zItls_ed(>LJX92YB;(0z{oZ&O_R-L-yGxGI@BqEQ8@lJTkGM$#@kn?R9qwj6i7yvr
zm+s-Y@V3r7>UummbYiN#STM)C4v~m<F&P87gm19m?m*)@h(m5ff9mP0zHcSpEfNO5
z93`-M-*P3)R9VOmE{aUT%%{tdLBRB()pYL=<r5QE8DN{LqiHsKARRQGqG;8h>)-i2
zs5DQyy6c8*Y`=wzIUdn(CFwPc8yoaR2u)dXGpL~bK6Uw5-`0V8nux$a_ZfJ+#f05;
zhvb5bks<cr_J#rbo9xeAG(F0Rr6^yy1C;SYthJ|;uD)Y`JI&MPgz><Bd}QP4Mw;5|
zx`D`Fa19Q0Kt#J>6ouRjc{-+wobaBWDeIv|LC%*cHABu9dYgO$XrWE1;fIL8BC+*D
z>JRAF%{9cpI8@l&U{UP=I>FTq!OCqt7iZ?(j)J*4_v?WczvEg!g0|5b9QstXSr7uf
z2qhD^TTjTyUElKXYHn^kysnTzAQYLk8zrustb#*B4K6}HVYnhF^Ob(}8?>jlRfs+!
z_t1S#BNeB+eUkA~{>Q^A^NIdbS1Gsn=j;s0-<Rgc3YCLLnimpfXsM{OrYLZvKFg4<
z-$*N#dF;Ql_(v$B8$&`vVS&Fy9CRSfVAID|-ynixJ$PJ+8_xIJ$2$XL$!3m!`}x`0
z+do_?aeX{}bYRWzY}p;A264D;L*5?C?|H={=x6eXI;nhi@A`I9aDz!zMpIL;%3@p>
zvHET#Kcoiv!0@<|C{@sr_>MiB=(D#7V0P0&@K7cQ&mx%^EVYxXR8Q}*>M?mV5e;^{
zHt<dy!ktm6x0mTT*PB2}EPJp)f#gg_{nWkoDBj>KBM|niCHZ5P(ZOg<E4(Oti2ViW
zS7^Woy`?P-InF>H{x4ZHtJmqtj~`=co4so~eZiUWkg2!5qG;(R-d1n~ZN;mZ;C@p%
zWFov<Zv{ow^`U-jrnMO&kM47x$9m#=;Br8KE${sqCC;|G0<tF4ev4E2ybX&m2d>ET
zFsb!4>agmTly=>PcS8kT@dkz52!kgcxDPdCi7E9Pqz>QPP@nXhr3%58);otF#dgqd
zUkMLp9g3EVBD#c{<Iomue70I`SxG(Sm(u(2bBZIT7ju79^I_21_^n48UkmmxKCxl)
z^Mr+;U#wTN7Iwzp@LVQ^$$ia*wKm>F88#_|YjjbsUeh8IoeNiCI&PbkJJHuxJnNr9
zh8bkqSRrysjxJDKynL`Pn->-mRYEX*<w!Etcm1{f?*Q}ZS=*Lr-bWm<>aWWQ7F7z+
z`D&`h5iBugPHo&%?l>Y;yPiWymc(*0tblja-ih{4#u$tmg?U79JH!9ztk2#9Toc3>
z<|8#~`xzIbO6m&}zEC<Z;J@BPN-o~EWaquy9{bfk*0VU;s5UB?;jkGMNUt)O0fit!
z4(Q}s`$l8ah3Z$A^{!PccCWG!o3X(d6i1}W7U+&UV|p`@i&_-}98nV)kT-kVqS_(G
z=eJLtc7>z1YPUZzd@L~@7ldm4<FdVA$$?(ugP`JmL$1wCb#1MSwl~akdm_KbWVIVa
z&qAPdo^qC!g47wV?0dCVtpfC0>pi)vi*)pC!7v@ySUztkEE*N{{vm8GpisRcokz#h
zN5QL^QL{1ZTo@5lLMIChs{l3%uePXGzs<2`CRD6|r$qRlHYYPQ=zi#)pd)l_sPSY@
zkN62|h-pu`e1G(4WOgf2dlW7^uh(|p`J3H@cZ*wuvsT(zz1+G#96V%&9%gD*7*6sG
z`N_4hzo{Q_n}IiR>-2C!*pkz7YvU(5l(a8_#w2jbYN9s_JJRJkSyR@5FaqL|SL?>9
z7JZVna1%7wds1~IdIw~ql*8tg9on8_2;n9?l9O~Scc|YZYQtGa?j47j-67X<Z1M!S
zKkYjEKIEy%T;S%5RqfPBuD9KXysCGigR8rICc9Ujk#<7k9^p@K($>Xhm#~@i=Gk1#
z%Iu16X~NEzLO+OwE<dS<-D(ri77QT#zP!QwZcu+{=Ri2e^<ZHS<9x!es(Y#KLhOqW
zuU4r$bw<yTMHp0k$ab|Ut(h85LA7SM=(-9Y;%q?}gy`II-CtWoCC=R0cUammeb@_S
zV)fnf!L%ob?+l2s?(CatwrAS9n3F4=2JDX)lh(jF=Xm;fi$5V7SRx4=wo%m<3C7v7
z3sY<5wk#90^w{rZ1g}T{%N(zsqB$+DU=>vLx$cBdx`3Z@p&a*`Vp6_Zp3$@K;T9ZL
zJL6dbO>TxaIw$BpJ|1jGv6=%r=Ib|o!1D={la#ymkW$FhRBMw>TUL-Eb!s4c;;hnp
zmC!mczFz;I5!F-FF8(eFvPrSvzQaXIRuacGm?S_^(bLgKExxq5DPg3$HrnoTGtV|R
ze~!iQ3GLzcp9yr(NLF86XC9tp9xIvO%UNH_G-sd{UaMJUS$XQ664~UWE-a64)q10c
z4C2n<)NJ&@U+iz=UM|0>pbbYqUx5SIvslB7_-Iv9_y^x}Wy1J~UzuawO<}g11KF(Z
zOYsJadl+d2go`3054AP)m6WP6I2nRd;`~%*Nv>|BTYhtk5pw5cV%t~eBY9bOt!{th
z<nbcY_5WhS=woLQw%xg#D8qVTZ9q1ibI+Ff*?l^~Pi1{rB$NEc+1MxF&i(h~NGP?g
z4)m_JUaj^|xze0yoj<HZ=k%?$@hulFDIwW)W!`yO6c$)kZS_Iq<pHwy0Y}>aW_S4Z
z;K^QO1xfcTGFBL8+d?a(T}~jZ)K*lwwh5)5Tvv&xL4audJ1!65r!F3g!>dzcUYvWO
z#p-2;<KAH{CwsD8aP{oxj5ykA7*DwCN35^D3dh=Yd19Qfza4VsU-!HXCFjmJ@}5I^
zcjwRN9+rRc02Y2@j9Yni+e?AxQ8|%kIau6wRwOI7?wX<A1>evi$><hwGQsf5iq(DX
znYbY0pemGKVW;!9EwjtS_BiH9t)b+$%9}QX8XVSCJipuL<58+g7|WN})+ENIeBSd?
z|8q>%;ZN^5HD5Zh7ui_68STR4*q!xWdg^FC+5Z$}vOt3bB*ktY1djOXgwhz8uk3G#
zfdCs4NPWjfMg1<Yi5#?*k&;5kCZPVMU4;(9=K3eKk!BM=u|XYJomu;0XJFW&$?Pc6
zWazx(gz3f1MShp3R({*L28Xq@PUend-3B#7E24fmv5ecM=e&f}pyFLxpH(#7!o3IH
zToFVwc;w~}2VG?>iFLH)nX8%{L>rGzVPsvW*~AlbrkR@64?UV&O_Lh03gyEeiFL9O
zE^`z5n3=b@ISwVe$vEm5SSi<zeB*mXt-hhjr&jGhT<o?kpS8j}e)K!6)y8SHmXAn}
zh7f*X7KnYQW~IwUaz%05?jj=Ftx0}G%k)-+<be$f$INq`d2LrkLJueRE-NtjtAeoa
zwaF!Adt$<|B~^j5xkSsGQM6(tTO+Q8ZkUIh%{gA&yDgcIRfH|dBoEu?hal<03LeMY
z2t&`a){+9hBXOkp973x!78>H&3b!YV+i{Ko_S>oX7sQhe+|RHyS*x{nOn&hGPYCCj
z;t*OM?@ul;NWvnLvF?SN69)Z2Ye2-&Ak=NA=se5p4PVb)rPrVh4bTFC?&jEty_r(O
z3n}4b1Wh;z_fi!>#=vSkUSS8Gi}4_B5$``(fOKqHZpIWlo$adRVz&>>*0D#IeL7Z7
zwUFjvd!ASG`9xOfCVReelkFxu;pj7CPdQi={C37Jtc1*zHgdMr$4%AduPxBR{bl3B
zxhHIx0u+bE3QSqm7jr0BUe)o@Hl?=hTG3?=IEzi4nJOCWP2_G6T`9ogQtT8uwY4Ls
zjCnTB*J)jho6EX(Ihev<d#|8KRBs5%%DdWOE1lMrds(?Tu`j|a&u@rVH_kYSHjxFy
zT7LM6N$*BZww6<NT@JhAr&wE=g8xMqOW6}oCX9zTk8}Gjz9T57Fj=w@3vlA1a4C7r
zD2#UJZ+Jt_5BtI7sCgXE_nuDs3e0iuyKa|%HUjuvNAzC2n{_=mNzm5Y``W{kW3NQJ
zh{64w;sqZKjn(Xa(-rX8luER@Mvv5fDN#NZ7Z>M7wi-C91xM_kTNb>p9488ATP_|i
zyEY`=KU*fIP9&b^f;YPvwRGN7Chw{B?9?-j4n!(c`!dYT&1Kpv^~l7fk;u}$*OWux
z?)82*w5LO$MR=okHJY|7xim9c?ER*1tJvl@`%ks;>K7MK${-n5hWC;0jXnD_ZPA3S
z{0AB;)K+<#I`Fc>9kN(T3ZYj!%vtL;1?Xb<rhesok<sx8!z?Q&P4@mqQm2}iHV;Eb
z{la0?>TQYEV$ypl<J(zcee05*C6!jPC9bb0G9-0W@>bFs9M(2C%-G%?s006Qs9OJw
zsj&jr?E=p3nsPKg-ilZap<QP#;YfYxt)*SZhOmEpbe!;N;$2(j^yH93{t=ug!P37O
zNoVm9w7PdzQz6^ytM|N7Dn;1DWZgy5%Lt{TzXCf7{WrXxw1cvPm8KK^in&n3DV1Jm
zf|sXzh0B(`@WtXJM(w#Z6?GOuf8_kL`Qo?y_*d)OqyUMJ0k{!HO>RR{Qb;}!kHh9J
zY|nOQp-s+<J<ShLFWeWXE*CxN)_dcP&KGWK>uZ<P+E!=$2x8i?#SX7z>39hY1QqH8
zi1q>&w@nLSJ1}eiXvON*E><)z{&SdXU0T_o*<BKAF{%q+d*h9m^z5-Vs|&Z_><k+H
zosfYNg>rAE(Q$bGwt*5`?$q~7ldcPe*^L~xYW)7|NwoIf2##tR?N4far9SfbuFMl?
zTXUq8w80iL_9Lc6n1_n29#gAQ?kkwxnKQYQliEB~<oCNsn7kAp46x0Il>qw%?$tPm
zb~92F)134|WBFHI7k{;Iu^3Wvuca@8aM#T?;z5`O=FN87<?7)uKVp$gOf`js&y$uU
zE<pU2wfW%FgO!-DXCqAT+8=u7^j#F3KfS88t(~*iPx1y2uip}$kZ_*xFpPd^*&z$N
zsc>qoR_r>rh<pRx{#fiU4-^PX7ZmnuvvB}bx1Rywu^P`;Rbp89#AB)L-!tW3U$j%z
zUJCt=QR7}qsfl)f<()T$=j&7RPl%KD^Q4m-ymapiOaQ{zT&UuBg7rJ+z=9i?wk+iP
z`~As6fhEmpGOzi(>z&wRQbK%u;uzMu^U838B7!sD>bfp?-O!|_rP*9l!F%GYqN48G
zFmjP^&C5U7c=DBppKy6xI&?`UOunf0?C8~aaozGBdP+K{Z!z~GF_ZPIvTyNtSZ}v*
z)zSsB7@^t%F6{~D#4^)MuA4BaCA$JjT5NI)W2GIh>g8Ux8ss*L2g})=w%a&!+M{_m
zo*eU@$F{!s@ANiFv-B%+GO+hC5nM1h&oNKFa^(9qEypmccgchnlecBvrsvn=X{?S7
z*biaKoiRhjKd>28j=svdy@4@wH6ICuo$B!f5>diND8;z828<nF?h4rmDzqOd?MFO?
z7t4D#Ah1_CF81w#^FllS$d3eeD+pGxm2hW%T?}n+3*&r@Yhkw0rMXJpb<dRhwiLKq
zDrZ8IGkH08hD}G^SeU&n4QVBfI!zXBKL^B&&a4s&c1-3_+wZt<2{R2`fd_?g!(rp#
z_Ot9LNve$KQ<KiTnI&`pDr#r=Co#!fKN2coS8YBmGBwKdTCZld!eh#^y0T=8!sp)P
zu)({3+!E2^Ez>D82GmP}Q%-BQdbyZ|?j7I=er$al(WE(6QCDRp^k{&NXpzDdn*mmS
z`uPpq1*$rE(d`~4!v2y$j}EHKox&j~L#sG5SxElNl3whQ{hwSTG?&Zk@1Xb3sj~da
zqa6LFN0Yysh+s-lAky+zd@U#l&*4w5<*zFwJYk0T3BB9E{TAVzJd<d({)YELem^op
z{*4X&U-cfXFAMDIzb^^4+@=3{lIYJw#s5i~P*ExL|8FJ+8=HRP|2ra(#`tSMqM{*u
zfxd(%Sx2~sCnr+w*6c(&IxZLQ^?w+kuf!#RxUQf3!5*~XAbe%5C)RAXK<QT-NlDXS
zzmAt)XD@yLdqRpDlw9cW=*Vb;g(KAM?^G2Pm3<oe3xwyzxC*<Vx8B<0R9<Xl(@dLu
z>4YC<^Z8sL0i0G{^r2uv^t~3tnCo2s+}vEK8~VRH_0K=-{lF7GlsM!Lf&!mT0v)gD
zYJlGCI@udV)zJ}YlO=^sE_$sZj#iQ8yzh_{Vq)za9I~a>89*qX-CzU5X>S4Z%d};V
z3RJt&Y7`~3(}zi;h7|_oQ!Sd1fh{yRvj8$@x!HrIrPocDr)Yd0FZT#p<XEf^#zS*H
zq^tl;-0jWPh21tDXm4QW=&-tagp2Sxe)4%|246%(<n6n67q@{F5|Waja@&VFt$wIj
zOQTWR&Ec}2$Sd`dI#)LB{`2S0zo4QDy_RHQ@wmBWO&NGWm&<y+wOrd!=Wus(E}!c}
z27pFtwYHQb+}08es1s|3QgJWe#4~&X5~n-D6Pu?4xd(8pt@G_^0L2-;*E)Nzm`~a1
z++pbZn@Y2B;@zQIdFp43n!oeM3y$yJ{heN<qC)OfU@jfW^CfQl{A)z;2!ZP%WQGGo
z3<+2TX`sfD&1go+xIZ<x(^79UE3({fRSZCAeyNm@16FX8i4q9A&8;8^$IrRK(#))q
zYz`a+K#j!msGNwwRyob*?J4Xh&dw2}LdnZ><N3<%odW?K{tt0*R`>vV4ve|e|B(ru
z3A1Kx%kWT^ORf9T_C{}55{Fv-=SP5(q+@<Q+%FIdWbY&ZCrEHenEr7bg<72(m-C_{
zPqcir*<KcabhV}Oc^|_Ty+L3y1Ju%%fgvJkdtTrx7pk|$nT?_e*u{LYzt?!PKMP=p
zhyA0}LA8Xf9Z(TEUKfE#EY~<c)F(KOTR5lN<5{j18~q3)6bINqcA>W#$^y?9z&6Uh
zGpPfp=Ji@`9;lXoe$>L%-MjC#KT{RTZq#eb$r&dnauqjZkcoUMA4PTcdnwS~F?HTr
z?kf3qd3{ShYV_Y^bDfb|5%-*?R)`xhk5I~dL`tZGyxcp{7jn$+yLH)<j!z_vYKY#K
zm<*=&oL=-_cp)bw$<UIMvHP#T`euTL=YG1`bBVb#4e=J?PKoETn6w2l1aLZ0PW}5r
z?!0!#50L`jV#(Jl(F1r1ZEP_4y!+u5h4)ijl6MOB?0w%@a`m#lstvZbTI$VzJ*~8!
zC;l=~q+Vuy<Hq<*dWLNod$~}%0;OPFOjq|g0X2)lFa2zcRYtXHyn=Bldj*{ChyaCZ
z88swJZjw7jwYJXR68G=l4+;;Jb}uRjeGE80jL!FkkalNIS?=9iZ?VqR?+j5YR!CYj
zzKZ}5pOuyO+^AMLe>#7_<|>@!)YlI){ZNBLnmelZ!~zal{ZNmNk2?kim{bgmoJIaq
zKR-<`E?n?W@j{RnW76LXA!A3UX!}&T?GHBz$jZw0r-+EOJL%}?I2}yK>dhu`m;f!)
zV^3-kf(d|Vo%*dk!;g4)RLH$dS(Q^TkwT~6%E)}4h-FQhs<I$>uut(iiQVY%=#*y7
zR^sbBL4eKS)P0&Qbx{teWRX%+EA9#?!IQ+ryZhQxY71<1h`B8LeI8s%%1E{K^tf1g
zyuF{9*=;&eN#CbZ_}vx00ivcM2>*v3o*reYq%MH4VzkTA-d=xaqDU=c)V#qQORVi+
zb1Ct>Y-C<8W#HR7+yCe>g+@GyLyclhzWv%8Ea6mE@)V}knFbIRk7Ll{Z?7&l>iro|
z%oi*dL?=v{z9n+gu}mH4z(r6n-utacgOLC8%M@;_-b#o!<n{#}9h=h}FB0fZ@P2Qm
z%7M$NZ&rOIPu`#_g6xkh0L)~jd(FPt6_54IYjBt8bU8i&H5FpJpacn=C@scS>}P&u
zYQ-N?33&LG%`N`-<e_gqZdxqq)L$MJCpT*S5n#5nlyeS^p{cZ*Pfq5t(C5}LovbEX
zzwRq@+e@~Hu&S6=EjN7h00rZ_(k}(1IC@1C8=C`Cof@wjHwF}C-S#fbq_aN>?wA<g
zX-i6=3pWN*){muH#|Q8WxR66T-#&uk0QetY`>nNB1DnydQkNI&w-QKFM;#o7geLT?
z7eF_Ou9w~ceGV|CdCEm@U!RTDIc6EW7ZbyI`jNQ^UG;xYvkZ?Cgw<FnHc+5H6|zH4
zAh|kUJ#Ct9umC0t;M;y-G<qX7H#hsIp{<SvXJF$KB^4YIFlq*ko397J(!0k8!beR8
zS+CBgH5*;nW+zkm9KI6hxCJLpCHAi}skRJdMjl;s1n-L2esSEH9L>|q(i|`X#1EY2
zLs6iZrynFY69sIT0lU52?A<}JR^wT3fi5Zu_m3<CfXAYdPGDZ2wSlZJ+};pzTzVn_
zX8(RDhp{dFr9$yw+Cq3(mD_;%_QbD&4mrB=&(kq7MRose7x1EM8z#UG%5uAT_NCnD
zn&@_owJU-|96-T<O5m^BIh?D2vR`lITGw_~NN5+TpUHi#UT|s<>I)n&mIgWtoA6^b
znhDEalBsa*pC;%xZ8><znj~YUQ{ncrJp0A{r=+B*J8=Bp#E|<7!Zc;Pyt;O!uVb()
z;~&55E;GnP_spJpgo(+tP5-xvg7@l~c*0wu48V0*ZnG#1dY!nyt0pBSBs#2X?5|x2
zGrUiY<mEoRfHD9P9aH=pQAMxZCYw$_2B$|by$0&pXuq-Uy%6SKo-Q`_MI;Bo>BIk7
zYk*n+3C#cb)c-$&=TD63@2fNQzuerP$JJQ_R8d~;bA^}IXVCh0@^Y_5f3kve+jdzW
zFFHYALPCaNdu#3~feD?Io7)m>FCZ(+EBs&Ng2Zr8P-6!Gmnal+<HUxXLmEQXzJ|t9
zKSO=&B}{X4#2`O5+9Mk56Lbxu0ndD~%UL`a5qEafG2E&!rdUteL$9n4a40xV$qYWX
zf8kAj4!sxErlMj<wl}&tv;~-xtsuPQ#3`3S%^;-Otu~!(WUAu~XE4M+k2^kU(=P+(
zPKcWnPe-S9_rQ3-V*(aC@YmaH&rmn1e_!7|wC*W(_K=FTBml3(bp|TJnDOqG&W#VW
znCxG@+;26~3vI-ES2rTe%g?W0hIe4TsAOD0B=>|zHZAlI=H#C%px3%4R=<kjBwpiN
zV8bf_m1vmvQZ(WQ2<ttkhBoc!6q(Bm$=IIHiZ=>%L^LmGm$z50GxE+p7?r8oI@&Rx
z?co16gGUDJNfI(r%-d!`c)$ERex@)x{ANRZ!1Sc{RJX4l@q6K-)U~}Suj+ssZK)b#
zU>nRQl{Az=PgM5kBmQC4HNgSY`zZM@Sy{VGteA}^z7#`LZb+;ib+}EcY`(IOE#-H6
zx}%jr9o~(*JgOdl@z1;b`CU_+>Zg+u?hsG$vi~ATf;_F@8p$c;!~dA&znK_kmk3&n
zYhss_e?{d`QB6{}7U5K<JU<a~J;tL>CzBkVRab=AagdX6rwX~BXYYCIBha+nPEV;)
zGx6dw<pg_H<%G5VAb<Y7>ay1fuk~y692DG5qEnIvdLHanQ>DGr*QfFe#GnC(gQSkv
zU>rqrmP`_R<Mj+lz9@5!a*3LBH?xqvqh-oOk=guq_5Jkdzjo%@i@qfut~_~dY6Zcc
zw}sC>{k}XXo+rf=>IyXI9s*rN0Bug&)NmHU;f(Q*&tta*AxNyzWjhEb(-|B6tsvUb
zX+dsKrGC%lB)S#D)y4LWoa8@~`&0E#PnS7Fr0HbYtEz3Tm13{+GTY%5sx-xRS|)_&
zV8(m?K;I|;6&O1627m?nLkA%AhwD#7?CAMvXAQm;YIfH>UY_2MY{VO2ao9K-7}Mc(
zV=R20qh{$(F49`5<^U|JJ0d<6;99Nu1~v#F%~qqDOzrRPrY_g{`8^o*PM0ijA~Tyh
z;T8)gkEJY(hzMS;;#tVCgDa0&O~vWS3AOhq=8kj~D`a7r45oh&@EUp-X$zab8BM2q
z@#15Jb-N7wcaeC8$G1N}ne7<{n}@KG>JrVSi0%w>ut1T9H(lR%h_B4y&lrtQP*;;6
zrMhj4fbG%2J)<E{3&Q5PzujGbN-}bG!|TW&iAgf(8xXoVQNVLb%(c2KP61o#lt9vU
zU$xTqSm%le43N(jBirV-Og^jc&hSX)^S&LhvYO#oE7N<u!M!ld#@2YdG0SN=;`^*<
z7QP{n6%-u)VfOCkiO5LxI|B1@i;f3=fu-)y1rLbVKSC4z<7`6Upv<yUN~{S^3%NPw
zXmUGSN|QeTj!4pvboER=rxm4dnG1z{aK4yGA6RQt)^&rk2&H)B`fTFl&e~RmW>D?#
zg$I<PS|NkSiD?bz%R74mrGcm)%idnxPwLKi{LS|GWZHrvG5q`99ZsdEiSVEVy5Bol
z0f6gM5X3u$g1XtN&Eck3)afKW^Um`<Sx=ti0I*k5L<)~LB~mOTrQ>XgtdV2ev;OnG
zC}5C7a=8si;I&)9TlBg?wzjqg8FpN9uM@jxgIA$|=4Ewxe{kbF6Y%m<Iyyw(zQy{3
zH8C{AqmgzivvOyRh=|~{{CHPiOf5|5LnPuAI_;6o&d1E0ZpPug4v!RRF|T4fj^{C(
zsKg$Wm7R3Ns>Qj?Nrns|UO}7}Jx=SpWo%%O2A8AwNy59<D^9bK#3GFv_*f7uQN$Sw
z|Net}sufN`&BD$77kdOaI5>3;cQ@CEt9aU8b}tOXAkr7d_xf)Qu%w?2_I><CM%w5H
zibXc=xKQPwIBMy40R%d&fMur6`zE5tQ2!+H2_b+Tt#*YOk8V5{PD1c;<j7^}2fY5q
ztnmiak~eGC{IgSk4^Yw21R#e#gAWH%3}rjeApxLRH?<!{zY=S#4zSFP;Z-{~GS}z)
z9Q#5~-_~GRP1QT_ROPEMO~tO;UcHUX(49`ktTdhbg76pJxU2BJcYe~PUuMY5Oi6i<
z!p24>rx8K|i~*H-E?nH$W8ULWC2~@2(>+IDyME(4q7SI>p@4I-?sWZ5*kHn@;zI9O
z={6BgU^QF00)mv8_Sqq3-IdnkF?I%G4?coUW6c?Y0rT!>BcKkM+X_p6J)es)`HqLn
zLP?IK;zQtI|D_|h9|fss-?y4<WQazMRW1++01W}3{Q<hYSz^t+4c!>9wXJQ|v3gcP
z^KSF;(?$n^)18T~3V&>S<pT8pt%mcFLdmQh{_b%QGyqV#Zts&v)ah<9pw|EXP=z=T
zz;yf;k^Xjs7@|Z1rAw?{bA(8Loab(=y-@}mP$yEV%9zM%bSaX_R#xW0u15+Axzy4H
zO#74pZ%S*IV}YGL=dE080Sn}}&^eawT;ecLYfEdJ5}hIVhwxLQr7u_32)BO?Fl%ls
zEUenv+ES)JB@H%mvtFl=nj+P@<Vca5u&m7PJmo6%lICkFFk>i7A0^Oq<SrvX+q{^V
z)VC?zMF`v7D;HPSdt!9W8w1Jq`*VB%Wf-2D?%|so_+-^ZmC&I3gDzlAR%Lt!!2B#F
z%_sMnnVFG(sund~EnHn+Olr;v&AFPb!A}}s%t#YOi!F-O>8lMk%|F(yn9x_1?LfBO
z$buVqgn=mqkBd@xC|O$;5jBfN0=zDWm&O%ImyYHmwO(m5B_b5$K0tHgKX@?JXhlbm
z#k{<?p0u2ZR}fFua8`c)8tv%lQ5^lA__?eVfWac`UY2;<YmAER3J|tsZxS{NN)HuS
z1Xg;l&bdGLFA{KyPK|k6Wd5nV>04A*cb-N8Kjt=ZfcyZ-Bowd9W~Sb+JyVaA?^##+
zO`wb6l2B^H)4`c=4YbIhpCCDFrNN!8In9nlipJM=gqsVXv@~m*Z2VPLlDc2KXI$RQ
z-WeVEyaT|Q`wy<ShU$?aH&s!Gq0x+*_2?Cy{olPj(F9zR!KktA*kW+V_di=N{z0}N
zsg^lWHw!QLr}4f=bV~Flyy|Oh7iUZA-<@%elC{!M$kx}L;WIE;MMJ+$pw84&wNlPk
zDHiRnuF+#p;(coG4~FdG?rMMCLBE27V><fd5m&x4N|?yUsi&1`H<aSGPWC?<y{9b?
zVBqK~TzJ|6rp2R4dZbS4m7uf>Sb^?c2*F6cE3VU?z-t*9#!s(QetH&cn3a6EOULwF
zTCjv3={P7pgvdUt&7z&tey|<y6T|#8<>3`e%W?Z*H+gNG>R1I{bSe-9azfrOKIe<w
zBSx<Xd2XrqNe+?v5*Ry1M-h>`<M=-S7E@H5q=?zqdADP-n~v#(E8_g8_I&+A)C1i^
zKR;6dxg7PnB>EDb!aWKOdO*K0U2BF5*g2@dCIG$JJhb4EauUxeDSez5?xGSC3Ei9y
zq|TYif@@u{MRXP`S3y>(_9?lY77S_AL0s-~ZWvy#lR+|DgIWP!)bhCPR56=XC{(`R
zi~3W@xzzCbROg33>M&oSWORO9hE8=R3n5co)(__4>uPSIYC1X^Tr%8ulf_!5HMVS8
z^`}1$(mY*shrVDO)cvajy*uGh;ek!IRbH3Fr;$%Q<08mrjPk}Bm0`{ALlZt$nd5&I
zzC@#^?-9Ifd*yL<kr3u~HBiac3{bH9%?&IX+{K+B7B@A;OYUNd2An{{u1X5Fqya|N
zO5S&!TmF$E%fILXk7ij!IQDWgT;0b^>mB#Pa&zgpQ^N5I@KXkqP0!6%C&-l08Rg(z
zr@=Cl#IEqOv_I$L_giQEn%N77Rvf8|%a6^PUEggFe4d(r;%S>o9%raHZ=sy2G)-P6
z1lZ3`%S@e&bbxJ!LqoVMA1%BOoKR`odlwjK?_LwZ%gcLsHTQm3#3d2M(E_01=qIda
zddcSbS9EeXQQt-wx-)@vLn^OhGN^ARB_pdSY_Xm$#FkHBUS8e%@Mln=a!UvA`%D+}
z`2h5oigWh`{8p{C#r+bbj2^JwUq35K=0MywaD?HLWA{MZ&yI#}oL4tDfA=Vw0ELLL
zI~mx+VLV#l;C}x)9Ep#fK8blxV|8_}GeYZ1waywB&<;tGSoEEFZ@IgxfLBEl8?Sek
zWKridOWY!kQB-)TQIBV3Z2_8m#V^8`S0qdcfqWw^sZL35j}?j)Y=rZ<T|ewov5|P}
z#bYxoIrVFFZt~noGc`?(qLQi4orof%Wv;VtYa$c#j|TGIM3Yu2$<;X^N9yS6bfD+|
zdh6+ilX2*Mwl5$Uk{`N?aOP<md3$j0EgH?qg8NJKAgbqRzU%Mfs6tfbMUj!+-+dH)
zc#r=62q>3&$y7OnW9~M89!Vqp?K9f+L$3@NQQP2L65n)x|2K~FIa9AI2l9B&S0A72
zEEsxMhzAdJBlfh3WHAC=n{;)p@^o-K9=|PG8JeZ=+CnkW4#W;0-4$Y?;`1Li{i!uO
z(Vr+BUocq=aMv50vvd(hDeA81eyzG@qd(=}-G3m5OG?`It!UQlBZM4KLm9v)tU5Y6
zN^KUsh`IBe<?I@G1vqY3hdmJcDUI+A3z-bQKoDx6MKQxKVGB%1XT6uT=$-<a)u`sQ
zUpaGZhhuLQI^Vr-$Hl>UsZd)w-h6&A-3kdj2ewf}mfwR#PdLqJ?v0eCB}Sz4-rxxl
z$ASBQZY|#jNV6wmFChcC-?}Z2S%&L9#X;99L$&lu`wSJI`;|76UvoYXS9o+XAZe2c
z2DSQW|Bx~g$-laS1Lo*bqdx8ePdsMLAbFdxmho|XkT|BjJAMUNCa)3mJcuimEcJ1Q
zFgJsTSXj<dXU*4;1j3;^HPF%IxOeFds6w<mR(g&E0>B%;eT0CeCPI=<$>GeS!mQog
zRy4$V?B*7A?u7coPy9AZ@@5891OGX5*F*4mJ<l4)>p^SQR186B<O6mjMBJ;sGF+b?
zoJp~)XyWl}+cxArnt!kWPWDu5+gt#2goahNzoeKQ^CSWbix3kf1dqW~@+}3wTUdU)
z$4mJ_G$$vqKES1)EA|N__7JNj0i+iP{_72Um81eh5<VUmd8!K}S;IljTQPBr+F=jG
zZ!6p)7_Mj!Ua#)1Nxbz9=79OO7?y88@~B||4~!CFnY3AGYi&)pn6!CH;SF<TP|1m-
z*-A-obQS!yricaL+f_R}whj*Kz2gPn)-T}enKF_N;y?8R9%JK^S<wr5ZY~;d7AoS(
zJ#hxx`(;WmVRyGIioy?5Y^lYC2peRZ;>B7suFtyR`Cfz=D4JTSJt^IOpo3J>x!vUA
zuDpH)Ipj=?a1raPnlm~zC$Ta47bJ?8X2r^{wM`I(LY(xN(7^x_`Du!hpr6byH}4M*
z54*T0RQ30z&^-~$!lug&3lGo$2lm@y?e&hH*f<swazDTc6xSXYIb{4>7peCf)4Q@C
z@4-RA0c!1kfR%ocD5F_x8x5G=R<<{!XcpHD9-G9S@0E{%cWZ}E23EiZS3f-$>6T5c
ztb7D`q1+tJv#WzYXDe?LeK&Y5AO?YN2-yh8$M<>_YF2%v%h+^+&X(5H(1FuybmtSW
z^d9MWbb>(NQGpWuxYMTsrH$A!gO?iB7$R~P@g|_&9;W)Q5oVuH8%{C|Sbea_`TJ|3
zv_sxYq1PAPoS>LA-g;daOg`ZLQ>(W`4vZvS2VL+w=v2K;RLXutj;{g_T)xKI3h*W=
zhSQrFb=|)h2yX7^4O1H!G=0I%%shQPRm;0;eg4%-spgsc6LRB)75p`5LSPQ&&dSP~
zC^*RbCM-+CBuNP<G8oIuOia2Rni@378)|t+Au7%a<&H3I*$g4Mo|X4(G>Jjdl*OWA
zS;H~9jrhc3(=Uu7Mz1~hb~lG|_+Y-w<z9VQe?I$q$Ji{Q$Nd#&SfguUfzih4$&zvm
zdU(XIu&SMn4XFfR<CmQyrBv_b7;}l_=YGT@Swj38-JNrfdaI4hm|eQMvRYcf;T?Do
z6@26YYB5xsydFo(%L6&a%W8eCY1s=k(Jz4^{9OQm8<gl$>MRIu?XMb}621YAVPK7&
z-&~!<sH5eF>Cb+06Ni5jbuzv+enOH$;|1BlU>TDX_TB}+O6(bxFWFFa7WYCN#_b18
zIj=R(J`p{Q{w#BG%40lm5&B1Yyt%0dwlllgF-zP_?bNTB#D=CM;Urw&?XplB`A@in
zNpHxDi<!gjt{)%6pmHU-?k~(tn9nsU#2ounn*l<3Eii+2^t*Nw2BvvN3~)dd^1c&*
z;-0n3@D$REb3#uyq4$6>An~M+(>mZQ4g~?Ur)5;BDAnyPhfuIl`ho1N@uv|2-Lc=3
zTf+rURz)%-B6I6;adF$*-ruph3`zHNJ(Uc1o@Upqb%`F(s8*<yz%KadrJl@bEeiT)
z6J2lH{u$wVpS#0S%Nu<IgRLpbFZ7UGAU`}VKQsuAH+uSf`~vCa8(l6*{w=TT>C9LD
z)jvibYdV?9;mx8c12~=-<F6EUT8?_7mQ#6MV<yEhV55=Uhm(yLGKiG|&T|8H8ePtr
z>}lHd(|riBt`w;G2nq?IrD8`{A%GLM12@J0YXH#jC|}ajqG!en6h<NFv(9@4>oXq&
zFI<p-f~&L|_P>8|yx>d<bcX$H8;#rNy`W*!HAK&-CKguDP(7Gt|A0Ufb8nhZg6u1U
zdome98E^vT>}lM|(e|_!4p`yFd?UWOtJjEPp6)$hYPW`KWcKScrg~f)E7Xg!Nw<+c
zXB711BB?p<kJYkuaHOPSk11+6%V}EXY_?b|_k5BL3~kd<(l1ph)!8%L^y1>EySuw+
zk0VRt%4EZH0|h!m@Tk5!Rv7lRwNZ~~o@)b<dYp1%<JEO1JK{XcN7(#uaGq17Sn>WG
zS*G5vxJfHbV$dN^$Sy>pt5IkhbAkL6MLK~g7shcz$baoPH$Q)2FjHc-pypI_0J%w?
zsWN9f?0h45al!#|sB9Kp2g*IYfCSC{a7d4M0-`ulC*O{;I}6D`Ial2vdhUJe;c*8q
zX=HWb&04sLy7hEdXjGL4*2vau18Par1-VTl{2t56fx)L|>)N09r_#?Ch|OG6<0W-i
z>Do-Lh2ufOc$oP+#{(TwQBzgI;b9^Q#wO57__J#x2TRj6I#lqAbh20ndRQ;wb<PFS
zrXYNTU1_x#tdk?#J}_`io9$Te>|wfa`>IyPPqWYouuBfNrr45h$^KJm<%v_O)mDpo
zT+oFDa;Tsy<DxUI^1ig>P{3o5qDy_05uWuabc1MrNIu)%$Z3D(y^_-4%e3U~Q9r7H
zM%4zpS2b_j(H=iBna|n7`<;<+U4vWSa89wJY)UBR=OdU-{*8U$6T?NRULRH)HPyXZ
z91pI}g?1urY@z@lWgw^Zw!Mw-dhrOOM5Ec#42w*tYuth-C_LN<>htbbb-2_qSz$#i
zHK+&K>e^K-#%NV3Ia&->eDUIi?RG!kAd1%ae4WnE1`WXafpib-)Ya7kEUu~Rt)^C5
z9gclGpt+%<q8<p=jRi>*)iYAwnEmQ`&HnY$545qLBu&2r{gwz5qkcq-OTdEaz`Utn
zKP#=&Y)M~zupq9a#JP+eO)BWd*y)7d*k^mYLKBgO(eYVe{}rW*qGgH)#RM?oB&*L6
zj?Vri{PV7Y=E#MQ9|~mErNVLJ2XJ3o3Ua1lU`n-hU^!0^EueYLKL{)_wArPKVHXe(
za1)wu&o|khr@c9}DtCp$uFX!T<_E%`h(r1Uvlc%%3Z(I)4E-|rGTum#LD3Qlee&CI
zY@#=wslAr%AiK8k{b*OE=?tQ|+PkJB9Rg}J`bK`*{BU#JDb?NI#Y+&HEMbA3?pScy
ztnHMj2~}5A7_=eeMzx;A+*xS>p!E435BOPwr~q<T#92Ww(IweGF;!9f0+3~gkMxy{
zz_)TY=gJ;{Y$&5vbt>q&z<$<#?o;{d+||uR7aTxe!&6><d@j=9v<C>YX>%I@O~fUK
z!vrbH6QZtC%95C<s1^#2Tf^T4EQ*y9(Vr)QVZp(I<rY96>-GK3jr)OVtkUb94a=G8
zShdHu_i*E0D*MY?sUvNqcL7zys9GKa94VlqOouxJn{97q#;40*NDjB!Qkov50gdQG
zjq*aIBU|*zIE(1(ypETo5Sa`=6`yORGbU)WpEyUQHBE;7TqAz3Z}zKuc^X;7`_}a5
zU0UV#Lh0nz;Eak}Dwqrg;3?6v$_!@}&^YX2rQT|FTH$P?pNFg9)>t)-tDw+`=98A`
zo?w8qE4SN`-6h-o^|89rsDJLV%A(Y1RoUr4K%!=F?}%RK+m^#^*T6vhWmUmyqAY5z
zdAz4uxjk8I&W+?KiX*Vh2FnX&!_5m-8>0QhBbT-6AL94MOID4+=aV_}`er_8Tv$zb
z%*|{5QY&H?C|;D97z9a^?g#1>X0yx_HVZx#6}X>n7!-aNysp2hy|Ur{ejZB{vZtq;
zH(%;netSh5`v|ZySXwfo&f4^hkTt8KdU;$At|p=Cj>y7YAddUQ5Z6oLO*ny|4hgMe
znf6(`6Jh1c)vI|P!fTrhjm%-&C7kQp2RR3jn#EP?@z9oq){kcnylK~nhq`ZU;E0Z!
z4dVgfgTN+ieG&g+?-t)Mt=Si-1@(oLASy+O@fA;+tVE+~E?-G}h0p6eE-Fg*BIz@O
zn&1u3L%!*S_U>ORiYV^xSMJQnX`_iU8*DGJ$OJxw_u^ZUMf~G@2hACcZWPHR3kKX=
zJpsw1Jf)t5$*-81)@d`}xIy#bwOG51qXWpDe656@I;Tz7A!P|54eLp*gC`z#s`v*4
zj5ceL@H?XEB6g^!D-2#Cv0U4*rl*s82=C(-+@PSOZvdi7<Ex0YT3|92^{rx%95Vo5
zBx16#ui+r<2dEf85)~I${AG^mm3EB_a;SQv8%!9)g8ms^2=4ig1Mn87^J`iFi^J!&
zjnQyU_R}y}AC$Es1KH6Cq<JDCHt6H<CV`bWTsgK?xAa=ZOe*fF$^M&WXB&Q_y4c@m
z<d8JaB8u}u<8+1N^}SU1(j~nO9Y^qD$6oj>l6LV>=M!3I<hvh-m*xFd;{R?(QPCGn
z|Id~&tClRVUyPOeEX{puqd!8RP+X4ovD%U-M>Z*LrToUduul#YY1(a1rIka#Eo&_c
zX=YuFzbYy!+G~7yOrSa~HNF5N8M9X|bfj@}h8V{#E8WyFRel!obLf@#DAAPXJ$2W2
zRaDM1JS>j`<}*dfUoPEOq2_2lI3%paGfv0S@)@06KBv>$@S2J}I$kxCvO&O6IfdQw
z!%!q7^fIQ&0{>miprGGb->pIm$@o9M$O@ZoYJXePm+oCpo}P~UU?Y2uxvb`(RBR)|
zU@~b|B;luLW`BZR&2hIEuQRUOWeSA=;j*`*-koj`F(%#DcaixMJ7K06CStGGOjU14
z#~96<8uL&Y-Ji8B2Ktq}F4CXq3r9he;%gEi^DG9i2qd1T{6-41)L#%kK`q^TZ>qjA
zczmK?sNK;xuin{jW!+@KytBJ+y1z_%NuElI^^PRD`{TcM)t|IR^c>49E`;s>F!t7Q
zQEqJ;=wN_K3DO8igLDYe3QBi(mvl&%ih#6qw}41@GxSK8bPU~HLvt4U{r3Cq{hjm2
z;Sc3E48!xRXRSM~`?{~YIx18p_*1#pVLM%O0&&UwqcfaO7=o*AH}n<Z{S&W;^4O8;
zzoa{m9~rTz9o@`nJXC?Qg|l5vKa)Rp{!;6vK`=t(-tW(z)>3eP-c>DaL$5vo#%OcF
z@vgI#JEb6wHn!5{qMRpiwi-Fa#>wpbTPN!;!iL&=zkDor&l?)j&TD~lf~3l>+DBjZ
z`F$Z1(Z1Ka@tCPw7(qDbMRVr**?0C@z~`T3LyAZaV~@PG5$@i=G1~n2+#kYO3mwpf
zy{xCUU+_2IEE06esl1X4T*Q8{K6VXzhIjv=Ekd}7068TWuEAx>)G+jbDDE>)K<|#>
z;zGMh4K_xUGc{ayK%-<Y^86NV<(pQo&XVTzbWY3q<`zmWKh!gGdAbubzY5u_{u<F^
zu!`iEgw>O7^O#^7IrRzzP|v(-@J{EL^=4~0D~cf}-d{=9`i^vUjlKWP0;EFpoVM?+
za=5rp%<cHTa=}i81mF6OE7JQm@jc2cPgl0Lm#c{|PM*h3WlhJcU^FB3m>AlXb=!o7
zw<@X3Pp~>BtdmtG!Jf!&ivCHtMG5eY5_mm18~Ey`sMHCe!$})`^!jbK@cil{OIeL-
z4KM6exyT<f44v;#SZ2?Cd?W1y4rPb`&2J=Sp48ps`Cy2!sb`rvdA&YY6{R5SEMK{w
zl3MB{)x1DHzo^d~rF|gvD6nQ^>ov{X%vRMX%c}8K(c9Gn=aHxyZ^@bGeL^zvFvLUF
z*_h|Db&QP!O4v#IyW~uVKOLMMs9y4Rju{x&{#++WPI+!k;{V^1!*3`}^Q=D%qY6W$
zJtvujgmpIMPkE`8+*J|k*U(%g-Lc{63;TQr`s#Wd<R~S&@?;H`QNMddtVXvfur1jH
z*f@Ga>V<nfOY;%x{H)3<o7<k4l<jLGwCc=-L6dJmzIbz8(^RKpedZw&B$#Z7m&|du
z{rvTu*c}v@Ne!vHGf#p`oCq{_Rn;H33Cxbz(*1XXMf#y3-*-NB{^}=|16N-r$H5~F
zOlc(XuW&b=dQ%nWj=X+}zwJhNSgStZQ%(;ydD)VDBVCAXn&<4<gY{RatwtPBJ#I0_
z55_EN>$(r;EReI*l3-InoQ69*Kr8RXYXSpt5l6$<LnYJUxx1e&BjoFA+<F&#*VVC*
z$G-HLWyrWWcCG4`_w@)H&1Y4v9(amS%r{f7>pdfi{z3#dW$cV*6heX(x9-gvtYaU!
z+j6}UilYd>SM2Hb+G&>pzgU}Ek2G8xF2(hd*MEy!<Z<w~)_P+FtpLjZ-eUNR;w!gW
z9M4dSW!P*V^)>E0Qfz~T2<<0LqAgc$)+CbbToPBQO-PMqZ4Gnt$yE1H_|9qy-6R9M
z9@sJlRDMQO!86eNl*}vKtY&q~7mC|lV#DE&Zr&RpUO0yA6@F=z;2mMQ!WXnLVm`29
zZO-9fwewyzJhLI@WWKNG^d%o_HMLE`=*+c|2kFYqgKiPYgZWKV+Jd-Ur=hfj_Pvh@
z7;qtEV&vAzBvwQE=x#Sy*6;fZ^ZMZ~U726Cp<NqCaSmRSW@fZvhwgPtI%RYi7+kd>
z|7AA(reyXZ#e^_xKPCs|%Jq1U^-|i%p4WW5`ewFb;QqQ?E}#FFK&vF?l2i4Z0veL+
z2_O(((Z6KEv|4)=+&ZHxPosBXZ7Z4ptI)AK{_IB?X{n+!_7nvL1r1pw$mAg){n@CP
z2_8I$dPs_k0~g2}!>CKe=R@*$tr!cd>pdv)hcUP@9KJ9<RTskl_&96G{1qV@a?e0?
z&b!C<Ly+y+dhWK%o>MmOs3}J*3s1A%6{6><4oUk2N3Kmb@Ru9^OZ%Xph#aBYU<eON
z_6A{_=z1uft4DUNvHi}Xd?o9$6C17PE$Zh&GjjI+F@=9~qnEY0<gRFfxLZz-R{u*U
z_>a$J@6X9j{cn2o*K5l+^#5$a0NW+9=l{<ulheEqtgiEW13DE>kN&&Kz&Eu)jYHoX
zFQqIEPW>q;5Swq)@=c`hyqZ1!!NtIGt4T(!i!QvBs{T{XM#IRr_%y=fhoka8B7=8|
z(pN-i{?kG&^!%(^_pu{-?Vn&SpVC|Mxcu`5mWLvp!}WY4?$LVp<jB8U*2Q^!Kuj>a
z)9_C&76oQ0XZd@OvNg0M(KT5=Vpc;KgrN5o)x4uZ@0^g=F51mHt0G@UpZlsH;PuZ>
zC;f1m$HYp2rq5|;W-HfZIejowm+<xM0R)&a{q7=y_wB9v^lMfX9EN5Uu>Ltx-=UxE
z|B`qNFR6G21&{-Ys4o&<lt4T->uf*b<qkvSHMUYc@_l_)Lrwxl2|en6ISo>sJR0u>
z*+cv+EWS_Ew?X3l89)9-TK|!7=C>?C9VOxA_1;P*Q1^egAQqOyOAyb^M%&$yk+D8+
zaoc=nvDMWIAdjTCx3`~|HoGuNf0Vu?Mnya5Mpv5<riT@=oxQc2)n&c~`D^tZk{HyA
z_AieKfB93^0uY>0typ)&o&oU=7XEDqFl&W{i?H#@Y`5g!vC9+#>oO@dJ}VZ7{U3xp
zp~7^>omr=@H=`}Unj}cvfA$GFH5XUx@85J<0Ti|0!^p6vQNzEzU}g>*9FzwyMSgGx
z2dGQ8Zdb4_`ahJjuCL$%?Dj$Bd8|Mux896e4IETzb_(oIgM(VUHq=TVulT1#ea^6A
zevQp1?Ro#+=Z(3xT-aHH6-@dFH2)@LqKWE?+z)+(sa6bUJVs=8DCg-WHC>}j@kR&4
z>VoLAOwFcox3j%{u+jtb%5v1Gty887gLYhT5%@_el!*#AhB-lR*UK|DuTJTnE9#!u
zrJW_QS!5Y2f|PGmmEaDsg*bGYo`ahdvm%zqz{1Bjs||CzJW~Mi^^}uqh<%#O{KW~e
zs&$%Y9XI$WPMfhHkhu3;Ig^mKO~b;4Om99UxE!s@bb7Ogtrku#XicW6THilA+_DY)
z_N}C1vc&$G9AY=vr_lW_f^WvZh4t&yGxgAV9>l0vN#uecU#fnvgq6ng0Jm@oS-!MP
z2tAQ=ZAlLHj0o@aMQWLq6NAKF3CJ)hvPk>to3tvozHgS!gB7aU;j<z!4EwP}yVmo&
z@=$kYqB03w86fjVJ&fpX1QXp~2=*s$ze<oVhEqj)#~z*@WEq<HBvzRB@$GpvcSywz
z>-gN>_=25MVzwukk9ZjAbj(XpRbjNo+;fs))0P9kiwWKz(x~XD;7&2&-8WSj?;QfS
z>vm5!M_4-cI5-S@C*%%J50(PbysLV_+m;3wD8KsqJDmL<D!@QQWGJM71LzQ6+;kJh
z94_QvpOjQ6f)!CuwX>6C-Z$l>oVOhSG7tr29=Rq@H?UmGXMxY23)ur^(9J^eBnO@5
zk8djVfRV=zr2ln2z25{)17(S<+vd25Y9FYH?)(Oa=k*Q(lv0jXiHl3!`!sdW;QIM|
z@#6(L17LYHpr#KW9<EjQaucAv=Ht`ap*+}gzP><D-JVQR%Du<b!>rfTx~!LDXlpw_
zOz985d}e4Qv3Dwq<GzK*+}|HQW52bz_$4?P6%rA#x(1ksNPHegVn$gC2vN8UOs+o;
zO!dA#JBRH}G<ng2LQWlAeuebzSlMdOx>L5c9USjB_xJaUDy&EYl$HXVo%D3n-ZMwM
zY3FVImYK;s?<)2L=@0_JuNI@f=Cw*GPERLqRr0!w-G3J6g0rNh1++c&y$1ljrnP9+
z<EK_`RcKasGKX3J6z_ws_hnmk9w$?;oVREEK&cC$q5%E)0tx}W`xj;dG(ttF%L4;?
z<))y4jt6L#M46NdS{&!8-W>}zqEPKd=THeDIf=@?^P{&RgqQR(niZYZWkO8T57cK>
z5J$^;`{2R0g$o*7tv$=rs73<klFe|Lu0IWPF*{DLqgYc$v+A)v5EW9L)~)iSCL!Ij
zXp(Aj+mePC(jJy*rTnP2&FqOQ{yDy<)9JY{D2B1Uuto-L1K3e;9P`1(*+5h!2T`ae
zP{{9ce?SXH;iOYXuo+zCKA))%KKJQcJV&}F<T7T3K(7T!0A%3g<5Oj&-E-PUd^UgW
za&EC`rYfQL>2Rgn-u2cdpZ);#2vg`H9z0chKsUe2HJXHa@B!}8nh%TM0Kj;RS4N_C
zY_bO#wiR})%gtM~d*Fg>U6(`gL$Pja11P}ah>a3eGBplmWoGUdDw5ce37zi12LPN6
zmLW^#4Q;0v*JqkOttGWW8WI2Sl1&m)GO~ec_^tSoY2i=x$+WO=7bB3fbDcNt1%#y~
zvrvvpe)74!4mV5lNR?Evl+TjAFB(p0S&Kw*P~-h;jRQ0q!~%1nFjxHq*!BkQ3lY(f
z=N%Jro%dH$3GOO77%BDhTG_n77?>T$m%iJGchzrgqx=TVuPE<|K0H7FnZ##ClQdSm
zng(4n02??@>2rZjJt=G43l_Cf_FED@Sp;b#-JX^oC`cW`LWBqf4XLhCn)D}S4Qmg<
zB%~2wFkjBy%v8GdsG8osilbrDR4NoD@ee2Xz;nvsVDkf~ZN?3i4ty4{dO&V_eE4)@
z&g<^9!z7~0Hzqw;?~H{pdxCnYAudGD+2<as&z^ntLsWdM!43N!7e)z>7dcgofHVQm
zk;(ng!=+rXEtm93mQnjE+@x`T|B;m3Z(N2xwgPy`5c?izT4_$%>H~+?wa!J)GhaDZ
zWg1dtGmX&<&gbw>S1uA@_;mn#3)al!M2Q+R0+^v9?b<{DoYpzJp@Gm2u$8(hx5f*n
zwCg+*#^+q45}k<W^~#yAksF$Uer%pXE)pn9-=8mktaoQVub}w%R(0FK!_>dIf-+4{
zR=A;tJMGAJbl?23oe5!q-oyf?N6#S=OM@|~sd2xyf8!~#ishdi-K?CunvPTw_;F{*
zbu_X};u0|W{W_^7GX#ev3jgsud770^fbB6mWKpX9c+M^=au~M>H|t#<hv(SuOgZrj
z2=I8Vq5)yuD8@iOr>VUwb|)fIQqp&#qM(}yUSU3x3JP(cvA=zT!_0N(ggY=W^r8Mq
zVkMfp$s<@8Nv`nu;Y@>D6hbt7q1f%He8mO7YlB&@wl$;P{gP%_9ohv#Rn1DPx3}J2
zNPtrxy5b%M=Es?W!ifgp;S&|^3HGN^+1EQFY+Bpe4vJM{6e#szU{=cvO<HZAUoie_
z_hX?aIKSo6<^;en-1q)Q=;-JsVEQTKYOiArC~z@=i#@wgT|OE2Uznf&-USz26W_4e
zdzVq|FrY3snQats>gw(egvMGf(20>Is=QEuK72HtLh|N~OZQd^zgtk=NRCp4IToM}
zs#mx^rW9+m))3q+e=L1<XlXN77bxd<c!hwoT^tj?0d{`!#$%R&M5tCov?vCjMJH2i
zugPkrA_2@uSlHffuYljq&km7kT5qjGZx0Xi+iGy#gMn1?(&lEOmCqgS3oyAmMWrXe
zB(C(R#h+f1B@o?LXJ_7+XmSaDgee#M6t7$|#*<#Y+0#Z_?vT2o%Q({|&HK5aLv*X(
z6NT(Dy~OE_*=ixRVx2Z~P6yC-bb;>rxq8lx3{?GFTiY~%R2zp`A2PeQ%?ydik*SRN
z%ujL%=n_JXkNWL#x_dueDd1Cqo1)d5VoF0x55&&e@Ji2_GM(I;%PI(?R#WTdMAF&H
zI2svS<ZT!UY-lLr=<VCsEgQ`q5LcvP3SPt?t@+y7+b=A4DWQ?v@IqyhyyZ%P9}d5J
z-QgqE{xP90**V_h$B$iW>Xin2dWQSQt0{21`#&j&|IG!6s~^vON9r)?HY+0ygnp;K
zZr+TF1L^}P!N;zs6+IZ)D7ER;EBOwp=mxArJg)0ccXxNA85L#}O|tagvH<2nB)8lg
z4x-#))Z*fl>^F#+0Lg2yJ4V0h=G4O<jVz*I=VvwCWCyHGjR$CtXa)96L(s<yIO(g4
zX-<k(%AeYk;Y+l#Wp+bCT~!CH^8Yz3piLqhUhV~oe2c*>(3Xx49*rbWFI~*tgD%X^
zrC3cjq;`A9K-B9z{Z#lsH<K!(PWx0$51n?+Q^?8IsL9C1s5HPrA>?Ys*aWUbpuFvo
z1%vEgbL*9z?bY@s9`HeYde5F=eFo2x&AAuF^Gf0H!*2$bd}W=Nzf|&{#Cymfqo8Op
zS<aR{bUR!&xClu|=JCK=o2GVs7Q>{JxMo8ecANYvz+Xmdf7@|DYZncf;IO*~5EboL
zBw6q4x(15&X|mrO1%B0TOk|7&H>e(p^xE=N4+83&-G?1+U`9vTw#&d{Fo6O{U%3V;
zEwuVM&CGRlbp<kqyCBb}Wv{Zp$7f|BxyK!spjH|$;K)lB=8eyac<~qmgPe7rQ_1@p
z9ZcU-Wxfn}kGgtz`jh)xaB%r^m)g%^X*1-M<J|{oGMvzX?dbrOo*RSNUn}6^*nC=q
z^X)&iwNV0!8}2l>t^R3mG_=NMsDb{DQGDrQYj))S>ey$jVb8>+5kIEDfR%twvqC&*
z%>byvt8DT-1gwbOl<H5wk3-}$gx&I2+>Tc6R@-W>1i6^1D?0jkV>SxiQuT0dIt$|X
zDgd4<YjAQ%&1pIH;8RMy^Zf)q?%l8qv+&%zXU7BDZ~Bs|vGMW6fHwyeRBy5Yf9nmW
zcUIOLJMGHX?oN3+`81%4b7#Q8pf$)-0@uVnZ&n|n!`5b`ZFsqFsHGa4=X(AJW<Jn4
z0KMTt|0E}P@!hMwiVak+At9HZnJT#PA)6!hw0Dkix)=)SZCkwiG*UUIwb2$|h-2+0
zH7XD<mV?7#<rJ9Zz=_NOD{4LM0+BDaA?aCL{{ffr=Dl$&(t(Bn22g=cWeE8AQV=i%
z;V}2Mp8IIn3~r8BV}j5k7mVZVIt7X;`n3wBJw_>$P%{*$+$%K+?IuIqq-v{53%x=M
z+$t;ewr-PKb({IQ>H%%SHDI9b4d%!&m<}ZOPpR~rS<S#S4n3DSCGVP|mtSz(&MZ$h
z4SW~U6I|`rYYt7~j;gc=XH3$L)$0O1-M!Eqm?WG}s9=0YrK5{Wu5wo-L8vIWHncZ>
zhb#6U?b6MMGGm>&ZDw8oQVXz@_vY`SHQ+cwfO3C+yVenN*#)=D8dL`YLqepT6vO?Z
z6R@!vZ=shWrdHaFENGr#ASG$KyrJb6;Eyc4?botB1UnK?nz4Obn!zYax0{Z)o?I<g
ze&Um5ChDceSZx7Kl3=^kfEfouvWe0G{W_29>{=|ekbRLr-)qnE`ud}IA?X}EBb(eM
zuA@}%O$i8S#SoLWVkG9axtHz;!|0l#nNwHE7e()BXdcO(Y;<7(JLTt3I-v0RxjLN8
zsMGsNbFKDq-LEBDg!rCjttEoASsSYp+!Tnco?>Hv=`vpQ{C-mDu%CXLt+mnIG3kdz
zDW*`Ypwxp8fBT=E&7LsKk2$(DuDRnL`ct_Qxfptm2MKrD6bD4Uf~jM#9G9|%7m7=2
zU7k_aLz(XxkFaeUWRl}P{tgOBC3b-gg2~Jc4GniU35>T{Th4T`K#GH{t={0)w~4tj
z+|{!FP$I5oV7Ec#{a(q(1RkE4vsCo?mD|QoE&Azp3&IoA)48=)dpqQK5K^ClXAm7S
zA2e3@zWW)e|2@eKcgG{q!@aNXh9h;xX90cgDL5qAl1+eE6AqaE_e)H+xTFY=+KIDB
zw`L*~sip48Gj<^&2<;bI-xp~=uChYuU2|;tqN{o-u3RNe2<Tp*!@JTGYPXbg?sO4o
zqr*mk)|+(89hy{aIJON{ET}kREva^bNK8&nvYoA{fuMPL%eIN;<;xZ34S@S#=9lc-
z&CJfYuB_Z1w1|<FyB<UuTLTN<QntcCuk#B>B%q-cIQBdG6M!P}Y|j9VXSm(J%ec&a
z3Gp$Uwy^1|I6W5SAsssbns&W6iIVUkrX(|Sf6dIOmP#)+jME8ppv$*>QSAXi?fR`1
znRl9?FBG3CM|YN&-X;r>6F4m<KF!ZRox7YD0cx!sazb(o-~<C*KMLD9el*f!Y?j--
z_W)IZ&6BqQueUIu;pl2T@wCSo5Sd|z)TmL`P#^~yd%HJLdlw3rbrh#kuGjQ|8O(yp
z2!t8@=9*EXE~I(HZ2y#53M_SA(KD<M*ORXfoJN6F{ycC}uDR;MXYieP{j5u8xK5RZ
zGztt?x+8k2Zs9U3f9EjUoB2M!9`8KtGPUQ!>fWn<w_a6y93Y<t$^Xc(H_J;zuRiNj
zJUr2lAEnDooSmI<=oKfB6;`xCHrU$HkpTLGhnsY?>iEZaG>CJjxxGz9CAs~n`=$7y
z?2aIg@NH}qn5}nO00Fl~wfB8cTWr^79b|jqLhF43V(*Xh^W<M_;4{aI>1qYBOgc?p
zKny3x@i=zKguar408Le|jp~OT#*fZ7k$aYdeOQq^lTNcT+cG}K>rmIr8A2|Au7<_r
zkL|y!X4Z%_mbE4RFk9ob<}`IxBXa4ClXgUVmxq8Bo`aKWIFPqDUF}P7gWIoi^1Mt*
z5%TetjANFGpm<NOS`lB^29lUA=Rkoa&~W=UFOr&Rh58w2J}tAVJr5gYBWn<YHVqhe
zc?aXOnAU3bg9Tm?(OaoB5LrJkc1a~W(~jL1p{fS?AP8P^YkEgUIFhouNMaea`YSd#
zAdk$)``P{FGC`~lq(ca~j&T9`Xc9~{A3X$QiBuo^r*Q9E$~YFimXQ(P;cQ8uCGx4%
z-X3W0e$Mqkm`tCNw0CwYHhJ<$C0y0RaAZS)W#_apW|lbt4MU|sN*GW(UOODq6=QgS
zzE+2U_yU&^dk@>x-64`@cIG9c6yBVP-7B}FxWMwY-iN)#88My=inD;3#LTTZIS>wt
zzoiXD$Q72C>1_k-yxtB0A=(U<Gff#Qs^)aQy6&IB8w}<huU)}EKpuit=`yK$-WGCk
zy3uFZ=Kq~V@9<z^+cu7@f89xaICkoMbz$LVP~}&Rp5t1taaZO;>6;CdI+v})?M9ey
zbc7=%lRzpv^z^FyBjM-IxnQ6b1{i%JZC02JAUs2<K$9^6e*XQFLRSwfZO07+2oGO>
zJbQFA`b%TV=XQw-QlwiiDnIDQ88=$sy(T&Y#b-v=zk#n3OQ)oy9316;1#m}LHG}zc
z9`|UFq=AXz?sCxJfPi!UAkboEFHRisZqj}h9Uax^$kZ{=#CESN_K3k&_sFBW-I3*h
zV+c^m>~?3|Ag5%n%_qYG>T9#Qzz9LbS+zjy4yIziz@-D5xw05=upv?`HzAMsy^z(^
z@SCnJGEH3Ty)F@sCsUPZwv^Ss6$0TuY*kM>Ro=ZLH37BzhMTED<Lqf|ZEZ$dS6y!t
zI`pKfJM;n3D3mqy`*JV7C*zvSnpY;VnkIc@iPLg47Hr&E#OZrdJP^bZgpBPe>1Zd9
zFa@6fbVFQY-njr@JrYrXi2@e%d?;3%qV?^&ab^&br)?*4gV3!&w>~UT&s)ZqrY{e?
zIf^C;cC>LM&GLME$L(@<Xd9RnU9XD;kfJkbR<Cu2CV_NkxEvOxI?ZQ)NCnUm4H;V5
z)Ccofm|{ySEAQ1^UxU^}7}QjUSK#JB@U2F7d}*5T0Y`M>#~D*yFmb}p#gUSAzhcE+
z5`@-oDv6xVj8@Yi4Xpb-pez5Ud=vk`@#f>^bT$9MrX?dz>q-AA5?-y&<X)zaSIeFo
zIt;VG`Ycr%fEMsFpIam%&JS<bnB@l3B~Y8rHm9ZcSV|>Z2b8?C-SVA5hP7pEEg8ce
zcXa95ivJ+Bzma=j83zPjuX!{OPb)zgzOS!O6iY&q9l!v!-g%05?Bv<;)EQB*!x#d&
z`-Ftjg+K&k*428>sMGN23iNudk_HRnc8?r=I3k!9y5@g)o9L7`UP9ldM<xLR6GffX
z9i1`uFof1#libPF$vH^CkO+7TUz6^x5<C7<L!iu0@A>?&2%Tbtk|>#;U#gYQ{2t~?
zf7W<$TwhK5p7b&1MO{4r_zVq=fWIkC*1G%i>kPg~6Tkx*EG#q#8WI4g4aDD)!CX5B
z#VX+dFjMbbDb$%xu1FCyq5;^ddjI4PP#Gj^x@Cr-;xV^^X92QH$ea4ALM9_r(A>Zk
z8>dGo{3e%~f2@+vHpHFy6Y#XAu4e%=RAPUj`paQqB=`1<RbNeBvCw+@SG#Cr8X1Cy
zrk82n{4`Rh<K*cAO1aXlP)!wKVc{C@C1jF&Q(B!1Pa~rDQdMmImW%YDpXtdzmznhJ
zUp23(zqZBD)z!_b;wB0W@$`CEcJAelSe`DX8BX^W0DK~QC#Q~LMQTwf0%Nb~<SsDo
zO**2zzBtVQQ6K1!kO%xsUgt;py9I<maC^$agFZBhfXue2LjISr1RhI#4`^^yEHGEt
z-r1oCnG*O#gGIBYvcruoXI>kQfsPKpPp3POBUekHTp>|9>v(+uq+FyyJWO!0sqf!#
zSY|SLx!2U;0Z1nw^ArI)&o^Z#Y)-%fRN)ZwKA#!ykY}kq&ByXU+W@ccHW*aZu*t|^
zla6b7yLzFb=v!v)K9qVsfatsxAC8Xcl5@@bFl)$FEeQ*UMK|Q<`nvY3A}3jAgj?=h
z6OWu|f9Ns)P$jCq>~{6Qdt8d)%yFzzKLDW(C{}_{+cfqZu-i@h5+N?`)ZY7Zd=2NF
zmN+b`Apr6Qj_7?<XDCQz#T_T7v*rLmIG6b@a1nUo`5m2D7MhT?NvfF1yM>IoehH*h
zzCnFn-6XRyjl^(4g76tS&6Wgnq&J4&eHF9Y7&b99jKoBGaS!vRE-60UdLmsgOv0a8
zoPQkbJ&i_FCg8jm_uR@q06B5+NLG)EKRlDlbZXzvsIZ(S0ue7LsyLh<uHYcXt7I&_
zFIUWdDW6il<W2nYu<@^OYP5ZT<9Rt~Ez1&Zk}XVp_1b%p3UvEq$!w`!@tO=b3ZnBQ
zW;nO4^5n>SW(fPaI{v7w9&&+u^>ir#wS&v^!_{0ceo^_b@M~20v$g(|wY2Qu$NWw&
zr4Uguyw2Ow`LTtH+NTFFqsO&G$$eN7HXwFCG&Yj^!3nh2)xBv_B=J}b+t%-p`B>ml
znRV;F(zgJ!&++gHPKlE^#m2CG5)S}t?hXMgEKR=`WpAi{Z6wwNXhUT7JX@V3+fpk|
zH}1l&dcrZieumXW2<DOj+H^~Qzc>g7qR+e@g}PtrnD!+|!7z|Kk5(RN1w@$uun<he
z_&D3A(f?4V)tpmP2HCgekRzL3L0Fp;;(^%h+rKHZO-Cg@Iy_t)Z4r4?_q4rN$m}k9
zs<gP_A8kZQ^Ab$``t|IX+W`~YW(W|7D>u7!lLNfL@}NSk0x8$iEyVK-gAB=wyAtZe
zo5k7kY8$^_)nAs0z;?F*r3wJjkdGI`)3teQ@BFF7^cl)A4}0#=0c9k|9a#1J`Imrz
zfXF7y1Q3a?mJdMZTRVb5;oxX<{&tf02V?d)pxpdbVcUt2xDq^B9(fS(;OJ;sf{H4>
zr#6MpCk)8c<R%`!0<l*k)t+B{5;3COuO0hiAedt#k<sdRZawwqGDzyKHn*EnU(W}c
zIEa#@9dJpi3Co=>odNyae6E20&Om{kRfRz>Hh4g3=mEY5R^8kR9xw<hUtmN|3$O}v
zZkANI-Eq}U;u^C5Te_2x6yUZTOO_?!Gct>-Ee!>uI@GJZnQpJj>6EtIaOr+)**5kK
zD1mWGzax~V1;%|Kpm~8pj#Q55k8S(rD1&;XJ8sO?)jGjo#FvMtU>lp@-Ijkdf`uW;
z*Vq|oR$BxY7qfs)ksCfRxUl?|ik&^OTC~yVRqSL0rC7XYy{T&t9@B?EHT2B=vcO>U
zfuL!4r)6t<xi^VYtkh{*6@>Dp33@-}4eI#kVjNZ)0>glEa;m^pxiK3s>kv-s;gBb|
zo)eWGw4hg-);85MS&-!S-9$#$cQqz_2<)h3jF(`b0Y&7AG)<KIw0Ke0lIm{2T`6+p
zA0<$m{(bRicV?{|tDLAN2)N#c9(ObMM(k>sHm~EVRh_j~g?U$z4xg*fG2iM}wZO>Z
z&B-JUpPQ}?j?d9dTQX3yOAdp@HSI=s+*^y$TF({it+C>c{{ApCcSMF)Jp_!EgVh|Q
zvD!5s0T4DAy4qiQ%xE)Kzyk(%Emr42?XFkRiMY&vJKjg$KL_Vi!=cXW4P>a44WRzr
z>;scs32#}@DfU0U(DOc_CQT*fpKL_wXYTJ!d^PeHY-eDQ;dy<c25da*$KUcmQKmmK
z`*uc6`mQt|{?f}eaz-3hID<(dL{XJ{B=5jM0xGtD)o!C?ut6Kiz{+x-5`YEr&q0e^
zh1KMfPkmZkSlAAu?(dcE1z?c%AKz#v>wF6jr={R$oUN+1nFCV*`2>RaoZLe|mzv%B
z{#yu`+xG^H(Eh2IO|&&$Y|_!aqPk@ZZwl3{v_N`FMi$=n;Bn3asXZ+KyiZl4&)4rY
z(X0zU1#OosSq8qMI1H*GM{5Jw1Zn^o`0%IXaTKi_1xWwcp&Cc4Q~->NzZ>a<&(c~j
z$w7EL++(E<4FhGNdryh*`U|F)(8S)qcQ{^G02q;*9vdhO{_mG~zkXEv9_U1$sIm7d
zI|rd}8I?C;XBKv69gTg!oXm;I$%WNjQCD@>L~9n^2J@2|>4dWAmnw;1l$q8lVJH|$
z@7;G;Bf0Vmv}onJ9vIft)f!1JF$aNkYzctL>2G}tSEr|^7d9d;UQEx{Ijs$5+`n?!
z*2_N!rXOH&(JJg`f4Y>~VKAj%9|@%vxyk41#%+w1aX<iqz>WIfYX#peqX8n0X>~g4
z8WNq-FSLMg<04o|3*-p@3QT0<Q`82aP&sHJ`|5L}(F;o6in+2nybnH#dwEp*$i|-$
z0>2<tsiSzZ`6}H!!caQtRI8g<noF|$F{=UV4*^d{L+)FTz<={X959S7WE`M(b@$a?
zLd`0xn1Y6ixHz@MtyEy3UdH6-)G*pMc>-xOUqX%?$K`bcDW0_-01qmaDjNXGJ6O+%
zlQy~bRyP+VbHh?VafgT7c21lWUh5dmq||BAYrI!B2bS1zSG!Y^(~OJej+*e_uPzPJ
zz;>2qJx4PD?JMZI+dl=}O8`NRJl(nH>eZfv!>G<WdV<HI`7KS)gx7if-RFC{;P&G`
zeF~eH=6i}u_#Vt>#r0x{fN@}s=8vb3?kJ81ei12>AFF>39(CrM&-dQF7b|t>Z~*i0
z-hgKV(kT`&U^K%dIF^1Fs+8N`-q~)q{M(@62~I^K2z)fEZP1-hPw&om=KCPUj0Q|O
zffLSpmpvLfIy#X78B?RbxD|ijKt%FN1l<YRQyiT3I6W_kH*ZitmKN^oOJX*VVl@1N
z41lq+PL0hYpRe}Y5Fa;Z5`g}l<JKxVP<Q*%=qsQQ5z%{YiHEeq2k;_d4APl_nOev7
z(JjKB3s9KKGVW4r;PQL`1n(AeC4|b{`+yE0<%f}9OtW<Y65{)~plKn&3J!3BKly58
z0BuXM4U??83TB}NeefDhH>(Vw3%7GHqwO0onwMcajC!SvN&|AD|MwPP^7RHs6)0c&
zL{CpK(A=Ep`ekK3&qwjUihZ5trHTk>tyAe?OV~}`q=};MpeH8>Zg>MH?z<85vpf6p
z_gC$g#-UF`<`s!($i6FPl1iChYs?|1yR%6L*Cyw-c4Ui-h6$_(9Dt4T_iz05e`G#C
zyV3s<c;qi|P!89_>Pl!htefV2@b_Ya|0A?lIt#Z+##9CVMVbMj3D3W2H2>ePg#I74
zQ-U+wpXM{BFh*X}ftYW}<M2N{9qmiFMs8UKXzvB2t1#9+E8SHb{_(}WV)*m(1+>Oq
zpj&@SUJ)1jgMPQ5*v-vAYTq>_>BX{bzf|LYiD`F7TRe=*JJ={p_JRhycX@;f`01tp
z_ote)_|yUnO$fGaMbdgdxBXv~pKr$9qrYcjOnU>3o|;t#+;ZdmV@a^E+<vbV2~PaA
znup@3VRfC+OOEO;ZYblKw#M$)4PmJjjEZSUxT!zV9dA&cX8dh$tm*z|HEM<J{=7=n
z6^b6L+4q?142{?7<*WZv8CS*D*!6(=@6lY#85xTIp*KY`Nb?A;HAOZ_=!DmH48Tmy
zx~l$OA%}ba^Bkzu)Ez%)#oE}mt&nKc3H*J*T7MC3z`Gs%h}o*kK6;EB+L&&f{{8D#
z5`q6#PK(f%1+PR*ciP&wJ0_zDtkq8N-raqzSj>@1dbpe#Z?r{NQe!><l!#HE)O`Z9
znUHJahS4if4_MU8Ck3T6kMv8-$F-76tA!d>o-6lf!<Pj?Yth;cLUg3Y%@WXC+CY-*
zu(+IOyaTX~PEe4_vM*N!HQnSmJ(A9Z^0k5~00$i|{phNAy#B6Hv~L~M^|r=r#j6Uv
zE-_g_*VG-yC)S#8AIQZxZXB+7Oyx2yhKGl*-KD623b6Udws)lQvh2fAY;>Cb{Cq}R
z$c-H%pYyI{WvIC3jcx_Ot>%e(Q|kqh;CWo$pPwTy`kZ_cctdUEPNnT9fkweTNKchM
zf7Zau|MtTQh*{kIJ-`g9!k}&g4bn?``KhBg1g^Z(r$Pt$wyukL(ZzZcghP|~nL>~e
zF~YP=A=YAA4Uzv@SvR@{g{6l#76=mC(JQiNL`@x;7(z<@<<W(0k<ay8;HV&ck&Lz8
z18P4%5ak2e)BTej2_QLBYH%H5oUUH>2E>tLvNJH^Ck=?<P!a--$e9{@-?dbqh<vqT
z&8ZF;><BdKfwIF_5bCwi0wG{9<aYr2`Ws*^N!7C%37K@Jl@km?$<o3vzk-CB-S}+F
zYS!88`Oz~lwDn4gWocuhh1N*OxP71e`D@p2<ZZflJ*`TY74NSg&!AU{LZ<zhx8+`E
zhOMri464hc29!Y6;Cr?Vz-Am*`?JJ~oA{5m9eZy*$U)Pl#=csV*d#zQI*i#(EK)jd
z8MBpOpK#&|;Wa~7j%_)YVKVQARe#EpgTYRplI{pcT_wVPPYycPmd+NB>>JLmJ~2+N
z9z3H37y(NkaSrx5D8kP2I+Yni56#&pcp)uwV@UrwQZvQ=ewM>fLl^IB1WS_;f66dv
z$9c|ydFLMz(PEW0E0WX+bx_5CN~d)G<Q9b(U!Y!jtn99K)`San$9hTZmKt`v>`&(D
ziF|)VulmPR>CNcNm=Dhe0|78K0$P?J6Lr>np#RpSzjx#8Oc|0cda_xuGnfG2vO)0U
z8rKbM9~Mn8Zaiz_PfN0~#mrA6vD?dV=xSdU=p+4fzKS9zhuP`Fj_2WVr1o~#X19U;
z<Llgk<c#EM7k|Wu;4|CVx{hrg$2+_fba5>?*ZbdbtMZ_7W}wFksm6gC5VOux!N8oO
z#iIc>tM=b0huqO(Jz#A>noClsRS6mPLFaKe){}jRJWQUhQ)U977ptj;7=AZ?4X6R-
zb=uC+8$&#-a>*uK!dr=5ca~MqjoX9QhXjV<_MTq5Y(CX@lfkRSN4<TRi?Al?$dUnO
zo=WVs$4GPY`~EZUJ=p^me)H>k2B|PDc#@)5Bwy+hKSA|m#D&rf9cPPg?1=WH$3cHK
z<9aO8fIVsSMfXh6A?7Yl!unhIL*}pV)Zw-jo6#gEIW-C&Gf{L*YaLEa52XwnZ_8cA
z4HQglAu#BDG@T%Q7kwk32<Kc~R7A2hRa#VOleaZB8?>Wo=@Pt?NH9^T{&D;%RHz88
zA5+=xt+AKT00(Ao<67!b|BK#}CPaf-En%z@<AehPTWkhOXlb%x%b;)Ply$L)3L1~T
zbVA3fahkzfYHkji6fP?5tZDevmW4%uVkcwcMDjvF=t1~d#bx>xh4S%~wQv&;-g27J
z+byUQJorHXDWSYaD7`ZWBi-xq<eSTo1GlwCI`)BNs}Uykg$x=5BPuVLO1t=h@^C<*
zDg2Uu{Jq~(;cq@2)MnJJhOG(S)`S^}b~YDqvz^(U=pI#UrTZG43zlmA8I03ad+p<D
z38C>b?>%g7$-GJUQZGUid5Nmb{^kNKEH6sJm}l*UyoGaR8bxL7f2#XYip?GzH{>aO
z+0&`qdNn+WK*SbGbZ$*#^R<am$w*!c+T82YsvMnkJ`X~fbwAB1i$X;w;x^kT!%bsy
zV;WA)$Vdd^ZH8!MkhZt2N-HYbg<ia=-`T9(QrFP1h{}QFnC2K)moIIeY(W4^aHz)M
z{&NPE;VOkZWgJF%h>(!aPL*JzN2${Yvh^^2^TfoXPy74dltUA+4&V(=0p_9p-Fp@H
z>C{Ugq-w>MY131a4$IA?qT$bFK{fp;1yi&mUC;0eL&bp5DZ&Mj>h)T+=v~<MWYl*3
z$MYxT<mAWKH+-P3`&M6HJ`u*yzJ^^mRAL@T+^1R9F;t5zqg7#W-aXph(eYuLs+Ut{
zm(A|mZePN<t?O{Pi{4AM!n@gl3H(mH83qOto!9ou<`?MCTY+-X#xN+ICu{%IY>Yic
z&}U~yDq-J_m<`y01qIZ_gCkob`yz$lI`kw~mmA@fAVLUYS4e;UJK0a&e9|H(B37$*
zx>P~0SmT*HC8uB3C@*<x2P@ta-)KVFRQ5c+tQJnQIbWsmPOBE5ORY70oIXu?ty~}s
ziW*1+tY;`Y9%bf%Nma9Ot*Xriy~?ddp@YlPvubO&L?uzB+u1r6pb_2O9(Zsjx1U8M
zE*ylszsTx%%!B8jmBW<4Zk;2m@|3(iH-Zo<{0$AC2wjFd@qkMHeV~>7L}I7oLbf1D
zbyCSvlASi{daAgLpwYXI<Wggf(6wO(uPH086;Zf+?_BL;W>)M~ZPrZfQ}r*I$CLKs
zpGwS)s=Twb|G46$XSQ)EWg4|8qp#_$J8lQw&~_9D`r#!>*Y4zt5!S!%Uir2%<LE_`
z!nRmfEl8}%V8q;5V0wmSBt0rmZ^k&@c%tF{zK@Aa;M56CZZzItXufVLB=_yh5cKBu
z7pautCp=pwog2FbI9<Pze~@|=3~*~jFI%fFxqit~zH$=ji&48s-o^57ndZ0u$SBQk
z{Z5>7yUwgRF!yPW#F=iI<}HHbsqiE6CQgkI#>YWV$e9HXgk|(Uvc6O{W-FuOr&+u&
z7JOT$%9M0;ILe?}q}%q5%t!n*)9d!Fi2TL|o8cLzx~96_;hzuwp#*(Tsym`t)*zpz
zGas588pg9(a(R2-NGG!jP9AvQ?wDm}W_}9{T*yuH@vxOv%I%|i{hB~ZO6pB5#O=>@
zO+Q*mj~f436a0<En4Q5zMb}J|R{$XDW~k<y<fzlAKy`IC$Mf^ccUs!S9-yEo<$V0G
z!*%-!Qcze>F#vb<I9mFa=6ZU?!{fLL0SRNP^o0@vo*|mG;GatyN=(zwRZ&s`iT)Y`
zUKv_~^(It90?JJ2bbcBC>g@e?cK=??R|jDq!1<6)<V^vhWf{3~u1EP9n&=j<gnwl3
zLANBpE%N}lvgnniXNk46G#Y>e4JQU$x^{)U4{;toS<clMq4^)lmZoZ|il=&YgypLx
zwzqHnF^Jv(X@VM;J;5V9X5@6Wa2v>Se@qnUCfIylZMNs_ygeo3>wZ!(oyzal?c#Nz
zR4VLdDwFmlyqJZ<v~Q($92KuOCB}IB5|fnGd_DZnPu<X8vMP_BJZYWMJP#?UEH{~o
z4us6qyO33{FbMJ7JP^7*BxXwDHX8nV02m;CD-3E;3}&)ZRUaO{d87XVezGCfh24?B
zdgIdC)~eCufD1<u{~qfjX7$msa37evzT$P}Pifj|{<+y!vuGdlfx{H*SyqO}c!f}L
zzS49IyNTq{)w!cLfnbncXGmtUuY+#VD@#1<dT>z{dy@dCtM$GXExXR<ya8d7fB5q@
z?wzT@S|gMy8+cc|o=>iNDaF)F%G+dU^B|enp>=>Q!C*0_T$+H{!eVxV=SdI`M{f4H
z2l-8XU0gtnbtJrc>V6$<BML%D4*Tw$x?Ch66$>ll^bo;nQw`Sh=Idu^uDp6a;i{qA
zGo^cEI44`;_>yEj4)y=V(CbF@!*EIFRb%&-Z1L;}dB_u<rJ9YbfTJfI7(!h0MQNm`
zT=tAjR^lHSUmJ%ny@9d*xfpaVr-!BG2%dY4h=or#xi7N@uPM7w--sc-tlMT?ar;hs
zgY|v%0oR<e(GSdW;&;Ot(f%km?#gx?OUI60HkX?U6k0Pd6c5V{T#;1dJUVM)Sc|Md
z{LhSWn`c#UHvJZA5z|q%vC@m38aDfbL8u~U)YiKNlAO#jA`YAL&C=Dx#MHe8Gurxq
zA)mCzu+;VPQkmD&yFcygGglQprBZnVPv}{C7{Aio=Y;)`(c!*by~r?M7lK=(rJGMH
z-bvs*Sa1<KFgW;~bheJwY);tybUl{pAb-f5fY<fK`(Qls`V<m~%5w(C&0|80=lnlp
zuJGu-lR-E*IE01U0P)<eY-zM$_ud<2<v$)q7N7_KREQRSE4Tm*6sZ}gY(GXt&2k%|
znQ{iZGo!|f%~U!iL^3<m)CnJ;xay6oEWA$J=~Q*^a`1?Wd)m8{=ruB5kLn~>PA?fQ
zy~$SIto7{h#mefOSMI<vGNJ^(GdB$fslg*m%v>cHhQw*1MtxX<<0{g31~u6m&Bl8%
zFH4CAb3@K~7Ukl-vK8}OPcB}yiQU|_Qj;`&=;?%3H&nBb4+{fLnmnDJnCu?adCl@p
z6tk;T0hd&u9$=j?cIyIcl!a<>m|raqz)TjwRYjiRCaAVuoS2XNqV5R7LrPcdc*5^`
z{H^g4!~9upPEL+;k+OnE?`%C{!e#zNp%xc7;GI)DsCY~*{bRAU<vCg29yU>Zo&KLi
z{OuPOsh=}!se0axIhc&}<MpCt<>tupp5^U6quDFIii$jY1_ZK$yuIA-%L7Rhkeu~{
zhV_a-IN%#%;o$TFvpPt_6+De^H2h}+(AN}Z=14<D+mg>wfxtK$WdK8YO3JU-*toc%
z(`7LgHj~009QvB2Wo50KDM=*`tG^?*&n@Tp-F^cFA4s*$tSr|-($tyH%?GNOm#UET
zpe)K)7UN6D368vhaK^E*5YhumNWV(TZ$s<8{#g%Tm51^aDcIvoI}CcN_2Ywjwuedw
zo$qfqMO_@Iy3y&~3Y}k8(s;d<6hI|!f}jVt&vWp9m1=C0N4mk1r$~x4KbFctb0D`|
z5xQRWAN=_(vgY_$;zB}^E_k>o+WL96Rm`41V~mi;_#E9%eQaoFul)H7hc3iTFeX{#
zz)K8{R}C0SY-gX?_;v~OfBAC=w7#CD3@NZ3U<-FbhncxPB9Z*?X#5RclxqQ8HTV=&
zPN#OwQCIRRrQ5uO_1=AfvqDjvBO=k^hWNwO1`HMZrJXGjO==<tU%Bg4oZ=~&`wx$M
zCcna9?+UL_#^lL*;ofApmmji!-bIuH8TQ_4*24&|KkgRpIJTE9T#HZ{zaXwcO+!=D
zP7uFEZmZ>wzJ48Tav7%MIbBO!xyjX@ZAy|VfS_RHcZ$(a>~5V&u5+>|b-6{_sk%nN
zRO*|2tTk-~IXk~}1PWh3HU7=VkDLIU1-%*yqj^t|K7R%eI9tkU@hFkYk;`RwZe>8I
zbCb&8*;S=C<uwX=wo5T7@S3t(nLIpVVRhvnC!chNkmfZ8F6e+pi^by6o^zuD_Gey$
z-wobba!O2PoAwS6-ug+!omDAu-%<58acy{4a{R<uUd9B0pwa<cg=~u8WlQ^Bs@G-S
zj^;BCjuEQM-P!s9z)7($`W0>9RJ7SX>3B<Z$w&9jR2~G;)q67;W_wM4Z2zFeB|3qc
z1PkD}s7*b7jJ^Vk5K<`7M*^{DQTg7VgmTWGdTL3>4}b0|qBAf^fj<=Wqj>T3w2Q`T
zgu(mLC6)>DJC2*BSPwcR$f7Vq3Os&}bW&H|h}qqF*KfJUsKc2C-Vd3n^}q!2dLpOA
z&k?l|n$Sm}^=4_xsmVAmRERtSqr0wS(#i@P{YvK~qZP>q$Pd}<4>@gI-LZ*@rNFFZ
zbxxl!Dld-OkebMb?)&ZyQOnnfQBC^~`_B5(pm&>{jnx%lv*NltR}b?;y){<X1`prJ
zH#e~sAFXyPSFD%snVwM9M-48e?9VO}0YZw{Q|Di|HYx^84)(@Hdo1oHP5X0fe`m8S
z%GYqzIp<qVri~>$p{$fxiz9#8nZjy#EAr}dM4i_Ut{}CH?yZtnGM?p6%mTCQV%ygq
zOE}_wpJlZFs=X?iB&VaL{)qhRStP+`wpCRYuis9)Pn2YK>+j#+c6Ip5?G6;XqnWeI
zg#-mtv9i2dd$y>3k&m;@hbRaLiP+|E$5N#%3$?1!!P9AQzb0akl9Em4?`Rk5{D7b>
zu;;bzWX$Ok*IeBP5Hik7bygiCoDIviPUyMEk?Lx1a_q8MUT!gLBzHi)@suT&IWb&h
zlKs=6&yQv1Z*w&Zf4OI{{Wz_Yuh4{viHWVOtmu^LI6+M}TWeqrNL0&eHE~rMc^92M
z>*l!yNl}(R=16}@5Up<RpYo?0Z?hF6rC;UOmrPg_GWV-QS>t09b%UfjLBPnO>@pna
z!G8XXblMSw_58W?BzyK_&^C2wg87S=CudFSDTPiAlU`RDZa#2R5K!N1Yn}N*ZPQZ=
zre>Axz(Q}Mnw#I?^{0hKC@jjn0ZMZKX#3vRNz=vVTvhep0W!^`P5KSuL+GE*TjrS5
zpoxigOFJ$ut^%Ff5b!DI8*A`yAwjLB4%8Q3w<IRrbUiN~G<lH#BIn3P&*{!lv$5`4
z+%mkgI5$`9if@aSPtD12=!&O6z0#i)e$p{95f4PmhN|WEjBRhQ6JSMr`p1`RWZVX;
z#g-Yxd>g2Q(Pxz)?Q6;4zi<!aIJOuo_#6}C6j=o*_sukxsuUE_j1v3@{BDQwxpHZq
zMRtBqH?{{wye_t1(FC(e|00oCV6=bk`NOnpC0sAv>zWJc!p4w;r&u_KDtC7JU0&e_
ze$4wXSP$E}<W8n7A0^gcRy%g#_xSC#)~sZ~0&|hAphnFaEMA&c%41|)3L?2XG}_+T
za^;3>AL+7NW>{01`J^9v`#fw$bbla)RdTzZiP7jTKMM8d&Uo32MjqhC&qdSifsJ|g
zHNV8;lC%*+DXh!la4%{OWCvfLCcJH>YInBQEHzxQ7`uWOz=4{L{caj6V>};foJC-^
z#ps5%Xsw~&;c`z>+<g>GBQvw$z*4qXztl!{0cU;8mv{oo0wNAto~Ac9o*P7I;(D~Q
zDW;nt8ds-1a>_1wvBo}lmX;wQArmz==v*4*7S$-o$dP>2Hrc-TEV}H*6OT4W3;UXH
zyrPbsHjg!qkCl}@XboamJvPAlrg5&Wg$M;#Iy9PJ{E?Va+=L(@y`AzB{*hEoM$rgD
z_ca@VAt_T+zUBo=SV=`ibDrd(#0)^_u%0~=0r|gEbs8^qpk4(1UEmQ$(v$%jIHs&k
zZO6;5eYUu)miLE@dgFN$Jl&2qw>h}DIwvLwZa;mZf}NjTEE>lMLdo(1g{VQp$iNRF
z*fS9FoDiqp$=Csk)DhyM5{K@)UcGE%T3VWHt%;tH&<lH#%V_pN?l;el&R-(`aJot_
zVA2MD0gU=czFfNpl(=%#_Pn>Jnlx;-vD1uW#0>A9S;mq>1qwAQGgNw1Ic?{(FU6TR
zl7JZ6#gsEsVs*M6-1{(?rQPTE##*-kUFDPZ!Q4#$IzK};`9>jnw;Ml)k#BM}L9>Wx
zBa$*&9pBR{R1<i@+QrPth{(g&%il&mKzG74`SQ=IY=<3&YMGWkcA^D+^#S=dQ++1Q
zo)v1{9%sf6>*v=m-<M~3y}o$4kD+$JtNgwOnHj1Wb_u+1Ur>iUg;sL^_UbM7NddXv
zY9hy?-LRs$$`RdxZ9^W7aMsML+u(Y(mD%0|JIN1eZTzXjwr0cwjrx!1%0JyUWotJV
zsI8AkYN3M7CTz_0c*RUcT6%pd`x(F>Hn+pWRGAYS`A~;ousF3ns`fb(6O$Oza(2xs
z^G=X%0LYXTc*bD~uC?xjsH^iM`@K1@?pXT5qu((cW{Ji3X$8}!U3S?wbM@9o>hTLT
zIpwNCMJCIDLtfZRb0z0zW&H+bA_Bh`;;bbu{^))HS{BGrLatBNj4wfV-U}bu)L-RQ
zyS@RKNWW8P*&ZhivkAFeQA^>76{;Q`c1We{#4+o2wq#h9!5&4ZVhf4@3;zDq+Aj$~
z5$x^B`tVM4Vk(cmVHga5AgOwNvJs3`XZ#~*Q9HK0oHw#T1bw<e4y?U-sOVY)H4P2&
z0ARjXG%jp(^-dn$i93Oz%aT=4i+<VXybjU8u5EdM-06+J{`Y<vDMBnC$ve89?5sOz
zE(mC95?txwVYS&VzPmZMEj-9+$4+T!=>kCNd10jd9|@F{l%99z>>l;@GZX9TvV5#+
z^o+TxwG>w5Vr8XMF=}8aTq0w;Fr$%8MW(ZSJD#^A32kb0+g<Ui4j-U}(SQA&P6)-^
zg=c}9?D|%&q0?G5sGrul+%ntSll_i;M9v;_$P*n^x8s85ilZ-TR}mzJ)a_G{8M*41
z;Mnp#lza5+JBG(9d?T(+^a;lp)y`Vdzs+#N)k=odvMAW56o21svWq(M0J04wFh!Ib
z&IJE)%d@4d*>;11Tu}3CwOQnTL!0vYHN3B}Z`&x|fh*M-{Hf>WqHirtxNNNWmAgo!
zkhWa2IiqEsyIdWcSM*1J(OBF+9;02{af<tC>`)@bOuR^(VF<D_nz1n9>;AOfJ%)GX
zy=~taijV2|;rBS4_-$L2<9}uNWSd*p+ZRPt%vyENp!!?wE6<hxCMc;6%(B$b5EH*M
zjCz4Cre>A4<FP81W7s%21+%IJ=2!p$OyG3l6{vTi2CA9RF<UB5M#f2}xtGx_urX`C
zcpeXCTn5$oldbVTc`CtHlhN3I0K2B<<<(3w2IW~K*i88S`E_-|BNx*sPTQ%k4})X(
zLGKeXCee4}f;7>vba-=1$khfu5GVYWDhX71>uc?oXzE?8hUjDH*aNud=Fo_ELn!=E
zm(**q)%c4xw^@|xa4ael!4{eTDaP`8+6H{j18vkoweTDjd|A^kgN8ou=jYFEkZ#b3
zdA|{-*5MbR;xWDfM!C*uqkX|fj1X*!sS1m?pa6o3$C9nwh0SYXsl;w7+HPxN@_u@Z
zNu$L4vHOMlod*yR3v<{yB@w-fZ=#;`b9LF-1YxNC>UJ%awQiGV#|i_f#2Ax|-PN*$
z@=M$lKIi7u6o;w>EG#tA3rb8<!A$W5;SXdDPdDCWEB+D(O_CttL@g*_oGf+Z=H|CG
z{O}>e8XuIYzbObs0pP)6>}SzYLWW`<onAlEC#36(!3-lce>7rQFh&4~v>WYS`Mp-L
z|M5#HM!5qI53m0m6(3@vqxs2)S$p{)iuUKI#jkp0Df=t>6|h`K_>6|_>uey!x)&qa
zF}B0U%Egs4GyU~vhUT67Aw<B^;u8|?;&@=0%B(tGULdYXEiLnLV3>my_D0?}){Ig!
zu}Td!0>Ez>0>HAX)66m{w88DL<m03R8XDT*$hb(hqC&B(^_#o~dqgVxSozvO;Fx*E
zT2WP16(BRd>^R6(?s&3thquPY;wjq~NbAc#wdqk)1W~tx@j&XYruMjO4f}~hCW0J_
zYkU$^YwqS<z772GaVimPD41Ze&^!4fxD2FfvV}pgeg4-^s{bFx-a4$xty>?)0)tQy
zkXAZGx=TSox~01tq+97my1S*M8$`OLn<d?`Xjs8F+56q^Ip;m+y1pNOpyGNSo|tpY
zF~_)rK49T^GN(lAO^bQgQB~8k$h)UO;r9^EpDTUo#Ozm!?!1?$quUHI`h@r>6<ze}
z!abbklQwJT3<|-E2)$2;PJhQIM!_a3Fxvnkwhi%bBu0Ds_}fH76IB5`o^15E9p#fb
zs$P@detyJZ*f*dtBOJJl3C5eLOzE=EwSVcI&aqOGaHq}_qt}dN<cq{;m_x*vwuvT$
z$0tfGjQd6?BM|9!TJ&<rAMZN#Y;5!W7Xio7q0i2=#d=U9VRgLeEeg*&gXqgHbxZ-I
z92+wR_p<esCm3E1luwe=nx(iHNVN!6SXyGYPgIGzxb5nFk0{9VME9Nukr*og#my*u
zeoUx@d{aRdqrlQf51he4sqF=*2JRd6>_uZs%R%@oYZ8kmRZPAVwIr@Zqr-JPNYJ1=
zle-k2Y-SVRc%2U_JvXg6Ea53&Ws$ECdSJD3QCH#pXY;V!s?BwmgTrPK^=G{Fu4Dh|
z?3{5&R|B0F64|GHTE4T^+ixTZ%AjvM#KO8~I{o_N=>F6iW`SKw5di$GuC9hgMl$lZ
z?#3A2jQYZQ<A+c^Jw0)U(}t>(s(>fNUC^Bb_0*r0luxRwT09YOF7IVB6tFl+j!mx#
z-ek&mT;I;-zU-?(o%%$1L4;3m(WAG+!{`JvvYYwv*f7vMxQ9;4@dC)4F2t8pfK?6v
z+nC%p*!ugzbfEa$u?)V7IAU)#n{%r?M_Lg8xD=}|5=!B|0EG4nl`4E>#_%%Dam2s_
z1BK6A3NMlT6CjJu>^LU{PIo`kuHzc){UU){>hq^BKY~bcu;~4>c)Gtq>9DntvwnMf
zd)ZFDAu8K8OX!UnTL$+DE|bTaY+`b<T%C+n0F}MsLXQjR-*p_x^UPDpreS`Gi=(8D
zB$fd)Q8~Mw-&zv4(xr&-ww7sU2aTmu^8xg=sLix~0#J(yyma|giU`F>;fUdHA{ItH
zE6_+7E{bRaYO;J@$9~d)Y6sAhI6eK~VPt?hECu0etT^`N>WDZTKCe1BG-NuJTfqT!
z-&o*Arsg&YxC)_zRaU=yqK`I0FptM$9G6v5amr?)Q)ibG6aqqGa>(zYQD_~%H+)N~
z%_Q%E`CVeT48OA1pvst`a6Q?>ED#HNc4oAa`)K=V)YBWSo=74J0RgBAKj`+(ifL-5
zp6@ncSq#YPK*$*4G|Y!{P;hoNM1EJR9vg+|+%Kl7=q37MA}sWS1DX2lF<4i~__+_P
zV)oASuPhXQk~vqxP_kFqh+LeaO|lq4Q|Gs#MRFH4NR@)h6;G!2P3IeNw0NBdx8!br
zG}8ZBV#lP<r23Ei>kP-{pMRK6Pfs04=;9<`><wZ*^@%hne0&P6E_MNfmqQN)F$v!v
zEcAC}&djL#2n*HQZ{or(4$0Zr*nD#&358K_Zfn;umRRVI_2HKg)>mY=8QR0wW03TM
z9u}VaxBv3!a<ZCF9esVfAPS-Ad|bJJu8MsS6#;C|M<_C>Trzq6am=jj9S}$c*f+>c
z_Fd^jt{!-Wb%<dZWR}Z1H4#;tj`|!dy0Lh-FL*CrB<Oa1UoSkv_Rgis&qpU>0@4Pu
z#=1&>?L_|Dx1iH=5ehGxg(C_IHr15NMQ>X{Kw!<XT_)r6g1@{lI53O83=h7QT)7J*
zSJ3vBT2j0a*9JyrB67CB+YSVC{O_af^4X}=y}fhCE0yaY{r$5?QMF}WH_+KDkOT|5
z7oq-jcO+8*@%Kg1yqonN8?jeQRJH!~0RH;MGKUv+IYjfwv68)_0_7zk{&=(N6C$Gi
ztWi^7mTGvBp7ue6mc9BWl_?lFNy_DY#@XAK1o}bUfb$<56qYFx8b32T2fc)nPnE(#
zkAiIXxoXU(+q)VFaB<_CU7$XTP0r9QsBq=%3=6380Fb2bruIn9KFAWpfgy;u&C>mM
z`|34C8w&TZ4ai9ZU4NZh%^#heT>Y^CXhcC}qBPZJm)D?mJ-1IO8Ji7!QNj9=2KLbl
zi;-aeRyBv<cRyX}8!srtKrdWT!V#`{tx~25maWd35rK1oM}NKRC=&BcTmAVeVY4Zn
z@VyALsf61B@Ynr+5FH=bLSYF>({du<v>pUV$A?&o#?PGgCh*D04UC7A+ncZKe^gdx
zyPn|k^we04N5mA!9uJfoxSVb=r|~%EgDp&nW`j>~43(}$0<p@p`rLVqriFZ+lh*m(
zY{x17xXbC~GswkuXlW@!tCs+u=lKh?z|V8%AejL*qdEU%iz$aZkE@Up?HV6(MJnjt
ztfJfbj(>VO(p@JdJ)HzNt*nOh;E?cnWG<#N>Ug=GZgqjYD^b9c0AyLeD~%-SK9!W%
zdjKXRNHPq5`9a_4w8olGYSI|nlrLsPUx@#8r$N<I#iqP(&<DqI87+h*-SA*k($~-b
zc?y1)&pnibA-B52W-Chh(rLrJ&vG7OU>Hp9;GlpaOyb?ECqKM8bS|&1RyH?#(p#En
zbjo~WNC6ym1DYcS+OD6s$3&#0q-Ltk$lt&JdMhKddCqXWK7jTmE9><c2tkn678lJH
zpSlY|r^BT_051g``$s4${AF^rCBC&c&nYFI<Kqm02_;uN$yNvn3MZUC*}GyD^6}+%
zIYKecH(u+H+ifWypKTxjHIcog8buTLs{Em&)8=8|BYAZ0+97xY_XV)*p=9>yVK3Br
zF9a&cNday(zDJg1b$?$veZf`n?4J=aWf@*oS+QZMzEOJ7XOvuu!C;nDN3#2U<mVKZ
z1%VjNzh_94UF&y+kxe9bPaiflt#acF3_>>J@q7$FKRS!AxHPIyv9T4qBU3W%!&+PK
zbc=R_sBstYKZ_R=>KQ6xKYuW!=%%7VSsP4xLQXDxAXr~MzUd3QC;~(E3%v@z=~T&s
z2K&v8u24Jx(2U=m29i#AVoS|eAZg3?zWK`2L-=ybz)UY`&!U>C4lJ16d-HWFu;W**
zOaEX2=AN$&r~tlp?XG2$_l*E})}UI$VRg0TtV90J(2#<vySvCO<L~?Vh*jIIhOb!5
zXt0$sn)R<K0RGEEzV&;j4G@<BBQ%xA@v+IK`9$gTm;L!Vl*|Gj;2exhWJ2mh<_N_d
zg_CJJdjp*3_c}shA79tYqt`|QTu0Yu783Dqf>Y)d(mG5AQv=%CyhFOJmzpWPyjoNF
zovF+;>4IdbaE(knqR+)KsjMK>e^0;vdd%FjiJi-MQLZ6R=99WTo8_qzT)ha)Xu#{c
zhjzZIIr)e%#S(?@#7!ptjapwCuXA$v$@L_CHakJc3x@2f7C@Zlb3fOF!NFXSh<zin
zOePW(76h{6o_=V#4tD9NT%%Ibi*S{Cxo7<ej3e<3DcIPJhb~Asw@3(F=S^1#SZ(81
zIzPKL%l>;({2e67?9I$bV@6-+O2p__klMuddBz3npkPJPH$%_!<vT<{+tNLO*ZJ^w
zo+M`oPEAk$Sjbpj|DQi{2QfXjnh3p7!fe(P_X8_20q}M-SDf{DlksOO!o7MQ5Q-$6
zn)W7ai-LQUvG&h<3qN9#@_g(F2)A=^=<M%L2D47C>C--i0mwu~^Q8%`7aPT0T<(J^
zat#(JZK9m-ElSU_U``Zi;b~}S0HcMXb@fmH8Q6*~Mt(bW`PWPTuUNOiGR93{u^Ooq
zix4to4K}E@R}u}3I%o}27{QIlEnK2yPi2?Hm69Hc^~Bv!)zHWrsE1+g6_{M4*Ef-_
zb`9W_sMq+2Vx;_TP&7fGK)ns`fL(wrW{x1@mQqrB0rUZW{`&Qtk&$s@Bx3+HhN`Uq
z5VGF=f+J5dVfkk}f~SX+-^uSN2-L!gWOt|bkItYQD|w;f-LwkzG~A!pD8wRCW8aqY
z3UkrXC1-Spt$}5@zJVc2t!jhKa^~BYFYh>PW`C^@h{It2=lw;Elck^VcO-gD1+`q9
zLNRZSH&W&jJ4Y7;;zx(&*Q$Go#CN=fmHTGdg|&@_2-wX=vz5O`x*z?y^8{~5HZaKV
z@{q@CEmP*|@bdD~ko0!hDL)h_VHjdza{HeHHfWHVi3^>dpFb^7B5%w~`XK7nThXMf
zz2#+S>p@KKj|mu<(jcLdo@5>+zzD=5l_&`M_hA3$RAl!3KNLoQaWUw+hp(JdGO@xg
zErmeWtOE_};ltA#^wGc9uYW!dM&^f&s4NS(sF;Wy;(9U+{r!K<;eY*&rG?QZ&gj1#
z@vq-n6rIHi`mRa7HoB&wfv^7OwL}%Y+$s_{bjfgJd;K9_iOFU-4D&xuO{VCITsbo#
zmc4DE{m-Lcf1sic*7?sL`t`0+K<WSElb{fr`d9n+e_l6P3~TQe%K!fC$bjx;2XQR~
z)OhiUr4?%Pf9Jn|t3UayX6(SWecMa_pQjNDQgX#dH`@5>{Xtah*h^sf$0eC%%Oe#u
z<V8%I!j9U1eEMM&op-(WtT@E^%CCd#A}oRoA-<yWzdxj5ZR~KrsOrQ?RO}n_|G1}*
zIFO^Th*yrSo$Nv5$^U=1N0!%24p-f3h#+Si{)31AZD+OWrJB5;tmAdUfnQp%G|z|s
zw)imr``7ip0Ed~@mUFfz%a#wlc#6}RAL!1t=NPh&fhT$VUsrvD|L+@(qJ49!c~KtS
zdUzc9SpVzh9NV_!zwd5E^3^}@>_fh7@2*nvx$|jP1KYmrzdu4o{_n>TMSK6lgFG|u
zj7rfT|Bfe}2@?PN6+DdU`|GHsWLqMows!-L_{71tM+hhvy%E_~D8UIoY0x*;O&(ni
zLf=?F^AYNjINm*6b*$Ba)=OmRQ{Fa98Y2$D)>62O4wN1RwR)Z<MP{@K3PuoxgCE6~
zYsP_g#_|#ZO?>X^`ij|M<{=RsmqLFQ8HjxA(3k=qD>ecQ`%T7Nb4L}4_|kU+91z>J
ztqKZHt=5(Ix2U<oKS4S67y%fhUB%Pof@XtZL4tri3ieoXHI4LLlH9*bj0j~?J#L<(
zOqW4)PZM>xFGj8|YM-qL*ILfYfNPv>lD)9G{M98%tI&Lk7OB<jfDfQ_vQCf#ei)5X
z2?eMCNmZ%(Kkegn8zc^V9O2^H(z_+6u(#YH_JZz{!Y1@+IcJ0enOih&HbZgMrX!U5
zp=#wRJLU>?F8mq047W@!hBzE-qEK}ISW`k5olQi=$iU?ANRC=>Gm-Rt5LWa%5`WlW
zW^pF`SNs(V&l~82nPwyUa!9jy74jO3KnS>n3d{|6PWUCWYxc%at0adru(SaP-Z^oT
zEo@i|NhBEG=Z*Z@)+R{I<Jdkutup@>JOS+%*yoP%7{TtF;XQmsAj^=Y2!^CzfcZQE
zzN`AFR88`x)l-$pnFB~;ZNj|naeGqP5ubp%^Y0=HEKuD_VzuCD3&Z#CnY1`PVEr;P
zGxHbx@19gLOE^%)7%OmQjDM3X3j_wP%4EIEw3^DSfGn$On;kZQ?`0{^pTk>>=s^+9
z>_`z?rwSCgut`ZXz8e5(Fp=W;K5Cf=B1LOUF1NkQHVo;9&}U%1$P^9VNlZyGaiF1%
zCl|xKrOmE9u*YZ1)JZ;dy;$;mj6;9b4q(EuG}e*!li$r)$}V||Sa?vrz86LNCj{Qa
z+n+x^{b4fzpeL#>Cyd7$YsTpVsz_V-*9bAM-mRk#sG(D)s^A?Pcq8y%P2wF1#x*42
z+nWqszA*?MG&o#BfZdv3%t2sZnq&iQW~#8-_fO775Tvie{@9~00D1Dc<Ae(4WL4l|
z=Z-?BToPm-u5JlwjVaUOfdWh#7*oSxW-(@yLgFk9QzgSg^L1)%cI0m-W1rLkA)2oK
z{%F@K6MfxG&BrX9teZ^&2(Y7I772YJ4ow8Lb6Z;`@6!37Tk;*-OEphWfH&plL5usX
zr-uK@2FlS!IHzL%P_A;QF*?aiWa~ZDf`Jh^4=vC`9%&aAGo8sKIf9Nn1x0<Aqodcr
z+C#dMk%}q+XdvlXS#^yX8~}+RdM$liAsUIeH|@={NxPbZgM+cxXFGRw4Gm9cdu(Q#
z@c~c^wznE`6QSk&a|?vgm0haarAEiE;OlQ!*0rR^@vH5wkM<f%=kt4|j6`=x59EyB
zCWbvI=(4>^GiT6#FOl*FJJ#u{;Oi`xY26)<Uk)%{7gC9l2PbxN-jsZgJ`$*GH%NFB
zV%v}v91iEQ8tC}H%OIAs<w=b2e_o}x!2ED}>%4A-MM*O=Oij0uWnhYt@9a=zb4UW+
zIze|v;KvnqrK}I>`Fn>F>v@avtUdxGsZi)|IHL=E*aETsV{F=|4(E5grc!#b*PUsj
zqDW~F0(&36<)(jzi#>d5G4OEG&wl(yz~a!lK(jVFks#5~!G+9MxkN4<m=3P4<_wBT
z9b_X?IG4g+@}q9<)X=QUMFDGDyUSkrG!EtBCWS&(aR5^qtg)DOlsIY`s4#a-^8|f4
zDHiR}sr@ZZCNl-|3E4Ke0x$A3E4;Vb*;;`zFBsQ>jzEo|*?H3C=a=~SW83qXbGfwd
z&i9;D)zw#aHwzY>wvTa2N=vK76;W92SpkNoJrB6l0g7p!NL4-;FSprzp%UF=JUYK}
z8+{#LwDZkBON(>4j9-F-nNgOPgIV?eDt>z-x}`xH{k?S@^H%9bvvDuW(>h@>;>1LT
z>AX&d=2HocP_BOnPCu*7GTHt~Bm%Km>q)Jg_Wc{HSOf)ZSf?H^w;$e~KBPza?%liN
zeA=%C5<sv4RC2{8ZE}fNT3G<TRjcj{2iindDSk=$ef(~o5S0SK$l~d(-$fwgCgcD#
zvO$mRE4DX#H-ULKnXesoXHx*0()47gZYJS#rb7e3OQ7DNWsFOWzRckByj>|kRCe_u
z;!b8+r(a%EhyftKZKXk!dV8Rp*m@{=)vsKnlt+L-#oU0dQj2#lHd>*b5wdr*#@+(}
z7{jjb>_u)6><P2qiK7Nyld~JOmj1)8+xcyEa^PhVuv^`E7kPMX3W))CVKHAi|3iKg
z@wr4D(X#6G1}W`rlVy3;zu<lJ1v9NtAzR87uu3{X@Q*%q1n*qE#!8kpFht3@bl~z)
zjKg;yu=<4$Ug8KD*8eswtkDz~jjz1N%gS{@q+S{*yqG1Uw|Kr9@zsFj2fOcy_HR>m
zJ`zmhfMBb;<a#@_g^7|^UIWq(Ljyb)V-Z-0xcjCKZxX*R@3C^hg9mm^^|O{F>bEg4
zxij^xxe)ieN$!DGlyJjx+Jl>)Kl%Gzl#gj(xT$C(oVM^LSwi>I_mmB(T`#r$f9+L$
z>v`_wAb$?I@HLlwC3SCB>NN+Z6XYwa?D7Fte{HnW@9g`U-lcH#$Ev^wdHr(CDFgSm
zZ~|>G0?1k#I=}kM&L`|&N81bKqPlvck6zNAU9rRRwFsNFn{|WdS-kLBd1gb;7v0Z9
z^9p*(+u(k2d6b}LF>dqcDMy)xa9#)wifWx3Wpd(6WGWlJj*g)5P-6U^OAHnAJ=jbD
z5<5CE2iYvgew*3Ar63g`c!%ZXQD$m>;j`Uh@@$jk<8HQvK2K{p%ayTG!5z%#0Nam5
zR+~HKHR{G8Mhd{2BG)b_fM*^Qb>D#~xlTk>Jr9Q?`t+?zJ(1T#gx6R^{h*lB7bnTB
zSI77%R*f}(=QMBBwBBu>fFYUkzvFG&I|8KuEa>t2fPAggih3R`J}ddk1=bPT?{hq2
z;-SM;>K|4xnbXtfn`|$?PiB51|DaC5mPxwk?l}^5YZzN_jy4Zuj)AAOwiiJh9D*e8
zS)f%ad}XCxw=yEG2#V8d?vg@Jpm`}=u5`T4`+5^cdVp>D1(fbttTrrBuFtkH-YxMp
zsI@u84ch@JA$@>|Vl#_%$(hd)i`)hn|A;vH3d3c-B>*Gd%q`+`Kj;EjX7TP;_ru%S
zAeJ^)R<C4F#l-Z~!h#;9a<g|B-cW^7?+L>MXuzwrOKfz6-TnQ!YUA@Tv(z@*C=tnp
z-WXm^h|?u13V<l{IBkn=D^Mm0I6hz2TYjV2>^HpV_SyEvdT?m4y4(}An@+c;;vg2`
z%OEL|O5{pPe2D?^PB`Cm#2}o=(d0%07<mcE9p78TF5M@&VGAqEO7nST=c0Vi5x|@D
z4eXgTgh`sg0XiT3<>|dNUQfx91FhN13tWKFjRrcAX2oGZ(=S2*fi_xdVG@8rJh)0N
zo5XHHqRpuN!(kL|*n>yLy*SX(&(U|Nv43Z=&TGk~^*#Vdf;qPu`NxRq#R%#&+Sl~Q
zJP3^4@{W}!;@E95gg<TZDD^ar-|{{3t5L}+&#~sc(3Yd+TyVLEd7^vcS-*de(o*k$
zn{r!2fI4*t!`#!fnIM9y<<3!#b+deQEBDZHKMEx>5c%7fpAQ4&=3%dScBg4BR;b3i
zgwM7kczY%t!PNcGJb~AJ>iw9Q4l2=ozUM#T-nxr5ot=ljTO`KnoGFbK>Rq-PA8=>}
znic3u+}qm9<U>99^n4T}gwE;~-Z%IvQVnxKlUn{K87E2|FOkHUv3CqkNpqFI+O&$-
z!BHpPE$#|*Cz&0u-vGXA+TS=?{?A<J=Uu%~{JgiwF<U?z0FZEV>^8u|z5jDzA@$pD
zracI2&JP&|6%+t#Um{ej%9l=LvU?1}BFaW^THOK8<rI2)devr=3iAhGjM6Aq-hZ+=
z1n^Pv1@ZI*;iz>+^uP|iIC|@Ok~+Y#wuKYRf*}Gb5W-FTZ#giP`svKTQl|gs52<a@
zMp#9~GcchK_idJZM1YIVXpZ|d1uPz*r9cu4APKy9^L3U&c@mnz`-<IgA}ICXcZDLQ
zTPXD%-+<=;<dPr*sdQQlxHzZ$piX0LBMbBflj?MzftCmIPZ%VoVE8G?v-h9|8olU!
zn#k*DG2IP7jh``%xZMV|fF%03`CR=o0JRmfgXyDyhUDNP>;g1n>p1Mp&CNp;<2s)>
z)!9JwHV^o3Z9}I@pEC*!rSc~b%~n-e_6becj9Bdfox|BCMo<WpRW6|8F#tY8KfLzo
z(ps?-Q<84kFermk(l^TRM?6lZBj4WNLn%~j!c8c5v7K1dO1W&Y>j2=dS6+xKYAgLJ
z!{8OTfY;rTbp9N};OC}n1o^{>;=7+1F3&bcQIzb<B!DXzXyfJs*m*VQy?h*cdis(Q
zKoYRu?2iL5+16&)z68$l^BRhTOKB^(cNi?3E+P(6YoG67L>-aAl~>jLVd{<AB_e_O
zOSH#uGUbz$I%{$&D$xRo;9kvSoInPMPnK7IWN?IkEn(~<$)cJaD`>)vEYhn~T<4p@
zh)@vYyYZE$+?du_%DCPakzdC8&p13{Xni%;_A$%=KDOEK7*R9bS6wCF8sAsO_bzGj
zvF&=^@mZ5Zzm%S^r!B*&85FPguCcjM_x=U1ZfHStPz%pfK2$m&`s{s8S6(H_Z4__)
zN%04V7mO$7Q<?a)O^<$6l<?RSrKRT5pyyfg{c66^6r{CS0f&K^AC2Z4Ofop~Z<iiQ
zvs8$3%Bd%5O?om(*SuGLP-ntN{}7vbZ{LOnZtH=VC6vrh#YJ*ie4w)+aq`KkXm8C&
z_<>kDpQotmC3VR_)Lq<-4K{Pt4B{pyi@N=}sz|U!`cYN&;OF#6Bw;$I*;Mr-z@Y%x
zlV><MB8~~>muUBo_L5S6Bk-gW+5EwSWVXM4kw#(ZgHt^9yJh+UeGih5G+tmT$ws~T
zv%TZCkqI^M9$)G_Dg&gGDytLJeChOu@5+}vL5n=PT5>2cgB5ANIWpdCq!EI{&=2~q
zeKD{O?;HP*PXOAr{T|E?Y!?oCWWAW6O`e-?2_}j|lhnox$3e{#dhGT-d}k7+P=3)r
zra*@JZ?G%iTJYH{<q8*+ajBI1gPR4)%kMAUhtq_FgtrAvX#kN)f6u0EYtLTLE*dzC
zngdl0zyZ;<vhs&PvBj_H)UrQRibGCA+B$g$a8ZE0UItKOGs{SzQ@aaBUN?d{3hW1f
z81OAq>(b)vu|&MwTkWMr&p=L_=9rR<`R_*dK!dH`<*L8Ujenb=2HFNoPfAMCPhlWr
z)S+xO0RiaYL-aM!a<&DE=Ro}psP8;0R;d>s<BXAX<48n)a(x%+9NnyAKZe)(4ZjU?
z29NmmLyp5rqVZs~2UJa&-PUL}hEsaLYArC=Dp@d`n4DB$Xm(6VGA3!h`eMbRs{3Ak
z#wX*oZi-K)YX*`DvvhF^)qTUUwUU>~ycpKG0Q~CSBy^+o173NIQkYJP%O)$u)Alfc
zIWYFY!98+E*vC+ux#tJjA)YYgRe<o`d<3Va?3}<F0{gFiq*R9-qfr&{B&{ViG6euW
zL`6kCZnR{9NRAkHU?mR>G{W(jOdpP<yE3ozWPz4;$4qY`Nee93LUVt<CJ($B5Xl}}
z(9=hd*qcn9c2?FsvPhKy%j6?$YHDsI006$A)#U1PigGOh_`S9%tDja-9|}Q9eouZ9
z5V_}%ao{y>4*;O_UhEAyrStpKxtd)#lLy7U>$5E7&^42%#sl%;ma~=e!|h-1J~$pP
z69(dCe0dByDRaz%D)8&;es3qy2xJn(8$Tya4@b6HrpV;=n6E@0Mbgg1XQKlj|N5zq
zUi$;ze#-$Zg!856d14U_2D-ZMf>*kLXhOaRH`?tBwq1VycJlk*Kv!Tkev9g1GVf#}
zqF4Df_A9#K1n=`f#z|i-DPo-Q5(cX>?@|D8$m)4=a&jO7@^g5KqmOxZfA0wE;m1lX
ztINZYeMQ2XCM7pIeFJPp-P>CzO_^c^G`j#eQ)+J^O=>X@v%_x`qNQ|a)MiiO+M5fW
zs`=UNy&DC@{N>r{X^^{#*4ob7N!6BL;UHfzg;daYcXzW{t7g3RMWb>*N$BNsS_F>M
zf;aV#SiQBLcrJ?TeC+8gPfr&ZFOcb)pHJyiEXbW^y1iD<O-$`J*E4AM&spzbecdA{
zR)GHr9utri6cV&!h61zKZ|ubwyPPFAxm^C2$$M>Ri?wvS6T{}{B38O1T6vbxo@Vq<
zts6`?ADf;oIyo8lU)S9sRXdPHoD&E+>;=wGzIn(QNV9uJ;`uOze|bW&uue$Ld*%a1
z>2${fMpI>lq%#Y>+*n^snS%QzaTT8fmHBMTu(;L{w(c!;bp|c=OLVu@QE0|DrbiXy
zb^B_~o#93|oVyq2X}qZd_7QOd@p30=Pp)?y-sbE95YVl7IUrH4^+pjZVq=?6e=l0J
z(aTD0MqYM21<#d|yY*;(Y@E!VXU8iQ>Mf(c;%8SsRT5?B4b}}N78d=Bh*HC<icxD&
zhJGcR&c|cb(yaZv=@5m0)BI<oAiDTi0t_0nwYw{y(-`Wc0k~LqT%arK)Ztg$t0Q2&
zL3y$<G!?Iac65O?aez&>*o=6J&y`79I#(;kn3S}S0y`%K{f%hz;XZ1+NFshwKt==G
z<Q+@ForAZxFxCbJjrSL2X`rGJ>Xg#pdW^Sq%iKfy2HvW!0Y~QXSrbc3kW(<XdU=UQ
zoSZ}3*VE2c#udz0WP<@;oCP36K$wBnyM<FqCX8m;bDke8h-L{rsM(!>U0?6SYMh@#
z?>wKbkfpund5?`bqg?-;dJongg(3U|^I^ZhK)@?fGagLts7q_KJN+%tP$B6NtxOX9
z=uf#?BjP;vt#Sx}0qCVsKH=b)6`0{b>I^!D0%G7qk>Ur@{5ST;N6X{~OD%wkfr^Uy
zl7PVLvlL2xzA?{;B4NQ(otV|gxbm}*pYN!R!qv{ukUVLg8l%I!=(P}q*79%kW=*WJ
zaplw*G_1kO@2)f(_c<3orYi4UQJImtmOA#Jhe+*lwr8K{BG9TKg|USsE9il4Us@k8
z`L!26&8t3nz?g@~IE!7gq2*ni9lEjkW%ncHq3=a=+fbk?0qrBRFVE1Po8Y%S{3M|R
z_x{B_GEXUpbS;Yw4v3^~2Kgp{Kl=I|S5Z+>c}y3h0jloyUSvoJs)NaEH+R_4uU(N!
zgqnuN>fvDqRYi@(d@|69t}+=B0AlrJF_yz=^mq@R;Ql$^=LN8z%oDJMaQ+*-3f4_l
zm#s)pgUSFTWAR#PAS)Og67p+=5eiY))qM)s8hQHupXaP@nZA3A2_WTXz8VpX-nY0&
zZ-F1fxYBAI50{$I-laDOi_gSHTs5rzjR@rFJ6r>m!a}($kAI-6ME&tuqK*j^8LuCK
z(xG^$v2={|Cl_~^Eh2#0v+XA0%tFPC^lWEpd5ihNAzUZu6euFeR*UA?FM&j}qh?oJ
za#-uuUqdl}yvkjLfa9YVVizO{fJ2q(B<=i#)nw$^)2D^@irS)`8P5T#ZS1=i+RDnx
z@9F6RK){kpf>Q&kjAoPFy)VxxCBHFfaDX;lf&E^33yg`K9o*&PA_7)-Ck<c`P*ydx
zD{{P9_DEdK`$jfHIduw(MZ^*Y>88to<>%)EY*Ip&FzWH?EGyX8d4En73UWw=?yf04
zz{0}1>+4gvveny)2=;yoyqhI^Y}zQnOy%?ZZYU?z5&Ph+w3Kv`fDs+wyk=T2x*66D
z4Cm1&*aFpQVc7ZYzd{ojRVydLx3*}cz$ZD~G08>4DPFw-s)D>vb4GQ|&4sdj{F#`U
z^%k!k7miNvXM)Wlz=r^%7V`;ncC99dybsV7)9f6eQ1KW*;SEoF<x#>A`_7=2)D7ng
zxIGQgix0r%0i^3AgR@n=N#xXLJCo!(>CK>~{KIts7dReB0XKxAPm}m7Sso3a_ZI6S
zPw*JGIv>fEX}YSjSp<YjbELcT8;nD|Ev8McXLg^iwB?S?8zphL|MGqC^u+@#h&Ex6
z1QnEPpRJ_jJH^`$_HT>mJlqsk(+&)4bpf02`%jF!;$}NDDNGjMwtt1mIi*()u_oDv
z9IVHQtS4wH8NY6OB%O+%lBrDl@(|P8{a1&-92dPyvqJwH-c4U0wWaugN`DOjxp9og
z^FM1;o<h$XC6%PcDmK&ZW!M^RoP>#HPTd^A5>x$$+U=gDdOdC^c&AOj-Vz?{+wYp`
z9oJcl5lWX=$lvn1$Iu9&*Jk?=$*^sKd)v3_Ra#0)n_TzaTXgma-z4mTj&RQgqm#X!
zAgQQ(b)L>{uK0po(yH`r^(QN<a60p92@T~Mv0^8){T7p;4-~!WZGxDA<9<|L;ifwt
z|6l=vKf*lQv^Q~F(_syVyF}c(4e78(UT1xzkH4Sa0;>(ZdS{B|EFV4s%5{D26@!LF
z^1~FW0M_<s&COCkekf7Bx`!>8<`XF^0(#9NfLjPXV$wQo2Btz_lQ<||3urf$K+PJ(
z!?XBX-!|0$SE)vg;q~B1y~8#Oc>tC)+tf^?K(0n4Cq9?UO9qYRkhsy_3&Aqb1UImR
z)b?d7WgDU+>ukmWDZlv%UcSV-1pI3HeJBDj8h>?n2LP#OdEhF6ib>G_t^Hm_O@$uP
zN2I>K{z!cQ_scegW7{3yhmC}t?uQY7dgTYOrvPc0T5@9$2t=h}5OOl>{+8pZwUIP6
zr5QKzlmV*}L;n<&$>3=aWO6btVt<|maErn|iGu0U0Zi9#r5j0`FRXXqJwbe3F%~Lq
z{F#EF_#!jWJ#t8ehJ@3PHs(cI!uC0V?kNA#mc&#^By}$^9v?53^&U=Zd$%m~KvB>o
zicO#CWuaOQPiVrMj;^i;fGy&638e;!R6z0W>XUK6QtSCr7r1he?hi<I8qFpz(NXDQ
zIVqn6VtS>hXjJDrx7BS;RNQmEd&p!ohyMNgQ<l0i<i%e=-}DyuJLCQmDDLNoc2Fh#
zQB#xmX^5aNLa+gttQgOoCZWG%^TXVq16Ocqy?y~y$`zOOgeIoC1N4MZnRgIaeX+FI
zlf}yGz}jgri4!D7s4E*A$$OV~)N4%Je?%P~U+p#Aq9z5AGb8<n-cl?AK$hfqZFmUJ
zegmwazN7s?KmgsY1NBSMaX0Y%s3-#(tx68nS5+3Zmb16y^U77(G6?}3{1YgbeV*T+
zZ%<njStCIbx*Est9&#O>Fi<S=rzavZfl?}Bi_7#RZJVzdeltb^wJ<S}eRi1rM!PbW
z_r3GhR9*@<ba!j3_xEez86?cfcrf*AfeDA(#lZtv&2W7a6R}p0t0Wf3$H1doib#+o
zvV>$XMKEKlkVfG8i2S=!*<eIkFrE`yp=QzZDgjuS5yV5dG`YqU(t58)mIC=_U85^u
zZ<f#1WTNS1X$g%|=Buw?zk(fIuq?HV;b4ye1JGWyo=9}n88%qX_6M6FoiB%<JbJ<j
zIcYR%-`F_pb^{WaDo~+zs&xXJ!z4+5UM?Q>FfE`}<K}cY45azFoDcXWzkf2C`IhCu
z=Ein$0FfL;Jnh?>i~m9!u6s_JpKGATxV3q&gR|ZLmEyKuG4<O-;!l%GGTannO06!|
z_KLLYZ7Fh)*dH}@0r^Y$PLVHq@6I<0XRzDSzU+5tN2`&lvdozH{xYl>%^oYUU#N~2
zld`G<ra@ZQm)@r&ah0PZT@@;e`VQ0N<;oM%DKC$7J4ci8y~UR4KXBrgst?Y!SmXQz
z+<Vx@uf+NLJ4|4io_(8=*LPo>eObLH&FWRB<!A9apFI$!;*-A4FdyHKIWYHY2J&Z2
zYrJGv{YpxFJC_9LK}99BucL8BPac??j;XW_ct^&>kb~LLeVUY!R5v?6UuBBq>yAkI
zxmB^+8%@ayI0UQ5>+}oFNiGfP@k2W66Gh`5H><L5)UGiADX*(QU&MaJxs&%$EtVd5
zFHjDsl-$={ZDhw?hXR|OLggGDXCI$vzU^B(hEIT_;wP@?V)6485fO2bW)T_Wtwu?%
z4QkC{B;x-4`_G>~{RorMdcF^7GodCSQ3Ld1eW=fs2a6urVKYpi!p=^KMkiu@pp|3f
z9JARzumvV%v39yO$tkZ>l`p$KX)Fy4G#&zKi~d}g8aff%3o&Xj^U1>YBR$`t-Oamw
z1g!ikXqSIloB=*(EtLD@Atq+lyRUE$?u#e=7Tx8|@76);@!clwgT<FJ?UN@WAufuY
zO}5cJRxn52I1f5?fCB%nat3@uqO97G`JLs4T-e>=>oIoNN&FX*C_uPc2o&Kiovxf0
zFfge=TmzYXd`g{EMjnszzO`NRsOj1-{Beo`p$AVYE&Ip-;&@o&9@^^K+DG6};^N%-
z<3-Q<;h`*~ZmD*LV`J40rM{uz^VZK+!=4Pyu27uyd85#zvnxDw5)PmGdY9XVUS-#l
zzOxTT;pbKw!a}#iE&aYqo4#~@Lh?YYER_)w+K4tF-mBT{5NrhT5(9Bn*|V6*W9BK9
zRC20eSjJFlw>zmv=kI5SfA&&?r`2njsJ)!`=DGrN1Zz!iXaayx73=1S+HJgQbT|kC
z5M+QFHyB;XGwfgcz^<bcfFa$y=4<#SSuhrfj^km$@13?@P^j6!k|z;wh*Z(J!(<1)
zzcH8w_-NBbYB{LDEoRd<Qh=?_yQ(LJ@8J`p^?saS<D<J_uuJSIE7cKF@5EO0=Fxo&
zGIDa&iqA&TtX`x;TMv4ZSgCUa;X$nk*fUa6n~FB2J_XR5^?wkG`*~w<Rr1loV%70>
zXD~VmPiN|-6$lw>EKSVLOU)lHI5lc5*9N0vygXsYef6^SP6(bw$W}TH6lR!egZ1*`
zJ6#lzV6k1C9Pl1~-kG5FQiBZ$E@4Fh9o>23=g&z5C$XPDk8TDsTq)iHt^;u=>-GKL
z|2T|WPEMv}8dc;1wJx-V{6r)%{Hxj2cc5Ga=Y63y`l@e#=y>9Fx&3ef2_7+NN4^Db
z1FjqEXzMs}ZLYcpz*HSWl<M@b!D82w!oT$KP!2FjwP}P=Q;QRs4!R<o7e`1zXWb6i
z2yA4CFOmdDvX@S~T-qMvG0Mc?w}GK3UoZDsz}@9RO?WtlK%56qyXH~j=c`{o%*aNr
zth~Wav#Y3>QKh!IR@1cP6U})>Phb4u(YQfRBy|6Hz1noi$6BlL_=M47rp^0C(ai^F
z&4)rf>8^j*%ag;cm)6GCB>^T>&my7uO$>l!f@(zd%mx^m0K2E)A^4ZR9CBbv3&GGL
z46wveH$QYZZ7w%O!HtnIzWYw?#ma4x4g4k0@j1e_Ockjbb=!qb53Z<+Kb5W^5wI8Z
z3T!ojp4LEqYvU-Y1JDyQvU~$SuXbaA<B?D<=ZlilEhH*w1c|h+?kf~4jXL&2@6S#~
z3O+vIN>8h2;`uc=>=``&k-_`x&!{yPq<u^*wCGRA)yd`%s8j+uO??ZSQ0L`eMBE;U
zsoeG}ySt%raX3p$OD`DIDQY@CYM0=69-W_e1D}YOwt;|vR1zji;umns=LUK2o2f?E
z=#~~U2FiP=mX=m#s%@{QrXuG9{QQ9Z1m?+`#kTooqbHLdz?SX2+q62{t!8KKsJ}fz
zi+6luI0XJg^QAdm$5A!Q2ugW<@*G8&Vv-4XR^BOtPGv=N8BLzY)BFF(U%JlbU57y=
z1mb2cdIUnPfHH9^pX>7si8xhY+<vm*4T{U<qYVbsK((|Rc@M_?GDhY{exCb<km+P4
z4p1=%Z{&yFxG2z9!u+{2DL7uBVgp1iE=~6mKlEH*T~&DY$be;5n1s*e=LUmDz0-cO
z>rF%&FO7By4Qs)O;chL1C2Xh?zA$TVqSkE4Og!)Wb8#_km$Qr&*rXl!`{izX{$+jM
zS4hyTkQRqGou}^YX#YvPruDC}0KSc-Wck>XnoLvRMxh^GSfw!ZM^Xa^OIJWJ;k@xU
zj;A*{cL=+^&Q6L~WI-yNrz>7kTQ`d;xV$Q#IFkbleBJ3jP~DE7+qq$I`KpEdV}qX^
zqf_&)7ZQl+hNiUZGTlh+oPYEvDQY}k?g)(G*Z!X1_SaQC6MvG9c~D|?jI;lk&Gmp~
zC~05QOeHfoy7li9k{y@F?EK@_I~G#l%WFW7X>8fmzD;~9R(<=`D=EVIKSeMpL@Igm
zo$u4eFeti-eLMe`rRqOJF6xDuA|JTMBwUekUZ3j!l$gxz4Xk-xCF~{^#YYms)aV5M
z^1si}w|tixRp>B;(FT9LBqIMZ0-dP~W@D1J^e+XxzppIlV|Pr)gH}tuM)B+Mu>a6=
zM8DN@{O?~;|4%;|=4rY2G%5kIzFRlO`#%&x(YxkMT`E>vevf{j5bocJr~PY!|NA%e
z$q5|<w)}=F?Wq0p;{W=S!uLOwJ^$Z+QYCZvw^!~zXQNncIQ#i?t);ev-$eS|<p3vy
ztyuUjL$krlZNl&bdm*>Ln2rDSD!?J{)<tCQixG_R#uhYU>*+2()0j%FF_yhJ^7cHw
zSpN?Z(OyZbW9|6_o^4nz?=w-V{Tj(brm@t28SnmU$dE;o31$qb`uk63R7o5@{XhQu
z{WE;}p-Yys_o;J8#Kmm{|F5q#owtjdy6!G6a;=&`*q!D}v4*jJcFv=R=zk`PVu%Dh
zf&jSc6jT1MBeb7?jdE6VL85uJd46e<e@!c}G&JSUGfO{SC8xo+SC#wT@1Kj>CSQEs
z29)?!Qfe}R7Bo<Ho0>R3J_Zf}V{DecgW`aEH1b!2Lx{rPC&mRQ-u_|0gr(n+-W2(5
z3kG+vdNPl=`IE9U9t+3$`?W@Shda=oS+WsqpBdW#(STqOA^~4FmCG)5f8HCwqgoc4
zx6$5#(7(0VgazCRBqN!CeEo+HYm}8oaI71Zu?z9`(Tl5{g^QxGgntd%-ho$I#_(Fp
z(Z@E2WWa~bF7?n`Rov9HP=xUCm&n#k5i6jHRog(K=Id-yuz&q^f5(uMlpE5bImqxl
znoDGB(OkhlGr-MtnbixFsUpg4lu<wo?9VR8qmsD33y|pni~=`dy}b`Dtt?HKn!7?V
zfn^E!(k6R7dZAd;)--ydP$T%S@f&q|`U|@)j!wDVlnn^k422x3@Kx=nWxnIETtET4
zLI1vF_TA8jf4`N#P6NJC2)ix^Lw@-`zGn-+lqVx6LslSkyb&URQMEnuYw2cs=Iz_J
z)n<$Fqom<_W4W||?&d?M{9U~oU(lKihyI$PX#^}iES_^xm4?H|3wCE)OED3|Jp7K{
zNRJ0EkEZ6OUf$3ebbAP;OzqnaufZ2q5p4>q0-?=eREITP>xw2k$hB`vw>q=E_H^kD
zPqiM`Ws4uEbE)y>J99-3!{OEnjUJTUvZ<C82#~VJzSRj94vfs*zH~mgFJJnJpTlY?
zIe+zIw>>9U;)NiAaE<y|p*8@ap<!--UVrf1gT<DC!VAG{^`S<kvQMFPOC-0ldJJ=&
zot;cJ$h$k7)}nde*|!&Jc-szVk_yYo#Ui1`8AzpKwFF>~dbEU=18wt!HFQfwUaqdJ
zT<Q<=-5%1_Ke_e0fxhWtPx|@}D(GqUB}Vqx{~2jZpA%hE1IAHe+sAP;&0WXr9_`s(
zv8Af(Nj-1Xn`5WvoTNTOx}`N}v|677O1n&rstAP{P<Oq(zRRmcsYAJFkipP{+w5C$
zx;l=-<3OIOWsEm!jRBd~KB)P#Ac7~4R-?T`2`qSI6ndV>!i|Sh@xN%)Az~&4SXg|%
zx#vH(yphdjmW+RcPRxf6u<oBq)w?z`M)Z4zi6=@G@yhqKM;2|=2jUqBTVSW_$8iIL
zDV!-d5Qd(P4xo{?Q{Zg+*KlQwi!yRQG3c0WRw*ML_kb8!#gx<hiRNwTh)(!9V&S#y
z^zPmFGfvC3CWnKmRnqxc-WkQoIu>sG)@BIzdRJ&fa271Zlgk--mo&^RkeReq7QnFh
z-OgUq(DW{VF%|LEH{kQ}1nm+bdvx$>_j3XQiE;si>rrR4T1Hq#=P?fb_ACM;--{<|
zq2V*L>DI$@gx$}D+n0K}1H%P!?@~lJ%pHN4D>G1RbOM%N9u=OSd%#<|lRp9vvuV>1
zzp&OyWVT`vX>M_K@3oB}71Xl^Jk1WQVy|pZ(D7O-MJt|$3w<y&q=T3DdC#gmX`=$w
zU6CH(>=b1zO-S8f(^ICEpTX;V1E~n^t#Wm9TiMlkKuuk6ib**O_I^psXNtyBh**IZ
zw|t3=O-9XJhbxJZX5F1AFq>8sEA+pI(cef1oMOKFAyfVpgZA=}Q^3-kNx(b3(JIC1
z7M#UxZ<5kB0bcu`KkaQmG2i>Zi&T7hv(1oRt&;6^dwYpa+f?)Z;OsaEgn2_>fY;l{
zDYUuj#=n)7Y1dOqi56P`8!d@6$^Mw|m}_(G#N6Pr)8t`VEr$5v5k;CvPv>m`O*EVc
z^V<sc<p_OD40eXh%L}3I=rDtUcq`yR5RPG?64No@ApZ{3qlzH)_!_lHi5|>-6p*TU
z$)xiPVL?2FL1Pt#Mk5~`Be}W1(UEX#CX2WZj!>&|B3>257p|hpr%<f<uFU0m{zeda
zimgnSLYIta-oOJfB#F<CZ)z%E@qJP%3$yJJD4e!Pd<Aqzeq*;z;1BNEdZULUjEa@3
z7<i5~fAtyp>j5q!EWj*=`p(m*PkT#7Hh-6hlV6|iw0~PZ%<a3$g4f-`e{{TIX>N`d
z_io@MpMk{MTdh{9m~IU0{m}4mBhXd?h890SNf6j@L{l+`28oZ7ElH&(RtSW0b8{;c
zI5D7DT3P8_UJfO*akNo~@<r+le_7l*jaX^h_ow#q_4S1wACtMC@AaA6*c^Td4V~{W
zI24#pRI4;>pKp2?ipx-4AB}U_lUv@B#y_M{oom<^t*S8#jH%Rsie~V)Kf0k#+@D>b
z*SlIS>v5V34cNW?hbp%FbIL#2Eb6ouQGrq0eR_Iwp!&WFJ5+fZ6{au^D)OL=_-&Tq
zN&D-_!yCvgBFeE)y%ZJm+)1<bv;U+Zq7wviln@uZyifacYkg@6g@qrH@Dmh5jxtVf
zIbsluCF8xMfvEz>){W2i80$ZuJqEjB`5a?umL{X_n{z8KZ3H$5Ic$;JD?38-wfnsp
zf~4=?J6~CMeYRfs@n)7HT66jU|I(#^xT##@<W>K>(GolKQX=UXp^6O-qYaZ4g&$up
zibX1}!!Qzr!eWnt4Ac=H``wb#2fQvYUZkZw;&gW@7J4BWIs5#DUgmqGYCdNWMe*t?
zqv`xxH7L@_y=;+Hf!2hmyq>~~zp(mu@VIl>8#i_zjxMPR^d-xYY;ulM8tjh2fc)Yf
zgfNEGf>n==O39;#tltJG)2BoXUMkTNh^6!(7<i34R01uzy{Chk4DN<M?mX76p{eA`
zg|DqPyduwWo~Z!s5Id;cRUDV-bWpC8(*SJLuz?)hR7IuZ{mnyyBv`^WvzZ24z^t?s
z6jE=ad-=(|R;Qx7>+M&0<(!viDg4hWY^{FZTi8=1N(bxG6Xl`eyLuJNQv8iyF8y3&
zmiR|1tBUdEYw;qcF#URvCnh#m7j!@XLa<a@xSV9MFL{!`FXsHtov$7OCU0REH+?{~
ztT%&^vBk})z^OEOgX4^lll;}I-*9)ZN(|lzxY@Q{K^%8DskRPQ4{Z)33B;Q?N*TI$
zC)P14O-8y;X*1L<0WpaPY$%r#CIyr0i1{26M_Lm*iWCd_qA8!0>R5=Er!O+Ubl~?C
zHMFo028Ry;)Ger$0!y=cSZ6~3Sk{(zcJyVE?{e{QM-Pq1koQE4RtWP733r%|6}}e0
zp-Y?xh2P`#AxXL4t8MKds2v+e9&7+OZc7U>fa6B$kjAjyPTJ!M{99kD%MZL?Jg$x_
zogu56>461k^BkoeOH1j%1RH_K!gGBKD(3pgUm|@n@G`BsI~gH3z3B`Z*`D6Se4V~%
zSS}`=azLa^{9`Zw!h+^Fg>_UlE-`k;FOksMA9k#D_wF8@9%U*IY&aZFJy`8{q<I@%
zrD3@VTqW8=35>==OgCP8mye9S&L8y1rc!{Y25@`^KQ$1&r**T99ipw0fQIJjc4i3b
zWS~d|R1(27LEwYZ_gkG-p#hG4hKQ@Hp18Gv1kNs~4rrzU<L~3i=Gj|#!+zW0t<&bl
zQ1bDoHUZq2Do{%QX`(Z@u~mVsiXR?JuM+V7-V(628F>7mtwd{NS~A`a(G6bIfN0>k
zm1~P)U@YG$3Y&K+!+L+L-k{iFN*x2JC4!2-HB$3>e1|=Zn6th4rnHV!=jnXiMat>!
z_>(V(-kL@gY$5LPZ{W3#2GOfXMK~Bt9o6_%s*Nsp0K8=b=qVbGY>2lBw3saveihM~
z_lC6lh=c+<3QN-BLZNaMDgt)a&8?XKLXhMbawe*F+2}Y1izf=;{M0hzqK(SP2X#MK
z;089MG-}x|&M`4>>W6K*LU1Z7Sz3N;1FBq-RR$F(5u*Ux^Wz#;ZSNL(AVj&mD-s$M
z5|OPoZhX2unNT!Nr9q)X$YD9yh+*MsdvnLpd^*o20~toh84tMC5(#u2`zYRCkP2b|
z%+Wqv@E64(th(OJK-$3tZ+PB?n@{3%Sl$QRYQvFMP|op&WJ?bv*MJH(pCm3L*`@Zw
zR%MUv(JE@i0vVv!6A^;r$>p%c=%rp0VmVs{b=xch?keG{J&{SUt>0zj7E@(<ebHT=
zT|M%p>W<0mR^7=uUSO%R2ZGNJHQWd2!+5F>djrCE!I<I)rY>2^#nYGY6E#||FcG1g
ztl7uZWqvPdlG#bHdhTN`RA-Nyqj_25$&@z7<MBw%8Hl--b5-(C9ZfUPtKa<Tg|=pK
z@k6Nzo<FL>oRO!}AiBsdxx6Z2*Bd=AF*k7=YItFp*&!S8q33H3#@<EMN*(<OXN&+9
zrh19P+9@$PCI2dI41a{@bZKIJPlUmpPaYS^W`kE~RxewJNW=&W|KRjgpwMrSRxT@L
zMq#A=Qe-pMt^axr;d)MF_Hz`qB>ZUCi2i)hR^R4A?$|^IF5)nV$tweK)#PpmEft>E
zcX&!Zuc>}{meYO;`@_(G8Ui-f(X+$;?($ecvMwHXls=w%qQC65+|2F-gRMAzr~zmf
z=`gDG2k8k%^O-?_2ot&}Ip~qKcg-e&t~skiXVaT&a}uM0Skyno4OPLx;YM>|N%tQt
z8vUw|j3Kf)6+6TR5HtX-%vrkGDq@ySXGsIP1|Uhkn<(=R*@$os#n(l{A_o1VI};`H
z;YGk0>iQIaV@T&qcz8HKK+9q5OarlbH{5w3kkN^NT>uqRKiB!iKe`K=q||=aX!mc`
zt8cxM6B4%duR&Fr$*y@Fq6fejVA5xb=k!!z09(mBiofUpB}6iTk#+ZE7GNKupLd1k
znS!pGAXjIsoY#a75QhX(WJddq7#lGsD773Mx(2=<&36#SSO8)@c*yIdP;4A-QVXui
zXncbKofz&E4fBRHgf_dL9GO?;17vk50H+GnP*nF0Sc8aSIa8n1eowk@$bNJ9<SNw_
z<#cZe<4Y=cv+B`0QRwPaDWrF#tt3wm(Ibhk-S9b%6LwnQ(NH;<cuo7&`GCo)+eEW%
zxo2<0_{bT=HQ@1}2Ly-X=;G*ss@7^K4IdwW;&Bn}tSfN3Y*oKJv+ud-EyNPYHabyB
z;yN%u^0)-~>oC3!Ouz&1?7OeHDEz=L$Wa|73xm0^-NK*YZp<w(4BbgANK(u+@Sa%f
zU?v?0>cC4y0<mE4blb%Py)%~_iyiN>VvPdaTaU`?vt4w2Bqr!LVj4-L2uvIIMb9pj
zf&S-4k7Y;q5D~8vUmr4>(A!k?WrtX+7;rTNkq+$>h*9pO5&5>uJ{xr8-g|;S|LBo#
zgY3}eY_|h!vyxbC1UPLL^`}m0i;$|lZPP0q`5E4_NTf<k>o?3`h~W8Q9@ugK2;Eqg
z78)+2__aUYtKufKaKa=3I7m+8H0siAo;jhp-vSsOdg@~&IYV5rR8+>LR??chOh837
zID%d^^A(6=2K}+J4eQ=dzEBRtAC02rfbPp<@Y1wH4f@8qz^J|R2jp5z#)Cbv3>xu(
zi3d!NjYGXI4sU#c3IH|zd2i6e{E<{qkaiV)D&=w9oie&X-h)?KV~hgRr<s}GKi(S{
zk08<8QoK+smzp0z=#=}S$k8~hHBDwYB?l1??k@qR@RJvGO1)%I_qCa45hVO~6D2;f
zSsl}X8a<E~;70)rkz;3wN7D;I!SO_Qr^9Tk`B<GKin~8x$?SC`FKJRK(>?irF%kS3
zs=@T|?oSpGvn-06KK`&jqb}dPk1cJ=rlb}dTzr9E!eu5rQpt?FKjru^Csl=y`d;|u
z+t2#DMi#@U_)w=vlco0>*{hijwJscvk2|^_&%yun9;zs&!};+|Z)4GH+Vh#S09vGE
zJ8C0*ulLMd^g#3-E}E*{7%DG);w)1%W|u*|?excn^3)m6#SoCEy%<V{SDq+d%-u#K
zYB3@UUOxka2gEAeKdz$LSDj|73SC!X=1qLV(2s-j&C9sR^j}YR;16pss@c8y8I*<t
zpQ8*@m|an}ON#vm3!vsYmaM%?qySe1d;ezBaxSCIVs-4k-Bj!^pp8IbURAM8)+%s9
z&KkjwXbOZk&Cbn@wP@fOdkO@SEH+U}zyV=_>2m)Lc;w$K)6-Fuj*EJME$2+NYbZA~
zg|mD+Tc4Vm8kD=`3w6Iz^c1VL5a@pYbIJysv~>Y|$`bUv%7NY3Pk?jzOK!O;f5U0q
zcrZK2Sq~s${XkpU_{<!5xl|f%b2=PMw8w5mqcebQ>!TPdMIb@;UFC$`CNdJ3*H$%R
zk?;%#IWOgWrX&TfP(k70p6bqnIzNJrj%<0TncYpdD{YblcI|&EHSDEOhQ2Y55FANl
zBtwc#&VkN7*ht|6*LA?<b}*d|z=7OcR+oKH5CP?yTZA@%S!aWm`ba9Y$r<7W9G!-Y
z)Niae%N8d}w23#RlE7ll1<D7&D2Js)6k}(+QCSi&svf=r_@#Q=?dQ9kmMqjV#DICP
zx(sza0yU-zy>Vl0i`i6_6n18t4A9pDPVASK-Aa}uUbTHY2g6^02>a2d&ZSay$>r0R
zE`k3aV{aKy)wb>rqo^2wfk?v!2`T9=6%c9Z4(SdlX%*=bkS>vK=?3ZUZt3ps_gU_<
z&pH2l?}wKUuz)pVjXB30PyFJhMpxeQS&*271aq3gFmrW%f43<a#ih_#<xm?pSFxV|
zDwz5D0a`f{qlQ8<ZWdr=e%P!HF(WjyY7yQcsff0R&j&|D=AA{Sw`Wv9?uTy{Wv@~e
zd|yhc*Qw~YF`P}E6N9D^!jbgA+xKT>zP{w{o^g(XI`J@dE|SISzzQiw4W<9ph1ApZ
zx7GMap-xU|QmMR9d?|Qyu4ijCH~Fw0X**jwvct>_5y64ZjxQBia9*YI4VU%X#gy!w
zgajz2)ow-lapoO06s}k8&^=kwU_RoQtagsBaujcEkWLoqPjr-IBxA6duCRD`3)KnF
z(Xrom4|Evf96MTC-T=PcqHVvFrU4|XB3MoDLL${L#<@b*R<<|4Q0s;QfpWy7JT|k5
zzs#qco|t09J;Ncuz~hJhn^J*8R7vPF_2919a{BiTT(Y@RA!3m+Aq1`h0yhA$IX5TS
z^wVroxh<5s8*j24`Rh|53Al@vr(Kcen#Gx?;kAV&YgNzK*cj9wLgRQGcA%LT#3rd8
zbH#d@trEDE7_NX0ig+B(r~3tS4nOc^4GgeZS%(~6hAs7_Y0`YEC)!rXrAPfWdHY$^
zAagt0GZM>_@^iD4B^7cN1J#~y>pTx5j$=t(^<*k$33nbJ(O;Yid|c7pS~itA%SrxW
zna@)7P_F%AKjeOQ@Hh)01>W|3rtL#=M;Bgge~5Kf2%9!H-|5&N<Ls5>%-leCec?IF
z@TK{Mp63m#I}6{pzlE-hJGAbruF3G?dU`UsoXL6J(riyoiub&r7T6Qsc!rDVmn;{g
zNHtH-L+*JY9w<2Jl=rPoZ%m#;Up3en@pLeWnorl2IOX;C@AcRe9IO29HLt7l>jh8}
zz*`>C6UNvm$;(RsOZKeG6D-c^DgUtpT&Zk5HH0IF;)gb>0@84+6tRI!mFNRJBG=)`
zQhRDSXX?3`Ak2^7E9^MzSDAs1Masz;m6rAlkVI+HWsho!iNUJqskl}MmT}vDB+z@p
zcH;en^PP^^+7)_Se`|sndDj<9?M||&ko=9|4a9^$nj$c)_L>pyjAC7kCcAf{<7Y^I
z`s*dXcYwF>z;iO~>XzgC=Lc8>Ty}|?pRUs=?S~4M83q*sJZ8B+69wEd^@caAy2Z|O
z#(xHJ78%XX&qo-5H{R0DUWK<gW<TS#YB{O`yJ;d}UKByb&y2~UmZu#!4*RR3ZcVw;
z@Nr#~DlXI8@px~e>5jBWL3$HzCxl)yQexb#j?0>+FL8QZHdh`KJh5#zrb5zkNv5WR
zK}4F$Ws3qKA`R%s%gd5ZuqU1M2czzIiO4Q^pn`}rg+_H{NBr4MD5YIvw>rd!%$C`7
zqUA>}l*uq~pES)RHh+i&GXkMIHuTvlF@uw_Dwmgwro5Qc58iJPVvvi^9D8Fx!?ic<
zo%5m#gD8gw>hr26iAqk`<+;**SbguB=%At~KQ}Y;sl@If_%eEz*hzK8@rc9pIkY_l
zTl4T34qC}6X2U)|<Kdi#PYA<ich1eCs!^9ZLjpk)3CZGU#-Wy>w^x#<3yJhV>Nzp-
zHPmkP?)t8wAt&qM=aVgAv|Qjcsl9MSou=69N$wxby?2}>AS6_vy@Xy@SGPQ{ViUu}
z5gjkkp91v4$p+)U#<|#Gc_9XqjA+0}TGnsf%C*}xdLAG9O~|?FqW-iQP^F~0)m-oD
z^-)YX@N`HIz4@wK6*-$L^~_(46kHt=7TrT-Q!ebDiP<f(xq9x4eBMJIlc2J$<j~=f
z+$=^U?X2Ogt?c&3s_$eG8Ce_Z7CS%Ch=anMlbC&k?(D2b5)wuBH|}qpNj<<b7rDhp
z8ED+sy)ynT#Ur=${3_5LDigkX#$r<@LeV<KA+8i|wI5?+3CyjXV>$K~W%30qeJ_9`
z@ApCfF+7%Zeycbm7<~W_s$?-}k#P_s$SpE?8K~}Dwy+hL>3a_r5v@83?anizY)ejv
z5L3iNRTsC1XkB-g+QSVhbnvIMkK>@p(U`R&^XNhYH`@<UJS1zces?)R2S6)Q&C`Hy
z19!mrLvnk{GjV0G0F;hMdE9y?CkgEA>_ozzfe2dJ@=zj{<IyHlc&_+L1Rd3-&_aw*
zAVD)%y=RoZBH33>sZ}LXT5MFPCw8t5MjQ=Z&p446&YyJac?(HpNMt`bMcLI+Y{k#w
z;-(6Vcbn5S2(~`xn9u#Lt(Q$-4+*n-Nh<DCv~3LHgB`z1rhll8GP3KxUu@5Pvb&^#
z5@N!4IJfiV%NP13-^h_sp6c7rz+~3T>vn#51qEkQf4$r9uU`emvrR9r3SW!Nxdzu7
z{Plcu$DS2FL6~#ZN4gs27HB4rFjC!xipKKrnYc(8Gp*Z$-E9}0&Zxm3bb+2Vo}`w1
z8st~z=dTlcwRU67L)$tow4V5aq9>HY^GZrmT_(r&H~OhteQQYPju%iz{3YV^u!vl^
z&yH$nfC~oAai=0p-dt8=i6Wyx=v1W$cn5orP1d-^L%t!M@JbLsA;L8-7m-|c5<Vd{
z*REYtt#<N0J;1X#TvyW44zVMf1OYBfOWUS?CcJCcQm8+yZxBEwQemX<q(LUo%EqQ1
zD*c@*taD);OuB8~bjJ!Q7o|HWgShMnubWMiGp<^OJ!59>D10udN^^O6DbU>T_QwZd
z;6Vm0AI~<5e5I5j=Z)pwiBurvZ3V@-hzP~XD&L5$k~hj@?|XfC*EU*B?qjS8NdINU
z9Zfg7y-@4Q`*MxQ=rlOKb7j<Zy5yC(x3r{CKME@3-Oq3FznL$<XkxwJP2AAHSD{uk
zVTu2N$xr6fYg^SKy#pNM!>OM?8t?X>)}yob*cTzAm@DlV%_wp{4kQjSy{_hBJAc_v
zjl>&T!GFCr=$7x7qimEE*NPD`SS@^0Lsl4e?hm@-K|^DAYv16J*7#7i;{L&-uuIdS
zEnrSVjr*FOE32E498q{ik?<U2+d_LNnO%-57?EK@^$dS~BVDR0!`?N;Q!ew?{+1|N
zypMN4cQl1vR1<}vadXb3SR5-Ley{}(jN~vjy4M#yU<y)Kt05{miyP2R@O~b4v{%vk
zJ>hAZMlL$?>5=%rFg#QlaM5I)N!}e89QJia2U34b*6F~)an)n%msXRZkYo;*M!Ah%
ztv^K(tVdYwz3)(fl54m2iNPDF3DD{B06XnaYO>gd$vi78xIw^uu;cw%j+)51h)1FI
zXo>Y|PXHLNMVCOin{4!Od`tf4!SHkhtNo)gtA+d#eRK1`swy5kH#ZCdtPe}*p=$k$
zCqco-Ay3VxxDibi2u1O^Tt4Sw(IxB0Upmz|;n?pjGUUn-J$|esWp*O*_QCcCg0uPj
z;(T)QNc(_+uVXuIhNd%+z&<1-?5gHN-)@Yt-(MdL)R4dWey>8{^8U)<x_4lpekUCt
zc+Z7^76`^tcRa;k^hj6Zp!MMrL*$~^`bBt7>2k8fWK>J}DVq?w%<gb6rKRDr>u!DE
zbjTnNwRsiG$Js`o5NZW8fK$G@JikdZ6z1*k&ysuLxOuJw%LV`Nb2T6y5`jTcl4y9&
z7Z3M*^J#V8%jgmVVaTO{#d#lK;R}Zw<8VyB7OyvuRBk_)eyo6{(Dsc|6ny$<13=CY
z@Nbl@)av7fX6-){>eJuWdMc>53bqC(8;s^-3I*U3Gm?A;DXe0%QL)6=;^0S8J2;4t
zpM}l>0a9HZe_laB^4r?F(uxY13VBl>OzJp;7z)AHg1h5~rl7PH0adM*C>Cm9RV9Hq
zAEnELV6gU)P5-pZMrGbUB@utsxuqhXw)}+)pN!$`FAHSj?#KYzSXxWN*$bBxXU7~B
zOV$>zYtLeNrhZ&V>YH>F_()C*t3Kyks<*Kq^0%jZbXodt)U1{m?|rBBqCX4z<2|ob
z4R-?<GopadYuD@0jy-X22YzxZ5o>mqed?oduUVSexUzA5u_n55IP5%LSF2&DA-QLD
zfvw7{lTSxfho+&iKHSsfT3S4xE?H)~J&*F*a8$pYnE5@|<7B67ZRkD+g%2j~7N7%%
zc%v^;yP1}5-amjfmf3NaOG)!Lff-NG1IOUZOyi8sHUmfkp&i|@*r@_k#yr7%4ya>*
zsN~{A*&Zm6*3E|1w^I)ee+t1`+K()#WLiar=8tgZlg<zmnQ~c5h|NH*YsY*0>sQAZ
zF4s?t$wV65SHEkKZ=vFf%+%e)*_$~NJ}k2A*K3lDGO@gzt84T{ns-{Te8gI&UA=tl
zi%I(#AZ2V9X38d4YrkKLgg+0RXCO&m=yiO9=zp!Mko7vYJcXhO)R#Pj$*Hd+Z&}RF
zQ#w@khC(L9Fb!0t)-JV*erA`T!mnSyzOWYaYg`J0i~~F(BGWbigd4%TXQjS1@Co`;
z6r&n)(`_cBht!sqf!$jdc~?lp#78vGl|=%NL$o1mU75&6f#*H6_kg!=*c5Q`72;2c
z7|xp??H-y>Oiqqg>Si|PAyihNBHfoPedw~d5*doeMne%bSsA*oKP)6X3L`;@J13k@
zaOGt;tzVZ!`O%Pe8Iat)x#n~^)1@z8X#TcprX*Qmo;wn@`+R-0@?>=F$ZV|gp<C^X
zi&M0gpr;fUXNTHdm1SQ%-N_yCU0q!P+$@p!+TUP02N?>*6KK`#aXb|#2PGPv8|XwF
z0v8Tw$7{dizuZ76_|Q7cY&zx#IrKYS-OiPMiW9BFr6&a*^>y{^$HVc~s{=S}B^@zb
zc43XaHRK?{4p0V{V@ooKwiDDRPhlQ@lgo7ZE|WUk*-QkJ@^FJwIz!eFogklvj6r|X
zWOX2i|Kjw((yFuL0_BLqVgDxw4*K?*`S|TXukS9Cw<-^nRW@(jf`rxey2awYA<XS&
zJoCzz*4C)dz|$Kqrky_>50!H*(QVfQ(52zP&xc)I&nGHvLTrp(g%9UwgCFS@MDq@0
z^J;e{Yf@|q;gvo%In}}pZICX2GH?ED659PA;&<dEn{SL^iaNQgj1v*GY()L?KTD~`
z#qvx3Rd3@8`HWsGgG#Y_{*N}2{z0eIP14KvLuCS}cyx*d%U)>F&y_JA=>0k_@paTV
z2w3Q^x^r&b6xB{FF>mF&v~2p+@(vi$;oDC>5=%~)nB&0EN!lq1m~Y4L_C}&6A&j&0
z79mkMTX?CmDS#c}+7foh=EqNa5-hGt5oT(MvHUF$%$vM+O=GufgMMqG5y|?BO^h-P
zbYqFGn50BFV{y!Eetq%c?l3+ANoJqU!@!m4JkCm^UhW5BSab>IbJ+*5&Vd%aNFZA|
z^x)edxdET_uz5~%01Lkxl;i`5oc=dD4Rp9KR)=!Lhq6*0xkKs=V(MctIv@aXy~gy4
z0EsBxN5?^nRd`QN903*vcwyT(^0Wx^P+HK_Wwzg@uLDj$rikOdW5zx{2`_@{9$dtC
zWgtZ*#pp49?HVdR_qWeC@BWs_LpaFijc7ph3dSgDt139=TXlX;N6x25YyR2(Xujbt
zZUqGeWsl!O-MRjCz^vJ}ng=>z%ML~uMb_RzyQm%;8_21544Kt1&Q2Z~PG;N$k${dk
zws=@Nl)q(*cSWo`tjWxzHdQxnT`$wnDr5}iQg~i$auzC++D)&eI2NXZW&a)_r|yss
z1~3AqAQIVF%kPPit#aD31ymJ!><>`*oQQv>k4N~hcHGSq;Y@Y+NlW}`t#1;{DOo|S
z6FX{4Tid3=LHGFKtc7Fm5YUy09tWY>z=vCvfH92(tZ;dwqX(3jOd|V`DhG4#gUpp~
zPtQ!DX@Asru9r@Sjrddwy9rQ!rSzetp@{)B3sQ=W;k8TlZHn+*)mosUtPW<7b6w8w
zrYnA;)9co4sMy*85(>2N<g+hv9336oxW&B2#zyGByJ|GKFcLy33|7sCyg3TRp9Tyt
z;hQ=;Sw?q|nT`9t0Boi{T!S|0%|mnOC_}rYioErhn>#;vEmR?*MiWq>L)h7VDNdql
z{qqcbHPJCV`nYRj2Wt=*M(|ZQ017N$U<U!>hTuuJZ$2G9u1sqx3Gvb9&R|_`Yd9U<
zXo0S%l*aCR`=Z<DBM(hv=yRWOqK`SD7<VVBsa}zJ+^sHR?D!D?Y=#7vs#{>}bi!aY
zWbK>zQGnF2#(dmFYLyFOsa6#yr^=J15H_~(B|58M)p&xR3z_`I6L(qOwlM|B3u@WB
zRuF8W-%-VW;1l|=t)sgkSrZwV`gOrv2FubWF69bNv)`>Cs4R#qpH8y9wa!VW`n8NJ
z<>WjN#x-*b_lcM8YqvM~?A$K+u!1&z?>tnk(qB#0i(?0*QnF!!Vzndf?2PtJnWNGC
zZ7*8lpj%Oo{gNYu@QJnx6NMtN^;nt7lyW_=v1`Tys@TL@-{p$kVWz~ce>44zkt+i7
zmEo2a(?e(t)ip)D817@h-!9PFLZc=h_WfaQ-_Fw9y#7-g3b*RikLqK{y+g|MH?eW5
z>H{W+v%E!-;_)s0avlnw;D_~lMbp^n9NAE(4EQEVo+OF>n((Km*G%N8QOj$hmf_y;
zX{5IdTp|5&)q}!rq$B{-{?2ihd8~m-KX*~2vhDyMp(D#c;On(=iZPe(D;cuh;_4DE
zE^LN<m6$TTu`k>l0;%abp_nmhRWrYKQ$sq(1P2MCtL9XhRD_=$qrPpT=u!Y8`%@`7
zKQUQk_H_Xec?7HW6KKd$Kybuu|DMUPj(tz~jPn2w!}`c9nBk)IeVL#=_s0^H`%jlQ
z)vDD_ZGxM@_4%726Yt#mXu${<``f%%9JkQ$U&KvxSASPfmq7T!T-<Nwwz<lUW`lBR
zsTGA6WxxJU$0K#ExmiG?FarsIAvbl+^^6rQnv`emiDuuiq`^dsH6emd<iwy)sNWq|
zU)%f1sJa>zzo+{Ls@3}@vD{;AZEeIOYA9#=1+<@``rrQX(wSC-k8fqQ$e7uDFsxfo
z!qEsXNFRZ3A@V=@GVMBPA|+iZdG!hZc#jVK>V*9ow`(m)@#QHVpVN_euyfVH;RA?F
z{<MEKK%HSAWB4nfx%FHpp?Om4#RFk#s3nO(du;MPod<N=uK}-Q&XY(XPxDfhv7&4T
z5>xvE$t%)8HeCNF-HC`64Ro?%IGt|^388>1PyO#t<}=`U;YGl@t9EXVvb_;3D17L6
zvWux)Y#2Y!i>T*Z7Q<}jbD%?jl3>x)-CT0()#k8SMdiELj<p{Lm7fT<D{Al#<9Bkp
z4rGgDjd=BMCn~x=@$$LvcJj@)_bP;oP2viT_i!i6E6u7~NXvGbo12*&H^Z~k3&MW>
zq^CNOO?q|mUM!lyHxcECg7XlZRh$@INT7v9Dnm}8ZaVg5h93oa`ywzCn~!1Tpmh!W
zgbG_jf(fo9Gl%JICvMo9P8&(ZrdSq)A^KfXTYmKBDivnPz^Iwu4b5Z+Y|d!2=QZ<#
zMry}HQthDdkoMHD?%qYg-=5*nyuOM>q0{^B2>{)9%(%2>x7=#anbOCf?&PJ|klZJd
zxSVaoq1w6EQz*=|I+Ts_iz41h%;HU-MvCBkp5NDF@c<$3>4j_(19|q9_f3-IF1ct9
zAEPgP{pja7KlFR~V=mq}P2wpQ8!;6!8@?g2FYaP<6XM#!Z?dyk-<9Gx=WV(o=XpOa
zA7itsjkgx{M0+1n?odNsd6m1ETa?^soV|SN0LU;vj?TNEI?l2^Juabe>8~2F63L$a
zi4JWesDDweP?H4Tot;fs;uLz0g4eS2M3Vbf&X<TO)uurarBMSo;Qr6eRr3{s&rtO|
z_q^EczyJ5^+h4C?)F6SL8D9Y{2}!q}?iX`q52kk|1YEgF+RQH&Vk}WJABopr7w*pb
z8#4X}5*idP>LGUS)8g76G<Bu=o;_8x?jGIXw)xvSrnrUs!z}Ptd!@3`@&}Kc`36th
zwbr7HoIwiV&sP$gwgbvve~^H|_%`_p5`&jUI(x!{m;V4q`$GPOC=Mpxrx|#nZ=5Q-
z(hk60b@%aP5sg0^!Z$i(vcGZXr2N}IyX$<Sm<%H`FRj82Z3}D?baPIfRGe`M50#`j
zUi}-yn#l66E$R_lI3}O&5<2&DJ^tta;XZoj|G?V+oaq~%Qm%$nyW5nrD-n6K&V(ZW
z^WTO00peQ^q>~J1O83!;JO93J|C}HR2_<768!p?~mwoi7O8J}(dpYK^4xT~(8-~5}
zUP99~kiI<J+upGKSp`=^f0Y=jW4Y(tLJULjz}5XVK>GbNIDdXJ64EW*&|~q_k+0tm
z5P0!F0Qdro-2WPye{aOd{=ff{4R_hqvcww$2hYE+#@{C%oS=w@2J`_e&L}UPHz)7y
zlkIN*=OdAj;I!HBU14#?iSYRT>w^CML&xHO43F3UzrPHv5PbZ9cf`%MRZlVg?!d5=
zAZn_YbaCc(wr@Sq0z5?>ghKu|8=%adNW=x*?r9%aaOyo&PkYz8j1UW*Up0IunbLpb
z8UH!`V3K$f*Rqgm$-AhYdE@<DKK}>(AdmuR3Ez~gIDw<!NGF%B&&9=MG??L^>PZ3j
z$@)Z*+sBU|_t8cFJ+z1yaTXMRI1S;JXtM){(qt~t%w{47t1KNgSX8PJ-WbiP+5-Qa
z#NR*ZYQm{@))qqRXYGK{IWji(h=9OfWwE1F-<E=r>N+1^jkV9;$oM{)7XlBgB%In=
zYj|!5-by__1{w_Whh)wRQR}AuS{^i#e{Nu5B09O*Va+!V+N1dk%M&X$ey{t38(c5#
zfzV0gnpgX00=_A~>vel}5Ur||Xz#oz@^j*5-tH`C@zhA;>g&D#g0`c<B>jqyNqrmv
zqB#p~a=+Tzs0g0^q1^;wnRa=bU*#rkg>1f_)IRjq{crgC@8qbRGiDG~eW$F1lb2si
z4v5^F&Lcf(@3bK&<|o(J2ZD9$*0}53a$aIOfmud-d@hoB6f+qpU<))0Sj`?=vYJn|
zxb>i<vw8py@~Kc|ea<A;=;hhrV<L^eTwj)3Z#4Ch`IcFqXk|2#A%=6eB@C}Zx~N9u
z;*g<u_P6YY%)hP<X_bx_PEC3Opkg1>sec~KRA6vCT*BwG{Wg?a1jQ9#VL7INd`xeJ
zqy}*EJ1Xr9ly)ZHb8~a2Ddbj{b$&1Ld|U10{`lbRNE@JO?DnUmE^Jr!7xN@jg7)SE
zC{M;e^KSzCP59MjvQsPz;z1HLe><Q&JmZ3=8@KkKOHP+*9lfJcDIlC*u1^MK;Y1;H
z3>?fzJ#8F+`EOKe9--7VbMxsTNUAk1{s549h=;cq<BSV+Ey+%L25eMd11XyPPvGv8
z<Qygrj^qznHAEm5+ngcCN4_;8=G|Q3c=UYQwT7h8^8cAsEmw3vD;Ua_35=U`?E7JV
zZ>+>vGFQE--@5Ynm|aU-3+!ie8xLzJoPD2AH*LRrdTiaN<AILz8c<K2XGXHQ!hxGS
zlp56}+Pt{!(dLIK(#ceQXF5L`PwRnI5!meXs_gy3we9_u*Wlk4$!vIc%m4Ia6pK;R
z_+m$7$elTg-8SknY+jQa7)`D|y#{5rmLPNpcZQDb8IhwM!4tW|TNdYB)_2mr(7x09
zuK7dD&MtdWEpu(Ne6_qO2N+d3lOvg06}BV^p9yYzF{AFBX<J+9ytR0^zjS6FXaCW$
zn`bGO>sNzgx8r-(O-<u}umA=o01gLf_TbTi#o+!npRU+y?Zd1x2ovr>?|Nb)qq2;S
z>13tZ@*AbhlfMSFky6CsUPJsdpbc;F)oAixI-1t+skwTwyVxmIVM_q*94_eCM(`Lv
z?@y6Xm<~tm_o?H1U@9yo2_316#qOenxJJJQEN|~{zhsd)akX`k{HFui(nFfer=Kn>
zUNWHHa&#)4oG8cuI|%ft));Jr*j?6J632Jtj}3(rud~n(GPSN+2t08-KfZ%57;~&!
zN9w<!05UKMUKm((YL{7aP&oZkU@UmJ$+fN2{7@qv$mg&9aeU!VZDF}$fm0XT6;^D5
z72khrf`zw#f#^*U_KLm&N!RO}d_4w<vQ&{Z77U@8gTK-X@6jrk%(e7tQ=XPPEl|al
zTQ`p;U&ox7z&W|N&+T}59@5m|bBqYWL2(ea_^x<IKdRWE(>o-c?wSSYr#4;g-&?xm
zi8sO{=G7Swh-H6lsWt7=c{Kxk*VMOp!9?7k)fx(3v|?+#fmLUg&t@AY9rI<Q9>kCL
zYR9ox$o}4$3sfjOm!7Ct3gmxC;XhvGcp1rhS-8Sv*rRxM1>Vp<3>myGFoVfcFP@xb
zuCfO)<m)t<&(sMryA+q$y`{Lp7tZf_zb{{q`u#$i|B|=%@droa_3n5&zF1CMy}cCi
z3D*aJG)11QIM5tgj|BgDWKD%0bRHgOP_YsO1Q!^e6`Bo3{Sfq--AG*RuAREZ|CHa%
zezFc+xLqz#EKWNpS<S{?*xnQ6bRBm8xowf7UUmIrP!NOZSfMUp5CD7=9FbOLw$mtz
zWs$4wFO~S(>U3YYD~5|7d|r@pH9Q#?J$uC>x&1e|iY?$#3SuktEKG?X7%0&3N4kA~
zVU?DLC2D(iP3+Z#uQF^=&ntS}Lc`0qZYBBb=0>TMPwL>{U@~4D`t|Drs<7N&L`;`R
z!P5BmG&K!cK3=-rzU$E1m+brIdQ5Dr@Efr=h+9sl?FReNZLQf_>IZG}U8`PwO?|iV
zr&R+juP{jsu0k+Dh2xUWk8(VmP;flW)#b@SFmJQ#y!uEzjh~3q9Z*s0`u^#nMb|i*
z_yP@NS@gR#ep;=0W)k8=W6MldQ9+i``qi@W%9A}g_%OCyQ&aO7I5hPR59{yr=~^#O
zxYwWYfOE`sS??||(!_Z9u+|(*VoY=zAQ)enNapfH|M0c51NCFPYb3~HG-ETEJUiK4
z)IB1+e~OOX5pOInRV1Q|biO%}Y&A?ckTug)$-#8z-hKV9iJSW?Y+jRG#c7#7$+{g`
zUPPK>L`)-vx_Hxp_^?<Ipr8{1D)5uZ_&!@#SMoKvNA}=l2dFytadY0Ibd?fYa_)@T
zt5KkOK*8?XU3ZesW?0fa!)Octh-|BkSnQ8j-sRxbd*k=&_6FQg?iG$K9aG#(PH6B;
zW1ryOwe9ka&d-9PmsauBE_MbZNgT%V&lAfXi|!ZG0x7huR5CM|>c)$)c-qFLV6stG
zwaIT7{*X@TCIR$xmt^}UC^ROUZ@Iu-lW(<z?sVaVWYCv{BXr5pL7N+mG*M~qmap3;
zov&jk5wm^c*RK}vgSjH-Cc%H(iG8@UlOk)VZ!=qBZK!WHT`jI^LIZL>ORaN49|*bb
zzJS|}LK43@IV+QM=iYYr41an~HXa5+=XzNIz<5EASw7KrV=RWx^%IYy9R?O&W?WIs
z*RN@pyxcT?a+wOGM_1kNj0UsZ-C}u$%~gjTI?lwz#f8PZD4wyyVsg9d!cn4%j)5VF
zRJtp|MWJ(*g`sCy|6pvep|R<D#_kx=nu-@)X!Y}$WwcA;p2K>qLl>#?iZnB%vXoli
zmMniE(0(~qoiI^bmMTOub}G&rS);qF*WUg)1LGvS?lva@PSD_tH_ek&*?i!;kYDaH
zz3?Hk<;4O!uf^`jP)cp@+~#U$l-svUyM?=5TcU+*q+Z}G^#S?H4a!)(MWXsh67d}E
zohs_<(*+?~jXu}kb`4^(9Yw8AltqK)_#Vg!6>p5RX5rNI=a*5n$|gFnR904v{xl5X
zv@Ew7x22)!P@=ahKCLrml3{W<!u#m@0?GXzrpR7|(nD88@NBxM3d-Yil03>$LrU9J
zM*~OLux!=F*_(SvA9hH-^67P?=<cNeISQtwhf7%VTPGE#i%pB=?T5Gnx%ZsTIp)KL
zO+kQM2x^(q>p<{bI`)<UO>2w&2#Sl-{Zkr-d&IIL?3nts6S-?e5$Wl7;Obuc)zd@Y
z-)!ESMM)dQ(zy@wE|7;;lbtv-@wix5IDIK=c4@8sN8`On9{nc?2?_fv{aB8UC`jw;
z>xMnw8Dz*MWu|?w=w23^v??GAe(}r<sWw+Db8wd?6HOOo4yTce0%U#08I5vb>Fao?
zlZjip_ZH|A<>29gzAw17MDC9Z9Bv-`YHSSMoOE#7#=dt?bamMH*Y{6uI7|*SoSY63
zk-DPe-q#V2%;Dj1qUK96psTmWQaktK-Fs44&-Y6scE7Wwy74L%C1HC~zJ-mTgW}UT
z<47V015x4~%JwHURYju_6VEB{=*52`v67W!JY;$oOwmwNLUYuRn4w+6hje!F%l=b_
zb6#1isqLf$VdAXxa_P;>UTJ?y+MT87oYkcXeuGP_h|9YH1)2x0Y4pd8kD@M;ar@sr
z$tv63(Jr(nNTkAxJ+m9Me_ru`by{rHY~|+Q33C+E!O*X5=ZrIEr|Hyb6fp82c`Dnf
z7SMA1Oix`y_zUCR+^<|&N0Y)h)D&X-eg&M|L5-?vZTW_K^6J&7*9%<@u4V=QN^HLT
zqEZy~&B8X>KC}4TYCi3CblafO@3#%!Zl0Gj&_Bl|JD!qDc+cYR>}oE?!Bh%wL&c6^
zq&%n(oJ&*7O=v2<heg+0%&+egYLVjONc-fudX!<SanKGb8XCCBx^Wub)igFn2z|aZ
zrwX{HTJCgHRP>%r-{W5c9p8Y&X1U_C>h226gwANz+H7eu8$9<{pAy}WU%qU0MkC<<
z%74bqoMDQChj;A(CT467LjlPp9$S@{3|0EM1Q!z2f`I3gaXH#F<blvWw>)R}c}(f|
z0H<~^ndaUTitf_0k*jHd7Ri)J3%&;>R;_6e9=mh@zW(y>PpV}O{tCITm_YlSQ8Y%n
zb>ie+x?BlyqiATdUhFMU<Nw^yFn|9y%!8z7D(8nondYwkmpSSc5}sXZl=Atg3)FI8
zz1J!rkP=f%Z_z?uez0D@K&@anne$XolwBrYjN=u*2C^Z@pNAc9@qPFRF#<e?;-s{j
zq%%x7sN}M{{FJQTyy?mMu`;(Nlv{m4sZ!0jKqdd~*YAWIHzp(*Ho^KKZTKf8Vs8Z!
z$nv=tOlnIP*<%NI42P*2%*EM?Wy*6lD~q(_7SCn{>d8B=E%#Q$pT=~=*1VnE-13iR
z?ox1XOYgpWsdx_kvPA3A-H9^CaP-&;=}K88qhVvO=BW$H)6*r8KQA_vyrZv>F_>1L
z)Y=b?q~oML;xBIw#fOHS&yOFrE6`|nEE8GSSd#tqi^%;t;2xSlqO@-?JRE4FMH?Rz
z-Ja%I=7CrI`?Et+q{nwbZs0B+n`z6}Qoz2mTkhTf=XC4UeS*=B{Ny(R$Ox&PO9)UF
z*Od?f3XmW%C@#Ztf|&uFlXYfA3(ItKc0OLcXP_3i*?|E(xp*`6<F8*M(rl((H&o8A
zyuI9_GXMIG`R(U5JQ+Eqg)qF|7ItYDDZ4@1=w8lCEOLsdm44FBTRO3o7vWFo7rv}I
zs>sMm+tx{az`Z3Jor>=opKC-rQKI|xV5*F?sbhOCIk+G9N=1AqGr0eh^Y_(VhpjJt
zW#3h&3ghy0RLnk=5ihT%HEosgW9C+<ot_%z6H4$Qsok8X_b~2GsMnK=A&`~pAF;=~
zwJzlxKY3eXYB=r&76dE#uWb3P)SEp*BEFsDGBZC%y?HkuFA4*b=;Bji<5h*Nsmk7Q
zD@IthVryx9lhH*_wPP;tGi&Q(-HAZOh-j;hJ$B?<_Yq=h(p_?LuNJm!jNdjjGwF_P
z-MD#^Nq-16drmz16b}Fo4N#bLnm5Qch4iRCX*vbGu{>bbeLqFo{XOHlJY7;!KI!fo
zew?Es3H{pIAMShGyXBpgH+?|^FFaC9BOPcdkm(}(o4VL-!p5(0^z{#lAw17lQO<C6
zxtzTT4(m&oZYcAuiRB;54T9=AB3aZD>5`>ei`Iq>r<m=F-xZr=+^Y=<4t`4&I#Fd8
zxWc4ACtZx1EJ_y6EYglxiCQurAlbMAmI73qA`ytc#E|n_T`x3<_W8D?wPweebb64=
zk5=0e0_-vsLm<H3+&q_ON5pse{lfJs2*Pgm5d@qUXi{C!R+gc?L)#E;wz}0nTBT3N
z=fwBO(UHr^$tjXSg(X_+MGY^~e0O*_+S;%YehI{5#b(nl=R8`m%1_QvdeTMh5YEV;
zrt{$;cFQ-ze*5EPhD-$-afagDc%rIP^zXLWxU$)^uR%d4EbIx=$YQ?k%sB@Vh!XxZ
zXw8=lxXPYMeBEDcL%j%wgYZ;Q$~U<Qv0$>cr!CT#N(aHz=abKr>byZ`_#q}v<7{#}
zV(8HcwtsaD$U0981zva)PL?w!EJ~`De(-LUai!o@7oMKNxhl_jc~Sn2a;^g?Vap%|
z96}-fYf$i@oK?RIf7KS$s-)rzfO_#BiZt05$t;&%EpKk2;ndp2a`l1qA*<<Vlh;=B
z+bqS0HlabFd)N!g{pB_n0YUYikAR$HwMhFL?1yPI^53o<zcT2rqRBGMcAhTJ>~VHn
zY}z9`CVx~@US2*jK5BI|rFKx<&~W2NVxkn)+%<$JBG@^K*v%@W%g!#?+@nZ+^eohJ
zVz)f``KR;c-lyQv76?w@A`7X5jdX88tcy<l0R~>;6jW5x9SXv}`|uDGznt@z&@G{w
zsB#Q<KI4|&IJ(f5-UB1bVw1^^_V7;t;0^&icGAj7b0CpSwW|I8!M;?A^dn`J>Dh7X
z360Qiw0bw$JU#|o=QRI>#wN=oHcc*3<v~V-@h~+??u_y7Dremnwyml-p<h{SH6mPG
zFYi&X?;%Yn)cJ_gccA&G7zb=&+@SU04`+-5yfbHjg<aC>*?<UHD$8YwLs=cs0rB%|
z895(CB{l00Bt_4|I?+<kJ_ivNP9arP$_cOUle*YV%9A-;Vb{A~%V^js#MtiVqhEYb
zNSV$_R}(K=w55o9X>?CYB&}FAloTNum@mTHubP#{fL39WK_R_`?kQ8q(er@?Vn~Li
zrl<~dNhe}hDOZM5vA}dD!L^2$@==XQa&Vq@b*e!x$*RrANh*c9z2iIFhnq4KE(G}N
z*XWs;o^q1}|48q6mZes33n@>T>aVK7LSb!k$qP4_qy5#fMy9J6p#F@5BfJ(yJFt-=
zcINg-qEV?*lkl$l=P?%J@3K@%dGA?x%I)OH${Q4DiHSeKY?8|Vg27^3npr|YPMVRE
z@!IAZEJRP!lpE2&1rhAlWj4%fe~<~he%%K`@Q=^rbCl~L*S*#f&32!w#B`|i&ACid
zhu`sZSBCVn$K1|`elPhwpui&;-bJ8vb<{La{)mMCF}3nH2b;B@n!S&pBXdxT1Nit@
zVk*ukaHlas$iP$B7!8s{N8;$lh+6GOq>{QcDr5rc1ZV(ZT7tev&=9kC+M0MbY<Ayf
zcA%l*iwGulS|HGS-<340kCm8;gXvHKlU{eM<Z~4j`R6Krm(jxj`ySd~?~k{-ic5W;
z?1QU~a;sXW{<H|!xkgvdNCYIRuF<nFoJj7}45srtdZ6JT+)Y_PB9lsphiA}x8a(kH
z;+_JH?oujt#F|Ro57-WS+cW$zK3GEOvW(6{CZMF+MaLI-^Sh6Vu9o(kVyOWo!B~-;
z25N*94GqoDpFiJT#jr^dX6I_$o9~tcs`ucLpvo*;)y~!7+6OB6XICk)c)INhvk+6`
zwu{cU#Kqp3bGa_tx`fcOw>d+H!Dq?%=9Mejuk|zgDfV*8MMUWhIYG($@%w=#hvGZo
zV3js)1VY?F(%p@|91NPj{u(PZ6C!SY^_a#$s6VB%HH3mL{CVc1Do38f-}ADcoBX4`
zGNodI^*31bVe?c4)_7OH-(VyY4gDeDEv;G=rm8=<cg*mZvmD5#Zrt{}P$)vrkk5V%
zkTKq#=oHrMaYm#0BjA000=}yZpi`6!4O)wghrPVzJC$$Wy_=-tEv=~69RMp(P|(AX
zkue}wiNeMJpW*kRC_4(Y*RVNSMI1acW+(zX`YWC5wa?S4@9_2+ABc(~=o$b?@*gVY
zk;E5L&<F(IsSp77Ltj!7Dp@d~=bG?97)ZiyIKMkpFXvn1DZnp0xMX@mFxe#jTarlD
zl+!hLtGcj&44hn~xXT9^_XXc)1Xm-;-F=mO{x#wT%7ygdQWT1<^=Emq?@E?~8&*vk
z?NSFPo(Y8TaJFsnmCVwbl}8fWmup>A&&e=l>x=Z_*<Oq(qzvM&urH0K8a-PsTIHr7
zuN_Rya8ArjZ(?FX(oY|F4q>=23zZ^&?7p~vbpS7qPf=?ULhk<4XOOadr>EECBS%Sx
z1WRsnV=|3Ov0188JL|VxSxo)#yC8n>wdENt-7@0~RwgEZrZ?yCv|_Dqj#k94Zp!85
zNvWk{KgREX9Ff_yF9PrcFr)zWOI9AFg5{>M-t#`6s0oRcc-$e1dWkuc<06qVwN1AA
z83mZR=x+bI?1($@EEgzXMY(@b4^@OnX3NS`5)Zo~lU_dp6*k7XqjaSG)&6*PTC9vz
z{f-X5tBI36X5(HD68C!uMf}}`i!Yh_?r$jEU)A>1BA42?-|L>E;EOn(EOWenur^dX
zz^t3!+T0x892oywJ^L=w=3oX$Sr}%!y1jBjgVf`Fd%G`$p0o1V<Xz7(N2;~4q|z&G
z?*@8l{{A|{&dG@g-u<29C?xtyrI2mF1pKv)9Stq*Hn$6jpoT=Fud(>4OU|)xO@Ya^
zk7~7_xt*gbowV<y&MGP@0{98x$3hB<0kEU(;qpOtOa<qj598yWSajEAK<++YkO_D~
zWgkv3hRxeaSNyLgt@MnHJ{N^zN=_^7_GP~(Q+M}ZbeS~=GHvXaFE^r?&05L_sYzGP
zLPZ@XNBs&8srElmw4TvYI1~Hoor7k%;d#v02a=W2k((QaHtlQVpdFI@x-)8jx%Zy?
z^*C<lw!Q^l!0_Ecx^{%Dn6JYi9>v-?S#|4OE`QmEGajhKAD~VR9G@O*8EAgY3wl`1
z+Zs*^*n1||DSX6S`dVA><?p-T@{!NQMVV1DU9nQ<VUf|$59mNBD(g_taQgvt|2;Ul
z+C-~W*!Jc)JGz|D2nB#v7=xtb?tE)|T2SI`^gA=ZYu$9(Qz9pvuOgt<SZ&u;X)ut+
z@btBxKmrn=mx@iKvPBm*<~kSJ!<Ty#DS8<gI-+=(1Sh0|9(Kg@g+HNHX0TqSpPl`t
zT5cV*9I<@=khWUQRoy)@we~D|QMqz#O7h}7&?xA`J^t<G>tS0?W)JrDUYl(mg%x%k
zElU2S*lsLYvA%k*mx=7suBvKRSmn;je!je%KQVo*@O(+@id}bPUbWFJ3(cg}n45y1
zb~`WH%!BgpBNEz7?ByiW;zSqRaqlb1yYAQd`T0)|H(O)u?>(DSRn~TumVV^sfjT!+
z-|R=o67xgQS5wD8AdvTh7a`$aoWQ@71FI0K=)HRZgnK$&9rO7m=ELl<+y{2BQt~wJ
zNXGLfeofT&*_d71SvsvbS=;i@QY?SgsGXje$^YV)vwW6vr^cE*B82_!5SXxm+`Bex
zPCt9bfQs7_7}i<T{a0areqCFe4`Wx?$S7u#sb?1`xQVD$vsP*A$)A^(XRt|VH(hpo
zvE)k!Ab-%e6eGP?=U8{$p?*`Lhqg$kEQV&cVXWaHB!KWblokC($g$`R_R#=EcuGU#
zm#-TGZr$^B?xM2U(kE6^H;H+D1x3U13|bjouz7;P*yvqcXADH1R-4m%%Hx3-miPb&
z%2KPshk-gc1Zg{n-172@B`o~_B}Sa9o;;FczCEomp2~J<M``^Snlr9Q2D-Y9hn;v4
zP*$&h?IbB?LSq(6&EVAXSIl(frqjWqi(-u(pXsz%mP7Ia=(b-PpL23@l2#Wye-Gj&
z-~@G3G%Wi&NXLNNS#R1)9&q`|I+&%~IT)Ek_P}6tohV^)HD-4j7uIM2j&-X{v!#Va
zL(7|k`&0e>Aq@=z60w}#iQ0$|2#I~se%)=nzkVx#&c)7&Z)7p<N^P+-Iz*&{0t}WG
z1_i%U;qkcCv1gyXQg{F9&`Fhj7RPO0*CJKVhb<!}#tg2v+E<^P(~EcRmo{&i=L|U;
zpS<rZx^FhoL(~0zBO<=}0_uhA>|Q_wFeE?}1HlN+AWID&6DMf4y3*++7?WB$C*c7;
zUbGP++Wd9D+*BbOk1I9E=*gD4hT^e#TQOcvePKvOkpY{{#~<=hXW3JveADqS&-Odt
zk8sH3ZU<9>E`P0g*mI|7Bnj$Fwx#(=#vz8CjL7!yocbL8a>kFSF=muL>@py<q#tOw
zm0+FNY>vbwx6A+Btx~F);^js70<chrOI^g?-#_59!dXCEWrd%A5jq})P>0i!H#H4p
zD5+KPsjxC3z4piUPysYtfSr?!gR)a>fCHg^-#0_C*mG)@jEdBe_@|DxFt9r#MFg2K
z9E0N;RStq6$jdy&3)Y7q28CcA!9EUM6h090dFSMy!xKBBgaecA)-RwBfyZWtAD__S
zIueaCy@Hwu!C$1LvQ?5^-HV+eEx%tP8;qv#aHgwrRA2ofhU#PbYzmLJ<NPuM#472k
z*&a=YiE(k@<)o2}Nv+UdwPt6%H6~cq+0h|pJkGLqIsYr6o<^NM5CDz_>r9M{2tTCn
zzkfe&zFF-gJZLxM+x=$6n~xSBe?5}R@fK7CRI6-bAw=q%sW4j~uR=yaaXjEWc=_@r
z?m`%{2DnCnF90=<T9s_L;yFGer_09-xe16|{SnaNSl;$5j=klPGCZOCTjBRA8Yq+;
zSvanp)3yiK5c2Wyk&9tBe@hR+VRMP$OkY`Bsz2W0%Pb*c|H;>QsNr&=RHb%%=W6D|
z$5rFWSM;Ti2I#Ux7^}BtwU>)z4lev|^}J{gHey+?eXCGpwpGnG?4bGqb%`*e4P&^!
z8dW8wAznQs(5+JzyPWNSb%`i5xDaV=N>-K<ii~s2Z)tVwidDA%l0CTi;VQ=zz8A?)
zsUk<Y!D!yb+0B_<F2YCh{6aVRkH&v~-S}<+EIj+0gKkjwG+uXA(OsQX^7{0N&VKjU
zd*~7t%R6^kBNmLtiVYh#c?j1hE8@dwqYO!-_ZC~-K(S<MiuW7sT$Uv$e3*OWB2zF1
z4x5^Lpc6I1dTuzJQZ&T+T(=z|glS>1yQOTfY+UK=WNAYQ865b?bn{+N%4glKkvtJM
z)_~iQ!K^M9*Ldx;I{kGRo$LEYtl8Rnw&x%M`vOei8mAEg{}z^%nFrX!jBVpf50?6p
zEpp{q8m(GXK(0H*zMot<1QSlZ%yRDuATRYG9$!_N<SYX3r@ewEx`w5%-@XaNNT=_V
zlL10{jm<2{z;WZ$Cgp-5ByO^z?|b#(L2hP+g6>r<|0>JmwXPVR=1heIT&x9M!E?hr
ztwCJn;*A$tS|pImezUTf37k%SfQQ$95Y2Y&*`_Q$C~+Ka_IH?qdOZ=aa8=b*`&d%4
zvsvyF@%D`z9(x}S=a`4&6BEbtX0j*F5pkQ4&QWB<9f^yHAs8$5o@k5UE?0RQ^?aV)
z{ecqm9M%h*TvB%SWj=GPS56mgRZ3xoYqX^mx7C~Ls@USu8mjH9u(H2Aam@^lxvM#-
zJGhZuxoDAAk)gWNLY1LZ3st8_;ga=o#si18?vKX8lO+aw9qE@l^Nr0#NsdPEq}<w8
z!@*W~YP#d<b93pp?l+^w?JSS)xzYKZ3lv|q^Np$|!=*B;m^x_fui_Qnt=`$#8MgjN
z*7;q~a!|QepXk-hXa-Kbx&E6gb&aASx?hrm2@AIdaqkfFKEOGe-i$|BNC>3Z>)XnQ
zcf~4JzsF2S$Q>N_!J_ub&PD^OVv6hZ6gX@YIBdiV2)s5@TgrCgfJ(zuTOps`+k{v4
z0Cj(TQEro0EFYT4VY&Ml%2BJN(Iq8xo>v^#KSrzQc8G<D78aU~eg=Ng+!oQV<t?EU
z?6u*Ynx1TZa}QJ^LElC3-of5??Zq3a6}HITPf=Jz$b53^5zYdGC469<ngE#_Xc{YN
zyF%XtOiU2XJaFsQZuuGHhs}Ef+1WWPSJfZVjcjFR6j>ta``FxmzrSj_;BrM753}(7
zw6(VW3m#@5*n;S|Fn$<$gHW9ZwsFA{?RVMMN4UDi{fv6@4d(COy=*=-McCAFmUE6^
z(zH|~qm<dV`&#n(cSfMR_L8lvuswhY1N>NPA69U0Sb$)fa){P>ttC(U+2gyQEbbF3
z_kJb6CGFYiKAzWfYy}tvJ)3jGnq`uD_E^>~w`t5~je(7=xv%eY_PDLZ#wi*NO)#C9
z<Hae9n`Zzilz9en<YeZ?-BQ;7!2)pbC%k>zB^OEqs<zL>qf1h@KEAYG9r^S<{AEW3
zizk&?Xu5JEZR0T!<ou111^U+pL4aPr>!O{<)fE*L6}+c-I(Je-VYPthF1)t>bx(qt
z%Hz8?@z~63;mP~n{LznFr>B0n41Pqemp7T1m@?$D>%jgO9CSIJdZ5+z^^tV$AQzfU
z#X$8sACmW&7@xhZnkC?3L=PRCm}F5Zen)~vz)KAcA_6r6*fSK}kYz*J%p5bD%CCN3
z%d@mx9nOJ#lO4z<i^u&LU|b*;!>pu6IU{HA47LO^$ES(1K8{R5C#k3>Zl(kw;p}3*
zr8f);qz)nrj<<9|O^5};j8&vr-0XU5ETB8Q=y476_nDgo8}_3|#L|&5eqz@vrz*Co
zXJeCpQ4G7UH~l>SVRXxw*J@e*iA#Fq<w%`&?NODn1fgeoHSc{%$Mf=ddgRhn>JC1X
z4N*hM)9Ydx$f;YIdIVU7U#8d6^>}J9AH_PHyT4DXrh5Fd#MfwJo<Ke0hNYnj_8fX_
zY)GK-%njEfcgw4^Q&VX%8yECx@o9`Qm`XuG*XxK<(<j|-Zz$CGng>EN3<TA+4<}Am
zO~HjKOTGG=21u{e<%WP-23M7X_0zw8^FlBx+A9RUCuPp#(X`{XKR3H;ewLIZzB<`m
zZP;2Sa_M`fPzo{ytR`cqzdlt}u(ZvMjws61SK+>_tySjR&s9!ljAqNyU)^HDX8wTP
zL{2W7p%_;)oEw_7rLa0tvvdd5Nm%o@=$PGVu-4TH6GdKe@hb&|@FME)z3~CVbNWO5
zS&T=|mR9RL4vYs1sx)rhv^<P4@{f#jK22RVo?4HDtkVlDUh-TfjR1bo{Po>a1_qV{
zj|#5oK-?U4KCCzWP~qkK1!ZiIA+Cc-VShmN7#cKTv`Su?9mklFEy*T08KrU(dAF9k
zCLIwTwT(VcdL1T$660jE-l{)cx%W2P2QMXs9K;jE9@WfdGTH3rp0nEH`i7;2of;1%
zJru`fo83agyJLUg1C^1vjk)%I{fuGh*owm*c6A{k&kEiWq-UyW57vgW^-eoRK>-n8
zMg{{qn9U=-iG2jadrRG5u9ntR>>WamtZ8Ui8+vc458qWe)PkyOdTp4|y!MqxAg=hU
zS0u@zp*k01a`UdK`LEB4vxzCa7c%7w%r2(q+jQF_wuE|86}qjPrz@2(Hc!q9F1P#v
zw)M6#n-RvMc3?Wy*x&MULg}2@jQgq3)r(>iy+Wg2)!1Vm%hks<Vi8Hbm!_y7^rO4;
z+1@aKFB_q=p6-3e_)4{Vwa8UVPftXSjqSC+SlPVWak+uUgO@twf*d8d!b${R9?b4>
zy39Wi7H)N26&4m&Huv`SUd`Q_+Fc6G%=(g1xu-FlP#-O@zjxb0ElH#$*YM_Kze2Ad
zgqv?lW}{aPC#RA$Y1i`?#1BeK1;|i{;^yBq^glkU<ihXzdHlz%$}~f*<{`m&Nupi%
zrV@b<;(ktlJm#zB)Ei8$zxg3Bj#~)6=2G518_+14oD%U1y!m@|u#irj2H_w5DybDp
z$=WEWhe%warFhq+L@Zj-Vq^GRDq%-EW$VrsG@1PHlDL6weL3NR$ea{$(4ae{JJgWy
ziC0r2(>;|lrarrsJ|t(R`j~tm7_1Eu!SX-f1mr^+ashS3+}r=DcTkoMktb5?uoeE6
zTVF$6qf3<<1BLB>-u&gbZ$-xj>0iGFJvrFbT^|%G+LQ0<x%|&A^MgqdXZ|N7cmG7j
zrJZ9QM(n&mU#R)E^*K%-!an!!6KDv3@u=qSU%YZZ`&&wI<7R)4)lQUr-XAmB^Vv4Q
ze`HjXlC_D0iT%~TPuVN$sWHMA9<i5dT=?fn(Yb{SEgyF#|HFTF{N?yZi=W27H~H7$
z1j-d7b!={|Xh$<-3OV=w8KQr0@#m!8gtL<6bAH}8ROilodVKzWzC*+4mF-+s0Euaq
zxaO<Qtbp0QKLhyRV+up4wi{8OP25v*9<K6wv`qkWx~Mke!`1YP?!QOx-)HBQD@kaj
zIHYQWp(LsI&nNrOXf`NF{4+@Zb&Q?R|Kq5yoEH9%Q+}YqQI&=M;`YwMy$}2Ux?BFU
z`!B~C%PY?q?JC6xz)xN-KcBgM^}&Dr`_C{_CA<rY<c#~~@W-_0-`5Y`=9L@s?~DDP
zv7Du*@cv)J|K+&NnZfvcb#0};(2yxBE4x=}`2mo@09XJG<o4B`|8Z29o4$vQq%OW(
z98yI_EdHjSK6P^}+SB-w{O5lB*Qq2eDwTd-(MQ|f?te<Z+D^@Eq8lTy_d}$qv@wWF
zMOxl-Z`7F~5TIXfVWt5}54`{T6Ceh4mOsv&I<0W*o7^yJbxRW6i?@ZJ;bmHW(--|2
zpDgsHg7#pcTB=l*gEh8aQ(c5m56F<SYR-Ni`gkKICdOdkCj)sC`Fv+cIH%33)b|&)
zG+v7Tb+P_j>Ybtef?Jh7C!E3QFMB!9U54m0>yOtTFH9KetXAp)2JJN}5ip3$_*Ra+
zwk`C!;$A97WPx~zG6COvucV}TzJsJB((Dq*@ehXW%)=H_l(4J*-_KFae7GlmC*YD%
z|I|oZJGf<%7%rNgfg(tbaN@GLze>2w*f^Bea-u;}$W<5L`w)3)AZulJH4pNOO2sD3
zY18z`PyhGOHV=Q>zga!<egH?9t^j2~zVAeBW@d(zlw8a3U62u;!tgG@rjV1RBNr_X
z4h{_8))04f>C%IdArNEUPwZg>d`QxYNGbi5y9ktBF!5AWw18i0ee%c?oj?F5{?KZh
zft8ijdVM4k*tx%L)}Fw238KSh=VfNJm)DLMO=A3@4Al_P%V)8=FU%e2sAt3epF8dE
zS32oplIK&E_OZBw#wjC&czDeoXltN7M~(#4QtP!b<UNy7=|VU?2?eNwA|Sxe-hPec
zD#3UHex9$~4JI?tj)=H_AFTCARxm{-+3$tH0tyYj`&Qjo&leG1sUu(XyW_1+b{kRg
zKwXm);?k5W27eIh+~40XbsmSNZ!V*WpJYO6YV$sy-tJnG_i8hhM0!K}xG#ldypEyC
zpA#jqs`9(@ZZI|*-_`Qd*OC32fD&f<RQVi{eX5Bk#)<gx#Q*)A3tI7>=5e$Q`F4ZF
z*nr&iKK@85h^yQ<J}a<kCkI8d#NN#&|F!cn7q#-Hf!^NaLMt4AOM4BQ(jgJ@IJAJV
zqt{gfP6496L{9F~mzNIVGVa<>5a)dSqukL(K1<P~B(TJxA~*Lw@PlzUtKlx-cG-{k
zszAJI3VLE~Jq%OfVS5I8dSO~BT3XjZX8cU`-5tc;>_ykp9`S%P23z98d1`Jm1};`p
zfT!n<(<Pm&Tr^qhf9C%AbjyAN-LEn$eQ8n`^NI4HACsnA;|<N3dU4eUTQyfHTr*J-
z5icsGz13cF0h;p1)TK*bNofd%KOSq-*jN-6SX<l0qqw-ZAeAa)N+i5;2b+#t;&^N`
zD|?`D=MtMD9>w5N*S#8HZEYRFeyL!)G1?eP9S&u>WWn|@c6Rnhho>z1T`{u_tr$r2
zozdYhkr9kyEl_QI(G@dv&b=uFAj|;<xeVDz&p<*WQfIk5V{&Ix6BEPU%KwkCw~UMO
zTmOYIQ9)2ZLdu|}yFn!dL;-0Tx*O?I5s?;<E|n4yke2Rl>F&;<bLL$0+k5}dKIb_v
zo_XU(9fo`Ed#!cVH)umb@EV#L?2p^-9BfQwRfUSU@6E!<etB)>WuB4|?%vHm_6r0;
zPS)685mP8I#K6Vk<KrV{(~)^2&z&L_V!SgiyJ~1#YJca)>nvVXRe|0C1ut#*e`qq?
zuXI1u>%dPLm{ZMG3f3%IV>kQzL8W`HEwVjRC6m)SasmWM7WUU(98eE87g?y;IkHGE
zJ)gS3u6HJZ1%5D{Dbo0{oUV7vownv@8*$78v7z0h{Kxh-0C;48bN#!prR)6k!rA$u
z+k+HNXAYZxPN6WbtWC>vMcFCm$^aY#-zj1*rU|j9CxrjAqgu>0!jE{k+2!*(!N2td
zx7-bKQqr#}DWyI6-@et-2fHqBKh`WZl?3uFQrHfc+NM*&9OZGm(x1l_&u0ZU2MdHi
zmO=Nrz_=SKcv7tL_fE?zD_j;`%+NjU?HfvQ%o-$OQBp~aas2IE)6?=<OQ(dLn>!VO
zz5va-0O%opo~R4&nsU6)EUcaQmY0(=T_L{Ma{SM`ni}z7IGds62AJk0pTo|Uo=@-2
zu?cL&-j?nzhIa~+Ta6Vqw+w&kjOY6~Hjt|Z4uSY|ib)c+7q5^CyD*ekPt|n~MLT-u
zq_`haRp8w;Dru$yM*+}mC~4w%y0T$9mQI;9_-lGIvHXiOi*!npf_k|Vk7BY&WAC>Y
zaa4ha-6@%|WH1o4o38QFxm;B<P((o~^adKMB5*r8vOcTfQVD-xRHolO*|*3pDC~2?
z17(J15)%B7C_hCYl4t5aDp$JQgeMxEKKxILBrzy(a5jazu{9rvbN1oCLMamccxg_7
zGYb4Yvo(vJ=T(-u2NR9`e3g~-06F%<jxb*<y_#YyQ<+|)%;UPC;0<WxHxE;LeK!r$
zUp)s7#axS+U+IEl1b{VxUHmRI6dx2ARZBS7IrZn7sv+P$1bBq}8*Wk2$uCSBzpRzZ
z3c0}jn~s$?YIT#xW#{O2Qga9a6>(F&G`@iAEI+H!Yaad6rS1DLig~Xj_oQ!lIA(kM
zH~wVFDv$Z+YiE@+Y|ym`NX}&gWK^oYZ@_$4WI{!y-5gy;cftb>j(2ZQFJR!&Y&Kq4
z`ug8x<z*x?gXoz!pRD~_eSZaqfM}0E41s{H$nT95{wO6yLq`kbhtnDCY09nS=I!6?
zAOrahjyABbIa*4t7k_}~bU;H(8@5eHMnz4XY;Lw$nB=qlNru;EL;{-EGc$TF?(Pw6
z2o!fS3=v^@=RY?c_d}3msL714;ch7YPk4Ut$Ovp>L@Q7AOiZHn-N76F1;g}uwTbK}
z#jlncBtOg56nncy+u~}Ue&n<ooqv;Sx3;tv2;UPhRT;8#=>W2fmJB2zxHTP`m?#29
z6(G2Ab@f0{u<Y*IgwzK=LaN(2y-Sf<YM3Z9R%}HJ_aZ#)S%Jk69tN0c_lCLQOKV^M
z#+@5i*mNp-mghzaOfs7&2nl^kU5oK2bKhTCzjkeVh@TpDcqS_&^Huz@P?Ct+J{n~?
z3loW;;2_cA!}87XN;%l`c5fIOM9}4+@*N)Yxu(6QhWqfsXm^UQFKr}~>UZcY8MYgT
zgoIET8&g+JZ9Ur+km(V|h7lEM+8o9I+>n1C1xVVqy@uQ;-((ySK!RXERMknJ_Pm4^
z;9vUYZ9ter<*GM9P@Z0$eJ1`^?8X(y0)lZ!SW~mu*mAWBEygZLV@vDL>2q*$&x2qB
z76TE8livYw+IDN6sOt_X91GOesaQ%0AvE`{`_4XGTDcV3e3~TcSqJB$>Ew4>Xw3s8
zE6=h~>HGH-m4{xIzf}I8D7S;!sYoJJy@1RR|7`rAVajzKHpk%!(SX0jD_Rz3=uW>b
z$!5x?_41VCJpz6viWFuIZE+}<O420`>i(!l)9^3ep-<Ae$0^E`^^`zkxiun#+k7zG
z$x3r~H`JhiEO+XU>=0F@Mu9yUG;=+Qkv{L=oAsuP%z2%?11~PGV!MVR`uTxJm=Ye8
z2qDCR!pM8b9h6#nAE&&wmAS@c(z(#T!qq@eGrg)5#W59{s{3xf?G=DhURez0fx9_K
zgE7u8izn-dKws%~O0LC_&2L+z65y^l*tt`ce0OjuIX`O`7q3upJ(>j$i*9TFo%MrZ
zx#g@E6qJ;t!oS5{W&JTL9NWl?uI9CzovD{r*H}n>>2tETIYRlg{!4qvb>#hWkps*)
zRz8_G_GCXC?UxIn1Q>qV?a!8~gubpkPy_}^O-MGm^16`iHoJj0$~SS0cShF+t)Wly
z<VOO(YXAnKzj$-4HJ(pV)h~kX!i7V)50y>Dug7=|Y;2+#=em<hz!<hG-&3v)jd+qO
z`QP9Q(}LT=9-;{Csc?C=eUJ6wF!XpcaxRI{IM?e_P7bRt1<z12bc63frkbY2^K`Fw
zPWlV;OQwlDhRA0X71lF=u?VMqX5YRRRYrkKkq%{0O1*Y+a<Z~{m>o#M7S4w73J?-7
zvm62-0BC)Sga84ctgO{r7ViLWd36;DqgX|%Q_m|K>kw2yxt<J|(*9}f#Jkfd&wUi^
zBP@9Z`Tnu|N`K^2rt()H&Q`uYw)9v=Mke6=x{dM5>S`)#Ely)e+@t)<b=#Rt*4o}1
z6+WEjh$WH*gQW-28U%PF5iK^T6_RDlK1$Y?AE~m;s{WL$eU-g^gC6SIn%)X=RX^G)
zEQr@Ll7f#wpXUdM0cf)<Nsp0{k-u!rCIA5>l&KbS1HiZ|z2(#Z8|2(<rj9vk@BZ-d
zBXD-afCDnHK|nx2%4tahkc8d7P=grWV>RHGE%({no4I{^)u~$HIPqpYZ(o+QvoVSz
z_~P*{m*u=^*Ll2$-syxpYHvmCn!~Q8d_1TBmNed6Q>PX#Ifv$Xk`N3VB+sx4mb#Vz
z=DO0GjpJafkfGlD9hVX*!e=w7R5Frhfj>u&k^&8?SRo6+M4@7n^C|LJE^oc7!uGRT
zMKB=<5C40Ja@wl8#BDbIVy%iW<9TLPlJI%50pSym7!bs<wvOcB;ptp`@wWrCB?P$8
zx?LS&%R?DzANO3BHboL%KeC4=Q)n@Z(w|%4^WF`-k`meU5u-}^WN*jaK?R7hL4kpf
zp!yK@Mp1zL#NJ+^U-;+GE$62w!|o&>3IY4+t*!3NzKp*-#z_6=03C<`H8VRncfKHz
zUsyNfVZJ$1?1_T~s2z6Go?Bq#U01z?mQ++EA&Is>+wGoF8H)5=Yb$CmG#~l+XPEzB
zb1G$W)Afw>4jiBEB~<HU)uA!VrU}o!Oixz23%eh1E99LXxj7(buar4%)V@1+FJ0OS
z^(__HC+D6W>7%zCFMJ0|;x9AxX$2kEJHj5Kb&aEfi>=1&j(3dUV#0GA_U{MK00oHF
zyXx#im6w8&(gWc3uk!i7>qdN4X;RLxe%+NI@YIf;zAeh}*t8l0{uvtsb%8+GHJbzD
zJmJmY;Xy;wpj`Y52g<tpOiTeW!=%BYoNE-HY@(}J*SAPp&tFh#63ZcCkI{V8LL?5W
znJCfo_l^uDJ8Q0bEKvQfEgG*q3H@%RK35RjsN?;TT}y{pC9%ckj#SS|%coy>iiUYW
z?-{T_&o^^ST}nN@bfySEuQqCBdXqNw*)_YP?c3mr*5VbKINzFG#(-)6_gf8rs7F)$
z1KvzHJrvd{sT?UovH_SJSA2xi=*Q3xM$m@I0Bk2v%MvE2++%mfB;vT0Xk&k>W(Jky
zvW+>df3>H5^{VJ~`Jt|LQt(P&`VTR04lW*pmhCWr_Fze4`*DZH-a-2L`sNv}IYIUO
zBm-|_s?cGsYoh$uYcxqgIvTGgDtqjQS_ZEV_5t=+n0Ua#xd_}dG9fpWCb5{=cw1O^
zAyh)o6GwU8g^Kx&9~{(*-Fpj`jTyrv)YRQ8TuUHIumrOBd&`3h1r5v}UN8c)r!T|v
zb#5aNVlayMSYU4+E9w;?b#tJ*^@&Hoe-ScfI&YGroBDQ1A%&!6WV}vJu61&-0_t7@
z+@q3`l6fA-N>rk5*TgrqORsy~d7`g>0zj*svetYfxy+XZbRuqhPrki{@)0;N`i@HM
z(_UC$xRWm1m;R@G=-xU!z)G8xjNHTChTPmxwvXVlPEIzn79mU`0ve;oyNf;FCFMTi
zQb}2AGap_$L+<X%sh!31+RTH3lFBcY*rwokg4<-RP%QC#9KG1#$64(CY4qqLKJ{Zu
zdFCaygr%MtpOw2y22{cx;w~-#o5pQwk$Lri5xxjQ41v-vi2{K#r}gpYKA@fCXa{2(
z9Lte1|L2s|r@Gb6!r)Fp&jvNn1JDi!<ZU>M){gwlk7b4fm-TPYH_G~dX#`fIG($sk
zOQfh{9q}5LcDIY(%hKNzIF||CR=)!0A*lvqh?H*xVc;NF!R`1qL-eBLoW|6HyKhrz
z)ZeteeWkYVN|gT8x`0M7I$-X!&2G7p>#^gg+0*ny4qcgJ{-0yC?8ra&z3vMV70S%p
zC(B?RoUHVkW#l!f6HC49ckIEXVL_5;SvK|AUXiW})IX@cO5y$0FWZb@N-ZQ!ZUrBm
z+)Kx=S({6bJF=D`?UHbjeoewF>$Z>k<5!khIjdZ=zi-zwHQ4QZqYAAj3UUrL8Zo+b
z@!_3c=EMs7d{%t~-kRN*96#*N&qY>gLk}XZ+*}$C#@qkmk+d%7d$RX((J_e%W<4d+
z_z~n_2KQ1SISJ@;ZJGN|PitzTnbj*k>@Kkp5L1QtR8oS~#8*&4UgdQp=e^Iqopxek
zG8C}7m5UI~MOCRze7sz(+_}6&-Q1I-U=fTIbX<9!qg~vQg!F4VxL*By5p+k^M@khc
zH-LH9f%p?MR#J%(7YFa^uZp=;`Ien(Z8hS_koROoq+<cZGbTQsaA!5rZLDaG4>o}s
zy}||XNdH}wH!~Vc{${-=<kKgayF5P>eeD<etzbZP;N)}}n;wmKu+|qiDdKLb{RVyD
z>8YZ!gKjPif_>^fad7{6X6l*H22_X}{O+vBHa5sQSJJztQE#Bgdmu>n5gJ^_@wbyx
z;a)`LY9=l=<N}`p+-g}R$sECnGWQlJ|KX=da~ce40~5r+%nYe9OFZiksLZ5M<i>J}
zPcbX0dk?^=g#f_=Ecn;mbo;r)@<Y?Us))h4tXGZ(GZg}>$u{E^jX+I-86*zS$ySH5
z>H&Sh?ru}O2?5zZARrx7OFH7X@NK9Od;9wW(|I^@a)I2@&z{Sj;ZupGYP1&vs_7FP
zSx8~8i!kht<1y>_df}Y=r{c*(Y5SRPAap2*%LE1g{Q06cJpGu6`G>|k)6izo!CzY4
zDb1m+Miz45;c=X!?6;TTh80(29w-;f36h8fZewL)X#InVE2~3kpp?2e)T%siihWa|
z>RvI-i*c8Su-~$b6$4k{&3;vafW7T{@+HmYbM-TLukm1l>shH2t#Z1;5)jMmM@HGd
zA`pOi%;=3?LK6OhWX~OS!LXz-6+nPj@s{OyxeDGS<KLIaXO=yqqodoIH``(EsHq{r
zsHnlgU|Lx2wh<t>g0sDTT%btR_kUoBDt8Tcb0RXH+wSyV&pw5cjZ{o8VbJq_?i2M&
z<H$iznBnTp|Cpf;x~{^;pqL<B>mM=N3|f<T`i*T1nVUnz^%ci)hmOYqY1BcvP#|8u
zd{h8^zkOZ{3kxZ4^d;XwqM5}`av&#$>@M*P@yBvA9`E2;Epae$zFz<hqbj?(xTfxm
z=ZW*+19*4Li|R0?she5|d$eh?r2FB(!Gm3ihQ|>K>ErmXUW_x{wuqo%6&^_Idv4%V
z6!`sPB2%8JO{|Qz{to&6Z_;Z4s^{9wCOcQ|M<|kU&Lyk{@RLW-P*th2?-$<he)uLv
z3*k`AU-Qk~jk(HDye|IGdW+6a;iigF;03A=O#N1(w5XC%Yp$zA%WLA|Ki=132Qla+
zzLnc7MD!CxV+HfZOjD-%_>0c7Kc8K7pp3KT)N^+4<cQYctx>0bVxZgd_@O;1?QMb-
z-8ROjKS_d~Ih>gZU}!E9s;$<hU2DU(1QFrMicjb20RLb9t(3;A+Kxqwdv2w`<d?=F
zeTsB&&&jv*n)~%HmY3O2PH)GUv^PQDk4(Ug8K@U9A2h*IW!Ct>DVn6=ut-2bQP<xZ
zQ5eFfch(J}^8^s#Ld8NAdD2(7j0uT}({-BYpJ&ehSh5Qy(**^vw5_+bFkWx#Agi9+
z*r@-z@CbOl|4>^1asDFLnljkRdFvQ{Pzv;M2gaW0RM!1{AaH;00sH5dDc<ulDbn*@
zi8ycTd?{jiC3g>BWUAQj4zk?kkx8<O0kvcC{p0sanGFzcU2%wKw9ANS<!IPgBBL;r
zG_`L(KkSTw3-4?UuO}U#W3t2&uv@}Jgub4PGYSfRv>3`Qa9!gC$iX971hN%_VuYIj
zkX6HgqKqj_=&pV0M<(F$WAMCLF{!RA=bl15xAEe-E3}w+2f}+sCJxd6!2&$-Siux;
zs7rpNq7sqgd%NZJ?;C%1ySVQ!UlpGeF4ZWt%xki9Kcv(hqQYMtQqU1P1*+BFCf_Z!
z==_e@V{A5`_rQr44W$y(>plCDJTwKIu>1AWGXUC+eDrF5e{DXH;g{8~Sfn4*$jXwl
z-<_;M5BoElbAD@Kpm7?F&dUOe&lifpFnVWez?omK$?AE5;hZWX_2rYe-~DJ|P|enm
zo4VjLQstN;=vwJKb-^o^-@l7eX!~hV7>0I7R<L-BIycpQD9HP@TKOP)xO{7y;U{az
z+?0Y0{&iZSw31tzPqrw-9$aH!s0?_kVx})GIh}SmdHHcF)4hPboW04^Yk#lHzNPt$
zLUFXxSrAX?%JfbxxgN-JIxI~Vq_pBWEGB8igM$4|Gqv~j=Jeswvd<yIhKcrnnRqx9
zBbyb#rt+`3cX1On1wq~PH|lMvtRb_hVxFuauWoE=?|>3#J%`9JgqKJScmSC7o!oRg
zT&*3j@Mbp{q_CbWYn;Ds5OJ>EQmwYc`Fq=O?X*hpMxt7VrLfuKpEO?Cz#*{zZdHx;
z;<@u6ECboLdWDX#i<MQ_^(+RLjA9$f_#8vcrIG0gq!~!EAp5i5^1(UE^uYOMZP#U+
zY-hd3SX^fQMVXDWrr^;_Hoh^T*YW&L5al!IVTp;em$+HPS8Eb)5h~-~m7OwTq3UZ8
z3P<FO_1VTg3JekI$@1WrEYPG=XS+Pyn<_(-EhnK4UgoRwp|itdO()8}8D$Q9+{n(0
zT63X&y?pPxE&Og%UAY-mYBwK6`KX)!#epw-eD_Gl(~yMyl9V?grh_GTwS8oZRCc;O
z#wMa;3lbY=-xiDEV|ym~-osTXaoG?B#)+g)t2nb_kJ2)FX?1}dx6HHlji`vyBIz(O
z16HiAVwAwkcxr@3O`Stlj7!~#0`>8s!<#p$av6B?NrFB=bp{g)DG3P(2h@;!%ZIFw
zT==1qcM-%D7cvyY;t8w4==oAjXJ@c<?R~)2w5+-mnX6#mV_shwa=uAk(edYc#7I8I
z#lrMz4cIPRyMBFUfG#&?EI65;EcyFn5H;7`h*pX0y953~LGxLSh`t;v3kph#B;+p{
z&D(eGG=iW6gHDIv-GQvQ5@~74r<VCU+hHlVu3MLw)P8;{C?E_AQ$%<fcU4@$6uDh(
z>)#sXqB!+-RIqeBkXNcu=I<n*>}fQ~`yb6QRmaNHSx;1TPJjEy6=;o5GvA}}r-bL8
zyYsE`L((<UL9hU-0#1gba9H)+>(pzGYyFr{2Kdh|o5|Vc82V9YvM@)q*?9p}6)&=+
zZgQ5DEB`dS4)n|HhTK%Gn~0q5HI_K|QFbiQ8C;lMXg~Xnq<5I@9~g)P<Y;WD02C19
z-lGi`orpBEh^EC2U>VW57hB55^5gjpTaf4e(pc&9z6at1-}SGw2jCxW9&_0o;09LB
z{Q(iS9l8A=<ZEq$4aH|?cA8a#bzp7*#v2$R<iv7kco-Rq$uqS+ez;_NIRber%Kh;G
z53)Nyar6iv26>zJt$pczKur3G$7?*Pnxhi-`?u|4msX2KXM8O6Re9E=q$C$QmuqXj
z2?E(V)r+l(@xrAJmuwe1G_w4sQk&2-r%xFXUFui!l^O&3e`zIyLyZ=V7nez!p-#Xz
z^T;;Ct}p&uLpJv~Id?MUe4dRC^<%3RU64Mlwjrk%zM<)LX|4O*b4*O@4dCpT=C{0g
zR&aC=4;7S}poRc|7hRTGu3_is00!p{!-)(h_3)a}B8yKU0kh|aqPj;J$-9%E4_hLH
z_%PO63=9lK^$~A=>CMP&-t=ntws}A1?c3%T9qlnjZfLvNd42hyuoz*_?vN+3DH{FE
zM5n{m#^pJqyEFthOhVHAOYFG5*>5s1Rgg-)!L=++IQsrgzRNVK*rg*&@}ZeF&EM}8
z$lXuX##J)%bhd3+JUgTY6F3T^$#eT8L5DM|x9VF&o>!DK`YSsJEA~AsS@)O!Jm%#1
zsg~9UiLWf}ZtKilg&)W%qI?G36*Jj6kD^Z5sSLZ{4qpQm+lc~X{yre2)3NELfN@Wi
zW<GbX7dAHb*_nsN>4e~D;g&>V^j)P&Rgs)?yTs2uFCK}Y9LOdnTr+hjy^c7%T;r(u
ztkN|H+6>zluhg8s#Yh#%rF^`JF+l*BIwaemqA8*K;?__u!kaZuw(YKv9>G#q@=`n7
zN3F!jll}aKiauwoiE>B1`A^*)v~k&(9f~0$`sh9F#OI*tpO2LCI3Mt+BDL<20C^>7
z4f#hW%C^NYlA+%{^)v0uAp|Xh*{mxLENu$(+=e~n%n5w)C{K3>u!(94D$$uxXdtGG
z06t|obYwJ~wnh%4{ikk{d#74&X#OcJr5go5cpEUTi1_&`$mk+e>>X9-)#~SzM6&qL
zPLJ&m#s$ipwp!bR<1ja2FdO}@IW${s)D_q^U%zcBe--xvSi5DO&Ecdcx63iD1BRQj
zZ|>se_S?OCQo{3?h{c>|<+Ng!Elzjj;#*L?wmm(d-0g1k2$-FjsYN$E*F8+CgyTX9
zK54Nd;iF>jcPxxhGkCrspQU^x_T+I*yA5)P6e3=;)RoCgESbn=+WuPglHo@ds&If<
zO{xOz?LC#SF3<!LgdGC_)eO0EcZXR-<etKk(wz0q_mm#m$Ki+7346ZW07sp!JKoiv
z&TZ$ATXo&uz7QDg5jm>YQr*v&K@nqL6SjM}!5khnh!WX9W~JxV>3Ew#_{;P-M!pMq
zy4l?Iq;tjERW~Q7sr!N|L9DAt%5lc4>Tm+@Cw7XWv_+Qo+TUHK9NiCImw0$EUA=Z)
zQPaEoZZ(|r<_?7gK-cgI-k6_iHRPO`pO;t)*@)$^zynn9?_mJi)_*>nTsqm0-`kjo
zcp!OWZhl!}3$-Ph);y2Y+%<j!{u^2)HghX8wV)<VcHC&Pcy4Er5JD*ymZwUfR$@Jo
z4hA9JJW{SzRT@?A0awoDS~o0#X4zQZ_~W*J7r}BIC%~04v!r!{J*PK&;+BZ(4iUA-
z86&K`Z?Xn!T-OSWJD&~y(qMd*PXo=%Z^}cP>tiKT+Eu)n2I(qib_)q&=a!eZZc>>h
zfdOlfWabh-5PE45lNDcBlrb(S#vO4_yEkpjSYEl((M5zA{(O}pSg_cY;x@pfIwo=h
z&$zkkwftSNrd1Sp|3ut>dNsh!9m5p#kc*^&wgS-EmD21RmyU@gk^)P2NdRy5;OgF*
z!U$(t>vB>UU}GJ&Kkv6{Cwro30ovXX!+V`R<H+wVbl&QqEr)E2<LTu9+1Q6YZ68u_
z@zBEAVf{yhoFlQH0s^YvMe$guMlmNeub1w+qU#l12#BQ`Z!E0rA837HGGg|*#b?*n
z-roK_*D_BmW8eQ3n%fKX;q<@Hb!!YTMaBwPapDlOq_=B{fJ|??SEb<Idhf()JtExe
zmk{>zWRz$5JTc#HiBm1w3Cu~<XVoN7@m^JiilNjAt?RfctD@gtESmDZcG5kVY2Y(e
zOX#XOLQv%K)xKAI${605Z|R___E6cCuYohd{n7A|K%m@?31<X>w>|Przy*2S+&fJ*
zZL%FZC|UCcHaNk;!)K{>EcV@Sh?&m<8olH8-N6L+0B!$vMVU^iQqv<-({D*zsuYYY
z0L0>#%xgvGeqi~BUr4z?if7l$+1WtkkLcE3s#4<(a3)A*+j0n2Ov;7Qn%($JLiBjq
z6I8*XOuZN7V{O4I=lE}<VP|+_g$M(~C+$+^N0gY80@CXj=(Msu*9?>IRdAyCB_{ft
zUnfwtD~N{q<i5N?y5U(Ym(fMt@tBv3N~>7!-r;wgVhwtfgoHN+&Ll$L6m~iAxqwA2
zLhH3K(%|*!jd#|g4I#(IO-98Ko5}o}_@O~6Iff$s<qkvEpu?Rx^}~PRV4^(oDDsUN
zGCZx&>inveR<+sWB5`@tMl#E}u|Rx@wZU0TFMQ`_{p5lIuCA`G%a^ax32r7;i$#hg
zcW+56&6Y@_&W=g<7nUR>B_S*^60>T`mr!l})*m6*S?V^?$v~mbPl*?z&bOwpXNU4i
zUR^!K1qlo7#<%k!)ImkQS#XvE<^9xKpaz^amj^3J)&_G5PjsVOrZiyudf^O_K1Fp~
z*3lisp7b~~LM)tW;eku0E)ki$KVhMt&1mluy@6H8ZO6JF2zI8I@poNQZ1edBHzwY+
zE+6(N2;q(YZtlA5h(nVd1j@6?Dh3AvO11$)PkHHCeFuO1w$tNdaf)KCnY%_>Jm4SU
z9C46w?%Mdzl2C1kOm?)h`vyH&81J;{d%OIxvx>AOo(0*h@n@fJ$+h(Lag7)oaoY@j
z2^K>&z!=_a=h?$R!`(o(3YfyXmfFtn!A>l6sXVH~X|2LbNKJqN!tUfLb#ID0pC-5a
zfH^tLbYZ-8?b@g6+f+n*Z*i($rxqd@cZ;P%sd_We;uV!RTxWCm*$4Y`it$JGd!&Iy
zj%+$*m&J3&k+SMq&GIWpfh4=NwYBf!`9Muy?9CComsizdvPowW=-eQ*3XeBtC1Hx%
z68p5kZ+@h~^CM>ZX8tOR<^<QjV8$<)+j_XhJb!jl#2X_^JJdxP%jf>__!amwgFDf#
z_8f^T6`*TDpX2u*YfJ{)ztZPFngk)?dPMr)Dk}?}pK8tK-XIdNxWu9b&7ta{!}eTk
z5Zcm3_9&S**aYTAF{i!G$bpp!LomhIzg`}^X9n<<`5hN=u_QeM!r>I*J+By<9aa#t
z0lDrwa7Qd&i@iEn*8%uSz5ZCI)?n`Ix$ykQkMYB~rJl4>qCe|VbK38z*Qn!^>41&P
z>PVtk4q|Du(!HA^<CAGq?x)lXM)r3}94)$yrtQCy<JT)_<8h<(?hw0I9`aut&2e0i
zP0f2=GfRlaEE+bQuHHmCSati^^Fz`Tm1`zvY$1i33r})_IL2@A-ln{i=<$$Y@y_|u
z4Ek@#)CO7M$PZe|l1Z!TWNll=Pcxkaw{f%YS}UJ*>mTSzpHauhI5dQXIo8|Cyy!ii
zXq)kHo_tq;a#Bg!l0wP%j^E6id&xh3qj)aMcyLHLuW9heN`M5*hfk>B+}ZuX_qpWv
zIb}6BBU(R|dopGtXy9OCWUgKR#ivzd*gH!r?6Tcc(OE8|hw&r+!7;ZyTKW(ky+@^`
z00eW@A=gKs$DB3f(fmPHnL#aw8Q==(I*EcVu4J?~4%a87U0nVMv^s$tT(Q;E1#z%z
zv{ht}pNDFN-E+~>3w_RXesb`fd+_wBUr&~z*vBgL?Obl_Pl>G!&TE4X&;c9tE@}I&
z@;w#bd2<qaAMc1*RXzpWX>$M)R^T~=+!|Ph=C2+p7yjUT>gU-aR5{tyTl-EDJO>P#
zf)<rpK#~Rb?uqDycOW(26CIJkY@<%X@Hx37ma{kWsSvO8Xd67)9k)PZj5m<yAjLBx
zHshDYgHasH54{u>6`>wT0EG_&6C3GCVb>$qc2x`s=ksGE?a0*XU@S;@gmanTF}?a#
z1Fjw*nSL7%vv1h6^Rcwr<z>=`*1)|Hdl?Vpdb^{RUWv7+CK%a~Ko)mkr4_;RSYWKD
zIdp|j_ZG+orrUmd-%4H4;-Jq-_KGITbC-pT%ebMh&u6O&(GBe*<aUdx^&uEue5^RU
z502#NP@@nhlfh?krk!IgPh?>O&mt9FQ(I_$EO>an1uaQjsODrM+akk>v}9x$s;T&~
zNZ0;eJhPv^r{;yGgya|^gt5a}@lW+{!hPx8hAqGGU9w%d<mm{ZGvEhDZ<+z&_Ygch
zh!6D1o=942YipHEZGS>~MGgq+lPkx?rA)poASG`$9)mAN)&)TsiDYbpT1ma&z&#6T
z)V?U0G+v7F0wv=#tm&G>gR1o0&GACYPSY_?lll<q2+$$dc8e^EEk_t$<$vfzj{Ssi
z7evK{hlv|M)!%)^#*Y#5zJKM$JiSQ>h3u-_->7ua-#-=32>gn#g}#rPsyT7!X3Ien
zfPOB`K+(4Ue5jvZhsbOTnYWNffpl;7a~f)E=UMx&lrMX4-8JKkwg|b<b)qHun4I9Y
z*wg*FI6XuA5WN`=Y?O<sH0-}Z7P8u&pL(((Ed1jQHW#7{CR_|J%EKNi5b!!R`H|aG
z%lBTxkJ7c1zV5*a&UC_sV#jNG^HlVz$y}35fn)|Q<(8LyvS>CuNAFg%EIqIuOCEcT
z3rdK^P5I#3C1$tK>li=!`eqgKFnC_9wzD(xz-kP$6Lxt`OiTbaSA%X+(CtSzg$X#&
z2^Lz^4`dDfaa?oyE~;bJ{~6|{1qY}59t9qt!LpF1J(9oJuti^AJ?$m_w)DJhz(T#$
z?Iu=M)obIIRBT$jY(Leq>!6a!;yZ_U*HY(NKqh8)0}9#tkw#xAoH?BjaA`gJGJX8;
z9JZ3gpepWL$foi?u$d^l&6fKMMw(m(Z8S~KV_LSmrEZbkk%WV^BVJ@8p<xd!sSx-S
zm%oBCy8p@D^92%a^CM2lKsO-dbEkL4G`eqje+bON8OTxvlW3jcv1YVE{XbjkZS5uO
z>Dk#j==EQ};U@m>;&Cju9&;LD$B}2s!Wtk0f4>>AkMi1OfebLkAp;NiKa){t?g!rO
z-6cer#$8SAQ{pi`%d^`yTMt}F7%lhzV1%!#v^4?&g%<hjj-7*p5hSSKh*Y-QD!s*J
zyncDH3vo?+?ju{@^uoz6?V`AvulG1j+8TVPSnbz}?N|mXGZrpcJ2^Q~h?ok?fM@7q
z<L-ne&^RX(-t*Lc{n{l{=k--}SBA|kjG&7%cC|^K)n1Gp7N#_^7&DHaD|y9{{JkSl
z#0T2BJ1FVoTa=Vf{bw6vL=2cp2~`GNvX8TF5!QdFMeKH#Ji@SH&QGhJX5b-{m5ZCE
zKn5V^3?(#`qpbh}QGf{gYLo0tDrT2IK#Jxwzl`t@2!O2>QeIB3fH1RsezrMLoy;b!
zk)udOQZKi^%I?)+in#)4yUZ@Gw&gEO?LZ|8<)BijzU0Z?^NM+&RJO9y_!IestU*-~
z#W3$uN-f^ogoNlUDndeo{X3MDR;ak`$kw@$p^{smk1NZ1$J=FM^?>epH5{5*S*KWa
zDG!fUMp<*NOvx8+)jZ0IU=fA)9ox9=7pWF{WM2Uqg~A3#3t8z)Gdf&UPP9nGW9wx=
z2+1D%Wk|jQqoGXlE;<Mxq%@P?5p?T6Xbj|;Q~O5&_;1lowURU^jDGbFb+L74TR+}o
z_>aqPO&CO(;2;0%W#<1M(Q#Ho`#qUKR6f5OorU**-jONmkASO!>nB-V{FU(Qe4yhc
zhsG&rTmJKsRrt5~wM<!0w#*|=V_UhXDoz2no{7_7!<GMtMbognfRrEe`s-`irJ=54
zLD0F|@4d*`84GJ8DMM7wB8WcTA<8i1U((MK5;XgUG8<U`{D_2QWTyZQ_0hrnCAV}Z
zhW}ic+5bnhJlxRH|M|wPaGG+9lYm1FhJVE5|MT_-4`lyVm>Qb<eWuBEk%n8-o%rwX
z{hxP)(>%@k7||*~S5*JoKU$8v{^!RuC({4N+t>_)W`=U^zhR^dGj3-var94@Te)`N
zbbY}$Xyu{ox#Iu6@_${w1kJhYeFNMGa$!AtpZ@=cZ24cv@j>POzg~X@{(t;SDQ+ex
zh^Km@9@l36BX9p7;bWPy@Y=2~`EzN@rg;<;6fH3v55dw-R+JY8>cVb&n71w6iv6Un
ze6Jhl|NhCH=HM|#L7f14kn%QrmL2B^G_r^6>~C|UJv$@YqtOR{>U?kXrCYhfPL}{F
zV<9KYCBI;DrF;7SUJ?KLBdm}`a_ERfxr`aQlJ%35AwPb|aGG=hXd%(AWqLchSwK+m
z@3*HJ!>Kkj2L}iJS%(BwRcXo$_W#$XJdz}=hTP_o?ov*o#~#uTRBXZ1vNo{P;e5dk
zyw~nSG9v7;_X%GN^%-QXNY9Utgb!o>ubWv$#IjF8MTI9`RdLLK$PotlWh{vg=zX`!
zncGcvIjpQ-*wm81nw+%REb(89{ohv+ree2y-y@H5Fv(X4?y-XYi1y4r!L}WxOYg&?
z6jziIH?rJhi;79*hd7i?t;u3ySm44o2je_%*YW)|@9i<0>X%>wqgge1<1Mr=4>rek
zE1v$BodC#Yi<KVVdZys}wmFlswQmB)R|6Xa;Q0rarjpMTdX>5%?bC1TXZ+wx#^s`z
zDB4(;OFa5!{k`ulzr!Lo7H0T3y4N~h>OkMh0dU+ey(!JJ%ky964bbb^);4`ba(wZl
z#7ycjGxgP9b>BTfyJ-LS4G!zyYdk0fwV7od29IKqq7)a*SHiKKYjUisOCp^@R6lo7
zk5Op$_4T!z`^dp{1lnJVTM>1SEO_$`yPmwzy$50wihuLYPb=j>2Aie$^&i`$DOR1r
zm7|)kSODcw=<yN9;xufj`GAbr-s||1%Ku-B91gazpM9B>kN<jj^A<gX-<{fD0I1Tm
zXOVTStz;N^Ml2AYm23=%wA!Rs%NfVw7Z8jK#c|(>fqCq0O3M9`=IEW>g|;oV?ZfI&
z8%6{On3(SlZ(3XX7jKMK_ASm`x_D7NPv6zUdvlYQ8sjbTKd<npBfoT~%d!!~L-(Fr
zGlm~!YnSG`T1|d<7R8KlrVAfW22Z2xDN8GqD-3eacG}sz-4hUui029XUBHXQC?tKv
z#REO7m_w7!xJb2l-VAX20o1p^n<Fgf%`MjBi(dTtdh7tup-EtVo@cPcTjsRV1g)53
z<6};Y>>-#A?k;xo93Fy)1gA^SttwI^8Ki=^clkfuekhtDUi%(?mg=pd7#UtogDj!x
zP>u-DNDSMfIu}KOVk;FKS41k}W*FWLxaa?Ro$;m0%pM+OkAd>iWfPMn!>!ZSi01Lq
z^FxbsH#g%4ib)j^t;0_*9D<z2*B_zy8H$OQYkFJ#bwu3fw!A|%3epKLfnm^XQqr29
z!;jkwpI(At$@_=WA)1M=J&u;|mpN^IEGWQHOd`F~>FMbSPyPlpoc_?paCpqO=v};Y
zaiuSV4G}^CCeHYuf`X=_&#PaQJ~Ijg<c^IQxVZ0t>oMkfTdM0Pnh#^`%o(+;*B4L`
zH8j-8Bj8NyFf^SQzR|K7zAqs0pYuLkP>BZVe%wYYdSn};U{&t8@!X$)mfv-U28X0m
zv6$4u)ARbxn+ve@8X6jGH$t<HqL_`IpABZd!j{Iy2Jcc`9p|G^v78H#MBEftQ7LT1
zo%z6;P>m6*V0iicvL8M*XA|=R=<K=^76tqJ-)G`=r640S+uWV5MVNu;&6ORJX;^8t
z4q!A~`vh(X=SY_i=3B_PIUXWC<E+=a>OYy}b`p^uytQGo(%s#k_+`Z}*ZQ9W<#_0~
z+y<6X04!5hZGJ_0d0Z?K)`ScY%o-jc%eaTAI@7MQA4%9#__@3chIRZQ$+^^6IyyQS
ztREqL$k@2FjOjJ{=M))Fd;_F9Xgy0E*RDE)=6rh0KU)f=V4R?N5*l80{mKUs-IGk(
z*1yr1tAm$}=I3;R>PRM)@3u1!u!tCE6#(KKk%j;V)*D0&GOgiN9s>GAh!9fA#8F3E
zN5^lrw+)0Nu7B4zIS|c)r#}6<9~(%U&yG**R{q)u-|+g9DhdP<xs|_ZAT$K<ZVv$u
z38SQc4qYs-swyFk(=j&#@B9P$fA6;NILyvw(Q%oP)T~6(K}HDOrP=j$i8Veg2jH!P
zqVsv^3G1tTB0vMm$M8pe+CEb11Y~q=$rox87zLc{uK_UTf*<TRb;c!%J9mtdD9^ZI
zX#aqlKL#ub7&X4rRHIJTl*gnb$<mTG(EUp=q`8iZTi2b-4b6Z3#*+4k9o2uX5LI-s
zo{Gl8yE|X%_rLBB+@MHf<1;sRlE$vC5CGWjps?#PoGrLeB1WY>>ciJRzfc2FYoRMq
z2s&ml2r$@9Gi+6gk*6!(8h=;$^s1oKx_l0a1IF)l(j|o_DJd2UjwHEOg0z+|0$fy7
zREm^q;QFAFsS>MQY7gaiU%N2&c(tO63JuuB(#kC|^9u>YA8t%lhZ-v&7GRDf>=IMK
zSMq<Hmh)5eoituP267MFjoPJrckZ-A4Ycc@7T7!4eUk~R13)N4Z&eCBuP}~>uv%%j
zX=1=vRu3v{u(n-6Iw{sA3D0zSt9tzh3xJGh#_~9vaGr08^*Nk!PiBhD5_PP22u`6D
zF4w)vZDEi>Emrh;dG5tvHbS}+P8)t(_Tya=_AQ||N4IjUt>IT5QCB$JmbG?VdRiQ2
zyRK?39e&2?c_BS?77=NZHa?tedEu~Iw+c1y|4D|EA*}QoWrbD`zm3&6=bv;Z{_wUO
zMD^pxTeBW#D@(*<p%fxg@D~c<Jr6eV&57OSTy0w3v+X$tO6kAJr{HOKR}i<_K9WKC
z+l|+gtF=&P(3vlJqeU-W#jDM=lzes+nPPF6q<wt;Q!*ZyARzPkIPz{0<EB>BVs3RU
zfFlX^9gkXGjyf#|Aw~jJerZO$^O>59io9V_9Asv3W*3so-})P0)ELd?{hG{bH!Ay$
zYnI=@DI*Aj1ts&xGVz$tDc6OjcOp!dax&O1=(fi^@HQHVD<axs?ZPK#L4WK9HHA7+
zTJ+8^R4lz;ky)yTU{w_MezLLDWko5!k?Fyp)kHC6b^e`FuX8DLKm7u^XjbK(@;{Ah
zf799-c~Q^@GCc~|uSPs5HeJ1>m;AWn+89DFnXFlMM}{jcNij)KR$LqlniSt&W$|73
zgTenQ)1zNjD^iIWxAfGi9)b<K&pV&1G2T_qTU1ci7LOk6M9KwGiTu?cgQNjnthjqX
z?q9MsSs4iKd9>#7LW-E~F~8GU%z(NC&4Q#vElO-!mL{PJCk-L9@hM!bmU){UmrC@V
z`!{q&^{b4p1NIE7SC$CSvW347?|zV|VH^6YRq8ET4DL$KH(7RhUk4O(qdgw&QB62k
zbf@_ZDRD5#;(*$t!j`k!XD;aw!<DVXs`FCNCA3gO?f(^K&0z&mqQvo1gnX3U!qk1?
z2k-gDoNB<GlTC~|#K-3nmvLvhV>#Ygg`J3wPLt0zJdHPNlM&O?x>ZMK%GwEu&<44%
zA^66)FLbSSc@wY3j~d^kz1XT^teP4!#Mx8FHP>=AYGSqoMSyc-{n;Lq9CciO0wCB}
zVLJ+ZY7za})XX<qz42Q^ziK8YCl@)ag2iC`9GNxrdp-URxYQHBg#(CI5I8AY1@mi0
zztoH3FfNS{Ng{qs{6GgA9S6L^r5a8K{Q2&jqS&r#sIz*J2P5=uW$!A}FhbofIVW|K
zBUYZ5y5OMPvC!07#4g_`9;w?jXe9)S126I$7#<8RfL}-)kHs|AX>2UjJp4tYF9Qoq
z7&OwKCm)BN3VYA+-Q_WBf^I|RtAZv(G0UQIzkaEFSZe-xpHfmZcf`?6d>n(FFS7mK
znW6#?RW;dKd?WcrT(@td6U8`lSaS^95@Ltqs+&L#5oO=>`%@}2w)^lgu{PdYRqu0M
zo3b~lB}m7?3(G~UM$I}$cP%S%I|I_z|6q)sm3X8z%80C5F}Mr66N??Aj>i7g`s44j
z<%JVF*5-cnnauFqV9|3xfBV8Gf7t{TH>&Z8@fc1!kANWBm1cagvleiBDX=&-wy!i5
zCVDa29S!@b05CLwuEcu_!+AT9`{T{g0(JO2T-9Uyg&&#)cosumip_W%e_YpyfvRS7
zHr!iiYD^Q0kst<8m`1TjsQ|Lve!yH<L?lMg>>?Q_X~}!|wXRvxY+!5iB&^QYimGq$
zXluN*9R{giB@5E`0I-=<d8#2o4M4)#a>uomo*b5c!VWj>%Xr8FcJ}|;kRD9x3OcW2
ziD$?0@O#f(ELiF^Y3gtN=V^8!j)I}N{Y}s3q-M(dBY4Vv1j~=!^#MBn14${Ve1j!x
zPNN;ewc?Gv<;jiG2IdDJ2^s@A9F<PWh#edp78Xv}E=<qQf0>=*^DbiSL|Dbm&b3uH
zmpM%DnVCx?r=pCXiClsz?K6*s8kfN$_n=qFM``r$4hOfsKgdTFeOdU?tO)(SZm~2c
z{s)Y!=C=wF*Grq<HZQ$!<ozXNG17Fb+-~1+9l=uVZ$m<OiSXe4p~T$N^cwyn4<QLD
ztph%fEW7n-YQ4ED+wtawhp|Lci{)HM1C_WdR;o3|j|O5a{lyMRQ<BezzK#q{ACM8<
z#m7m?19TI4&ztM>q*sy<q(~OgxIYt3I8rOd(KAw+t2q|a)-r#a9|<&m@;>%IvJ$E0
zE8ahwgr+X-+>&Zu1fuIy3*{U@2>Q2LRd!PH1_UJHzZp@kenDPkzj&+I*t?EwwpWL2
z*A%HA7AL`imG%Bv{UYge%Znz;WNBLohKx&I2Cc_MUk;c;EUrfP<0&d>l;#_$qc)yF
zl)(NqRaot?#QOB3r})5KM}`@-5aZk;eK@{}t$z0ZP=JVX1{8b{mi*078~vh@iHG@s
z<(v-LF%56~u9n;&n|U~i{^Z8Smp|+@J$+xZ$l6cwy4cTwU+pl$Qet*xY3*)p4Fjxj
zJYa<d><ydi>o1{C4?D;3C`F%uZO-Cl=C|?X<ZSaDt=}F>W4Y`x#272YzbLXdav+Dk
z?6>z<kcXjLS%_rk;k|k{nE!*N0NLA~o+H05D>7J}1xqbmx$e%KXAz;>2dq2&yS=|_
z+t-Kl{hi&a6pDvO>b#w1=gsOKKKKzn?Rk-iN#*lXzd5#LD@r(9+9Fx%`^k`8o2bpL
zt+=8o<urR*ot9Xx-YRG#&iAHB@2&0PNrzBD3C}PxcSn{Hcr)^GoWW)L<S&1zkgZnq
ze~v9!0uL_lOPgoDQv{JLA?}Xu<r$LRkmF=HmWLdDVOH>M8z4g+Uwi+QV5-I~!^T_C
zaieSIp|tCHFfS3yjCAYY1!y^94eKzCL>+loyG2608$q|{Lbwi6GHO#Ubz^A?NtRJj
z`6B7P)P?vuHYUOdAshtoQ`C~Zv`cr~zuT$h9*0De^Q4(x7sFiBl|W+pm5S!fp|2eE
zqDRB}W8<zk%sF!4#~A=0Zq}blh6Ndbo+y1px;$5j)=8&*;O?uuwmy?9=+|dcIqJSP
zu{X|~kPouQ98=XZIs4s9Z?ExL%J&Z~vS^w0?kHeV1*whbBaa3Ksw>!HeaE-LT+ED{
za%+ALJOXsJk-6Xf@Y(nE-?}{h5L~0pf9k}S^2<KZXxqW$2Z`44j~B$(<ZKlpe>2-5
zEs<kllNS-2+*RE(#xzD^6F2y%>wX#gH=}2S<wvn!=AoV1KTn5|I@23yzn!`?Hzq81
zW*5iI5#ERAWGirMQWK|2;F|}lRyXOH(-bKe4aF+)Wi{!eW4`6WyBDeI-wvm>cvqRy
z2&Nd^%fb<Mxrh^5Q@dtc7`ouDfHyJ`6k86zu9kdyGv?_0(s2B2_gbRv9EE1Ym!qLX
zpT_2U(SE&CCk{=nIyUmxejkG(q|C{ekyamUz0gk~{?#uDi9p?!j#J3>*4<2VL9~%g
zp<5!TrLntj3X7iT#tg(CB$hii8=5pXQ&)y&_+gI~Z+%ruMlmDGVs;kVF8<!j@&!q+
zorNF0N2gOJvqyQV&Ez~gI4}`}y3eqt=DzA!#j%u}C|aKe#L*gH<FH$cqxN=<-Kx%`
zN+;g=_?b>+J_553<CDVH1X0hAFprs=p8guEzoG&m(`@|5x5i=^qt4IN`+Ygs<+3TK
zz9kNW_YSeCDhEI36Wr;;EHzi8q`^k)_eseZey<=&OuYpVvjk&>ITLc@j+oo*1gh{)
zp#J60F-P|TOu;?m8l$=MjpViFoZr}DVf$5!P(#bWdyMWLJ5~*a7O+2(y+q&hSX4K6
zv7)H26o)W|6M4EHes?G-0q7Aq+d$T7wAI6h4>hW1uqVB{Po_`+R9F73dqKxL`wAlD
zZhc5%d6Fi9CQUZEfE(^q?pTex4>kt91LZ^a@bxCk03DICOP}eTSwY;$&~AKmYcS7#
z|E`W15&G*GOuJ0SzH!}o^u^>LC=+A2z$P6$GfF)K1}&=J^STj##7j!tU*=j{{Zz|(
z_Tt4YV8vhj{Lln1T_N^b%}BvgjA-A<-;m-4YLl9;_Y2+5dFX<vVTg;z>2RP89u|`E
zgEm;VZjs82;UzL?eCMBQ3VOgz^M$OyxUWiCjraV|<e5eZBq_LL2NzxoI?neAQrp6z
zC>2DZU}$*RraJO$$nhq5f5sa#F%U3#);)PniagHv^2h?Pv7K>^<2itBT68!#FS|)0
zV(xkUnbsUW-t}+JQ_f~nIX7PmIU7Q*R3YTT08H#fribo_8yU?)p1`LUxrDtp2laI<
zsC5q6j00KDOtqOLFWrGm{itl;6G7?Qm8Hy^R45MZXjw-gR&xI*)NK5{B<u1$)>oK?
z^uADq$WbJ1QhUqW{^7_v&|&CjyPVvF8e4N>51O*@s4iyVX2WyOebVX5et2sy_eNvB
zMu>M8bsUKgUK%0&69m&`670KEOB7d}e|3B*;z99GwAG^Tin|c0BwKVmdF>=@=0CN+
z6y&gN%&2b79N1Mtuh;*4_}txtz+qWY>hBxzS24rGGWn_r*E2Tj&Yt$9eBUq_t>dHj
z7-IDbp3<gj>h_N6WkgjJqXs`s#HBXa*u0;b<QaUV<2f301y%3*P-A_?@>GBj{7Pv{
zw4N^xQc0qMny^<!2F2*jcjq4AsJmF-Ayj0RU)iP!2HeSan1Ke7@r5Ocl+phS^J=-Q
z8vwL|+)LVEB2~OK+<J0TEQYZ93Jx(=&BR0^2J!0I7F6fvXnyGyG4VlvOdPMP@9l@^
z=1{Toj(8hV3uQ=?0>NtwkbdLio9!>rDH2Hiju=5Q2x66jMc|^SyIFDN&B}PM%p2J<
zVt~8S*NbHs`p@=fzV53K5oEfnKSU&AyM4>^q*4x2ZGZwjz<?{y6%s`w;B!H!D#moG
z;uwdF$Cv`E)V{K1^wpH+FRc@115p;#JP}`3n<1wifacu}Da8#9X+Q*Bul27DYSA>z
zyD7u;r4CFZ!BTua&CL;Q-?Wu8;eOroEaocPP)V6Lq+1m#C9HruWZYP4AG8|7;9#<3
z=cEd~QtpUKR{jG6Uh+N-hM}*`^90a!R4P?E>x>7x03=Y!D@Ilwbu4a+2^rL-GR}8|
z`M4ICOy6?1iV)F)rrlO63gMLo*5SkkQ<d(aMsma&dz8%+oxx2v$+4yvS5HD`L;H#W
zn6_o{D?$~h0(jH{ZG#(Qo&HnMUAhfOkWev?sf1x>fCejyQP+afIfKqGQaF`@$i&_a
zX>!la;rm^9k!^kl4$fF!PvYz;QzI`@_EMOH&91DNp#+8k*)%J?I^*f_U3cd>s!1&V
zLAW-WB)`bi_Z@b61@V*<^4Vf_od<G@9UdpW*l)u;y21sx9;xNt=j8nR{h5C%n}VnA
zD{|YylJl5thB=+h69-vpo0pczXfb+kbe1ea#vm<8a=tp#A7A(ww+oM**c;ykmp1s+
z>d24InwrpnMpbe0-2)9hN%G&J=N851oWlN>w|+?hoKaKsM?$mAJ=B}~cHRp*A9$>0
ziU_vNIp+3-=W?}L{zT7yxv)xlh*uiXz(hxzPmbVA;xpz)d)&V3TAwHSyDU3zYw#hz
z*VvJlsikie#b!^{oAo@^E=kSs{v#Y?4jtVDoVTR2?N7$+yI?SMZkCW+EU<FQjpu~-
z25A=i<hHD)VVy)g-xOw*m+lgZVNFj@i$mq34kiV;#ip{5z91iIg-zw^Jf!JwyYiZ|
zWqI>?%15@{iL(7gD=@`QRqb3g?6wxpT!v->I0~ejMX3F6cq+{DrNnjb4duLc{|BDR
zvFZ)HijUXlP$pp?f(vwe^#z^X;{h;cSoa4VE61(13zGR5Pv>qwZ+)*%_rDQ$B8)oQ
zY)FONXs{;A4rzoR%z_8DGm<{zyc*S()u}ZL;B6Q#OKob)y11#%lL7GiWPha*V&O=Y
z!4QJZYsjlQ<mx`6u9L+se+7ht088T&$Mf^TivlS}K=v5yJHMb2VNff^&3K*+wQ`6`
z_DgJNGH6sT3Oz}--`Hc|k8uV|k{93J<D%yu26~P;Z_Y+G-RuMti_s$UaK;GwG3Ryp
zel?_i<1aeTWVN$K0_JyEpT!WOfL1d?mBKjyOL1p}<l#u30||I-VUp0?YE5yZep7H0
z*o4?EbxlaDEft%hm@r6GVUPKLBT?yvO{}eR40m^C7qgEXRN-X0==1)_@Q4Hxq5%^b
zSMm2#E^)`JzkG@ARcbziEQ03Dmq?cYiF&2;=uQ~7KJq1L33k_Hfp*}~Xmy6@xaF7q
z{WqL#N5;==@$1BRTMwT|wHw$si`qI(wH2A5Iu`v#m1$5PW|KVfRiB*Xax+}yimRj7
z(rdso(7GyQz`M4W-h?~!C$->u%L<kEIwCQ!a6Y*qdD}n#$1s|zIN_h_gJQ!neq&kJ
zK<L<+Ggh8oKmd85^%@hI(#}0t4w@Spddh9Qp^WbO{P+@sW<R+Jy$M(yAhqY*3SP-+
zmaMgOYL&Fiue8EB6wA+AWoa{hH~S$7<TSMO`iE4z?h^arXlSTC{TmGEe@wj@BV^(B
z9UbL#-~`#Qki!z&^ja?Qi{c>UWkY#fRhv&#VqWi^vGLQKbE%;I^}PBmI+_Gp!;ld@
z^hS9Unoop)ihF$f5S?R3b%2<_$QU`v5eBrALG7vgZ!oG!*ix+_XSn?SYQJ&Y9$9~m
znde5kbZsq=ST{0hpOsjSJ^zSH#;`b74?<9k%A=v+-GfKLF9GLx(vsFKSJw3IgwDO#
z0#}<Baqyf7m6pPX{#q>@j76hf!>81@Z{4c-e#HSI6Q_+g2-idB5W^Jk4`~G+(}j2M
z{ELP7QM(qWsZGhBTf1O#cy?2qjg3v!yF7@o&$tIYQ7e2MCk0^nxXWYY)x&FDHN%Ht
z8;V<8AiGL@+V|7@ZgpZJW$*Pt$()y!0M?CZ?-+4#EwGXX_eZnwZKIRJHG};b9$B%$
z#7h~9%3kAtVylaAP$dynUmGwOGBF+YL5<FJ%P+eu;dgiw{LHFptjpK=gGP<M?7yD8
z8{np~c^L4TYPFlo)JBxE%GlG*H=4*_Okn@#Wt&Jp1nR9-bTEBv6qTQ!-tQa{m&U50
zKN`6L`Vkr3ZmbmgTNxju&mD!>+g?BQ_`9z`<9xP#xFiqVTT~(jiaNBYU<??(3bD=;
z5%*0B_k&H7nTnDAXSPqLW(1;N<^W9Scz40z{9`cmeJ-hykgN`78cim1q}W~HUY<aK
zl9)g*(pO(jQSPJ=8fT(td!mQZ9#R{c{&F-XtqElG^z;Ddx(jrS&aq3EF13QhkK`E0
z&G%HA*Z}Rn=Bx85y7Up`1iql-%wwU#XY)v>1N$vGpS5UTj5mq5eH(-dtiFuroY6{P
zGkA@2i_q0tUrYitH6#P0Z1fMm&^Pm;{#;j7#Q*uKD5+rr(qO=Usbsz!(?5kk_rK`+
z>$oVp?)@JIQ4~Q?PyrE88Uc}z4ug<ZQ9`9#8l+=T1f-=Klrre<kZz>AyL)En-x{yW
z`*YvV_w~#lqN2mhIs4pu?X};>ar}W!F|`5Mk%LYvvZ$o2?6qmxW?KDG@sfeQY@BRm
zxdR)LUr=ynb=B|m_|Q9`%xQzFk0f0<AvTz}itXZc*6L(Dj2?A*F=wVNo-43_O>nCg
zWz3|K?dA~Y2w4NZR;_j$V>tg0bo#}y;OC1hrLf<>p8{yxi1rRK0^<KQV*LC0ve_tB
zfg1@}C+t1ufuE8~DV6=Q_V6Dkv^2EIo@YVC5vqHc8T)TE@_h7E3V)HNh84T&Z{vjE
zGdB^mphRkL1qZRe*6?H#pH}#JMex?)lf|OjTa~sfw|Yn$Zq(f0rZB$Q>7#aIPQ|1z
zl$7&>`6`ap43bRa__4njV_n4K!k6)bD@86j*UnK3ar7$`GT5zd-yWc<PQjWvT#QVn
z{}3VwBBv-ggE$hb{{yE^Wtge)Ij$DhpTJphwUxxoSQ)C=^4PQQgj26Y?7@Qvxpn<N
z=b)H16Q+PwOMFL}Ex5fz-8tyYxovCYDt}8TGS7alBaCHe;C)D_HM9;7E|G~<iEM02
zv<_qxGQUnG(9+Txt)f0Xef9J=PDi|;LP>5)`v~}_i4Cj^gDsl=ZiI%)n(?tGHF~k9
zleK?I81YL*klrpH{V_8`XP6jab?0U7SwccWZ&yZyu!UQ$UaJslYp#lIovRKwA{bf<
zyX3?MYjzVo=|&`J%|37tiou9syLY`coRza`x#~q=#z>*)09riW3!F%xtHGN28amLR
zW)w>-Yz&|_07$E=z*_PKPj=;rO-6Lz5W0t9Cwd(V_6m&m?lnz+E${s_aUCYfWbw5A
ze@WDRE4}@RMRq)V{26p}2-Z~=bpn`Nc#g8WrUx&Hn$&@y$x5%4!Km#fe=ay=P+uR(
zoXB=vyAct3>4H5{wZ54Wk#K^uuUl+6Hod$o?H-|_{oqstT;u%(?KVWLV`&n}t7w98
zLj%>qjpmq(`6#JA)-&SQYG<LSBp>XgG#pegXr5@zTw{zlZ?bGchkss)3zDW(wL{NU
z?l(OVsC;?XHBR}pX~o$Jod`8w7U5ABwqpJp#_g^zMhejh^}WXy?7flvLX}te=$JG{
zGlZO-h;dI0Ssgc~2w<yoIDA-Nbg1#z@F*;ZPtCbEa_E4L*hkOZY;JnwWvtOEzN5*J
z^AQhPma|f0te?+3u9ZxuUBs}>u#)7aXdbH5+4>Qc0(u7fY61bfKDYkb$>@-Z_5L%m
z7m-H!75l%@0;tQ*cGt@*rVS=Abe)N?0UX?IvxjQhDtXzOLVH~VaNV{MpZ%+lRle$c
zuzvybc?MDmYyV2DKkM~T1uVTE?OU;)+R`VT@P>m6n8gZ6Uwg9@3QZ*VqvOhKK{l%|
zpBpFa6raFrj{W6r-yIN$MIAa;h+8wrM%TcmmyFY1GciZxa8^ga#>KZ12e+$SRdID~
zRVC-`{l<Ve&BO2nR%v?a1B=5B%F>Flki_wE3^ECb-Ro8MwFO@|C@6TV^i73>`T$AY
zREBdfy*OD7Ss$C5o0A3e4J3XrUtt1j;M99xbMSHiWl_17+V`gqfn$(GnW+t;XB5CL
z<};6ZAq^j2Bwon3=b)7H%`NzIGSu7*c@yw0?W4Np!J&~LD2!auTa5DY0_~F21Ty_O
zVkfLq!+pmGn8bD`;(`*;d4niUI^WDF7J36(oKcHF_o}OJrL;bJ^mu7}hVt%_?UfB0
zj}TG&poKbJ&Sz=*m#(`MoCOOvO!Ii|=Y6P;&M0)E&-Z}W$b$q|oaX5J_|PZGLATwD
zk_}}yfH6k6DA}W*wPTw#o^J~2gH9)YpmhNn{AtCjKDzqr#KbM*E{9k%59!@14iQt`
zbFGkW^Sn$+4uiFUXoFl-i`eC$N(Klwc!B8ok!yT{f{G$Mx0m6{!HThS;zd2PzAo>-
z+{Xv3Ivm4Hjh(nOgMHUL8v7Nual@CdwUGiY4B(?a6QSWcH*zg4y&*!_iD!GR9Xh96
z02lmArY7OC<4DYX<}&clafS9EBuN9A3cetlJ8XIwN){BFwW8EonW2}-uGT@%mFdOz
zThL97O0J|cHCo0=8&<hnkFu*t`ZCAcApClNArvaZ7Xv?&Io$0I*e#athB{z7zWn%0
z^jH0118djkPiW#Qj_M^*Vf3||RHw(E4n7Z^o4@%n?V-eWks>*|SiW1w=_>BRF<X&Z
zpxldbS6!zgWG9$;8}mozPN=x|PbpA`+Thn9%^K1tb&76rpSh^dGp<v0_FCeN>+d&4
zYDq_?>P%_1#(vWI85s^OoI}uRQ7%a79v!;ge0@Jv+>&gIxJ?M_ec)F;Jf^T7xYIgg
zxvGZ?f1jS`bHrcwAZykP9JG0tq)nVK;MUl{^7w<bp7Bv(_THcFoYlV|YvIXm*%1nO
z!|noWMz}|`$LCj9+dlB;p-t+Zh=9-tLn^<HkjE5^yygsdFLfXFrN;7GhlAdFvu`?!
z`ROguYb-DBF}iw{quz^`)abQV=?!h0W1}r=QP=0TfI630i@v{Eg_u~DJ6-Pkxw)20
z?{`x;eB9+=W_lSmyVq1ob%TN{mwKVbn_C}q0!T9uPUfEEpAJ-%HHEk1gD27T_Ly2y
zTFI^PY$9(zpG4=9T-MjQzlBB)K~i#vq%dv+RTkGXjSxn^B+!puWtp!H&bodNgzIpV
zeoBjBDKPHW-TZ<*zh{jd(~y7vWER<Vz7`M!y<tC9@Xvb&Hz+Wp68!Dxu&XbibqCZ-
zu;HcO1ru4djo+9=#4{pNhd~VpbZ7RHgEPI~m9FvfDnlAzD(G7Up+ssRrIp|S3K&Zr
zLa!LIxb>HE%`aRapo2|vtgu~tOp%}Q4_nGIm7C@U295RB->{gT7vGbqd{rH3NwPR*
zhXs2VZj(*UT2BILt2Y<|-(bV_`iLh&<cu5Sn)6#}R$<6$*dDQ}<$i+w8i(fZ%ZZ7J
zTWl|b>3!!z7$55S^S-Vigjl4gDmM^M(1Sfc0p-zM(3Htp9kr{Q)}*vXsOIicfZ5d#
zrGks@=PO!4L!92gr`K&Sf?g!SC3Fb%BOh}Bdfa;2Zee}w&q?{(jJDz67ZI*h`9glz
z*EWU&xV*~B*V)u-K8X8T+S!4k>?gsENc-lCQX27`3QwMY{^8s=%<+Tr<0l~v!9o)n
z28I)5VFre8Yg`_GS%8LR76F0bqx(}V3U`I|Kz>W}BWrLw0wA*Bth@VM^N!1wQ(ae%
z-kFjPd@u(|WZ_<C^YsKw@xt3@{5z7zyz<v;HNkIx_)O*&-HJi+=<8fGdX0xO4W=Mj
zVO3`cX+G*3W|4oF%<+0<@!1F|d%xd5Y>d<Z&zrIE;oI<JO^CsMIf~QDAo%^0i}s$=
zN&f-1{`@95{4dqH^hlqvQ+JI$EpKhb7Ftt(9?3TUp;0%j)^9WqYgD{>8C)RxFY^}E
zn+$sa%p)0pBh<vp%iSq=H>|!nWSm}*PDbPJk1~4ye?+WZbIU=4wL{X=83VBC1~`fL
z;(dM7T2)=U=IFL7K7XDJo-Y0miuvbH8M$S;b9onW(CIa9y@Y>BL^`>yf8XuDujPsq
zG5bJoz%3&yy3XZiM$!KdjLIgH40u{ky2@M0%_HXjUzT;-lCo(vc=*{MLkx@aD@F{t
z2eabe=f->uqI2lNk>B$uVo4t3Y*EjYaBe&x+d3K1`wv(9FI)n2Y8Q?^FPD1o0r$W7
z@L%kNE>7`ZZukHGM#efNUXFo;A!Lbt1gfuZPr3hIw|~AGX+%pMIXXCWrP{oP#J#|{
zF%1Q=N=STXQO=wM7J>O{+`m`tpD#~_!}N)(OkWix0kqCj&<-v=YNhY=&;|(**}NA^
zOA^F_7?obT{Pz`LzIKNZ*do;C_=Xx~y1GtkPKU}i(5XLp17;H5nM*J~*4?N;;SM=5
zKYkHT@X*q2TI}pI9@y0ADLh1u%Yf5ws>$$k>GP(+NR;F)`a(_Ll=svVsFg6~5T{Pz
z1u22x@rC#W-S%iUsWo9?VQ`WHpfjeEndXWEo!VP=C$C%o^@g{f<KbOW=-P@`SL8p(
zFTfyt_5At9h0A{j<Uen*sddgn>gexa`S<Vga$f&1aR24@OY?^@B@p9T_x}4GiixQ^
zGRLF$_T(f-c-ET2*#yCy_YGcg4J4%|tVGJocMu#qsC+miq!Mb1Ey;^tLF4TgcYf1t
z4yOO*0x}|k8$$OyXmh{6O1be8q6bFM|Mi+dAo&iS+Z6m?`K{+=yEx<+Xx(v#7&xux
zTjWL{0=C3S(x+h?Qf)&lZS%{I<YIUl``W`i@aJ(fUA^@m2=eoD>@G|>i&|iz);$IV
zZ~phNle*2jPC-^W;&JUnel);-ODR%rfl8*wS>oWOA47;;dPS|n`g5VJ7`E4ip;W|f
zlV!j94`DyioBqtb>SVZeP9|cNxbyh;)0N}JMME%rG}U%iwRdnB5<L4qKSc|E3X^Di
zNEs0Ul5o!Z4DBUZ;pv(LgV@17j_Fg8{g`QQ4N1wyP%6%NSlcj$E<azgm=+FvSM_bV
z#xezeh9)eaq5PzG<BQg*g$yz3-elb$&#$sR{bZ=a4dVXk>h~`FJWI!%ztbJ8t>)Xr
z7b~1rhYQ?IM~Z|MW6xc@o~(8337DiM)Vjd8ysv_|_Ba9Cc^LGtY(L9<;{fdSP@yS4
zM2jVf?}URrj2FD!wirP#Fm%BV=j;IY)rN^v0=?ES+OR+((z|bT$3K+tcrP|OINCq2
zkdOn()cc|$QeLxB&0jU=Kvx<EmLxruV<SLqtzkie7nRh5>acGO@f`z!N*S+$?i<@C
zCejR**|AgbWDdOQ{O`}4-TP~qn)+h$#>^R7O0-cCi_Wr0wjEPv*x14wK{8g+%Q-nx
zo!O$T96z3?q}r}IrmK{E*!*O%f&`QCO^J41l@crZT1kQ#@I5P^$PfgJYM#a-kdq+S
zPJPWQkAo=%i+X<Q$&8MUVZ-{J@)|`23vBo=(Ua=cA+8^A21_p;Dr*(1s^0mitZ+@W
z%$7}*;6{_DKZX6qSOEIq;MGWPrdrJ8<Skt1Q?@jvtYp_?T+pa^$i?t(wHIkzAtQU@
z8=hfu&>knqYqq{lKrIrAjdT7oiB9TFSzJ7sWdG{W=B9<g`Y6928UF`p1`HP!(K!)O
z3N#g4R$<*kH$L1wEN92YRzA6pEE;$8J=8*x@6Hg(MhTp=mh}s+{GV$Tq-XHl*>wq#
z+cI$yqL{#2#^~CUDtEpbtd>LGy~*!-^7N@@aHDa5IzRZm>r7Nu^qT@x-upu_p)XAt
z1ZlT{Xas5<L44W519y*N_$B~&0v&O}GA1Uh=aFl*_4Q!{OI%pc@wdrTyQJAVFE>hb
zX->NOTA}%fG(dyFHw}^`<OYkigc}uZV#54%8Uw5jc8xBQ-hFFoy*g-#TpfE11nD8_
z^jvk}+UpYMePaE*sK;J}!E<}8JjY<y7y-AvCie}8%jC^J`_h`?g#|$=_T*lGBBMgC
zVb`O(Z-hG6Mv4aW^+>Yx94{%bD?lD7M`I*5>@Ff@8^r3@mzJcO#xB#;)Iu2h9SYt|
zh3ysE|Gr2_lB-52Zk^!rPsW!SdCR^{3k!`lYka}-jbNRwuoIkKTRYBbB=hfLeN*hV
zxVT8?A111S4auxE-@9l{3JqFzZ-A#GjFEo*!;(A$X64Ec?S+wE-tulu=fjsK%`(lf
zFyt%Hl3YMW8&kOd0-mWT`07GZWv+g^M4Z50`pC_jCIi^6Lf1o@KXw`BM)4os+Qycb
zmj^>&p{;^aSaPtIy7z@SI#^Y6pO?NcvYKsrU*^S#HLebER340jCllHl$c5(u<;Qmc
zVV=)&L0E21y2>*2C~6S>_hfU$ffEJ*_Hg-7_=G{n<l%dqClMW_=e-yWM!}jAkMLpx
z+QQaIo1dS*t6Ur(+*N+<c^Qwt622pP64=rOX;x$>B^=nEUUNS$;qqC{UIyk{?zssb
z3Qs12O@E@&<#e2nBTo4JVJ&B$!t)>6ddmam)i7JBl$l)`R~K>K5=RgSm2@I}$0i^x
z5KfX4#qhuxTOJY=_w`0qpm#!oa>lG3vtc$15AP{<-ql{oa5*dKLAQ_Yy(`k&rV`)b
z@M>lu9Ql7VwKg@o*z`bSqZg4QavEsU(NY&*vb;4%aO2Hjprc!2w4qW?o2MuiD9bim
zi?%;B8!vtc!+u?;q{M~Mtlt<s1&XccZ*}RMJ$v?Psw_D)VL5JughvJp4D?~aha4>A
zJ@E~qo!Mbjy1B97t!F7!;8O6U>vWC_Lk9Z(;3{tnTV4PqwM;)F0}{>wkn3ZupkUjd
zkJ(^)k$o99&*&@#NzA)C2^@2{EE{9$Qfw|=ye+H!QOs+*F>KGIq$FbKr3BOdU#kC<
zS3Od@AC?kW13kJ^q!kNIRAXWqYqx7UTLyS3@4xNWZtS3hr6i<dpwn>&xrH$g^`{u<
z`QrN6=Ng;D!S0gLU^WMw8yW0Hhj~*OwDz}?-Mr}l(^EO}m40`sl+0Yq%cjt!0=mX>
zt9mPFS&G%-`ftJt4UO~f8dbMpQI=X?vBXTEW@C=JEs@@jKq^ygsR(_^#~_NwV#vc&
zR#qOR>NraXj^s`OvB}b5(Qo*zdrEDLV@^J}f4CPT7s~W3INzunG-t@(LE%y1#qNEV
z?fF)(m@+}w@zwYB`G0AYR`JCY5p=rCL*l2*ONYf}U0-F98j-9nf9sC&3(uV!%pqB;
zfZOVMz&?9RIGdMm9@ixbo<yx$37$jwc%kOdA5}S)Gq|u_G3-uehIGF-6^>z+GYt$z
zF5^v2PZ|Qq#bHfc8e5?SOX}ixTW3yAPNV|%r&D~74pz?IxNj!g_p=YLg0!Ytk<rr1
zwkEWWb084Eg!B;@YO0l$2l}Q_Al61&VI-#?cE$<%4(TRJB{8tR$#+XZuuioX4gan>
zRen?A9F@`<-d#2z*^j&ubcIzTCzkhZUn*!D+Tw+Mdko}-Igm}~gJStCf#`?{>ENYA
zJ$j^4@|K^J{f+(n0!CF$ljYgYivrEsi22%#Oev#r!ryrcsm-L8bAV|5$?$BVv+|Z=
zs-L%+Id?RAzAOuTdK?4bBmwMPB*K37fn)xcipN1$3vFfuV(^(@G9)Rlud7q35^<GT
z+nLZG!(4GXuiUg(3{DA$H||OyMgA@A)z68DI*kZ^q{BZxas_c7@eP1h-P_wW@2ONV
zymO*!&~5go5^?71nn|($u~08_o!C~?lKp3wp>{JhJ{Yh_NW~bl{e8iIzOuVt1=nbB
z*~KL|3IM}(0AkQ}wlI&JJ$IgYiG_yUPhv-i&$98o=!DM~Lr*d%uaNXyKji$l4#G^v
zfHQAD?!w_YxG>v(7gL%aOI6jJ6)tWqTsgeJyL7zz(spgw<_5P>M@+`6?U$#n{c8wn
z;RZp<vU@HqbkgBWC!-BS1O$nyX+`ML(}mu&*M}wkwCo9!Wp?BoZwY|^snfjoG}+>|
z$kNVjplkDuNWtf3^GXutV2~j%>N&m4?~Oc#rttf|1^!)zy34y0s=4pTzkWqE$FVR1
z|B(#sdL9?b{X?c12HDx&C9dM)(&v>X<RYtMA%5hXbPlpkb>=)V`!?OWCvS3sKbPH}
zZ3zoe7cNsQc`hDfi^x=I1~oJkBW~}OoQ<Al-BlB)@JdTFCa!!;6P}P_e*UQX_igv@
zuNl|P(V<3MWTz{1gc}n(bvobLBb!@Z8l!c(%Iy#P)73gjHC$@D>vx)?XdA7))x=mq
zNB>KCf<W`vsH$$qQFKMER48Zxy3+ez^NfVEsXqv~Ii#q26r|&-HIO;Rs!Ddc5%ENu
zyMxGg<U?yn4`NF!=4+pjisiw6{oWm^E%GWX4i1jda)%H|S{B~21xXdXOUMwCa)d0I
zvy-N?&d}3kfD+G#+v3jey9fc27iK>hVIbw9XAxxqj84mBR;k|faZWx;r=-9`DjiFg
zcTShi?C0tdNxV1;zIKTrq?IwPqBfYcI#)EpdIh<ryRy;as`2||O#XDZqkYU@`dVuU
zzjdlE#cOrfE(u!7vUjzotNfMgr~EjT`#ykU0L3Tq^y%k<xFM5Nlw^X%^sH3n>O|me
z_ezW}Q|6eXl_+c5@VeJ8Q4YJ4GXi$bfm5PHw~fPDop+@)pa3y2wO&6uS898TMNJJU
zj8shq3C?w0I*t2_GnJ9;^K|}3foN=r0IF8#!Y-oC&O=zN^ojF6dUK|e&vv!Apq;uk
zd}qy#`nysJXObjAipxk57z<J*H3Z0bZp4=VWKf7R%X3!J2Cb4OcoZ`hn~wxghG&h~
zoh%HB%`SC+Q&4~!YjfAxAv{MWK}0yo^R(^zlxR<e@q+Hs4h)j3EH8n?vOP5(DR;0^
zER>DXC0ACL`zc_IU>1Rm?yTPI>V>osPiyA7_w)O5NJ7S;HGB4(Za=)@_U$WT;*y{S
zkSg^dm+t1!U`Yj+)Q=>2&GT_l8h3~$y>h90%w`&qgbJ&y!-l%Ueo?y{DDnrv3X`HN
z><S95CzekEdu9)W1SKmF+bCtJv=~RRlAZ(4xlhA;6gjT748w&EB!E4iLR5<)Ycy{R
z=nt`;CfZvra~rm`grymc%*&aLmNzG`C~=~_u({uAN^!o-eDPk<0HW3cMZZ6-WYsJ|
z|7vWE`T7`lW>%N~+U(qt_=ZS=#nQH(6|m%s9BWq)u<GEGvQ5p1R2U7+XLzmM!MIg{
z4^jK4ucFx57G2uQ<<ETK=E8aU)tMj8`ax=!wx781t@*S)RJjH$g@*DSSj>BWVjmqk
zVIp=)EVgJMdd|P7Q<pQxdVuPA%C^=BlJcE%QLVMNsu=6V+0Mq_x7h~_AV!?%ZU1*d
z(74I?1WtT^=(6IJ+mxr`dgD!1p54_f9?-YWdRWZGzkffXHbg#Icg%!yt~+W!*_r#&
zb{)Oyv8NM>o;(_zx-Z-I_B!4J6IMUb$(r8Uj<X*HJ~y+3BgGT<(;som2g>zR=Jtf$
zE_<`6#t{8>sGVSN*$0u0GxWUPB0G)#N@@3mx2?>WX@m6K^@nS*h41MYPL4>*i(MzG
z8;WSjN(MYKBI24R$y*JsB`!YgjZ7X$>o6fgs{5uzbQyUF#wn?+qq45bowitBBMBI@
zojf$nT)k*fqv>`>Rqp7`3ignqu`RTej!wVF{@|WUz2JE&>;aDC@@EtD`lC{I*}AR~
zG1}3{1|bQbt$w%9Nj%EgRVcMxep33b5-&c#%H@!-N){akJ70yx<3j+C;xgj|pC>uq
zH;#c}VhKiID>K?DEvg%*E}QHt$I%5VBv)^mxE#U6T|V?PrQLo_pj@)SkDQEu)gWeV
z!bS8`tz<y9^OE*TA)JhG*^Zutm0o-}-^gevksM~<I?dmEyX>^2qz2<AecjRA=bj{t
z6H!xBf7lo=FcaKHJ%bN4hd~ZoNJzNpvxqQ&!zrdQyl|}c?O{b}D4W{waD(Q(&yWoL
z;ls2mE{O1CBjhPFq%<H1NM>o~)2HI9KyUIMs;vY*hiJp3AkM%7oF>ram!ay8*X77~
zag|9&f;&LsC?;b60ICyLgW0I7>`I{%sq!-KrtRum`oJnnKpp&#an2K2o}RdfY#id%
zO87C*%~JhP{N{Mq(pShFCNsrv?V5YhHc++3?7F&wWzWZe4O=iQu{yI3_kF%&n%aj(
z<sWZ?EOjJQsi}o+V_{mdTt(xR3km;ty>Q9V<u^_iqOJcpe}WV$%<c?h0|~zywLf|c
zENpG{+kNzs<>T&jr38bRe~v}ju)F+z2xGuP=QS1#{t03(Zm^6Xa(q|Y#j!pbdpcz8
zN68ys6-d<x{wUD)-FcQp1nu#{GhN%)(jrd|S<hsu)9ZK=<U6F@H!m^{35}p~V_<uw
zm}_r|>wFkyGqS;Dz-86O-rosz(Q(Me`D4Se(_dbeq;<B4DtzHmn{%2|)AR&XoV}%;
zyr!>s%vC}ri%+kgQp=p`)_vz_i{<cuv=*zQIw?;5CklaP8;Vuxlrfdi1#f@_5abIq
zM$f;c!m_)&x+OBMt}f*&EJhaq{YGs&t*+mOm5dRO2(CUMbx)9FJ<JsBHv1viI_~$y
z(N-q-zT`4lqR#ZmGa?tP_d(%}`z|y6qm=ozVOmbC%5^EIPjfB8IHK$C=JX?Rl2$}M
z@t&0K$jkCge%PNnH49|)5?0f0j%vuAvHJ9DcwTiHk-VpESM8RE^M-)qx3NEk$5C5o
zTPWJbokfphX5~sNvQ>UG&@(tnyJ=RBUqoTJcnflozI2!<)c8-XP|3)qzrVi_JLuFG
z@_55*Cat>zDjWoje;N@gah-&O0_A#xn9>Iu$LNhqDB7j|J`4&B$$X58+CAQ#Ijb;?
zT0Opkd;a`^E0RNGeB5LrCq&`E^;do~3G=gZGOQ2;Wnh=CcHQ?b$YI%;`SLNMdw+c-
z3%t>4bUC|D)65gddVXusg2uGIvGII%tlMb5URparHr!@Au7T<=(q2VP)w%)-*&};o
zdJ(L(qM4DwKNSxzE%&<C>W_e5+l5P)Ql3oJ^qc;&+XxnT`R36gkQ2_sMWV`Q&NPKG
z(_%STEoe81hQH&y;g6xCaQCM5DIA@gaKb-^bs5gq)cgAF>j^>V=~pnck-7nQ*~FzB
zx=`vpQcBA9&tGd*bF2#XW`!OMa~ol`66*v75%F!KCRkPSBMZ$7l)9DUhYr;Qy7KJ6
z4`PJMd~FE<Xj8gcQM|%|bL8Yn#)#c#IJ*N{1QG{y21|@lBr=bD%NH>>#`67@#h#Ji
z(Or~iD?16pncpQdWmvkdY$S>da@qW5a9YXwy7EJ5!AyTg<+~+LwbH$02u1L_al&PH
z1_#PUR&3=g4%bztlcm)X>)rJo=9g(N65+sjw2aj5iid`ysOPbXl<mP`g5GxTQs>Q6
zTHxZs_2q7G>HdB|cvGmZcd2UURjMq+RNQncyM6oJQos9$bK6{olXhYsCGXiB5R7kh
z`NDaNYRCYKa>i5)41$TmO9{&RA0K-K-ZQCVl4YRXs0cYqSb5u*E+0hWfp_7;<V>f?
z!V0_SH+zoO1(+avR7PGhX>=S!XQ<}|K;#PjpoaDg5kApEo~y>T{z`cHSmq^}@RR0<
z31`Xi@{){~63CN+K#>Gw5=@Z$UnF_&YT#+s)J<Rl+jJxdWsn1pP7oE!XHtt~?I$+8
zrYh)}DLQ>I^m0yFoN{cj<-~*We2&$ns{!uVrRf$1Q&Nnnl$Ku|ZCkyEUDRqa8b69Z
zUK@%(D{<p{)L0v77%SHsa}Nr%UKRb4V37lz|8_Lo2|<q5!jW4=T*A_lA)Ny}zm}<2
zA0!De3}59O2D9F`y1dr2F0BWOC5WwQTd|{%bKd@^L3Tbj$W?@W47qyaR+_(35V8s^
z$u`S+YYZHfy$vs%OLerm^ZUJeN|NErd#-rPoxG*QW*<>L<m757Y>u4YreT7<@&X+5
z?4-C#1Fx3h7PN92<Dv~oBf4E?r;jCHph}(99_`r^>FUUl6u{uzEqQWUQe6CdYm5*^
z@0mD(N(%NZW9}PEJ6i19v(0jzyGz&@a1r2D?X}Xq{yKBy>JZlE?(VFs3Lo4M(iY`!
zU*5sFd~I*G^A((bYoVJsAZNq_4j#{B8xNS()YckxfB#xA_UV~UQvy3Xt>?+dUz%TD
zg|&b<*ENAZ2DvsoIlX%1m*rE=)TYlRdcqwFV+Uk1;wwlpYXTuzB`TqJk(CJuDPTyz
z<ECEMaeJGqN-hd)gwL*#L<)0T_urHV*gxkspx#=yI`M6YPAoyME%cKpL&LUc>@Us9
zhV~fe{wz`GbYKX9lbZUi1E_HohH`px1GM0reew8VAY%aIw)ysa^W*j#efy>@+`#T1
z^paPVp^n67-Ou-PW}N1`G|K;c`Qt-T1gZE%Qf(-zq>ox;($wRIAvfC(3Rs+{r7xs9
z)QUl(Vw~Zv2&6zu=v_VG`8INdQkEJf``K{x`+J*1v<73)cxPZvlIP6PW}cjYhK8fd
zF5V%M`ilwqh!41Zo#oW)J{wa>y|ulY+(A*mI#X8GIFb;GrZ(zJEU~dQfxZ$<9M1~Z
z2DRjl;`uCtoluXK4woAH>-0~Y9mqM~@j>zmB)B+}`AanTQ7C{;V-XdlH*X3T5CAUy
z?a-xs!~R}J4oxemushd&P?cR^QEc$Tb9HUsK3LIpIJUupq9jann)k;RqOXb?!jjK^
z0n4Qq8LBam#XLyo+LJ7As^;@m+haRfDlS@7IUNXzp%=_S5i&DJ*~M(dd?!vLl8NoV
z-%_RX#qDnC-z;=KHrPhJlsh=XcjN>J{X&|$8Ht@pS?BxADKfXoCrqC^IF0W!ak?hn
z=jjht5r)0<8zb$=F77jpUWoQW4cpoGcvj!MzdloMZT`5O6~nv}9TllEXn*^}%afQ~
zC$dK<m|<U*yGbXPx${V9IxD*U<1egC`KR>0dg+2!nok$_x-Z1seHCwB-1Xp8F4MVS
zD9nk7QFx;){G%P5aR!mTa5w48keXn$w6#dpIZ<N18dUy?fXr~HoE%(?k3@{+%a38n
zxXPjw3eAun<eJ@&EeYW}%4zjsZfPGS#e^av%PY$5lawxjHM;Rwq5c@|otLbE2^s=e
zA3nJATW(+7Tj`^R92DrJK|cpJ2RH2=KLS_NWovJ_=l$71N&GJJ1nvm3&y(rBP}TRq
zDgY)9O@Z!}Md60>O$~Cd(J(42j}jC1XgnM5zg0;Xs#2Kq!VZsGtPnl;XsC0fXAsP(
zFWpeJQH?!Zh=>?1vD!M!Z|0dxr5-@_1V)MI5mWD-xVan>alR8f8q%im*1Jcx*k3>b
zkPP(Q#uVg^GT&5qM)##nEiGL!PpCRo1%6h({$jY^8Nf+9*M*%(jwr7>kYmb0#cv8d
zKaA~`d(CC%-WI4-YF`Tq!c!hDp}yYm?f4*sR?@Z-MqGO(*rX~Jbx`zU460hfz>v+0
zQqZn`g$2eY-XDy4pXzlX)-Bkw!alt9p!mUwGa8NF+{q4F9V~%{&IRZQcbHcN(87Pf
ziWQlGj<}tnN>#j^hX0LzMpmKNS_Jj6Lg#{m%-f?t;$=<MBEGmRc3!jbd^3zW-)+?T
z){H_eXs7w$=6AF)-dQQ;kUprKU45pb*PykCRtZMElt1{Of8^7IuRU&Q(6DYjCHomC
zwUJ?#VfVDRdMz_uWI^nXvdZ9{;9fJ!!w*y)P3?<%PMZ4WtuvEniE~sH>o+yhT<Pgg
z8ih-@nZFWupT2ym`^IQloN?x~gveLv2jI#M`z3sIW`#-CG$YNYjBug|z9kzKJ3J%|
zClVllH9<BuG<2hOPN2OPH%|SIQ6YY`xU_itmn605*T&hdL{&wMp6^tJN$f8R;2*;)
zH8)dRxF(3+^4iEaq|UGufK}9!{&R6DkWKv7v-X)BEj#zkPac6kXia2L?X(L!<xR?B
z=lzRSozd-ZNt0B%Xx!!yejnvOQ3=|{vRCZ~z|N-o`@<Tp3t$<twYP_<h2W6Y!%omf
z54A4bzg-|j$(1sVc+s(6wsC%I-ylK7K&778SaEqj$V4?Sn9W!T+EW2TCi<|-E{+%Y
z_CF6Z(7vY<3~k64`oI{z$W*!g%NA8zGgxXW2n_`}i&KC|0Z66+3to(Wa{d#onwnaE
z`^|fhx8)MA@Nl*yQpiR?F}3|mrx*3pTro?y$)dO&?m)JRZ1yn<=R659am`1|Bug9r
zvI~pgW&&<6!5ss<;~Y!JN5vGx#O7roI|v11y89=M<TnW-+btQf;LSzdcexnCppbH^
zJh6T2j!&+hbkEH3-K)&ns<^jjr*@u1+>Mjda3!MlqT3YGpgX;fansh;nO4sO`$fzU
z0_{LZfLiIy{5%l8_aR->_yZ}Txm9Q1$m00!T%!y3PLX4WvfvUvzz$9Ln#T^3r5RSV
z{uBg1_T6AwQ?dIMC3Su#;ftDmjrSENH4E<Qe1<EtQpT?fhX!hcm&z&4VtUK3=sUzB
z`O}SJLeU{HwYA@(o=y)o-oK7>8Q*02^24Zswk--wGr9Z>mD=n;sh)MJ+-Y3YY2=<$
z!vw}j9aGNTQTAbZxpEZS$`k=Mr0J@;*|uZ2-QQ5Ppp5zX@{TIX$w9T>eWfo?aIPiX
z+s+wjqMBgryzOi{k`wZkR$^;y;P?lqaLSKie*#{iVf)tl(=j|5HcsHz7R5E9BmgH*
z0@N<u5yR%a$;zGUTL;5A*1Uv-xOarZvmLpemJaqPI=Nv|N?@>gi{(i~sm+!`XaQqs
zMZ`@sob8*%uQRhQCi+Uybo%7&J%x-Dge5i40nN}|Aj3HBT0}yqP;BK~+t7|i+k??v
zjnt^=h@B>9)OWS2pfx0=U?@5)qPtDi+7R&V;R1)&()OLHSB0nC2II~=Cc|yeLJ7Jr
zb3Mid_Oo!{d&L=LRz9<S7WcVG-_HK=6X_%GASkGzG4^T5WFDwy*#wS|jxonvi*;6j
zuk_Wvi7+uWrH)#G_4(zZ02eqv642sK`Nv6@)fiuyNdrQME<mHLu^5kJX|&*cYs6jY
z&6>MG2(B56H)qf<F;2QrOk#%{KZR1SD<d?B*DBhQv#wK@s(k%HRzY|HKW^WrMB5Iu
zciSD+_F{oo{cCD=<J}wYR|r?j=0CY(zny>bihN<#PxOc9y6x=+74`!&dn@MrfpS*w
z4NB$d%o%T2bS}F1(Oi1?c@1+*`dKaSg%#ALU6nbB@8KxGO@fr`lD6~K*VoH?z6yh4
zxM+x)(v;r_iDs=6v^!I>rSfPMa~>jHs7l@*&7;2;U6B5|=sk4vM(AQRT0^}}hH|Gj
z5aEg97e_|bTSJ-u0hgC|$wf9!?~j$*raJU6;1x0}<uifn!`btVaTkd2O1xmp4a-Db
z=^A(u?;b3YY|pp1yO~!?XJ_3v9^gQK`^say5-*6La%;<Kq}L)5)R%75$bR4ohg2o5
zYo+Z-Xf8ZYS9!KF;~l~P5_^*v9)r%fTJSsdBj<K{65pPL`b^`24>@)o_8YeYG0uj#
zd&>-w>BZKJpJy25yO%2LA~}sd>?uK`2B7-=e~fi?bi8?Pn2HoZ;R!|}SF+Y}W*W))
z4@k$&20Y<N<4JZEv}E&KXBgV%i>+OpPKPC*GzrJ}hOb^hXhR7AX>Mzf<w^jFrJ+pf
zejDeVAA`Lb<hh)^r2*^K!9lLsF>Z{`K*ofdm)CjN2FiV3VU$h~p@eEIZ^-soq9#F&
znqKemqjh>CzeakyBbO?)4>jTju1f!h%$Ior!licflgls7CQ5eNEPX!xS(LtrNwj*E
zrhJPlwipQcZHPm<{^}&h#}Vzo-hE*$+;Ov7SCvt7{+WS3mCI^!q#diwgx{?sW!8!o
zF)r;a{0!2vkRicv3N2i1?WwUuiHpg;`wN>21$)7?31->7!LIr08(zj^TNVLx8ILgh
zhx`k0*6n^s3be+NZIcJJvBXqtb#S?jb=06mmv@w8oT_yPo+QrIU0<!C*Wm?=68#Pj
z{G;MmOO~IU;En4d1E#b;rQEb>menr}&ySr==jaLf%~Xu4CPr-u282eNl(bmd?ljR=
znPHAm*h3rj4J!IduW{*jOpjMQT`7bjIz*&``mrbBw;rbr&_Fgovj`8LNWmhmD45<S
zZ#Ga513<!Xwc44Nd)xQ@Vd=YYVh=&PH3mTAqIGvrqK%**$7Xt6NT43r&Hx*a+cSu`
zx)hm+{cP0vt%l`^EOuc>mnT&x8a>$$g>MqzhO=q>%F$s|$uY^1`yuAQkLg&AyNKMj
z%Y1_|g@^6w;3_)=Ktk~crmXSK``g_czFCVyGcFik6Ao)0@FVGe-UME>3Ws})XtR3>
zyG!jkGlh)l*0W9W(Y-$$iXJ=hl$Uu|YB-AnMgU3221j)haD?h6H#A)52Q7HT6lw9a
z>+P6>kefFto1*FQp)E2EE}Xl^+?jMv5gi+tA_hDHabT97s`2oZjpK2*H68EuAl`1H
z(kLr^J<zc_T*0Uw1A-EZ&EHe@E8!x!HixzZxH!<xa^KLIGohuS-Ouj)hDjxW!jJ*6
zNz>^KToVn4-T0aEiV7*H%=8eMlY?6%Fx9>u0q2=O*l}U{lHZjIeA=BnVao;(C6@E=
zBns2vidxA8XNeUhHoS`j+N;HQ;LaBguB!CRg`1lfPKJw!veRYov+X8a@2Z!61T)>2
zca){y9eKY5KD5FAGz>0<6zqmL$Ou?fO9>#d!bep0Qz@TdPnv;U<*C*^sJOvQDj=yb
z0OREAXp5M56-L7WX1i~HyJb~URwp+rf|DQhA&Po3Fa^OtmH=gTZuyA-><N8BLP!V$
z2+0U=!GQ!%<&JsmR*|0#{Vg}cq^^UZzRu1-m^bJJPU<i!3DHZG0fB+Ma8+;5jtj$S
zhCG}gHAmil9DEQ=`e!F&I!f&2eZ|yMX-BhuX@PVgP3%v501hM0ew5(Y|BTOwL&+39
zF1v7pp>lY-#iNWcQs-8UZg#kFz&ZJI!|D$y%=}`s4(0loo|n~g9)IG({z?dUNs5{l
z?eQH37awDl{P%gk3U$=V%&`bY3GJS|I|}H0s`2&lGg=a&(%&>y9KWD+ULck*`^bL}
zRm^2aL!i6slVa#uY+@}kL56%sFcXtuW>T?Q*Z1`N#r^u<DPr6kSN&PeTi+dg?-W=e
zL?o+{V5i&i(jRkFlIx4gV)!{Wmu-AH{zM%wKAsACCTwtn=#I_L&o>lz(e68-pLiY#
z#c~@x@A>NT`Yxm_`&01F>~&?k3d<*m)OL$1--DVGL?zOYv6bOH0jGHno?2uV94FEv
zvJIQ5u~^mb4WtUi!zXe_IUT-b@qzJ}C6v8&mpOzC`b-IX$7gu$>|kTuJS#;Ky6Ymf
zCTj5+vl79~4JB3mNR`pp+wPQ|daxJ5(~*R<SSDO&(F-9%vKU`kPNVYs-sHfbYaAkR
zey=1cOz-XWOj3W>$RY$=V7>0F88TiingrD84Lc$`cmYo~)P*hH`5hY2a_9`xy1I3W
zEV-AJ34%ExBQ&hRDa2s6N$V=Yq+tUNTfy(FEw*F_V^##!BT!F-<%b<3-uwNZj?%Qn
zeV>BUE^<v&GtXsi`TlHsj2FySjP|1#gCMn^$#S5weN>W*amKY7v4uo{lpUy^$OTO3
z;D??6@~}dnH$yQ-+&994m+m9?55*Y-@+Mfwi^$llnK`|W0da&E>h;~^rZ6tX5Le2^
zNR5Ua)v6P)5Z{r=h~AZ&Oe{uNA0kafPFAgBOkv;>KKS`U#AKrUcGni8()*+RNFk#$
zB#0Q<)2u3b28QrQ=kV_t)v%YJsOb4$Z;yu48Bho4kAD!?ZTcJ^=!lvfBedL5^!BfM
zcwCAxUO49)4rzw+;MoFp+KjXk{!;fE61)hey?#ALFOOgYl+j(Rg=0KzHxMsOK&4$K
zvY$jY{{5x<mB$Foo!vLzu4M0Me-Dl!^*iGNzkNGD*BYKOaDFSo`E!I!4L;2iY0l70
z72$o-@~c6lE&cv0pZxs~Uk3X7%WYl<wDR}>%~sHvmt}q%)`j3VEtzklCXo_DZ-d7K
ztv?)MCF=O4SLDXAXbsG)jSN^w<<?`2>#|azN#FBR+<M%hEUw})W`sWz5oL4<FR$=$
zbrltF#K*hT2&Cn_{ynmE4U$q}Vx8Q!egS8`EniY&u&u{D%6pa6$4xdc?CR{b!lOWO
z<o{nAUUrPpHvBuW*_6-2^^B^AGAqG%{?BJOhw(q(e#)h@ue+A@)-$(x7z1Gcc?ka{
zgxNhXu+JJO-&|5`x4s&W^M<6b|4TCkk^Uu{x1VoX%d{T7O)?5kL2^YH$*)a6&SNcz
zQq()^YGxF||LEWUapll5*A5G_oYK&E&n<+9v-{dE$drx<Uj5Hg{=YW7=+eeP;31?o
zwyf$8S^pm_*(khIcjIz!vX**Y#bf*R|L6Nl${f+XW;sYg+GpJ*jho{2Oio@~qkrGu
zKd%Mce1n?>!>a^5dUA@lJlK*}SEwF0PD|L@_}vOYwFV`hu*W`sdkd_;0j7EoL{q;h
z7lRZ<k;1*5lZ43AU%Mg8pu_nebIE_6)H@8GlEa4jUTS6q?Ug6L>dY79)c|7B$lZ(R
z7>KxW|7|dbA_Id$e5lFs|H8cGCSXnpN#P>K-F9$l1p#;D+NZVe-nzdBhdk)p8C{$O
zL%TO6{B|dAIK}@GOaJ`TZ7Zpux{Z}A16)X=3U=68V30|0Laru0{q?B0tPGCu_5c0k
zF@pp1m<^lzOzh4lScav^&9L#RJn+EU)>5kfpV9NrKY?G>8JG(jHbnK>qx}ij1TQ~k
z1(s)axeu${#o2HIX^QE5c;J&p3fd8(YS)34a=5``*t8~C6eXe~aAishdGYmZ*j2K`
z3I4w$0lo$$TUgyoUbSZy7}i<t%LoL^Ff8zX@G^o7>O=<_D8um~DP!NLzx-UD{;_;W
zgWT4pMdQdw47j-F=<TE$P@(cV4}$K-QBSy{?sq+V*1Y{j>||oDDY$tYL;wHhQU2mg
z=9p~P7T88wKLTk)2Fjgkyfb#+CWa@9>vcaaA)dFf6DnsW_)c6FwNXzp{p`Bh#p_Jy
zw&TH8NorSF*mA5<dj99>Fuy6+T;-WTb&5t<q0H{(R3q0$u=rdK=)n0rr;y*};3}5l
zH~AE2kL}S)7cX!?6y1pw_qjF)uoFgxlK-UZv^PT7-obJBe>vnU4%kC%TPxs5JY;Qv
z-Sqi34#bCR)^E>|CHaF-Yn)8P-CWzTS3t#XA-Cr1yh$!o_{PKt5>bhP@V4IP>fB;i
zRS5~0vGA-}T3I#da=t<x9vpNhTXI2jTn2Un=Ly$!`dY%s<Ql%M1LS}MyC`tNjTICA
zG(GwCar&!@?qO7;i%9)xx@ekGMs~nnZS^mVxhtF~<5W*Rd>nb-n1Nm<ED^ka#VC?g
zD;%$#CtRg{`Lp*AK|EaK1P$_WeOTR0#tNgB``$wFt0z=ZUh-~<hDC{WVYnczbNAqX
zE@V?{^Ih+WJ1>8B=Sy+jyvZ7tN_2CuGl3=i3f1)vpRiWb;e!+zN#E;i&C&EMSVRyz
zwcR^WY(MoVxIs4T&V7K`^tz_S0cDz6U6rjo+UK`CBE!0ynYp`o0y1&CNIpxUoCi7D
z_4gVh6G}VV`~2g_oUFFG#U%pC{fh#5GhSDCfY}!Q^){L3ei;+azHrCfGatYCbKtvF
zS~wfXNXY<7|GlwONkGN@ksiT1`}=EcU0o#LN4$H>0|wJsGk6y-f)i>DAO8?r1ST8i
z{~os55v*Ec0(;P^1>%+i@k{6iubFgIw;qh+qC)%<r-(}w16*4Jc)M#Of!r8MZ(gE(
zxgavSuFkwGQ5+g3lLvdo5H@N>KglVMPnyHvYWyPYJ&<=j`m(eFcP_dC40&3b1t%GG
zSl06$@PPw?$Ev~?7(XVed03b+TI@jE#Q~<60oDd=d0&WDM<i!F{hL3F;6$)%<aSW;
z#OS1>K$PIk5p#jyA{}r#(2Jp4y8mA{DKrF?1|Cm&v1RXG9le-m$Gx@h@Sye4rrag_
z_QvrpAp{|k>>X-74kIQAb7M)L$POPaSOFCIehd_Y%iKnWV+U-2*ftzoq9`V|@Mw)-
zw_e=*MHi@=|K!=xapz?U3VgS!Q}T<~?r6(BFn~dhPs*-BQWog6T$w&pV!w3;ls=_v
zHT(FH?fSX;t?|iZI@)dhhe1SC7_Ss$9TJ%4g|;ZJ-P387SNVogseVzx-0}ZC#+veq
zsV<7UzV|-VXiH|Vj=Lb^T;HfVeT*=OAg@XrNY~zre%ap$w*unr;hPfc9R2pUD~`od
zb8~azpep2u(IEq#9}5H%KmrE~Do`DD!Z{6=wXE!iMp090+*`;53Z3^V1fGLlfz$V&
zaJ&E7taE`5E(Y%18_0W_^9T(7_d`V^*r740)+zMAudQld3;(R-u%J&}2?_Ru`Fkn3
zHOl6ly+^DU%Cu%2&BjW@CPngw+TP<Fo+_TgQO<1!2G5`*Pc1*5S4D`;hwMJrnLSUV
zxG=CKXG-hj>a1UvZa)8s(czghXP6X!a>M>VvOS!<47#j!U0vR8Zdld1cXPgZdF_$$
z^4i75#)cdTwdv>Cc;=cqV`FGaK|3?Wq*s^zca@kedF5O)eub_*;aezL?s{Mg%g)E4
zG$1(9hlh+M8Y?D)gWo#8vpr8HgJfZ!h&Lk6v-e;htJfSXZZcFDwtel+W{2QLj_ul8
z0z$$U=_=mfU@c-Z(Vr2+3<m0J!-WPj4VR#9>nYufxhZ7-*?1rm+hT3_K9t_I;MK(u
z)83n<K^-y_`SiQOH8T5{8V?@}<fy84n?6R=;Ps945VZz4dF()*F8!jJMeyPOXqTjX
zsxLT6e&%L>%fCDuN@IM4i+k?O<lK@};p$LGN+&F;V2guS9amk=SZHl+hiPfw6nJ-Q
zyt3AdaB5~vE?|}4`vQ^9>R=ZipTOpn7j@U#@w%9>{exNerf=)MU`@8lu47?sourTu
zxU^||{^aEF0{-=myns9qiNoC|vCt7`)RjxmqLev#P_QE9+R+-$M*FydVE43K^jeGZ
zEZUnSStcSNQ1s+uR@Dh$Eu`1)#wN`E?;1Qir;ou;^VlE6Jc(D2ckbGdF;3*+AA^jK
z1O(M1u~`{g)%Q;>4wqW0jkY<l=53Oc{)?Qp2J<ITCIR?&#oJnt^Ald<LiX11-49fw
za@$)*Zxo*`?A_UA9gW{zuk5`2Z>bif>^@}-*X&)6`*YiJH)CFq-)5JP6X324d^8KJ
zi%i6V+<S|}MwuY;swu6hBN1x>@NsD#HV0M9(a9m?mHeqb)v=3c-3`l2S@1iuoKxZE
z8~g6W%2yRUZ(Ihigei*lZ{e4da8(tO0!K@%k9K<kF{nPwher!QF}s(%+oyqcUGwFC
zgkI%~3^x-Vf9G(xK8qJn+K8UXLs!Zs=q@SzTdUNKKWE*--@LVq{jD=ry7~4$Rq$!u
zL7HH2L6zJ9@~`BNhUSzPV<i1&s%S#k@Gh(8B2npciGThFrsfg*SN`{($)tQ1Q(j6X
zM=So?kmR$f9S@=#UmVj!4<ieaCM|w0dsMm<xZ;TS7j#<um}zL9Gs#g2%$mx(r}u5W
z+s?M*(>8$a8m+<j2j`u!2Qh12gw(g;538aUn<W8=1^HX`(qTG)KXlsMbl8U_ZO5pJ
zok{8EP5PD>UvwhO&<Vn%S!&SVbrD&T$qCkDevy7PuGDs6I;EAz)K7v|r%~?9qp;<x
ztgnLg*(P*nQrou<1nd{@VW2L|KYyKbC&3xX4+l=psX+5p!Py4@KQF#Nk2~`4=_*#0
zDKtfF6JucjUQ!L$+V~2DaE^ad59^5zGyl$Y-M+UYRa2N#AaHg}a9pjMNPSxLFyt&M
zL!~4dm`tnnqkUc9mtw?)MmyJi!dP1&5@(fCIx$WZ@gBZCJlc^^^%)ola)DUKOC%?U
z^uc8QJCA!&mj#)&ioS2KfhRF0)r0PepZ*{T*83|K(}fjDQsup7pII{I<_*ys$LA#K
z=s%l#3RkSvms!kF-K;wI@XD!+2^5luo~*h<)=a^8b{V9mSUtOHmnLV4bMCMps{=Oc
ztMZQ!RY(6CA?$<@+vztwDTpic62zpE?G0$i6z0s$k(zREE0qyqyjMXqunBu~$Xid9
zJ0yf+?bS$ByS{+kS_iaW_q8VN{HQoW4^bOEm9<WzM81djPWpIpA~~$D3zymHfS;^x
zXShGgX;*t8Q@Ee!#Gte5BrYIXdagF|S?&HoYbU?+ta+*JAy(c{Y%+WVqSc=hyf}_g
zs_#~Yqom-N>*=o#fTM&|or=6Q)#1JoC5XWGk1kAhNGnn)w#T~?6x6(_7NR@^9ei)t
zjdpW@<l~z|-bWHf3f|XuO$PHFRuGru#7@M4;rsEb;G(*^I+BpSi&MX?scuUriqDm`
zLUb{R)g^vQR0g7b6C8i_g0=TTlD5aiX3os==-{cV`A3rSNWuqzvrevF7%8px&@?>W
z#dp$R+6c=Z#o{D<|9Xm<*EVc5JD(C={4o3lGjAqT!_jy2nWP$>GccS6iF_MFjGeyg
z4<R?|7FXFaf9erIp`1M6_q?m*w5oYEu<7>Cp5$$B@9M68zrxHJUM>V`v)X#!h`~xd
zoG6XFH&>sQt312&;ztLNLiXPtJ7Iwc2HKR2DizMmn8f8T?|wW7yKVOrnbX-g!nG1$
zWPDFmT0Uusc9nxu{fmlM*W_ab>PPo?e!OY6nzn^_G|Xqfo+LT_mu!tN6D|h$6p#@4
z-ALpoQEu+gA?x|A`h|q8aY0Hf=p$Y<I698v*1JREN{)lk3hg@#K8fZvZS$&d{C(_B
zl+cQLs?KI`)Cqlb3D~_{!XT|%B#f{p6N0#OpFc>e%?RQ1Z}Ro2?XThNdgmXc^%`q6
zdlEz?YePq?_s20VR%T`<vxsXRgTGOKvZYTT%c*F10`9=ZDrJ3|9M>PLmH+Ix`q?a^
za|!RCS`xF0>Wwt4m7(=~smETm`x=u{;M3YY9Df$h8+Ef*Yx4TN`avYGX2{%NXMgou
z1QXIX#pR^S(lk8Ik0NPQ%&_b-58YFLW{#~Yk>2jkc$VMqc<fz?N+hcD5iiL6IDZ9>
ze3>NMB*Pl=db}VyDgDW`tjF%l(9I`%IQA|?HU`ySSG*kxOxZ-tyjQjsT)5h7^|P28
ztR^-Zi+Q44eT?(=v`4|_f4Y!20ly&i7mnhQB?$>aTO*GG^>u`^6*a7bb(QSWgt;q{
zxMwHul{%uxOO!~|B*$4JnE15LC4BHO!=szzR_$d-hTXOfx4d8?Uvftn+9w}dqNGX8
zd^FJ$iWj&fENIZIc^#}N_N5=}`AYtbFOUk{L;RvyAI)i#kX=kZhL3FNus-5N`g8Y3
z_0nDW;>J8Cqq;q*FhkC^z5ZOV!n28*kTjLv6wWm9xWjWe-xfn{UY-g~nk40;<lcqj
zs#K-81D+A+qCHsQS!>q#P8RmF-#K;2V0#*qYTz=$)1S=zz>{DJjBak<V`?g0gUl;H
zJzIc--Q3-#14!j2-@6NLhp1Y^;o>XTS|f@Ip^H4*5*1QiU0f-$+81Jzrlb;5iM76N
z2H8Y)?Vse@U@V?4=8%X{_`k4Er+kq4hM(VJGkeeSfM99gcz_28&-)M-`;d+w6V<4}
zaP-#Y$Q*$<RXJdULugv~kz2^)0&`K+#>7Icx-eviT(H~lr2FmO)Os7h^4&qp-gLEu
zGvd-uXZ#(H1dKR2I4l__soJ^a7W?;)*LjX9MYefOhpQd~cf_n%$q82YG^|1=1fKB~
zqSIsYYW%RAuuYiAR6eR_dQ;AQ`!>q0E<##f_6SU*88A!P&>?98^6&!<y|iMb)qPKY
zGCf6(GR85lzbpXG<SscvplTwHSntl$(l_*uy9b{^7Ew=O*G%2|U9pN||Khcz28z8%
z9v%H)b(G}WKGSMgjCAr$w?mD15@bkO-^jwu1@WZJSfD}3t7L%2dtPA-mw9FT%FDt>
zVT=KX=3DG4#gU2hEl?uz59cGiFz+`_-bE?>4P{o=B?{iI^1jzs?<o1)>6_4;{BoP;
z<wG&znF?ZsySIgtQYw=2h`=lEN*TVd=M6=+l=t{4Uc2$(xh?GrH3z6KN_S<--Wc6p
z&gp#dm1we~mbm8J@pK^~?+UJY-e~8fkyMLo5niTOO<n3%qlQgG?)6Lzy(%B5Mm#h3
zmYj65d#sqJllYX@Utcx2r-RU9>h3$$i{f05mfFIPsWU%L5LT~<{JxivlE0h(I9zOM
zN<DnLy{PtUxB2CpcvKzXkpl_taS>C78^w_!zV6u3*WC<B(jAH=EGmR14>r~4#&l$u
z4jf)J@J6$x#FK#IVFEImy#1+D>731-@GH`Ko^cVH)%twSIN=2f!`5+|q|VtjR-#Fy
zvG^a%c~xBlQn?izk91IOWn3SH+%j9M2Pi+#OpW+I-8oLKXP}``2yf`~a(agH_VyQi
zM)DVs{dDg~??T#Ydp}!=<Jt{i6{c4HKepaFAgXnJ|HeR6P*RW<1!+M*IuxZ-IwYjK
z5s*@m?oL4^6p-#5k&>2fkZzD3V1W0YefHVkbI$MO4~ucJX3bhp-1q0YE;fYZpNv!Y
z4>bmMcE6JgPNLge{kycw`_hLcI@36#`!ZSRR2EUfl<93vziC83j@$GVzmb5#_Gh>V
z==6Qtj6V0!dlFjh4khQ^MmB~6Z!tSJcS%G3alQ`X?dFzCQTceqIfgA_JW%UVE~nST
zZHPE&gE}-Af_+OgV9UO;zt;QFODNeI=3sm>GHJ9G;W)reQqlZn``caG70aW4IiD|<
z4Rc(GV6&wHIf+GoJb<x3r@i}2?I*0B+S=NFk17Ou7Wz=BpBg2UfanM!4rDfuNkD5M
z{!Hp)SbBriy9bXQ9+1|ASpJpXzoF08FiILZKXBqhRXcp-$!#;%NnU0lT$a~nWYFBM
zx_2%(gE%GUIS;R^xfwpY3WV8sr~uxDAj@};c%`mx60vToQ3Um0WL2AB+|>GLX75rl
zi^tF$Btau;6n%P@VAS}Er1}&7&VFqVXHQh3fMbum<SP!-%_@nuWFB0(dYevUpfVst
zO;|Fb*xOaf?B>_Oi*dH5;Zj>PJ&%`{OCtYMQq^B2?&=s0Mm;UnkC^ul#t+7Cf=s_%
z-I;*e$^Fl78nn%|Rbn4Yl8C>0fgY#VEKw?IKW0IOm~77z5`?Rr)}+dEVz*hho&s7y
z%E7R($YI*nIgw_1(QYY>dY72xcpgc(N6q!#M6TXsXfHbjVHXKC`v`D9)he^P35^zZ
z_z@q?B7evxb3_LGxw^>q;u#nSk0M;?4_>{hJ`|omnQ>bEmHJ%O&k<nt7P*A?;)G8t
zY@^Pr^IzqW5wUHyLGIB??}>IxD5Y3-RJ(ItiQ{Zn?)CZw=OwF?FdfkO4lZxYhKc}n
zHRXx*t6Ywm-^HrOFEp8y-Ialg3e#Ct9332gsO!1%tDg1JiFZe%M0g^f`%Q&3A;ax=
zRpKWkKN4cMdoc2m+EFfpx0WmE_UDc$BxlvHMlOa4DMl4jJ&^8`&3ng9{&LdUc)&<>
zc25n_<oV-s?DMiSe8qdzAwlQkYsR-_Me<PY+LmT2x8+6rf@EH{(Je1s@_n&?a)|v#
z-1no7{V9}5_C4&pKkjVd#!7QPI=ieR-7v3(M~Pi8^Sh5z!-e(Xc8#!CP>#=s?~SUY
z*4i$yQC77`B8z$dYppRE=`J^UCo~zwCe2va>#;;A-tV(U?NB03En=e{-w2ST*su8<
z7<K!!20u2oxrh3C7q?e!M$37T<Ey#YsJ$)=T*RT8!71m}q;Ed04bmcsvJ}g=@Y4l(
zF$#08m9kxkPkTFjSK}3F%kZ1d1F2wyj{UNVv=otg+a*N#<%&RQQO&C~O^Eo(2iP)9
z3bYkIJ5OGJS-9ZC?T*muzK-bXtgXLW)<~FkjhUIb+GXPh2nbes>vEsW@<0`1%l~G}
zWZfN24$~{&TgQXZ<2Ynb>&!yQQxF3}EeXkp!%ncoiPUnHNZ)+@`W3fD1u>-_lFXi1
zcXIRBXE$YxFlvz}V6QDl#?x0uE@IDtCSA``M!%{s0s1Nn<xZKn2Vaz152QcKWLSdW
z5#5dlHUv%UP99f|@G3HvWaw171`5NdTTzQUG^A$6B`&?%1hdJ7nHjhPN2c`0`;3_r
zc#X+0MvFZg%DWJsmFT*g4j4VN#8KDMb5xja_2|`pbeTRg<02a?GjC4P8}eRO6s5(+
zb#Vc~Qa9{;zUt<!N=N|u>XsDXvh`K9#IJY5Kb#^HTy=Oy#+4^_Wx(H;DNrxcW-wRV
zKdvho27SCY;4f!)7%qaeK9Sd%9T*xSE^sh*KAETjmDq<Gv)*sl^mybcK0GuW>M?3d
zNz4phG{pC|o?Bd%hMfm5_^nUrF6<q9osOkBTdJ*63cRiRK<R8beDQnt(2%~n(yYR-
zYGdr<{f!%sfzPc(o!q)fEtDgJnu4(LhzK4OuR+3tBF)MOERfI5!N`G5^96goEZMY%
z;ZX9Oxqz(;3|n(@Dk@x#ORO2jyC&8C7ovlqoh>gPxLaU+GK-x)TmU7fI}iq2eQ3b4
zojic_CgY5Pchyv}`{@}eTNtHCHc#ENtPoPt{YJaTQo^R~36XNz<)3@a_HtqZ_A=|S
ztZXpjOtQ8JDRWi!CRPs3J<o)WPV|6)jCoBg>TzY&?eYBW%6`2>l+ZFIk?LjzKHkd_
z-CR|ITpryg7feS+u6NFQCsTTUjJfq-`5OT2?MoL6DDb}cdLH70tFK~@jFHtpxOn3_
zql|Qm-lH^!^TzfUQkO5*zAgxoibQ(4ZzxKWP2;{lrJS*#rdz=-<T>-)+gB5hPRfnV
z;ASw+6>*UYJvUrpaS<;pc|-E@*9K3fQ(2y`Lw)|<L!lLHyQQ+7(+>R`*1^nc(#Aez
zUHVe@=o;WUY_P<-KCb$0ACQ*XtZ`&X^Bzx1ok!hRr|<A7%K)*{j#-j4eqc}J^;>yb
zT&+`6sdODU)EI?@g&&RD2+*whmC$6RmJX7hC}X!h<h2=m@dwLMZ++^7oGpguD<}mZ
zg?4@HX=YG;Wfh|W)0N9t9Of2TSBFo6zyJkcUQnQXerM|jQ=!|=yi`!reWl^bz-Y+N
z;pWVe8<P2PUjx={u(C>5D4^<0;MP?CJeq*Ua9z$sTf(Ta-2-MkL&+cMuVwAae#j8)
z8qKuC{cMP{Bq1f8mQ8v-y1Qil>nkHBHj(~r!P?K%jXA`*ujEap*dW`Jz4?|dZ3>}R
zv+04;K*lNNiaW2b<3!8Bq~vzIM+z48SRV~AArMc{c+XTZVDBS{J|=3NgX65n<{;kz
zu0yf$n(Z@>-(!qiEFrp{C(&$ry5ixeC${6gbM(j@8*3eCYdd5H8U6f?7LMKsQ>|2_
zNtc?A2}1mG?<dBX?~V;#>d{-Se*lOK7(0X<nO|%TO9TI%cR<P%zZ!J7PNHPPHB~>?
z3Vtm&7JIBGzFv4aGxMSrb%J;;!pNGvjqvVXU$?S%wx2l)ZgO0l+Yqypyn0XKylK#K
z7@EYHQ|itT)e}hT+0WOQ+b~eHbKPm|u9RK`K0-90r)ia$eS>IXdpIq4cw}1n-c6?H
zCIQWc?pM-L51u?m1x$Rqd3<6N?){tP*UvK3&5&xWUS+zoLps5uJ+Eskp{%i&7wbiS
zo1rGEjyM?a=_V6Bua}3o=yTzcR*~<A+|q$FTj}7weSZH8kyawhU072W#h~{}Qxk(}
z{+-*6j|nrUpTVC&&CR(?S^Orw*>jeaZETwNl9X{4{o(>z2_y0-Z>4M%4NcA7jpS}H
zH1nTL)myb5wkX@%91n-0D2I`v_rxT&fwi&Rm;6a(u6*d#_Z7>zry^XRT%o5&yOejD
z2O8TFF7i_Hyd(fYHpj?0<a^Ec#P{geNs6cy9Ql?ZzL~cDaJw=sQ<j(n@i;|BqYgv)
zTJmiK?a_f+tm3u-x;3vpT=4Plt1)#U<KYs1_p7-XlZ1pM$o+McfXjoVGOI=iwsu~y
zj2<(!Xtp)ULgBOTo#2NYzpS)*A4{C4n{7&?^iDdHHWB84&Ys;x<*LuyRcucifABgX
ze`3kRQ1LquL2%A>H`hN08`{!DhqSOpz$SSxqdg@+H~kKe(Ez}MPVK^gEk7LeDu|b#
zcV~Cv2&_e>%ucraPai`_0&_fDOMAO?g)p>OAvAAhan+(w!Gwngo~j!|+8SpkXk+4Y
z;aDv(E34TqYB>FJRCQR|QumkXHx19k#h|Dxc3xk%9fH`z3G=4T_jXT9oSfJz_s&1F
zMp=|4RUR&i<^R@BRqco`)bAzGDzynOD|-avcgA#uXNWM0t}mR@OaBp*^|7uSo&DaH
zcOtEqFP^#0me6t`CWlsIXLUQnl#a{GO}@tRwfu%ALjA0FH&`1c#k^~RIgI_Lu4=tm
z`qZAg>(5-9A&tuVIdj=vfI;f#Q*Wm981K3ZtlZy6Hx=*KaD1`(C2)FpBq(gYVisGP
zVf%w&Xn7>O;?k*+**Zef=DsNkBX)-&^Sf>RyGHLHS;=-g4+k`E;$ktUJIF<D)L~sN
z9c#k6nEIY!iQYe&W0kjRjzsh-&9ioCq^xa!4kl=cU#?7xpH6M>&JC=TeAB27klvd7
zRUtXU(Qe!kb04s_^@%cn7EKOAOT(w2eQ_G6q=<2Qbmhjfe|SZF!`acSj6(3<%Aa0C
zv{&V|xfVrG_4{lja+ox=w+DSdST{6}YE}q?1Lyi^$y%8w3^O|Jds#Lgv~b9NZEg93
zJ1}8FVs^GhgL*~29Str<s*wAclxLO+3J!5ue=0?@T4@#I$rGAtYtf7ZByOZ|oqJ!U
zIradxtAht*Re+VZ(p0M}!Qro&d$0hgWmXx|_C_v02X`(fbI7rAvYL(y+ZbON0t@X#
zLL9XDsQV$cKCDro3ZQJ83?J&y(9q?}WZi-LW7FUowiv7+FBLdV1bh6KLm}Dd)*tXY
zV8tihQBFBh=gAD;=<QOb#>4xlZgW(I5Q*RougmW2>J047&~1J*A4ZK{$kZ=*Ldp8~
zd^V>nNS4&B`R$P3soV->0=%Diy?&2pzNvxwIz)E#DV$`034>VNOF+ltx=uOcd8!t<
z1$m-Uo&!}Ohw|daq^G*3%M4?R=Vw}0OR_XSR@GUa=1}#B8F~ixOB`d5{R!GVigfv6
z@bh_e88<AL`@`7}Q<OM(xo<8u(I>4D$!ewX%}V45d#2O!(rizh>WHs36*o&z(dP5e
znWO6GL%bW@7E;PaKE{k}E?vUnXT-&-z3xx)>3D<M|IHG`0tJ0a&t>0<82qLuTl(Pb
zIhpq4w=nkgPL)MX`AwuRp6J!c9fJ0rv5}EKa%ktu*K)S*up;>=a(#Q>(mPei(`3&T
zT#D{6FfeEuSPt!3qEjrub{{Ql(k<p2C((<bSFqWf*iL_DuTVz^_Tp{AxG9oC6*ki|
z<7Ym|as@Uh_!*SSwGq(4w0W1EefwNX@+bKwaxzn;ZMNDOIv!4&W0!El-^r4lNB0_T
zOq3;4i--0mYXdcI92T|CM-W|@b&xo=O~R~o85<khC#`Ll<bh(b(Y5rGtC24Vgr5o`
zSj3yJ*I!AaxmJE!{=sj5jZ{vp)@!3@pPXl<cY}N=PcvH^A_H0=AW50a3x+neTsr>y
z;#<{X>AiLv$Id?G>IFK65a@(9%N{EW>G9Ud{><inurb`VauXf*_Ri<&9#y+cFj5Z2
z+UsOImQpWXP?(sQ#5_=qYKv|mgxrlXavlr@l}bD?odPsd!ggAx=1||#QU<8G=mFEk
z&U{FIji0Li(i5UrbD!4O=bf;pioHYY^q1+!;$dpSht}5CkRiu^da^$QiN3Y3K~ytG
zB>FQzkEY4=qZ6uBHreLKsoS6X(o*FYo;B-j)djy5M=(fn-#VuAd_tOCg-BO=?V|5y
ztYTO9NIGx{h9*?~bj-WEHd4VGf6{&lc#W04->KKBVB9S)XT2$+!p-WXe9K;WF-B+y
z<9d%@@n~!$!t`88JaH&U;RS9%Mohf${_TnT4EJPx?lrVfw5TcwPQlzeQ@M@Io%hAO
z@$s43pU#WJx}u*(+dZmiB3tH^vp?EAp<^6-$%(SV6HV8TU<>*Btu)c~MWW2isZrq)
zh4FOS+LJC+R;z7Li<tiU^AT6Vvy_6E=K38`shE@b_k!N!7==p@UW6+kZE8R1T^}2|
zD6Z~n>+*E>MnwNLT|dUH%%_1(v~CV9Z13?z162M@Eq{XuuoBl54pGsm<)K?UcJz)W
zJmR6065%$}cw}VlJF&R{6Z7!*Xeah%j{I4>e_uXT8tjBz!O5k}V&MCrDx-uWsI*~C
z=Ok4Q0fG*YtApX;QCn0|(oc!bD(Otv=LBE^mP2o^c!rW5-J|69emZ^TV>VDIY+~_<
zoX2)%b#RSBs8pdq<+CKUZvAU9D2v;%Y2euwH~?p-Y3pv^!&U?<PbD$E>$i43+9KZK
zEKifjU}F=r>4c@H-_zr<xXQqj?S8N#p|5zS5kdW9(DIn)+wMY#3@q$d#xe=Pn?79u
z@wU{WH>9wT-J~=1Y0+n~z4oD`K2xoxt@-(9z!E12J91laJ_7p}gTpCLU>1U@{k+oz
zr*G2;|30nCMQrp36VfY?mb!r_ImrWEj)V%X21rIz%vOPWo{A*Csm~Z<$iNyl*xh^L
zi~d_w8+9!n<Fia9K<+WYO3w$*l$3+F$b45VU$-VKT6xyT+;*z=Q%}Vu`&Zr1U<0%#
z%n3WWOc}<uA8$_)nP8{kv^JVNl&3}ToBI2}3Mb>%T&S&E8n_@+Q8lb^nqn+~3vxeX
zy)5})X=rJI>O?Ghjwd#}f~4QH^Roit0*EYeVx^mp^>_@dt>spb@4sgHV)|U!GaLz^
zE~=>b0xNJYh#oz{CgJ?3r^jJr$HC|I2I5~h%$5&36D!{Q@Wr;@oN)7+tQ<A-0M}S_
z(HJz}`Y&I;9g_`}&ipK&m-I%-ZSH_Fvp^!8n(!87Ud^kn6h6*WJz`EiFXdQfZ9iB7
zuQ1VppEiJwqTnJZGsL19<;1e>mc4Z$S({FN*feNa!>pR>)p6#F7w2?Q$XlWrRVHGw
z__e#;4PC?1cZ*FmZ`a~(VlkyNHX0IiJhFVN?d|@DnT3CQdd`9&-IzpAMcl>2MJ4K$
zh?>-Et547EcpiIC_9LU}*`CUUPj@!qf48`0Ws4mh);Kg?*rDLY))oBYYffNh0Oxq)
zip`(X3%m!9rP$Rwun8?i0dlsuTz6uJI^tw3V7g^xc44xjG1K(7(G3~0r%QS5XWl#o
zZwZz@iNt1@)yqckD9;|Kzx4B*3N9Gh<>oNoPQDvlr*zSM{w43W<Pl=q_Y%&Z=k-h8
z1wT|v-ViuG<Kkj6a;>eOYUiVN!J)!rZks-!(_ePSO@K8FEJ@Bj_<vH6vpD4KMD}mZ
zLQ+?E90U)r!|uA;8D?k}z1j#!`(n4~<OS<|NieB!MgGC>Nkg#nil<-MuL9o<c$$m{
zSIg$xqLYh_+m{ItPwUC^)${Ep{q!^|X4EkbHplYSsd~D)V!<#H0<+BavJkdzwq80F
ze%GS2`f3zJtgNiJnbiIChQ7sQ*z!9cOt|SH4whghgXN!T;VEi`u(G;Z-^8S)Ju~>o
z{KvEU6R*ojBO222Ol?rcb4sr}y>yY+QH@ckzseHV$FM8)Vd(Mxs?yg8EK4<3)8o$3
zy$v2bZ2@f{jeq`ra_YRhbn*UvBJuVm6g$e@%Gw&5jWi7nH1i$t@nYDEO48z}AQcs;
zdA6Upl6PLHwm!KjC^)fg$D@03_18>#470X4+X}Ygr&`=sugWR-J)VID#AG774UR}?
z^3Ph#U<@;GQ`)c3>0nzM0+$h47!a!FT;iA5Vl1<{Hw0ET3e<9|wp<9`K+I{0$)E!|
zUU#ehw5X&c^HpAwhlr74)ZFW%9Xg@c-nkVv(7C`s@9VZmx|1jn*+E1Pn%FGWINZBm
z9OIIST3J!(5i_?Z#diGM*8PhiexuegYuuq(wn$QJ)Ykc{;nMP0reoBc?Z`(eZ(-N(
zP^JM7d2u&t+bg(a-``6qhqNGfzpdb$zofn7@8R#`BLqX+R~ZzQh+7o3MChPp8s1Y7
z&n1YMmbYyu=jbG>jf{>JL&{oQ!HZA`!KfD&#vwD~UGS0A3sDHTqZFM}s$gubg$3Iy
zO$Z#7$dyAqhmDkYd}Sr?<l2c$nAJ{9EG%GX`gA|tcodpn5TDCbMOo}=hghz>eIUfw
z5M8)*Wqh+#Fv4p48dL~o5!qUK)i8>t*z&u`t||UChh%c-uFsZaQN~xFp6;*HS(Itn
zKF?OERyUM+$16vKp`QQZVU-B!HZ#2VDxAphD<R>iAsYB2-mJ*_pEIHJ2}$%{?%qn!
z@K8bj3H`EverZ~gCP4h_Ujm$H(qom2sd`4o_S|az?<K-6=t1MJ|CE9Ks6<_IXil|b
z@x!-P!hen=Df1sMsS7G^==~wA85Y~t9yld7PS;WN9|yzwk5}4ocdvh|dB1qH>gABQ
z7@{W6)uSG7T}Co%GMCbcfBm1+%%I#Yz4`d>)0SN@nd?m8I3-oi^49Xd`_G}bHKq2O
z3bgXF92Rn1y;h{0oQMDoSzH}tKCetGE4$&mHb4jS!Ta~MGrvDw67)hbEL<Y~=N<fg
zL6+@{eBT6=hW&6#j5a;^+M|_2@3l5;`8ZQL)>&_<Bc2+Ddq|}9c0xS(P!qwX=Y>&^
zyi0xrg^<Ng^V-+@OmvNZU#kDR$SAq~yM=!Yv?N|u`}y|qzl({_aYQ90CeCaqPw9JR
z2E__j>y=xLI!jGojw2>^bw8oC^!VTN3h+KKy!F#8dgysV%OJ71s?-{Tl5Wm@udc4H
zqS8Wk4O?U5)8137Z=tpo<<j)$$^TrHzpo)uWXJd3#5(q5yGOlojE+?-GXLN?uyOG@
znW^cYKmVy&^Y^dupE_RS$zQ`Vwh0qY@AW)g-o7_gd#$03(dW!-xFGXI;s0}1xW_;6
zi65yDM;<77hE3lfAL^~wkpQAs1{R;d9-_@~zYdxVe0}b-BU}%~-d$9)BScRHPJa-9
zjZ_?)p7{8y4XCq#JRr#j3m0M<@&<0|{okeg`%l6GIeo&hW#+v_b#+2Xw{Ju~kHp}z
z?!!q#be)rvkhIRyVOP0qrP_ReB>+DD)-N-IsDbG}FGcJ&QGCGmWmMF=?Z%CajTAZz
z1}S*Zi+Y@eQI3VHB_q@G2Q5M$*xTDz4<E);j236S-20#RxYDE7qx)Gccb_;`I@A48
zIc-4yvkP_$?YE*&WCrmOV1@kIYSf{Uw?^M2>pl}x5?nxs)*f6oHd~(q*y02JZND`o
z1QKCJr3?l&H8t4l5#ZtdJi=Z=t`*Q{9})lWCxtg#5^WKvXUk@r#AWWMl{chaz^y#D
zMXg^b{5Ch386!274&rS-+ITj+Q_N2xN#?fw4a*2d5+vfIQudy>=JiNjA=H|fmj9jq
zK5}G!Layrh1OwlROsITH3dgTXd&2a#NgPrRJUl$GRf5fe-}vdN-ld4P(NX>6#Kfcm
zgiQ;jh=}NPy<D8eB=&1XgqP=w7n4`7<NW^KaOp)|4$i0Y^5U!~K7OvRiRq!#pUh)h
z>^KZ=!ZDwQ=33>923K#Xd{eyU;^G2U*fJU#yx<89UiK5u#Ome%0izIfdIPMbQJ{Lj
z!0)IA;k>8+j7tAHbxC#6DZeik-Yx#4_e(%yrf*{-*qTD;Nc@c@kJsfaq@f(fS@5!!
zoDw{;dl-epEG#YjSm^%AD6qe;FG~Iczdd~ZEn%e1VKB+_RQ$5Goy=lYQyc0`;QPSm
zXgUY$QlBd~_QQIM-IzfY_Vdq7qwCHvA>gG?%rwAh5Cuz4nZVFAPSyYCj*ODYq4m0V
zZ`!kT-oDW<bfnyx84R26ad8plsdelw^=MRkT<g&jOo!Ai>IwDSK>||BSQdLN4K00h
zbKi4I@4HiCzg-S*#y?;*&e&aSlK{+Lv%-t@?b{0gBNba7-UQ$=+a)A-xWHj!Ox1wv
zVN-MSOH)$`NxQ4S*$cWK#DHxtt<1Ooxm#hcd`DGUNbj$Bhl$6=88MFU;2IrlO}B#T
zRWY|KAUGKFah@8d;m{uL=9kdWd*Xz<;eQ?cTS&Qd=3Q<z(zoP*WasM$EDuy+L(!Jk
z<$%S@WeXz$kXS1#D^dZIl&LcllSK_}O+wOJ*S-gn96NqGEB7Sd7<+X`uO0<mz|;;$
z`%(UXvjFjIQ0zZ@sQb@o{_l&)t_s)i0v(?v?X<bEv2S<<F6Q-WLtE2u>DYu1gBE4)
zeSOi-PIrocoYTOU@b%DufbZSi4f=IHb(b1wo>UivQwaUoQuq4uLX!<dfgN@3E}A8;
z9$DO~^(6nH0G6cL)9#0x4{cBy(lHEAU<A)rDZ1;pc-C11={!eu|2~a>Zn~xuCDv`r
zkYsI>YUd64EZIciv2MtoP1{)j{G0|T*tCJ+Ir?x$rBVh^cm4{!UtU&1Z#(5-b+VD8
zI}YB62h=02V2^y8T^|o#@Vl)a@iqA&A#CR6MoUbkRt3O1)^VxZ{;1E`3uR9PZ7hga
zkxAPV{_h8s<~@?4_NwZ`g%CP{t;AjayQ(G$as(vgtT!eNZ?6){srln7$ef(t?W(`D
zxJc}@(YH?>U4IQa(kp$L%!`X@ak;{tt3>i)H%l#tQ$5^vm48isc<_Or5Ffw0%u;%m
zM}2dm)N=eSh^P&Xjm4%w<{lD4D=3)a?y?0^s&G)xD;B;HkPnk5VpYOX=$WNn?;mQ3
z1Jy?Q#~OhlZtnS?k%Y|5mKS||ge$}Uxp;rShqM}!PfWFO<3;N^3#N&Cm{(oD7>ugQ
zv=<aEh<%OZdwJfIF&Z%4mnk!|J{y(cIq_nW;rVA;5;k2)2k#4S&sbj6MpT!r^<^uQ
z7#Kc+IXYl}ZJ3af^2YaE61HnMugxYunASJ6Y+X}l(*zs#hY#B+elV*)_#(eiU^bq`
zx=6eTk46Y6F}w?VTq3tBo!9P%l5w{*kNWb^&_L0{#~+u9me1>dZ$)7e<!%iEibUb4
z><e21viye4>spcKl+r;;u?N{H_vezdD=eO_^chFhP6L>Rbe{7g3Xlvq*Zcol^Iegs
z;R@0H@0%+vSx{sgAGx_pu>$v(HO1ix3~OmLwvEqo2VVzEXZF>RX%jS=f5xbESO{u6
z%^Y>P$0E2MeE=%sN!x(`y~d(?ucePKrdgvYXOqlSm-P`4<t#nq<m7at4i#^NriKzb
z)BnE3_mbXyXkZq0h^6a)pI&4)QsPR{dbk{gyYt(RUn6L@(i-|Ab2Mw0l|GW@4<#zy
z5&h>d0i}^yfqH-cl|9zm2#+=VkX~hXr62MB8Nzri`VxhwTUgnxESVkkf8P8#&)Ipf
zCUhUrZ{duM<;1Wb0ahn$yvM9Eo7S>%hUi7_zlJc6o3#HdVM)Sj1>?W93T&^67E>ww
zbF{mxQqY(G>wiQ(fFCM1G>0jMkQ$o%zoTT(NumC4+4%SWe8x`?XZ|c{++&=gwe4n%
zw#i}dtIW8O8Q#&i)2L37vHU?bateBZW!A`~`4Ek1HXatcl=a7%s?_0sEkzg$BwH?)
zGLIxw^D!Hm+9VIn1aN`hl%t?btRbq2@%35(z$&KM4k)h$i=YE2+6LGztgerHvx}YJ
zuP6Wo0U?ep6%NjTIzB0=Kdm}ny5#ff?UN@s<PQm^r3e4)<jHQ?V*Nq3>Aki#FfafF
zl=0E(K>CX#=~DCQK*Lsr+Z1c7WosV&btLt%InT>Xbo|cQgW?NxJ(be3TGGHuN;`x~
zAQc1^q*k1d&PGNw7Q6K%L;3d^<`!f+xHtHmk2|qWE{}i>MrvkzkyUd}csb#Zgbe|g
z8O<Du6WrzVn|jqAbad^m-cHkCUAXI9q9$Ik0YNrBN(-)k{=6)1W_r)Q2^o1vwVW2n
zzU}8HiWc%fUWIS(#X)x`Q|p}5r00{A;~WC<o?XlnH-PNYn0*%8bHkX^XFCy11$eXP
z^2F|}Zk!fvGhgNY+Sgo-4DyRxZdugYy{%hJ-|y*HQnE>~!?!5AR@h|vyJADYb^qA8
zn9}ywuPyWbPrD-JCFMm~wc#W%n#z^eiyf0t5<dN6TkW_Neu83O7Z5+^eTR0Zb=i>D
z*Z-KW1D5%oCpYH7D-Va7J0@_h1%&(J!<%(iZ(#SAotUF&hpdsYFe-9b?>uu@{P_g&
z_9?IX1AD676K~;<mf=$ndc|&!(zt@V-ij{K^5|a$us~|He*kG{U;zI2%&b}!U#$JR
zt;XwpTp}Z{EH%a;FPL;5C+ZEIOMkh!k-+D9ooaK_LqMM$f*817r%u<pHA41e6mk;(
z$FC@3=3f@kue@Kv84aA|g!Nj3V}pvWLdx-Q(KQ<3?yjyI;Eub#-q)jl1ElCC^2wc@
z=FuxtWirJSyWuC^vzj>*BEsyLir`Pt9>*BXavF4gUsVh14iZ_&2YWz&lOYwG`xDqI
z%CF6js|wNkw5Bh+Z7-taH{~>EDiV(>hN3!X$Q?Z-c9lmjlnQg*$!jDuXW_r^2OmEt
zL_)uzo&J8V0+5buD*FS~V}g~|x0n1~QOIlVuWaUmzqLQTfOZrV|L~fE*EK<nHTe=S
zcy2b6^^IBkmW&#O7#MUxBwtJ>k0JTOAHKaiyC74(HPMVr6IU+Ck22a}-Rk;K<1$+7
z%si!Qd|_b*OF{xGOO_(Ms>*@+=TvuU{VCSY^0pylf>}DiJ$`;%CQ`E0`9*hf%xP;Z
z@q!P6la~bk89IAFUj2A;=4n1zEao9VeOBq67Hc`g0j|_OhUbE|7hvMOw_ZnEg_kx9
z*UbTZ;J`%fB5KzZREu7MuE>aLXA4rRelsqh!inkWCBTD23O+t1S`(W0pCkMQl<#L1
zSUwaG&<4kEoHv=7#yN+25Y;?sT8x)w;7_d)D!s;VHg1Hz#Y;W~`n>ed`^nRqI#IGg
z>eX~zF6CtnGh5f!()O^<e#)=4V_`BqT~Px)b&nr~MN^vX<+2L7Xh(a-U5b|1?t7hk
zgU^JIeXaIPY%pn!SmlMe#1QFCA|11y-#$Z7GDDWgOuA^!!I<>}d)@6;>c~Nh<s&(s
z(FkY1OM0D7ADfBEseEr!F@JitAFOz5db8wyD+^X}my>>%b1-e4`kS?afq}E;I5-go
zuIW@=_it{bS<_3&lD9p6C0%sfu>Y|5X6w2@`Gk}Qx7p~e%#{6bi9Ga~dpNFZI(J=6
zTX;2}X4tdcDs@7I9#`ACcr49-Ji?c)DUT^kxN3uW+K^N;&akO;TiY?Y^rk{a5ww+y
zL3V!eVoYy9i_I7Ux*g%^tx6^Gp0ys#{na{P6DyEEoCP<LYaCN6katzENz=Vnf2f-G
zT*7u7Mm3yc%gOwEm;7(v{~;bqD&f;2w?CwFc6yzX-z767o~>+^TYtN6Av>;?xUHwJ
z@7<zY@^VxbI(-YCUIHSDZ`v;VW6mil6wcQ)FrXsFQB!3Pg9--3WoK*G5F5+H50ybB
zWxnl0^7rp|CaX7fY6=&I_p3A5-jtQy!hnrr)WDbQ?V9Q;2eau1_0;?czz>iK!HoyO
z;nckkAI7*9P(DtDbOVR|>IQq;iOM$HaTgAQ5ykY=>ybpwLI|Vn;)Uvh^OeJ`ZXI_9
zF#iGyihJbM%FY&$j(zFlJTGdzd;r90qbk75hJKG9;B$(I=gRHJDjB+s_gS=yf+{PU
zlHIP|lM7|_JYEq=aXW31gF)^I>DG0XY~5rj<t%(+Dw|(hA3sg^mneup;ak2YOow4(
zA=t&2sXC2bS%xl|;Czl=;SY;y7|ak44d%@}nAASK-Y7u2ZF<xNkzyR4RVqMK;8(@W
zE3vtQ2EQY=;6V?3f&g>HEc^brn1h{6I2Z8zq>)+@dg4=%{P6X<YaKAn1%ovYCc!le
zCKWVyjq%!B;IWH5F^kq`%L@Bl;<{bcvKD_r#5vJ9BpNg76){0c?lEvn3~S1fK(`dT
zOkeOZqy(Q`s1wdCXeaXTlRb1>#i`4=FB+h5?;f<e(?Uhw4G4M}N{L&to<%Y(>XtUO
zNq4v`r0<V)3EE1T2(a2~Ay0ji?k8JS_1+_r$j#Vy*$E^)h_jdyZ+Ne)#yf82Mu<75
zpw(OUjO$fgA+i|L2UpY3@<L`wi^FLdX|Q+2?{Y+vP~N=|DwiE|nW5?8?+pap+<|vW
zKI}-$q%~Mr<d@wOypm#F+GMV}UT51~_2m_6ij~5YyitUT+`4o@{_!j)|IIk5ng*Bs
z%%mj52!8h4kRiN1`Q|ZlV$|7>5JSozMPcVeX7$Z+B??{a%1_{}4D02tlr~<;JD`-q
zrk9VX{ZmZGO^ioy&GS$*x=l+)F(YW3KJRNx2l5ELI8u5l&MYzY%$MMcTrI%3r^L6I
zIJEc(KDix6)-|8kw1krVK{aEmebefKT<MUh(yhS?YNoOz8Xv6R5Xl%A{pB|Ayn7s*
zrexr3Dh7)td-&~8KWJ{CVchrjhM@;M7V}r3yY$P93l=0hJ`d#*`F$X?ZgzPYnm%`M
zsfDt5F0SuvsV@(e;Kni?b6Bs^LNnEHW;RnpL*u7pkyDOI=<2|?=Q_5Nry|s7+5&<x
za<swWUlwqY$>9QBgvqanmx4!YY#<Q5_!w;r!K-_I{u0PN5GiHYY&7-yK?28{sKOvH
z+-hj_ha_Lz9=2c*P|wirn_HluDyF}^jioLZD#H6rih;g~7`$tn82iC*7T2QeEWr<!
zJS_@IqPtmgf9zb&&CW#=K9BQ!SQ)Gk0q_US3Q=3<_L_|VN(>07rPE0fAw8rWlkBf~
zHbZdaU+bfPakS8)f>zcS@98OYet`SonSM9Q7sF{~;KCa#JtO0l&quFMHpc4Wr(dmS
zsD+YMJ42l5V)AAk130&EevxYtx$|a)(|fVtOHab#uB=b}Im|~empv~Mb*rsw-(Kt@
z2f9Z1-iyf>iTrLCAqeZV0oDS-d}o&%y>3fEk0FuQh9&;Nd3W)xT;yF#wIptHoX5Z(
zO*?H#&4^NkkP8F>M;n)?Aytv;IZ|vcbg-S7<+3r=0V8W)ma0sBE_=ju!3*Qny+kvv
zhfY>$s9|T2KxJuwhd9WfaBib0MR3l;W>edpts#KLc>~UBrF%5B?xf1=)US6gk<44e
zl^5KJL2h)v)Os=sa!5H*t<Q;A67<xK=O>P^f%lDp8NDC49V(HdU}$YYO%L0oCn0Hl
zNfdRys&P?`>tVe$ptNR4oXv9~^m<&F{AQe8?Ni<(&gO@QpXnOIHHwyt>3r(aAG&YZ
z9zCElNO*oP>bE4!HmR+)D&K0%rNWhZsf8=?`6%Wp2OgzZaZ&~h{-E~!@ki6fU+-g*
z=_iZp{H;YZahPf*?73>RtieroB9d}#bgxp5J3<65SX{4K#+90K8c(_Q<r}+lLy+GV
z!)jdRY0Xo$_pOg5dTyHx2GPo6Pr8g3u9WkY^k{RGJH$K*Dfpoxn?o#iCTo9L{3}B|
z>(IxpR+Lj;lH`rja}GbgvRFqo=TM=FO9Sg?jVbqixz?*qyGOs67?ln=lzQ^Q;x^H1
zDC!~ox7%(LN#az23S(s~1W(7=48Il)#Rc&hYL5P)bXywPy`ym*U67X~AKfS}%z)*m
zfYGJj@-mI|ZHHcEDYv|m6Wu0}a@5=BFsDVyQ;t1!@Alw#S=Em~h6V<HI<N3#fRIk$
zh%nF&xbzAiOs3B+RX5pgPE=tOmXzG%Vo8Bk3+YCI5~d!;=g&9=TLc67s?p}0CLqXu
zUT-sj_on|#587D8=e6F-m|PkkIqu;**))!8vC?9h*XyA!tCpuLlRU&4JD(&u44Ed0
zK$rVsyD2sdOH>Fy;J&FMotfH!(0lpQr4c$=#Fm!KTx4DTH(NoV2wL`!a%*u{#?cTM
z>GtlF*S44%fL~$Ku^Km)m5))1sI+zsKxzx15zD4qZ}jKaOQ?wU6}u^eZ0B3Wc>y^4
zP~$x=NS!=$W)a1JT(vh~3JCpk2PX9#WG_C#v^#Z4$0#FTc5V6tuUnAxEvDc4whGW~
z=JlG*p!E`~R;@9)k;G;5tl{F(1u(&(J){=YKTP$kZpzNfV>OnJ@7r($Y~x^kyk|I+
zOc9~0GkNTWO$=;Tdk^QAmuR|nc3l?cLkKM(Fz#4Z_xN*&tB-#0Tjlj_O(nWk2V>5x
zg<l-C#vlo~POBe+A`tVVQuB3)ef|LR>?#4G!e$ccofSBwT#w^N_Uzbx!cgUUyvGRp
zfu^P=cA$1whjTlAHME<V0_}@7zisQg<uUp7)8@<X^Rx5w@B7_xos7GpnwR%2!`4UJ
zB83DnU_gGDgp{*D-SfMV>69IX0gbu1AXQ7d)jiF+CfgPqQl!_<I~X3dbw3kmE{(fv
zil+B2t1{xR$avz8Ok8J)R=mT(Pn?wR|G`UY%XZ<`!v0p<^tnYJ2`FRnW;vrKABLe4
zV?>q(UNcEeym4XjDQ=2&uu#mt6Mch=;r6BPUBgo6&L*bU7A+Q@O8V~Do*?ndBDW8@
z!b-!xd)qO<6Nra@iPXB(s8FpOQ+&B~f0+DM-Qn0rOmUTf&n8n%<oC7=e*by8@QzMU
zyt%MZEri#gncSG);DI3LnN;QPT*=q5VOb`+H}Zm7A_i&9?|JnIsfLZ08I^9Pbmi`b
z@s-_UT+c~a^TCa&B&)Lgnf#p3tDvtp0eoS#Z&jcOd-C#piOC%^Lo+pJkAi|uU02Y+
z?cL0QE>+F=y;D5wGRzNxNnWL)$nz{wvFMgicv1`plk{-PwKX(;uN={hdyPNIEvNjd
zRL2c_?Ctr2FYhHXWK{{V+}&Zr@ME*?#A)qdQ$*5@n(c*-4hGmL%z{lQ*q8+W!`uEC
z&!uRfp%L^v<`Od?%(h$&(L_$xb-<oy4eSJA{qz=K)_yRNyblsR=3c8#Sn_JtI`IKd
zk%Q)Kp^4f!rrLotFXbSp0|w(+YZEG0_?+=91NjBX_M-Y(E;l8ZRa582vGp?Z+<>b6
zPn2&kDTf`#&4Yt;CSn=_AmRbP@5~!_;dNW>lpsXZ9IR(rEJ%-xj*?kH(GwTAx3KUE
zCBH!c@i|R<NKZ+L?g}w%9)a&4Y8kvDAFU0vRwzAswLZ~R<I=*s@!rq(q1iG!xQcWg
zKE+zI7H~VpfxPTtI?oGC$hg+Fwn#9NBB$tRoSZc4<H?+L@wUBw`ArI+1C*JVCx?9n
zC+wY^jCKY{Qv{upz?Kqypjk{u=RtbZ=F}YYyz6t6wYN0joj-+XM?IfZUgr;=lm+VA
zHD|>|)>rng7MnZbtDVu1;CvT3<Qcbv$t*}>p><5gk|3ZBIm0isCg^nCF!}4^=TF(_
zJ)el9=NsjNIDPAUTK&^|Dn^c6Xa2FldBsyAca4RWQvGvoJ5B`Ed28VjWFt1V@G)z7
zwzk^n7jbri<XtsVzq>FQ%(;v>jsH=%)hOLYI`WYw&W}8^O~1qCg;$yknAn12lajE+
z?9Z9+$jXut`tqV8MQPy^iLYn&!iMO3j#V>9j(o%HrGdcqxm2doOQ^B79#|(L>>k3F
zxpy2IPNX}N?5V<@^3zj7=%HLKPHpdOe8RD9V@>=9+OZSH#iq92Nbrp0nECRsdgGd7
ziu?!R=<NO*9TfGh+flV{I~isnca8I=3nN35%h}yqRD8BF$7H+aS`{?POjv_SI-7Sp
z3^2^fZr9Pgo@<fwJLe6`*WrI&kiU)p9!vw#iQV7Ko<ln26aQ`<XkmTJ_pnwvL200*
z_KT2&?R?>6oMBs6a0fyQ`#ujc?+ZG&$fCiZ*JVtv@5Ri`&Km7SAdQ$}ql|J?8sdFr
z;%3+8tV?ywG;YIkOMhsOQM`g$z@7l`+X-yqd8mkcXntcr6V~+}n6?GQjL`Iw#FvT7
z(_h(%-8(Pmp_3tMZJ2s1CKG4B-DjM>(HcUj0FtBKrS2c?OxtfiL#`NP6G9YONrSLW
zem<}+x4-dJAP*5e(PZZ*Di*hjiUJSU!KhQS#DFn4js@_WNWgEOgSFr5S0{c3%`xV9
zqO;Tf!NI{(MK9(MHy`eRC)YW*SD9AmLETZbXKkGZy9;-RdVW?vk5FNGd6sw?)86vb
z;Buqh-P4g7EVXnc#Ps_}MC|TaMRffgs3ta<GTpszKadx^;h&ZzCn;ThJCT})uXNO;
zae>5SfbHui<H+0VtYxJqU2zrEU&n^aHE_mJEWF2(iP)9yj0<f#63nbjF-F@nukd4z
z?wZpji}<F;DhUg4X-RF~4<Wu8ptyaXAjLYix8s^4Ho}X|jVk-?Z^?x<S#B+=%U@h8
z|0<d?-k*6{3yB9M9?eW@=hg#TlkSHg3c0xJl^SS!)TC5K%=kjQ3ix`6i17isAB<;$
zLdzZjf<J6sQK7!*v(}%B1x|wxM?_rmQy9t8fMQTcHE7>U3_-oTeaoYR+^Pp=6X;r6
zA&nn(CvvO|`M-Z3!J6!q>0{cH+Hd<C512*iG+iN_FlTtm2P|$aOv`A{h3LLMLp9Uy
zA1Q3pH;Xi<J$!lvBTFvvD|6;eJPH()7J(Lr`Y7HTs2|Ruc@)Pbw)y#9pEg}_WfWGE
zcYxDr7N@m<llbY|$PFx9%7)(F3k41>(Uq+VDbLb-71QN~PWR~*q-WJLWO9d5qHA$o
zQ2+6@`JjV(QSN=%aeRY9(Bu7z^8H9oiJNuSK=x>8YZDS#x$d@!+`(Y`5_5C}M!Q)*
zVGBUm8cxT}9S7!?#Rdx&)lOT@EzXwkjd+{X<L}=e*Ew{6z0l)X!GkOg9!`4k=-0O{
zMG1H*E)pLcFhS7ZWz!xVeK1OJS{aL`9OqsU8liiit)?p_i*X*`rVtKAp=}nGE+72`
z+^>2z3_PP8nwD)A1!)69rvnsuYNWl@yQw><_7lgI`|$y{D^a41v4X`0MElql4D$s3
zi<fk6y$Uq+nv@h*RVw~*FI;n1B4WpKsQ0>uBU9THb(q$QIIak;YOiC(J{Doy`FtDs
zE#Zz0hWelK1+<PA3)ZF6m<u#lr<Bw6tQm`%Qct~^mMUL+NUcKA+igdj?_9>K;u#^<
zC`Boez1*4OUjRvD(!WsKU-dfV`O}rz6+--4Rptk0W{<tkF?4I=@!Zp*qm_$8+tG9(
zY?Tbp&wS7oOx@z6;BT63vCQ=7JxzRb&?>8*Q5Vy-Z%*rB(>nF!2bU&mUVXA}ydpmC
z>UBhi_T|N-n*v{6x5he=P34J_1REWQo$@@sk)hv!3OTcX51j2}McQ_B)^g~(y7Q$p
z45N<JgkO)!6qILqVi~td9?ZY>^~LN-6B^d`hVUvuA;jhHqkM#jZ@MoFVPpC$M~u@;
zvu;*z@)yau&b2febiuMVyrRKW@*QxmiWRR|)7!4Yo3fdzmRkzj(5yDAw*g~m0<fN!
z?nU}aUen5pTTZxLw?+&-6;P7mj7?R#MU$2+{wjBtfi;1_p6h~VEw9}&JB&V;=(;~3
z9s@L7=O5R1*Gu`E)-JX+ztjB(4{kzR2Gj>eoy*j)(wkib2eC@`O3<%%o?XJ)KbZ9X
zeW$#<9IlCR)UlJJ<IGCG>Fc#r1iRNpQbf#+Yi`jQ!c*}R+qg$wmkIC7Va8N_%vH^k
z?V-{+T3b=pJ%O5Lis)4|{euj7Fa9K(?!c&Mc!x#hs4>Sq+pP2KfTw@9gV?IxT0TQu
z%oWF|&`(V)-FX~~x^!{*9;d-9LE4Xf*i=blUaI}fXgO=9t&RQ1F07GFQSO7DRa^AK
zu;hX+R}$|6TIuxZDW)?Xi;AdTI9j*wl8Mu}abrXIOhWEU@h-`nZ{>6A%AA6W0ufy_
zVg580T=t3_mMl6l_fHw?E_o+8athDXboIQun}19?k6#~|;%e18JIy+>XezJrEvVvo
z`$>-a<COy43pW;un;p&)N$H5k=L~We#89>E>C9pV55ljayF7R6+-;rIz^7HS>h%qP
zc?R>CHSUN&#ZNYcBea`x9B8kWF=z6t{~~JJ2%1NW_j%A|d2lG(*;$Z5XJrHjD}DY0
zv?s)nuSHoMZcZ-!>@~!QVb#8Jau}s>W7V@6ur}Ad<%iP;8`i&u3qL(w9$nJ*yLs}q
zV0B15PicER?88K*eK6<_hL~d+`q1Lp{)+R*J4+oBqa2w>r|qg>T@pmx@Z-n39bw(d
z8WN-B!+XnvCFD@Y`1YcX7z+zahtUY`s*j%<uU@}tpnqOJQJL-C$Pb1@Mx7CFZ*Gj)
z6*j)~^ALG=Ka`w+imJQTH<(eWGD3G$OZk}Vk(Y7;83IIjatNCyI90{uY)B)-!n#Sh
zct9!QhodB2tgWdD#gmsl!YW|vpWACKnlKB5Z4F2>q40BKOwjx69c<tpq6u3lg#cj-
zTYZA1!}d|}TKCq9Q!M-Q9xRaa@ErM&-1YscB7F;toV=SG8ZJPE+-tl(8qE|hFMqT=
zgo1{j2hTg%L=K3c#jNWA8deNlX4=~v{ScQo4l{&)5-x7+=YO*RkE})YAKwuHJ5F`*
zC3TOLQL>tu!3SjEg5qK(Ca=rPU8pxfefAwleC5KXRbb_3vRR9XbL7Pfq+Wn@ra?#f
zG<t$|^$;EC`|(b=?lt@3mu*<!&TOcLp+|A2Bk9-s%i?}G^7mVD6$@;1#6u{$KGStT
z%=6N0vkVy4O`3T?hVcB))DO)v@h@#`!v2NYikIb}QQJ+S%mRAvQ!yvmkj=3{@RtXd
z)dWBhrDItdG8p^qoSYzagyTJQbD(hZ6U5d~(v|NkYFheFB_p=naHBjTCU^}2xFkrz
z#P8wW&|II@aBPeU8Tys&$~7Gu&TUpvIVF&lRyO-2;CfG|J<HdVFr1;l@igBYr+e0f
z6S!*i@~a+YYxQ2Ozn%`Ic$>7OJ+Y{c4_f@e$=NOVXwIvUbnv0<-CR}n0vp-|^%46c
z-=u6)7ScuX&>BYyQvu)YxrdfvLflI$+K<Fu%ptR$acv+_rF|@_yJoO|l6l7E5j*|o
zHeE@J{YN?8r?}dVr?I5+YFcE(1MJ00M6cTK=&LY|jL^PIlh-Pl%jbK$r9$K!nyy#H
zpheVsn?e~%7|0Ys98U|Sn%0*+XH}6%1=v(&TCb^rs!Fn=du%MJs>FodZ43v9c8Gi-
zH5<;l6;3TO0}e1(T9G;O)+p3wG3Z{0Y)2%)0E1DrIOD;#fWw}`<tvygW42?(v7i&Z
zSa>w-{CZ&<HeG-Ax9@}h#<H9@tRc}NBB->P{E65qDlhsZyAs8s$)yMTfdTkXw-0f@
zPm8>fpLXII@p3(<dhsF!y5ojtJtYbJhTtR-@|2KV25wUp9WDi)F@Zbm5g^yN_zQFn
zK8A8+=Y$}!Yy!!0Fmb0b%<UdL>sSEo!jJ!Co0gi8NH-PBnW>;W$K#v5eF=wZgqob3
zJdQ>C35@>e{mnO0Wya0KQhaey6ggnpjkzy0AH1l|sPGz2ts`R5cmp{?<da(?+tHxR
zPy)2}w@y9_8m$%Z5=Eo6q(_bHS+XC{WkHOu+BNsfEQa*^7g=G=8v)Cx%~Sg{61G^&
z?0lg;YCGlJ!539u1tlZdY;}oQ6FS!Uc5e$h-7YWZRw+=6Jrk!2I-xJnLzsO3y|p(a
zm&9=c1D;=b3O+LjR2I|xOm~#nt|s^mp-Yc1QsTgby2$K|q8OpBIR`tD$GOG}V7!0s
zOqj@7(_3K6#$RfgJda!(%5DY?J<_?K7*doNp#<f5vS$F;vAAK1pgo01Xxh(!$aH|;
z)6dkModc%<pN9aQGt~UGhj3E9uqaD}rwQ`tf<EN2u5qK<VYr6-ra9M2^LURtW#>r-
zn^euo1EqI>)-J>(-d4W4J<9vaOhn6iHoRIb_fa)~P%FCAdK|pcd@L{{h-TCk*CgN8
z(PL9rg-RM{^^H6H5Bxk8<p0pFS2dJl>sd>cBhiq-_VmE-H4}8jW@Efu{%^K+ftPP3
zeZGHed`nch3=vT=^L5aoPApStMK_f7+ANo}Zx6G&Y+9`bdRO@usnA!Z6CR%7d=<U^
zM&gbaIV=AS+Ff|lIl=I6m;v1&`)h^1l7d$3of~e|r>8TG@rHTx)J0ytTIaJzK=67?
z6>mi@!r(HalFGAZ+3$R(@G}B1iJl}~?Tcip!@OHZC`l8$cNp&L>q*GfK%2b0<=8FM
z*8M?Xcm2U=-NaIN2#CKVvwqtwCFN`wmpIA{9{g>M_KZae9Kq3FZA4^?`KdV@gI%hR
zRL6k;`s=GG1E;E`07y!RG$&#{Ab=!__rCs)8>^2%tt~1k8Ialdua{ykYuDaGOioFd
zSs_JiIwresr4f8kqG9^`IFTVVjdWfeam)%!H$T|5MKyn$D0xTUmCR$<&xR;;*|NbF
zLt7%>y&D(RNJGxN)}<dgjk{julJI@mpV6jqvOD&;DrZLdGa(;Eapsele;aDXMSdbc
zq^90l+166{_AM&)?O1nrYI#9<Gn5-xwY}t)mj8O6O??i$MusZBXCa>vnP{WszrNZO
zIXcM@kOL1~)T6cxTY!M!-?PxRk6$EvKd+Gfmn~y}VBF-xsXm$vN%=3Gx3+?RvIkD{
zJFgj-nx=h4L2^q7xky}it49;insN(rWRK)}{`~tI|MmNPk-AKa7XN!9x2k6;nNKAh
zN$+oKSF4QDcGynTJ~1+)-QKo;QSI8RqFalU85tSLQg{9LyZr0-osoc~-bw*l4gL_L
zZMzUtqb>#+|Hwu3TcDyEjbdTb$-&Wu+<9NW=XK(8%2hxygNcx!>z_Mfr?n@WR|N$f
z{%j}oK9dmg^noOuL@xW{6?^!xXNRYwhbOvW6ha1SrVa0okf&}m&&RFDN;CD}zJu;c
zzlvIh9scnl^-ow6@h!P?ixvHsHL=k%w_;kmuL`_rn-!+fX^+nENlj|ArCznV>N1kH
z{!Ds4-xkFeHE{mSPYTu2OsAjRgrSRt<^H;Mh_em&2qo_K6ZhP278`eo+bQBf&2^?J
za4rxgvpwbqI@JNe(b&cvvFVOWHu{CLKO-9%SF!H|=Q0-{rjkDhR4_wU^?!VwGr_5_
zmyF&s;VyBay+~@7vvhKJs;nXc#9BmzKO=uuttlpiME$@N5n+lch%ow)@YRe;Onm3g
zZ(%5T%_FzdA!YHA*eM2D@tkYQW;0#i6_<y|Lc0Ea%lzxN$oY1>dtP<5wP3KK7Zk?l
zwsZN~HAeEN4bA$CV0Jlw=7R;d6eT&iHdMsVb`roGPPtI=6Vd*qU-{PVFD54vg{`GO
z^OAF$N#>0?+dCC5wGZZg(<$-8x^TEMkc~ZBY+~H-<0z{d$}O{}`1eRfUQ*!C%#>PA
zzXc%)9J6bs|I28l{iRPYKQV^=+vV_IciWi|i}37lM@O=aj$Y#!|Iw%S67P4%ZMBsL
z!oe08^E%P|yEJNVT@<0VwzhN}(|$$k!p}&b2!9&J)m*Jui-B*N*dmDCXV1hFHUJJ2
z*42&GsJFTnEt1>`blq})1sgE26ugCL@w!Z5H8nNaUSd5#P^$^_$MrEE`HBxRe}k4z
zbJ@fl%nKJT!1$ZV!2Ms>?&z?{Y<4);pgp=C`e6nuQFMZ`Gh98lm{icB`|%3fZ3d1g
z0HdFOdU3QgR8dxx>5$nDHlQUgTbo9Q(cl*|R<`xC$WS6%E0YYakH=V69&1-px&A`?
z79=C`f1;tW8r@;;mhYbLN{%Pz$#+~EVr5d#-{G=RPyn{~${WaYh>XO)j3q+L&JdA@
zu$GF^ApXx&j6A0bmfK%f?M=3sREpc%Kj{xIv-F054|m4R0@0)E$RizgxtjGQm$&?7
zYv__42<)<T)9P&_@Y3FZ@S_2jdZ#~$8uHMbicjpF9Sx_?rjJ&>3_^lW@9F|5u8wbE
zfMyrcU{Wt!x{^p~XlNK}Neprz>JbG%j7Q2hcmxFn(MJ083aJ?StzjF;+TQTUdlK8N
zGfydaE7QREfe1l-mvR4&#(DRDjxkC<TG}J(PctoT!%rvox*tC5^*EVyfqKTw?5wDU
z#_iz(y?b}={PsO|w735x8TlDLp53;lHVk+L@WMSZ&B1dnGw-rD!F2R{S+06uz*X;0
zy`?ZfXx6;CfdMJwhReTZYE{<h&;WFF#jDj)wyQWevO7p{-r12}QwPB)yI3&s9O?)=
zix+G<6Zto=VJ$4T!S8JL>*EDLo#$G*$Qi?wY3YK9ej2WzUF-k(;)o@$*vzu@UP(pf
zY4omDN$KfLI|BM(zx?Y0JhM?2o^fpIsgUjgIZ^KtmTxN`eShooRdK4HWt*Ig;D^tf
z6SfI;SB*;Z%iB=+<+Y!^40dlXk3+I2>fGaDbKV}y+LO8@OHB#=;K+1|?fhlAGZZHB
z^svt4WNvN_Mz%P|dQ-Rb0^CQILk5Gm%zC`K|9M;Bx1stxL#Oj~s)b!LwifkxN*o4V
zvXk~O8T6(I_4M>MCu>0Q`0@Ya>a63UYQMFQq8K0us5GdQbcdt?(jXxr4bmmuU?CmS
zje?YPOO7-{N_Tg6*SqEy=Y7tZf8?VwvuE!+*1guXzLyEV#|-a$Yech-c%|+@oX0ST
zKAbZ&GTDQZ$+t%bm^iH_LVvx<g7li~^b0SOq3=J2*>2#h)sI%<0exe7t(+rm2R=i-
z#Pm(!J8Np-w7&yis<ChN|5)e16La$02Bn9E#d;_s*fi3zK6%oAYWv>qr_*-S(L&sP
zUpU-31bn?iEdTSpyyawd!iqaON-J(Pxmj#H>=#BWSLoi%{rE8@7|hVEkJ!)Ex_e&m
z?syNgIc`imVr311Wz#n(h&$radJhL0o}X7bkomgo`ShmCfhTt-r?2||JT}x1>^Lvy
zWB2iUit0@ijiLpifr19m(~r5igN}}V?_p8b+t}F6)Z+;29s3y=_P+M7%FrAw4GG!W
zlM{UO=n;}hNN8ejcR1%+&Detgt$(~T)o!`<Dl?=M4dZHcSkI+RT^|c^-~IrjjkXeD
zN3l&pM&^}}P`zxe)JIt)pL1yd*%4@n>n@ycgNH6A@$bOqKMxU^Z|VK#OG5qt!G@O_
zUu=U7@AK2bEqU~oRnukT9<2&m4+75;AMlrpCQlOfWUhYMlHVG^AQ#oC`5PQ(wLPoH
zdZzz}`ilC2YT4mtc+wrPEe@JH-VpoqNq8!~=)K-wgz$0PhVLXG>}<AY8uvE16?r|*
z2%Cc`itGsg*F*F)sp||#*mEB^ze!kz|Dd$Mj>@F1wdczJ`V{en!jtS&O7R%`n#iDs
z>;KoJfNtkuT@UV0=~o(`c}xE9KZYVxPl*x#{!EruVfGKsMl}YbIqug4ZcA=&tF4b4
z$0D%NTkUDn^$$3GUjOILH?aT5FyWhYE&R>^;^;2k?u;$Rby2~0{i%Ux4z?_2aV)QQ
zRQ~h-FSt1S|4qz&cYC+f?KC*Frt5ZqOUoDsgF-6PfA0Rb0F*H;>V>>lIx!aaYuy52
z|L`AiCe?rF(o~8!{am7dtyi}Y*Z%iz5k<gh=YPFo;^A*XADw&L!Ahxhf6;TQlJt>r
zR(GpuFHj0KAWI9?{CiVG)ZaeH4lW7|ORdMntc3OoQK|6h6t>xp)?hN>=iPV)N3$*6
zoa>ht=Qo@{t=c3L*IP`1bh~;L-Px!?T!7(CeU{`M7eqG>LYRf-*Wts5AAZzN*7sJ@
z8wfIVH>V4$<Z5wb;p5}iXFuJ|kWUvfpm*9eJ(UHWC#AePc$KBA2WvUGsHB>9RA6}?
zx^IkCpT2N^`}hL7EYf6?BtUgb_huk$Ag|QuFmaLP%KM!@lUG3}KIk`a1j~Y2wAHE&
znc#|bds!BergtB>A*E7V&*uv;Yc!;bBJ-%qt?HY!pS(@RB4E*!EKwDuG6Aex16&=@
zvI^~<ARR!2?icw)zf`lr?&<hR(%JF7SVa8ZVwAW|G4pl#*@wD%J7pQxO|w+?DE@Iw
z4@KESMq&>{?18(W4=c@&J1NtaL%XYYMs%`!JvB#~!|`GSJ%Fq`M?AexlNHxt5PqmG
zo%7W14ikZVd&&3I`cSN?=6+%8!-;AoGpj#SkBZla=B-wr@;z0^v$WV*?20pWms&t+
zaThHGw*);u$~6Vg_sY@SB_tG&+7NWwn);Zj1-)SI?kBb<?L;&I6!ig_N%%nOJ0u4!
zuB(gQ<+PZ-+QI&9jJ?g~F*S}S8X0%3YPftR4+S-w$2PnC?KX!=cz9F{Ws~Zb<Tp{B
z@NOq}r~qLg3U}S(12W0Iwr8GUX|XrTYj^Q=sWj2V63+)%3}aTH*1k2~`li^lH?fqA
zZ?}F0Y)=BDy&PpO+7{Z?pS^hT!Y@eebk}91Cf07|-6-~K;2pTxC+R<YTPC3bzys{^
z+Q!Dlo*z`|psi42b$o!i(5bier%WNW1JlD(p;#maQKh@$+mkA(Q1mKLX<6kW4l5G-
zS$=^Xc%QJ$)StZOyV1w|Zdn{gFBN4*Ok3OpHGlrzndw5p`PUa}J8YE)sx(SuugWay
z8Oah=Rqdp)U>vj$1q)ph-@blEFh8@_p1rKto63R|;I<fPk6=(4F52bUndh3g_qx02
zDu~1vqkuU(oWhTW*c|PG+}^Rl`CG{d`diQDB_lG_%B}!lJ;f+^W30y3yB}n+`~Gq!
zqfOE8et|cUk-Ph`<-DZnAiLJ@bL)LM2xZt^n>fwQ1EM}@#A`aGOsZ?t*m%vbREMt#
zG2wbbL2lCRRFHDgGfGR)6%A5rWXwm$1@E_2+T#TAKe!&A9k2PD6kGJhmfffpz5HmE
zj&yx;$wY8=@vd#ag41f?+R^D|2vnV+#z#F;)kEK11F|h>2K2A2B!L_MGf8fe(^pL-
z00hk)YeX@t8tucwzG*VV=sH$bNgL;g6G<~I_f-3eLxxN8)vnLygi>PLlWDl9HACa}
z7aFNr6Go-zJEKV)v+|erP4bzR_}>p>8&VW2v)MP2$|-g{ZW|cYsfazAG<t1~J$Bpq
zt>fk!<Em?gGG8>pru(g?+d0sm>&*sQ%t!APGj^rRiFIvM=rNL<$8B$qHFNkdoz0pg
zocMRlo=$TrY3l?C556-lCq2-XI}=bz{KU>ttBVyLdj;R&g;KV2!tP-pTcr$Il=WY8
zBGSr)(rsE5(+0#;KHFD7M9n)l4VrD^ZpGgzr>zg#i<<}2X!egI&h+@?B(>pT{<r*n
zr_864vVZ4C`jH#FFSIVUbJEj|fFfo2irB^^PtYsrmE`kk*NZA1n|oZVoZqvJs7H!d
zTdYP)<N7mU%|b1SgG>nPojJN9x}(H5C9lYe+$TK{?DC!#5E$e<_YG6n^kj{FC8Hi4
zL3S~F6F^|;N@{XIVLf`0(nU3!59u4%LFP07-$G{2+TMQt`Lhq1Ymg@gbD0>>*mg2^
zqGYp_%|TZHV(|(X3K?qE6`4Wc$fnwz3<uQWoU$8tblTGH01f^_N(wrtY30NkXwv1R
z8azR=lB}<nu`Mn5L9fxzW^T#4cQ(G<21K@&O&$WVc+`HBp~Upgu57LoZoRXJ(=*K?
z2Qsc-DwJ{?V-N-Lo!tN;OO>E88dRHs`oh~kdtZVD<hbq8T;5-0-oCD=BDh1$V{}m`
z+R)q_w<17f65BU$*l}UFP9|&}$~^9>@JmDVmr`B_ILo1o{Q5RO)V_484#q((@9ycj
z;f$*i<$e*jusv>4dH$N4Yw+A3;eu7S{^MtFC)h+<UEid+th>0e*;fn)5TPxy9CgFH
zJH5$#4!*-qW`9QkOUWgV5Y9P{0nV^uVKy!5a*&02ihC8p-5F|9upzW$n**-ea4|K@
zLsbTLE#vNAchIUQmyBFw4BKP%e;uwLGIVI={o+~?D4Rt1d-mgGWlp{E5@yl*DRr0_
z&b%p_lEyTYza1rFab9Y{55>|n7zN;c3}Dc(4#Vr<9-RVHL(kfJyXjhnHkvBQl*7#c
znW~@oXipP<sB+&7`tku0U0~Mk;N$n1Uzb%!a7ev={dKhGO&acxvyR`l6?}X@zxA4G
zda1gIc_X(zvo@sddN$VIG)|G`x&`6Db#4~ygJ9vOg5)eDsx;{Z6PcCosc+t{{A@%%
zTVwMyscG+=Zs`D>cl1SA)I-*up^byK{KY#N%70X?CLR&~u03+KB=}8;Mq%Y`R-6Aj
zr(jH&)YRR?ydL?$JX>c~batdA9fL$Wr7uXhT!G<&){qQMO#P<EH6h`b4q~&em)qRN
zM~1DlVA}1Oo_&xj5OAAXXnNTzc53M^7GaC&rld%A+Q}KqYF~jMkJY%|baG<=ITt(9
z|DgKhL?^#+CZ(GKTt!-g5-Q<&-BtED<%(c%M&DZBNo{Co+Ck3AId6fIQxPFvh(LzX
z0IC)UUyLuk5mE0FIurO<J?f}n`v5%j^#Fp0p5rGZ=aX*rN}F30VovM(LY!cPU2bb=
z0~`~>&P4y5oSavF1`15-oaqMs3x)<Bo?28?RA2lO6VnPm{CQSbQ5i=*S?w5n<?~k?
z7-%~ST#5NnjPmizio!f*4A52!RFs~y{od}c(1v&=;8qq88sV_ku&9^@MUQW{=aX{Z
z#KxnRXn?bP$gBoIQd2-uOKiz%exVCrT5adR19J;p37O9~YDDvDtRUr%P0V9@6lD*G
z)Zu(<e2S{1J)_G~GJd+Z#W&YSOXkCnNkwK5y~y5T3hkCT*|QzUnQS@T#7-CgRu>PL
zf0nckw5c2qA+&ofNx_@Sj2!%y>s_nI+v!|YV>8QvmeBb91EM6Q9EBLKT|?Wh$s{=%
z&rWEgQ7bflo?OFnbPV&Q3{^lbG3%$|<t21<<UzBU?`(`$>%FqIFW3b#Q*GW0+OIXc
z<Yc2|`b~W-0CmGb(PJ;%j)Cw1z5&ml+pTW%fp$T+burBMX0Xo0C$Fjl7m8Bzi4UL?
zSuRJw+E}f<iHycb;XP}{rI9@e9~vT@aHHJsT8-r~d(r5Zs8Q(<c!54?ICI3Nw8Nb^
zXxMeJH=~{~QX-u<T(M8`)Z<Jfbe)>#B7f^W1~z$<*?477x{93gMSiUAX3%$~OuRI;
zS14>a;>u^|>P0gwiW6>#9`zv?j^Y`zEOtp0dVc%4xAQ4=J#3=vjCb#Z&V3en6BUX3
zt9wpF@7Wi8rbPcP;-Ej{P?y_a-^{~pnY8f{r&I{hQJzPLA4qX=VE1-OmSH-1+vUn+
z5@#;Y-!eQ#Q!~=Qw}vzt*q{21bad?XXZ991nz(F|0%A2sCZgNjlzHT4xs5+t_n8;X
z<bRi$iLUXi+UpB{@E7rG`|!}iYm%8*EKivM4VP`Jn|roqe*H%}0crL1ega}KX3w66
z=<vkiwrI{Ad9>2QE9z!W`y@kiMx?c;?u&ge-xWA6XkC=POhg3u&R~e@ydh|L3T`cs
zYe8<t$BFLKD)LGRp}AF32|XV=+rf)W)b7|*l<MUdKt5bsUtfkOtt(wR-BUP8#CH;g
z@v9)Gs8DLD5PlVAG!#a)Q?n9AWEkDHda*Gsnudl3v}>i$*}l5RZTgx51&3X1>Z|B)
zlaAjbit`+oT$Ck48>)820f=j{)#<Oy3ED8>6kz$G0+P?Q&p=M?>+7ov>+Ie}e{b|s
zs5BEZb5L+|P&!obI5V^dmB=Xwa4=@+O}sC8>%NzH%U3GPkdm%}z|39Cwmp$Q35td;
zhbuA0lQVgd?8m!wXeeq5WKnck1vGuvMNg!IkCFm@u@hpU0xZ}a@JL9cf;TkPw$~54
zETpKofZiSo5e$dxhTFfU9HqzM+PIj=J1R&=OW0h3TeQho{v$OFjf^F=kL&yn^xF(E
z%HT(})RRe>DjA9P{cS(J#?h{vhgMl_IIq2pO|nbLuQYu(_pTz#`d5HDma7DMnUG8z
zoBvq3O@Y(2fH_6dC`#=kBy<i$`Ma=da;%O{UJ6a-s2UC&;4^o2qL@W!Mzrak_b&0r
zE9?vb8->PcI`jbr=5=3`Rh&88TjqdF+FS~bFe^28TR3xL^fo@o!}%bQO9RVMSGsJ9
z<|wz@-n2NHX@B-}6diVf`MXqlP+Hs-MKCHOfr3I>^YPAt%+6Vf&c~}D;{CIy5ekYM
z&Wl^KLTT`&f>-++vLx*x`ZFu75-H7ABjRwmrz0(7)D{~-;raHZxq0?5BXwvw9BQ&E
zKPA}j1p5Yk#-6PIx=XidH9U*dz7PgRtjx)$G?xe8u%?iEHB6GvByeU+KBis1S7tU+
zpA}bN^+3LJuA*v6X&xjHvce8-A_}Wvv%dSlLK^!sn|$npRv~gh{(Z;j8XWBL4-zs{
z4G)jLCt4@vA=n<RY@p@6;f#FKdSlY=i)bD({!g^H^8n!+gRDVcOA0<c;tDiC9Hq*f
zA-_G?<{v%ZcLf)iOA98<ejaM~q~?Lv$ca?GpNb-(xJ0afOKfRjAgk`ZnIS;~{Lc2l
z!HhSB=S;-E#iof9ZvdvwH;rpzYZKkr==Go@ZfE!8PFmqUiRTY!cbjWB5nyw_d-o3n
z_a@^j2FWQYAR~DUo#cEaX1HKXxW6iqP4qaXvjLf84IKP5nd5fGTc-`72HL$@n{mKD
zOfpdv;*jZ%57#a`YXVL&q40rzuMAd~>FEkX_VKoB%~79|k+F8t1xjz4BGk)qf$ojH
z-I_)AM81kQOT}I6!p-yim?e}L<=l(o;@@l336O_Gg!EaiW?3Sr&t})+d57&F?`Ans
zB|6Sm0%gl|=%TntoSXbEZulDcFR5uys;ivofJsjb^^^Z<0Y0QVzVUdw%YobV)baKm
zO#MGoKkhLohZj%;bB~tU9+GQW4v&TJT?ZdkW+-|9A(CHS9fqJR`*NJ}c9e(V@KxYv
z-L^hGAnTniG>`=2`=;Nw!iGv*aUdgsdMB$$7AOq&pvCVBc0si4JJ4kT-x*3>yUpGD
zmrKV#OTwEj*UT2y)<m#za4aXCPh$JC<rBV7=?IbYe}r8ZkAOfdD@r}z4f&Ybouj<L
z2!LY4)=THop@(qjz8-jVAI9FqY%0l4>V}MkCml^EZ^GVSbKvTQ(CK7p@mppK4a%E=
zpG3uUjtuo<;smj>u2b-^(o`j7KaZ~;=G8m&?VRrzbqS5{44XGmyJ+Uw@)98$JS-{r
zlOvc(gn;s%&5#<kRdI?1`zjI<R;%*|IKe!VOZ9s(MVU)#wdS5LUR;ID!t}|0T-9Oc
zYspAPAOxdVyPu?*Xe97Ee1}jGR;C+{JUl2S;vSt`dbN9D({h7E61#Ozx^EByh*m83
z86wlzBu7qM8q3^v*AE%rvhsAhniyCB=SD?suOF{Qt>&5)%WOi#ty@&i&-dn#ide3W
z*U%?d#74O#f*<Z}ZT+dQ{|w>GJ!TD`Ak7MB5Z3D5E1_HGsGcb+<(_!Xr#I&vKqT18
zSx5izT2W@AXwRow9cgwh)7MFAwu|xz%N{fBuV1|iEKY+KW#ua@nq`4A0n+_@kVtfT
zvxfq=)_VuPu2c>zcDw!9L=S56?FopG!$}fZfQ4Fj%(OzThWGu}>(G5M57t<a?L{&j
z<GH%JDjuhZ1*7N&fT#8iLPGW(;s)PVi}j1+a(BsD&&b-=XBuO@{wn0;<Y&bz{DvJd
z%^|v*J5T8SV!3{C*lj%%ph$AW5cD8_da>!e&>GWg?)hq8Znmtj@bN{A{kPS=+{PVh
z|7gT}+=R;g2C#w$tT+4I`g4hiGwPV;lU*HQn)6e4_MI}1?n{Rr0@(S#VLeQ@j=}uY
zW4&D6Jvy~p{rVAsw5h4|v!KZ<u6fkCr{-5VHdydN<yHjqf)cpeO)S=|77d0xkWPo)
zLu5_z+4W|EG9EWX2w8jt%5^VX@~vC_uUa;7xd_GwP?{xCb=3amX8({??cBptG9wpM
z?4u3Ihq)vd8`+*}GouHL8Vxg-B>Stb7XpY){y#m9n3;#|*WE`s6JM2^Mzo^%-*-qn
zA31Jl@IK}10XOpA3r4j7GrKAd^P5~|N^*8?1<i_bQVYfIi_A@)>@gDf&GHDXagoy^
zgAPBaD3f?x+zMVBmYIM4{P|p0(q#4qG(v1G3x`B9#cp@zKk^+Jfu1cOu!HgNsFHG;
z9UU5Y-<`j3Pcu4$3fXm?jWwdQ%)TpE(Lc+aiuAP4vV41vKA8-S)~eKOg=ABZ?f?U}
zROODJVZTR9Hy?s@lh}SGF2ZWET+vq>84d{57kP<!Q0K!@jPduE3blu3s#tKOV7EE|
z2{WT{X&0!NK!8PljY_Mx?efCiRJcgX%~Vq23@HyWhoST-ikAXiz{ollg5LR(!Qo=d
zJ5c{%%Tc_Xszonajy&I-ypfozpQOP(z}?W0HW_dwlT7#-P{T4cvuI%DSvz+ZR!r~u
zX?8d`T(eIwK19v(Zg@NW*3>2Y`M!@&qw^xy#n=w*HDUG(j|HufgYs3sZKKOyO<eC*
z?|q71q!K9N6G$+1YMxJ@@3vmpPYh5MbV7fu-@Zyk_3Rtnl+YFC>o4MZShMb9xmAfE
zeVaKF!aHvblLkt3_ZtNoL|y$chxJ5=?5sY}pd+v?n04{Hb?fYJr)c-TssqU)E6tbL
z9UdW<wiyV*x|EK?RM9h34)(GyY}p8kD9$NXR`A_TN`>iLofLN0o``r}o{m*GGawJf
z#>a0#T_|FR&%wAEqT`|8+XN#uCw^*$Pqini?$Id_YESOMY~>sU9bDAP>K}=dr>>n*
zW!^RQqn|PUX1+Y7T6J=D#)YHQvp>C_X0^3A+mJ7moVYJz0LS^g?Pa-41?r={uv-$P
zCAzaTVBBd`TDoyvc$S#q7*jx|j;5?@F9_jQUN|%|LUR%)V0XkiF`*?vP8s?((aqaQ
z`H39tJ^1e40tE+)_QfXS^vHK!h)Z`+&cD3mnVhP;-zKdNjUPib`bM!$ETIqZ@bG+s
zeA)P|Al#du%T)AT0d#*TGD+r#TwWrlRpj2u;Qq?MLX>t{^nl$BRPW&P=e34B^J<ST
z=2Z9k6-FG^UbwjlfVfyGcdo-I$>W8R(mh(aB#iHNF+EOBPWjfoEQZaNV|$puAXnNs
zkd;p=x0wg0PZC1|9xH11jT0(562haI6hB4&i{~%D?ry8j9@c=Y4`M^ZrI6>)8l2#I
zalt~G?ql4L=kpHDLXu?gpn40fwew4z+VoaO@p_SskUm8{PyHb6lmgnAr@;C9zDsKU
zI~c}lb<r(u?py&E9lQp+{3X-%CvvM?EZ8Zfbwr*m=b6?CqaSYGJRahWEsZL(wzK-&
z`1ku0k;b}%wkCH?iZ1S@cbNJlb)#|LdnKPNVK~+Y+!`9J4xlu=@~WRhR`L9ltK}(@
z_XYP7F7L>nh9(pIOZ>JVqIA2O`+CxNJT8W>%Ko$LP`Db}DF<(iAK7fHKt#zI5dkn-
zNRF@@o{5|wjxpf5GpZeML1%zO?yhpG4YhLa$v4R8KJN#!0^3FGj#$n|V%Run4x7VL
zN=o5$$c0tck5Ju3|8Cep{F|3QZp3u*;7wXbbmM%R3V5SW`<@UVZi`h-EZ)Juaragk
zEp8fV^`lU}1Pk5tq4IT=qD(w$+uyF6<nEJea)A5Ikgq28Bz<aHibyuP4#8QbN*Oo!
zS?X<tOk<Jo5%R06*JxB-Q&CYFsUE>#)%xiH$pWY(5OVDZ%EogdbTqS7<w51(CpS59
zR(Py}afe8Du#@Z-CZ_&K`*1jm%7FRE$lRWZ@6q_!*wRQjC9De#ts{OAwg9CxFJ8zt
zvODEfS|<tR4ry1e=J~<*E8wi;n#_mlAcJHAUXJ=n102j*39<H;`|+VFsOan@a!u$Q
zW9o2GRPvrD-Tr3+2}+F5A6@KM^UaTMgG$cY(Q&r9-;CFK=bojdoRzfe(bl8S6Xdc0
zEP)gE$6?2>kfXDq)-Qa2^ta4pJWUX??ID($m0MF6=rz%N32(W~V5jZ4_b&!&&H3q-
z*+5COQ*6??p7}PAS)x|^cg;x}uo)Pw6cb?)vj+f0Lywj4$fF;JmzVeTvGt3-&VfkB
zuXm<D;|SM5NDG0g_1e*`1*W4=-Io}%8yk^pM^{ElP3rk6U$Mi<s5P9fqxQ46>VEwS
z)ofb~#|^LB58icF9m71=GqCW2%M~q3`(V8gXj{`%0}bx4l<bO^$GCud2$Mc(?I<h@
z4io`o!rh#TF95b;yTJ4v+Fc<%$uDXl(bQ9MFMGo@{+zu$dG>q#Vg9t+NaMbCGR!E|
z_>%i;Yi81t8`XyK2Tre~2#dFmn;V3+ya!jVtN34L6G5trPn*}dnYWeG@j<j>OZ0~e
zPg`xagOc@7wr^^TB=<TDwbEZ$s&?Zxt$%3ysAG10-=7e_DyX!{-VL*Y<aEe-IC?Ex
z9&IAeOsLiV{hgMToA{2k{SWnbiqi=KoE9*eHJI}^WeCgfJ7{v#WRZX&lFW4K8dWIq
zws3dJRr6|N^Ax{hEDMtd5DT{KYTS~U7}p!D3#~cTyl{nfm!;lSdl>x&^tSKc>mZ{r
z33;sX^qXX;)JwDX*3bFi4$U8|^ZSlC?MDp6^DnmHWDVw@ty(=%_{sVvONouzW75?#
zeAv!wGDoA)kwN83zVj?!(egH`FX+6&-s$e$kU7!IkrLDVmCF0lCwrI}*u<Yw!tndE
z-b|0)Zwue+_=!y_@C6pxv-8c~a`j-5Q=IkDmqDcDAU-HE-;R=w=8QQM^AI=JAcgeW
z?zmrSTK5F1AM^6cY~NFNw-Z`ZvxQ>1V$1$eAVL-B9pga>4LS9w-rB|?*<-w->a_E9
z?@9Ty!joc=Gqe=3zy>7J7d$HO-n%DVpeL%v>xmt~Iiu3^txQD}PNLt8@BA%U9Z>wG
zBq13g?Q%N{>?ag*Oz#(g^$v_{YX=9t(E~EcGs!d#lNnwb>G*a?G+l8@eIxa@dMwlm
zahmw&`$N=p-aN(}tI-#TTA3&+8{URmwT6Hv#s{c`H2BR+9l5n~LORH=s0hC!j>}-q
zb@L~0E+~z9Jf}tt4S?2j?a%mlpuRT_75~K?Jun|8b5)yw{6cur=?dZu#UE}@l^IX{
zu6DI&cbDtCii=OR<wfSZHI~hFCivrSV%MizCEaVDT!>HxL-?5clOA%Q@&Fa+)VSkU
zw&mWgumEd7#s?6ev(-<!CNZjM7$2IFD9$)SiO!AFuuAQmmJNz6U!04KXy5`?x~oAq
zBg=T|a$PFYJ<#8uqr_}rE@9d?$}OaQ{yNK`6g|6Au9|Rd&vPH~k&zM$%v-nQF8lED
z@IuGHic3Z~Y5ewFo2sLlX!G-|yy-Hjtyk2leFHtX(CI7g@}#=ZBy>LKHrLPhk#1dr
z%zQ#$wevQoU53_0PTeZaWlD}v(I+BPz9`aeeax5VWDkm%5N|BEhU~o~AbMNZu(!V1
zlv4@PtQZT7&$W9Tnd`nsLr=i+NA6;#k;t$iFDH;GM;-A=EQnN<C>#7b4SQKgZr!<4
zU}yX|^!d?*cazlAH04dtDh!Lt!pJ}g_&i3d*%Goy?C0>~MSZE&@%$zOT&&N}&sbqc
zOqyv}B~a<^+t~Ds0uvQnF_D1B`T=I0BdX6E$C|iI)u{yiL;q2%Z}F4_joSk{1y0{W
zz3;GU2rMKJkOvmo-Gi^8M+fzGRB79E-M~@&qCyiDOQBvw2@%wM`z?u|4Lf2LL1_oM
zuS~^sW-hZnNu@jx%NLt(vjbplt}QOO32a{Sbsk}gF#hW|BL_G=6A*dfR|9wY#s8t`
zq#GAI0|I_er6UE1j9(U|bzBza!qR9xOT%e7)}W+Z=0KJP!E4CfoO6a4l}N_iqpEEh
zwgR^HM8V#FiyYqF23dg7?!M-ihA-!{rG>+lZ220&N<NZsqfjp@eepwFg#F3@wOpbA
zi(8dcBqI!@$M-4mB(&8Ef3r{Je1wpmLY+ii${S3WABURE*|m3mjr3nq%AUuR>y7W9
z2$XGnTUdI0)rQYdZvN(f4R#r6;o@nyQg@49ynN~FAKX0Nv0iQuUhs7zNrQLs@x#_Y
z^<rT%k$oLhpVr7wFYu-=GF!x!P2`JN;|@(x?T%XN-nFmMstIUQVNNw24Luf=I9X_o
z@UJ}FC^X)Vio`}ecPd5Xa&&_Ao3HG-t*@oL|8+Z2m-*x8sn29@dYEkSD^bxRyJeLC
zqElSZo9KeG^p`JRY19tuu20^BmR3H8C6VF6dDY4T+J(-9j%7t!lgV6kOUn%;UyTy7
zC*VY<SS=<n@J?@9C#xCd6W$Pj`Qe?hJ`vqUB9hd44mZday5gjaGtwAQ9?buFeQR&7
zN21gm%mh+mAqPEz+m(<?1E<rN47c3{8HfQ!_KsTT+s=;aTSfL|6ZnvY^HPd^=@AiJ
z_XQZh3MUUNNg_e>R;0g(-6TiaRqtJkG_7xJeCk`+a0$nM^y6vo2oM6LJ$ZHP=*qq9
zy4b0?(2*o%tlGoF{g09C^UjW}^)1k6O%zAqdaCV`R*0s6&&ruG`6qj=F9rhOgk3=~
zsB>_0%hjVareJtUx56SM6f_h~c$<K}eS5Z9dcL4wA?2%76kUBAlNJrk%CSnv;J`TU
zsl`RHbXiR>!Qw-M`|}V;sQtp{&kil~uCOl57NAKdu>~F-@lFt3kmJ(^fw(CISUPO)
z|BSZB@cWlqjDm#S<I|_B#~$;JV^z-RtTburrRKh6js_Y<?`m6DOoTj+_+M_rjKU@Z
zJfV(ma`NM+aES<u(b$>6=ZwwG>65cRH^~;5qF;huEcGScfA2s1>8wk^_2G@t!zVpG
z-_EK@Wm(f|CkNZs7(<Ur%8KNa7M7;OSr>XKM~8=FsGnbfxvG`X#iZ_;x}LQTIshDg
z$IYp#yu9IytH+psbIcr-b2O0sW-73YKB?B)?C3L5RINS{g9nkRoJybMzD*SJ3=|K~
zKR(AI=8Tr3k(ryW_XfrRz=CT;-1&KjdO<H*qkYVTLm~7NQYFO}qd`Eay88FK2Rgk{
zM$1@v(Jkkr5Y#<ka&>^Z|IKIMD}Kv^u)RS7zhz}Z79=33trt%`-|psr2RZ7`OI0lu
zUJk;h^)L1{?^)V=aH$ujudTNdht)W1GLgxQNF6rh0UvjLq(n|hE6>s$g6+=iY}o`C
zUpxepwq@h~D$mW^vcpQP0L`3EycCS(G_8xX+N+<OOe!%Od|$gMfR^*Nx~_Dx)Mg>u
zx&q{?a?@|R{cYyy^IZ>RVY86<;}-s2!;KUTP-(uea4r!5N~V4I5bcA0b5Ku-lw)tr
z3&__^9FktSf`bMXox4`mTp=*B(Wjsrt{=3CH*qK*3k0Z_S*9(O`_D7IEe`pJj`590
zP77m?qT%ei?Jdl<4@n>X`JIvBgZCelvRUdmgT!#(IfcRtlR#EU3xsx97(<@#g{=#$
zL1(I%XIU+>Z{swl^LMH&M!@+oTp-=b=w{vZGiHs4o)=e(UCOzHgsj*dCrEQO%B834
zL;<mT7ihIS{gCT{t`qx#l|avUDh#K4$2Zm0NgzK3Hc*X+XU@a}Rv$ov3nv++Obst}
zo+KJaPpz^@^1N!<0zDS%rL9Ln<mZ%)U7CyxoSa|EcNbXS|9J>2c)j}h4K~kOQfklt
zu9E*+g5Ugfof*_&6>!v!pnsF8kh(His%!A!=!hVR9o1{)R&M-=a>6x9av}mqk?a`g
z+2_t&0O0eOc2Mj*dJC>wUoh?v&+L8$So;ASAS3b+T86*o7Z;lw<eFyZ=S8bs_Th}f
z3@o+B?Cki`vCK3J$jLD*LRO#S-32`22d2w^QP=U`7Zv)>&W@ymW)>nZw8CL+=pcA>
zsKhLN_~r;g-@>9ps!@xb!9O^d68w>(31?eCsblpz*Zg>~6qkS?%6Me?H?Ka{fb!*<
zLAGKRwuc8nH2Xd#jZ9)o*`!B(eTcWAJ#dG3VH)?Q%QQApgDO1yT+H3iKtST+<n%O*
zU&YeR?L>`_>K}6%_m}{+OQFEtLj@^Lt}2hg(ix&Jg`eWM=H{W;)XdC@St=}HTxQ&b
z25n9AZBfIgrxW+~)hd*TTn;ztKce3N87U!KL4i`nl*B~UvFdp*4x0H`ej@zKu1%XV
zK#A{?keF3fGoTdKkQ<l=9VH|`=q?m)k$=55ySXW+^9;?}x&X$N?b#6<j7F^`E;ho4
zavK70>W5OXjGG22?l)Yh@lMSxiIiF96)YZ(Yal!ls>*lutTvxLqnCNkw7e;?GuWI?
z!RA@SZTHH0zKKlA8^qH8^9s!zQWf;1nd4k$(R6iPtK38wEOwGXGB@tamunE9H^vE_
zw?s0<sZ|43q2|oy%Al3TjR0i#hwsl|CMxz##uTNi{eFLCpM>+f<7N#Z*89~1iwAB`
zgJE_7zIx^ULRXSl)<90CdYRB8oX?<?#U@cF0U7$1;AUHQirCV4CC;~CayI*sdynht
zRS~*^U<daDP|t3=9k*Z9zfd@HAr*89faqmwqLQ+pgsX-c6d0sKh@^cIkA<~ij;fI~
zCh}oHCqmNpCYjZ8n`0Zl({BL)Nd98dTa#}`h+LT7(EGn?;i-@<yY;Tu<%Z`3+KfE+
zxlD(mqqHpzluNBHH_!HZO)*8oJ-%WQH6;pGLUoo94Rq^}Q|itcH47jY^z&&UAdz6)
zX~?xu7Z-OrNly$337LBUAjOm8wS|op^V+3<&NcR=sgU>C+1c&fpKEnaV)_n5+{~5y
zPNfdHJdzf7A{r=F^R%iBKZ^HgAD9m#W4TBm(}Tv#_w;qLh(xYd^{=0K|J+=C&T_Cg
zW(dBEAVcR`Ha^z2`hEZN%&qG*&FSr8dj@o#K-mqI`oJe3XiE{3kALd=b)CNybn!hs
z(@4YzFk$$|yZy}DBj1jLE||xm-2c&S{$~nEXfG!ml}L0<{qvhZggq^r@v-Z0w4k;N
z<I)GKs4m;rTmPzsWD{$$A*XZU*=chflotPIaG`#nv!U&Kwol!8O_2S}-2l`1uE|su
zzC(7UPJPV;?&ZmxRg+Y;|39wDNBrx-u}38qO56HboIz;Z%4(Ul2PN73=PUHFuy%_E
zKBm=9QK{Wc6WRahL;pL0CBA)VX^${$_c6PhUg~+tf$Giq|F7eyHVys!e|@t#;q{A@
zXEi6gVh-c{(mG1-{em6KY*TeNR`!@CzL8=N_dI;@-(PHdJ@aqbD!bQd@YUr)*C#&;
zrdh^by|=q*mTP6OIR4p9(dbv`e=l?=?+271P%9jj;?YVM#ie}Dq1yBAM~pkCkKT;@
zH*WZMnI1mko3w88_~*=#i9}a##S+2)eyEhf|9t4wQizfT3+svQuhM_FJHf#~Lh^q-
zP#>RnHmJY(`4OEb$NHQR^Sa@?0=p-^RfRpb2D=JbH+{x2%eq%wY5m%5ruzilfpjh2
zq`+-v?GkP*)%I!My41SRj#p0?@<L5T3S2@lXXR?gNX7K+Y^6XrasD*9#38@-y3zw!
z0Xyok2b3{#I<N0icnCy}?2{;_KgY+wB5#GhNc?`xn^<#@mPvD{ex;PBne@>LXBPg8
zp*;#ayEU&DTWl;^@^*h|qKK!`VN;@S0O)Zb1Vl3(G!v;$V<O^m!Eyx1#1E9%1Y#Ui
zszt(I83iH)Rn^XE&A9~P52{j0#D9U0eQ7;cZZC4tT5*R2b)8J=9m4elENWj>B8WYm
z*H8t@T>U|+LyHT0hQx?p*2k?8O8##|81p3eN8C#6%2Vsb=dx1UG8L*1giTXiyC$SB
z*8G+H#4pz0Mt#b#4q;_GR`27TwGQR8YXpJ00u>E5_GBr|!=4YDpW6?)6xJDxG=$sg
zR&2Q=vEgwm4ByP-Q5!dBPN|yIGwqN!H!k<l%e~G-7WocMI8VJx(DPEsY%>9ua{0m~
z36Zlnwe&0}wjUYABKK>bDMlN#nV`<{o=hSjI<GwqIA3}Ry%5W@y}=(opea^E$p8a~
zsB_qMk#N8ECXF1a7@XN5O?Q|0f#ENn=`cA^TGF2!Y&3><(J1CWyYdywGZ_6wQm(!S
z@J`%La2oo#FvEn2x+?3v0q8{Z70Wdk!1(v}A#->ImEJ6y%u7C86^s_zw}svd<Y@iG
zJQV5E_}JLk&W?JC`5ae~W_gFY>lOPVLN4LAH)GGDm`+UTZb1hVpW$p;2gEm`p{EX;
z<7Q{&i-(@1ad38r{sp{LDFy~wq<+2~+NWF>e;;wbp||xcn)T(x=Axqt1(Db&!o`Q!
z@~UOcLUgIFJj01$t0&>q6h&si1~2+`?MAuVd!~K8M4KD(-whACvCe3IxTpQcQyx?X
zZrmn%6?;$w8^{^`4M=f>xvJEJKvUe+)+h$4um?FqC!-D(4$Ie|-@}_1>I4*s%da5(
zL!Ww6@EF>D4QHFQQ9>VRT`(B`8tBHZ%b4?)I7}J@Lx147rktntGH~V1mDvuQ++4LI
zw;fv0_OM(p=dEOQT6&Ml5dsh_Y&@NM2ItnTX(+er4gIaPTkScvu8uu(-hSMs>{j2`
zC4Bu4C?i0TngVtvd%Mf^`HquvVTZ3T)Gw->d_j)U{aYS=Y7_CY^EeT91cqYsZpMF!
zRy`&i(Lj@oN=t7Jy8e`CfBZPpWGLi0Bpukl?Jw4P1f-@MSt-H_!D!j9rtZeg_qt4n
z)VZjkXg~B02Krw1-TG)3c~wE%xW5B!+-@h8WJVk6v*vNn{G;@URD}IVWt%RY=99j8
z<s1LLlzl>SX1-K1@vWciaYiId&{dA2kY?(SnCO9yQ8z@03Cl(k13kFEydrrLMwxhP
zpF+Oub-bDz6T)`pkYpg+lmeObQMp}MPwd&xk3p&W(W5<1hez`d(d$e3Y_`(4M2nhs
zC4Hksx{CS)2rRvchYsFe>%|@^SdG0?9*^%-_UfJ>y+97deaxcEe0}&Xxx&Sdy=|}V
z-)>?rRK9n8Eb-!o?d2Uap>d-wr0c+tD)nnFZBmMU-(=|^ry>s{vQqsG3I_o{FK%jm
z-y_6dt=RP!@54WKkqFMDSiiQ7`L7m06Pxo1sZ<Q<Hlu*4Si+|Qw{ue}WsIREqnBkR
zL59s0PeuOzT<RTMRrr1-Pn7wdjg*e{s`x8&+o>~j21(}zj#MP&uQ@JHi%VG>?INgl
zd9(!GPha~@r1ubEb`_mLY<iaL^Yk_%DQ%M1dMmPIIa-K>bh)VZ==4TO^6_^EB|klo
z5(cC?B({EOe#JUJr#FK?^OWR>mVr5YUXX<%-kj9eC$QMgNALN4L56(8bw0O~y{39f
z*HD7>^Ycv(5UOI6oqP`Y``YgTT>w-AKwZ?Oln!g-(di_Q;6b)h$KEM2#akM|W8U)#
zM1Q@rIKqU_0W{okvO17LP;R@ZH$spU6A?_rgW^8rd#sx(4ui8-43`o4V&`!v6ST;c
zx!zBzsb(Xz6LvRzXJjM=zbzx72(&HRsg)H;o!23mYYj+6ka5R?Kv%X?7G)-epDx=C
z#4#W$m<(4Dy<t${?q?&!x<{uG{ozCUCC2IT-h7}?wTy%|8nkbMYCX|I=-(P$z&WEd
zx;voJeJpyr=<-i5qMG!nZT|XTAY}Q$k#PUgb6HeNT(s-9+i`#BJ6aDO^D{3%^+D90
zD{=~*r>_9#vWeh{XMt=0@6jWWaG2ngiN7j=n<o^<9{7!NLigCus@#5+o7xZ2(1N?E
zP@|z%RI$oquD85%e+*bFAZhAOwH4D^9k~7h5KyKA7A-SgyBTxqjc{j(4mNH&SWWuX
z>gco<6M-vaV0lp*IvB{1rFBJjY@Xui=<C1y>|*cicyt%aA{{4gpxlK}1*JjD>@}Kk
zy|@aUMdlM*Ma!G}ut-VApAi9(m@=!9AAQ1wqkGr9C;7f$h2ty)!`Ua+T=MeWeHmJT
zI1`>x=4wT;D~-*~MQf{8<Xx|AlK{x|x4>N;*0XmGxn)q<ffhYU=x+n2IX<`!Ev$b;
z$8-PcR%Ua*Ez<KP)F>c>{^Qxj)iifFh${V3_6PFt)@o!9)K|6-rmkckE$~~8Re8ZU
zs+s_8Kcx_%1$V!DQJTz=TjBAYz`<PYMUW4v73(msa+|+f%pC`V(rwACD54`};q06o
z+;4kP#|umMzIo;d4(1Ho_kRr~-xdg9XFU%gE5a7m^maJCZ^oD7FxNt67H^Js)0cg#
z!$ke9=cdTotcDSC&ANg1PtI%f8k_)Hf<<ywTgrwbYn73DRW`oP=)al{J&``D=)<J=
zydHyo0}Kg6_FT(hp#_!eMAf~C>OU~Z8$YGw6bLYr^PMd<bY=~RG}k7)Mh`n27Cv-#
z&{%Kz7{@*Iwl+cs{WCZJ`?b#A;91;JQbI&?V!knYhhO82ao8Wf-qPZ;iI}P8qVR+&
zqeh0T_#yX>SOs!x-jTXAVGHBxo?Dk&>9k&1og?fn>4J`R0R{}R!!}0_Gm8XdH^My1
zXgP@oPKQ}9eG--r#|H!U6V~yb#P<JIyX@d<;@8C(xtMBzYr6GkyHeQ>q+(8c+7yS$
zdBgcRO@nK%d_HP0-_r0jo*K8nHr#xfbJe;^Lm-k7n)q|;e~BZ|f;?HqlfP7B;Q8H7
zPS(+NJgjgS9LcR*%`JCubj%sg8Oj|W&-DwHl-NDhpQ^iWS4(kw=~$r4ow*$x_sVVe
zCv-dG4+BqW=R-NZR+P&3l?2vttFPeo05E_(G5f@@3KQos4fixgMj7tMjMv}ZOs?Up
z`)xj-eRYSGr>hS9B0tQrj2y0v21E9f<J}e-(BY+T8PQ^36E#I-4fa_)=t^o^KnzYR
z58US;ePMp#nsD-M$Vb@IXs5wC;L>c5R-ey#hx6mdk1Gba-@cJ<3%shw*za#+)~tB}
zP}%(amZoqdKA5Lo!F<4^+xUws$z4F?<QG&*5qC(E3)ZGnnjzb$0Q|Up_R9}w?L|}?
z?e4SdGU?2MP8XYqYuBo-|0xZ*GkZxKSW*&Ep$YBiD9W!>!Iv6o85uU7F0gT9gfMyx
zB+oHLi!(}9gra2rKTVUCaXtU2Q~w~H1j))ZFr?Q9IQ}&%N$%C<6+IoDt?5SuGnYL%
zQnb*NnY1?6OX26|r+4}Bb6=i1?eKoHY&@0cg<D^q3PFVAKGOM@*HNUGmlt$4k~amM
zg{As0fQyI>xG&tgeOsYyxY~%qGk`QueVDyH=4l{QDA}D?>;R#B=fjU5kFI0REl#J1
zp+WmggyZH_=bb$|wBRIxRPnK`hKnm#iZ}Zrpw7>3+VCD@Z?z4=aH50LBxKX!)bz`f
z1BwP5;ki^rZwJl{6|n@Jz@VVC!LIXi*F$o|1^bta^Ap%TTpm9Td+;$^wLBIcA=}xY
z_R?@QCZsfUd%{hKEdZch_eoUBcsQA;H(k0RMd3P)Y)sS0zGv1bsn874s$T4M=XhXD
zFAYcjWtRp-D%##=O$gUbArxmNGn84Hlm}z<g_mlj$IH;);B41!RsR)_=st4D8viI$
z#!P_zjn2W?@fU9fFI<b!Vm%lY(uur56d>2^5z|9pUxtwm7jby38JiAfqgtzmOWhY~
z%Wxm(*ge_aF8{2;dA_-h5LE!;R12#OVY5wv8LQz*{!%FOXB-mN!%yVr8kDayr@Hhp
z8X8{YDd0+H5C=K>__byQl&@zs{xYkuqsNudZ6jo^>RAx|{-A7jA*p&k$E(_Fr|5HP
z=v17id@z5_TVA7JU6ri6g@k`*+A6U4-u=nIKXIDFk-?i36lOXpfAyN#igPpNVP1@l
zuJh(gGI9)K-Q*k1qu#Hdm|@MzE^}-LXoU(r%X~+^jw>s|*{5ODZotCCJwDJ#oo=I7
zavT&YKhe#8kKdm#c?Pdd=m$NstBGRjGtM}x)nva_GlzB7x|BcmnYZL7ehqo3cw16O
zgmuI$h7<BV6=Sb{MVR+V$tjzCK}Ni%ecc!P(cXwzOLzK+xiN9;KxGAEO?KNX8Wa6u
zaGK49ajt{nuT;zq?ppr6+2KhaW7Xaz!IIme+nfCNbERaQ@RMhbILKCp(mb4&<j9Jo
z@`_cRWe5}nd3(68-Do4st?o`<G1WJW?@cj6zAq%M^O0=bW-987hFi2pcVD*XF}qU9
z-52j1oC9q0hx7%GWo*&kr}x)VSse6hHtkf##dx?M4`R!`yX)fOf^w;b3D=#ee@f*$
z2^;Fk<=74N(HHN^N-@3%n3+Jir308`bkl3so?V<Bqp@;x(>&q5Hu{1axsj*fwS%^T
zX@mp=U<}2yj=3#dIe_fm`~$eMo40QLcwSwx;($^&)J_CthS7i%S%%UN0ie8PYm|KD
z7A}1ur*g;<?AP)H^s7W*8ZUaAA1oy+U7V%uu(s<5q0;H~2yymmm_3(}a0&nZ{`T$=
z&>(T4PcZJcUq%A}iQ9@}imtQ(U(QUKxi^F6B;MU45WG0T5!FBv*2>f7a9YX(qE|0q
z-+&~1R*?He9N(d|R4H?<7Da!`P}&Z=kAer!x~metp?9UKyntXy>DTKkium|`_wDDP
zZH6KNQ`N_69Na>n8y`*Qq)(zRa}s5f(pxHH_L!0~=BW|${%XJOl8(VhWTAn^Eu3JT
z?a+BnlfJtEdAm*EFx8zxi-rnCG@jbp%(rsge(>ZEFgcAUirKzX>AZaLLKWdc9U0jw
zWDAZX!4vM~pmOyhTjSE(-QG4p);R+ah+Se#EXZXCPIr+^TF)e+@X*4U)k0(KNvKTB
z^c6$s@S9UoQ#GRYc6W{Hn`DSBWRuRlCGWTPrj_heFK#F+AJ^>eD3sBuvI<KPbfhau
z5CmFyo}bHIov5MCDu0S56_wLaVn^2$NOt{ML@W8V8{YZQ4idP&(x3CP<X6N~o4zof
ziHW`(O@CMfpb13F&CLx7kSoBMy_x)50{tmec}xW$`t2=pRY9YFll`aPZ1Aba4pqlY
z5aOt&&+$V?&U2Rg*C%ni|C$S~Rm7c~=lo6<V7YvVtlYV6HxznuQFHy@Ye#l~KAS(o
zUvn)H35}Xt^3(XgX6*C*NG4jvlrPyOhcim78JWl;9BxoB92PXF?A6@tnJEo^@H9Xl
z){%}~NBY41$_<9~Ks$XRN692@>{Z)d^<(aewbY#4hqBo!nKzr1u+x=)JR#;6k*AO9
zSsEcRs9d?8lHc**v*h(Rx82TOylQll&rtfFhkk#De%<W_zEIF?ST8ybasEj~sMGks
z<M3Xxml+Dr)OgZtc!fTHj@IN4XfeL&tE5YyQnGTW<(%`aJ0omTP?8?GJ7!q0qQCWs
za$FV5K0;V$zqpoaV{vP#i{!;$O2p2{j-hYkBg>>D$p@aT=|RIAH!2#gK6q8Yhyd4A
z?|n7LmjwFbs&&az6=hfqlwa;n7V;en^hrzxclY<Cro1f5yZ5cdM=8U2<Tq|pQxj6_
zcTazRBQld01du=X<<>JbavsbxyqP~nu-v>Q<MLAHEh`t>kGK7;Yr|#Q)#j5QUxwSV
z_(w!gqj_9hj8(XMgQ5e{T+f}Hc%gCPcLdYRKci(;;5Y5xKvR>8>@|FUI3ajJ%)vf9
zT{)ON`V2PBWza6oHU%l*bjQcniwUR|zaxTR;8%_BqXHLuvm(QJg{A-{`Y$I3B+=$x
z3Z@6gT(iQS+mCZbi_=2_?=S#LozU{F4-0^mx~t7-Q9dz9MI)gYz#}_Syb+++H8&4`
zH-3JK<8-`pf5Wns^U8*$!Bg9Vq<5D%x3>jZS;eDe89~E4G&*bp>~6G;iOS%zG8}ue
z!JeTs5Xl1^>;3$QJ(?dc@77i~B_y+e8bSly`-PqUtS?`_%<P|VdCk&$$i?%?5UHp@
z7}B?>NFDE=l9z`vU=M9r(6LG~2Yv4HjqGg3emD&=Fh~`bgr>c{Jv@{VR)a!&Jffls
zcif!Fj4F??o^QzPMJ;UUa!FUVY?HK5r0?-G=yU)8Gq6WrRDYGB+msKK*KdOE$mIB}
zuU=l;M@W3r{)}AQmj`PS2)S94RVob*|4Z!PAc^w~rvu+Kd$glRR$5vJkFXVwhO$S3
zG%0G<*ZF89cRaczv_t&BzX~Iw|8DV{yJVOXkLdRWa_ApcTGvsil}m?zN%qtz<Pb7B
z`6K6_ZdJ0hN?d#9?;_xw^|a5{t!Jwp)1tHLuQXQE)knA?^Ph3+b_^thbcuzFZDhmd
z20bOu66CslFDx~Nw*=3z32l}NxM>p^?%XyEG*C)qB_3gr=xQ-0^n9DN&tva=pC{ht
zDmD4!>-%ih3_`S}#XqxBui+(N=(;(z&jergmeDV0OTINABYk8$dFxR_nY0{(L4QyM
zojGld41L6HcXxNb;!|JXty9McGlO^+7X4O#g1n{C${VGnUVjIB(;X34D3;kQU{MW`
z)pVVLC#Tll4s3U-*`@%6yx^o+yPdve=|nz3<bjq}9-Zp<KLmmDZfbCBd^elM)E>|M
z6zQ6on$rj>bQB}ff1#^3(}@jDPak06JQIN=Jjd(7U?M*D&BZ=6?_qI%{vV(X0^@I|
z9>>{aGLylmGrloJp|NXZanMirBKg=yUjNu&>zVy^dBy@_f<CV!JSBSSTS}QPoF6c1
zy>NCcdpCOh`VCtUxEV?(gs+|G)5^jg_qjTO3?l4%EXv_iA$OTID?X{K4YC~LeQCMZ
z-qEqWdx$=@4$TZ`Qc_ZZ+{)I7<~$Y<Wr5%N^mM&gG$Dy%%G)<z?_7ofjyHtKOnF~p
z)WhRKz<KAM%AudcL7c`X1+l|f6BMGvo;36RWy1ZiC5%ul!3tdy6C`jKqq%Ll%WW2Z
z%GaOR86V=GoV0c*08t=Ky-TRrc;E|j!bn)Z0K;WGe^<0Me&6}g(aBXElYQrcRO*OG
zzop{eH=nSlCOAI#Y#5xha+}W+tKH;Z#zgt{f_cRcdV4*VN{MVfT|$zwPCn-2Q$CTW
zx~+y8XXHskf@dP$(W*xU##9`g%hSh7$G?lpUgOoP?de~+Ps!lLk-ugnD?rlRDn5KT
znqMrzy1?ddAhr8i>v|^dfwXshu>FvYm^U^**3&b^o7A?AtP4Md;Em+_=)dAd)FCZN
z>l=Dch$YN1Q&fwU?&4=PL^e*%I#L@MZs%pa{b*cTdbH_Bn)ADi?qpPe6a`=te|0AF
zr6Z2paCj#o`{et|;l%lA{Q07Qt&vQ+TltqCruK*})>djw$*q?YRcpfUZ-SWt)*Y-2
z)gSRL)xN%LXznii5F0I1jV^W_))NHEx&4cf+|##w_Vi4JKAa`$ox8HF?cV<WaK6L+
z2g8M#QP5KnIabak#)n$W&M~lm05u!bo0JmT;MMS4N=md`<W|<vO1w%Q-q%p+4k3i$
z+4f6S*%(eO!EnB3&;Ic5^F6AG{>}0Yh~3+Yr?SS>io@9N!MdTnU7Ajv=9p?@8=n?>
zfRdpFIkrtMF&w<7p4@ul%Fq8$SJqKjSU50~%kBJ(b6|9I81LS__UV+w@b?bM?{#mS
zoumJLza3gJLhz@r@7iDwwaMf`I@M_)#mUoDMkc0mmvfgDtub0-6O(R;qTZGmf6dFI
z5EBrL5p=u);sw3E7GX5iY6n3tOnz4I2-|lUCV$r-z+gGF_WjSpFGpHAze7XNE)tOz
z-(L7&&5C~aBly@#@mebH3Bj;UT$7%`Jt^!kRlm1%660!%5x-;+hxFVN$|G-BGL-5T
z*aI8K&~j@Al63|MNg4H94DYs)X*0pE{mODOBT)FN5NoRy?CQ}fHhn5i=pdpk_|s1E
zsewu;QY>+4i(6XFVRUg<NXzQj_?zQbx=zeMHXfh(=HzdTW?P9p<;lK5UZXXVdWY{c
zsNd5r-hBJ?)l4F7YzvO%&)!~H@h?{8S)}P9H=W3%t%XjK5Q@_^?SzY7O=BnR`pW4c
zI};Sn$sMJYlAnaRA1G@M8qAmcBru!JYLF9>`+Z3Fct2$b#ru1V?@Lk9`S)*#gT?53
zaA^wM$Hi?e*PWpkp`g&N!lQ1$YYV0JujrY(?9b43KiC-U0!y_Fm9o-Tg-=yF<LBBA
z(GNF;zdIEq69+^5sAp&xNyFxox7j)FdbYFr9>D(6vtK0^uU&gjuN4oCiSRW0+9qn;
zo6m3HSUb?CX+5}iPXv4`3W^vST7*61O7npDy*2nng4lLd$ZhZDhcRco(0sb_#lawi
zxb6)*dwb{oortC#|0w3^IVFK%i!b5~+mnDv=2Pe#XF@uPSB<+KD5NWQyvzFQ?&enR
zyvm)xSF8_V>WY{_uw*<~4EQ&(h`icoX4U;Y3pnsy5aQVv4ouXNV`5^0F!X0Z2PF4d
z+1cwdfA0)i85@g(^UqVKqnpgkol8qgQ%Y4&ys;^23&eHz9Squj+njc4-X6XuZ6g#h
zVuJ4XfT<2>JAhBhbWu}PjsAa(y>~p-|N926A&H12BV>o{olqp3tPrwSRwA-1WsmGl
z5t6<4-aFZQ?|JNT@Vn1@eLmm!@AG>+e*Kej&TBr$eP8!=U)R%HR#K49qq^sTJ9X)v
z<Px;nC=}btvS^q7v;@A@hYgG*L(R%8{wIZy!hbfu_GWw6)PH_+vReMFrifREEF%ap
z5<h(uc`fxbodK`63jO<&P`MvXWb=4W^JSlQJjiZ7jw!n=_T#GWMJHdPkz4YSH=8G@
zqHS0U8H_S%4rAXmOdTm}=v$6nFr*%Gm5+cFEL7{2jOz|jg=oQ5AGB;8=I1;zN0JI!
z8itmW7-ug+)nC=&s_T`^?K$kU5f=H?@{4mdCz#Hb^?eHFPja~ReFn*7aUWYhjfB@e
zM_SI1qS}EZ=PaB>{$jzFKk3GUhYI-lZc(qxHh2tnF<thB`=*Blm@7UCXLB44DOp@0
zQ{-4g>|8ysn7l!)WtcVpZ6ggB<%bfUG1i!q7WQwg3$Dq(rI>f~O3^|{z_3j|#S!&z
zYQiT^?x2rtSC))lrE?T`HS)xI$r~p<Yc+548_o#hJ-u7?`{CL~XF@0iO9M3TpZOrw
z+2o^=?r^~Jtg@r4=ms?J_$6?C24fn$J9j!DGr5X`DY>r~C5>rZWIo;neoFV$e}4v9
zGNr;dhHo2N0BnUa@-zD3jY+o_g>HSclCtooh9R|aRX}G^;_vbaLbHoil_6`ZgMUaZ
z8+)8Rhy`1|Z^??e&}L*gR??WY9@8(1=F>6jU(5@m`a1-bS;^9-nnUQcrQg%jrTGu?
zz+9Z&c4%{VW%#<FmKH!c?rCXhj`!w%{J3}J`suB6G`B1Jo9+HF#azdXV7j2**=agi
zblr1=LboMn(sZN*dd(<1v~sRCQ+?+4$dqjr>ZOL(r@UVolGNa)=@ni?C_LBMURy6-
z;<A|4bjM4?8Pj_)Yh$926M!4p-wXXrtbm{;D)>hX{VA!8+|_5ge;@xRmgr>l;^LY6
zyTc`R7?vq6TOtNJm#&;bpVGLOzqc-^VMInn_2jr}q3znfT?R$|q$cF&++21`!*<j<
zf|8caCLagvFL5LFwXPFXojl=Lqe<}za9Y(;mDz3lutd2r1>D*Dt~5vv*1lJyv9P+%
zYyu!P%eUOSwq}l%%(w9~Oz@uCS2R(N(<ZP9YYA@jJHm=E8Pg0?ymI9VSfitadh4j`
zAfQ5n7oxujvhEo#WyiB1!~tBXDb$qn_3NBPAWVac?(Jt_fbn*@FG#og{DW-mN9Fw=
z4V5Pc>c!KW%FXDncLppfDl0F5Pk4idxVVdunX#EPxa0}v79Pg;qcX&sDXY@nUM40*
z<aXnyZ>(M9QP!_5Y-@Rq&ludeG&YxXbcv)fQY9S2r6lN{vl4ZBq-;jnK23<3ctNz>
z^t(mKhdr#G8{g?Ov;GWzwbYe91}Cm~`NIC4^NU1FH9bX?egete;pJsW(jQ_hy=rBp
zPdJ8{-?oZdFc0-U2qkyI=HC$^y(xI>=Fd;;hdH%wR>%v?w=%5o+jiY{haI#%PjTO}
z@p>hDixSkgeGX|?E_Hehp)ggVPWL4;OGh)MN*#h>Sv_@U^$3hJO#9o#wtiGJRDRyZ
zyQQnCvSCOClQf;3xIQ-|hWHPz<16oozh6{-=jr^i&@$|z0zn6fw8`Z@W`d(hQs;)X
z7rG^LUPcpQg7H<oRKBkFnSGydRD4{hzW%<8mI`rgKyO@D%UMKaj?FvyogKr`Em+A`
zB!Br56gm+ix3R>jII#5fsa=nAxxqp~nU#}`O{dGx6eWg^xS9HeJDnd8zJ=lZ#di*s
za=*pLM+!>-h#a+B(>wL>N9{PYTAF>{lfvQwwcV52<F38ondT#Tx88TUW%m;0{c39q
z-rlf0JUXFw>Y2>UU}}%JZvev;o16ptlBlRu#2Z~iokK8i5kcViQ(z!aMXPMrehao9
zQ)BGwnVNn8A>tjQPMz(7WxqSz;Xjs4V9e$kOl!U^EY41#SnSe9`zl}kLGn0yYmn&G
z;Li^rw1~CXt=m<Bj@t3C{jnJ~H{>RT1bYVL_;lq^Q_}T)?WGfa6O$J3nsR{7U-WBp
z#!UsSeA12Chd!}Bx0B3?RlBrHe&jkIOt?Tf#g)s!cI^<_0c?9DjxUykSvL+1c>!ZW
zVn)^3{zajAQ-`|E(Lo~?%n^3WwR?~m_OHfpy#fYfhFYb^o|_ewlbzY|-g=lpi4m*}
z{MOqAj#)>+EVO7`9*#vV;r`WwnMRP1Ah|86fd2#uDu>O;oHDJ;W8!Fst`1W_V%`tH
z1JJXu5X-0Yhdp$_%_`Qfhx%M+*heMfWj;>!pjC^dg>3tR?D9ZzNSSOpVJGUoz<bfC
zH{2qWLCXgP^xEt{oTzX}5-QHnO22Y;;VeU~&?78;;8{i_HS|as!OKhwFzb(gOLA+l
zJN~>K$^d9YJO(#1H3|<i2AQf{OgV`Y58Zx9l{&TD_Y`rS4ImSGWS%(v6!=~tE})b3
zBjKiSN2i}~&&m1brbe0VxWyy(RU$ci?4!gJe2Al;EX<dsn&!2y&ZmpG_6AN`ljGfN
zJzJ!IM~-A{E!%lp{9WA{6>c92ahv>(MZrTGsT92e1e6>VnWJ`Wuh#gwVz(NGhVE6?
z<B1>>I_RR$?31wRwj#0xZtsuQ+$bn0;38)XlRAwZqkbu)ydvHb3K{Po8p=;nicW@m
zc5xn~VywyBI1S!p`#;o|Z=g9(41xE-pC9{=@-hc@8YC*;%fkbL3T%<cBdyOU@n;vd
zLC#r=Cpyu45wfh((R;Lie&NtcmW21a<gCXsna2$g=lt*g7)&!Lw<_?+o}@>PbIYEf
z40Qkef`mLO4f^9>2G`;&V)TFN$I`h(tw#0qXNg7c{&iS5V-OyUu|K~R#GpoOpf8$C
z%+;oGn(t}KGsu~wFtL)6$##p$-Q4ufw?DO_;iylJgZLp#`Q!Le9$}ApT$v`^CzpaI
zzWsfE*p%;~@Uwru^4DeE!m5wl#i3Nm@aIsiNDu|p`Tu<5kDt7hO${i*CMds4X_YVS
z;!OL7K;H1L4^gRjl!@zD-iVpd{qB{li(Nlf-z(t9D)+yR)@n-9UMfdvYa7s!Q-4o`
zsOeV^e=s0st)|f^WnkR6U7Sb%x`eAiM{`{MhDM!iMguaN5|<?!|G9#urt-GGxd8vX
zPy@$*p7no@<R$YzF6U}c>p#}u|9l<FY5ad&MG)es>bl(Kjek8fj$35R{e$C^s^c*?
zsFWDL@ESXM-u=Iy2}(nrZ11U#Ct&a0|G&S1vqb%&?fvgZ81g@!tBApy|9vO)m6!hg
z4nz!uvM=iT(VLfFvijI75dA&F?`s-0Qi1qQRI)vnc05W?{9orx+h)As(|P6mV41A7
z`RG&KN35KALe2G^b$U0$AIAUnJpQ<aCqMlV9Yd0n4bCFEp~jBli248V=z<tytdi|7
zr{&MeIf`%n?@v^HTPAzFV$i_v)f@dku8Jz8S8@~Wuct<pTrqjVzPa!Mr~0A4w%Vhg
z#oa#>K9e{w{z^9?&A857_2|=oZfg0T;p-(+ds0cUcVI`$w!PDAbnU8J^JJi%%~GRe
zQU8m(t$!^Ma1LiqgTL?eNebKM!pJ$(a!jP#p}@j~W*nW%e+=RcF8}i;46b2l$IA4c
zf!Taa%ISYT@}2%44|$Hy@3-ttM<y3L@c#4ugB1S91B0=K`c}j3*DJ(7Jlu~WcLQkB
zUbTk~8O0tUg?`>gPq%*E&$K>+T1|g{)PJrqGQyqGg-cGfN|bERM-^8IzFr^g#18cv
zO#J5~vNe;xYT?1Ix+`|DIXmmC)XK3ok-zD?A#NZ9ATBn^1MJjb!+Q!N{-C#Db6#6d
zvkoc$65tndEMR^dh6)59IvmR+$wKutf1#s3^CO0sPx-GOrdT)>{L$aDr6aPp^ha^{
zN=s%|UIu+|cdK39TLsLEiIw#j_s++3C$U&fP1D{iY7jJ%eyfc*7Z=_q60rPOW?^f~
zg{t$w0dWH4`mFjwXX%6GF67u8#2cJM^EtfY*!*;Zq8O6JYa_RGyI*#8Zvon;(DH4G
zzE~^A1QX=yB<#ks#+?{UR6ltJk|(QYh<NP++pYn;>|n8>0hK2|_oUwQesK^uBVuQ~
z^m2}XSkVRJDg}D3zS7xMiez*8-yU*~7%)|-Y`pzE^3O%o2*$RrEXFRA1;Nz#M)V?)
zlx#gF&F$dY-nZ3UZ3lwGhh$0k#I-4)l{lU*z@KL<A9Cinx9&LzsNrbAbjUh{8fnV8
zfUnI-g`E0WiGo58vzxhZd_1|EKe;!!h3pXC|E>~K1l=xJ0NFi~w1p(peQHXl$&dWQ
zw+|P<b1X@A6z9%RF&31Q&|J^;Y2e-rA5|x`h6wP&W}XPhTgHp3(Czs#w372FN|53E
zo+mB_s+J<a)a*6xNHIH@SQ{$C1NmQq&7ISeg93|5On^(DVxQj<6{UuJMz%a4Zn)Z*
zzSL%3%37O{a5$3F%rRJ>0JLE!sGllzjcZk!BO6-Hhf1O#MpC%z<_g+WAi`NWRH4f(
zC)e1&K2d>y#49phu*`IKS+S1)`lJ{_FpAUa0{C5sBr7Jri-Cs8-z5s$-jns>VWgZW
z5)UP5441dURm!UGpi-`*uXMMv{zlZ3wrb|a2r95a`*b5MG5vaTd5ylC$=PyDEUZml
z*-e7wSnvXJksC$}<1a*oddE6ggoD|$E*&Da-tU4nc)nMQ1ggpnFa-ukIP9md4Z?M)
z_a?VJGa1P@rhxvl`A>_KZ-e`W)A%fJJsc|EL|Y#zx-iwZ%n8IG-%5ev=_wuDM`^*d
z*4b)N7Nd5c!A|<p!66sMU5Z@%qgfBB;8rM{TaK631N{_2T-li7FSNeI`NlG$;^L(Q
z272Zqpik-mwiHF5uO+`rFz!054@vFj%dt;&6i^*hgqiWCZ-)=UXE|#SC-LY@Q{il7
zkA{Z@X`ruo@-;M+_A-?6Jx)0y!LaAzGw{FJ7_aWGqm_>0bxLv6u(GmpJ)FjHwA+lP
z+l;tzupvBEQ(NEnQ=RN^bMs3~vE>ewDoA*KL>Op+Z~#adHjF*Qg4!SGbS$#s=Yz3D
zvaTow1UpnWhaGP3ihs8!nB*m1QNJ3rF`%j9L7tUIFk*3~y*gC)lPB5xNZhmd5hsc^
z7PR^xsTetpS^*kemvHv4r=E&oWeAVon^h-UEHX#@2MwQ!s=ocQ5Ks%e<c|0375O_M
zIg*5Ce8W*Kd)+pM76Hj&x5Z3M3-Tk;y?Grje4lO)>Q=v@P~+g=-NTE&USB5)ycm;~
zv*wO>r9Me#%=#XO(lYBgfuVNy<f|fqBW2<u{!z6SA##$;&oNfP8}@As^KUhf$rTg7
zBs%x_o0znlu)5ucO-#ygp59S7wkTtn794Wb@Yd$O({}&;0O|BEjO?9n33*jD1bjQ1
z{3%bV!xr7nWJxrnkb_P*uh+cuCKY$4s#yEHoLDoO8B|)m1J%<U+E$r4l!!N8aNmht
zbbe_LODspgHor6;{;jr9GwG`V*z@7%m!40KdgL48`PpKF99dA8R9UD_{bbA*0)ZY}
zZF0Wg&kL!shtuaa)bgntvT)~t^OGch4Rl=8I(Gg+6vX1R^ofQWG{+fDGBnDCObuVx
z({(NnFD}xwyB)pdQ!(osP_qNg$>`!&?(Ru9=NX@)5*ck~2j<`LRaN8`FNziET`uGq
z7dLfuU~3Bt@8tpVrf(T97RQCo#=}kr^)1Z`XX5u?zv_?-WP3Ud=dJKS$t30@I$}?D
zX?0Pkk}t<N;=wYOj)@7{Ba@{Q<@Nm7a?(Y)glBMEfDU>F1{O|Fekt#T#X@oadA3%w
zyv2)jru*5GC1S9kS$e;ufA25*7^DLeb2~<xJ!APpSI)kCdG_hhEzFjocFkd@zxsS|
zadW^z;5Czm2e^3BsM~KK(La9tcvvdW3P79Gqnc3z#~U-F`v*;(1PmK>O`RG)UY3*N
zh{c)q6`&7hO-lT>Yadwe`=LeQBu>w$n%)RL)_toJ)o${Xo{3=dg!il~LQ`|R?_B(x
zL^ucvJU>ROo%ei%gmJ(AuwjUm4l`WJnMCP~<aL8tYEPAtDvFlWOPHB!Z<`380K7BR
zatC~zM(kI7L=}w3n3N$;%9K2|PM<<q=0w5-HEdI9NHZWl-X--)sIGom4mxwN*ogF#
z6f!7|eI_Yf1(Ek?ngnhEyY&=!(FAW<#GpEG2xXyGR}aXnNDi)rS>Iccf%SpA3j;co
z?!i{Y?j~E)pLr4LtcHslf?OtJs0~=H!nU-`V)D$LtIPOgUp^Y?a=b>2zV7pSKfwm}
zXg@vL&>=ecI5}He+u(gz7*TPJ7k2#)<{j6opEIW|h-4n7(J;@FIbYpVtuMW;laWqi
z6QS+#Q<{?Tsi{)K3rXdwt1=QFC*ED^p6PPGlNq+?WkUO{{E+I?laHVAG#$}ZB4`r|
z&=2?SVh?BUk`bbNl(lUy5&g)=#}QUMcDZ$xIz%ol`MFhL@cX|0kIff;8Io!`N9CL?
zj&Ge%UcKg7wy*OYtDQwOnYPXPLdgtze|UXQ^Hijkw_!6G?HO+^rb}k&&juu;#F5J|
ztzqN>uGkZ%)`_oIha5?b;w2A{Of)&ho=}+QG2pJB6XnmU-00K%cE?vORDbjx^QR}y
zj^((?bAs|~!x}$I)FdUU11}~#YsvC^-`xI)Hbpx7ku-X?J4jmfHA2msYPRjCRa5!a
zT|K><Rd*+zUQQGdd+w5N>nCGynK_!5*6g_rA<N5)G;TdrqKjFmDz>o4c^i1iGJwUi
z;K}anO!BA8{Uc%R!^KV*^X;Y6I#$h9;{ttw4NZZh^&l)6#cr`JuKx;1Rq^r7+$?-g
zpFGWjjX0XyBJm|^+Pc1)#FUl>h36>AcEZj`ekT^#)KAuCDSxYiA|#REHm<)RNEgts
zvE49E{ltHWM4q<3vdlU=-HYKZIL;-LPY|r16h=dH63|GIk9)GeHn3tB6chxm(Ej*c
zm@ZM#(R!BgpF!~$IH&+2;)JBg)F*%9Z1lY)+b?t-8#^aY(IY7U90KRlRk6=)2vSn$
zfJDry;zA2T;x3ob(R&ls>&`Eoqs>z}IJ*IV4*38nUt~G@;T+@kugMC;!h}0UNtw!5
zHE+d|GF1auu_(q9Zk#7uZN`t4+VBpS<_i<ty447gm&xxRx_PU(6no&bc#+HEH&K{W
zW9}^d?+2Qc9G`P?*ia}gaA4G{jc9v%dQfb)uV3%JMa2dj218cL_p}2HeQ!gzs#a4#
zOid!K^aVC9uJ2!DA8!c1L#z4h8}SbCi$HRw+j-;<ou4R(&o4X_c5{m^L<WfmQgE8q
zX(Nx@Z#)F0-N_ot)+YPSGZ$!IkOacfQcot9EGaK)8~iF``0JZAFIctI|G;x&TZ^c@
zuTd53)zU(9djCa5s7A3Br(NGw;4j4hS(?ppjnAJ4X#9o?Yo*A(6mG1=PS6-^^CJ-m
zm}gQ=ABDP}7l^B(9O?*JBin%v_hw_v;TZR~pBvO1{Ky63fy@)d?Q(73&hEZ;sSmE;
zyTkW@(a>-(22Y+7JqDRc=xe?Pw5PidAKrNnHiPWO1GWnt(Q+V1Dul2UIe#qL0uFqf
zDRL=5gzC^Pi3D3-=QpI3zok6!DG~(UiS_OVu(-55>xSu1or*a|hGulkc0jR|Pnwe8
zK{@|8`Qx{fu<w>`_K`2eC100ydB#lS>{8j<tKgTPBh!_eC;ZZPD-a~tG#G>hpqq|o
z$4?P+CHQ85oyYwvY@2s>C(x_OKH9X(<l8ihdnfC;(xyeSZjdx}mA{_EmD!!rW6jBb
z7W_j$fcE@>K*T3+?l1$hqeiLU_T$|5!Zg&Y&&sx)e^B$OF<^E*U<zX##A5yGNU7!~
z8^!v~MpA7|Ee)TALrIdxstU7m*78$=v!cVsOOgfNXTb@{i}kBhG`iMlytZSBG_v+Z
zpR29zHP3ycP|jB%$Hic@u<`TcrIbAJx{Y^T<Atao#(X7248w~-;=jIbH5Z>elbYCR
za2Eac&Ms0J>%M<jLw<5lp5=i0yo*iFC(iNOF*L`u_hPq|$O9p;^rH{7#vyd_qpwce
z7IXX;&CMbB?aay7>}>githgvH!v{d!mJL4i_wzG=)(<ESq%B^svuE;M%$)@Q+f$KN
z3+<lTv#8OIhK5gHr*5pRn}>{R_qUP%Npb_pLH%Y~16bJ$%)fQWx*!iRLGKp`I6-CO
z+OzaCYTwy*jJlsBD=HM`VZbcE|1!@nfNbPjYWj%-hL`~n%o`;C8!q6rJ{wL-M6ulb
zwmomOT}N|qC4Y4EX5$Z%+pWExGo$V}l+!VpK!J3gW$W*GsH~vBhxwXou`@}s6P{v}
zFlaUQU7?roy&|IAah}89p+K1T%#i6hN}H{t1K)DQJDWr?O}S!wJJEjf?1`9I4{+6B
z@6XPyjE`q|>fwPhsJq4ZJX2j7csxTzM^=E6o-Db3J|qHbb8zo%S}Wa2dtTT^&jj?C
zhq6m22Ynd|g2Q_di7IAF-I9@&d2Pqo6_gbJ7dviDy|;g7gf&*!(<dxF-+JdcN`(}%
z%#akhB*4*-h!eI)#MV>~AAaPwxeX?)HXR)u_g?e`og7eHY?HVN*~`pKV>>}!E{f>@
zGF|x3@N;TwYuCog)LnKIH#AF426H)!EhlSpy%ri7t*j^pGG9I(=Ah7gcM)oe4M3+G
zf=WA7e=a;5=ns1n_7jM4W*S~#HTX3-xo`65_&E1f=L>%xdbzliSBAI`id3tLnL=4p
zohK_DlP#5gJbOHltu9GC_?u*OpMvi)FqlE{<yuX}kuNIfF;xns#5GgSe){Yg8!4~F
zz)+TTk_W`>aVV8V;G$e#9i)ap4O}EI!KH04bh_t<gdBSmG=$Z(9_6Y?15|wd5r`6&
z+8$kl%DL(I&qn&<o0BQWI60-<OQxyLF{rY~OJZxz!siXw&+?G&G@ETqzorE$&ma9!
zp!6v84&FsSWZziW9jukA>t(u{Rrx&px=M-zRXHYdE(2L{P_=zWyXOQMr-+E@r8)AM
zv?vZU))%Ce9CgFh+))hIdKcu(ZR%!E`%SI;an$GlcVHg!&6tClg+NZRa+XD(#2Lw5
zG!^qup5q74)JyGtC?u06#BLNSrTubQ!oYY?(=Q|iOens(rwo#lz;_Ffkgz;y@;4$R
zj{AZ<8<rh5j=zuDJSE!XsPjD)nUQ)u#ah_Y1sUBzuj1>whhdY9Pbw65|LmF6<W9qG
z;q+^I6V;0=LysdAF;{2Of0l=NWO%e8UY}6TBLLHDiCmf6f$&xMsj75D08VF>;u9)r
z#czpk+X*8hBWawbrBqd+lN{fCtl;w%{}_cba|ggB9FEucDZgnO{ZNBs8|ntN`*G!c
z?RFaz(#byaxkb<A)&LACvECsBvL-DUP(iUAtP0bfRowyhHh7;R{~)@-miGpFqEWuo
zL7)7K%^MjX*ls)pFY8Di!$e1~g*nu=0b)aJj&lhll0)yH|5;}>Wltvlt1{`^jS=eM
zYssN&y})!IEjBlR>CPu0&{HUG6;Hck#lek8sD2%!QM~!<ES0A<OW0}S&UF&*deFs!
z$_mKXe@{414`(%;+#my%c*ODEN{(ZrB2X~YtEfyHLvAp9Q%r-9TOQQ}vY2}_K?Z3#
zni~?`pZ+INZoK>e*m|^J<9+F?-sf$o#4`?`yNfvEVqd>`mVj#esl(YHt8&43KWe|R
z4VjHUN#Ed5ignTz6j6@S@=3T}K){&W)_atYI7IcJU0CvZ8K08!8)_LbQ4mK9AQzD1
zx3>qzN&lh}2oXQh)=pqj&8G9tl$fq-rE_^4<ytc`A{Dobo>NpLqQPYPvvHzJ4*uB^
zv55gIB@~NwhnApr1d0T)jnd(WL&Qxq4{VZ}tx1oxQJDOXfeDytO!4sN04h}XI8E^*
z$0y;<d<<=qU;qo+PY+1g=Q^TnhmPKjJiv@9J+%3<6xoN{qsiA(fP;3lGe6tUl&yR~
zU3LAO{n^~@+!-ImUj&;@a>pN)0fpoE0fX#yT~Dr*BG=im=d~8y;9o5AW3p4O)`PP%
zAt?vWQ@O&}jBo%UAJS7Mp=II(6Tu@H2O2_O4jSul+$?c|mT2b;gv<Pyp90P7rn8US
zuKjG&^ES<j6N-EF+U^_`+YQmbl=-!3IbIOUIriU5_Tfb&#39_=k3Z3Lbf548lWK2O
zhVI)LI|6g<+_C#6XU`?3*}0P)A5!LfR^g$|DD-N!w^vHNFv;@TsJB&!RI&&>WJ|3F
z>@ExDv2i|T8G-)($@Y`3D6?Kl_hWr4E6)#A7s$%(&J(Q*%_sbxTZ|yu+Oc--tMdVC
z7ko9-2AjKEdF;k6LtOU7;6ydM;+{cB$1`rKUbR9;X0w4TW5mZ&$q8v@3udsdYJ&=z
zTK*ei7TQpOyZV2!<3Q$vnC;!YN+-Ki>-ssStIW*IxdjCc!>!)Pqn(}#6;ioaKFPwL
zDvFizqN1XEY&}5J1OVnUSc{~wDyQ<eJ_~M0mJaKSyiN2-L*vL@50W`zb|mlL<hfZ|
zxv!)|L{rZP!T=tlFPEo0^OZ`b`SA1kzRtjy!#m}SFXrVSzY7>;TjG&Tu$J555BdiW
z9uU~Qz6%Cc_+4_S0eprOYm2Zs31)rlB|~X8kOAy9v>P|R%3$gk8YcJ9l@}H^9Vd#B
zq1f6$sHy2|_*7PChS;g8eF!WVU-RKU8;g_UW5iOA{<YgoK?c>WwD;cb37r+Y2L|E}
zP&9-oA|};)*fDRnKzE04VIlV_FS7GcQmG}5={95{$r=%IORG$`IG}tvmAW5i(pyGb
z>1f+X6@#8CmoR-GEdKKZv9Ayi7q++97#^<tf-zCa2Je}(lHCOQDW0}lH6pB<9KCw;
zJ1eR_6!h4^lZHmrCX$W@TYq+-v3rz6*gjKiO!gzfd;AnP^t<s1KHD<Q9mS_E3aatZ
z&9rZu2jA;rCZ)L$u9iH}uQ@r-PI%{#UsJU&C33JuJ>;fMY*#veg>RHhYViZ;0u8D>
z6!1&Gz%Q%2tI$bPl$^^EVIh-&KkDhd=EvgdwE#m?iP6)WL$g@*ms>Hau+>mZD}>RP
z@>UwOVmpFyf4XjtRkj0%L%qs?G7Mkq*WhVg{k`&V7BPr@L2H?n|BXR&%dantVN7X*
zG0}|lkKC{9){keJ2d`Vqc*GM%_2PBw`<<CR1p07YlHzY+DU`rkRh3YAkyY*QI+4nU
z;J^gHt4V<iENNO!yD4(((V$w*DybdcEcZ1tQ>^jYe1E$SfgRe^eEX+wG)j5hu&%yd
z+|Y{VHqCfxWnciN0K!|_Dl5lQYm;u;z?8!?l1&I+%SDS6aPn}x_ZH3Vym;j;8m#@X
zLN4KqVS-$YEQQK1Xq04_pR_fc&Mx<s)BDF1K3SzckKEr7cocr$DAYz?$lK|#MFFz^
z*XdK=a*<xCsZis1B>97oAp^Vgj&N#uc6N4C9|@wh^KcKk8Nl$Up$eKOAR7$`5Zl_>
zSzHrd?CY=k8mm+q_BPpUQBHE-EUxWIT3Fbv+pOAh<Gv@CVS0fKqU<P7CMYe<*L)KN
zTC2O;xl8SLOt%X;U}Wt>_|{-9p}v1qUCp5P529U-{RdORm>W@@K1`UHQ=3t!x>O6>
znM>+JG{RWb_?<`w@BY{nso<MB0K5(J5)8ala?P?xeYnV@6kHae{g@Jqw#Q8ON5^7J
z^L@%AV&U$!0wpPq8&fVc*h4XF6|bdA=M>{{AHFZvZR_Tp{GJu~j(6hy5m8QDin3ra
z>xESfk>Ls{D&$km>gE~74^AZ_8pc1q;8F>f1j)$@P~ufhdu-pqzaT&9`qEsxF28t+
zOT(d(SBTGu!3D;dE6%*w?YnH6X<U3vNz^Dq-O0~~E5fjpl-X{yK+&3Oz|&J4En3BE
zVnV3G8No4ph9b)z9LR?Zfn`G-xOITqKPzm+za)4TyTW`gqHlu)mlm)JOdoE~b!D<+
z{A|%gvCF$pF%ZDZ2CggDFb@l@)D3d-fCTNj>cV2HNo&Awq{{fxBhb;&d(zBsLGV9v
zYcSH_WCWDM>&5+kM`{3fz;Gk<p~Fq!%MCAfY7`ScShM%njjOM#d$*6&-d>Q@()P|&
zE4;$Q)NZi&l=*odo|e`)%{hH{oN%D8w8&ogH5Bu60S1kuIuuOcg*SEW-`qi5MPLHO
zPOi~cAy?#xW|9(7WHI@;{&+7qQ{-TOfBM)zW_M}e^V@XQ9~96cIuCRy1IL>)qX+w1
zb?86AIr7cs*`+&VzG%-%By=HMfHt=5CZ6(xwZ@hfuV5CI_irqXm2&Pn9Z-C=T@FTZ
z>=f&~D^K>7?kmg`JM-J4;)%*Qi{PC!Xsu0Vw4_hfL!NA6k<*e$Qr*Ar7b%Z@>6~3x
zR~Muq0+}_6FTsM^Dlc4=qTucb*qy>S3#7l}xKG<lY{hK6Ucq|<+QhU2vZQJI7b};A
zH|%J^D5AQ@^f|eC3gfLR1m@I-dHezS4D`3p86|5}R72;q)IvFmEf#|@*L~FLqZX$K
zct4AIYf8<V&y-rYrCp7&WW=1-%m1pw^N#HDV?3$k^`_?xf#tfoK&f-8n&P{;ZTxwM
zRcMol?}cdV*y~+(f~d3(Y9z;vuCsLIngPG^=L(F)d4V5Jboy1^&0z>xFIrD~r_3BC
zQy~j5U4<`~Z`Osp|Ku~=_h9>~W3%kz+rrp3gBERLHNyP$uLJuIN)O021EmiwD=st&
zMS9#%-gJ=KwefUV40Q;!k$Z+ei|}?t)l;2k@l}iqEq15@Bbr|y{Z!h2O<*WQu$-Iv
zX<)K=F$=&oxe!o(6cq`sRC`{gEXjkc^ak4Q?8*xgR#w(m&$9!<!W2!d!OaXJ(|*Y!
z0s9T>tzWumAT-3rE*BY-Xgd2;23#GQ0~6Q`wrXfjNcI*f0E+osb&Amg^wEOCf}s)z
zEY<9n%{yDJdpF)w?Yui(xDG1hH4|Mp#d(G(qHmL<aq7&{$_fA<4$z(S)vEdf_R{2S
zpvMt1t9wL65rd=gWl(DKiFY}kUfgU3VC41Q$Xov^bMtG#z&ZzNS<8gW$#SpN-AoN0
zdOp5LQ%+;0j2}r&IfV?v#+45W)pK663p(zhKqewm()>4jFA|dymwr`Q{5<x#eFwh|
zRdM@Ws-IW?$QWe(2AE?w-yX{p6cn~3uu?efuP*|AOk#7_sPmOvNYiy<L8CjHqLU#<
z+pYS4a{)MwaR$yS@mRA5fwGU_oMcB-N`vxqw~M3o%v>6c#mg$^#v`oT+&>Zc0?xbl
z7{h#km#9mu8isKLpF|28NKwT$yQ0s(h2Bwe<ZK9@aC~*s*3;J`;??CaGBV<_`sqgp
zS$q4}3#W&B2f}RZ?B7I=-k=&kp=!zgRa?8G^X3AA5sYzA%{I0S^CAk%iph~eHatKK
ze^yL9bZ!h;>63PfQ4lzz&$!Rb@36uJ#Z`mm0a?DG)QYmNMtiRy-u)(DeF0MA?8q2n
z-KLCE5?<Bh&<`Ij>=zY*aBa|**K24r*@7S$mBau`t8bmrN!eg`2!Z5wrGov0&t>7h
zM)5jYXm`-NN~is=lQp$N!y}57FI2#PupQW$N@TZdpp(Vn^hH_#rt?7n?}G;`JHvH2
zICGsbw!jNPTM?*P7{F9IPk!=*i%SEye8aW0q>3I@3pXIb34hl3R1)n4$>TvqsXUgK
z%o<>f<%jsRnjQ8@e<zVGjc|$Xn9ABu8u?&R+11`#9!V#~NU~H@O3pUprFi{hEmM(s
zEcHHeBdDyTu&^edvtTj<yU_e6F6YXlgz+@tD=!%5x#jq9G_06fM>0HqCEoM<5zMB#
z*${mL4_#oRhMP6{nA<Zgc&K7A=9e}p{Z$;#o_ML?@~4!B6o^|jX?O%#!@M=VB|Z8t
z-HbR&Ju*4mtW7R+F~-`uK$aQWVsVAOoS}7PbYe;eo%T%~awkmy4-XhPxeqa=hR2_G
ze+<bUBbcNBq8xbEb^}4RuN@m3Tdm0C0;<cn;YY4Pdw3Y2dOLHiy#|XeW_@3UV4u*P
zUC2Z=`M@SK`=YGi0YYFdVsdM5N2yr5c-m^f;*j*cOS!!Xwz`Rh#b@!xYlp{2v`#(M
z&iuS*FN>qCZ_@Ra%L`-s``rTxSToh^FW;@`-a=jAozuzG`no8L7&>*gja^J=ID*2B
zQDd+eaK+-aJx=A6ZMl-A%5p6C-T+T7Fq;)hlb0T)W(fxGa@&j$tPG}$PS@dNye##D
zsO)#~<Rd>n|E(WtLACD3>5JXyiUsm;qXQY5O$`i6#O$x`2Pr7<3EVQSFH?cckW<B_
zakRt~3naG-EQe>3nk^2k>VcxI2c;_L+-_`2xeE-uZ{K|voc;C1{dERn9l!?%2<+O|
zZsqBYuiTPcxK21@Qxf_*1!_;m=lrR;&Z7Zwe0)Q0z_dH`qBqo(HluO5z!+-N3{1Ov
z@c=0l({7~jG)OWe6|r_?b7yTmQs^yyN=nMg9&-%u=OHyhX04{SezVpfY5`FUTnP?M
zo7_Yovp$rgBqe<mC3Wc+(aP}ex{u=mMH~y+2yCdW1JjOxVXX$xf2FWpbVHK`0Hn7@
zDX5qF3NeQBHFosV!$JJ+w3=70Y0i5V>>1dh?{R9LiS>;^cNc7EiLhR+@T|MO5`9#o
z!DBUyYOYr5%DfNFLePS}T;Y29!o^a(`X!n3sWYnA&6kk1ak!LExad`Dn~Iqt*&yUj
z!}<0J#|O{{ZjA`$XxM{Nb}E?SB<z8UhP=_BgxgQW4e~S!_eWQQ((VX2zaM&1?++r7
zbSGZk-U`C>u5+Dnv%XEm3ycNh8Olp9*LTG1X{&5Tt=yf23=g*eBr16tg<Ix=sTPF1
z>Vzt2eyJmUMN?k!vWjtzxAU}Tol1{t_#An;+g+Ph-5#(|E?;>RNoq3nC->^FGDEB~
z+m$as8w;8~t+eJub#;@fvb^eOX8F_-tK5of7xb+$;I!=I<Y3<HU*x-YKM&|{q3B~(
zSb@keO3{MCnt_WGmzhML$E?&Qg!KwMfYY1@j&}#7{7J++3?SprIjAQ6gF)kr{$iQz
zJ<u=^+(QQL%)%nAno{^`s?x+Sj}yq-?sUU(|DpuJPfv{K;7ne&2O;^}H)f>G)YKeM
zpipeyiZSI~q*nBvvF;b{&SMm32EK$W1`~;%JhA*;98tJB^?zt^Ed;OT(!Qjes&uZ0
z|9=vBUW$$Cq?iTMxfu3#i)<!Z^nPdk=SsZ%9{o*m1IE$Fua8=9347~Ox{PsqV^xH)
zn9WymG6yaKP3bqE$e&+oI3Frs-MW{>5->aIf8#cdg!Mg^$Cp0oG?HB_kU-4H1&N^F
zdp0)CknH1R?Rl|reEj04N0)>BE8Omz57F()nutJ2E#5eRhSPpSu>8x~T5Rc}kC((u
z&tJ~I!3N*$BwD}B2oft+80-BbWxFlc<M)63kMX=ilmooU9*=$ZPUugXF#VV6m_#gB
zN5l|bgY5W2_)r~6km$ev%*@4H`!YtEo8(1?D^8>gKS;d$e;vVj>RM{q<CB?9OX7Lu
zfRw|4x7>{<+QuP6|FSgxz4L*o<ENRU#7ytMt}%$_-!gFj|Nf_oF89)nAp6Pw82g(7
zm!abI_n#n|#-_F{yJn~KByWk}(6({@T+thU{}TR|R756Rsq9B6uc-g`?LMLL{`V93
zU;oqlx4ZIRx_0=+_Ls2zCL;W}Z<}vjcRg5$NqOV--I9g+v_e#J5kG2ZnuhN$pX0yJ
zMkBXzh3Fptq<3@ob#JmZGeKt~orzq7j0aZr69cv9M{}Fy5sv?*5ezDG_9II!trN@N
zH`B?5^7ZC~${TQ~Yya*2Y@N65{G0K9#m2|CdY)gV{;xD3UJ#$d?tRl_;>kvCuh~(z
zbK?J&6!h{!Hq&PE5B+gd+b^BA#sVE~N94?&Jw}QkXPqmYI8=qCG=huxNv3rZs4h_b
zt;{ER=dTeV5xg~3O5tz6PjmPFlK;sTu1niCY0Qx8raWN;aq8UPVu(oNAANrsN7G>L
zu&^AdN=~W@;<&WMVpTUwYyb5~sWvbE?F=nBWVhM<Zry6|)EzMb2EBj$k<j~FT`&0Z
z`L9&?h4xa&yLI`$o-YmizaLC+1L}Xy)r%8IT6pWD6nEmT@|>OTCmqn%zYWEb4Huws
zehudizPnA^{dgyKFD)qTp&Sp)oB*1<(c;Z1^@7Wg`4tVhLO}k|H+%|=PB9;xf$7i|
zgSNLYkEPr%Yno+*6EZTpip)>`NGde#Syb1!<D2E}Fq3uiqa*gIbSngdYEZDy{POS0
z+fcJ9Fwy5CiGnIJq_v4pmfvuh^+b~i*o&>MLTu$c@r_exo^e|tj079$2-KiSw<PwP
z)Mo%xg8;td{7T`ym%lxmI$z`%Z&pQW>rBn1^<tk{@?qef?v3zJog4H=7rrB8u7&0h
zw|c;#B&KJQ&k#cp2qUbM=-4+#x0>ltx6#(0jv!3;YA^?hpu^Dgmi1A4e1TB4a>qTA
zcrj_Uhah9QKhQ)WY<lgwkoVDMgoJrt*L6zKyKmIiC@4i`nkA7aX~nbrEaBXl1*J>I
z<Z9Cg9baI;d*ScIz9yTm`_0LdZLzZybzx9}r6l0ZwCk_(y$20+t}vj7R#Zy_rPJl~
zb%NylcF0?zNo-m+q8W1QgY9eDRMJZ~S4pi-U3xa9qYKS<+(w55hLlFiX+Tuiw>Xz}
z8H=05^wa?Z7?2HvmyS6PW3smn4pL>yaUMGEwv0g@8fz)&h;o#^g0s}@r7L<B8~eMK
zXV>M+SE5I+lL-YUxSjeJWoocPm6*e@LjtrGhR==r9xOz#Xn)gcW&uNaHoZgp-Q{t2
zu=(mqQq_huY?jMNuK}0Mb;iK;c%Jt~v3b`g>!emd{l=a4ror`Uf#+#b5N&(-j%hEU
z^FZEprstUp!#j(Jt!%o@d?*y$ASNbG)gQ<jMF|J$kAa1mW$&Pt)7e{ds_kyYR5|}*
zdxqH9SkxPkj(fm;vnfEYZb-q_WRU0OamBl34tOQV+3QNI^BoAvmyN#7?Iqi;j>TC*
z)d{xATJRPsI6Zc3PK`^3#DZ(NEh&D(Y@jhk$SHjqC?(088dFS3cqwBPu`7ch?s%5{
zl56}oQ*M386T(+q9B$K8fMs5~v50kO)dpy;!X&N}lfLBdT)2}g?dsZNZl=S#amy+1
zFCOhElsYo=SWHNTG$o*czRV?*NeONBeLCZ=J7_3-C`RsA`F7BG%60Y$#A{HsHV<4f
znM{%tnh^PA#aKbN_~iBorJvt#>y#bU_V<78q4ofu(K3R$wK<vM_{vhd(+9)(hQ51|
z-gxJrAbsT0%Hg=T_O!Ptp~_^j6GST24rle6{K+xjXK!AjlZ}$gB<WxJm36)Hcvt?5
zo2WyzW`%7OG!>xuc2nooz+!R=fYO9wl4HNg3Fw>+<=YEeT4sS=Tnyx!^b#FZdcpMe
zEKdU^UM%X#$pturE(uy|Fs;+-?BGv@ab*1cZMx?Pm&zY|lQo{mf?lZu{TLP(n_eK<
zXx8u)slnYOv&+}FiIx?p2*fp%Vnp)eO1Fn<RD~!r_>9|cxiM`!ed5g8wz-z-%XZN3
z=1azjqY+PZ<cjzHbn<M*qExR_b#%QH(cpu>T;DoH@>oXh_yxN`Dw&hjhz{GMC>dS9
zpNFycHxwxL?Iv?l7FYua<Vb5PM!J{shvQF+GpzIc4YYc7_QwlS2I-s}-+j(o^|)Rf
zPjXmfel;J5zMi+Grs6^Oy@+AkRF`M>{Kl=Cf9~*%VHQxqRd-^MEWdb2kbb*ZMn!$C
zC80R8bGBH0_E8LX$|goAj^TUxtGak!^!$7qZCcs;hmogcbhV+a1aju{@f#g+XqPmE
zu#AuiAR9F9!6g?2ax)@3AHxd^R1=DI*IWg<gbM2VS%L#?NQpIBE~gsg27+u84U6;d
zTh#aNN9Hy!;^Pt5npXQF-?^f@U=`Q*G<}%LG4>`)q)8NsM^~@XyR|-2K&SFEl>KGF
z!JbP^=rSkY>!};^moB!1b7KM9GX)ay1s+&F>jn=#92s{f(soQz2s_sxPsPL1cUro;
zkvpoFjuDdeR|sdhEhc;lOncc}JMQ_eyL({IF6HWHyv*&ZSl<dt0#r4Q)3_@bbnHl+
zH3RJ|H1ye)T#vusQ|HhSG99Xk<wBQ;8@U87KS*+69xDMm<YgE@3*Q;uCxuX(DyA+B
zdEewRMPh#V@VM{C^IO?^jU5)?g{YoyFx`{%<J_HWq;P(RC$ke|Bb=NB&_22+oe4D=
zbu@UL??%~tBJn41OD20XkfA<QEWBdhO<jngai->5St$s+#NmlF>-N)Y4ul5#6-T*p
z$Sn18^6Z&Li5NQB0v9(jA(2Oq&`wYGjXFxa4^M<^$H$o;&k#zQe0xg0v%qQqZ9iiN
zd$fg~7*Oc^_O^XNO+D(G|4W!39tk}Dh(ivc37I&qTI3F>xJE*e5c<!XVD^JZA4(H2
z_MAuKz}Hn9{|?d*2&^2Ibu?Y^0)d&C%pe=t02U_cs@V$J)2W2b8JfqW>iI_AHb}VS
zuX3kPQJPsQW&?RH&2o3h$kLS3>9iiatr>Z+GBN=CpU8)ANt)$j>%e*m9(hla*=-Kv
zqKrocj-3w(kz3T@$4q4r&Bb+AfS15+aVH{z{QUz8-b9ISBG_m9Oglvsgv>_B?+gn&
zpgr}R-C*co;Z&<keEh~}?&+fK$}gPvlMyWWY9zFVJ_P2Y6_icZ=i112)eOC{Pm=dv
z@I_2hKeYh~)!!+SvLKL{_A=8)OdH(g4Zt)I1?$XhY=AFQcvsxW?93YSKv#?g2j$B5
z#2DMNteXGL{<mA`isH}iS@4}$z2MZ#CZl)GJet>U$10>g7*XKT;!C?jeYBdzeLbA-
zO`iT&{<O$8_F(f?YIcwM&Qx}7?DFlQN3-(*pFG@?nD3NWbQYNn^o(e^nu~=s%3UU=
zOctfV3%bIinK#|7A$P}=;)xVSJFYWtJkgK+5bCPh6zhb~#1iWS{YDGZ27E&w&uy0W
zJp~!os1Z(<I)|15ZH72kzV<p|JdZD?jI*H;`wisxaBgj@V(NQ+I&xm&T|{zH%@TH6
z#gumme7^hMjmu}Sj-&p}5M^fgKAOMo>UH-{Rav(UCSxr6s6vML>Sl5c|L_NBSIje~
zepY|TB3)};#FGoU-Fh%7H~Pym(=={wmnG<-qmj-)kU^}Y4zyv`<_7#R&4Wivw`pkJ
zd$s%^Ek%kZ=+!)WBcKX?LN+iGr@O|>?;q;oxl}LRniV^NI0+oL6Ri?nmXwv`m>rNi
z9-Iar*%&F7e4$6PF_Nh#A_U*gn-04zft#K#w`bqESDpHN`Emo+a-yyN;%tA@-AKek
zmtz8$pf$D^pk_}-$XNp=La7ruEe6#A&s_bd|7Epp<U^~V!l;@kH7`Xt3gpo`*kl;K
z2v<AAOwKl!l#9`R+BiAh7Mr{PMDh^Z<=+>-%+{~@5m_Fc|1#lvv)#w=O4&EsVrfRN
zjFO9k13#$;3KOb8C?bhR$ND0yJ;CQ6MT8LE=cNtR-oH&k(&p8pubyvLc{KCz5r>9G
zPN5i$P~mw63W+sn?$Uy>wofsN(tl}glHJ`H7Hm2N+9{oMct>BBN(fL8av{PS4F5#v
zFz6q{=DkPC^E*F=q0|8!2vTGcFdvN$Fkg^3fBayfE85a}Y~(Ge8fcoJWIV0PK~y)v
zeo3Z>>T?vE9RV)6kipoe*0GAWF{UB(TlS##0X+w-DDVmD_fxGQKVt4ZRCHo93S}5Z
z9etrgW2*^K%{8@Zm8P1?L+#<xtnC@dW>t&p{Dp-KDDxOoxz)mOf+rIXONsZ#?|yXu
z7*(u8xi0Y5a5z}Iqjj}#m1nDSYSU!kJNs$-?gE6&sAk6;HtNh54d)J8je%`SUmv-G
zC#+<)(CLw*j@vbd=q@v*?-G`lsy_`dcg%`h>z_hFnONT~*I$_Jo)`2<Zc8RzaULjO
zZ-1VlH^uAT615|06BZ<ld*}P&?NgKAhc^M$K;fKG0KlT8fqx&eBhFs5xT&Vs<$QhI
zapKB%Ei=4w{M`gPWGxbj0;e@T`M8-9s|2kZ&mXH1%XkkjFp-rWHC(GU{!&Nz^YqI$
zrR~8rS~dcyPWy%9o0qENi;^vLdoy~gCcf?N;mp@jGx>D-J6sQp@(jTv!HGAeI!rRX
zQ8e)DwKugumIj^MiB&Fj%hk+>{xTWIv0f5OIb9!Ujm;x%?-Eaj6~{&$FGYPolH*}#
z-VlL_2}$97{0#pc;-ieOL2bTd3^5F`pWh|~S@>|OlE<(-e|Y_ae}qL&zDH*QdQdBK
z@aJZW<ugyg{J^2;o7L`ZQB~oQiw(n`&uy6rMd~Yb33Jtmry>Fq5O9)=5Lx>+*=&R#
zm)v<)fv)ezr&UZ8A|`ywr^DXV_L*vLn!>4;MXp}^{9$zMLZsFzKU@XE=}Opbf!u=>
z?idygC0eI<88eWRdi!I`nMNtOURKxqed%=(BE`glr!Thqqm6XbYpMlbq3y|t`|2F1
z==eKBuW4_YVL?N7kI8rAgRHq01SM>jSH6BywT343b_#e;H><(3{z?tlcD=8;`^Gs^
zunEx?hPZH-W^PYK=BG+#-4G&VDDSNR#b7p8%|zwN)oa%h<uaoe>}Kg?sO+<1{YVAz
z!O6RnL+BICq58x|F0+xL(4}A+W=H`x#RKT9;>SV}2p+4ztAX!t=a=EavM_mei9x*%
z3-;o=x|ePn55Z#Yqr1B)Vg1@SG2ycYDCMIaPPyCOKhv#h>_G4m?^rZY;OUm7HS4gU
zl&^p{{s^S8{Dn<hva4BLv{b1OR6zMc#f|xkU7#A1cg{BpT)RsTozBKIQ}#CP)+a<u
zISgN0+oe1@bB4fE!&_T2@25(djQjCkOVlg~7u;g5OJ-74D?Y=und$5437Tp2i4Nok
z<B`?#p_b;o6>!|UzO!%2X%sY4@7{W|N$+H4j83I3)ONim#@+L*F1^IC(GvrgoWp*=
z*0)Ogjoq6>sbrrN1lgU$^+0JPD>t&F%E8XOG|!L^q8Bi%;h}ehF8=xudimuOF;*Kr
zPSmp`5)23Thadq}7Qd&|D88OuCduxqezb!|-lyBZ{^^J+e-Fmo+>_Wu+GAs5ubt-U
zGHgwIo8Fy8vx{EgFls@oiQ+WYmq9jhpJiX!1z#pAw9u{X#5M6SKtrp=W_U}>1+@21
zFQRQK(n@Y@bp7Nu!^FbM|Di}FDZM_HQ-De1E7ZJFC{q7znl)!ZbF5k8UEl8BX6xhu
zH?%eEoyT~2(PYS2;_(gFRo=Zcex74I&rf>CLf2~b?tTGI9&~UU*zme6*~?w&7v`dM
zk{9%<7r=attV(n7{rHWKma`J?$RMxcaI530hIU8jbq*4uoc@69qG7~bsp)y`XisxN
zzDK{myJ_&GM3}j5!EV9*4{Ii*-tPX(qIw)=ujP!6g=ofXA2;;lY`EdoxC>n{c;h=~
zdUZ}h*Rd)vzLGQ<*=B@OuY)E4TH8Il(SlcbD&vq2qtO_(DZ@45n=g7G{!iK;(LI<+
zeqbw3Z$U+cU;WB}#Y*nDDj+kAIn##MSsJgkyyg9eD|@Tcb8{dSdPZPT4Ix)Ngv7aT
zxMhXRBtJ{_Zvm75Rw{S|cVh3dm+}cHL9PP@hx!VO`lim%eHL#|aYi(N9juQ#)PJg`
zOM%ids8@i{*)v#J$xlvfRtGXKd&^E_u>;3#1L*)6+8zC)jYi>fsYOdc)4?L{NnBDr
zmYzEyP~}CL(_e8N?smRepAIH^T{9F5?6x_kbdJU3m6+TlNrk@ckye~%?rx`IAx6wc
zY)*Erk;2W1V+9f-ASDgys|U&v+^M_D4dn=4{UNX|qQ142eWVKOHp?5Jf>%gKg=21k
z@u$nlxgWy*84bg|IrT3vm3mUN#D6Mh`^%U5Kqq{FakpMp!Oa^)Ew@jveBm}DtXdmv
z)|=d@Jo)h=IhcPL>seDO7b>v>Z-N)vKqK{GUygZ(SadW5A8;9B&NrJAE<4>0Zx-wN
z`@=waE#Im8B}{uT?!bbkFIxL7O|)16w+q^n7@%v>nV9{8JN+iur}xa#pY`uZnppdv
z8;X$0tP-Y5MFm4*8&&LZi`C;igx*>B4K@VMKxmD9rNYFizd}Rn5>nDo^09L3UV$rZ
z>xmG(%VSPgu{p9Ybr-_9uu~4`oCxD`40|wpCFAWqUN@;Y$O#2T4o;vesT-qBel4j?
zt}s9U(7r01Bj{*!7umQ$Yn*sqijD0rloDd`oj-;5?N$+Yz1^twR1tUg1VS>0b#u(|
z=s~3n8Y#6`Q5VOfM@yqVGEbgN+-}X#;~nkc316S9Zq;GaF*X)YCrm)m$F9wF8|Mmx
zDGyYOU#||3mAze-2)IL`7ts;GBIsC|(tL=pt}H7s9SnjyonBaJ>(VMea$UNya~5G1
z8vwgF`)pzae+5WIfG4x;FCtpq)9uwwWR(GNNK>Hqz7@(G9NeM~r<)r);@NL?e?&*~
z@}p_ON(71mYTq`25mxxB;h{U5VO!{TnW$jE6+#%4p1vqDZLV@T>6|y4eXua<b8g7L
z2*$TP)$&$5*y$2f%u<5BG?(3LLk$>Jn>?dz7G`F(7@O=aeE6_7RO;(J`?R^ltvPFa
zXlUpQld)X9kc(99#Uo7YYcpHZNui9(VPE7Q(>(5oDt=$ObNhF`(`_FDmQTL<SkV7E
z`%BwX-&}aEeERU@gwti^$=X_?<weIcB!73jAT=zsJpq#I)3y3;=O&{T=I1UisIw5&
zZ90a)_g`^@dtf-SuGK`jgTK$Nns<=63h+!%+UX*}J)IX<YR?;YB*GZO#I(s-UH1d0
z9jc_yERbLt`Q+)7N~4KnDGnGj(AD~6wOc^X%1VCT=ho8DH!VM2HvnLc?+jgcJejSE
zJ<<>wJplqG;G%P6(;*D8?g<#y3m<L?WRK>|#9lwKR98As?LDr<$u52F#QJNOQaEeg
zSMUyXDUt}8P%Wgp_Ug9x1+U9RJh&-`7?{=jYwkLi_T21g*a#fMu#=TNUT>h2Kr-Rt
zx1Ra(6U7;>{N$s)uC2kvU$dWM;!N*H7`!fYsySy~#)~;bd83?VMuglT<^Iu)L>JCk
zvdVYu)-I_z6UODR*uLy6B_8&(P<D!=P0W{oP6_0dbFDekl$@q?tmKC|k~>f0;$+)V
zevd);FB_A{5@>BwF8j;l4|I(?5eZseoOBg@&mokYv@XA~5fB$gR()3B70RF(S$qPP
zPePT3$?ky2{z|gfW>h`)>Q#Gq`)@8lR-C}oRWoRYQBx<rcPdr4GQXA#yostF)ba#*
z9hx7RV4bEE*%V@ye!+zbbD=RtqP%-_OTC>(t&uICOlK$D0)W3~c~3ed$KuNEZW0nc
z1*r9Y@#aKkLpF`1uPf3!#b5ZF>8yO`Xl$(B%Qx$(+OCG6W&=@3Ff1`I*7A#sn<pm7
ztD6Ip$WU_6Qf0Iqo8p=?f&LH^aRQ?F$<xzjW{v^4b5BNb;*L%iDFAB9cZfR{4<uI)
z)o?vr!n;uz;9@?kHmZZ|<aF!OjDRa!CbK52+pt&-pD#W}0l=enacY%%-j-{@ym?zD
z$`=n^QYOjqByDX1hk~sWu`-|Ye;K6yDAy>Weq_ovaAoT{&ui9S+oJs+ZqtTSTqaes
zskJ@#F^(>wHPkNBcI^s}P>BY(rbDr8BntmG8sv-h=VIQA0vE14$jo0{UX3t!(uds(
z@5U=B12+wxPd|t2w+=mt8z}f<I7-W{o{Tr&JT8u)Di!3bDlsZur5O1v_Gs1+#~@**
z!zy)ht?KS3wr<I2jM2Vp{&-iciI8n`^qEFtgsrdapXTBN?c4b{I5-6+6MlfUs;}W*
z=hotKdP_Ltj)7ZxA|<k>VrglK;9*JvDbI|_Eeuj#%arGx|4(CI9T(-cwmr%=K|xSj
z*a(OSNJ$BTMT4|-w=_sdivmhYH-n_K)X<<JUDC}+OAg)f-J^T&bKY~_@B4l8hm6n6
zJh7hjthMgzzV7Q<Aa0(;?@pt&o0ZZivkvh(v#u^6C>C{ReBf1B=^RuoY*Mds0rrvx
zWMOvH8nX(xJrNupCf|8;a3D1CwO;b-I<w9=F#*AY0jla|h$PN>Y$ye|S?uc5LRuQ7
zqP_!;#)#BTf`~VP%h6W+$5k(F_07y$6Gj}FQ787hY%nM53y9FwRJr0q07;!zEh+2*
z8j)bK0x%F)gF!u<KA-(Qo`qV8&PvYwtf=?;3@{>Pyue+Y0OW#U@?_~yhcK4ce*Z-=
z3MLV~!*7h(@FwE+v$qAc-Q)B_#fD516LKWp#{$*_9w!XMJS_AghXreO!9ra*h7^#p
z0Dg74HI0l9-mwo{-qQp=oCkTM<zg`$^iZCF;&lLX7v6jKCRN!iF~(pqItfk&#3L)C
zfqSD{hVuRB6Y=;4CneWL^iFI3uKP6U=VIa)5SjI4>hoKUS9oJypR>aHi#O!It-^Ue
zcTvB$Ml2FpG?7(Hq&h~+>yGwY6}uH82moc|yH4?QVQY(~>Zc!F`h$X|M4t{h9avFk
zF?wup=-NW8|3vZYpi2$WS)72p&3Hf6x_L$BaO$UY`Wx5GB-(k#AimPw#5bPG7RdN|
zgJBz8cys3kNq6NF>pryKr}MW$@5DO@PwsS7R8d_SRE_KBzr!(dfrOuTp5ofT2HPi(
z8CJ)>C0+BH=XJ?MDDyId*Ck(i8(U;j`ja_HlO#}VfQWpkQ*-fIDWqlVeK0Udv$++N
zRqeW0aBYz_<{r|6nG8AW?~-83<3g&m#&>;Sh;z!C!=2y4KkmN97LSghCvl>PfA?6y
zJ3u#{Ol!LsI`n4*k{4Qc1p_y=w~EC$2wyy5`1O^P#_n__T=05SJ>1Cu<LsIGvJUl-
zuih#sS9+*KOE>Adf%U`myLKB0v6)XM5+S0wbcu^$=#EC&H`FpeVs-s?&<0bH_(E@1
zGZ0a*&NyS0_V2j+J>A{rdrSC_&bmssllOh%AjJmyFr6B;x1<rL5z?EMVHPC;KgX`W
zs{BZ%AlxQCz@6^&g~cQE%upufr~7Vu*An<k7-Di+a7kDi>g($@F7g4bk9GgjXG{S#
zu)3$F8C!At0m`F+g*uQg^zB-6H;>kt$b0i8WkH6(sN<&gxB#)CnLa0^LNK$lB6Y!w
z>=q5oIXSsa;q0_=DDxR`GTuD8p(|PFUsd5?@9SVORB7c=4AJ=L3}CHY{VZ;#jd_}+
zcxMI8hNHvt!;3DtZwIX0ul)gV9>jm@hv!&BAK;x;xb_a|v3H4tgk*G7L$&-lTx&uD
z$QqBXfZX)v^2s$udAbaZAr4{;8Q7bD^%gkwvpW+9%IcCtF@krW4|<B?Q?r9+zeMC}
zvSKr#jUUUcThTb@@K2}Po1QuraC)0Pkf&>ACP{|uE(j7rL6hl&UHRsb?Vr>G+5TV}
zGUOKlRbdK0g&*C82GitsG-&!h0X`aXFcd$H7pMoNv-#12`(RsA5Ja8yERfuFYgq@D
z0HQ0S<-9L`vPR~sT+?@@qRMQFron;LY+XacStbw<J&O~;<o-wWZL9cN9rDG7_BcR*
zXYG{1yB$_#B#XQH*(M=h11RqkLuHGE)3wHvW+K31u=p?*^^M;Tb^IMFos<$zXa5~3
zeXZXTl!H_pp(c5T7|NCS+v<IXrAouPAz$uPyP#Cb0@?kSzN<U8CC2=G3pXk*$vncl
zdh%!d1*JswaIfu49M)Z(9PeD_3+CrM2^5TnLPZPrdvu)5i|2-km@cMX&OkceO4(7(
zlZ<0B{Nq6V+<N<E7YB{fiGBs9^_NdpUrxxXT@5&~y-lV;ySF!`<Fiye=Y_mx`p&?%
zWX`pqIq|)9*|f3naj)FF9+Y?B=%wPxIR%u!dG7c9e4$?KZSGXcGknj^x}da+X5HVv
z%2~N$U{jiN5Z`{^%QmKt&vhU+eGh$D&ed#12WgAP4nsDRHC(!#Nsl6}_aiU9LuuKW
zPXRLVG9mj^sb1fT^N-~dwAeT<Hks33e4)pvjl&8iX5)o#Yf$o;cqOGFRG^$6ytya#
zw<tz|Fsw$+m90EATE2mm&C+&1N@$DWlq(jy0uD(dUmm}lo-?+rH5jr5p}otWyV35b
zTfuV^As4AJ@&fA{{%gq|nW0+D(fs~cN>>IZYLK5-wo2s+lz-->S`pg+%*T4=zK7tv
zdw=6{*S6JIS)yX5JScv(Z#EN=ak`&=?TbgtED#TUIELRW_9bekPBfU;dX)eHZ1<r4
zfu@PafKp#9x1BKnUvH@d!LVbTnuaf3r>L#0D(sivl-Tzwl@A60>WBmRN}_Y;&Ov|i
ztUVzrG;06)ZB74HDp~D1F{lwgXeQL66xfWa-!56?c@NA<+u2>VhAD@oQE70)Vh*iA
zq)9kI)Y$|)>hRqNy19}3b8OCSPOv+~gTUuX5NB~nM&6kM+^>0TtlWBy&=C{Ukv42!
zT=k{BrNs~Ii+JP>IwJ#BIny~zTkZl-;+c|y6LH)9NhhhL-+_m#o7;R}Mr}PRB&G56
zkJ;IlJkZCw?qNRDoZ!z_lnyFplxJO!SRgqJ#@D{8JsIyOB3j7ddBlMV%0nCW+C$Wv
zyQcCzDeA^*+$YQ(YXcv(ApeuMHWF$Gj9R&`*}P*F4n_d<vp4WQ|HkG6>Y>W$%MC+A
z?}oX|qKRr<b}+`f=Uca$wHvVMLC7MKVIR0PhD$cKFQ(_TJ@nT)YbU3t#l%@zD;(a{
zOuwdM$=6nq8z+9uj#*bzm75l_Y>W(iA|i5>B`PA)unTMiHV?P0iIx4?MfGnPe<lAq
zw~%s7#-qk5K(G+&o-N6H7%*aHc>I?6&b<EUIRbLs>0pY=vMWvu!!@tDqUzOMVIE(1
z&)Tq|C3n|A5+k{!mt<j@8NWRsXM?0i4km8nJ7rJp30?Zy($X@i%SPI!t?yiQ^$PLM
z)=jRd-<+M$;*x<<dIzlG?>d!wwX3+^FT2pw4>r%RU>EHFdeMnvNkZZrK_&Q7O9Zf;
z?n*g>UA@qzY1LNLjTrT+EvSk6^$H!l`}f}81b0UU3>>$lulWre|Gh85u)o|LL+Og!
zyUvqPWH`;Y-j88gwsj|Db;Ek9V_#LcfALU4=)Tkmo~ezD6RQr0K$l4s0jFfaFsDt%
zumQ^{Nu>RUQzD@D_i^#?53b@d4~D#YA@!?GejR$8G4?;qDs4i$X>JreejC;sB+fL>
z^Wodybd%qw@J+m0L-*bFNAbOFWQl_`{|g@nhQ~=u>X<>@ZxXkC&(~~T7GGi`{7>^r
zLWX&b8+_kyzU}u8z?hTGgkQc=e8<4RYEh@VoGy@Vt5)~FSx;dd^r7NPNY2dXdZIUy
z$o@8&{Huk<6aT{>^M?3;9`t|RBCU7s&l{K;-{V*Bu6zBy#$W%6h3e@WI#o_p_jNs?
z6K{!S*ZkcL{yN-^(A3c?H%x9&hJ5GWn|}ZO|2yn|pX{#_`S)FkcP3=8z2MK`#ofUn
z;*b3)K>6XJ;BNY9*B`NiU33EfO@tEgKCSQ>qpBym?u_rHJ4>VDKptd&gkkVd`VV&2
zq`}W^NB;SPtaD%33|#a?LstKb-=yk%uYmS#oRTpSzt@|L|Lg?Kbw9oZ{b@Olr9Z{}
zKQ4t(y{40j{is*Qyu3O}w3E7VZ+F_kQn6Xqr(-WJWSGYA^pjhEU2-Vzzxwvh5bg7P
zt44*XxB(+)%JnzsJNbqixnnsWxfPoKCgtsQ%4Qn>Vxox?rX%;~wdvioXGqrHm}a;K
zMAiKLT>Z*UVDG0`=%@Mq6<|LtE+74`?58)4G%}MVwLGe{Du4ZWS~KlGu3L=o@0K_;
zo|a5}J<GSKK&$W)EbEB)Da8%IGW4c;N0lq*Pk#Sptic)lhjM?>+AHYf$Ct;z64F_&
zxOCxO5Z(RY!^7QVbQBPa9s-}p<Tw51YVH_JS3id;Srdh;n&wo)xtH&O3y8fxmJ9>d
zM+#X|FV~5gA61`4ellD{nYdjSv<(N^|Agu{Tvkls=1LC|FsAA*pnG@#st&MzvSJL>
z>dc8RJ6{?sUqnVBu#4v*+gZbg9KMsmr*t=gKL012WRAMk9*^sO+mLHC|A`P4zumS*
zR{uw$sTwY`fiM<hEy(RrS{3+-wSfpmknt5(%dv`t!4KbtXIhn;B02Nxr`BhftSk;;
z$u6I3)aFt9L@&j`@;uq;kUG7S^JIGWo=*Dy)k)To-}9|qBA+ERe7=!DI(Pp)7uW3j
zF)jr?UwVuuy=0UP=J?2IG2gC~3iQr)Pf&K&FOoD=sW}XG{~T|KOl9pgneIt%=W|&R
zsH>%DgZX@IV<W|;XjZ^=_xmrd5(?T3GK)U$JZ}NTB7%^#Xg2r!dAz%&2Mcjum^C(O
z6Zjo;hNs^dG{?tmCsY&~TLD*z<c?Ods((Ki`f-?kRjHvGM5Z(b_2fM!`4?A7ua^{?
zQimwm5Y`Sbt44M5znFzO0`{5?nM48I>7NBwyZLm4h6|f9Fsn7pM_*%7R;bl#dl$ws
zBE`cEb?j4UpPM&MM2Cw_8P!pE9UUF-u1n;kNykP0(j6T(0POH8t6L(JGn?~m9HS}H
z5pegs9W&+EIP$8Hc<-)z>ijb*9;%O<`hCBr{Fpdiy=Ak<zj-M%kx}q9*+QRxy1FyH
zgHveJqd*a(j>Og<RyC*JZk##fnOU0tHhp1gyhSDSMUHyuD<B;dm>n2(d+1a!CcQU)
zC=tQfxqpemw5y5?;j+Cl1x&ac?P@QONH`@67Gzbe&vfejl(5hOWIYO@>b@b6O#G-K
zolarT){xh2n_1{&pGh!Hn#3}SS<@#jj!EHWP-8>G3&y6Q<``(KN#Mv$@2=LV1Y^^>
zZu{Z&LPuYtKt>6a3lJ?4EOkJti{^5q0w*rN?R&vgJg=l;I0y*{2&_&V*4^&`vkKyH
ztl7%v6OUhL05HtbEfdtbwz2MG`g4|0(KA?K!4J1c`hB$UH#!Kgq++6rJL==(DKq8E
z2@wts4pwf5&i2n0@}Dl33g#U;<_Mm1cumOfw-aY{=-0$QVTpL5azVAxYf7hy^NNr8
zYaM;XIQ+)f6K13p*Dp$)_5C7idy~>VO|3OeG@V<u@oNo*ta(LdtzOSWXI!MdAfC@Q
z6V29+j!;vt(E(G0!lSQJHl#H^A(hD}kD~hG+|LGVK161F3~@mRTM-o9{COM}i)Agg
zqZr3W<KpRqMFHNZ)(IbvrA9D~d5PXlWfGB9Vbc%pr2kIZ_7}m&TYjd#tAPf~H+xnr
zrt5xWaRHwy+K9H{Mc47MoA$mt9|4Br8g}@opyturh|DFnfEz1=ihsGMKV=j|Eu<^w
zg;CN<Yf)J`n2*v<2~^&h5_z#Oe1CWw7Q^X!5evj4m#OysMFQhO_>l~0t?rv5MV-@Q
zy2eofpf(#9mX0v(PKEdpTUQ)YdSt(Q9s)Nkg(s|tXudmrCZARmasK@IRLf;GrzmDq
zOMN!drbHGBd}@)czG^dL?mTt<r~9X&i~)y$@{swd{!NiXhNp=)dreY%nU)cS#+?n2
z9X~#z$39!ksul4c9@hk-Wa#q1?z0V;OKn0YwY9atLczwOsgiNr!%z!~e+3?NP$S{9
z-6RdBUVL3crwPOzK)_~FTKbw5lGv`@R?>$-4@UOrk*au8@}3lngCOFg>rgWf+|TzQ
zjqVq<sk`b}cOLJeAGal>ZcK*Kuloj5rhQ?MZi?s(JM{LOz?}T?)-7{-@SDf-zJ1|L
zTPvWntHQOcjIw2<^lmNeMx%fD`;j4lC7J|#zj{Z@Pmf-rC)3Ok$e+X(qlT@@@@dW%
zwlf>4kJ6rlbj_`&`3I8MvipCuzCx>*$8kE=)W4j!s%52zAz3kBiNv!X>Bv@l6E1_R
z6nn2&v{>`y4Yl}JPW(?w(NXfBtZhJH?8%f7OB41IvlWfohqt=+hpP;kz!_dburoOv
zIJFp`z)v49-nd~U0;v<aF0#50>!*2_aT85Hm^csGT{>&^I>k}fkh69BG3u4_*;Q*V
zoYJIyeCrZ?UV8uMb_|HDJAXtO5L}?F0g&5EvRZl>BIQGkp6DRd`|hsZ^hwvjQS#eH
z=lCh26{uS}UVTyjU`gd<beH~BE*@K{;GkOL$zqoqOWQFnN7<uxjdapE>Q@%ZKTMRZ
zOM_3?VLcsMG3}5iaN)wAH#im^1$z8cz#|p2oRhE~Eb`!0J6;qt?e)Zp5Sevo)KKjj
z29PYPmst3M>AO`8m1kTw6BLUjfduE_e$Nfa{ht0TBgFg}XfCT)XkYHGULk4-d}mX2
z1&vQnNB0H<mz=j(DD>lGAmQxzxONUGuz*sZPRD)kVLmL?xQ&b(xh}9tf-EtA49Fd)
z#RA<^$m~M${ZmOvpHu-|mdMs~a3*cn8^LNX?Qb%A3*2uXf$U%i3_XV%)dxHCqa_Sj
z&(PQS-KQXPa`|Qeg+*6Xm&x?t+Ej1ub*_=`_4Q}i=yM<|45OD3l%0V=>|3uh$^Ewj
z+hO9aMe7S8>^wev_<*->NeaCj;uPDbk6}93#wY)3EFJfrM}`Vg1|VM0m1W@q`cWcj
ze$+?$BXDi~Ihu{0$LuG|=t2wrp+dv7FO6Gdf_isB6Vus39Nap_c4$S5o^Pq`@61aB
z2*T^QBB0+O^G6amC?X8n-X|hGG)!zp{UWke3(fhsvPH*!I?S{v#d2GDE3fIb#R_^K
z)YRZnv&TZdl-;AF%|suRH(mkMCbyQdz8k*XfJRe0I`Sa8Q>E*An~4y-F58rV7&uSu
zYA@^wYm;;BM!%bCu>SFb#;7g!vCrnbDX>fsKm<%T-H4p-jEX8q5hb9!+O`=}v<rwV
zx1|bJ@nx@k2au#(b(D^*_bZ6GN$P5-#Z{t1wvmlMeE}miM#ZME#ew{u0!c?7H=ei2
z!cuc3j0)*&rA$)_!-uiCYSob`qQUip+U8UEco&l;OSN44b1ndq{9^ze)txOPWINYk
zn#WNH`VUxDl2&457fAerv318AafLGb18&G^2HLoWL>J%2!zKS#h4D@K{(NX8a85G`
zmWOl|VLQ^z?Jqj4Q~en;ormzr5Ag=5U!yt2)>@t<geZLo#{a`7)@V#?!<Rbvp=ka`
z?hg~6axV0?Si~~MITDWIzR8XH@RTaLxbv=2$cs<8EM-G=n>gPMFX4^iohyvnUu(v@
zUZpep(4-pA>k$p}Y3Fb+LNcP+t=*aWfFJF-G^M_#RpdgRRs@t4XCj28qHVBGRPz6w
zSEBc2<g(286_^PjogCSv&+xtAaiz&SZ6IGo9qqpdY!m2wIG&D~q2}m<Fj)TquLSzi
zna@K*F<4&7Oxu+yCy+xq_a`0QbP0POP^)y&!FqMnal4ygK8U5!a(|F81C-O)lE?Mi
zt@WAqx=qF~Hc~vr99b$jNPPJQDD|9aHn%`835Pg}K+i^BJ`OtETbKXfs=BfLcJ(}4
z^fPgOr=I{DV7z5at(KOT&*S2{Sa@JX!EW7p+n=lUWQ50Y{Ip1w$_}^NKE6u9CJ&y^
z$B4mkgSOHuC#|YV0As=ur8`Ys22uhh<2e_EjyL`5*Ze*9&!ErY|LiLoF>54v=MR<H
za%r~o=~8hIu@BKy09vzhhwyNTOetG2$mXQqVkC33OSB9~0Zm1Js+U?QPb!DzsBvZW
z?1qU<cSI0*Leh;7yw{kNbJ-c5UcY{wQT4`x*BE#JsFWD7Ai1A^ZroaoEe%HU#uS@&
zvjL&RTswXwb$c}l1ZI~`HUK1w{6so3uyac2r0jb#CMrH5{-a#(ZN$@{pp)CjQL)^|
z;Z$Q42-&rii<Gd|&mAd^BdP_Y`YZb60@{`9bNpai90Skm8j1!m+iHqqz=uGgYpP+x
z=BUDTqb~{p`~_h#v0Dlm?Wt=Ffo(iE4J14~Jis?;6UsRG@tU+#n-duO=>cTzo%HG7
ztTd*m?@g-%QtHvw5eHeFLReGz&(O=$$#f*;pF5pCZRa=Lj2#=GZk<?3g3dHEfg+Oo
zm4Qt(+combmpoo^%}ol9e<i8cK2AJz(+;aig4lTda#JW}y!nJ>Qs(A*w?evVSz|@4
zQCa$~x_tw__UQZB__pwGXL#LNooges=)^e7ACLE@V=%QJ35q5I=Cc(zNQ<vI=e?eC
z1kv9y4tjNMa;0nCm9a)7$aU|w6*hs{PV2QB$ayu|1m(KJy7cuv3iTK*e0n!{4w(Cz
zG{)mM-L9)MsjJOd?nd4SbqqO$BQ1FJhq1BoY@5G3jwfLH!hTn0cj#L`D%8@{OYZ+r
z{pN2rU`6l`A*5RE+Os?@{c#kSK($0{(bzx7M^FhmgQaCgre^j{7^;B{LO@9P2=MRS
z`|fRUD+uYhUsn1AlGe|28j}h+gbNdHr@`VDJ7QxCy>|;z+UR5T*Bcw!u^1%gtcO|6
zy9p(%-{oGYHYw-23t||xDE6_7G*?rj!8L9TBV_G)Z;L#XQ}lA=@ir$}xBBss$LbFn
z$b-zry}|)Hl>0L84I6;7evX&Gav{O!AV~8hdRMdHITtV(zcw>E7tRAHJ6d5MS7<1K
zBZ~^auXMn?`%Mv1OJxH&m2{gTVyCD~PYCZKS+vDh%{mfJpT?OV&1D!WGS*)$)mC2`
zsj(yBGE?LP4b+w>CjZJx3Sj#N^ec}GywsE0zo~fmQcD$u_)~JW4Pu6YL%W))m)3T6
z`c2<4Lj`supgd;KnHX3v)W)NX<OP6o2Xi2zE>!AXeGjrbHa}NGJhog3)ikC&wz%wU
zZNJef-G=0vb9<F!#5CZf=*v_s1yhX|@bSSXY2lE~BPg^+Tw}B7%bU{GkEY%Ik{G*g
z5-i9zeu|M&M-x{e*=}672Pa9&DEisCi%(9ftY&qy!oMD!6dl&J@&|mSWgfxQSUOkT
zChTd`DkT}9)mTmvrXgL^OF*N9Sz09;OVJc@gg-nq-YhFij}&IG(I-(%OP2i}Uk#oW
z#4Vdpv^uP#4cJIO6&0l%%~?dVnO^i3z*Soc4hTq<ETtMPvjGCxCY^F#JeXDVRA~DC
z5xCeRa>;Zw=L|3^>&Myyb4O5|y5@>QBR~eZeBe$8a~s+6E@ax*b+?x;kf+e)U}<!d
zNOxT@xac}&$<4_vgNh=%*>>YK{0&C=G6F<M$Tz2lo3K{iT<8hDlW<SA*0PQBJSa&C
zXDMdhnw}SrWR5ZIEh7UGD|b|W;9|5Dle?K&&$$YBZTEV3tYeK;gb7XM7GD0`p>0A6
zQG=BuD!M&9o*RK65EOs%P*I8U%9Rg8kJlR@lN6c>B3M$1+zIQ3`dSAZf3m#?R#P?V
z$$X^62>7eh$gGS4eK;KOcPv-r$CuhwM$OwaNG~z3Xl{LCSPUe4pvRqn?UU`#6qfPS
z_yl=Q&-`S@Gatfu{fWaNun~zV74kTa2ahY@=g|(c1Iw`ivo-}>k+7o!yMwZZliRN&
zUahWvRHe<7PtzN+65@o^l=J37-Nt(Y=qjnkrFWcacrmVrlP{ePmtUqsE>Z8Kasl07
zWoRh;jcM^l)EZ+u{>B`eem|w4#qenttTbQtqu>=y{i;35(4fA#&z9dusCQ=C(Cb6v
zpdEAz08-3bTh)md_`LRL#h{nXj0%rX>#n~TB7DfojowY*)?3ZGmp@&3dwbPz$ivd*
zfKke2Cf;gNP+@Pb_o)p<&vyOR+wZF$mQh`oxQp)wR?cu7+MIIdzkocxc)<T)4bO%G
zi#<=f?bs6P72QN~*!5G+9$WNdhV16BRW_iNnmo!xvS~q77ElO_F)Vn2#b&rI$SJQ=
z?tXm4x8Y7g(j&e?QtkXhGs~cOs;KtXeHQVa{$>7M%iZ%e)ZA~@XOcZ`iH8XA!Q7vt
zS{|Uts1RE!<bD{9N5(946+1LIT(6W(aaOAN*+;8}CGvkA9`-9VbZr}1pKZSM87kVw
zP1;JyJYW(yg%xfq55MP$MAp7U!zU`0mN*E$4Yl!6b|`LWkdFRVP<tG(!x6hq<+OGa
zE7-8Wb9gnI)Ch%>gZ^}dheuh$r7`~7SfM=yOeW#C6~^@r`j<x{AXj4AF}hd$e2pwu
z?Jkd%ox602_ZcB(J#gTaLUO!oi{ViHiyD#$@ux6<$IcfVS1ncW!>Ok~9&CzaVIpb_
zrU3>S063gx+ZyB^{h{{Rk-)xtwsCI@pIWf^R_W5gk5m6e4M8Bg$6*nB6Qno5j17Ag
zv3Jdy`=u9IESCu1<$8;z5PrsR9&NuBOOCTajQYkB#_jbyz_%LgCC|B(-reSi0|SbS
zTvrFrtt<n(5d2B**;c}?sh!WNJ$n~A1HPNNZ5DRH9MwbcF^nS1)kMv%Y=k`dg1={l
zKTZ4j-Fc_YBeF4;DUWr^?PCknTJu5rz>P*Hu@wXhZXGM~QF8zRmFX}m7A&>dC_K!0
z{Tc^ZYSG@MAIV?_d{WOD<|n|n8?CYDZ#afv1fD1Vs6leB!)T@Kflp9G23iLCA?8m{
zzML~?kM#z}PPwx88TGV}_ctYU=yfwX<I`L^Sz-3zMBX(g(2u*}jY~vG_%%gT?quNb
z2x+}N`V!)AgI^pE=qJqy{0y|d_<;ra&<oeLl4yvFbbz*mc;FKtCq6hBw1=8v1s(?q
zh3ax=z^4=t3%TKa3Yc5;Oi@Qv%h+VGe`jo=?GT2SuYPSs^GfpgV*y;^By$jl!_cti
zs+9YIj#zzk&MH(ZK}F5a!DBo3W1A0qa^>>EfI%iEt@+cv0p)FgxcoOFA@&JE@?ObZ
zhWP<2!vJghB(=Wifu~GRvasc0em8&q@+Vl{QweRCmNBxj1BVD|2xV*K^r1DetPfz<
z29Wc`1M4FQDRALIV%1AH*K1}2xuv`gz(E1lhkUVE2$Un-3_QnUIa)mEu;|b>m&Y1b
z=<aSMn9W-=g&9uaL0{&s#_+>;OC;!>w|}+(c^;Sq2MsoUZ-0SHN$!GBSaRro@s12n
z1ec)mK={wijz3hx)KSz$=iCL1BpS|A&;%0Q-3S<oK5C6Mx`y2LJ{?A*ezA-Maq2^Q
z462rgyX4>~HB-R5@_t(mZi97`(9qRI<2fn+zS<XSA(<?n+g^9+KUW$oesGlY_|tY(
z=4f#r+VW~g6uDozuZ8lT7`oLK9Y5m}X|b8}N_Kz#>P%ZLOF6Ucu^a%Y!i|nD#byv8
zGsyX~Qul@V3E!zxrvRyV`#C9zbl@eER?e;3W7HeS`~H|wim!CU$b<2mfPg%hQVdvv
z7-5?@3c6O2=>{>Ps#<d5P+~pv;gNFyEP$Dmj|ax9MU|9hbtyfzCl)4x&W9^RM*Ee<
zhF)DA54acLr&-k(o;jrAHCjyB-liARD$gn19{Q@uEGW>>Fi>siqlxt6sIJ29rR0z2
zKRTs^?@iH3{AlBQse?>FcdEIZa=~oW;OEp6?qI5F9ZMSm+jH0l!hIP`f3CWO$0nv7
zH@nRk7Ma$!)MkEK)vvC$v?zJ@?vqdQ(E-=wxZLxus`5#Ghwlf}huOnhi+L6d)YR1W
z%iZDy1uPM<k(mLTihKLJCKDTc7cXD#XE_R^=cAHGM}?+8ruV(8d&qmuUGeCZy_A%K
zx39P9^jlr$qregg@z!3je^b=b$^$F-j}~$LeZ&3tI5Wuhz@7ZA!FNP^G?zLzYh2#*
z?kD-x1<#PK`_%XE>Q>P;cXrA^QC{ZS1~;9suyCLACF_Pg7v*5_a%~FqfpMTq&53(H
zs`}(%pqpf;TB+`9yt?nJl^A)LK>GId8-vZJk(hxF)*8hPv)FPW0a;PJI@y6c2@!Eo
z`Cy~r?c?(^Eh1ZSx2y5u1-_kz;yPb^CPS%oa&Ei<>H8JR2RwCbcqO%8<e1x}s8ed1
zOBcouL>9McUMsnNQjuwkPW$%8$zDRrnsKB+zp=!0!$>@c=eBrvI?I{;=L2^@6E;hI
z;Lg)I$7hdRMcbqI!sWX;?mGQIkokN_gKPmBt-b7V`|bYz?ky%-X^$9Qaj@=P7-f{B
zKCYAn=MO~@wX8>vAIEpFit{iqFfG1Xi`{5*EqQ(|+si9gtwzr<ckc!*MP_q^^7ECd
zz4f)VkoMM_b!?lyTKDPs?pc|mC!!Y@@4LLnN={y|8URB=&5^v^p1p*=i3Z;L>n09L
z8E?7^IocCSAF#7a+pE4Pmel`Jv}wVZOKEGlC~T}4A8Dz+;N%eGFFHZuIiHMkoh5);
zi`C+AST3MiK&(aV{Z0G)?f9pm;SoPg&S^Sy7Z5tQ*W#9X)ev}CnJ(TkU3WGeV(3of
z$h7$s-Ypk9*lr^;f5Ehkym785G_}=>5-EdW8QbyGr?)Q6PD?^2mT=)lIp2*yxy`9$
z9@z1eh8B7-w4-N94^aK`BPOPkLLFoJoT+^tq3P93xx;sI_u2~99d#&7ZSh4#5D4pz
zl@v6eJvwoH7=08ZDf7TnvkpU*6(e(B)4l_mnh%%6L}FV}Ix#eNb(JlUlv}aV(IdCo
zWv7oc#iO=nxW>)*S&l|p6^T}FpR#ru#nfch#o8&Vc-dUdiBQAV5@2eGcT<=>Q#K1G
zAsZ4Kt9bEj?Ze{|!A(p!Y5t7lI+y)05qUyr`dNp{dk$}VCJ#0IYKTkHbh0l~@_xiQ
zclr7EWyk)q8v7m*uIE>2K#glguvRu$+D!vL2>Fp(2KnrOB5xq{u=ZK*wxEhePP_U=
zI&mNjX0i7##mHn?AwhfsrRc5|1b9(yZ?V)6&eB4Enty{)n({J|sX3Fcy@^#EUz(J)
zaxAZWgZN`{u@v0Zt);{Aiiv%-<Bc=DA&VX^34}zGW=p5`*B6v~3k`8g%)6@k2XfU<
zQ1?bjm2-bGi6;;dT_w;NsMw;ob@<gb-AJZOe<*k{X0KBsbbm`+9w~IwbS*UPHY1CY
zlS;IM>vs9}irpcLeWPYwR`s}1(R^#CU<93JPfpDGhV9*><{0vX*gQ`}rSr~0=Gs)D
zMu(E3Vyaw9qay!KQ_4_i>i6#iZe<q!*iKoYltVl>_k26PT%waaqbH;DBk0<+bZVwD
zbu8wvn|#idH%ueG(;}yJtS2lgI{&JGjGRxetaUH!V5>{H(t*)qO+F$jiiw>@OTUQY
zuKn<)8mHh<FP^m1PhG<x7ukmoUsa@e*eXrzjO~o~q&5dXt2{CH8LxKFe`#mLpMX|%
z9A|%W%AwL$yGi-!3hqTbJlTvle;69}kFKBUmp|}1|4~Nd;EiR3kuO5FbX;{O{WeqQ
zQI_(vXZ_Cce0J#zQ+tiq0`E_0K5I9U(2fveMc>)7GIStEAY{>cQCm4%uE?ABUnt2=
z;nw6$w&ANCw2QbY)RZ=qTz`$WRTqTrYg&=1912>sA6<OV77kYth=m9_mm=KYXEB<!
z8*T?~A?DobC3S28S-~aOjT83P!do{ACV`}k@J!1cD*Cc?9)b8lh&pZ`I60Aqty`as
z9N^F2ug~?m^{j~2U5=imKM;t|Qo8Omx9{5zT1;_mI=Z9p{QjCuqn|eRUF7!-o`kV`
z<I;gsWA~_jedZZ+>+m$Z`}F2uWb}g$@<D09wH1=&E{l~Htt!91fk^cH%8Gp_`PTfq
zZ2ryr8L!yIYs;kVqP5?iZJ?W<8OOakl=LBv2)i2uBHH)9`ziRVB4Y5`CzdcOkI`n{
zNEEvTfmpqjvwP;(JM2F{LeEzYUC<z!NgPWNAou=thQB|&Q=VG_pM+7GIe1mTAob5r
zJSA`1M|~xaPWZ|fxYRwpVwCaG<?64){r*bX^t#S`kK+6|Z>L2HrLN;Nla$T$QOO23
z|3AAxAQsC7RGhhoY(BgG``IA;Q&w^R^)2FmKP-Yd=ywzR{#+%#bm$bqsb&nl!pZ;p
zs^J6AG^de({e*liV;mjvD<57NiT<;<PvM2MjSKdIYWH#e+2&a<_it_S|2}%h$kIQ*
zLm+aD(Q=P_cn%i&62|XYk8bqGiQN6DXzNeC`QVZF9o($D{7)19{aQZL9|VyvL=z=-
zhxrW2-TAot=7X?zjoMLpDfcCQ%lS#n_YaR*omf~|We9T<f8QwV(aKErjkJUB>?h{$
zzLD<XK8U$Kl^oBqa-6^MKU*AwRL?G0HRG>t3$pHV*E&4f8~C4J_<q4Gg6zHx{-pM#
zc|j@a+UMFJ48gyy=gujT=LhDwT!Yw6cTCU8M4EJwu+AqOjVRh?wapCp?w`#TeIXiH
zX5>k}=R5H5(eIzy$^L3SoeS6>tX9t7+n*}X77$UbzmmH@%TleWm_)+gnY8=+mb!D9
zY~jK0J`)nVt#u1ubL&)Avw70FtT7Q;@OyUxr+#<9$WI?We$Jh;7_Dv3o%-Dv(eM81
r|F^PvC;QhVZeOmn7x?`v&Lfi3CAV@DkBshPH;4;AeUkS`$Ls$95njx%

literal 0
HcmV?d00001


From fd30e3ff497f6bd6984ef329e0e62592da085af8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 14:46:58 -0500
Subject: [PATCH 320/475] Added new JWKS URL setting for each OAuth provider
 and updated the associated authorization service to use the setting during
 the initialization of the authlib.

---
 powerdnsadmin/models/setting.py               | 18 ++++---
 powerdnsadmin/routes/admin.py                 |  8 +++
 powerdnsadmin/services/azure.py               |  1 +
 powerdnsadmin/services/github.py              |  1 +
 powerdnsadmin/services/google.py              |  1 +
 powerdnsadmin/services/oidc.py                |  1 +
 .../admin_setting_authentication.html         | 52 +++++++++++++++++--
 7 files changed, 71 insertions(+), 11 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index e820af91d..331898a4b 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -28,7 +28,7 @@ class Setting(db.Model):
         'allow_user_create_domain': False,
         'allow_user_remove_domain': False,
         'allow_user_view_history': False,
-	    'delete_sso_accounts': False,
+        'delete_sso_accounts': False,
         'bg_domain_updates': False,
         'enable_api_rr_history': True,
         'preserve_history': False,
@@ -44,7 +44,7 @@ class Setting(db.Model):
         'local_db_enabled': True,
         'signup_enabled': True,
         'autoprovisioning': False,
-        'urn_value':'',
+        'urn_value': '',
         'autoprovisioning_attribute': '',
         'purge': False,
         'verify_user_email': False,
@@ -69,15 +69,17 @@ class Setting(db.Model):
         'github_oauth_scope': 'email',
         'github_oauth_api_url': 'https://api.github.com/user',
         'github_oauth_token_url':
-        'https://github.com/login/oauth/access_token',
+            'https://github.com/login/oauth/access_token',
         'github_oauth_authorize_url':
-        'https://github.com/login/oauth/authorize',
+            'https://github.com/login/oauth/authorize',
+        'github_oauth_jwks_url': '',
         'google_oauth_enabled': False,
         'google_oauth_client_id': '',
         'google_oauth_client_secret': '',
         'google_token_url': 'https://oauth2.googleapis.com/token',
         'google_oauth_scope': 'openid email profile',
         'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
+        'google_oauth_jwks_url': '',
         'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
         'azure_oauth_enabled': False,
         'azure_oauth_key': '',
@@ -85,9 +87,10 @@ class Setting(db.Model):
         'azure_oauth_scope': 'User.Read openid email profile',
         'azure_oauth_api_url': 'https://graph.microsoft.com/v1.0/',
         'azure_oauth_token_url':
-        'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/token',
+            'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/token',
         'azure_oauth_authorize_url':
-        'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
+            'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
+        'azure_oauth_jwks_url': '',
         'azure_sg_enabled': False,
         'azure_admin_group': '',
         'azure_operator_group': '',
@@ -104,6 +107,7 @@ class Setting(db.Model):
         'oidc_oauth_api_url': '',
         'oidc_oauth_token_url': '',
         'oidc_oauth_authorize_url': '',
+        'oidc_oauth_jwks_url': '',
         'oidc_oauth_metadata_url': '',
         'oidc_oauth_logout_url': '',
         'oidc_oauth_username': 'preferred_username',
@@ -284,7 +288,7 @@ def get(self, setting):
                 result = self.query.filter(Setting.name == setting).first()
 
             if result is not None:
-                if hasattr(result,'value'):
+                if hasattr(result, 'value'):
                     result = result.value
                 return strtobool(result) if result in [
                     'True', 'False'
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 0d85d2904..5aea1d206 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1642,6 +1642,8 @@ def setting_authentication():
                               request.form.get('google_oauth_scope'))
                 Setting().set('google_authorize_url',
                               request.form.get('google_authorize_url'))
+                Setting().set('google_oauth_jwks_url',
+                              request.form.get('google_oauth_jwks_url'))
                 Setting().set('google_base_url',
                               request.form.get('google_base_url'))
                 result = {
@@ -1673,6 +1675,8 @@ def setting_authentication():
                               request.form.get('github_oauth_token_url'))
                 Setting().set('github_oauth_authorize_url',
                               request.form.get('github_oauth_authorize_url'))
+                Setting().set('github_oauth_jwks_url',
+                              request.form.get('github_oauth_jwks_url'))
                 result = {
                     'status': True,
                     'msg':
@@ -1702,6 +1706,8 @@ def setting_authentication():
                               request.form.get('azure_oauth_token_url'))
                 Setting().set('azure_oauth_authorize_url',
                               request.form.get('azure_oauth_authorize_url'))
+                Setting().set('azure_oauth_jwks_url',
+                              request.form.get('azure_oauth_jwks_url'))
                 Setting().set(
                     'azure_sg_enabled', True
                     if request.form.get('azure_sg_enabled') == 'ON' else False)
@@ -1753,6 +1759,8 @@ def setting_authentication():
                               request.form.get('oidc_oauth_token_url'))
                 Setting().set('oidc_oauth_authorize_url',
                               request.form.get('oidc_oauth_authorize_url'))
+                Setting().set('oidc_oauth_jwks_url',
+                              request.form.get('oidc_oauth_jwks_url'))
                 Setting().set('oidc_oauth_metadata_url',
                               request.form.get('oidc_oauth_metadata_url'))
                 Setting().set('oidc_oauth_logout_url',
diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 46fb1af16..691b15397 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -23,6 +23,7 @@ def update_token(token):
         request_token_url=None,
         access_token_url=Setting().get('azure_oauth_token_url'),
         authorize_url=Setting().get('azure_oauth_authorize_url'),
+        jwks_url=Setting().get('azure_oauth_jwks_url'),
         client_kwargs={'scope': Setting().get('azure_oauth_scope')},
         fetch_token=fetch_azure_token,
     )
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index cf615e8df..8bcbe87c2 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -24,6 +24,7 @@ def update_token(token):
         request_token_url=None,
         access_token_url=Setting().get('github_oauth_token_url'),
         authorize_url=Setting().get('github_oauth_authorize_url'),
+        jwks_url=Setting().get('github_oauth_jwks_url'),
         client_kwargs={'scope': Setting().get('github_oauth_scope')},
         fetch_token=fetch_github_token,
         update_token=update_token)
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 68775a2c1..0a62463fb 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -23,6 +23,7 @@ def update_token(token):
         request_token_url=None,
         access_token_url=Setting().get('google_token_url'),
         authorize_url=Setting().get('google_authorize_url'),
+        jwks_url=Setting().get('google_oauth_jwks_url'),
         client_kwargs={'scope': Setting().get('google_oauth_scope')},
         fetch_token=fetch_google_token,
         update_token=update_token)
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index b5da89eb0..432457ffe 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -23,6 +23,7 @@ def update_token(token):
         request_token_url=None,
         access_token_url=Setting().get('oidc_oauth_token_url'),
         authorize_url=Setting().get('oidc_oauth_authorize_url'),
+        jwks_url=Setting().get('oidc_oauth_jwks_url'),
         server_metadata_url=Setting().get('oidc_oauth_metadata_url'),
         client_kwargs={'scope': Setting().get('oidc_oauth_scope')},
         fetch_token=fetch_oidc_token,
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 26d9a7294..5750d8944 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -663,6 +663,17 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            value="{{ SETTING.get('google_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_jwks_url">JWKS
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_jwks_url"
+                                                                           id="google_oauth_jwks_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
+                                                                           data-error="Please input JWKS URL"
+                                                                           value="{{ SETTING.get('google_oauth_jwks_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="google_base_url">Base URL</label>
                                                                     <input type="text" class="form-control"
@@ -791,10 +802,21 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            name="github_oauth_authorize_url"
                                                                            id="github_oauth_authorize_url"
                                                                            placeholder="e.g. https://github.com/login/oauth/authorize"
-                                                                           data-error="Plesae input Authorize URL"
+                                                                           data-error="Please input Authorize URL"
                                                                            value="{{ SETTING.get('github_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_jwks_url">JWKS
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_jwks_url"
+                                                                           id="github_oauth_jwks_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
+                                                                           data-error="Please input JWKS URL"
+                                                                           value="{{ SETTING.get('github_oauth_jwks_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
@@ -915,6 +937,17 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            value="{{ SETTING.get('azure_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_jwks_url">JWKS
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_jwks_url"
+                                                                           id="azure_oauth_jwks_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
+                                                                           data-error="Please input JWKS URL"
+                                                                           value="{{ SETTING.get('azure_oauth_jwks_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                             </fieldset>
                                                             <fieldset>
                                                                 <legend>GROUP SECURITY</legend>
@@ -1206,10 +1239,21 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_authorize_url"
                                                                            id="oidc_oauth_authorize_url"
                                                                            placeholder="e.g. https://oidc.com/login/oauth/authorize"
-                                                                           data-error="Plesae input Authorize URL"
+                                                                           data-error="Please input Authorize URL"
                                                                            value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_jwks_url">JWKS
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_jwks_url"
+                                                                           id="oidc_oauth_jwks_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
+                                                                           data-error="Please input JWKS URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_jwks_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_metadata_url">Metadata
                                                                         URL</label>
@@ -1217,7 +1261,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_metadata_url"
                                                                            id="oidc_oauth_metadata_url"
                                                                            placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
-                                                                           data-error="Plesae input Metadata URL"
+                                                                           data-error="Please input Metadata URL"
                                                                            value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1270,7 +1314,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_email" id="oidc_oauth_email"
                                                                            placeholder="e.g. email"
-                                                                           data-error="Plesae input Email claim"
+                                                                           data-error="Please input Email claim"
                                                                            value="{{ SETTING.get('oidc_oauth_email') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>

From 369188e80e95a8896b6e61326ece8acc706fb1dc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 11 Mar 2023 14:50:02 -0500
Subject: [PATCH 321/475] Disabled MegaLinter workflow for all branches
 currently.

---
 .github/workflows/mega-linter.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index 4c005da54..943d3a30c 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -6,6 +6,7 @@ name: MegaLinter
 on:
   push:
     branches-ignore:
+      - "*"
       - "dev"
       - "main"
       - "master"

From c61489adfc2c1d7cc8aab384b17846ded6347edc Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 12 Mar 2023 13:11:20 +0100
Subject: [PATCH 322/475] Improve things for using PostgreSQL

---
 configs/development.py                        | 10 ++++++++++
 docker-test/Dockerfile                        |  1 +
 docker/Dockerfile                             |  1 +
 docs/wiki/database-setup/Setup-PostgreSQL.md  | 13 ++++---------
 ...ning-PowerDNS-Admin-on-Ubuntu-or-Debian.md | 19 +++++++++++++++----
 requirements.txt                              |  1 +
 6 files changed, 32 insertions(+), 13 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index 6d1dd0d5e..e92ac728d 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -27,6 +27,7 @@
 SESSION_TYPE = 'sqlalchemy'
 
 ### DATABASE - MySQL
+## Don't forget to uncomment the import in the top
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #    urllib.parse.quote_plus(SQLA_DB_USER),
 #    urllib.parse.quote_plus(SQLA_DB_PASSWORD),
@@ -34,6 +35,15 @@
 #    SQLA_DB_NAME
 #)
 
+### DATABASE - PostgreSQL
+## Don't forget to uncomment the import in the top
+#SQLALCHEMY_DATABASE_URI = 'postgres://{}:{}@{}/{}'.format(
+#    urllib.parse.quote_plus(SQLA_DB_USER),
+#    urllib.parse.quote_plus(SQLA_DB_PASSWORD),
+#    SQLA_DB_HOST,
+#    SQLA_DB_NAME
+#)
+
 ### DATABASE - SQLite
 SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
 
diff --git a/docker-test/Dockerfile b/docker-test/Dockerfile
index 17f934fb4..7191825e6 100644
--- a/docker-test/Dockerfile
+++ b/docker-test/Dockerfile
@@ -11,6 +11,7 @@ RUN apt-get update -y \
         libffi-dev \
         libldap2-dev \
         libmariadb-dev-compat \
+        libpq-dev \
         libsasl2-dev \
         libssl-dev \
         libxml2-dev \
diff --git a/docker/Dockerfile b/docker/Dockerfile
index b55399860..55ccdfd66 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -2,6 +2,7 @@ FROM alpine:3.17 AS builder
 
 ARG BUILD_DEPENDENCIES="build-base \
     libffi-dev \
+    libpq-dev \
     libxml2-dev \
     mariadb-connector-c-dev \
     openldap-dev \
diff --git a/docs/wiki/database-setup/Setup-PostgreSQL.md b/docs/wiki/database-setup/Setup-PostgreSQL.md
index a6e33644e..197aae523 100644
--- a/docs/wiki/database-setup/Setup-PostgreSQL.md
+++ b/docs/wiki/database-setup/Setup-PostgreSQL.md
@@ -15,10 +15,9 @@ The below will create a database called powerdnsadmindb and a user of powerdnsad
 ```
 $ sudo su - postgres
 $ createuser powerdnsadmin
-$ createdb powerdnsadmindb
+$ createdb -E UTF8 -l en_US.UTF-8 -O powerdnsadmin -T template0 powerdnsadmindb 'The database for PowerDNS-Admin'
 $ psql
-postgres=# alter user powerdnsadmin with encrypted password 'powerdnsadmin';
-postgres=# grant all privileges on database powerdnsadmindb to powerdnsadmin;
+postgres=# ALTER ROLE powerdnsadmin WITH PASSWORD 'powerdnsadmin_password';
 ```
 
 Note:
@@ -51,18 +50,14 @@ On debian based systems these files are located in:
 
 ## Install required packages:
 ### Red-hat based systems:
+TODO: confirm this is correct
 ```
 sudo yum install postgresql-libs
 ```
 
 ### Debian based systems:
 ```
-apt install libpq-dev python-dev
-```
-
-### Install python packages:
-```
-pip3 install psycopg2
+apt install python3-psycopg2
 ```
 
 ## Known Issues:
diff --git a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
index d3bc8345d..ad51c2b5d 100644
--- a/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
+++ b/docs/wiki/install/Running-PowerDNS-Admin-on-Ubuntu-or-Debian.md
@@ -7,19 +7,30 @@ First setup your database accordingly:
 
 ### Install required packages for building python libraries from requirements.txt file
 
+For Debian 11 (bullseye) and above:
 ```bash
-sudo apt install -y python3-dev git libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv build-essential curl
+sudo apt install -y python3-dev git libsasl2-dev libldap2-dev python3-venv libmariadb-dev pkg-config build-essential curl libpq-dev
+```
+Older systems might also need the following:
+```bash
+sudo apt install -y libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev apt-transport-https virtualenv
 ```
 
 ### Install NodeJs
 
 ```bash
-curl -sL https://deb.nodesource.com/setup_14.x | bash -
-apt install -y nodejs
+curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
+sudo apt install -y nodejs
 ```
 
 ### Install yarn to build asset files
-
+For Debian 11 (bullseye) and above:
+```bash
+curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
+echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
+sudo apt update && sudo apt install -y yarn
+```
+For older Debian systems:
 ```bash
 sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
 echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
diff --git a/requirements.txt b/requirements.txt
index 9753bf02d..839c0043f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -43,3 +43,4 @@ webcolors==1.12
 werkzeug==2.1.2
 zipp==3.11.0
 rcssmin==1.1.1
+psycopg2==2.9.5

From 1afe9b490866f8afb951acddecbc53b0fbdefb8e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 12 Mar 2023 09:13:54 -0400
Subject: [PATCH 323/475] Finished adding new OAuth Server Metadata URL setting
 to Google, GitHub, and Microsoft OAuth service configuration features.

---
 powerdnsadmin/models/setting.py               |  3 +
 powerdnsadmin/routes/admin.py                 | 10 ++-
 powerdnsadmin/services/azure.py               |  1 +
 powerdnsadmin/services/github.py              |  1 +
 powerdnsadmin/services/google.py              |  1 +
 .../admin_setting_authentication.html         | 65 ++++++++++++-------
 6 files changed, 57 insertions(+), 24 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 331898a4b..bef689754 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -73,6 +73,7 @@ class Setting(db.Model):
         'github_oauth_authorize_url':
             'https://github.com/login/oauth/authorize',
         'github_oauth_jwks_url': '',
+        'github_oauth_metadata_url': '',
         'google_oauth_enabled': False,
         'google_oauth_client_id': '',
         'google_oauth_client_secret': '',
@@ -80,6 +81,7 @@ class Setting(db.Model):
         'google_oauth_scope': 'openid email profile',
         'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
         'google_oauth_jwks_url': '',
+        'google_oauth_metadata_url': '',
         'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
         'azure_oauth_enabled': False,
         'azure_oauth_key': '',
@@ -91,6 +93,7 @@ class Setting(db.Model):
         'azure_oauth_authorize_url':
             'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
         'azure_oauth_jwks_url': '',
+        'azure_oauth_metadata_url': '',
         'azure_sg_enabled': False,
         'azure_admin_group': '',
         'azure_operator_group': '',
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 5aea1d206..900e70c15 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1636,6 +1636,8 @@ def setting_authentication():
                               request.form.get('google_oauth_client_id'))
                 Setting().set('google_oauth_client_secret',
                               request.form.get('google_oauth_client_secret'))
+                Setting().set('google_oauth_metadata_url',
+                              request.form.get('google_oauth_metadata_url'))
                 Setting().set('google_token_url',
                               request.form.get('google_token_url'))
                 Setting().set('google_oauth_scope',
@@ -1671,6 +1673,8 @@ def setting_authentication():
                               request.form.get('github_oauth_scope'))
                 Setting().set('github_oauth_api_url',
                               request.form.get('github_oauth_api_url'))
+                Setting().set('github_oauth_metadata_url',
+                              request.form.get('github_oauth_metadata_url'))
                 Setting().set('github_oauth_token_url',
                               request.form.get('github_oauth_token_url'))
                 Setting().set('github_oauth_authorize_url',
@@ -1702,6 +1706,8 @@ def setting_authentication():
                               request.form.get('azure_oauth_scope'))
                 Setting().set('azure_oauth_api_url',
                               request.form.get('azure_oauth_api_url'))
+                Setting().set('azure_oauth_metadata_url',
+                              request.form.get('azure_oauth_metadata_url'))
                 Setting().set('azure_oauth_token_url',
                               request.form.get('azure_oauth_token_url'))
                 Setting().set('azure_oauth_authorize_url',
@@ -1755,14 +1761,14 @@ def setting_authentication():
                               request.form.get('oidc_oauth_scope'))
                 Setting().set('oidc_oauth_api_url',
                               request.form.get('oidc_oauth_api_url'))
+                Setting().set('oidc_oauth_metadata_url',
+                              request.form.get('oidc_oauth_metadata_url'))
                 Setting().set('oidc_oauth_token_url',
                               request.form.get('oidc_oauth_token_url'))
                 Setting().set('oidc_oauth_authorize_url',
                               request.form.get('oidc_oauth_authorize_url'))
                 Setting().set('oidc_oauth_jwks_url',
                               request.form.get('oidc_oauth_jwks_url'))
-                Setting().set('oidc_oauth_metadata_url',
-                              request.form.get('oidc_oauth_metadata_url'))
                 Setting().set('oidc_oauth_logout_url',
                               request.form.get('oidc_oauth_logout_url'))
                 Setting().set('oidc_oauth_username',
diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 691b15397..c1fb626b4 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -24,6 +24,7 @@ def update_token(token):
         access_token_url=Setting().get('azure_oauth_token_url'),
         authorize_url=Setting().get('azure_oauth_authorize_url'),
         jwks_url=Setting().get('azure_oauth_jwks_url'),
+        server_metadata_url=Setting().get('azure_oauth_metadata_url'),
         client_kwargs={'scope': Setting().get('azure_oauth_scope')},
         fetch_token=fetch_azure_token,
     )
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index 8bcbe87c2..13c2f000a 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -25,6 +25,7 @@ def update_token(token):
         access_token_url=Setting().get('github_oauth_token_url'),
         authorize_url=Setting().get('github_oauth_authorize_url'),
         jwks_url=Setting().get('github_oauth_jwks_url'),
+        server_metadata_url=Setting().get('github_oauth_metadata_url'),
         client_kwargs={'scope': Setting().get('github_oauth_scope')},
         fetch_token=fetch_github_token,
         update_token=update_token)
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 0a62463fb..fc9af1261 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -24,6 +24,7 @@ def update_token(token):
         access_token_url=Setting().get('google_token_url'),
         authorize_url=Setting().get('google_authorize_url'),
         jwks_url=Setting().get('google_oauth_jwks_url'),
+        server_metadata_url=Setting().get('google_oauth_metadata_url'),
         client_kwargs={'scope': Setting().get('google_oauth_scope')},
         fetch_token=fetch_google_token,
         update_token=update_token)
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 5750d8944..7675797eb 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -630,9 +630,16 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            value="{{ SETTING.get('google_oauth_client_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                            </fieldset>
-                                                            <fieldset>
-                                                                <legend>ADVANCE</legend>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_metadata_url">Metadata URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_metadata_url"
+                                                                           id="google_oauth_metadata_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                           data-error="Please input Metadata URL"
+                                                                           value="{{ SETTING.get('google_oauth_metadata_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="google_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
@@ -761,9 +768,6 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            value="{{ SETTING.get('github_oauth_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                            </fieldset>
-                                                            <fieldset>
-                                                                <legend>ADVANCE</legend>
                                                                 <div class="form-group">
                                                                     <label for="github_oauth_scope">Scope</label>
                                                                     <input type="text" class="form-control"
@@ -784,6 +788,16 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            value="{{ SETTING.get('github_oauth_api_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="github_oauth_metadata_url">Metadata URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="github_oauth_metadata_url"
+                                                                           id="github_oauth_metadata_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                           data-error="Please input Metadata URL"
+                                                                           value="{{ SETTING.get('github_oauth_metadata_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="github_oauth_token_url">Token
                                                                         URL</label>
@@ -893,9 +907,6 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            value="{{ SETTING.get('azure_oauth_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                            </fieldset>
-                                                            <fieldset>
-                                                                <legend>ADVANCED</legend>
                                                                 <div class="form-group">
                                                                     <label for="azure_oauth_scope">Scope</label>
                                                                     <input type="text" class="form-control"
@@ -916,6 +927,16 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            value="{{ SETTING.get('azure_oauth_api_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="azure_oauth_metadata_url">Metadata URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="azure_oauth_metadata_url"
+                                                                           id="azure_oauth_metadata_url"
+                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                           data-error="Please input Metadata URL"
+                                                                           value="{{ SETTING.get('azure_oauth_metadata_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="azure_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
@@ -1222,6 +1243,17 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            value="{{ SETTING.get('oidc_oauth_api_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_metadata_url">Metadata
+                                                                        URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_metadata_url"
+                                                                           id="oidc_oauth_metadata_url"
+                                                                           placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
+                                                                           data-error="Please input Metadata URL"
+                                                                           value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
@@ -1254,17 +1286,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            value="{{ SETTING.get('oidc_oauth_jwks_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_metadata_url">Metadata
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_metadata_url"
-                                                                           id="oidc_oauth_metadata_url"
-                                                                           placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
-                                                                           data-error="Please input Metadata URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_logout_url">Logout
                                                                         URL</label>
@@ -1278,7 +1299,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>CLAIMS</legend>
+                                                                <legend>Claims</legend>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_username">Username</label>
                                                                     <input type="text" class="form-control"
@@ -1320,7 +1341,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>ADVANCE</legend>
+                                                                <legend>Advanced</legend>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_account_name_property">Autoprovision
                                                                         Account Name property</label>

From ee68b18e278fb18b152bdac306c1f53d67ceeb09 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Sun, 12 Mar 2023 13:36:30 +0000
Subject: [PATCH 324/475] Added custom header in created_by segment option

---
 powerdnsadmin/models/setting.py |  3 ++-
 powerdnsadmin/routes/admin.py   |  1 +
 powerdnsadmin/routes/api.py     | 16 ++++++++++++----
 3 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index e820af91d..6b468171e 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -28,7 +28,8 @@ class Setting(db.Model):
         'allow_user_create_domain': False,
         'allow_user_remove_domain': False,
         'allow_user_view_history': False,
-	    'delete_sso_accounts': False,
+	'delete_sso_accounts': False,
+        'custom_history_header': '',
         'bg_domain_updates': False,
         'enable_api_rr_history': True,
         'preserve_history': False,
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 0d85d2904..759316fb4 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1391,6 +1391,7 @@ def setting_basic():
         'default_domain_table_size',
         'default_record_table_size',
         'delete_sso_accounts',
+        'custom_history_header',
         'deny_domain_override',
         'dnssec_admins_only',
         'enable_api_rr_history',
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index 2c9a2cc9c..e764f911c 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -48,6 +48,12 @@
 account_schema = AccountSchema(many=True)
 account_single_schema = AccountSchema()
 
+def is_custom_header_api():
+    custom_header_setting = Setting().get('custom_history_header')
+    if custom_header_setting != '' and custom_header_setting in request.headers: 
+        return request.headers[custom_header_setting] 
+    else: 
+        return g.apikey.description 
 
 def get_user_domains():
     domains = db.session.query(Domain) \
@@ -1104,6 +1110,7 @@ def api_zone_forward(server_id, zone_id):
         domain = Domain()
         domain.update()
     status = resp.status_code
+    created_by_value=is_custom_header_api()
     if 200 <= status < 300:
         current_app.logger.debug("Request to powerdns API successful")
         if Setting().get('enable_api_rr_history'):
@@ -1116,19 +1123,19 @@ def api_zone_forward(server_id, zone_id):
                         'add_rrsets': list(filter(lambda r: r['changetype'] == "REPLACE", data['rrsets'])),
                         'del_rrsets': list(filter(lambda r: r['changetype'] == "DELETE", data['rrsets']))
                     }),
-                    created_by=g.apikey.description,
+                    created_by=created_by_value,
                     domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
                 history.add()
             elif request.method == 'DELETE':
                 history = History(msg='Deleted zone {0}'.format(zone_id.rstrip('.')),
                                   detail='',
-                                  created_by=g.apikey.description,
+                                  created_by=created_by_value,
                                   domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
                 history.add()
             elif request.method != 'GET':
                 history = History(msg='Updated zone {0}'.format(zone_id.rstrip('.')),
                                   detail='',
-                                  created_by=g.apikey.description,
+                                  created_by=created_by_value,
                                   domain_id=Domain().get_id_by_name(zone_id.rstrip('.')))
                 history.add()
     return resp.content, resp.status_code, resp.headers.items()
@@ -1152,6 +1159,7 @@ def api_create_zone(server_id):
 
     if resp.status_code == 201:
         current_app.logger.debug("Request to powerdns API successful")
+        created_by_value=is_custom_header_api()
         data = request.get_json(force=True)
 
         if g.apikey.role.name not in ['Administrator', 'Operator']:
@@ -1166,7 +1174,7 @@ def api_create_zone(server_id):
         history = History(msg='Add domain {0}'.format(
             data['name'].rstrip('.')),
             detail=json.dumps(data),
-            created_by=g.apikey.description,
+            created_by=created_by_value,
             domain_id=domain.get_id_by_name(data['name'].rstrip('.')))
         history.add()
 

From 84cfd165b4d3e34d15b024b9cbcc651b66aa8d8e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 12 Mar 2023 10:27:04 -0400
Subject: [PATCH 325/475] Re-arranged side navigation to include the "Global
 Search" feature regardless of user role as the global search feature is now
 accessible to all users.

Also moved the "Activity" feature link higher in the menu to remove duplicate code from the navigation code base.
---
 powerdnsadmin/templates/base.html | 34 +++++++++++++------------------
 1 file changed, 14 insertions(+), 20 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 5a47bd261..408f4be49 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -101,14 +101,22 @@
                             </a>
                         </li>
                     {% endif %}
-                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
-                        <li class="nav-header">Administration</li>
-                        <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
-                            <a href="{{ url_for('admin.global_search') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-search"></i>
-                                <p>Global Search</p>
+                    <li class="nav-header">Administration</li>
+                    <li class="{{ 'nav-item active' if active_page == 'admin_global_search' else 'nav-item' }}">
+                        <a href="{{ url_for('admin.global_search') }}" class="nav-link">
+                            <i class="nav-icon fa-solid fa-search"></i>
+                            <p>Global Search</p>
+                        </a>
+                    </li>
+                    {% if current_user.role.name in ['Administrator', 'Operator'] or SETTING.get('allow_user_view_history') %}
+                        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
+                            <a href="{{ url_for('admin.history') }}" class="nav-link">
+                                <i class="nav-icon fa-solid fa-timeline"></i>
+                                <p>Activity</p>
                             </a>
                         </li>
+                    {% endif %}
+                    {% if current_user.role.name in ['Administrator', 'Operator'] %}
                         <li class="{{ 'nav-item active' if active_page == 'server_statistics' else 'nav-item' }}">
                             <a href="{{ url_for('admin.server_statistics') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-chart-simple"></i>
@@ -121,12 +129,6 @@
                                 <p>Server Configuration</p>
                             </a>
                         </li>
-                        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-                            <a href="{{ url_for('admin.history') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-timeline"></i>
-                                <p>Activity</p>
-                            </a>
-                        </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_domain_template' else 'nav-item' }}">
                             <a href="{{ url_for('admin.templates') }}" class="nav-link">
                                 <i class="nav-icon fa-solid fa-clone"></i>
@@ -189,14 +191,6 @@
                                 {% endif %}
                             </ul>
                         </li>
-                    {% elif SETTING.get('allow_user_view_history') %}
-                        <li class="nav-header">Administration</li>
-                        <li class="{{ 'nav-item active' if active_page == 'admin_history' else 'nav-item' }}">
-                            <a href="{{ url_for('admin.history') }}" class="nav-link">
-                                <i class="nav-icon fa-solid fa-calendar-alt"></i>
-                                <p>History</p>
-                            </a>
-                        </li>
                     {% endif %}
                 </ul>
             {% endif %}

From 0ac7a5a4537cb32b6aa22f4ca110a7dd27427171 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Sun, 12 Mar 2023 15:00:32 +0000
Subject: [PATCH 326/475] Added some explanation about some of the 'basic'
 settings in the admin

---
 docs/basic_settings.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 docs/basic_settings.md

diff --git a/docs/basic_settings.md b/docs/basic_settings.md
new file mode 100644
index 000000000..6a47d6a28
--- /dev/null
+++ b/docs/basic_settings.md
@@ -0,0 +1,17 @@
+### PowerDNSAdmin basic settings
+
+PowerDNSAdmin has many features and settings available to be turned either off or on.
+In this docs those settings will be explain.
+To find the settings in the the dashboard go to settings>basic.
+
+allow_user_create_domain: This setting is used to allow users with the `user` role to create a domain, not possible by
+default.
+
+allow_user_remove_domain: Same as `allow_user_create_domain` but for removing a domain.
+
+allow_user_view_history: Allow a user with the role `user` to view and access the history.
+
+custom_history_header: This is a string type variable, when inputting an header name, if exists in the request it will
+be in the created_by column in the history, if empty or not mentioned will default to the api_key description. 
+
+site_name: This will be the site name.

From 695d7462958812ad3a3f411077988b2efae51bbe Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Sun, 12 Mar 2023 15:32:32 +0000
Subject: [PATCH 327/475] Changed basic_settings.md path

---
 docs/{ => wiki/configuration}/basic_settings.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/{ => wiki/configuration}/basic_settings.md (100%)

diff --git a/docs/basic_settings.md b/docs/wiki/configuration/basic_settings.md
similarity index 100%
rename from docs/basic_settings.md
rename to docs/wiki/configuration/basic_settings.md

From 3e9e73fb3a50bf9fbf149924b8b03d9abeb80836 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 12 Mar 2023 20:40:19 +0100
Subject: [PATCH 328/475] Change domain(s) to zone(s) in the templates

---
 .../templates/admin_edit_account.html          | 14 +++++++-------
 powerdnsadmin/templates/admin_edit_key.html    | 18 +++++++++---------
 powerdnsadmin/templates/admin_edit_user.html   |  4 ++--
 .../templates/admin_global_search.html         |  2 +-
 powerdnsadmin/templates/admin_history.html     |  8 ++++----
 .../templates/admin_manage_account.html        |  2 +-
 powerdnsadmin/templates/admin_manage_keys.html |  2 +-
 powerdnsadmin/templates/admin_manage_user.html |  2 +-
 .../admin_setting_authentication.html          |  4 ++--
 powerdnsadmin/templates/dashboard.html         |  2 +-
 powerdnsadmin/templates/domain_add.html        |  6 +++---
 powerdnsadmin/templates/domain_changelog.html  |  6 +++---
 powerdnsadmin/templates/domain_remove.html     |  4 ++--
 powerdnsadmin/templates/domain_setting.html    | 18 +++++++++---------
 14 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 4894df8bb..ca08ab77b 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -96,7 +96,7 @@ <h3 class="card-title">Access Control</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body">
-                                <p>Users on the right have access to manage records in all domains
+                                <p>Users on the right have access to manage records in all zones
                                     associated with the account.
                                 </p>
                                 <p>Click on users to move between columns.</p>
@@ -113,12 +113,12 @@ <h3 class="card-title">Access Control</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-body">
-                                <p>Domains on the right are associated with the account. Red marked domain names are
+                                <p>Zones on the right are associated with the account. Red marked zone names are
                                     already associated with other accounts.
-                                    Moving already associated domains to this account will overwrite the previous
+                                    Moving already associated zones to this account will overwrite the previous
                                     associated account.
                                 </p>
-                                <p>Hover over the red domain names to show the associated account. Click on domains to
+                                <p>Hover over the red zone names to show the associated account. Click on zones to
                                     move between columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="account_domains"
@@ -168,12 +168,12 @@ <h3 class="card-title">Account Editor Help</h3>
                         <!-- /.card-header -->
                         <div class="card-body">
                             <p>
-                                An account allows grouping of domains belonging to a particular entity, such as a
+                                An account allows grouping of zones belonging to a particular entity, such as a
                                 customer or
                                 department.
                             </p>
                             <p>
-                                A domain can be assigned to an account upon domain creation or through the domain
+                                A zone can be assigned to an account upon zone creation or through the zone
                                 administration
                                 page.
                             </p>
@@ -242,6 +242,6 @@ <h3 class="card-title">Account Editor Help</h3>
         }
 
         addMultiSelect("#account_multi_user", "Username")
-        addMultiSelect("#account_domains", "Domain")
+        addMultiSelect("#account_domains", "Zone")
     </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index c7eeec97c..811854968 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -72,7 +72,7 @@ <h3 class="card-title">Accounts Access Control</h3>
                             <!-- /.card-header -->
                             <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                                 <p>This key will be linked to the accounts on the right,</p>
-                                <p>thus granting access to domains owned by the selected accounts.</p>
+                                <p>thus granting access to zones owned by the selected accounts.</p>
                                 <p>Click on accounts to move between the columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="key_multi_account"
@@ -87,12 +87,12 @@ <h3 class="card-title">Accounts Access Control</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                                <h3 class="card-title">Domain Access Control</h3>
+                                <h3 class="card-title">Zone Access Control</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                                <p>This key will have access to the domains on the right.</p>
-                                <p>Click on domains to move between the columns.</p>
+                                <p>This key will have access to the zones on the right.</p>
+                                <p>Click on zones to move between the columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="key_multi_domain"
                                             name="key_multi_domain">
@@ -131,7 +131,7 @@ <h3 class="card-title">API Key Editor Help</h3>
                             <p>Fill in all the fields in the form to the left.</p>
                             <p><strong>Role</strong> The role of the key.</p>
                             <p><strong>Description</strong> The key description.</p>
-                            <p><strong>Access Control</strong> The domains or accounts which the key has access to.</p>
+                            <p><strong>Access Control</strong> The zones or accounts which the key has access to.</p>
                         </div>
                         <!-- /.card-body -->
                     </div>
@@ -154,13 +154,13 @@ <h3 class="card-title">API Key Editor Help</h3>
             var warn_modal = $("#modal_warning");
 
             if (selectedRole != "User" && selectedDomains > 0 && selectedAccounts > 0) {
-                var warning = "Administrator and Operators have access to all domains. Your domain an account selection won't be saved.";
+                var warning = "Administrator and Operators have access to all zones. Your zone an account selection won't be saved.";
                 e.preventDefault(e);
                 warn_modal.modal('show');
             }
 
             if (selectedRole == "User" && selectedDomains == 0 && selectedAccounts == 0) {
-                var warning = "User role must have at least one account or one domain bound. None selected.";
+                var warning = "User role must have at least one account or one zone bound. None selected.";
                 e.preventDefault(e);
                 warn_modal.modal('show');
             }
@@ -203,8 +203,8 @@ <h3 class="card-title">API Key Editor Help</h3>
             }
         });
         $("#key_multi_domain").multiSelect({
-            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
-            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
+            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Zone Name'>",
+            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Zone Name'>",
             afterInit: function (ms) {
                 var that = this,
                     $selectableSearch = that.$selectableUl.prev(),
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 20e6af605..7a93e5d77 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -135,9 +135,9 @@ <h3 class="card-title">User Editor Help</h3>
                         <div class="card-body">
                             <p>Fill in all the fields to the in the form to the left.</p>
                             {% if create %}
-                                <p><strong>Newly created users do not have access to any domains.</strong> You will need
+                                <p><strong>Newly created users do not have access to any zones.</strong> You will need
                                     to grant
-                                    access to the user once it is created via the domain management buttons on the
+                                    access to the user once it is created via the zone management buttons on the
                                     dashboard.
                                 </p>
                             {% else %}
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 9ec28d176..fecb5e9fc 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -38,7 +38,7 @@ <h3 class="card-title">Search Form</h3>
                             <!-- /.card-header -->
                             <div class="card-body">
                                 <div class="callout callout-info">
-                                    <p>This tool can be used to search for domains, records, and comments via the PDNS
+                                    <p>This tool can be used to search for zones, records, and comments via the PDNS
                                         API.</p>
                                 </div>
                                 <!-- /.callout -->
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 81f6e5a98..51009a28e 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -49,7 +49,7 @@ <h3 class="card-title">Activity Search</h3>
                                     </li>
                                     <li class="nav-item">
                                         <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
-                                            Search By Domain
+                                            Search By Zone
                                         </a>
                                     </li>
                                     <li class="nav-item">
@@ -71,13 +71,13 @@ <h3 class="card-title">Activity Search</h3>
                                     </div>
                                     <div class="tab-pane" id="tabs-domain">
                                         <td>
-                                            <label>Domain Name</label>
+                                            <label>Zone Name</label>
                                         </td>
                                         <td>
                                             <div class="autocomplete" style="width:250px;">
                                                 <input type="text" class="form-control" id="domain_name_filter"
                                                        name="domain_name_filter"
-                                                       placeholder="Enter * to search for any domain" value="">
+                                                       placeholder="Enter * to search for any zone" value="">
                                             </div>
                                         </td>
                                         <td>
@@ -447,7 +447,7 @@ <h3 class="card-title">Activity Search</h3>
             $('#auth_name_filter').val('');
             $('#user_name_filter').removeAttr('disabled');
             canSearch = false;
-            main_field = "Domain Name"
+            main_field = "Zone Name"
         });
 
         $('#account_tab').click(function () {
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index fe2c5bb68..aa3f1ae81 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -48,7 +48,7 @@ <h3 class="card-title">Accounts</h3>
                                     <th>Contact</th>
                                     <th>Mail</th>
                                     <th>Member</th>
-                                    <th>Domain</th>
+                                    <th>Zone(s)</th>
                                     <th>Action</th>
                                 </tr>
                                 </thead>
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index 8d79e10c9..96ee73bb2 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -43,7 +43,7 @@ <h3 class="card-title">API Keys</h3>
                             <th>Id</th>
                             <th>Role</th>
                             <th>Description</th>
-                            <th>Domains</th>
+                            <th>Zones</th>
                             <th>Accounts</th>
                             <th>Actions</th>
                         </tr>
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index 8d1ace8e6..81fb26c1e 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -143,7 +143,7 @@ <h3 class="card-title">Users</h3>
             var modal = $("#modal_revoke");
             var username = $(this).prop('id');
             var info = "Are you sure you want to revoke all privileges for user " + username +
-                "? They will not able to access any domain.";
+                "? They will not able to access any zone.";
             modal.find('.modal-body p').text(info);
             modal.find('#button_revoke_confirm').click(function () {
                 var postdata = {
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 7675797eb..6196aa8b8 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -564,7 +564,7 @@ <h3 class="card-title">Settings Help</h3>
                                                                         have no valid "powerdns-admin" records to their
                                                                         autoprovisioning field, will lose all their
                                                                         associations
-                                                                        with any domain or account, also reverting to a
+                                                                        with any zone or account, also reverting to a
                                                                         User in
                                                                         the process, despite their current role in the
                                                                         local db.<br>
@@ -1585,7 +1585,7 @@ <h3 class="card-title">Settings Help</h3>
                 document.getElementById('purge_on').checked = false;
                 document.getElementById('purge_off').checked = true;
                 var modal = $("#modal_confirm");
-                var info = "Are you sure you want to do this? Users will lose their associated domains unless they already have their autoprovisioning field prepopulated.";
+                var info = "Are you sure you want to do this? Users will lose their associated zones unless they already have their autoprovisioning field prepopulated.";
                 modal.find('.modal-body p').text(info);
                 modal.find('#button_confirm').click(function () {
                     document.getElementById('purge_on').checked = true;
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 1dde5af06..83d71d327 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -269,7 +269,7 @@ <h4 class="modal-title">DNSSEC</h4>
         <div class="modal-dialog">
             <div class="modal-content">
                 <div class="modal-header">
-                    <h4 class="modal-title">Sync Domains from backend</h4>
+                    <h4 class="modal-title">Sync Zones from backend</h4>
                     <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                         <span aria-hidden="true">&times;</span>
                     </button>
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index cb76be1da..c56821002 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -162,7 +162,7 @@ <h3 class="card-title">Zone Editor Help</h3>
                                 <dt>Account</dt>
                                 <dd>Specifies the PowerDNS account value to use for the zone.</dd>
                                 <dt>Zone Type</dt>
-                                <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                                <dd>The type decides how the zone will be replicated across multiple DNS servers.
                                     <ul>
                                         <li>
                                             <strong>Native</strong> - The server will not perform any Primary or Secondary
@@ -186,7 +186,7 @@ <h3 class="card-title">Zone Editor Help</h3>
                                 <dt>SOA-EDIT-API</dt>
                                 <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a
                                     change is
-                                    made to the domain.
+                                    made to the zone.
                                     <ul>
                                         <li>
                                             <strong>DEFAULT</strong> - Generate a soa serial of YYYYMMDD01. If the current serial
@@ -273,4 +273,4 @@ <h4 class="modal-title">
             </div>
         </div>
     </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 6fdea69bb..4cdd2be75 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -15,7 +15,7 @@ <h1 class="m-0 text-dark">
           {% if record_name and record_type %}
           Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
           {% else %}
-          Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
+          Zone changelog: <b>{{ domain.name | pretty_domain_name }}</b>
           {% endif %}
         </h1>
       </div>
@@ -41,7 +41,7 @@ <h1 class="m-0 text-dark">
           <div class="card-body">
             <button type="button" class="btn btn-primary float-left button_show_records" id="{{ domain.name }}">
               <i class="fa-solid fa-arrow-left"></i>          
-              &nbsp;Manage Domain {{ domain.name }}
+              &nbsp;Manage Zone {{ domain.name }}
             </button>
           </div>
           <div class="card-body">
@@ -125,4 +125,4 @@ <h1 class="m-0 text-dark">
     }
 
 </script>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 75c3e26e7..7ea6e88e0 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -37,7 +37,7 @@ <h3 class="card-title">Zone Selector</h3>
                                 <div class="form-group">
                                     <label for="domainid">Zone</label>
                                     <select id=domainid class="form-control" style="width:15em;">
-                                        <option value="0">- Select Domain -</option>
+                                        <option value="0">- Select Zone -</option>
                                         {% for domain in domainss %}
                                             <option value="{{ domain.id }}">{{ domain.name }}</option>
                                         {% endfor %}
@@ -83,7 +83,7 @@ <h3 class="card-title">Zone Selector Help</h3>
         $(document.body).on("click", ".button_delete", function (e) {
             e.stopPropagation();
             if ($("#domainid").val() == 0) {
-                showErrorModal("Please select domain to remove.");
+                showErrorModal("Please select zone to remove.");
                 return;
             }
 
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 45423ef2a..bc9470e39 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -148,11 +148,11 @@ <h3 class="card-title">Zone Access Control</h3>
                                 <div class="row">
                                     <div class="col-12">
                                         <p>Users on the right have access to manage the records in
-                                            the {{ domain.name | pretty_domain_name }} domain.</p>
+                                            the {{ domain.name | pretty_domain_name }} zone.</p>
                                         <p>Click on users to move from between columns.</p>
                                         <p>
                                             Users in <font style="color: red;">red</font> are Administrators
-                                            and already have access to <b>ALL</b> domains.
+                                            and already have access to <b>ALL</b> zones.
                                         </p>
                                     </div>
                                 </div>
@@ -197,7 +197,7 @@ <h3 class="card-title">Change Zone Type</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
-                            <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
+                            <p>The type decides how the zone will be replicated across multiple DNS servers.</p>
                             <ul>
                                 <li>
                                     Native - PowerDNS will not perform any replication. Use this if you only have one
@@ -214,7 +214,7 @@ <h3 class="card-title">Change Zone Type</h3>
                                     zone transfers (AXFRs) from other servers configured as primaries.
                                 </li>
                             </ul>
-                            <b>New Domain Type Setting:</b>
+                            <b>New Zone Type Setting:</b>
                             <form method="post" action="{{ url_for('domain.change_type', domain_name=domain.name) }}">
                                 <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                 <select name="domain_type" class="form-control" style="width:15em;">
@@ -251,7 +251,7 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                         <div class="card-body">
                             <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change
                                 is made
-                                to the domain.</p>
+                                to the zone.</p>
                             <ul>
                                 <li>
                                     DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
@@ -303,9 +303,9 @@ <h3 class="card-title">Remove Zone</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
-                            <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All
+                            <p>This function is used to remove a zone from PowerDNS-Admin <b>AND</b> PowerDNS. All
                                 records and
-                                user privileges associated with this domain will also be removed. This change cannot be
+                                user privileges associated with this zone will also be removed. This change cannot be
                                 reverted.</p>
                             <button type="button" title="Delete Zone" class="btn btn-danger float-left delete_domain"
                                     id="{{ domain.name }}">
@@ -402,7 +402,7 @@ <h3 class="card-title">Remove Zone</h3>
             applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
         });
 
-        // handle deletion of domain
+        // handle deletion of zone
         $(document.body).on('click', '.delete_domain', function () {
             var modal = $("#modal_delete_domain");
             var domain = $(this).prop('id');
@@ -419,7 +419,7 @@ <h3 class="card-title">Remove Zone</h3>
             modal.modal('show');
         });
 
-        // domain primary address input handeling
+        // zone primary address input handeling
         $("select[name=domain_type]").change(function () {
             var type = $(this).val();
             if (type == "secondary") {

From a2ef456ad7f974f57a5bbdbbaa9914b57aaeafc3 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 12 Mar 2023 20:41:10 +0100
Subject: [PATCH 329/475] Change domain(s) to zone(s) in the python code and
 docs

---
 docs/wiki/README.md                           |   2 +-
 ...ory-Authentication-using-Group-Security.md |   2 +-
 powerdnsadmin/decorators.py                   |   8 +-
 powerdnsadmin/lib/errors.py                   |  10 +-
 powerdnsadmin/lib/utils.py                    |   6 +-
 powerdnsadmin/models/domain.py                | 170 +++++++++---------
 powerdnsadmin/models/domain_template.py       |   8 +-
 .../models/domain_template_record.py          |   4 +-
 powerdnsadmin/models/record.py                |  28 +--
 powerdnsadmin/models/user.py                  |   4 +-
 powerdnsadmin/routes/admin.py                 |  56 +++---
 powerdnsadmin/routes/api.py                   |  56 +++---
 powerdnsadmin/routes/dashboard.py             |   6 +-
 powerdnsadmin/routes/domain.py                |  38 ++--
 update_zones.py                               |   2 +-
 15 files changed, 200 insertions(+), 200 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 7c5c7941e..36fd31229 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -38,7 +38,7 @@
 
 ## Using PowerDNS-Admin
 
-- Setting up a domain
+- Setting up a zone
 - Adding a record
 - <whatever else>
 
diff --git a/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md b/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
index 417bdc339..f6c032f56 100644
--- a/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
+++ b/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
@@ -11,7 +11,7 @@ Active Directory Setup - Tested with Windows Server 2012
 5) Fill in the required info -
 
 * LDAP URI - ldap://ip.of.your.domain.controller:389
-* LDAP Base DN - dc=youdomain,dc=com
+* LDAP Base DN - dc=yourdomain,dc=com
 * Active Directory domain - yourdomain.com
 * Basic filter - (objectCategory=person)
   * the brackets here are **very important**
diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index 50e4a3f5a..4fcaf8f5a 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -257,7 +257,7 @@ def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
                 'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
-            msg = "User {0} does not have enough privileges to create domain"
+            msg = "User {0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(current_user.username))
             raise NotEnoughPrivileges()
         
@@ -286,7 +286,7 @@ def decorated_function(*args, **kwargs):
         if g.apikey.role.name not in [
                 'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
-            msg = "ApiKey #{0} does not have enough privileges to create domain"
+            msg = "ApiKey #{0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(g.apikey.id))
             raise NotEnoughPrivileges()
 
@@ -316,7 +316,7 @@ def decorated_function(*args, **kwargs):
                 g.apikey.role.name not in ['Administrator', 'Operator'] and
                 not Setting().get('allow_user_remove_domain')
             ):
-                msg = "ApiKey #{0} does not have enough privileges to remove domain"
+                msg = "ApiKey #{0} does not have enough privileges to remove zone"
                 current_app.logger.error(msg.format(g.apikey.id))
                 raise NotEnoughPrivileges()
             return f(*args, **kwargs)
@@ -331,7 +331,7 @@ def apikey_is_admin(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if g.apikey.role.name != 'Administrator':
-            msg = "Apikey {0} does not have enough privileges to create domain"
+            msg = "Apikey {0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(g.apikey.id))
             raise NotEnoughPrivileges()
         return f(*args, **kwargs)
diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index e1e07852e..75887241c 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -21,7 +21,7 @@ def to_dict(self):
 class DomainNotExists(StructuredException):
     status_code = 404
 
-    def __init__(self, name=None, message="Domain does not exist"):
+    def __init__(self, name=None, message="Zone does not exist"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -30,7 +30,7 @@ def __init__(self, name=None, message="Domain does not exist"):
 class DomainAlreadyExists(StructuredException):
     status_code = 409
 
-    def __init__(self, name=None, message="Domain already exists"):
+    def __init__(self, name=None, message="Zone already exists"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -39,7 +39,7 @@ def __init__(self, name=None, message="Domain already exists"):
 class DomainAccessForbidden(StructuredException):
     status_code = 403
 
-    def __init__(self, name=None, message="Domain access not allowed"):
+    def __init__(self, name=None, message="Zone access not allowed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -47,7 +47,7 @@ def __init__(self, name=None, message="Domain access not allowed"):
 class DomainOverrideForbidden(StructuredException):
     status_code = 409
 
-    def __init__(self, name=None, message="Domain override of record not allowed"):
+    def __init__(self, name=None, message="Zone override of record not allowed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -67,7 +67,7 @@ class ApiKeyNotUsable(StructuredException):
     def __init__(
         self,
         name=None,
-        message=("Api key must have domains or accounts"
+        message=("Api key must have zones or accounts"
                  " or an administrative role")):
         StructuredException.__init__(self)
         self.message = message
diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 3b666ef8f..f8cc997d3 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -229,7 +229,7 @@ def ensure_list(l):
 
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
-    print("Received domain name:", domain_name)
+    print("Received zone name:", domain_name)
 
     # Check if the domain name is encoded using Punycode
     if domain_name.endswith('.xn--'):
@@ -238,9 +238,9 @@ def pretty_domain_name(domain_name):
             domain_name = idna.decode(domain_name)
         except Exception as e:
             # If the decoding fails, raise an exception with more information
-            raise Exception('Cannot decode IDN domain: {}'.format(e))
+            raise Exception('Cannot decode IDN zone: {}'.format(e))
 
-    # Return the "pretty" version of the domain name
+    # Return the "pretty" version of the zone name
     return domain_name
 
 
diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index 500ad7447..bfa04451f 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -68,13 +68,13 @@ def add_setting(self, setting, value):
             return True
         except Exception as e:
             current_app.logger.error(
-                'Can not create setting {0} for domain {1}. {2}'.format(
+                'Can not create setting {0} for zone {1}. {2}'.format(
                     setting, self.name, e))
             return False
 
     def get_domain_info(self, domain_name):
         """
-        Get all domains which has in PowerDNS
+        Get all zones which has in PowerDNS
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         jdata = utils.fetch_json(urljoin(
@@ -88,7 +88,7 @@ def get_domain_info(self, domain_name):
 
     def get_domains(self):
         """
-        Get all domains which has in PowerDNS
+        Get all zones which has in PowerDNS
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         jdata = utils.fetch_json(
@@ -108,17 +108,17 @@ def get_id_by_name(self, name):
             return domain.id
         except Exception as e:
             current_app.logger.error(
-                'Domain does not exist. ERROR: {0}'.format(e))
+                'Zone does not exist. ERROR: {0}'.format(e))
             return None
 
     def search_idn_domains(self, search_string):
         """
-        Search for IDN domains using the provided search string.
+        Search for IDN zones using the provided search string.
         """
-        # Compile the regular expression pattern for matching IDN domain names
+        # Compile the regular expression pattern for matching IDN zone names
         idn_pattern = re.compile(r'^xn--')
 
-        # Search for domain names that match the IDN pattern
+        # Search for zone names that match the IDN pattern
         idn_domains = [
             domain for domain in self.get_domains() if idn_pattern.match(domain)
         ]
@@ -129,12 +129,12 @@ def search_idn_domains(self, search_string):
 
     def update(self):
         """
-        Fetch zones (domains) from PowerDNS and update into DB
+        Fetch zones (zones) from PowerDNS and update into DB
         """
         db_domain = Domain.query.all()
         list_db_domain = [d.name for d in db_domain]
         dict_db_domain = dict((x.name, x) for x in db_domain)
-        current_app.logger.info("Found {} domains in PowerDNS-Admin".format(
+        current_app.logger.info("Found {} zones in PowerDNS-Admin".format(
             len(list_db_domain)))
         headers = {'X-API-Key': self.PDNS_API_KEY}
         try:
@@ -149,17 +149,17 @@ def update(self):
                 "Found {} zones in PowerDNS server".format(len(list_jdomain)))
 
             try:
-                # domains should remove from db since it doesn't exist in powerdns anymore
+                # zones should remove from db since it doesn't exist in powerdns anymore
                 should_removed_db_domain = list(
                     set(list_db_domain).difference(list_jdomain))
                 for domain_name in should_removed_db_domain:
                     self.delete_domain_from_pdnsadmin(domain_name, do_commit=False)
             except Exception as e:
                 current_app.logger.error(
-                    'Can not delete domain from DB. DETAIL: {0}'.format(e))
+                    'Can not delete zone from DB. DETAIL: {0}'.format(e))
                 current_app.logger.debug(traceback.format_exc())
 
-            # update/add new domain
+            # update/add new zone
             account_cache = {}
             for data in jdata:
                 if 'account' in data:
@@ -187,16 +187,16 @@ def update(self):
                     self.add_domain_to_powerdns_admin(domain=data, do_commit=False)
 
             db.session.commit()
-            current_app.logger.info('Update domain finished')
+            current_app.logger.info('Update zone finished')
             return {
                 'status': 'ok',
-                'msg': 'Domain table has been updated successfully'
+                'msg': 'Zone table has been updated successfully'
             }
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot update domain table. Error: {0}'.format(e))
-            return {'status': 'error', 'msg': 'Cannot update domain table'}
+                'Cannot update zone table. Error: {0}'.format(e))
+            return {'status': 'error', 'msg': 'Cannot update zone table'}
 
     def update_pdns_admin_domain(self, domain, account_id, data, do_commit=True):
         # existing domain, only update if something actually has changed
@@ -218,11 +218,11 @@ def update_pdns_admin_domain(self, domain, account_id, data, do_commit=True):
             try:
                 if do_commit:
                     db.session.commit()
-                current_app.logger.info("Updated PDNS-Admin domain {0}".format(
+                current_app.logger.info("Updated PDNS-Admin zone {0}".format(
                     domain.name))
             except Exception as e:
                 db.session.rollback()
-                current_app.logger.info("Rolled back Domain {0} {1}".format(
+                current_app.logger.info("Rolled back zone {0} {1}".format(
                     domain.name, e))
                 raise
 
@@ -234,7 +234,7 @@ def add(self,
             domain_master_ips=[],
             account_name=None):
         """
-        Add a domain to power dns
+        Add a zone to power dns
         """
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
@@ -269,23 +269,23 @@ def add(self,
             if 'error' in jdata.keys():
                 current_app.logger.error(jdata['error'])
                 if jdata.get('http_code') == 409:
-                    return {'status': 'error', 'msg': 'Domain already exists'}
+                    return {'status': 'error', 'msg': 'Zone already exists'}
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'Added domain successfully to PowerDNS: {0}'.format(
+                    'Added zone successfully to PowerDNS: {0}'.format(
                         domain_name))
                 self.add_domain_to_powerdns_admin(domain_dict=post_data)
-                return {'status': 'ok', 'msg': 'Added domain successfully'}
+                return {'status': 'ok', 'msg': 'Added zone successfully'}
         except Exception as e:
-            current_app.logger.error('Cannot add domain {0} {1}'.format(
+            current_app.logger.error('Cannot add zone {0} {1}'.format(
                 domain_name, e))
             current_app.logger.debug(traceback.format_exc())
-            return {'status': 'error', 'msg': 'Cannot add this domain.'}
+            return {'status': 'error', 'msg': 'Cannot add this zone.'}
 
     def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=True):
         """
-        Read Domain from PowerDNS and add into PDNS-Admin
+        Read zone from PowerDNS and add into PDNS-Admin
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         if not domain:
@@ -299,7 +299,7 @@ def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=
                     timeout=int(Setting().get('pdns_api_timeout')),
                     verify=Setting().get('verify_ssl_connections'))
             except Exception as e:
-                current_app.logger.error('Can not read domain from PDNS')
+                current_app.logger.error('Can not read zone from PDNS')
                 current_app.logger.error(e)
                 current_app.logger.debug(traceback.format_exc())
 
@@ -325,20 +325,20 @@ def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=
             if do_commit:
                 db.session.commit()
             current_app.logger.info(
-                "Synced PowerDNS Domain to PDNS-Admin: {0}".format(d.name))
+                "Synced PowerDNS zone to PDNS-Admin: {0}".format(d.name))
             return {
                 'status': 'ok',
-                'msg': 'Added Domain successfully to PowerDNS-Admin'
+                'msg': 'Added zone successfully to PowerDNS-Admin'
             }
         except Exception as e:
             db.session.rollback()
-            current_app.logger.info("Rolled back Domain {0}".format(d.name))
+            current_app.logger.info("Rolled back zone {0}".format(d.name))
             raise
 
     def update_soa_setting(self, domain_name, soa_edit_api):
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': 'error', 'msg': 'Domain does not exist.'}
+            return {'status': 'error', 'msg': 'Zone does not exist.'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -365,7 +365,7 @@ def update_soa_setting(self, domain_name, soa_edit_api):
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'soa-edit-api changed for domain {0} successfully'.format(
+                    'soa-edit-api changed for zone {0} successfully'.format(
                         domain_name))
                 return {
                     'status': 'ok',
@@ -375,11 +375,11 @@ def update_soa_setting(self, domain_name, soa_edit_api):
             current_app.logger.debug(e)
             current_app.logger.debug(traceback.format_exc())
             current_app.logger.error(
-                'Cannot change soa-edit-api for domain {0}'.format(
+                'Cannot change soa-edit-api for zone {0}'.format(
                     domain_name))
             return {
                 'status': 'error',
-                'msg': 'Cannot change soa-edit-api for this domain.'
+                'msg': 'Cannot change soa-edit-api for this zone.'
             }
 
     def update_kind(self, domain_name, kind, masters=[]):
@@ -388,7 +388,7 @@ def update_kind(self, domain_name, kind, masters=[]):
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': 'error', 'msg': 'Domain does not exist.'}
+            return {'status': 'error', 'msg': 'Znoe does not exist.'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -409,26 +409,26 @@ def update_kind(self, domain_name, kind, masters=[]):
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'Update domain kind for {0} successfully'.format(
+                    'Update zone kind for {0} successfully'.format(
                         domain_name))
                 return {
                     'status': 'ok',
-                    'msg': 'Domain kind changed successfully'
+                    'msg': 'Zone kind changed successfully'
                 }
         except Exception as e:
             current_app.logger.error(
-                'Cannot update kind for domain {0}. Error: {1}'.format(
+                'Cannot update kind for zone {0}. Error: {1}'.format(
                     domain_name, e))
             current_app.logger.debug(traceback.format_exc())
 
             return {
                 'status': 'error',
-                'msg': 'Cannot update kind for this domain.'
+                'msg': 'Cannot update kind for this zone.'
             }
 
     def create_reverse_domain(self, domain_name, domain_reverse_name):
         """
-        Check the existing reverse lookup domain,
+        Check the existing reverse lookup zone,
         if not exists create a new one automatically
         """
         domain_obj = Domain.query.filter(Domain.name == domain_name).first()
@@ -448,7 +448,7 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
             result = self.add(domain_reverse_name, 'Master', 'DEFAULT', [], [])
             self.update()
             if result['status'] == 'ok':
-                history = History(msg='Add reverse lookup domain {0}'.format(
+                history = History(msg='Add reverse lookup zone {0}'.format(
                     domain_reverse_name),
                     detail=json.dumps({
                         'domain_type': 'Master',
@@ -459,7 +459,7 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
             else:
                 return {
                     'status': 'error',
-                    'msg': 'Adding reverse lookup domain failed'
+                    'msg': 'Adding reverse lookup zone failed'
                 }
             domain_user_ids = self.get_user()
             if len(domain_user_ids) > 0:
@@ -469,13 +469,13 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
                     'status':
                         'ok',
                     'msg':
-                        'New reverse lookup domain created with granted privileges'
+                        'New reverse lookup zone created with granted privileges'
                 }
             return {
                 'status': 'ok',
-                'msg': 'New reverse lookup domain created without users'
+                'msg': 'New reverse lookup zone created without users'
             }
-        return {'status': 'ok', 'msg': 'Reverse lookup domain already exists'}
+        return {'status': 'ok', 'msg': 'Reverse lookup zone already exists'}
 
     def get_reverse_domain_name(self, reverse_host_address):
         c = 1
@@ -504,22 +504,22 @@ def get_reverse_domain_name(self, reverse_host_address):
 
     def delete(self, domain_name):
         """
-        Delete a single domain name from powerdns
+        Delete a single zone name from powerdns
         """
         try:
             self.delete_domain_from_powerdns(domain_name)
             self.delete_domain_from_pdnsadmin(domain_name)
-            return {'status': 'ok', 'msg': 'Delete domain successfully'}
+            return {'status': 'ok', 'msg': 'Delete zone successfully'}
         except Exception as e:
             current_app.logger.error(
-                'Cannot delete domain {0}'.format(domain_name))
+                'Cannot delete zone {0}'.format(domain_name))
             current_app.logger.error(e)
             current_app.logger.debug(traceback.format_exc())
-            return {'status': 'error', 'msg': 'Cannot delete domain'}
+            return {'status': 'error', 'msg': 'Cannot delete zone'}
 
     def delete_domain_from_powerdns(self, domain_name):
         """
-        Delete a single domain name from powerdns
+        Delete a single zone name from powerdns
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
 
@@ -531,12 +531,12 @@ def delete_domain_from_powerdns(self, domain_name):
             method='DELETE',
             verify=Setting().get('verify_ssl_connections'))
         current_app.logger.info(
-            'Deleted domain successfully from PowerDNS: {0}'.format(
+            'Deleted zone successfully from PowerDNS: {0}'.format(
                 domain_name))
-        return {'status': 'ok', 'msg': 'Delete domain successfully'}
+        return {'status': 'ok', 'msg': 'Delete zone successfully'}
 
     def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
-        # Revoke permission before deleting domain
+        # Revoke permission before deleting zone
         domain = Domain.query.filter(Domain.name == domain_name).first()
         domain_user = DomainUser.query.filter(
             DomainUser.domain_id == domain.id)
@@ -548,7 +548,7 @@ def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
             domain_setting.delete()
         domain.apikeys[:] = []
 
-        # Remove history for domain
+        # Remove history for zone
         if not Setting().get('preserve_history'):
             domain_history = History.query.filter(
                 History.domain_id == domain.id
@@ -556,17 +556,17 @@ def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
             if domain_history:
                 domain_history.delete()
 
-        # then remove domain
+        # then remove zone
         Domain.query.filter(Domain.name == domain_name).delete()
         if do_commit:
             db.session.commit()
         current_app.logger.info(
-            "Deleted domain successfully from pdnsADMIN: {}".format(
+            "Deleted zone successfully from pdnsADMIN: {}".format(
                 domain_name))
 
     def get_user(self):
         """
-        Get users (id) who have access to this domain name
+        Get users (id) who have access to this zone name
         """
         user_ids = []
         query = db.session.query(
@@ -596,7 +596,7 @@ def grant_privileges(self, new_user_ids):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot revoke user privileges on domain {0}. DETAIL: {1}'.
+                'Cannot revoke user privileges on zone {0}. DETAIL: {1}'.
                     format(self.name, e))
             current_app.logger.debug(print(traceback.format_exc()))
 
@@ -608,7 +608,7 @@ def grant_privileges(self, new_user_ids):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot grant user privileges to domain {0}. DETAIL: {1}'.
+                'Cannot grant user privileges to zone {0}. DETAIL: {1}'.
                     format(self.name, e))
             current_app.logger.debug(print(traceback.format_exc()))
 
@@ -625,7 +625,7 @@ def revoke_privileges_by_id(self, user_id):
 
     def add_user(self, user):
         """
-        Add a single user to Domain by User
+        Add a single user to zone by User
         """
         try:
             du = DomainUser(self.id, user.id)
@@ -635,7 +635,7 @@ def add_user(self, user):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot add user privileges on domain {0}. DETAIL: {1}'.
+                'Cannot add user privileges on zone {0}. DETAIL: {1}'.
                 format(self.name, e))
             return False
 
@@ -667,11 +667,11 @@ def update_from_master(self, domain_name):
                         'There was something wrong, please contact administrator'
                 }
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def get_domain_dnssec(self, domain_name):
         """
-        Get domain DNSSEC information
+        Get zone DNSSEC information
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
@@ -689,13 +689,13 @@ def get_domain_dnssec(self, domain_name):
                 if 'error' in jdata:
                     return {
                         'status': 'error',
-                        'msg': 'DNSSEC is not enabled for this domain'
+                        'msg': 'DNSSEC is not enabled for this zone'
                     }
                 else:
                     return {'status': 'ok', 'dnssec': jdata}
             except Exception as e:
                 current_app.logger.error(
-                    'Cannot get domain dnssec. DETAIL: {0}'.format(e))
+                    'Cannot get zone dnssec. DETAIL: {0}'.format(e))
                 return {
                     'status':
                         'error',
@@ -703,11 +703,11 @@ def get_domain_dnssec(self, domain_name):
                         'There was something wrong, please contact administrator'
                 }
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def enable_domain_dnssec(self, domain_name):
         """
-        Enable domain DNSSEC
+        Enable zone DNSSEC
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
@@ -728,7 +728,7 @@ def enable_domain_dnssec(self, domain_name):
                     return {
                         'status': 'error',
                         'msg':
-                            'API-RECTIFY could not be enabled for this domain',
+                            'API-RECTIFY could not be enabled for this zone',
                         'jdata': jdata
                     }
 
@@ -749,7 +749,7 @@ def enable_domain_dnssec(self, domain_name):
                         'status':
                             'error',
                         'msg':
-                            'Cannot enable DNSSEC for this domain. Error: {0}'.
+                            'Cannot enable DNSSEC for this zone. Error: {0}'.
                                 format(jdata['error']),
                         'jdata':
                             jdata
@@ -769,7 +769,7 @@ def enable_domain_dnssec(self, domain_name):
                 }
 
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def delete_dnssec_key(self, domain_name, key_id):
         """
@@ -794,13 +794,13 @@ def delete_dnssec_key(self, domain_name, key_id):
                         'status':
                             'error',
                         'msg':
-                            'Cannot disable DNSSEC for this domain. Error: {0}'.
+                            'Cannot disable DNSSEC for this zone. Error: {0}'.
                                 format(jdata['error']),
                         'jdata':
                             jdata
                     }
 
-                # Disable API-RECTIFY for domain, AFTER deactivating DNSSEC
+                # Disable API-RECTIFY for zone, AFTER deactivating DNSSEC
                 post_data = {"api_rectify": False}
                 jdata = utils.fetch_json(
                     urljoin(
@@ -815,7 +815,7 @@ def delete_dnssec_key(self, domain_name, key_id):
                     return {
                         'status': 'error',
                         'msg':
-                            'API-RECTIFY could not be disabled for this domain',
+                            'API-RECTIFY could not be disabled for this zone',
                         'jdata': jdata
                     }
 
@@ -834,22 +834,22 @@ def delete_dnssec_key(self, domain_name, key_id):
                 }
 
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def assoc_account(self, account_id, update=True):
         """
-        Associate domain with a domain, specified by account id
+        Associate account with a zone, specified by account id
         """
         domain_name = self.name
 
         # Sanity check - domain name
         if domain_name == "":
-            return {'status': False, 'msg': 'No domain name specified'}
+            return {'status': False, 'msg': 'No zone name specified'}
 
         # read domain and check that it exists
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': False, 'msg': 'Domain does not exist'}
+            return {'status': False, 'msg': 'Zone does not exist'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -875,9 +875,9 @@ def assoc_account(self, account_id, update=True):
             else:
                 if update:
                     self.update()
-                msg_str = 'Account changed for domain {0} successfully'
+                msg_str = 'Account changed for zone {0} successfully'
                 current_app.logger.info(msg_str.format(domain_name))
-                history = History(msg='Update domain {0} associate account {1}'.format(domain.name, 'none' if account_name == '' else account_name),
+                history = History(msg='Update zone {0} associate account {1}'.format(domain.name, 'none' if account_name == '' else account_name),
                               detail = json.dumps({
                                     'assoc_account': 'None' if account_name == '' else account_name,
                                     'dissoc_account': 'None' if account_name_old == '' else account_name_old
@@ -889,16 +889,16 @@ def assoc_account(self, account_id, update=True):
         except Exception as e:
             current_app.logger.debug(e)
             current_app.logger.debug(traceback.format_exc())
-            msg_str = 'Cannot change account for domain {0}'
+            msg_str = 'Cannot change account for zone {0}'
             current_app.logger.error(msg_str.format(domain_name))
             return {
                 'status': 'error',
-                'msg': 'Cannot change account for this domain.'
+                'msg': 'Cannot change account for this zone.'
             }
 
     def get_account(self):
         """
-        Get current account associated with this domain
+        Get current account associated with this zone
         """
         domain = Domain.query.filter(Domain.name == self.name).first()
 
@@ -907,7 +907,7 @@ def get_account(self):
     def is_valid_access(self, user_id):
         """
         Check if the user is allowed to access this
-        domain name
+        zone name
         """
         return db.session.query(Domain) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
@@ -919,8 +919,8 @@ def is_valid_access(self, user_id):
                 AccountUser.user_id == user_id
             )).filter(Domain.id == self.id).first()
 
-    # Return None if this domain does not exist as record, 
-    # Return the parent domain that hold the record if exist
+    # Return None if this zone does not exist as record, 
+    # Return the parent zone that hold the record if exist
     def is_overriding(self, domain_name):
         upper_domain_name = '.'.join(domain_name.split('.')[1:])
         while upper_domain_name != '':
@@ -929,7 +929,7 @@ def is_overriding(self, domain_name):
                     if 'rrsets' in upper_domain:
                         for r in upper_domain['rrsets']:
                             if domain_name.rstrip('.') in r['name'].rstrip('.'):
-                                current_app.logger.error('Domain already exists as a record: {} under domain: {}'.format(r['name'].rstrip('.'), upper_domain_name))
+                                current_app.logger.error('Zone already exists as a record: {} under zone: {}'.format(r['name'].rstrip('.'), upper_domain_name))
                                 return upper_domain_name
             upper_domain_name = '.'.join(upper_domain_name.split('.')[1:])
         return None
diff --git a/powerdnsadmin/models/domain_template.py b/powerdnsadmin/models/domain_template.py
index 1b3c6ffc7..70463ac49 100644
--- a/powerdnsadmin/models/domain_template.py
+++ b/powerdnsadmin/models/domain_template.py
@@ -45,11 +45,11 @@ def create(self):
             return {'status': 'ok', 'msg': 'Template has been created'}
         except Exception as e:
             current_app.logger.error(
-                'Can not update domain template table. Error: {0}'.format(e))
+                'Can not update zone template table. Error: {0}'.format(e))
             db.session.rollback()
             return {
                 'status': 'error',
-                'msg': 'Can not update domain template table'
+                'msg': 'Can not update zone template table'
             }
 
     def delete_template(self):
@@ -60,6 +60,6 @@ def delete_template(self):
             return {'status': 'ok', 'msg': 'Template has been deleted'}
         except Exception as e:
             current_app.logger.error(
-                'Can not delete domain template. Error: {0}'.format(e))
+                'Can not delete zone template. Error: {0}'.format(e))
             db.session.rollback()
-            return {'status': 'error', 'msg': 'Can not delete domain template'}
\ No newline at end of file
+            return {'status': 'error', 'msg': 'Can not delete zone template'}
diff --git a/powerdnsadmin/models/domain_template_record.py b/powerdnsadmin/models/domain_template_record.py
index bd86c6efb..465b07d4d 100644
--- a/powerdnsadmin/models/domain_template_record.py
+++ b/powerdnsadmin/models/domain_template_record.py
@@ -39,9 +39,9 @@ def apply(self):
             db.session.commit()
         except Exception as e:
             current_app.logger.error(
-                'Can not update domain template table. Error: {0}'.format(e))
+                'Can not update zone template table. Error: {0}'.format(e))
             db.session.rollback()
             return {
                 'status': 'error',
-                'msg': 'Can not update domain template table'
+                'msg': 'Can not update zone template table'
             }
diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index ae70a9e54..3b239b484 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -46,7 +46,7 @@ def __init__(self,
 
     def get_rrsets(self, domain):
         """
-        Query domain's rrsets via PDNS API
+        Query zone's rrsets via PDNS API
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         try:
@@ -59,7 +59,7 @@ def get_rrsets(self, domain):
                                      verify=Setting().get('verify_ssl_connections'))
         except Exception as e:
             current_app.logger.error(
-                "Cannot fetch domain's record data from remote powerdns api. DETAIL: {0}"
+                "Cannot fetch zone's record data from remote powerdns api. DETAIL: {0}"
                 .format(e))
             return []
 
@@ -77,7 +77,7 @@ def get_rrsets(self, domain):
 
     def add(self, domain_name, rrset):
         """
-        Add a record to a domain (Used by auto_ptr and DynDNS)
+        Add a record to a zone (Used by auto_ptr and DynDNS)
 
         Args:
             domain_name(str): The zone name
@@ -115,7 +115,7 @@ def add(self, domain_name, rrset):
             return {'status': 'ok', 'msg': 'Record was added successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot add record to domain {}. Error: {}".format(
+                "Cannot add record to zone {}. Error: {}".format(
                     domain_name, e))
             current_app.logger.debug("Submitted record rrset: \n{}".format(
                 utils.pretty_json(rrset)))
@@ -172,7 +172,7 @@ def build_rrsets(self, domain_name, submitted_records):
             record['record_name'] = utils.to_idna(record["record_name"], "encode")
             #TODO: error handling
             # If the record is an alias (CNAME), we will also make sure that
-            # the target domain is properly converted to punycode (IDN)
+            # the target zone is properly converted to punycode (IDN)
             if record['record_type'] == 'CNAME' or record['record_type'] == 'SOA':
                 record['record_data'] = utils.to_idna(record['record_data'], 'encode')
                 #TODO: error handling
@@ -343,7 +343,7 @@ def delete_for_api(rrset):
 
     def apply(self, domain_name, submitted_records):
         """
-        Apply record changes to a domain. This function
+        Apply record changes to a zone. This function
         will make 1 call to the PDNS API to DELETE and
         REPLACE records (rrsets)
         """
@@ -377,7 +377,7 @@ def apply(self, domain_name, submitted_records):
             return {'status': 'ok', 'msg': 'Record was applied successfully', 'data': (new_rrsets, del_rrsets)}
         except Exception as e:
             current_app.logger.error(
-                "Cannot apply record changes to domain {0}. Error: {1}".format(
+                "Cannot apply record changes to zone {0}. Error: {1}".format(
                     domain_name, e))
             current_app.logger.debug(traceback.format_exc())
             return {
@@ -480,7 +480,7 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
                 }
             except Exception as e:
                 current_app.logger.error(
-                    "Cannot update auto-ptr record changes to domain {0}. Error: {1}"
+                    "Cannot update auto-ptr record changes to zone {0}. Error: {1}"
                     .format(domain_name, e))
                 current_app.logger.debug(traceback.format_exc())
                 return {
@@ -492,7 +492,7 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
 
     def delete(self, domain):
         """
-        Delete a record from domain
+        Delete a record from zone
         """
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
         data = {
@@ -517,7 +517,7 @@ def delete(self, domain):
             return {'status': 'ok', 'msg': 'Record was removed successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot remove record {0}/{1}/{2} from domain {3}. DETAIL: {4}"
+                "Cannot remove record {0}/{1}/{2} from zone {3}. DETAIL: {4}"
                 .format(self.name, self.type, self.data, domain, e))
             return {
                 'status': 'error',
@@ -540,7 +540,7 @@ def is_allowed_delete(self):
 
     def exists(self, domain):
         """
-        Check if record is present within domain records, and if it's present set self to found record
+        Check if record is present within zone records, and if it's present set self to found record
         """
         rrsets = self.get_rrsets(domain)
         for r in rrsets:
@@ -588,7 +588,7 @@ def update(self, domain, content):
             return {'status': 'ok', 'msg': 'Record was updated successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot add record {0}/{1}/{2} to domain {3}. DETAIL: {4}".
+                "Cannot add record {0}/{1}/{2} to zone {3}. DETAIL: {4}".
                 format(self.name, self.type, self.data, domain, e))
             return {
                 'status': 'error',
@@ -614,11 +614,11 @@ def update_db_serial(self, domain):
             db.session.commit()
             return {
                 'status': True,
-                'msg': 'Synced local serial for domain name {0}'.format(domain)
+                'msg': 'Synced local serial for zone name {0}'.format(domain)
             }
         else:
             return {
                 'status': False,
                 'msg':
-                'Could not find domain name {0} in local db'.format(domain)
+                'Could not find zone name {0} in local db'.format(domain)
             }
diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 78104f665..4b76be732 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -527,7 +527,7 @@ def update_confirmed(self, confirmed):
 
     def get_domains(self):
         """
-        Get list of domains which the user is granted to have
+        Get list of zones which the user is granted to have
         access.
 
         Note: This doesn't include the permission granting from Account
@@ -680,7 +680,7 @@ def updateUser(self, Entitlements):
 
     def addMissingDomain(self, autoprovision_domain, current_domains):
         """
-        Add domain gathered by autoprovisioning to the current domains list of a user
+        Add domain gathered by autoprovisioning to the current zones list of a user
         """
         from ..models.domain import Domain
         user = db.session.query(User).filter(User.username == self.username).first()
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 43339778f..47551ee26 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -838,10 +838,10 @@ def __init__(self, history, change_set):
 
         detail_dict = json.loads(history.detail)
 
-        if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a domain creation
+        if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a zone creation
             self.detailed_msg = render_template_string("""
                     <table class="table table-bordered table-striped">
-                        <tr><td>Domain Type:</td><td>{{ domaintype }}</td></tr>
+                        <tr><td>Zone Type:</td><td>{{ domaintype }}</td></tr>
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
@@ -881,7 +881,7 @@ def __init__(self, history, change_set):
                                                        authenticator=detail_dict['authenticator'],
                                                        ip_address=detail_dict['ip_address'])
 
-        elif 'add_rrsets' in detail_dict:  # this is a domain record change
+        elif 'add_rrsets' in detail_dict:  # this is a zone record change
             # changes_set = []
             self.detailed_msg = ""
             # extract_changelogs_from_a_history_entry(changes_set, history, 0)
@@ -897,11 +897,11 @@ def __init__(self, history, change_set):
                                                        description=DetailedHistory.get_key_val(detail_dict,
                                                                                                "description"))
 
-        elif 'Change domain' in history.msg and 'access control' in history.msg:  # added or removed a user from a domain
+        elif 'Change zone' in history.msg and 'access control' in history.msg:  # added or removed a user from a zone
             users_with_access = DetailedHistory.get_key_val(detail_dict, "user_has_access")
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Users with access to this domain</td><td>{{ users_with_access }}</td></tr>
+                    <tr><td>Users with access to this zone</td><td>{{ users_with_access }}</td></tr>
                     <tr><td>Number of users:</td><td>{{ users_with_access | length }}</td><tr>
                 </table>
                 """,
@@ -913,7 +913,7 @@ def __init__(self, history, change_set):
                     <tr><td>Key: </td><td>{{ keyname }}</td></tr>
                     <tr><td>Role:</td><td>{{ rolename }}</td></tr>
                     <tr><td>Description:</td><td>{{ description }}</td></tr>
-                    <tr><td>Accessible domains with this API key:</td><td>{{ linked_domains }}</td></tr>
+                    <tr><td>Accessible zones with this API key:</td><td>{{ linked_domains }}</td></tr>
                     <tr><td>Accessible accounts with this API key:</td><td>{{ linked_accounts }}</td></tr>
                 </table>
                 """,
@@ -932,7 +932,7 @@ def __init__(self, history, change_set):
                     <tr><td>Key: </td><td>{{ keyname }}</td></tr>
                     <tr><td>Role:</td><td>{{ rolename }}</td></tr>
                     <tr><td>Description:</td><td>{{ description }}</td></tr>
-                    <tr><td>Accessible domains with this API key:</td><td>{{ linked_domains }}</td></tr>
+                    <tr><td>Accessible zones with this API key:</td><td>{{ linked_domains }}</td></tr>
                 </table>
                 """,
                                                        keyname=DetailedHistory.get_key_val(detail_dict, "key"),
@@ -942,11 +942,11 @@ def __init__(self, history, change_set):
                                                        linked_domains=DetailedHistory.get_key_val(detail_dict,
                                                                                                   "domains"))
 
-        elif 'Update type for domain' in history.msg:
+        elif 'Update type for zone' in history.msg:
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Domain: </td><td>{{ domain }}</td></tr>
-                    <tr><td>Domain type:</td><td>{{ domain_type }}</td></tr>
+                    <tr><td>Zone: </td><td>{{ domain }}</td></tr>
+                    <tr><td>Zone type:</td><td>{{ domain_type }}</td></tr>
                     <tr><td>Masters:</td><td>{{ masters }}</td></tr>
                 </table>
                 """,
@@ -957,8 +957,8 @@ def __init__(self, history, change_set):
         elif 'reverse' in history.msg:
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Domain Type: </td><td>{{ domain_type }}</td></tr>
-                    <tr><td>Domain Master IPs:</td><td>{{ domain_master_ips }}</td></tr>
+                    <tr><td>Zone Type: </td><td>{{ domain_type }}</td></tr>
+                    <tr><td>Zone Master IPs:</td><td>{{ domain_master_ips }}</td></tr>
                 </table>
                 """,
                                                        domain_type=DetailedHistory.get_key_val(detail_dict,
@@ -977,7 +977,7 @@ def __init__(self, history, change_set):
                                                                                                   'status'),
                                                        history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
 
-        elif 'Update domain' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with domains
+        elif 'Update zone' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
             self.detailed_msg = render_template_string('''
                 <table class="table table-bordered table-striped">
                     <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
@@ -1164,7 +1164,7 @@ def history_table():  # ajax call data
         else:
             # if the user isn't an administrator or operator,
             # allow_user_view_history must be enabled to get here,
-            # so include history for the domains for the user
+            # so include history for the zones for the user
             base_query = db.session.query(History) \
                 .join(Domain, History.domain_id == Domain.id) \
                 .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
@@ -1231,11 +1231,11 @@ def history_table():  # ajax call data
                     .filter(
                     db.and_(
                         db.or_(
-                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like(
-                                "%domain%"),
+                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like(
+                                "%zone%"),
                             History.msg.like(
-                                "%domain " + domain_name + " access control") if domain_name != "*" else History.msg.like(
-                                "%domain%access control")
+                                "%zone " + domain_name + " access control") if domain_name != "*" else History.msg.like(
+                                "%zone%access control")
                         ),
                         History.created_on <= max_date if max_date != None else True,
                         History.created_on >= min_date if min_date != None else True,
@@ -1247,8 +1247,8 @@ def history_table():  # ajax call data
                 histories = base_query \
                     .filter(
                     db.and_(
-                        History.msg.like("Apply record changes to domain " + domain_name) if domain_name != "*" \
-                            else History.msg.like("Apply record changes to domain%"),
+                        History.msg.like("Apply record changes to zone " + domain_name) if domain_name != "*" \
+                            else History.msg.like("Apply record changes to zone%"),
                         History.created_on <= max_date if max_date != None else True,
                         History.created_on >= min_date if min_date != None else True,
                         History.created_by == changed_by if changed_by != None else True
@@ -1830,7 +1830,7 @@ def create_template():
             t = DomainTemplate(name=name, description=description)
             result = t.create()
             if result['status'] == 'ok':
-                history = History(msg='Add domain template {0}'.format(name),
+                history = History(msg='Add zone template {0}'.format(name),
                                   detail=json.dumps({
                                       'name': name,
                                       'description': description
@@ -1843,7 +1843,7 @@ def create_template():
                 return redirect(url_for('admin.create_template'))
         except Exception as e:
             current_app.logger.error(
-                'Cannot create domain template. Error: {0}'.format(e))
+                'Cannot create zone template. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             abort(500)
 
@@ -1877,7 +1877,7 @@ def create_template_from_zone():
         t = DomainTemplate(name=name, description=description)
         result = t.create()
         if result['status'] == 'ok':
-            history = History(msg='Add domain template {0}'.format(name),
+            history = History(msg='Add zone template {0}'.format(name),
                               detail=json.dumps({
                                   'name': name,
                                   'description': description
@@ -1885,7 +1885,7 @@ def create_template_from_zone():
                               created_by=current_user.username)
             history.add()
 
-            # After creating the domain in Domain Template in the,
+            # After creating the zone in Zone Template in the,
             # local DB. We add records into it Record Template.
             records = []
             domain = Domain.query.filter(Domain.name == domain_name).first()
@@ -1914,7 +1914,7 @@ def create_template_from_zone():
                         'msg': result['msg']
                     }), 200)
             else:
-                # Revert the domain template (remove it)
+                # Revert the zone template (remove it)
                 # ff we cannot add records.
                 t.delete_template()
                 return make_response(
@@ -1971,7 +1971,7 @@ def edit_template(template):
                                    ttl_options=ttl_options)
     except Exception as e:
         current_app.logger.error(
-            'Cannot open domain template page. DETAIL: {0}'.format(e))
+            'Cannot open zone template page. DETAIL: {0}'.format(e))
         current_app.logger.debug(traceback.format_exc())
         abort(500)
     return redirect(url_for('admin.templates'))
@@ -2009,7 +2009,7 @@ def apply_records(template):
             jdata.pop('_csrf_token',
                       None)  # don't store csrf token in the history.
             history = History(
-                msg='Apply domain template record changes to domain template {0}'
+                msg='Apply zone template record changes to zone template {0}'
                 .format(template),
                 detail=json.dumps(jdata),
                 created_by=current_user.username)
@@ -2040,7 +2040,7 @@ def delete_template(template):
             result = t.delete_template()
             if result['status'] == 'ok':
                 history = History(
-                    msg='Deleted domain template {0}'.format(template),
+                    msg='Deleted zone template {0}'.format(template),
                     detail=json.dumps({'name': template}),
                     created_by=current_user.username)
                 history.add()
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index e764f911c..9f72b4e0d 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -211,7 +211,7 @@ def api_login_create_zone():
                                   accept='application/json; q=1',
                                   verify=Setting().get('verify_ssl_connections'))
     except Exception as e:
-        current_app.logger.error("Cannot create domain. Error: {}".format(e))
+        current_app.logger.error("Cannot create zone. Error: {}".format(e))
         abort(500)
 
     if resp.status_code == 201:
@@ -222,7 +222,7 @@ def api_login_create_zone():
         domain.update()
         domain_id = domain.get_id_by_name(data['name'].rstrip('.'))
 
-        history = History(msg='Add domain {0}'.format(
+        history = History(msg='Add zone {0}'.format(
             data['name'].rstrip('.')),
             detail=json.dumps(data),
             created_by=current_user.username,
@@ -230,7 +230,7 @@ def api_login_create_zone():
         history.add()
 
         if current_user.role.name not in ['Administrator', 'Operator']:
-            current_app.logger.debug("User is ordinary user, assigning created domain")
+            current_app.logger.debug("User is ordinary user, assigning created zone")
             domain = Domain(name=data['name'].rstrip('.'))
             domain.update()
             domain.grant_privileges([current_user.id])
@@ -296,7 +296,7 @@ def api_login_delete_zone(domain_name):
             domain_id = domain.get_id_by_name(domain_name)
             domain.update()
 
-            history = History(msg='Delete domain {0}'.format(
+            history = History(msg='Delete zone {0}'.format(
                 utils.pretty_domain_name(domain_name)),
                 detail='',
                 created_by=current_user.username,
@@ -347,13 +347,13 @@ def api_generate_apikey():
         abort(400)
 
     if role_name == 'User' and len(domains) == 0 and len(accounts) == 0:
-        current_app.logger.error("Apikey with User role must have domains or accounts")
+        current_app.logger.error("Apikey with User role must have zones or accounts")
         raise ApiKeyNotUsable()
 
     if role_name == 'User' and len(domains) > 0:
         domain_obj_list = Domain.query.filter(Domain.name.in_(domains)).all()
         if len(domain_obj_list) == 0:
-            msg = "One of supplied domains does not exist"
+            msg = "One of supplied zones does not exist"
             current_app.logger.error(msg)
             raise DomainNotExists(message=msg)
 
@@ -383,13 +383,13 @@ def api_generate_apikey():
         domain_list = [item.name for item in domain_obj_list]
         user_domain_list = [item.name for item in user_domain_obj_list]
 
-        current_app.logger.debug("Input domain list: {0}".format(domain_list))
-        current_app.logger.debug("User domain list: {0}".format(user_domain_list))
+        current_app.logger.debug("Input zone list: {0}".format(domain_list))
+        current_app.logger.debug("User zone list: {0}".format(user_domain_list))
 
         inter = set(domain_list).intersection(set(user_domain_list))
 
         if not (len(inter) == len(domain_list)):
-            msg = "You don't have access to one of domains"
+            msg = "You don't have access to one of zones"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
@@ -417,7 +417,7 @@ def api_get_apikeys(domain_name):
 
     if current_user.role.name not in ['Administrator', 'Operator']:
         if domain_name:
-            msg = "Check if domain {0} exists and is allowed for user.".format(
+            msg = "Check if zone {0} exists and is allowed for user.".format(
                 domain_name)
             current_app.logger.debug(msg)
             apikeys = get_user_apikeys(domain_name)
@@ -427,7 +427,7 @@ def api_get_apikeys(domain_name):
 
             current_app.logger.debug(apikey_schema.dump(apikeys))
         else:
-            msg_str = "Getting all allowed domains for user {0}"
+            msg_str = "Getting all allowed zones for user {0}"
             msg = msg_str.format(current_user.username)
             current_app.logger.debug(msg)
 
@@ -438,7 +438,7 @@ def api_get_apikeys(domain_name):
                 current_app.logger.error('Error: {0}'.format(e))
                 abort(500)
     else:
-        current_app.logger.debug("Getting all domains for administrative user")
+        current_app.logger.debug("Getting all zones for administrative user")
         try:
             apikeys = ApiKey.query.all()
             current_app.logger.debug(apikey_schema.dump(apikeys))
@@ -488,7 +488,7 @@ def api_delete_apikey(apikey_id):
         inter = set(apikey_domains_list).intersection(set(user_domains_list))
 
         if not (len(inter) == len(apikey_domains_list)):
-            msg = "You don't have access to some domains apikey belongs to"
+            msg = "You don't have access to some zones apikey belongs to"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
@@ -558,7 +558,7 @@ def api_update_apikey(apikey_id):
         if domains is not None:
             domain_obj_list = Domain.query.filter(Domain.name.in_(domains)).all()
             if len(domain_obj_list) != len(domains):
-                msg = "One of supplied domains does not exist"
+                msg = "One of supplied zones does not exist"
                 current_app.logger.error(msg)
                 raise DomainNotExists(message=msg)
 
@@ -578,12 +578,12 @@ def api_update_apikey(apikey_id):
             target_accounts = current_accounts
 
         if len(target_domains) == 0 and len(target_accounts) == 0:
-            current_app.logger.error("Apikey with User role must have domains or accounts")
+            current_app.logger.error("Apikey with User role must have zones or accounts")
             raise ApiKeyNotUsable()
 
         if domains is not None and set(domains) == set(current_domains):
             current_app.logger.debug(
-                "Domains are the same, apikey domains won't be updated")
+                "Zones are the same, apikey zones won't be updated")
             domains = None
 
         if accounts is not None and set(accounts) == set(current_accounts):
@@ -610,19 +610,19 @@ def api_update_apikey(apikey_id):
         domain_list = [item.name for item in domain_obj_list]
         user_domain_list = [item.name for item in user_domain_obj_list]
 
-        current_app.logger.debug("Input domain list: {0}".format(domain_list))
+        current_app.logger.debug("Input zone list: {0}".format(domain_list))
         current_app.logger.debug(
-            "User domain list: {0}".format(user_domain_list))
+            "User zone list: {0}".format(user_domain_list))
 
         inter = set(domain_list).intersection(set(user_domain_list))
 
         if not (len(inter) == len(domain_list)):
-            msg = "You don't have access to one of domains"
+            msg = "You don't have access to one of zones"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
         if apikey_id not in apikeys_ids:
-            msg = 'Apikey does not belong to domain to which user has access'
+            msg = 'Apikey does not belong to zone to which user has access'
             current_app.logger.error(msg)
             raise DomainAccessForbidden()
 
@@ -966,9 +966,9 @@ def api_delete_account(account_id):
     # Remove account association from domains first
     if len(account.domains) > 0:
         for domain in account.domains:
-            current_app.logger.info(f"Disassociating domain {domain.name} with {account.name}")
+            current_app.logger.info(f"Disassociating zone {domain.name} with {account.name}")
             Domain(name=domain.name).assoc_account(None, update=False)
-        current_app.logger.info("Syncing all domains")
+        current_app.logger.info("Syncing all zones")
         Domain().update()
 
     current_app.logger.debug(
@@ -1117,7 +1117,7 @@ def api_zone_forward(server_id, zone_id):
             if request.method in ['POST', 'PATCH']:
                 data = request.get_json(force=True)
                 history = History(
-                    msg='Apply record changes to domain {0}'.format(zone_id.rstrip('.')),
+                    msg='Apply record changes to zone {0}'.format(zone_id.rstrip('.')),
                     detail = json.dumps({
                         'domain': zone_id.rstrip('.'),
                         'add_rrsets': list(filter(lambda r: r['changetype'] == "REPLACE", data['rrsets'])),
@@ -1164,14 +1164,14 @@ def api_create_zone(server_id):
 
         if g.apikey.role.name not in ['Administrator', 'Operator']:
             current_app.logger.debug(
-                "Apikey is user key, assigning created domain")
+                "Apikey is user key, assigning created zone")
             domain = Domain(name=data['name'].rstrip('.'))
             g.apikey.domains.append(domain)
 
         domain = Domain()
         domain.update()
 
-        history = History(msg='Add domain {0}'.format(
+        history = History(msg='Add zone {0}'.format(
             data['name'].rstrip('.')),
             detail=json.dumps(data),
             created_by=created_by_value,
@@ -1198,7 +1198,7 @@ def api_get_zones(server_id):
 
             accounts_domains = [d.name for a in g.apikey.accounts for d in a.domains]
             allowed_domains = set(domain_list + accounts_domains)
-            current_app.logger.debug("Account domains: {}".format('/'.join(accounts_domains)))
+            current_app.logger.debug("Account zones: {}".format('/'.join(accounts_domains)))
             content = json.dumps([i for i in json.loads(resp.content)
                                   if i['name'].rstrip('.') in allowed_domains])
             return content, resp.status_code, resp.headers.items()
@@ -1236,14 +1236,14 @@ def health():
     domain_to_query = domain.query.first()
 
     if not domain_to_query:
-        current_app.logger.error("No domain found to query a health check")
+        current_app.logger.error("No zone found to query a health check")
         return make_response("Unknown", 503)
 
     try:
         domain.get_domain_info(domain_to_query.name)
     except Exception as e:
         current_app.logger.error(
-            "Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
+            "Health Check - Failed to query authoritative server for zone {}".format(domain_to_query.name))
         return make_response("Down", 503)
 
     return make_response("Up", 200)
diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 0f241211d..14a8ae351 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -176,10 +176,10 @@ def dashboard():
 
     BG_DOMAIN_UPDATE = Setting().get('bg_domain_updates')
     if not BG_DOMAIN_UPDATE:
-        current_app.logger.info('Updating domains in foreground...')
+        current_app.logger.info('Updating zones in foreground...')
         Domain().update()
     else:
-        current_app.logger.info('Updating domains in background...')
+        current_app.logger.info('Updating zones in background...')
 
     show_bg_domain_button = BG_DOMAIN_UPDATE
     if BG_DOMAIN_UPDATE and current_user.role.name not in ['Administrator', 'Operator']:
@@ -196,7 +196,7 @@ def dashboard():
 @login_required
 @operator_role_required
 def domains_updater():
-    current_app.logger.debug('Update domains in background')
+    current_app.logger.debug('Update zones in background')
     d = Domain().update()
 
     response_data = {
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 5fef976f5..593e91de4 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -178,7 +178,7 @@ def remove():
         if result['status'] == 'error':
             abort(500)
 
-        history = History(msg='Delete domain {0}'.format(
+        history = History(msg='Delete zone {0}'.format(
             pretty_domain_name(domain_name)),
                           created_by=current_user.username)
         history.add()
@@ -362,7 +362,7 @@ def add():
             if ' ' in domain_name or not domain_name or not domain_type:
                 return render_template(
                     'errors/400.html',
-                    msg="Please enter a valid domain name"), 400
+                    msg="Please enter a valid zone name"), 400
 
             if domain_name.endswith('.'):
                 domain_name = domain_name[:-1]
@@ -385,11 +385,11 @@ def add():
             try:
                 domain_name = to_idna(domain_name, 'encode')
             except:
-                current_app.logger.error("Cannot encode the domain name {}".format(domain_name))
+                current_app.logger.error("Cannot encode the zone name {}".format(domain_name))
                 current_app.logger.debug(traceback.format_exc())
                 return render_template(
                     'errors/400.html',
-                    msg="Please enter a valid domain name"), 400
+                    msg="Please enter a valid zone name"), 400
 
             if domain_type == 'slave':
                 if request.form.getlist('domain_master_address'):
@@ -429,7 +429,7 @@ def add():
                     else:
                         accounts = current_user.get_accounts()
                     
-                    msg = 'Domain already exists as a record under domain: {}'.format(upper_domain)
+                    msg = 'Zone already exists as a record under zone: {}'.format(upper_domain)
                     
                     return render_template('domain_add.html', 
                                             domain_override_message=msg,
@@ -443,7 +443,7 @@ def add():
                            account_name=account_name)
             if result['status'] == 'ok':
                 domain_id = Domain().get_id_by_name(domain_name)
-                history = History(msg='Add domain {0}'.format(
+                history = History(msg='Add zone {0}'.format(
                     pretty_domain_name(domain_name)),
                                   detail = json.dumps({
                                       'domain_type': domain_type,
@@ -507,7 +507,7 @@ def add():
                 return render_template('errors/400.html',
                                        msg=result['msg']), 400
         except Exception as e:
-            current_app.logger.error('Cannot add domain. Error: {0}'.format(e))
+            current_app.logger.error('Cannot add zone. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             abort(500)
 
@@ -537,7 +537,7 @@ def delete(domain_name):
     if result['status'] == 'error':
         abort(500)
 
-    history = History(msg='Delete domain {0}'.format(
+    history = History(msg='Delete zone {0}'.format(
         pretty_domain_name(domain_name)),
                       created_by=current_user.username)
     history.add()
@@ -581,7 +581,7 @@ def setting(domain_name):
         d.grant_privileges(new_user_ids)
 
         history = History(
-            msg='Change domain {0} access control'.format(
+            msg='Change zone {0} access control'.format(
                 pretty_domain_name(domain_name)),
             detail=json.dumps({'user_has_access': new_user_list}),
             created_by=current_user.username,
@@ -619,7 +619,7 @@ def change_type(domain_name):
                            kind=domain_type,
                            masters=domain_master_ips)
     if status['status'] == 'ok':
-        history = History(msg='Update type for domain {0}'.format(
+        history = History(msg='Update type for zone {0}'.format(
                 pretty_domain_name(domain_name)),
                           detail=json.dumps({
                               "domain": domain_name,
@@ -653,7 +653,7 @@ def change_soa_edit_api(domain_name):
                                   soa_edit_api=new_setting)
     if status['status'] == 'ok':
         history = History(
-            msg='Update soa_edit_api for domain {0}'.format(
+            msg='Update soa_edit_api for zone {0}'.format(
                 pretty_domain_name(domain_name)),
             detail = json.dumps({
                 'domain': domain_name,
@@ -697,7 +697,7 @@ def record_apply(domain_name):
         domain = Domain.query.filter(Domain.name == domain_name).first()
 
         if domain:
-            current_app.logger.debug('Current domain serial: {0}'.format(
+            current_app.logger.debug('Current zone serial: {0}'.format(
                 domain.serial))
 
             if int(submitted_serial) != domain.serial:
@@ -714,14 +714,14 @@ def record_apply(domain_name):
                     'status':
                     'error',
                     'msg':
-                    'Domain name {0} does not exist'.format(pretty_domain_name(domain_name))
+                    'Zone name {0} does not exist'.format(pretty_domain_name(domain_name))
                 }), 404)
 
         r = Record()
         result = r.apply(domain_name, submitted_record)
         if result['status'] == 'ok':
             history = History(
-                msg='Apply record changes to domain {0}'.format(pretty_domain_name(domain_name)),
+                msg='Apply record changes to zone {0}'.format(pretty_domain_name(domain_name)),
                 detail = json.dumps({
                         'domain': domain_name,
                         'add_rrsets': result['data'][0]['rrsets'],
@@ -733,7 +733,7 @@ def record_apply(domain_name):
             return make_response(jsonify(result), 200)
         else:
             history = History(
-                msg='Failed to apply record changes to domain {0}'.format(
+                msg='Failed to apply record changes to zone {0}'.format(
                     pretty_domain_name(domain_name)),
                 detail = json.dumps({
                         'domain': domain_name,
@@ -760,7 +760,7 @@ def record_apply(domain_name):
 @can_access_domain
 def record_update(domain_name):
     """
-    This route is used for domain work as Slave Zone only
+    This route is used for zone work as Slave Zone only
     Pulling the records update from its Master
     """
     try:
@@ -818,7 +818,7 @@ def dnssec_enable(domain_name):
     dnssec = domain.enable_domain_dnssec(domain_name)
     domain_object = Domain.query.filter(domain_name == Domain.name).first()
     history = History(
-        msg='DNSSEC was enabled for domain ' + domain_name ,
+        msg='DNSSEC was enabled for zone ' + domain_name ,
         created_by=current_user.username,
         domain_id=domain_object.id)
     history.add()
@@ -837,7 +837,7 @@ def dnssec_disable(domain_name):
         domain.delete_dnssec_key(domain_name, key['id'])
     domain_object = Domain.query.filter(domain_name == Domain.name).first()
     history = History(
-        msg='DNSSEC was disabled for domain ' + domain_name ,
+        msg='DNSSEC was disabled for zone ' + domain_name ,
         created_by=current_user.username,
         domain_id=domain_object.id)
     history.add()
@@ -914,7 +914,7 @@ def admin_setdomainsetting(domain_name):
                     }), 400)
         except Exception as e:
             current_app.logger.error(
-                'Cannot change domain setting. Error: {0}'.format(e))
+                'Cannot change zone setting. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             return make_response(
                 jsonify({
diff --git a/update_zones.py b/update_zones.py
index 5da542f6c..56cde3e88 100644
--- a/update_zones.py
+++ b/update_zones.py
@@ -29,6 +29,6 @@
         sys.exit(1)
 
     ### Start the update process
-    app.logger.info('Update domains from nameserver API')
+    app.logger.info('Update zones from nameserver API')
 
     Domain().update()

From 6eef5eb59c3381533ac52db70c13bbe3a11678d5 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Mon, 13 Mar 2023 18:54:49 +0100
Subject: [PATCH 330/475] Make the OTP label the same as the site_name #1237

---
 powerdnsadmin/models/user.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 78104f665..861676967 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -90,8 +90,8 @@ def __repr__(self):
         return '<User {0}>'.format(self.username)
 
     def get_totp_uri(self):
-        return "otpauth://totp/PowerDNS-Admin:{0}?secret={1}&issuer=PowerDNS-Admin".format(
-            self.username, self.otp_secret)
+        return "otpauth://totp/{0}:{1}?secret={2}&issuer=PowerDNS-Admin".format(
+            Setting().get('site_name'), self.username, self.otp_secret)
 
     def verify_totp(self, token):
         totp = pyotp.TOTP(self.otp_secret)

From 7e2fa1bfaa2474fcff4da08bccf3c2d163135747 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 14 Mar 2023 13:00:15 +0000
Subject: [PATCH 331/475] fix: fixes Python 3.11 incompatibility using ancient
 lxml binary PyPI

Fixes Python 3.11 incompatibility using ancient lxml binary PyPI built against old libxml2.

This fixes #1442 and closes #1433.

The issue with python3-saml not working is because the binary lxml wheel is built against a different version of libxml2.

``--no-binary lxml`` can be used to fix this and python3-saml will work.

for references check these:
- https://github.com/onelogin/python3-saml/issues/292
- https://bugs.launchpad.net/lxml/+bug/1960668
- https://github.com/open-formulieren/open-forms/pull/2247

```
Tested on:
 - ubuntu:23.04 - WORKING
 - ubuntu:22.10 - WORKING
 - ubuntu:22.04 - WORKING
 - ubuntu:20.04 - WORKING
 - ubuntu:18.04 - NOT WORKING - pip usage error with -r requirements.txt
 - debian:10    - WORKING
 - debian:11    - WORKING
 - alpine:edge  - WORKING
 - alpine:3.17  - WORKING
 - alpine:3.16  - WORKING
 - alpine:3.15  - WORKING
 - alpine:3.14  - WORKING
 - rockylinux:9 - WORKING
 - rockylinux:8 - NOT WORKING - pip usage error with -r requirements.txt
 - almalinux:9  - WORKING
 - almalinux:8  - NOT WORKING - pip usage error with -r requirements.txt
 - fedora:36    - WORKING
 - fedora:37    - WORKING
 - fedora:38    - WORKING
 - fedora:39    - WORKING
```
---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 9753bf02d..83d101127 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -25,7 +25,7 @@ gunicorn==20.1.0
 itsdangerous==2.1.2
 jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
-lxml==4.6.5
+--use-feature=no-binary-enable-wheel-cache lxml==4.9.0
 mysqlclient==2.0.1
 passlib==1.7.4
 #pyOpenSSL==22.1.0
@@ -33,7 +33,7 @@ pyasn1==0.4.8
 pyotp==2.8.0
 pytest==7.2.1
 python-ldap==3.4.3
-python3-saml==1.14.0
+python3-saml==1.15.0
 pytimeparse==1.1.8
 pytz==2022.7.1
 qrcode==7.3.1

From 61e607fb3ff60dc083fafae6520f9ead49a1b0e1 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 14 Mar 2023 12:53:30 +0000
Subject: [PATCH 332/475] fix(db:migrate): fix migration user 'confirmed'
 column migration

This change fixes the migration on the `user` table, `confirmed` column to be compatible with PostgreSQL and MySQL databases.

Fixes #635 which introduced a breaking change for MySQL databases and resolves #1446.

```
Tested on:
- PostgreSQL:14 - WORKING
- PostgreSQL:15 - WORKING
- MariaDB:10.11 - WORKING
- MariaDB:10.10 - WORKING
- MariaDB:10.9  - WORKING
- MariaDB:10.8  - WORKING
- MariaDB:10.7  - WORKING
- MariaDB:10.6  - WORKING
- MariaDB:10.5  - WORKING
- MariaDB:10.3  - WORKING
```
---
 migrations/versions/3f76448bb6de_add_user_confirmed_column.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/migrations/versions/3f76448bb6de_add_user_confirmed_column.py b/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
index 490aebec3..6dcf16af4 100644
--- a/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
+++ b/migrations/versions/3f76448bb6de_add_user_confirmed_column.py
@@ -23,7 +23,7 @@ def upgrade():
     with op.batch_alter_table('user') as batch_op:
         user = sa.sql.table('user', sa.sql.column('confirmed'))
         batch_op.execute(user.update().values(confirmed=False))
-        batch_op.alter_column('confirmed', nullable=False)
+        batch_op.alter_column('confirmed', nullable=False, existing_type=sa.Boolean(), existing_nullable=True, existing_server_default=False)
 
 
 def downgrade():

From 24f94abc327476c306e27984bba11b315d2dff46 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 14 Mar 2023 23:11:44 +0000
Subject: [PATCH 333/475] fix(auth:basic): improved API basic auth handling to
 avoid exceptions

Currently passing an invalid Basic auth header (random string base64 encoded) would result in an
exception being raised due to a `username, password = auth_header.split()`.

I refactored the code in this decorator by checking explicitly that we are doing basic authentication
then by checking the number of entries returned by the split.

I also added exception handling for invalid UTF-8 code sequences.

Tested with a fuzzer.

Tested with valid and invalid credentials.

This fixes #1447.
---
 powerdnsadmin/decorators.py | 87 +++++++++++++++++++++----------------
 1 file changed, 50 insertions(+), 37 deletions(-)

diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index 50e4a3f5a..7be69f36e 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -133,48 +133,61 @@ def api_basic_auth(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         auth_header = request.headers.get('Authorization')
-        if auth_header:
-            auth_header = auth_header.replace('Basic ', '', 1)
 
-            try:
-                auth_header = str(base64.b64decode(auth_header), 'utf-8')
-                username, password = auth_header.split(":")
-            except binascii.Error as e:
-                current_app.logger.error(
-                    'Invalid base64-encoded of credential. Error {0}'.format(
-                        e))
-                abort(401)
-            except TypeError as e:
-                current_app.logger.error('Error: {0}'.format(e))
+        if not auth_header:
+            current_app.logger.error('Error: Authorization header missing!')
+            abort(401)
+
+        if auth_header[:6] != "Basic ":
+            current_app.logger.error('Error: Unsupported authorization mechanism!')
+            abort(401)
+
+        # Remove "Basic " from the header value
+        auth_header = auth_header[6:]
+
+        try:
+            auth_header = str(base64.b64decode(auth_header), 'utf-8')
+            # NK: We use auth_components here as we don't know if we'll have a :, we split it maximum 1 times to grab the
+            #     username, the rest of the string would be the password.
+            auth_components = auth_header.split(':', maxsplit=1)
+        except (binascii.Error, UnicodeDecodeError) as e:
+            current_app.logger.error(
+                'Invalid base64-encoded of credential. Error {0}'.format(
+                    e))
+            abort(401)
+        except TypeError as e:
+            current_app.logger.error('Error: {0}'.format(e))
+            abort(401)
+
+        # If we don't have two auth components (username, password), we can abort
+        if len(auth_components) != 2:
+            abort(401)
+
+        (username, password) = auth_components
+
+        user = User(username=username,
+                    password=password,
+                    plain_text_password=password)
+
+        try:
+            if Setting().get('verify_user_email') and user.email and not user.confirmed:
+                current_app.logger.warning(
+                    'Basic authentication failed for user {} because of unverified email address'
+                    .format(username))
                 abort(401)
 
-            user = User(username=username,
-                        password=password,
-                        plain_text_password=password)
+            auth_method = request.args.get('auth_method', 'LOCAL')
+            auth_method = 'LDAP' if auth_method != 'LOCAL' else 'LOCAL'
+            auth = user.is_validate(method=auth_method, src_ip=request.remote_addr)
 
-            try:
-                if Setting().get('verify_user_email') and user.email and not user.confirmed:
-                    current_app.logger.warning(
-                        'Basic authentication failed for user {} because of unverified email address'
-                        .format(username))
-                    abort(401)
-
-                auth_method = request.args.get('auth_method', 'LOCAL')
-                auth_method = 'LDAP' if auth_method != 'LOCAL' else 'LOCAL'
-                auth = user.is_validate(method=auth_method,
-                                        src_ip=request.remote_addr)
-
-                if not auth:
-                    current_app.logger.error('Checking user password failed')
-                    abort(401)
-                else:
-                    user = User.query.filter(User.username == username).first()
-                    current_user = user  # lgtm [py/unused-local-variable]
-            except Exception as e:
-                current_app.logger.error('Error: {0}'.format(e))
+            if not auth:
+                current_app.logger.error('Checking user password failed')
                 abort(401)
-        else:
-            current_app.logger.error('Error: Authorization header missing!')
+            else:
+                user = User.query.filter(User.username == username).first()
+                current_user = user  # lgtm [py/unused-local-variable]
+        except Exception as e:
+            current_app.logger.error('Error: {0}'.format(e))
             abort(401)
 
         return f(*args, **kwargs)

From 17e3a8f942d5b30ba7ae2a2b36e42b108202bd8f Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 14 Mar 2023 23:48:25 +0000
Subject: [PATCH 334/475] fix(auth:basic): Basic auth exception handling
 improvement

Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a username, password = auth_header.split().

Similary passing a `Digest` authentication type would result in an exception as there is no :.

Thirdly passing invalid base64 encoded UTF-8 code sequences would result in exceptions as this issue (#1424).

I added code to check explicitly that we are doing basic authentication then by checking the number of entries returned by the split.

I also added exception handling for invalid UTF-8 code sequence exceptions.

Tested with a fuzzer.

Tested with valid and invalid credentials.

This fixes #1424.
---
 powerdnsadmin/routes/base.py | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/routes/base.py b/powerdnsadmin/routes/base.py
index 7af342ce3..f805c9070 100644
--- a/powerdnsadmin/routes/base.py
+++ b/powerdnsadmin/routes/base.py
@@ -60,15 +60,31 @@ def login_via_authorization_header_or_remote_user(request):
     # Try to login using Basic Authentication
     auth_header = request.headers.get('Authorization')
     if auth_header:
+
+        if auth_header[:6] != "Basic ":
+            return None
+
         auth_method = request.args.get('auth_method', 'LOCAL')
         auth_method = 'LDAP' if auth_method != 'LOCAL' else 'LOCAL'
-        auth_header = auth_header.replace('Basic ', '', 1)
+
+        # Remove "Basic " from the header value
+        auth_header = auth_header[6:]
+
         try:
             auth_header = str(base64.b64decode(auth_header), 'utf-8')
-            username, password = auth_header.split(":")
-        except TypeError as e:
+        except (UnicodeDecodeError, TypeError) as e:
             return None
 
+        # NK: We use auth_components here as we don't know if we'll have a :, we split it maximum 1 times to grab the
+        #     username, the rest of the string would be the password.
+        auth_components = auth_header.split(':', maxsplit=1)
+
+        # If we don't have two auth components (username, password), we can return
+        if len(auth_components) != 2:
+            return None
+
+        (username, password) = auth_components
+
         user = User(username=username,
                     password=password,
                     plain_text_password=password)

From 34902f6cf9f4235a9da6314b0705d23e40b24858 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 12 Mar 2023 20:40:19 +0100
Subject: [PATCH 335/475] Change domain(s) to zone(s) in the templates

---
 .../templates/admin_edit_account.html          | 14 +++++++-------
 powerdnsadmin/templates/admin_edit_key.html    | 18 +++++++++---------
 powerdnsadmin/templates/admin_edit_user.html   |  4 ++--
 .../templates/admin_global_search.html         |  2 +-
 powerdnsadmin/templates/admin_history.html     |  8 ++++----
 .../templates/admin_manage_account.html        |  2 +-
 powerdnsadmin/templates/admin_manage_keys.html |  2 +-
 powerdnsadmin/templates/admin_manage_user.html |  2 +-
 .../admin_setting_authentication.html          |  4 ++--
 powerdnsadmin/templates/dashboard.html         |  2 +-
 powerdnsadmin/templates/domain_add.html        |  6 +++---
 powerdnsadmin/templates/domain_changelog.html  |  6 +++---
 powerdnsadmin/templates/domain_remove.html     |  4 ++--
 powerdnsadmin/templates/domain_setting.html    | 18 +++++++++---------
 14 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index 4894df8bb..ca08ab77b 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -96,7 +96,7 @@ <h3 class="card-title">Access Control</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body">
-                                <p>Users on the right have access to manage records in all domains
+                                <p>Users on the right have access to manage records in all zones
                                     associated with the account.
                                 </p>
                                 <p>Click on users to move between columns.</p>
@@ -113,12 +113,12 @@ <h3 class="card-title">Access Control</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-body">
-                                <p>Domains on the right are associated with the account. Red marked domain names are
+                                <p>Zones on the right are associated with the account. Red marked zone names are
                                     already associated with other accounts.
-                                    Moving already associated domains to this account will overwrite the previous
+                                    Moving already associated zones to this account will overwrite the previous
                                     associated account.
                                 </p>
-                                <p>Hover over the red domain names to show the associated account. Click on domains to
+                                <p>Hover over the red zone names to show the associated account. Click on zones to
                                     move between columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="account_domains"
@@ -168,12 +168,12 @@ <h3 class="card-title">Account Editor Help</h3>
                         <!-- /.card-header -->
                         <div class="card-body">
                             <p>
-                                An account allows grouping of domains belonging to a particular entity, such as a
+                                An account allows grouping of zones belonging to a particular entity, such as a
                                 customer or
                                 department.
                             </p>
                             <p>
-                                A domain can be assigned to an account upon domain creation or through the domain
+                                A zone can be assigned to an account upon zone creation or through the zone
                                 administration
                                 page.
                             </p>
@@ -242,6 +242,6 @@ <h3 class="card-title">Account Editor Help</h3>
         }
 
         addMultiSelect("#account_multi_user", "Username")
-        addMultiSelect("#account_domains", "Domain")
+        addMultiSelect("#account_domains", "Zone")
     </script>
 {% endblock %}
diff --git a/powerdnsadmin/templates/admin_edit_key.html b/powerdnsadmin/templates/admin_edit_key.html
index c7eeec97c..811854968 100644
--- a/powerdnsadmin/templates/admin_edit_key.html
+++ b/powerdnsadmin/templates/admin_edit_key.html
@@ -72,7 +72,7 @@ <h3 class="card-title">Accounts Access Control</h3>
                             <!-- /.card-header -->
                             <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
                                 <p>This key will be linked to the accounts on the right,</p>
-                                <p>thus granting access to domains owned by the selected accounts.</p>
+                                <p>thus granting access to zones owned by the selected accounts.</p>
                                 <p>Click on accounts to move between the columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="key_multi_account"
@@ -87,12 +87,12 @@ <h3 class="card-title">Accounts Access Control</h3>
                             </div>
                             <!-- /.card-body -->
                             <div class="card-header key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                                <h3 class="card-title">Domain Access Control</h3>
+                                <h3 class="card-title">Zone Access Control</h3>
                             </div>
                             <!-- /.card-header -->
                             <div class="card-body key-opts"{% if hide_opts %} style="display: none;"{% endif %}>
-                                <p>This key will have access to the domains on the right.</p>
-                                <p>Click on domains to move between the columns.</p>
+                                <p>This key will have access to the zones on the right.</p>
+                                <p>Click on zones to move between the columns.</p>
                                 <div class="form-group col-2">
                                     <select multiple="multiple" class="form-control" id="key_multi_domain"
                                             name="key_multi_domain">
@@ -131,7 +131,7 @@ <h3 class="card-title">API Key Editor Help</h3>
                             <p>Fill in all the fields in the form to the left.</p>
                             <p><strong>Role</strong> The role of the key.</p>
                             <p><strong>Description</strong> The key description.</p>
-                            <p><strong>Access Control</strong> The domains or accounts which the key has access to.</p>
+                            <p><strong>Access Control</strong> The zones or accounts which the key has access to.</p>
                         </div>
                         <!-- /.card-body -->
                     </div>
@@ -154,13 +154,13 @@ <h3 class="card-title">API Key Editor Help</h3>
             var warn_modal = $("#modal_warning");
 
             if (selectedRole != "User" && selectedDomains > 0 && selectedAccounts > 0) {
-                var warning = "Administrator and Operators have access to all domains. Your domain an account selection won't be saved.";
+                var warning = "Administrator and Operators have access to all zones. Your zone an account selection won't be saved.";
                 e.preventDefault(e);
                 warn_modal.modal('show');
             }
 
             if (selectedRole == "User" && selectedDomains == 0 && selectedAccounts == 0) {
-                var warning = "User role must have at least one account or one domain bound. None selected.";
+                var warning = "User role must have at least one account or one zone bound. None selected.";
                 e.preventDefault(e);
                 warn_modal.modal('show');
             }
@@ -203,8 +203,8 @@ <h3 class="card-title">API Key Editor Help</h3>
             }
         });
         $("#key_multi_domain").multiSelect({
-            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
-            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Domain Name'>",
+            selectableHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Zone Name'>",
+            selectionHeader: "<input type='text' class='search-input' autocomplete='off' placeholder='Zone Name'>",
             afterInit: function (ms) {
                 var that = this,
                     $selectableSearch = that.$selectableUl.prev(),
diff --git a/powerdnsadmin/templates/admin_edit_user.html b/powerdnsadmin/templates/admin_edit_user.html
index 20e6af605..7a93e5d77 100644
--- a/powerdnsadmin/templates/admin_edit_user.html
+++ b/powerdnsadmin/templates/admin_edit_user.html
@@ -135,9 +135,9 @@ <h3 class="card-title">User Editor Help</h3>
                         <div class="card-body">
                             <p>Fill in all the fields to the in the form to the left.</p>
                             {% if create %}
-                                <p><strong>Newly created users do not have access to any domains.</strong> You will need
+                                <p><strong>Newly created users do not have access to any zones.</strong> You will need
                                     to grant
-                                    access to the user once it is created via the domain management buttons on the
+                                    access to the user once it is created via the zone management buttons on the
                                     dashboard.
                                 </p>
                             {% else %}
diff --git a/powerdnsadmin/templates/admin_global_search.html b/powerdnsadmin/templates/admin_global_search.html
index 9ec28d176..fecb5e9fc 100644
--- a/powerdnsadmin/templates/admin_global_search.html
+++ b/powerdnsadmin/templates/admin_global_search.html
@@ -38,7 +38,7 @@ <h3 class="card-title">Search Form</h3>
                             <!-- /.card-header -->
                             <div class="card-body">
                                 <div class="callout callout-info">
-                                    <p>This tool can be used to search for domains, records, and comments via the PDNS
+                                    <p>This tool can be used to search for zones, records, and comments via the PDNS
                                         API.</p>
                                 </div>
                                 <!-- /.callout -->
diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 81f6e5a98..51009a28e 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -49,7 +49,7 @@ <h3 class="card-title">Activity Search</h3>
                                     </li>
                                     <li class="nav-item">
                                         <a class="nav-link" href="#tabs-domain" data-toggle="pill" role="tab">
-                                            Search By Domain
+                                            Search By Zone
                                         </a>
                                     </li>
                                     <li class="nav-item">
@@ -71,13 +71,13 @@ <h3 class="card-title">Activity Search</h3>
                                     </div>
                                     <div class="tab-pane" id="tabs-domain">
                                         <td>
-                                            <label>Domain Name</label>
+                                            <label>Zone Name</label>
                                         </td>
                                         <td>
                                             <div class="autocomplete" style="width:250px;">
                                                 <input type="text" class="form-control" id="domain_name_filter"
                                                        name="domain_name_filter"
-                                                       placeholder="Enter * to search for any domain" value="">
+                                                       placeholder="Enter * to search for any zone" value="">
                                             </div>
                                         </td>
                                         <td>
@@ -447,7 +447,7 @@ <h3 class="card-title">Activity Search</h3>
             $('#auth_name_filter').val('');
             $('#user_name_filter').removeAttr('disabled');
             canSearch = false;
-            main_field = "Domain Name"
+            main_field = "Zone Name"
         });
 
         $('#account_tab').click(function () {
diff --git a/powerdnsadmin/templates/admin_manage_account.html b/powerdnsadmin/templates/admin_manage_account.html
index fe2c5bb68..aa3f1ae81 100644
--- a/powerdnsadmin/templates/admin_manage_account.html
+++ b/powerdnsadmin/templates/admin_manage_account.html
@@ -48,7 +48,7 @@ <h3 class="card-title">Accounts</h3>
                                     <th>Contact</th>
                                     <th>Mail</th>
                                     <th>Member</th>
-                                    <th>Domain</th>
+                                    <th>Zone(s)</th>
                                     <th>Action</th>
                                 </tr>
                                 </thead>
diff --git a/powerdnsadmin/templates/admin_manage_keys.html b/powerdnsadmin/templates/admin_manage_keys.html
index 8d79e10c9..96ee73bb2 100644
--- a/powerdnsadmin/templates/admin_manage_keys.html
+++ b/powerdnsadmin/templates/admin_manage_keys.html
@@ -43,7 +43,7 @@ <h3 class="card-title">API Keys</h3>
                             <th>Id</th>
                             <th>Role</th>
                             <th>Description</th>
-                            <th>Domains</th>
+                            <th>Zones</th>
                             <th>Accounts</th>
                             <th>Actions</th>
                         </tr>
diff --git a/powerdnsadmin/templates/admin_manage_user.html b/powerdnsadmin/templates/admin_manage_user.html
index 8d1ace8e6..81fb26c1e 100644
--- a/powerdnsadmin/templates/admin_manage_user.html
+++ b/powerdnsadmin/templates/admin_manage_user.html
@@ -143,7 +143,7 @@ <h3 class="card-title">Users</h3>
             var modal = $("#modal_revoke");
             var username = $(this).prop('id');
             var info = "Are you sure you want to revoke all privileges for user " + username +
-                "? They will not able to access any domain.";
+                "? They will not able to access any zone.";
             modal.find('.modal-body p').text(info);
             modal.find('#button_revoke_confirm').click(function () {
                 var postdata = {
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 7675797eb..6196aa8b8 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -564,7 +564,7 @@ <h3 class="card-title">Settings Help</h3>
                                                                         have no valid "powerdns-admin" records to their
                                                                         autoprovisioning field, will lose all their
                                                                         associations
-                                                                        with any domain or account, also reverting to a
+                                                                        with any zone or account, also reverting to a
                                                                         User in
                                                                         the process, despite their current role in the
                                                                         local db.<br>
@@ -1585,7 +1585,7 @@ <h3 class="card-title">Settings Help</h3>
                 document.getElementById('purge_on').checked = false;
                 document.getElementById('purge_off').checked = true;
                 var modal = $("#modal_confirm");
-                var info = "Are you sure you want to do this? Users will lose their associated domains unless they already have their autoprovisioning field prepopulated.";
+                var info = "Are you sure you want to do this? Users will lose their associated zones unless they already have their autoprovisioning field prepopulated.";
                 modal.find('.modal-body p').text(info);
                 modal.find('#button_confirm').click(function () {
                     document.getElementById('purge_on').checked = true;
diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 1dde5af06..83d71d327 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -269,7 +269,7 @@ <h4 class="modal-title">DNSSEC</h4>
         <div class="modal-dialog">
             <div class="modal-content">
                 <div class="modal-header">
-                    <h4 class="modal-title">Sync Domains from backend</h4>
+                    <h4 class="modal-title">Sync Zones from backend</h4>
                     <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                         <span aria-hidden="true">&times;</span>
                     </button>
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index cb76be1da..c56821002 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -162,7 +162,7 @@ <h3 class="card-title">Zone Editor Help</h3>
                                 <dt>Account</dt>
                                 <dd>Specifies the PowerDNS account value to use for the zone.</dd>
                                 <dt>Zone Type</dt>
-                                <dd>The type decides how the domain will be replicated across multiple DNS servers.
+                                <dd>The type decides how the zone will be replicated across multiple DNS servers.
                                     <ul>
                                         <li>
                                             <strong>Native</strong> - The server will not perform any Primary or Secondary
@@ -186,7 +186,7 @@ <h3 class="card-title">Zone Editor Help</h3>
                                 <dt>SOA-EDIT-API</dt>
                                 <dd>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a
                                     change is
-                                    made to the domain.
+                                    made to the zone.
                                     <ul>
                                         <li>
                                             <strong>DEFAULT</strong> - Generate a soa serial of YYYYMMDD01. If the current serial
@@ -273,4 +273,4 @@ <h4 class="modal-title">
             </div>
         </div>
     </div>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 6fdea69bb..4cdd2be75 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -15,7 +15,7 @@ <h1 class="m-0 text-dark">
           {% if record_name and record_type %}
           Record changelog: <b>{{ record_name}} &nbsp {{ record_type }}</b>
           {% else %}
-          Domain changelog: <b>{{ domain.name | pretty_domain_name }}</b>
+          Zone changelog: <b>{{ domain.name | pretty_domain_name }}</b>
           {% endif %}
         </h1>
       </div>
@@ -41,7 +41,7 @@ <h1 class="m-0 text-dark">
           <div class="card-body">
             <button type="button" class="btn btn-primary float-left button_show_records" id="{{ domain.name }}">
               <i class="fa-solid fa-arrow-left"></i>          
-              &nbsp;Manage Domain {{ domain.name }}
+              &nbsp;Manage Zone {{ domain.name }}
             </button>
           </div>
           <div class="card-body">
@@ -125,4 +125,4 @@ <h1 class="m-0 text-dark">
     }
 
 </script>
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/powerdnsadmin/templates/domain_remove.html b/powerdnsadmin/templates/domain_remove.html
index 75c3e26e7..7ea6e88e0 100644
--- a/powerdnsadmin/templates/domain_remove.html
+++ b/powerdnsadmin/templates/domain_remove.html
@@ -37,7 +37,7 @@ <h3 class="card-title">Zone Selector</h3>
                                 <div class="form-group">
                                     <label for="domainid">Zone</label>
                                     <select id=domainid class="form-control" style="width:15em;">
-                                        <option value="0">- Select Domain -</option>
+                                        <option value="0">- Select Zone -</option>
                                         {% for domain in domainss %}
                                             <option value="{{ domain.id }}">{{ domain.name }}</option>
                                         {% endfor %}
@@ -83,7 +83,7 @@ <h3 class="card-title">Zone Selector Help</h3>
         $(document.body).on("click", ".button_delete", function (e) {
             e.stopPropagation();
             if ($("#domainid").val() == 0) {
-                showErrorModal("Please select domain to remove.");
+                showErrorModal("Please select zone to remove.");
                 return;
             }
 
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index 45423ef2a..bc9470e39 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -148,11 +148,11 @@ <h3 class="card-title">Zone Access Control</h3>
                                 <div class="row">
                                     <div class="col-12">
                                         <p>Users on the right have access to manage the records in
-                                            the {{ domain.name | pretty_domain_name }} domain.</p>
+                                            the {{ domain.name | pretty_domain_name }} zone.</p>
                                         <p>Click on users to move from between columns.</p>
                                         <p>
                                             Users in <font style="color: red;">red</font> are Administrators
-                                            and already have access to <b>ALL</b> domains.
+                                            and already have access to <b>ALL</b> zones.
                                         </p>
                                     </div>
                                 </div>
@@ -197,7 +197,7 @@ <h3 class="card-title">Change Zone Type</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
-                            <p>The type decides how the domain will be replicated across multiple DNS servers.</p>
+                            <p>The type decides how the zone will be replicated across multiple DNS servers.</p>
                             <ul>
                                 <li>
                                     Native - PowerDNS will not perform any replication. Use this if you only have one
@@ -214,7 +214,7 @@ <h3 class="card-title">Change Zone Type</h3>
                                     zone transfers (AXFRs) from other servers configured as primaries.
                                 </li>
                             </ul>
-                            <b>New Domain Type Setting:</b>
+                            <b>New Zone Type Setting:</b>
                             <form method="post" action="{{ url_for('domain.change_type', domain_name=domain.name) }}">
                                 <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                 <select name="domain_type" class="form-control" style="width:15em;">
@@ -251,7 +251,7 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                         <div class="card-body">
                             <p>The SOA-EDIT-API setting defines how the SOA serial number will be updated after a change
                                 is made
-                                to the domain.</p>
+                                to the zone.</p>
                             <ul>
                                 <li>
                                     DEFAULT - Generate a soa serial of YYYYMMDD01. If the current serial is lower than
@@ -303,9 +303,9 @@ <h3 class="card-title">Remove Zone</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
-                            <p>This function is used to remove a domain from PowerDNS-Admin <b>AND</b> PowerDNS. All
+                            <p>This function is used to remove a zone from PowerDNS-Admin <b>AND</b> PowerDNS. All
                                 records and
-                                user privileges associated with this domain will also be removed. This change cannot be
+                                user privileges associated with this zone will also be removed. This change cannot be
                                 reverted.</p>
                             <button type="button" title="Delete Zone" class="btn btn-danger float-left delete_domain"
                                     id="{{ domain.name }}">
@@ -402,7 +402,7 @@ <h3 class="card-title">Remove Zone</h3>
             applyChanges(postdata, $SCRIPT_ROOT + '/domain/' + domain + '/manage-setting', true);
         });
 
-        // handle deletion of domain
+        // handle deletion of zone
         $(document.body).on('click', '.delete_domain', function () {
             var modal = $("#modal_delete_domain");
             var domain = $(this).prop('id');
@@ -419,7 +419,7 @@ <h3 class="card-title">Remove Zone</h3>
             modal.modal('show');
         });
 
-        // domain primary address input handeling
+        // zone primary address input handeling
         $("select[name=domain_type]").change(function () {
             var type = $(this).val();
             if (type == "secondary") {

From a2d1179fd23d0bee1b5771102d0ab34599fbbddb Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 12 Mar 2023 20:41:10 +0100
Subject: [PATCH 336/475] Change domain(s) to zone(s) in the python code and
 docs

---
 docs/wiki/README.md                           |   2 +-
 ...ory-Authentication-using-Group-Security.md |   2 +-
 powerdnsadmin/decorators.py                   |   8 +-
 powerdnsadmin/lib/errors.py                   |  10 +-
 powerdnsadmin/lib/utils.py                    |   6 +-
 powerdnsadmin/models/domain.py                | 170 +++++++++---------
 powerdnsadmin/models/domain_template.py       |   8 +-
 .../models/domain_template_record.py          |   4 +-
 powerdnsadmin/models/record.py                |  28 +--
 powerdnsadmin/models/user.py                  |   4 +-
 powerdnsadmin/routes/admin.py                 |  56 +++---
 powerdnsadmin/routes/api.py                   |  56 +++---
 powerdnsadmin/routes/dashboard.py             |   6 +-
 powerdnsadmin/routes/domain.py                |  38 ++--
 update_zones.py                               |   2 +-
 15 files changed, 200 insertions(+), 200 deletions(-)

diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 7c5c7941e..36fd31229 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -38,7 +38,7 @@
 
 ## Using PowerDNS-Admin
 
-- Setting up a domain
+- Setting up a zone
 - Adding a record
 - <whatever else>
 
diff --git a/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md b/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
index 417bdc339..f6c032f56 100644
--- a/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
+++ b/docs/wiki/configuration/Configure-Active-Directory-Authentication-using-Group-Security.md
@@ -11,7 +11,7 @@ Active Directory Setup - Tested with Windows Server 2012
 5) Fill in the required info -
 
 * LDAP URI - ldap://ip.of.your.domain.controller:389
-* LDAP Base DN - dc=youdomain,dc=com
+* LDAP Base DN - dc=yourdomain,dc=com
 * Active Directory domain - yourdomain.com
 * Basic filter - (objectCategory=person)
   * the brackets here are **very important**
diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index 7be69f36e..c6905ba48 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -270,7 +270,7 @@ def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
                 'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
-            msg = "User {0} does not have enough privileges to create domain"
+            msg = "User {0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(current_user.username))
             raise NotEnoughPrivileges()
         
@@ -299,7 +299,7 @@ def decorated_function(*args, **kwargs):
         if g.apikey.role.name not in [
                 'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
-            msg = "ApiKey #{0} does not have enough privileges to create domain"
+            msg = "ApiKey #{0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(g.apikey.id))
             raise NotEnoughPrivileges()
 
@@ -329,7 +329,7 @@ def decorated_function(*args, **kwargs):
                 g.apikey.role.name not in ['Administrator', 'Operator'] and
                 not Setting().get('allow_user_remove_domain')
             ):
-                msg = "ApiKey #{0} does not have enough privileges to remove domain"
+                msg = "ApiKey #{0} does not have enough privileges to remove zone"
                 current_app.logger.error(msg.format(g.apikey.id))
                 raise NotEnoughPrivileges()
             return f(*args, **kwargs)
@@ -344,7 +344,7 @@ def apikey_is_admin(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if g.apikey.role.name != 'Administrator':
-            msg = "Apikey {0} does not have enough privileges to create domain"
+            msg = "Apikey {0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(g.apikey.id))
             raise NotEnoughPrivileges()
         return f(*args, **kwargs)
diff --git a/powerdnsadmin/lib/errors.py b/powerdnsadmin/lib/errors.py
index e1e07852e..75887241c 100644
--- a/powerdnsadmin/lib/errors.py
+++ b/powerdnsadmin/lib/errors.py
@@ -21,7 +21,7 @@ def to_dict(self):
 class DomainNotExists(StructuredException):
     status_code = 404
 
-    def __init__(self, name=None, message="Domain does not exist"):
+    def __init__(self, name=None, message="Zone does not exist"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -30,7 +30,7 @@ def __init__(self, name=None, message="Domain does not exist"):
 class DomainAlreadyExists(StructuredException):
     status_code = 409
 
-    def __init__(self, name=None, message="Domain already exists"):
+    def __init__(self, name=None, message="Zone already exists"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -39,7 +39,7 @@ def __init__(self, name=None, message="Domain already exists"):
 class DomainAccessForbidden(StructuredException):
     status_code = 403
 
-    def __init__(self, name=None, message="Domain access not allowed"):
+    def __init__(self, name=None, message="Zone access not allowed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -47,7 +47,7 @@ def __init__(self, name=None, message="Domain access not allowed"):
 class DomainOverrideForbidden(StructuredException):
     status_code = 409
 
-    def __init__(self, name=None, message="Domain override of record not allowed"):
+    def __init__(self, name=None, message="Zone override of record not allowed"):
         StructuredException.__init__(self)
         self.message = message
         self.name = name
@@ -67,7 +67,7 @@ class ApiKeyNotUsable(StructuredException):
     def __init__(
         self,
         name=None,
-        message=("Api key must have domains or accounts"
+        message=("Api key must have zones or accounts"
                  " or an administrative role")):
         StructuredException.__init__(self)
         self.message = message
diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py
index 3b666ef8f..f8cc997d3 100644
--- a/powerdnsadmin/lib/utils.py
+++ b/powerdnsadmin/lib/utils.py
@@ -229,7 +229,7 @@ def ensure_list(l):
 
 def pretty_domain_name(domain_name):
     # Add a debugging statement to print out the domain name
-    print("Received domain name:", domain_name)
+    print("Received zone name:", domain_name)
 
     # Check if the domain name is encoded using Punycode
     if domain_name.endswith('.xn--'):
@@ -238,9 +238,9 @@ def pretty_domain_name(domain_name):
             domain_name = idna.decode(domain_name)
         except Exception as e:
             # If the decoding fails, raise an exception with more information
-            raise Exception('Cannot decode IDN domain: {}'.format(e))
+            raise Exception('Cannot decode IDN zone: {}'.format(e))
 
-    # Return the "pretty" version of the domain name
+    # Return the "pretty" version of the zone name
     return domain_name
 
 
diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index 500ad7447..bfa04451f 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -68,13 +68,13 @@ def add_setting(self, setting, value):
             return True
         except Exception as e:
             current_app.logger.error(
-                'Can not create setting {0} for domain {1}. {2}'.format(
+                'Can not create setting {0} for zone {1}. {2}'.format(
                     setting, self.name, e))
             return False
 
     def get_domain_info(self, domain_name):
         """
-        Get all domains which has in PowerDNS
+        Get all zones which has in PowerDNS
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         jdata = utils.fetch_json(urljoin(
@@ -88,7 +88,7 @@ def get_domain_info(self, domain_name):
 
     def get_domains(self):
         """
-        Get all domains which has in PowerDNS
+        Get all zones which has in PowerDNS
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         jdata = utils.fetch_json(
@@ -108,17 +108,17 @@ def get_id_by_name(self, name):
             return domain.id
         except Exception as e:
             current_app.logger.error(
-                'Domain does not exist. ERROR: {0}'.format(e))
+                'Zone does not exist. ERROR: {0}'.format(e))
             return None
 
     def search_idn_domains(self, search_string):
         """
-        Search for IDN domains using the provided search string.
+        Search for IDN zones using the provided search string.
         """
-        # Compile the regular expression pattern for matching IDN domain names
+        # Compile the regular expression pattern for matching IDN zone names
         idn_pattern = re.compile(r'^xn--')
 
-        # Search for domain names that match the IDN pattern
+        # Search for zone names that match the IDN pattern
         idn_domains = [
             domain for domain in self.get_domains() if idn_pattern.match(domain)
         ]
@@ -129,12 +129,12 @@ def search_idn_domains(self, search_string):
 
     def update(self):
         """
-        Fetch zones (domains) from PowerDNS and update into DB
+        Fetch zones (zones) from PowerDNS and update into DB
         """
         db_domain = Domain.query.all()
         list_db_domain = [d.name for d in db_domain]
         dict_db_domain = dict((x.name, x) for x in db_domain)
-        current_app.logger.info("Found {} domains in PowerDNS-Admin".format(
+        current_app.logger.info("Found {} zones in PowerDNS-Admin".format(
             len(list_db_domain)))
         headers = {'X-API-Key': self.PDNS_API_KEY}
         try:
@@ -149,17 +149,17 @@ def update(self):
                 "Found {} zones in PowerDNS server".format(len(list_jdomain)))
 
             try:
-                # domains should remove from db since it doesn't exist in powerdns anymore
+                # zones should remove from db since it doesn't exist in powerdns anymore
                 should_removed_db_domain = list(
                     set(list_db_domain).difference(list_jdomain))
                 for domain_name in should_removed_db_domain:
                     self.delete_domain_from_pdnsadmin(domain_name, do_commit=False)
             except Exception as e:
                 current_app.logger.error(
-                    'Can not delete domain from DB. DETAIL: {0}'.format(e))
+                    'Can not delete zone from DB. DETAIL: {0}'.format(e))
                 current_app.logger.debug(traceback.format_exc())
 
-            # update/add new domain
+            # update/add new zone
             account_cache = {}
             for data in jdata:
                 if 'account' in data:
@@ -187,16 +187,16 @@ def update(self):
                     self.add_domain_to_powerdns_admin(domain=data, do_commit=False)
 
             db.session.commit()
-            current_app.logger.info('Update domain finished')
+            current_app.logger.info('Update zone finished')
             return {
                 'status': 'ok',
-                'msg': 'Domain table has been updated successfully'
+                'msg': 'Zone table has been updated successfully'
             }
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot update domain table. Error: {0}'.format(e))
-            return {'status': 'error', 'msg': 'Cannot update domain table'}
+                'Cannot update zone table. Error: {0}'.format(e))
+            return {'status': 'error', 'msg': 'Cannot update zone table'}
 
     def update_pdns_admin_domain(self, domain, account_id, data, do_commit=True):
         # existing domain, only update if something actually has changed
@@ -218,11 +218,11 @@ def update_pdns_admin_domain(self, domain, account_id, data, do_commit=True):
             try:
                 if do_commit:
                     db.session.commit()
-                current_app.logger.info("Updated PDNS-Admin domain {0}".format(
+                current_app.logger.info("Updated PDNS-Admin zone {0}".format(
                     domain.name))
             except Exception as e:
                 db.session.rollback()
-                current_app.logger.info("Rolled back Domain {0} {1}".format(
+                current_app.logger.info("Rolled back zone {0} {1}".format(
                     domain.name, e))
                 raise
 
@@ -234,7 +234,7 @@ def add(self,
             domain_master_ips=[],
             account_name=None):
         """
-        Add a domain to power dns
+        Add a zone to power dns
         """
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
@@ -269,23 +269,23 @@ def add(self,
             if 'error' in jdata.keys():
                 current_app.logger.error(jdata['error'])
                 if jdata.get('http_code') == 409:
-                    return {'status': 'error', 'msg': 'Domain already exists'}
+                    return {'status': 'error', 'msg': 'Zone already exists'}
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'Added domain successfully to PowerDNS: {0}'.format(
+                    'Added zone successfully to PowerDNS: {0}'.format(
                         domain_name))
                 self.add_domain_to_powerdns_admin(domain_dict=post_data)
-                return {'status': 'ok', 'msg': 'Added domain successfully'}
+                return {'status': 'ok', 'msg': 'Added zone successfully'}
         except Exception as e:
-            current_app.logger.error('Cannot add domain {0} {1}'.format(
+            current_app.logger.error('Cannot add zone {0} {1}'.format(
                 domain_name, e))
             current_app.logger.debug(traceback.format_exc())
-            return {'status': 'error', 'msg': 'Cannot add this domain.'}
+            return {'status': 'error', 'msg': 'Cannot add this zone.'}
 
     def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=True):
         """
-        Read Domain from PowerDNS and add into PDNS-Admin
+        Read zone from PowerDNS and add into PDNS-Admin
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         if not domain:
@@ -299,7 +299,7 @@ def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=
                     timeout=int(Setting().get('pdns_api_timeout')),
                     verify=Setting().get('verify_ssl_connections'))
             except Exception as e:
-                current_app.logger.error('Can not read domain from PDNS')
+                current_app.logger.error('Can not read zone from PDNS')
                 current_app.logger.error(e)
                 current_app.logger.debug(traceback.format_exc())
 
@@ -325,20 +325,20 @@ def add_domain_to_powerdns_admin(self, domain=None, domain_dict=None, do_commit=
             if do_commit:
                 db.session.commit()
             current_app.logger.info(
-                "Synced PowerDNS Domain to PDNS-Admin: {0}".format(d.name))
+                "Synced PowerDNS zone to PDNS-Admin: {0}".format(d.name))
             return {
                 'status': 'ok',
-                'msg': 'Added Domain successfully to PowerDNS-Admin'
+                'msg': 'Added zone successfully to PowerDNS-Admin'
             }
         except Exception as e:
             db.session.rollback()
-            current_app.logger.info("Rolled back Domain {0}".format(d.name))
+            current_app.logger.info("Rolled back zone {0}".format(d.name))
             raise
 
     def update_soa_setting(self, domain_name, soa_edit_api):
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': 'error', 'msg': 'Domain does not exist.'}
+            return {'status': 'error', 'msg': 'Zone does not exist.'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -365,7 +365,7 @@ def update_soa_setting(self, domain_name, soa_edit_api):
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'soa-edit-api changed for domain {0} successfully'.format(
+                    'soa-edit-api changed for zone {0} successfully'.format(
                         domain_name))
                 return {
                     'status': 'ok',
@@ -375,11 +375,11 @@ def update_soa_setting(self, domain_name, soa_edit_api):
             current_app.logger.debug(e)
             current_app.logger.debug(traceback.format_exc())
             current_app.logger.error(
-                'Cannot change soa-edit-api for domain {0}'.format(
+                'Cannot change soa-edit-api for zone {0}'.format(
                     domain_name))
             return {
                 'status': 'error',
-                'msg': 'Cannot change soa-edit-api for this domain.'
+                'msg': 'Cannot change soa-edit-api for this zone.'
             }
 
     def update_kind(self, domain_name, kind, masters=[]):
@@ -388,7 +388,7 @@ def update_kind(self, domain_name, kind, masters=[]):
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': 'error', 'msg': 'Domain does not exist.'}
+            return {'status': 'error', 'msg': 'Znoe does not exist.'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -409,26 +409,26 @@ def update_kind(self, domain_name, kind, masters=[]):
                 return {'status': 'error', 'msg': jdata['error']}
             else:
                 current_app.logger.info(
-                    'Update domain kind for {0} successfully'.format(
+                    'Update zone kind for {0} successfully'.format(
                         domain_name))
                 return {
                     'status': 'ok',
-                    'msg': 'Domain kind changed successfully'
+                    'msg': 'Zone kind changed successfully'
                 }
         except Exception as e:
             current_app.logger.error(
-                'Cannot update kind for domain {0}. Error: {1}'.format(
+                'Cannot update kind for zone {0}. Error: {1}'.format(
                     domain_name, e))
             current_app.logger.debug(traceback.format_exc())
 
             return {
                 'status': 'error',
-                'msg': 'Cannot update kind for this domain.'
+                'msg': 'Cannot update kind for this zone.'
             }
 
     def create_reverse_domain(self, domain_name, domain_reverse_name):
         """
-        Check the existing reverse lookup domain,
+        Check the existing reverse lookup zone,
         if not exists create a new one automatically
         """
         domain_obj = Domain.query.filter(Domain.name == domain_name).first()
@@ -448,7 +448,7 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
             result = self.add(domain_reverse_name, 'Master', 'DEFAULT', [], [])
             self.update()
             if result['status'] == 'ok':
-                history = History(msg='Add reverse lookup domain {0}'.format(
+                history = History(msg='Add reverse lookup zone {0}'.format(
                     domain_reverse_name),
                     detail=json.dumps({
                         'domain_type': 'Master',
@@ -459,7 +459,7 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
             else:
                 return {
                     'status': 'error',
-                    'msg': 'Adding reverse lookup domain failed'
+                    'msg': 'Adding reverse lookup zone failed'
                 }
             domain_user_ids = self.get_user()
             if len(domain_user_ids) > 0:
@@ -469,13 +469,13 @@ def create_reverse_domain(self, domain_name, domain_reverse_name):
                     'status':
                         'ok',
                     'msg':
-                        'New reverse lookup domain created with granted privileges'
+                        'New reverse lookup zone created with granted privileges'
                 }
             return {
                 'status': 'ok',
-                'msg': 'New reverse lookup domain created without users'
+                'msg': 'New reverse lookup zone created without users'
             }
-        return {'status': 'ok', 'msg': 'Reverse lookup domain already exists'}
+        return {'status': 'ok', 'msg': 'Reverse lookup zone already exists'}
 
     def get_reverse_domain_name(self, reverse_host_address):
         c = 1
@@ -504,22 +504,22 @@ def get_reverse_domain_name(self, reverse_host_address):
 
     def delete(self, domain_name):
         """
-        Delete a single domain name from powerdns
+        Delete a single zone name from powerdns
         """
         try:
             self.delete_domain_from_powerdns(domain_name)
             self.delete_domain_from_pdnsadmin(domain_name)
-            return {'status': 'ok', 'msg': 'Delete domain successfully'}
+            return {'status': 'ok', 'msg': 'Delete zone successfully'}
         except Exception as e:
             current_app.logger.error(
-                'Cannot delete domain {0}'.format(domain_name))
+                'Cannot delete zone {0}'.format(domain_name))
             current_app.logger.error(e)
             current_app.logger.debug(traceback.format_exc())
-            return {'status': 'error', 'msg': 'Cannot delete domain'}
+            return {'status': 'error', 'msg': 'Cannot delete zone'}
 
     def delete_domain_from_powerdns(self, domain_name):
         """
-        Delete a single domain name from powerdns
+        Delete a single zone name from powerdns
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
 
@@ -531,12 +531,12 @@ def delete_domain_from_powerdns(self, domain_name):
             method='DELETE',
             verify=Setting().get('verify_ssl_connections'))
         current_app.logger.info(
-            'Deleted domain successfully from PowerDNS: {0}'.format(
+            'Deleted zone successfully from PowerDNS: {0}'.format(
                 domain_name))
-        return {'status': 'ok', 'msg': 'Delete domain successfully'}
+        return {'status': 'ok', 'msg': 'Delete zone successfully'}
 
     def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
-        # Revoke permission before deleting domain
+        # Revoke permission before deleting zone
         domain = Domain.query.filter(Domain.name == domain_name).first()
         domain_user = DomainUser.query.filter(
             DomainUser.domain_id == domain.id)
@@ -548,7 +548,7 @@ def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
             domain_setting.delete()
         domain.apikeys[:] = []
 
-        # Remove history for domain
+        # Remove history for zone
         if not Setting().get('preserve_history'):
             domain_history = History.query.filter(
                 History.domain_id == domain.id
@@ -556,17 +556,17 @@ def delete_domain_from_pdnsadmin(self, domain_name, do_commit=True):
             if domain_history:
                 domain_history.delete()
 
-        # then remove domain
+        # then remove zone
         Domain.query.filter(Domain.name == domain_name).delete()
         if do_commit:
             db.session.commit()
         current_app.logger.info(
-            "Deleted domain successfully from pdnsADMIN: {}".format(
+            "Deleted zone successfully from pdnsADMIN: {}".format(
                 domain_name))
 
     def get_user(self):
         """
-        Get users (id) who have access to this domain name
+        Get users (id) who have access to this zone name
         """
         user_ids = []
         query = db.session.query(
@@ -596,7 +596,7 @@ def grant_privileges(self, new_user_ids):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot revoke user privileges on domain {0}. DETAIL: {1}'.
+                'Cannot revoke user privileges on zone {0}. DETAIL: {1}'.
                     format(self.name, e))
             current_app.logger.debug(print(traceback.format_exc()))
 
@@ -608,7 +608,7 @@ def grant_privileges(self, new_user_ids):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot grant user privileges to domain {0}. DETAIL: {1}'.
+                'Cannot grant user privileges to zone {0}. DETAIL: {1}'.
                     format(self.name, e))
             current_app.logger.debug(print(traceback.format_exc()))
 
@@ -625,7 +625,7 @@ def revoke_privileges_by_id(self, user_id):
 
     def add_user(self, user):
         """
-        Add a single user to Domain by User
+        Add a single user to zone by User
         """
         try:
             du = DomainUser(self.id, user.id)
@@ -635,7 +635,7 @@ def add_user(self, user):
         except Exception as e:
             db.session.rollback()
             current_app.logger.error(
-                'Cannot add user privileges on domain {0}. DETAIL: {1}'.
+                'Cannot add user privileges on zone {0}. DETAIL: {1}'.
                 format(self.name, e))
             return False
 
@@ -667,11 +667,11 @@ def update_from_master(self, domain_name):
                         'There was something wrong, please contact administrator'
                 }
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def get_domain_dnssec(self, domain_name):
         """
-        Get domain DNSSEC information
+        Get zone DNSSEC information
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
@@ -689,13 +689,13 @@ def get_domain_dnssec(self, domain_name):
                 if 'error' in jdata:
                     return {
                         'status': 'error',
-                        'msg': 'DNSSEC is not enabled for this domain'
+                        'msg': 'DNSSEC is not enabled for this zone'
                     }
                 else:
                     return {'status': 'ok', 'dnssec': jdata}
             except Exception as e:
                 current_app.logger.error(
-                    'Cannot get domain dnssec. DETAIL: {0}'.format(e))
+                    'Cannot get zone dnssec. DETAIL: {0}'.format(e))
                 return {
                     'status':
                         'error',
@@ -703,11 +703,11 @@ def get_domain_dnssec(self, domain_name):
                         'There was something wrong, please contact administrator'
                 }
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def enable_domain_dnssec(self, domain_name):
         """
-        Enable domain DNSSEC
+        Enable zone DNSSEC
         """
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
@@ -728,7 +728,7 @@ def enable_domain_dnssec(self, domain_name):
                     return {
                         'status': 'error',
                         'msg':
-                            'API-RECTIFY could not be enabled for this domain',
+                            'API-RECTIFY could not be enabled for this zone',
                         'jdata': jdata
                     }
 
@@ -749,7 +749,7 @@ def enable_domain_dnssec(self, domain_name):
                         'status':
                             'error',
                         'msg':
-                            'Cannot enable DNSSEC for this domain. Error: {0}'.
+                            'Cannot enable DNSSEC for this zone. Error: {0}'.
                                 format(jdata['error']),
                         'jdata':
                             jdata
@@ -769,7 +769,7 @@ def enable_domain_dnssec(self, domain_name):
                 }
 
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def delete_dnssec_key(self, domain_name, key_id):
         """
@@ -794,13 +794,13 @@ def delete_dnssec_key(self, domain_name, key_id):
                         'status':
                             'error',
                         'msg':
-                            'Cannot disable DNSSEC for this domain. Error: {0}'.
+                            'Cannot disable DNSSEC for this zone. Error: {0}'.
                                 format(jdata['error']),
                         'jdata':
                             jdata
                     }
 
-                # Disable API-RECTIFY for domain, AFTER deactivating DNSSEC
+                # Disable API-RECTIFY for zone, AFTER deactivating DNSSEC
                 post_data = {"api_rectify": False}
                 jdata = utils.fetch_json(
                     urljoin(
@@ -815,7 +815,7 @@ def delete_dnssec_key(self, domain_name, key_id):
                     return {
                         'status': 'error',
                         'msg':
-                            'API-RECTIFY could not be disabled for this domain',
+                            'API-RECTIFY could not be disabled for this zone',
                         'jdata': jdata
                     }
 
@@ -834,22 +834,22 @@ def delete_dnssec_key(self, domain_name, key_id):
                 }
 
         else:
-            return {'status': 'error', 'msg': 'This domain does not exist'}
+            return {'status': 'error', 'msg': 'This zone does not exist'}
 
     def assoc_account(self, account_id, update=True):
         """
-        Associate domain with a domain, specified by account id
+        Associate account with a zone, specified by account id
         """
         domain_name = self.name
 
         # Sanity check - domain name
         if domain_name == "":
-            return {'status': False, 'msg': 'No domain name specified'}
+            return {'status': False, 'msg': 'No zone name specified'}
 
         # read domain and check that it exists
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if not domain:
-            return {'status': False, 'msg': 'Domain does not exist'}
+            return {'status': False, 'msg': 'Zone does not exist'}
 
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
 
@@ -875,9 +875,9 @@ def assoc_account(self, account_id, update=True):
             else:
                 if update:
                     self.update()
-                msg_str = 'Account changed for domain {0} successfully'
+                msg_str = 'Account changed for zone {0} successfully'
                 current_app.logger.info(msg_str.format(domain_name))
-                history = History(msg='Update domain {0} associate account {1}'.format(domain.name, 'none' if account_name == '' else account_name),
+                history = History(msg='Update zone {0} associate account {1}'.format(domain.name, 'none' if account_name == '' else account_name),
                               detail = json.dumps({
                                     'assoc_account': 'None' if account_name == '' else account_name,
                                     'dissoc_account': 'None' if account_name_old == '' else account_name_old
@@ -889,16 +889,16 @@ def assoc_account(self, account_id, update=True):
         except Exception as e:
             current_app.logger.debug(e)
             current_app.logger.debug(traceback.format_exc())
-            msg_str = 'Cannot change account for domain {0}'
+            msg_str = 'Cannot change account for zone {0}'
             current_app.logger.error(msg_str.format(domain_name))
             return {
                 'status': 'error',
-                'msg': 'Cannot change account for this domain.'
+                'msg': 'Cannot change account for this zone.'
             }
 
     def get_account(self):
         """
-        Get current account associated with this domain
+        Get current account associated with this zone
         """
         domain = Domain.query.filter(Domain.name == self.name).first()
 
@@ -907,7 +907,7 @@ def get_account(self):
     def is_valid_access(self, user_id):
         """
         Check if the user is allowed to access this
-        domain name
+        zone name
         """
         return db.session.query(Domain) \
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
@@ -919,8 +919,8 @@ def is_valid_access(self, user_id):
                 AccountUser.user_id == user_id
             )).filter(Domain.id == self.id).first()
 
-    # Return None if this domain does not exist as record, 
-    # Return the parent domain that hold the record if exist
+    # Return None if this zone does not exist as record, 
+    # Return the parent zone that hold the record if exist
     def is_overriding(self, domain_name):
         upper_domain_name = '.'.join(domain_name.split('.')[1:])
         while upper_domain_name != '':
@@ -929,7 +929,7 @@ def is_overriding(self, domain_name):
                     if 'rrsets' in upper_domain:
                         for r in upper_domain['rrsets']:
                             if domain_name.rstrip('.') in r['name'].rstrip('.'):
-                                current_app.logger.error('Domain already exists as a record: {} under domain: {}'.format(r['name'].rstrip('.'), upper_domain_name))
+                                current_app.logger.error('Zone already exists as a record: {} under zone: {}'.format(r['name'].rstrip('.'), upper_domain_name))
                                 return upper_domain_name
             upper_domain_name = '.'.join(upper_domain_name.split('.')[1:])
         return None
diff --git a/powerdnsadmin/models/domain_template.py b/powerdnsadmin/models/domain_template.py
index 1b3c6ffc7..70463ac49 100644
--- a/powerdnsadmin/models/domain_template.py
+++ b/powerdnsadmin/models/domain_template.py
@@ -45,11 +45,11 @@ def create(self):
             return {'status': 'ok', 'msg': 'Template has been created'}
         except Exception as e:
             current_app.logger.error(
-                'Can not update domain template table. Error: {0}'.format(e))
+                'Can not update zone template table. Error: {0}'.format(e))
             db.session.rollback()
             return {
                 'status': 'error',
-                'msg': 'Can not update domain template table'
+                'msg': 'Can not update zone template table'
             }
 
     def delete_template(self):
@@ -60,6 +60,6 @@ def delete_template(self):
             return {'status': 'ok', 'msg': 'Template has been deleted'}
         except Exception as e:
             current_app.logger.error(
-                'Can not delete domain template. Error: {0}'.format(e))
+                'Can not delete zone template. Error: {0}'.format(e))
             db.session.rollback()
-            return {'status': 'error', 'msg': 'Can not delete domain template'}
\ No newline at end of file
+            return {'status': 'error', 'msg': 'Can not delete zone template'}
diff --git a/powerdnsadmin/models/domain_template_record.py b/powerdnsadmin/models/domain_template_record.py
index bd86c6efb..465b07d4d 100644
--- a/powerdnsadmin/models/domain_template_record.py
+++ b/powerdnsadmin/models/domain_template_record.py
@@ -39,9 +39,9 @@ def apply(self):
             db.session.commit()
         except Exception as e:
             current_app.logger.error(
-                'Can not update domain template table. Error: {0}'.format(e))
+                'Can not update zone template table. Error: {0}'.format(e))
             db.session.rollback()
             return {
                 'status': 'error',
-                'msg': 'Can not update domain template table'
+                'msg': 'Can not update zone template table'
             }
diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index ae70a9e54..3b239b484 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -46,7 +46,7 @@ def __init__(self,
 
     def get_rrsets(self, domain):
         """
-        Query domain's rrsets via PDNS API
+        Query zone's rrsets via PDNS API
         """
         headers = {'X-API-Key': self.PDNS_API_KEY}
         try:
@@ -59,7 +59,7 @@ def get_rrsets(self, domain):
                                      verify=Setting().get('verify_ssl_connections'))
         except Exception as e:
             current_app.logger.error(
-                "Cannot fetch domain's record data from remote powerdns api. DETAIL: {0}"
+                "Cannot fetch zone's record data from remote powerdns api. DETAIL: {0}"
                 .format(e))
             return []
 
@@ -77,7 +77,7 @@ def get_rrsets(self, domain):
 
     def add(self, domain_name, rrset):
         """
-        Add a record to a domain (Used by auto_ptr and DynDNS)
+        Add a record to a zone (Used by auto_ptr and DynDNS)
 
         Args:
             domain_name(str): The zone name
@@ -115,7 +115,7 @@ def add(self, domain_name, rrset):
             return {'status': 'ok', 'msg': 'Record was added successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot add record to domain {}. Error: {}".format(
+                "Cannot add record to zone {}. Error: {}".format(
                     domain_name, e))
             current_app.logger.debug("Submitted record rrset: \n{}".format(
                 utils.pretty_json(rrset)))
@@ -172,7 +172,7 @@ def build_rrsets(self, domain_name, submitted_records):
             record['record_name'] = utils.to_idna(record["record_name"], "encode")
             #TODO: error handling
             # If the record is an alias (CNAME), we will also make sure that
-            # the target domain is properly converted to punycode (IDN)
+            # the target zone is properly converted to punycode (IDN)
             if record['record_type'] == 'CNAME' or record['record_type'] == 'SOA':
                 record['record_data'] = utils.to_idna(record['record_data'], 'encode')
                 #TODO: error handling
@@ -343,7 +343,7 @@ def delete_for_api(rrset):
 
     def apply(self, domain_name, submitted_records):
         """
-        Apply record changes to a domain. This function
+        Apply record changes to a zone. This function
         will make 1 call to the PDNS API to DELETE and
         REPLACE records (rrsets)
         """
@@ -377,7 +377,7 @@ def apply(self, domain_name, submitted_records):
             return {'status': 'ok', 'msg': 'Record was applied successfully', 'data': (new_rrsets, del_rrsets)}
         except Exception as e:
             current_app.logger.error(
-                "Cannot apply record changes to domain {0}. Error: {1}".format(
+                "Cannot apply record changes to zone {0}. Error: {1}".format(
                     domain_name, e))
             current_app.logger.debug(traceback.format_exc())
             return {
@@ -480,7 +480,7 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
                 }
             except Exception as e:
                 current_app.logger.error(
-                    "Cannot update auto-ptr record changes to domain {0}. Error: {1}"
+                    "Cannot update auto-ptr record changes to zone {0}. Error: {1}"
                     .format(domain_name, e))
                 current_app.logger.debug(traceback.format_exc())
                 return {
@@ -492,7 +492,7 @@ def auto_ptr(self, domain_name, new_rrsets, del_rrsets):
 
     def delete(self, domain):
         """
-        Delete a record from domain
+        Delete a record from zone
         """
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
         data = {
@@ -517,7 +517,7 @@ def delete(self, domain):
             return {'status': 'ok', 'msg': 'Record was removed successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot remove record {0}/{1}/{2} from domain {3}. DETAIL: {4}"
+                "Cannot remove record {0}/{1}/{2} from zone {3}. DETAIL: {4}"
                 .format(self.name, self.type, self.data, domain, e))
             return {
                 'status': 'error',
@@ -540,7 +540,7 @@ def is_allowed_delete(self):
 
     def exists(self, domain):
         """
-        Check if record is present within domain records, and if it's present set self to found record
+        Check if record is present within zone records, and if it's present set self to found record
         """
         rrsets = self.get_rrsets(domain)
         for r in rrsets:
@@ -588,7 +588,7 @@ def update(self, domain, content):
             return {'status': 'ok', 'msg': 'Record was updated successfully'}
         except Exception as e:
             current_app.logger.error(
-                "Cannot add record {0}/{1}/{2} to domain {3}. DETAIL: {4}".
+                "Cannot add record {0}/{1}/{2} to zone {3}. DETAIL: {4}".
                 format(self.name, self.type, self.data, domain, e))
             return {
                 'status': 'error',
@@ -614,11 +614,11 @@ def update_db_serial(self, domain):
             db.session.commit()
             return {
                 'status': True,
-                'msg': 'Synced local serial for domain name {0}'.format(domain)
+                'msg': 'Synced local serial for zone name {0}'.format(domain)
             }
         else:
             return {
                 'status': False,
                 'msg':
-                'Could not find domain name {0} in local db'.format(domain)
+                'Could not find zone name {0} in local db'.format(domain)
             }
diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 861676967..ae885de7f 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -527,7 +527,7 @@ def update_confirmed(self, confirmed):
 
     def get_domains(self):
         """
-        Get list of domains which the user is granted to have
+        Get list of zones which the user is granted to have
         access.
 
         Note: This doesn't include the permission granting from Account
@@ -680,7 +680,7 @@ def updateUser(self, Entitlements):
 
     def addMissingDomain(self, autoprovision_domain, current_domains):
         """
-        Add domain gathered by autoprovisioning to the current domains list of a user
+        Add domain gathered by autoprovisioning to the current zones list of a user
         """
         from ..models.domain import Domain
         user = db.session.query(User).filter(User.username == self.username).first()
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 43339778f..47551ee26 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -838,10 +838,10 @@ def __init__(self, history, change_set):
 
         detail_dict = json.loads(history.detail)
 
-        if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a domain creation
+        if 'domain_type' in detail_dict and 'account_id' in detail_dict:  # this is a zone creation
             self.detailed_msg = render_template_string("""
                     <table class="table table-bordered table-striped">
-                        <tr><td>Domain Type:</td><td>{{ domaintype }}</td></tr>
+                        <tr><td>Zone Type:</td><td>{{ domaintype }}</td></tr>
                         <tr><td>Account:</td><td>{{ account }}</td></tr>
                     </table>
                 """,
@@ -881,7 +881,7 @@ def __init__(self, history, change_set):
                                                        authenticator=detail_dict['authenticator'],
                                                        ip_address=detail_dict['ip_address'])
 
-        elif 'add_rrsets' in detail_dict:  # this is a domain record change
+        elif 'add_rrsets' in detail_dict:  # this is a zone record change
             # changes_set = []
             self.detailed_msg = ""
             # extract_changelogs_from_a_history_entry(changes_set, history, 0)
@@ -897,11 +897,11 @@ def __init__(self, history, change_set):
                                                        description=DetailedHistory.get_key_val(detail_dict,
                                                                                                "description"))
 
-        elif 'Change domain' in history.msg and 'access control' in history.msg:  # added or removed a user from a domain
+        elif 'Change zone' in history.msg and 'access control' in history.msg:  # added or removed a user from a zone
             users_with_access = DetailedHistory.get_key_val(detail_dict, "user_has_access")
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Users with access to this domain</td><td>{{ users_with_access }}</td></tr>
+                    <tr><td>Users with access to this zone</td><td>{{ users_with_access }}</td></tr>
                     <tr><td>Number of users:</td><td>{{ users_with_access | length }}</td><tr>
                 </table>
                 """,
@@ -913,7 +913,7 @@ def __init__(self, history, change_set):
                     <tr><td>Key: </td><td>{{ keyname }}</td></tr>
                     <tr><td>Role:</td><td>{{ rolename }}</td></tr>
                     <tr><td>Description:</td><td>{{ description }}</td></tr>
-                    <tr><td>Accessible domains with this API key:</td><td>{{ linked_domains }}</td></tr>
+                    <tr><td>Accessible zones with this API key:</td><td>{{ linked_domains }}</td></tr>
                     <tr><td>Accessible accounts with this API key:</td><td>{{ linked_accounts }}</td></tr>
                 </table>
                 """,
@@ -932,7 +932,7 @@ def __init__(self, history, change_set):
                     <tr><td>Key: </td><td>{{ keyname }}</td></tr>
                     <tr><td>Role:</td><td>{{ rolename }}</td></tr>
                     <tr><td>Description:</td><td>{{ description }}</td></tr>
-                    <tr><td>Accessible domains with this API key:</td><td>{{ linked_domains }}</td></tr>
+                    <tr><td>Accessible zones with this API key:</td><td>{{ linked_domains }}</td></tr>
                 </table>
                 """,
                                                        keyname=DetailedHistory.get_key_val(detail_dict, "key"),
@@ -942,11 +942,11 @@ def __init__(self, history, change_set):
                                                        linked_domains=DetailedHistory.get_key_val(detail_dict,
                                                                                                   "domains"))
 
-        elif 'Update type for domain' in history.msg:
+        elif 'Update type for zone' in history.msg:
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Domain: </td><td>{{ domain }}</td></tr>
-                    <tr><td>Domain type:</td><td>{{ domain_type }}</td></tr>
+                    <tr><td>Zone: </td><td>{{ domain }}</td></tr>
+                    <tr><td>Zone type:</td><td>{{ domain_type }}</td></tr>
                     <tr><td>Masters:</td><td>{{ masters }}</td></tr>
                 </table>
                 """,
@@ -957,8 +957,8 @@ def __init__(self, history, change_set):
         elif 'reverse' in history.msg:
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
-                    <tr><td>Domain Type: </td><td>{{ domain_type }}</td></tr>
-                    <tr><td>Domain Master IPs:</td><td>{{ domain_master_ips }}</td></tr>
+                    <tr><td>Zone Type: </td><td>{{ domain_type }}</td></tr>
+                    <tr><td>Zone Master IPs:</td><td>{{ domain_master_ips }}</td></tr>
                 </table>
                 """,
                                                        domain_type=DetailedHistory.get_key_val(detail_dict,
@@ -977,7 +977,7 @@ def __init__(self, history, change_set):
                                                                                                   'status'),
                                                        history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
 
-        elif 'Update domain' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with domains
+        elif 'Update zone' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
             self.detailed_msg = render_template_string('''
                 <table class="table table-bordered table-striped">
                     <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
@@ -1164,7 +1164,7 @@ def history_table():  # ajax call data
         else:
             # if the user isn't an administrator or operator,
             # allow_user_view_history must be enabled to get here,
-            # so include history for the domains for the user
+            # so include history for the zones for the user
             base_query = db.session.query(History) \
                 .join(Domain, History.domain_id == Domain.id) \
                 .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
@@ -1231,11 +1231,11 @@ def history_table():  # ajax call data
                     .filter(
                     db.and_(
                         db.or_(
-                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like(
-                                "%domain%"),
+                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like(
+                                "%zone%"),
                             History.msg.like(
-                                "%domain " + domain_name + " access control") if domain_name != "*" else History.msg.like(
-                                "%domain%access control")
+                                "%zone " + domain_name + " access control") if domain_name != "*" else History.msg.like(
+                                "%zone%access control")
                         ),
                         History.created_on <= max_date if max_date != None else True,
                         History.created_on >= min_date if min_date != None else True,
@@ -1247,8 +1247,8 @@ def history_table():  # ajax call data
                 histories = base_query \
                     .filter(
                     db.and_(
-                        History.msg.like("Apply record changes to domain " + domain_name) if domain_name != "*" \
-                            else History.msg.like("Apply record changes to domain%"),
+                        History.msg.like("Apply record changes to zone " + domain_name) if domain_name != "*" \
+                            else History.msg.like("Apply record changes to zone%"),
                         History.created_on <= max_date if max_date != None else True,
                         History.created_on >= min_date if min_date != None else True,
                         History.created_by == changed_by if changed_by != None else True
@@ -1830,7 +1830,7 @@ def create_template():
             t = DomainTemplate(name=name, description=description)
             result = t.create()
             if result['status'] == 'ok':
-                history = History(msg='Add domain template {0}'.format(name),
+                history = History(msg='Add zone template {0}'.format(name),
                                   detail=json.dumps({
                                       'name': name,
                                       'description': description
@@ -1843,7 +1843,7 @@ def create_template():
                 return redirect(url_for('admin.create_template'))
         except Exception as e:
             current_app.logger.error(
-                'Cannot create domain template. Error: {0}'.format(e))
+                'Cannot create zone template. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             abort(500)
 
@@ -1877,7 +1877,7 @@ def create_template_from_zone():
         t = DomainTemplate(name=name, description=description)
         result = t.create()
         if result['status'] == 'ok':
-            history = History(msg='Add domain template {0}'.format(name),
+            history = History(msg='Add zone template {0}'.format(name),
                               detail=json.dumps({
                                   'name': name,
                                   'description': description
@@ -1885,7 +1885,7 @@ def create_template_from_zone():
                               created_by=current_user.username)
             history.add()
 
-            # After creating the domain in Domain Template in the,
+            # After creating the zone in Zone Template in the,
             # local DB. We add records into it Record Template.
             records = []
             domain = Domain.query.filter(Domain.name == domain_name).first()
@@ -1914,7 +1914,7 @@ def create_template_from_zone():
                         'msg': result['msg']
                     }), 200)
             else:
-                # Revert the domain template (remove it)
+                # Revert the zone template (remove it)
                 # ff we cannot add records.
                 t.delete_template()
                 return make_response(
@@ -1971,7 +1971,7 @@ def edit_template(template):
                                    ttl_options=ttl_options)
     except Exception as e:
         current_app.logger.error(
-            'Cannot open domain template page. DETAIL: {0}'.format(e))
+            'Cannot open zone template page. DETAIL: {0}'.format(e))
         current_app.logger.debug(traceback.format_exc())
         abort(500)
     return redirect(url_for('admin.templates'))
@@ -2009,7 +2009,7 @@ def apply_records(template):
             jdata.pop('_csrf_token',
                       None)  # don't store csrf token in the history.
             history = History(
-                msg='Apply domain template record changes to domain template {0}'
+                msg='Apply zone template record changes to zone template {0}'
                 .format(template),
                 detail=json.dumps(jdata),
                 created_by=current_user.username)
@@ -2040,7 +2040,7 @@ def delete_template(template):
             result = t.delete_template()
             if result['status'] == 'ok':
                 history = History(
-                    msg='Deleted domain template {0}'.format(template),
+                    msg='Deleted zone template {0}'.format(template),
                     detail=json.dumps({'name': template}),
                     created_by=current_user.username)
                 history.add()
diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py
index e764f911c..9f72b4e0d 100644
--- a/powerdnsadmin/routes/api.py
+++ b/powerdnsadmin/routes/api.py
@@ -211,7 +211,7 @@ def api_login_create_zone():
                                   accept='application/json; q=1',
                                   verify=Setting().get('verify_ssl_connections'))
     except Exception as e:
-        current_app.logger.error("Cannot create domain. Error: {}".format(e))
+        current_app.logger.error("Cannot create zone. Error: {}".format(e))
         abort(500)
 
     if resp.status_code == 201:
@@ -222,7 +222,7 @@ def api_login_create_zone():
         domain.update()
         domain_id = domain.get_id_by_name(data['name'].rstrip('.'))
 
-        history = History(msg='Add domain {0}'.format(
+        history = History(msg='Add zone {0}'.format(
             data['name'].rstrip('.')),
             detail=json.dumps(data),
             created_by=current_user.username,
@@ -230,7 +230,7 @@ def api_login_create_zone():
         history.add()
 
         if current_user.role.name not in ['Administrator', 'Operator']:
-            current_app.logger.debug("User is ordinary user, assigning created domain")
+            current_app.logger.debug("User is ordinary user, assigning created zone")
             domain = Domain(name=data['name'].rstrip('.'))
             domain.update()
             domain.grant_privileges([current_user.id])
@@ -296,7 +296,7 @@ def api_login_delete_zone(domain_name):
             domain_id = domain.get_id_by_name(domain_name)
             domain.update()
 
-            history = History(msg='Delete domain {0}'.format(
+            history = History(msg='Delete zone {0}'.format(
                 utils.pretty_domain_name(domain_name)),
                 detail='',
                 created_by=current_user.username,
@@ -347,13 +347,13 @@ def api_generate_apikey():
         abort(400)
 
     if role_name == 'User' and len(domains) == 0 and len(accounts) == 0:
-        current_app.logger.error("Apikey with User role must have domains or accounts")
+        current_app.logger.error("Apikey with User role must have zones or accounts")
         raise ApiKeyNotUsable()
 
     if role_name == 'User' and len(domains) > 0:
         domain_obj_list = Domain.query.filter(Domain.name.in_(domains)).all()
         if len(domain_obj_list) == 0:
-            msg = "One of supplied domains does not exist"
+            msg = "One of supplied zones does not exist"
             current_app.logger.error(msg)
             raise DomainNotExists(message=msg)
 
@@ -383,13 +383,13 @@ def api_generate_apikey():
         domain_list = [item.name for item in domain_obj_list]
         user_domain_list = [item.name for item in user_domain_obj_list]
 
-        current_app.logger.debug("Input domain list: {0}".format(domain_list))
-        current_app.logger.debug("User domain list: {0}".format(user_domain_list))
+        current_app.logger.debug("Input zone list: {0}".format(domain_list))
+        current_app.logger.debug("User zone list: {0}".format(user_domain_list))
 
         inter = set(domain_list).intersection(set(user_domain_list))
 
         if not (len(inter) == len(domain_list)):
-            msg = "You don't have access to one of domains"
+            msg = "You don't have access to one of zones"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
@@ -417,7 +417,7 @@ def api_get_apikeys(domain_name):
 
     if current_user.role.name not in ['Administrator', 'Operator']:
         if domain_name:
-            msg = "Check if domain {0} exists and is allowed for user.".format(
+            msg = "Check if zone {0} exists and is allowed for user.".format(
                 domain_name)
             current_app.logger.debug(msg)
             apikeys = get_user_apikeys(domain_name)
@@ -427,7 +427,7 @@ def api_get_apikeys(domain_name):
 
             current_app.logger.debug(apikey_schema.dump(apikeys))
         else:
-            msg_str = "Getting all allowed domains for user {0}"
+            msg_str = "Getting all allowed zones for user {0}"
             msg = msg_str.format(current_user.username)
             current_app.logger.debug(msg)
 
@@ -438,7 +438,7 @@ def api_get_apikeys(domain_name):
                 current_app.logger.error('Error: {0}'.format(e))
                 abort(500)
     else:
-        current_app.logger.debug("Getting all domains for administrative user")
+        current_app.logger.debug("Getting all zones for administrative user")
         try:
             apikeys = ApiKey.query.all()
             current_app.logger.debug(apikey_schema.dump(apikeys))
@@ -488,7 +488,7 @@ def api_delete_apikey(apikey_id):
         inter = set(apikey_domains_list).intersection(set(user_domains_list))
 
         if not (len(inter) == len(apikey_domains_list)):
-            msg = "You don't have access to some domains apikey belongs to"
+            msg = "You don't have access to some zones apikey belongs to"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
@@ -558,7 +558,7 @@ def api_update_apikey(apikey_id):
         if domains is not None:
             domain_obj_list = Domain.query.filter(Domain.name.in_(domains)).all()
             if len(domain_obj_list) != len(domains):
-                msg = "One of supplied domains does not exist"
+                msg = "One of supplied zones does not exist"
                 current_app.logger.error(msg)
                 raise DomainNotExists(message=msg)
 
@@ -578,12 +578,12 @@ def api_update_apikey(apikey_id):
             target_accounts = current_accounts
 
         if len(target_domains) == 0 and len(target_accounts) == 0:
-            current_app.logger.error("Apikey with User role must have domains or accounts")
+            current_app.logger.error("Apikey with User role must have zones or accounts")
             raise ApiKeyNotUsable()
 
         if domains is not None and set(domains) == set(current_domains):
             current_app.logger.debug(
-                "Domains are the same, apikey domains won't be updated")
+                "Zones are the same, apikey zones won't be updated")
             domains = None
 
         if accounts is not None and set(accounts) == set(current_accounts):
@@ -610,19 +610,19 @@ def api_update_apikey(apikey_id):
         domain_list = [item.name for item in domain_obj_list]
         user_domain_list = [item.name for item in user_domain_obj_list]
 
-        current_app.logger.debug("Input domain list: {0}".format(domain_list))
+        current_app.logger.debug("Input zone list: {0}".format(domain_list))
         current_app.logger.debug(
-            "User domain list: {0}".format(user_domain_list))
+            "User zone list: {0}".format(user_domain_list))
 
         inter = set(domain_list).intersection(set(user_domain_list))
 
         if not (len(inter) == len(domain_list)):
-            msg = "You don't have access to one of domains"
+            msg = "You don't have access to one of zones"
             current_app.logger.error(msg)
             raise DomainAccessForbidden(message=msg)
 
         if apikey_id not in apikeys_ids:
-            msg = 'Apikey does not belong to domain to which user has access'
+            msg = 'Apikey does not belong to zone to which user has access'
             current_app.logger.error(msg)
             raise DomainAccessForbidden()
 
@@ -966,9 +966,9 @@ def api_delete_account(account_id):
     # Remove account association from domains first
     if len(account.domains) > 0:
         for domain in account.domains:
-            current_app.logger.info(f"Disassociating domain {domain.name} with {account.name}")
+            current_app.logger.info(f"Disassociating zone {domain.name} with {account.name}")
             Domain(name=domain.name).assoc_account(None, update=False)
-        current_app.logger.info("Syncing all domains")
+        current_app.logger.info("Syncing all zones")
         Domain().update()
 
     current_app.logger.debug(
@@ -1117,7 +1117,7 @@ def api_zone_forward(server_id, zone_id):
             if request.method in ['POST', 'PATCH']:
                 data = request.get_json(force=True)
                 history = History(
-                    msg='Apply record changes to domain {0}'.format(zone_id.rstrip('.')),
+                    msg='Apply record changes to zone {0}'.format(zone_id.rstrip('.')),
                     detail = json.dumps({
                         'domain': zone_id.rstrip('.'),
                         'add_rrsets': list(filter(lambda r: r['changetype'] == "REPLACE", data['rrsets'])),
@@ -1164,14 +1164,14 @@ def api_create_zone(server_id):
 
         if g.apikey.role.name not in ['Administrator', 'Operator']:
             current_app.logger.debug(
-                "Apikey is user key, assigning created domain")
+                "Apikey is user key, assigning created zone")
             domain = Domain(name=data['name'].rstrip('.'))
             g.apikey.domains.append(domain)
 
         domain = Domain()
         domain.update()
 
-        history = History(msg='Add domain {0}'.format(
+        history = History(msg='Add zone {0}'.format(
             data['name'].rstrip('.')),
             detail=json.dumps(data),
             created_by=created_by_value,
@@ -1198,7 +1198,7 @@ def api_get_zones(server_id):
 
             accounts_domains = [d.name for a in g.apikey.accounts for d in a.domains]
             allowed_domains = set(domain_list + accounts_domains)
-            current_app.logger.debug("Account domains: {}".format('/'.join(accounts_domains)))
+            current_app.logger.debug("Account zones: {}".format('/'.join(accounts_domains)))
             content = json.dumps([i for i in json.loads(resp.content)
                                   if i['name'].rstrip('.') in allowed_domains])
             return content, resp.status_code, resp.headers.items()
@@ -1236,14 +1236,14 @@ def health():
     domain_to_query = domain.query.first()
 
     if not domain_to_query:
-        current_app.logger.error("No domain found to query a health check")
+        current_app.logger.error("No zone found to query a health check")
         return make_response("Unknown", 503)
 
     try:
         domain.get_domain_info(domain_to_query.name)
     except Exception as e:
         current_app.logger.error(
-            "Health Check - Failed to query authoritative server for domain {}".format(domain_to_query.name))
+            "Health Check - Failed to query authoritative server for zone {}".format(domain_to_query.name))
         return make_response("Down", 503)
 
     return make_response("Up", 200)
diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 0f241211d..14a8ae351 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -176,10 +176,10 @@ def dashboard():
 
     BG_DOMAIN_UPDATE = Setting().get('bg_domain_updates')
     if not BG_DOMAIN_UPDATE:
-        current_app.logger.info('Updating domains in foreground...')
+        current_app.logger.info('Updating zones in foreground...')
         Domain().update()
     else:
-        current_app.logger.info('Updating domains in background...')
+        current_app.logger.info('Updating zones in background...')
 
     show_bg_domain_button = BG_DOMAIN_UPDATE
     if BG_DOMAIN_UPDATE and current_user.role.name not in ['Administrator', 'Operator']:
@@ -196,7 +196,7 @@ def dashboard():
 @login_required
 @operator_role_required
 def domains_updater():
-    current_app.logger.debug('Update domains in background')
+    current_app.logger.debug('Update zones in background')
     d = Domain().update()
 
     response_data = {
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 5fef976f5..593e91de4 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -178,7 +178,7 @@ def remove():
         if result['status'] == 'error':
             abort(500)
 
-        history = History(msg='Delete domain {0}'.format(
+        history = History(msg='Delete zone {0}'.format(
             pretty_domain_name(domain_name)),
                           created_by=current_user.username)
         history.add()
@@ -362,7 +362,7 @@ def add():
             if ' ' in domain_name or not domain_name or not domain_type:
                 return render_template(
                     'errors/400.html',
-                    msg="Please enter a valid domain name"), 400
+                    msg="Please enter a valid zone name"), 400
 
             if domain_name.endswith('.'):
                 domain_name = domain_name[:-1]
@@ -385,11 +385,11 @@ def add():
             try:
                 domain_name = to_idna(domain_name, 'encode')
             except:
-                current_app.logger.error("Cannot encode the domain name {}".format(domain_name))
+                current_app.logger.error("Cannot encode the zone name {}".format(domain_name))
                 current_app.logger.debug(traceback.format_exc())
                 return render_template(
                     'errors/400.html',
-                    msg="Please enter a valid domain name"), 400
+                    msg="Please enter a valid zone name"), 400
 
             if domain_type == 'slave':
                 if request.form.getlist('domain_master_address'):
@@ -429,7 +429,7 @@ def add():
                     else:
                         accounts = current_user.get_accounts()
                     
-                    msg = 'Domain already exists as a record under domain: {}'.format(upper_domain)
+                    msg = 'Zone already exists as a record under zone: {}'.format(upper_domain)
                     
                     return render_template('domain_add.html', 
                                             domain_override_message=msg,
@@ -443,7 +443,7 @@ def add():
                            account_name=account_name)
             if result['status'] == 'ok':
                 domain_id = Domain().get_id_by_name(domain_name)
-                history = History(msg='Add domain {0}'.format(
+                history = History(msg='Add zone {0}'.format(
                     pretty_domain_name(domain_name)),
                                   detail = json.dumps({
                                       'domain_type': domain_type,
@@ -507,7 +507,7 @@ def add():
                 return render_template('errors/400.html',
                                        msg=result['msg']), 400
         except Exception as e:
-            current_app.logger.error('Cannot add domain. Error: {0}'.format(e))
+            current_app.logger.error('Cannot add zone. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             abort(500)
 
@@ -537,7 +537,7 @@ def delete(domain_name):
     if result['status'] == 'error':
         abort(500)
 
-    history = History(msg='Delete domain {0}'.format(
+    history = History(msg='Delete zone {0}'.format(
         pretty_domain_name(domain_name)),
                       created_by=current_user.username)
     history.add()
@@ -581,7 +581,7 @@ def setting(domain_name):
         d.grant_privileges(new_user_ids)
 
         history = History(
-            msg='Change domain {0} access control'.format(
+            msg='Change zone {0} access control'.format(
                 pretty_domain_name(domain_name)),
             detail=json.dumps({'user_has_access': new_user_list}),
             created_by=current_user.username,
@@ -619,7 +619,7 @@ def change_type(domain_name):
                            kind=domain_type,
                            masters=domain_master_ips)
     if status['status'] == 'ok':
-        history = History(msg='Update type for domain {0}'.format(
+        history = History(msg='Update type for zone {0}'.format(
                 pretty_domain_name(domain_name)),
                           detail=json.dumps({
                               "domain": domain_name,
@@ -653,7 +653,7 @@ def change_soa_edit_api(domain_name):
                                   soa_edit_api=new_setting)
     if status['status'] == 'ok':
         history = History(
-            msg='Update soa_edit_api for domain {0}'.format(
+            msg='Update soa_edit_api for zone {0}'.format(
                 pretty_domain_name(domain_name)),
             detail = json.dumps({
                 'domain': domain_name,
@@ -697,7 +697,7 @@ def record_apply(domain_name):
         domain = Domain.query.filter(Domain.name == domain_name).first()
 
         if domain:
-            current_app.logger.debug('Current domain serial: {0}'.format(
+            current_app.logger.debug('Current zone serial: {0}'.format(
                 domain.serial))
 
             if int(submitted_serial) != domain.serial:
@@ -714,14 +714,14 @@ def record_apply(domain_name):
                     'status':
                     'error',
                     'msg':
-                    'Domain name {0} does not exist'.format(pretty_domain_name(domain_name))
+                    'Zone name {0} does not exist'.format(pretty_domain_name(domain_name))
                 }), 404)
 
         r = Record()
         result = r.apply(domain_name, submitted_record)
         if result['status'] == 'ok':
             history = History(
-                msg='Apply record changes to domain {0}'.format(pretty_domain_name(domain_name)),
+                msg='Apply record changes to zone {0}'.format(pretty_domain_name(domain_name)),
                 detail = json.dumps({
                         'domain': domain_name,
                         'add_rrsets': result['data'][0]['rrsets'],
@@ -733,7 +733,7 @@ def record_apply(domain_name):
             return make_response(jsonify(result), 200)
         else:
             history = History(
-                msg='Failed to apply record changes to domain {0}'.format(
+                msg='Failed to apply record changes to zone {0}'.format(
                     pretty_domain_name(domain_name)),
                 detail = json.dumps({
                         'domain': domain_name,
@@ -760,7 +760,7 @@ def record_apply(domain_name):
 @can_access_domain
 def record_update(domain_name):
     """
-    This route is used for domain work as Slave Zone only
+    This route is used for zone work as Slave Zone only
     Pulling the records update from its Master
     """
     try:
@@ -818,7 +818,7 @@ def dnssec_enable(domain_name):
     dnssec = domain.enable_domain_dnssec(domain_name)
     domain_object = Domain.query.filter(domain_name == Domain.name).first()
     history = History(
-        msg='DNSSEC was enabled for domain ' + domain_name ,
+        msg='DNSSEC was enabled for zone ' + domain_name ,
         created_by=current_user.username,
         domain_id=domain_object.id)
     history.add()
@@ -837,7 +837,7 @@ def dnssec_disable(domain_name):
         domain.delete_dnssec_key(domain_name, key['id'])
     domain_object = Domain.query.filter(domain_name == Domain.name).first()
     history = History(
-        msg='DNSSEC was disabled for domain ' + domain_name ,
+        msg='DNSSEC was disabled for zone ' + domain_name ,
         created_by=current_user.username,
         domain_id=domain_object.id)
     history.add()
@@ -914,7 +914,7 @@ def admin_setdomainsetting(domain_name):
                     }), 400)
         except Exception as e:
             current_app.logger.error(
-                'Cannot change domain setting. Error: {0}'.format(e))
+                'Cannot change zone setting. Error: {0}'.format(e))
             current_app.logger.debug(traceback.format_exc())
             return make_response(
                 jsonify({
diff --git a/update_zones.py b/update_zones.py
index 5da542f6c..56cde3e88 100644
--- a/update_zones.py
+++ b/update_zones.py
@@ -29,6 +29,6 @@
         sys.exit(1)
 
     ### Start the update process
-    app.logger.info('Update domains from nameserver API')
+    app.logger.info('Update zones from nameserver API')
 
     Domain().update()

From a9e18ec59477bec6619aee451fb70057222876b4 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Thu, 16 Mar 2023 18:36:47 +0100
Subject: [PATCH 337/475] Make sure old history items will also be shown

---
 powerdnsadmin/routes/admin.py | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 47551ee26..8e34d2d20 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -897,7 +897,7 @@ def __init__(self, history, change_set):
                                                        description=DetailedHistory.get_key_val(detail_dict,
                                                                                                "description"))
 
-        elif 'Change zone' in history.msg and 'access control' in history.msg:  # added or removed a user from a zone
+        elif any(msg in history.msg for msg in ['Change zone','Change domain']) and 'access control' in history.msg:  # added or removed a user from a zone
             users_with_access = DetailedHistory.get_key_val(detail_dict, "user_has_access")
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
@@ -942,7 +942,7 @@ def __init__(self, history, change_set):
                                                        linked_domains=DetailedHistory.get_key_val(detail_dict,
                                                                                                   "domains"))
 
-        elif 'Update type for zone' in history.msg:
+        elif any(msg in history.msg for msg in ['Update type for zone','Update type for domain']):
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
                     <tr><td>Zone: </td><td>{{ domain }}</td></tr>
@@ -977,7 +977,7 @@ def __init__(self, history, change_set):
                                                                                                   'status'),
                                                        history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
 
-        elif 'Update zone' in history.msg and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
+        elif any(msg in history.msg for msg in ['Update zone','Update domain']) and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
             self.detailed_msg = render_template_string('''
                 <table class="table table-bordered table-striped">
                     <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
@@ -1231,8 +1231,11 @@ def history_table():  # ajax call data
                     .filter(
                     db.and_(
                         db.or_(
-                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like(
-                                "%zone%"),
+                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like("%domain%"),
+                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like("%zone%"),
+                            History.msg.like(
+                                "%domain " + domain_name + " access control") if domain_name != "*" else History.msg.like(
+                                "%domain%access control"),
                             History.msg.like(
                                 "%zone " + domain_name + " access control") if domain_name != "*" else History.msg.like(
                                 "%zone%access control")
@@ -1247,8 +1250,12 @@ def history_table():  # ajax call data
                 histories = base_query \
                     .filter(
                     db.and_(
-                        History.msg.like("Apply record changes to zone " + domain_name) if domain_name != "*" \
-                            else History.msg.like("Apply record changes to zone%"),
+                        db.or_(
+                            History.msg.like("Apply record changes to domain " + domain_name) if domain_name != "*" \
+                                else History.msg.like("Apply record changes to domain%"),
+                            History.msg.like("Apply record changes to zone " + domain_name) if domain_name != "*" \
+                                else History.msg.like("Apply record changes to zone%"),
+                        ),
                         History.created_on <= max_date if max_date != None else True,
                         History.created_on >= min_date if min_date != None else True,
                         History.created_by == changed_by if changed_by != None else True

From bb6d2d0497da023117caab14c3faa7dfa5502f44 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Fri, 17 Mar 2023 03:42:45 +0000
Subject: [PATCH 338/475] feat(authentication): added admin settings for
 password policies

---
 powerdnsadmin/models/setting.py               |   8 +
 powerdnsadmin/routes/admin.py                 |  37 ++++-
 .../admin_setting_authentication.html         | 141 +++++++++++++++---
 3 files changed, 168 insertions(+), 18 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 2b1c7d7e0..48f929f1e 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -205,6 +205,14 @@ class Setting(db.Model):
         'deny_domain_override': False,
         'account_name_extra_chars': False,
         'gravatar_enabled': False,
+        'pwd_enforce_characters': False,
+        'pwd_min_len': 10,
+        'pwd_min_lowercase': 3,
+        'pwd_min_uppercase': 2,
+        'pwd_min_digits': 2,
+        'pwd_min_special': 1,
+        'pwd_enforce_complexity': False,
+        'pwd_min_complexity': 11
     }
 
     def __init__(self, id=None, name=None, value=None):
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 43339778f..c092f2025 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1550,7 +1550,23 @@ def setting_authentication():
             local_db_enabled = True if request.form.get(
                 'local_db_enabled') else False
             signup_enabled = True if request.form.get(
-                'signup_enabled', ) else False
+                'signup_enabled') else False
+
+            pwd_enforce_characters = True if request.form.get('pwd_enforce_characters') else False
+            pwd_min_len = safe_cast(request.form.get('pwd_min_len', Setting().defaults["pwd_min_len"]), int,
+                                    Setting().defaults["pwd_min_len"])
+            pwd_min_lowercase = safe_cast(request.form.get('pwd_min_lowercase', Setting().defaults["pwd_min_lowercase"]), int,
+                                          Setting().defaults["pwd_min_lowercase"])
+            pwd_min_uppercase = safe_cast(request.form.get('pwd_min_uppercase', Setting().defaults["pwd_min_uppercase"]), int,
+                                          Setting().defaults["pwd_min_uppercase"])
+            pwd_min_digits = safe_cast(request.form.get('pwd_min_digits', Setting().defaults["pwd_min_digits"]), int,
+                                       Setting().defaults["pwd_min_digits"])
+            pwd_min_special = safe_cast(request.form.get('pwd_min_special', Setting().defaults["pwd_min_special"]), int,
+                                        Setting().defaults["pwd_min_special"])
+
+            pwd_enforce_complexity = True if request.form.get('pwd_enforce_complexity') else False
+            pwd_min_complexity = safe_cast(request.form.get('pwd_min_complexity', Setting().defaults["pwd_min_complexity"]), int,
+                                           Setting().defaults["pwd_min_complexity"])
 
             if not has_an_auth_method(local_db_enabled=local_db_enabled):
                 result = {
@@ -1562,7 +1578,19 @@ def setting_authentication():
             else:
                 Setting().set('local_db_enabled', local_db_enabled)
                 Setting().set('signup_enabled', signup_enabled)
+
+                Setting().set('pwd_enforce_characters', pwd_enforce_characters)
+                Setting().set('pwd_min_len', pwd_min_len)
+                Setting().set('pwd_min_lowercase', pwd_min_lowercase)
+                Setting().set('pwd_min_uppercase', pwd_min_uppercase)
+                Setting().set('pwd_min_digits', pwd_min_digits)
+                Setting().set('pwd_min_special', pwd_min_special)
+
+                Setting().set('pwd_enforce_complexity', pwd_enforce_complexity)
+                Setting().set('pwd_min_complexity', pwd_min_complexity)
+
                 result = {'status': True, 'msg': 'Saved successfully'}
+
         elif conf_type == 'ldap':
             ldap_enabled = True if request.form.get('ldap_enabled') else False
 
@@ -2144,3 +2172,10 @@ def validateURN(value):
         return False
 
     return True
+
+
+def safe_cast(val, to_type, default=None):
+    try:
+        return to_type(val)
+    except (ValueError, TypeError):
+        return default
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 7675797eb..b3ccff1bb 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -78,24 +78,89 @@ <h3 class="card-title">Settings Editor</h3>
                                                             <h3 class="card-title">Basic Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
-                                                        <div class="card-body">
-                                                            <div class="form-group">
-                                                                <input type="checkbox" id="local_db_enabled"
-                                                                       name="local_db_enabled"
-                                                                       class="checkbox"
-                                                                       {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
-                                                                <label for="local_db_enabled">Local DB
-                                                                    Authentication</label>
+                                                        <fieldset>
+                                                            <div class="card-body">
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="local_db_enabled"
+                                                                        name="local_db_enabled"
+                                                                        class="checkbox"
+                                                                        {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
+                                                                    <label for="local_db_enabled">Local DB
+                                                                        Authentication</label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="signup_enabled"
+                                                                        name="signup_enabled"
+                                                                        class="checkbox"
+                                                                        {% if SETTING.get('signup_enabled') %}checked{% endif %}>
+                                                                    <label for="signup_enabled">Allow users to sign
+                                                                        up</label>
+                                                                </div>
                                                             </div>
-                                                            <div class="form-group">
-                                                                <input type="checkbox" id="signup_enabled"
-                                                                       name="signup_enabled"
-                                                                       class="checkbox"
-                                                                       {% if SETTING.get('signup_enabled') %}checked{% endif %}>
-                                                                <label for="signup_enabled">Allow users to sign
-                                                                    up</label>
+                                                        </fieldset>
+                                                        <fieldset>
+                                                            <legend>PASSWORD REQUIREMENTS</legend>
+                                                            <div class="card-body">
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="pwd_enforce_characters"
+                                                                        name="pwd_enforce_characters" class="checkbox"
+                                                                        {% if SETTING.get('pwd_enforce_characters') %}checked{% endif %}>
+                                                                    <label for="pwd_enforce_characters">
+                                                                        Enforce Character Requirements
+                                                                    </label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_len">Minimum Password Length</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_len" id="pwd_min_len"
+                                                                        data-error="Please enter a minimum password length"
+                                                                        value="{{ SETTING.get('pwd_min_len') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_lowercase">Minimum Lowercase Characters</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_lowercase" id="pwd_min_lowercase"
+                                                                        data-error="Please enter the minimum number of lowercase letters required"
+                                                                        value="{{ SETTING.get('pwd_min_lowercase') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_uppercase">Minimum Uppercase Characters</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_uppercase" id="pwd_min_uppercase"
+                                                                        data-error="Please enter the minimum number of uppercase letters required"
+                                                                        value="{{ SETTING.get('pwd_min_uppercase') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_digits">Minimum Digit Characters</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_digits" id="pwd_min_digits"
+                                                                        data-error="Please enter the minimum number of digits required"
+                                                                        value="{{ SETTING.get('pwd_min_digits') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_special">Minimum Special Characters</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_special" id="pwd_min_special"
+                                                                        data-error="Please enter the minimum number of special characters required"
+                                                                        value="{{ SETTING.get('pwd_min_special') }}">
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <input type="checkbox" id="pwd_enforce_complexity"
+                                                                        name="pwd_enforce_complexity" class="checkbox"
+                                                                        {% if SETTING.get('pwd_enforce_complexity') %}checked{% endif %}>
+                                                                    <label for="pwd_enforce_complexity">
+                                                                        Enforce Complexity Requirement
+                                                                    </label>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="pwd_min_complexity">Minimum Complexity (zxcvbn)</label>
+                                                                    <input type="text" class="form-control"
+                                                                        name="pwd_min_complexity" id="pwd_min_complexity"
+                                                                        data-error="Please enter the minimum password complexity required"
+                                                                        value="{{ SETTING.get('pwd_min_complexity') }}">
+                                                                </div>
                                                             </div>
-                                                        </div>
+                                                        </fieldset>
                                                         <!-- /.card-body -->
                                                         <div class="card-footer">
                                                             <button type="submit" class="btn btn-primary"
@@ -117,7 +182,49 @@ <h3 class="card-title">Settings Help</h3>
                                                     </div>
                                                     <!-- /.card-header -->
                                                     <div class="card-body">
-                                                        <p>Fill in all the fields in the left form.</p>
+                                                        <dl class="dl-horizontal">
+                                                            <dt>Local DB Authentication</dt>
+                                                            <dd>Enable/disable local database authentication.</dd>
+                                                            <dt>Allow Users to Signup</dt>
+                                                            <dd>Allow users to signup. This requires local database authentication
+                                                                to be enabled.</dd>
+                                                            <legend>PASSWORD REQUIREMENTS</legend>
+                                                            This section allows you to customize your local DB password requirements
+                                                            and ensure that when users change their password or signup they are
+                                                            picking strong passwords.
+                                                            <br/>
+                                                            Setting any entry field to a blank value will revert it back to default.
+
+                                                            <dt>Enforce Character Requirements</dt>
+                                                            <dd>This option will enforce the character type requirements for
+                                                                passwords.
+                                                                <ul>
+                                                                    <li>Minimum Lowercase Characters - Minimum number of lowercase
+                                                                        characters required to appear in the password.</li>
+                                                                    <li>Minimum Uppercase Characters - Minimum number of uppercase
+                                                                        characters required to appear in the password.</li>
+                                                                    <li>Minimum Digit Characters - Minimum number of digits
+                                                                        required to appear in the password. Digits include
+                                                                        1234567890.</li>
+                                                                    <li>Minimum Special Characters - Minimum number of special
+                                                                        characters required to appear in the password. Special
+                                                                        characters include
+                                                                        `!@#$%^&amp;*()_-=+[]\{}|;:",.&gt;&lt;/?.</li>
+                                                                </ul>
+                                                            </dd>
+                                                            <dt>Enforce Complexity Requirement</dt>
+                                                            <dd>Enable the enforcement of complex passwords. We currently use
+                                                                <a href="https://github.com/dropbox/zxcvbn">zxcvbn</a> for
+                                                                determining this.
+                                                                <ul>
+                                                                    <li>Minimum Complexity - The default value of the log factor
+                                                                        is 11 as it is considered secure. More information about
+                                                                        the this can be found at
+                                                                        <a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_wheeler.pdf">here</a>
+                                                                    </li>
+                                                                </ul>
+                                                            </dd>
+                                                        </dl>
                                                     </div>
                                                     <!-- /.card-body -->
                                                 </div>

From 1cea4b7ce324590a4ae1c8f675f432cd389d114b Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Fri, 17 Mar 2023 03:44:08 +0000
Subject: [PATCH 339/475] feat(authentication): added password policy checker
 function

---
 powerdnsadmin/routes/index.py | 88 +++++++++++++++++++++++++++++++++++
 requirements.txt              |  1 +
 2 files changed, 89 insertions(+)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 72305a65e..79768c739 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -5,6 +5,8 @@
 import datetime
 import ipaddress
 import base64
+import string
+from zxcvbn import zxcvbn
 from distutils.util import strtobool
 from yaml import Loader, load
 from flask import Blueprint, render_template, make_response, url_for, current_app, g, session, request, redirect, abort
@@ -649,6 +651,92 @@ def logout():
     return redirect(redirect_uri)
 
 
+def password_policy_check(user, password):
+
+    def check_policy(chars, user_password, setting):
+        lenreq = int(Setting().get(setting))
+        test_string = user_password
+        for c in chars:
+            test_string = test_string.replace(c, '')
+        return (lenreq, len(user_password) - len(test_string))
+
+    def matches_policy(item, policy_fails):
+        return "*" if item in policy_fails else ""
+
+    policy = []
+    policy_fails = {}
+
+    # If either policy is enabled check basics first ... this is obvious!
+    if Setting().get('pwd_enforce_characters') or Setting().get('pwd_enforce_complexity'):
+        # Cannot contain username
+        if user.username in password:
+            policy_fails["username"] = True
+        policy.append(f"{matches_policy('username', policy_fails)}cannot contain username")
+
+        # Cannot contain password
+        if user.firstname in password:
+            policy_fails["firstname"] = True
+        policy.append(f"{matches_policy('firstname', policy_fails)}cannot contain firstname")
+
+        # Cannot contain lastname
+        if user.lastname in password:
+            policy_fails["lastname"] = True
+        policy.append(f"{matches_policy('lastname', policy_fails)}cannot contain lastname")
+
+        # Cannot contain email
+        if user.email in password:
+            policy_fails["email"] = True
+        policy.append(f"{matches_policy('email', policy_fails)}cannot contain email")
+
+    # Check if we're enforcing character requirements
+    if Setting().get('pwd_enforce_characters'):
+        # Length
+        pwd_min_len_setting = int(Setting().get('pwd_min_len'))
+        pwd_len = len(password)
+        if pwd_len < pwd_min_len_setting:
+            policy_fails["length"] = True
+        policy.append(f"{matches_policy('length', policy_fails)}length={pwd_len}/{pwd_min_len_setting}")
+        # Digits
+        (pwd_min_digits_setting, pwd_digits) = check_policy(string.digits, password, 'pwd_min_digits')
+        if pwd_digits < pwd_min_digits_setting:
+            policy_fails["digits"] = True
+        policy.append(f"{matches_policy('digits', policy_fails)}digits={pwd_digits}/{pwd_min_digits_setting}")
+        # Lowercase
+        (pwd_min_lowercase_setting, pwd_lowercase) = check_policy(string.digits, password, 'pwd_min_lowercase')
+        if pwd_lowercase < pwd_min_lowercase_setting:
+            policy_fails["lowercase"] = True
+        policy.append(f"{matches_policy('lowercase', policy_fails)}lowercase={pwd_lowercase}/{pwd_min_lowercase_setting}")
+        # Uppercase
+        (pwd_min_uppercase_setting, pwd_uppercase) = check_policy(string.digits, password, 'pwd_min_uppercase')
+        if pwd_uppercase < pwd_min_uppercase_setting:
+            policy_fails["uppercase"] = True
+        policy.append(f"{matches_policy('uppercase', policy_fails)}uppercase={pwd_uppercase}/{pwd_min_uppercase_setting}")
+        # Special
+        (pwd_min_special_setting, pwd_special) = check_policy(string.digits, password, 'pwd_min_special')
+        if pwd_special < pwd_min_special_setting:
+            policy_fails["special"] = True
+        policy.append(f"{matches_policy('special', policy_fails)}special={pwd_special}/{pwd_min_special_setting}")
+
+    if Setting().get('pwd_enforce_complexity'):
+        # Complexity checking
+        zxcvbn_inputs = []
+        for input in (user.firstname, user.lastname, user.username, user.email):
+            if len(input):
+                zxcvbn_inputs.append(input)
+
+        result = zxcvbn(password, user_inputs=zxcvbn_inputs)
+        pwd_min_complexity_setting = int(Setting().get('pwd_min_complexity'))
+        pwd_complexity = result['guesses_log10']
+        if pwd_complexity < pwd_min_complexity_setting:
+            policy_fails["complexity"] = True
+        policy.append(f"{matches_policy('complexity', policy_fails)}complexity={pwd_complexity:.0f}/{pwd_min_complexity_setting}")
+
+    policy_str = {"password": f"Fails policy: {', '.join(policy)}. Items prefixed with '*' failed."}
+
+    # NK: the first item in the tuple indicates a PASS, so, we check for any True's and negate that
+    return (not any(policy_fails.values()), policy_str)
+
+
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
   CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
diff --git a/requirements.txt b/requirements.txt
index 83d101127..b8256b2d3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -43,3 +43,4 @@ webcolors==1.12
 werkzeug==2.1.2
 zipp==3.11.0
 rcssmin==1.1.1
+zxcvbn==4.4.28
\ No newline at end of file

From fc14e9189d9b26c383384e5bf62095fe114650db Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Fri, 17 Mar 2023 03:45:09 +0000
Subject: [PATCH 340/475] feat(authentication): check password policy during
 registration of new users

---
 powerdnsadmin/routes/index.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 79768c739..a21ad31e5 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -788,6 +788,10 @@ def register():
         email=email
       )
 
+      (password_policy_pass, password_policy) = password_policy_check(user, password)
+      if not password_policy_pass:
+        return render_template('register.html', error_messages=password_policy, captcha_enable=CAPTCHA_ENABLE)
+
       try:
         result = user.create_local_user()
         if result and result['status']:

From 64017195da56b5fcefce23e37367b83e2a404707 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Fri, 17 Mar 2023 03:45:37 +0000
Subject: [PATCH 341/475] feat(authentication): check password policy during
 user profile password change

---
 powerdnsadmin/routes/user.py              | 13 +++++++++++++
 powerdnsadmin/templates/user_profile.html | 19 ++++++++++++++-----
 2 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/powerdnsadmin/routes/user.py b/powerdnsadmin/routes/user.py
index 65d7e084f..adba502be 100644
--- a/powerdnsadmin/routes/user.py
+++ b/powerdnsadmin/routes/user.py
@@ -9,6 +9,8 @@
 
 from ..models.user import User, Anonymous
 from ..models.setting import Setting
+from .index import password_policy_check
+
 
 user_bp = Blueprint('user',
                     __name__,
@@ -79,12 +81,23 @@ def profile():
                             .format(current_user.username)
                         }), 400)
 
+        (password_policy_pass, password_policy) = password_policy_check(current_user.get_user_info_by_username(), new_password)
+        if not password_policy_pass:
+            if request.data:
+                return make_response(
+                    jsonify({
+                        'status': 'error',
+                        'msg': password_policy['password'],
+                    }), 400)
+            return render_template('user_profile.html', error_messages=password_policy)
+
         user = User(username=current_user.username,
                     plain_text_password=new_password,
                     firstname=firstname,
                     lastname=lastname,
                     email=email,
                     reload_info=False)
+
         user.update_profile()
 
         return render_template('user_profile.html')
diff --git a/powerdnsadmin/templates/user_profile.html b/powerdnsadmin/templates/user_profile.html
index 3bb99714a..ee161bba1 100644
--- a/powerdnsadmin/templates/user_profile.html
+++ b/powerdnsadmin/templates/user_profile.html
@@ -34,13 +34,13 @@ <h3 class="card-title">Profile Editor</h3>
                             <div class="nav-tabs-custom mb-2">
                                 <ul class="nav nav-tabs" role="tablist">
                                     <li class="nav-item">
-                                        <a class="nav-link active" href="#tabs-personal" data-toggle="tab">
+                                        <a class="nav-link {{ 'active' if not error_messages else '' }}" href="#tabs-personal" data-toggle="tab">
                                             Personal Info
                                         </a>
                                     </li>
                                     {% if session['authentication_type'] == 'LOCAL' %}
                                         <li class="nav-item">
-                                            <a class="nav-link" href="#tabs-password" data-toggle="tab">
+                                            <a class="nav-link {{ 'active' if 'password' in error_messages else '' }}" href="#tabs-password" data-toggle="tab">
                                                 Change Password
                                             </a>
                                         </li>
@@ -57,7 +57,8 @@ <h3 class="card-title">Profile Editor</h3>
                             <!-- /.nav-tabs-custom -->
 
                             <div class="tab-content">
-                                <div class="tab-pane fade show active" id="tabs-personal">
+                                <div class="tab-pane fade {{ 'show active' if not error_messages else '' }}"
+                                        id="tabs-personal">
                                     <form role="form" method="post" action="{{ user_profile }}">
                                         <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                         <div class="form-group">
@@ -91,7 +92,8 @@ <h3 class="card-title">Profile Editor</h3>
                                 <!-- /.tab-pane -->
 
                                 {% if session['authentication_type'] == 'LOCAL' %}
-                                    <div class="tab-pane fade" id="tabs-password">
+                                    <div class="tab-pane fade {{ 'show active' if 'password' in error_messages else '' }}"
+                                            id="tabs-password">
                                         {% if not current_user.password %}
                                             Your account password is managed via LDAP which isn't supported to
                                             change here.
@@ -101,8 +103,15 @@ <h3 class="card-title">Profile Editor</h3>
                                                        value="{{ csrf_token() }}">
                                                 <div class="form-group">
                                                     <label for="password">New Password</label>
-                                                    <input type="password" class="form-control" name="password"
+                                                    <input type="password" class="form-control {{ 'is-invalid' if 'password' in error_messages else '' }}"
+                                                           name="password"
                                                            id="newpassword">
+                                                    {% if 'password' in error_messages %}
+                                                    <div class="invalid-feedback">
+                                                        <i class="fas fa-exclamation-triangle"></i>
+                                                        {{ error_messages['password'] }}
+                                                    </div>
+                                                    {% endif %}
                                                 </div>
                                                 <div class="form-group">
                                                     <label for="rpassword">Re-type New Password</label>

From a25dda8ac14546ba8a72dec206513fc3949050bb Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 15:50:08 -0400
Subject: [PATCH 342/475] Made some formatting tweaks to the authentication
 settings view to unify section header styling.

Corrected improper markup introduced by recent PR for password complexity requirements.
---
 .../admin_setting_authentication.html         | 199 ++++++++++--------
 1 file changed, 115 insertions(+), 84 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 9ae899bbe..a4c028865 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -78,89 +78,99 @@ <h3 class="card-title">Settings Editor</h3>
                                                             <h3 class="card-title">Basic Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
-                                                        <fieldset>
-                                                            <div class="card-body">
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="local_db_enabled"
-                                                                        name="local_db_enabled"
-                                                                        class="checkbox"
-                                                                        {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
-                                                                    <label for="local_db_enabled">Local DB
-                                                                        Authentication</label>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="signup_enabled"
-                                                                        name="signup_enabled"
-                                                                        class="checkbox"
-                                                                        {% if SETTING.get('signup_enabled') %}checked{% endif %}>
-                                                                    <label for="signup_enabled">Allow users to sign
-                                                                        up</label>
-                                                                </div>
+                                                        <div class="card-body">
+                                                            <fieldset>
+
+                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="local_db_enabled"
+                                                                       name="local_db_enabled"
+                                                                       class="checkbox"
+                                                                       {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
+                                                                <label for="local_db_enabled">Local DB
+                                                                    Authentication</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="signup_enabled"
+                                                                       name="signup_enabled"
+                                                                       class="checkbox"
+                                                                       {% if SETTING.get('signup_enabled') %}checked{% endif %}>
+                                                                <label for="signup_enabled">Allow users to sign
+                                                                    up</label>
                                                             </div>
-                                                        </fieldset>
-                                                        <fieldset>
-                                                            <legend>PASSWORD REQUIREMENTS</legend>
-                                                            <div class="card-body">
+                                                            <fieldset>
+                                                                <legend>Password Requirements</legend>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="pwd_enforce_characters"
-                                                                        name="pwd_enforce_characters" class="checkbox"
-                                                                        {% if SETTING.get('pwd_enforce_characters') %}checked{% endif %}>
+                                                                           name="pwd_enforce_characters"
+                                                                           class="checkbox"
+                                                                           {% if SETTING.get('pwd_enforce_characters') %}checked{% endif %}>
                                                                     <label for="pwd_enforce_characters">
                                                                         Enforce Character Requirements
                                                                     </label>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_len">Minimum Password Length</label>
+                                                                    <label for="pwd_min_len">Minimum Password
+                                                                        Length</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_len" id="pwd_min_len"
-                                                                        data-error="Please enter a minimum password length"
-                                                                        value="{{ SETTING.get('pwd_min_len') }}">
+                                                                           name="pwd_min_len" id="pwd_min_len"
+                                                                           data-error="Please enter a minimum password length"
+                                                                           value="{{ SETTING.get('pwd_min_len') }}">
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_lowercase">Minimum Lowercase Characters</label>
+                                                                    <label for="pwd_min_lowercase">Minimum Lowercase
+                                                                        Characters</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_lowercase" id="pwd_min_lowercase"
-                                                                        data-error="Please enter the minimum number of lowercase letters required"
-                                                                        value="{{ SETTING.get('pwd_min_lowercase') }}">
+                                                                           name="pwd_min_lowercase"
+                                                                           id="pwd_min_lowercase"
+                                                                           data-error="Please enter the minimum number of lowercase letters required"
+                                                                           value="{{ SETTING.get('pwd_min_lowercase') }}">
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_uppercase">Minimum Uppercase Characters</label>
+                                                                    <label for="pwd_min_uppercase">Minimum Uppercase
+                                                                        Characters</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_uppercase" id="pwd_min_uppercase"
-                                                                        data-error="Please enter the minimum number of uppercase letters required"
-                                                                        value="{{ SETTING.get('pwd_min_uppercase') }}">
+                                                                           name="pwd_min_uppercase"
+                                                                           id="pwd_min_uppercase"
+                                                                           data-error="Please enter the minimum number of uppercase letters required"
+                                                                           value="{{ SETTING.get('pwd_min_uppercase') }}">
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_digits">Minimum Digit Characters</label>
+                                                                    <label for="pwd_min_digits">Minimum Digit
+                                                                        Characters</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_digits" id="pwd_min_digits"
-                                                                        data-error="Please enter the minimum number of digits required"
-                                                                        value="{{ SETTING.get('pwd_min_digits') }}">
+                                                                           name="pwd_min_digits" id="pwd_min_digits"
+                                                                           data-error="Please enter the minimum number of digits required"
+                                                                           value="{{ SETTING.get('pwd_min_digits') }}">
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_special">Minimum Special Characters</label>
+                                                                    <label for="pwd_min_special">Minimum Special
+                                                                        Characters</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_special" id="pwd_min_special"
-                                                                        data-error="Please enter the minimum number of special characters required"
-                                                                        value="{{ SETTING.get('pwd_min_special') }}">
+                                                                           name="pwd_min_special" id="pwd_min_special"
+                                                                           data-error="Please enter the minimum number of special characters required"
+                                                                           value="{{ SETTING.get('pwd_min_special') }}">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="pwd_enforce_complexity"
-                                                                        name="pwd_enforce_complexity" class="checkbox"
-                                                                        {% if SETTING.get('pwd_enforce_complexity') %}checked{% endif %}>
+                                                                           name="pwd_enforce_complexity"
+                                                                           class="checkbox"
+                                                                           {% if SETTING.get('pwd_enforce_complexity') %}checked{% endif %}>
                                                                     <label for="pwd_enforce_complexity">
                                                                         Enforce Complexity Requirement
                                                                     </label>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="pwd_min_complexity">Minimum Complexity (zxcvbn)</label>
+                                                                    <label for="pwd_min_complexity">Minimum Complexity
+                                                                        (zxcvbn)</label>
                                                                     <input type="text" class="form-control"
-                                                                        name="pwd_min_complexity" id="pwd_min_complexity"
-                                                                        data-error="Please enter the minimum password complexity required"
-                                                                        value="{{ SETTING.get('pwd_min_complexity') }}">
+                                                                           name="pwd_min_complexity"
+                                                                           id="pwd_min_complexity"
+                                                                           data-error="Please enter the minimum password complexity required"
+                                                                           value="{{ SETTING.get('pwd_min_complexity') }}">
                                                                 </div>
-                                                            </div>
-                                                        </fieldset>
+                                                            </fieldset>
+                                                        </div>
                                                         <!-- /.card-body -->
                                                         <div class="card-footer">
                                                             <button type="submit" class="btn btn-primary"
@@ -186,39 +196,57 @@ <h3 class="card-title">Settings Help</h3>
                                                             <dt>Local DB Authentication</dt>
                                                             <dd>Enable/disable local database authentication.</dd>
                                                             <dt>Allow Users to Signup</dt>
-                                                            <dd>Allow users to signup. This requires local database authentication
-                                                                to be enabled.</dd>
-                                                            <legend>PASSWORD REQUIREMENTS</legend>
-                                                            This section allows you to customize your local DB password requirements
-                                                            and ensure that when users change their password or signup they are
-                                                            picking strong passwords.
-                                                            <br/>
-                                                            Setting any entry field to a blank value will revert it back to default.
-
+                                                            <dd>Allow users to signup. This requires local database
+                                                                authentication
+                                                                to be enabled.
+                                                            </dd>
+                                                            <h4>Password Requirements</h4>
+                                                            <dd>This section allows you to customize your local DB password
+                                                            requirements
+                                                            and ensure that when users change their password or signup
+                                                            they are
+                                                            picking strong passwords.</dd>
+                                                            <dd>Setting any entry field to a blank value will revert it back
+                                                            to default.</dd>
                                                             <dt>Enforce Character Requirements</dt>
-                                                            <dd>This option will enforce the character type requirements for
+                                                            <dd>This option will enforce the character type requirements
+                                                                for
                                                                 passwords.
                                                                 <ul>
-                                                                    <li>Minimum Lowercase Characters - Minimum number of lowercase
-                                                                        characters required to appear in the password.</li>
-                                                                    <li>Minimum Uppercase Characters - Minimum number of uppercase
-                                                                        characters required to appear in the password.</li>
-                                                                    <li>Minimum Digit Characters - Minimum number of digits
-                                                                        required to appear in the password. Digits include
-                                                                        1234567890.</li>
-                                                                    <li>Minimum Special Characters - Minimum number of special
-                                                                        characters required to appear in the password. Special
+                                                                    <li>Minimum Lowercase Characters - Minimum number of
+                                                                        lowercase
+                                                                        characters required to appear in the password.
+                                                                    </li>
+                                                                    <li>Minimum Uppercase Characters - Minimum number of
+                                                                        uppercase
+                                                                        characters required to appear in the password.
+                                                                    </li>
+                                                                    <li>Minimum Digit Characters - Minimum number of
+                                                                        digits
+                                                                        required to appear in the password. Digits
+                                                                        include
+                                                                        1234567890.
+                                                                    </li>
+                                                                    <li>Minimum Special Characters - Minimum number of
+                                                                        special
+                                                                        characters required to appear in the password.
+                                                                        Special
                                                                         characters include
-                                                                        `!@#$%^&amp;*()_-=+[]\{}|;:",.&gt;&lt;/?.</li>
+                                                                        `!@#$%^&amp;*()_-=+[]\{}|;:",.&gt;&lt;/?.
+                                                                    </li>
                                                                 </ul>
                                                             </dd>
                                                             <dt>Enforce Complexity Requirement</dt>
-                                                            <dd>Enable the enforcement of complex passwords. We currently use
-                                                                <a href="https://github.com/dropbox/zxcvbn">zxcvbn</a> for
+                                                            <dd>Enable the enforcement of complex passwords. We
+                                                                currently use
+                                                                <a href="https://github.com/dropbox/zxcvbn">zxcvbn</a>
+                                                                for
                                                                 determining this.
                                                                 <ul>
-                                                                    <li>Minimum Complexity - The default value of the log factor
-                                                                        is 11 as it is considered secure. More information about
+                                                                    <li>Minimum Complexity - The default value of the
+                                                                        log factor
+                                                                        is 11 as it is considered secure. More
+                                                                        information about
                                                                         the this can be found at
                                                                         <a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_wheeler.pdf">here</a>
                                                                     </li>
@@ -289,7 +317,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>ADMINISTRATOR INFO</legend>
+                                                                <legend>Administrator Info</legend>
                                                                 <div class="form-group">
                                                                     <label for="ldap_uri">LDAP URI</label>
                                                                     <input type="text" class="form-control"
@@ -347,7 +375,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>FILTERS</legend>
+                                                                <legend>Filters</legend>
                                                                 <div class="form-group">
                                                                     <label for="ldap_filter_basic">Basic filter</label>
                                                                     <input type="text" class="form-control"
@@ -395,7 +423,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>GROUP SECURITY</legend>
+                                                                <legend>Group Security</legend>
                                                                 <div class="form-group">
                                                                     <label>Status</label>
                                                                     <div class="radio">
@@ -738,7 +766,8 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="google_oauth_metadata_url">Metadata URL</label>
+                                                                    <label for="google_oauth_metadata_url">Metadata
+                                                                        URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_oauth_metadata_url"
                                                                            id="google_oauth_metadata_url"
@@ -896,7 +925,8 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="github_oauth_metadata_url">Metadata URL</label>
+                                                                    <label for="github_oauth_metadata_url">Metadata
+                                                                        URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="github_oauth_metadata_url"
                                                                            id="github_oauth_metadata_url"
@@ -1035,7 +1065,8 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="azure_oauth_metadata_url">Metadata URL</label>
+                                                                    <label for="azure_oauth_metadata_url">Metadata
+                                                                        URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_metadata_url"
                                                                            id="azure_oauth_metadata_url"
@@ -1078,7 +1109,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>GROUP SECURITY</legend>
+                                                                <legend>Group Security</legend>
                                                                 <div class="form-group">
                                                                     <label>Status</label>
                                                                     <div class="radio">
@@ -1129,7 +1160,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
-                                                                <legend>AZURE GROUP ACCOUNT SYNC/CREATION</legend>
+                                                                <legend>Azure Group Account Sync / Creation</legend>
                                                                 <div class="form-group">
                                                                     <label
                                                                         for="azure_group_accounts_enabled">Status</label>

From 5c6cf77996266987480ac7b7331f8a6b28b21cce Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:42:05 -0400
Subject: [PATCH 343/475] Updated project README to include references to the
 new security policy.

Moved the project's code of conduct out of the contributions guide and into the appropriate policy file.

Updated the contribution guide to follow the NetBox project format.

Added various issue templates based on the NetBox project formats but updated for PDA.

Added additional GitHub workflows to handle stale and closed issue and PR management.

Removed legacy stale issue workflow that was not in use.
---
 .github/ISSUE_TEMPLATE/bug_report.yaml        |  78 ++++++++++
 .github/ISSUE_TEMPLATE/config.yml             |  12 ++
 .../ISSUE_TEMPLATE/documentation_change.yaml  |  40 +++++
 .github/ISSUE_TEMPLATE/feature_request.yaml   |  71 +++++++++
 .github/ISSUE_TEMPLATE/housekeeping.yaml      |  24 +++
 .github/PULL_REQUEST_TEMPLATE.md              |  14 ++
 .github/stale.yml                             |  20 ---
 .github/workflows/lock.yml                    |  21 +++
 .github/workflows/stale.yml                   |  45 ++++++
 README.md                                     |   8 +-
 docs/CODE_OF_CONDUCT.md                       |  74 +++++++++
 docs/CONTRIBUTING.md                          | 145 ++++++++++--------
 docs/SECURITY.md                              |  31 ++++
 13 files changed, 496 insertions(+), 87 deletions(-)
 create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/config.yml
 create mode 100644 .github/ISSUE_TEMPLATE/documentation_change.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/housekeeping.yaml
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 delete mode 100644 .github/stale.yml
 create mode 100644 .github/workflows/lock.yml
 create mode 100644 .github/workflows/stale.yml
 create mode 100644 docs/CODE_OF_CONDUCT.md
 create mode 100644 docs/SECURITY.md

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
new file mode 100644
index 000000000..5bacd4e6e
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -0,0 +1,78 @@
+---
+name: 🐛 Bug Report
+description: Report a reproducible bug in the current release of PDA
+labels: ["type: bug"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This form is only for reporting _reproducible bugs_ in a current PDA
+        installation. If you're having trouble with installation or just looking for
+        assistance with using PDA, please visit our
+        [discussion forum](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
+  - type: input
+    attributes:
+      label: PDA version
+      description: What version of PDA are you currently running?
+      options:
+        - "0.4.0"
+        - "0.3.0"
+        - "0.2.5"
+        - "0.2.4"
+        - "0.2.3"
+        - "0.2.2"
+        - "0.2.1"
+        - "0.2"
+        - "0.1"
+        - "I'm Not Sure"
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Python version
+      description: What version of Python are you currently running?
+      options:
+        - "3.0"
+        - "3.1"
+        - "3.2"
+        - "3.3"
+        - "3.4"
+        - "3.5"
+        - "3.6"
+        - "3.7"
+        - "3.8"
+        - "3.9"
+        - "3.10"
+        - "3.11"
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Steps to Reproduce
+      description: >
+        Describe in detail the exact steps that someone else can take to
+        reproduce this bug using the current stable release of PDA. Begin with the
+        creation of any necessary database objects and call out every operation being
+        performed explicitly. If reporting a bug in the REST API, be sure to reconstruct
+        the raw HTTP request(s) being made. Additionally, **do not rely on the demo instance** for reproducing
+        suspected bugs, as its data is prone to modification or deletion at any time.
+      placeholder: |
+        1. Click on "create widget"
+        2. Set foo to 12 and bar to G
+        3. Click the "create" button
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected Behavior
+      description: What did you expect to happen?
+      placeholder: A new zone record should have been created with the specified values
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Observed Behavior
+      description: What happened instead?
+      placeholder: A TypeError exception was raised
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 000000000..98109af7c
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,12 @@
+# Reference: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
+blank_issues_enabled: false
+contact_links:
+  - name: 📖 Contributing Policy
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md
+    about: "Please read through our contributing policy before opening an issue or pull request"
+  - name: ❓ Discussion
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions
+    about: "If you're just looking for help, try starting a discussion instead"
+  - name: 💬 Project Chat
+    url: https://mattermost.powerdnsadmin.org/
+    about: "Join our Mattermost chat to discuss the project with other users and developers"
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/documentation_change.yaml b/.github/ISSUE_TEMPLATE/documentation_change.yaml
new file mode 100644
index 000000000..584d4b488
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/documentation_change.yaml
@@ -0,0 +1,40 @@
+---
+name: 📖 Documentation Change
+description: Suggest an addition or modification to the PDA documentation
+labels: ["type: documentation"]
+body:
+  - type: dropdown
+    attributes:
+      label: Change Type
+      description: What type of change are you proposing?
+      options:
+        - Addition
+        - Correction
+        - Removal
+        - Cleanup (formatting, typos, etc.)
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Area
+      description: To what section of the documentation does this change primarily pertain?
+      options:
+        - Features
+        - Installation/upgrade
+        - Getting started
+        - Configuration
+        - Customization
+        - Database Setup
+        - Debug
+        - Integrations/API
+        - Administration
+        - Development
+        - Other
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Proposed Changes
+      description: Describe the proposed changes and why they are necessary.
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
new file mode 100644
index 000000000..b2e193428
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -0,0 +1,71 @@
+---
+name: ✨ Feature Request
+description: Propose a new PDA feature or enhancement
+labels: ["type: feature"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This form is only for submitting well-formed proposals to extend or modify
+        PDA in some way. If you're trying to solve a problem but can't figure out how, or if
+        you still need time to work on the details of a proposed new feature, please start a
+        [discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
+  - type: input
+    attributes:
+      label: PDA version
+      description: What version of PDA are you currently running?
+      options:
+        - "0.4.0"
+        - "0.3.0"
+        - "0.2.5"
+        - "0.2.4"
+        - "0.2.3"
+        - "0.2.2"
+        - "0.2.1"
+        - "0.2"
+        - "0.1"
+        - "I'm Not Sure"
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Feature type
+      options:
+        - Data model modification
+        - App Setting Addition
+        - Default App Setting Change
+        - New functionality
+        - Change to existing functionality
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Proposed functionality
+      description: >
+        Describe in detail the new feature or behavior you are proposing. Include any specific changes
+        to work flows, data models, and/or the user interface. The more detail you provide here, the
+        greater chance your proposal has of being discussed. Feature requests which don't include an
+        actionable implementation plan will be rejected.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Use case
+      description: >
+        Explain how adding this functionality would benefit PDA users. What need does it address?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Database changes
+      description: >
+        Note any changes to the database schema necessary to support the new feature. For example,
+        does the proposal require adding a new model or field? (Not all new features require database
+        changes.)
+  - type: textarea
+    attributes:
+      label: External dependencies
+      description: >
+        List any new dependencies on external libraries or services that this new feature would
+        introduce. For example, does the proposal require the installation of a new Python package?
+        (Not all new features introduce new dependencies.)
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/housekeeping.yaml b/.github/ISSUE_TEMPLATE/housekeeping.yaml
new file mode 100644
index 000000000..dba7e3c55
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/housekeeping.yaml
@@ -0,0 +1,24 @@
+---
+name: 🏡 Housekeeping
+description: A change pertaining to the codebase itself (developers only)
+labels: ["type: housekeeping"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This template is for use by maintainers only. Please do not submit
+        an issue using this template unless you have been specifically asked to do so.
+  - type: textarea
+    attributes:
+      label: Proposed Changes
+      description: >
+        Describe in detail the new feature or behavior you'd like to propose.
+        Include any specific changes to work flows, data models, or the user interface.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Justification
+      description: Please provide justification for the proposed change(s).
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 000000000..05a661177
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,14 @@
+<!--
+    Thank you for your interest in contributing to the PowerDNS Admin project! Please note that our contribution
+    policy requires that a feature request or bug report be approved and assigned prior to opening a pull request.
+    This helps avoid wasted time and effort on a proposed change that we might want to or be able to accept.
+
+    IF YOUR PULL REQUEST DOES NOT REFERENCE AN ISSUE WHICH HAS BEEN ASSIGNED TO YOU, IT WILL BE CLOSED AUTOMATICALLY!
+
+    Please specify your assigned issue number on the line below.
+-->
+### Fixes: #1234
+
+<!--
+    Please include a summary of the proposed changes below.
+-->
\ No newline at end of file
diff --git a/.github/stale.yml b/.github/stale.yml
deleted file mode 100644
index 0c0b1c399..000000000
--- a/.github/stale.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - pinned
-  - bug / broken-feature
-  - bug / security-vulnerability
-  - feature / request
-  - mod / help-wanted
-# Label to use when marking an issue as stale
-staleLabel: mod / stale
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: true
diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
new file mode 100644
index 000000000..938502495
--- /dev/null
+++ b/.github/workflows/lock.yml
@@ -0,0 +1,21 @@
+# lock-threads (https://github.com/marketplace/actions/lock-threads)
+name: 'Lock threads'
+
+on:
+  schedule:
+    - cron: '0 3 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  lock:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: dessant/lock-threads@v3
+        with:
+          issue-inactive-days: 90
+          pr-inactive-days: 30
+          issue-lock-reason: 'resolved'
\ No newline at end of file
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
new file mode 100644
index 000000000..66fd367f6
--- /dev/null
+++ b/.github/workflows/stale.yml
@@ -0,0 +1,45 @@
+# close-stale-issues (https://github.com/marketplace/actions/close-stale-issues)
+name: 'Close stale issues/PRs'
+
+on:
+  schedule:
+    - cron: '0 4 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v6
+        with:
+          close-issue-message: >
+            This issue has been automatically closed due to lack of activity. In an
+            effort to reduce noise, please do not comment any further. Note that the
+            core maintainers may elect to reopen this issue at a later date if deemed
+            necessary.
+          close-pr-message: >
+            This PR has been automatically closed due to lack of activity.
+          days-before-stale: 90
+          days-before-close: 30
+          exempt-issue-labels: 'status: accepted,status: blocked,status: needs milestone'
+          operations-per-run: 100
+          remove-stale-when-updated: false
+          stale-issue-label: 'mod / stale'
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed if no further activity occurs. PDA
+            is governed by a small group of core maintainers which means not all opened
+            issues may receive direct feedback. **Do not** attempt to circumvent this
+            process by "bumping" the issue; doing so will result in its immediate closure
+            and you may be barred from participating in any future discussions. Please see
+            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md).
+          stale-pr-label: 'mod / stale'
+          stale-pr-message: >
+            This PR has been automatically marked as stale because it has not had
+            recent activity. It will be closed automatically if no further action is
+            taken.
\ No newline at end of file
diff --git a/README.md b/README.md
index 5d07f932c..1cc644c2c 100644
--- a/README.md
+++ b/README.md
@@ -74,9 +74,13 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ## Contributing
 
-Please see our [contributing guidelines](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+
+## Code of Conduct
+
+Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CODE_OF_CONDUCT.md).
 
 ## License
 
 This project is released under the MIT license. For additional
-information, [see here](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE)
+information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md
new file mode 100644
index 000000000..54b10d73a
--- /dev/null
+++ b/docs/CODE_OF_CONDUCT.md
@@ -0,0 +1,74 @@
+# Code of Conduct
+
+# Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org). All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index df50ba2b0..8c82a802f 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -1,88 +1,103 @@
-# Contributing
+# Contribution Guide
 
-Before submitting new contributions to this repository, it is a good idea to start a discussion with the repository
-maintainers on GitHub through the use of issues or discussions. This will help to ensure that your efforts don't get
-wasted if the submission is not desirable for the project.
+**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance. Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
 
-This is not to say that all contributions that have been discussed will be accepted either. As part of an ongoing
-effort to clean up the codebase, some contributions may be rejected if they do not meet the standards of the project
-which have not been fully defined yet. This is a work in progress.
+<div align="center">
+  <h3>
+    :bug: <a href="#bug-reporting-bugs">Report a bug</a> &middot;
+    :bulb: <a href="#bulb-feature-requests">Suggest a feature</a> &middot;
+    :arrow_heading_up: <a href="#arrow_heading_up-submitting-pull-requests">Submit a pull request</a>
+  </h3>
+  <h3>
+    :rescue_worker_helmet: <a href="#rescue_worker_helmet-become-a-maintainer">Become a maintainer</a> &middot;
+    :heart: <a href="#heart-other-ways-to-contribute">Other ideas</a>
+  </h3>
+</div>
+<h3></h3>
 
-Please note we have a code of conduct, please follow it in all your interactions with the project.
+Some general tips for engaging here on GitHub:
 
-All pull requests should be based on the `dev` branch of this repository and not the `master` branch!
+* Register for a free [GitHub account](https://github.com/signup) if you haven't already.
+* You can use [GitHub Markdown](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) for formatting text and adding images.
+* To help mitigate notification spam, please avoid "bumping" issues with no activity. (To vote an issue up or down, use a :thumbsup: or :thumbsdown: reaction.)
+* Please avoid pinging members with `@` unless they've previously expressed interest or involvement with that particular issue.
 
-## Code of Conduct
+## :bug: Reporting Bugs
 
-### Our Pledge
+* First, ensure that you're running the [latest stable version](https://github.com/PowerDNS-Admin/PowerDNS-Admin/releases) of PDA. If you're running an older version, there's a chance that the bug has already been fixed.
 
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
+* Next, search our [issues list](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues?q=is%3Aissue) to see if the bug you've found has already been reported. If you come across a bug report that seems to match, please click "add a reaction" in the top right corner of the issue and add a thumbs up (:thumbsup:). This will help draw more attention to it. Any comments you can add to provide additional information or context would also be much appreciated.
 
-### Our Standards
+* If you can't find any existing issues (open or closed) that seem to match yours, you're welcome to [submit a new bug report](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+bug&template=bug_report.yaml). Be sure to complete the entire report template, including detailed steps that someone triaging your issue can follow to confirm the reported behavior. (If we're not able to replicate the bug based on the information provided, we'll ask for additional detail.)
 
-Examples of behavior that contributes to creating a positive environment
-include:
+* Some other tips to keep in mind:
+  * Error messages and screenshots are especially helpful.
+  * Don't prepend your issue title with a label like `[Bug]`; the proper label will be assigned automatically.
+  * Verify that you have GitHub notifications enabled and are subscribed to your issue after submitting.
+  * We appreciate your patience as bugs are prioritized by their severity, impact, and difficulty to resolve.
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+## :bulb: Feature Requests
 
-Examples of unacceptable behavior by participants include:
+* First, check the GitHub [issues list](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues?q=is%3Aissue) to see if the feature you have in mind has already been proposed. If you happen to find an open feature request that matches your idea, click "add a reaction" in the top right corner of the issue and add a thumbs up (:thumbsup:). This ensures that the issue has a better chance of receiving attention. Also feel free to add a comment with any additional justification for the feature.
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+* If you have a rough idea that's not quite ready for formal submission yet, start a [GitHub discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead. This is a great way to test the viability and narrow down the scope of a new feature prior to submitting a formal proposal, and can serve to generate interest in your idea from other community members.
 
-### Our Responsibilities
+* Once you're ready, submit a feature request [using this template](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+feature&template=feature_request.yaml). Be sure to provide sufficient context and detail to convey exactly what you're proposing and why. The stronger your use case, the better chance your proposal has of being accepted.
 
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
+* Some other tips to keep in mind:
+  * Don't prepend your issue title with a label like `[Feature]`; the proper label will be assigned automatically.
+  * Try to anticipate any likely questions about your proposal and provide that information proactively.
+  * Verify that you have GitHub notifications enabled and are subscribed to your issue after submitting.
+  * You're welcome to volunteer to implement your FR, but don't submit a pull request until it has been approved.
 
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
+## :arrow_heading_up: Submitting Pull Requests
 
-### Scope
+* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to NetBox's code base. Our process generally goes like this:
+  * A user opens a new issue (bug report or feature request)
+  * A maintainer triages the issue and may mark it as needing an owner
+  * The issue's author can volunteer to own it, or someone else can
+  * A maintainer assigns the issue to whomever volunteers
+  * The issue owner submits a pull request that will resolve the issue
+  * A maintainer reviews and merges the pull request, closing the issue
 
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
+* It's very important that you not submit a pull request until a relevant issue has been opened **and** assigned to you. Otherwise, you risk wasting time on work that may ultimately not be needed.
 
-### Enforcement
+* New pull requests should generally be based off of the `dev` branch, rather than `master`. The `dev` branch is used for ongoing development, while `master` is used for tracking stable releases.
 
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org). All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
+* In most cases, it is not necessary to add a changelog entry: A maintainer will take care of this when the PR is merged. (This helps avoid merge conflicts resulting from multiple PRs being submitted simultaneously.)
 
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
+* All code submissions should meet the following criteria (CI will eventually enforce these checks):
+  * Python syntax is valid
+  * PEP 8 compliance is enforced, with the exception that lines may be
+      greater than 80 characters in length
 
-### Attribution
+* Some other tips to keep in mind:
+  * If you'd like to volunteer for someone else's issue, please post a comment on that issue letting us know. (This will allow the maintainers to assign it to you.)
+  * All new functionality must include relevant tests where applicable.
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
+## :rescue_worker_helmet: Become a Maintainer
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
+We're always looking for motivated individuals to join the maintainers team and help drive PDA's long-term development. Some of our most sought-after skills include:
+
+* Python development with a strong focus on the [Flask](https://flask.palletsprojects.com/) and [Django](https://www.djangoproject.com/) frameworks
+* Expertise working with SQLite, MySQL, and/or PostgreSQL databases
+* Javascript & TypeScript proficiency
+* A knack for web application design (HTML & CSS)
+* Familiarity with git and software development best practices
+* Excellent attention to detail
+* Working experience in the field of network operations as it relates to the use of DNS (Domain Name System) servers.
+
+We generally ask that maintainers dedicate around four hours of work to the project each week on average, which includes both hands-on development and project management tasks such as issue triage.
+
+We do maintain an active Mattermost instance for internal communication, but we also use GitHub issues for project management.
+
+Some maintainers petition their employer to grant some of their paid time to work on PDA.
+
+Interested? You can contact our lead maintainer, Matt Scott, at admin@powerdnsadmin.org. We'd love to have you on the team!
+
+## :heart: Other Ways to Contribute
+
+You don't have to be a developer to contribute to PDA: There are plenty of other ways you can add value to the community! Below are just a few examples:
+
+* Help answer questions and provide feedback in our [GitHub discussions](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions).
+* Write a blog article or record a YouTube video demonstrating how PDA is used at your organization.
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
new file mode 100644
index 000000000..bd91d3626
--- /dev/null
+++ b/docs/SECURITY.md
@@ -0,0 +1,31 @@
+# Security Policy
+
+## No Warranty
+
+Per the terms of the MIT license, PDA is offered "as is" and without any guarantee or warranty pertaining to its operation. While every reasonable effort is made by its maintainers to ensure the product remains free of security vulnerabilities, users are ultimately responsible for conducting their own evaluations of each software release.
+
+## Recommendations
+
+Administrators are encouraged to adhere to industry best practices concerning the secure operation of software, such as:
+
+* Do not expose your PDA installation to the public Internet
+* Do not permit multiple users to share an account
+* Enforce minimum password complexity requirements for local accounts
+* Prohibit access to your database from clients other than the PDA application
+* Keep your deployment updated to the most recent stable release
+
+## Reporting a Suspected Vulnerability
+
+If you believe you've uncovered a security vulnerability and wish to report it confidentially, you may do so via email. Please note that any reported vulnerabilities **MUST** meet all the following conditions:
+
+* Affects the most recent stable release of PDA, or a current beta release
+* Affects a PDA instance installed and configured per the official documentation
+* Is reproducible following a prescribed set of instructions
+
+Please note that we **DO NOT** accept reports generated by automated tooling which merely suggest that a file or file(s) _may_ be vulnerable under certain conditions, as these are most often innocuous.
+
+If you believe that you've found a vulnerability which meets all of these conditions, please [submit a draft security advisory](https://github.com/PowerDNS-Admin/PowerDNS-Admin/security/advisories/new) on GitHub, or email a brief description of the suspected bug and instructions for reproduction to **admin@powerdnsadmin.org**.
+
+### Bug Bounties
+
+As PDA is provided as free open source software, we do not offer any monetary compensation for vulnerability or bug reports, however your contributions are greatly appreciated.
\ No newline at end of file

From 4b3759d140a3a16de1ba191658203481676fe64f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:46:34 -0400
Subject: [PATCH 344/475] Relocated new security policy to the project root to
 meet GitHub feature expectations.

---
 docs/SECURITY.md => SECURITY.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/SECURITY.md => SECURITY.md (100%)

diff --git a/docs/SECURITY.md b/SECURITY.md
similarity index 100%
rename from docs/SECURITY.md
rename to SECURITY.md

From 23d6dd1fde02ff6cd117a354bae58a7c43fda271 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:48:11 -0400
Subject: [PATCH 345/475] Updated project README to include reference to new
 security policy.

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 1cc644c2c..ea2c1a11c 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,10 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
+## Security Issues / Reports
+
+Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/SECURITY.md).
+
 ## Contributing
 
 Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).

From 0f7c2da81458bf324286523e161645e171037b10 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:42:05 -0400
Subject: [PATCH 346/475] Updated project README to include references to the
 new security policy.

Moved the project's code of conduct out of the contributions guide and into the appropriate policy file.

Updated the contribution guide to follow the NetBox project format.

Added various issue templates based on the NetBox project formats but updated for PDA.

Added additional GitHub workflows to handle stale and closed issue and PR management.

Removed legacy stale issue workflow that was not in use.
---
 .github/ISSUE_TEMPLATE/bug_report.yaml        |  78 ++++++++++
 .github/ISSUE_TEMPLATE/config.yml             |  12 ++
 .../ISSUE_TEMPLATE/documentation_change.yaml  |  40 +++++
 .github/ISSUE_TEMPLATE/feature_request.yaml   |  71 +++++++++
 .github/ISSUE_TEMPLATE/housekeeping.yaml      |  24 +++
 .github/PULL_REQUEST_TEMPLATE.md              |  14 ++
 .github/stale.yml                             |  20 ---
 .github/workflows/lock.yml                    |  21 +++
 .github/workflows/stale.yml                   |  45 ++++++
 README.md                                     |   8 +-
 docs/CODE_OF_CONDUCT.md                       |  74 +++++++++
 docs/CONTRIBUTING.md                          | 145 ++++++++++--------
 docs/SECURITY.md                              |  31 ++++
 13 files changed, 496 insertions(+), 87 deletions(-)
 create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/config.yml
 create mode 100644 .github/ISSUE_TEMPLATE/documentation_change.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yaml
 create mode 100644 .github/ISSUE_TEMPLATE/housekeeping.yaml
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 delete mode 100644 .github/stale.yml
 create mode 100644 .github/workflows/lock.yml
 create mode 100644 .github/workflows/stale.yml
 create mode 100644 docs/CODE_OF_CONDUCT.md
 create mode 100644 docs/SECURITY.md

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
new file mode 100644
index 000000000..5bacd4e6e
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -0,0 +1,78 @@
+---
+name: 🐛 Bug Report
+description: Report a reproducible bug in the current release of PDA
+labels: ["type: bug"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This form is only for reporting _reproducible bugs_ in a current PDA
+        installation. If you're having trouble with installation or just looking for
+        assistance with using PDA, please visit our
+        [discussion forum](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
+  - type: input
+    attributes:
+      label: PDA version
+      description: What version of PDA are you currently running?
+      options:
+        - "0.4.0"
+        - "0.3.0"
+        - "0.2.5"
+        - "0.2.4"
+        - "0.2.3"
+        - "0.2.2"
+        - "0.2.1"
+        - "0.2"
+        - "0.1"
+        - "I'm Not Sure"
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Python version
+      description: What version of Python are you currently running?
+      options:
+        - "3.0"
+        - "3.1"
+        - "3.2"
+        - "3.3"
+        - "3.4"
+        - "3.5"
+        - "3.6"
+        - "3.7"
+        - "3.8"
+        - "3.9"
+        - "3.10"
+        - "3.11"
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Steps to Reproduce
+      description: >
+        Describe in detail the exact steps that someone else can take to
+        reproduce this bug using the current stable release of PDA. Begin with the
+        creation of any necessary database objects and call out every operation being
+        performed explicitly. If reporting a bug in the REST API, be sure to reconstruct
+        the raw HTTP request(s) being made. Additionally, **do not rely on the demo instance** for reproducing
+        suspected bugs, as its data is prone to modification or deletion at any time.
+      placeholder: |
+        1. Click on "create widget"
+        2. Set foo to 12 and bar to G
+        3. Click the "create" button
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected Behavior
+      description: What did you expect to happen?
+      placeholder: A new zone record should have been created with the specified values
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Observed Behavior
+      description: What happened instead?
+      placeholder: A TypeError exception was raised
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 000000000..98109af7c
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,12 @@
+# Reference: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
+blank_issues_enabled: false
+contact_links:
+  - name: 📖 Contributing Policy
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md
+    about: "Please read through our contributing policy before opening an issue or pull request"
+  - name: ❓ Discussion
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions
+    about: "If you're just looking for help, try starting a discussion instead"
+  - name: 💬 Project Chat
+    url: https://mattermost.powerdnsadmin.org/
+    about: "Join our Mattermost chat to discuss the project with other users and developers"
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/documentation_change.yaml b/.github/ISSUE_TEMPLATE/documentation_change.yaml
new file mode 100644
index 000000000..584d4b488
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/documentation_change.yaml
@@ -0,0 +1,40 @@
+---
+name: 📖 Documentation Change
+description: Suggest an addition or modification to the PDA documentation
+labels: ["type: documentation"]
+body:
+  - type: dropdown
+    attributes:
+      label: Change Type
+      description: What type of change are you proposing?
+      options:
+        - Addition
+        - Correction
+        - Removal
+        - Cleanup (formatting, typos, etc.)
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Area
+      description: To what section of the documentation does this change primarily pertain?
+      options:
+        - Features
+        - Installation/upgrade
+        - Getting started
+        - Configuration
+        - Customization
+        - Database Setup
+        - Debug
+        - Integrations/API
+        - Administration
+        - Development
+        - Other
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Proposed Changes
+      description: Describe the proposed changes and why they are necessary.
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
new file mode 100644
index 000000000..b2e193428
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -0,0 +1,71 @@
+---
+name: ✨ Feature Request
+description: Propose a new PDA feature or enhancement
+labels: ["type: feature"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This form is only for submitting well-formed proposals to extend or modify
+        PDA in some way. If you're trying to solve a problem but can't figure out how, or if
+        you still need time to work on the details of a proposed new feature, please start a
+        [discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
+  - type: input
+    attributes:
+      label: PDA version
+      description: What version of PDA are you currently running?
+      options:
+        - "0.4.0"
+        - "0.3.0"
+        - "0.2.5"
+        - "0.2.4"
+        - "0.2.3"
+        - "0.2.2"
+        - "0.2.1"
+        - "0.2"
+        - "0.1"
+        - "I'm Not Sure"
+    validations:
+      required: true
+  - type: dropdown
+    attributes:
+      label: Feature type
+      options:
+        - Data model modification
+        - App Setting Addition
+        - Default App Setting Change
+        - New functionality
+        - Change to existing functionality
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Proposed functionality
+      description: >
+        Describe in detail the new feature or behavior you are proposing. Include any specific changes
+        to work flows, data models, and/or the user interface. The more detail you provide here, the
+        greater chance your proposal has of being discussed. Feature requests which don't include an
+        actionable implementation plan will be rejected.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Use case
+      description: >
+        Explain how adding this functionality would benefit PDA users. What need does it address?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Database changes
+      description: >
+        Note any changes to the database schema necessary to support the new feature. For example,
+        does the proposal require adding a new model or field? (Not all new features require database
+        changes.)
+  - type: textarea
+    attributes:
+      label: External dependencies
+      description: >
+        List any new dependencies on external libraries or services that this new feature would
+        introduce. For example, does the proposal require the installation of a new Python package?
+        (Not all new features introduce new dependencies.)
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/housekeeping.yaml b/.github/ISSUE_TEMPLATE/housekeeping.yaml
new file mode 100644
index 000000000..dba7e3c55
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/housekeeping.yaml
@@ -0,0 +1,24 @@
+---
+name: 🏡 Housekeeping
+description: A change pertaining to the codebase itself (developers only)
+labels: ["type: housekeeping"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        **NOTE:** This template is for use by maintainers only. Please do not submit
+        an issue using this template unless you have been specifically asked to do so.
+  - type: textarea
+    attributes:
+      label: Proposed Changes
+      description: >
+        Describe in detail the new feature or behavior you'd like to propose.
+        Include any specific changes to work flows, data models, or the user interface.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Justification
+      description: Please provide justification for the proposed change(s).
+    validations:
+      required: true
\ No newline at end of file
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 000000000..05a661177
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,14 @@
+<!--
+    Thank you for your interest in contributing to the PowerDNS Admin project! Please note that our contribution
+    policy requires that a feature request or bug report be approved and assigned prior to opening a pull request.
+    This helps avoid wasted time and effort on a proposed change that we might want to or be able to accept.
+
+    IF YOUR PULL REQUEST DOES NOT REFERENCE AN ISSUE WHICH HAS BEEN ASSIGNED TO YOU, IT WILL BE CLOSED AUTOMATICALLY!
+
+    Please specify your assigned issue number on the line below.
+-->
+### Fixes: #1234
+
+<!--
+    Please include a summary of the proposed changes below.
+-->
\ No newline at end of file
diff --git a/.github/stale.yml b/.github/stale.yml
deleted file mode 100644
index 0c0b1c399..000000000
--- a/.github/stale.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - pinned
-  - bug / broken-feature
-  - bug / security-vulnerability
-  - feature / request
-  - mod / help-wanted
-# Label to use when marking an issue as stale
-staleLabel: mod / stale
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: true
diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
new file mode 100644
index 000000000..938502495
--- /dev/null
+++ b/.github/workflows/lock.yml
@@ -0,0 +1,21 @@
+# lock-threads (https://github.com/marketplace/actions/lock-threads)
+name: 'Lock threads'
+
+on:
+  schedule:
+    - cron: '0 3 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  lock:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: dessant/lock-threads@v3
+        with:
+          issue-inactive-days: 90
+          pr-inactive-days: 30
+          issue-lock-reason: 'resolved'
\ No newline at end of file
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
new file mode 100644
index 000000000..66fd367f6
--- /dev/null
+++ b/.github/workflows/stale.yml
@@ -0,0 +1,45 @@
+# close-stale-issues (https://github.com/marketplace/actions/close-stale-issues)
+name: 'Close stale issues/PRs'
+
+on:
+  schedule:
+    - cron: '0 4 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v6
+        with:
+          close-issue-message: >
+            This issue has been automatically closed due to lack of activity. In an
+            effort to reduce noise, please do not comment any further. Note that the
+            core maintainers may elect to reopen this issue at a later date if deemed
+            necessary.
+          close-pr-message: >
+            This PR has been automatically closed due to lack of activity.
+          days-before-stale: 90
+          days-before-close: 30
+          exempt-issue-labels: 'status: accepted,status: blocked,status: needs milestone'
+          operations-per-run: 100
+          remove-stale-when-updated: false
+          stale-issue-label: 'mod / stale'
+          stale-issue-message: >
+            This issue has been automatically marked as stale because it has not had
+            recent activity. It will be closed if no further activity occurs. PDA
+            is governed by a small group of core maintainers which means not all opened
+            issues may receive direct feedback. **Do not** attempt to circumvent this
+            process by "bumping" the issue; doing so will result in its immediate closure
+            and you may be barred from participating in any future discussions. Please see
+            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md).
+          stale-pr-label: 'mod / stale'
+          stale-pr-message: >
+            This PR has been automatically marked as stale because it has not had
+            recent activity. It will be closed automatically if no further action is
+            taken.
\ No newline at end of file
diff --git a/README.md b/README.md
index 5d07f932c..1cc644c2c 100644
--- a/README.md
+++ b/README.md
@@ -74,9 +74,13 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ## Contributing
 
-Please see our [contributing guidelines](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+
+## Code of Conduct
+
+Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CODE_OF_CONDUCT.md).
 
 ## License
 
 This project is released under the MIT license. For additional
-information, [see here](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE)
+information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md
new file mode 100644
index 000000000..54b10d73a
--- /dev/null
+++ b/docs/CODE_OF_CONDUCT.md
@@ -0,0 +1,74 @@
+# Code of Conduct
+
+# Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org). All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index df50ba2b0..8c82a802f 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -1,88 +1,103 @@
-# Contributing
+# Contribution Guide
 
-Before submitting new contributions to this repository, it is a good idea to start a discussion with the repository
-maintainers on GitHub through the use of issues or discussions. This will help to ensure that your efforts don't get
-wasted if the submission is not desirable for the project.
+**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance. Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
 
-This is not to say that all contributions that have been discussed will be accepted either. As part of an ongoing
-effort to clean up the codebase, some contributions may be rejected if they do not meet the standards of the project
-which have not been fully defined yet. This is a work in progress.
+<div align="center">
+  <h3>
+    :bug: <a href="#bug-reporting-bugs">Report a bug</a> &middot;
+    :bulb: <a href="#bulb-feature-requests">Suggest a feature</a> &middot;
+    :arrow_heading_up: <a href="#arrow_heading_up-submitting-pull-requests">Submit a pull request</a>
+  </h3>
+  <h3>
+    :rescue_worker_helmet: <a href="#rescue_worker_helmet-become-a-maintainer">Become a maintainer</a> &middot;
+    :heart: <a href="#heart-other-ways-to-contribute">Other ideas</a>
+  </h3>
+</div>
+<h3></h3>
 
-Please note we have a code of conduct, please follow it in all your interactions with the project.
+Some general tips for engaging here on GitHub:
 
-All pull requests should be based on the `dev` branch of this repository and not the `master` branch!
+* Register for a free [GitHub account](https://github.com/signup) if you haven't already.
+* You can use [GitHub Markdown](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) for formatting text and adding images.
+* To help mitigate notification spam, please avoid "bumping" issues with no activity. (To vote an issue up or down, use a :thumbsup: or :thumbsdown: reaction.)
+* Please avoid pinging members with `@` unless they've previously expressed interest or involvement with that particular issue.
 
-## Code of Conduct
+## :bug: Reporting Bugs
 
-### Our Pledge
+* First, ensure that you're running the [latest stable version](https://github.com/PowerDNS-Admin/PowerDNS-Admin/releases) of PDA. If you're running an older version, there's a chance that the bug has already been fixed.
 
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
+* Next, search our [issues list](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues?q=is%3Aissue) to see if the bug you've found has already been reported. If you come across a bug report that seems to match, please click "add a reaction" in the top right corner of the issue and add a thumbs up (:thumbsup:). This will help draw more attention to it. Any comments you can add to provide additional information or context would also be much appreciated.
 
-### Our Standards
+* If you can't find any existing issues (open or closed) that seem to match yours, you're welcome to [submit a new bug report](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+bug&template=bug_report.yaml). Be sure to complete the entire report template, including detailed steps that someone triaging your issue can follow to confirm the reported behavior. (If we're not able to replicate the bug based on the information provided, we'll ask for additional detail.)
 
-Examples of behavior that contributes to creating a positive environment
-include:
+* Some other tips to keep in mind:
+  * Error messages and screenshots are especially helpful.
+  * Don't prepend your issue title with a label like `[Bug]`; the proper label will be assigned automatically.
+  * Verify that you have GitHub notifications enabled and are subscribed to your issue after submitting.
+  * We appreciate your patience as bugs are prioritized by their severity, impact, and difficulty to resolve.
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+## :bulb: Feature Requests
 
-Examples of unacceptable behavior by participants include:
+* First, check the GitHub [issues list](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues?q=is%3Aissue) to see if the feature you have in mind has already been proposed. If you happen to find an open feature request that matches your idea, click "add a reaction" in the top right corner of the issue and add a thumbs up (:thumbsup:). This ensures that the issue has a better chance of receiving attention. Also feel free to add a comment with any additional justification for the feature.
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+* If you have a rough idea that's not quite ready for formal submission yet, start a [GitHub discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead. This is a great way to test the viability and narrow down the scope of a new feature prior to submitting a formal proposal, and can serve to generate interest in your idea from other community members.
 
-### Our Responsibilities
+* Once you're ready, submit a feature request [using this template](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+feature&template=feature_request.yaml). Be sure to provide sufficient context and detail to convey exactly what you're proposing and why. The stronger your use case, the better chance your proposal has of being accepted.
 
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
+* Some other tips to keep in mind:
+  * Don't prepend your issue title with a label like `[Feature]`; the proper label will be assigned automatically.
+  * Try to anticipate any likely questions about your proposal and provide that information proactively.
+  * Verify that you have GitHub notifications enabled and are subscribed to your issue after submitting.
+  * You're welcome to volunteer to implement your FR, but don't submit a pull request until it has been approved.
 
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
+## :arrow_heading_up: Submitting Pull Requests
 
-### Scope
+* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to NetBox's code base. Our process generally goes like this:
+  * A user opens a new issue (bug report or feature request)
+  * A maintainer triages the issue and may mark it as needing an owner
+  * The issue's author can volunteer to own it, or someone else can
+  * A maintainer assigns the issue to whomever volunteers
+  * The issue owner submits a pull request that will resolve the issue
+  * A maintainer reviews and merges the pull request, closing the issue
 
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
+* It's very important that you not submit a pull request until a relevant issue has been opened **and** assigned to you. Otherwise, you risk wasting time on work that may ultimately not be needed.
 
-### Enforcement
+* New pull requests should generally be based off of the `dev` branch, rather than `master`. The `dev` branch is used for ongoing development, while `master` is used for tracking stable releases.
 
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at [admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org). All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
+* In most cases, it is not necessary to add a changelog entry: A maintainer will take care of this when the PR is merged. (This helps avoid merge conflicts resulting from multiple PRs being submitted simultaneously.)
 
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
+* All code submissions should meet the following criteria (CI will eventually enforce these checks):
+  * Python syntax is valid
+  * PEP 8 compliance is enforced, with the exception that lines may be
+      greater than 80 characters in length
 
-### Attribution
+* Some other tips to keep in mind:
+  * If you'd like to volunteer for someone else's issue, please post a comment on that issue letting us know. (This will allow the maintainers to assign it to you.)
+  * All new functionality must include relevant tests where applicable.
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
+## :rescue_worker_helmet: Become a Maintainer
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
+We're always looking for motivated individuals to join the maintainers team and help drive PDA's long-term development. Some of our most sought-after skills include:
+
+* Python development with a strong focus on the [Flask](https://flask.palletsprojects.com/) and [Django](https://www.djangoproject.com/) frameworks
+* Expertise working with SQLite, MySQL, and/or PostgreSQL databases
+* Javascript & TypeScript proficiency
+* A knack for web application design (HTML & CSS)
+* Familiarity with git and software development best practices
+* Excellent attention to detail
+* Working experience in the field of network operations as it relates to the use of DNS (Domain Name System) servers.
+
+We generally ask that maintainers dedicate around four hours of work to the project each week on average, which includes both hands-on development and project management tasks such as issue triage.
+
+We do maintain an active Mattermost instance for internal communication, but we also use GitHub issues for project management.
+
+Some maintainers petition their employer to grant some of their paid time to work on PDA.
+
+Interested? You can contact our lead maintainer, Matt Scott, at admin@powerdnsadmin.org. We'd love to have you on the team!
+
+## :heart: Other Ways to Contribute
+
+You don't have to be a developer to contribute to PDA: There are plenty of other ways you can add value to the community! Below are just a few examples:
+
+* Help answer questions and provide feedback in our [GitHub discussions](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions).
+* Write a blog article or record a YouTube video demonstrating how PDA is used at your organization.
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
new file mode 100644
index 000000000..bd91d3626
--- /dev/null
+++ b/docs/SECURITY.md
@@ -0,0 +1,31 @@
+# Security Policy
+
+## No Warranty
+
+Per the terms of the MIT license, PDA is offered "as is" and without any guarantee or warranty pertaining to its operation. While every reasonable effort is made by its maintainers to ensure the product remains free of security vulnerabilities, users are ultimately responsible for conducting their own evaluations of each software release.
+
+## Recommendations
+
+Administrators are encouraged to adhere to industry best practices concerning the secure operation of software, such as:
+
+* Do not expose your PDA installation to the public Internet
+* Do not permit multiple users to share an account
+* Enforce minimum password complexity requirements for local accounts
+* Prohibit access to your database from clients other than the PDA application
+* Keep your deployment updated to the most recent stable release
+
+## Reporting a Suspected Vulnerability
+
+If you believe you've uncovered a security vulnerability and wish to report it confidentially, you may do so via email. Please note that any reported vulnerabilities **MUST** meet all the following conditions:
+
+* Affects the most recent stable release of PDA, or a current beta release
+* Affects a PDA instance installed and configured per the official documentation
+* Is reproducible following a prescribed set of instructions
+
+Please note that we **DO NOT** accept reports generated by automated tooling which merely suggest that a file or file(s) _may_ be vulnerable under certain conditions, as these are most often innocuous.
+
+If you believe that you've found a vulnerability which meets all of these conditions, please [submit a draft security advisory](https://github.com/PowerDNS-Admin/PowerDNS-Admin/security/advisories/new) on GitHub, or email a brief description of the suspected bug and instructions for reproduction to **admin@powerdnsadmin.org**.
+
+### Bug Bounties
+
+As PDA is provided as free open source software, we do not offer any monetary compensation for vulnerability or bug reports, however your contributions are greatly appreciated.
\ No newline at end of file

From 6681d0f5b034a223bef8408f9b2cec03ccd296d1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:46:34 -0400
Subject: [PATCH 347/475] Relocated new security policy to the project root to
 meet GitHub feature expectations.

---
 docs/SECURITY.md => SECURITY.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename docs/SECURITY.md => SECURITY.md (100%)

diff --git a/docs/SECURITY.md b/SECURITY.md
similarity index 100%
rename from docs/SECURITY.md
rename to SECURITY.md

From 31c8577409f191189e9550a8fc79d3890ee07e70 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 16:48:11 -0400
Subject: [PATCH 348/475] Updated project README to include reference to new
 security policy.

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 1cc644c2c..ea2c1a11c 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,10 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
+## Security Issues / Reports
+
+Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/SECURITY.md).
+
 ## Contributing
 
 Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).

From fc6d8505b7c7ecc0272d16125e9770f05d85d491 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:29:05 -0400
Subject: [PATCH 349/475] Corrected an input type mistake in the bug report and
 feature request templates.

Corrected URL mistake in the issue template config.yml file.

Updated project README policy reference URLs to use master branch.
---
 .github/ISSUE_TEMPLATE/bug_report.yaml      | 2 +-
 .github/ISSUE_TEMPLATE/config.yml           | 2 +-
 .github/ISSUE_TEMPLATE/feature_request.yaml | 2 +-
 README.md                                   | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index 5bacd4e6e..640cff8f8 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -10,7 +10,7 @@ body:
         installation. If you're having trouble with installation or just looking for
         assistance with using PDA, please visit our
         [discussion forum](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: input
+  - type: dropdown
     attributes:
       label: PDA version
       description: What version of PDA are you currently running?
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 98109af7c..1ecb2e9ae 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -2,7 +2,7 @@
 blank_issues_enabled: false
 contact_links:
   - name: 📖 Contributing Policy
-    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md
     about: "Please read through our contributing policy before opening an issue or pull request"
   - name: ❓ Discussion
     url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index b2e193428..fa1db00d7 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -10,7 +10,7 @@ body:
         PDA in some way. If you're trying to solve a problem but can't figure out how, or if
         you still need time to work on the details of a proposed new feature, please start a
         [discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: input
+  - type: dropdown
     attributes:
       label: PDA version
       description: What version of PDA are you currently running?
diff --git a/README.md b/README.md
index ea2c1a11c..c16bbca3a 100644
--- a/README.md
+++ b/README.md
@@ -74,15 +74,15 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ## Security Issues / Reports
 
-Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/SECURITY.md).
+Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
 
 ## Contributing
 
-Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
 
 ## Code of Conduct
 
-Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CODE_OF_CONDUCT.md).
+Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CODE_OF_CONDUCT.md).
 
 ## License
 

From a2e5c7d5bced8f3466a4a1f00a8d538194435b69 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:29:05 -0400
Subject: [PATCH 350/475] Corrected an input type mistake in the bug report and
 feature request templates.

Corrected URL mistake in the issue template config.yml file.

Updated project README policy reference URLs to use master branch.
---
 .github/ISSUE_TEMPLATE/bug_report.yaml      | 2 +-
 .github/ISSUE_TEMPLATE/config.yml           | 2 +-
 .github/ISSUE_TEMPLATE/feature_request.yaml | 2 +-
 README.md                                   | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index 5bacd4e6e..640cff8f8 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -10,7 +10,7 @@ body:
         installation. If you're having trouble with installation or just looking for
         assistance with using PDA, please visit our
         [discussion forum](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: input
+  - type: dropdown
     attributes:
       label: PDA version
       description: What version of PDA are you currently running?
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 98109af7c..1ecb2e9ae 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -2,7 +2,7 @@
 blank_issues_enabled: false
 contact_links:
   - name: 📖 Contributing Policy
-    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md
     about: "Please read through our contributing policy before opening an issue or pull request"
   - name: ❓ Discussion
     url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index b2e193428..fa1db00d7 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -10,7 +10,7 @@ body:
         PDA in some way. If you're trying to solve a problem but can't figure out how, or if
         you still need time to work on the details of a proposed new feature, please start a
         [discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: input
+  - type: dropdown
     attributes:
       label: PDA version
       description: What version of PDA are you currently running?
diff --git a/README.md b/README.md
index ea2c1a11c..c16bbca3a 100644
--- a/README.md
+++ b/README.md
@@ -74,15 +74,15 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ## Security Issues / Reports
 
-Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/SECURITY.md).
+Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
 
 ## Contributing
 
-Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CONTRIBUTING.md).
+Please see our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
 
 ## Code of Conduct
 
-Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/dev/docs/CODE_OF_CONDUCT.md).
+Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CODE_OF_CONDUCT.md).
 
 ## License
 

From ae16e9868ae3555c4a6c2185229a6b42b8b072fc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:48:07 -0400
Subject: [PATCH 351/475] Corrected project name reference mistake in
 contribution guide.

---
 docs/CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index 8c82a802f..8acf50cda 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -52,7 +52,7 @@ Some general tips for engaging here on GitHub:
 
 ## :arrow_heading_up: Submitting Pull Requests
 
-* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to NetBox's code base. Our process generally goes like this:
+* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to PDA's code base. Our process generally goes like this:
   * A user opens a new issue (bug report or feature request)
   * A maintainer triages the issue and may mark it as needing an owner
   * The issue's author can volunteer to own it, or someone else can

From 1358e47b5be6da1380a9dfb8440c0e4f9f31a79a Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:48:07 -0400
Subject: [PATCH 352/475] Corrected project name reference mistake in
 contribution guide.

---
 docs/CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index 8c82a802f..8acf50cda 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -52,7 +52,7 @@ Some general tips for engaging here on GitHub:
 
 ## :arrow_heading_up: Submitting Pull Requests
 
-* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to NetBox's code base. Our process generally goes like this:
+* [Pull requests](https://docs.github.com/en/pull-requests) (a feature of GitHub) are used to propose changes to PDA's code base. Our process generally goes like this:
   * A user opens a new issue (bug report or feature request)
   * A maintainer triages the issue and may mark it as needing an owner
   * The issue's author can volunteer to own it, or someone else can

From 687571101f52dde9d662c1c34edb2b07f68bc375 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:56:59 -0400
Subject: [PATCH 353/475] Updated stale issue / PR workflow to include proper
 exceptions.

---
 .github/workflows/stale.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 66fd367f6..d0a3e0d30 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -26,7 +26,7 @@ jobs:
             This PR has been automatically closed due to lack of activity.
           days-before-stale: 90
           days-before-close: 30
-          exempt-issue-labels: 'status: accepted,status: blocked,status: needs milestone'
+          exempt-issue-labels: 'mod / announcement, mod / accepted, mod / reviewing, mod / testing'
           operations-per-run: 100
           remove-stale-when-updated: false
           stale-issue-label: 'mod / stale'

From 1bfb5429a1553a8eef45a529fcd4694934ae510e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 17:56:59 -0400
Subject: [PATCH 354/475] Updated stale issue / PR workflow to include proper
 exceptions.

---
 .github/workflows/stale.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 66fd367f6..d0a3e0d30 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -26,7 +26,7 @@ jobs:
             This PR has been automatically closed due to lack of activity.
           days-before-stale: 90
           days-before-close: 30
-          exempt-issue-labels: 'status: accepted,status: blocked,status: needs milestone'
+          exempt-issue-labels: 'mod / announcement, mod / accepted, mod / reviewing, mod / testing'
           operations-per-run: 100
           remove-stale-when-updated: false
           stale-issue-label: 'mod / stale'

From 3294ed80f3d16fe62408569064ecbecde91a57d9 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:03:18 -0400
Subject: [PATCH 355/475] Updated labels for the issue templates.

---
 .github/ISSUE_TEMPLATE/bug_report.yaml           | 2 +-
 .github/ISSUE_TEMPLATE/documentation_change.yaml | 2 +-
 .github/ISSUE_TEMPLATE/feature_request.yaml      | 2 +-
 .github/ISSUE_TEMPLATE/housekeeping.yaml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index 640cff8f8..0c5a2d72f 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -1,7 +1,7 @@
 ---
 name: 🐛 Bug Report
 description: Report a reproducible bug in the current release of PDA
-labels: ["type: bug"]
+labels: ["bug / broken-feature"]
 body:
   - type: markdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/documentation_change.yaml b/.github/ISSUE_TEMPLATE/documentation_change.yaml
index 584d4b488..0b34991b4 100644
--- a/.github/ISSUE_TEMPLATE/documentation_change.yaml
+++ b/.github/ISSUE_TEMPLATE/documentation_change.yaml
@@ -1,7 +1,7 @@
 ---
 name: 📖 Documentation Change
 description: Suggest an addition or modification to the PDA documentation
-labels: ["type: documentation"]
+labels: ["docs / request"]
 body:
   - type: dropdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index fa1db00d7..e649c6195 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -1,7 +1,7 @@
 ---
 name: ✨ Feature Request
 description: Propose a new PDA feature or enhancement
-labels: ["type: feature"]
+labels: ["feature / request"]
 body:
   - type: markdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/housekeeping.yaml b/.github/ISSUE_TEMPLATE/housekeeping.yaml
index dba7e3c55..2d8e5dfc5 100644
--- a/.github/ISSUE_TEMPLATE/housekeeping.yaml
+++ b/.github/ISSUE_TEMPLATE/housekeeping.yaml
@@ -1,7 +1,7 @@
 ---
 name: 🏡 Housekeeping
 description: A change pertaining to the codebase itself (developers only)
-labels: ["type: housekeeping"]
+labels: ["mod / change-request"]
 body:
   - type: markdown
     attributes:

From 98e6b8946f08a41bd224265fbdee46834ccefafc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:03:18 -0400
Subject: [PATCH 356/475] Updated labels for the issue templates.

---
 .github/ISSUE_TEMPLATE/bug_report.yaml           | 2 +-
 .github/ISSUE_TEMPLATE/documentation_change.yaml | 2 +-
 .github/ISSUE_TEMPLATE/feature_request.yaml      | 2 +-
 .github/ISSUE_TEMPLATE/housekeeping.yaml         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index 640cff8f8..0c5a2d72f 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -1,7 +1,7 @@
 ---
 name: 🐛 Bug Report
 description: Report a reproducible bug in the current release of PDA
-labels: ["type: bug"]
+labels: ["bug / broken-feature"]
 body:
   - type: markdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/documentation_change.yaml b/.github/ISSUE_TEMPLATE/documentation_change.yaml
index 584d4b488..0b34991b4 100644
--- a/.github/ISSUE_TEMPLATE/documentation_change.yaml
+++ b/.github/ISSUE_TEMPLATE/documentation_change.yaml
@@ -1,7 +1,7 @@
 ---
 name: 📖 Documentation Change
 description: Suggest an addition or modification to the PDA documentation
-labels: ["type: documentation"]
+labels: ["docs / request"]
 body:
   - type: dropdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index fa1db00d7..e649c6195 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -1,7 +1,7 @@
 ---
 name: ✨ Feature Request
 description: Propose a new PDA feature or enhancement
-labels: ["type: feature"]
+labels: ["feature / request"]
 body:
   - type: markdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/housekeeping.yaml b/.github/ISSUE_TEMPLATE/housekeeping.yaml
index dba7e3c55..2d8e5dfc5 100644
--- a/.github/ISSUE_TEMPLATE/housekeeping.yaml
+++ b/.github/ISSUE_TEMPLATE/housekeeping.yaml
@@ -1,7 +1,7 @@
 ---
 name: 🏡 Housekeeping
 description: A change pertaining to the codebase itself (developers only)
-labels: ["type: housekeeping"]
+labels: ["mod / change-request"]
 body:
   - type: markdown
     attributes:

From 763f06a830bae24ce16b8580a09323bac3c79f80 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:16:06 -0400
Subject: [PATCH 357/475] Corrected URL mistake in stale issue / PR workflow.

---
 .github/workflows/stale.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index d0a3e0d30..2c6284cad 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -37,7 +37,7 @@ jobs:
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
             and you may be barred from participating in any future discussions. Please see
-            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md).
+            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had

From 92f5071a84135e2058fc6dfc1cd3401cc66b16c5 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:16:06 -0400
Subject: [PATCH 358/475] Corrected URL mistake in stale issue / PR workflow.

---
 .github/workflows/stale.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index d0a3e0d30..2c6284cad 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -37,7 +37,7 @@ jobs:
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
             and you may be barred from participating in any future discussions. Please see
-            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/docs/CONTRIBUTING.md).
+            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had

From 2ca712af4951b3a5f9729ec424414203c495a6da Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:25:05 -0400
Subject: [PATCH 359/475] Updated the stale issue / PR workflow to include
 better verbiage for the contribution guide.

Also updated the stale issue / PR workflow to exclude security vulnerabilities.
---
 .github/workflows/stale.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 2c6284cad..666cab72c 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -26,7 +26,7 @@ jobs:
             This PR has been automatically closed due to lack of activity.
           days-before-stale: 90
           days-before-close: 30
-          exempt-issue-labels: 'mod / announcement, mod / accepted, mod / reviewing, mod / testing'
+          exempt-issue-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
           operations-per-run: 100
           remove-stale-when-updated: false
           stale-issue-label: 'mod / stale'
@@ -37,7 +37,7 @@ jobs:
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
             and you may be barred from participating in any future discussions. Please see
-            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
+            our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had

From 1aac3c0f0d2fdca15e03fcbe9cd5870c123bd31a Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 17 Mar 2023 18:25:05 -0400
Subject: [PATCH 360/475] Updated the stale issue / PR workflow to include
 better verbiage for the contribution guide.

Also updated the stale issue / PR workflow to exclude security vulnerabilities.
---
 .github/workflows/stale.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 2c6284cad..666cab72c 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -26,7 +26,7 @@ jobs:
             This PR has been automatically closed due to lack of activity.
           days-before-stale: 90
           days-before-close: 30
-          exempt-issue-labels: 'mod / announcement, mod / accepted, mod / reviewing, mod / testing'
+          exempt-issue-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
           operations-per-run: 100
           remove-stale-when-updated: false
           stale-issue-label: 'mod / stale'
@@ -37,7 +37,7 @@ jobs:
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
             and you may be barred from participating in any future discussions. Please see
-            our [contributing guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
+            our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had

From d716f8cc880e8048d89618509d964cd6dac8b6c3 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 08:48:07 -0400
Subject: [PATCH 361/475] Updated various yaml files to include proper opening
 lines.

Tweaked the name of the stale threads workflow.
---
 .github/ISSUE_TEMPLATE/config.yml       | 1 +
 .github/dependabot.yml                  | 1 +
 .github/labels.yml                      | 4 ++++
 .github/workflows/build-and-publish.yml | 2 +-
 .github/workflows/codeql-analysis.yml   | 1 +
 .github/workflows/lock.yml              | 1 +
 .github/workflows/stale.yml             | 2 +-
 7 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 1ecb2e9ae..6aba80c68 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,3 +1,4 @@
+---
 # Reference: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: false
 contact_links:
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 68dd93227..898c59439 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,3 +1,4 @@
+---
 version: 2
 updates:
   - package-ecosystem: npm
diff --git a/.github/labels.yml b/.github/labels.yml
index c113abb1e..e17cd97d8 100644
--- a/.github/labels.yml
+++ b/.github/labels.yml
@@ -1,3 +1,4 @@
+---
 labels:
   - name: bug / broken-feature
     description: Existing feature malfunctioning or broken
@@ -38,6 +39,9 @@ labels:
   - name: mod / announcement
     description: This is an admin announcement
     color: 'e5ef23'
+  - name: mod / change-request
+    description: Used by internal developers to indicate a change-request.
+    color: 'e5ef23'
   - name: mod / changes-requested
     description: Changes have been requested before proceeding
     color: 'e5ef23'
diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index f76ed984b..74085f0a8 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -1,3 +1,4 @@
+---
 name: 'Docker Image'
 
 on:
@@ -42,7 +43,6 @@ jobs:
 
       - name: Docker Image Build
         uses: docker/build-push-action@v2
-        #if: github.ref == 'refs/heads/master'
         with:
           context: ./
           file: ./docker/Dockerfile
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7f2f14816..b54abf19d 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,3 +1,4 @@
+---
 # For most projects, this workflow file will not need changing; you simply need
 # to commit it to your repository.
 #
diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
index 938502495..2005b4538 100644
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -1,3 +1,4 @@
+---
 # lock-threads (https://github.com/marketplace/actions/lock-threads)
 name: 'Lock threads'
 
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 666cab72c..b14dc6632 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -1,5 +1,5 @@
 # close-stale-issues (https://github.com/marketplace/actions/close-stale-issues)
-name: 'Close stale issues/PRs'
+name: 'Close Stale Threads'
 
 on:
   schedule:

From 2606ad0395a6c08ce9761c6ca4769bb39a53712b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 08:48:07 -0400
Subject: [PATCH 362/475] Updated various yaml files to include proper opening
 lines.

Tweaked the name of the stale threads workflow.
---
 .github/ISSUE_TEMPLATE/config.yml       | 1 +
 .github/dependabot.yml                  | 1 +
 .github/labels.yml                      | 4 ++++
 .github/workflows/build-and-publish.yml | 2 +-
 .github/workflows/codeql-analysis.yml   | 1 +
 .github/workflows/lock.yml              | 1 +
 .github/workflows/stale.yml             | 2 +-
 7 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 1ecb2e9ae..6aba80c68 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,3 +1,4 @@
+---
 # Reference: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: false
 contact_links:
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 68dd93227..898c59439 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,3 +1,4 @@
+---
 version: 2
 updates:
   - package-ecosystem: npm
diff --git a/.github/labels.yml b/.github/labels.yml
index c113abb1e..e17cd97d8 100644
--- a/.github/labels.yml
+++ b/.github/labels.yml
@@ -1,3 +1,4 @@
+---
 labels:
   - name: bug / broken-feature
     description: Existing feature malfunctioning or broken
@@ -38,6 +39,9 @@ labels:
   - name: mod / announcement
     description: This is an admin announcement
     color: 'e5ef23'
+  - name: mod / change-request
+    description: Used by internal developers to indicate a change-request.
+    color: 'e5ef23'
   - name: mod / changes-requested
     description: Changes have been requested before proceeding
     color: 'e5ef23'
diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index f76ed984b..74085f0a8 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -1,3 +1,4 @@
+---
 name: 'Docker Image'
 
 on:
@@ -42,7 +43,6 @@ jobs:
 
       - name: Docker Image Build
         uses: docker/build-push-action@v2
-        #if: github.ref == 'refs/heads/master'
         with:
           context: ./
           file: ./docker/Dockerfile
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7f2f14816..b54abf19d 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,3 +1,4 @@
+---
 # For most projects, this workflow file will not need changing; you simply need
 # to commit it to your repository.
 #
diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
index 938502495..2005b4538 100644
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -1,3 +1,4 @@
+---
 # lock-threads (https://github.com/marketplace/actions/lock-threads)
 name: 'Lock threads'
 
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index 666cab72c..b14dc6632 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -1,5 +1,5 @@
 # close-stale-issues (https://github.com/marketplace/actions/close-stale-issues)
-name: 'Close stale issues/PRs'
+name: 'Close Stale Threads'
 
 on:
   schedule:

From 340e84ab893f671ac1b46f18d1b7a7e0351e9f9c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 08:52:39 -0400
Subject: [PATCH 363/475] Updated MegaLinter workflow to include a manual
 dispatch option.

---
 .github/workflows/mega-linter.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index 943d3a30c..fec231edb 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -4,6 +4,7 @@
 name: MegaLinter
 
 on:
+  workflow_dispatch:
   push:
     branches-ignore:
       - "*"

From f44ff7d26149f14524afebec28aa41e9893c7ced Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 18 Mar 2023 19:14:58 +0000
Subject: [PATCH 364/475] fix: fixed session clearing and let logout_user take
 care of cleanup

It seems when logging in and logging out, then logging back in, setting
the session timeout to 5 minutes, then waiting for expiry can cause
a situation when using SQLA-based sessions which results in a NULL field
in the database and causes a persistent 500 Internal Server Error.

As per issue 1439 here is a fix found by @raunz.

Resolves #1439.

Tested for about 8 hours and tons and tons of expired sessions, could not
reproduce with the fix applied.
---
 powerdnsadmin/routes/index.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index a21ad31e5..19fd27735 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -528,7 +528,6 @@ def clear_session():
     session.pop('google_token', None)
     session.pop('authentication_type', None)
     session.pop('remote_user', None)
-    session.clear()
     logout_user()
 
 

From 138532fb95ed803a26299ad4da43be245d05519b Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 18 Mar 2023 20:27:02 +0000
Subject: [PATCH 365/475] fix: allow the specification of any combination of
 groups in LDAP group security configuration

Previous behavior required the specification of all three group security groups before the
"Save Settings" button would be enabled.

This adds a check into users.py which checks that the group is set before searching and
removes the javascript preventing the specification of any combination of groups.

Tested:
- Tested all combinations on AD after MR 1238
- Tested all combinations on OpenLDAP
- Tested enabling the Group Security with no groups set which correctly prevents login

Resolves #1462
---
 powerdnsadmin/models/user.py                  | 25 ++++++-------------
 .../admin_setting_authentication.html         |  6 -----
 2 files changed, 8 insertions(+), 23 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 24b43e9a2..e989aa0cb 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -255,33 +255,24 @@ def is_validate(self, method, src_ip='', trust_user=False):
                             if LDAP_TYPE == 'ldap':
                                 groupSearchFilter = "(&({0}={1}){2})".format(LDAP_FILTER_GROUPNAME, ldap_username, LDAP_FILTER_GROUP)
                                 current_app.logger.debug('Ldap groupSearchFilter {0}'.format(groupSearchFilter))
-                                if (self.ldap_search(groupSearchFilter,
-                                                     LDAP_ADMIN_GROUP)):
+                                if (LDAP_ADMIN_GROUP and self.ldap_search(groupSearchFilter, LDAP_ADMIN_GROUP)):
                                     role_name = 'Administrator'
                                     current_app.logger.info(
                                         'User {0} is part of the "{1}" group that allows admin access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_ADMIN_GROUP))
-                                elif (self.ldap_search(groupSearchFilter,
-                                                       LDAP_OPERATOR_GROUP)):
+                                        .format(self.username, LDAP_ADMIN_GROUP))
+                                elif (LDAP_OPERATOR_GROUP and self.ldap_search(groupSearchFilter, LDAP_OPERATOR_GROUP)):
                                     role_name = 'Operator'
                                     current_app.logger.info(
                                         'User {0} is part of the "{1}" group that allows operator access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_OPERATOR_GROUP))
-                                elif (self.ldap_search(groupSearchFilter,
-                                                       LDAP_USER_GROUP)):
+                                        .format(self.username, LDAP_OPERATOR_GROUP))
+                                elif (LDAP_USER_GROUP and self.ldap_search(groupSearchFilter, LDAP_USER_GROUP)):
                                     current_app.logger.info(
                                         'User {0} is part of the "{1}" group that allows user access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_USER_GROUP))
+                                        .format(self.username, LDAP_USER_GROUP))
                                 else:
                                     current_app.logger.error(
-                                        'User {0} is not part of the "{1}", "{2}" or "{3}" groups that allow access to PowerDNS-Admin'
-                                        .format(self.username,
-                                                LDAP_ADMIN_GROUP,
-                                                LDAP_OPERATOR_GROUP,
-                                                LDAP_USER_GROUP))
+                                        'User {0} is not part of any security groups that allow access to PowerDNS-Admin'
+                                        .format(self.username))
                                     return False
                             elif LDAP_TYPE == 'ad':
                                 ldap_group_security_roles = OrderedDict(
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index a4c028865..c5459588e 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1772,12 +1772,6 @@ <h3 class="card-title">Settings Help</h3>
             $('#ldap_filter_username').prop('required', true);
             $('#ldap_filter_groupname').prop('required', true);
 
-            if ($('#ldap_sg_on').is(":checked")) {
-                $('#ldap_admin_group').prop('required', true);
-                $('#ldap_operator_group').prop('required', true);
-                $('#ldap_user_group').prop('required', true);
-            }
-
             if ($('#autoprovisioning_on').is(":checked")) {
                 $('#autoprovisioning_attribute').prop('required', true);
                 $('#urn_value').prop('required', true);

From 33614ae1028932bdda8913bb8c3b8dd8071e72a0 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 19:20:36 -0400
Subject: [PATCH 366/475] Updated invalid value in dependabot workflow.

---
 .github/dependabot.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 898c59439..29095aab9 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,7 +8,8 @@ updates:
     ignore:
       - dependency-name: "*"
         update-types: [ "version-update:semver-major" ]
-    labels: feature / dependency
+    labels:
+      - 'feature / dependency'
   - package-ecosystem: pip
     directory: /
     schedule:
@@ -16,4 +17,5 @@ updates:
     ignore:
       - dependency-name: "*"
         update-types: [ "version-update:semver-major" ]
-    labels: feature / dependency
+    labels:
+      - 'feature / dependency'

From ca4bf18f6734326c5091f145760d4f37245bfcc3 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 19:20:36 -0400
Subject: [PATCH 367/475] Updated invalid value in dependabot workflow.

---
 .github/dependabot.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 898c59439..29095aab9 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,7 +8,8 @@ updates:
     ignore:
       - dependency-name: "*"
         update-types: [ "version-update:semver-major" ]
-    labels: feature / dependency
+    labels:
+      - 'feature / dependency'
   - package-ecosystem: pip
     directory: /
     schedule:
@@ -16,4 +17,5 @@ updates:
     ignore:
       - dependency-name: "*"
         update-types: [ "version-update:semver-major" ]
-    labels: feature / dependency
+    labels:
+      - 'feature / dependency'

From 78e8d9950dc7a52d6eb656dba02b7c00e12e0690 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 18 Mar 2023 23:22:01 +0000
Subject: [PATCH 368/475] fix: upgrade setuptools to fix CVE-2022-40897

---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index c6fcaf4e9..a80216347 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -44,4 +44,5 @@ werkzeug==2.1.2
 zipp==3.11.0
 rcssmin==1.1.1
 zxcvbn==4.4.28
-psycopg2==2.9.5
\ No newline at end of file
+psycopg2==2.9.5
+setuptools==65.5.1 # fixes CVE-2022-40897
\ No newline at end of file

From e7547ff8d3c0e4570c6d8b0d43c3c17a0ef10613 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 18 Mar 2023 23:43:51 +0000
Subject: [PATCH 369/475] fix: fix for CVE-2023-0286 & CVE-2023-23931 -
 cryptography update to 39.0.2

---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index a80216347..0db7b16fd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -17,7 +17,7 @@ bravado-core==5.17.1
 certifi==2022.12.7
 cffi==1.15.1
 configobj==5.0.8
-cryptography==36.0.2
+cryptography==39.0.2 # fixes CVE-2023-0286, CVE-2023-23931
 cssmin==0.2.0
 dnspython>=2.3.0
 flask_session_captcha==1.3.0

From 522705a52bfe4fb3e2e6cf03223671778da6cf87 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 20:49:01 -0400
Subject: [PATCH 370/475] Updated dependabot configuration to target the dev
 branch.

---
 .github/dependabot.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 29095aab9..482207e3b 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,6 +2,7 @@
 version: 2
 updates:
   - package-ecosystem: npm
+    target-branch: dev
     directory: /
     schedule:
       interval: daily
@@ -11,6 +12,7 @@ updates:
     labels:
       - 'feature / dependency'
   - package-ecosystem: pip
+    target-branch: dev
     directory: /
     schedule:
       interval: daily

From 0a66089cad7f54a5bdf650dcef4f82cfa2b36e1e Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 20:49:01 -0400
Subject: [PATCH 371/475] Updated dependabot configuration to target the dev
 branch.

---
 .github/dependabot.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 29095aab9..482207e3b 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -2,6 +2,7 @@
 version: 2
 updates:
   - package-ecosystem: npm
+    target-branch: dev
     directory: /
     schedule:
       interval: daily
@@ -11,6 +12,7 @@ updates:
     labels:
       - 'feature / dependency'
   - package-ecosystem: pip
+    target-branch: dev
     directory: /
     schedule:
       interval: daily

From 5acbabaed5e7ee7d4886eefac87881e08d09ac65 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 20:55:20 -0400
Subject: [PATCH 372/475] Updated project README to include donation section.

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index c16bbca3a..94d0133b3 100644
--- a/README.md
+++ b/README.md
@@ -88,3 +88,9 @@ Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerD
 
 This project is released under the MIT license. For additional
 information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
+
+## Donate
+
+Like my work?
+
+<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
\ No newline at end of file

From 80b191bc0d2cfac1dbbfe1a9fd0c31e275569200 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 20:55:20 -0400
Subject: [PATCH 373/475] Updated project README to include donation section.

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index c16bbca3a..94d0133b3 100644
--- a/README.md
+++ b/README.md
@@ -88,3 +88,9 @@ Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerD
 
 This project is released under the MIT license. For additional
 information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
+
+## Donate
+
+Like my work?
+
+<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
\ No newline at end of file

From 506a75300abf8f3b30106769b7751e32fc8c01e0 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 21:45:28 -0400
Subject: [PATCH 374/475] Added GitHub sponsors configuration.

---
 .github/FUNDING.yml | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .github/FUNDING.yml

diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
new file mode 100644
index 000000000..18e85f09f
--- /dev/null
+++ b/.github/FUNDING.yml
@@ -0,0 +1 @@
+github: [AzorianSolutions]
\ No newline at end of file

From e11f55523d7c2d6158f9cca6e0ad3c996e71a7ba Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 12:36:44 -0400
Subject: [PATCH 375/475] Corrected minor formatting issue with project's Code
 of Conduct policy.

---
 docs/CODE_OF_CONDUCT.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md
index 54b10d73a..ed3cb4741 100644
--- a/docs/CODE_OF_CONDUCT.md
+++ b/docs/CODE_OF_CONDUCT.md
@@ -1,6 +1,6 @@
 # Code of Conduct
 
-# Our Pledge
+## Our Pledge
 
 In the interest of fostering an open and welcoming environment, we as
 contributors and maintainers pledge to making participation in our project and

From 6b9638ca19aa984eff861a667368a95903e7b32c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 12:39:44 -0400
Subject: [PATCH 376/475] Updated Security section header of the project
 README.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 94d0133b3..b9f9da501 100644
--- a/README.md
+++ b/README.md
@@ -72,7 +72,7 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
-## Security Issues / Reports
+## Security Policy
 
 Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
 

From ba19943c64eccacfbf0a00c72d97a75af783e69d Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 15:09:52 -0400
Subject: [PATCH 377/475] Updated stale thread workflow with updated message
 verbiage.

Updated lock thread workflow to properly exclude threads with specific labels.
---
 .github/workflows/lock.yml  | 4 +++-
 .github/workflows/stale.yml | 7 ++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
index 2005b4538..cf6f0b338 100644
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -19,4 +19,6 @@ jobs:
         with:
           issue-inactive-days: 90
           pr-inactive-days: 30
-          issue-lock-reason: 'resolved'
\ No newline at end of file
+          issue-lock-reason: 'resolved'
+          exclude-any-issue-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
+          exclude-any-pr-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
\ No newline at end of file
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index b14dc6632..9b565ec09 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -36,10 +36,11 @@ jobs:
             is governed by a small group of core maintainers which means not all opened
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
-            and you may be barred from participating in any future discussions. Please see
-            our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
+            and you may be barred from participating in any future discussions. Please see our
+            [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had
             recent activity. It will be closed automatically if no further action is
-            taken.
\ No newline at end of file
+            taken. Please see our
+            [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
\ No newline at end of file

From 4e54b5ae0a0e60470c8ed940d3645767dc6b554c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 18 Mar 2023 21:45:28 -0400
Subject: [PATCH 378/475] Added GitHub sponsors configuration.

---
 .github/FUNDING.yml | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .github/FUNDING.yml

diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
new file mode 100644
index 000000000..18e85f09f
--- /dev/null
+++ b/.github/FUNDING.yml
@@ -0,0 +1 @@
+github: [AzorianSolutions]
\ No newline at end of file

From 976f52ce7afacb3de39c440dca44cd5348ea34a7 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 12:36:44 -0400
Subject: [PATCH 379/475] Corrected minor formatting issue with project's Code
 of Conduct policy.

---
 docs/CODE_OF_CONDUCT.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/CODE_OF_CONDUCT.md b/docs/CODE_OF_CONDUCT.md
index 54b10d73a..ed3cb4741 100644
--- a/docs/CODE_OF_CONDUCT.md
+++ b/docs/CODE_OF_CONDUCT.md
@@ -1,6 +1,6 @@
 # Code of Conduct
 
-# Our Pledge
+## Our Pledge
 
 In the interest of fostering an open and welcoming environment, we as
 contributors and maintainers pledge to making participation in our project and

From 236487eada0122c25929a9dff1e736e863376472 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 12:39:44 -0400
Subject: [PATCH 380/475] Updated Security section header of the project
 README.

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 94d0133b3..b9f9da501 100644
--- a/README.md
+++ b/README.md
@@ -72,7 +72,7 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
-## Security Issues / Reports
+## Security Policy
 
 Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
 

From 55faefeedc3a0fa7818a2ad766f40601a8b92ce4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 15:09:52 -0400
Subject: [PATCH 381/475] Updated stale thread workflow with updated message
 verbiage.

Updated lock thread workflow to properly exclude threads with specific labels.
---
 .github/workflows/lock.yml  | 4 +++-
 .github/workflows/stale.yml | 7 ++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/lock.yml b/.github/workflows/lock.yml
index 2005b4538..cf6f0b338 100644
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -19,4 +19,6 @@ jobs:
         with:
           issue-inactive-days: 90
           pr-inactive-days: 30
-          issue-lock-reason: 'resolved'
\ No newline at end of file
+          issue-lock-reason: 'resolved'
+          exclude-any-issue-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
+          exclude-any-pr-labels: 'bug / security-vulnerability, mod / announcement, mod / accepted, mod / reviewing, mod / testing'
\ No newline at end of file
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index b14dc6632..9b565ec09 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -36,10 +36,11 @@ jobs:
             is governed by a small group of core maintainers which means not all opened
             issues may receive direct feedback. **Do not** attempt to circumvent this
             process by "bumping" the issue; doing so will result in its immediate closure
-            and you may be barred from participating in any future discussions. Please see
-            our [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
+            and you may be barred from participating in any future discussions. Please see our
+            [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
           stale-pr-label: 'mod / stale'
           stale-pr-message: >
             This PR has been automatically marked as stale because it has not had
             recent activity. It will be closed automatically if no further action is
-            taken.
\ No newline at end of file
+            taken. Please see our
+            [Contribution Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md).
\ No newline at end of file

From f6009ba47b7e26984c4a44b2c0feb7f761d31ded Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 17:02:45 -0400
Subject: [PATCH 382/475] Updated CodeQL workflow to exclude non-relevant
 project paths.

---
 .github/workflows/codeql-analysis.yml | 64 ++++++++++++++++++++++++++-
 1 file changed, 62 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index b54abf19d..9f4b66fc1 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -15,10 +15,70 @@ name: "CodeQL"
 on:
   workflow_dispatch:
   push:
-    branches: [ dev, master ]
+    branches:
+      - 'dev'
+      - 'main'
+      - 'master'
+      - 'dependabot/**'
+      - 'feature/**'
+      - 'issue/**'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker/**
+      - docker-test/**
+      - docs/**
+      - powerdnsadmin/static/assets/**
+      - powerdnsadmin/static/custom/css/**
+      - powerdnsadmin/static/img/**
+      - powerdnsadmin/swagger-spec.yaml
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - package.json
+      - README.md
+      - requirements.txt
+      - SECURITY.md
+      - yarn.lock
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ dev, master ]
+    branches:
+      - 'dev'
+      - 'main'
+      - 'master'
+      - 'dependabot/**'
+      - 'feature/**'
+      - 'issue/**'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker/**
+      - docker-test/**
+      - docs/**
+      - powerdnsadmin/static/assets/**
+      - powerdnsadmin/static/custom/css/**
+      - powerdnsadmin/static/img/**
+      - powerdnsadmin/swagger-spec.yaml
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - package.json
+      - README.md
+      - requirements.txt
+      - SECURITY.md
+      - yarn.lock
   schedule:
     - cron: '45 2 * * 2'
 

From a187d70470daffda44ff34c0f7534c8e9a92dcab Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 17:02:45 -0400
Subject: [PATCH 383/475] Updated CodeQL workflow to exclude non-relevant
 project paths.

---
 .github/workflows/codeql-analysis.yml | 64 ++++++++++++++++++++++++++-
 1 file changed, 62 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index b54abf19d..9f4b66fc1 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -15,10 +15,70 @@ name: "CodeQL"
 on:
   workflow_dispatch:
   push:
-    branches: [ dev, master ]
+    branches:
+      - 'dev'
+      - 'main'
+      - 'master'
+      - 'dependabot/**'
+      - 'feature/**'
+      - 'issue/**'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker/**
+      - docker-test/**
+      - docs/**
+      - powerdnsadmin/static/assets/**
+      - powerdnsadmin/static/custom/css/**
+      - powerdnsadmin/static/img/**
+      - powerdnsadmin/swagger-spec.yaml
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - package.json
+      - README.md
+      - requirements.txt
+      - SECURITY.md
+      - yarn.lock
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ dev, master ]
+    branches:
+      - 'dev'
+      - 'main'
+      - 'master'
+      - 'dependabot/**'
+      - 'feature/**'
+      - 'issue/**'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker/**
+      - docker-test/**
+      - docs/**
+      - powerdnsadmin/static/assets/**
+      - powerdnsadmin/static/custom/css/**
+      - powerdnsadmin/static/img/**
+      - powerdnsadmin/swagger-spec.yaml
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - package.json
+      - README.md
+      - requirements.txt
+      - SECURITY.md
+      - yarn.lock
   schedule:
     - cron: '45 2 * * 2'
 

From 419bf358921a0fad157f0f00f107deb8e132ed9f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 17:05:30 -0400
Subject: [PATCH 384/475] Updated build-and-publish workflow to exclude
 non-relevant project paths.

---
 .github/workflows/build-and-publish.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 74085f0a8..9eb0fff83 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -9,6 +9,22 @@ on:
       - 'master'
     tags:
       - 'v*.*.*'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker-test/**
+      - docs/**
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - README.md
+      - SECURITY.md
 
 jobs:
   build-and-push-docker-image:

From 1762a5481b8ad8ae05a65a9a21608bfebe6e569b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 19 Mar 2023 17:05:30 -0400
Subject: [PATCH 385/475] Updated build-and-publish workflow to exclude
 non-relevant project paths.

---
 .github/workflows/build-and-publish.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 74085f0a8..9eb0fff83 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -9,6 +9,22 @@ on:
       - 'master'
     tags:
       - 'v*.*.*'
+    paths-ignore:
+      - .github/**
+      - deploy/**
+      - docker-test/**
+      - docs/**
+      - .dockerignore
+      - .gitattributes
+      - .gitignore
+      - .lgtm.yml
+      - .whitesource
+      - .yarnrc
+      - docker-compose.yml
+      - docker-compose-test.yml
+      - LICENSE
+      - README.md
+      - SECURITY.md
 
 jobs:
   build-and-push-docker-image:

From 271f48306253401acd786edc95201fbe2284fd2d Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Mar 2023 19:09:48 -0400
Subject: [PATCH 386/475] Updated project README to include organization
 sponsorship reference.

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b9f9da501..cd0c3ddae 100644
--- a/README.md
+++ b/README.md
@@ -89,8 +89,10 @@ Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerD
 This project is released under the MIT license. For additional
 information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
 
-## Donate
+## [Donate](https://www.buymeacoffee.com/AzorianMatt)
 
 Like my work?
 
-<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
\ No newline at end of file
+<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
+
+**Want to sponsor me?** Please visit my organization's [sponsorship page](https://github.com/sponsors/AzorianSolutions).

From 92033aa109afb30e5be00a64805ed29e90a37bfa Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 21 Mar 2023 19:09:48 -0400
Subject: [PATCH 387/475] Updated project README to include organization
 sponsorship reference.

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b9f9da501..cd0c3ddae 100644
--- a/README.md
+++ b/README.md
@@ -89,8 +89,10 @@ Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerD
 This project is released under the MIT license. For additional
 information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
 
-## Donate
+## [Donate](https://www.buymeacoffee.com/AzorianMatt)
 
 Like my work?
 
-<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
\ No newline at end of file
+<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
+
+**Want to sponsor me?** Please visit my organization's [sponsorship page](https://github.com/sponsors/AzorianSolutions).

From a9548008691e033279062489d2e52bbb537ea867 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Wed, 22 Mar 2023 01:27:52 +0000
Subject: [PATCH 388/475] fix(api): fixed internal server error being generated
 from invalid UTF-8 encoded X-API-KEY

---
 powerdnsadmin/decorators.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index c6905ba48..cfa5f9d2f 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -460,10 +460,8 @@ def decorated_function(*args, **kwargs):
         if auth_header:
             try:
                 apikey_val = str(base64.b64decode(auth_header), 'utf-8')
-            except binascii.Error as e:
-                current_app.logger.error(
-                    'Invalid base64-encoded of credential. Error {0}'.format(
-                        e))
+            except (binascii.Error, UnicodeDecodeError) as e:
+                current_app.logger.error('Invalid base64-encoded X-API-KEY. Error {0}'.format(e))
                 abort(401)
             except TypeError as e:
                 current_app.logger.error('Error: {0}'.format(e))

From 15e29b6771741a2b2b25e76845d99dcb28a817e1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Mar 2023 19:42:35 -0400
Subject: [PATCH 389/475] Added references to the project's discord server.

---
 .github/SUPPORT.md   | 15 +++++++++++++++
 README.md            |  6 ++++++
 docs/CONTRIBUTING.md |  4 +++-
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 .github/SUPPORT.md

diff --git a/.github/SUPPORT.md b/.github/SUPPORT.md
new file mode 100644
index 000000000..e0df5a649
--- /dev/null
+++ b/.github/SUPPORT.md
@@ -0,0 +1,15 @@
+# PowerDNS Admin
+
+## Project Support
+
+**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance.
+Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
+
+Looking to chat with someone? Join our [Discord Server](https://discord.powerdnsadmin.org).
+
+Some general tips for engaging here on GitHub:
+
+* Register for a free [GitHub account](https://github.com/signup) if you haven't already.
+* You can use [GitHub Markdown](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) for formatting text and adding images.
+* To help mitigate notification spam, please avoid "bumping" issues with no activity. (To vote an issue up or down, use a :thumbsup: or :thumbsdown: reaction.)
+* Please avoid pinging members with `@` unless they've previously expressed interest or involvement with that particular issue.
diff --git a/README.md b/README.md
index cd0c3ddae..6070d5f17 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,12 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
+## Support
+
+**Looking for help?** Try taking a look at the project's
+[Support Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/.github/SUPPORT.md) or joining
+our [Discord Server](https://discord.powerdnsadmin.org).
+
 ## Security Policy
 
 Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index 8acf50cda..d4fb25fa5 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -1,6 +1,8 @@
 # Contribution Guide
 
-**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance. Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
+**Looking for help?** Try taking a look at the project's
+[Support Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/.github/SUPPORT.md) or joining
+our [Discord Server](https://discord.powerdnsadmin.org).
 
 <div align="center">
   <h3>

From b86282b44271dbacf631df7631e69f09fd0e46c9 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Mar 2023 19:42:35 -0400
Subject: [PATCH 390/475] Added references to the project's discord server.

---
 .github/SUPPORT.md   | 15 +++++++++++++++
 README.md            |  6 ++++++
 docs/CONTRIBUTING.md |  4 +++-
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 .github/SUPPORT.md

diff --git a/.github/SUPPORT.md b/.github/SUPPORT.md
new file mode 100644
index 000000000..e0df5a649
--- /dev/null
+++ b/.github/SUPPORT.md
@@ -0,0 +1,15 @@
+# PowerDNS Admin
+
+## Project Support
+
+**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance.
+Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
+
+Looking to chat with someone? Join our [Discord Server](https://discord.powerdnsadmin.org).
+
+Some general tips for engaging here on GitHub:
+
+* Register for a free [GitHub account](https://github.com/signup) if you haven't already.
+* You can use [GitHub Markdown](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) for formatting text and adding images.
+* To help mitigate notification spam, please avoid "bumping" issues with no activity. (To vote an issue up or down, use a :thumbsup: or :thumbsdown: reaction.)
+* Please avoid pinging members with `@` unless they've previously expressed interest or involvement with that particular issue.
diff --git a/README.md b/README.md
index cd0c3ddae..6070d5f17 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,12 @@ You can then access PowerDNS-Admin by pointing your browser to http://localhost:
 
 ![dashboard](docs/screenshots/dashboard.png)
 
+## Support
+
+**Looking for help?** Try taking a look at the project's
+[Support Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/.github/SUPPORT.md) or joining
+our [Discord Server](https://discord.powerdnsadmin.org).
+
 ## Security Policy
 
 Please see our [Security Policy](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/SECURITY.md).
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index 8acf50cda..d4fb25fa5 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -1,6 +1,8 @@
 # Contribution Guide
 
-**Looking for help?** PDA has a somewhat active community of fellow users that may be able to provide assistance. Just [start a discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/new) right here on GitHub!
+**Looking for help?** Try taking a look at the project's
+[Support Guide](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/.github/SUPPORT.md) or joining
+our [Discord Server](https://discord.powerdnsadmin.org).
 
 <div align="center">
   <h3>

From e0dffff325d3d887c8c5d283bb7d385061d82981 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Sat, 25 Mar 2023 11:47:58 +0200
Subject: [PATCH 391/475] Fix activity search form structure

---
 powerdnsadmin/templates/admin_history.html | 119 ++++++++++-----------
 1 file changed, 59 insertions(+), 60 deletions(-)

diff --git a/powerdnsadmin/templates/admin_history.html b/powerdnsadmin/templates/admin_history.html
index 51009a28e..5ce6e4c81 100644
--- a/powerdnsadmin/templates/admin_history.html
+++ b/powerdnsadmin/templates/admin_history.html
@@ -39,8 +39,8 @@ <h3 class="card-title">Activity Search</h3>
                                 </div>
                             {% endif %}
                         </div>
-                        <div class="card-body clearfix">
-                            <form id="history-search-form" autocomplete="off">
+                        <form id="history-search-form" autocomplete="off">
+                            <div class="card-body clearfix">
                                 <ul class="nav nav-tabs" id="custom-content-below-tab" role="tablist">
                                     <li class="nav-item">
                                         <a class="nav-link active" href="#tabs-act" data-toggle="pill" role="tab">
@@ -144,65 +144,64 @@ <h3 class="card-title">Activity Search</h3>
                                     </td>
                                 </div>
                                 </td>
-                            </form>
+                            </div>
                         </div>
-                    </div>
-                    <div class="card-body">
-                        <table id="Filters-Table">
-                            <thead>
-                            <th>Filters</th>
-                            </thead>
-                            <tbody>
-                            <tr>
-                                <td><label>Changed by: &nbsp</label></td>
-                                <td>
-                                    <div class="autocomplete" style="width:250px;">
-                                        <input type="text" style=" border:1px solid #d2d6de; width:250px; height: 34px;"
-                                               id="user_name_filter" name="user_name_filter" value="">
-                                    </div>
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="position: relative; top:10px;">
-                                    <label>Minimum date: &nbsp</label>
-                                </td>
-                                <td style="position: relative; top:10px;">
-                                    <input type="text" id="min" name="min" class="datepicker" autocomplete="off"
-                                           style=" border:1px solid #d2d6de; width:250px; height: 34px;">
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="position: relative; top:20px;">
-                                    <label>Maximum date: &nbsp</label>
-                                </td>
-                                <td style="position: relative; top:20px;">
-                                    <input type="text" id="max" name="max" class="datepicker" autocomplete="off"
-                                           style=" border:1px solid #d2d6de; width:250px; height: 34px;">
-                                </td>
-                            </tr>
-                            <tr>
-                                <td>&nbsp</td>
-                            </tr>
-                            <tr>
-                                <td>&nbsp</td>
-                            </tr>
-                            <tr>
-                                <td>
-                                    <button type="submit" id="search-submit" name="search-submit"
-                                            class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search
-                                    </button>
-                                </td>
-                                <td>
-                                    <button id="clear-filters" name="clear-filters"
-                                            class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear
-                                        Filters
-                                    </button>
-                                </td>
-                            </tr>
-                            </tbody>
-                        </table>
-                        </form>
-                    </div>
+                        <div class="card-body">
+                            <table id="Filters-Table">
+                                <thead>
+                                <th>Filters</th>
+                                </thead>
+                                <tbody>
+                                <tr>
+                                    <td><label>Changed by: &nbsp</label></td>
+                                    <td>
+                                        <div class="autocomplete" style="width:250px;">
+                                            <input type="text" style=" border:1px solid #d2d6de; width:250px; height: 34px;"
+                                                   id="user_name_filter" name="user_name_filter" value="">
+                                        </div>
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td style="position: relative; top:10px;">
+                                        <label>Minimum date: &nbsp</label>
+                                    </td>
+                                    <td style="position: relative; top:10px;">
+                                        <input type="text" id="min" name="min" class="datepicker" autocomplete="off"
+                                               style=" border:1px solid #d2d6de; width:250px; height: 34px;">
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td style="position: relative; top:20px;">
+                                        <label>Maximum date: &nbsp</label>
+                                    </td>
+                                    <td style="position: relative; top:20px;">
+                                        <input type="text" id="max" name="max" class="datepicker" autocomplete="off"
+                                               style=" border:1px solid #d2d6de; width:250px; height: 34px;">
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td>&nbsp</td>
+                                </tr>
+                                <tr>
+                                    <td>&nbsp</td>
+                                </tr>
+                                <tr>
+                                    <td>
+                                        <button type="submit" id="search-submit" name="search-submit"
+                                                class="btn btn-primary button-filter"><i class="fa fa-search"></i>&nbsp;Search
+                                        </button>
+                                    </td>
+                                    <td>
+                                        <button id="clear-filters" name="clear-filters"
+                                                class="btn btn-warning button-clearf"><i class="fa fa-trash"></i>&nbsp;Clear
+                                            Filters
+                                        </button>
+                                    </td>
+                                </tr>
+                                </tbody>
+                            </table>
+                        </div>
+                    </form>
                     <div id="table_from_ajax"></div>
                 </div>
     </section>

From bb34daa33329b00c4096d99abf536ddb03c80be6 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Tue, 28 Mar 2023 16:41:08 +0300
Subject: [PATCH 392/475] Activity pages history base_query unification and
 perfomance improvement for standard user

---
 powerdnsadmin/routes/admin.py | 49 +++++++++++------------------------
 1 file changed, 15 insertions(+), 34 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 3e44fd69c..2ae07b396 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1159,22 +1159,22 @@ def history_table():  # ajax call data
     lim = int(Setting().get('max_history_records'))  # max num of records
 
     if request.method == 'GET':
-        if current_user.role.name in ['Administrator', 'Operator']:
-            base_query = History.query
-        else:
+        base_query = History.query \
+            .with_hint(History, "FORCE INDEX (ix_history_created_on)", 'mysql')
+        if current_user.role.name not in ['Administrator', 'Operator']:
             # if the user isn't an administrator or operator,
             # allow_user_view_history must be enabled to get here,
             # so include history for the zones for the user
-            base_query = db.session.query(History) \
-                .join(Domain, History.domain_id == Domain.id) \
+            allowed_domain_id_subquery = db.session.query(Domain.id) \
                 .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
                 .outerjoin(Account, Domain.account_id == Account.id) \
                 .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-                .filter(
-                db.or_(
+                .filter(db.or_(
                     DomainUser.user_id == current_user.id,
                     AccountUser.user_id == current_user.id
-                ))
+                )) \
+            .subquery()
+            base_query = base_query.filter(History.domain_id.in_(allowed_domain_id_subquery))
 
         domain_name = request.args.get('domain_name_filter') if request.args.get('domain_name_filter') != None \
                                                                 and len(
@@ -1290,11 +1290,9 @@ def history_table():  # ajax call data
                     )
                 ).order_by(History.created_on.desc()) \
                     .limit(lim).all()
-        elif user_name != None and current_user.role.name in ['Administrator',
-                                                              'Operator']:  # only admins can see the user login-logouts
+        elif user_name != None and current_user.role.name in ['Administrator', 'Operator']:  # only admins can see the user login-logouts
 
-            histories = History.query \
-                .filter(
+            histories = base_query.filter(
                 db.and_(
                     db.or_(
                         History.msg.like(
@@ -1317,10 +1315,8 @@ def history_table():  # ajax call data
                         temp.append(h)
                         break
             histories = temp
-        elif (changed_by != None or max_date != None) and current_user.role.name in ['Administrator',
-                                                                                     'Operator']:  # select changed by and date filters only
-            histories = History.query \
-                .filter(
+        elif (changed_by != None or max_date != None) and current_user.role.name in ['Administrator', 'Operator']:  # select changed by and date filters only
+            histories = base_query.filter(
                 db.and_(
                     History.created_on <= max_date if max_date != None else True,
                     History.created_on >= min_date if min_date != None else True,
@@ -1328,10 +1324,8 @@ def history_table():  # ajax call data
                 )
             ) \
                 .order_by(History.created_on.desc()).limit(lim).all()
-        elif (
-                changed_by != None or max_date != None):  # special filtering for user because one user does not have access to log-ins logs
-            histories = base_query \
-                .filter(
+        elif (changed_by != None or max_date != None):  # special filtering for user because one user does not have access to log-ins logs
+            histories = base_query.filter(
                 db.and_(
                     History.created_on <= max_date if max_date != None else True,
                     History.created_on >= min_date if min_date != None else True,
@@ -1347,20 +1341,7 @@ def history_table():  # ajax call data
                 )
             ).order_by(History.created_on.desc()).limit(lim).all()
         else:  # default view
-            if current_user.role.name in ['Administrator', 'Operator']:
-                histories = History.query.order_by(History.created_on.desc()).limit(lim).all()
-            else:
-                histories = db.session.query(History) \
-                    .join(Domain, History.domain_id == Domain.id) \
-                    .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
-                    .outerjoin(Account, Domain.account_id == Account.id) \
-                    .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-                    .order_by(History.created_on.desc()) \
-                    .filter(
-                    db.or_(
-                        DomainUser.user_id == current_user.id,
-                        AccountUser.user_id == current_user.id
-                    )).limit(lim).all()
+            histories = base_query.order_by(History.created_on.desc()).limit(lim).all()
 
         detailedHistories = convert_histories(histories)
 

From 0d0339a3166409d6f84c677e4453f80332a137b2 Mon Sep 17 00:00:00 2001
From: Jan Koppe <post@jankoppe.de>
Date: Wed, 29 Mar 2023 14:52:00 +0200
Subject: [PATCH 393/475] fix #1485: allow more than 100 rows default in
 dashboard

The dashboard.domains_custom route was hardcoded to either return all
the domains, or at most 100, regardless of default_domain_table_size
setting.

Make this limit be dependent on default_domain_table_size instead.

The API will now limit to 100 or default_domain_table_size, whichever
one is higher. This is done to not break any seconday use-cases that
might depend on the hardcoded setting.
---
 powerdnsadmin/routes/dashboard.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/dashboard.py b/powerdnsadmin/routes/dashboard.py
index 14a8ae351..e517207d8 100644
--- a/powerdnsadmin/routes/dashboard.py
+++ b/powerdnsadmin/routes/dashboard.py
@@ -141,7 +141,7 @@ def domains_custom(tab_id):
     filtered_count = domains.count()
 
     start = int(request.args.get("start", 0))
-    length = min(int(request.args.get("length", 0)), 100)
+    length = min(int(request.args.get("length", 0)), max(100, int(Setting().get('default_domain_table_size'))))
 
     if length != -1:
         domains = domains[start:start + length]

From e6c0b4c15fe84aef3cd25cbbd81ab03fccfbdc65 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Thu, 30 Mar 2023 16:23:03 +0300
Subject: [PATCH 394/475] Performance gain in activity records list as in #1381

---
 powerdnsadmin/routes/domain.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 593e91de4..546419c01 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -235,14 +235,14 @@ def changelog(domain_name):
             ).all()
 
     if StrictVersion(Setting().get('pdns_version')) >= StrictVersion('4.0.0'):
+        pretty_v6 = Setting().get('pretty_ipv6_ptr')
         for r in rrsets:
             if r['type'] in records_allow_to_edit:
                 r_name = r['name'].rstrip('.')
 
                 # If it is reverse zone and pretty_ipv6_ptr setting
                 # is enabled, we reformat the name for ipv6 records.
-                if Setting().get('pretty_ipv6_ptr') and r[
-                        'type'] == 'PTR' and 'ip6.arpa' in r_name and '*' not in r_name:
+                if pretty_v6 and r['type'] == 'PTR' and 'ip6.arpa' in r_name and '*' not in r_name:
                     r_name = dns.reversename.to_address(
                         dns.name.from_text(r_name))
 

From 19335439bdee97331f2e8627686c1a927e5abd74 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 2 Apr 2023 09:19:05 -0400
Subject: [PATCH 395/475] Completed the removal of the OAuth JWKS URL setting
 as well as the update of how the existing metadata URL settings are being
 used.

For additional information, reference GitHub issue #1499.
---
 powerdnsadmin/models/setting.py               |  4 --
 powerdnsadmin/routes/admin.py                 |  8 ----
 powerdnsadmin/services/azure.py               | 27 +++++++-----
 powerdnsadmin/services/github.py              | 32 +++++++++-----
 powerdnsadmin/services/google.py              | 30 ++++++++-----
 powerdnsadmin/services/oidc.py                | 30 ++++++++-----
 .../admin_setting_authentication.html         | 44 -------------------
 7 files changed, 75 insertions(+), 100 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 48f929f1e..dedaaab29 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -73,7 +73,6 @@ class Setting(db.Model):
             'https://github.com/login/oauth/access_token',
         'github_oauth_authorize_url':
             'https://github.com/login/oauth/authorize',
-        'github_oauth_jwks_url': '',
         'github_oauth_metadata_url': '',
         'google_oauth_enabled': False,
         'google_oauth_client_id': '',
@@ -81,7 +80,6 @@ class Setting(db.Model):
         'google_token_url': 'https://oauth2.googleapis.com/token',
         'google_oauth_scope': 'openid email profile',
         'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
-        'google_oauth_jwks_url': '',
         'google_oauth_metadata_url': '',
         'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
         'azure_oauth_enabled': False,
@@ -93,7 +91,6 @@ class Setting(db.Model):
             'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/token',
         'azure_oauth_authorize_url':
             'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
-        'azure_oauth_jwks_url': '',
         'azure_oauth_metadata_url': '',
         'azure_sg_enabled': False,
         'azure_admin_group': '',
@@ -111,7 +108,6 @@ class Setting(db.Model):
         'oidc_oauth_api_url': '',
         'oidc_oauth_token_url': '',
         'oidc_oauth_authorize_url': '',
-        'oidc_oauth_jwks_url': '',
         'oidc_oauth_metadata_url': '',
         'oidc_oauth_logout_url': '',
         'oidc_oauth_username': 'preferred_username',
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 3e44fd69c..eedabdc50 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1680,8 +1680,6 @@ def setting_authentication():
                               request.form.get('google_oauth_scope'))
                 Setting().set('google_authorize_url',
                               request.form.get('google_authorize_url'))
-                Setting().set('google_oauth_jwks_url',
-                              request.form.get('google_oauth_jwks_url'))
                 Setting().set('google_base_url',
                               request.form.get('google_base_url'))
                 result = {
@@ -1715,8 +1713,6 @@ def setting_authentication():
                               request.form.get('github_oauth_token_url'))
                 Setting().set('github_oauth_authorize_url',
                               request.form.get('github_oauth_authorize_url'))
-                Setting().set('github_oauth_jwks_url',
-                              request.form.get('github_oauth_jwks_url'))
                 result = {
                     'status': True,
                     'msg':
@@ -1748,8 +1744,6 @@ def setting_authentication():
                               request.form.get('azure_oauth_token_url'))
                 Setting().set('azure_oauth_authorize_url',
                               request.form.get('azure_oauth_authorize_url'))
-                Setting().set('azure_oauth_jwks_url',
-                              request.form.get('azure_oauth_jwks_url'))
                 Setting().set(
                     'azure_sg_enabled', True
                     if request.form.get('azure_sg_enabled') == 'ON' else False)
@@ -1803,8 +1797,6 @@ def setting_authentication():
                               request.form.get('oidc_oauth_token_url'))
                 Setting().set('oidc_oauth_authorize_url',
                               request.form.get('oidc_oauth_authorize_url'))
-                Setting().set('oidc_oauth_jwks_url',
-                              request.form.get('oidc_oauth_jwks_url'))
                 Setting().set('oidc_oauth_logout_url',
                               request.form.get('oidc_oauth_logout_url'))
                 Setting().set('oidc_oauth_username',
diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index c1fb626b4..65f3bf325 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -15,18 +15,25 @@ def update_token(token):
         session['azure_token'] = token
         return token
 
+    authlib_params = {
+        'client_id': Setting().get('azure_oauth_key'),
+        'client_secret': Setting().get('azure_oauth_secret'),
+        'api_base_url': Setting().get('azure_oauth_api_url'),
+        'request_token_url': None,
+        'access_token_url': Setting().get('azure_oauth_token_url'),
+        'authorize_url': Setting().get('azure_oauth_authorize_url'),
+        'client_kwargs': {'scope': Setting().get('azure_oauth_scope')},
+        'fetch_token': fetch_azure_token,
+    }
+
+    server_metadata_url = Setting().get('azure_oauth_metadata_url')
+
+    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+        authlib_params['server_metadata_url'] = server_metadata_url
+
     azure = authlib_oauth_client.register(
         'azure',
-        client_id=Setting().get('azure_oauth_key'),
-        client_secret=Setting().get('azure_oauth_secret'),
-        api_base_url=Setting().get('azure_oauth_api_url'),
-        request_token_url=None,
-        access_token_url=Setting().get('azure_oauth_token_url'),
-        authorize_url=Setting().get('azure_oauth_authorize_url'),
-        jwks_url=Setting().get('azure_oauth_jwks_url'),
-        server_metadata_url=Setting().get('azure_oauth_metadata_url'),
-        client_kwargs={'scope': Setting().get('azure_oauth_scope')},
-        fetch_token=fetch_azure_token,
+        **authlib_params
     )
 
     @current_app.route('/azure/authorized')
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index 13c2f000a..ff4a20f47 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -15,20 +15,28 @@ def update_token(token):
         session['github_token'] = token
         return token
 
+    authlib_params = {
+        'client_id': Setting().get('github_oauth_key'),
+        'client_secret': Setting().get('github_oauth_secret'),
+        'request_token_params': {'scope': Setting().get('github_oauth_scope')},
+        'api_base_url': Setting().get('github_oauth_api_url'),
+        'request_token_url': None,
+        'access_token_url': Setting().get('github_oauth_token_url'),
+        'authorize_url': Setting().get('github_oauth_authorize_url'),
+        'client_kwargs': {'scope': Setting().get('github_oauth_scope')},
+        'fetch_token': fetch_github_token,
+        'update_token': update_token
+    }
+
+    server_metadata_url = Setting().get('github_oauth_metadata_url')
+
+    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+        authlib_params['server_metadata_url'] = server_metadata_url
+
     github = authlib_oauth_client.register(
         'github',
-        client_id=Setting().get('github_oauth_key'),
-        client_secret=Setting().get('github_oauth_secret'),
-        request_token_params={'scope': Setting().get('github_oauth_scope')},
-        api_base_url=Setting().get('github_oauth_api_url'),
-        request_token_url=None,
-        access_token_url=Setting().get('github_oauth_token_url'),
-        authorize_url=Setting().get('github_oauth_authorize_url'),
-        jwks_url=Setting().get('github_oauth_jwks_url'),
-        server_metadata_url=Setting().get('github_oauth_metadata_url'),
-        client_kwargs={'scope': Setting().get('github_oauth_scope')},
-        fetch_token=fetch_github_token,
-        update_token=update_token)
+        **authlib_params
+    )
 
     @current_app.route('/github/authorized')
     def github_authorized():
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index fc9af1261..5604819ed 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -15,19 +15,27 @@ def update_token(token):
         session['google_token'] = token
         return token
 
+    authlib_params = {
+        'client_id': Setting().get('google_oauth_client_id'),
+        'client_secret': Setting().get('google_oauth_client_secret'),
+        'api_base_url': Setting().get('google_base_url'),
+        'request_token_url': None,
+        'access_token_url': Setting().get('google_token_url'),
+        'authorize_url': Setting().get('google_authorize_url'),
+        'client_kwargs': {'scope': Setting().get('google_oauth_scope')},
+        'fetch_token': fetch_google_token,
+        'update_token': update_token
+    }
+
+    server_metadata_url = Setting().get('google_oauth_metadata_url')
+
+    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+        authlib_params['server_metadata_url'] = server_metadata_url
+
     google = authlib_oauth_client.register(
         'google',
-        client_id=Setting().get('google_oauth_client_id'),
-        client_secret=Setting().get('google_oauth_client_secret'),
-        api_base_url=Setting().get('google_base_url'),
-        request_token_url=None,
-        access_token_url=Setting().get('google_token_url'),
-        authorize_url=Setting().get('google_authorize_url'),
-        jwks_url=Setting().get('google_oauth_jwks_url'),
-        server_metadata_url=Setting().get('google_oauth_metadata_url'),
-        client_kwargs={'scope': Setting().get('google_oauth_scope')},
-        fetch_token=fetch_google_token,
-        update_token=update_token)
+        **authlib_params
+    )
 
     @current_app.route('/google/authorized')
     def google_authorized():
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 432457ffe..7b0cd46ae 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -15,19 +15,27 @@ def update_token(token):
         session['oidc_token'] = token
         return token
 
+    authlib_params = {
+        'client_id': Setting().get('oidc_oauth_key'),
+        'client_secret': Setting().get('oidc_oauth_secret'),
+        'api_base_url': Setting().get('oidc_oauth_api_url'),
+        'request_token_url': None,
+        'access_token_url': Setting().get('oidc_oauth_token_url'),
+        'authorize_url': Setting().get('oidc_oauth_authorize_url'),
+        'client_kwargs': {'scope': Setting().get('oidc_oauth_scope')},
+        'fetch_token': fetch_oidc_token,
+        'update_token': update_token
+    }
+
+    server_metadata_url = Setting().get('oidc_oauth_metadata_url')
+
+    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+        authlib_params['server_metadata_url'] = server_metadata_url
+
     oidc = authlib_oauth_client.register(
         'oidc',
-        client_id=Setting().get('oidc_oauth_key'),
-        client_secret=Setting().get('oidc_oauth_secret'),
-        api_base_url=Setting().get('oidc_oauth_api_url'),
-        request_token_url=None,
-        access_token_url=Setting().get('oidc_oauth_token_url'),
-        authorize_url=Setting().get('oidc_oauth_authorize_url'),
-        jwks_url=Setting().get('oidc_oauth_jwks_url'),
-        server_metadata_url=Setting().get('oidc_oauth_metadata_url'),
-        client_kwargs={'scope': Setting().get('oidc_oauth_scope')},
-        fetch_token=fetch_oidc_token,
-        update_token=update_token)
+        **authlib_params
+    )
 
     @current_app.route('/oidc/authorized')
     def oidc_authorized():
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index c5459588e..cbe6800d1 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -806,17 +806,6 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            value="{{ SETTING.get('google_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_oauth_jwks_url">JWKS
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_jwks_url"
-                                                                           id="google_oauth_jwks_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
-                                                                           data-error="Please input JWKS URL"
-                                                                           value="{{ SETTING.get('google_oauth_jwks_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="google_base_url">Base URL</label>
                                                                     <input type="text" class="form-control"
@@ -957,17 +946,6 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            value="{{ SETTING.get('github_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="github_oauth_jwks_url">JWKS
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_jwks_url"
-                                                                           id="github_oauth_jwks_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
-                                                                           data-error="Please input JWKS URL"
-                                                                           value="{{ SETTING.get('github_oauth_jwks_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
@@ -1096,17 +1074,6 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            value="{{ SETTING.get('azure_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="azure_oauth_jwks_url">JWKS
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_jwks_url"
-                                                                           id="azure_oauth_jwks_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
-                                                                           data-error="Please input JWKS URL"
-                                                                           value="{{ SETTING.get('azure_oauth_jwks_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                             </fieldset>
                                                             <fieldset>
                                                                 <legend>Group Security</legend>
@@ -1413,17 +1380,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_jwks_url">JWKS
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_jwks_url"
-                                                                           id="oidc_oauth_jwks_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/jwks.json"
-                                                                           data-error="Please input JWKS URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_jwks_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="oidc_oauth_logout_url">Logout
                                                                         URL</label>

From a2429ad9d6fe0b7e7c5dce8433b3afe722757806 Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 2 Apr 2023 20:46:32 +0200
Subject: [PATCH 396/475] Make it possible again to use a different Zone Type
 than 'native', fixes #1501

---
 powerdnsadmin/routes/domain.py              |  6 +++---
 powerdnsadmin/templates/domain_add.html     | 18 +++++++++---------
 powerdnsadmin/templates/domain_setting.html | 16 ++++++++--------
 3 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 593e91de4..bcf91ccf4 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -66,7 +66,7 @@ def domain(domain_name):
     current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
-    if not rrsets and domain.type != 'Slave':
+    if not rrsets and domain.type != 'slave':
         abort(500)
 
     quick_edit = Setting().get('record_quick_edit')
@@ -206,7 +206,7 @@ def changelog(domain_name):
     current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
-    if not rrsets and domain.type != 'Slave':
+    if not rrsets and domain.type != 'slave':
         abort(500)
 
     records_allow_to_edit = Setting().get_records_allow_to_edit()
@@ -294,7 +294,7 @@ def record_changelog(domain_name, record_name, record_type):
     current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
-    if not rrsets and domain.type != 'Slave':
+    if not rrsets and domain.type != 'slave':
         abort(500)
 
     # get all changelogs for this domain, in descening order
diff --git a/powerdnsadmin/templates/domain_add.html b/powerdnsadmin/templates/domain_add.html
index c56821002..8be5817ee 100644
--- a/powerdnsadmin/templates/domain_add.html
+++ b/powerdnsadmin/templates/domain_add.html
@@ -76,11 +76,16 @@ <h3 class="card-title">Zone Editor</h3>
                                     <div class="radio">
                                         <label>
                                             <input type="radio" name="radio_type" id="radio_type_secondary"
-                                                   value="secondary">
+                                                   value="slave">
                                             Secondary
                                         </label>
                                     </div>
                                 </div>
+                                <div class="form-group" style="display: none;" id="domain_master_address_div">
+                                    <input type="text" class="form-control" name="domain_master_address"
+                                           id="domain_master_address"
+                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+                                </div>
                                 <div class="form-group">
                                     <label for="domain_template">Zone Template</label>
                                     <select class="form-control" id="domain_template" name="domain_template">
@@ -90,11 +95,6 @@ <h3 class="card-title">Zone Editor</h3>
                                         {% endfor %}
                                     </select>
                                 </div>
-                                <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                                    <input type="text" class="form-control" name="domain_primary_address"
-                                           id="domain_primary_address"
-                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)">
-                                </div>
                                 <div class="form-group">
                                     <label>SOA-EDIT-API</label>
                                     <div class="radio">
@@ -228,10 +228,10 @@ <h3 class="card-title">Zone Editor Help</h3>
     <script>
         $("input[name=radio_type]").change(function () {
             var type = $(this).val();
-            if (type == "secondary") {
-                $("#domain_primary_address_div").show();
+            if (type == "slave") {
+                $("#domain_master_address_div").show();
             } else {
-                $("#domain_primary_address_div").hide();
+                $("#domain_master_address_div").hide();
             }
         });
     </script>
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index bc9470e39..f59f4a9c6 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -220,12 +220,12 @@ <h3 class="card-title">Change Zone Type</h3>
                                 <select name="domain_type" class="form-control" style="width:15em;">
                                     <option selected value="0">- Unchanged -</option>
                                     <option value="native">Native</option>
-                                    <option value="primary">Primary</option>
-                                    <option value="secondary">Secondary</option>
+                                    <option value="master">Primary</option>
+                                    <option value="slave">Secondary</option>
                                 </select><br/>
-                                <div class="form-group" style="display: none;" id="domain_primary_address_div">
-                                    <input type="text" class="form-control" name="domain_primary_address"
-                                           id="domain_primary_address"
+                                <div class="form-group" style="display: none;" id="domain_master_address_div">
+                                    <input type="text" class="form-control" name="domain_master_address"
+                                           id="domain_master_address"
                                            placeholder="Enter valid Primary Server IP addresses (separated by commas)">
                                 </div>
                                 <button type="submit" title="Update Zone Type" class="btn btn-primary" id="change_type">
@@ -422,10 +422,10 @@ <h3 class="card-title">Remove Zone</h3>
         // zone primary address input handeling
         $("select[name=domain_type]").change(function () {
             var type = $(this).val();
-            if (type == "secondary") {
-                $("#domain_primary_address_div").show();
+            if (type == "slave") {
+                $("#domain_master_address_div").show();
             } else {
-                $("#domain_primary_address_div").hide();
+                $("#domain_master_address_div").hide();
             }
         });
 

From bae746cffe2bbb8333d69c2cd5e7099bfea39e8e Mon Sep 17 00:00:00 2001
From: Stefan Ubbink <stefan.ubbink@sidn.nl>
Date: Sun, 2 Apr 2023 15:47:34 +0200
Subject: [PATCH 397/475] Show the current zone type and soa-edit-api settings
 on the zone settings page

---
 powerdnsadmin/routes/domain.py              |  6 +++++-
 powerdnsadmin/templates/domain_setting.html | 20 ++++++++++----------
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index bcf91ccf4..bee125069 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -560,13 +560,17 @@ def setting(domain_name):
         d = Domain(name=domain_name)
         domain_user_ids = d.get_user()
         account = d.get_account()
+        domain_info = d.get_domain_info(domain_name)
 
         return render_template('domain_setting.html',
                                domain=domain,
                                users=users,
                                domain_user_ids=domain_user_ids,
                                accounts=accounts,
-                               domain_account=account)
+                               domain_account=account,
+                               zone_type=domain_info["kind"].lower(),
+                               masters=','.join(domain_info["masters"]),
+                               soa_edit_api=domain_info["soa_edit_api"].upper())
 
     if request.method == 'POST':
         # username in right column
diff --git a/powerdnsadmin/templates/domain_setting.html b/powerdnsadmin/templates/domain_setting.html
index f59f4a9c6..ba1135400 100644
--- a/powerdnsadmin/templates/domain_setting.html
+++ b/powerdnsadmin/templates/domain_setting.html
@@ -218,15 +218,16 @@ <h3 class="card-title">Change Zone Type</h3>
                             <form method="post" action="{{ url_for('domain.change_type', domain_name=domain.name) }}">
                                 <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                 <select name="domain_type" class="form-control" style="width:15em;">
-                                    <option selected value="0">- Unchanged -</option>
-                                    <option value="native">Native</option>
-                                    <option value="master">Primary</option>
-                                    <option value="slave">Secondary</option>
+                                    <option value="0">- Unchanged -</option>
+                                    {% for type in ["native", "master", "slave"] %}
+                                        <option {% if zone_type == type %}selected{% endif %} value="{{ type }}">{{ type | format_zone_type }}</option>
+                                    {% endfor %}
                                 </select><br/>
-                                <div class="form-group" style="display: none;" id="domain_master_address_div">
+                                <div class="form-group" style="{% if zone_type != 'slave' %}display: none;{% endif %}" id="domain_master_address_div">
                                     <input type="text" class="form-control" name="domain_master_address"
                                            id="domain_master_address"
-                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)">
+                                           placeholder="Enter valid Primary Server IP addresses (separated by commas)"
+                                           value="{{ masters }}">
                                 </div>
                                 <button type="submit" title="Update Zone Type" class="btn btn-primary" id="change_type">
                                     <i class="fa-solid fa-floppy-disk"></i>&nbsp;Update Zone Type
@@ -276,10 +277,9 @@ <h3 class="card-title">Change SOA-EDIT-API</h3>
                                 <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
                                 <select name="soa_edit_api" class="form-control" style="width:15em;">
                                     <option selected value="0">- Unchanged -</option>
-                                    <option>DEFAULT</option>
-                                    <option>INCREASE</option>
-                                    <option>EPOCH</option>
-                                    <option>OFF</option>
+                                    {% for edit_type in ["DEFAULT", "INCREASE", "EPOCH", "OFF"] %}
+                                        <option {% if soa_edit_api == edit_type %}selected{% endif %}>{{ edit_type }}</option>
+                                    {% endfor %}
                                 </select><br/>
                                 <button type="submit" title="Update SOA-EDIT-API" class="btn btn-primary"
                                         id="change_soa_edit_api">

From fe10665e19fdff8065fd4519541bf3a73822d62d Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Tue, 4 Apr 2023 15:32:52 +0300
Subject: [PATCH 398/475] Refactored zone history retrieval, parsing and
 displaying code.

---
 powerdnsadmin/routes/admin.py                 | 135 +++++------
 powerdnsadmin/routes/domain.py                | 108 ++-------
 .../templates/admin_history_table.html        |  33 ++-
 .../templates/applied_change_macro.html       | 223 +++++++++---------
 powerdnsadmin/templates/domain_changelog.html |  34 +--
 5 files changed, 227 insertions(+), 306 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 3e44fd69c..36b1eb44e 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -107,66 +107,58 @@ def to_state(record):
     return changeset
 
 
+def filter_rr_list_by_name_and_type(rrset, record_name, record_type):
+    return list(filter(lambda rr: rr['name'] == record_name and rr['type'] == record_type, rrset))
+
+
 # out_changes is a list of  HistoryRecordEntry objects in which we will append the new changes
 # a HistoryRecordEntry represents a pair of add_rrset and del_rrset
-def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_num, record_name=None, record_type=None):
-    if history_entry.detail is None:
-        return
-
-    if "add_rrsets" in history_entry.detail:
-        detail_dict = json.loads(history_entry.detail)
-    else:  # not a record entry
-        return
-
-    add_rrsets = detail_dict['add_rrsets']
-    del_rrsets = detail_dict['del_rrsets']
-
-    for add_rrset in add_rrsets:
-        exists = False
-        for del_rrset in del_rrsets:
-            if del_rrset['name'] == add_rrset['name'] and del_rrset['type'] == add_rrset['type']:
-                exists = True
-                if change_num not in out_changes:
-                    out_changes[change_num] = []
-                out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, add_rrset, "*"))
-                break
-        if not exists:  # this is a new record
-            if change_num not in out_changes:
-                out_changes[change_num] = []
-            out_changes[change_num].append(
-                HistoryRecordEntry(history_entry, {}, add_rrset, "+"))  # (add_rrset, del_rrset, change_type)
-    for del_rrset in del_rrsets:
-        exists = False
-        for add_rrset in add_rrsets:
-            if del_rrset['name'] == add_rrset['name'] and del_rrset['type'] == add_rrset['type']:
-                exists = True  # no need to add in the out_changes set
-                break
-        if not exists:  # this is a deletion
-            if change_num not in out_changes:
-                out_changes[change_num] = []
-            out_changes[change_num].append(HistoryRecordEntry(history_entry, del_rrset, {}, "-"))
-
-    # Sort them by the record name
-    if change_num in out_changes:
-        out_changes[change_num].sort(key=lambda change:
-                change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
-        )
-
-    # only used for changelog per record
-    if record_name != None and record_type != None:  # then get only the records with the specific (record_name, record_type) tuple
-        if change_num in out_changes:
-            changes_i = out_changes[change_num]
-        else:
-            return
-        for hre in changes_i:  # for each history record entry in changes_i
-            if 'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset[
-                'type'] == record_type:
+def extract_changelogs_from_history(histories, record_name=None, record_type=None):
+    out_changes = []
+
+    for entry in histories:
+        changes = []
+
+        if "add_rrsets" in entry.detail:
+            details = json.loads(entry.detail)
+            if not details['add_rrsets'] and not details['del_rrsets']:
                 continue
-            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset[
-                'type'] == record_type:
+        else:  # not a record entry
+            continue
+
+        # filter only the records with the specific record_name, record_type
+        if record_name != None and record_type != None:
+            details['add_rrsets'] = list(filter_rr_list_by_name_and_type(details['add_rrsets'], record_name, record_type))
+            details['del_rrsets'] = list(filter_rr_list_by_name_and_type(details['del_rrsets'], record_name, record_type))
+
+            if not details['add_rrsets'] and not details['del_rrsets']:
                 continue
-            else:
-                out_changes[change_num].remove(hre)
+
+        # same record name and type RR are being deleted and created in same entry.
+        del_add_changes = set([(r['name'], r['type']) for r in details['add_rrsets']]).intersection([(r['name'], r['type']) for r in details['del_rrsets']])
+        for del_add_change in del_add_changes:
+            changes.append(HistoryRecordEntry(
+                entry,
+                filter_rr_list_by_name_and_type(details['del_rrsets'], del_add_change[0], del_add_change[1]).pop(0),
+                filter_rr_list_by_name_and_type(details['add_rrsets'], del_add_change[0], del_add_change[1]).pop(0),
+                "*")
+            )
+
+        for rrset in details['add_rrsets']:
+            if (rrset['name'], rrset['type']) not in del_add_changes:
+                changes.append(HistoryRecordEntry(entry, {}, rrset, "+"))
+
+        for rrset in details['del_rrsets']:
+            if (rrset['name'], rrset['type']) not in del_add_changes:
+                changes.append(HistoryRecordEntry(entry, rrset, {}, "-"))
+
+        # sort changes by the record name
+        if changes:
+            changes.sort(key=lambda change:
+                    change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
+                    )
+            out_changes.extend(changes)
+    return out_changes
 
 
 # records with same (name,type) are considered as a single HistoryRecordEntry
@@ -184,21 +176,16 @@ def __init__(self, history_entry, del_rrset, add_rrset, change_type):
         self.changed_fields = []  # contains a subset of : [ttl, name, type]
         self.changeSet = []  # all changes for the records of this add_rrset-del_rrset pair
 
-        if change_type == "+":  # addition
+        if change_type == "+" or change_type == "-":
             self.changed_fields.append("name")
             self.changed_fields.append("type")
             self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrset, add_rrset)
-        elif change_type == "-":  # removal
-            self.changed_fields.append("name")
-            self.changed_fields.append("type")
-            self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrset, add_rrset)
 
         elif change_type == "*":  # edit of unchanged
             if add_rrset['ttl'] != del_rrset['ttl']:
                 self.changed_fields.append("ttl")
-            self.changeSet = get_record_changes(del_rrset, add_rrset)
+
+        self.changeSet = get_record_changes(del_rrset, add_rrset)
 
     def toDict(self):
         return {
@@ -882,9 +869,7 @@ def __init__(self, history, change_set):
                                                        ip_address=detail_dict['ip_address'])
 
         elif 'add_rrsets' in detail_dict:  # this is a zone record change
-            # changes_set = []
             self.detailed_msg = ""
-            # extract_changelogs_from_a_history_entry(changes_set, history, 0)
 
         elif 'name' in detail_dict and 'template' in history.msg:  # template creation / deletion
             self.detailed_msg = render_template_string("""
@@ -997,20 +982,14 @@ def get_key_val(_dict, key):
 
 # convert a list of History objects into DetailedHistory objects
 def convert_histories(histories):
-    changes_set = dict()
     detailedHistories = []
-    j = 0
-    for i in range(len(histories)):
-        if histories[i].detail and ('add_rrsets' in histories[i].detail or 'del_rrsets' in histories[i].detail):
-            extract_changelogs_from_a_history_entry(changes_set, histories[i], j)
-            if j in changes_set:
-                detailedHistories.append(DetailedHistory(histories[i], changes_set[j]))
-            else:  # no changes were found
-                detailedHistories.append(DetailedHistory(histories[i], None))
-            j += 1
-
+    for history in histories:
+        if history.detail and ('add_rrsets' in history.detail or 'del_rrsets' in history.detail):
+            history_as_list = list()
+            history_as_list.append(history)
+            detailedHistories.append(DetailedHistory(history, extract_changelogs_from_history(history_as_list)))
         else:
-            detailedHistories.append(DetailedHistory(histories[i], None))
+            detailedHistories.append(DetailedHistory(history, None))
     return detailedHistories
 
 
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 593e91de4..289926cc0 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -25,7 +25,7 @@
 from ..models.base import db
 from ..models.domain_user import DomainUser
 from ..models.account_user import AccountUser
-from .admin import extract_changelogs_from_a_history_entry
+from .admin import extract_changelogs_from_history
 from ..decorators import history_access_required
 domain_bp = Blueprint('domain',
                       __name__,
@@ -201,17 +201,6 @@ def changelog(domain_name):
     if not domain:
         abort(404)
 
-    # Query domain's rrsets from PowerDNS API
-    rrsets = Record().get_rrsets(domain.name)
-    current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
-
-    # API server might be down, misconfigured
-    if not rrsets and domain.type != 'Slave':
-        abort(500)
-
-    records_allow_to_edit = Setting().get_records_allow_to_edit()
-    records = []
-
     # get all changelogs for this domain, in descening order
     if current_user.role.name in [ 'Administrator', 'Operator' ]:
         histories = History.query.filter(History.domain_id == domain.id).order_by(History.created_on.desc()).all()
@@ -230,49 +219,13 @@ def changelog(domain_name):
                                 DomainUser.user_id == current_user.id,
                                 AccountUser.user_id == current_user.id
                         ),
-                        History.domain_id == domain.id
+                        History.domain_id == domain.id,
+                        History.detail.isnot(None)
                 )
             ).all()
 
-    if StrictVersion(Setting().get('pdns_version')) >= StrictVersion('4.0.0'):
-        for r in rrsets:
-            if r['type'] in records_allow_to_edit:
-                r_name = r['name'].rstrip('.')
-
-                # If it is reverse zone and pretty_ipv6_ptr setting
-                # is enabled, we reformat the name for ipv6 records.
-                if Setting().get('pretty_ipv6_ptr') and r[
-                        'type'] == 'PTR' and 'ip6.arpa' in r_name and '*' not in r_name:
-                    r_name = dns.reversename.to_address(
-                        dns.name.from_text(r_name))
-
-                # Create the list of records in format that
-                # PDA jinja2 template can understand.
-                index = 0
-                for record in r['records']:
-                    if (len(r['comments'])>index):
-                        c=r['comments'][index]['content']
-                    else:
-                        c=''
-                    record_entry = RecordEntry(
-                        name=r_name,
-                        type=r['type'],
-                        status='Disabled' if record['disabled'] else 'Active',
-                        ttl=r['ttl'],
-                        data=record['content'],
-                        comment=c,
-                        is_allowed_edit=True)
-                    index += 1
-                    records.append(record_entry)
-    else:
-        # Unsupported version
-        abort(500)
+    changes_set = extract_changelogs_from_history(histories)
 
-    changes_set = dict()
-    for i in range(len(histories)):
-        extract_changelogs_from_a_history_entry(changes_set, histories[i], i)
-        if i in changes_set and len(changes_set[i]) == 0: # if empty, then remove the key
-            changes_set.pop(i)
     return render_template('domain_changelog.html', domain=domain, allHistoryChanges=changes_set)
 
 """
@@ -289,17 +242,18 @@ def record_changelog(domain_name, record_name, record_type):
     domain = Domain.query.filter(Domain.name == domain_name).first()
     if not domain:
         abort(404)
-    # Query domain's rrsets from PowerDNS API
-    rrsets = Record().get_rrsets(domain.name)
-    current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
-
-    # API server might be down, misconfigured
-    if not rrsets and domain.type != 'Slave':
-        abort(500)
 
     # get all changelogs for this domain, in descening order
     if current_user.role.name in [ 'Administrator', 'Operator' ]:
-        histories = History.query.filter(History.domain_id == domain.id).order_by(History.created_on.desc()).all()
+        histories = History.query \
+            .filter(
+                db.and_(
+                        History.domain_id == domain.id,
+                        History.detail.like("%{}%".format(record_name))
+                )
+            ) \
+            .order_by(History.created_on.desc()) \
+            .all()
     else:
         # if the user isn't an administrator or operator, 
         # allow_user_view_history must be enabled to get here,
@@ -309,42 +263,22 @@ def record_changelog(domain_name, record_name, record_type):
             .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
             .outerjoin(Account, Domain.account_id == Account.id) \
             .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
-            .order_by(History.created_on.desc()) \
             .filter(
                 db.and_(db.or_(
                                 DomainUser.user_id == current_user.id,
                                 AccountUser.user_id == current_user.id
                         ), 
-                        History.domain_id == domain.id
+                        History.domain_id == domain.id,
+                        History.detail.like("%{}%".format(record_name))
                 )
-            ).all()
-
-    changes_set_of_record = dict()
-    for i in range(len(histories)):
-        extract_changelogs_from_a_history_entry(changes_set_of_record, histories[i], i, record_name, record_type)
-        if i in changes_set_of_record and len(changes_set_of_record[i]) == 0: # if empty, then remove the key
-            changes_set_of_record.pop(i)
-
-    indexes_to_pop = []
-    for change_num in changes_set_of_record:
-        changes_i = changes_set_of_record[change_num]
-        for hre in changes_i: # for each history record entry in changes_i
-            if  'type' in hre.add_rrset and hre.add_rrset['name'] == record_name and hre.add_rrset['type'] == record_type:
-                continue
-            elif 'type' in hre.del_rrset and hre.del_rrset['name'] == record_name and hre.del_rrset['type'] == record_type:
-                continue
-            else:
-                changes_set_of_record[change_num].remove(hre)
-        if change_num in changes_set_of_record and len(changes_set_of_record[change_num]) == 0: # if empty, then remove the key
-            indexes_to_pop.append(change_num)
-    
-    for i in indexes_to_pop:
-        changes_set_of_record.pop(i)
-
-    return render_template('domain_changelog.html', domain=domain, allHistoryChanges=changes_set_of_record, 
-                            record_name = record_name, record_type = record_type)
+            ) \
+            .order_by(History.created_on.desc()) \
+            .all()
 
+    changes_set = extract_changelogs_from_history(histories, record_name, record_type)
 
+    return render_template('domain_changelog.html', domain=domain, allHistoryChanges=changes_set,
+                            record_name = record_name, record_type = record_type)
 
 @domain_bp.route('/add', methods=['GET', 'POST'])
 @login_required
diff --git a/powerdnsadmin/templates/admin_history_table.html b/powerdnsadmin/templates/admin_history_table.html
index 8f1d25f7d..a941ce1da 100644
--- a/powerdnsadmin/templates/admin_history_table.html
+++ b/powerdnsadmin/templates/admin_history_table.html
@@ -10,26 +10,41 @@
   <table id="tbl_history" class="table table-bordered table-striped">
     <thead>
       <tr>
-        <th>Changed by</th>
-        <th>Content</th>
         <th>Time</th>
+        <th>Content</th>
+        <th>Changed by</th>
         <th>Detail</th>
       </tr>
     </thead>
     <tbody>
       {% for history in histories %}
         <tr class="odd gradeX">
-          <td>{{ history.history.created_by }}</td>
-          <td>{{ history.history.msg }}</td>
           <td>{{ history.history.created_on }}</td>
+          <td>{{ history.history.msg }}</td>
+          <td>{{ history.history.created_by }}</td>
           <td width="6%">
             <div id="history-info-div-{{ loop.index0 }}" style="display: none;">
               {{ history.detailed_msg | safe }}
               {% if history.change_set %}
                 <div class="content">
-                  <div id="change_index_definition"></div>
-                  {% call applied_change_macro.applied_change_template(history.change_set) %}
-                  {% endcall %}
+                <table class="table table-bordered table-striped">
+                <thead><tr>
+                    <th>Name</th>
+                    <th>Type</th>
+                    <th>TTL</th>
+                    <th>Data</th>
+                    <th>Status</th>
+                    <th>Comment</th>
+                </tr></thead>
+                <tbody>
+				{% for applied_change in history.change_set %}
+                <tr>
+                    {% call applied_change_macro.applied_change_template(applied_change) %}
+                    {% endcall %}
+                </tr>
+				{% endfor %}
+                </tbody>
+                </table>
                 </div>
               {% endif %}
             </div>
@@ -52,7 +67,7 @@
   $(document).ready(function () {
     table = $('#tbl_history').DataTable({
       "order": [
-        [2, "desc"]
+        [0, "desc"]
       ],
       "searching": true,
       "columnDefs": [{
@@ -60,7 +75,7 @@
         "render": function (data, type, row) {
           return moment.utc(data).local().format('YYYY-MM-DD HH:mm:ss');
         },
-        "targets": 2
+        "targets": 0
       }],
       "info": true,
       "autoWidth": false,
diff --git a/powerdnsadmin/templates/applied_change_macro.html b/powerdnsadmin/templates/applied_change_macro.html
index d4272bd47..1dcb13629 100644
--- a/powerdnsadmin/templates/applied_change_macro.html
+++ b/powerdnsadmin/templates/applied_change_macro.html
@@ -1,114 +1,121 @@
-{% macro applied_change_template(change_set) -%}
+{% macro applied_change_template(hist_rec_entry) -%}
 {{ caller() }}
-{% for hist_rec_entry in change_set %}
-<table id="tbl_records" class="table table-bordered">
-    <thead>
-        <tr>
-            <th scope="col" colspan="3">
-                {% if hist_rec_entry.change_type == '-' %}
-                    <span class="diff diff-deletion">{{
-                        hist_rec_entry.del_rrset['name'] }} {{ hist_rec_entry.del_rrset['type']
-                    }}</span>
-                {% elif hist_rec_entry.change_type == '+' %}
-                    <span class="diff diff-addition">{{
-                        hist_rec_entry.add_rrset['name'] }} {{ hist_rec_entry.add_rrset['type']
-                    }}</span>
-                {% else %}
-                    <span class="diff diff-unchanged">{{
-                        hist_rec_entry.add_rrset['name'] }} {{ hist_rec_entry.add_rrset['type']
-                    }}</span>
-                {% endif %}
 
-                , TTL
-                {% if not 'ttl' in hist_rec_entry.changed_fields %}
-                    <span class="diff diff-unchanged">{{
-                        hist_rec_entry.add_rrset['ttl']
-                    }}</span>
-                {% else %}
-                    {% if hist_rec_entry.change_type in ['-', '*'] %}
-                        <span class="diff diff-deletion">{{
-                            hist_rec_entry.del_rrset['ttl']
-                        }}</span>
-                    {% endif %}
-                    {% if hist_rec_entry.change_type in ['+', '*'] %}
-                        <span class="diff diff-addition">{{
-                            hist_rec_entry.add_rrset['ttl']
-                        }}</span>
-                    {% endif %}
-                {% endif %}
+<td>
+{% if hist_rec_entry.change_type == '-' %}
+    <div class="diff diff-deletion">{{
+        hist_rec_entry.del_rrset['name']
+    }}
+{% elif hist_rec_entry.change_type == '+' %}
+    <div class="diff diff-addition">{{
+        hist_rec_entry.add_rrset['name']
+    }}
+{% else %}
+    <div class="diff diff-unchanged">{{
+        hist_rec_entry.add_rrset['name']
+    }}
+{% endif %}
+    </div>
+</td>
 
-            </th>
-        </tr>
+<td>
+{% if hist_rec_entry.change_type == '-' %}
+    <div class="diff diff-deletion">{{
+        hist_rec_entry.del_rrset['type']
+    }}
+{% elif hist_rec_entry.change_type == '+' %}
+    <div class="diff diff-addition">{{
+        hist_rec_entry.add_rrset['type']
+    }}
+{% else %}
+    <div class="diff diff-unchanged">{{
+        hist_rec_entry.add_rrset['type']
+    }}
+{% endif %}
+    </div>
+</td>
 
-        <tr>
-            <th scope="col" style="width: 150px;">Status</th>
-            <th scope="col" style="width: 400px;">Data</th>
-            <th scope="col" style="width: 400px;">Comment</th>
-        </tr>
-    </thead>
-    <tbody>
-        {% for changes in hist_rec_entry.changeSet %}
-        <tr>
-            <td style="word-break: break-all">
-                {% if changes[2] == "unchanged" or
-                    (changes[2] == "edit" and changes[0]['disabled'] == changes[1]['disabled']) %}
-                    <div class="diff diff-unchanged">{{
-                        "Disabled" if changes[1]['disabled'] else "Activated"
-                    }}</div>
-                {% else %}
-                    {% if changes[2] in ["deletion", "edit"] %}
-                        <div class="diff diff-deletion">{{
-                            "Disabled" if changes[0]['disabled'] else "Activated"
-                        }}</div>
-                    {% endif %}
-                    {% if changes[2] in ["addition", "edit"] %}
-                        <div class="diff diff-addition">{{
-                            "Disabled" if changes[1]['disabled'] else "Activated"
-                        }}</div>
-                    {% endif %}
-                {% endif %}
-            </td>
-            <td style="word-break: break-all">
-                {% if changes[2] == "unchanged" or
-                        (changes[2] == "edit" and changes[0]['content'] == changes[1]['content']) %}
-                    <div class="diff diff-unchanged">{{
-                        changes[1]['content']
-                    }}</div>
-                {% else %}
-                    {% if changes[2] in ["deletion", "edit"] %}
-                        <div class="diff diff-deletion">{{
-                            changes[0]['content']
-                        }}</div>
-                    {% endif %}
-                    {% if changes[2] in ["addition", "edit"] %}
-                        <div class="diff diff-addition">{{
-                            changes[1]['content']
-                        }}</div>
-                    {% endif %}
-                {% endif %}
-            </td>
-            <td style="word-break: break-all">
-                {% if changes[2] == "unchanged" or
-                        (changes[2] == "edit" and changes[0]['comment'] == changes[1]['comment']) %}
-                    <div class="diff diff-unchanged">{{
-                        changes[1]['comment']
-                    }}</div>
-                {% else %}
-                    {% if changes[2] in ["deletion", "edit"] and changes[0]['comment'] %}
-                        <div class="diff diff-deletion">{{
-                            changes[0]['comment']
-                        }}</div>
-                    {% endif %}
-                    {% if changes[2] in ["addition", "edit"] and changes[1]['comment'] %}
-                        <div class="diff diff-addition">{{
-                            changes[1]['comment']
-                        }}</div>
-                    {% endif %}
-                {% endif %}
-            </td>
-        </tr>
-        {% endfor %}
-    </tbody>
-</table>
+<td>
+{% if not 'ttl' in hist_rec_entry.changed_fields %}
+    <div class="diff diff-unchanged">{{
+        hist_rec_entry.add_rrset['ttl']
+    }}</div>
+{% else %}
+    {% if hist_rec_entry.change_type in ['+', '*'] %}
+        <div class="diff diff-addition">{{
+            hist_rec_entry.add_rrset['ttl']
+        }}</div>
+    {% endif %}
+    {% if hist_rec_entry.change_type in ['-', '*'] %}
+        <div class="diff diff-deletion">{{
+            hist_rec_entry.del_rrset['ttl']
+        }}</div>
+    {% endif %}
+{% endif %}
+</td>
+
+<td style="word-break: break-all">
+{% for changes in hist_rec_entry.changeSet %}
+    {% if changes[2] == "unchanged" or (changes[2] == "edit" and changes[0]['content'] == changes[1]['content']) %}
+        <div class="diff diff-unchanged">{{
+            changes[1]['content']
+        }}</div>
+    {% else %}
+        {% if changes[2] in ["deletion", "edit"] %}
+            <div class="diff diff-deletion">{{
+                changes[0]['content']
+            }}</div>
+        {% endif %}
+        {% if changes[2] in ["addition", "edit"] %}
+            <div class="diff diff-addition">{{
+                changes[1]['content']
+            }}</div>
+        {% endif %}
+    {% endif %}
+{% endfor %}
+</td>
+
+<td>
+{% for changes in hist_rec_entry.changeSet %}
+    {% if changes[2] == "unchanged" or
+        (changes[2] == "edit" and changes[0]['disabled'] == changes[1]['disabled']) %}
+        <div class="diff diff-unchanged">{{
+            "Disabled" if changes[1]['disabled'] else "Activated"
+        }}</div>
+    {% else %}
+        {% if changes[2] in ["deletion", "edit"] %}
+            <div class="diff diff-deletion">{{
+                "Disabled" if changes[0]['disabled'] else "Activated"
+            }}</div>
+        {% endif %}
+        {% if changes[2] in ["addition", "edit"] %}
+            <div class="diff diff-addition">{{
+                "Disabled" if changes[1]['disabled'] else "Activated"
+            }}</div>
+        {% endif %}
+    {% endif %}
+{% endfor %}
+</td>
+
+<td style="word-break: break-all">
+{% for changes in hist_rec_entry.changeSet %}
+    {% if changes[2] == "unchanged" or
+            (changes[2] == "edit" and changes[0]['comment'] == changes[1]['comment']) %}
+        <div class="diff diff-unchanged">{{
+            changes[1]['comment']
+        }}</div>
+    {% else %}
+        {% if changes[2] in ["deletion", "edit"] and changes[0]['comment'] %}
+            <div class="diff diff-deletion">{{
+                changes[0]['comment']
+            }}</div>
+        {% endif %}
+        {% if changes[2] in ["addition", "edit"] and changes[1]['comment'] %}
+            <div class="diff diff-addition">{{
+                changes[1]['comment']
+            }}</div>
+        {% endif %}
+    {% endif %}
 {% endfor %}
+</td>
 {%- endmacro %}
diff --git a/powerdnsadmin/templates/domain_changelog.html b/powerdnsadmin/templates/domain_changelog.html
index 4cdd2be75..31a01b42c 100644
--- a/powerdnsadmin/templates/domain_changelog.html
+++ b/powerdnsadmin/templates/domain_changelog.html
@@ -49,6 +49,12 @@ <h1 class="m-0 text-dark">
               <thead>
                 <tr>
                   <th>Changed on</th>
+                  <th>Name</th>
+                  <th>Type</th>
+                  <th>TTL</th>
+                  <th>Data</th>
+                  <th>Status</th>
+                  <th>Comment</th>
                   <th>Changed by</th>
                 </tr>
               </thead>
@@ -56,22 +62,14 @@ <h1 class="m-0 text-dark">
                 {% for applied_change in allHistoryChanges %}
                   <tr class="odd row_record" id="{{ domain.name }}">
                     <td id="changed_on" class="changed_on">
-                      {{ allHistoryChanges[applied_change][0].history_entry.created_on }}
+                      {{ applied_change.history_entry.created_on }}
                     </td>
+                    {% call applied_change_macro.applied_change_template(applied_change) %}
+                    {% endcall %}
                     <td>
-                      {{allHistoryChanges[applied_change][0].history_entry.created_by }}
+                      {{ applied_change.history_entry.created_by }}
                     </td>
                   </tr>
-                  <!-- Nested Table -->
-                  <tr style='visibility:collapse'>
-                    <td colspan="2">
-                      <div class="content">
-                        {% call applied_change_macro.applied_change_template(allHistoryChanges[applied_change]) %} 
-                        {% endcall %}
-                      </div>
-                    </td>
-                  </tr>
-                  <!-- end nested table -->
                 {% endfor %}
               </tbody>
             </table>
@@ -106,18 +104,6 @@ <h1 class="m-0 text-dark">
         });
     }
 
-    // handle click on history record
-    $(document.body).on("click", ".row_record", function (e) {
-        e.stopPropagation();
-        var nextRow = $(this).next('tr')
-        if (nextRow.css("visibility") == "visible")
-            nextRow.css("visibility", "collapse")
-        else
-            nextRow.css("visibility", "visible")
-
-    });
-
-
     var els = document.getElementsByClassName("changed_on");
     for (var i = 0; i < els.length; i++) {
         // els[i].innerHTML = moment.utc(els[i].innerHTML).local().format('YYYY-MM-DD HH:mm:ss');

From d27fa2aa966246131835cb4f3b814a93d408a925 Mon Sep 17 00:00:00 2001
From: Rauno Tuul <raunz@hot.ee>
Date: Tue, 4 Apr 2023 22:27:21 +0300
Subject: [PATCH 399/475] minor syntax improvement to use single history object
 as list

---
 powerdnsadmin/routes/admin.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index fa0aa3899..86f6ca4e4 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -985,9 +985,7 @@ def convert_histories(histories):
     detailedHistories = []
     for history in histories:
         if history.detail and ('add_rrsets' in history.detail or 'del_rrsets' in history.detail):
-            history_as_list = list()
-            history_as_list.append(history)
-            detailedHistories.append(DetailedHistory(history, extract_changelogs_from_history(history_as_list)))
+            detailedHistories.append(DetailedHistory(history, extract_changelogs_from_history([history])))
         else:
             detailedHistories.append(DetailedHistory(history, None))
     return detailedHistories

From ab4495dc466ccf177d29fd68edcdf7fb07abbb3b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 17:05:27 -0400
Subject: [PATCH 400/475] Completed the implementation of the
 `SERVER_EXTERNAL_SSL` environment setting into the app config files.

 Completed the implementation of the aforementioned environment setting into the OAuth workflows.

Documented the aforementioned setting in the Environment-variables.md wiki document.
---
 configs/docker_config.py                      |  18 +-
 .../configuration/Environment-variables.md    | 117 +++----
 powerdnsadmin/default_config.py               |   1 +
 powerdnsadmin/routes/index.py                 | 327 ++++++++++--------
 powerdnsadmin/services/azure.py               |  10 +-
 powerdnsadmin/services/github.py              |  11 +-
 powerdnsadmin/services/google.py              |  12 +-
 powerdnsadmin/services/oidc.py                |  13 +-
 8 files changed, 277 insertions(+), 232 deletions(-)

diff --git a/configs/docker_config.py b/configs/docker_config.py
index f934548ab..652777ab6 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -1,3 +1,8 @@
+# import everything from environment variables
+import os
+import sys
+import json
+
 # Defaults for Docker image
 BIND_ADDRESS = '0.0.0.0'
 PORT = 80
@@ -23,6 +28,7 @@
     'OIDC_OAUTH_EMAIL',
     'BIND_ADDRESS',
     'PORT',
+    'SERVER_EXTERNAL_SSL',
     'LOG_LEVEL',
     'SALT',
     'SQLALCHEMY_TRACK_MODIFICATIONS',
@@ -97,21 +103,18 @@
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
+    'SERVER_EXTERNAL_SSL',
 )
 
 legal_envvars_dict = (
     'SQLALCHEMY_ENGINE_OPTIONS',
 )
 
-# import everything from environment variables
-import os
-import sys
-import json
-
 def str2bool(v):
     return v.lower() in ("true", "yes", "1")
 
-def dictfromstr(v,ret):
+
+def dictfromstr(v, ret):
     try:
         return json.loads(ret)
     except Exception as e:
@@ -119,10 +122,11 @@ def dictfromstr(v,ret):
         print(e)
         raise ValueError
 
+
 for v in legal_envvars:
 
     ret = None
-    # _FILE suffix will allow to read value from file, usefull for Docker's
+    # _FILE suffix will allow to read value from file, useful for Docker containers.
     # secrets feature
     if v + '_FILE' in os.environ:
         if v in os.environ:
diff --git a/docs/wiki/configuration/Environment-variables.md b/docs/wiki/configuration/Environment-variables.md
index d49f60f45..7f42727ec 100644
--- a/docs/wiki/configuration/Environment-variables.md
+++ b/docs/wiki/configuration/Environment-variables.md
@@ -1,64 +1,65 @@
 # Supported environment variables
 
-| Variable | Description | Required | Default value |
-| ---------| ----------- | -------- | ------------- |
-| BIND_ADDRESS | 
-| CSRF_COOKIE_SECURE | 
-| SESSION_TYPE | null|filesystem|sqlalchemy |  | filesystem | 
-| LDAP_ENABLED | 
-| LOCAL_DB_ENABLED | 
-| LOG_LEVEL | 
-| MAIL_DEBUG |
-| MAIL_DEFAULT_SENDER | 
-| MAIL_PASSWORD | 
-| MAIL_PORT | 
-| MAIL_SERVER | 
-| MAIL_USERNAME | 
-| MAIL_USE_SSL | 
-| MAIL_USE_TLS | 
-| OFFLINE_MODE | 
-| OIDC_OAUTH_API_URL |  |  |  |
-| OIDC_OAUTH_AUTHORIZE_URL |
-| OIDC_OAUTH_TOKEN_URL |  |  |  |
-| OIDC_OAUTH_METADATA_URL |  |  |  |
-| PORT | 
-| REMOTE_USER_COOKIES |
-| REMOTE_USER_LOGOUT_URL |
-| SALT |
-| SAML_ASSERTION_ENCRYPTED |
-| SAML_ATTRIBUTE_ACCOUNT | 
-| SAML_ATTRIBUTE_ADMIN | 
-| SAML_ATTRIBUTE_EMAIL | 
-| SAML_ATTRIBUTE_GIVENNAME | 
-| SAML_ATTRIBUTE_GROUP | 
-| SAML_ATTRIBUTE_NAME | 
-| SAML_ATTRIBUTE_SURNAME | 
-| SAML_ATTRIBUTE_USERNAME | 
-| SAML_CERT | 
-| SAML_DEBUG | 
-| SAML_ENABLED | 
-| SAML_GROUP_ADMIN_NAME | 
-| SAML_GROUP_TO_ACCOUNT_MAPPING | 
-| SAML_IDP_SSO_BINDING | 
-| SAML_IDP_ENTITY_ID | 
-| SAML_KEY | 
-| SAML_LOGOUT | 
-| SAML_LOGOUT_URL | 
-| SAML_METADATA_CACHE_LIFETIME | 
-| SAML_METADATA_URL | 
-| SAML_NAMEID_FORMAT | 
-| SAML_PATH | 
-| SAML_SIGN_REQUEST | 
-| SAML_SP_CONTACT_MAIL | 
-| SAML_SP_CONTACT_NAME | 
-| SAML_SP_ENTITY_ID | 
-| SAML_WANT_MESSAGE_SIGNED | 
-| SECRET_KEY   | Flask secret key [^1] | Y | no default |
-| SESSION_COOKIE_SECURE | 
-| SIGNUP_ENABLED | 
-| SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
+| Variable                       | Description                                                              | Required   | Default value |
+|--------------------------------|--------------------------------------------------------------------------|------------|---------------|
+| BIND_ADDRESS                   | 
+| CSRF_COOKIE_SECURE             | 
+| SESSION_TYPE                   | null                                                                     | filesystem | sqlalchemy    |  | filesystem | 
+| LDAP_ENABLED                   | 
+| LOCAL_DB_ENABLED               | 
+| LOG_LEVEL                      | 
+| MAIL_DEBUG                     |
+| MAIL_DEFAULT_SENDER            | 
+| MAIL_PASSWORD                  | 
+| MAIL_PORT                      | 
+| MAIL_SERVER                    | 
+| MAIL_USERNAME                  | 
+| MAIL_USE_SSL                   | 
+| MAIL_USE_TLS                   | 
+| OFFLINE_MODE                   | 
+| OIDC_OAUTH_API_URL             |                                                                          |            |               |
+| OIDC_OAUTH_AUTHORIZE_URL       |
+| OIDC_OAUTH_TOKEN_URL           |                                                                          |            |               |
+| OIDC_OAUTH_METADATA_URL        |                                                                          |            |               |
+| PORT                           | 
+| SERVER_EXTERNAL_SSL            | Forceful override of URL schema detection when using the url_for method. | False      | None          |
+| REMOTE_USER_COOKIES            |
+| REMOTE_USER_LOGOUT_URL         |
+| SALT                           |
+| SAML_ASSERTION_ENCRYPTED       |
+| SAML_ATTRIBUTE_ACCOUNT         | 
+| SAML_ATTRIBUTE_ADMIN           | 
+| SAML_ATTRIBUTE_EMAIL           | 
+| SAML_ATTRIBUTE_GIVENNAME       | 
+| SAML_ATTRIBUTE_GROUP           | 
+| SAML_ATTRIBUTE_NAME            | 
+| SAML_ATTRIBUTE_SURNAME         | 
+| SAML_ATTRIBUTE_USERNAME        | 
+| SAML_CERT                      | 
+| SAML_DEBUG                     | 
+| SAML_ENABLED                   | 
+| SAML_GROUP_ADMIN_NAME          | 
+| SAML_GROUP_TO_ACCOUNT_MAPPING  | 
+| SAML_IDP_SSO_BINDING           | 
+| SAML_IDP_ENTITY_ID             | 
+| SAML_KEY                       | 
+| SAML_LOGOUT                    | 
+| SAML_LOGOUT_URL                | 
+| SAML_METADATA_CACHE_LIFETIME   | 
+| SAML_METADATA_URL              | 
+| SAML_NAMEID_FORMAT             | 
+| SAML_PATH                      | 
+| SAML_SIGN_REQUEST              | 
+| SAML_SP_CONTACT_MAIL           | 
+| SAML_SP_CONTACT_NAME           | 
+| SAML_SP_ENTITY_ID              | 
+| SAML_WANT_MESSAGE_SIGNED       | 
+| SECRET_KEY                     | Flask secret key [^1]                                                    | Y          | no default    |
+| SESSION_COOKIE_SECURE          | 
+| SIGNUP_ENABLED                 | 
+| SQLALCHEMY_DATABASE_URI        | SQL Alchemy URI to connect to database                                   | N          | no default    |
 | SQLALCHEMY_TRACK_MODIFICATIONS |
-| SQLALCHEMY_ENGINE_OPTIONS | json string. e.g. '{"pool_recycle":600,"echo":1}' [^2] |
+| SQLALCHEMY_ENGINE_OPTIONS      | json string. e.g. '{"pool_recycle":600,"echo":1}' [^2]                   |
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)
 [^2]: See Flask-SQLAlchemy Documentation for all engine options.
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 55d28ef12..3ae1b13c4 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,6 +8,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
+SERVER_EXTERNAL_SSL = None
 
 SESSION_TYPE = 'sqlalchemy'
 SESSION_COOKIE_SAMESITE = 'Lax'
diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 19fd27735..4351a54f1 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -45,6 +45,7 @@
                      template_folder='templates',
                      url_prefix='/')
 
+
 @index_bp.before_app_first_request
 def register_modules():
     global google
@@ -68,7 +69,7 @@ def before_request():
     # Check site is in maintenance mode
     maintenance = Setting().get('maintenance')
     if maintenance and current_user.is_authenticated and current_user.role.name not in [
-            'Administrator', 'Operator'
+        'Administrator', 'Operator'
     ]:
         return render_template('maintenance.html')
 
@@ -98,7 +99,11 @@ def google_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('google_authorized', _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        redirect_uri = url_for('google_authorized', **params)
         return google.authorize_redirect(redirect_uri)
 
 
@@ -110,7 +115,11 @@ def github_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('github_authorized', _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        redirect_uri = url_for('github_authorized', **params)
         return github.authorize_redirect(redirect_uri)
 
 
@@ -122,9 +131,11 @@ def azure_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('azure_authorized',
-                               _external=True,
-                               _scheme='https')
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        redirect_uri = url_for('azure_authorized', **params)
         return azure.authorize_redirect(redirect_uri)
 
 
@@ -136,7 +147,11 @@ def oidc_login():
         )
         abort(400)
     else:
-        redirect_uri = url_for('oidc_authorized', _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        redirect_uri = url_for('oidc_authorized', **params)
         return oidc.authorize_redirect(redirect_uri)
 
 
@@ -198,7 +213,7 @@ def login():
 
     if 'azure_token' in session:
         azure_info = azure.get('me?$select=displayName,givenName,id,mail,surname,userPrincipalName').text
-        current_app.logger.info('Azure login returned: '+azure_info)
+        current_app.logger.info('Azure login returned: ' + azure_info)
         me = json.loads(azure_info)
 
         azure_info = azure.post('me/getMemberGroups',
@@ -250,30 +265,30 @@ def login():
         if Setting().get('azure_sg_enabled'):
             if Setting().get('azure_admin_group') in mygroups:
                 current_app.logger.info('Setting role for user ' +
-                    azure_username  +
-                    ' to Administrator due to group membership')
+                                        azure_username +
+                                        ' to Administrator due to group membership')
                 user.set_role("Administrator")
             else:
                 if Setting().get('azure_operator_group') in mygroups:
                     current_app.logger.info('Setting role for user ' +
-                        azure_username +
-                        ' to Operator due to group membership')
+                                            azure_username +
+                                            ' to Operator due to group membership')
                     user.set_role("Operator")
                 else:
                     if Setting().get('azure_user_group') in mygroups:
                         current_app.logger.info('Setting role for user ' +
-                            azure_username +
-                            ' to User due to group membership')
+                                                azure_username +
+                                                ' to User due to group membership')
                         user.set_role("User")
                     else:
                         current_app.logger.warning('User ' +
-                            azure_username +
-                            ' has no relevant group memberships')
+                                                   azure_username +
+                                                   ' has no relevant group memberships')
                         session.pop('azure_token', None)
                         return render_template('login.html',
-                            saml_enabled=SAML_ENABLED,
-                            error=('User ' + azure_username +
-                                   ' is not in any authorised groups.'))
+                                               saml_enabled=SAML_ENABLED,
+                                               error=('User ' + azure_username +
+                                                      ' is not in any authorised groups.'))
 
         # Handle account/group creation, if enabled
         if Setting().get('azure_group_accounts_enabled') and mygroups:
@@ -394,20 +409,21 @@ def login():
             session.pop('oidc_token', None)
             return redirect(url_for('index.login'))
 
-        #This checks if the account_name_property and account_description property were included in settings.
-        if Setting().get('oidc_oauth_account_name_property') and Setting().get('oidc_oauth_account_description_property'):
+        # This checks if the account_name_property and account_description property were included in settings.
+        if Setting().get('oidc_oauth_account_name_property') and Setting().get(
+                'oidc_oauth_account_description_property'):
 
-            #Gets the name_property and description_property.
+            # Gets the name_property and description_property.
             name_prop = Setting().get('oidc_oauth_account_name_property')
             desc_prop = Setting().get('oidc_oauth_account_description_property')
 
             account_to_add = []
-      #If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
+            # If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
             if name_prop in me and desc_prop in me:
                 accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
                 accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
 
-                #Run on all groups the user is in by the index num.
+                # Run on all groups the user is in by the index num.
                 for i in range(len(accounts_name_prop)):
                     description = ''
                     if i < len(accounts_desc_prop):
@@ -417,7 +433,7 @@ def login():
                     account_to_add.append(account)
                 user_accounts = user.get_accounts()
 
-    # Add accounts
+                # Add accounts
                 for account in account_to_add:
                     if account not in user_accounts:
                         account.add_user(user)
@@ -426,7 +442,7 @@ def login():
                 if Setting().get('delete_sso_accounts'):
                     for account in user_accounts:
                         if account not in account_to_add:
-                              account.remove_user(user)
+                            account.remove_user(user)
 
         session['user_id'] = user.id
         session['authentication_type'] = 'OAuth'
@@ -490,34 +506,36 @@ def login():
                                        saml_enabled=SAML_ENABLED,
                                        error='Token required')
 
-        if Setting().get('autoprovisioning') and auth_method!='LOCAL':
-            urn_value=Setting().get('urn_value')
-            Entitlements=user.read_entitlements(Setting().get('autoprovisioning_attribute'))
-            if len(Entitlements)==0 and Setting().get('purge'):
+        if Setting().get('autoprovisioning') and auth_method != 'LOCAL':
+            urn_value = Setting().get('urn_value')
+            Entitlements = user.read_entitlements(Setting().get('autoprovisioning_attribute'))
+            if len(Entitlements) == 0 and Setting().get('purge'):
                 user.set_role("User")
                 user.revoke_privilege(True)
 
-            elif len(Entitlements)!=0:
+            elif len(Entitlements) != 0:
                 if checkForPDAEntries(Entitlements, urn_value):
                     user.updateUser(Entitlements)
                 else:
-                    current_app.logger.warning('Not a single powerdns-admin record was found, possibly a typo in the prefix')
+                    current_app.logger.warning(
+                        'Not a single powerdns-admin record was found, possibly a typo in the prefix')
                     if Setting().get('purge'):
                         user.set_role("User")
                         user.revoke_privilege(True)
-                        current_app.logger.warning('Procceding to revoke every privilige from ' + user.username + '.' )
+                        current_app.logger.warning('Procceding to revoke every privilige from ' + user.username + '.')
 
         return authenticate_user(user, auth_method, remember_me)
 
+
 def checkForPDAEntries(Entitlements, urn_value):
     """
     Run through every record located in the ldap attribute given and determine if there are any valid powerdns-admin records
     """
-    urnArguments=[x.lower() for x in urn_value.split(':')]
+    urnArguments = [x.lower() for x in urn_value.split(':')]
     for Entitlement in Entitlements:
-        entArguments=Entitlement.split(':powerdns-admin')
-        entArguments=[x.lower() for x in entArguments[0].split(':')]
-        if (entArguments==urnArguments):
+        entArguments = Entitlement.split(':powerdns-admin')
+        entArguments = [x.lower() for x in entArguments[0].split(':')]
+        if (entArguments == urnArguments):
             return True
     return False
 
@@ -553,14 +571,15 @@ def signin_history(username, authenticator, success):
 
     # Write history
     History(msg='User {} authentication {}'.format(username, str_success),
-            detail = json.dumps({
-                    'username': username,
-                    'authenticator': authenticator,
-                    'ip_address': request_ip,
-                    'success': 1 if success else 0
-                }),
+            detail=json.dumps({
+                'username': username,
+                'authenticator': authenticator,
+                'ip_address': request_ip,
+                'success': 1 if success else 0
+            }),
             created_by='System').add()
 
+
 # Get a list of Azure security groups the user is a member of
 def get_azure_groups(uri):
     azure_info = azure.get(uri).text
@@ -576,30 +595,33 @@ def get_azure_groups(uri):
         mygroups = []
     return mygroups
 
+
 # Handle user login, write history and, if set, handle showing the register_otp QR code.
 # if Setting for OTP on first login is enabled, and OTP field is also enabled,
 # but user isn't using it yet, enable OTP, get QR code and display it, logging the user out.
 def authenticate_user(user, authenticator, remember=False):
     login_user(user, remember=remember)
     signin_history(user.username, authenticator, True)
-    if Setting().get('otp_force') and Setting().get('otp_field_enabled') and not user.otp_secret and session['authentication_type'] not in ['OAuth']:
+    if Setting().get('otp_force') and Setting().get('otp_field_enabled') and not user.otp_secret \
+            and session['authentication_type'] not in ['OAuth']:
         user.update_profile(enable_otp=True)
         user_id = current_user.id
         prepare_welcome_user(user_id)
         return redirect(url_for('index.welcome'))
     return redirect(url_for('index.login'))
 
+
 # Prepare user to enter /welcome screen, otherwise they won't have permission to do so
 def prepare_welcome_user(user_id):
     logout_user()
     session['welcome_user_id'] = user_id
 
+
 @index_bp.route('/logout')
 def logout():
     if current_app.config.get(
             'SAML_ENABLED'
-    ) and 'samlSessionIndex' in session and current_app.config.get(
-            'SAML_LOGOUT'):
+    ) and 'samlSessionIndex' in session and current_app.config.get('SAML_LOGOUT'):
         req = saml.prepare_flask_request(request)
         auth = saml.init_saml_auth(req)
         if current_app.config.get('SAML_LOGOUT_URL'):
@@ -651,13 +673,12 @@ def logout():
 
 
 def password_policy_check(user, password):
-
     def check_policy(chars, user_password, setting):
-        lenreq = int(Setting().get(setting))
+        setting_as_int = int(Setting().get(setting))
         test_string = user_password
         for c in chars:
             test_string = test_string.replace(c, '')
-        return (lenreq, len(user_password) - len(test_string))
+        return (setting_as_int, len(user_password) - len(test_string))
 
     def matches_policy(item, policy_fails):
         return "*" if item in policy_fails else ""
@@ -704,12 +725,14 @@ def matches_policy(item, policy_fails):
         (pwd_min_lowercase_setting, pwd_lowercase) = check_policy(string.digits, password, 'pwd_min_lowercase')
         if pwd_lowercase < pwd_min_lowercase_setting:
             policy_fails["lowercase"] = True
-        policy.append(f"{matches_policy('lowercase', policy_fails)}lowercase={pwd_lowercase}/{pwd_min_lowercase_setting}")
+        policy.append(
+            f"{matches_policy('lowercase', policy_fails)}lowercase={pwd_lowercase}/{pwd_min_lowercase_setting}")
         # Uppercase
         (pwd_min_uppercase_setting, pwd_uppercase) = check_policy(string.digits, password, 'pwd_min_uppercase')
         if pwd_uppercase < pwd_min_uppercase_setting:
             policy_fails["uppercase"] = True
-        policy.append(f"{matches_policy('uppercase', policy_fails)}uppercase={pwd_uppercase}/{pwd_min_uppercase_setting}")
+        policy.append(
+            f"{matches_policy('uppercase', policy_fails)}uppercase={pwd_uppercase}/{pwd_min_uppercase_setting}")
         # Special
         (pwd_min_special_setting, pwd_special) = check_policy(string.digits, password, 'pwd_min_special')
         if pwd_special < pwd_min_special_setting:
@@ -728,7 +751,8 @@ def matches_policy(item, policy_fails):
         pwd_complexity = result['guesses_log10']
         if pwd_complexity < pwd_min_complexity_setting:
             policy_fails["complexity"] = True
-        policy.append(f"{matches_policy('complexity', policy_fails)}complexity={pwd_complexity:.0f}/{pwd_min_complexity_setting}")
+        policy.append(
+            f"{matches_policy('complexity', policy_fails)}complexity={pwd_complexity:.0f}/{pwd_min_complexity_setting}")
 
     policy_str = {"password": f"Fails policy: {', '.join(policy)}. Items prefixed with '*' failed."}
 
@@ -738,77 +762,78 @@ def matches_policy(item, policy_fails):
 
 @index_bp.route('/register', methods=['GET', 'POST'])
 def register():
-  CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
-  if Setting().get('signup_enabled'):
-    if current_user.is_authenticated:
-      return redirect(url_for('index.index'))
-    if request.method == 'GET':
-      return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
-    elif request.method == 'POST':
-      username = request.form.get('username', '').strip()
-      password = request.form.get('password', '')
-      firstname = request.form.get('firstname', '').strip()
-      lastname = request.form.get('lastname', '').strip()
-      email = request.form.get('email', '').strip()
-      rpassword = request.form.get('rpassword', '')
-
-      is_valid_email = re.compile(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$')
-
-      error_messages = {}
-      if not firstname:
-        error_messages['firstname'] = 'First Name is required'
-      if not lastname:
-        error_messages['lastname'] = 'Last Name is required'
-      if not username:
-        error_messages['username'] = 'Username is required'
-      if not password:
-        error_messages['password'] = 'Password is required'
-      if not rpassword:
-        error_messages['rpassword'] = 'Password confirmation is required'
-      if not email:
-        error_messages['email'] = 'Email is required'
-      if not is_valid_email.match(email):
-        error_messages['email'] = 'Invalid email address'
-      if password != rpassword:
-        error_messages['password'] = 'Password confirmation does not match'
-        error_messages['rpassword'] = 'Password confirmation does not match'
-
-      if not captcha.validate():
-        return render_template(
-          'register.html', error='Invalid CAPTCHA answer', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
-
-      if error_messages:
-        return render_template('register.html', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
-
-      user = User(username=username,
-        plain_text_password=password,
-        firstname=firstname,
-        lastname=lastname,
-        email=email
-      )
-
-      (password_policy_pass, password_policy) = password_policy_check(user, password)
-      if not password_policy_pass:
-        return render_template('register.html', error_messages=password_policy, captcha_enable=CAPTCHA_ENABLE)
-
-      try:
-        result = user.create_local_user()
-        if result and result['status']:
-          if Setting().get('verify_user_email'):
-            send_account_verification(email)
-          if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
-            user.update_profile(enable_otp=True)
-            prepare_welcome_user(user.id)
-            return redirect(url_for('index.welcome'))
-          else:
-            return redirect(url_for('index.login'))
+    CAPTCHA_ENABLE = current_app.config.get('CAPTCHA_ENABLE')
+    if Setting().get('signup_enabled'):
+        if current_user.is_authenticated:
+            return redirect(url_for('index.index'))
+        if request.method == 'GET':
+            return render_template('register.html', captcha_enable=CAPTCHA_ENABLE)
+        elif request.method == 'POST':
+            username = request.form.get('username', '').strip()
+            password = request.form.get('password', '')
+            firstname = request.form.get('firstname', '').strip()
+            lastname = request.form.get('lastname', '').strip()
+            email = request.form.get('email', '').strip()
+            rpassword = request.form.get('rpassword', '')
+
+            is_valid_email = re.compile(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$')
+
+            error_messages = {}
+            if not firstname:
+                error_messages['firstname'] = 'First Name is required'
+            if not lastname:
+                error_messages['lastname'] = 'Last Name is required'
+            if not username:
+                error_messages['username'] = 'Username is required'
+            if not password:
+                error_messages['password'] = 'Password is required'
+            if not rpassword:
+                error_messages['rpassword'] = 'Password confirmation is required'
+            if not email:
+                error_messages['email'] = 'Email is required'
+            if not is_valid_email.match(email):
+                error_messages['email'] = 'Invalid email address'
+            if password != rpassword:
+                error_messages['password'] = 'Password confirmation does not match'
+                error_messages['rpassword'] = 'Password confirmation does not match'
+
+            if not captcha.validate():
+                return render_template(
+                    'register.html', error='Invalid CAPTCHA answer', error_messages=error_messages,
+                    captcha_enable=CAPTCHA_ENABLE)
+
+            if error_messages:
+                return render_template('register.html', error_messages=error_messages, captcha_enable=CAPTCHA_ENABLE)
+
+            user = User(username=username,
+                        plain_text_password=password,
+                        firstname=firstname,
+                        lastname=lastname,
+                        email=email
+                        )
+
+            (password_policy_pass, password_policy) = password_policy_check(user, password)
+            if not password_policy_pass:
+                return render_template('register.html', error_messages=password_policy, captcha_enable=CAPTCHA_ENABLE)
+
+            try:
+                result = user.create_local_user()
+                if result and result['status']:
+                    if Setting().get('verify_user_email'):
+                        send_account_verification(email)
+                    if Setting().get('otp_force') and Setting().get('otp_field_enabled'):
+                        user.update_profile(enable_otp=True)
+                        prepare_welcome_user(user.id)
+                        return redirect(url_for('index.welcome'))
+                    else:
+                        return redirect(url_for('index.login'))
+                else:
+                    return render_template('register.html',
+                                           error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
+            except Exception as e:
+                return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
         else:
-          return render_template('register.html',
-            error=result['msg'], captcha_enable=CAPTCHA_ENABLE)
-      except Exception as e:
-        return render_template('register.html', error=e, captcha_enable=CAPTCHA_ENABLE)
-    else:
-      return render_template('errors/404.html'), 404
+            return render_template('errors/404.html'), 404
 
 
 # Show welcome page on first login if otp_force is enabled
@@ -827,12 +852,15 @@ def welcome():
         if otp_token and otp_token.isdigit():
             good_token = user.verify_totp(otp_token)
             if not good_token:
-                return render_template('register_otp.html', qrcode_image=encoded_img_data.decode(), user=user, error="Invalid token")
+                return render_template('register_otp.html', qrcode_image=encoded_img_data.decode(), user=user,
+                                       error="Invalid token")
         else:
-            return render_template('register_otp.html', qrcode_image=encoded_img_data.decode(), user=user, error="Token required")
+            return render_template('register_otp.html', qrcode_image=encoded_img_data.decode(), user=user,
+                                   error="Token required")
         session.pop('welcome_user_id')
         return redirect(url_for('index.index'))
 
+
 @index_bp.route('/confirm/<token>', methods=['GET'])
 def confirm_email(token):
     email = confirm_token(token)
@@ -919,10 +947,10 @@ def dyndns_update():
                 .outerjoin(Account, Domain.account_id == Account.id) \
                 .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
                 .filter(
-                    db.or_(
-                        DomainUser.user_id == current_user.id,
-                        AccountUser.user_id == current_user.id
-                    )).all()
+                db.or_(
+                    DomainUser.user_id == current_user.id,
+                    AccountUser.user_id == current_user.id
+                )).all()
     except Exception as e:
         current_app.logger.error('DynDNS Error: {0}'.format(e))
         current_app.logger.debug(traceback.format_exc())
@@ -982,13 +1010,13 @@ def dyndns_update():
                 if result['status'] == 'ok':
                     history = History(
                         msg='DynDNS update: updated {} successfully'.format(hostname),
-                        detail = json.dumps({
-                                'domain': domain.name,
-                                'record': hostname,
-                                'type': rtype,
-                                'old_value': oldip,
-                                'new_value': str(ip)
-                            }),
+                        detail=json.dumps({
+                            'domain': domain.name,
+                            'record': hostname,
+                            'type': rtype,
+                            'old_value': oldip,
+                            'new_value': str(ip)
+                        }),
                         created_by=current_user.username,
                         domain_id=domain.id)
                     history.add()
@@ -999,7 +1027,7 @@ def dyndns_update():
         elif r.is_allowed_edit():
             ondemand_creation = DomainSetting.query.filter(
                 DomainSetting.domain == domain).filter(
-                    DomainSetting.setting == 'create_via_dyndns').first()
+                DomainSetting.setting == 'create_via_dyndns').first()
             if (ondemand_creation is not None) and (strtobool(
                     ondemand_creation.value) == True):
 
@@ -1024,11 +1052,11 @@ def dyndns_update():
                         msg=
                         'DynDNS update: created record {0} in zone {1} successfully'
                         .format(hostname, domain.name, str(ip)),
-                        detail = json.dumps({
-                                'domain': domain.name,
-                                'record': hostname,
-                                'value': str(ip)
-                            }),
+                        detail=json.dumps({
+                            'domain': domain.name,
+                            'record': hostname,
+                            'value': str(ip)
+                        }),
                         created_by=current_user.username,
                         domain_id=domain.id)
                     history.add()
@@ -1088,7 +1116,7 @@ def saml_authorized():
     req = saml.prepare_flask_request(request)
     auth = saml.init_saml_auth(req)
     auth.process_response()
-    current_app.logger.debug( auth.get_attributes() )
+    current_app.logger.debug(auth.get_attributes())
     errors = auth.get_errors()
     if len(errors) == 0:
         session['samlUserdata'] = auth.get_attributes()
@@ -1097,7 +1125,7 @@ def saml_authorized():
         self_url = OneLogin_Saml2_Utils.get_self_url(req)
         self_url = self_url + req['script_name']
         if 'RelayState' in request.form and self_url != request.form[
-                'RelayState']:
+            'RelayState']:
             return redirect(auth.redirect_to(request.form['RelayState']))
         if current_app.config.get('SAML_ATTRIBUTE_USERNAME', False):
             username = session['samlUserdata'][
@@ -1129,7 +1157,7 @@ def saml_authorized():
         admin_group_name = current_app.config.get('SAML_GROUP_ADMIN_NAME',
                                                   None)
         operator_group_name = current_app.config.get('SAML_GROUP_OPERATOR_NAME',
-                                                  None)
+                                                     None)
         group_to_account_mapping = create_group_to_account_mapping()
 
         if email_attribute_name in session['samlUserdata']:
@@ -1170,13 +1198,13 @@ def saml_authorized():
                 account.add_user(user)
                 history = History(msg='Adding {0} to account {1}'.format(
                     user.username, account.name),
-                                  created_by='SAML Assertion')
+                    created_by='SAML Assertion')
                 history.add()
             for account in user_accounts - saml_accounts:
                 account.remove_user(user)
                 history = History(msg='Removing {0} from account {1}'.format(
                     user.username, account.name),
-                                  created_by='SAML Assertion')
+                    created_by='SAML Assertion')
                 history.add()
         if admin_attribute_name and 'true' in session['samlUserdata'].get(
                 admin_attribute_name, []):
@@ -1190,7 +1218,7 @@ def saml_authorized():
                 user.role_id = Role.query.filter_by(name='User').first().id
                 history = History(msg='Demoting {0} to user'.format(
                     user.username),
-                                  created_by='SAML Assertion')
+                    created_by='SAML Assertion')
                 history.add()
         user.plain_text_password = None
         user.update_profile()
@@ -1234,15 +1262,16 @@ def uplift_to_admin(user):
         user.role_id = Role.query.filter_by(name='Administrator').first().id
         history = History(msg='Promoting {0} to administrator'.format(
             user.username),
-                          created_by='SAML Assertion')
+            created_by='SAML Assertion')
         history.add()
 
+
 def uplift_to_operator(user):
     if user.role.name != 'Operator':
         user.role_id = Role.query.filter_by(name='Operator').first().id
         history = History(msg='Promoting {0} to operator'.format(
             user.username),
-                          created_by='SAML Assertion')
+            created_by='SAML Assertion')
         history.add()
 
 
diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 65f3bf325..2976c98be 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -38,14 +38,16 @@ def update_token(token):
 
     @current_app.route('/azure/authorized')
     def azure_authorized():
-        session['azure_oauthredir'] = url_for('.azure_authorized',
-                                              _external=True,
-                                              _scheme='https')
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        session['azure_oauthredir'] = url_for('.azure_authorized', **params)
         token = azure.authorize_access_token()
         if token is None:
             return 'Access denied: reason=%s error=%s' % (
                 request.args['error'], request.args['error_description'])
         session['azure_token'] = (token)
-        return redirect(url_for('index.login', _external=True, _scheme='https'))
+        return redirect(url_for('index.login', **params))
 
     return azure
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index ff4a20f47..73671fb2d 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -40,13 +40,16 @@ def update_token(token):
 
     @current_app.route('/github/authorized')
     def github_authorized():
-        session['github_oauthredir'] = url_for('.github_authorized',
-                                               _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        session['github_oauthredir'] = url_for('.github_authorized', **params)
         token = github.authorize_access_token()
         if token is None:
             return 'Access denied: reason=%s error=%s' % (
                 request.args['error'], request.args['error_description'])
-        session['github_token'] = (token)
-        return redirect(url_for('index.login'))
+        session['github_token'] = token
+        return redirect(url_for('index.login', **params))
 
     return github
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 5604819ed..88a0d1242 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -39,16 +39,18 @@ def update_token(token):
 
     @current_app.route('/google/authorized')
     def google_authorized():
-        session['google_oauthredir'] = url_for(
-            '.google_authorized', _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        session['google_oauthredir'] = url_for('.google_authorized', **params)
         token = google.authorize_access_token()
         if token is None:
             return 'Access denied: reason=%s error=%s' % (
                 request.args['error_reason'],
                 request.args['error_description']
             )
-        session['google_token'] = (token)
-        return redirect(url_for('index.login'))
+        session['google_token'] = token
+        return redirect(url_for('index.login', **params))
 
     return google
-
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 7b0cd46ae..3304b6ac3 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -39,13 +39,16 @@ def update_token(token):
 
     @current_app.route('/oidc/authorized')
     def oidc_authorized():
-        session['oidc_oauthredir'] = url_for('.oidc_authorized',
-                                             _external=True)
+        use_ssl = current_app.config.get('SERVER_EXTERNAL_SSL')
+        params = {'_external': True}
+        if isinstance(use_ssl, bool):
+            params['_scheme'] = 'https' if use_ssl else 'http'
+        session['oidc_oauthredir'] = url_for('.oidc_authorized', **params)
         token = oidc.authorize_access_token()
         if token is None:
             return 'Access denied: reason=%s error=%s' % (
                 request.args['error'], request.args['error_description'])
-        session['oidc_token'] = (token)
-        return redirect(url_for('index.login'))
+        session['oidc_token'] = token
+        return redirect(url_for('index.login', **params))
 
-    return oidc
\ No newline at end of file
+    return oidc

From ee9012fa2418f88429ba51d6c3fa3ea9724b7c60 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 17:14:55 -0400
Subject: [PATCH 401/475] Completed OAuth change to make the use of the
 metadata URL setting exclusive to the authorization and token URL settings.
 If the former is defined, it will be used in preference to the latter.

---
 powerdnsadmin/services/azure.py  | 5 +++--
 powerdnsadmin/services/github.py | 5 +++--
 powerdnsadmin/services/google.py | 5 +++--
 powerdnsadmin/services/oidc.py   | 5 +++--
 4 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 2976c98be..901cc45f9 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -20,8 +20,6 @@ def update_token(token):
         'client_secret': Setting().get('azure_oauth_secret'),
         'api_base_url': Setting().get('azure_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('azure_oauth_token_url'),
-        'authorize_url': Setting().get('azure_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('azure_oauth_scope')},
         'fetch_token': fetch_azure_token,
     }
@@ -30,6 +28,9 @@ def update_token(token):
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('azure_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('azure_oauth_authorize_url')
 
     azure = authlib_oauth_client.register(
         'azure',
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index 73671fb2d..f322e8cf1 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -21,8 +21,6 @@ def update_token(token):
         'request_token_params': {'scope': Setting().get('github_oauth_scope')},
         'api_base_url': Setting().get('github_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('github_oauth_token_url'),
-        'authorize_url': Setting().get('github_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('github_oauth_scope')},
         'fetch_token': fetch_github_token,
         'update_token': update_token
@@ -32,6 +30,9 @@ def update_token(token):
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('github_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('github_oauth_authorize_url')
 
     github = authlib_oauth_client.register(
         'github',
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 88a0d1242..011c12086 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -20,8 +20,6 @@ def update_token(token):
         'client_secret': Setting().get('google_oauth_client_secret'),
         'api_base_url': Setting().get('google_base_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('google_token_url'),
-        'authorize_url': Setting().get('google_authorize_url'),
         'client_kwargs': {'scope': Setting().get('google_oauth_scope')},
         'fetch_token': fetch_google_token,
         'update_token': update_token
@@ -31,6 +29,9 @@ def update_token(token):
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('google_token_url')
+        authlib_params['authorize_url'] = Setting().get('google_authorize_url')
 
     google = authlib_oauth_client.register(
         'google',
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 3304b6ac3..25c73f074 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -20,8 +20,6 @@ def update_token(token):
         'client_secret': Setting().get('oidc_oauth_secret'),
         'api_base_url': Setting().get('oidc_oauth_api_url'),
         'request_token_url': None,
-        'access_token_url': Setting().get('oidc_oauth_token_url'),
-        'authorize_url': Setting().get('oidc_oauth_authorize_url'),
         'client_kwargs': {'scope': Setting().get('oidc_oauth_scope')},
         'fetch_token': fetch_oidc_token,
         'update_token': update_token
@@ -31,6 +29,9 @@ def update_token(token):
 
     if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
+    else:
+        authlib_params['access_token_url'] = Setting().get('oidc_oauth_token_url')
+        authlib_params['authorize_url'] = Setting().get('oidc_oauth_authorize_url')
 
     oidc = authlib_oauth_client.register(
         'oidc',

From a46ab760fd3d958730aa33555910616bb3f4748c Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 17:40:30 -0400
Subject: [PATCH 402/475] Reorganized universal OAuth fields' order to a
 uniform standard. Also updated the `Client ID` field prompts to a uniform
 standard.

---
 .../admin_setting_authentication.html         | 84 +++++++++----------
 1 file changed, 42 insertions(+), 42 deletions(-)

diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index cbe6800d1..ca8baa5a6 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -749,22 +749,41 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="google_oauth_client_id"
                                                                            id="google_oauth_client_id"
-                                                                           placeholder="Google OAuth client ID"
+                                                                           placeholder="Google OAuth Client ID"
                                                                            data-error="Please input Client ID"
                                                                            value="{{ SETTING.get('google_oauth_client_id') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="google_oauth_client_secret">Client
-                                                                        secret</label>
+                                                                        Secret</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_oauth_client_secret"
                                                                            id="google_oauth_client_secret"
-                                                                           placeholder="Google OAuth client secret"
-                                                                           data-error="Please input Client secret"
+                                                                           placeholder="Google OAuth Client Secret"
+                                                                           data-error="Please input Client Secret"
                                                                            value="{{ SETTING.get('google_oauth_client_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_oauth_scope">Scope</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_oauth_scope"
+                                                                           id="google_oauth_scope"
+                                                                           placeholder="e.g. email profile"
+                                                                           data-error="Please input scope"
+                                                                           value="{{ SETTING.get('google_oauth_scope') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="google_base_url">API URL</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="google_base_url" id="google_base_url"
+                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v1/"
+                                                                           data-error="Please input base URL"
+                                                                           value="{{ SETTING.get('google_base_url') }}">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="google_oauth_metadata_url">Metadata
                                                                         URL</label>
@@ -785,16 +804,6 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            value="{{ SETTING.get('google_token_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_oauth_scope">Scope</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_scope"
-                                                                           id="google_oauth_scope"
-                                                                           placeholder="e.g. email profile"
-                                                                           data-error="Please input scope"
-                                                                           value="{{ SETTING.get('google_oauth_scope') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                                 <div class="form-group">
                                                                     <label for="google_authorize_url">Authorize
                                                                         URL</label>
@@ -806,15 +815,6 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            value="{{ SETTING.get('google_authorize_url') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_base_url">Base URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_base_url" id="google_base_url"
-                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v1/"
-                                                                           data-error="Please input base URL"
-                                                                           value="{{ SETTING.get('google_base_url') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
@@ -870,26 +870,26 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                     <input type="checkbox" id="github_oauth_enabled"
                                                                            name="github_oauth_enabled" class="checkbox"
                                                                            {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
-                                                                    <label for="github_oauth_enabled">Enable Github
+                                                                    <label for="github_oauth_enabled">Enable GitHub
                                                                         OAuth</label>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="github_oauth_key">Client key</label>
+                                                                    <label for="github_oauth_key">Client ID</label>
                                                                     <input type="text" class="form-control"
                                                                            name="github_oauth_key" id="github_oauth_key"
-                                                                           placeholder="Github OAuth client ID"
-                                                                           data-error="Please input Client key"
+                                                                           placeholder="Github OAuth Client ID"
+                                                                           data-error="Please input Client ID"
                                                                            value="{{ SETTING.get('github_oauth_key') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="github_oauth_secret">Client
-                                                                        secret</label>
+                                                                        Secret</label>
                                                                     <input type="text" class="form-control"
                                                                            name="github_oauth_secret"
                                                                            id="github_oauth_secret"
-                                                                           placeholder="Github OAuth client secret"
-                                                                           data-error="Please input Client secret"
+                                                                           placeholder="Github OAuth Client Secret"
+                                                                           data-error="Please input Client Secret"
                                                                            value="{{ SETTING.get('github_oauth_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1003,22 +1003,22 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                         OAuth</label>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="azure_oauth_key">Client key</label>
+                                                                    <label for="azure_oauth_key">Client ID</label>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_key" id="azure_oauth_key"
-                                                                           placeholder="Azure OAuth client ID"
-                                                                           data-error="Please input Client key"
+                                                                           placeholder="Azure OAuth Client ID"
+                                                                           data-error="Please input Client Key"
                                                                            value="{{ SETTING.get('azure_oauth_key') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="azure_oauth_secret">Client
-                                                                        secret</label>
+                                                                        Secret</label>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_secret"
                                                                            id="azure_oauth_secret"
-                                                                           placeholder="Azure OAuth client secret"
-                                                                           data-error="Please input Client secret"
+                                                                           placeholder="Azure OAuth Client Secret"
+                                                                           data-error="Please input Client Secret"
                                                                            value="{{ SETTING.get('azure_oauth_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1311,21 +1311,21 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                         OAuth</label>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="oidc_oauth_key">Client key</label>
+                                                                    <label for="oidc_oauth_key">Client ID</label>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_key" id="oidc_oauth_key"
-                                                                           placeholder="OIDC OAuth client ID"
-                                                                           data-error="Please input Client key"
+                                                                           placeholder="OIDC OAuth Client ID"
+                                                                           data-error="Please input Client ID"
                                                                            value="{{ SETTING.get('oidc_oauth_key') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <label for="oidc_oauth_secret">Client secret</label>
+                                                                    <label for="oidc_oauth_secret">Client Secret</label>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_secret"
                                                                            id="oidc_oauth_secret"
-                                                                           placeholder="OIDC OAuth client secret"
-                                                                           data-error="Please input Client secret"
+                                                                           placeholder="OIDC OAuth Client Secret"
+                                                                           data-error="Please input Client Secret"
                                                                            value="{{ SETTING.get('oidc_oauth_secret') }}">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>

From 9168dd99e074709e2d1cc7f6dd357f25c4aa9e8b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 18:11:55 -0400
Subject: [PATCH 403/475] Updated the OAuth login handlers to utilize uniform
 user naming variables.

Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.
---
 powerdnsadmin/routes/index.py | 34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 4351a54f1..706d0b9b9 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -189,17 +189,25 @@ def login():
     if 'github_token' in session:
         me = json.loads(github.get('user').text)
         github_username = me['login']
-        github_name = me['name']
+        github_first_name = me['name']
+        github_last_name = ''
         github_email = me['email']
 
+        # If the user's full name from GitHub contains at least two words, use the first word as the first name and
+        # the rest as the last name.
+        github_name_parts = github_first_name.split(' ')
+        if len(github_name_parts) > 1:
+            github_first_name = github_name_parts[0]
+            github_last_name = ' '.join(github_name_parts[1:])
+
         user = User.query.filter_by(username=github_username).first()
         if user is None:
             user = User.query.filter_by(email=github_email).first()
         if not user:
             user = User(username=github_username,
                         plain_text_password=None,
-                        firstname=github_name,
-                        lastname='',
+                        firstname=github_first_name,
+                        lastname=github_last_name,
                         email=github_email)
 
             result = user.create_local_user()
@@ -227,8 +235,8 @@ def login():
             mygroups = []
 
         azure_username = me["userPrincipalName"]
-        azure_givenname = me["givenName"]
-        azure_familyname = me["surname"]
+        azure_first_name = me["givenName"]
+        azure_last_name = me["surname"]
         if "mail" in me:
             azure_email = me["mail"]
         else:
@@ -244,8 +252,8 @@ def login():
         if not user:
             user = User(username=azure_username,
                         plain_text_password=None,
-                        firstname=azure_givenname,
-                        lastname=azure_familyname,
+                        firstname=azure_first_name,
+                        lastname=azure_last_name,
                         email=azure_email)
 
             result = user.create_local_user()
@@ -386,21 +394,21 @@ def login():
     if 'oidc_token' in session:
         me = json.loads(oidc.get('userinfo').text)
         oidc_username = me[Setting().get('oidc_oauth_username')]
-        oidc_givenname = me[Setting().get('oidc_oauth_firstname')]
-        oidc_familyname = me[Setting().get('oidc_oauth_last_name')]
+        oidc_first_name = me[Setting().get('oidc_oauth_firstname')]
+        oidc_last_name = me[Setting().get('oidc_oauth_last_name')]
         oidc_email = me[Setting().get('oidc_oauth_email')]
 
         user = User.query.filter_by(username=oidc_username).first()
         if not user:
             user = User(username=oidc_username,
                         plain_text_password=None,
-                        firstname=oidc_givenname,
-                        lastname=oidc_familyname,
+                        firstname=oidc_first_name,
+                        lastname=oidc_last_name,
                         email=oidc_email)
             result = user.create_local_user()
         else:
-            user.firstname = oidc_givenname
-            user.lastname = oidc_familyname
+            user.firstname = oidc_first_name
+            user.lastname = oidc_last_name
             user.email = oidc_email
             user.plain_text_password = None
             result = user.update_local_user()

From ece96262124985143467534394c64a35b7b35cda Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 8 Apr 2023 18:14:40 -0400
Subject: [PATCH 404/475] Updated the OAuth login handlers to utilize uniform
 user naming variables.

Updated the GitHub login process to split the user's full name based on spaces so that first and last name are filled in on PDA profile.
---
 powerdnsadmin/routes/index.py | 59 ++++++++++++++++++-----------------
 1 file changed, 30 insertions(+), 29 deletions(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 706d0b9b9..2636cf18e 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -164,18 +164,18 @@ def login():
 
     if 'google_token' in session:
         user_data = json.loads(google.get('userinfo').text)
-        first_name = user_data['given_name']
-        surname = user_data['family_name']
-        email = user_data['email']
-        user = User.query.filter_by(username=email).first()
+        google_first_name = user_data['given_name']
+        google_last_name = user_data['family_name']
+        google_email = user_data['email']
+        user = User.query.filter_by(username=google_email).first()
         if user is None:
-            user = User.query.filter_by(email=email).first()
+            user = User.query.filter_by(email=google_email).first()
         if not user:
-            user = User(username=email,
-                        firstname=first_name,
-                        lastname=surname,
+            user = User(username=google_email,
+                        firstname=google_first_name,
+                        lastname=google_last_name,
                         plain_text_password=None,
-                        email=email)
+                        email=google_email)
 
             result = user.create_local_user()
             if not result['status']:
@@ -187,11 +187,11 @@ def login():
         return authenticate_user(user, 'Google OAuth')
 
     if 'github_token' in session:
-        me = json.loads(github.get('user').text)
-        github_username = me['login']
-        github_first_name = me['name']
+        user_data = json.loads(github.get('user').text)
+        github_username = user_data['login']
+        github_first_name = user_data['name']
         github_last_name = ''
-        github_email = me['email']
+        github_email = user_data['email']
 
         # If the user's full name from GitHub contains at least two words, use the first word as the first name and
         # the rest as the last name.
@@ -222,7 +222,7 @@ def login():
     if 'azure_token' in session:
         azure_info = azure.get('me?$select=displayName,givenName,id,mail,surname,userPrincipalName').text
         current_app.logger.info('Azure login returned: ' + azure_info)
-        me = json.loads(azure_info)
+        user_data = json.loads(azure_info)
 
         azure_info = azure.post('me/getMemberGroups',
                                 json={'securityEnabledOnly': False}).text
@@ -234,15 +234,15 @@ def login():
         else:
             mygroups = []
 
-        azure_username = me["userPrincipalName"]
-        azure_first_name = me["givenName"]
-        azure_last_name = me["surname"]
-        if "mail" in me:
-            azure_email = me["mail"]
+        azure_username = user_data["userPrincipalName"]
+        azure_first_name = user_data["givenName"]
+        azure_last_name = user_data["surname"]
+        if "mail" in user_data:
+            azure_email = user_data["mail"]
         else:
             azure_email = ""
         if not azure_email:
-            azure_email = me["userPrincipalName"]
+            azure_email = user_data["userPrincipalName"]
 
         # Handle foreign principals such as guest users
         azure_email = re.sub(r"#.*$", "", azure_email)
@@ -392,11 +392,11 @@ def login():
         return authenticate_user(user, 'Azure OAuth')
 
     if 'oidc_token' in session:
-        me = json.loads(oidc.get('userinfo').text)
-        oidc_username = me[Setting().get('oidc_oauth_username')]
-        oidc_first_name = me[Setting().get('oidc_oauth_firstname')]
-        oidc_last_name = me[Setting().get('oidc_oauth_last_name')]
-        oidc_email = me[Setting().get('oidc_oauth_email')]
+        user_data = json.loads(oidc.get('userinfo').text)
+        oidc_username = user_data[Setting().get('oidc_oauth_username')]
+        oidc_first_name = user_data[Setting().get('oidc_oauth_firstname')]
+        oidc_last_name = user_data[Setting().get('oidc_oauth_last_name')]
+        oidc_email = user_data[Setting().get('oidc_oauth_email')]
 
         user = User.query.filter_by(username=oidc_username).first()
         if not user:
@@ -426,10 +426,11 @@ def login():
             desc_prop = Setting().get('oidc_oauth_account_description_property')
 
             account_to_add = []
-            # If the name_property and desc_property exist in me (A variable that contains all the userinfo from the IdP).
-            if name_prop in me and desc_prop in me:
-                accounts_name_prop = [me[name_prop]] if type(me[name_prop]) is not list else me[name_prop]
-                accounts_desc_prop = [me[desc_prop]] if type(me[desc_prop]) is not list else me[desc_prop]
+            # If the name_property and desc_property exist in me (A variable that contains all the userinfo from the
+            # IdP).
+            if name_prop in user_data and desc_prop in user_data:
+                accounts_name_prop = [user_data[name_prop]] if type(user_data[name_prop]) is not list else user_data[name_prop]
+                accounts_desc_prop = [user_data[desc_prop]] if type(user_data[desc_prop]) is not list else user_data[desc_prop]
 
                 # Run on all groups the user is in by the index num.
                 for i in range(len(accounts_name_prop)):

From 737e104912af07d07bdf2daf7242fae94adcba45 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 9 Apr 2023 10:11:00 -0400
Subject: [PATCH 405/475] Added KnockoutJS NPM package.

Re-formatted and re-organized settings model.

Working on Knockout model integration into existing authentication settings editor view.
---
 package.json                                  |   1 +
 powerdnsadmin/assets.py                       |   2 +
 powerdnsadmin/models/setting.py               |  95 +++--
 powerdnsadmin/routes/admin.py                 |  50 ++-
 .../js/app-authentication-settings-editor.js  | 273 +++++++++++++
 .../admin_setting_authentication.html         | 381 ++++++++----------
 yarn.lock                                     |   7 +-
 7 files changed, 541 insertions(+), 268 deletions(-)
 create mode 100644 powerdnsadmin/static/custom/js/app-authentication-settings-editor.js

diff --git a/package.json b/package.json
index 42f866db8..3aaac1d63 100644
--- a/package.json
+++ b/package.json
@@ -12,6 +12,7 @@
     "jquery-ui-dist": "^1.13.2",
     "jquery.quicksearch": "^2.4.0",
     "jtimeout": "^3.2.0",
+    "knockout": "^3.5.1",
     "multiselect": "^0.9.12"
   },
   "resolutions": {
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 5e17d7f64..8f9192f64 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -20,6 +20,7 @@ def concat(self, out, hunks, **kw):
     'node_modules/jquery/dist/jquery.js',
     'node_modules/bootstrap/dist/js/bootstrap.js',
     'node_modules/icheck/icheck.js',
+    'node_modules/knockout/build/output/knockout-latest.js',
     'custom/js/custom.js',
     filters=(ConcatFilter, 'rjsmin'),
     output='generated/login.js')
@@ -55,6 +56,7 @@ def concat(self, out, hunks, **kw):
     'node_modules/datatables.net-plugins/sorting/natural.js',
     'node_modules/jtimeout/src/jTimeout.js',
     'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
+    'node_modules/knockout/build/output/knockout-latest.js',
     'custom/js/custom.js',
     'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
     filters=(ConcatFilter, 'rjsmin'),
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index dedaaab29..1ef3166b3 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -15,6 +15,7 @@ class Setting(db.Model):
     value = db.Column(db.Text())
 
     defaults = {
+        # General Settings
         'maintenance': False,
         'fullscreen_layout': True,
         'record_helper': True,
@@ -42,56 +43,79 @@ class Setting(db.Model):
         'pdns_api_timeout': 30,
         'pdns_version': '4.1.1',
         'verify_ssl_connections': True,
+        'verify_user_email': False,
+        'enforce_api_ttl': False,
+        'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours',
+        'otp_field_enabled': True,
+        'custom_css': '',
+        'otp_force': False,
+        'max_history_records': 1000,
+        'deny_domain_override': False,
+        'account_name_extra_chars': False,
+        'gravatar_enabled': False,
+
+        # Local Authentication Settings
         'local_db_enabled': True,
         'signup_enabled': True,
-        'autoprovisioning': False,
-        'urn_value': '',
-        'autoprovisioning_attribute': '',
-        'purge': False,
-        'verify_user_email': False,
+        'pwd_enforce_characters': False,
+        'pwd_min_len': 10,
+        'pwd_min_lowercase': 3,
+        'pwd_min_uppercase': 2,
+        'pwd_min_digits': 2,
+        'pwd_min_special': 1,
+        'pwd_enforce_complexity': False,
+        'pwd_min_complexity': 11,
+
+        # LDAP Authentication Settings
         'ldap_enabled': False,
         'ldap_type': 'ldap',
         'ldap_uri': '',
         'ldap_base_dn': '',
         'ldap_admin_username': '',
         'ldap_admin_password': '',
+        'ldap_domain': '',
         'ldap_filter_basic': '',
-        'ldap_filter_group': '',
         'ldap_filter_username': '',
+        'ldap_filter_group': '',
         'ldap_filter_groupname': '',
         'ldap_sg_enabled': False,
         'ldap_admin_group': '',
         'ldap_operator_group': '',
         'ldap_user_group': '',
-        'ldap_domain': '',
+        'autoprovisioning': False,
+        'autoprovisioning_attribute': '',
+        'urn_value': '',
+        'purge': False,
+
+        # Google OAuth2 Settings
+        'google_oauth_enabled': False,
+        'google_oauth_client_id': '',
+        'google_oauth_client_secret': '',
+        'google_oauth_scope': 'openid email profile',
+        'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
+        'google_oauth_metadata_url': 'https://accounts.google.com/.well-known/openid-configuration',
+        'google_token_url': 'https://oauth2.googleapis.com/token',
+        'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
+
+        # GitHub OAuth2 Settings
         'github_oauth_enabled': False,
         'github_oauth_key': '',
         'github_oauth_secret': '',
         'github_oauth_scope': 'email',
         'github_oauth_api_url': 'https://api.github.com/user',
-        'github_oauth_token_url':
-            'https://github.com/login/oauth/access_token',
-        'github_oauth_authorize_url':
-            'https://github.com/login/oauth/authorize',
         'github_oauth_metadata_url': '',
-        'google_oauth_enabled': False,
-        'google_oauth_client_id': '',
-        'google_oauth_client_secret': '',
-        'google_token_url': 'https://oauth2.googleapis.com/token',
-        'google_oauth_scope': 'openid email profile',
-        'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
-        'google_oauth_metadata_url': '',
-        'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
+        'github_oauth_token_url': 'https://github.com/login/oauth/access_token',
+        'github_oauth_authorize_url': 'https://github.com/login/oauth/authorize',
+
+        # Azure OAuth2 Settings
         'azure_oauth_enabled': False,
         'azure_oauth_key': '',
         'azure_oauth_secret': '',
         'azure_oauth_scope': 'User.Read openid email profile',
         'azure_oauth_api_url': 'https://graph.microsoft.com/v1.0/',
-        'azure_oauth_token_url':
-            'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/token',
-        'azure_oauth_authorize_url':
-            'https://login.microsoftonline.com/[tenancy]/oauth2/v2.0/authorize',
         'azure_oauth_metadata_url': '',
+        'azure_oauth_token_url': '',
+        'azure_oauth_authorize_url': '',
         'azure_sg_enabled': False,
         'azure_admin_group': '',
         'azure_operator_group': '',
@@ -101,22 +125,25 @@ class Setting(db.Model):
         'azure_group_accounts_name_re': '',
         'azure_group_accounts_description': 'description',
         'azure_group_accounts_description_re': '',
+
+        # OIDC OAuth2 Settings
         'oidc_oauth_enabled': False,
         'oidc_oauth_key': '',
         'oidc_oauth_secret': '',
         'oidc_oauth_scope': 'email',
         'oidc_oauth_api_url': '',
+        'oidc_oauth_metadata_url': '',
         'oidc_oauth_token_url': '',
         'oidc_oauth_authorize_url': '',
-        'oidc_oauth_metadata_url': '',
         'oidc_oauth_logout_url': '',
         'oidc_oauth_username': 'preferred_username',
+        'oidc_oauth_email': 'email',
         'oidc_oauth_firstname': 'given_name',
         'oidc_oauth_last_name': 'family_name',
-        'oidc_oauth_email': 'email',
         'oidc_oauth_account_name_property': '',
         'oidc_oauth_account_description_property': '',
-        'enforce_api_ttl': False,
+
+        # Zone Record Settings
         'forward_records_allow_edit': {
             'A': True,
             'AAAA': True,
@@ -193,22 +220,6 @@ class Setting(db.Model):
             'TXT': True,
             'URI': False
         },
-        'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours',
-        'otp_field_enabled': True,
-        'custom_css': '',
-        'otp_force': False,
-        'max_history_records': 1000,
-        'deny_domain_override': False,
-        'account_name_extra_chars': False,
-        'gravatar_enabled': False,
-        'pwd_enforce_characters': False,
-        'pwd_min_len': 10,
-        'pwd_min_lowercase': 3,
-        'pwd_min_uppercase': 2,
-        'pwd_min_digits': 2,
-        'pwd_min_special': 1,
-        'pwd_enforce_complexity': False,
-        'pwd_min_complexity': 11
     }
 
     def __init__(self, id=None, name=None, value=None):
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index eedabdc50..7ec669d2a 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -72,8 +72,8 @@ def to_state(record):
         """For the given record, return the state dict."""
         return {
             "disabled": record['disabled'],
-            "content":  record['content'],
-            "comment":  record.get('comment', ''),
+            "content": record['content'],
+            "comment": record.get('comment', ''),
         }
 
     add_records = get_records(add_rrset)
@@ -149,8 +149,8 @@ def extract_changelogs_from_a_history_entry(out_changes, history_entry, change_n
     # Sort them by the record name
     if change_num in out_changes:
         out_changes[change_num].sort(key=lambda change:
-                change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
-        )
+        change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
+                                     )
 
     # only used for changelog per record
     if record_name != None and record_type != None:  # then get only the records with the specific (record_name, record_type) tuple
@@ -897,7 +897,8 @@ def __init__(self, history, change_set):
                                                        description=DetailedHistory.get_key_val(detail_dict,
                                                                                                "description"))
 
-        elif any(msg in history.msg for msg in ['Change zone','Change domain']) and 'access control' in history.msg:  # added or removed a user from a zone
+        elif any(msg in history.msg for msg in ['Change zone',
+                                                'Change domain']) and 'access control' in history.msg:  # added or removed a user from a zone
             users_with_access = DetailedHistory.get_key_val(detail_dict, "user_has_access")
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
@@ -942,7 +943,7 @@ def __init__(self, history, change_set):
                                                        linked_domains=DetailedHistory.get_key_val(detail_dict,
                                                                                                   "domains"))
 
-        elif any(msg in history.msg for msg in ['Update type for zone','Update type for domain']):
+        elif any(msg in history.msg for msg in ['Update type for zone', 'Update type for domain']):
             self.detailed_msg = render_template_string("""
                 <table class="table table-bordered table-striped">
                     <tr><td>Zone: </td><td>{{ domain }}</td></tr>
@@ -977,7 +978,8 @@ def __init__(self, history, change_set):
                                                                                                   'status'),
                                                        history_msg=DetailedHistory.get_key_val(detail_dict, 'msg'))
 
-        elif any(msg in history.msg for msg in ['Update zone','Update domain']) and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
+        elif any(msg in history.msg for msg in ['Update zone',
+                                                'Update domain']) and 'associate account' in history.msg:  # When an account gets associated or dissociate with zones
             self.detailed_msg = render_template_string('''
                 <table class="table table-bordered table-striped">
                     <tr><td>Associate: </td><td>{{ history_assoc_account }}</td></tr>
@@ -1231,8 +1233,10 @@ def history_table():  # ajax call data
                     .filter(
                     db.and_(
                         db.or_(
-                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like("%domain%"),
-                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like("%zone%"),
+                            History.msg.like("%domain " + domain_name) if domain_name != "*" else History.msg.like(
+                                "%domain%"),
+                            History.msg.like("%zone " + domain_name) if domain_name != "*" else History.msg.like(
+                                "%zone%"),
                             History.msg.like(
                                 "%domain " + domain_name + " access control") if domain_name != "*" else History.msg.like(
                                 "%domain%access control"),
@@ -1540,7 +1544,8 @@ def has_an_auth_method(local_db_enabled=None,
         oidc_oauth_enabled = Setting().get('oidc_oauth_enabled')
     if azure_oauth_enabled is None:
         azure_oauth_enabled = Setting().get('azure_oauth_enabled')
-    return local_db_enabled or ldap_enabled or google_oauth_enabled or github_oauth_enabled or oidc_oauth_enabled or azure_oauth_enabled
+    return local_db_enabled or ldap_enabled or google_oauth_enabled or github_oauth_enabled or oidc_oauth_enabled \
+        or azure_oauth_enabled
 
 
 @admin_bp.route('/setting/authentication', methods=['GET', 'POST'])
@@ -1562,17 +1567,20 @@ def setting_authentication():
             pwd_enforce_characters = True if request.form.get('pwd_enforce_characters') else False
             pwd_min_len = safe_cast(request.form.get('pwd_min_len', Setting().defaults["pwd_min_len"]), int,
                                     Setting().defaults["pwd_min_len"])
-            pwd_min_lowercase = safe_cast(request.form.get('pwd_min_lowercase', Setting().defaults["pwd_min_lowercase"]), int,
-                                          Setting().defaults["pwd_min_lowercase"])
-            pwd_min_uppercase = safe_cast(request.form.get('pwd_min_uppercase', Setting().defaults["pwd_min_uppercase"]), int,
-                                          Setting().defaults["pwd_min_uppercase"])
+            pwd_min_lowercase = safe_cast(
+                request.form.get('pwd_min_lowercase', Setting().defaults["pwd_min_lowercase"]), int,
+                Setting().defaults["pwd_min_lowercase"])
+            pwd_min_uppercase = safe_cast(
+                request.form.get('pwd_min_uppercase', Setting().defaults["pwd_min_uppercase"]), int,
+                Setting().defaults["pwd_min_uppercase"])
             pwd_min_digits = safe_cast(request.form.get('pwd_min_digits', Setting().defaults["pwd_min_digits"]), int,
                                        Setting().defaults["pwd_min_digits"])
             pwd_min_special = safe_cast(request.form.get('pwd_min_special', Setting().defaults["pwd_min_special"]), int,
                                         Setting().defaults["pwd_min_special"])
 
             pwd_enforce_complexity = True if request.form.get('pwd_enforce_complexity') else False
-            pwd_min_complexity = safe_cast(request.form.get('pwd_min_complexity', Setting().defaults["pwd_min_complexity"]), int,
+            pwd_min_complexity = safe_cast(request.form.get('pwd_min_complexity',
+                                                            Setting().defaults["pwd_min_complexity"]), int,
                                            Setting().defaults["pwd_min_complexity"])
 
             if not has_an_auth_method(local_db_enabled=local_db_enabled):
@@ -1585,14 +1593,12 @@ def setting_authentication():
             else:
                 Setting().set('local_db_enabled', local_db_enabled)
                 Setting().set('signup_enabled', signup_enabled)
-
                 Setting().set('pwd_enforce_characters', pwd_enforce_characters)
                 Setting().set('pwd_min_len', pwd_min_len)
                 Setting().set('pwd_min_lowercase', pwd_min_lowercase)
                 Setting().set('pwd_min_uppercase', pwd_min_uppercase)
                 Setting().set('pwd_min_digits', pwd_min_digits)
                 Setting().set('pwd_min_special', pwd_min_special)
-
                 Setting().set('pwd_enforce_complexity', pwd_enforce_complexity)
                 Setting().set('pwd_min_complexity', pwd_min_complexity)
 
@@ -2097,16 +2103,16 @@ def global_search():
             results = server.global_search(object_type='all', query=query)
 
             # Filter results to domains to which the user has access permission
-            if current_user.role.name not in [ 'Administrator', 'Operator' ]:
+            if current_user.role.name not in ['Administrator', 'Operator']:
                 allowed_domains = db.session.query(Domain) \
                     .outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
                     .outerjoin(Account, Domain.account_id == Account.id) \
                     .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
                     .filter(
-                        db.or_(
-                            DomainUser.user_id == current_user.id,
-                            AccountUser.user_id == current_user.id
-                        )) \
+                    db.or_(
+                        DomainUser.user_id == current_user.id,
+                        AccountUser.user_id == current_user.id
+                    )) \
                     .with_entities(Domain.name) \
                     .all()
                 allowed_domains = [value for value, in allowed_domains]
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
new file mode 100644
index 000000000..104b3e99c
--- /dev/null
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -0,0 +1,273 @@
+let model;
+
+let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
+    let self = this;
+
+    let defaults = {
+        tab_active: '',
+        tab_default: 'local',
+
+        // Local Authentication Settings
+        local_db_enabled: true,
+        signup_enabled: true,
+        pwd_enforce_characters: false,
+        pwd_min_len: 10,
+        pwd_min_lowercase: 3,
+        pwd_min_uppercase: 2,
+        pwd_min_digits: 2,
+        pwd_min_special: 1,
+        pwd_enforce_complexity: false,
+        pwd_min_complexity: 11,
+
+        // LDAP Authentication Settings
+        ldap_enabled: false,
+        ldap_type: 'ldap',
+        ldap_uri: '',
+        ldap_base_dn: '',
+        ldap_admin_username: '',
+        ldap_admin_password: '',
+        ldap_domain: '',
+        ldap_filter_basic: '',
+        ldap_filter_username: '',
+        ldap_filter_group: '',
+        ldap_filter_groupname: '',
+        ldap_sg_enabled: false,
+        ldap_admin_group: '',
+        ldap_operator_group: '',
+        ldap_user_group: '',
+        autoprovisioning: false,
+        autoprovisioning_attribute: '',
+        urn_value: '',
+        purge: false,
+
+        // Google OAuth2 Settings
+        google_oauth_enabled: false,
+        google_oauth_client_id: '',
+        google_oauth_client_secret: '',
+        google_oauth_scope: '',
+        google_base_url: '',
+        google_oauth_auto_configure: false,
+        google_oauth_metadata_url: '',
+        google_token_url: '',
+        google_authorize_url: '',
+
+        // GitHub OAuth2 Settings
+        github_oauth_enabled: false,
+        github_oauth_key: '',
+        github_oauth_secret: '',
+        github_oauth_scope: '',
+        github_oauth_api_url: '',
+        github_oauth_auto_configure: false,
+        github_oauth_metadata_url: '',
+        github_oauth_token_url: '',
+        github_oauth_authorize_url: '',
+
+        // Azure AD OAuth2 Settings
+        azure_oauth_enabled: false,
+        azure_oauth_key: '',
+        azure_oauth_secret: '',
+        azure_oauth_scope: '',
+        azure_oauth_api_url: '',
+        azure_oauth_auto_configure: false,
+        azure_oauth_metadata_url: '',
+        azure_oauth_token_url: '',
+        azure_oauth_authorize_url: '',
+        azure_sg_enabled: false,
+        azure_admin_group: '',
+        azure_operator_group: '',
+        azure_user_group: '',
+        azure_group_accounts_enabled: false,
+        azure_group_accounts_name: '',
+        azure_group_accounts_name_re: '',
+        azure_group_accounts_description: '',
+        azure_group_accounts_description_re: '',
+
+        // OIDC OAuth2 Settings
+        oidc_oauth_enabled: false,
+        oidc_oauth_key: '',
+        oidc_oauth_secret: '',
+        oidc_oauth_scope: '',
+        oidc_oauth_api_url: '',
+        oidc_oauth_auto_configure: false,
+        oidc_oauth_metadata_url: '',
+        oidc_oauth_token_url: '',
+        oidc_oauth_authorize_url: '',
+        oidc_oauth_logout_url: '',
+        oidc_oauth_username: '',
+        oidc_oauth_email: '',
+        oidc_oauth_firstname: '',
+        oidc_oauth_last_name: '',
+        oidc_oauth_account_name_property: '',
+        oidc_oauth_account_description_property: '',
+    }
+
+    self.data = {};
+
+    self.setupObservables = function () {
+        self.tab_active = ko.observable(self.data.tab_active);
+        self.tab_default = ko.observable(self.data.tab_default);
+
+        // Local Authentication Settings
+        self.local_db_enabled = ko.observable(self.data.local_db_enabled);
+        self.signup_enabled = ko.observable(self.data.signup_enabled);
+        self.pwd_enforce_characters = ko.observable(self.data.pwd_enforce_characters);
+        self.pwd_min_len = ko.observable(self.data.pwd_min_len);
+        self.pwd_min_lowercase = ko.observable(self.data.pwd_min_lowercase);
+        self.pwd_min_uppercase = ko.observable(self.data.pwd_min_uppercase);
+        self.pwd_min_digits = ko.observable(self.data.pwd_min_digits);
+        self.pwd_min_special = ko.observable(self.data.pwd_min_special);
+        self.pwd_enforce_complexity = ko.observable(self.data.pwd_enforce_complexity);
+        self.pwd_min_complexity = ko.observable(self.data.pwd_min_complexity);
+
+        // LDAP Authentication Settings
+        self.ldap_enabled = ko.observable(self.data.ldap_enabled);
+        self.ldap_type = ko.observable(self.data.ldap_type);
+        self.ldap_uri = ko.observable(self.data.ldap_uri);
+        self.ldap_base_dn = ko.observable(self.data.ldap_base_dn);
+        self.ldap_admin_username = ko.observable(self.data.ldap_admin_username);
+        self.ldap_admin_password = ko.observable(self.data.ldap_admin_password);
+        self.ldap_domain = ko.observable(self.data.ldap_domain);
+        self.ldap_filter_basic = ko.observable(self.data.ldap_filter_basic);
+        self.ldap_filter_username = ko.observable(self.data.ldap_filter_username);
+        self.ldap_filter_group = ko.observable(self.data.ldap_filter_group);
+        self.ldap_filter_groupname = ko.observable(self.data.ldap_filter_groupname);
+        self.ldap_sg_enabled = ko.observable(self.data.ldap_sg_enabled);
+        self.ldap_admin_group = ko.observable(self.data.ldap_admin_group);
+        self.ldap_operator_group = ko.observable(self.data.ldap_operator_group);
+        self.ldap_user_group = ko.observable(self.data.ldap_user_group);
+        self.autoprovisioning = ko.observable(self.data.autoprovisioning);
+        self.autoprovisioning_attribute = ko.observable(self.data.autoprovisioning_attribute);
+        self.urn_value = ko.observable(self.data.urn_value);
+        self.purge = ko.observable(self.data.purge);
+
+        // Google OAuth2 Settings
+        self.google_oauth_enabled = ko.observable(self.data.google_oauth_enabled);
+        self.google_oauth_client_id = ko.observable(self.data.google_oauth_client_id);
+        self.google_oauth_client_secret = ko.observable(self.data.google_oauth_client_secret);
+        self.google_oauth_scope = ko.observable(self.data.google_oauth_scope);
+        self.google_base_url = ko.observable(self.data.google_base_url);
+        self.google_oauth_auto_configure = ko.observable(self.data.google_oauth_auto_configure);
+        self.google_oauth_metadata_url = ko.observable(self.data.google_oauth_metadata_url);
+        self.google_token_url = ko.observable(self.data.google_token_url);
+        self.google_authorize_url = ko.observable(self.data.google_authorize_url);
+
+        // GitHub OAuth2 Settings
+        self.github_oauth_enabled = ko.observable(self.data.github_oauth_enabled);
+        self.github_oauth_key = ko.observable(self.data.github_oauth_key);
+        self.github_oauth_secret = ko.observable(self.data.github_oauth_secret);
+        self.github_oauth_scope = ko.observable(self.data.github_oauth_scope);
+        self.github_oauth_api_url = ko.observable(self.data.github_oauth_api_url);
+        self.github_oauth_auto_configure = ko.observable(self.data.github_oauth_auto_configure);
+        self.github_oauth_metadata_url = ko.observable(self.data.github_oauth_metadata_url);
+        self.github_oauth_token_url = ko.observable(self.data.github_oauth_token_url);
+        self.github_oauth_authorize_url = ko.observable(self.data.github_oauth_authorize_url);
+
+        // Azure AD OAuth2 Settings
+        self.azure_oauth_enabled = ko.observable(self.data.azure_oauth_enabled);
+        self.azure_oauth_key = ko.observable(self.data.azure_oauth_key);
+        self.azure_oauth_secret = ko.observable(self.data.azure_oauth_secret);
+        self.azure_oauth_scope = ko.observable(self.data.azure_oauth_scope);
+        self.azure_oauth_api_url = ko.observable(self.data.azure_oauth_api_url);
+        self.azure_oauth_auto_configure = ko.observable(self.data.azure_oauth_auto_configure);
+        self.azure_oauth_metadata_url = ko.observable(self.data.azure_oauth_metadata_url);
+        self.azure_oauth_token_url = ko.observable(self.data.azure_oauth_token_url);
+        self.azure_oauth_authorize_url = ko.observable(self.data.azure_oauth_authorize_url);
+        self.azure_sg_enabled = ko.observable(self.data.azure_sg_enabled);
+        self.azure_admin_group = ko.observable(self.data.azure_admin_group);
+        self.azure_operator_group = ko.observable(self.data.azure_operator_group);
+        self.azure_user_group = ko.observable(self.data.azure_user_group);
+        self.azure_group_accounts_enabled = ko.observable(self.data.azure_group_accounts_enabled);
+        self.azure_group_accounts_name = ko.observable(self.data.azure_group_accounts_name);
+        self.azure_group_accounts_name_re = ko.observable(self.data.azure_group_accounts_name_re);
+        self.azure_group_accounts_description = ko.observable(self.data.azure_group_accounts_description);
+        self.azure_group_accounts_description_re = ko.observable(self.data.azure_group_accounts_description_re);
+
+        // OIDC OAuth2 Settings
+        self.oidc_oauth_enabled = ko.observable(self.data.oidc_oauth_enabled);
+        self.oidc_oauth_key = ko.observable(self.data.oidc_oauth_key);
+        self.oidc_oauth_secret = ko.observable(self.data.oidc_oauth_secret);
+        self.oidc_oauth_scope = ko.observable(self.data.oidc_oauth_scope);
+        self.oidc_oauth_api_url = ko.observable(self.data.oidc_oauth_api_url);
+        self.oidc_oauth_auto_configure = ko.observable(self.data.oidc_oauth_auto_configure);
+        self.oidc_oauth_metadata_url = ko.observable(self.data.oidc_oauth_metadata_url);
+        self.oidc_oauth_token_url = ko.observable(self.data.oidc_oauth_token_url);
+        self.oidc_oauth_authorize_url = ko.observable(self.data.oidc_oauth_authorize_url);
+        self.oidc_oauth_logout_url = ko.observable(self.data.oidc_oauth_logout_url);
+        self.oidc_oauth_username = ko.observable(self.data.oidc_oauth_username);
+        self.oidc_oauth_email = ko.observable(self.data.oidc_oauth_email);
+        self.oidc_oauth_firstname = ko.observable(self.data.oidc_oauth_firstname);
+        self.oidc_oauth_last_name = ko.observable(self.data.oidc_oauth_last_name);
+        self.oidc_oauth_account_name_property = ko.observable(self.data.oidc_oauth_account_name_property);
+        self.oidc_oauth_account_description_property = ko.observable(self.data.oidc_oauth_account_description_property);
+    }
+
+    self.updateWithDefaults = function (instance) {
+        self.data = $.extend(defaults, instance)
+    }
+
+    self.activateTab = function (tab) {
+        $('[role="tablist"] a.nav-link').blur();
+        self.tab_active(tab);
+        window.location.hash = tab;
+    }
+
+    self.activateDefaultTab = function () {
+        self.activateTab(self.tab_default());
+    }
+
+    self.initTabs = function() {
+        if (self.hasHash()) {
+            self.activateTab(self.getHash());
+        } else {
+            self.activateDefaultTab();
+        }
+    }
+
+    self.getHash = function () {
+        return window.location.hash.substring(1);
+    }
+
+    self.hasHash = function () {
+        return window.location.hash.length > 1;
+    }
+
+    self.setupListeners = function () {
+        if ('onhashchange' in window) {
+            $(window).bind('hashchange', self.onHashChange);
+        }
+    }
+
+    self.destroyListeners = function () {
+        if ('onhashchange' in window) {
+            $(window).unbind('hashchange', self.onHashChange);
+        }
+    }
+
+    self.onTabClick = function (model, event) {
+        self.activateTab($(event.target).data('tab'));
+        return false;
+    }
+
+    self.onHashChange = function (event) {
+        let hash = window.location.hash.trim();
+        if (hash.length > 1) {
+            self.activateTab(hash.substring(1));
+        } else {
+            self.activateDefaultTab();
+        }
+    }
+
+    self.updateWithDefaults(user_data);
+    self.setupObservables();
+
+    ko.applyBindings(self);
+
+    self.initTabs();
+    self.setupListeners();
+}
+
+$(function () {
+    // TODO: Load the data from the server and pass it to the model instantiation
+    loaded_data = {};
+    model = new AuthenticationSettingsModel(loaded_data, CSRF_TOKEN, '#settings-editor');
+})
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index ca8baa5a6..73d305d54 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -25,7 +25,7 @@ <h1 class="m-0 text-dark">Authentication Settings</h1>
         <div class="container-fluid">
             <div class="row">
                 <div class="col-12">
-                    <div class="card card-outline card-primary shadow">
+                    <div class="card card-outline card-primary shadow" id="settings-editor">
                         <div class="card-header">
                             <h3 class="card-title">Settings Editor</h3>
                         </div>
@@ -43,31 +43,43 @@ <h3 class="card-title">Settings Editor</h3>
                             <div class="nav-tabs-custom">
                                 <ul class="nav nav-tabs" role="tablist">
                                     <li class="nav-item">
-                                        <a class="nav-link active" href="#tabs-general" data-toggle="pill" role="tab">General</a>
+                                        <a data-tab="local"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'local' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">Local</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-ldap" data-toggle="pill" role="tab">LDAP</a>
+                                        <a data-tab="ldap"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'ldap' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">LDAP</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-google" data-toggle="pill" role="tab">Google
+                                        <a data-tab="google"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'google' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">Google
                                             OAuth</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-github" data-toggle="pill" role="tab">GitHub
+                                        <a data-tab="github"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'github' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">GitHub
                                             OAuth</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-azure" data-toggle="pill" role="tab">Microsoft
+                                        <a data-tab="azure"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'azure' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">Azure
                                             OAuth</a>
                                     </li>
                                     <li class="nav-item">
-                                        <a class="nav-link" href="#tabs-oidc" data-toggle="pill" role="tab">OpenID
+                                        <a data-tab="oidc"
+                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'oidc' ? ' active' : '')"
+                                           href="#" data-toggle="pill" role="tab">OpenID
                                             Connect OAuth</a>
                                     </li>
                                 </ul>
                                 <div class="tab-content">
 
-                                    <div class="tab-pane active" id="tabs-general">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post">
@@ -75,18 +87,15 @@ <h3 class="card-title">Settings Editor</h3>
                                                     <input type="hidden" value="general" name="config_tab"/>
                                                     <div class="card">
                                                         <div class="card-header">
-                                                            <h3 class="card-title">Basic Settings</h3>
+                                                            <h3 class="card-title">Local Authentication Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
-                                                            <fieldset>
-
-                                                            </fieldset>
                                                             <div class="form-group">
                                                                 <input type="checkbox" id="local_db_enabled"
                                                                        name="local_db_enabled"
                                                                        class="checkbox"
-                                                                       {% if SETTING.get('local_db_enabled') %}checked{% endif %}>
+                                                                       data-bind="checked: local_db_enabled">
                                                                 <label for="local_db_enabled">Local DB
                                                                     Authentication</label>
                                                             </div>
@@ -94,7 +103,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                 <input type="checkbox" id="signup_enabled"
                                                                        name="signup_enabled"
                                                                        class="checkbox"
-                                                                       {% if SETTING.get('signup_enabled') %}checked{% endif %}>
+                                                                       data-bind="enable: local_db_enabled, checked: signup_enabled">
                                                                 <label for="signup_enabled">Allow users to sign
                                                                     up</label>
                                                             </div>
@@ -104,7 +113,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                     <input type="checkbox" id="pwd_enforce_characters"
                                                                            name="pwd_enforce_characters"
                                                                            class="checkbox"
-                                                                           {% if SETTING.get('pwd_enforce_characters') %}checked{% endif %}>
+                                                                           data-bind="enable: local_db_enabled, checked: pwd_enforce_characters">
                                                                     <label for="pwd_enforce_characters">
                                                                         Enforce Character Requirements
                                                                     </label>
@@ -115,7 +124,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_len" id="pwd_min_len"
                                                                            data-error="Please enter a minimum password length"
-                                                                           value="{{ SETTING.get('pwd_min_len') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_len, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="pwd_min_lowercase">Minimum Lowercase
@@ -124,7 +133,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                            name="pwd_min_lowercase"
                                                                            id="pwd_min_lowercase"
                                                                            data-error="Please enter the minimum number of lowercase letters required"
-                                                                           value="{{ SETTING.get('pwd_min_lowercase') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_lowercase, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="pwd_min_uppercase">Minimum Uppercase
@@ -133,7 +142,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                            name="pwd_min_uppercase"
                                                                            id="pwd_min_uppercase"
                                                                            data-error="Please enter the minimum number of uppercase letters required"
-                                                                           value="{{ SETTING.get('pwd_min_uppercase') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_uppercase, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="pwd_min_digits">Minimum Digit
@@ -141,7 +150,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_digits" id="pwd_min_digits"
                                                                            data-error="Please enter the minimum number of digits required"
-                                                                           value="{{ SETTING.get('pwd_min_digits') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_digits, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="pwd_min_special">Minimum Special
@@ -149,13 +158,13 @@ <h3 class="card-title">Basic Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_special" id="pwd_min_special"
                                                                            data-error="Please enter the minimum number of special characters required"
-                                                                           value="{{ SETTING.get('pwd_min_special') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_special, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="pwd_enforce_complexity"
                                                                            name="pwd_enforce_complexity"
                                                                            class="checkbox"
-                                                                           {% if SETTING.get('pwd_enforce_complexity') %}checked{% endif %}>
+                                                                           data-bind="enable: local_db_enabled, checked: pwd_enforce_complexity">
                                                                     <label for="pwd_enforce_complexity">
                                                                         Enforce Complexity Requirement
                                                                     </label>
@@ -167,7 +176,7 @@ <h3 class="card-title">Basic Settings</h3>
                                                                            name="pwd_min_complexity"
                                                                            id="pwd_min_complexity"
                                                                            data-error="Please enter the minimum password complexity required"
-                                                                           value="{{ SETTING.get('pwd_min_complexity') }}">
+                                                                           data-bind="enable: local_db_enabled() && pwd_enforce_complexity(), value: pwd_min_complexity, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                             </fieldset>
                                                         </div>
@@ -201,13 +210,18 @@ <h3 class="card-title">Settings Help</h3>
                                                                 to be enabled.
                                                             </dd>
                                                             <h4>Password Requirements</h4>
-                                                            <dd>This section allows you to customize your local DB password
-                                                            requirements
-                                                            and ensure that when users change their password or signup
-                                                            they are
-                                                            picking strong passwords.</dd>
-                                                            <dd>Setting any entry field to a blank value will revert it back
-                                                            to default.</dd>
+                                                            <dd>This section allows you to customize your local DB
+                                                                password
+                                                                requirements
+                                                                and ensure that when users change their password or
+                                                                signup
+                                                                they are
+                                                                picking strong passwords.
+                                                            </dd>
+                                                            <dd>Setting any entry field to a blank value will revert it
+                                                                back
+                                                                to default.
+                                                            </dd>
                                                             <dt>Enforce Character Requirements</dt>
                                                             <dd>This option will enforce the character type requirements
                                                                 for
@@ -247,7 +261,7 @@ <h4>Password Requirements</h4>
                                                                         log factor
                                                                         is 11 as it is considered secure. More
                                                                         information about
-                                                                        the this can be found at
+                                                                        this can be found at
                                                                         <a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_wheeler.pdf">here</a>
                                                                     </li>
                                                                 </ul>
@@ -264,7 +278,7 @@ <h4>Password Requirements</h4>
                                     </div>
                                     <!-- /.tab-pane -->
 
-                                    <div class="tab-pane" id="tabs-ldap">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 {% if error %}
@@ -281,7 +295,7 @@ <h4><i class="icon fa fa-ban"></i> Error!</h4>
                                                     <input type="hidden" value="ldap" name="config_tab"/>
                                                     <div class="card">
                                                         <div class="card-header">
-                                                            <h3 class="card-title">LDAP Settings</h3>
+                                                            <h3 class="card-title">LDAP Authentication Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
@@ -290,7 +304,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                     <input type="checkbox" id="ldap_enabled"
                                                                            name="ldap_enabled"
                                                                            class="checkbox"
-                                                                           {% if SETTING.get('ldap_enabled') %}checked{% endif %}>
+                                                                           data-bind="checked: ldap_enabled">
                                                                     <label for="ldap_enabled">Enable LDAP
                                                                         Authentication</label>
                                                                 </div>
@@ -299,18 +313,17 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="ldap_type"
-                                                                                   id="ldap"
-                                                                                   onclick="javascript:ldapSelection();"
+                                                                                   id="ldap_type_openldap"
                                                                                    value="ldap"
-                                                                                   {% if SETTING.get('ldap_type')=='ldap' %}checked{% endif %}>
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_type">
                                                                             OpenLDAP
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
-                                                                            <input type="radio" name="ldap_type" id="ad"
-                                                                                   onclick="javascript:ldapSelection();"
+                                                                            <input type="radio" name="ldap_type"
+                                                                                   id="ldap_type_ad"
                                                                                    value="ad"
-                                                                                   {% if SETTING.get('ldap_type')=='ad' %}checked{% endif %}>
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_type">
                                                                             Active Directory
                                                                         </label>
                                                                     </div>
@@ -325,7 +338,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="ldap_uri"
                                                                            placeholder="e.g. ldaps://your-ldap-server:636"
                                                                            data-error="Please input LDAP URI"
-                                                                           value="{{ SETTING.get('ldap_uri') }}">
+                                                                           data-bind="enable: ldap_enabled, value: ldap_uri, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="ldap_base_dn">LDAP Base DN</label>
@@ -334,11 +347,11 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="ldap_base_dn"
                                                                            placeholder="e.g. dc=mydomain,dc=com"
                                                                            data-error="Please input LDAP Base DN"
-                                                                           value="{{ SETTING.get('ldap_base_dn') }}">
+                                                                           data-bind="enable: ldap_enabled, value: ldap_base_dn, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div id="ldap_openldap_fields">
-                                                                    <div class="form-group">
+                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ldap'">
                                                                         <label for="ldap_admin_username">LDAP admin
                                                                             username</label>
                                                                         <input type="text" class="form-control"
@@ -346,10 +359,10 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                                id="ldap_admin_username"
                                                                                placeholder="e.g. cn=admin,dc=mydomain,dc=com"
                                                                                data-error="Please input LDAP admin username"
-                                                                               value="{{ SETTING.get('ldap_admin_username') }}">
+                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_username, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
-                                                                    <div class="form-group">
+                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ldap'">
                                                                         <label for="ldap_admin_password">LDAP admin
                                                                             password</label>
                                                                         <input type="password" class="form-control"
@@ -357,19 +370,19 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                                id="ldap_admin_password"
                                                                                placeholder="LDAP Admin password"
                                                                                data-error="Please input LDAP admin password"
-                                                                               value="{{ SETTING.get('ldap_admin_password') }}">
+                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_password, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
                                                                 </div>
                                                                 <div id="ldap_ad_fields">
-                                                                    <div class="form-group">
+                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ad'">
                                                                         <label for="ldap_domain">Active Directory
                                                                             domain</label>
                                                                         <input type="text" class="form-control"
                                                                                name="ldap_domain" id="ldap_domain"
                                                                                placeholder="Active Directory domain"
                                                                                data-error="Please input Actve Directory domain value"
-                                                                               value="{{ SETTING.get('ldap_domain') }}">
+                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ad', value: ldap_domain, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
                                                                 </div>
@@ -383,7 +396,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="ldap_filter_basic"
                                                                            placeholder="e.g. (objectClass=inetorgperson)"
                                                                            data-error="Please input LDAP filter"
-                                                                           value="{{ SETTING.get('ldap_filter_basic') }}">
+                                                                           data-bind="enable: ldap_enabled, value: ldap_filter_basic, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -394,7 +407,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="ldap_filter_username"
                                                                            placeholder="e.g. uid"
                                                                            data-error="Please input field for username filtering"
-                                                                           value="{{ SETTING.get('ldap_filter_username') }}">
+                                                                           data-bind="enable: ldap_enabled, value: ldap_filter_username, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div id="ldap_openldap_group_filters">
@@ -406,7 +419,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                                id="ldap_filter_group"
                                                                                placeholder="e.g. (objectclass=groupOfNames)"
                                                                                data-error="Please input LDAP filter"
-                                                                               value="{{ SETTING.get('ldap_filter_group') }}">
+                                                                               data-bind="enable: ldap_enabled, value: ldap_filter_group, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
                                                                     <div class="form-group">
@@ -417,7 +430,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                                id="ldap_filter_groupname"
                                                                                placeholder="e.g. member"
                                                                                data-error="Please input field for group name filtering"
-                                                                               value="{{ SETTING.get('ldap_filter_groupname') }}">
+                                                                               data-bind="enable: ldap_enabled, value: ldap_filter_groupname, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
                                                                 </div>
@@ -429,15 +442,15 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
-                                                                                   id="ldap_sg_off" value="OFF"
-                                                                                   {% if not SETTING.get('ldap_sg_enabled') %}checked{% endif %}>
+                                                                                   id="ldap_sg_off" value="0"
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
-                                                                                   id="ldap_sg_on" value="ON"
-                                                                                   {% if SETTING.get('ldap_sg_enabled') %}checked{% endif %}>
+                                                                                   id="ldap_sg_on" value="1"
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -448,7 +461,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            name="ldap_admin_group" id="ldap_admin_group"
                                                                            placeholder="e.g. cn=sysops,dc=mydomain,dc=com"
                                                                            data-error="Please input LDAP DN for Admin group"
-                                                                           value="{{ SETTING.get('ldap_admin_group') }}">
+                                                                           data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_admin_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -459,7 +472,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="ldap_operator_group"
                                                                            placeholder="e.g. cn=operators,dc=mydomain,dc=com"
                                                                            data-error="Please input LDAP DN for Operator group"
-                                                                           value="{{ SETTING.get('ldap_operator_group') }}">
+                                                                           data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_operator_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -468,7 +481,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            name="ldap_user_group" id="ldap_user_group"
                                                                            placeholder="e.g. cn=users,dc=mydomain,dc=com"
                                                                            data-error="Please input LDAP DN for User group"
-                                                                           value="{{ SETTING.get('ldap_user_group') }}">
+                                                                           data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_user_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -479,17 +492,17 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
-                                                                                   id="autoprovisioning_off" value="OFF"
-                                                                                   {% if not SETTING.get('autoprovisioning') %}checked{% endif %}>
+                                                                                   id="autoprovisioning_off" value="0"
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
-                                                                                   id="autoprovisioning_on" value="ON"
-
-                                                                                   {% if SETTING.get('autoprovisioning') %}checked{% endif %}>
+                                                                                   id="autoprovisioning_on" value="1"
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: true">
                                                                             ON
+                                                                        </label>
                                                                     </div>
                                                                 </div>
                                                                 <div class="form-group">
@@ -501,7 +514,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="autoprovisioning_attribute"
                                                                            placeholder="e.g. eduPersonEntitlement"
                                                                            data-error="    Please input field responsible for autoprovisioning"
-                                                                           value="{{ SETTING.get('autoprovisioning_attribute') }}">
+                                                                           data-bind="enable: ldap_enabled() && autoprovisioning(), value: autoprovisioning_attribute, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
 
@@ -513,7 +526,7 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                            id="urn_value"
                                                                            placeholder="e.g. urn:mace:<yourOrganization>"
                                                                            data-error="Please fill this field"
-                                                                           value="{{ SETTING.get('urn_value') }}">
+                                                                           data-bind="enable: ldap_enabled() && autoprovisioning(), value: urn_value, valueUpdate: 'afterkeydown'">
                                                                     {% if error %}
                                                                         <span class="help-block with-errors">Please input the correct prefix for your urn value</span>
                                                                     {% endif %}
@@ -524,16 +537,16 @@ <h3 class="card-title">LDAP Settings</h3>
                                                                         <label>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_off"
-                                                                                   value="OFF"
-                                                                                   {% if not SETTING.get('purge') %}checked{% endif %}>
+                                                                                   value="0"
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_on"
-                                                                                   value="ON"
-                                                                                   {% if SETTING.get('purge') %}checked{% endif %}>
+                                                                                   value="1"
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: true">
                                                                             ON
                                                                     </div>
                                                                 </div>
@@ -722,7 +735,7 @@ <h3 class="card-title">Settings Help</h3>
                                     </div>
                                     <!-- /.tab-pane -->
 
-                                    <div class="tab-pane" id="tabs-google">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
@@ -739,7 +752,7 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="google_oauth_enabled"
                                                                            name="google_oauth_enabled" class="checkbox"
-                                                                           {% if SETTING.get('google_oauth_enabled') %}checked{% endif %}>
+                                                                           data-bind="checked: google_oauth_enabled">
                                                                     <label for="google_oauth_enabled">Enable Google
                                                                         OAuth</label>
                                                                 </div>
@@ -751,7 +764,7 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            id="google_oauth_client_id"
                                                                            placeholder="Google OAuth Client ID"
                                                                            data-error="Please input Client ID"
-                                                                           value="{{ SETTING.get('google_oauth_client_id') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_client_id, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -762,7 +775,7 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            id="google_oauth_client_secret"
                                                                            placeholder="Google OAuth Client Secret"
                                                                            data-error="Please input Client Secret"
-                                                                           value="{{ SETTING.get('google_oauth_client_secret') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_client_secret, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -772,16 +785,16 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            id="google_oauth_scope"
                                                                            placeholder="e.g. email profile"
                                                                            data-error="Please input scope"
-                                                                           value="{{ SETTING.get('google_oauth_scope') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_scope, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="google_base_url">API URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_base_url" id="google_base_url"
-                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v1/"
+                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v3/"
                                                                            data-error="Please input base URL"
-                                                                           value="{{ SETTING.get('google_base_url') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_base_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -790,18 +803,18 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="google_oauth_metadata_url"
                                                                            id="google_oauth_metadata_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                           placeholder="e.g. https://accounts.google.com/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           value="{{ SETTING.get('google_oauth_metadata_url') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
                                                                     <label for="google_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_token_url" id="google_token_url"
-                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/token"
+                                                                           placeholder="e.g. https://oauth2.googleapis.com/token"
                                                                            data-error="Please input token URL"
-                                                                           value="{{ SETTING.get('google_token_url') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -810,9 +823,9 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="google_authorize_url"
                                                                            id="google_authorize_url"
-                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/auth"
+                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/v2/auth"
                                                                            data-error="Please input Authorize URL"
-                                                                           value="{{ SETTING.get('google_authorize_url') }}">
+                                                                           data-bind="enable: google_oauth_enabled, value: google_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -853,7 +866,7 @@ <h3 class="card-title">Settings Help</h3>
                                     </div>
                                     <!-- /.tab-pane -->
 
-                                    <div class="tab-pane" id="tabs-github">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
@@ -869,7 +882,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="github_oauth_enabled"
                                                                            name="github_oauth_enabled" class="checkbox"
-                                                                           {% if SETTING.get('github_oauth_enabled') %}checked{% endif %}>
+                                                                           data-bind="checked: github_oauth_enabled">
                                                                     <label for="github_oauth_enabled">Enable GitHub
                                                                         OAuth</label>
                                                                 </div>
@@ -879,7 +892,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            name="github_oauth_key" id="github_oauth_key"
                                                                            placeholder="Github OAuth Client ID"
                                                                            data-error="Please input Client ID"
-                                                                           value="{{ SETTING.get('github_oauth_key') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_key, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -890,7 +903,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_secret"
                                                                            placeholder="Github OAuth Client Secret"
                                                                            data-error="Please input Client Secret"
-                                                                           value="{{ SETTING.get('github_oauth_secret') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_secret, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -900,7 +913,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_scope"
                                                                            placeholder="e.g. email"
                                                                            data-error="Please input scope"
-                                                                           value="{{ SETTING.get('github_oauth_scope') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_scope, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -910,7 +923,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_api_url"
                                                                            placeholder="e.g. https://api.github.com/user"
                                                                            data-error="Please input API URL"
-                                                                           value="{{ SETTING.get('github_oauth_api_url') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_api_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -921,7 +934,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_metadata_url"
                                                                            placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
                                                                            data-error="Please input Metadata URL"
-                                                                           value="{{ SETTING.get('github_oauth_metadata_url') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -932,7 +945,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_token_url"
                                                                            placeholder="e.g. https://github.com/login/oauth/access_token"
                                                                            data-error="Please input Token URL"
-                                                                           value="{{ SETTING.get('github_oauth_token_url') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -943,7 +956,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_authorize_url"
                                                                            placeholder="e.g. https://github.com/login/oauth/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           value="{{ SETTING.get('github_oauth_authorize_url') }}">
+                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -981,7 +994,7 @@ <h3 class="card-title">Settings Help</h3>
                                     </div>
                                     <!-- /.tab-pane -->
 
-                                    <div class="tab-pane" id="tabs-azure">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
@@ -989,7 +1002,7 @@ <h3 class="card-title">Settings Help</h3>
                                                     <input type="hidden" value="azure" name="config_tab"/>
                                                     <div class="card">
                                                         <div class="card-header">
-                                                            <h3 class="card-title">Microsoft OAuth Settings</h3>
+                                                            <h3 class="card-title">Azure OAuth Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
@@ -997,7 +1010,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="azure_oauth_enabled"
                                                                            name="azure_oauth_enabled" class="checkbox"
-                                                                           {% if SETTING.get('azure_oauth_enabled') %}checked{% endif %}>
+                                                                           data-bind="checked: azure_oauth_enabled">
                                                                     <label for="azure_oauth_enabled">Enable Microsoft
                                                                         Azure
                                                                         OAuth</label>
@@ -1008,7 +1021,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            name="azure_oauth_key" id="azure_oauth_key"
                                                                            placeholder="Azure OAuth Client ID"
                                                                            data-error="Please input Client Key"
-                                                                           value="{{ SETTING.get('azure_oauth_key') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_key, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1019,7 +1032,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_oauth_secret"
                                                                            placeholder="Azure OAuth Client Secret"
                                                                            data-error="Please input Client Secret"
-                                                                           value="{{ SETTING.get('azure_oauth_secret') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_secret, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1029,7 +1042,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_oauth_scope"
                                                                            placeholder="e.g. email"
                                                                            data-error="Please input scope - e.g. User.Read"
-                                                                           value="{{ SETTING.get('azure_oauth_scope') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_scope, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1039,7 +1052,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_oauth_api_url"
                                                                            placeholder="e.g. https://graph.microsoft.com/v1.0/"
                                                                            data-error="Please input API URL"
-                                                                           value="{{ SETTING.get('azure_oauth_api_url') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_api_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1048,9 +1061,9 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_metadata_url"
                                                                            id="azure_oauth_metadata_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/v2.0/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           value="{{ SETTING.get('azure_oauth_metadata_url') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1058,9 +1071,9 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_token_url"
                                                                            id="azure_oauth_token_url"
-                                                                           placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token"
+                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/token"
                                                                            data-error="Please input Token URL"
-                                                                           value="{{ SETTING.get('azure_oauth_token_url') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1069,9 +1082,9 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_authorize_url"
                                                                            id="azure_oauth_authorize_url"
-                                                                           placeholder="e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize"
+                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           value="{{ SETTING.get('azure_oauth_authorize_url') }}">
+                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1082,15 +1095,15 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
-                                                                                   id="azure_sg_off" value="OFF"
-                                                                                   {% if not SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                                   id="azure_sg_off" value="0"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
-                                                                                   id="azure_sg_on" value="ON"
-                                                                                   {% if SETTING.get('azure_sg_enabled') %}checked{% endif %}>
+                                                                                   id="azure_sg_on" value="1"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1102,7 +1115,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_admin_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
                                                                            data-error="Please input the ID for Admin group"
-                                                                           value="{{ SETTING.get('azure_admin_group') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_admin_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1113,7 +1126,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_operator_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
                                                                            data-error="Please input the ID for Operator group"
-                                                                           value="{{ SETTING.get('azure_operator_group') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_operator_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1122,7 +1135,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            name="azure_user_group" id="azure_user_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
                                                                            data-error="Please input the ID for User group"
-                                                                           value="{{ SETTING.get('azure_user_group') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_user_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1136,8 +1149,8 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                             <input type="radio"
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_off"
-                                                                                   value="OFF"
-                                                                                   {% if not SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                                   value="0"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
@@ -1145,8 +1158,8 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                             <input type="radio"
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_on"
-                                                                                   value="ON"
-                                                                                   {% if SETTING.get('azure_group_accounts_enabled') %}checked{% endif %}>
+                                                                                   value="1"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1160,7 +1173,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_group_accounts_name"
                                                                            placeholder="e.g. displayName"
                                                                            data-error="Please input the Claim for Azure group name"
-                                                                           value="{{ SETTING.get('azure_group_accounts_name') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_name, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1172,7 +1185,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_group_accounts_name_re"
                                                                            placeholder="e.g. (.*)"
                                                                            data-error="Please input the regex for Azure group name"
-                                                                           value="{{ SETTING.get('azure_group_accounts_name_re') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_name_re, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1184,7 +1197,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_group_accounts_description"
                                                                            placeholder="e.g. description. If empty uses whole string"
                                                                            data-error="Please input the Claim for Azure group description"
-                                                                           value="{{ SETTING.get('azure_group_accounts_description') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_description, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1196,7 +1209,7 @@ <h3 class="card-title">Microsoft OAuth Settings</h3>
                                                                            id="azure_group_accounts_description_re"
                                                                            placeholder="e.g. (.*). If empty uses whole string"
                                                                            data-error="Please input the regex for Azure group description"
-                                                                           value="{{ SETTING.get('azure_group_accounts_description_re') }}">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_description_re, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1289,7 +1302,7 @@ <h3 class="card-title">Settings Help</h3>
                                     </div>
                                     <!-- /.tab-pane -->
 
-                                    <div class="tab-pane" id="tabs-oidc">
+                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
                                         <div class="row">
                                             <div class="col-12 col-sm-6 col-lg-4">
                                                 <form role="form" method="post" data-toggle="validator">
@@ -1305,7 +1318,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                 <div class="form-group">
                                                                     <input type="checkbox" id="oidc_oauth_enabled"
                                                                            name="oidc_oauth_enabled" class="checkbox"
-                                                                           {% if SETTING.get('oidc_oauth_enabled') %}checked{% endif %}>
+                                                                           data-bind="checked: oidc_oauth_enabled">
                                                                     <label for="oidc_oauth_enabled">Enable OpenID
                                                                         Connect
                                                                         OAuth</label>
@@ -1316,7 +1329,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_key" id="oidc_oauth_key"
                                                                            placeholder="OIDC OAuth Client ID"
                                                                            data-error="Please input Client ID"
-                                                                           value="{{ SETTING.get('oidc_oauth_key') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_key, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1326,7 +1339,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_secret"
                                                                            placeholder="OIDC OAuth Client Secret"
                                                                            data-error="Please input Client Secret"
-                                                                           value="{{ SETTING.get('oidc_oauth_secret') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_secret, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1335,7 +1348,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_scope" id="oidc_oauth_scope"
                                                                            placeholder="e.g. email"
                                                                            data-error="Please input scope"
-                                                                           value="{{ SETTING.get('oidc_oauth_scope') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_scope, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1345,7 +1358,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_api_url"
                                                                            placeholder="e.g. https://api.oidc.com/user"
                                                                            data-error="Please input API URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_api_url') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_api_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1354,9 +1367,9 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_metadata_url"
                                                                            id="oidc_oauth_metadata_url"
-                                                                           placeholder="e.g. https://oidc.com/login/oauth/.well-known/openid-configuration"
+                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_metadata_url') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1364,9 +1377,9 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_token_url"
                                                                            id="oidc_oauth_token_url"
-                                                                           placeholder="e.g. https://oidc.com/login/oauth/access_token"
+                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/access_token"
                                                                            data-error="Please input Token URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_token_url') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1375,9 +1388,9 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_authorize_url"
                                                                            id="oidc_oauth_authorize_url"
-                                                                           placeholder="e.g. https://oidc.com/login/oauth/authorize"
+                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_authorize_url') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1386,9 +1399,9 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_logout_url"
                                                                            id="oidc_oauth_logout_url"
-                                                                           placeholder="e.g. https://oidc.com/login/oauth/logout"
+                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/logout"
                                                                            data-error="Please input Logout URL"
-                                                                           value="{{ SETTING.get('oidc_oauth_logout_url') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_logout_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1401,7 +1414,16 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_username"
                                                                            placeholder="e.g. preferred_username"
                                                                            data-error="Please input Username claim"
-                                                                           value="{{ SETTING.get('oidc_oauth_username') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_username, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group">
+                                                                    <label for="oidc_oauth_email">Email</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="oidc_oauth_email" id="oidc_oauth_email"
+                                                                           placeholder="e.g. email"
+                                                                           data-error="Please input Email claim"
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_email, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1411,7 +1433,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_firstname"
                                                                            placeholder="e.g. given_name"
                                                                            data-error="Please input First Name claim"
-                                                                           value="{{ SETTING.get('oidc_oauth_firstname') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_firstname, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1421,16 +1443,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_last_name"
                                                                            placeholder="e.g. family_name"
                                                                            data-error="Please input Last Name claim"
-                                                                           value="{{ SETTING.get('oidc_oauth_last_name') }}">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_email">Email</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_email" id="oidc_oauth_email"
-                                                                           placeholder="e.g. email"
-                                                                           data-error="Please input Email claim"
-                                                                           value="{{ SETTING.get('oidc_oauth_email') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_last_name, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1444,7 +1457,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_account_name_property"
                                                                            placeholder="e.g. account_name"
                                                                            data-error="Please input property containing account_name"
-                                                                           value="{{ SETTING.get('oidc_oauth_account_name_property') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_account_name_property, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
@@ -1456,7 +1469,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_account_description_property"
                                                                            placeholder="e.g. account_description"
                                                                            data-error="Please input property containing account_description"
-                                                                           value="{{ SETTING.get('oidc_oauth_account_description_property') }}">
+                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_account_description_property, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1516,8 +1529,18 @@ <h3 class="card-title">Settings Help</h3>
     {%- endassets %}
 
     <script>
+    let CSRF_TOKEN = '{{ csrf_token() }}';
+    </script>
+
+    <script type="text/javascript" src="{{ url_for('static', filename='custom/js/app-authentication-settings-editor.js') }}"></script>
+
+    <script>
+        /*
+         * Old Legacy Code
+         */
+
         function ldapSelection() {
-            if (document.getElementById('ldap').checked) {
+            if (document.getElementById('ldap_type_openldap').checked) {
                 document.getElementById('ldap_openldap_fields').style.display = 'block';
                 document.getElementById('ldap_openldap_group_filters').style.display = 'block';
                 document.getElementById('ldap_ad_fields').style.display = 'none';
@@ -1528,45 +1551,9 @@ <h3 class="card-title">Settings Help</h3>
             }
         }
 
-        window.onload = function () {
-            ldapSelection();
-        }
-
-        $(function () {
-            $('#tabs').tabs({
-                // add url anchor tags
-                activate: function (event, ui) {
-                    window.location.hash = ui.newPanel.attr('id');
-                }
-            });
-            // re-set active tab (ui)
-            var activeTabIdx = $('#tabs').tabs('option', 'active');
-            $('#tabs li:eq(' + activeTabIdx + ')').tab('show')
-        });
-
-        // START: General tab js
-        $('#local_db_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        })
-
-        $('#signup_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        })
-
-        $('#autoprovisioning').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        })
-        // END: General tab js
-
         // START: LDAP tab js
         // update validation requirement when checkbox is togged
-        $('#ldap_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        }).on('ifChanged', function (e) {
+        $('#ldap_enabled').on('ifChanged', function (e) {
             var is_enabled = e.currentTarget.checked;
             if (is_enabled) {
                 $('#ldap_uri').prop('required', true);
@@ -1697,7 +1684,7 @@ <h3 class="card-title">Settings Help</h3>
         });
 
         $("input[name='ldap_type']").change(function () {
-            if ($('#ldap').is(":checked") && $('#ldap_enabled').is(":checked")) {
+            if ($('#ldap_type_openldap').is(":checked") && $('#ldap_enabled').is(":checked")) {
                 $('#ldap_admin_group').prop('required', true);
                 $('#ldap_operator_group').prop('required', true);
                 $('#ldap_user_group').prop('required', true);
@@ -1714,7 +1701,7 @@ <h3 class="card-title">Settings Help</h3>
         {% if SETTING.get('ldap_enabled') %}
             $('#ldap_uri').prop('required', true);
             $('#ldap_base_dn').prop('required', true);
-            if ($('#ldap').is(":checked")) {
+            if ($('#ldap_type_openldap').is(":checked")) {
                 $('#ldap_admin_username').prop('required', true);
                 $('#ldap_admin_password').prop('required', true);
                 $('#ldap_domain').prop('required', false);
@@ -1739,10 +1726,7 @@ <h3 class="card-title">Settings Help</h3>
 
         // START: Google tab js
         // update validation requirement when checkbox is togged
-        $('#google_oauth_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        }).on('ifChanged', function (e) {
+        $('#google_oauth_enabled').on('ifChanged', function (e) {
             var is_enabled = e.currentTarget.checked;
             if (is_enabled) {
                 $('#google_oauth_client_id').prop('required', true);
@@ -1774,10 +1758,7 @@ <h3 class="card-title">Settings Help</h3>
 
         // START: Github tab js
         // update validation requirement when checkbox is togged
-        $('#github_oauth_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        }).on('ifChanged', function (e) {
+        $('#github_oauth_enabled').on('ifChanged', function (e) {
             var is_enabled = e.currentTarget.checked;
             if (is_enabled) {
                 $('#github_oauth_key').prop('required', true);
@@ -1808,10 +1789,7 @@ <h3 class="card-title">Settings Help</h3>
 
         // START: Azure tab js
         // update validation requirement when checkbox is togged
-        $('#azure_oauth_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        }).on('ifChanged', function (e) {
+        $('#azure_oauth_enabled').on('ifChanged', function (e) {
             var is_enabled = e.currentTarget.checked;
             if (is_enabled) {
                 $('#azure_oauth_key').prop('required', true);
@@ -1841,10 +1819,7 @@ <h3 class="card-title">Settings Help</h3>
         // END: Azure tab js
 
         // START: OIDC tab js
-        $('#oidc_oauth_enabled').iCheck({
-            checkboxClass: 'icheckbox_square-blue',
-            increaseArea: '20%'
-        }).on('ifChanged', function (e) {
+        $('#oidc_oauth_enabled').on('ifChanged', function (e) {
             var is_enabled = e.currentTarget.checked;
             if (is_enabled) {
                 $('#oidc_oauth_key').prop('required', true);
diff --git a/yarn.lock b/yarn.lock
index 38a4fcd87..32955dc23 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -42,7 +42,7 @@
   resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4"
   integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA==
 
-"@fortawesome/fontawesome-free@6.3.0":
+"@fortawesome/fontawesome-free@6.3.0", "@fortawesome/fontawesome-free@^5.15.4":
   version "6.3.0"
   resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-free/-/fontawesome-free-6.3.0.tgz#b5877182692a6f7a39d1108837bec24247ba4bd7"
   integrity sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA==
@@ -1081,6 +1081,11 @@ jtimeout@^3.2.0:
   dependencies:
     jquery ">=1.7.1 <4.0.0"
 
+knockout@^3.5.1:
+  version "3.5.1"
+  resolved "https://registry.yarnpkg.com/knockout/-/knockout-3.5.1.tgz#62c81e81843bea2008fd23c575edd9ca978e75cf"
+  integrity sha512-wRJ9I4az0QcsH7A4v4l0enUpkS++MBx0BnL/68KaLzJg7x1qmbjSlwEoCNol7KTYZ+pmtI7Eh2J0Nu6/2Z5J/Q==
+
 levn@~0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee"

From 827da59ae28cd315b4f1373107a8a9396e20d1fa Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sun, 9 Apr 2023 10:26:07 -0400
Subject: [PATCH 406/475] Working on Knockout model integration into existing
 authentication settings editor view.

---
 powerdnsadmin/models/setting.py               |  4 ++
 .../js/app-authentication-settings-editor.js  |  6 +-
 .../admin_setting_authentication.html         | 68 +++++++++++++------
 3 files changed, 55 insertions(+), 23 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 1ef3166b3..80a72c191 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -93,6 +93,7 @@ class Setting(db.Model):
         'google_oauth_client_secret': '',
         'google_oauth_scope': 'openid email profile',
         'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
+        'google_oauth_auto_configure': True,
         'google_oauth_metadata_url': 'https://accounts.google.com/.well-known/openid-configuration',
         'google_token_url': 'https://oauth2.googleapis.com/token',
         'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
@@ -103,6 +104,7 @@ class Setting(db.Model):
         'github_oauth_secret': '',
         'github_oauth_scope': 'email',
         'github_oauth_api_url': 'https://api.github.com/user',
+        'github_oauth_auto_configure': False,
         'github_oauth_metadata_url': '',
         'github_oauth_token_url': 'https://github.com/login/oauth/access_token',
         'github_oauth_authorize_url': 'https://github.com/login/oauth/authorize',
@@ -113,6 +115,7 @@ class Setting(db.Model):
         'azure_oauth_secret': '',
         'azure_oauth_scope': 'User.Read openid email profile',
         'azure_oauth_api_url': 'https://graph.microsoft.com/v1.0/',
+        'azure_oauth_auto_configure': True,
         'azure_oauth_metadata_url': '',
         'azure_oauth_token_url': '',
         'azure_oauth_authorize_url': '',
@@ -132,6 +135,7 @@ class Setting(db.Model):
         'oidc_oauth_secret': '',
         'oidc_oauth_scope': 'email',
         'oidc_oauth_api_url': '',
+        'oidc_oauth_auto_configure': True,
         'oidc_oauth_metadata_url': '',
         'oidc_oauth_token_url': '',
         'oidc_oauth_authorize_url': '',
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index 104b3e99c..db2530e21 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -46,7 +46,7 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         google_oauth_client_secret: '',
         google_oauth_scope: '',
         google_base_url: '',
-        google_oauth_auto_configure: false,
+        google_oauth_auto_configure: true,
         google_oauth_metadata_url: '',
         google_token_url: '',
         google_authorize_url: '',
@@ -68,7 +68,7 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         azure_oauth_secret: '',
         azure_oauth_scope: '',
         azure_oauth_api_url: '',
-        azure_oauth_auto_configure: false,
+        azure_oauth_auto_configure: true,
         azure_oauth_metadata_url: '',
         azure_oauth_token_url: '',
         azure_oauth_authorize_url: '',
@@ -88,7 +88,7 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         oidc_oauth_secret: '',
         oidc_oauth_scope: '',
         oidc_oauth_api_url: '',
-        oidc_oauth_auto_configure: false,
+        oidc_oauth_auto_configure: true,
         oidc_oauth_metadata_url: '',
         oidc_oauth_token_url: '',
         oidc_oauth_authorize_url: '',
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 73d305d54..a20671bf4 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -798,6 +798,13 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
+                                                                    <input type="checkbox" id="google_oauth_auto_configure"
+                                                                           name="google_oauth_auto_configure" class="checkbox"
+                                                                           data-bind="checked: google_oauth_auto_configure">
+                                                                    <label for="google_oauth_auto_configure">Enable Google
+                                                                        OAuth Auto-Configuration</label>
+                                                                </div>
+                                                                <div class="form-group" data-bind="visible: google_oauth_auto_configure">
                                                                     <label for="google_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -805,19 +812,19 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            id="google_oauth_metadata_url"
                                                                            placeholder="e.g. https://accounts.google.com/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: google_oauth_enabled() && google_oauth_auto_configure(), value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: google_oauth_auto_configure">
                                                                     <label for="google_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_token_url" id="google_token_url"
                                                                            placeholder="e.g. https://oauth2.googleapis.com/token"
                                                                            data-error="Please input token URL"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_token_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: google_oauth_auto_configure">
                                                                     <label for="google_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -825,7 +832,7 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            id="google_authorize_url"
                                                                            placeholder="e.g. https://accounts.google.com/o/oauth2/v2/auth"
                                                                            data-error="Please input Authorize URL"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -927,6 +934,13 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
+                                                                    <input type="checkbox" id="github_oauth_auto_configure"
+                                                                           name="github_oauth_auto_configure" class="checkbox"
+                                                                           data-bind="checked: github_oauth_auto_configure">
+                                                                    <label for="github_oauth_auto_configure">Enable GitHub
+                                                                        OAuth Auto-Configuration</label>
+                                                                </div>
+                                                                <div class="form-group" data-bind="visible: github_oauth_auto_configure">
                                                                     <label for="github_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -934,10 +948,10 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_metadata_url"
                                                                            placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
                                                                            data-error="Please input Metadata URL"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: github_oauth_enabled() && github_oauth_auto_configure(), value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: github_oauth_auto_configure">
                                                                     <label for="github_oauth_token_url">Token
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -945,10 +959,10 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_token_url"
                                                                            placeholder="e.g. https://github.com/login/oauth/access_token"
                                                                            data-error="Please input Token URL"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: github_oauth_auto_configure">
                                                                     <label for="github_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -956,7 +970,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            id="github_oauth_authorize_url"
                                                                            placeholder="e.g. https://github.com/login/oauth/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1056,6 +1070,13 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
+                                                                    <input type="checkbox" id="azure_oauth_auto_configure"
+                                                                           name="azure_oauth_auto_configure" class="checkbox"
+                                                                           data-bind="checked: azure_oauth_auto_configure">
+                                                                    <label for="azure_oauth_auto_configure">Enable Azure
+                                                                        OAuth Auto-Configuration</label>
+                                                                </div>
+                                                                <div class="form-group" data-bind="visible: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1063,20 +1084,20 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            id="azure_oauth_metadata_url"
                                                                            placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/v2.0/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: azure_oauth_enabled() && azure_oauth_auto_configure(), value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_token_url"
                                                                            id="azure_oauth_token_url"
                                                                            placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/token"
                                                                            data-error="Please input Token URL"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1084,7 +1105,7 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            id="azure_oauth_authorize_url"
                                                                            placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
@@ -1362,6 +1383,13 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
+                                                                    <input type="checkbox" id="oidc_oauth_auto_configure"
+                                                                           name="oidc_oauth_auto_configure" class="checkbox"
+                                                                           data-bind="checked: oidc_oauth_auto_configure">
+                                                                    <label for="oidc_oauth_auto_configure">Enable OIDC
+                                                                        OAuth Auto-Configuration</label>
+                                                                </div>
+                                                                <div class="form-group" data-bind="visible: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1369,20 +1397,20 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_metadata_url"
                                                                            placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/.well-known/openid-configuration"
                                                                            data-error="Please input Metadata URL"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: oidc_oauth_enabled() && oidc_oauth_auto_configure(), value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_token_url"
                                                                            id="oidc_oauth_token_url"
                                                                            placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/access_token"
                                                                            data-error="Please input Token URL"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group">
+                                                                <div class="form-group" data-bind="hidden: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1390,7 +1418,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            id="oidc_oauth_authorize_url"
                                                                            placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/authorize"
                                                                            data-error="Please input Authorize URL"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                           data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_authorize_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">

From 0912dd2805dba75d2b3cc45bf3ac0f366c60eb36 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 07:39:21 -0400
Subject: [PATCH 407/475] Working on Knockout model integration into existing
 authentication settings editor view.

Settings are now loading via new backend API.
---
 powerdnsadmin/models/setting.py               | 115 ++++++++++++++++++
 powerdnsadmin/routes/admin.py                 |   7 ++
 .../js/app-authentication-settings-editor.js  |  70 ++++++++---
 .../admin_setting_authentication.html         | 108 ++++++++++------
 powerdnsadmin/templates/base.html             |   2 +-
 5 files changed, 244 insertions(+), 58 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 80a72c191..af90bbc4a 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -226,6 +226,103 @@ class Setting(db.Model):
         },
     }
 
+    groups = {
+        'authentication': [
+            # Local Authentication Settings
+            'local_db_enabled',
+            'signup_enabled',
+            'pwd_enforce_characters',
+            'pwd_min_len',
+            'pwd_min_lowercase',
+            'pwd_min_uppercase',
+            'pwd_min_digits',
+            'pwd_min_special',
+            'pwd_enforce_complexity',
+            'pwd_min_complexity',
+
+            # LDAP Authentication Settings
+            'ldap_enabled',
+            'ldap_type',
+            'ldap_uri',
+            'ldap_base_dn',
+            'ldap_admin_username',
+            'ldap_admin_password',
+            'ldap_domain',
+            'ldap_filter_basic',
+            'ldap_filter_username',
+            'ldap_filter_group',
+            'ldap_filter_groupname',
+            'ldap_sg_enabled',
+            'ldap_admin_group',
+            'ldap_operator_group',
+            'ldap_user_group',
+            'autoprovisioning',
+            'autoprovisioning_attribute',
+            'urn_value',
+            'purge',
+
+            # Google OAuth2 Settings
+            'google_oauth_enabled',
+            'google_oauth_client_id',
+            'google_oauth_client_secret',
+            'google_oauth_scope',
+            'google_base_url',
+            'google_oauth_auto_configure',
+            'google_oauth_metadata_url',
+            'google_token_url',
+            'google_authorize_url',
+
+            # GitHub OAuth2 Settings
+            'github_oauth_enabled',
+            'github_oauth_key',
+            'github_oauth_secret',
+            'github_oauth_scope',
+            'github_oauth_api_url',
+            'github_oauth_auto_configure',
+            'github_oauth_metadata_url',
+            'github_oauth_token_url',
+            'github_oauth_authorize_url',
+
+            # Azure OAuth2 Settings
+            'azure_oauth_enabled',
+            'azure_oauth_key',
+            'azure_oauth_secret',
+            'azure_oauth_scope',
+            'azure_oauth_api_url',
+            'azure_oauth_auto_configure',
+            'azure_oauth_metadata_url',
+            'azure_oauth_token_url',
+            'azure_oauth_authorize_url',
+            'azure_sg_enabled',
+            'azure_admin_group',
+            'azure_operator_group',
+            'azure_user_group',
+            'azure_group_accounts_enabled',
+            'azure_group_accounts_name',
+            'azure_group_accounts_name_re',
+            'azure_group_accounts_description',
+            'azure_group_accounts_description_re',
+
+            # OIDC OAuth2 Settings
+            'oidc_oauth_enabled',
+            'oidc_oauth_key',
+            'oidc_oauth_secret',
+            'oidc_oauth_scope',
+            'oidc_oauth_api_url',
+            'oidc_oauth_auto_configure',
+            'oidc_oauth_metadata_url',
+            'oidc_oauth_token_url',
+            'oidc_oauth_authorize_url',
+            'oidc_oauth_logout_url',
+            'oidc_oauth_username',
+            'oidc_oauth_email',
+            'oidc_oauth_firstname',
+            'oidc_oauth_last_name',
+            'oidc_oauth_account_name_property',
+            'oidc_oauth_account_description_property',
+        ]
+    }
+
     def __init__(self, id=None, name=None, value=None):
         self.id = id
         self.name = name
@@ -321,6 +418,24 @@ def get(self, setting):
         else:
             current_app.logger.error('Unknown setting queried: {0}'.format(setting))
 
+    def get_group(self, group):
+        if isinstance(group, str):
+            group = self.groups[group]
+
+        result = {}
+        records = self.query.all()
+
+        for record in records:
+            if record.name in group:
+                value = record.value
+
+                if value in ['True', 'False']:
+                    value = strtobool(value)
+
+                result[record.name] = value
+
+        return result
+
     def get_records_allow_to_edit(self):
         return list(
             set(self.get_forward_records_allow_to_edit() +
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 7ec669d2a..b8bc9f3d9 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1829,6 +1829,13 @@ def setting_authentication():
                                result=result)
 
 
+@admin_bp.route('/setting/authentication/api', methods=['GET', 'POST'])
+@login_required
+@admin_role_required
+def setting_authentication_api():
+    return Setting().get_group('authentication')
+
+
 @admin_bp.route('/templates', methods=['GET', 'POST'])
 @admin_bp.route('/templates/list', methods=['GET', 'POST'])
 @login_required
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index db2530e21..aed515acd 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -1,7 +1,11 @@
 let model;
 
-let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
+let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, selector) {
     let self = this;
+    self.api_url = api_url;
+    self.csrf_token = csrf_token;
+    self.selector = selector;
+    self.loading = false;
 
     let defaults = {
         tab_active: '',
@@ -31,14 +35,14 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         ldap_filter_username: '',
         ldap_filter_group: '',
         ldap_filter_groupname: '',
-        ldap_sg_enabled: false,
+        ldap_sg_enabled: 0,
         ldap_admin_group: '',
         ldap_operator_group: '',
         ldap_user_group: '',
-        autoprovisioning: false,
+        autoprovisioning: 0,
         autoprovisioning_attribute: '',
         urn_value: '',
-        purge: false,
+        purge: 0,
 
         // Google OAuth2 Settings
         google_oauth_enabled: false,
@@ -104,6 +108,7 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
     self.data = {};
 
     self.setupObservables = function () {
+        self.loading = ko.observable(self.loading);
         self.tab_active = ko.observable(self.data.tab_active);
         self.tab_default = ko.observable(self.data.tab_default);
 
@@ -201,6 +206,25 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         self.oidc_oauth_account_description_property = ko.observable(self.data.oidc_oauth_account_description_property);
     }
 
+    self.initTabs = function () {
+        if (self.hasHash()) {
+            self.activateTab(self.getHash());
+        } else {
+            self.activateDefaultTab();
+        }
+    }
+
+    self.loadData = function () {
+        self.loading = true;
+        $.ajax({
+            url: self.api_url,
+            type: 'POST',
+            data: {_csrf_token: csrf_token},
+            dataType: 'json',
+            success: self.onDataLoaded
+        });
+    }
+
     self.updateWithDefaults = function (instance) {
         self.data = $.extend(defaults, instance)
     }
@@ -215,14 +239,6 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         self.activateTab(self.tab_default());
     }
 
-    self.initTabs = function() {
-        if (self.hasHash()) {
-            self.activateTab(self.getHash());
-        } else {
-            self.activateDefaultTab();
-        }
-    }
-
     self.getHash = function () {
         return window.location.hash.substring(1);
     }
@@ -243,6 +259,26 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         }
     }
 
+    self.onDataLoaded = function (data) {
+        self.updateWithDefaults(data);
+        self.setupObservables();
+        self.loading = false;
+
+        let el = null;
+        if (typeof selector !== 'undefined') {
+            el = $(selector)
+        }
+
+        if (el !== null && el.length > 0) {
+            ko.applyBindings(self, el[0]);
+        } else {
+            ko.applyBindings(self);
+        }
+
+        self.initTabs();
+        self.setupListeners();
+    }
+
     self.onTabClick = function (model, event) {
         self.activateTab($(event.target).data('tab'));
         return false;
@@ -257,17 +293,11 @@ let AuthenticationSettingsModel = function (user_data, csrf_token, selector) {
         }
     }
 
-    self.updateWithDefaults(user_data);
-    self.setupObservables();
-
-    ko.applyBindings(self);
-
-    self.initTabs();
-    self.setupListeners();
+    self.loadData();
 }
 
 $(function () {
     // TODO: Load the data from the server and pass it to the model instantiation
     loaded_data = {};
-    model = new AuthenticationSettingsModel(loaded_data, CSRF_TOKEN, '#settings-editor');
+    model = new AuthenticationSettingsModel(loaded_data, API_URL, CSRF_TOKEN, '#settings-editor');
 })
\ No newline at end of file
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index a20671bf4..8a91666b3 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -12,6 +12,7 @@ <h1 class="m-0 text-dark">Authentication Settings</h1>
                 <div class="col-sm-6">
                     <ol class="breadcrumb float-sm-right">
                         <li class="breadcrumb-item"><a href="{{ url_for('dashboard.dashboard') }}">Home</a></li>
+                        <li class="breadcrumb-item">Settings</li>
                         <li class="breadcrumb-item active">Authentication Settings</li>
                     </ol>
                 </div>
@@ -31,6 +32,12 @@ <h3 class="card-title">Settings Editor</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
+                            <div class="overlay-wrapper" data-bind="visible: loading">
+                                <div class="overlay">
+                                    <i class="fas fa-3x fa-sync-alt fa-spin"></i>
+                                    <div class="text-bold pt-2 pl-2">Loading settings...</div>
+                                </div>
+                            </div>
                             {% if result %}
                                 <div
                                     class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif %} alert-dismissible">
@@ -351,7 +358,8 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div id="ldap_openldap_fields">
-                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ldap'">
+                                                                    <div class="form-group"
+                                                                         data-bind="visible: ldap_type() == 'ldap'">
                                                                         <label for="ldap_admin_username">LDAP admin
                                                                             username</label>
                                                                         <input type="text" class="form-control"
@@ -362,7 +370,8 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                                data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_username, valueUpdate: 'afterkeydown'">
                                                                         <span class="help-block with-errors"></span>
                                                                     </div>
-                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ldap'">
+                                                                    <div class="form-group"
+                                                                         data-bind="visible: ldap_type() == 'ldap'">
                                                                         <label for="ldap_admin_password">LDAP admin
                                                                             password</label>
                                                                         <input type="password" class="form-control"
@@ -375,7 +384,8 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     </div>
                                                                 </div>
                                                                 <div id="ldap_ad_fields">
-                                                                    <div class="form-group" data-bind="visible: ldap_type() == 'ad'">
+                                                                    <div class="form-group"
+                                                                         data-bind="visible: ldap_type() == 'ad'">
                                                                         <label for="ldap_domain">Active Directory
                                                                             domain</label>
                                                                         <input type="text" class="form-control"
@@ -443,14 +453,14 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
                                                                                    id="ldap_sg_off" value="0"
-                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: false">
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: 0">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
                                                                                    id="ldap_sg_on" value="1"
-                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: true">
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: 1">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -493,14 +503,14 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
                                                                                    id="autoprovisioning_off" value="0"
-                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: false">
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: 0">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
                                                                                    id="autoprovisioning_on" value="1"
-                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: true">
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: 1">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -538,7 +548,7 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_off"
                                                                                    value="0"
-                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: false">
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: 0">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
@@ -546,7 +556,7 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_on"
                                                                                    value="1"
-                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: true">
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: 1">
                                                                             ON
                                                                     </div>
                                                                 </div>
@@ -798,13 +808,17 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <input type="checkbox" id="google_oauth_auto_configure"
-                                                                           name="google_oauth_auto_configure" class="checkbox"
+                                                                    <input type="checkbox"
+                                                                           id="google_oauth_auto_configure"
+                                                                           name="google_oauth_auto_configure"
+                                                                           class="checkbox"
                                                                            data-bind="checked: google_oauth_auto_configure">
-                                                                    <label for="google_oauth_auto_configure">Enable Google
+                                                                    <label for="google_oauth_auto_configure">Enable
+                                                                        Google
                                                                         OAuth Auto-Configuration</label>
                                                                 </div>
-                                                                <div class="form-group" data-bind="visible: google_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="visible: google_oauth_auto_configure">
                                                                     <label for="google_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -815,7 +829,8 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            data-bind="enable: google_oauth_enabled() && google_oauth_auto_configure(), value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: google_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: google_oauth_auto_configure">
                                                                     <label for="google_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="google_token_url" id="google_token_url"
@@ -824,7 +839,8 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                            data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: google_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: google_oauth_auto_configure">
                                                                     <label for="google_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -934,13 +950,17 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <input type="checkbox" id="github_oauth_auto_configure"
-                                                                           name="github_oauth_auto_configure" class="checkbox"
+                                                                    <input type="checkbox"
+                                                                           id="github_oauth_auto_configure"
+                                                                           name="github_oauth_auto_configure"
+                                                                           class="checkbox"
                                                                            data-bind="checked: github_oauth_auto_configure">
-                                                                    <label for="github_oauth_auto_configure">Enable GitHub
+                                                                    <label for="github_oauth_auto_configure">Enable
+                                                                        GitHub
                                                                         OAuth Auto-Configuration</label>
                                                                 </div>
-                                                                <div class="form-group" data-bind="visible: github_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="visible: github_oauth_auto_configure">
                                                                     <label for="github_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -951,7 +971,8 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            data-bind="enable: github_oauth_enabled() && github_oauth_auto_configure(), value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: github_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: github_oauth_auto_configure">
                                                                     <label for="github_oauth_token_url">Token
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -962,7 +983,8 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                            data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: github_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: github_oauth_auto_configure">
                                                                     <label for="github_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1070,13 +1092,16 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <input type="checkbox" id="azure_oauth_auto_configure"
-                                                                           name="azure_oauth_auto_configure" class="checkbox"
+                                                                    <input type="checkbox"
+                                                                           id="azure_oauth_auto_configure"
+                                                                           name="azure_oauth_auto_configure"
+                                                                           class="checkbox"
                                                                            data-bind="checked: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_auto_configure">Enable Azure
                                                                         OAuth Auto-Configuration</label>
                                                                 </div>
-                                                                <div class="form-group" data-bind="visible: azure_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="visible: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1087,7 +1112,8 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            data-bind="enable: azure_oauth_enabled() && azure_oauth_auto_configure(), value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: azure_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_oauth_token_url"
@@ -1097,7 +1123,8 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: azure_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: azure_oauth_auto_configure">
                                                                     <label for="azure_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1117,14 +1144,14 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
                                                                                    id="azure_sg_off" value="0"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: false">
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: 0">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
                                                                                    id="azure_sg_on" value="1"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: true">
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: 1">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1171,7 +1198,7 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_off"
                                                                                    value="0"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: false">
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: 0">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
@@ -1180,7 +1207,7 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_on"
                                                                                    value="1"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: true">
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: 1">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1383,13 +1410,16 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
                                                                 <div class="form-group">
-                                                                    <input type="checkbox" id="oidc_oauth_auto_configure"
-                                                                           name="oidc_oauth_auto_configure" class="checkbox"
+                                                                    <input type="checkbox"
+                                                                           id="oidc_oauth_auto_configure"
+                                                                           name="oidc_oauth_auto_configure"
+                                                                           class="checkbox"
                                                                            data-bind="checked: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_auto_configure">Enable OIDC
                                                                         OAuth Auto-Configuration</label>
                                                                 </div>
-                                                                <div class="form-group" data-bind="visible: oidc_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="visible: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_metadata_url">Metadata
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1400,7 +1430,8 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            data-bind="enable: oidc_oauth_enabled() && oidc_oauth_auto_configure(), value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: oidc_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_token_url">Token URL</label>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_token_url"
@@ -1410,7 +1441,8 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div class="form-group" data-bind="hidden: oidc_oauth_auto_configure">
+                                                                <div class="form-group"
+                                                                     data-bind="hidden: oidc_oauth_auto_configure">
                                                                     <label for="oidc_oauth_authorize_url">Authorize
                                                                         URL</label>
                                                                     <input type="text" class="form-control"
@@ -1557,10 +1589,12 @@ <h3 class="card-title">Settings Help</h3>
     {%- endassets %}
 
     <script>
-    let CSRF_TOKEN = '{{ csrf_token() }}';
+        let API_URL = '{{ url_for('admin.setting_authentication_api') }}';
+        let CSRF_TOKEN = '{{ csrf_token() }}';
     </script>
 
-    <script type="text/javascript" src="{{ url_for('static', filename='custom/js/app-authentication-settings-editor.js') }}"></script>
+    <script type="text/javascript"
+            src="{{ url_for('static', filename='custom/js/app-authentication-settings-editor.js') }}"></script>
 
     <script>
         /*
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index 408f4be49..c8708e809 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -228,7 +228,7 @@ <h1 class="m-0 text-dark">
     <footer class="main-footer">
         <strong><a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></strong> - A PowerDNS web
         interface with advanced features.
-        <span class="float-right">Version 0.4.0</span>
+        <span class="float-right">Version 0.4.1</span>
     </footer>
 </div>
 <!-- ./wrapper -->

From 022e780d77cb7fdbe1c9f3c96536b788516c0f1b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 12:49:12 -0400
Subject: [PATCH 408/475] Working on authentication editor data saving
 workflow.

---
 powerdnsadmin/routes/admin.py                 |  13 +-
 .../js/app-authentication-settings-editor.js  | 208 +++++++-----------
 .../admin_setting_authentication.html         |  68 ++----
 3 files changed, 105 insertions(+), 184 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index b8bc9f3d9..c7f9e105e 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1829,11 +1829,20 @@ def setting_authentication():
                                result=result)
 
 
-@admin_bp.route('/setting/authentication/api', methods=['GET', 'POST'])
+@admin_bp.route('/setting/authentication/api', methods=['POST'])
 @login_required
 @admin_role_required
 def setting_authentication_api():
-    return Setting().get_group('authentication')
+    result = {'status': 1, 'messages': [], 'data': {}}
+
+    if request.form.get('commit') == '1':
+        result['messages'].append('Saved successfully.')
+    else:
+        result['messages'].append('Loaded successfully.')
+
+    result['data'] = Setting().get_group('authentication')
+
+    return result
 
 
 @admin_bp.route('/templates', methods=['GET', 'POST'])
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index aed515acd..220c2178d 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -1,16 +1,14 @@
-let model;
-
 let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, selector) {
     let self = this;
     self.api_url = api_url;
     self.csrf_token = csrf_token;
     self.selector = selector;
     self.loading = false;
+    self.saving = false;
+    self.tab_active = '';
+    self.tab_default = 'local';
 
     let defaults = {
-        tab_active: '',
-        tab_default: 'local',
-
         // Local Authentication Settings
         local_db_enabled: true,
         signup_enabled: true,
@@ -104,118 +102,40 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         oidc_oauth_account_name_property: '',
         oidc_oauth_account_description_property: '',
     }
-
-    self.data = {};
-
-    self.setupObservables = function () {
+    
+    self.init = function (autoload) {
         self.loading = ko.observable(self.loading);
-        self.tab_active = ko.observable(self.data.tab_active);
-        self.tab_default = ko.observable(self.data.tab_default);
-
-        // Local Authentication Settings
-        self.local_db_enabled = ko.observable(self.data.local_db_enabled);
-        self.signup_enabled = ko.observable(self.data.signup_enabled);
-        self.pwd_enforce_characters = ko.observable(self.data.pwd_enforce_characters);
-        self.pwd_min_len = ko.observable(self.data.pwd_min_len);
-        self.pwd_min_lowercase = ko.observable(self.data.pwd_min_lowercase);
-        self.pwd_min_uppercase = ko.observable(self.data.pwd_min_uppercase);
-        self.pwd_min_digits = ko.observable(self.data.pwd_min_digits);
-        self.pwd_min_special = ko.observable(self.data.pwd_min_special);
-        self.pwd_enforce_complexity = ko.observable(self.data.pwd_enforce_complexity);
-        self.pwd_min_complexity = ko.observable(self.data.pwd_min_complexity);
-
-        // LDAP Authentication Settings
-        self.ldap_enabled = ko.observable(self.data.ldap_enabled);
-        self.ldap_type = ko.observable(self.data.ldap_type);
-        self.ldap_uri = ko.observable(self.data.ldap_uri);
-        self.ldap_base_dn = ko.observable(self.data.ldap_base_dn);
-        self.ldap_admin_username = ko.observable(self.data.ldap_admin_username);
-        self.ldap_admin_password = ko.observable(self.data.ldap_admin_password);
-        self.ldap_domain = ko.observable(self.data.ldap_domain);
-        self.ldap_filter_basic = ko.observable(self.data.ldap_filter_basic);
-        self.ldap_filter_username = ko.observable(self.data.ldap_filter_username);
-        self.ldap_filter_group = ko.observable(self.data.ldap_filter_group);
-        self.ldap_filter_groupname = ko.observable(self.data.ldap_filter_groupname);
-        self.ldap_sg_enabled = ko.observable(self.data.ldap_sg_enabled);
-        self.ldap_admin_group = ko.observable(self.data.ldap_admin_group);
-        self.ldap_operator_group = ko.observable(self.data.ldap_operator_group);
-        self.ldap_user_group = ko.observable(self.data.ldap_user_group);
-        self.autoprovisioning = ko.observable(self.data.autoprovisioning);
-        self.autoprovisioning_attribute = ko.observable(self.data.autoprovisioning_attribute);
-        self.urn_value = ko.observable(self.data.urn_value);
-        self.purge = ko.observable(self.data.purge);
+        self.saving = ko.observable(self.saving);
+        self.tab_active = ko.observable(self.tab_active);
+        self.tab_default = ko.observable(self.tab_default);
+        self.update(user_data);
 
-        // Google OAuth2 Settings
-        self.google_oauth_enabled = ko.observable(self.data.google_oauth_enabled);
-        self.google_oauth_client_id = ko.observable(self.data.google_oauth_client_id);
-        self.google_oauth_client_secret = ko.observable(self.data.google_oauth_client_secret);
-        self.google_oauth_scope = ko.observable(self.data.google_oauth_scope);
-        self.google_base_url = ko.observable(self.data.google_base_url);
-        self.google_oauth_auto_configure = ko.observable(self.data.google_oauth_auto_configure);
-        self.google_oauth_metadata_url = ko.observable(self.data.google_oauth_metadata_url);
-        self.google_token_url = ko.observable(self.data.google_token_url);
-        self.google_authorize_url = ko.observable(self.data.google_authorize_url);
-
-        // GitHub OAuth2 Settings
-        self.github_oauth_enabled = ko.observable(self.data.github_oauth_enabled);
-        self.github_oauth_key = ko.observable(self.data.github_oauth_key);
-        self.github_oauth_secret = ko.observable(self.data.github_oauth_secret);
-        self.github_oauth_scope = ko.observable(self.data.github_oauth_scope);
-        self.github_oauth_api_url = ko.observable(self.data.github_oauth_api_url);
-        self.github_oauth_auto_configure = ko.observable(self.data.github_oauth_auto_configure);
-        self.github_oauth_metadata_url = ko.observable(self.data.github_oauth_metadata_url);
-        self.github_oauth_token_url = ko.observable(self.data.github_oauth_token_url);
-        self.github_oauth_authorize_url = ko.observable(self.data.github_oauth_authorize_url);
-
-        // Azure AD OAuth2 Settings
-        self.azure_oauth_enabled = ko.observable(self.data.azure_oauth_enabled);
-        self.azure_oauth_key = ko.observable(self.data.azure_oauth_key);
-        self.azure_oauth_secret = ko.observable(self.data.azure_oauth_secret);
-        self.azure_oauth_scope = ko.observable(self.data.azure_oauth_scope);
-        self.azure_oauth_api_url = ko.observable(self.data.azure_oauth_api_url);
-        self.azure_oauth_auto_configure = ko.observable(self.data.azure_oauth_auto_configure);
-        self.azure_oauth_metadata_url = ko.observable(self.data.azure_oauth_metadata_url);
-        self.azure_oauth_token_url = ko.observable(self.data.azure_oauth_token_url);
-        self.azure_oauth_authorize_url = ko.observable(self.data.azure_oauth_authorize_url);
-        self.azure_sg_enabled = ko.observable(self.data.azure_sg_enabled);
-        self.azure_admin_group = ko.observable(self.data.azure_admin_group);
-        self.azure_operator_group = ko.observable(self.data.azure_operator_group);
-        self.azure_user_group = ko.observable(self.data.azure_user_group);
-        self.azure_group_accounts_enabled = ko.observable(self.data.azure_group_accounts_enabled);
-        self.azure_group_accounts_name = ko.observable(self.data.azure_group_accounts_name);
-        self.azure_group_accounts_name_re = ko.observable(self.data.azure_group_accounts_name_re);
-        self.azure_group_accounts_description = ko.observable(self.data.azure_group_accounts_description);
-        self.azure_group_accounts_description_re = ko.observable(self.data.azure_group_accounts_description_re);
+        let el = null;
+        if (typeof selector !== 'undefined') {
+            el = $(selector)
+        }
 
-        // OIDC OAuth2 Settings
-        self.oidc_oauth_enabled = ko.observable(self.data.oidc_oauth_enabled);
-        self.oidc_oauth_key = ko.observable(self.data.oidc_oauth_key);
-        self.oidc_oauth_secret = ko.observable(self.data.oidc_oauth_secret);
-        self.oidc_oauth_scope = ko.observable(self.data.oidc_oauth_scope);
-        self.oidc_oauth_api_url = ko.observable(self.data.oidc_oauth_api_url);
-        self.oidc_oauth_auto_configure = ko.observable(self.data.oidc_oauth_auto_configure);
-        self.oidc_oauth_metadata_url = ko.observable(self.data.oidc_oauth_metadata_url);
-        self.oidc_oauth_token_url = ko.observable(self.data.oidc_oauth_token_url);
-        self.oidc_oauth_authorize_url = ko.observable(self.data.oidc_oauth_authorize_url);
-        self.oidc_oauth_logout_url = ko.observable(self.data.oidc_oauth_logout_url);
-        self.oidc_oauth_username = ko.observable(self.data.oidc_oauth_username);
-        self.oidc_oauth_email = ko.observable(self.data.oidc_oauth_email);
-        self.oidc_oauth_firstname = ko.observable(self.data.oidc_oauth_firstname);
-        self.oidc_oauth_last_name = ko.observable(self.data.oidc_oauth_last_name);
-        self.oidc_oauth_account_name_property = ko.observable(self.data.oidc_oauth_account_name_property);
-        self.oidc_oauth_account_description_property = ko.observable(self.data.oidc_oauth_account_description_property);
-    }
+        if (el !== null && el.length > 0) {
+            ko.applyBindings(self, el[0]);
+        } else {
+            ko.applyBindings(self);
+        }
 
-    self.initTabs = function () {
         if (self.hasHash()) {
             self.activateTab(self.getHash());
         } else {
             self.activateDefaultTab();
         }
+
+        self.setupListeners();
+
+        if (autoload) {
+            self.load();
+        }
     }
 
-    self.loadData = function () {
-        self.loading = true;
+    self.load = function () {
+        self.loading(true);
         $.ajax({
             url: self.api_url,
             type: 'POST',
@@ -225,8 +145,25 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         });
     }
 
-    self.updateWithDefaults = function (instance) {
-        self.data = $.extend(defaults, instance)
+    self.save = function () {
+        self.saving(true);
+        $.ajax({
+            url: self.api_url,
+            type: 'POST',
+            data: {_csrf_token: csrf_token, commit: 1, data: JSON.parse(ko.toJSON(self))},
+            dataType: 'json',
+            success: self.onDataSaved
+        });
+    }
+
+    self.update = function (instance) {
+        for (const [key, value] of Object.entries($.extend(defaults, instance))) {
+            if (ko.isObservable(self[key])) {
+                self[key](value);
+            } else {
+                self[key] = ko.observable(value);
+            }
+        }
     }
 
     self.activateTab = function (tab) {
@@ -259,29 +196,32 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         }
     }
 
-    self.onDataLoaded = function (data) {
-        self.updateWithDefaults(data);
-        self.setupObservables();
-        self.loading = false;
-
-        let el = null;
-        if (typeof selector !== 'undefined') {
-            el = $(selector)
+    self.onDataLoaded = function (result) {
+        if (result.status == 0) {
+            console.log('Error loading settings: ' + result.messages.join(', '));
+            self.loading(false);
+            return false;
         }
 
-        if (el !== null && el.length > 0) {
-            ko.applyBindings(self, el[0]);
-        } else {
-            ko.applyBindings(self);
-        }
+        self.update(result.data);
 
-        self.initTabs();
-        self.setupListeners();
+        console.log('Settings loaded: ' + result.messages.join(', '));
+
+        self.loading(false);
     }
 
-    self.onTabClick = function (model, event) {
-        self.activateTab($(event.target).data('tab'));
-        return false;
+    self.onDataSaved = function (result) {
+        if (result.status == 0) {
+            console.log('Error saving settings: ' + result.messages.join(', '));
+            self.saving(false);
+            return false;
+        }
+
+        self.update(result.data);
+
+        console.log('Settings saved: ' + result.messages.join(', '));
+
+        self.saving(false);
     }
 
     self.onHashChange = function (event) {
@@ -293,11 +233,13 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         }
     }
 
-    self.loadData();
-}
+    self.onSaveClick = function (model, event) {
+        self.save();
+        return false;
+    }
 
-$(function () {
-    // TODO: Load the data from the server and pass it to the model instantiation
-    loaded_data = {};
-    model = new AuthenticationSettingsModel(loaded_data, API_URL, CSRF_TOKEN, '#settings-editor');
-})
\ No newline at end of file
+    self.onTabClick = function (model, event) {
+        self.activateTab($(event.target).data('tab'));
+        return false;
+    }
+}
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 8a91666b3..bdd026f77 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -32,10 +32,10 @@ <h3 class="card-title">Settings Editor</h3>
                         </div>
                         <!-- /.card-header -->
                         <div class="card-body">
-                            <div class="overlay-wrapper" data-bind="visible: loading">
+                            <div class="overlay-wrapper" data-bind="visible: loading() || saving()">
                                 <div class="overlay">
                                     <i class="fas fa-3x fa-sync-alt fa-spin"></i>
-                                    <div class="text-bold pt-2 pl-2">Loading settings...</div>
+                                    <div class="text-bold pt-2 pl-2" data-bind="text: (loading() ? 'Loading' : 'Saving') + ' settings...'"></div>
                                 </div>
                             </div>
                             {% if result %}
@@ -188,13 +188,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -558,18 +551,12 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                                    value="1"
                                                                                    data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: 1">
                                                                             ON
+                                                                        </label>
                                                                     </div>
                                                                 </div>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -854,13 +841,6 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -998,13 +978,6 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -1263,13 +1236,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -1535,13 +1501,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
-                                                        <div class="card-footer">
-                                                            <button type="submit" class="btn btn-primary"
-                                                                    title="Save Settings">
-                                                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                                                            </button>
-                                                        </div>
-                                                        <!-- /.card-footer -->
                                                     </div>
                                                     <!-- /.card -->
                                                 </form>
@@ -1572,6 +1531,13 @@ <h3 class="card-title">Settings Help</h3>
                             <!-- /.nav-tabs-custom -->
                         </div>
                         <!-- /.card-body -->
+                        <div class="card-footer">
+                            <button type="button" class="btn btn-primary"
+                                    title="Save Settings" data-bind="click: onSaveClick">
+                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                            </button>
+                        </div>
+                        <!-- /.card-footer -->
                     </div>
                     <!-- /.card -->
                 </div>
@@ -1588,14 +1554,18 @@ <h3 class="card-title">Settings Help</h3>
         <script type="text/javascript" src="{{ ASSET_URL }}"></script>
     {%- endassets %}
 
-    <script>
-        let API_URL = '{{ url_for('admin.setting_authentication_api') }}';
-        let CSRF_TOKEN = '{{ csrf_token() }}';
-    </script>
-
     <script type="text/javascript"
             src="{{ url_for('static', filename='custom/js/app-authentication-settings-editor.js') }}"></script>
 
+    <script>
+        $(function () {
+            let API_URL = '{{ url_for('admin.setting_authentication_api') }}';
+            let CSRF_TOKEN = '{{ csrf_token() }}';
+            let model = new AuthenticationSettingsModel({}, API_URL, CSRF_TOKEN, '#settings-editor');
+            model.init(true);
+        })
+    </script>
+
     <script>
         /*
          * Old Legacy Code

From 2e30b8354595680c0485d43c6f4ad6d11cc774fe Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 13:06:06 -0400
Subject: [PATCH 409/475] Added jQuery Validation 1.19.5 to the project NPM
 configuration as well as the Flask assets build script for `js_main`.

---
 package.json            | 1 +
 powerdnsadmin/assets.py | 1 +
 yarn.lock               | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 3aaac1d63..1ceb82efa 100644
--- a/package.json
+++ b/package.json
@@ -11,6 +11,7 @@
     "jquery-sparkline": "^2.4.0",
     "jquery-ui-dist": "^1.13.2",
     "jquery.quicksearch": "^2.4.0",
+    "jquery-validation": "^1.19.5",
     "jtimeout": "^3.2.0",
     "knockout": "^3.5.1",
     "multiselect": "^0.9.12"
diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 8f9192f64..2674bee5f 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -48,6 +48,7 @@ def concat(self, out, hunks, **kw):
     'node_modules/datatables.net-bs4/js/dataTables.bootstrap4.js',
     'node_modules/jquery-sparkline/jquery.sparkline.js',
     'node_modules/jquery-slimscroll/jquery.slimscroll.js',
+    'node_modules/jquery-validation/dist/jquery.validate.js',
     'node_modules/icheck/icheck.js',
     'node_modules/fastclick/lib/fastclick.js',
     'node_modules/moment/moment.js',
diff --git a/yarn.lock b/yarn.lock
index 32955dc23..6420088f4 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1026,7 +1026,7 @@ jquery-ui-dist@^1.13.0, jquery-ui-dist@^1.13.2:
   dependencies:
     jquery ">=1.8.0 <4.0.0"
 
-jquery-validation@^1.19.3:
+jquery-validation@^1.19.3, jquery-validation@^1.19.5:
   version "1.19.5"
   resolved "https://registry.yarnpkg.com/jquery-validation/-/jquery-validation-1.19.5.tgz#557495b7cad79716897057c4447ad3cd76fda811"
   integrity sha512-X2SmnPq1mRiDecVYL8edWx+yTBZDyC8ohWXFhXdtqFHgU9Wd4KHkvcbCoIZ0JaSaumzS8s2gXSkP8F7ivg/8ZQ==

From 6a19ed2903f1775ddb9e6a510d42f553550002a4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 13:24:42 -0400
Subject: [PATCH 410/475] Completed basic handling of authentication settings
 save process to the database.

---
 powerdnsadmin/models/setting.py               |  4 +++
 powerdnsadmin/routes/admin.py                 |  9 ++++--
 .../js/app-authentication-settings-editor.js  | 32 +++++++++----------
 3 files changed, 26 insertions(+), 19 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index af90bbc4a..bd6265a55 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -431,6 +431,10 @@ def get_group(self, group):
 
                 if value in ['True', 'False']:
                     value = strtobool(value)
+                elif value.isdecimal() and '.' in value:
+                    value = float(value)
+                elif value.isnumeric():
+                    value = int(value)
 
                 result[record.name] = value
 
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index c7f9e105e..05b188d0e 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1836,9 +1836,12 @@ def setting_authentication_api():
     result = {'status': 1, 'messages': [], 'data': {}}
 
     if request.form.get('commit') == '1':
-        result['messages'].append('Saved successfully.')
-    else:
-        result['messages'].append('Loaded successfully.')
+        model = Setting()
+        data = json.loads(request.form.get('data'))
+
+        for key, value in data.items():
+            if key in model.groups['authentication']:
+                model.set(key, value)
 
     result['data'] = Setting().get_group('authentication')
 
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index 220c2178d..db6b1dccd 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -10,19 +10,19 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
 
     let defaults = {
         // Local Authentication Settings
-        local_db_enabled: true,
-        signup_enabled: true,
-        pwd_enforce_characters: false,
+        local_db_enabled: 1,
+        signup_enabled: 1,
+        pwd_enforce_characters: 0,
         pwd_min_len: 10,
         pwd_min_lowercase: 3,
         pwd_min_uppercase: 2,
         pwd_min_digits: 2,
         pwd_min_special: 1,
-        pwd_enforce_complexity: false,
+        pwd_enforce_complexity: 0,
         pwd_min_complexity: 11,
 
         // LDAP Authentication Settings
-        ldap_enabled: false,
+        ldap_enabled: 0,
         ldap_type: 'ldap',
         ldap_uri: '',
         ldap_base_dn: '',
@@ -43,54 +43,54 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         purge: 0,
 
         // Google OAuth2 Settings
-        google_oauth_enabled: false,
+        google_oauth_enabled: 0,
         google_oauth_client_id: '',
         google_oauth_client_secret: '',
         google_oauth_scope: '',
         google_base_url: '',
-        google_oauth_auto_configure: true,
+        google_oauth_auto_configure: 1,
         google_oauth_metadata_url: '',
         google_token_url: '',
         google_authorize_url: '',
 
         // GitHub OAuth2 Settings
-        github_oauth_enabled: false,
+        github_oauth_enabled: 0,
         github_oauth_key: '',
         github_oauth_secret: '',
         github_oauth_scope: '',
         github_oauth_api_url: '',
-        github_oauth_auto_configure: false,
+        github_oauth_auto_configure: 0,
         github_oauth_metadata_url: '',
         github_oauth_token_url: '',
         github_oauth_authorize_url: '',
 
         // Azure AD OAuth2 Settings
-        azure_oauth_enabled: false,
+        azure_oauth_enabled: 0,
         azure_oauth_key: '',
         azure_oauth_secret: '',
         azure_oauth_scope: '',
         azure_oauth_api_url: '',
-        azure_oauth_auto_configure: true,
+        azure_oauth_auto_configure: 1,
         azure_oauth_metadata_url: '',
         azure_oauth_token_url: '',
         azure_oauth_authorize_url: '',
-        azure_sg_enabled: false,
+        azure_sg_enabled: 0,
         azure_admin_group: '',
         azure_operator_group: '',
         azure_user_group: '',
-        azure_group_accounts_enabled: false,
+        azure_group_accounts_enabled: 0,
         azure_group_accounts_name: '',
         azure_group_accounts_name_re: '',
         azure_group_accounts_description: '',
         azure_group_accounts_description_re: '',
 
         // OIDC OAuth2 Settings
-        oidc_oauth_enabled: false,
+        oidc_oauth_enabled: 0,
         oidc_oauth_key: '',
         oidc_oauth_secret: '',
         oidc_oauth_scope: '',
         oidc_oauth_api_url: '',
-        oidc_oauth_auto_configure: true,
+        oidc_oauth_auto_configure: 1,
         oidc_oauth_metadata_url: '',
         oidc_oauth_token_url: '',
         oidc_oauth_authorize_url: '',
@@ -150,7 +150,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         $.ajax({
             url: self.api_url,
             type: 'POST',
-            data: {_csrf_token: csrf_token, commit: 1, data: JSON.parse(ko.toJSON(self))},
+            data: {_csrf_token: csrf_token, commit: 1, data: ko.toJSON(self)},
             dataType: 'json',
             success: self.onDataSaved
         });

From a4b6fba2beff6617571169edd5aa16be4dcbd755 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 16:35:02 -0400
Subject: [PATCH 411/475] Working on implementing the jQuery Validation plugin
 for the authentication settings editor.

---
 .../js/app-authentication-settings-editor.js  |  304 ++-
 .../admin_setting_authentication.html         | 2221 +++++++----------
 2 files changed, 1216 insertions(+), 1309 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index db6b1dccd..72d154278 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -1,5 +1,6 @@
 let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, selector) {
     let self = this;
+    let target = null;
     self.api_url = api_url;
     self.csrf_token = csrf_token;
     self.selector = selector;
@@ -102,7 +103,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         oidc_oauth_account_name_property: '',
         oidc_oauth_account_description_property: '',
     }
-    
+
     self.init = function (autoload) {
         self.loading = ko.observable(self.loading);
         self.saving = ko.observable(self.saving);
@@ -116,6 +117,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         }
 
         if (el !== null && el.length > 0) {
+            target = el;
             ko.applyBindings(self, el[0]);
         } else {
             ko.applyBindings(self);
@@ -128,6 +130,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         }
 
         self.setupListeners();
+        self.setupValidation();
 
         if (autoload) {
             self.load();
@@ -146,6 +149,9 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
     }
 
     self.save = function () {
+        if (!target.valid()) {
+            return false;
+        }
         self.saving(true);
         $.ajax({
             url: self.api_url,
@@ -166,6 +172,252 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         }
     }
 
+    self.setupListeners = function () {
+        if ('onhashchange' in window) {
+            $(window).bind('hashchange', self.onHashChange);
+        }
+    }
+
+    self.destroyListeners = function () {
+        if ('onhashchange' in window) {
+            $(window).unbind('hashchange', self.onHashChange);
+        }
+    }
+
+    self.setupValidation = function () {
+        let auth_enabled = function (value, element, params) {
+            let enabled = 0;
+            if (self.local_db_enabled()) {
+                enabled++;
+            }
+            if (self.ldap_enabled()) {
+                enabled++;
+            }
+            if (self.google_oauth_enabled()) {
+                enabled++;
+            }
+            if (self.github_oauth_enabled()) {
+                enabled++;
+            }
+            if (self.azure_oauth_enabled()) {
+                enabled++;
+            }
+            if (self.oidc_oauth_enabled()) {
+                enabled++;
+            }
+            return enabled > 0;
+        };
+
+        let ldap_exclusive = function (value, element, params) {
+            let enabled = 0;
+            if (self.ldap_sg_enabled() === 1) {
+                enabled++;
+            }
+            if (self.autoprovisioning() === 1) {
+                enabled++;
+            }
+            return enabled < 2;
+        }
+
+        let local_enabled = function (element) {
+            return self.local_db_enabled();
+        };
+
+        let ldap_enabled = function (element) {
+            return self.ldap_enabled();
+        };
+
+        let google_oauth_enabled = function (element) {
+            return self.google_oauth_enabled();
+        };
+
+        let github_oauth_enabled = function (element) {
+            return self.github_oauth_enabled();
+        };
+
+        let azure_oauth_enabled = function (element) {
+            return self.azure_oauth_enabled();
+        };
+
+        let oidc_oauth_enabled = function (element) {
+            return self.oidc_oauth_enabled();
+        };
+
+        let enforce_characters = function (element) {
+            return self.local_db_enabled() === 1 && self.pwd_enforce_characters() === 1;
+        };
+
+        let enforce_complexity = function (element) {
+            return self.local_db_enabled() === 1 && self.pwd_enforce_complexity() === 1;
+        };
+
+        let ldap_type_openldap = function (element) {
+            return self.ldap_enabled() && self.ldap_type() === 'ldap';
+        };
+
+        let ldap_type_ad = function (element) {
+            return self.ldap_enabled() && self.ldap_type() === 'ad';
+        };
+
+        let ldap_sg_enabled = function (element) {
+            return self.ldap_enabled() === 1 && self.ldap_sg_enabled() === 1;
+        }
+
+        let ldap_ap_enabled = function (element) {
+            return self.ldap_enabled() === 1 && self.autoprovisioning() === 1;
+        }
+
+        jQuery.validator.addMethod('auth_enabled', auth_enabled, 'At least one authentication method must be enabled.');
+        jQuery.validator.addMethod('ldap_exclusive', ldap_exclusive, 'The LDAP group security and role auto-provisioning features are mutually exclusive.');
+
+        let footerErrorElements = [
+            'input#local_db_enabled',
+        ];
+
+        $(selector).validate({
+            errorPlacement: function (error, element) {
+                let useFooter = false;
+                for (let i = 0; i < footerErrorElements.length; i++) {
+                    if (element.is(footerErrorElements[i])) {
+                        useFooter = true;
+                    }
+                }
+                if (useFooter) {
+                    target.find('.card-footer > .error').append(error);
+                } else if (element.is('input[type=radio]')) {
+                    error.insertAfter(element.parents('div.radio'));
+                } else {
+                    element.after(error);
+                }
+            },
+            rules: {
+                local_db_enabled: 'auth_enabled',
+                ldap_enabled: 'auth_enabled',
+                google_oauth_enabled: 'auth_enabled',
+                github_oauth_enabled: 'auth_enabled',
+                azure_oauth_enabled: 'auth_enabled',
+                oidc_oauth_enabled: 'auth_enabled',
+                pwd_min_len: {
+                    required: enforce_characters,
+                    digits: true,
+                    min: 1,
+                    max: 64,
+                },
+                pwd_min_lowercase: {
+                    required: enforce_characters,
+                    digits: true,
+                    min: 0,
+                    max: 64,
+                },
+                pwd_min_uppercase: {
+                    required: enforce_characters,
+                    digits: true,
+                    min: 0,
+                    max: 64,
+                },
+                pwd_min_digits: {
+                    required: enforce_characters,
+                    digits: true,
+                    min: 0,
+                    max: 64,
+                },
+                pwd_min_special: {
+                    required: enforce_characters,
+                    digits: true,
+                    min: 0,
+                    max: 64,
+                },
+                pwd_min_complexity: {
+                    required: enforce_complexity,
+                    digits: true,
+                    min: 1,
+                    max: 1000,
+                },
+                ldap_type: ldap_enabled,
+                ldap_uri: {
+                    required: ldap_enabled,
+                    minlength: 11,
+                    maxlength: 255,
+                },
+                ldap_base_dn: {
+                    required: ldap_enabled,
+                    minlength: 4,
+                    maxlength: 255,
+                },
+                ldap_admin_username: {
+                    required: ldap_type_openldap,
+                    minlength: 4,
+                    maxlength: 255,
+                },
+                ldap_admin_password: {
+                    required: ldap_type_openldap,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                ldap_domain: {
+                    required: ldap_type_ad,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                ldap_filter_basic: {
+                    required: ldap_enabled,
+                    minlength: 3,
+                    maxlength: 1000,
+                },
+                ldap_filter_username: {
+                    required: ldap_enabled,
+                    minlength: 1,
+                    maxlength: 100,
+                },
+                ldap_filter_group: {
+                    required: ldap_type_openldap,
+                    minlength: 3,
+                    maxlength: 100,
+                },
+                ldap_filter_groupname: {
+                    required: ldap_type_openldap,
+                    minlength: 1,
+                    maxlength: 100,
+                },
+                ldap_sg_enabled: {
+                    required: ldap_enabled,
+                    ldap_exclusive: true,
+                },
+                ldap_admin_group: {
+                    required: ldap_sg_enabled,
+                    minlength: 3,
+                    maxlength: 100,
+                },
+                ldap_operator_group: {
+                    required: ldap_sg_enabled,
+                    minlength: 3,
+                    maxlength: 100,
+                },
+                ldap_user_group: {
+                    required: ldap_sg_enabled,
+                    minlength: 3,
+                    maxlength: 100,
+                },
+                autoprovisioning: {
+                    required: ldap_enabled,
+                    ldap_exclusive: true,
+                },
+                autoprovisioning_attribute: {
+                    required: ldap_ap_enabled,
+                    minlength: 1,
+                    maxlength: 100,
+                },
+                urn_value: {
+                    required: ldap_ap_enabled,
+                    minlength: 1,
+                    maxlength: 100,
+                },
+                purge: ldap_enabled,
+            },
+            messages: {},
+        });
+    }
+
     self.activateTab = function (tab) {
         $('[role="tablist"] a.nav-link').blur();
         self.tab_active(tab);
@@ -184,42 +436,60 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         return window.location.hash.length > 1;
     }
 
-    self.setupListeners = function () {
-        if ('onhashchange' in window) {
-            $(window).bind('hashchange', self.onHashChange);
-        }
-    }
-
-    self.destroyListeners = function () {
-        if ('onhashchange' in window) {
-            $(window).unbind('hashchange', self.onHashChange);
-        }
-    }
-
     self.onDataLoaded = function (result) {
         if (result.status == 0) {
-            console.log('Error loading settings: ' + result.messages.join(', '));
+            console.log('Error loading settings.');
+
+            if (result.messages.length) {
+                for (let i = 0; i < result.messages.length; i++) {
+                    let message = result.messages[i];
+                    console.log(message);
+                }
+            }
+
             self.loading(false);
             return false;
         }
 
         self.update(result.data);
 
-        console.log('Settings loaded: ' + result.messages.join(', '));
+        console.log('Settings loaded.');
+
+        if (result.messages.length) {
+            for (let i = 0; i < result.messages.length; i++) {
+                let message = result.messages[i];
+                console.log(message);
+            }
+        }
 
         self.loading(false);
     }
 
     self.onDataSaved = function (result) {
         if (result.status == 0) {
-            console.log('Error saving settings: ' + result.messages.join(', '));
+            console.log('Error saving settings.');
+
+            if (result.messages.length) {
+                for (let i = 0; i < result.messages.length; i++) {
+                    let message = result.messages[i];
+                    console.log(message);
+                }
+            }
+
             self.saving(false);
             return false;
         }
 
         self.update(result.data);
 
-        console.log('Settings saved: ' + result.messages.join(', '));
+        console.log('Settings saved.');
+
+        if (result.messages.length) {
+            for (let i = 0; i < result.messages.length; i++) {
+                let message = result.messages[i];
+                console.log(message);
+            }
+        }
 
         self.saving(false);
     }
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index bdd026f77..2729ed7f2 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -26,72 +26,72 @@ <h1 class="m-0 text-dark">Authentication Settings</h1>
         <div class="container-fluid">
             <div class="row">
                 <div class="col-12">
-                    <div class="card card-outline card-primary shadow" id="settings-editor">
-                        <div class="card-header">
-                            <h3 class="card-title">Settings Editor</h3>
-                        </div>
-                        <!-- /.card-header -->
-                        <div class="card-body">
-                            <div class="overlay-wrapper" data-bind="visible: loading() || saving()">
-                                <div class="overlay">
-                                    <i class="fas fa-3x fa-sync-alt fa-spin"></i>
-                                    <div class="text-bold pt-2 pl-2" data-bind="text: (loading() ? 'Loading' : 'Saving') + ' settings...'"></div>
-                                </div>
+                    <form id="settings-editor">
+                        <div class="card card-outline card-primary shadow">
+                            <div class="card-header">
+                                <h3 class="card-title">Settings Editor</h3>
                             </div>
-                            {% if result %}
-                                <div
-                                    class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif %} alert-dismissible">
-                                    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
-                                        &times;
-                                    </button>
-                                    {{ result['msg'] }}
+                            <!-- /.card-header -->
+                            <div class="card-body">
+                                <div class="overlay-wrapper" data-bind="visible: loading() || saving()">
+                                    <div class="overlay">
+                                        <i class="fas fa-3x fa-sync-alt fa-spin"></i>
+                                        <div class="text-bold pt-2 pl-2"
+                                             data-bind="text: (loading() ? 'Loading' : 'Saving') + ' settings...'"></div>
+                                    </div>
                                 </div>
-                            {% endif %}
-                            <div class="nav-tabs-custom">
-                                <ul class="nav nav-tabs" role="tablist">
-                                    <li class="nav-item">
-                                        <a data-tab="local"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'local' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">Local</a>
-                                    </li>
-                                    <li class="nav-item">
-                                        <a data-tab="ldap"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'ldap' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">LDAP</a>
-                                    </li>
-                                    <li class="nav-item">
-                                        <a data-tab="google"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'google' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">Google
-                                            OAuth</a>
-                                    </li>
-                                    <li class="nav-item">
-                                        <a data-tab="github"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'github' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">GitHub
-                                            OAuth</a>
-                                    </li>
-                                    <li class="nav-item">
-                                        <a data-tab="azure"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'azure' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">Azure
-                                            OAuth</a>
-                                    </li>
-                                    <li class="nav-item">
-                                        <a data-tab="oidc"
-                                           data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'oidc' ? ' active' : '')"
-                                           href="#" data-toggle="pill" role="tab">OpenID
-                                            Connect OAuth</a>
-                                    </li>
-                                </ul>
-                                <div class="tab-content">
+                                {% if result %}
+                                    <div
+                                        class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif %} alert-dismissible">
+                                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
+                                            &times;
+                                        </button>
+                                        {{ result['msg'] }}
+                                    </div>
+                                {% endif %}
+
+                                <div class="nav-tabs-custom">
+                                    <ul class="nav nav-tabs" role="tablist">
+                                        <li class="nav-item">
+                                            <a data-tab="local"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'local' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">Local</a>
+                                        </li>
+                                        <li class="nav-item">
+                                            <a data-tab="ldap"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'ldap' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">LDAP</a>
+                                        </li>
+                                        <li class="nav-item">
+                                            <a data-tab="google"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'google' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">Google
+                                                OAuth</a>
+                                        </li>
+                                        <li class="nav-item">
+                                            <a data-tab="github"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'github' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">GitHub
+                                                OAuth</a>
+                                        </li>
+                                        <li class="nav-item">
+                                            <a data-tab="azure"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'azure' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">Azure
+                                                OAuth</a>
+                                        </li>
+                                        <li class="nav-item">
+                                            <a data-tab="oidc"
+                                               data-bind="click: onTabClick, class: 'nav-link' + (tab_active() == 'oidc' ? ' active' : '')"
+                                               href="#" data-toggle="pill" role="tab">OpenID
+                                                Connect OAuth</a>
+                                        </li>
+                                    </ul>
+                                    <div class="tab-content">
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                <form role="form" method="post">
-                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="general" name="config_tab"/>
+                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">Local Authentication Settings</h3>
@@ -130,7 +130,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                         Length</label>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_len" id="pwd_min_len"
-                                                                           data-error="Please enter a minimum password length"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_len, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -139,7 +138,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_lowercase"
                                                                            id="pwd_min_lowercase"
-                                                                           data-error="Please enter the minimum number of lowercase letters required"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_lowercase, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -148,7 +146,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_uppercase"
                                                                            id="pwd_min_uppercase"
-                                                                           data-error="Please enter the minimum number of uppercase letters required"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_uppercase, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -156,7 +153,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                         Characters</label>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_digits" id="pwd_min_digits"
-                                                                           data-error="Please enter the minimum number of digits required"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_digits, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -164,7 +160,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                         Characters</label>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_special" id="pwd_min_special"
-                                                                           data-error="Please enter the minimum number of special characters required"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_characters(), value: pwd_min_special, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -182,7 +177,6 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="pwd_min_complexity"
                                                                            id="pwd_min_complexity"
-                                                                           data-error="Please enter the minimum password complexity required"
                                                                            data-bind="enable: local_db_enabled() && pwd_enforce_complexity(), value: pwd_min_complexity, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                             </fieldset>
@@ -190,109 +184,114 @@ <h3 class="card-title">Local Authentication Settings</h3>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
+                                                </div>
+                                                <!-- /.col -->
 
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <dl class="dl-horizontal">
-                                                            <dt>Local DB Authentication</dt>
-                                                            <dd>Enable/disable local database authentication.</dd>
-                                                            <dt>Allow Users to Signup</dt>
-                                                            <dd>Allow users to signup. This requires local database
-                                                                authentication
-                                                                to be enabled.
-                                                            </dd>
-                                                            <h4>Password Requirements</h4>
-                                                            <dd>This section allows you to customize your local DB
-                                                                password
-                                                                requirements
-                                                                and ensure that when users change their password or
-                                                                signup
-                                                                they are
-                                                                picking strong passwords.
-                                                            </dd>
-                                                            <dd>Setting any entry field to a blank value will revert it
-                                                                back
-                                                                to default.
-                                                            </dd>
-                                                            <dt>Enforce Character Requirements</dt>
-                                                            <dd>This option will enforce the character type requirements
-                                                                for
-                                                                passwords.
-                                                                <ul>
-                                                                    <li>Minimum Lowercase Characters - Minimum number of
-                                                                        lowercase
-                                                                        characters required to appear in the password.
-                                                                    </li>
-                                                                    <li>Minimum Uppercase Characters - Minimum number of
-                                                                        uppercase
-                                                                        characters required to appear in the password.
-                                                                    </li>
-                                                                    <li>Minimum Digit Characters - Minimum number of
-                                                                        digits
-                                                                        required to appear in the password. Digits
-                                                                        include
-                                                                        1234567890.
-                                                                    </li>
-                                                                    <li>Minimum Special Characters - Minimum number of
-                                                                        special
-                                                                        characters required to appear in the password.
-                                                                        Special
-                                                                        characters include
-                                                                        `!@#$%^&amp;*()_-=+[]\{}|;:",.&gt;&lt;/?.
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                            <dt>Enforce Complexity Requirement</dt>
-                                                            <dd>Enable the enforcement of complex passwords. We
-                                                                currently use
-                                                                <a href="https://github.com/dropbox/zxcvbn">zxcvbn</a>
-                                                                for
-                                                                determining this.
-                                                                <ul>
-                                                                    <li>Minimum Complexity - The default value of the
-                                                                        log factor
-                                                                        is 11 as it is considered secure. More
-                                                                        information about
-                                                                        this can be found at
-                                                                        <a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_wheeler.pdf">here</a>
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                        </dl>
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <dl class="dl-horizontal">
+                                                                <dt>Local DB Authentication</dt>
+                                                                <dd>Enable/disable local database authentication.</dd>
+                                                                <dt>Allow Users to Signup</dt>
+                                                                <dd>Allow users to signup. This requires local database
+                                                                    authentication
+                                                                    to be enabled.
+                                                                </dd>
+                                                                <h4>Password Requirements</h4>
+                                                                <dd>This section allows you to customize your local DB
+                                                                    password
+                                                                    requirements
+                                                                    and ensure that when users change their password or
+                                                                    signup
+                                                                    they are
+                                                                    picking strong passwords.
+                                                                </dd>
+                                                                <dd>Setting any entry field to a blank value will revert
+                                                                    it
+                                                                    back
+                                                                    to default.
+                                                                </dd>
+                                                                <dt>Enforce Character Requirements</dt>
+                                                                <dd>This option will enforce the character type
+                                                                    requirements
+                                                                    for
+                                                                    passwords.
+                                                                    <ul>
+                                                                        <li>Minimum Lowercase Characters - Minimum
+                                                                            number of
+                                                                            lowercase
+                                                                            characters required to appear in the
+                                                                            password.
+                                                                        </li>
+                                                                        <li>Minimum Uppercase Characters - Minimum
+                                                                            number of
+                                                                            uppercase
+                                                                            characters required to appear in the
+                                                                            password.
+                                                                        </li>
+                                                                        <li>Minimum Digit Characters - Minimum number of
+                                                                            digits
+                                                                            required to appear in the password. Digits
+                                                                            include
+                                                                            1234567890.
+                                                                        </li>
+                                                                        <li>Minimum Special Characters - Minimum number
+                                                                            of
+                                                                            special
+                                                                            characters required to appear in the
+                                                                            password.
+                                                                            Special
+                                                                            characters include
+                                                                            `!@#$%^&amp;*()_-=+[]\{}|;:",.&gt;&lt;/?.
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                                <dt>Enforce Complexity Requirement</dt>
+                                                                <dd>Enable the enforcement of complex passwords. We
+                                                                    currently use
+                                                                    <a href="https://github.com/dropbox/zxcvbn">zxcvbn</a>
+                                                                    for
+                                                                    determining this.
+                                                                    <ul>
+                                                                        <li>Minimum Complexity - The default value of
+                                                                            the
+                                                                            log factor
+                                                                            is 11 as it is considered secure. More
+                                                                            information about
+                                                                            this can be found at
+                                                                            <a href="https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_wheeler.pdf">here</a>
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                            </dl>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                {% if error %}
-                                                    <div class="alert alert-danger alert-dismissible">
-                                                        <button type="button" class="close" data-dismiss="alert"
-                                                                aria-hidden="true">&times;
-                                                        </button>
-                                                        <h4><i class="icon fa fa-ban"></i> Error!</h4>
-                                                        {{ error }}
-                                                    </div>
-                                                {% endif %}
-                                                <form role="form" method="post" data-toggle="validator">
-                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="ldap" name="config_tab"/>
+                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
+                                                    {% if error %}
+                                                        <div class="alert alert-danger alert-dismissible">
+                                                            <button type="button" class="close" data-dismiss="alert"
+                                                                    aria-hidden="true">&times;
+                                                            </button>
+                                                            <h4><i class="icon fa fa-ban"></i> Error!</h4>
+                                                            {{ error }}
+                                                        </div>
+                                                    {% endif %}
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">LDAP Authentication Settings</h3>
@@ -337,7 +336,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="ldap_uri"
                                                                            id="ldap_uri"
                                                                            placeholder="e.g. ldaps://your-ldap-server:636"
-                                                                           data-error="Please input LDAP URI"
                                                                            data-bind="enable: ldap_enabled, value: ldap_uri, valueUpdate: 'afterkeydown'">
                                                                 </div>
                                                                 <div class="form-group">
@@ -346,48 +344,40 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="ldap_base_dn"
                                                                            id="ldap_base_dn"
                                                                            placeholder="e.g. dc=mydomain,dc=com"
-                                                                           data-error="Please input LDAP Base DN"
                                                                            data-bind="enable: ldap_enabled, value: ldap_base_dn, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div id="ldap_openldap_fields">
-                                                                    <div class="form-group"
-                                                                         data-bind="visible: ldap_type() == 'ldap'">
-                                                                        <label for="ldap_admin_username">LDAP admin
-                                                                            username</label>
-                                                                        <input type="text" class="form-control"
-                                                                               name="ldap_admin_username"
-                                                                               id="ldap_admin_username"
-                                                                               placeholder="e.g. cn=admin,dc=mydomain,dc=com"
-                                                                               data-error="Please input LDAP admin username"
-                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_username, valueUpdate: 'afterkeydown'">
-                                                                        <span class="help-block with-errors"></span>
-                                                                    </div>
-                                                                    <div class="form-group"
-                                                                         data-bind="visible: ldap_type() == 'ldap'">
-                                                                        <label for="ldap_admin_password">LDAP admin
-                                                                            password</label>
-                                                                        <input type="password" class="form-control"
-                                                                               name="ldap_admin_password"
-                                                                               id="ldap_admin_password"
-                                                                               placeholder="LDAP Admin password"
-                                                                               data-error="Please input LDAP admin password"
-                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_password, valueUpdate: 'afterkeydown'">
-                                                                        <span class="help-block with-errors"></span>
-                                                                    </div>
+                                                                <div class="form-group"
+                                                                     data-bind="visible: ldap_type() == 'ldap'">
+                                                                    <label for="ldap_admin_username">LDAP admin
+                                                                        username</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_admin_username"
+                                                                           id="ldap_admin_username"
+                                                                           placeholder="e.g. cn=admin,dc=mydomain,dc=com"
+                                                                           data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_username, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div id="ldap_ad_fields">
-                                                                    <div class="form-group"
-                                                                         data-bind="visible: ldap_type() == 'ad'">
-                                                                        <label for="ldap_domain">Active Directory
-                                                                            domain</label>
-                                                                        <input type="text" class="form-control"
-                                                                               name="ldap_domain" id="ldap_domain"
-                                                                               placeholder="Active Directory domain"
-                                                                               data-error="Please input Actve Directory domain value"
-                                                                               data-bind="enable: ldap_enabled() && ldap_type() == 'ad', value: ldap_domain, valueUpdate: 'afterkeydown'">
-                                                                        <span class="help-block with-errors"></span>
-                                                                    </div>
+                                                                <div class="form-group"
+                                                                     data-bind="visible: ldap_type() == 'ldap'">
+                                                                    <label for="ldap_admin_password">LDAP admin
+                                                                        password</label>
+                                                                    <input type="password" class="form-control"
+                                                                           name="ldap_admin_password"
+                                                                           id="ldap_admin_password"
+                                                                           placeholder="LDAP Admin password"
+                                                                           data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_admin_password, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group"
+                                                                     data-bind="visible: ldap_type() == 'ad'">
+                                                                    <label for="ldap_domain">Active Directory
+                                                                        domain</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_domain" id="ldap_domain"
+                                                                           placeholder="Active Directory domain"
+                                                                           data-bind="enable: ldap_enabled() && ldap_type() == 'ad', value: ldap_domain, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
@@ -398,7 +388,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="ldap_filter_basic"
                                                                            id="ldap_filter_basic"
                                                                            placeholder="e.g. (objectClass=inetorgperson)"
-                                                                           data-error="Please input LDAP filter"
                                                                            data-bind="enable: ldap_enabled, value: ldap_filter_basic, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -409,33 +398,30 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="ldap_filter_username"
                                                                            id="ldap_filter_username"
                                                                            placeholder="e.g. uid"
-                                                                           data-error="Please input field for username filtering"
                                                                            data-bind="enable: ldap_enabled, value: ldap_filter_username, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
-                                                                <div id="ldap_openldap_group_filters">
-                                                                    <div class="form-group">
-                                                                        <label for="ldap_filter_group">Group
-                                                                            filter</label>
-                                                                        <input type="text" class="form-control"
-                                                                               name="ldap_filter_group"
-                                                                               id="ldap_filter_group"
-                                                                               placeholder="e.g. (objectclass=groupOfNames)"
-                                                                               data-error="Please input LDAP filter"
-                                                                               data-bind="enable: ldap_enabled, value: ldap_filter_group, valueUpdate: 'afterkeydown'">
-                                                                        <span class="help-block with-errors"></span>
-                                                                    </div>
-                                                                    <div class="form-group">
-                                                                        <label for="ldap_filter_groupname">Group name
-                                                                            field</label>
-                                                                        <input type="text" class="form-control"
-                                                                               name="ldap_filter_groupname"
-                                                                               id="ldap_filter_groupname"
-                                                                               placeholder="e.g. member"
-                                                                               data-error="Please input field for group name filtering"
-                                                                               data-bind="enable: ldap_enabled, value: ldap_filter_groupname, valueUpdate: 'afterkeydown'">
-                                                                        <span class="help-block with-errors"></span>
-                                                                    </div>
+                                                                <div class="form-group"
+                                                                     data-bind="visible: ldap_enabled() && ldap_type() == 'ldap'">
+                                                                    <label for="ldap_filter_group">Group
+                                                                        filter</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_filter_group"
+                                                                           id="ldap_filter_group"
+                                                                           placeholder="e.g. (objectclass=groupOfNames)"
+                                                                           data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_filter_group, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
+                                                                </div>
+                                                                <div class="form-group"
+                                                                     data-bind="visible: ldap_enabled() && ldap_type() == 'ldap'">
+                                                                    <label for="ldap_filter_groupname">Group name
+                                                                        field</label>
+                                                                    <input type="text" class="form-control"
+                                                                           name="ldap_filter_groupname"
+                                                                           id="ldap_filter_groupname"
+                                                                           placeholder="e.g. member"
+                                                                           data-bind="enable: ldap_enabled() && ldap_type() == 'ldap', value: ldap_filter_groupname, valueUpdate: 'afterkeydown'">
+                                                                    <span class="help-block with-errors"></span>
                                                                 </div>
                                                             </fieldset>
                                                             <fieldset>
@@ -463,7 +449,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="ldap_admin_group" id="ldap_admin_group"
                                                                            placeholder="e.g. cn=sysops,dc=mydomain,dc=com"
-                                                                           data-error="Please input LDAP DN for Admin group"
                                                                            data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_admin_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -474,7 +459,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="ldap_operator_group"
                                                                            id="ldap_operator_group"
                                                                            placeholder="e.g. cn=operators,dc=mydomain,dc=com"
-                                                                           data-error="Please input LDAP DN for Operator group"
                                                                            data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_operator_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -483,7 +467,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="ldap_user_group" id="ldap_user_group"
                                                                            placeholder="e.g. cn=users,dc=mydomain,dc=com"
-                                                                           data-error="Please input LDAP DN for User group"
                                                                            data-bind="enable: ldap_enabled() && ldap_sg_enabled(), value: ldap_user_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -516,7 +499,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="autoprovisioning_attribute"
                                                                            id="autoprovisioning_attribute"
                                                                            placeholder="e.g. eduPersonEntitlement"
-                                                                           data-error="    Please input field responsible for autoprovisioning"
                                                                            data-bind="enable: ldap_enabled() && autoprovisioning(), value: autoprovisioning_attribute, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -528,7 +510,6 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                            name="urn_value"
                                                                            id="urn_value"
                                                                            placeholder="e.g. urn:mace:<yourOrganization>"
-                                                                           data-error="Please fill this field"
                                                                            data-bind="enable: ldap_enabled() && autoprovisioning(), value: urn_value, valueUpdate: 'afterkeydown'">
                                                                     {% if error %}
                                                                         <span class="help-block with-errors">Please input the correct prefix for your urn value</span>
@@ -554,561 +535,556 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                         </label>
                                                                     </div>
                                                                 </div>
+                                                                <div class="callout callout-warning"
+                                                                     data-bind="visible: purge() === 1">
+                                                                    <h5>Notice!</h5>
+                                                                    <p>Users will lose their associated zones unless
+                                                                        they already have their auto-provisioning field
+                                                                        prepopulated.</p>
+                                                                </div>
                                                             </fieldset>
                                                         </div>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
+                                                </div>
+                                                <!-- /.col -->
 
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <dl class="dl-horizontal">
-                                                            <dt>Enable LDAP Authentication</dt>
-                                                            <dd>Turn on / off the LDAP authentication.</dd>
-                                                            <dt>Type</dt>
-                                                            <dd>Select your current directory service type.
-                                                                <ul>
-                                                                    <li>
-                                                                        OpenLDAP - Open source implementation of the
-                                                                        Lightweight
-                                                                        Directory Access Protocol.
-                                                                    </li>
-                                                                    <li>
-                                                                        Active Directory - Active Directory is a
-                                                                        directory
-                                                                        service that Microsoft developed for the Windows
-                                                                        domain
-                                                                        networks.
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                            <dt>ADMINISTRATOR INFO</dt>
-                                                            <dd>Your LDAP connection string and admin credential used by
-                                                                PDA to
-                                                                query user information.
-                                                                <ul>
-                                                                    <li>
-                                                                        LDAP URI - The fully qualified domain names of
-                                                                        your
-                                                                        directory servers. (e.g. ldap://127.0.0.1:389)
-                                                                    </li>
-                                                                    <li>
-                                                                        LDAP Base DN - The point from where a PDA will
-                                                                        search
-                                                                        for users.
-                                                                    </li>
-                                                                    <li>
-                                                                        LDAP admin username - Your LDAP administrator
-                                                                        user which
-                                                                        has permission to query information in the Base
-                                                                        DN
-                                                                        above. Not needed for Active Directory
-                                                                        authentication.
-                                                                    </li>
-                                                                    <li>
-                                                                        LDAP admin password - The password of LDAP
-                                                                        administrator
-                                                                        user. Not needed for Active Directory
-                                                                        authentication.
-                                                                    </li>
-                                                                    <li>
-                                                                        Active Directory domain - Active Directory
-                                                                        domain used.
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                            <dt>FILTERS</dt>
-                                                            <dd>Define how you want to filter your user in LDAP query.
-                                                                <ul>
-                                                                    <li>
-                                                                        Basic filter - The filter that will be applied
-                                                                        to all
-                                                                        LDAP query by PDA. (e.g.
-                                                                        <i>(objectClass=inetorgperson)</i> for OpenLDAP
-                                                                        and <i>(objectClass=organizationalPerson)</i>
-                                                                        for Active Directory)
-                                                                    </li>
-                                                                    <li>
-                                                                        Username field - The field PDA will look for
-                                                                        user's
-                                                                        username. (e.g. <i>uid</i> for OpenLDAP and <i>sAMAccountName</i>
-                                                                        for Active Directory)
-                                                                    </li>
-                                                                    <li>
-                                                                        Group filter - The filter that will be applied
-                                                                        to all
-                                                                        LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i>
-                                                                        for OpenLDAP)
-                                                                    </li>
-                                                                    <li>
-                                                                        Group name field - The field PDA will look for
-                                                                        group
-                                                                        names. (e.g. <i>member</i> for OpenLDAP)
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                            <dt>GROUP SECURITY</dt>
-                                                            <dd>User can be assigned to PDA's User or Admin group by
-                                                                matching
-                                                                following LDAP Group.
-                                                                <ul>
-                                                                    <li>
-                                                                        Status - Turn on / off group security feature.
-                                                                    </li>
-                                                                    <li>
-                                                                        Admin group - Your LDAP admin group.
-                                                                    </li>
-                                                                    <li>
-                                                                        Operator group - Your LDAP operator group.
-                                                                    </li>
-                                                                    <li>
-                                                                        User group - Your LDAP user group.
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                            <dt>ADVANCE</dt>
-                                                            <dd> Provision PDA user privileges based on LDAP Object
-                                                                Attributes.
-                                                                Alternative to Group Security Role Management.
-                                                                <ul>
-                                                                    <li>
-                                                                        Roles Autoprovisioning - If toggled on, the PDA
-                                                                        Role and
-                                                                        the associations of users found in the local db,
-                                                                        will be
-                                                                        instantly updated from the LDAP server every
-                                                                        time they
-                                                                        log in.
-                                                                    </li>
-                                                                    <li>
-                                                                        Roles provisioning field - The attribute in the
-                                                                        ldap
-                                                                        server populated by the urn values where PDA
-                                                                        will look
-                                                                        for a new Role and/or new associations to
-                                                                        domains/accounts.
-                                                                    </li>
-                                                                    <li>
-                                                                        Urn prefix - The prefix used before the static
-                                                                        keyword
-                                                                        "powerdns-admin" for your entitlements in the
-                                                                        ldap
-                                                                        server. Must comply with RFC no.8141.
-                                                                    </li>
-                                                                    <li>
-                                                                        Purge Roles If Empty - If toggled on, ldap
-                                                                        entries that
-                                                                        have no valid "powerdns-admin" records to their
-                                                                        autoprovisioning field, will lose all their
-                                                                        associations
-                                                                        with any zone or account, also reverting to a
-                                                                        User in
-                                                                        the process, despite their current role in the
-                                                                        local db.<br>
-                                                                        If toggled off, in the same scenario they get to
-                                                                        keep
-                                                                        their existing associations and their current
-                                                                        Role.
-                                                                    </li>
-                                                                </ul>
-                                                            </dd>
-                                                        </dl>
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <dl class="dl-horizontal">
+                                                                <dt>Enable LDAP Authentication</dt>
+                                                                <dd>Turn on / off the LDAP authentication.</dd>
+                                                                <dt>Type</dt>
+                                                                <dd>Select your current directory service type.
+                                                                    <ul>
+                                                                        <li>
+                                                                            OpenLDAP - Open source implementation of the
+                                                                            Lightweight
+                                                                            Directory Access Protocol.
+                                                                        </li>
+                                                                        <li>
+                                                                            Active Directory - Active Directory is a
+                                                                            directory
+                                                                            service that Microsoft developed for the
+                                                                            Windows
+                                                                            domain
+                                                                            networks.
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                                <dt>ADMINISTRATOR INFO</dt>
+                                                                <dd>Your LDAP connection string and admin credential
+                                                                    used by
+                                                                    PDA to
+                                                                    query user information.
+                                                                    <ul>
+                                                                        <li>
+                                                                            LDAP URI - The fully qualified domain names
+                                                                            of
+                                                                            your
+                                                                            directory servers. (e.g.
+                                                                            ldap://127.0.0.1:389)
+                                                                        </li>
+                                                                        <li>
+                                                                            LDAP Base DN - The point from where a PDA
+                                                                            will
+                                                                            search
+                                                                            for users.
+                                                                        </li>
+                                                                        <li>
+                                                                            LDAP admin username - Your LDAP
+                                                                            administrator
+                                                                            user which
+                                                                            has permission to query information in the
+                                                                            Base
+                                                                            DN
+                                                                            above. Not needed for Active Directory
+                                                                            authentication.
+                                                                        </li>
+                                                                        <li>
+                                                                            LDAP admin password - The password of LDAP
+                                                                            administrator
+                                                                            user. Not needed for Active Directory
+                                                                            authentication.
+                                                                        </li>
+                                                                        <li>
+                                                                            Active Directory domain - Active Directory
+                                                                            domain used.
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                                <dt>FILTERS</dt>
+                                                                <dd>Define how you want to filter your user in LDAP
+                                                                    query.
+                                                                    <ul>
+                                                                        <li>
+                                                                            Basic filter - The filter that will be
+                                                                            applied
+                                                                            to all
+                                                                            LDAP query by PDA. (e.g.
+                                                                            <i>(objectClass=inetorgperson)</i> for
+                                                                            OpenLDAP
+                                                                            and
+                                                                            <i>(objectClass=organizationalPerson)</i>
+                                                                            for Active Directory)
+                                                                        </li>
+                                                                        <li>
+                                                                            Username field - The field PDA will look for
+                                                                            user's
+                                                                            username. (e.g. <i>uid</i> for OpenLDAP and
+                                                                            <i>sAMAccountName</i>
+                                                                            for Active Directory)
+                                                                        </li>
+                                                                        <li>
+                                                                            Group filter - The filter that will be
+                                                                            applied
+                                                                            to all
+                                                                            LDAP group queries by PDA. (e.g. <i>(objectClass=groupOfNames)</i>
+                                                                            for OpenLDAP)
+                                                                        </li>
+                                                                        <li>
+                                                                            Group name field - The field PDA will look
+                                                                            for
+                                                                            group
+                                                                            names. (e.g. <i>member</i> for OpenLDAP)
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                                <dt>GROUP SECURITY</dt>
+                                                                <dd>User can be assigned to PDA's User or Admin group by
+                                                                    matching
+                                                                    following LDAP Group.
+                                                                    <ul>
+                                                                        <li>
+                                                                            Status - Turn on / off group security
+                                                                            feature.
+                                                                        </li>
+                                                                        <li>
+                                                                            Admin group - Your LDAP admin group.
+                                                                        </li>
+                                                                        <li>
+                                                                            Operator group - Your LDAP operator group.
+                                                                        </li>
+                                                                        <li>
+                                                                            User group - Your LDAP user group.
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                                <dt>ADVANCE</dt>
+                                                                <dd> Provision PDA user privileges based on LDAP Object
+                                                                    Attributes.
+                                                                    Alternative to Group Security Role Management.
+                                                                    <ul>
+                                                                        <li>
+                                                                            Roles Autoprovisioning - If toggled on, the
+                                                                            PDA
+                                                                            Role and
+                                                                            the associations of users found in the local
+                                                                            db,
+                                                                            will be
+                                                                            instantly updated from the LDAP server every
+                                                                            time they
+                                                                            log in.
+                                                                        </li>
+                                                                        <li>
+                                                                            Roles provisioning field - The attribute in
+                                                                            the
+                                                                            ldap
+                                                                            server populated by the urn values where PDA
+                                                                            will look
+                                                                            for a new Role and/or new associations to
+                                                                            domains/accounts.
+                                                                        </li>
+                                                                        <li>
+                                                                            Urn prefix - The prefix used before the
+                                                                            static
+                                                                            keyword
+                                                                            "powerdns-admin" for your entitlements in
+                                                                            the
+                                                                            ldap
+                                                                            server. Must comply with RFC no.8141.
+                                                                        </li>
+                                                                        <li>
+                                                                            Purge Roles If Empty - If toggled on, ldap
+                                                                            entries that
+                                                                            have no valid "powerdns-admin" records to
+                                                                            their
+                                                                            autoprovisioning field, will lose all their
+                                                                            associations
+                                                                            with any zone or account, also reverting to
+                                                                            a
+                                                                            User in
+                                                                            the process, despite their current role in
+                                                                            the
+                                                                            local db.<br>
+                                                                            If toggled off, in the same scenario they
+                                                                            get to
+                                                                            keep
+                                                                            their existing associations and their
+                                                                            current
+                                                                            Role.
+                                                                        </li>
+                                                                    </ul>
+                                                                </dd>
+                                                            </dl>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                <form role="form" method="post" data-toggle="validator">
-                                                    <input type="hidden" name="_csrf_token"
-                                                           value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="google" name="config_tab"/>
+                                        <div
+                                            data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">Google OAuth Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
-                                                            <fieldset>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="google_oauth_enabled"
-                                                                           name="google_oauth_enabled" class="checkbox"
-                                                                           data-bind="checked: google_oauth_enabled">
-                                                                    <label for="google_oauth_enabled">Enable Google
-                                                                        OAuth</label>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_oauth_client_id">Client
-                                                                        ID</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_client_id"
-                                                                           id="google_oauth_client_id"
-                                                                           placeholder="Google OAuth Client ID"
-                                                                           data-error="Please input Client ID"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_client_id, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_oauth_client_secret">Client
-                                                                        Secret</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_client_secret"
-                                                                           id="google_oauth_client_secret"
-                                                                           placeholder="Google OAuth Client Secret"
-                                                                           data-error="Please input Client Secret"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_client_secret, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_oauth_scope">Scope</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_scope"
-                                                                           id="google_oauth_scope"
-                                                                           placeholder="e.g. email profile"
-                                                                           data-error="Please input scope"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_oauth_scope, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="google_base_url">API URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_base_url" id="google_base_url"
-                                                                           placeholder="e.g. https://www.googleapis.com/oauth2/v3/"
-                                                                           data-error="Please input base URL"
-                                                                           data-bind="enable: google_oauth_enabled, value: google_base_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox"
-                                                                           id="google_oauth_auto_configure"
-                                                                           name="google_oauth_auto_configure"
-                                                                           class="checkbox"
-                                                                           data-bind="checked: google_oauth_auto_configure">
-                                                                    <label for="google_oauth_auto_configure">Enable
-                                                                        Google
-                                                                        OAuth Auto-Configuration</label>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="visible: google_oauth_auto_configure">
-                                                                    <label for="google_oauth_metadata_url">Metadata
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_oauth_metadata_url"
-                                                                           id="google_oauth_metadata_url"
-                                                                           placeholder="e.g. https://accounts.google.com/.well-known/openid-configuration"
-                                                                           data-error="Please input Metadata URL"
-                                                                           data-bind="enable: google_oauth_enabled() && google_oauth_auto_configure(), value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: google_oauth_auto_configure">
-                                                                    <label for="google_token_url">Token URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_token_url" id="google_token_url"
-                                                                           placeholder="e.g. https://oauth2.googleapis.com/token"
-                                                                           data-error="Please input token URL"
-                                                                           data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_token_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: google_oauth_auto_configure">
-                                                                    <label for="google_authorize_url">Authorize
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="google_authorize_url"
-                                                                           id="google_authorize_url"
-                                                                           placeholder="e.g. https://accounts.google.com/o/oauth2/v2/auth"
-                                                                           data-error="Please input Authorize URL"
-                                                                           data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_authorize_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="google_oauth_enabled"
+                                                                       name="google_oauth_enabled" class="checkbox"
+                                                                       data-bind="checked: google_oauth_enabled">
+                                                                <label for="google_oauth_enabled">Enable Google
+                                                                    OAuth</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="google_oauth_client_id">Client
+                                                                    ID</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_oauth_client_id"
+                                                                       id="google_oauth_client_id"
+                                                                       placeholder="Google OAuth Client ID"
+                                                                       data-bind="enable: google_oauth_enabled, value: google_oauth_client_id, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="google_oauth_client_secret">Client
+                                                                    Secret</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_oauth_client_secret"
+                                                                       id="google_oauth_client_secret"
+                                                                       placeholder="Google OAuth Client Secret"
+                                                                       data-bind="enable: google_oauth_enabled, value: google_oauth_client_secret, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="google_oauth_scope">Scope</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_oauth_scope"
+                                                                       id="google_oauth_scope"
+                                                                       placeholder="e.g. email profile"
+                                                                       data-bind="enable: google_oauth_enabled, value: google_oauth_scope, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="google_base_url">API URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_base_url" id="google_base_url"
+                                                                       placeholder="e.g. https://www.googleapis.com/oauth2/v3/"
+                                                                       data-bind="enable: google_oauth_enabled, value: google_base_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox"
+                                                                       id="google_oauth_auto_configure"
+                                                                       name="google_oauth_auto_configure"
+                                                                       class="checkbox"
+                                                                       data-bind="checked: google_oauth_auto_configure">
+                                                                <label for="google_oauth_auto_configure">Enable
+                                                                    Google
+                                                                    OAuth Auto-Configuration</label>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="visible: google_oauth_auto_configure">
+                                                                <label for="google_oauth_metadata_url">Metadata
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_oauth_metadata_url"
+                                                                       id="google_oauth_metadata_url"
+                                                                       placeholder="e.g. https://accounts.google.com/.well-known/openid-configuration"
+                                                                       data-bind="enable: google_oauth_enabled() && google_oauth_auto_configure(), value: google_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: google_oauth_auto_configure">
+                                                                <label for="google_token_url">Token URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_token_url" id="google_token_url"
+                                                                       placeholder="e.g. https://oauth2.googleapis.com/token"
+                                                                       data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_token_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: google_oauth_auto_configure">
+                                                                <label for="google_authorize_url">Authorize
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="google_authorize_url"
+                                                                       id="google_authorize_url"
+                                                                       placeholder="e.g. https://accounts.google.com/o/oauth2/v2/auth"
+                                                                       data-bind="enable: google_oauth_enabled() && !google_oauth_auto_configure(), value: google_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
                                                         </div>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
+                                                </div>
+                                                <!-- /.col -->
 
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <p>Fill in all the fields in the left form.</p>
-                                                        <p>Make sure you add PDA redirection URI (e.g
-                                                            http://localhost:9191/google/authorized) to your Google App
-                                                            Credentials Restriction.</p>
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <p>Fill in all the fields in the left form.</p>
+                                                            <p>Make sure you add PDA redirection URI (e.g
+                                                                http://localhost:9191/google/authorized) to your Google
+                                                                App
+                                                                Credentials Restriction.</p>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                <form role="form" method="post" data-toggle="validator">
-                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="github" name="config_tab"/>
+                                        <div
+                                            data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">GitHub OAuth Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
-                                                            <fieldset>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="github_oauth_enabled"
-                                                                           name="github_oauth_enabled" class="checkbox"
-                                                                           data-bind="checked: github_oauth_enabled">
-                                                                    <label for="github_oauth_enabled">Enable GitHub
-                                                                        OAuth</label>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="github_oauth_key">Client ID</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_key" id="github_oauth_key"
-                                                                           placeholder="Github OAuth Client ID"
-                                                                           data-error="Please input Client ID"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_key, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="github_oauth_secret">Client
-                                                                        Secret</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_secret"
-                                                                           id="github_oauth_secret"
-                                                                           placeholder="Github OAuth Client Secret"
-                                                                           data-error="Please input Client Secret"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_secret, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="github_oauth_scope">Scope</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_scope"
-                                                                           id="github_oauth_scope"
-                                                                           placeholder="e.g. email"
-                                                                           data-error="Please input scope"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_scope, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="github_oauth_api_url">API URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_api_url"
-                                                                           id="github_oauth_api_url"
-                                                                           placeholder="e.g. https://api.github.com/user"
-                                                                           data-error="Please input API URL"
-                                                                           data-bind="enable: github_oauth_enabled, value: github_oauth_api_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox"
-                                                                           id="github_oauth_auto_configure"
-                                                                           name="github_oauth_auto_configure"
-                                                                           class="checkbox"
-                                                                           data-bind="checked: github_oauth_auto_configure">
-                                                                    <label for="github_oauth_auto_configure">Enable
-                                                                        GitHub
-                                                                        OAuth Auto-Configuration</label>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="visible: github_oauth_auto_configure">
-                                                                    <label for="github_oauth_metadata_url">Metadata
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_metadata_url"
-                                                                           id="github_oauth_metadata_url"
-                                                                           placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
-                                                                           data-error="Please input Metadata URL"
-                                                                           data-bind="enable: github_oauth_enabled() && github_oauth_auto_configure(), value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: github_oauth_auto_configure">
-                                                                    <label for="github_oauth_token_url">Token
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_token_url"
-                                                                           id="github_oauth_token_url"
-                                                                           placeholder="e.g. https://github.com/login/oauth/access_token"
-                                                                           data-error="Please input Token URL"
-                                                                           data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: github_oauth_auto_configure">
-                                                                    <label for="github_oauth_authorize_url">Authorize
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="github_oauth_authorize_url"
-                                                                           id="github_oauth_authorize_url"
-                                                                           placeholder="e.g. https://github.com/login/oauth/authorize"
-                                                                           data-error="Please input Authorize URL"
-                                                                           data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_authorize_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="github_oauth_enabled"
+                                                                       name="github_oauth_enabled" class="checkbox"
+                                                                       data-bind="checked: github_oauth_enabled">
+                                                                <label for="github_oauth_enabled">Enable GitHub
+                                                                    OAuth</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="github_oauth_key">Client ID</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_key" id="github_oauth_key"
+                                                                       placeholder="Github OAuth Client ID"
+                                                                       data-bind="enable: github_oauth_enabled, value: github_oauth_key, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="github_oauth_secret">Client
+                                                                    Secret</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_secret"
+                                                                       id="github_oauth_secret"
+                                                                       placeholder="Github OAuth Client Secret"
+                                                                       data-bind="enable: github_oauth_enabled, value: github_oauth_secret, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="github_oauth_scope">Scope</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_scope"
+                                                                       id="github_oauth_scope"
+                                                                       placeholder="e.g. email"
+                                                                       data-bind="enable: github_oauth_enabled, value: github_oauth_scope, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="github_oauth_api_url">API URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_api_url"
+                                                                       id="github_oauth_api_url"
+                                                                       placeholder="e.g. https://api.github.com/user"
+                                                                       data-bind="enable: github_oauth_enabled, value: github_oauth_api_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox"
+                                                                       id="github_oauth_auto_configure"
+                                                                       name="github_oauth_auto_configure"
+                                                                       class="checkbox"
+                                                                       data-bind="checked: github_oauth_auto_configure">
+                                                                <label for="github_oauth_auto_configure">Enable
+                                                                    GitHub
+                                                                    OAuth Auto-Configuration</label>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="visible: github_oauth_auto_configure">
+                                                                <label for="github_oauth_metadata_url">Metadata
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_metadata_url"
+                                                                       id="github_oauth_metadata_url"
+                                                                       placeholder="e.g. https://{yourDomain}/.well-known/oauth-metadata.json"
+                                                                       data-bind="enable: github_oauth_enabled() && github_oauth_auto_configure(), value: github_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: github_oauth_auto_configure">
+                                                                <label for="github_oauth_token_url">Token
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_token_url"
+                                                                       id="github_oauth_token_url"
+                                                                       placeholder="e.g. https://github.com/login/oauth/access_token"
+                                                                       data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: github_oauth_auto_configure">
+                                                                <label for="github_oauth_authorize_url">Authorize
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="github_oauth_authorize_url"
+                                                                       id="github_oauth_authorize_url"
+                                                                       placeholder="e.g. https://github.com/login/oauth/authorize"
+                                                                       data-bind="enable: github_oauth_enabled() && !github_oauth_auto_configure(), value: github_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
                                                         </div>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
+                                                </div>
+                                                <!-- /.col -->
 
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <p>Fill in all the fields in the left form.</p>
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <p>Fill in all the fields in the left form.</p>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                <form role="form" method="post" data-toggle="validator">
-                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="azure" name="config_tab"/>
+                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">Azure OAuth Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
-                                                            <fieldset>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="azure_oauth_enabled"
-                                                                           name="azure_oauth_enabled" class="checkbox"
-                                                                           data-bind="checked: azure_oauth_enabled">
-                                                                    <label for="azure_oauth_enabled">Enable Microsoft
-                                                                        Azure
-                                                                        OAuth</label>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="azure_oauth_key">Client ID</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_key" id="azure_oauth_key"
-                                                                           placeholder="Azure OAuth Client ID"
-                                                                           data-error="Please input Client Key"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_key, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="azure_oauth_secret">Client
-                                                                        Secret</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_secret"
-                                                                           id="azure_oauth_secret"
-                                                                           placeholder="Azure OAuth Client Secret"
-                                                                           data-error="Please input Client Secret"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_secret, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="azure_oauth_scope">Scope</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_scope"
-                                                                           id="azure_oauth_scope"
-                                                                           placeholder="e.g. email"
-                                                                           data-error="Please input scope - e.g. User.Read"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_scope, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="azure_oauth_api_url">API URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_api_url"
-                                                                           id="azure_oauth_api_url"
-                                                                           placeholder="e.g. https://graph.microsoft.com/v1.0/"
-                                                                           data-error="Please input API URL"
-                                                                           data-bind="enable: azure_oauth_enabled, value: azure_oauth_api_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox"
-                                                                           id="azure_oauth_auto_configure"
-                                                                           name="azure_oauth_auto_configure"
-                                                                           class="checkbox"
-                                                                           data-bind="checked: azure_oauth_auto_configure">
-                                                                    <label for="azure_oauth_auto_configure">Enable Azure
-                                                                        OAuth Auto-Configuration</label>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="visible: azure_oauth_auto_configure">
-                                                                    <label for="azure_oauth_metadata_url">Metadata
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_metadata_url"
-                                                                           id="azure_oauth_metadata_url"
-                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/v2.0/.well-known/openid-configuration"
-                                                                           data-error="Please input Metadata URL"
-                                                                           data-bind="enable: azure_oauth_enabled() && azure_oauth_auto_configure(), value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: azure_oauth_auto_configure">
-                                                                    <label for="azure_oauth_token_url">Token URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_token_url"
-                                                                           id="azure_oauth_token_url"
-                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/token"
-                                                                           data-error="Please input Token URL"
-                                                                           data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: azure_oauth_auto_configure">
-                                                                    <label for="azure_oauth_authorize_url">Authorize
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="azure_oauth_authorize_url"
-                                                                           id="azure_oauth_authorize_url"
-                                                                           placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/authorize"
-                                                                           data-error="Please input Authorize URL"
-                                                                           data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_authorize_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="azure_oauth_enabled"
+                                                                       name="azure_oauth_enabled" class="checkbox"
+                                                                       data-bind="checked: azure_oauth_enabled">
+                                                                <label for="azure_oauth_enabled">Enable Microsoft
+                                                                    Azure
+                                                                    OAuth</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="azure_oauth_key">Client ID</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_key" id="azure_oauth_key"
+                                                                       placeholder="Azure OAuth Client ID"
+                                                                       data-bind="enable: azure_oauth_enabled, value: azure_oauth_key, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="azure_oauth_secret">Client
+                                                                    Secret</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_secret"
+                                                                       id="azure_oauth_secret"
+                                                                       placeholder="Azure OAuth Client Secret"
+                                                                       data-bind="enable: azure_oauth_enabled, value: azure_oauth_secret, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="azure_oauth_scope">Scope</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_scope"
+                                                                       id="azure_oauth_scope"
+                                                                       placeholder="e.g. email"
+                                                                       data-bind="enable: azure_oauth_enabled, value: azure_oauth_scope, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="azure_oauth_api_url">API URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_api_url"
+                                                                       id="azure_oauth_api_url"
+                                                                       placeholder="e.g. https://graph.microsoft.com/v1.0/"
+                                                                       data-bind="enable: azure_oauth_enabled, value: azure_oauth_api_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox"
+                                                                       id="azure_oauth_auto_configure"
+                                                                       name="azure_oauth_auto_configure"
+                                                                       class="checkbox"
+                                                                       data-bind="checked: azure_oauth_auto_configure">
+                                                                <label for="azure_oauth_auto_configure">Enable Azure
+                                                                    OAuth Auto-Configuration</label>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="visible: azure_oauth_auto_configure">
+                                                                <label for="azure_oauth_metadata_url">Metadata
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_metadata_url"
+                                                                       id="azure_oauth_metadata_url"
+                                                                       placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/v2.0/.well-known/openid-configuration"
+                                                                       data-bind="enable: azure_oauth_enabled() && azure_oauth_auto_configure(), value: azure_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: azure_oauth_auto_configure">
+                                                                <label for="azure_oauth_token_url">Token URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_token_url"
+                                                                       id="azure_oauth_token_url"
+                                                                       placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/token"
+                                                                       data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: azure_oauth_auto_configure">
+                                                                <label for="azure_oauth_authorize_url">Authorize
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="azure_oauth_authorize_url"
+                                                                       id="azure_oauth_authorize_url"
+                                                                       placeholder="e.g. https://login.microsoftonline.com/{TENANCY_ID}/oauth2/v2.0/authorize"
+                                                                       data-bind="enable: azure_oauth_enabled() && !azure_oauth_auto_configure(), value: azure_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
                                                             <fieldset>
                                                                 <legend>Group Security</legend>
                                                                 <div class="form-group">
@@ -1135,7 +1111,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_admin_group"
                                                                            id="azure_admin_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                           data-error="Please input the ID for Admin group"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_admin_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1146,7 +1121,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_operator_group"
                                                                            id="azure_operator_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                           data-error="Please input the ID for Operator group"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_operator_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1155,7 +1129,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="azure_user_group" id="azure_user_group"
                                                                            placeholder="e.g. 00000000-0000-0000-0000-000000000000"
-                                                                           data-error="Please input the ID for User group"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_sg_enabled(), value: azure_user_group, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1193,7 +1166,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_group_accounts_name"
                                                                            id="azure_group_accounts_name"
                                                                            placeholder="e.g. displayName"
-                                                                           data-error="Please input the Claim for Azure group name"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_name, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1205,7 +1177,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_group_accounts_name_re"
                                                                            id="azure_group_accounts_name_re"
                                                                            placeholder="e.g. (.*)"
-                                                                           data-error="Please input the regex for Azure group name"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_name_re, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1217,7 +1188,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_group_accounts_description"
                                                                            id="azure_group_accounts_description"
                                                                            placeholder="e.g. description. If empty uses whole string"
-                                                                           data-error="Please input the Claim for Azure group description"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_description, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1229,7 +1199,6 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                            name="azure_group_accounts_description_re"
                                                                            id="azure_group_accounts_description_re"
                                                                            placeholder="e.g. (.*). If empty uses whole string"
-                                                                           data-error="Please input the regex for Azure group description"
                                                                            data-bind="enable: azure_oauth_enabled() && azure_group_accounts_enabled(), value: azure_group_accounts_description_re, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1238,199 +1207,194 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
+                                                </div>
+                                                <!-- /.col -->
 
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <p>Fill in all the fields in the left form.</p>
-                                                        <p>You first need to define an Application Registration in your
-                                                            Azure
-                                                            Active Directory, with the appropriate HTTPS URL for this
-                                                            endpoint,
-                                                            and with the appropriate rights, as explained in the
-                                                            documentation.</p>
-                                                        <p>
-                                                        <ul>
-                                                            <li>Under the Azure Active Directory, select App
-                                                                Registrations, and
-                                                                create a new one. Give it any name you want, and the
-                                                                Redirect
-                                                                URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b>
-                                                                (replace the host name approriately).
-                                                            </li>
-                                                            <li>Select the newly-created registration</li>
-                                                            <li>On the Overview page, the Application ID is your new
-                                                                Client ID
-                                                                to use with PowerDNS-Admin
-                                                            </li>
-                                                            <li>On the Overview page, make a note of your
-                                                                Directory/Tenant ID -
-                                                                you need it for the API URLs later
-                                                            </li>
-                                                            <li>Ensure Access Tokens are enabled in the Authentication
-                                                                section
-                                                            </li>
-                                                            <li>Under Certificates and Secrets, create a new Client
-                                                                Secret. Note
-                                                                this secret as it is the new Client Secret to use with
-                                                                PowerDNS-Admin
-                                                            </li>
-                                                            <li>Under API Permissions, you need to add permissions. Add
-                                                                permissions for Graph API, Delegated. Add: email,
-                                                                openid,
-                                                                profile, GroupMember.Read, User.Read and possibly
-                                                                User.Read.All.
-                                                                You then need to grant admin approval for your
-                                                                organisation.
-                                                            </li>
-                                                            <li>For the Scope, use <b>User.Read openid mail profile</b>
-                                                            </li>
-                                                            <li>Replace the [tenantID] in the default URLs for authorize
-                                                                and
-                                                                token with your Tenant ID.
-                                                            </li>
-                                                        </ul>
-                                                        </p>
-                                                        <p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled,
-                                                            Accounts will
-                                                            be created automatically based on group membership. If an
-                                                            Account
-                                                            exists, an authenticated user with group membership is added
-                                                            to the
-                                                            Account</p>
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <p>Fill in all the fields in the left form.</p>
+                                                            <p>You first need to define an Application Registration in
+                                                                your
+                                                                Azure
+                                                                Active Directory, with the appropriate HTTPS URL for
+                                                                this
+                                                                endpoint,
+                                                                and with the appropriate rights, as explained in the
+                                                                documentation.</p>
+                                                            <p>
+                                                            <ul>
+                                                                <li>Under the Azure Active Directory, select App
+                                                                    Registrations, and
+                                                                    create a new one. Give it any name you want, and the
+                                                                    Redirect
+                                                                    URI shoule be type 'Web' and of the format <b>https://powerdnsadmin/azure/authorized</b>
+                                                                    (replace the host name approriately).
+                                                                </li>
+                                                                <li>Select the newly-created registration</li>
+                                                                <li>On the Overview page, the Application ID is your new
+                                                                    Client ID
+                                                                    to use with PowerDNS-Admin
+                                                                </li>
+                                                                <li>On the Overview page, make a note of your
+                                                                    Directory/Tenant ID -
+                                                                    you need it for the API URLs later
+                                                                </li>
+                                                                <li>Ensure Access Tokens are enabled in the
+                                                                    Authentication
+                                                                    section
+                                                                </li>
+                                                                <li>Under Certificates and Secrets, create a new Client
+                                                                    Secret. Note
+                                                                    this secret as it is the new Client Secret to use
+                                                                    with
+                                                                    PowerDNS-Admin
+                                                                </li>
+                                                                <li>Under API Permissions, you need to add permissions.
+                                                                    Add
+                                                                    permissions for Graph API, Delegated. Add: email,
+                                                                    openid,
+                                                                    profile, GroupMember.Read, User.Read and possibly
+                                                                    User.Read.All.
+                                                                    You then need to grant admin approval for your
+                                                                    organisation.
+                                                                </li>
+                                                                <li>For the Scope, use <b>User.Read openid mail
+                                                                    profile</b>
+                                                                </li>
+                                                                <li>Replace the [tenantID] in the default URLs for
+                                                                    authorize
+                                                                    and
+                                                                    token with your Tenant ID.
+                                                                </li>
+                                                            </ul>
+                                                            </p>
+                                                            <p>If <b>AZURE GROUP ACCOUNT SYNC/CREATION</b> is enabled,
+                                                                Accounts will
+                                                                be created automatically based on group membership. If
+                                                                an
+                                                                Account
+                                                                exists, an authenticated user with group membership is
+                                                                added
+                                                                to the
+                                                                Account</p>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
-                                    <div data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
-                                        <div class="row">
-                                            <div class="col-12 col-sm-6 col-lg-4">
-                                                <form role="form" method="post" data-toggle="validator">
-                                                    <input type="hidden" name="_csrf_token" value="{{ csrf_token() }}">
-                                                    <input type="hidden" value="oidc" name="config_tab"/>
+                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
+                                            <div class="row">
+                                                <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
                                                         <div class="card-header">
                                                             <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                         </div>
                                                         <!-- /.card-header -->
                                                         <div class="card-body">
-                                                            <fieldset>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox" id="oidc_oauth_enabled"
-                                                                           name="oidc_oauth_enabled" class="checkbox"
-                                                                           data-bind="checked: oidc_oauth_enabled">
-                                                                    <label for="oidc_oauth_enabled">Enable OpenID
-                                                                        Connect
-                                                                        OAuth</label>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_key">Client ID</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_key" id="oidc_oauth_key"
-                                                                           placeholder="OIDC OAuth Client ID"
-                                                                           data-error="Please input Client ID"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_key, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_secret">Client Secret</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_secret"
-                                                                           id="oidc_oauth_secret"
-                                                                           placeholder="OIDC OAuth Client Secret"
-                                                                           data-error="Please input Client Secret"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_secret, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_scope">Scope</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_scope" id="oidc_oauth_scope"
-                                                                           placeholder="e.g. email"
-                                                                           data-error="Please input scope"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_scope, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_api_url">API URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_api_url"
-                                                                           id="oidc_oauth_api_url"
-                                                                           placeholder="e.g. https://api.oidc.com/user"
-                                                                           data-error="Please input API URL"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_api_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <input type="checkbox"
-                                                                           id="oidc_oauth_auto_configure"
-                                                                           name="oidc_oauth_auto_configure"
-                                                                           class="checkbox"
-                                                                           data-bind="checked: oidc_oauth_auto_configure">
-                                                                    <label for="oidc_oauth_auto_configure">Enable OIDC
-                                                                        OAuth Auto-Configuration</label>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="visible: oidc_oauth_auto_configure">
-                                                                    <label for="oidc_oauth_metadata_url">Metadata
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_metadata_url"
-                                                                           id="oidc_oauth_metadata_url"
-                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/.well-known/openid-configuration"
-                                                                           data-error="Please input Metadata URL"
-                                                                           data-bind="enable: oidc_oauth_enabled() && oidc_oauth_auto_configure(), value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: oidc_oauth_auto_configure">
-                                                                    <label for="oidc_oauth_token_url">Token URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_token_url"
-                                                                           id="oidc_oauth_token_url"
-                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/access_token"
-                                                                           data-error="Please input Token URL"
-                                                                           data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group"
-                                                                     data-bind="hidden: oidc_oauth_auto_configure">
-                                                                    <label for="oidc_oauth_authorize_url">Authorize
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_authorize_url"
-                                                                           id="oidc_oauth_authorize_url"
-                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/authorize"
-                                                                           data-error="Please input Authorize URL"
-                                                                           data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_authorize_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                                <div class="form-group">
-                                                                    <label for="oidc_oauth_logout_url">Logout
-                                                                        URL</label>
-                                                                    <input type="text" class="form-control"
-                                                                           name="oidc_oauth_logout_url"
-                                                                           id="oidc_oauth_logout_url"
-                                                                           placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/logout"
-                                                                           data-error="Please input Logout URL"
-                                                                           data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_logout_url, valueUpdate: 'afterkeydown'">
-                                                                    <span class="help-block with-errors"></span>
-                                                                </div>
-                                                            </fieldset>
+                                                            <div class="form-group">
+                                                                <input type="checkbox" id="oidc_oauth_enabled"
+                                                                       name="oidc_oauth_enabled" class="checkbox"
+                                                                       data-bind="checked: oidc_oauth_enabled">
+                                                                <label for="oidc_oauth_enabled">Enable OpenID
+                                                                    Connect
+                                                                    OAuth</label>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="oidc_oauth_key">Client ID</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_key" id="oidc_oauth_key"
+                                                                       placeholder="OIDC OAuth Client ID"
+                                                                       data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_key, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="oidc_oauth_secret">Client Secret</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_secret"
+                                                                       id="oidc_oauth_secret"
+                                                                       placeholder="OIDC OAuth Client Secret"
+                                                                       data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_secret, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="oidc_oauth_scope">Scope</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_scope" id="oidc_oauth_scope"
+                                                                       placeholder="e.g. email"
+                                                                       data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_scope, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="oidc_oauth_api_url">API URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_api_url"
+                                                                       id="oidc_oauth_api_url"
+                                                                       placeholder="e.g. https://api.oidc.com/user"
+                                                                       data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_api_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <input type="checkbox"
+                                                                       id="oidc_oauth_auto_configure"
+                                                                       name="oidc_oauth_auto_configure"
+                                                                       class="checkbox"
+                                                                       data-bind="checked: oidc_oauth_auto_configure">
+                                                                <label for="oidc_oauth_auto_configure">Enable OIDC
+                                                                    OAuth Auto-Configuration</label>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="visible: oidc_oauth_auto_configure">
+                                                                <label for="oidc_oauth_metadata_url">Metadata
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_metadata_url"
+                                                                       id="oidc_oauth_metadata_url"
+                                                                       placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/.well-known/openid-configuration"
+                                                                       data-bind="enable: oidc_oauth_enabled() && oidc_oauth_auto_configure(), value: oidc_oauth_metadata_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: oidc_oauth_auto_configure">
+                                                                <label for="oidc_oauth_token_url">Token URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_token_url"
+                                                                       id="oidc_oauth_token_url"
+                                                                       placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/access_token"
+                                                                       data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_token_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group"
+                                                                 data-bind="hidden: oidc_oauth_auto_configure">
+                                                                <label for="oidc_oauth_authorize_url">Authorize
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_authorize_url"
+                                                                       id="oidc_oauth_authorize_url"
+                                                                       placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/authorize"
+                                                                       data-bind="enable: oidc_oauth_enabled() && !oidc_oauth_auto_configure(), value: oidc_oauth_authorize_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
+                                                            <div class="form-group">
+                                                                <label for="oidc_oauth_logout_url">Logout
+                                                                    URL</label>
+                                                                <input type="text" class="form-control"
+                                                                       name="oidc_oauth_logout_url"
+                                                                       id="oidc_oauth_logout_url"
+                                                                       placeholder="e.g. https://{YOUR_DOMAIN}/login/oauth/logout"
+                                                                       data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_logout_url, valueUpdate: 'afterkeydown'">
+                                                                <span class="help-block with-errors"></span>
+                                                            </div>
                                                             <fieldset>
                                                                 <legend>Claims</legend>
                                                                 <div class="form-group">
@@ -1439,7 +1403,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_username"
                                                                            id="oidc_oauth_username"
                                                                            placeholder="e.g. preferred_username"
-                                                                           data-error="Please input Username claim"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_username, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1448,7 +1411,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                     <input type="text" class="form-control"
                                                                            name="oidc_oauth_email" id="oidc_oauth_email"
                                                                            placeholder="e.g. email"
-                                                                           data-error="Please input Email claim"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_email, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1458,7 +1420,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_firstname"
                                                                            id="oidc_oauth_firstname"
                                                                            placeholder="e.g. given_name"
-                                                                           data-error="Please input First Name claim"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_firstname, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1468,7 +1429,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_last_name"
                                                                            id="oidc_oauth_last_name"
                                                                            placeholder="e.g. family_name"
-                                                                           data-error="Please input Last Name claim"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_last_name, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1482,7 +1442,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_account_name_property"
                                                                            id="oidc_oauth_account_name_property"
                                                                            placeholder="e.g. account_name"
-                                                                           data-error="Please input property containing account_name"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_account_name_property, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1494,7 +1453,6 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                            name="oidc_oauth_account_description_property"
                                                                            id="oidc_oauth_account_description_property"
                                                                            placeholder="e.g. account_description"
-                                                                           data-error="Please input property containing account_description"
                                                                            data-bind="enable: oidc_oauth_enabled, value: oidc_oauth_account_description_property, valueUpdate: 'afterkeydown'">
                                                                     <span class="help-block with-errors"></span>
                                                                 </div>
@@ -1503,43 +1461,44 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                         <!-- /.card-body -->
                                                     </div>
                                                     <!-- /.card -->
-                                                </form>
-                                            </div>
-                                            <!-- /.col -->
-                                            <div class="col-12 col-sm-6 col-lg-8">
-                                                <div class="card">
-                                                    <div class="card-header">
-                                                        <h3 class="card-title">Settings Help</h3>
-                                                    </div>
-                                                    <!-- /.card-header -->
-                                                    <div class="card-body">
-                                                        <p>Fill in all the fields in the left form.</p>
+                                                </div>
+                                                <!-- /.col -->
+                                                <div class="col-12 col-sm-6 col-lg-8">
+                                                    <div class="card">
+                                                        <div class="card-header">
+                                                            <h3 class="card-title">Settings Help</h3>
+                                                        </div>
+                                                        <!-- /.card-header -->
+                                                        <div class="card-body">
+                                                            <p>Fill in all the fields in the left form.</p>
+                                                        </div>
+                                                        <!-- /.card-body -->
                                                     </div>
-                                                    <!-- /.card-body -->
+                                                    <!-- /.card -->
                                                 </div>
-                                                <!-- /.card -->
+                                                <!-- /.col -->
                                             </div>
-                                            <!-- /.col -->
+                                            <!-- /.row -->
                                         </div>
-                                        <!-- /.row -->
-                                    </div>
-                                    <!-- /.tab-pane -->
+                                        <!-- /.tab-pane -->
 
+                                    </div>
+                                    <!-- /.tab-content -->
                                 </div>
-                                <!-- /.tab-content -->
+                                <!-- /.nav-tabs-custom -->
                             </div>
-                            <!-- /.nav-tabs-custom -->
-                        </div>
-                        <!-- /.card-body -->
-                        <div class="card-footer">
-                            <button type="button" class="btn btn-primary"
-                                    title="Save Settings" data-bind="click: onSaveClick">
-                                <i class="fa-solid fa-save"></i>&nbsp;Save Settings
-                            </button>
+                            <!-- /.card-body -->
+                            <div class="card-footer">
+                                <div class="error"></div>
+                                <button type="button" class="btn btn-primary"
+                                        title="Save Settings" data-bind="click: onSaveClick">
+                                    <i class="fa-solid fa-save"></i>&nbsp;Save Settings
+                                </button>
+                            </div>
+                            <!-- /.card-footer -->
                         </div>
-                        <!-- /.card-footer -->
-                    </div>
-                    <!-- /.card -->
+                        <!-- /.card -->
+                    </form>
                 </div>
                 <!-- /.col -->
             </div>
@@ -1549,6 +1508,12 @@ <h3 class="card-title">Settings Help</h3>
     </section>
 {% endblock %}
 
+{% block head_styles %}
+    <style type="text/css">
+        .error { color: red; }
+    </style>
+{% endblock %}
+
 {% block extrascripts %}
     {% assets "js_validation" -%}
         <script type="text/javascript" src="{{ ASSET_URL }}"></script>
@@ -1565,334 +1530,6 @@ <h3 class="card-title">Settings Help</h3>
             model.init(true);
         })
     </script>
-
-    <script>
-        /*
-         * Old Legacy Code
-         */
-
-        function ldapSelection() {
-            if (document.getElementById('ldap_type_openldap').checked) {
-                document.getElementById('ldap_openldap_fields').style.display = 'block';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'block';
-                document.getElementById('ldap_ad_fields').style.display = 'none';
-            } else {
-                document.getElementById('ldap_openldap_fields').style.display = 'none';
-                document.getElementById('ldap_openldap_group_filters').style.display = 'none';
-                document.getElementById('ldap_ad_fields').style.display = 'block';
-            }
-        }
-
-        // START: LDAP tab js
-        // update validation requirement when checkbox is togged
-        $('#ldap_enabled').on('ifChanged', function (e) {
-            var is_enabled = e.currentTarget.checked;
-            if (is_enabled) {
-                $('#ldap_uri').prop('required', true);
-                $('#ldap_base_dn').prop('required', true);
-                if ($('#ldap').is(":checked")) {
-                    $('#ldap_admin_username').prop('required', true);
-                    $('#ldap_admin_password').prop('required', true);
-                    $('#ldap_domain').prop('required', false);
-                    $('#ldap_filter_group').prop('required', true);
-                    $('#ldap_filter_groupname').prop('required', true);
-                } else {
-                    $('#ldap_admin_username').prop('required', false);
-                    $('#ldap_admin_password').prop('required', false);
-                    $('#ldap_domain').prop('required', true);
-                    $('#ldap_filter_group').prop('required', false);
-                    $('#ldap_filter_groupname').prop('required', false);
-                }
-                $('#ldap_filter_basic').prop('required', true);
-                $('#ldap_filter_username').prop('required', true);
-
-                if ($('#ldap_sg_on').is(":checked")) {
-                    $('#ldap_admin_group').prop('required', true);
-                    $('#ldap_operator_group').prop('required', true);
-                    $('#ldap_user_group').prop('required', true);
-                }
-                if ($('#autoprovisioning').is(":checked")) {
-                    $('#autoprovisioning_attribute').prop('required', true);
-                    $('#urn_value').prop('required', true);
-                }
-            } else {
-                $('#ldap_uri').prop('required', false);
-                $('#ldap_base_dn').prop('required', false);
-                $('#ldap_admin_username').prop('required', false);
-                $('#ldap_admin_password').prop('required', false);
-                $('#ldap_filter_basic').prop('required', false);
-                $('#ldap_filter_group').prop('required', false);
-                $('#ldap_filter_username').prop('required', false);
-                $('#ldap_filter_groupname').prop('required', false);
-
-                if ($('#ldap_sg_on').is(":checked")) {
-                    $('#ldap_admin_group').prop('required', false);
-                    $('#ldap_operator_group').prop('required', false);
-                    $('#ldap_user_group').prop('required', false);
-                }
-                if ($('#autoprovisioning').is(":checked")) {
-                    $('#autoprovisioning_attribute').prop('required', false);
-                    $('#urn_value').prop('required', true);
-                }
-            }
-        });
-
-        $("input[name='ldap_sg_enabled']").change(function () {
-            if ($('#ldap_sg_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
-                $('#ldap_admin_group').prop('required', true);
-                $('#ldap_operator_group').prop('required', true);
-                $('#ldap_user_group').prop('required', true);
-            } else {
-                $('#ldap_admin_group').prop('required', false);
-                $('#ldap_operator_group').prop('required', false);
-                $('#ldap_user_group').prop('required', false);
-            }
-
-            if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")) {
-                document.getElementById('ldap_sg_on').checked = false;
-                document.getElementById('ldap_sg_off').checked = true;
-                var modal = $("#modal_warning");
-
-                var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Advance:Autoprovisioning first";
-                modal.find('.modal-body p').text(info);
-                modal.find('#button_warning_confirm').click(function () {
-                    modal.modal('hide');
-                })
-                modal.find('#warning_X').click(function () {
-                    modal.modal('hide');
-                })
-                modal.modal('show');
-            }
-        });
-
-        $("input[name='autoprovisioning']").change(function () {
-            if ($('#autoprovisioning_on').is(":checked") && $('#ldap_enabled').is(":checked")) {
-                $('#autoprovisioning_attribute').prop('required', true);
-                $('#urn_value').prop('required', true);
-                $('#purge').prop('required', true);
-            } else {
-                $('#autoprovisioning_attribute').prop('required', false);
-                $('#urn_value').prop('required', false);
-                $('#purge').prop('required', false);
-            }
-            if ($('#ldap_sg_on').is(":checked") && $('#autoprovisioning_on').is(":checked")) {
-                document.getElementById('autoprovisioning_on').checked = false;
-                document.getElementById('autoprovisioning_off').checked = true;
-                var modal = $("#modal_warning");
-                var info = "Group Security:Status and Advance:Autoprovisioning can not be both enabled at the same time. Please turn off Group Security:Status first";
-                modal.find('.modal-body p').text(info);
-                modal.find('#button_warning_confirm').click(function () {
-
-                    modal.modal('hide');
-                })
-                modal.find('#warning_X').click(function () {
-                    modal.modal('hide');
-                })
-                modal.modal('show');
-
-            }
-        });
-
-        $("input[name='purge']").change(function () {
-            if ($("#purge_on").is(":checked")) {
-                document.getElementById('purge_on').checked = false;
-                document.getElementById('purge_off').checked = true;
-                var modal = $("#modal_confirm");
-                var info = "Are you sure you want to do this? Users will lose their associated zones unless they already have their autoprovisioning field prepopulated.";
-                modal.find('.modal-body p').text(info);
-                modal.find('#button_confirm').click(function () {
-                    document.getElementById('purge_on').checked = true;
-                    document.getElementById('purge_off').checked = false;
-                    modal.modal('hide');
-                })
-                modal.find('#button_cancel').click(function () {
-                    modal.modal('hide');
-                })
-                modal.find('#X').click(function () {
-                    modal.modal('hide');
-                })
-                modal.modal('show');
-            }
-        });
-
-        $("input[name='ldap_type']").change(function () {
-            if ($('#ldap_type_openldap').is(":checked") && $('#ldap_enabled').is(":checked")) {
-                $('#ldap_admin_group').prop('required', true);
-                $('#ldap_operator_group').prop('required', true);
-                $('#ldap_user_group').prop('required', true);
-                $('#ldap_domain').prop('required', false);
-            } else {
-                $('#ldap_admin_group').prop('required', false);
-                $('#ldap_operator_group').prop('required', false);
-                $('#ldap_user_group').prop('required', false);
-                $('#ldap_domain').prop('required', true);
-            }
-        });
-
-        // init validation requirement at first time page load
-        {% if SETTING.get('ldap_enabled') %}
-            $('#ldap_uri').prop('required', true);
-            $('#ldap_base_dn').prop('required', true);
-            if ($('#ldap_type_openldap').is(":checked")) {
-                $('#ldap_admin_username').prop('required', true);
-                $('#ldap_admin_password').prop('required', true);
-                $('#ldap_domain').prop('required', false);
-            } else {
-                $('#ldap_admin_username').prop('required', false);
-                $('#ldap_admin_password').prop('required', false);
-                $('#ldap_domain').prop('required', true);
-            }
-            $('#ldap_filter_basic').prop('required', true);
-            $('#ldap_filter_group').prop('required', true);
-            $('#ldap_filter_username').prop('required', true);
-            $('#ldap_filter_groupname').prop('required', true);
-
-            if ($('#autoprovisioning_on').is(":checked")) {
-                $('#autoprovisioning_attribute').prop('required', true);
-                $('#urn_value').prop('required', true);
-            }
-
-        {% endif %}
-
-        // END: LDAP tab js
-
-        // START: Google tab js
-        // update validation requirement when checkbox is togged
-        $('#google_oauth_enabled').on('ifChanged', function (e) {
-            var is_enabled = e.currentTarget.checked;
-            if (is_enabled) {
-                $('#google_oauth_client_id').prop('required', true);
-                $('#google_oauth_client_secret').prop('required', true);
-                $('#google_token_url').prop('required', true);
-                $('#google_oauth_scope').prop('required', true);
-                $('#google_authorize_url').prop('required', true);
-                $('#google_base_url').prop('required', true);
-            } else {
-                $('#google_oauth_client_id').prop('required', false);
-                $('#google_oauth_client_secret').prop('required', false);
-                $('#google_token_url').prop('required', false);
-                $('#google_oauth_scope').prop('required', false);
-                $('#google_authorize_url').prop('required', false);
-                $('#google_base_url').prop('required', false);
-            }
-        });
-
-        // init validation requirement at first time page load
-        {% if SETTING.get('google_oauth_enabled') %}
-            $('#google_oauth_client_id').prop('required', true);
-            $('#google_oauth_client_secret').prop('required', true);
-            $('#google_token_url').prop('required', true);
-            $('#google_oauth_scope').prop('required', true);
-            $('#google_authorize_url').prop('required', true);
-            $('#google_base_url').prop('required', true);
-        {% endif %}
-        // END: Google tab js
-
-        // START: Github tab js
-        // update validation requirement when checkbox is togged
-        $('#github_oauth_enabled').on('ifChanged', function (e) {
-            var is_enabled = e.currentTarget.checked;
-            if (is_enabled) {
-                $('#github_oauth_key').prop('required', true);
-                $('#github_oauth_secret').prop('required', true);
-                $('#github_oauth_scope').prop('required', true);
-                $('#github_oauth_api_url').prop('required', true);
-                $('#github_oauth_token_url').prop('required', true);
-                $('#github_oauth_authorize_url').prop('required', true);
-            } else {
-                $('#github_oauth_key').prop('required', false);
-                $('#github_oauth_secret').prop('required', false);
-                $('#github_oauth_scope').prop('required', false);
-                $('#github_oauth_api_url').prop('required', false);
-                $('#github_oauth_token_url').prop('required', false);
-                $('#github_oauth_authorize_url').prop('required', false);
-            }
-        });
-        // init validation requirement at first time page load
-        {% if SETTING.get('github_oauth_enabled') %}
-            $('#github_oauth_key').prop('required', true);
-            $('#github_oauth_secret').prop('required', true);
-            $('#github_oauth_scope').prop('required', true);
-            $('#github_oauth_api_url').prop('required', true);
-            $('#github_oauth_token_url').prop('required', true);
-            $('#github_oauth_authorize_url').prop('required', true);
-        {% endif %}
-        // END: Github tab js
-
-        // START: Azure tab js
-        // update validation requirement when checkbox is togged
-        $('#azure_oauth_enabled').on('ifChanged', function (e) {
-            var is_enabled = e.currentTarget.checked;
-            if (is_enabled) {
-                $('#azure_oauth_key').prop('required', true);
-                $('#azure_oauth_secret').prop('required', true);
-                $('#azure_oauth_scope').prop('required', true);
-                $('#azure_oauth_api_url').prop('required', true);
-                $('#azure_oauth_token_url').prop('required', true);
-                $('#azure_oauth_authorize_url').prop('required', true);
-            } else {
-                $('#azure_oauth_key').prop('required', false);
-                $('#azure_oauth_secret').prop('required', false);
-                $('#azure_oauth_scope').prop('required', false);
-                $('#azure_oauth_api_url').prop('required', false);
-                $('#azure_oauth_token_url').prop('required', false);
-                $('#azure_oauth_authorize_url').prop('required', false);
-            }
-        });
-        // init validation requirement at first time page load
-        {% if SETTING.get('azure_oauth_enabled') %}
-            $('#azure_oauth_key').prop('required', true);
-            $('#azure_oauth_secret').prop('required', true);
-            $('#azure_oauth_scope').prop('required', true);
-            $('#azure_oauth_api_url').prop('required', true);
-            $('#azure_oauth_token_url').prop('required', true);
-            $('#azure_oauth_authorize_url').prop('required', true);
-        {% endif %}
-        // END: Azure tab js
-
-        // START: OIDC tab js
-        $('#oidc_oauth_enabled').on('ifChanged', function (e) {
-            var is_enabled = e.currentTarget.checked;
-            if (is_enabled) {
-                $('#oidc_oauth_key').prop('required', true);
-                $('#oidc_oauth_secret').prop('required', true);
-                $('#oidc_oauth_scope').prop('required', true);
-                $('#oidc_oauth_api_url').prop('required', true);
-                $('#oidc_oauth_token_url').prop('required', true);
-                $('#oidc_oauth_authorize_url').prop('required', true);
-                $('#oidc_oauth_username').prop('required', true);
-                $('#oidc_oauth_firstname').prop('required', true);
-                $('#oidc_oauth_last_name').prop('required', true);
-                $('#oidc_oauth_email').prop('required', true);
-            } else {
-                $('#oidc_oauth_key').prop('required', false);
-                $('#oidc_oauth_secret').prop('required', false);
-                $('#oidc_oauth_scope').prop('required', false);
-                $('#oidc_oauth_api_url').prop('required', false);
-                $('#oidc_oauth_token_url').prop('required', false);
-                $('#oidc_oauth_authorize_url').prop('required', false);
-                $('#oidc_oauth_username').prop('required', false);
-                $('#oidc_oauth_firstname').prop('required', false);
-                $('#oidc_oauth_last_name').prop('required', false);
-                $('#oidc_oauth_email').prop('required', false);
-            }
-        });
-        // init validation requirement at first time page load
-        {% if SETTING.get('oidc_oauth_enabled') %}
-            $('#oidc_oauth_key').prop('required', true);
-            $('#oidc_oauth_secret').prop('required', true);
-            $('#oidc_oauth_scope').prop('required', true);
-            $('#oidc_oauth_api_url').prop('required', true);
-            $('#oidc_oauth_token_url').prop('required', true);
-            $('#oidc_oauth_authorize_url').prop('required', true);
-            $('#oidc_oauth_username').prop('required', true);
-            $('#oidc_oauth_firstname').prop('required', true);
-            $('#oidc_oauth_last_name').prop('required', true);
-            $('#oidc_oauth_email').prop('required', true);
-        {% endif %}
-        //END: OIDC Tab JS
-
-    </script>
 {% endblock %}
 
 {% block modals %}

From cf62890fcf96136a969f5e1f006240812810bbb8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 17:28:54 -0400
Subject: [PATCH 412/475] Working on implementing the jQuery Validation plugin
 for the authentication settings editor.

---
 .../js/app-authentication-settings-editor.js  | 121 +++++++++++++++++-
 .../admin_setting_authentication.html         |  24 ++--
 2 files changed, 132 insertions(+), 13 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index 72d154278..0fa6aa2b2 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -267,6 +267,38 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
             return self.ldap_enabled() === 1 && self.autoprovisioning() === 1;
         }
 
+        let google_oauth_auto_configure_enabled = function (element) {
+            return self.google_oauth_enabled() && self.google_oauth_auto_configure();
+        }
+
+        let google_oauth_auto_configure_disabled = function (element) {
+            return self.google_oauth_enabled() && !self.google_oauth_auto_configure();
+        }
+
+        let github_oauth_auto_configure_enabled = function (element) {
+            return self.github_oauth_enabled() && self.github_oauth_auto_configure();
+        }
+
+        let github_oauth_auto_configure_disabled = function (element) {
+            return self.github_oauth_enabled() && !self.github_oauth_auto_configure();
+        }
+
+        let azure_oauth_auto_configure_enabled = function (element) {
+            return self.azure_oauth_enabled() && self.azure_oauth_auto_configure();
+        }
+
+        let azure_oauth_auto_configure_disabled = function (element) {
+            return self.azure_oauth_enabled() && !self.azure_oauth_auto_configure();
+        }
+
+        let oidc_oauth_auto_configure_enabled = function (element) {
+            return self.oidc_oauth_enabled() && self.oidc_oauth_auto_configure();
+        }
+
+        let oidc_oauth_auto_configure_disabled = function (element) {
+            return self.oidc_oauth_enabled() && !self.oidc_oauth_auto_configure();
+        }
+
         jQuery.validator.addMethod('auth_enabled', auth_enabled, 'At least one authentication method must be enabled.');
         jQuery.validator.addMethod('ldap_exclusive', ldap_exclusive, 'The LDAP group security and role auto-provisioning features are mutually exclusive.');
 
@@ -275,6 +307,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         ];
 
         $(selector).validate({
+            ignore: '',
             errorPlacement: function (error, element) {
                 let useFooter = false;
                 for (let i = 0; i < footerErrorElements.length; i++) {
@@ -413,8 +446,94 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
                     maxlength: 100,
                 },
                 purge: ldap_enabled,
+                google_oauth_client_id: {
+                    required: google_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                google_oauth_client_secret: {
+                    required: google_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                google_oauth_scope: {
+                    required: google_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                google_base_url: {
+                    required: google_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                google_oauth_metadata_url: {
+                    required: google_oauth_auto_configure_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                google_token_url: {
+                    required: google_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                google_authorize_url: {
+                    required: google_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                github_oauth_key: {
+                    required: github_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                github_oauth_secret: {
+                    required: github_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                github_oauth_scope: {
+                    required: github_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                github_oauth_api_url: {
+                    required: github_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                github_oauth_metadata_url: {
+                    required: github_oauth_auto_configure_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                github_oauth_token_url: {
+                    required: github_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                github_oauth_authorize_url: {
+                    required: github_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+
+            },
+            messages: {
+                ldap_sg_enabled: {
+                    ldap_exclusive: 'The LDAP group security feature is mutually exclusive with the LDAP role auto-provisioning feature.',
+                },
+                autoprovisioning: {
+                    ldap_exclusive: 'The LDAP role auto-provisioning feature is mutually exclusive with the LDAP group security feature.',
+                },
             },
-            messages: {},
         });
     }
 
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 2729ed7f2..7c031db82 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -89,7 +89,7 @@ <h3 class="card-title">Settings Editor</h3>
                                     </ul>
                                     <div class="tab-content">
 
-                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
+                                        <div data-tab="local" data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -280,7 +280,7 @@ <h4>Password Requirements</h4>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
+                                        <div data-tab="ldap" data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     {% if error %}
@@ -744,7 +744,7 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div
+                                        <div data-tab="google"
                                             data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
@@ -803,7 +803,7 @@ <h3 class="card-title">Google OAuth Settings</h3>
                                                                        id="google_oauth_auto_configure"
                                                                        name="google_oauth_auto_configure"
                                                                        class="checkbox"
-                                                                       data-bind="checked: google_oauth_auto_configure">
+                                                                       data-bind="enable: google_oauth_enabled, checked: google_oauth_auto_configure">
                                                                 <label for="google_oauth_auto_configure">Enable
                                                                     Google
                                                                     OAuth Auto-Configuration</label>
@@ -869,7 +869,7 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div
+                                        <div data-tab="github"
                                             data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
@@ -927,7 +927,7 @@ <h3 class="card-title">GitHub OAuth Settings</h3>
                                                                        id="github_oauth_auto_configure"
                                                                        name="github_oauth_auto_configure"
                                                                        class="checkbox"
-                                                                       data-bind="checked: github_oauth_auto_configure">
+                                                                       data-bind="enable: github_oauth_enabled, checked: github_oauth_auto_configure">
                                                                 <label for="github_oauth_auto_configure">Enable
                                                                     GitHub
                                                                     OAuth Auto-Configuration</label>
@@ -991,7 +991,7 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
+                                        <div data-tab="azure" data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -1049,7 +1049,7 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                        id="azure_oauth_auto_configure"
                                                                        name="azure_oauth_auto_configure"
                                                                        class="checkbox"
-                                                                       data-bind="checked: azure_oauth_auto_configure">
+                                                                       data-bind="enable: azure_oauth_enabled, checked: azure_oauth_auto_configure">
                                                                 <label for="azure_oauth_auto_configure">Enable Azure
                                                                     OAuth Auto-Configuration</label>
                                                             </div>
@@ -1293,7 +1293,7 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
+                                        <div data-tab="oidc" data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -1349,7 +1349,7 @@ <h3 class="card-title">OpenID Connect OAuth Settings</h3>
                                                                        id="oidc_oauth_auto_configure"
                                                                        name="oidc_oauth_auto_configure"
                                                                        class="checkbox"
-                                                                       data-bind="checked: oidc_oauth_auto_configure">
+                                                                       data-bind="enable: oidc_oauth_enabled, checked: oidc_oauth_auto_configure">
                                                                 <label for="oidc_oauth_auto_configure">Enable OIDC
                                                                     OAuth Auto-Configuration</label>
                                                             </div>
@@ -1509,8 +1509,8 @@ <h3 class="card-title">Settings Help</h3>
 {% endblock %}
 
 {% block head_styles %}
-    <style type="text/css">
-        .error { color: red; }
+    <style>
+        .error { color: red!important; }
     </style>
 {% endblock %}
 

From ea10b814d6377541ab84dc683795210aaa677edd Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 18:35:25 -0400
Subject: [PATCH 413/475] Working on implementing the jQuery Validation plugin
 for the authentication settings editor.

---
 .../js/app-authentication-settings-editor.js  | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index 0fa6aa2b2..27eac0224 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -323,6 +323,26 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
                     element.after(error);
                 }
             },
+            showErrors: function (errorMap, errorList) {
+                this.defaultShowErrors();
+                let selectors = [
+                    'input.error:not([disabled])',
+                    'select.error:not([disabled])',
+                    'textarea.error:not([disabled])',
+                ];
+                let selector_query = selectors.join(',');
+                let tabs = target.find('.tab-content > *[data-tab]')
+                tabs.each(function (index, tab) {
+                    tab = $(tab);
+                    let tabId = tab.data('tab');
+                    let tabLink = target.find('.nav-tabs > li > a[data-tab="' + tabId + '"]');
+                    if (tab.find(selector_query).length > 0) {
+                        tabLink.addClass('error');
+                    } else {
+                        tabLink.removeClass('error');
+                    }
+                });
+            },
             rules: {
                 local_db_enabled: 'auth_enabled',
                 ldap_enabled: 'auth_enabled',

From e132ced6696659d246643299bd49b2367b4acd39 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 19:29:18 -0400
Subject: [PATCH 414/475] Completed first pass at the jQuery Validation
 implementation for the authentication settings editor.

---
 .../js/app-authentication-settings-editor.js  | 193 ++++++++++++++++--
 1 file changed, 179 insertions(+), 14 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index 27eac0224..fccea974e 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -185,6 +185,25 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
     }
 
     self.setupValidation = function () {
+        let uuidRegExp = /^([0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12})|[0-9]+$/i;
+
+        let footerErrorElements = [
+            'input#local_db_enabled',
+        ];
+
+        let errorCheckSelectors = [
+            'input.error:not([disabled])',
+            'select.error:not([disabled])',
+            'textarea.error:not([disabled])',
+        ];
+
+        let errorCheckQuery = errorCheckSelectors.join(',');
+        let tabs = target.find('.tab-content > *[data-tab]')
+
+        let onElementChanged = function (event) {
+            target.valid();
+        }
+
         let auth_enabled = function (value, element, params) {
             let enabled = 0;
             if (self.local_db_enabled()) {
@@ -219,6 +238,10 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
             return enabled < 2;
         }
 
+        let uuid = function (value, element, params) {
+            return uuidRegExp.test(value);
+        }
+
         let local_enabled = function (element) {
             return self.local_db_enabled();
         };
@@ -267,6 +290,14 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
             return self.ldap_enabled() === 1 && self.autoprovisioning() === 1;
         }
 
+        let azure_gs_enabled = function (element) {
+            return self.azure_oauth_enabled() === 1 && self.azure_sg_enabled() === 1;
+        }
+
+        let azure_gas_enabled = function (element) {
+            return self.azure_oauth_enabled() && self.azure_group_accounts_enabled();
+        }
+
         let google_oauth_auto_configure_enabled = function (element) {
             return self.google_oauth_enabled() && self.google_oauth_auto_configure();
         }
@@ -301,12 +332,9 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
 
         jQuery.validator.addMethod('auth_enabled', auth_enabled, 'At least one authentication method must be enabled.');
         jQuery.validator.addMethod('ldap_exclusive', ldap_exclusive, 'The LDAP group security and role auto-provisioning features are mutually exclusive.');
+        jQuery.validator.addMethod('uuid', uuid, 'A valid UUID is required.');
 
-        let footerErrorElements = [
-            'input#local_db_enabled',
-        ];
-
-        $(selector).validate({
+        target.validate({
             ignore: '',
             errorPlacement: function (error, element) {
                 let useFooter = false;
@@ -325,18 +353,11 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
             },
             showErrors: function (errorMap, errorList) {
                 this.defaultShowErrors();
-                let selectors = [
-                    'input.error:not([disabled])',
-                    'select.error:not([disabled])',
-                    'textarea.error:not([disabled])',
-                ];
-                let selector_query = selectors.join(',');
-                let tabs = target.find('.tab-content > *[data-tab]')
                 tabs.each(function (index, tab) {
                     tab = $(tab);
                     let tabId = tab.data('tab');
                     let tabLink = target.find('.nav-tabs > li > a[data-tab="' + tabId + '"]');
-                    if (tab.find(selector_query).length > 0) {
+                    if (tab.find(errorCheckQuery).length > 0) {
                         tabLink.addClass('error');
                     } else {
                         tabLink.removeClass('error');
@@ -544,7 +565,148 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
                     maxlength: 255,
                     url: true,
                 },
-
+                azure_oauth_key: {
+                    required: azure_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    uuid: true,
+                },
+                azure_oauth_secret: {
+                    required: azure_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                azure_oauth_scope: {
+                    required: azure_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                azure_oauth_api_url: {
+                    required: azure_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                azure_oauth_metadata_url: {
+                    required: azure_oauth_auto_configure_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                azure_oauth_token_url: {
+                    required: azure_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                azure_oauth_authorize_url: {
+                    required: azure_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                azure_sg_enabled: azure_oauth_enabled,
+                azure_admin_group: {
+                    uuid: azure_gs_enabled,
+                },
+                azure_operator_group: {
+                    uuid: azure_gs_enabled,
+                },
+                azure_user_group: {
+                    uuid: azure_gs_enabled,
+                },
+                azure_group_accounts_enabled: azure_oauth_enabled,
+                azure_group_accounts_name: {
+                    required: azure_gas_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                azure_group_accounts_name_re: {
+                    required: azure_gas_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                azure_group_accounts_description: {
+                    required: azure_gas_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                azure_group_accounts_description_re: {
+                    required: azure_gas_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_key: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_secret: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_scope: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_api_url: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                oidc_oauth_metadata_url: {
+                    required: oidc_oauth_auto_configure_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                oidc_oauth_token_url: {
+                    required: oidc_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                oidc_oauth_authorize_url: {
+                    required: oidc_oauth_auto_configure_disabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                oidc_oauth_logout_url: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                    url: true,
+                },
+                oidc_oauth_username: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_email: {
+                    required: oidc_oauth_enabled,
+                    minlength: 1,
+                    maxlength: 255,
+                },
+                oidc_oauth_firstname: {
+                    minlength: 0,
+                    maxlength: 255,
+                },
+                oidc_oauth_last_name: {
+                    minlength: 0,
+                    maxlength: 255,
+                },
+                oidc_oauth_account_name_property: {
+                    minlength: 0,
+                    maxlength: 255,
+                },
+                oidc_oauth_account_description_property: {
+                    minlength: 0,
+                    maxlength: 255,
+                },
             },
             messages: {
                 ldap_sg_enabled: {
@@ -555,6 +717,9 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
                 },
             },
         });
+
+        target.find('input, select, textarea, label').on('change,keyup,blur,click', onElementChanged);
+        target.valid();
     }
 
     self.activateTab = function (tab) {

From 69ce3cb88a57e39d488c149ee6c7272f688227bc Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 19:52:18 -0400
Subject: [PATCH 415/475] Added additional UI alerts / messaging to handle
 success / failure scenarios.

---
 .../js/app-authentication-settings-editor.js  | 58 ++++-------
 .../admin_setting_authentication.html         | 98 +++++++------------
 2 files changed, 58 insertions(+), 98 deletions(-)

diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index fccea974e..fe3a942a1 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -6,6 +6,10 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
     self.selector = selector;
     self.loading = false;
     self.saving = false;
+    self.saved = false;
+    self.save_failed = false;
+    self.messages = [];
+    self.messages_class = 'info';
     self.tab_active = '';
     self.tab_default = 'local';
 
@@ -107,6 +111,10 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
     self.init = function (autoload) {
         self.loading = ko.observable(self.loading);
         self.saving = ko.observable(self.saving);
+        self.saved = ko.observable(self.saved);
+        self.save_failed = ko.observable(self.save_failed);
+        self.messages = ko.observableArray(self.messages);
+        self.messages_class = ko.observable(self.messages_class);
         self.tab_active = ko.observable(self.tab_active);
         self.tab_default = ko.observable(self.tab_default);
         self.update(user_data);
@@ -742,59 +750,33 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
 
     self.onDataLoaded = function (result) {
         if (result.status == 0) {
-            console.log('Error loading settings.');
-
-            if (result.messages.length) {
-                for (let i = 0; i < result.messages.length; i++) {
-                    let message = result.messages[i];
-                    console.log(message);
-                }
-            }
-
+            self.messages_class('danger');
+            self.messages(result.messages);
             self.loading(false);
             return false;
         }
 
         self.update(result.data);
-
-        console.log('Settings loaded.');
-
-        if (result.messages.length) {
-            for (let i = 0; i < result.messages.length; i++) {
-                let message = result.messages[i];
-                console.log(message);
-            }
-        }
-
+        self.messages_class('info');
+        self.messages(result.messages);
         self.loading(false);
     }
 
     self.onDataSaved = function (result) {
         if (result.status == 0) {
-            console.log('Error saving settings.');
-
-            if (result.messages.length) {
-                for (let i = 0; i < result.messages.length; i++) {
-                    let message = result.messages[i];
-                    console.log(message);
-                }
-            }
-
+            self.saved(false);
+            self.save_failed(true);
+            self.messages_class('danger');
+            self.messages(result.messages);
             self.saving(false);
             return false;
         }
 
         self.update(result.data);
-
-        console.log('Settings saved.');
-
-        if (result.messages.length) {
-            for (let i = 0; i < result.messages.length; i++) {
-                let message = result.messages[i];
-                console.log(message);
-            }
-        }
-
+        self.saved(true);
+        self.save_failed(false);
+        self.messages_class('info');
+        self.messages(result.messages);
         self.saving(false);
     }
 
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index 7c031db82..e7984bca5 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -40,16 +40,33 @@ <h3 class="card-title">Settings Editor</h3>
                                              data-bind="text: (loading() ? 'Loading' : 'Saving') + ' settings...'"></div>
                                     </div>
                                 </div>
-                                {% if result %}
-                                    <div
-                                        class="alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif %} alert-dismissible">
-                                        <button type="button" class="close" data-dismiss="alert" aria-hidden="true">
-                                            &times;
-                                        </button>
-                                        {{ result['msg'] }}
-                                    </div>
-                                {% endif %}
-
+                                <!-- /.overlay-wrapper -->
+                                <div class="alert alert-dismissible alert-success" style="display: none;"
+                                     data-bind="visible: saved">
+                                    <button type="button" class="close" aria-hidden="true"
+                                            data-bind="click: saved(false)">×
+                                    </button>
+                                    <h5><i class="icon fas fa-check"></i> Saved!</h5>
+                                    These settings have been saved to the database.
+                                </div>
+                                <div class="alert alert-dismissible alert-danger" style="display: none;"
+                                     data-bind="visible: save_failed">
+                                    <button type="button" class="close" aria-hidden="true"
+                                            data-bind="click: save_failed(false)">×
+                                    </button>
+                                    <h5><i class="icon fas fa-ban"></i> Error!</h5>
+                                    These settings could <strong>not</strong> be saved to the database!
+                                </div>
+                                <div class="alert alert-dismissible" style="display: none;"
+                                     data-bind="visible: messages().length, class: 'alert alert-dismissible alert-' + messages_class()">
+                                    <button type="button" class="close" aria-hidden="true"
+                                            data-bind="click: messages([])">×
+                                    </button>
+                                    <h5><i class="icon fas fa-info"></i> Additional Information</h5>
+                                    <ul data-bind="foreach: messages">
+                                        <li data-bind="text: $data"></li>
+                                    </ul>
+                                </div>
                                 <div class="nav-tabs-custom">
                                     <ul class="nav nav-tabs" role="tablist">
                                         <li class="nav-item">
@@ -89,7 +106,8 @@ <h3 class="card-title">Settings Editor</h3>
                                     </ul>
                                     <div class="tab-content">
 
-                                        <div data-tab="local" data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
+                                        <div data-tab="local"
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'local' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -280,7 +298,8 @@ <h4>Password Requirements</h4>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-tab="ldap" data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
+                                        <div data-tab="ldap"
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'ldap' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     {% if error %}
@@ -745,7 +764,7 @@ <h3 class="card-title">Settings Help</h3>
                                         <!-- /.tab-pane -->
 
                                         <div data-tab="google"
-                                            data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'google' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -870,7 +889,7 @@ <h3 class="card-title">Settings Help</h3>
                                         <!-- /.tab-pane -->
 
                                         <div data-tab="github"
-                                            data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'github' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -991,7 +1010,8 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-tab="azure" data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
+                                        <div data-tab="azure"
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'azure' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -1293,7 +1313,8 @@ <h3 class="card-title">Settings Help</h3>
                                         </div>
                                         <!-- /.tab-pane -->
 
-                                        <div data-tab="oidc" data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
+                                        <div data-tab="oidc"
+                                             data-bind="class: 'tab-pane' + (tab_active() == 'oidc' ? ' active' : '')">
                                             <div class="row">
                                                 <div class="col-12 col-sm-6 col-lg-4">
                                                     <div class="card">
@@ -1510,7 +1531,7 @@ <h3 class="card-title">Settings Help</h3>
 
 {% block head_styles %}
     <style>
-        .error { color: red!important; }
+        .error { color: red !important; }
     </style>
 {% endblock %}
 
@@ -1531,46 +1552,3 @@ <h3 class="card-title">Settings Help</h3>
         })
     </script>
 {% endblock %}
-
-{% block modals %}
-    <div class="modal fade modal-warning" id="modal_confirm" data-keyboard="false" data-backdrop="static">
-        <div class="modal-dialog">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="X">
-                        <span aria-hidden="true">&times;</span>
-                    </button>
-                    <h4 class="modal-title">Confirmation</h4>
-                </div>
-                <div class="modal-body">
-                    <p></p>
-                </div>
-                <div class="modal-footer">
-                    <button type="button" class="btn btn-default pull-left" id="button_cancel" name="purge" value="OFF"
-                            data-dismiss="modal">Cancel
-                    </button>
-                    <button type="button" class="btn btn-success" id="button_confirm">Confirm</button>
-                </div>
-            </div>
-        </div>
-    </div>
-
-    <div class="modal fade modal-warning" id="modal_warning" data-keyboard="false" data-backdrop="static">
-        <div class="modal-dialog">
-            <div class="modal-content">
-                <div class="modal-header">
-                    <button type="button" class="close" data-dismiss="modal" aria-label="Close" id="warning_X">
-                        <span aria-hidden="true">&times;</span>
-                    </button>
-                    <h4 class="modal-title">Warning</h4>
-                </div>
-                <div class="modal-body">
-                    <p></p>
-                </div>
-                <div class="modal-footer">
-                    <button type="button" class="btn btn-success" id="button_warning_confirm">Yes I understand</button>
-                </div>
-            </div>
-        </div>
-    </div>
-{% endblock %}

From 9f076330d6362149aafeb46d323e625e019425c4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 19:54:47 -0400
Subject: [PATCH 416/475] Removed legacy backend controller code for handling
 authentication settings form submission.

---
 powerdnsadmin/routes/admin.py | 276 +---------------------------------
 1 file changed, 1 insertion(+), 275 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 05b188d0e..28eb3df11 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1552,281 +1552,7 @@ def has_an_auth_method(local_db_enabled=None,
 @login_required
 @admin_role_required
 def setting_authentication():
-    if request.method == 'GET':
-        return render_template('admin_setting_authentication.html')
-    elif request.method == 'POST':
-        conf_type = request.form.get('config_tab')
-        result = None
-
-        if conf_type == 'general':
-            local_db_enabled = True if request.form.get(
-                'local_db_enabled') else False
-            signup_enabled = True if request.form.get(
-                'signup_enabled') else False
-
-            pwd_enforce_characters = True if request.form.get('pwd_enforce_characters') else False
-            pwd_min_len = safe_cast(request.form.get('pwd_min_len', Setting().defaults["pwd_min_len"]), int,
-                                    Setting().defaults["pwd_min_len"])
-            pwd_min_lowercase = safe_cast(
-                request.form.get('pwd_min_lowercase', Setting().defaults["pwd_min_lowercase"]), int,
-                Setting().defaults["pwd_min_lowercase"])
-            pwd_min_uppercase = safe_cast(
-                request.form.get('pwd_min_uppercase', Setting().defaults["pwd_min_uppercase"]), int,
-                Setting().defaults["pwd_min_uppercase"])
-            pwd_min_digits = safe_cast(request.form.get('pwd_min_digits', Setting().defaults["pwd_min_digits"]), int,
-                                       Setting().defaults["pwd_min_digits"])
-            pwd_min_special = safe_cast(request.form.get('pwd_min_special', Setting().defaults["pwd_min_special"]), int,
-                                        Setting().defaults["pwd_min_special"])
-
-            pwd_enforce_complexity = True if request.form.get('pwd_enforce_complexity') else False
-            pwd_min_complexity = safe_cast(request.form.get('pwd_min_complexity',
-                                                            Setting().defaults["pwd_min_complexity"]), int,
-                                           Setting().defaults["pwd_min_complexity"])
-
-            if not has_an_auth_method(local_db_enabled=local_db_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set('local_db_enabled', local_db_enabled)
-                Setting().set('signup_enabled', signup_enabled)
-                Setting().set('pwd_enforce_characters', pwd_enforce_characters)
-                Setting().set('pwd_min_len', pwd_min_len)
-                Setting().set('pwd_min_lowercase', pwd_min_lowercase)
-                Setting().set('pwd_min_uppercase', pwd_min_uppercase)
-                Setting().set('pwd_min_digits', pwd_min_digits)
-                Setting().set('pwd_min_special', pwd_min_special)
-                Setting().set('pwd_enforce_complexity', pwd_enforce_complexity)
-                Setting().set('pwd_min_complexity', pwd_min_complexity)
-
-                result = {'status': True, 'msg': 'Saved successfully'}
-
-        elif conf_type == 'ldap':
-            ldap_enabled = True if request.form.get('ldap_enabled') else False
-
-            if not has_an_auth_method(ldap_enabled=ldap_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set('ldap_enabled', ldap_enabled)
-                Setting().set('ldap_type', request.form.get('ldap_type'))
-                Setting().set('ldap_uri', request.form.get('ldap_uri'))
-                Setting().set('ldap_base_dn', request.form.get('ldap_base_dn'))
-                Setting().set('ldap_admin_username',
-                              request.form.get('ldap_admin_username'))
-                Setting().set('ldap_admin_password',
-                              request.form.get('ldap_admin_password'))
-                Setting().set('ldap_filter_basic',
-                              request.form.get('ldap_filter_basic'))
-                Setting().set('ldap_filter_group',
-                              request.form.get('ldap_filter_group'))
-                Setting().set('ldap_filter_username',
-                              request.form.get('ldap_filter_username'))
-                Setting().set('ldap_filter_groupname',
-                              request.form.get('ldap_filter_groupname'))
-                Setting().set(
-                    'ldap_sg_enabled', True
-                    if request.form.get('ldap_sg_enabled') == 'ON' else False)
-                Setting().set('ldap_admin_group',
-                              request.form.get('ldap_admin_group'))
-                Setting().set('ldap_operator_group',
-                              request.form.get('ldap_operator_group'))
-                Setting().set('ldap_user_group',
-                              request.form.get('ldap_user_group'))
-                Setting().set('ldap_domain', request.form.get('ldap_domain'))
-                Setting().set(
-                    'autoprovisioning', True
-                    if request.form.get('autoprovisioning') == 'ON' else False)
-                Setting().set('autoprovisioning_attribute',
-                              request.form.get('autoprovisioning_attribute'))
-
-                if request.form.get('autoprovisioning') == 'ON':
-                    if validateURN(request.form.get('urn_value')):
-                        Setting().set('urn_value',
-                                      request.form.get('urn_value'))
-                    else:
-                        return render_template('admin_setting_authentication.html',
-                                               error="Invalid urn")
-                else:
-                    Setting().set('urn_value',
-                                  request.form.get('urn_value'))
-
-                Setting().set('purge', True
-                if request.form.get('purge') == 'ON' else False)
-
-                result = {'status': True, 'msg': 'Saved successfully'}
-        elif conf_type == 'google':
-            google_oauth_enabled = True if request.form.get(
-                'google_oauth_enabled') else False
-            if not has_an_auth_method(google_oauth_enabled=google_oauth_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set('google_oauth_enabled', google_oauth_enabled)
-                Setting().set('google_oauth_client_id',
-                              request.form.get('google_oauth_client_id'))
-                Setting().set('google_oauth_client_secret',
-                              request.form.get('google_oauth_client_secret'))
-                Setting().set('google_oauth_metadata_url',
-                              request.form.get('google_oauth_metadata_url'))
-                Setting().set('google_token_url',
-                              request.form.get('google_token_url'))
-                Setting().set('google_oauth_scope',
-                              request.form.get('google_oauth_scope'))
-                Setting().set('google_authorize_url',
-                              request.form.get('google_authorize_url'))
-                Setting().set('google_base_url',
-                              request.form.get('google_base_url'))
-                result = {
-                    'status': True,
-                    'msg':
-                        'Saved successfully. Please reload PDA to take effect.'
-                }
-        elif conf_type == 'github':
-            github_oauth_enabled = True if request.form.get(
-                'github_oauth_enabled') else False
-            if not has_an_auth_method(github_oauth_enabled=github_oauth_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set('github_oauth_enabled', github_oauth_enabled)
-                Setting().set('github_oauth_key',
-                              request.form.get('github_oauth_key'))
-                Setting().set('github_oauth_secret',
-                              request.form.get('github_oauth_secret'))
-                Setting().set('github_oauth_scope',
-                              request.form.get('github_oauth_scope'))
-                Setting().set('github_oauth_api_url',
-                              request.form.get('github_oauth_api_url'))
-                Setting().set('github_oauth_metadata_url',
-                              request.form.get('github_oauth_metadata_url'))
-                Setting().set('github_oauth_token_url',
-                              request.form.get('github_oauth_token_url'))
-                Setting().set('github_oauth_authorize_url',
-                              request.form.get('github_oauth_authorize_url'))
-                result = {
-                    'status': True,
-                    'msg':
-                        'Saved successfully. Please reload PDA to take effect.'
-                }
-        elif conf_type == 'azure':
-            azure_oauth_enabled = True if request.form.get(
-                'azure_oauth_enabled') else False
-            if not has_an_auth_method(azure_oauth_enabled=azure_oauth_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set('azure_oauth_enabled', azure_oauth_enabled)
-                Setting().set('azure_oauth_key',
-                              request.form.get('azure_oauth_key'))
-                Setting().set('azure_oauth_secret',
-                              request.form.get('azure_oauth_secret'))
-                Setting().set('azure_oauth_scope',
-                              request.form.get('azure_oauth_scope'))
-                Setting().set('azure_oauth_api_url',
-                              request.form.get('azure_oauth_api_url'))
-                Setting().set('azure_oauth_metadata_url',
-                              request.form.get('azure_oauth_metadata_url'))
-                Setting().set('azure_oauth_token_url',
-                              request.form.get('azure_oauth_token_url'))
-                Setting().set('azure_oauth_authorize_url',
-                              request.form.get('azure_oauth_authorize_url'))
-                Setting().set(
-                    'azure_sg_enabled', True
-                    if request.form.get('azure_sg_enabled') == 'ON' else False)
-                Setting().set('azure_admin_group',
-                              request.form.get('azure_admin_group'))
-                Setting().set('azure_operator_group',
-                              request.form.get('azure_operator_group'))
-                Setting().set('azure_user_group',
-                              request.form.get('azure_user_group'))
-                Setting().set(
-                    'azure_group_accounts_enabled', True
-                    if request.form.get('azure_group_accounts_enabled') == 'ON' else False)
-                Setting().set('azure_group_accounts_name',
-                              request.form.get('azure_group_accounts_name'))
-                Setting().set('azure_group_accounts_name_re',
-                              request.form.get('azure_group_accounts_name_re'))
-                Setting().set('azure_group_accounts_description',
-                              request.form.get('azure_group_accounts_description'))
-                Setting().set('azure_group_accounts_description_re',
-                              request.form.get('azure_group_accounts_description_re'))
-                result = {
-                    'status': True,
-                    'msg':
-                        'Saved successfully. Please reload PDA to take effect.'
-                }
-        elif conf_type == 'oidc':
-            oidc_oauth_enabled = True if request.form.get(
-                'oidc_oauth_enabled') else False
-            if not has_an_auth_method(oidc_oauth_enabled=oidc_oauth_enabled):
-                result = {
-                    'status':
-                        False,
-                    'msg':
-                        'Must have at least one authentication method enabled.'
-                }
-            else:
-                Setting().set(
-                    'oidc_oauth_enabled',
-                    True if request.form.get('oidc_oauth_enabled') else False)
-                Setting().set('oidc_oauth_key',
-                              request.form.get('oidc_oauth_key'))
-                Setting().set('oidc_oauth_secret',
-                              request.form.get('oidc_oauth_secret'))
-                Setting().set('oidc_oauth_scope',
-                              request.form.get('oidc_oauth_scope'))
-                Setting().set('oidc_oauth_api_url',
-                              request.form.get('oidc_oauth_api_url'))
-                Setting().set('oidc_oauth_metadata_url',
-                              request.form.get('oidc_oauth_metadata_url'))
-                Setting().set('oidc_oauth_token_url',
-                              request.form.get('oidc_oauth_token_url'))
-                Setting().set('oidc_oauth_authorize_url',
-                              request.form.get('oidc_oauth_authorize_url'))
-                Setting().set('oidc_oauth_logout_url',
-                              request.form.get('oidc_oauth_logout_url'))
-                Setting().set('oidc_oauth_username',
-                              request.form.get('oidc_oauth_username'))
-                Setting().set('oidc_oauth_firstname',
-                              request.form.get('oidc_oauth_firstname'))
-                Setting().set('oidc_oauth_last_name',
-                              request.form.get('oidc_oauth_last_name'))
-                Setting().set('oidc_oauth_email',
-                              request.form.get('oidc_oauth_email'))
-                Setting().set('oidc_oauth_account_name_property',
-                              request.form.get('oidc_oauth_account_name_property'))
-                Setting().set('oidc_oauth_account_description_property',
-                              request.form.get('oidc_oauth_account_description_property'))
-                result = {
-                    'status': True,
-                    'msg':
-                        'Saved successfully. Please reload PDA to take effect.'
-                }
-        else:
-            return abort(400)
-
-        return render_template('admin_setting_authentication.html',
-                               result=result)
+    return render_template('admin_setting_authentication.html')
 
 
 @admin_bp.route('/setting/authentication/api', methods=['POST'])

From c7aba5626d71ce7c82b4cd3d259e6e6954774591 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 10 Apr 2023 19:58:58 -0400
Subject: [PATCH 417/475] Moved authentication settings editor JavaScript into
 `js_main` assets build process instead of direct linking it to the view.

---
 powerdnsadmin/assets.py                                   | 1 +
 powerdnsadmin/templates/admin_setting_authentication.html | 7 -------
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/powerdnsadmin/assets.py b/powerdnsadmin/assets.py
index 2674bee5f..d46d43113 100644
--- a/powerdnsadmin/assets.py
+++ b/powerdnsadmin/assets.py
@@ -58,6 +58,7 @@ def concat(self, out, hunks, **kw):
     'node_modules/jtimeout/src/jTimeout.js',
     'node_modules/jquery.quicksearch/src/jquery.quicksearch.js',
     'node_modules/knockout/build/output/knockout-latest.js',
+    'custom/js/app-authentication-settings-editor.js',
     'custom/js/custom.js',
     'node_modules/bootstrap-datepicker/dist/js/bootstrap-datepicker.js',
     filters=(ConcatFilter, 'rjsmin'),
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index e7984bca5..c44367d9c 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -1536,13 +1536,6 @@ <h3 class="card-title">Settings Help</h3>
 {% endblock %}
 
 {% block extrascripts %}
-    {% assets "js_validation" -%}
-        <script type="text/javascript" src="{{ ASSET_URL }}"></script>
-    {%- endassets %}
-
-    <script type="text/javascript"
-            src="{{ url_for('static', filename='custom/js/app-authentication-settings-editor.js') }}"></script>
-
     <script>
         $(function () {
             let API_URL = '{{ url_for('admin.setting_authentication_api') }}';

From feb62cf39f9f549a635152f0646316dc12112403 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 11 Apr 2023 07:05:46 -0400
Subject: [PATCH 418/475] Updated settings model boolean value conversion to
 include additional test values.

---
 powerdnsadmin/models/setting.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index bd6265a55..31f231bff 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -411,7 +411,7 @@ def get(self, setting):
                 if hasattr(result, 'value'):
                     result = result.value
                 return strtobool(result) if result in [
-                    'True', 'False'
+                    'True', 'False', 'true', 'false', '1', '0'
                 ] else result
             else:
                 return self.defaults[setting]

From c98c174c23dd793cdf6c17e084321e9526568886 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 11 Apr 2023 18:50:47 -0400
Subject: [PATCH 419/475] Hopefully provided a reliable fix to the settings
 type conversion issues brought upon with the authentication settings editor
 overhaul.

---
 powerdnsadmin/models/setting.py               | 173 ++++++++++++++++--
 .../js/app-authentication-settings-editor.js  |  30 +--
 .../admin_setting_authentication.html         |  40 ++--
 3 files changed, 192 insertions(+), 51 deletions(-)

diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 31f231bff..06e17d2d5 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -13,7 +13,130 @@ class Setting(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     name = db.Column(db.String(64), unique=True, index=True)
     value = db.Column(db.Text())
-
+    
+    types = {
+        'maintenance': bool,
+        'fullscreen_layout': bool,
+        'record_helper': bool,
+        'login_ldap_first': bool,
+        'default_record_table_size': int,
+        'default_domain_table_size': int,
+        'auto_ptr': bool,
+        'record_quick_edit': bool,
+        'pretty_ipv6_ptr': bool,
+        'dnssec_admins_only': bool,
+        'allow_user_create_domain': bool,
+        'allow_user_remove_domain': bool,
+        'allow_user_view_history': bool,
+        'custom_history_header': str,
+        'delete_sso_accounts': bool,
+        'bg_domain_updates': bool,
+        'enable_api_rr_history': bool,
+        'preserve_history': bool,
+        'site_name': str,
+        'site_url': str,
+        'session_timeout': int,
+        'warn_session_timeout': bool,
+        'pdns_api_url': str,
+        'pdns_api_key': str,
+        'pdns_api_timeout': int,
+        'pdns_version': str,
+        'verify_ssl_connections': bool,
+        'verify_user_email': bool,
+        'enforce_api_ttl': bool,
+        'ttl_options': str,
+        'otp_field_enabled': bool,
+        'custom_css': str,
+        'otp_force': bool,
+        'max_history_records': int,
+        'deny_domain_override': bool,
+        'account_name_extra_chars': bool,
+        'gravatar_enabled': bool,
+        'forward_records_allow_edit': dict,
+        'reverse_records_allow_edit': dict,
+        'local_db_enabled': bool,
+        'signup_enabled': bool,
+        'pwd_enforce_characters': bool,
+        'pwd_min_len': int,
+        'pwd_min_lowercase': int,
+        'pwd_min_uppercase': int,
+        'pwd_min_digits': int,
+        'pwd_min_special': int,
+        'pwd_enforce_complexity': bool,
+        'pwd_min_complexity': int,
+        'ldap_enabled': bool,
+        'ldap_type': str,
+        'ldap_uri': str,
+        'ldap_base_dn': str,
+        'ldap_admin_username': str,
+        'ldap_admin_password': str,
+        'ldap_domain': str,
+        'ldap_filter_basic': str,
+        'ldap_filter_username': str,
+        'ldap_filter_group': str,
+        'ldap_filter_groupname': str,
+        'ldap_sg_enabled': bool,
+        'ldap_admin_group': str,
+        'ldap_operator_group': str,
+        'ldap_user_group': str,
+        'autoprovisioning': bool,
+        'autoprovisioning_attribute': str,
+        'urn_value': str,
+        'purge': bool,
+        'google_oauth_enabled': bool,
+        'google_oauth_client_id': str,
+        'google_oauth_client_secret': str,
+        'google_oauth_scope': str,
+        'google_base_url': str,
+        'google_oauth_auto_configure': bool,
+        'google_oauth_metadata_url': str,
+        'google_token_url': str,
+        'google_authorize_url': str,
+        'github_oauth_enabled': bool,
+        'github_oauth_key': str,
+        'github_oauth_secret': str,
+        'github_oauth_scope': str,
+        'github_oauth_api_url': str,
+        'github_oauth_auto_configure': bool,
+        'github_oauth_metadata_url': str,
+        'github_oauth_token_url': str,
+        'github_oauth_authorize_url': str,
+        'azure_oauth_enabled': bool,
+        'azure_oauth_key': str,
+        'azure_oauth_secret': str,
+        'azure_oauth_scope': str,
+        'azure_oauth_api_url': str,
+        'azure_oauth_auto_configure': bool,
+        'azure_oauth_metadata_url': str,
+        'azure_oauth_token_url': str,
+        'azure_oauth_authorize_url': str,
+        'azure_sg_enabled': bool,
+        'azure_admin_group': str,
+        'azure_operator_group': str,
+        'azure_user_group': str,
+        'azure_group_accounts_enabled': bool,
+        'azure_group_accounts_name': str,
+        'azure_group_accounts_name_re': str,
+        'azure_group_accounts_description': str,
+        'azure_group_accounts_description_re': str,
+        'oidc_oauth_enabled': bool,
+        'oidc_oauth_key': str,
+        'oidc_oauth_secret': str,
+        'oidc_oauth_scope': str,
+        'oidc_oauth_api_url': str,
+        'oidc_oauth_auto_configure': bool,
+        'oidc_oauth_metadata_url': str,
+        'oidc_oauth_token_url': str,
+        'oidc_oauth_authorize_url': str,
+        'oidc_oauth_logout_url': str,
+        'oidc_oauth_username': str,
+        'oidc_oauth_email': str,
+        'oidc_oauth_firstname': str,
+        'oidc_oauth_last_name': str,
+        'oidc_oauth_account_name_property': str,
+        'oidc_oauth_account_description_property': str,
+    }
+    
     defaults = {
         # General Settings
         'maintenance': False,
@@ -334,6 +457,34 @@ def __init__(self, name=None, value=None):
         self.name = name
         self.value = value
 
+    def convert_type(self, name, value):
+        import json
+        if name in self.types:
+            var_type = self.types[name]
+
+            # Handle boolean values
+            if var_type == bool:
+                if value == 'True' or value == 'true' or value == '1' or value == True:
+                    return True
+                else:
+                    return False
+
+            # Handle float values
+            if var_type == float:
+                return float(value)
+
+            # Handle integer values
+            if var_type == int:
+                return int(value)
+
+            if var_type == dict or var_type == list:
+                return json.loads(value)
+
+            if var_type == str:
+                return str(value)
+
+        return value
+
     def set_maintenance(self, mode):
         maintenance = Setting.query.filter(
             Setting.name == 'maintenance').first()
@@ -386,7 +537,7 @@ def set(self, setting, value):
             current_setting = Setting(name=setting, value=None)
             db.session.add(current_setting)
 
-        value = str(value)
+        value = str(self.convert_type(setting, value))
 
         try:
             current_setting.value = value
@@ -410,16 +561,15 @@ def get(self, setting):
             if result is not None:
                 if hasattr(result, 'value'):
                     result = result.value
-                return strtobool(result) if result in [
-                    'True', 'False', 'true', 'false', '1', '0'
-                ] else result
+
+                return self.convert_type(setting, result)
             else:
                 return self.defaults[setting]
         else:
             current_app.logger.error('Unknown setting queried: {0}'.format(setting))
 
     def get_group(self, group):
-        if isinstance(group, str):
+        if not isinstance(group, list):
             group = self.groups[group]
 
         result = {}
@@ -427,16 +577,7 @@ def get_group(self, group):
 
         for record in records:
             if record.name in group:
-                value = record.value
-
-                if value in ['True', 'False']:
-                    value = strtobool(value)
-                elif value.isdecimal() and '.' in value:
-                    value = float(value)
-                elif value.isnumeric():
-                    value = int(value)
-
-                result[record.name] = value
+                result[record.name] = self.convert_type(record.name, record.value)
 
         return result
 
diff --git a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
index fe3a942a1..da273b76b 100644
--- a/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
+++ b/powerdnsadmin/static/custom/js/app-authentication-settings-editor.js
@@ -15,8 +15,8 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
 
     let defaults = {
         // Local Authentication Settings
-        local_db_enabled: 1,
-        signup_enabled: 1,
+        local_db_enabled: true,
+        signup_enabled: true,
         pwd_enforce_characters: 0,
         pwd_min_len: 10,
         pwd_min_lowercase: 3,
@@ -27,7 +27,7 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         pwd_min_complexity: 11,
 
         // LDAP Authentication Settings
-        ldap_enabled: 0,
+        ldap_enabled: false,
         ldap_type: 'ldap',
         ldap_uri: '',
         ldap_base_dn: '',
@@ -38,64 +38,64 @@ let AuthenticationSettingsModel = function (user_data, api_url, csrf_token, sele
         ldap_filter_username: '',
         ldap_filter_group: '',
         ldap_filter_groupname: '',
-        ldap_sg_enabled: 0,
+        ldap_sg_enabled: false,
         ldap_admin_group: '',
         ldap_operator_group: '',
         ldap_user_group: '',
-        autoprovisioning: 0,
+        autoprovisioning: false,
         autoprovisioning_attribute: '',
         urn_value: '',
         purge: 0,
 
         // Google OAuth2 Settings
-        google_oauth_enabled: 0,
+        google_oauth_enabled: false,
         google_oauth_client_id: '',
         google_oauth_client_secret: '',
         google_oauth_scope: '',
         google_base_url: '',
-        google_oauth_auto_configure: 1,
+        google_oauth_auto_configure: true,
         google_oauth_metadata_url: '',
         google_token_url: '',
         google_authorize_url: '',
 
         // GitHub OAuth2 Settings
-        github_oauth_enabled: 0,
+        github_oauth_enabled: false,
         github_oauth_key: '',
         github_oauth_secret: '',
         github_oauth_scope: '',
         github_oauth_api_url: '',
-        github_oauth_auto_configure: 0,
+        github_oauth_auto_configure: false,
         github_oauth_metadata_url: '',
         github_oauth_token_url: '',
         github_oauth_authorize_url: '',
 
         // Azure AD OAuth2 Settings
-        azure_oauth_enabled: 0,
+        azure_oauth_enabled: false,
         azure_oauth_key: '',
         azure_oauth_secret: '',
         azure_oauth_scope: '',
         azure_oauth_api_url: '',
-        azure_oauth_auto_configure: 1,
+        azure_oauth_auto_configure: true,
         azure_oauth_metadata_url: '',
         azure_oauth_token_url: '',
         azure_oauth_authorize_url: '',
-        azure_sg_enabled: 0,
+        azure_sg_enabled: false,
         azure_admin_group: '',
         azure_operator_group: '',
         azure_user_group: '',
-        azure_group_accounts_enabled: 0,
+        azure_group_accounts_enabled: false,
         azure_group_accounts_name: '',
         azure_group_accounts_name_re: '',
         azure_group_accounts_description: '',
         azure_group_accounts_description_re: '',
 
         // OIDC OAuth2 Settings
-        oidc_oauth_enabled: 0,
+        oidc_oauth_enabled: false,
         oidc_oauth_key: '',
         oidc_oauth_secret: '',
         oidc_oauth_scope: '',
         oidc_oauth_api_url: '',
-        oidc_oauth_auto_configure: 1,
+        oidc_oauth_auto_configure: true,
         oidc_oauth_metadata_url: '',
         oidc_oauth_token_url: '',
         oidc_oauth_authorize_url: '',
diff --git a/powerdnsadmin/templates/admin_setting_authentication.html b/powerdnsadmin/templates/admin_setting_authentication.html
index c44367d9c..c7f3e2e19 100644
--- a/powerdnsadmin/templates/admin_setting_authentication.html
+++ b/powerdnsadmin/templates/admin_setting_authentication.html
@@ -450,15 +450,15 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
-                                                                                   id="ldap_sg_off" value="0"
-                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: 0">
+                                                                                   id="ldap_sg_off" value="false"
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="ldap_sg_enabled"
-                                                                                   id="ldap_sg_on" value="1"
-                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: 1">
+                                                                                   id="ldap_sg_on" value="true"
+                                                                                   data-bind="enable: ldap_enabled, checked: ldap_sg_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -497,15 +497,15 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
-                                                                                   id="autoprovisioning_off" value="0"
-                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: 0">
+                                                                                   id="autoprovisioning_off" value="false"
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="autoprovisioning"
-                                                                                   id="autoprovisioning_on" value="1"
-                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: 1">
+                                                                                   id="autoprovisioning_on" value="true"
+                                                                                   data-bind="enable: ldap_enabled, checked: autoprovisioning, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -540,16 +540,16 @@ <h3 class="card-title">LDAP Authentication Settings</h3>
                                                                         <label>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_off"
-                                                                                   value="0"
-                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: 0">
+                                                                                   value="false"
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="purge"
                                                                                    id="purge_on"
-                                                                                   value="1"
-                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: 1">
+                                                                                   value="true"
+                                                                                   data-bind="enable: ldap_enabled() && autoprovisioning(), checked: purge, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1112,15 +1112,15 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                     <div class="radio">
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
-                                                                                   id="azure_sg_off" value="0"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: 0">
+                                                                                   id="azure_sg_off" value="false"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
                                                                         <label>
                                                                             <input type="radio" name="azure_sg_enabled"
-                                                                                   id="azure_sg_on" value="1"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: 1">
+                                                                                   id="azure_sg_on" value="true"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_sg_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>
@@ -1163,8 +1163,8 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                             <input type="radio"
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_off"
-                                                                                   value="0"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: 0">
+                                                                                   value="false"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: false">
                                                                             OFF
                                                                         </label>
                                                                         &nbsp;&nbsp;&nbsp;
@@ -1172,8 +1172,8 @@ <h3 class="card-title">Azure OAuth Settings</h3>
                                                                             <input type="radio"
                                                                                    name="azure_group_accounts_enabled"
                                                                                    id="azure_group_accounts_on"
-                                                                                   value="1"
-                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: 1">
+                                                                                   value="true"
+                                                                                   data-bind="enable: azure_oauth_enabled, checked: azure_group_accounts_enabled, checkedValue: true">
                                                                             ON
                                                                         </label>
                                                                     </div>

From f66d64ecbcb5423acdffd17b3df2c5a7ef2c0425 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 11 Apr 2023 19:09:33 -0400
Subject: [PATCH 420/475] Fixed an issue with Azure and OIDC sessions not being
 properly cleared on logout.

---
 powerdnsadmin/routes/index.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 2636cf18e..d56ce6129 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -553,6 +553,8 @@ def clear_session():
     session.pop('user_id', None)
     session.pop('github_token', None)
     session.pop('google_token', None)
+    session.pop('azure_token', None)
+    session.pop('oidc_token', None)
     session.pop('authentication_type', None)
     session.pop('remote_user', None)
     logout_user()

From e45324c6190639b752d61c81aec0841ace5d7b26 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 12 Apr 2023 05:30:06 -0400
Subject: [PATCH 421/475] Updated issue templates to include latest version
 release.

Added `VERSION` file to repository root for easy tracking of current app version.

Corrected bug with the latest changes to the settings model that can lead to a JSON decoding error for installations without a properly stored value.
---
 .github/ISSUE_TEMPLATE/bug_report.yaml      |  1 +
 .github/ISSUE_TEMPLATE/feature_request.yaml |  1 +
 VERSION                                     |  1 +
 powerdnsadmin/models/setting.py             | 10 +++++++---
 4 files changed, 10 insertions(+), 3 deletions(-)
 create mode 100644 VERSION

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index 0c5a2d72f..ea05799ed 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -15,6 +15,7 @@ body:
       label: PDA version
       description: What version of PDA are you currently running?
       options:
+        - "0.4.1"
         - "0.4.0"
         - "0.3.0"
         - "0.2.5"
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index e649c6195..45950a1a2 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -15,6 +15,7 @@ body:
       label: PDA version
       description: What version of PDA are you currently running?
       options:
+        - "0.4.1"
         - "0.4.0"
         - "0.3.0"
         - "0.2.5"
diff --git a/VERSION b/VERSION
new file mode 100644
index 000000000..44bb5d1f7
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+0.4.1
\ No newline at end of file
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 06e17d2d5..1932a9c56 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -459,12 +459,13 @@ def __init__(self, name=None, value=None):
 
     def convert_type(self, name, value):
         import json
+        from json import JSONDecodeError
         if name in self.types:
             var_type = self.types[name]
 
             # Handle boolean values
             if var_type == bool:
-                if value == 'True' or value == 'true' or value == '1' or value == True:
+                if value == 'True' or value == 'true' or value == '1' or value is True:
                     return True
                 else:
                     return False
@@ -477,8 +478,11 @@ def convert_type(self, name, value):
             if var_type == int:
                 return int(value)
 
-            if var_type == dict or var_type == list:
-                return json.loads(value)
+            if (var_type == dict or var_type == list) and isinstance(value, str) and len(value) > 0:
+                try:
+                    return json.loads(value)
+                except JSONDecodeError as e:
+                    pass
 
             if var_type == str:
                 return str(value)

From 606b0ccc845ed9d9969887ce13020ff6b0c04d10 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 12 Apr 2023 06:26:03 -0400
Subject: [PATCH 422/475] Added support for building `ARM` and `ARM64` based
 Docker images.

---
 .github/workflows/build-and-publish.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 9eb0fff83..81c121f9c 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -47,6 +47,9 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
 
+      - name: QEMU Setup
+        uses: docker/setup-qemu-action@v2
+
       - name: Docker Buildx Setup
         id: buildx
         uses: docker/setup-buildx-action@v1
@@ -58,8 +61,9 @@ jobs:
           password: ${{ secrets.DOCKERHUB_TOKEN_V2 }}
 
       - name: Docker Image Build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v4
         with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
           context: ./
           file: ./docker/Dockerfile
           push: true

From c7780042876cc91fc97d0384f8c30e0e97833504 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 12 Apr 2023 07:35:34 -0400
Subject: [PATCH 423/475] Removed ARM v7 support from the Docker image build
 process it added a lot of build time to the process.

---
 .github/workflows/build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 81c121f9c..6aaaaeb71 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -63,7 +63,7 @@ jobs:
       - name: Docker Image Build
         uses: docker/build-push-action@v4
         with:
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          platforms: linux/amd64,linux/arm64
           context: ./
           file: ./docker/Dockerfile
           push: true

From 003ee07596179971eab097395650a3d6c8ab4704 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 12 Apr 2023 08:07:40 -0400
Subject: [PATCH 424/475] Updated the default value of the
 `SERVER_EXTERNAL_SSL` environment setting.

---
 configs/development.py          | 1 +
 configs/docker_config.py        | 1 +
 powerdnsadmin/default_config.py | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/configs/development.py b/configs/development.py
index e92ac728d..3dbb17bf5 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -7,6 +7,7 @@
 SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
+SERVER_EXTERNAL_SSL = None
 
 ### DATABASE CONFIG
 SQLA_DB_USER = 'pda'
diff --git a/configs/docker_config.py b/configs/docker_config.py
index 652777ab6..4194aa94d 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -6,6 +6,7 @@
 # Defaults for Docker image
 BIND_ADDRESS = '0.0.0.0'
 PORT = 80
+SERVER_EXTERNAL_SSL = True
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 3ae1b13c4..723cb85a9 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,7 +8,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-SERVER_EXTERNAL_SSL = None
+SERVER_EXTERNAL_SSL = True
 
 SESSION_TYPE = 'sqlalchemy'
 SESSION_COOKIE_SAMESITE = 'Lax'

From d7f3610b51c691a3cebb5751eb5b8e9c45ec65db Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 13 Apr 2023 13:34:41 -0400
Subject: [PATCH 425/475] Updated the OAuth service providers to properly
 respect the new OAuth autoconfiguration settings for each provider.

---
 powerdnsadmin/services/azure.py  | 3 ++-
 powerdnsadmin/services/github.py | 3 ++-
 powerdnsadmin/services/google.py | 3 ++-
 powerdnsadmin/services/oidc.py   | 3 ++-
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/services/azure.py b/powerdnsadmin/services/azure.py
index 901cc45f9..faf1ac3dd 100644
--- a/powerdnsadmin/services/azure.py
+++ b/powerdnsadmin/services/azure.py
@@ -24,9 +24,10 @@ def update_token(token):
         'fetch_token': fetch_azure_token,
     }
 
+    auto_configure = Setting().get('azure_oauth_auto_configure')
     server_metadata_url = Setting().get('azure_oauth_metadata_url')
 
-    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+    if auto_configure and isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
     else:
         authlib_params['access_token_url'] = Setting().get('azure_oauth_token_url')
diff --git a/powerdnsadmin/services/github.py b/powerdnsadmin/services/github.py
index f322e8cf1..42862e908 100644
--- a/powerdnsadmin/services/github.py
+++ b/powerdnsadmin/services/github.py
@@ -26,9 +26,10 @@ def update_token(token):
         'update_token': update_token
     }
 
+    auto_configure = Setting().get('github_oauth_auto_configure')
     server_metadata_url = Setting().get('github_oauth_metadata_url')
 
-    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+    if auto_configure and isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
     else:
         authlib_params['access_token_url'] = Setting().get('github_oauth_token_url')
diff --git a/powerdnsadmin/services/google.py b/powerdnsadmin/services/google.py
index 011c12086..e3e6362e2 100644
--- a/powerdnsadmin/services/google.py
+++ b/powerdnsadmin/services/google.py
@@ -25,9 +25,10 @@ def update_token(token):
         'update_token': update_token
     }
 
+    auto_configure = Setting().get('google_oauth_auto_configure')
     server_metadata_url = Setting().get('google_oauth_metadata_url')
 
-    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+    if auto_configure and isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
     else:
         authlib_params['access_token_url'] = Setting().get('google_token_url')
diff --git a/powerdnsadmin/services/oidc.py b/powerdnsadmin/services/oidc.py
index 25c73f074..2e36070f2 100644
--- a/powerdnsadmin/services/oidc.py
+++ b/powerdnsadmin/services/oidc.py
@@ -25,9 +25,10 @@ def update_token(token):
         'update_token': update_token
     }
 
+    auto_configure = Setting().get('oidc_oauth_auto_configure')
     server_metadata_url = Setting().get('oidc_oauth_metadata_url')
 
-    if isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
+    if auto_configure and isinstance(server_metadata_url, str) and len(server_metadata_url.strip()) > 0:
         authlib_params['server_metadata_url'] = server_metadata_url
     else:
         authlib_params['access_token_url'] = Setting().get('oidc_oauth_token_url')

From 8cfc62e9d045a63c81dd7a1079ccb552d9e18f2d Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 13 Apr 2023 13:40:06 -0400
Subject: [PATCH 426/475] Corrected issue with `SERVER_EXTERNAL_SSL` setting
 not being extracted from the app's environment.

---
 configs/development.py          | 2 +-
 configs/docker_config.py        | 2 +-
 powerdnsadmin/default_config.py | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configs/development.py b/configs/development.py
index 3dbb17bf5..be6cf3b51 100644
--- a/configs/development.py
+++ b/configs/development.py
@@ -7,7 +7,7 @@
 SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
-SERVER_EXTERNAL_SSL = None
+SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', None)
 
 ### DATABASE CONFIG
 SQLA_DB_USER = 'pda'
diff --git a/configs/docker_config.py b/configs/docker_config.py
index 4194aa94d..ae2e27571 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -6,7 +6,7 @@
 # Defaults for Docker image
 BIND_ADDRESS = '0.0.0.0'
 PORT = 80
-SERVER_EXTERNAL_SSL = True
+SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', True)
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index 723cb85a9..d9e27595a 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -8,7 +8,7 @@
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-SERVER_EXTERNAL_SSL = True
+SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', True)
 
 SESSION_TYPE = 'sqlalchemy'
 SESSION_COOKIE_SAMESITE = 'Lax'

From d773e078f5f897f78f0d245e0869836654687892 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 13 Apr 2023 13:53:39 -0400
Subject: [PATCH 427/475] Updated the Docker image build workflow to hopefully
 push the additional platform builds to Docker Hub after the build is
 complete.

---
 .github/workflows/build-and-publish.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml
index 6aaaaeb71..928386035 100644
--- a/.github/workflows/build-and-publish.yml
+++ b/.github/workflows/build-and-publish.yml
@@ -70,9 +70,10 @@ jobs:
           tags: powerdnsadmin/pda-legacy:${{ github.ref_name }}
 
       - name: Docker Image Release Tagging
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v4
         if: ${{ startsWith(github.ref, 'refs/tags/v') }}
         with:
+          platforms: linux/amd64,linux/arm64
           context: ./
           file: ./docker/Dockerfile
           push: true

From 7eee3134d44dd2a8777a8343326be72ec02103d4 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Thu, 13 Apr 2023 16:09:10 -0400
Subject: [PATCH 428/475] Corrected the logic flaw in the account add / edit
 form that would cause all unassigned zones to be selected automatically
 following the attempt of account creation with an invalid name.

---
 powerdnsadmin/templates/admin_edit_account.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/admin_edit_account.html b/powerdnsadmin/templates/admin_edit_account.html
index ca08ab77b..827a3e089 100644
--- a/powerdnsadmin/templates/admin_edit_account.html
+++ b/powerdnsadmin/templates/admin_edit_account.html
@@ -133,7 +133,7 @@ <h3 class="card-title">Access Control</h3>
                                                     </option>
                                                 {% endwith %}
                                             {% else %}
-                                                <option {% if account.id == domain.account_id %}selected{% endif %}
+                                                <option {% if account.id and account.id == domain.account_id %}selected{% endif %}
                                                         value="{{ domain.name }}">
                                                     {{ domain.name }}
                                                 </option>

From c842d09195a6180b1f7db51c2ce20fa48d2fe128 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 07:12:02 -0400
Subject: [PATCH 429/475] Overhauled app settings implementation to remove
 redundancy of definitions. Additionally, re-factored settings initialization
 code to allow for every setting to be defined by environment variable for
 both bare metal and Docker container deployments.

---
 configs/docker_config.py        | 151 +-------
 powerdnsadmin/__init__.py       |   5 +-
 powerdnsadmin/decorators.py     |  65 +++-
 powerdnsadmin/default_config.py |  48 +--
 powerdnsadmin/lib/settings.py   | 629 ++++++++++++++++++++++++++++++++
 powerdnsadmin/models/setting.py | 530 ++-------------------------
 powerdnsadmin/routes/admin.py   |   6 +-
 powerdnsadmin/routes/domain.py  |   4 +-
 8 files changed, 734 insertions(+), 704 deletions(-)
 create mode 100644 powerdnsadmin/lib/settings.py

diff --git a/configs/docker_config.py b/configs/docker_config.py
index ae2e27571..1668fc72c 100644
--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@@ -1,151 +1,2 @@
-# import everything from environment variables
-import os
-import sys
-import json
-
-# Defaults for Docker image
-BIND_ADDRESS = '0.0.0.0'
 PORT = 80
-SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', True)
-SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
-SESSION_COOKIE_SAMESITE = 'Lax'
-CSRF_COOKIE_HTTPONLY = True
-SESSION_TYPE = 'sqlalchemy'
-
-legal_envvars = (
-    'SECRET_KEY',
-    'OIDC_OAUTH_ENABLED',
-    'OIDC_OAUTH_KEY',
-    'OIDC_OAUTH_SECRET',
-    'OIDC_OAUTH_API_URL',
-    'OIDC_OAUTH_TOKEN_URL',
-    'OIDC_OAUTH_AUTHORIZE_URL',
-    'OIDC_OAUTH_METADATA_URL',
-    'OIDC_OAUTH_LOGOUT_URL',
-    'OIDC_OAUTH_SCOPE',
-    'OIDC_OAUTH_USERNAME',
-    'OIDC_OAUTH_FIRSTNAME',
-    'OIDC_OAUTH_LAST_NAME',
-    'OIDC_OAUTH_EMAIL',
-    'BIND_ADDRESS',
-    'PORT',
-    'SERVER_EXTERNAL_SSL',
-    'LOG_LEVEL',
-    'SALT',
-    'SQLALCHEMY_TRACK_MODIFICATIONS',
-    'SQLALCHEMY_DATABASE_URI',
-    'SQLALCHEMY_ENGINE_OPTIONS',
-    'MAIL_SERVER',
-    'MAIL_PORT',
-    'MAIL_DEBUG',
-    'MAIL_USE_TLS',
-    'MAIL_USE_SSL',
-    'MAIL_USERNAME',
-    'MAIL_PASSWORD',
-    'MAIL_DEFAULT_SENDER',
-    'SAML_ENABLED',
-    'SAML_DEBUG',
-    'SAML_PATH',
-    'SAML_METADATA_URL',
-    'SAML_METADATA_CACHE_LIFETIME',
-    'SAML_IDP_SSO_BINDING',
-    'SAML_IDP_ENTITY_ID',
-    'SAML_NAMEID_FORMAT',
-    'SAML_ATTRIBUTE_EMAIL',
-    'SAML_ATTRIBUTE_GIVENNAME',
-    'SAML_ATTRIBUTE_SURNAME',
-    'SAML_ATTRIBUTE_NAME',
-    'SAML_ATTRIBUTE_USERNAME',
-    'SAML_ATTRIBUTE_ADMIN',
-    'SAML_ATTRIBUTE_GROUP',
-    'SAML_GROUP_ADMIN_NAME',
-    'SAML_GROUP_TO_ACCOUNT_MAPPING',
-    'SAML_ATTRIBUTE_ACCOUNT',
-    'SAML_SP_ENTITY_ID',
-    'SAML_SP_CONTACT_NAME',
-    'SAML_SP_CONTACT_MAIL',
-    'SAML_SIGN_REQUEST',
-    'SAML_WANT_MESSAGE_SIGNED',
-    'SAML_LOGOUT',
-    'SAML_LOGOUT_URL',
-    'SAML_ASSERTION_ENCRYPTED',
-    'REMOTE_USER_LOGOUT_URL',
-    'REMOTE_USER_COOKIES',
-    'SIGNUP_ENABLED',
-    'LOCAL_DB_ENABLED',
-    'LDAP_ENABLED',
-    'SAML_CERT',
-    'SAML_KEY',
-    'SESSION_TYPE',
-    'SESSION_COOKIE_SECURE',
-    'CSRF_COOKIE_SECURE',
-    'CAPTCHA_ENABLE',
-)
-
-legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
-
-legal_envvars_bool = (
-    'SQLALCHEMY_TRACK_MODIFICATIONS',
-    'HSTS_ENABLED',
-    'MAIL_DEBUG',
-    'MAIL_USE_TLS',
-    'MAIL_USE_SSL',
-    'OIDC_OAUTH_ENABLED',
-    'SAML_ENABLED',
-    'SAML_DEBUG',
-    'SAML_SIGN_REQUEST',
-    'SAML_WANT_MESSAGE_SIGNED',
-    'SAML_LOGOUT',
-    'SAML_ASSERTION_ENCRYPTED',
-    'REMOTE_USER_ENABLED',
-    'SIGNUP_ENABLED',
-    'LOCAL_DB_ENABLED',
-    'LDAP_ENABLED',
-    'SESSION_COOKIE_SECURE',
-    'CSRF_COOKIE_SECURE',
-    'CAPTCHA_ENABLE',
-    'SERVER_EXTERNAL_SSL',
-)
-
-legal_envvars_dict = (
-    'SQLALCHEMY_ENGINE_OPTIONS',
-)
-
-def str2bool(v):
-    return v.lower() in ("true", "yes", "1")
-
-
-def dictfromstr(v, ret):
-    try:
-        return json.loads(ret)
-    except Exception as e:
-        print('Cannot parse json {} for variable {}'.format(ret, v))
-        print(e)
-        raise ValueError
-
-
-for v in legal_envvars:
-
-    ret = None
-    # _FILE suffix will allow to read value from file, useful for Docker containers.
-    # secrets feature
-    if v + '_FILE' in os.environ:
-        if v in os.environ:
-            raise AttributeError(
-                "Both {} and {} are set but are exclusive.".format(
-                    v, v + '_FILE'))
-        with open(os.environ[v + '_FILE']) as f:
-            ret = f.read()
-        f.close()
-
-    elif v in os.environ:
-        ret = os.environ[v]
-
-    if ret is not None:
-        if v in legal_envvars_bool:
-            ret = str2bool(ret)
-        if v in legal_envvars_int:
-            ret = int(ret)
-        if v in legal_envvars_dict:
-            ret = dictfromstr(v, ret)
-        sys.modules[__name__].__dict__[v] = ret
+SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
\ No newline at end of file
diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index d447a002c..32ad19e4b 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -4,11 +4,11 @@
 from flask_mail import Mail
 from werkzeug.middleware.proxy_fix import ProxyFix
 from flask_session import Session
-
 from .lib import utils
 
 
 def create_app(config=None):
+    from powerdnsadmin.lib.settings import AppSettings
     from . import models, routes, services
     from .assets import assets
     app = Flask(__name__)
@@ -50,6 +50,9 @@ def create_app(config=None):
         elif config.endswith('.py'):
             app.config.from_pyfile(config)
 
+    # Load any settings defined with environment variables
+    AppSettings.load_environment(app)
+
     # HSTS
     if app.config.get('HSTS_ENABLED'):
         from flask_sslify import SSLify
diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py
index cfa5f9d2f..560ca45bf 100644
--- a/powerdnsadmin/decorators.py
+++ b/powerdnsadmin/decorators.py
@@ -13,6 +13,7 @@ def admin_role_required(f):
     """
     Grant access if user is in Administrator role
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name != 'Administrator':
@@ -26,6 +27,7 @@ def operator_role_required(f):
     """
     Grant access if user is in Operator role or higher
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in ['Administrator', 'Operator']:
@@ -39,6 +41,7 @@ def history_access_required(f):
     """
     Grant access if user is in Operator role or higher, or Users can view history
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
@@ -57,6 +60,7 @@ def can_access_domain(f):
         - user is in granted Account, or
         - user is in granted Domain
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in ['Administrator', 'Operator']:
@@ -83,10 +87,11 @@ def can_configure_dnssec(f):
         - user is in Operator role or higher, or
         - dnssec_admins_only is off
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
-                'Administrator', 'Operator'
+            'Administrator', 'Operator'
         ] and Setting().get('dnssec_admins_only'):
             abort(403)
 
@@ -94,16 +99,18 @@ def decorated_function(*args, **kwargs):
 
     return decorated_function
 
+
 def can_remove_domain(f):
     """
     Grant access if:
         - user is in Operator role or higher, or
         - allow_user_remove_domain is on
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
-                'Administrator', 'Operator'
+            'Administrator', 'Operator'
         ] and not Setting().get('allow_user_remove_domain'):
             abort(403)
         return f(*args, **kwargs)
@@ -111,17 +118,17 @@ def decorated_function(*args, **kwargs):
     return decorated_function
 
 
-
 def can_create_domain(f):
     """
     Grant access if:
         - user is in Operator role or higher, or
         - allow_user_create_domain is on
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
-                'Administrator', 'Operator'
+            'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
             abort(403)
         return f(*args, **kwargs)
@@ -144,11 +151,12 @@ def decorated_function(*args, **kwargs):
 
         # Remove "Basic " from the header value
         auth_header = auth_header[6:]
+        auth_components = []
 
         try:
             auth_header = str(base64.b64decode(auth_header), 'utf-8')
-            # NK: We use auth_components here as we don't know if we'll have a :, we split it maximum 1 times to grab the
-            #     username, the rest of the string would be the password.
+            # NK: We use auth_components here as we don't know if we'll have a colon,
+            # we split it maximum 1 times to grab the username, the rest of the string would be the password.
             auth_components = auth_header.split(':', maxsplit=1)
         except (binascii.Error, UnicodeDecodeError) as e:
             current_app.logger.error(
@@ -211,16 +219,19 @@ def callback_if_request_body_contains_key(callback, http_methods=[], keys=[]):
     If request body contains one or more of specified keys, call
     :param callback
     """
+
     def decorator(f):
         @wraps(f)
         def decorated_function(*args, **kwargs):
             check_current_http_method = not http_methods or request.method in http_methods
             if (check_current_http_method and
-                set(request.get_json(force=True).keys()).intersection(set(keys))
+                    set(request.get_json(force=True).keys()).intersection(set(keys))
             ):
                 callback(*args, **kwargs)
             return f(*args, **kwargs)
+
         return decorated_function
+
     return decorator
 
 
@@ -246,16 +257,18 @@ def decorated_function(*args, **kwargs):
             except:
                 username = None
             if (
-                (current_user.role.name in roles) or
-                (allow_self and user_id and current_user.id == user_id) or
-                (allow_self and username and current_user.username == username)
+                    (current_user.role.name in roles) or
+                    (allow_self and user_id and current_user.id == user_id) or
+                    (allow_self and username and current_user.username == username)
             ):
                 return f(*args, **kwargs)
             msg = (
                 "User {} with role {} does not have enough privileges to {}"
             ).format(current_user.username, current_user.role.name, action)
             raise NotEnoughPrivileges(message=msg)
+
         return decorated_function
+
     return decorator
 
 
@@ -265,15 +278,16 @@ def api_can_create_domain(f):
         - user is in Operator role or higher, or
         - allow_user_create_domain is on
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if current_user.role.name not in [
-                'Administrator', 'Operator'
+            'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
             msg = "User {0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(current_user.username))
             raise NotEnoughPrivileges()
-        
+
         if Setting().get('deny_domain_override'):
             req = request.get_json(force=True)
             domain = Domain()
@@ -294,10 +308,11 @@ def apikey_can_create_domain(f):
         - deny_domain_override is off or
         - override_domain is true (from request)
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if g.apikey.role.name not in [
-                'Administrator', 'Operator'
+            'Administrator', 'Operator'
         ] and not Setting().get('allow_user_create_domain'):
             msg = "ApiKey #{0} does not have enough privileges to create zone"
             current_app.logger.error(msg.format(g.apikey.id))
@@ -320,20 +335,23 @@ def apikey_can_remove_domain(http_methods=[]):
         - user is in Operator role or higher, or
         - allow_user_remove_domain is on
     """
+
     def decorator(f):
         @wraps(f)
         def decorated_function(*args, **kwargs):
             check_current_http_method = not http_methods or request.method in http_methods
 
             if (check_current_http_method and
-                g.apikey.role.name not in ['Administrator', 'Operator'] and
-                not Setting().get('allow_user_remove_domain')
+                    g.apikey.role.name not in ['Administrator', 'Operator'] and
+                    not Setting().get('allow_user_remove_domain')
             ):
                 msg = "ApiKey #{0} does not have enough privileges to remove zone"
                 current_app.logger.error(msg.format(g.apikey.id))
                 raise NotEnoughPrivileges()
             return f(*args, **kwargs)
+
         return decorated_function
+
     return decorator
 
 
@@ -341,6 +359,7 @@ def apikey_is_admin(f):
     """
     Grant access if user is in Administrator role
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if g.apikey.role.name != 'Administrator':
@@ -358,6 +377,7 @@ def apikey_can_access_domain(f):
         - user has Operator role or higher, or
         - user has explicitly been granted access to domain
     """
+
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if g.apikey.role.name not in ['Administrator', 'Operator']:
@@ -382,22 +402,26 @@ def apikey_can_configure_dnssec(http_methods=[]):
         - user is in Operator role or higher, or
         - dnssec_admins_only is off
     """
+
     def decorator(f=None):
         @wraps(f)
         def decorated_function(*args, **kwargs):
             check_current_http_method = not http_methods or request.method in http_methods
 
             if (check_current_http_method and
-                g.apikey.role.name not in ['Administrator', 'Operator'] and
-                Setting().get('dnssec_admins_only')
+                    g.apikey.role.name not in ['Administrator', 'Operator'] and
+                    Setting().get('dnssec_admins_only')
             ):
                 msg = "ApiKey #{0} does not have enough privileges to configure dnssec"
                 current_app.logger.error(msg.format(g.apikey.id))
                 raise DomainAccessForbidden(message=msg)
             return f(*args, **kwargs) if f else None
+
         return decorated_function
+
     return decorator
 
+
 def allowed_record_types(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
@@ -423,6 +447,7 @@ def decorated_function(*args, **kwargs):
 
     return decorated_function
 
+
 def allowed_record_ttl(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
@@ -431,12 +456,12 @@ def decorated_function(*args, **kwargs):
 
         if request.method == 'GET':
             return f(*args, **kwargs)
-            
+
         if g.apikey.role.name in ['Administrator', 'Operator']:
             return f(*args, **kwargs)
 
         allowed_ttls = Setting().get_ttl_options()
-        allowed_numeric_ttls = [ ttl[0] for ttl in allowed_ttls ]
+        allowed_numeric_ttls = [ttl[0] for ttl in allowed_ttls]
         content = request.get_json()
         try:
             for record in content['rrsets']:
@@ -497,6 +522,7 @@ def decorated_function(*args, **kwargs):
 
     return decorated_function
 
+
 def apikey_or_basic_auth(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
@@ -505,4 +531,5 @@ def decorated_function(*args, **kwargs):
             return apikey_auth(f)(*args, **kwargs)
         else:
             return api_basic_auth(f)(*args, **kwargs)
+
     return decorated_function
diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py
index d9e27595a..ff192b0cf 100644
--- a/powerdnsadmin/default_config.py
+++ b/powerdnsadmin/default_config.py
@@ -1,44 +1,32 @@
 import os
-import urllib.parse
+
 basedir = os.path.abspath(os.path.dirname(__file__))
 
-### BASIC APP CONFIG
-SALT = '$2b$12$yLUMTIfl21FKJQpTkRQXCu'
-SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
 BIND_ADDRESS = '0.0.0.0'
-PORT = 9191
-HSTS_ENABLED = False
-SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', True)
-
-SESSION_TYPE = 'sqlalchemy'
-SESSION_COOKIE_SAMESITE = 'Lax'
-CSRF_COOKIE_HTTPONLY = True
-
-#CAPTCHA Config
 CAPTCHA_ENABLE = True
-CAPTCHA_LENGTH = 6
-CAPTCHA_WIDTH = 160
 CAPTCHA_HEIGHT = 60
+CAPTCHA_LENGTH = 6
 CAPTCHA_SESSION_KEY = 'captcha_image'
-
-### DATABASE CONFIG
-SQLA_DB_USER = 'pda'
-SQLA_DB_PASSWORD = 'changeme'
-SQLA_DB_HOST = '127.0.0.1'
-SQLA_DB_NAME = 'pda'
+CAPTCHA_WIDTH = 160
+CSRF_COOKIE_HTTPONLY = True
+HSTS_ENABLED = False
+PORT = 9191
+SALT = '$2b$12$yLUMTIfl21FKJQpTkRQXCu'
+SAML_ASSERTION_ENCRYPTED = True
+SAML_ENABLED = False
+SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
+SERVER_EXTERNAL_SSL = os.getenv('SERVER_EXTERNAL_SSL', True)
+SESSION_COOKIE_SAMESITE = 'Lax'
+SESSION_TYPE = 'sqlalchemy'
+SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
 SQLALCHEMY_TRACK_MODIFICATIONS = True
-
-### DATABASE - MySQL
+# SQLA_DB_USER = 'pda'
+# SQLA_DB_PASSWORD = 'changeme'
+# SQLA_DB_HOST = '127.0.0.1'
+# SQLA_DB_NAME = 'pda'
 # SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
 #     urllib.parse.quote_plus(SQLA_DB_USER),
 #     urllib.parse.quote_plus(SQLA_DB_PASSWORD),
 #     SQLA_DB_HOST,
 #     SQLA_DB_NAME
 # )
-
-### DATABASE - SQLite
-SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
-
-# SAML Authnetication
-SAML_ENABLED = False
-SAML_ASSERTION_ENCRYPTED = True
diff --git a/powerdnsadmin/lib/settings.py b/powerdnsadmin/lib/settings.py
new file mode 100644
index 000000000..c6d6c9568
--- /dev/null
+++ b/powerdnsadmin/lib/settings.py
@@ -0,0 +1,629 @@
+import os
+from pathlib import Path
+
+basedir = os.path.abspath(Path(os.path.dirname(__file__)).parent)
+
+class AppSettings(object):
+
+    defaults = {
+        # Flask Settings
+        'bind_address': '0.0.0.0',
+        'csrf_cookie_secure': False,
+        'log_level': 'WARNING',
+        'port': 9191,
+        'salt': '$2b$12$yLUMTIfl21FKJQpTkRQXCu',
+        'secret_key': 'e951e5a1f4b94151b360f47edf596dd2',
+        'session_cookie_secure': False,
+        'session_type': 'sqlalchemy',
+        'sqlalchemy_track_modifications': True,
+        'sqlalchemy_database_uri': 'sqlite:///' + os.path.join(basedir, 'pdns.db'),
+        'sqlalchemy_engine_options': {},
+
+        # General Settings
+        'captcha_enable': True,
+        'captcha_height': 60,
+        'captcha_length': 6,
+        'captcha_session_key': 'captcha_image',
+        'captcha_width': 160,
+        'mail_server': 'localhost',
+        'mail_port': 25,
+        'mail_debug': False,
+        'mail_use_ssl': False,
+        'mail_use_tls': False,
+        'mail_username': '',
+        'mail_password': '',
+        'mail_default_sender': '',
+        'remote_user_enabled': False,
+        'remote_user_cookies': [],
+        'remote_user_logout_url': '',
+        'server_external_ssl': True,
+        'maintenance': False,
+        'fullscreen_layout': True,
+        'record_helper': True,
+        'login_ldap_first': True,
+        'default_record_table_size': 15,
+        'default_domain_table_size': 10,
+        'auto_ptr': False,
+        'record_quick_edit': True,
+        'pretty_ipv6_ptr': False,
+        'dnssec_admins_only': False,
+        'allow_user_create_domain': False,
+        'allow_user_remove_domain': False,
+        'allow_user_view_history': False,
+        'custom_history_header': '',
+        'delete_sso_accounts': False,
+        'bg_domain_updates': False,
+        'enable_api_rr_history': True,
+        'preserve_history': False,
+        'site_name': 'PowerDNS-Admin',
+        'site_url': 'http://localhost:9191',
+        'session_timeout': 10,
+        'warn_session_timeout': True,
+        'pdns_api_url': '',
+        'pdns_api_key': '',
+        'pdns_api_timeout': 30,
+        'pdns_version': '4.1.1',
+        'verify_ssl_connections': True,
+        'verify_user_email': False,
+        'enforce_api_ttl': False,
+        'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours',
+        'otp_field_enabled': True,
+        'custom_css': '',
+        'otp_force': False,
+        'max_history_records': 1000,
+        'deny_domain_override': False,
+        'account_name_extra_chars': False,
+        'gravatar_enabled': False,
+
+        # Local Authentication Settings
+        'local_db_enabled': True,
+        'signup_enabled': True,
+        'pwd_enforce_characters': False,
+        'pwd_min_len': 10,
+        'pwd_min_lowercase': 3,
+        'pwd_min_uppercase': 2,
+        'pwd_min_digits': 2,
+        'pwd_min_special': 1,
+        'pwd_enforce_complexity': False,
+        'pwd_min_complexity': 11,
+
+        # LDAP Authentication Settings
+        'ldap_enabled': False,
+        'ldap_type': 'ldap',
+        'ldap_uri': '',
+        'ldap_base_dn': '',
+        'ldap_admin_username': '',
+        'ldap_admin_password': '',
+        'ldap_domain': '',
+        'ldap_filter_basic': '',
+        'ldap_filter_username': '',
+        'ldap_filter_group': '',
+        'ldap_filter_groupname': '',
+        'ldap_sg_enabled': False,
+        'ldap_admin_group': '',
+        'ldap_operator_group': '',
+        'ldap_user_group': '',
+        'autoprovisioning': False,
+        'autoprovisioning_attribute': '',
+        'urn_value': '',
+        'purge': False,
+
+        # Google OAuth Settings
+        'google_oauth_enabled': False,
+        'google_oauth_client_id': '',
+        'google_oauth_client_secret': '',
+        'google_oauth_scope': 'openid email profile',
+        'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
+        'google_oauth_auto_configure': True,
+        'google_oauth_metadata_url': 'https://accounts.google.com/.well-known/openid-configuration',
+        'google_token_url': 'https://oauth2.googleapis.com/token',
+        'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
+
+        # GitHub OAuth Settings
+        'github_oauth_enabled': False,
+        'github_oauth_key': '',
+        'github_oauth_secret': '',
+        'github_oauth_scope': 'email',
+        'github_oauth_api_url': 'https://api.github.com/user',
+        'github_oauth_auto_configure': False,
+        'github_oauth_metadata_url': '',
+        'github_oauth_token_url': 'https://github.com/login/oauth/access_token',
+        'github_oauth_authorize_url': 'https://github.com/login/oauth/authorize',
+
+        # Azure OAuth Settings
+        'azure_oauth_enabled': False,
+        'azure_oauth_key': '',
+        'azure_oauth_secret': '',
+        'azure_oauth_scope': 'User.Read openid email profile',
+        'azure_oauth_api_url': 'https://graph.microsoft.com/v1.0/',
+        'azure_oauth_auto_configure': True,
+        'azure_oauth_metadata_url': '',
+        'azure_oauth_token_url': '',
+        'azure_oauth_authorize_url': '',
+        'azure_sg_enabled': False,
+        'azure_admin_group': '',
+        'azure_operator_group': '',
+        'azure_user_group': '',
+        'azure_group_accounts_enabled': False,
+        'azure_group_accounts_name': 'displayName',
+        'azure_group_accounts_name_re': '',
+        'azure_group_accounts_description': 'description',
+        'azure_group_accounts_description_re': '',
+
+        # OIDC OAuth Settings
+        'oidc_oauth_enabled': False,
+        'oidc_oauth_key': '',
+        'oidc_oauth_secret': '',
+        'oidc_oauth_scope': 'email',
+        'oidc_oauth_api_url': '',
+        'oidc_oauth_auto_configure': True,
+        'oidc_oauth_metadata_url': '',
+        'oidc_oauth_token_url': '',
+        'oidc_oauth_authorize_url': '',
+        'oidc_oauth_logout_url': '',
+        'oidc_oauth_username': 'preferred_username',
+        'oidc_oauth_email': 'email',
+        'oidc_oauth_firstname': 'given_name',
+        'oidc_oauth_last_name': 'family_name',
+        'oidc_oauth_account_name_property': '',
+        'oidc_oauth_account_description_property': '',
+
+        # SAML Authentication Settings
+        'saml_enabled': False,
+        'saml_debug': False,
+        'saml_path': os.path.join(basedir, 'saml'),
+        'saml_metadata_url': None,
+        'saml_metadata_cache_lifetime': 1,
+        'saml_idp_sso_binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
+        'saml_idp_entity_id': None,
+        'saml_nameid_format': None,
+        'saml_attribute_account': None,
+        'saml_attribute_email': 'email',
+        'saml_attribute_givenname': 'givenname',
+        'saml_attribute_surname': 'surname',
+        'saml_attribute_name': None,
+        'saml_attribute_username': None,
+        'saml_attribute_admin': None,
+        'saml_attribute_group': None,
+        'saml_group_admin_name': None,
+        'saml_group_operator_name': None,
+        'saml_group_to_account_mapping': None,
+        'saml_sp_entity_id': None,
+        'saml_sp_contact_name': None,
+        'saml_sp_contact_mail': None,
+        'saml_sign_request': False,
+        'saml_want_message_signed': True,
+        'saml_logout': True,
+        'saml_logout_url': None,
+        'saml_assertion_encrypted': True,
+        'saml_cert': None,
+        'saml_key': None,
+
+        # Zone Record Settings
+        'forward_records_allow_edit': {
+            'A': True,
+            'AAAA': True,
+            'AFSDB': False,
+            'ALIAS': False,
+            'CAA': True,
+            'CERT': False,
+            'CDNSKEY': False,
+            'CDS': False,
+            'CNAME': True,
+            'DNSKEY': False,
+            'DNAME': False,
+            'DS': False,
+            'HINFO': False,
+            'KEY': False,
+            'LOC': True,
+            'LUA': False,
+            'MX': True,
+            'NAPTR': False,
+            'NS': True,
+            'NSEC': False,
+            'NSEC3': False,
+            'NSEC3PARAM': False,
+            'OPENPGPKEY': False,
+            'PTR': True,
+            'RP': False,
+            'RRSIG': False,
+            'SOA': False,
+            'SPF': True,
+            'SSHFP': False,
+            'SRV': True,
+            'TKEY': False,
+            'TSIG': False,
+            'TLSA': False,
+            'SMIMEA': False,
+            'TXT': True,
+            'URI': False
+        },
+        'reverse_records_allow_edit': {
+            'A': False,
+            'AAAA': False,
+            'AFSDB': False,
+            'ALIAS': False,
+            'CAA': False,
+            'CERT': False,
+            'CDNSKEY': False,
+            'CDS': False,
+            'CNAME': False,
+            'DNSKEY': False,
+            'DNAME': False,
+            'DS': False,
+            'HINFO': False,
+            'KEY': False,
+            'LOC': True,
+            'LUA': False,
+            'MX': False,
+            'NAPTR': False,
+            'NS': True,
+            'NSEC': False,
+            'NSEC3': False,
+            'NSEC3PARAM': False,
+            'OPENPGPKEY': False,
+            'PTR': True,
+            'RP': False,
+            'RRSIG': False,
+            'SOA': False,
+            'SPF': False,
+            'SSHFP': False,
+            'SRV': False,
+            'TKEY': False,
+            'TSIG': False,
+            'TLSA': False,
+            'SMIMEA': False,
+            'TXT': True,
+            'URI': False
+        },
+    }
+
+    types = {
+        # Flask Settings
+        'bind_address': str,
+        'csrf_cookie_secure': bool,
+        'log_level': str,
+        'port': int,
+        'salt': str,
+        'secret_key': str,
+        'session_cookie_secure': bool,
+        'session_type': str,
+        'sqlalchemy_track_modifications': bool,
+        'sqlalchemy_database_uri': str,
+        'sqlalchemy_engine_options': dict,
+
+        # General Settings
+        'captcha_enable': bool,
+        'captcha_height': int,
+        'captcha_length': int,
+        'captcha_session_key': str,
+        'captcha_width': int,
+        'mail_server': str,
+        'mail_port': int,
+        'mail_debug': bool,
+        'mail_use_ssl': bool,
+        'mail_use_tls': bool,
+        'mail_username': str,
+        'mail_password': str,
+        'mail_default_sender': str,
+        'remote_user_enabled': bool,
+        'remote_user_cookies': list,
+        'remote_user_logout_url': str,
+        'maintenance': bool,
+        'fullscreen_layout': bool,
+        'record_helper': bool,
+        'login_ldap_first': bool,
+        'default_record_table_size': int,
+        'default_domain_table_size': int,
+        'auto_ptr': bool,
+        'record_quick_edit': bool,
+        'pretty_ipv6_ptr': bool,
+        'dnssec_admins_only': bool,
+        'allow_user_create_domain': bool,
+        'allow_user_remove_domain': bool,
+        'allow_user_view_history': bool,
+        'custom_history_header': str,
+        'delete_sso_accounts': bool,
+        'bg_domain_updates': bool,
+        'enable_api_rr_history': bool,
+        'preserve_history': bool,
+        'site_name': str,
+        'site_url': str,
+        'session_timeout': int,
+        'warn_session_timeout': bool,
+        'pdns_api_url': str,
+        'pdns_api_key': str,
+        'pdns_api_timeout': int,
+        'pdns_version': str,
+        'verify_ssl_connections': bool,
+        'verify_user_email': bool,
+        'enforce_api_ttl': bool,
+        'ttl_options': str,
+        'otp_field_enabled': bool,
+        'custom_css': str,
+        'otp_force': bool,
+        'max_history_records': int,
+        'deny_domain_override': bool,
+        'account_name_extra_chars': bool,
+        'gravatar_enabled': bool,
+        'forward_records_allow_edit': dict,
+        'reverse_records_allow_edit': dict,
+
+        # Local Authentication Settings
+        'local_db_enabled': bool,
+        'signup_enabled': bool,
+        'pwd_enforce_characters': bool,
+        'pwd_min_len': int,
+        'pwd_min_lowercase': int,
+        'pwd_min_uppercase': int,
+        'pwd_min_digits': int,
+        'pwd_min_special': int,
+        'pwd_enforce_complexity': bool,
+        'pwd_min_complexity': int,
+
+        # LDAP Authentication Settings
+        'ldap_enabled': bool,
+        'ldap_type': str,
+        'ldap_uri': str,
+        'ldap_base_dn': str,
+        'ldap_admin_username': str,
+        'ldap_admin_password': str,
+        'ldap_domain': str,
+        'ldap_filter_basic': str,
+        'ldap_filter_username': str,
+        'ldap_filter_group': str,
+        'ldap_filter_groupname': str,
+        'ldap_sg_enabled': bool,
+        'ldap_admin_group': str,
+        'ldap_operator_group': str,
+        'ldap_user_group': str,
+        'autoprovisioning': bool,
+        'autoprovisioning_attribute': str,
+        'urn_value': str,
+        'purge': bool,
+
+        # Google OAuth Settings
+        'google_oauth_enabled': bool,
+        'google_oauth_client_id': str,
+        'google_oauth_client_secret': str,
+        'google_oauth_scope': str,
+        'google_base_url': str,
+        'google_oauth_auto_configure': bool,
+        'google_oauth_metadata_url': str,
+        'google_token_url': str,
+        'google_authorize_url': str,
+
+        # GitHub OAuth Settings
+        'github_oauth_enabled': bool,
+        'github_oauth_key': str,
+        'github_oauth_secret': str,
+        'github_oauth_scope': str,
+        'github_oauth_api_url': str,
+        'github_oauth_auto_configure': bool,
+        'github_oauth_metadata_url': str,
+        'github_oauth_token_url': str,
+        'github_oauth_authorize_url': str,
+
+        # Azure OAuth Settings
+        'azure_oauth_enabled': bool,
+        'azure_oauth_key': str,
+        'azure_oauth_secret': str,
+        'azure_oauth_scope': str,
+        'azure_oauth_api_url': str,
+        'azure_oauth_auto_configure': bool,
+        'azure_oauth_metadata_url': str,
+        'azure_oauth_token_url': str,
+        'azure_oauth_authorize_url': str,
+        'azure_sg_enabled': bool,
+        'azure_admin_group': str,
+        'azure_operator_group': str,
+        'azure_user_group': str,
+        'azure_group_accounts_enabled': bool,
+        'azure_group_accounts_name': str,
+        'azure_group_accounts_name_re': str,
+        'azure_group_accounts_description': str,
+        'azure_group_accounts_description_re': str,
+
+        # OIDC OAuth Settings
+        'oidc_oauth_enabled': bool,
+        'oidc_oauth_key': str,
+        'oidc_oauth_secret': str,
+        'oidc_oauth_scope': str,
+        'oidc_oauth_api_url': str,
+        'oidc_oauth_auto_configure': bool,
+        'oidc_oauth_metadata_url': str,
+        'oidc_oauth_token_url': str,
+        'oidc_oauth_authorize_url': str,
+        'oidc_oauth_logout_url': str,
+        'oidc_oauth_username': str,
+        'oidc_oauth_email': str,
+        'oidc_oauth_firstname': str,
+        'oidc_oauth_last_name': str,
+        'oidc_oauth_account_name_property': str,
+        'oidc_oauth_account_description_property': str,
+
+        # SAML Authentication Settings
+        'saml_enabled': bool,
+        'saml_debug': bool,
+        'saml_path': str,
+        'saml_metadata_url': str,
+        'saml_metadata_cache_lifetime': int,
+        'saml_idp_sso_binding': str,
+        'saml_idp_entity_id': str,
+        'saml_nameid_format': str,
+        'saml_attribute_account': str,
+        'saml_attribute_email': str,
+        'saml_attribute_givenname': str,
+        'saml_attribute_surname': str,
+        'saml_attribute_name': str,
+        'saml_attribute_username': str,
+        'saml_attribute_admin': str,
+        'saml_attribute_group': str,
+        'saml_group_admin_name': str,
+        'saml_group_operator_name': str,
+        'saml_group_to_account_mapping': str,
+        'saml_sp_entity_id': str,
+        'saml_sp_contact_name': str,
+        'saml_sp_contact_mail': str,
+        'saml_sign_request': bool,
+        'saml_want_message_signed': bool,
+        'saml_logout': bool,
+        'saml_logout_url': str,
+        'saml_assertion_encrypted': bool,
+        'saml_cert': str,
+        'saml_key': str,
+    }
+
+    groups = {
+        'authentication': [
+            # Local Authentication Settings
+            'local_db_enabled',
+            'signup_enabled',
+            'pwd_enforce_characters',
+            'pwd_min_len',
+            'pwd_min_lowercase',
+            'pwd_min_uppercase',
+            'pwd_min_digits',
+            'pwd_min_special',
+            'pwd_enforce_complexity',
+            'pwd_min_complexity',
+
+            # LDAP Authentication Settings
+            'ldap_enabled',
+            'ldap_type',
+            'ldap_uri',
+            'ldap_base_dn',
+            'ldap_admin_username',
+            'ldap_admin_password',
+            'ldap_domain',
+            'ldap_filter_basic',
+            'ldap_filter_username',
+            'ldap_filter_group',
+            'ldap_filter_groupname',
+            'ldap_sg_enabled',
+            'ldap_admin_group',
+            'ldap_operator_group',
+            'ldap_user_group',
+            'autoprovisioning',
+            'autoprovisioning_attribute',
+            'urn_value',
+            'purge',
+
+            # Google OAuth Settings
+            'google_oauth_enabled',
+            'google_oauth_client_id',
+            'google_oauth_client_secret',
+            'google_oauth_scope',
+            'google_base_url',
+            'google_oauth_auto_configure',
+            'google_oauth_metadata_url',
+            'google_token_url',
+            'google_authorize_url',
+
+            # GitHub OAuth Settings
+            'github_oauth_enabled',
+            'github_oauth_key',
+            'github_oauth_secret',
+            'github_oauth_scope',
+            'github_oauth_api_url',
+            'github_oauth_auto_configure',
+            'github_oauth_metadata_url',
+            'github_oauth_token_url',
+            'github_oauth_authorize_url',
+
+            # Azure OAuth Settings
+            'azure_oauth_enabled',
+            'azure_oauth_key',
+            'azure_oauth_secret',
+            'azure_oauth_scope',
+            'azure_oauth_api_url',
+            'azure_oauth_auto_configure',
+            'azure_oauth_metadata_url',
+            'azure_oauth_token_url',
+            'azure_oauth_authorize_url',
+            'azure_sg_enabled',
+            'azure_admin_group',
+            'azure_operator_group',
+            'azure_user_group',
+            'azure_group_accounts_enabled',
+            'azure_group_accounts_name',
+            'azure_group_accounts_name_re',
+            'azure_group_accounts_description',
+            'azure_group_accounts_description_re',
+
+            # OIDC OAuth Settings
+            'oidc_oauth_enabled',
+            'oidc_oauth_key',
+            'oidc_oauth_secret',
+            'oidc_oauth_scope',
+            'oidc_oauth_api_url',
+            'oidc_oauth_auto_configure',
+            'oidc_oauth_metadata_url',
+            'oidc_oauth_token_url',
+            'oidc_oauth_authorize_url',
+            'oidc_oauth_logout_url',
+            'oidc_oauth_username',
+            'oidc_oauth_email',
+            'oidc_oauth_firstname',
+            'oidc_oauth_last_name',
+            'oidc_oauth_account_name_property',
+            'oidc_oauth_account_description_property',
+        ]
+    }
+
+    @staticmethod
+    def convert_type(name, value):
+        import json
+        from json import JSONDecodeError
+        if name in AppSettings.types:
+            var_type = AppSettings.types[name]
+
+            # Handle boolean values
+            if var_type == bool and isinstance(value, str):
+                if value.lower() in ['True', 'true', '1'] or value is True:
+                    return True
+                else:
+                    return False
+
+            # Handle float values
+            if var_type == float:
+                return float(value)
+
+            # Handle integer values
+            if var_type == int:
+                return int(value)
+
+            if (var_type == dict or var_type == list) and isinstance(value, str) and len(value) > 0:
+                try:
+                    return json.loads(value)
+                except JSONDecodeError as e:
+                    raise ValueError('Cannot parse json {} for variable {}'.format(value, name))
+
+            if var_type == str:
+                return str(value)
+
+        return value
+
+    @staticmethod
+    def load_environment(app):
+        """ Load app settings from environment variables when defined. """
+        import os
+
+        for var_name, default_value in AppSettings.defaults.items():
+            env_name = var_name.upper()
+            current_value = None
+
+            if env_name + '_FILE' in os.environ:
+                if env_name in os.environ:
+                    raise AttributeError(
+                        "Both {} and {} are set but are exclusive.".format(
+                            env_name, env_name + '_FILE'))
+                with open(os.environ[env_name + '_FILE']) as f:
+                    current_value = f.read()
+                f.close()
+
+            elif env_name in os.environ:
+                current_value = os.environ[env_name]
+
+            if current_value is not None:
+                app.config[env_name] = AppSettings.convert_type(var_name, current_value)
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 1932a9c56..214d7aca6 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -1,450 +1,19 @@
 import sys
 import traceback
-
 import pytimeparse
 from ast import literal_eval
-from distutils.util import strtobool
 from flask import current_app
-
 from .base import db
+from powerdnsadmin.lib.settings import AppSettings
 
 
 class Setting(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     name = db.Column(db.String(64), unique=True, index=True)
     value = db.Column(db.Text())
-    
-    types = {
-        'maintenance': bool,
-        'fullscreen_layout': bool,
-        'record_helper': bool,
-        'login_ldap_first': bool,
-        'default_record_table_size': int,
-        'default_domain_table_size': int,
-        'auto_ptr': bool,
-        'record_quick_edit': bool,
-        'pretty_ipv6_ptr': bool,
-        'dnssec_admins_only': bool,
-        'allow_user_create_domain': bool,
-        'allow_user_remove_domain': bool,
-        'allow_user_view_history': bool,
-        'custom_history_header': str,
-        'delete_sso_accounts': bool,
-        'bg_domain_updates': bool,
-        'enable_api_rr_history': bool,
-        'preserve_history': bool,
-        'site_name': str,
-        'site_url': str,
-        'session_timeout': int,
-        'warn_session_timeout': bool,
-        'pdns_api_url': str,
-        'pdns_api_key': str,
-        'pdns_api_timeout': int,
-        'pdns_version': str,
-        'verify_ssl_connections': bool,
-        'verify_user_email': bool,
-        'enforce_api_ttl': bool,
-        'ttl_options': str,
-        'otp_field_enabled': bool,
-        'custom_css': str,
-        'otp_force': bool,
-        'max_history_records': int,
-        'deny_domain_override': bool,
-        'account_name_extra_chars': bool,
-        'gravatar_enabled': bool,
-        'forward_records_allow_edit': dict,
-        'reverse_records_allow_edit': dict,
-        'local_db_enabled': bool,
-        'signup_enabled': bool,
-        'pwd_enforce_characters': bool,
-        'pwd_min_len': int,
-        'pwd_min_lowercase': int,
-        'pwd_min_uppercase': int,
-        'pwd_min_digits': int,
-        'pwd_min_special': int,
-        'pwd_enforce_complexity': bool,
-        'pwd_min_complexity': int,
-        'ldap_enabled': bool,
-        'ldap_type': str,
-        'ldap_uri': str,
-        'ldap_base_dn': str,
-        'ldap_admin_username': str,
-        'ldap_admin_password': str,
-        'ldap_domain': str,
-        'ldap_filter_basic': str,
-        'ldap_filter_username': str,
-        'ldap_filter_group': str,
-        'ldap_filter_groupname': str,
-        'ldap_sg_enabled': bool,
-        'ldap_admin_group': str,
-        'ldap_operator_group': str,
-        'ldap_user_group': str,
-        'autoprovisioning': bool,
-        'autoprovisioning_attribute': str,
-        'urn_value': str,
-        'purge': bool,
-        'google_oauth_enabled': bool,
-        'google_oauth_client_id': str,
-        'google_oauth_client_secret': str,
-        'google_oauth_scope': str,
-        'google_base_url': str,
-        'google_oauth_auto_configure': bool,
-        'google_oauth_metadata_url': str,
-        'google_token_url': str,
-        'google_authorize_url': str,
-        'github_oauth_enabled': bool,
-        'github_oauth_key': str,
-        'github_oauth_secret': str,
-        'github_oauth_scope': str,
-        'github_oauth_api_url': str,
-        'github_oauth_auto_configure': bool,
-        'github_oauth_metadata_url': str,
-        'github_oauth_token_url': str,
-        'github_oauth_authorize_url': str,
-        'azure_oauth_enabled': bool,
-        'azure_oauth_key': str,
-        'azure_oauth_secret': str,
-        'azure_oauth_scope': str,
-        'azure_oauth_api_url': str,
-        'azure_oauth_auto_configure': bool,
-        'azure_oauth_metadata_url': str,
-        'azure_oauth_token_url': str,
-        'azure_oauth_authorize_url': str,
-        'azure_sg_enabled': bool,
-        'azure_admin_group': str,
-        'azure_operator_group': str,
-        'azure_user_group': str,
-        'azure_group_accounts_enabled': bool,
-        'azure_group_accounts_name': str,
-        'azure_group_accounts_name_re': str,
-        'azure_group_accounts_description': str,
-        'azure_group_accounts_description_re': str,
-        'oidc_oauth_enabled': bool,
-        'oidc_oauth_key': str,
-        'oidc_oauth_secret': str,
-        'oidc_oauth_scope': str,
-        'oidc_oauth_api_url': str,
-        'oidc_oauth_auto_configure': bool,
-        'oidc_oauth_metadata_url': str,
-        'oidc_oauth_token_url': str,
-        'oidc_oauth_authorize_url': str,
-        'oidc_oauth_logout_url': str,
-        'oidc_oauth_username': str,
-        'oidc_oauth_email': str,
-        'oidc_oauth_firstname': str,
-        'oidc_oauth_last_name': str,
-        'oidc_oauth_account_name_property': str,
-        'oidc_oauth_account_description_property': str,
-    }
-    
-    defaults = {
-        # General Settings
-        'maintenance': False,
-        'fullscreen_layout': True,
-        'record_helper': True,
-        'login_ldap_first': True,
-        'default_record_table_size': 15,
-        'default_domain_table_size': 10,
-        'auto_ptr': False,
-        'record_quick_edit': True,
-        'pretty_ipv6_ptr': False,
-        'dnssec_admins_only': False,
-        'allow_user_create_domain': False,
-        'allow_user_remove_domain': False,
-        'allow_user_view_history': False,
-        'custom_history_header': '',
-        'delete_sso_accounts': False,
-        'bg_domain_updates': False,
-        'enable_api_rr_history': True,
-        'preserve_history': False,
-        'site_name': 'PowerDNS-Admin',
-        'site_url': 'http://localhost:9191',
-        'session_timeout': 10,
-        'warn_session_timeout': True,
-        'pdns_api_url': '',
-        'pdns_api_key': '',
-        'pdns_api_timeout': 30,
-        'pdns_version': '4.1.1',
-        'verify_ssl_connections': True,
-        'verify_user_email': False,
-        'enforce_api_ttl': False,
-        'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours',
-        'otp_field_enabled': True,
-        'custom_css': '',
-        'otp_force': False,
-        'max_history_records': 1000,
-        'deny_domain_override': False,
-        'account_name_extra_chars': False,
-        'gravatar_enabled': False,
-
-        # Local Authentication Settings
-        'local_db_enabled': True,
-        'signup_enabled': True,
-        'pwd_enforce_characters': False,
-        'pwd_min_len': 10,
-        'pwd_min_lowercase': 3,
-        'pwd_min_uppercase': 2,
-        'pwd_min_digits': 2,
-        'pwd_min_special': 1,
-        'pwd_enforce_complexity': False,
-        'pwd_min_complexity': 11,
-
-        # LDAP Authentication Settings
-        'ldap_enabled': False,
-        'ldap_type': 'ldap',
-        'ldap_uri': '',
-        'ldap_base_dn': '',
-        'ldap_admin_username': '',
-        'ldap_admin_password': '',
-        'ldap_domain': '',
-        'ldap_filter_basic': '',
-        'ldap_filter_username': '',
-        'ldap_filter_group': '',
-        'ldap_filter_groupname': '',
-        'ldap_sg_enabled': False,
-        'ldap_admin_group': '',
-        'ldap_operator_group': '',
-        'ldap_user_group': '',
-        'autoprovisioning': False,
-        'autoprovisioning_attribute': '',
-        'urn_value': '',
-        'purge': False,
-
-        # Google OAuth2 Settings
-        'google_oauth_enabled': False,
-        'google_oauth_client_id': '',
-        'google_oauth_client_secret': '',
-        'google_oauth_scope': 'openid email profile',
-        'google_base_url': 'https://www.googleapis.com/oauth2/v3/',
-        'google_oauth_auto_configure': True,
-        'google_oauth_metadata_url': 'https://accounts.google.com/.well-known/openid-configuration',
-        'google_token_url': 'https://oauth2.googleapis.com/token',
-        'google_authorize_url': 'https://accounts.google.com/o/oauth2/v2/auth',
-
-        # GitHub OAuth2 Settings
-        'github_oauth_enabled': False,
-        'github_oauth_key': '',
-        'github_oauth_secret': '',
-        'github_oauth_scope': 'email',
-        'github_oauth_api_url': 'https://api.github.com/user',
-        'github_oauth_auto_configure': False,
-        'github_oauth_metadata_url': '',
-        'github_oauth_token_url': 'https://github.com/login/oauth/access_token',
-        'github_oauth_authorize_url': 'https://github.com/login/oauth/authorize',
-
-        # Azure OAuth2 Settings
-        'azure_oauth_enabled': False,
-        'azure_oauth_key': '',
-        'azure_oauth_secret': '',
-        'azure_oauth_scope': 'User.Read openid email profile',
-        'azure_oauth_api_url': 'https://graph.microsoft.com/v1.0/',
-        'azure_oauth_auto_configure': True,
-        'azure_oauth_metadata_url': '',
-        'azure_oauth_token_url': '',
-        'azure_oauth_authorize_url': '',
-        'azure_sg_enabled': False,
-        'azure_admin_group': '',
-        'azure_operator_group': '',
-        'azure_user_group': '',
-        'azure_group_accounts_enabled': False,
-        'azure_group_accounts_name': 'displayName',
-        'azure_group_accounts_name_re': '',
-        'azure_group_accounts_description': 'description',
-        'azure_group_accounts_description_re': '',
-
-        # OIDC OAuth2 Settings
-        'oidc_oauth_enabled': False,
-        'oidc_oauth_key': '',
-        'oidc_oauth_secret': '',
-        'oidc_oauth_scope': 'email',
-        'oidc_oauth_api_url': '',
-        'oidc_oauth_auto_configure': True,
-        'oidc_oauth_metadata_url': '',
-        'oidc_oauth_token_url': '',
-        'oidc_oauth_authorize_url': '',
-        'oidc_oauth_logout_url': '',
-        'oidc_oauth_username': 'preferred_username',
-        'oidc_oauth_email': 'email',
-        'oidc_oauth_firstname': 'given_name',
-        'oidc_oauth_last_name': 'family_name',
-        'oidc_oauth_account_name_property': '',
-        'oidc_oauth_account_description_property': '',
-
-        # Zone Record Settings
-        'forward_records_allow_edit': {
-            'A': True,
-            'AAAA': True,
-            'AFSDB': False,
-            'ALIAS': False,
-            'CAA': True,
-            'CERT': False,
-            'CDNSKEY': False,
-            'CDS': False,
-            'CNAME': True,
-            'DNSKEY': False,
-            'DNAME': False,
-            'DS': False,
-            'HINFO': False,
-            'KEY': False,
-            'LOC': True,
-            'LUA': False,
-            'MX': True,
-            'NAPTR': False,
-            'NS': True,
-            'NSEC': False,
-            'NSEC3': False,
-            'NSEC3PARAM': False,
-            'OPENPGPKEY': False,
-            'PTR': True,
-            'RP': False,
-            'RRSIG': False,
-            'SOA': False,
-            'SPF': True,
-            'SSHFP': False,
-            'SRV': True,
-            'TKEY': False,
-            'TSIG': False,
-            'TLSA': False,
-            'SMIMEA': False,
-            'TXT': True,
-            'URI': False
-        },
-        'reverse_records_allow_edit': {
-            'A': False,
-            'AAAA': False,
-            'AFSDB': False,
-            'ALIAS': False,
-            'CAA': False,
-            'CERT': False,
-            'CDNSKEY': False,
-            'CDS': False,
-            'CNAME': False,
-            'DNSKEY': False,
-            'DNAME': False,
-            'DS': False,
-            'HINFO': False,
-            'KEY': False,
-            'LOC': True,
-            'LUA': False,
-            'MX': False,
-            'NAPTR': False,
-            'NS': True,
-            'NSEC': False,
-            'NSEC3': False,
-            'NSEC3PARAM': False,
-            'OPENPGPKEY': False,
-            'PTR': True,
-            'RP': False,
-            'RRSIG': False,
-            'SOA': False,
-            'SPF': False,
-            'SSHFP': False,
-            'SRV': False,
-            'TKEY': False,
-            'TSIG': False,
-            'TLSA': False,
-            'SMIMEA': False,
-            'TXT': True,
-            'URI': False
-        },
-    }
-
-    groups = {
-        'authentication': [
-            # Local Authentication Settings
-            'local_db_enabled',
-            'signup_enabled',
-            'pwd_enforce_characters',
-            'pwd_min_len',
-            'pwd_min_lowercase',
-            'pwd_min_uppercase',
-            'pwd_min_digits',
-            'pwd_min_special',
-            'pwd_enforce_complexity',
-            'pwd_min_complexity',
-
-            # LDAP Authentication Settings
-            'ldap_enabled',
-            'ldap_type',
-            'ldap_uri',
-            'ldap_base_dn',
-            'ldap_admin_username',
-            'ldap_admin_password',
-            'ldap_domain',
-            'ldap_filter_basic',
-            'ldap_filter_username',
-            'ldap_filter_group',
-            'ldap_filter_groupname',
-            'ldap_sg_enabled',
-            'ldap_admin_group',
-            'ldap_operator_group',
-            'ldap_user_group',
-            'autoprovisioning',
-            'autoprovisioning_attribute',
-            'urn_value',
-            'purge',
-
-            # Google OAuth2 Settings
-            'google_oauth_enabled',
-            'google_oauth_client_id',
-            'google_oauth_client_secret',
-            'google_oauth_scope',
-            'google_base_url',
-            'google_oauth_auto_configure',
-            'google_oauth_metadata_url',
-            'google_token_url',
-            'google_authorize_url',
-
-            # GitHub OAuth2 Settings
-            'github_oauth_enabled',
-            'github_oauth_key',
-            'github_oauth_secret',
-            'github_oauth_scope',
-            'github_oauth_api_url',
-            'github_oauth_auto_configure',
-            'github_oauth_metadata_url',
-            'github_oauth_token_url',
-            'github_oauth_authorize_url',
 
-            # Azure OAuth2 Settings
-            'azure_oauth_enabled',
-            'azure_oauth_key',
-            'azure_oauth_secret',
-            'azure_oauth_scope',
-            'azure_oauth_api_url',
-            'azure_oauth_auto_configure',
-            'azure_oauth_metadata_url',
-            'azure_oauth_token_url',
-            'azure_oauth_authorize_url',
-            'azure_sg_enabled',
-            'azure_admin_group',
-            'azure_operator_group',
-            'azure_user_group',
-            'azure_group_accounts_enabled',
-            'azure_group_accounts_name',
-            'azure_group_accounts_name_re',
-            'azure_group_accounts_description',
-            'azure_group_accounts_description_re',
-
-            # OIDC OAuth2 Settings
-            'oidc_oauth_enabled',
-            'oidc_oauth_key',
-            'oidc_oauth_secret',
-            'oidc_oauth_scope',
-            'oidc_oauth_api_url',
-            'oidc_oauth_auto_configure',
-            'oidc_oauth_metadata_url',
-            'oidc_oauth_token_url',
-            'oidc_oauth_authorize_url',
-            'oidc_oauth_logout_url',
-            'oidc_oauth_username',
-            'oidc_oauth_email',
-            'oidc_oauth_firstname',
-            'oidc_oauth_last_name',
-            'oidc_oauth_account_name_property',
-            'oidc_oauth_account_description_property',
-        ]
-    }
+    ZONE_TYPE_FORWARD = 'forward'
+    ZONE_TYPE_REVERSE = 'reverse'
 
     def __init__(self, id=None, name=None, value=None):
         self.id = id
@@ -457,44 +26,12 @@ def __init__(self, name=None, value=None):
         self.name = name
         self.value = value
 
-    def convert_type(self, name, value):
-        import json
-        from json import JSONDecodeError
-        if name in self.types:
-            var_type = self.types[name]
-
-            # Handle boolean values
-            if var_type == bool:
-                if value == 'True' or value == 'true' or value == '1' or value is True:
-                    return True
-                else:
-                    return False
-
-            # Handle float values
-            if var_type == float:
-                return float(value)
-
-            # Handle integer values
-            if var_type == int:
-                return int(value)
-
-            if (var_type == dict or var_type == list) and isinstance(value, str) and len(value) > 0:
-                try:
-                    return json.loads(value)
-                except JSONDecodeError as e:
-                    pass
-
-            if var_type == str:
-                return str(value)
-
-        return value
-
     def set_maintenance(self, mode):
         maintenance = Setting.query.filter(
             Setting.name == 'maintenance').first()
 
         if maintenance is None:
-            value = self.defaults['maintenance']
+            value = AppSettings.defaults['maintenance']
             maintenance = Setting(name='maintenance', value=str(value))
             db.session.add(maintenance)
 
@@ -516,7 +53,7 @@ def toggle(self, setting):
         current_setting = Setting.query.filter(Setting.name == setting).first()
 
         if current_setting is None:
-            value = self.defaults[setting]
+            value = AppSettings.defaults[setting]
             current_setting = Setting(name=setting, value=str(value))
             db.session.add(current_setting)
 
@@ -541,21 +78,20 @@ def set(self, setting, value):
             current_setting = Setting(name=setting, value=None)
             db.session.add(current_setting)
 
-        value = str(self.convert_type(setting, value))
+        value = str(AppSettings.convert_type(setting, value))
 
         try:
             current_setting.value = value
             db.session.commit()
             return True
         except Exception as e:
-            current_app.logger.error('Cannot edit setting {0}. DETAIL: {1}'.format(
-                setting, e))
+            current_app.logger.error('Cannot edit setting {0}. DETAIL: {1}'.format(setting, e))
             current_app.logger.debug(traceback.format_exec())
             db.session.rollback()
             return False
 
     def get(self, setting):
-        if setting in self.defaults:
+        if setting in AppSettings.defaults:
 
             if setting.upper() in current_app.config:
                 result = current_app.config[setting.upper()]
@@ -566,51 +102,45 @@ def get(self, setting):
                 if hasattr(result, 'value'):
                     result = result.value
 
-                return self.convert_type(setting, result)
+                return AppSettings.convert_type(setting, result)
             else:
-                return self.defaults[setting]
+                return AppSettings.defaults[setting]
         else:
             current_app.logger.error('Unknown setting queried: {0}'.format(setting))
 
     def get_group(self, group):
         if not isinstance(group, list):
-            group = self.groups[group]
+            group = AppSettings.groups[group]
 
         result = {}
-        records = self.query.all()
 
-        for record in records:
-            if record.name in group:
-                result[record.name] = self.convert_type(record.name, record.value)
+        for var_name, default_value in AppSettings.defaults.items():
+            if var_name in group:
+                result[var_name] = self.get(var_name)
 
         return result
 
     def get_records_allow_to_edit(self):
         return list(
-            set(self.get_forward_records_allow_to_edit() +
-                self.get_reverse_records_allow_to_edit()))
+            set(self.get_supported_record_types(self.ZONE_TYPE_FORWARD) +
+                self.get_supported_record_types(self.ZONE_TYPE_REVERSE)))
 
-    def get_forward_records_allow_to_edit(self):
-        records = self.get('forward_records_allow_edit')
-        f_records = literal_eval(records) if isinstance(records,
-                                                        str) else records
-        r_name = [r for r in f_records if f_records[r]]
-        # Sort alphabetically if python version is smaller than 3.6
-        if sys.version_info[0] < 3 or (sys.version_info[0] == 3
-                                       and sys.version_info[1] < 6):
-            r_name.sort()
-        return r_name
+    def get_supported_record_types(self, zone_type):
+        setting_value = []
+
+        if zone_type == self.ZONE_TYPE_FORWARD:
+            setting_value = self.get('forward_records_allow_edit')
+        elif zone_type == self.ZONE_TYPE_REVERSE:
+            setting_value = self.get('reverse_records_allow_edit')
+
+        records = literal_eval(setting_value) if isinstance(setting_value, str) else setting_value
+        types = [r for r in records if records[r]]
 
-    def get_reverse_records_allow_to_edit(self):
-        records = self.get('reverse_records_allow_edit')
-        r_records = literal_eval(records) if isinstance(records,
-                                                        str) else records
-        r_name = [r for r in r_records if r_records[r]]
         # Sort alphabetically if python version is smaller than 3.6
-        if sys.version_info[0] < 3 or (sys.version_info[0] == 3
-                                       and sys.version_info[1] < 6):
-            r_name.sort()
-        return r_name
+        if sys.version_info[0] < 3 or (sys.version_info[0] == 3 and sys.version_info[1] < 6):
+            types.sort()
+
+        return types
 
     def get_ttl_options(self):
         return [(pytimeparse.parse(ttl), ttl)
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 5b96b1883..3ed5f9ec4 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1460,6 +1460,7 @@ def setting_pdns():
 @login_required
 @operator_role_required
 def setting_records():
+    from powerdnsadmin.lib.settings import AppSettings
     if request.method == 'GET':
         _fr = Setting().get('forward_records_allow_edit')
         _rr = Setting().get('reverse_records_allow_edit')
@@ -1472,7 +1473,7 @@ def setting_records():
     elif request.method == 'POST':
         fr = {}
         rr = {}
-        records = Setting().defaults['forward_records_allow_edit']
+        records = AppSettings.defaults['forward_records_allow_edit']
         for r in records:
             fr[r] = True if request.form.get('fr_{0}'.format(
                 r.lower())) else False
@@ -1517,6 +1518,7 @@ def setting_authentication():
 @login_required
 @admin_role_required
 def setting_authentication_api():
+    from powerdnsadmin.lib.settings import AppSettings
     result = {'status': 1, 'messages': [], 'data': {}}
 
     if request.form.get('commit') == '1':
@@ -1524,7 +1526,7 @@ def setting_authentication_api():
         data = json.loads(request.form.get('data'))
 
         for key, value in data.items():
-            if key in model.groups['authentication']:
+            if key in AppSettings.groups['authentication']:
                 model.set(key, value)
 
     result['data'] = Setting().get_group('authentication')
diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index b1734fc62..56ca4059a 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -72,9 +72,9 @@ def domain(domain_name):
     quick_edit = Setting().get('record_quick_edit')
     records_allow_to_edit = Setting().get_records_allow_to_edit()
     forward_records_allow_to_edit = Setting(
-    ).get_forward_records_allow_to_edit()
+    ).get_supported_record_types(Setting().ZONE_TYPE_FORWARD)
     reverse_records_allow_to_edit = Setting(
-    ).get_reverse_records_allow_to_edit()
+    ).get_supported_record_types(Setting().ZONE_TYPE_REVERSE)
     ttl_options = Setting().get_ttl_options()
     records = []
 

From ccd7373efe85c09a494a05666a20963c2b4f6e9f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 18:52:27 -0400
Subject: [PATCH 430/475] Corrected issue with encoding / decoding of
 dictionary and list type settings values.

Updated zone record settings management to use valid JSON format with backwards compatibility support for the non-JSON literal format.
---
 powerdnsadmin/lib/settings.py   |  7 ++++-
 powerdnsadmin/models/setting.py |  6 ++++-
 powerdnsadmin/routes/admin.py   | 46 ++++++++++++++++++---------------
 3 files changed, 36 insertions(+), 23 deletions(-)

diff --git a/powerdnsadmin/lib/settings.py b/powerdnsadmin/lib/settings.py
index c6d6c9568..bebc9de0f 100644
--- a/powerdnsadmin/lib/settings.py
+++ b/powerdnsadmin/lib/settings.py
@@ -597,7 +597,12 @@ def convert_type(name, value):
                 try:
                     return json.loads(value)
                 except JSONDecodeError as e:
-                    raise ValueError('Cannot parse json {} for variable {}'.format(value, name))
+                    # Provide backwards compatibility for legacy non-JSON format
+                    value = value.replace("'", '"').replace('True', 'true').replace('False', 'false')
+                    try:
+                        return json.loads(value)
+                    except JSONDecodeError as e:
+                        raise ValueError('Cannot parse json {} for variable {}'.format(value, name))
 
             if var_type == str:
                 return str(value)
diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py
index 214d7aca6..2bcd8c509 100644
--- a/powerdnsadmin/models/setting.py
+++ b/powerdnsadmin/models/setting.py
@@ -72,13 +72,17 @@ def toggle(self, setting):
             return False
 
     def set(self, setting, value):
+        import json
         current_setting = Setting.query.filter(Setting.name == setting).first()
 
         if current_setting is None:
             current_setting = Setting(name=setting, value=None)
             db.session.add(current_setting)
 
-        value = str(AppSettings.convert_type(setting, value))
+        value = AppSettings.convert_type(setting, value)
+
+        if isinstance(value, dict) or isinstance(value, list):
+            value = json.dumps(value)
 
         try:
             current_setting.value = value
diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index 3ed5f9ec4..b5635559b 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -128,14 +128,17 @@ def extract_changelogs_from_history(histories, record_name=None, record_type=Non
 
         # filter only the records with the specific record_name, record_type
         if record_name != None and record_type != None:
-            details['add_rrsets'] = list(filter_rr_list_by_name_and_type(details['add_rrsets'], record_name, record_type))
-            details['del_rrsets'] = list(filter_rr_list_by_name_and_type(details['del_rrsets'], record_name, record_type))
+            details['add_rrsets'] = list(
+                filter_rr_list_by_name_and_type(details['add_rrsets'], record_name, record_type))
+            details['del_rrsets'] = list(
+                filter_rr_list_by_name_and_type(details['del_rrsets'], record_name, record_type))
 
             if not details['add_rrsets'] and not details['del_rrsets']:
                 continue
 
         # same record name and type RR are being deleted and created in same entry.
-        del_add_changes = set([(r['name'], r['type']) for r in details['add_rrsets']]).intersection([(r['name'], r['type']) for r in details['del_rrsets']])
+        del_add_changes = set([(r['name'], r['type']) for r in details['add_rrsets']]).intersection(
+            [(r['name'], r['type']) for r in details['del_rrsets']])
         for del_add_change in del_add_changes:
             changes.append(HistoryRecordEntry(
                 entry,
@@ -155,8 +158,8 @@ def extract_changelogs_from_history(histories, record_name=None, record_type=Non
         # sort changes by the record name
         if changes:
             changes.sort(key=lambda change:
-                    change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
-                    )
+            change.del_rrset['name'] if change.del_rrset else change.add_rrset['name']
+                         )
             out_changes.extend(changes)
     return out_changes
 
@@ -1149,10 +1152,10 @@ def history_table():  # ajax call data
                 .outerjoin(Account, Domain.account_id == Account.id) \
                 .outerjoin(AccountUser, Account.id == AccountUser.account_id) \
                 .filter(db.or_(
-                    DomainUser.user_id == current_user.id,
-                    AccountUser.user_id == current_user.id
-                )) \
-            .subquery()
+                DomainUser.user_id == current_user.id,
+                AccountUser.user_id == current_user.id
+            )) \
+                .subquery()
             base_query = base_query.filter(History.domain_id.in_(allowed_domain_id_subquery))
 
         domain_name = request.args.get('domain_name_filter') if request.args.get('domain_name_filter') != None \
@@ -1271,7 +1274,8 @@ def history_table():  # ajax call data
                     )
                 ).order_by(History.created_on.desc()) \
                     .limit(lim).all()
-        elif user_name != None and current_user.role.name in ['Administrator', 'Operator']:  # only admins can see the user login-logouts
+        elif user_name != None and current_user.role.name in ['Administrator',
+                                                              'Operator']:  # only admins can see the user login-logouts
 
             histories = base_query.filter(
                 db.and_(
@@ -1296,7 +1300,8 @@ def history_table():  # ajax call data
                         temp.append(h)
                         break
             histories = temp
-        elif (changed_by != None or max_date != None) and current_user.role.name in ['Administrator', 'Operator']:  # select changed by and date filters only
+        elif (changed_by != None or max_date != None) and current_user.role.name in ['Administrator',
+                                                                                     'Operator']:  # select changed by and date filters only
             histories = base_query.filter(
                 db.and_(
                     History.created_on <= max_date if max_date != None else True,
@@ -1305,7 +1310,8 @@ def history_table():  # ajax call data
                 )
             ) \
                 .order_by(History.created_on.desc()).limit(lim).all()
-        elif (changed_by != None or max_date != None):  # special filtering for user because one user does not have access to log-ins logs
+        elif (
+                changed_by != None or max_date != None):  # special filtering for user because one user does not have access to log-ins logs
             histories = base_query.filter(
                 db.and_(
                     History.created_on <= max_date if max_date != None else True,
@@ -1462,14 +1468,11 @@ def setting_pdns():
 def setting_records():
     from powerdnsadmin.lib.settings import AppSettings
     if request.method == 'GET':
-        _fr = Setting().get('forward_records_allow_edit')
-        _rr = Setting().get('reverse_records_allow_edit')
-        f_records = literal_eval(_fr) if isinstance(_fr, str) else _fr
-        r_records = literal_eval(_rr) if isinstance(_rr, str) else _rr
-
+        forward_records = Setting().get('forward_records_allow_edit')
+        reverse_records = Setting().get('reverse_records_allow_edit')
         return render_template('admin_setting_records.html',
-                               f_records=f_records,
-                               r_records=r_records)
+                               f_records=forward_records,
+                               r_records=reverse_records)
     elif request.method == 'POST':
         fr = {}
         rr = {}
@@ -1480,8 +1483,9 @@ def setting_records():
             rr[r] = True if request.form.get('rr_{0}'.format(
                 r.lower())) else False
 
-        Setting().set('forward_records_allow_edit', str(fr))
-        Setting().set('reverse_records_allow_edit', str(rr))
+        Setting().set('forward_records_allow_edit', json.dumps(fr))
+        Setting().set('reverse_records_allow_edit', json.dumps(rr))
+
         return redirect(url_for('admin.setting_records'))
 
 

From 601539f16e943fb2ed04eba0f25625a110f7baa6 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 19:00:39 -0400
Subject: [PATCH 431/475] Removed unnecessary parenthesis.

---
 powerdnsadmin/routes/admin.py | 24 +-----------------------
 1 file changed, 1 insertion(+), 23 deletions(-)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index b5635559b..a69e46a57 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -1402,7 +1402,7 @@ def setting_basic_edit(setting):
     new_value = jdata['value']
     result = Setting().set(setting, new_value)
 
-    if (result):
+    if result:
         return make_response(
             jsonify({
                 'status': 'ok',
@@ -1489,28 +1489,6 @@ def setting_records():
         return redirect(url_for('admin.setting_records'))
 
 
-def has_an_auth_method(local_db_enabled=None,
-                       ldap_enabled=None,
-                       google_oauth_enabled=None,
-                       github_oauth_enabled=None,
-                       oidc_oauth_enabled=None,
-                       azure_oauth_enabled=None):
-    if local_db_enabled is None:
-        local_db_enabled = Setting().get('local_db_enabled')
-    if ldap_enabled is None:
-        ldap_enabled = Setting().get('ldap_enabled')
-    if google_oauth_enabled is None:
-        google_oauth_enabled = Setting().get('google_oauth_enabled')
-    if github_oauth_enabled is None:
-        github_oauth_enabled = Setting().get('github_oauth_enabled')
-    if oidc_oauth_enabled is None:
-        oidc_oauth_enabled = Setting().get('oidc_oauth_enabled')
-    if azure_oauth_enabled is None:
-        azure_oauth_enabled = Setting().get('azure_oauth_enabled')
-    return local_db_enabled or ldap_enabled or google_oauth_enabled or github_oauth_enabled or oidc_oauth_enabled \
-        or azure_oauth_enabled
-
-
 @admin_bp.route('/setting/authentication', methods=['GET', 'POST'])
 @login_required
 @admin_role_required

From c74c06c3271a1e834431d2b4fb1f4dc5ef307759 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 19:26:02 -0400
Subject: [PATCH 432/475] Added some missing settings to the new `AppSettings`
 class.

Corrected typo in app setup method.
---
 powerdnsadmin/__init__.py     | 2 +-
 powerdnsadmin/lib/settings.py | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/powerdnsadmin/__init__.py b/powerdnsadmin/__init__.py
index 32ad19e4b..660f96b6e 100755
--- a/powerdnsadmin/__init__.py
+++ b/powerdnsadmin/__init__.py
@@ -87,7 +87,7 @@ def create_app(config=None):
     app.jinja_env.filters['format_datetime_local'] = utils.format_datetime
     app.jinja_env.filters['format_zone_type'] = utils.format_zone_type
 
-    # Register context proccessors
+    # Register context processors
     from .models.setting import Setting
 
     @app.context_processor
diff --git a/powerdnsadmin/lib/settings.py b/powerdnsadmin/lib/settings.py
index bebc9de0f..b154112af 100644
--- a/powerdnsadmin/lib/settings.py
+++ b/powerdnsadmin/lib/settings.py
@@ -36,6 +36,7 @@ class AppSettings(object):
         'remote_user_enabled': False,
         'remote_user_cookies': [],
         'remote_user_logout_url': '',
+        'hsts_enabled': False,
         'server_external_ssl': True,
         'maintenance': False,
         'fullscreen_layout': True,
@@ -74,6 +75,7 @@ class AppSettings(object):
         'deny_domain_override': False,
         'account_name_extra_chars': False,
         'gravatar_enabled': False,
+        'pdns_admin_log_level': 'WARNING',
 
         # Local Authentication Settings
         'local_db_enabled': True,
@@ -306,6 +308,7 @@ class AppSettings(object):
         'mail_username': str,
         'mail_password': str,
         'mail_default_sender': str,
+        'hsts_enabled': bool,
         'remote_user_enabled': bool,
         'remote_user_cookies': list,
         'remote_user_logout_url': str,
@@ -346,6 +349,7 @@ class AppSettings(object):
         'deny_domain_override': bool,
         'account_name_extra_chars': bool,
         'gravatar_enabled': bool,
+        'pdns_admin_log_level': str,
         'forward_records_allow_edit': dict,
         'reverse_records_allow_edit': dict,
 

From 66f422754b330a726ba389f84c7383ed7f75bff3 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 19:33:32 -0400
Subject: [PATCH 433/475] Updated the application version references in
 preparation for the next release of `0.4.2`.

---
 .github/ISSUE_TEMPLATE/bug_report.yaml      | 1 +
 .github/ISSUE_TEMPLATE/feature_request.yaml | 1 +
 VERSION                                     | 2 +-
 powerdnsadmin/templates/base.html           | 2 +-
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
index ea05799ed..2554d8194 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -15,6 +15,7 @@ body:
       label: PDA version
       description: What version of PDA are you currently running?
       options:
+        - "0.4.2"
         - "0.4.1"
         - "0.4.0"
         - "0.3.0"
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/feature_request.yaml
index 45950a1a2..438a1f5f9 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.yaml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yaml
@@ -15,6 +15,7 @@ body:
       label: PDA version
       description: What version of PDA are you currently running?
       options:
+        - "0.4.2"
         - "0.4.1"
         - "0.4.0"
         - "0.3.0"
diff --git a/VERSION b/VERSION
index 44bb5d1f7..f7abe273d 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.4.1
\ No newline at end of file
+0.4.2
\ No newline at end of file
diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index c8708e809..eaa90689d 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -228,7 +228,7 @@ <h1 class="m-0 text-dark">
     <footer class="main-footer">
         <strong><a href="https://github.com/PowerDNS-Admin/PowerDNS-Admin">PowerDNS-Admin</a></strong> - A PowerDNS web
         interface with advanced features.
-        <span class="float-right">Version 0.4.1</span>
+        <span class="float-right">Version 0.4.2</span>
     </footer>
 </div>
 <!-- ./wrapper -->

From 055ac761e3b729e9c2a5ab5237c61c0f9ef02276 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 14 Apr 2023 19:38:54 -0400
Subject: [PATCH 434/475] Updating documentation to reflect the latest app
 settings changes.

---
 README.md           | 8 ++++----
 docs/wiki/README.md | 1 -
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 6070d5f17..6ed492607 100644
--- a/README.md
+++ b/README.md
@@ -55,10 +55,10 @@ This creates a volume named `pda-data` to persist the default SQLite database wi
 1. Update the configuration   
    Edit the `docker-compose.yml` file to update the database connection string in `SQLALCHEMY_DATABASE_URI`.
    Other environment variables are mentioned in
-   the [legal_envvars](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L46).
-   To use the Docker secrets feature it is possible to append `_FILE` to the environment variables and point to a file
-   with the values stored in it.   
-   Make sure to set the environment variable `SECRET_KEY` to a long random
+   the [AppSettings.defaults](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/powerdnsadmin/lib/settings.py) dictionary.
+   To use a Docker-style secrets convention, one may append `_FILE` to the environment variables with a path to a file
+   containing the intended value of the variable (e.g. `SQLALCHEMY_DATABASE_URI_FILE=/run/secrets/db_uri`).   
+   Make sure to set the environment variable `SECRET_KEY` to a long, random
    string (https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY)
 
 2. Start docker container
diff --git a/docs/wiki/README.md b/docs/wiki/README.md
index 36fd31229..65165c23e 100644
--- a/docs/wiki/README.md
+++ b/docs/wiki/README.md
@@ -40,7 +40,6 @@
 
 - Setting up a zone
 - Adding a record
-- <whatever else>
 
 ## Feature usage
 

From f0e32a035d3337931556d19be9dfe602db5cff07 Mon Sep 17 00:00:00 2001
From: corubba <corubba@gmx.de>
Date: Sun, 16 Apr 2023 16:03:44 +0200
Subject: [PATCH 435/475] Fix deletion of comments

The compaitibility for backends that don't support comments broke the
normal deletion of comments. This is fixed by limiting the
compaitibility to when we don't know for certain whether the backend of
that zone supports comments or not. This is done by checking if the
zone currently contains any comments: If it does, the backend definitly
supports comment; if it doesn't, we don't know and have to assume it
doesn't. The check is done by the "modified_at" attribute, because this
only exists on persistent comments from pdns and not on the "fill-up"
comments that PDA adds.
Luckily this also works perfectly for the deletion case, because to
delete a comment it had to already exist previously.

Fixes #1516
---
 powerdnsadmin/models/record.py | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/powerdnsadmin/models/record.py b/powerdnsadmin/models/record.py
index 3b239b484..a43b057c3 100644
--- a/powerdnsadmin/models/record.py
+++ b/powerdnsadmin/models/record.py
@@ -251,6 +251,7 @@ def compare(self, domain_name, submitted_records):
         Returns:
             new_rrsets(list): List of rrsets to be added
             del_rrsets(list): List of rrsets to be deleted
+            zone_has_comments(bool): True if the zone currently contains persistent comments
         """
         # Create submitted rrsets from submitted records
         submitted_rrsets = self.build_rrsets(domain_name, submitted_records)
@@ -266,9 +267,11 @@ def compare(self, domain_name, submitted_records):
         # PDNS API always return the comments with modified_at
         # info, we have to remove it to be able to do the dict
         # comparison between current and submitted rrsets
+        zone_has_comments = False
         for r in current_rrsets:
             for comment in r['comments']:
                 if 'modified_at' in comment:
+                    zone_has_comments = True
                     del comment['modified_at']
 
         # List of rrsets to be added
@@ -290,7 +293,7 @@ def compare(self, domain_name, submitted_records):
         current_app.logger.debug("new_rrsets: \n{}".format(utils.pretty_json(new_rrsets)))
         current_app.logger.debug("del_rrsets: \n{}".format(utils.pretty_json(del_rrsets)))
 
-        return new_rrsets, del_rrsets
+        return new_rrsets, del_rrsets, zone_has_comments
 
     def apply_rrsets(self, domain_name, rrsets):
         headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
@@ -304,7 +307,7 @@ def apply_rrsets(self, domain_name, rrsets):
         return jdata
 
     @staticmethod
-    def to_api_payload(new_rrsets, del_rrsets):
+    def to_api_payload(new_rrsets, del_rrsets, comments_supported):
         """Turn the given changes into a single api payload."""
 
         def replace_for_api(rrset):
@@ -312,9 +315,13 @@ def replace_for_api(rrset):
             if not rrset or rrset.get('changetype', None) != 'REPLACE':
                 return rrset
             replace_copy = dict(rrset)
-            # For compatibility with some backends: Remove comments from rrset if all are blank
-            if not any((bool(c.get('content', None)) for c in replace_copy.get('comments', []))):
-                replace_copy.pop('comments', None)
+            has_nonempty_comments = any(bool(c.get('content', None)) for c in replace_copy.get('comments', []))
+            if not has_nonempty_comments:
+                if comments_supported:
+                    replace_copy['comments'] = []
+                else:
+                    # For backends that don't support comments: Remove the attribute altogether
+                    replace_copy.pop('comments', None)
             return replace_copy
 
         def rrset_in(needle, haystack):
@@ -351,11 +358,11 @@ def apply(self, domain_name, submitted_records):
             "submitted_records: {}".format(submitted_records))
 
         # Get the list of rrsets to be added and deleted
-        new_rrsets, del_rrsets = self.compare(domain_name, submitted_records)
+        new_rrsets, del_rrsets, zone_has_comments = self.compare(domain_name, submitted_records)
 
         # The history logic still needs *all* the deletes with full data to display a useful diff.
         # So create a "minified" copy for the api call, and return the original data back up
-        api_payload = self.to_api_payload(new_rrsets['rrsets'], del_rrsets['rrsets'])
+        api_payload = self.to_api_payload(new_rrsets['rrsets'], del_rrsets['rrsets'], zone_has_comments)
         current_app.logger.debug(f"api payload: \n{utils.pretty_json(api_payload)}")
 
         # Submit the changes to PDNS API

From 9350c98ea2ab4200e1582729ea6a692aa1163297 Mon Sep 17 00:00:00 2001
From: Roel Schroeven <roel@tresco.eu>
Date: Wed, 26 Apr 2023 17:26:52 +0200
Subject: [PATCH 436/475] Autofocus username field on Login screen

---
 powerdnsadmin/templates/login.html | 1 +
 1 file changed, 1 insertion(+)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 0436e5d3c..84e247d47 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -40,6 +40,7 @@
                     <div class="form-group">
                         <input type="text" class="form-control" placeholder="Username" name="username"
                                data-error="Please input your username" required
+                               autofocus
                                {% if username %}value="{{ username }}" {% endif %}>
                         <span class="help-block with-errors"></span>
                     </div>

From 11be125e3bd55ce7c16cf55fbb51b869734a9599 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 08:48:50 -0400
Subject: [PATCH 437/475] Update domain.html

---
 powerdnsadmin/templates/domain.html | 115 ++++++++++++++++++++++++++++
 1 file changed, 115 insertions(+)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index e594a2b13..8a3412799 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -22,6 +22,15 @@ <h1 class="m-0 text-dark">Zone Records - {{ domain.name | pretty_domain_name }}<
 {% block content %}
     <section class="content">
         <div class="container-fluid">
+            <div class="card" id="unsaved-changes-card" style="display: none; position: sticky; top: 0; z-index: 999;">
+                <div class="card-header" style="background-color: yellow;">
+                    <h3 class="card-title" style="color: red;">
+                        Warning: Unsaved Changes
+                    </h3>
+                </div>
+                <div class="card-body" style="font-size: 1rem; color: black; background-color: yellow;">
+                </div>
+            </div>
             <div class="row">
                 <div class="col-12">
                     <div class="card">
@@ -251,6 +260,7 @@ <h3 class="card-title">Zone Editor</h3>
 
             $("#button_delete_confirm").unbind().one('click', function (e) {
                 table.row(nRow).remove().draw();
+                detectUnsavedChanges(table);
                 modal.modal('hide');
             });
 
@@ -355,6 +365,7 @@ <h3 class="card-title">Zone Editor</h3>
             e.stopPropagation();
             var table = $("#tbl_records").DataTable();
             saveRow(table, nEditing);
+            detectUnsavedChanges(table);
             nEditing = null;
             nNew = false;
         });
@@ -368,6 +379,94 @@ <h3 class="card-title">Zone Editor</h3>
             }, $SCRIPT_ROOT + '/domain/' + domain + '/update', true);
         });
 
+        var unsavedChanges = false;
+
+        function detectUnsavedChanges(table) {
+            // Reset unsavedChanges to false at the start of the function
+            unsavedChanges = false;
+            var index = 0;
+            var origcount = {{ records|length }};
+            var count = table.page.info().recordsTotal;
+            var changes = {};  // Dictionary to store changes
+        
+            if (count != origcount) {
+                unsavedChanges = true; //a record was either added or deleted.
+            } else {
+                {% for record in records %}
+                var origrecordttl = '{{ record.ttl }}';
+                var origrecordname = '{{ (record.name,domain.name) | display_record_name }}';
+                var origrecorddata = '{{ record.data }}';
+                origrecorddata = origrecorddata.replace(/&#34;/g, '\"');
+                var origrecordtype = '{{ record.type }}';
+                var origrecordstatus = '{{ record.status }}';
+                var origrecordcomment = '{{ record.comment }}';
+                if (!table.row(index) || typeof table.row(index) == 'undefined') {
+                    unsavedChanges = true; //sanity check otherwise below code throws error if row at that index doesn't exist.
+                } else {
+                    var editrecordname = table.row(index).data()[0];
+                    var editrecordtype = table.row(index).data()[1];
+                    var editrecordstatus = table.row(index).data()[2];
+                    var editrecordttl = table.row(index).data()[3];
+                    var editrecorddata = table.row(index).data()[4];
+                    var editrecordcomment = table.row(index).data()[5];
+                    if (origrecordttl != editrecordttl || origrecordname != editrecordname || origrecorddata != editrecorddata || origrecordtype != editrecordtype |>
+                        unsavedChanges = true;
+                    }
+                }
+                index++;
+                {% endfor %}
+            }
+            unsavedChangesWarning(unsavedChanges);
+
+            // Get the modal and the navigation links
+            var modal = document.getElementById('WarnLeave');
+            var navLinks = document.querySelectorAll('.nav-link');
+
+            // Listen for clicks on navigation links
+            navLinks.forEach(function(link) {
+                if (!link.classList.contains('no-prompt')) {
+                    link.addEventListener('click', function(event) {
+                        if (unsavedChanges) {
+                            event.preventDefault();  // Prevent navigation
+                            modal.style.display = "block";  // Show the modal
+                            // Get the buttons
+                            var stayButton = document.getElementById('stay');
+                            var leaveButton = document.getElementById('leave');
+        
+                            // When the user clicks on "Stay", close the modal
+                            stayButton.onclick = function() {
+                                modal.style.display = "none";
+                            }
+        
+                            // When the user clicks on "Leave", navigate away
+                            leaveButton.onclick = function() {
+                                unsavedChanges = false;  // No unsaved changes anymore
+                                location.href = link.href;  // Navigate to the clicked link
+                            }
+                        }
+                    });
+                }
+            });
+        }
+
+        function unsavedChangesWarning(unsavedChanges) {
+            var card = document.getElementById("unsaved-changes-card");
+            var cardBody = card.querySelector(".card-body");
+        
+            if(unsavedChanges){
+                var message = 'There are unsaved changes for the zone. Please click Save Changes to save all of your changes.';
+                card.style.display = 'block';  // to show the card
+                cardBody.innerHTML = message;
+                return false;
+            } else {
+                card.style.display = 'none';  // to hide the card
+            }
+        }
+
+
+
+        
+
         {% if SETTING.get('record_helper') %}
             //handle wacky record types
             $(document.body).on("focus", "#current_edit_record_data", function (e) {
@@ -677,4 +776,20 @@ <h4 class="modal-title">Custom Record</h4>
             </div>
         </div>
     </div>
+    <div class="modal" tabindex="-1" id="WarnLeave">
+      <div class="modal-dialog">
+        <div class="modal-content">
+          <div class="modal-header">
+            <h5 class="modal-title">Unsaved Changes</h5>
+          </div>
+          <div class="modal-body">
+            <p>You have unsaved changes. Are you sure you want to navigate away?</p>
+          </div>
+          <div class="modal-footer">
+            <button type="button" class="btn btn-primary" id="stay">Stay</button>
+            <button type="button" class="btn btn-secondary" id="leave">Leave</button>
+          </div>
+        </div>
+      </div>
+    </div>
 {% endblock %}

From 953221578bd5db9dde2f761800d09bcdd62e88a2 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 08:50:14 -0400
Subject: [PATCH 438/475] Update base.html

---
 powerdnsadmin/templates/base.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/templates/base.html b/powerdnsadmin/templates/base.html
index eaa90689d..ff69f3bd2 100644
--- a/powerdnsadmin/templates/base.html
+++ b/powerdnsadmin/templates/base.html
@@ -31,14 +31,14 @@
             <!-- Sidebar toggle button-->
             <ul class="navbar-nav">
                 <li class="nav-item">
-                    <a class="nav-link" data-widget="pushmenu" href="#" role="button">
+                    <a class="nav-link no-prompt" data-widget="pushmenu" href="#" role="button">
                         <i class="fa-solid fa-bars"></i>
                     </a>
                 </li>
             </ul>
             <ul class="navbar-nav ml-auto">
                 <li class="nav-item">
-                    <a class="nav-link" data-widget="fullscreen" href="#" role="button">
+                    <a class="nav-link no-prompt" data-widget="fullscreen" href="#" role="button">
                         <i class="fa-solid fa-expand-arrows-alt"></i>
                     </a>
                 </li>
@@ -154,7 +154,7 @@
                             </a>
                         </li>
                         <li class="{{ 'nav-item active' if active_page == 'admin_settings' else 'nav-item' }}">
-                            <a href="#" class="nav-link">
+                            <a href="#" class="nav-link no-prompt">
                                 <i class="nav-icon fa-solid fa-cog"></i>
                                 <p>
                                     Settings
@@ -418,4 +418,4 @@ <h3><span id="modal-time"></span></h3>
 {% block modals %}
 {% endblock %}
 </body>
-</html>
\ No newline at end of file
+</html>

From e88a836f2640d5d0ccf6c67d0bad4a5ca81d9457 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 10:21:15 -0400
Subject: [PATCH 439/475] Fix ordering and type

Fixes the ordering of variables for cosmetic, and adds the missing code for the compare of changes.
---
 powerdnsadmin/templates/domain.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 8a3412799..8fa1f5a3e 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -393,12 +393,12 @@ <h3 class="card-title">Zone Editor</h3>
                 unsavedChanges = true; //a record was either added or deleted.
             } else {
                 {% for record in records %}
-                var origrecordttl = '{{ record.ttl }}';
                 var origrecordname = '{{ (record.name,domain.name) | display_record_name }}';
-                var origrecorddata = '{{ record.data }}';
-                origrecorddata = origrecorddata.replace(/&#34;/g, '\"');
                 var origrecordtype = '{{ record.type }}';
                 var origrecordstatus = '{{ record.status }}';
+                var origrecordttl = '{{ record.ttl }}';
+                var origrecorddata = '{{ record.data }}';
+                origrecorddata = origrecorddata.replace(/&#34;/g, '\"');
                 var origrecordcomment = '{{ record.comment }}';
                 if (!table.row(index) || typeof table.row(index) == 'undefined') {
                     unsavedChanges = true; //sanity check otherwise below code throws error if row at that index doesn't exist.
@@ -409,7 +409,7 @@ <h3 class="card-title">Zone Editor</h3>
                     var editrecordttl = table.row(index).data()[3];
                     var editrecorddata = table.row(index).data()[4];
                     var editrecordcomment = table.row(index).data()[5];
-                    if (origrecordttl != editrecordttl || origrecordname != editrecordname || origrecorddata != editrecorddata || origrecordtype != editrecordtype |>
+                    if (origrecordname != editrecordname || origrecordtype != editrecordtype || origrecordstatus != editrecordstatus || origrecordttl != editrecordttl ||  origrecorddata != editrecorddata ||  origrecordcomment != editrecordcomment) {
                         unsavedChanges = true;
                     }
                 }

From 8e53e4ae4858d0c253bf99ecc085185982d2cd3b Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 10:24:59 -0400
Subject: [PATCH 440/475] Update Versions

Update Flask and Werkzeug versions
---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 0db7b16fd..15f6761ff 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,7 +7,7 @@ Flask-SQLAlchemy==2.5.1
 Flask-SSLify==0.1.5
 Flask-SeaSurf==1.1.1
 Flask-Session==0.4.0
-Flask==2.1.3
+Flask==2.2.5
 Jinja2==3.1.2
 PyYAML==5.4
 SQLAlchemy==1.3.24
@@ -40,9 +40,9 @@ qrcode==7.3.1
 requests==2.28.2
 rjsmin==1.2.1
 webcolors==1.12
-werkzeug==2.1.2
+werkzeug==2.2.3
 zipp==3.11.0
 rcssmin==1.1.1
 zxcvbn==4.4.28
 psycopg2==2.9.5
-setuptools==65.5.1 # fixes CVE-2022-40897
\ No newline at end of file
+setuptools==65.5.1 # fixes CVE-2022-40897

From fa7b146c7895f0bdb697700f1f255f5fdb057e59 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 10:35:52 -0400
Subject: [PATCH 441/475] Remove Misc Code

---
 powerdnsadmin/templates/domain.html | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index 8fa1f5a3e..ebd0f2c8f 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -696,10 +696,6 @@ <h3 class="card-title">Zone Editor</h3>
             });
         {% endif %}
 
-        window.onload = function () {
-            document.getElementById("loading-spinner").style.display = "none";
-        }
-
     </script>
 {% endblock %}
 

From 08c39c64c2314386a4ed9ff14948ec2808660d49 Mon Sep 17 00:00:00 2001
From: Tyler Todd <ttodd@ttodd.com>
Date: Thu, 22 Jun 2023 12:03:42 -0400
Subject: [PATCH 442/475] Fix non rr_set events in Zone Changelog display

This will resolve #1566
---
 powerdnsadmin/routes/admin.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py
index a69e46a57..4887a87b0 100644
--- a/powerdnsadmin/routes/admin.py
+++ b/powerdnsadmin/routes/admin.py
@@ -119,6 +119,9 @@ def extract_changelogs_from_history(histories, record_name=None, record_type=Non
     for entry in histories:
         changes = []
 
+        if entry.detail is None:
+            continue
+        
         if "add_rrsets" in entry.detail:
             details = json.loads(entry.detail)
             if not details['add_rrsets'] and not details['del_rrsets']:

From c03f5c4f9eea9ea5e2586fb247d942c05b234d8e Mon Sep 17 00:00:00 2001
From: Kristian Feldsam <feldsam@gmail.com>
Date: Tue, 8 Aug 2023 00:01:00 +0200
Subject: [PATCH 443/475] Dashboard domains table - join actions into single
 column

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>

dfdas

Signed-off-by: Kristian Feldsam <feldsam@gmail.com>
---
 powerdnsadmin/templates/domain.html | 37 +++++++++--------------------
 1 file changed, 11 insertions(+), 26 deletions(-)

diff --git a/powerdnsadmin/templates/domain.html b/powerdnsadmin/templates/domain.html
index ebd0f2c8f..2cef52f67 100755
--- a/powerdnsadmin/templates/domain.html
+++ b/powerdnsadmin/templates/domain.html
@@ -86,11 +86,7 @@ <h3 class="card-title">Zone Editor</h3>
                                     <th>Data</th>
                                     {% if domain.type != 'Slave' %}
                                         <th>Comment</th>
-                                        <th>Edit</th>
-                                        <th>Delete</th>
-                                        {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
-                                            <th>Changelog</th>
-                                        {% endif %}
+                                        <th>Actions</th>
                                     {% else %}
                                         <th>Invisible Sorting Column</th>
                                     {% endif %}
@@ -108,7 +104,7 @@ <h3 class="card-title">Zone Editor</h3>
                                             <td>{{ record.comment }}</td>
                                             <td>
                                                 {% if record.is_allowed_edit() %}
-                                                    <button type="button" class="btn btn-sm btn-warning button_edit">
+                                                    <button type="button" title="Edit" class="btn btn-sm btn-warning button_edit">
                                                         <i class="fa-solid fa-edit"></i>
                                                     </button>
                                                 {% else %}
@@ -116,23 +112,19 @@ <h3 class="card-title">Zone Editor</h3>
                                                         <i class="fa-solid fa-exclamation-circle"></i>
                                                     </button>
                                                 {% endif %}
-                                            </td>
-                                            <td>
                                                 {% if record.is_allowed_delete() %}
-                                                    <button type="button" class="btn btn-sm btn-danger button_delete">
+                                                    <button type="button" title="Delete" class="btn btn-sm btn-danger button_delete">
                                                         <i class="fa-solid fa-trash"></i>
                                                     </button>
                                                 {% endif %}
-                                            </td>
-                                            {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
-                                                <td>
-                                                    <button type="button"
+                                                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
+                                                    <button type="button" title="Changelog"
                                                             onclick="show_record_changelog('{{ record.name }}','{{ record.type }}',event)"
-                                                            class="btn btn-primary">
+                                                            class="btn btn-primary btn-sm">
                                                         <i class="fa-solid fa-history" aria-hidden="true"></i>
                                                     </button>
-                                                </td>
-                                            {% endif %}
+                                                {% endif %}
+                                            </td>
                                         {% endif %}
                                         <!-- hidden column that we can sort on -->
                                         <td>1</td>
@@ -155,6 +147,7 @@ <h3 class="card-title">Zone Editor</h3>
         table#tbl_records thead th:nth-child(2),
         table#tbl_records thead th:nth-child(3),
         table#tbl_records thead th:nth-child(4) { width: 100px; }
+        table#tbl_records thead th:nth-child(7) { width: 80px; }
         table#tbl_records tbody td { text-align: center; }
         table#tbl_records tbody td:nth-child(0n+5),
         table#tbl_records tbody td:nth-child(0n+6) { text-align: left; word-break: break-all; }
@@ -203,11 +196,7 @@ <h3 class="card-title">Zone Editor</h3>
                     // regardless of whatever sorting is done. See orderFixed
                     visible: false,
                     {% if domain.type != 'Slave' %}
-                        {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
-                            targets: [9]
-                        {% else %}
-                            targets: [8]
-                        {% endif %}
+                        targets: [7]
                     {% else %}
                         targets: [5]
                     {% endif %}
@@ -225,11 +214,7 @@ <h3 class="card-title">Zone Editor</h3>
                 }
             ],
             {% if domain.type != 'Slave' %}
-                {% if current_user.role.name in ['Administrator', 'Operator'] or allow_user_view_history %}
-                    "orderFixed": [[9, 'asc']]
-                {% else %}
-                    "orderFixed": [[8, 'asc']]
-                {% endif %}
+                "orderFixed": [[7, 'asc']]
             {% else %}
                 "orderFixed": [[5, 'asc']]
             {% endif %}

From ad9e4938bc2ae92de3983fe958796d23392663bb Mon Sep 17 00:00:00 2001
From: Ronan <ronan.och@ac3.com.au>
Date: Thu, 31 Aug 2023 16:25:12 +1000
Subject: [PATCH 444/475] Add additional log information

Print out the message returned by create_local_user() when it fails to create a new local user.
---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index d56ce6129..23d88bbdd 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -258,7 +258,7 @@ def login():
 
             result = user.create_local_user()
             if not result['status']:
-                current_app.logger.warning('Unable to create ' + azure_username)
+                current_app.logger.warning('Unable to create ' + azure_username + ' Reasoning: ' + result['msg'])
                 session.pop('azure_token', None)
                 # note: a redirect to login results in an endless loop, so render the login page instead
                 return render_template('login.html',

From 7fcd2b8aa6ebcf2074ad4fadc92a33162d704e42 Mon Sep 17 00:00:00 2001
From: Ronan <ronan.och@ac3.com.au>
Date: Thu, 31 Aug 2023 16:26:48 +1000
Subject: [PATCH 445/475] Fix case sensitivity for duplicate username creation

---
 powerdnsadmin/models/user.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index e989aa0cb..f1673a578 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -408,7 +408,7 @@ def create_local_user(self):
         Create local user witch stores username / password in the DB
         """
         # check if username existed
-        user = User.query.filter(User.username == self.username).first()
+        user = User.query.filter(User.username.lower() == self.username.lower()).first()
         if user:
             return {'status': False, 'msg': 'Username is already in use'}
 

From c52bdd0daf66047e41f56db4967819162861dd46 Mon Sep 17 00:00:00 2001
From: Ronan <ronan.och@ac3.com.au>
Date: Thu, 31 Aug 2023 16:28:06 +1000
Subject: [PATCH 446/475] Fix case sensitivity for duplicate email creation

---
 powerdnsadmin/models/user.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index f1673a578..5a24c913e 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -413,7 +413,7 @@ def create_local_user(self):
             return {'status': False, 'msg': 'Username is already in use'}
 
         # check if email existed
-        user = User.query.filter(User.email == self.email).first()
+        user = User.query.filter(User.email.lower() == self.email.lower()).first()
         if user:
             return {'status': False, 'msg': 'Email address is already in use'}
 

From 4442577b0bb4e1e4f03eb9b82e2da4c3d54331c2 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 06:26:38 -0500
Subject: [PATCH 447/475] Created a new model to represent the Flask-Session
 storage schema `sessions` with a method for removing expired sessions.

Added a trigger for the Flask-Session model's session clean-up method to the `before_request` handler of the user router.
---
 powerdnsadmin/models/sessions.py | 39 ++++++++++++++++++++++++++++++++
 powerdnsadmin/routes/user.py     |  5 ++++
 2 files changed, 44 insertions(+)
 create mode 100644 powerdnsadmin/models/sessions.py

diff --git a/powerdnsadmin/models/sessions.py b/powerdnsadmin/models/sessions.py
new file mode 100644
index 000000000..b699a3dff
--- /dev/null
+++ b/powerdnsadmin/models/sessions.py
@@ -0,0 +1,39 @@
+from flask import current_app, session
+from flask_login import current_user
+from .base import db
+
+
+class Sessions(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    session_id = db.Column(db.String(255), index=True, unique=True)
+    data = db.Column(db.BLOB)
+    expiry = db.Column(db.DateTime)
+
+    def __init__(self,
+                 id=None,
+                 session_id=None,
+                 data=None,
+                 expiry=None):
+        self.id = id
+        self.session_id = session_id
+        self.data = data
+        self.expiry = expiry
+
+    def __repr__(self):
+        return '<Sessions {0}>'.format(self.id)
+
+    @staticmethod
+    def clean_up_expired_sessions():
+        """Clean up expired sessions in the database"""
+        from datetime import datetime
+        from sqlalchemy import or_
+        from sqlalchemy.exc import SQLAlchemyError
+
+        try:
+            db.session.query(Sessions).filter(or_(Sessions.expiry < datetime.now(), Sessions.expiry is None)).delete()
+            db.session.commit()
+        except SQLAlchemyError as e:
+            db.session.rollback()
+            current_app.logger.error(e)
+            return False
+        return True
diff --git a/powerdnsadmin/routes/user.py b/powerdnsadmin/routes/user.py
index adba502be..469b45942 100644
--- a/powerdnsadmin/routes/user.py
+++ b/powerdnsadmin/routes/user.py
@@ -37,6 +37,11 @@ def before_request():
         minutes=int(Setting().get('session_timeout')))
     session.modified = True
 
+    # Clean up expired sessions in the database
+    if Setting().get('session_type') == 'sqlalchemy':
+        from ..models.sessions import Sessions
+        Sessions().clean_up_expired_sessions()
+
 
 @user_bp.route('/profile', methods=['GET', 'POST'])
 @login_required

From 0472aba25e6b948349527a2340022f1a01c8de86 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 06:54:55 -0500
Subject: [PATCH 448/475] Updated Python requirements for PyYAML from version
 5.4 to 6.0.1 to resolve a conflict with Cython.

---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 15f6761ff..77d830a79 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,7 +9,7 @@ Flask-SeaSurf==1.1.1
 Flask-Session==0.4.0
 Flask==2.2.5
 Jinja2==3.1.2
-PyYAML==5.4
+PyYAML==6.0.1
 SQLAlchemy==1.3.24
 #alembic==1.9.0
 bcrypt==4.0.1

From 67085653aed1e70ea94a11680ff39dc11c93b2f8 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 07:33:58 -0500
Subject: [PATCH 449/475] Tested the proposed modification to the Docker
 healthcheck command to support subdirectory root paths to no avail.

Staging changes until a proper resolution is proposed.
---
 docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 55ccdfd66..3226fc846 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -92,6 +92,6 @@ RUN chown ${USER}:${USER} ./configs /app && \
 
 EXPOSE 80/tcp
 USER ${USER}
-HEALTHCHECK CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1/"]
+HEALTHCHECK --interval=5s --timeout=5s --start-period=20s --retries=5 CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1${SCRIPT_NAME:-/}"]
 ENTRYPOINT ["entrypoint.sh"]
 CMD ["gunicorn","powerdnsadmin:create_app()"]

From 447bb1474299e631e1de3c3306875fba8ea207a5 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 07:40:49 -0500
Subject: [PATCH 450/475] Updated the roboto_mono.css and source_sans_pro.css
 font-face definition files to utilize relative pathing to resolve issues with
 installations deployed in subdirectories.

---
 .../static/assets/css/roboto_mono.css         | 12 +--
 .../static/assets/css/source_sans_pro.css     | 84 +++++++++----------
 2 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/powerdnsadmin/static/assets/css/roboto_mono.css b/powerdnsadmin/static/assets/css/roboto_mono.css
index dc14ffbe9..ceb7256e9 100644
--- a/powerdnsadmin/static/assets/css/roboto_mono.css
+++ b/powerdnsadmin/static/assets/css/roboto_mono.css
@@ -4,8 +4,8 @@
   font-style: normal;
   font-weight: 300;
   src: local('Roboto Mono Light'), local('RobotoMono-Light'),
-       url('/static/assets/fonts/roboto-mono-v7-latin-300.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-       url('/static/assets/fonts/roboto-mono-v7-latin-300.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+       url('../fonts/roboto-mono-v7-latin-300.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+       url('../fonts/roboto-mono-v7-latin-300.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
 }
 /* roboto-mono-regular - latin */
 @font-face {
@@ -13,8 +13,8 @@
   font-style: normal;
   font-weight: 400;
   src: local('Roboto Mono'), local('RobotoMono-Regular'),
-       url('/static/assets/fonts/roboto-mono-v7-latin-regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-       url('/static/assets/fonts/roboto-mono-v7-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+       url('../fonts/roboto-mono-v7-latin-regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+       url('../fonts/roboto-mono-v7-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
 }
 /* roboto-mono-700 - latin */
 @font-face {
@@ -22,6 +22,6 @@
   font-style: normal;
   font-weight: 700;
   src: local('Roboto Mono Bold'), local('RobotoMono-Bold'),
-       url('/static/assets/fonts/roboto-mono-v7-latin-700.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
-       url('/static/assets/fonts/roboto-mono-v7-latin-700.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
+       url('../fonts/roboto-mono-v7-latin-700.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */
+       url('../fonts/roboto-mono-v7-latin-700.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */
 }
\ No newline at end of file
diff --git a/powerdnsadmin/static/assets/css/source_sans_pro.css b/powerdnsadmin/static/assets/css/source_sans_pro.css
index 06ef9f49b..8cd030a5f 100644
--- a/powerdnsadmin/static/assets/css/source_sans_pro.css
+++ b/powerdnsadmin/static/assets/css/source_sans_pro.css
@@ -3,89 +3,89 @@
   font-family: 'Source Sans Pro';
   font-style: normal;
   font-weight: 300;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-300.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-300.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro Light'), local('SourceSansPro-Light'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-300.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-300.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-300.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-300.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-300.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-300italic - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: italic;
   font-weight: 300;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-300italic.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro Light Italic'), local('SourceSansPro-LightItalic'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-300italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-300italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-300italic.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-300italic.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-300italic.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-300italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-regular - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: normal;
   font-weight: 400;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-regular.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-regular.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro Regular'), local('SourceSansPro-Regular'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-regular.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-regular.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-regular.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-regular.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-regular.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-regular.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-regular.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-regular.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-regular.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-regular.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-italic - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: italic;
   font-weight: 400;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-italic.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-italic.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro Italic'), local('SourceSansPro-Italic'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-italic.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-italic.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-italic.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-italic.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-italic.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-italic.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-600 - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: normal;
   font-weight: 600;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-600.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-600.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro SemiBold'), local('SourceSansPro-SemiBold'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-600.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-600.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-600.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-600.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-600.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-600italic - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: italic;
   font-weight: 600;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-600italic.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro SemiBold Italic'), local('SourceSansPro-SemiBoldItalic'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-600italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-600italic.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-600italic.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-600italic.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-600italic.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-600italic.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
 /* source-sans-pro-700 - latin */
 @font-face {
   font-family: 'Source Sans Pro';
   font-style: normal;
   font-weight: 700;
-  src: url('/static/assets/fonts/source-sans-pro-v13-latin-700.eot'); /* IE9 Compat Modes */
+  src: url('../fonts/source-sans-pro-v13-latin-700.eot'); /* IE9 Compat Modes */
   src: local('Source Sans Pro Bold'), local('SourceSansPro-Bold'),
-       url('/static/assets/fonts/source-sans-pro-v13-latin-700.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-700.woff2') format('woff2'), /* Super Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-700.woff') format('woff'), /* Modern Browsers */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-700.ttf') format('truetype'), /* Safari, Android, iOS */
-       url('/static/assets/fonts/source-sans-pro-v13-latin-700.svg#SourceSansPro') format('svg'); /* Legacy iOS */
+       url('../fonts/source-sans-pro-v13-latin-700.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+       url('../fonts/source-sans-pro-v13-latin-700.woff2') format('woff2'), /* Super Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-700.woff') format('woff'), /* Modern Browsers */
+       url('../fonts/source-sans-pro-v13-latin-700.ttf') format('truetype'), /* Safari, Android, iOS */
+       url('../fonts/source-sans-pro-v13-latin-700.svg#SourceSansPro') format('svg'); /* Legacy iOS */
 }
\ No newline at end of file

From 28c63abea438316ca4a3026bc1f9081780f916fe Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 08:18:20 -0500
Subject: [PATCH 451/475] Updated the index router to pivot from the use of the
 deprecated `before_app_first_request` event to the replacement of
 `record_once`.

---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index 23d88bbdd..aaf2ed311 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -46,7 +46,7 @@
                      url_prefix='/')
 
 
-@index_bp.before_app_first_request
+@index_bp.record_once
 def register_modules():
     global google
     global github

From 09014bf4a9931d9de02029aa5494e2de3ca4be73 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 09:03:39 -0500
Subject: [PATCH 452/475] Correcting case-sensitivity issue with zone type
 comparison.

---
 powerdnsadmin/routes/domain.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/domain.py b/powerdnsadmin/routes/domain.py
index 56ca4059a..6cd9d38b5 100644
--- a/powerdnsadmin/routes/domain.py
+++ b/powerdnsadmin/routes/domain.py
@@ -66,7 +66,7 @@ def domain(domain_name):
     current_app.logger.debug("Fetched rrsets: \n{}".format(pretty_json(rrsets)))
 
     # API server might be down, misconfigured
-    if not rrsets and domain.type != 'slave':
+    if not rrsets and str(domain.type).lower() != 'slave':
         abort(500)
 
     quick_edit = Setting().get('record_quick_edit')

From b347e3df5538d89d83d5c18685da23affbe48d78 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 09:19:16 -0500
Subject: [PATCH 453/475] Updated zone list view to properly encode the zone
 name when using it to build request URIs to the back-end.

---
 powerdnsadmin/templates/dashboard.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/powerdnsadmin/templates/dashboard.html b/powerdnsadmin/templates/dashboard.html
index 83d71d327..8cb039009 100755
--- a/powerdnsadmin/templates/dashboard.html
+++ b/powerdnsadmin/templates/dashboard.html
@@ -181,17 +181,17 @@ <h3 class="card-title mb-2">
         {% if current_user.role.name in ['Administrator', 'Operator'] or not SETTING.get('dnssec_admins_only') %}
             $(document.body).on("click", ".button_dnssec", function () {
                 var domain = $(this).prop('id');
-                getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);
+                getdnssec($SCRIPT_ROOT + '/domain/' + encodeURIComponent(domain) + '/dnssec', domain);
             });
 
             $(document.body).on("click", ".button_dnssec_enable", function () {
                 var domain = $(this).prop('id');
-                enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/enable', '{{ csrf_token() }}');
+                enable_dns_sec($SCRIPT_ROOT + '/domain/' + encodeURIComponent(domain) + '/dnssec/enable', '{{ csrf_token() }}');
             });
 
             $(document.body).on("click", ".button_dnssec_disable", function () {
                 var domain = $(this).prop('id');
-                enable_dns_sec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec/disable', '{{ csrf_token() }}');
+                enable_dns_sec($SCRIPT_ROOT + '/domain/' + encodeURIComponent(domain) + '/dnssec/disable', '{{ csrf_token() }}');
             });
         {% endif %}
     </script>

From 4dab950efce1eaf9df1068d6e335b168d7ca965a Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 09:28:21 -0500
Subject: [PATCH 454/475] Reverting a bad change I made to remove a deprecated
 feature that is removed in Flask 2.3.

---
 powerdnsadmin/routes/index.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/routes/index.py b/powerdnsadmin/routes/index.py
index aaf2ed311..23d88bbdd 100644
--- a/powerdnsadmin/routes/index.py
+++ b/powerdnsadmin/routes/index.py
@@ -46,7 +46,7 @@
                      url_prefix='/')
 
 
-@index_bp.record_once
+@index_bp.before_app_first_request
 def register_modules():
     global google
     global github

From 18f38fd1caf417cde96a4c6d786669e39f4964a5 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 09:49:40 -0500
Subject: [PATCH 455/475] Updated backend to properly encode the zone name sent
 to PDNS API so that zones with URL unsafe characters don't break the request.

---
 powerdnsadmin/models/domain.py           | 21 ++++++++++++++++-----
 powerdnsadmin/static/custom/js/custom.js |  4 ++--
 2 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/powerdnsadmin/models/domain.py b/powerdnsadmin/models/domain.py
index bfa04451f..f0b9a30bf 100644
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -643,6 +643,8 @@ def update_from_master(self, domain_name):
         """
         Update records from Master DNS server
         """
+        import urllib.parse
+
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
             headers = {'X-API-Key': self.PDNS_API_KEY}
@@ -650,7 +652,7 @@ def update_from_master(self, domain_name):
                 r = utils.fetch_json(urljoin(
                     self.PDNS_STATS_URL, self.API_EXTENDED_URL +
                                          '/servers/localhost/zones/{0}/axfr-retrieve'.format(
-                                             domain.name)),
+                                             urllib.parse.quote_plus(domain.name))),
                     headers=headers,
                     timeout=int(
                         Setting().get('pdns_api_timeout')),
@@ -673,6 +675,8 @@ def get_domain_dnssec(self, domain_name):
         """
         Get zone DNSSEC information
         """
+        import urllib.parse
+
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
             headers = {'X-API-Key': self.PDNS_API_KEY}
@@ -681,7 +685,7 @@ def get_domain_dnssec(self, domain_name):
                     urljoin(
                         self.PDNS_STATS_URL, self.API_EXTENDED_URL +
                                              '/servers/localhost/zones/{0}/cryptokeys'.format(
-                                                 domain.name)),
+                                                 urllib.parse.quote_plus(domain.name))),
                     headers=headers,
                     timeout=int(Setting().get('pdns_api_timeout')),
                     method='GET',
@@ -709,6 +713,8 @@ def enable_domain_dnssec(self, domain_name):
         """
         Enable zone DNSSEC
         """
+        import urllib.parse
+
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
             headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
@@ -718,7 +724,9 @@ def enable_domain_dnssec(self, domain_name):
                 jdata = utils.fetch_json(
                     urljoin(
                         self.PDNS_STATS_URL, self.API_EXTENDED_URL +
-                                             '/servers/localhost/zones/{0}'.format(domain.name)),
+                                             '/servers/localhost/zones/{0}'.format(
+                                                 urllib.parse.quote_plus(domain.name)
+                                             )),
                     headers=headers,
                     timeout=int(Setting().get('pdns_api_timeout')),
                     method='PUT',
@@ -738,7 +746,8 @@ def enable_domain_dnssec(self, domain_name):
                     urljoin(
                         self.PDNS_STATS_URL, self.API_EXTENDED_URL +
                                              '/servers/localhost/zones/{0}/cryptokeys'.format(
-                                                 domain.name)),
+                                                 urllib.parse.quote_plus(domain.name)
+                                             )),
                     headers=headers,
                     timeout=int(Setting().get('pdns_api_timeout')),
                     method='POST',
@@ -775,6 +784,8 @@ def delete_dnssec_key(self, domain_name, key_id):
         """
         Remove keys DNSSEC
         """
+        import urllib.parse
+
         domain = Domain.query.filter(Domain.name == domain_name).first()
         if domain:
             headers = {'X-API-Key': self.PDNS_API_KEY, 'Content-Type': 'application/json'}
@@ -784,7 +795,7 @@ def delete_dnssec_key(self, domain_name, key_id):
                     urljoin(
                         self.PDNS_STATS_URL, self.API_EXTENDED_URL +
                                              '/servers/localhost/zones/{0}/cryptokeys/{1}'.format(
-                                                 domain.name, key_id)),
+                                                 urllib.parse.quote_plus(domain.name), key_id)),
                     headers=headers,
                     timeout=int(Setting().get('pdns_api_timeout')),
                     method='DELETE',
diff --git a/powerdnsadmin/static/custom/js/custom.js b/powerdnsadmin/static/custom/js/custom.js
index 1b7a983dd..e4890d94f 100644
--- a/powerdnsadmin/static/custom/js/custom.js
+++ b/powerdnsadmin/static/custom/js/custom.js
@@ -30,14 +30,14 @@ function applyChanges(data, url, showResult, refreshPage) {
 function applyRecordChanges(data, domain) {
     $.ajax({
         type : "POST",
-        url : $SCRIPT_ROOT + '/domain/' + domain + '/apply',
+        url : $SCRIPT_ROOT + '/domain/' + encodeURIComponent(domain) + '/apply',
         data : JSON.stringify(data),// now data come in this function
         contentType : "application/json; charset=utf-8",
         crossDomain : true,
         dataType : "json",
         success : function(data, status, jqXHR) {
             // update Apply button value
-            $.getJSON($SCRIPT_ROOT + '/domain/' + domain + '/info', function(data) {
+            $.getJSON($SCRIPT_ROOT + '/domain/' + encodeURIComponent(domain) + '/info', function(data) {
                 $(".button_apply_changes").val(data['serial']);
             });
 

From ddb3151b61d4b5be59b24a9734c5d6d1cbb45e8b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 24 Nov 2023 11:14:09 -0500
Subject: [PATCH 456/475] Correcting bug introduced by PR 1658.

---
 powerdnsadmin/models/user.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 5a24c913e..0596e3df1 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -408,12 +408,12 @@ def create_local_user(self):
         Create local user witch stores username / password in the DB
         """
         # check if username existed
-        user = User.query.filter(User.username.lower() == self.username.lower()).first()
+        user = User.query.filter(str(User.username).lower() == self.username.lower()).first()
         if user:
             return {'status': False, 'msg': 'Username is already in use'}
 
         # check if email existed
-        user = User.query.filter(User.email.lower() == self.email.lower()).first()
+        user = User.query.filter(str(User.email).lower() == self.email.lower()).first()
         if user:
             return {'status': False, 'msg': 'Email address is already in use'}
 

From 66c262c57d07198d7d9549198744f4577d6f5c65 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 25 Nov 2023 08:09:46 -0500
Subject: [PATCH 457/475] Adding latest project announcements to repository.

---
 .../project-update-2022-12-09.md              | 100 ++++++++++++++++
 .../project-update-2023-11-25.md              | 109 ++++++++++++++++++
 2 files changed, 209 insertions(+)
 create mode 100644 docs/announcements/project-update-2022-12-09.md
 create mode 100644 docs/announcements/project-update-2023-11-25.md

diff --git a/docs/announcements/project-update-2022-12-09.md b/docs/announcements/project-update-2022-12-09.md
new file mode 100644
index 000000000..427751bb0
--- /dev/null
+++ b/docs/announcements/project-update-2022-12-09.md
@@ -0,0 +1,100 @@
+# PDA Project Update
+
+## Introduction
+
+Hello PDA community members,
+
+My name is Matt Scott, and I am the owner of [Azorian Solutions](https://azorian.solutions), a consultancy for the
+Internet Service Provider (ISP) industry. I'm pleased to announce that I have taken ownership of the PDA project and
+will be taking over the lead maintainer role, effective immediately.
+
+Please always remember and thank both [Khanh Ngo](https://github.com/ngoduykhanh) and
+[Jérôme Becot](https://github.com/jbe-dw) for their efforts in keeping this project alive thus far. Without the effort
+of Khanh creating the PDA project and community, and the efforts of Jérôme for holding up the lead maintainer role after
+Khanh had to step down, this project would not still be alive today.
+
+With that being said, please read through all the following announcements as they are important if you're an active PDA
+user or community member. I intend to make many great enhancements to the project, but it could be a bumpy road ahead.
+
+### Project Maintenance
+
+As it stands today, contributions to the project are at a low. At this point, there is a rather large backlog of issues
+and feature requests in contrast to the current maintenance capacities. This is not to say you should lose hope though!
+As part of this project transition, some additional contribution interest has been generated and I expect to attract
+more with the changes I'm planning to make. In the near future, I may by-pass some usual maintenance processes in order
+to expedite some changes to the project that have been outstanding for some time.
+
+This is to say however that unless the project attracts a healthy new contribution base, issues may continue to pile up
+as maintenance capacity is rather limited. This is further complicated by the fact that the current code base is harder
+to follow naturally since it largely lacks uniformity and standards. This lack of uniformity has lead to a difficult
+situation that makes implementing certain changes less effective. This status quo is not uncommon with projects born how
+PDA was born, so it's unfortunate but not unexpected.
+
+### Change of Direction
+
+In order to reorganize the project and get it on a track to a future that allows it to contend with other commercial
+quality products, I had to make many considerations to the proficiencies of two unique paths forward to achieve this
+goal. One path forward is seemingly obvious, continue maintaining the current code base while overhauling it to shift it
+towards the envisioned goal. The other path is a fresh solution design with a complete rebuild.
+
+The answer to the aforementioned decision might seem obvious to those of you who typically favor the "don't reinvent the
+wheel" mentality. I'm unclear of the details surrounding the original use-case that drove the development of this
+project, but I don't believe it was on-par with some use-cases we see today which include operators handling many tens
+of thousands of zones and/or records. There are many changes that have been (sometimes) haphazardly implemented which
+has lead to the previously mentioned lack of uniformity among other issues. To put it simply, I'm not sure if the
+project ever had a grand vision per se but instead was mostly reactionary to community requests.
+
+I believe that the current project has served the community fairly well from what I can tell. I know the product has
+certainly helped me in my professional efforts with many environments. I also believe that it's time to pivot so that
+the project can realize it's true potential, considering the existing user base. For this reason, I am beginning the
+planning phase of a project overhaul. This effort will involve a complete re-engineering of the project's contribution
+standards and requirements, technology stack, and project structure.
+
+This was not an easy decision to come to but one must appreciate that there aren't as many people that can get very
+excited about working on the current project code base. The current project has many barriers to entry which I intend to
+drastically impact with future changes. The reality is that it's easier to gain contribution participation with a new
+build effort as it offers an opportunity to own a part of the project with impactful contributions. 
+
+### Project Enhancements
+
+Since this is the beginning of a rebirth of the project so to speak, I want to implement a new operational tactic that
+will hopefully drive contributions through incentive. Many of us understand that any project, needs a leader to stay on
+track and organized. If everything were a democratic process, it would take too long and suffer unnecessary challenges.
+With that being said, I do believe that there is plenty of opportunity through-out various development phases of the
+project to allow for a democratic process where the community contributors and members can participate in the
+decision-making.
+
+The plan to achieve the aforementioned democratic goal is to centralize communications and define some basic structured
+processes. To do this, more effective methods of communication have been implemented to allow those interested in
+contributing to easily participate in fluid, open communication. This has already been proving to be quite effective for
+exchanging ideas and visions while addressing the issue with contributors living in vastly different time zones. This is
+effectively a private chat hosted by the PDA project using Mattermost (a Slack-like alternative).
+
+Even if you aren't in a position to directly contribute work to the project, you can still contribute by participating
+in these very important and early discussions that will impact the solution engineering. If the PDA project is an
+important tool in your organization, I encourage you to join the conversation and contribute where applicable your
+use-cases. Having more insight on the community use-cases will only benefit the future of this project.
+
+If you're interested in joining the conversation, please email me at
+[admin@powerdnsadmin.org](mailto:admin@powerdnsadmin.org) for an invitation.
+
+### Re-branding
+
+As part of this project transition, I will also be changing the naming scheme in order to support the future development
+efforts toward a newly engineered solution. The current PDA project will ultimately become known as the "PDA Legacy"
+application. This change will help facilitate the long-term solution to take the branding position of the existing
+solution. Another effort I will be making is to get an app landing page online at the project's new domain:
+[powerdnsadmin.org](https://powerdnsadmin.org). This will act as one more point of online exposure for the project which
+will hopefully lend itself well to attracting additional community members.
+
+### Contribution Requirements
+
+Another big change that will be made with the new project, will be well-defined contribution requirements. I realize
+these requirements can be demotivating for some, but they are a necessary evil to ensure the project actually achieves
+its goals effectively. It's important to always remember that strict requirements are to everyone's benefit as they push
+for order where chaos is quite destructive.
+
+### Closing
+
+I hope these announcements garner more participation in the PDA community. The project definitely needs more help to
+achieve any goal at this point, so your participation is valued!
diff --git a/docs/announcements/project-update-2023-11-25.md b/docs/announcements/project-update-2023-11-25.md
new file mode 100644
index 000000000..5e1719f34
--- /dev/null
+++ b/docs/announcements/project-update-2023-11-25.md
@@ -0,0 +1,109 @@
+# PDA Project Update
+
+## Introduction
+
+Hello PDA community members,
+
+I know it has been quite awhile since the last formal announcement like this. Things have been quite busy and difficult
+for me both professional and personally. While I try hard to never make my problems someone else's problems, I do
+believe it's important to be transparent with the community. I'm not going to go into details, but I will say that I
+have been dealing with some mental health issues that have been quite challenging. I'm not one to give up though,
+so I'm pushing through and trying to get back on track.
+
+With that being said, let's jump into the announcements.
+
+### Project Maintenance
+
+Granted I haven't been nearly as active on the project as I would like to be, I have been keeping an eye on things and
+trying to keep up with the maintenance. I know there are a lot of issues and feature requests that have been piling up,
+and I'm sorry for that. Even if I had been more active in recent months, it would have not changed the true root cause
+of the issue.
+
+This project was started out of a need for an individual's own use-case. I don't believe it was never intended to be a
+commercial quality product nor a community project. It did however gain traction quickly and the community grew. This
+is a great thing, but it also comes with some challenges. The biggest challenge is that the project was never designed
+to be a community project. This means that the project lacks many of the things that are required to effectively manage
+a community project. This is not to say that the project is doomed, but many of the fast-paced changes combined with
+the lack of standards has lead to a difficult situation that makes implementing certain changes incredibly unproductive
+and quite often, entirely counter-productive.
+
+After many years of accepting contributions from those who are not professional developers, the project has become quite
+difficult to maintain. This is not to say that I don't appreciate the contributions, but it's important to understand
+that the state of the code-base for the project is not in a good place. This is not uncommon with projects born how PDA
+was born, so it's unfortunate but not unexpected.
+
+As of today, there are so many dependencies and a large amount of very poorly implemented features that it's difficult
+to make any changes without breaking many other pieces. This is further complicated by the fact that the current code
+base is harder to follow naturally since it largely lacks uniformity and standards. This lack of uniformity has lead to
+a situation where automated regression testing is not possible. This is a very important aspect of any project that
+expects to be able to make changes without breaking things. This is also a very important aspect of any project that
+expects to be able to accept contributions from the community with minimum management resources.
+
+The hard reality is that the majority of stakeholders in the project are not professional developers. This naturally
+means the amount of people that can offer quality contributions is very limited. This problem is further aggravated by
+the poor quality feature implementation which is very hard to follow, even for seasoned developers like myself. So many
+seemingly small issues that have been reported, have lead to finding that the resolution is not as simple as it seems.
+
+### New Direction
+
+As I previously stated in my last formal announcement, we would be working towards a total replacement of the project.
+Unfortunately, this is not a simple task, and it's not something that can be done quickly. Furthermore, with
+increasingly limited capacity in our own lives to work on this, we are essentially drowning in a sea of technical debt
+created by the past decisions of the project to accept all contributions. We have essentially reached a point where
+far too much time and resources are being wasted just to attempt to meet the current demand of requests on the current
+edition of PDA. This is a tragedy because the efforts that are invested into the current edition, really aren't
+creating true progress for the project, but instead merely delaying the inevitable.
+
+As I have stated before to many community members, one aspect of taking over management of this project to ultimately
+save it and keep it alive, would involve making hard decisions that many will not agree with. It's unfortunate that
+many of those who are less than supportive of these decisions, often lack the appropriate experience to understand the
+importance of these decisions. I'm not saying that I'm always right, but I am saying that it's not hard to see where
+this is headed without some drastic changes.
+
+With all of that being said, it's time for me to make some hard decisions. I have decided that the best course of
+action is to stop accepting contributions to the current edition of PDA. At this point, due to the aforementioned
+issues that lead to breaking the application with seemingly simple changes, it's just not worth the effort to try to
+keep up with the current edition. This is not to say that I'm giving up on the project, but instead I'm going to
+re-focus my efforts on the new edition of PDA. This is the only way to ensure that the project will survive and
+hopefully thrive in the future.
+
+I will not abandon the current set of updates that were planned for the next release of `0.4.2` however. I have
+re-scheduled that release to be out by the end of the year. This will be the last release of the current edition of
+PDA. The consensus from some users is that the current edition is stable enough to be used in production environments.
+I don't necessarily agree with that, but I do believe that it's stable enough to be used in production
+environments with the understanding that it's not a commercial quality product.
+
+### Future Contributions
+
+For those of you wondering about contributions to the new edition of PDA, the answer for now is simple. I won't be
+accepting any contributions to the new edition until I can achieve a stable release that delivers the core features of
+the current edition. This is not to say that I won't be accepting any contributions at all, but instead that I will be
+very selective about what contributions I accept. I believe this is the only way to ensure that a solid foundation not
+only takes shape, but remains solid.
+
+It is well understood that many developers have their own ways of doing things, but it's important to understand
+that this project is not a personal project. This project is a community project and therefore must be treated as such.
+This means that the project must be engineered in a way that allows for the community to participate in the development
+process. This is not possible if the project is not engineered in a way that is easy to follow and understand.
+
+### Project Enhancements
+
+It should be understood that one of the greatest benefits of this pivot is that it will allow for a more structured
+development process. As a result of that, the project could potentially see a future where it adopts a whole new set of
+features that weren't previously imagined. One prime example of this could be integration with registrar APIs. This
+could make easy work of tasks such as DNSSEC key rotation, which is currently a very manual process.
+
+I am still working on final project requirements for additional phases of the new PDA edition, but these additions
+won't receive any attention until the core features are implemented. I will be sure to make announcements as these
+requirements are finalized. It is my intention to follow a request for proposal (RFP) process for these additional
+features. This will allow the community to participate in the decision-making process for future expansion of the
+project.
+
+### Closing
+
+I hope that by the time you have reached this point in the announcement, that I have elicited new hope for the
+long-term future of the project. I know that many of you have been waiting for a long time for some of the features that have been
+requested. I know that many of you have been waiting for a long time for some of the issues to be resolved, for
+requested features to be implemented, and for the project to be more stable. It's unfortunate that it has taken this
+long to get to this point, but this is the nature of life itself. I hope that you can understand that this is the only
+reasonable gamble that the project survives and thrives in the future.

From 6f47cbd91b1212960249c506579df78302b65487 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 25 Nov 2023 08:16:26 -0500
Subject: [PATCH 458/475] Updating the issue configuration to disable the
 submission of new issues of all types.

---
 .github/ISSUE_TEMPLATE/config.yml | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 6aba80c68..9292a2ea4 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -2,12 +2,5 @@
 # Reference: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: false
 contact_links:
-  - name: 📖 Contributing Policy
-    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/docs/CONTRIBUTING.md
-    about: "Please read through our contributing policy before opening an issue or pull request"
-  - name: ❓ Discussion
-    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions
-    about: "If you're just looking for help, try starting a discussion instead"
-  - name: 💬 Project Chat
-    url: https://mattermost.powerdnsadmin.org/
-    about: "Join our Mattermost chat to discuss the project with other users and developers"
\ No newline at end of file
+  - name: 📖 Project Update - PLEASE READ!
+    url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/1708

From 5d4e560836b16f0c0a65f20185ddb587a436b580 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 25 Nov 2023 08:17:37 -0500
Subject: [PATCH 459/475] Updating the issue configuration to disable the
 submission of new issues of all types.

---
 .github/ISSUE_TEMPLATE/{bug_report.yaml => _bug_report.yaml}     | 0
 .../{documentation_change.yaml => _documentation_change.yaml}    | 0
 .../{feature_request.yaml => _feature_request.yaml}              | 0
 .github/ISSUE_TEMPLATE/{housekeeping.yaml => _housekeeping.yaml} | 0
 .github/ISSUE_TEMPLATE/config.yml                                | 1 +
 5 files changed, 1 insertion(+)
 rename .github/ISSUE_TEMPLATE/{bug_report.yaml => _bug_report.yaml} (100%)
 rename .github/ISSUE_TEMPLATE/{documentation_change.yaml => _documentation_change.yaml} (100%)
 rename .github/ISSUE_TEMPLATE/{feature_request.yaml => _feature_request.yaml} (100%)
 rename .github/ISSUE_TEMPLATE/{housekeeping.yaml => _housekeeping.yaml} (100%)

diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/_bug_report.yaml
similarity index 100%
rename from .github/ISSUE_TEMPLATE/bug_report.yaml
rename to .github/ISSUE_TEMPLATE/_bug_report.yaml
diff --git a/.github/ISSUE_TEMPLATE/documentation_change.yaml b/.github/ISSUE_TEMPLATE/_documentation_change.yaml
similarity index 100%
rename from .github/ISSUE_TEMPLATE/documentation_change.yaml
rename to .github/ISSUE_TEMPLATE/_documentation_change.yaml
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yaml b/.github/ISSUE_TEMPLATE/_feature_request.yaml
similarity index 100%
rename from .github/ISSUE_TEMPLATE/feature_request.yaml
rename to .github/ISSUE_TEMPLATE/_feature_request.yaml
diff --git a/.github/ISSUE_TEMPLATE/housekeeping.yaml b/.github/ISSUE_TEMPLATE/_housekeeping.yaml
similarity index 100%
rename from .github/ISSUE_TEMPLATE/housekeeping.yaml
rename to .github/ISSUE_TEMPLATE/_housekeeping.yaml
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 9292a2ea4..550f15e21 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -4,3 +4,4 @@ blank_issues_enabled: false
 contact_links:
   - name: 📖 Project Update - PLEASE READ!
     url: https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/1708
+    about: "Important information about the future of this project"

From 17e6adb8a78f4a4343313ab9b299a4cb25585a60 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Sat, 25 Nov 2023 08:17:56 -0500
Subject: [PATCH 460/475] Updating the issue configuration to disable the
 submission of new issues of all types.

---
 .github/ISSUE_TEMPLATE/_bug_report.yaml       | 79 -------------------
 .../ISSUE_TEMPLATE/_documentation_change.yaml | 40 ----------
 .github/ISSUE_TEMPLATE/_feature_request.yaml  | 72 -----------------
 .github/ISSUE_TEMPLATE/_housekeeping.yaml     | 24 ------
 4 files changed, 215 deletions(-)
 delete mode 100644 .github/ISSUE_TEMPLATE/_bug_report.yaml
 delete mode 100644 .github/ISSUE_TEMPLATE/_documentation_change.yaml
 delete mode 100644 .github/ISSUE_TEMPLATE/_feature_request.yaml
 delete mode 100644 .github/ISSUE_TEMPLATE/_housekeeping.yaml

diff --git a/.github/ISSUE_TEMPLATE/_bug_report.yaml b/.github/ISSUE_TEMPLATE/_bug_report.yaml
deleted file mode 100644
index ea05799ed..000000000
--- a/.github/ISSUE_TEMPLATE/_bug_report.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
----
-name: 🐛 Bug Report
-description: Report a reproducible bug in the current release of PDA
-labels: ["bug / broken-feature"]
-body:
-  - type: markdown
-    attributes:
-      value: >
-        **NOTE:** This form is only for reporting _reproducible bugs_ in a current PDA
-        installation. If you're having trouble with installation or just looking for
-        assistance with using PDA, please visit our
-        [discussion forum](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: dropdown
-    attributes:
-      label: PDA version
-      description: What version of PDA are you currently running?
-      options:
-        - "0.4.1"
-        - "0.4.0"
-        - "0.3.0"
-        - "0.2.5"
-        - "0.2.4"
-        - "0.2.3"
-        - "0.2.2"
-        - "0.2.1"
-        - "0.2"
-        - "0.1"
-        - "I'm Not Sure"
-    validations:
-      required: true
-  - type: dropdown
-    attributes:
-      label: Python version
-      description: What version of Python are you currently running?
-      options:
-        - "3.0"
-        - "3.1"
-        - "3.2"
-        - "3.3"
-        - "3.4"
-        - "3.5"
-        - "3.6"
-        - "3.7"
-        - "3.8"
-        - "3.9"
-        - "3.10"
-        - "3.11"
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Steps to Reproduce
-      description: >
-        Describe in detail the exact steps that someone else can take to
-        reproduce this bug using the current stable release of PDA. Begin with the
-        creation of any necessary database objects and call out every operation being
-        performed explicitly. If reporting a bug in the REST API, be sure to reconstruct
-        the raw HTTP request(s) being made. Additionally, **do not rely on the demo instance** for reproducing
-        suspected bugs, as its data is prone to modification or deletion at any time.
-      placeholder: |
-        1. Click on "create widget"
-        2. Set foo to 12 and bar to G
-        3. Click the "create" button
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Expected Behavior
-      description: What did you expect to happen?
-      placeholder: A new zone record should have been created with the specified values
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Observed Behavior
-      description: What happened instead?
-      placeholder: A TypeError exception was raised
-    validations:
-      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/_documentation_change.yaml b/.github/ISSUE_TEMPLATE/_documentation_change.yaml
deleted file mode 100644
index 0b34991b4..000000000
--- a/.github/ISSUE_TEMPLATE/_documentation_change.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-name: 📖 Documentation Change
-description: Suggest an addition or modification to the PDA documentation
-labels: ["docs / request"]
-body:
-  - type: dropdown
-    attributes:
-      label: Change Type
-      description: What type of change are you proposing?
-      options:
-        - Addition
-        - Correction
-        - Removal
-        - Cleanup (formatting, typos, etc.)
-    validations:
-      required: true
-  - type: dropdown
-    attributes:
-      label: Area
-      description: To what section of the documentation does this change primarily pertain?
-      options:
-        - Features
-        - Installation/upgrade
-        - Getting started
-        - Configuration
-        - Customization
-        - Database Setup
-        - Debug
-        - Integrations/API
-        - Administration
-        - Development
-        - Other
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Proposed Changes
-      description: Describe the proposed changes and why they are necessary.
-    validations:
-      required: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/_feature_request.yaml b/.github/ISSUE_TEMPLATE/_feature_request.yaml
deleted file mode 100644
index 45950a1a2..000000000
--- a/.github/ISSUE_TEMPLATE/_feature_request.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-name: ✨ Feature Request
-description: Propose a new PDA feature or enhancement
-labels: ["feature / request"]
-body:
-  - type: markdown
-    attributes:
-      value: >
-        **NOTE:** This form is only for submitting well-formed proposals to extend or modify
-        PDA in some way. If you're trying to solve a problem but can't figure out how, or if
-        you still need time to work on the details of a proposed new feature, please start a
-        [discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead.
-  - type: dropdown
-    attributes:
-      label: PDA version
-      description: What version of PDA are you currently running?
-      options:
-        - "0.4.1"
-        - "0.4.0"
-        - "0.3.0"
-        - "0.2.5"
-        - "0.2.4"
-        - "0.2.3"
-        - "0.2.2"
-        - "0.2.1"
-        - "0.2"
-        - "0.1"
-        - "I'm Not Sure"
-    validations:
-      required: true
-  - type: dropdown
-    attributes:
-      label: Feature type
-      options:
-        - Data model modification
-        - App Setting Addition
-        - Default App Setting Change
-        - New functionality
-        - Change to existing functionality
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Proposed functionality
-      description: >
-        Describe in detail the new feature or behavior you are proposing. Include any specific changes
-        to work flows, data models, and/or the user interface. The more detail you provide here, the
-        greater chance your proposal has of being discussed. Feature requests which don't include an
-        actionable implementation plan will be rejected.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Use case
-      description: >
-        Explain how adding this functionality would benefit PDA users. What need does it address?
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Database changes
-      description: >
-        Note any changes to the database schema necessary to support the new feature. For example,
-        does the proposal require adding a new model or field? (Not all new features require database
-        changes.)
-  - type: textarea
-    attributes:
-      label: External dependencies
-      description: >
-        List any new dependencies on external libraries or services that this new feature would
-        introduce. For example, does the proposal require the installation of a new Python package?
-        (Not all new features introduce new dependencies.)
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/_housekeeping.yaml b/.github/ISSUE_TEMPLATE/_housekeeping.yaml
deleted file mode 100644
index 2d8e5dfc5..000000000
--- a/.github/ISSUE_TEMPLATE/_housekeeping.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-name: 🏡 Housekeeping
-description: A change pertaining to the codebase itself (developers only)
-labels: ["mod / change-request"]
-body:
-  - type: markdown
-    attributes:
-      value: >
-        **NOTE:** This template is for use by maintainers only. Please do not submit
-        an issue using this template unless you have been specifically asked to do so.
-  - type: textarea
-    attributes:
-      label: Proposed Changes
-      description: >
-        Describe in detail the new feature or behavior you'd like to propose.
-        Include any specific changes to work flows, data models, or the user interface.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Justification
-      description: Please provide justification for the proposed change(s).
-    validations:
-      required: true
\ No newline at end of file

From 06fa9537a87e7e40cf6b992175586dbb11be91b1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 29 Nov 2023 15:21:31 -0500
Subject: [PATCH 461/475] Updated project documentation to better control the
 flow of new issue submission attempts.

Updated project README to include clear notice of the latest update for the project freeze.
---
 README.md            | 2 ++
 docs/CONTRIBUTING.md | 6 ++++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 6070d5f17..055e68d12 100644
--- a/README.md
+++ b/README.md
@@ -24,6 +24,8 @@ A PowerDNS web interface with advanced features.
 - Provides an API for zone and record management among other features
 - Provides full IDN/Punycode support
 
+## [Project Update - PLEASE READ!!!](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/1708)
+
 ## Running PowerDNS-Admin
 
 There are several ways to run PowerDNS-Admin. The quickest way is to use Docker.
diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
index d4fb25fa5..2a978dc6c 100644
--- a/docs/CONTRIBUTING.md
+++ b/docs/CONTRIBUTING.md
@@ -24,13 +24,15 @@ Some general tips for engaging here on GitHub:
 * To help mitigate notification spam, please avoid "bumping" issues with no activity. (To vote an issue up or down, use a :thumbsup: or :thumbsdown: reaction.)
 * Please avoid pinging members with `@` unless they've previously expressed interest or involvement with that particular issue.
 
+## [Project Update - PLEASE READ!!!](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions/1708)
+
 ## :bug: Reporting Bugs
 
 * First, ensure that you're running the [latest stable version](https://github.com/PowerDNS-Admin/PowerDNS-Admin/releases) of PDA. If you're running an older version, there's a chance that the bug has already been fixed.
 
 * Next, search our [issues list](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues?q=is%3Aissue) to see if the bug you've found has already been reported. If you come across a bug report that seems to match, please click "add a reaction" in the top right corner of the issue and add a thumbs up (:thumbsup:). This will help draw more attention to it. Any comments you can add to provide additional information or context would also be much appreciated.
 
-* If you can't find any existing issues (open or closed) that seem to match yours, you're welcome to [submit a new bug report](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+bug&template=bug_report.yaml). Be sure to complete the entire report template, including detailed steps that someone triaging your issue can follow to confirm the reported behavior. (If we're not able to replicate the bug based on the information provided, we'll ask for additional detail.)
+* If you can't find any existing issues (open or closed) that seem to match yours, you're welcome to [submit a new bug report](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new/choose). Be sure to complete the entire report template, including detailed steps that someone triaging your issue can follow to confirm the reported behavior. (If we're not able to replicate the bug based on the information provided, we'll ask for additional detail.)
 
 * Some other tips to keep in mind:
   * Error messages and screenshots are especially helpful.
@@ -44,7 +46,7 @@ Some general tips for engaging here on GitHub:
 
 * If you have a rough idea that's not quite ready for formal submission yet, start a [GitHub discussion](https://github.com/PowerDNS-Admin/PowerDNS-Admin/discussions) instead. This is a great way to test the viability and narrow down the scope of a new feature prior to submitting a formal proposal, and can serve to generate interest in your idea from other community members.
 
-* Once you're ready, submit a feature request [using this template](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/new?label=type%3A+feature&template=feature_request.yaml). Be sure to provide sufficient context and detail to convey exactly what you're proposing and why. The stronger your use case, the better chance your proposal has of being accepted.
+* Once you're ready, submit a feature request [using this template](https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/choose). Be sure to provide sufficient context and detail to convey exactly what you're proposing and why. The stronger your use case, the better chance your proposal has of being accepted.
 
 * Some other tips to keep in mind:
   * Don't prepend your issue title with a label like `[Feature]`; the proper label will be assigned automatically.

From 7b6aafbb2c8b3b4c7608dd048e1c9a7ffe59bce1 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 8 Dec 2023 04:53:52 -0500
Subject: [PATCH 462/475] Adding LDAP search filter cleansing mechanism to
 account for special characters that need replaced in LDAP search queries.

---
 powerdnsadmin/models/user.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 0596e3df1..02e4af0c3 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -133,9 +133,21 @@ def ldap_init_conn(self):
         conn.protocol_version = ldap.VERSION3
         return conn
 
+    def escape_filter_chars(self, filter_str):
+        """
+        Escape chars for ldap search
+        """
+        escape_chars = ['\\', '*', '(', ')', '\x00']
+        replace_chars = ['\\5c', '\\2a', '\\28', '\\29', '\\00']
+        for escape_char in escape_chars:
+            filter_str = filter_str.replace(escape_char, replace_chars[escape_chars.index(escape_char)])
+        return filter_str
+
     def ldap_search(self, searchFilter, baseDN, retrieveAttributes=None):
         searchScope = ldap.SCOPE_SUBTREE
 
+        searchFilter = self.escape_filter_chars(searchFilter)
+
         try:
             conn = self.ldap_init_conn()
             if Setting().get('ldap_type') == 'ad':

From 59a32a148f51c4768c9068f2f7f11b05804a649b Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Fri, 8 Dec 2023 06:17:34 -0500
Subject: [PATCH 463/475] Corrected a mistake with the new LDAP search filter
 cleansing that broke LDAP altogether. Moved the filtering to only target the
 user DN with Active Directory LDAP connections.

---
 powerdnsadmin/models/user.py | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/powerdnsadmin/models/user.py b/powerdnsadmin/models/user.py
index 02e4af0c3..42f894fe1 100644
--- a/powerdnsadmin/models/user.py
+++ b/powerdnsadmin/models/user.py
@@ -146,8 +146,6 @@ def escape_filter_chars(self, filter_str):
     def ldap_search(self, searchFilter, baseDN, retrieveAttributes=None):
         searchScope = ldap.SCOPE_SUBTREE
 
-        searchFilter = self.escape_filter_chars(searchFilter)
-
         try:
             conn = self.ldap_init_conn()
             if Setting().get('ldap_type') == 'ad':
@@ -292,7 +290,7 @@ def is_validate(self, method, src_ip='', trust_user=False):
                                     Operator=LDAP_OPERATOR_GROUP,
                                     User=LDAP_USER_GROUP,
                                 )
-                                user_dn = ldap_result[0][0][0]
+                                user_dn = self.escape_filter_chars(ldap_result[0][0][0])
                                 sf_groups = ""
 
                                 for group in ldap_group_security_roles.values():

From 9415b4663f187073372f45201d61c86a0a5d3a34 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Mon, 11 Dec 2023 08:36:37 -0500
Subject: [PATCH 464/475] Applied the latest suggestion from @ashneilson which
 appears to be a good fix this time.

---
 docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 3226fc846..519e0775f 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -92,6 +92,6 @@ RUN chown ${USER}:${USER} ./configs /app && \
 
 EXPOSE 80/tcp
 USER ${USER}
-HEALTHCHECK --interval=5s --timeout=5s --start-period=20s --retries=5 CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1${SCRIPT_NAME:-/}"]
+HEALTHCHECK --interval=5s --timeout=5s --start-period=20s --retries=5 CMD wget --output-document=- --quiet --tries=1 http://127.0.0.1${SCRIPT_NAME:-/}
 ENTRYPOINT ["entrypoint.sh"]
 CMD ["gunicorn","powerdnsadmin:create_app()"]

From 577b3509163ab8d4c280dda397c40aaea9449215 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 14 Dec 2023 07:12:28 +0000
Subject: [PATCH 465/475] Bump mysqlclient from 2.0.1 to 2.2.1

Bumps [mysqlclient](https://github.com/PyMySQL/mysqlclient) from 2.0.1 to 2.2.1.
- [Release notes](https://github.com/PyMySQL/mysqlclient/releases)
- [Changelog](https://github.com/PyMySQL/mysqlclient/blob/main/HISTORY.rst)
- [Commits](https://github.com/PyMySQL/mysqlclient/compare/v2.0.1...v2.2.1)

---
updated-dependencies:
- dependency-name: mysqlclient
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 77d830a79..9a0a103e1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -26,7 +26,7 @@ itsdangerous==2.1.2
 jsonschema[format]>=2.5.1,<4.0.0 # until https://github.com/Yelp/bravado-core/pull/385
 lima==0.5
 --use-feature=no-binary-enable-wheel-cache lxml==4.9.0
-mysqlclient==2.0.1
+mysqlclient==2.2.1
 passlib==1.7.4
 #pyOpenSSL==22.1.0
 pyasn1==0.4.8

From e3e773cc85c45ed20927ac41bc4e0bdd23f242a3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Dec 2023 07:08:40 +0000
Subject: [PATCH 466/475] Bump bcrypt from 4.0.1 to 4.1.2

Bumps [bcrypt](https://github.com/pyca/bcrypt) from 4.0.1 to 4.1.2.
- [Changelog](https://github.com/pyca/bcrypt/blob/main/release.py)
- [Commits](https://github.com/pyca/bcrypt/compare/4.0.1...4.1.2)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 77d830a79..2bf0919e2 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -12,7 +12,7 @@ Jinja2==3.1.2
 PyYAML==6.0.1
 SQLAlchemy==1.3.24
 #alembic==1.9.0
-bcrypt==4.0.1
+bcrypt==4.1.2
 bravado-core==5.17.1
 certifi==2022.12.7
 cffi==1.15.1

From 69dda3a5deb453a217cb4679ba3ef3204a2dddd7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Jan 2024 07:37:17 +0000
Subject: [PATCH 467/475] Bump pytest from 7.2.1 to 7.4.4

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.2.1 to 7.4.4.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.2.1...7.4.4)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 77d830a79..01de4975a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -31,7 +31,7 @@ passlib==1.7.4
 #pyOpenSSL==22.1.0
 pyasn1==0.4.8
 pyotp==2.8.0
-pytest==7.2.1
+pytest==7.4.4
 python-ldap==3.4.3
 python3-saml==1.15.0
 pytimeparse==1.1.8

From eb3243a07571259cb47e78f1c7f00b2bc141e948 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 11 Jan 2024 20:33:31 +0000
Subject: [PATCH 468/475] Bump jinja2 from 3.1.2 to 3.1.3

Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.2...3.1.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 0db7b16fd..601fe394c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,7 +8,7 @@ Flask-SSLify==0.1.5
 Flask-SeaSurf==1.1.1
 Flask-Session==0.4.0
 Flask==2.1.3
-Jinja2==3.1.2
+Jinja2==3.1.3
 PyYAML==5.4
 SQLAlchemy==1.3.24
 #alembic==1.9.0

From fdc1ba59e75381f04b4c43bbdb1ef5b29f2b8d47 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 31 Jan 2024 20:20:34 +0000
Subject: [PATCH 469/475] Bump sqlalchemy from 1.3.24 to 1.4.51

Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 1.3.24 to 1.4.51.
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

---
updated-dependencies:
- dependency-name: sqlalchemy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 945873fd6..28149ea96 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,7 +10,7 @@ Flask-Session==0.4.0
 Flask==2.2.5
 Jinja2==3.1.2
 PyYAML==6.0.1
-SQLAlchemy==1.3.24
+SQLAlchemy==1.4.51
 #alembic==1.9.0
 bcrypt==4.1.2
 bravado-core==5.17.1

From 7998dd80c9b1b627d28a4872e3a2fe81228a0013 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 31 Jan 2024 15:54:58 -0500
Subject: [PATCH 470/475] Managed to complete the following pip dependency
 changes: - Jinaj2 - `3.1.3` - upgrade from `3.1.2` - certifi - `2023.11.17` -
 downgrade from `2023.12.17` - cryptography - `42.0.2` - upgrade from `39.0.2`
 - requests - `2.31.0` - upgrade from `2.28.2` - werkzeug - `2.3.8` - upgrade
 from `2.2.3`

---
 requirements.txt | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index e8d61f372..a2665e282 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,16 +8,16 @@ Flask-SSLify==0.1.5
 Flask-SeaSurf==1.1.1
 Flask-Session==0.4.0
 Flask==2.2.5
-Jinja2==3.1.2
+Jinja2==3.1.3
 PyYAML==6.0.1
 SQLAlchemy==1.4.51
 #alembic==1.9.0
 bcrypt==4.1.2
 bravado-core==5.17.1
-certifi==2022.12.7
+certifi==2023.11.17
 cffi==1.15.1
 configobj==5.0.8
-cryptography==39.0.2 # fixes CVE-2023-0286, CVE-2023-23931
+cryptography==42.0.2
 cssmin==0.2.0
 dnspython>=2.3.0
 flask_session_captcha==1.3.0
@@ -37,10 +37,10 @@ python3-saml==1.15.0
 pytimeparse==1.1.8
 pytz==2022.7.1
 qrcode==7.3.1
-requests==2.28.2
+requests==2.31.0
 rjsmin==1.2.1
 webcolors==1.12
-werkzeug==2.2.3
+werkzeug==2.3.8
 zipp==3.11.0
 rcssmin==1.1.1
 zxcvbn==4.4.28

From 51bdeca2188dfc46a5e854503257a3f7df745d69 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 31 Jan 2024 20:59:09 +0000
Subject: [PATCH 471/475] Bump crypto-js from 4.1.1 to 4.2.0

Bumps [crypto-js](https://github.com/brix/crypto-js) from 4.1.1 to 4.2.0.
- [Commits](https://github.com/brix/crypto-js/compare/4.1.1...4.2.0)

---
updated-dependencies:
- dependency-name: crypto-js
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 6420088f4..4d39ad083 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -360,9 +360,9 @@ core-util-is@~1.0.0:
   integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
 
 crypto-js@^4.0.0:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
-  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.2.0.tgz#4d931639ecdfd12ff80e8186dba6af2c2e856631"
+  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
 
 d@1, d@^1.0.1:
   version "1.0.1"

From 9c457f1db0711eafc7554e0b6a40f29eb200c48f Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 31 Jan 2024 16:08:37 -0500
Subject: [PATCH 472/475] Updated the following NPM dependencies: - crypto-js
 from `4.1.1` to `4.2.0`

---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 6420088f4..4d39ad083 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -360,9 +360,9 @@ core-util-is@~1.0.0:
   integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
 
 crypto-js@^4.0.0:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.1.1.tgz#9e485bcf03521041bd85844786b83fb7619736cf"
-  integrity sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw==
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.2.0.tgz#4d931639ecdfd12ff80e8186dba6af2c2e856631"
+  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
 
 d@1, d@^1.0.1:
   version "1.0.1"

From af462a9bae508b5c97a5cd06821db06e36c9b168 Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Wed, 31 Jan 2024 16:32:41 -0500
Subject: [PATCH 473/475] Disabling Mega Linter for all recognized branch
 patterns.

---
 .github/workflows/mega-linter.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index fec231edb..fa29545f0 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -12,6 +12,9 @@ on:
       - "main"
       - "master"
       - "dependabot/**"
+      - "feature/**"
+      - "issues/**"
+      - "release/**"
 
 env: # Comment env block if you do not want to apply fixes
   # Apply linter fixes configuration

From fa4861a6eda7072bac3b23441be12c75e2003eff Mon Sep 17 00:00:00 2001
From: Matt Scott <matt@azorian.solutions>
Date: Tue, 4 Jun 2024 13:55:56 -0400
Subject: [PATCH 474/475] Update README.md

Removed Azorian Solutions branding from project README.
---
 README.md | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/README.md b/README.md
index d1615c5a5..4435c7f7e 100644
--- a/README.md
+++ b/README.md
@@ -96,11 +96,3 @@ Please see our [Code of Conduct Policy](https://github.com/PowerDNS-Admin/PowerD
 
 This project is released under the MIT license. For additional
 information, [see the full license](https://github.com/PowerDNS-Admin/PowerDNS-Admin/blob/master/LICENSE).
-
-## [Donate](https://www.buymeacoffee.com/AzorianMatt)
-
-Like my work?
-
-<a href="https://www.buymeacoffee.com/AzorianMatt" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/v2/default-blue.png" alt="Buy Me A Coffee" style="height: 60px !important;width: 217px !important;" ></a>
-
-**Want to sponsor me?** Please visit my organization's [sponsorship page](https://github.com/sponsors/AzorianSolutions).

From 3a430198709f426f6cd01931c5024d90728594a2 Mon Sep 17 00:00:00 2001
From: Wolf Vogel <wolf.vogel@me.com>
Date: Thu, 5 Sep 2024 17:13:50 +0200
Subject: [PATCH 475/475] Update login.html

Fixed the "Remember Me" functionality that might not be working due to an unnamed input field.
---
 powerdnsadmin/templates/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html
index 84e247d47..37f4050e3 100644
--- a/powerdnsadmin/templates/login.html
+++ b/powerdnsadmin/templates/login.html
@@ -89,7 +89,7 @@
                     <div class="row">
                         <div class="col-8">
                             <div class="icheck-primary">
-                                <input type="checkbox" id="remember">
+                                <input type="checkbox" name="remember" id="remember">
                                 <label for="remember">
                                     Remember Me
                                 </label>