From 21d18bbd38fd60cc8efacb31561b41b4493c8903 Mon Sep 17 00:00:00 2001
From: Florian da Costa <florian.dacosta@akretion.com>
Date: Fri, 5 Feb 2016 14:36:11 +0100
Subject: [PATCH] Add sql export module (migration from v7)

Add rollback after executing query as a double security with blacklist terms

add known issue in readme
---
 sql_export/README.rst                       |  56 ++++++++
 sql_export/__init__.py                      |   2 +
 sql_export/__openerp__.py                   |  39 +++++
 sql_export/i18n/fr.po                       | 142 +++++++++++++++++++
 sql_export/i18n/sql_export.pot              | 142 +++++++++++++++++++
 sql_export/security/ir.model.access.csv     |   3 +
 sql_export/security/sql_export_security.xml |  21 +++
 sql_export/sql_export.py                    | 149 ++++++++++++++++++++
 sql_export/sql_export_view.xml              |  56 ++++++++
 sql_export/static/description/icon.png      | Bin 0 -> 9455 bytes
 sql_export/tests/__init__.py                |   2 +
 sql_export/tests/test_sql_query.py          |  71 ++++++++++
 sql_export/wizard/__init__.py               |   1 +
 sql_export/wizard/wizard_file.py            |  29 ++++
 sql_export/wizard/wizard_file_view.xml      |  17 +++
 15 files changed, 730 insertions(+)
 create mode 100644 sql_export/README.rst
 create mode 100644 sql_export/__init__.py
 create mode 100644 sql_export/__openerp__.py
 create mode 100644 sql_export/i18n/fr.po
 create mode 100644 sql_export/i18n/sql_export.pot
 create mode 100644 sql_export/security/ir.model.access.csv
 create mode 100644 sql_export/security/sql_export_security.xml
 create mode 100644 sql_export/sql_export.py
 create mode 100644 sql_export/sql_export_view.xml
 create mode 100644 sql_export/static/description/icon.png
 create mode 100644 sql_export/tests/__init__.py
 create mode 100644 sql_export/tests/test_sql_query.py
 create mode 100644 sql_export/wizard/__init__.py
 create mode 100644 sql_export/wizard/wizard_file.py
 create mode 100644 sql_export/wizard/wizard_file_view.xml

diff --git a/sql_export/README.rst b/sql_export/README.rst
new file mode 100644
index 000000000..12e64e49d
--- /dev/null
+++ b/sql_export/README.rst
@@ -0,0 +1,56 @@
+.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
+    :alt: License: AGPL-3
+
+SQL Export
+==========
+
+Allow to export data in csv files FROM sql requests.
+There are some restrictions in the sql sql request, you can only read datas.
+No update, deletion or creation are possible.
+A new menu named Export is created.
+
+Known issues / Roadmap
+======================
+
+Some words are prohibeted and can't be used is the query in anyways, even in a select query :
+
+* delete
+* drop
+* insert
+* alter
+* truncate
+* execute
+* create
+* update
+
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed feedback
+`here <https://github.com/OCA/server-tools/issues/new?body=module:%20sql_export%0Aversion:%208.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Credits
+=======
+
+Contributors
+------------
+
+* Florian da Costa <florian.dacosta@akretion.com>
+
+Maintainer
+----------
+
+.. image:: http://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: http://odoo-community.org
+
+This module is maintained by the OCA.
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+To contribute to this module, please visit http://odoo-community.org.
diff --git a/sql_export/__init__.py b/sql_export/__init__.py
new file mode 100644
index 000000000..5dfb4aab3
--- /dev/null
+++ b/sql_export/__init__.py
@@ -0,0 +1,2 @@
+from . import sql_export
+from . import wizard
diff --git a/sql_export/__openerp__.py b/sql_export/__openerp__.py
new file mode 100644
index 000000000..9048aa751
--- /dev/null
+++ b/sql_export/__openerp__.py
@@ -0,0 +1,39 @@
+# -*- coding: utf-8 -*-
+##############################################################################
+#
+#    OpenERP, Open Source Management Solution
+#    Copyright (C) 2015 Akretion (<http://www.akretion.com>).
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU Affero General Public License as
+#    published by the Free Software Foundation, either version 3 of the
+#    License, or (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU Affero General Public License for more details.
+#
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+##############################################################################
+
+{'name': 'SQL Export',
+ 'version': '0.1',
+ 'author': 'Akretion,Odoo Community Association (OCA)',
+ 'website': 'http://www.akretion.com',
+ 'license': 'AGPL-3',
+ 'category': 'Generic Modules/Others',
+ 'summary': 'Export data in csv file with SQL requests',
+ 'depends': ['base',
+             ],
+ 'data': [
+     'sql_export_view.xml',
+     'wizard/wizard_file_view.xml',
+     'security/sql_export_security.xml',
+     'security/ir.model.access.csv',
+ ],
+ 'installable': True,
+ 'images': [],
+ }
diff --git a/sql_export/i18n/fr.po b/sql_export/i18n/fr.po
new file mode 100644
index 000000000..d1b7ff6e7
--- /dev/null
+++ b/sql_export/i18n/fr.po
@@ -0,0 +1,142 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* sql_export
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2016-02-05 13:10+0000\n"
+"PO-Revision-Date: 2016-02-05 13:10+0000\n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: sql_export
+#: model:ir.model,name:sql_export.model_sql_file_wizard
+msgid "Allow the user to save the file with sql request's data"
+msgstr "Permet à l'utilisateur de sauvegarder le fichier contenant les données de la requête SQL"
+
+#. module: sql_export
+#: field:sql.export,group_ids:0
+msgid "Allowed Groups"
+msgstr "Groupes Autorisés"
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+#: field:sql.export,user_ids:0
+msgid "Allowed Users"
+msgstr "Utilisateurs Autorisés"
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "Allowed Users Groups"
+msgstr "Groupes d'utilisateurs Autorisés"
+
+#. module: sql_export
+#: field:sql.export,copy_options:0
+msgid "Copy Options"
+msgstr "Copy Options"
+
+#. module: sql_export
+#: field:sql.export,create_uid:0
+#: field:sql.file.wizard,create_uid:0
+msgid "Created by"
+msgstr "Créé par"
+
+#. module: sql_export
+#: field:sql.export,create_date:0
+#: field:sql.file.wizard,create_date:0
+msgid "Created on"
+msgstr "Créé le"
+
+#. module: sql_export
+#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
+msgid "Csv File"
+msgstr "Fichier CSV"
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "Execute Query"
+msgstr "Exécuter"
+
+#. module: sql_export
+#: field:sql.file.wizard,binary_file:0
+msgid "File"
+msgstr "Fichier"
+
+#. module: sql_export
+#: field:sql.file.wizard,file_name:0
+msgid "File Name"
+msgstr "Nom du fichier"
+
+#. module: sql_export
+#: field:sql.export,id:0
+#: field:sql.file.wizard,id:0
+msgid "ID"
+msgstr "ID"
+
+#. module: sql_export
+#: field:sql.export,write_uid:0
+#: field:sql.file.wizard,write_uid:0
+msgid "Last Updated by"
+msgstr "Last Updated by"
+
+#. module: sql_export
+#: field:sql.export,write_date:0
+#: field:sql.file.wizard,write_date:0
+msgid "Last Updated on"
+msgstr "Last Updated on"
+
+#. module: sql_export
+#: field:sql.export,name:0
+msgid "Name"
+msgstr "Nom"
+
+#. module: sql_export
+#: field:sql.export,query:0
+msgid "Query"
+msgstr "Requête"
+
+#. module: sql_export
+#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
+#: view:sql.export:sql_export.sql_export_view_tree
+msgid "SQL Export"
+msgstr "SQL Export"
+
+#. module: sql_export
+#: model:ir.model,name:sql_export.model_sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "SQL export"
+msgstr "Export SQL"
+
+#. module: sql_export
+#: model:ir.ui.menu,name:sql_export.sql_export_menu
+#: model:ir.ui.menu,name:sql_export.sql_export_menu_view
+msgid "Sql Export"
+msgstr "Export SQL"
+
+#. module: sql_export
+#: model:res.groups,name:sql_export.group_sql_request_editor
+msgid "Sql Request Editor"
+msgstr "Edition de Requête SQL"
+
+#. module: sql_export
+#: code:addons/sql_export/sql_export.py:132
+#, python-format
+msgid "The Sql query is not valid."
+msgstr "La requête SQL n'est pas valide"
+
+#. module: sql_export
+#: constraint:sql.export:0
+msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)"
+msgstr "La requête que vous voulez faire n'est pas autorisée : actions interdites (delete, drop, insert, alter, truncate, execute, create, update)"
+
+#. module: sql_export
+#: help:sql.export,query:0
+msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update"
+msgstr "Vous ne pouvez pas utiliser les mots suivants : delete, drop, create, insert, alter, truncate, execute, update"
+
diff --git a/sql_export/i18n/sql_export.pot b/sql_export/i18n/sql_export.pot
new file mode 100644
index 000000000..39cc40538
--- /dev/null
+++ b/sql_export/i18n/sql_export.pot
@@ -0,0 +1,142 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* sql_export
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2016-02-05 13:10+0000\n"
+"PO-Revision-Date: 2016-02-05 13:10+0000\n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: sql_export
+#: model:ir.model,name:sql_export.model_sql_file_wizard
+msgid "Allow the user to save the file with sql request's data"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,group_ids:0
+msgid "Allowed Groups"
+msgstr ""
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+#: field:sql.export,user_ids:0
+msgid "Allowed Users"
+msgstr ""
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "Allowed Users Groups"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,copy_options:0
+msgid "Copy Options"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,create_uid:0
+#: field:sql.file.wizard,create_uid:0
+msgid "Created by"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,create_date:0
+#: field:sql.file.wizard,create_date:0
+msgid "Created on"
+msgstr ""
+
+#. module: sql_export
+#: view:sql.file.wizard:sql_export.sql_file_wizard_view_form
+msgid "Csv File"
+msgstr ""
+
+#. module: sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "Execute Query"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.file.wizard,binary_file:0
+msgid "File"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.file.wizard,file_name:0
+msgid "File Name"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,id:0
+#: field:sql.file.wizard,id:0
+msgid "ID"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,write_uid:0
+#: field:sql.file.wizard,write_uid:0
+msgid "Last Updated by"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,write_date:0
+#: field:sql.file.wizard,write_date:0
+msgid "Last Updated on"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,name:0
+msgid "Name"
+msgstr ""
+
+#. module: sql_export
+#: field:sql.export,query:0
+msgid "Query"
+msgstr ""
+
+#. module: sql_export
+#: model:ir.actions.act_window,name:sql_export.sql_export_tree_action
+#: view:sql.export:sql_export.sql_export_view_tree
+msgid "SQL Export"
+msgstr ""
+
+#. module: sql_export
+#: model:ir.model,name:sql_export.model_sql_export
+#: view:sql.export:sql_export.sql_export_view_form
+msgid "SQL export"
+msgstr ""
+
+#. module: sql_export
+#: model:ir.ui.menu,name:sql_export.sql_export_menu
+#: model:ir.ui.menu,name:sql_export.sql_export_menu_view
+msgid "Sql Export"
+msgstr ""
+
+#. module: sql_export
+#: model:res.groups,name:sql_export.group_sql_request_editor
+msgid "Sql Request Editor"
+msgstr ""
+
+#. module: sql_export
+#: code:addons/sql_export/sql_export.py:132
+#, python-format
+msgid "The Sql query is not valid."
+msgstr ""
+
+#. module: sql_export
+#: constraint:sql.export:0
+msgid "The query you want make is not allowed : prohibited actions (delete, drop, insert, alter, truncate, execute, create, update)"
+msgstr ""
+
+#. module: sql_export
+#: help:sql.export,query:0
+msgid "You can't use the following word : delete, drop, create, insert, alter, truncate, execute, update"
+msgstr ""
+
diff --git a/sql_export/security/ir.model.access.csv b/sql_export/security/ir.model.access.csv
new file mode 100644
index 000000000..65b1b713f
--- /dev/null
+++ b/sql_export/security/ir.model.access.csv
@@ -0,0 +1,3 @@
+"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
+"access_sql_export_all","access_sql_export_all","model_sql_export",,1,0,0,0
+"access_sql_export_editor","access_sql_export_editor","model_sql_export",group_sql_request_editor,1,1,1,1
diff --git a/sql_export/security/sql_export_security.xml b/sql_export/security/sql_export_security.xml
new file mode 100644
index 000000000..9338bfc40
--- /dev/null
+++ b/sql_export/security/sql_export_security.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<openerp>
+<data noupdate="0">
+
+    <record model="res.groups" id="group_sql_request_editor">
+        <field name="name">Sql Request Editor</field>
+        <field name="users" eval="[(4, ref('base.user_root'))]"/>
+    </record>
+
+    <record model="ir.rule" id="sql_export_restric_access_user_or_group">
+        <field name="name" >SQL Export users and groups rules</field>
+        <field name="model_id" ref="model_sql_export"/>
+        <field eval="1" name="perm_read"/>
+        <field eval="0" name="perm_create"/>
+        <field eval="0" name="perm_write"/>
+        <field eval="0" name="perm_unlink"/>
+        <field name="domain_force">['|', ('user_ids','=',user.id), ('group_ids','in', [x.id for x in user.groups_id])]</field>
+    </record>
+
+</data>
+</openerp>
diff --git a/sql_export/sql_export.py b/sql_export/sql_export.py
new file mode 100644
index 000000000..26aef2fd3
--- /dev/null
+++ b/sql_export/sql_export.py
@@ -0,0 +1,149 @@
+# -*- coding: utf-8 -*-
+##############################################################################
+#
+#    OpenERP, Open Source Management Solution
+#    Copyright (C) 2015 Akretion (<http://www.akretion.com>).
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU Affero General Public License as
+#    published by the Free Software Foundation, either version 3 of the
+#    License, or (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU Affero General Public License for more details.
+#
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+##############################################################################
+
+import StringIO
+import base64
+import datetime
+import re
+from openerp import models, fields, api, _, exceptions
+from openerp.tools import DEFAULT_SERVER_DATETIME_FORMAT
+import uuid
+
+
+class SqlExport(models.Model):
+    _name = "sql.export"
+    _description = "SQL export"
+
+    PROHIBITED_WORDS = [
+        'delete',
+        'drop',
+        'insert',
+        'alter',
+        'truncate',
+        'execute',
+        'create',
+        'update'
+    ]
+
+    @api.multi
+    def _check_query_allowed(self):
+        for obj in self:
+            query = obj.query.lower()
+            for word in self.PROHIBITED_WORDS:
+                expr = r'\b%s\b' % word
+                is_not_safe = re.search(expr, query)
+                if is_not_safe:
+                    return False
+        return True
+
+    @api.model
+    def _get_editor_group(self):
+        ir_model_obj = self.env['ir.model.data']
+        return [ir_model_obj.xmlid_to_res_id(
+            'sql_export.group_sql_request_editor')]
+
+    name = fields.Char('Name', required=True)
+    query = fields.Text(
+        'Query',
+        required=True,
+        help="You can't use the following word : delete, drop, create, "
+             "insert, alter, truncate, execute, update")
+    copy_options = fields.Char(
+        'Copy Options',
+        required=True,
+        default="CSV HEADER DELIMITER ';'")
+    group_ids = fields.Many2many(
+        'res.groups',
+        'groups_sqlquery_rel',
+        'sql_id',
+        'group_id',
+        'Allowed Groups',
+        default=_get_editor_group)
+    user_ids = fields.Many2many(
+        'res.users',
+        'users_sqlquery_rel',
+        'sql_id',
+        'user_id',
+        'Allowed Users')
+
+    _constraints = [(_check_query_allowed,
+                     'The query you want make is not allowed : prohibited '
+                     'actions (%s)' % ', '.join(PROHIBITED_WORDS),
+                     ['query'])]
+
+    @api.multi
+    def export_sql_query(self):
+        for obj in self:
+            today = datetime.datetime.now()
+            today_tz = fields.Datetime.context_timestamp(
+                obj, today)
+            date = today_tz.strftime(DEFAULT_SERVER_DATETIME_FORMAT)
+            output = StringIO.StringIO()
+            query = "COPY (" + obj.query + ")  TO STDOUT WITH " + \
+                    obj.copy_options
+            name = 'export_query_%s' % uuid.uuid1().hex
+            self.env.cr.execute("SAVEPOINT %s" % name)
+            try:
+                self.env.cr.copy_expert(query, output)
+                output.getvalue()
+                new_output = base64.b64encode(output.getvalue())
+                output.close()
+            finally:
+                self.env.cr.execute("ROLLBACK TO SAVEPOINT %s" % name)
+            wiz = self.env['sql.file.wizard'].create(
+                {
+                    'binary_file': new_output,
+                    'file_name': obj.name + '_' + date + '.csv'})
+        return {
+            'view_type': 'form',
+            'view_mode': 'form',
+            'res_model': 'sql.file.wizard',
+            'res_id': wiz.id,
+            'type': 'ir.actions.act_window',
+            'target': 'new',
+            'context': self._context,
+            'nodestroy': True,
+        }
+
+    @api.model
+    def check_query_syntax(self, vals):
+        if vals.get('query', False):
+            vals['query'] = vals['query'].strip()
+            if vals['query'][-1] == ';':
+                vals['query'] = vals['query'][:-1]
+            try:
+                self.env.cr.execute(vals['query'])
+            except:
+                raise exceptions.Warning(
+                    _("The Sql query is not valid."))
+            finally:
+                self.env.cr.rollback()
+        return vals
+
+    @api.multi
+    def write(self, vals):
+        vals = self.check_query_syntax(vals)
+        return super(SqlExport, self).write(vals)
+
+    @api.model
+    def create(self, vals):
+        vals = self.check_query_syntax(vals)
+        return super(SqlExport, self).create(vals)
diff --git a/sql_export/sql_export_view.xml b/sql_export/sql_export_view.xml
new file mode 100644
index 000000000..dbac8e882
--- /dev/null
+++ b/sql_export/sql_export_view.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+<openerp>
+<data>
+
+
+    <record id="sql_export_view_form" model="ir.ui.view">
+        <field name="name">Sql_export_form_view</field>
+        <field name="model">sql.export</field>
+        <field name="arch" type="xml">
+            <form string="SQL export">
+                <group col="2">
+                    <group colspan="2" col="5">
+                        <label for="name" colspan="1"/>
+                        <field name="name" colspan="2" nolabel="1"/>
+                        <button name="export_sql_query" string="Execute Query" type="object" class="oe_highlight" icon="gtk-execute" colspan="2"/>
+                        <label for="query" colspan="1"/>
+                        <field name="query" nolabel="1" colspan="4"/>
+                        <label for="Copy Options" colspan="1"/>
+                        <field name="copy_options" nolabel="1" colspan="4"/>
+                    </group>
+                    <group colspan="2" col="2" groups="sql_export.group_sql_request_editor">
+                        <separator string="Allowed Users" colspan="1"/>
+                        <separator string="Allowed Users Groups" colspan="1"/>
+                        <field name="user_ids" nolabel="1"/>
+                        <field name="group_ids" nolabel="1"/>
+                    </group>
+                </group>
+            </form>
+        </field>
+    </record>
+
+    <record id="sql_export_view_tree" model="ir.ui.view">
+        <field name="name">Sql_export_tree_view</field>
+        <field name="model">sql.export</field>
+        <field name="arch" type="xml">
+            <tree string="SQL Export">
+                    <field name="name"/>
+            </tree>
+        </field>
+    </record>
+
+    <record id="sql_export_tree_action" model="ir.actions.act_window">
+        <field name="name">SQL Export</field>
+        <field name="res_model">sql.export</field>
+        <field name="view_type">form</field>
+        <field name="view_mode">tree,form</field>
+    </record>
+
+
+    <menuitem id="sql_export_menu" name="Sql Export" parent="base.menu_reporting" sequence="80"/>
+
+    <menuitem id="sql_export_menu_view" name="Sql Export" parent="sql_export_menu" action="sql_export_tree_action" sequence="1"/>
+
+
+</data>
+</openerp>
diff --git a/sql_export/static/description/icon.png b/sql_export/static/description/icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..3a0328b516c4980e8e44cdb63fd945757ddd132d
GIT binary patch
literal 9455
zcmW++2RxMjAAjx~&dlBk9S+%}OXg)AGE&Cb*&}<C%<R2Kc9faym6aW`f0Dh5$js*d
z_}}Z!;XIG;_cPz`_vag-p{7Ve$Uq1H00~A(?iu(VaQlMefnU3&OozZXm@69d91cGG
z;O61r&je0NdamH#&)mKsXk?Zb_)B^>d0jUxM@u(PQx^-s)6<jB#=*|j%+$$(&(Xyy
zYgd8+09XKwoa}S2?48%%ZU#L~n^g{fE40h%YEx5by;GuJ(K|vI1uO;0m}=J7R4@Bs
z>97TX<v{QF=s?r`z`m$a0ZvrhBU7}{15RN9M`j!kv_Mp+3~{||YNuFzHNvhMYm3=Q
zo!q+OJ5(%-oNM^I^M%*luKMiVL`lo`bcKGymX7i3MIFWj1i|9+CGNvn`cu-RsK0Qh
zoYlwB>`ehR4?GS^qbkof1cslKgk<Uw6DeIxZyT_?=OwX|lwC*A?ac*gHF7jmS080$
z>U)h65qZ9Oc=ml_0temigYLJfnz{IDzUf>bGs4N!v3=Z3jMq&A#7%rM5eQ#dc?k~!
zVpnB`o+K7|Al`Q_U<UrcmRnh6jExs}l(hZs0%T~Dnpu-NENdhioRv(T{Qmv>;eD$B
zfJtP*jH`siUq~{KE)`jP2|#TUEFGRryE2`i0**z#*^6~AI|YzIWy$Cu#CSLW3q=GA
z6`?GZymC;dCPk~rBS%eCb`5OLr;RUZ;D`}um=H)BfVIq%7VhiMr)_#G0N#zrNH|__
zc+blN2UAB0=617@>_<D4$IPL<k1zq(*VmlDPer&h1n6`AG;9A!_W=N$JthhQWXZ<i
zGURc6f<i*joK3xSWaOOXxAc8ES>u;MPHN;P;N#YoE=)R#i$k_`UAA>WWCcEVMh~L_
zj--gtp&|K1#58Yz*AHCTMziU1Jzt_jG0I@qAOHsk$2}yTmVkBp_eHuY$A9)>P6o~I
z%aQ?!(GqeQ-Y+b0I(m9pwgi(IIZZzsbMv+9w{PFtd_<_(LA~0H(xz<Z(Qt1jC2cC|
z6WbMo9YgON{L#ZDl$sV4*<CP(>{=FhLB@(1&qHA5EJw1>>=%q2f&^X>IQ{!GJ4e9U
z&KlB)z(84HmNgm2hg2C0>WM{E(DdPr+EeU_N@57;PC2&DmGFW_9kP&%?X4}+xWi)(
z;)z%wI5>D4a*5XwD)P--sPkoY(a~WBw;E~AW`Yue4kFa^LM3X`8x|}ZUeMnqr}>kH
zG%WWW>3ml$Yez?i%)2pbKPI7?5o?hydokgQyZsNEr{a|mLdt;X2TX(#B1j35xPnPW
z*bMSSOauW>o;*=kO8ojw91VX!qoOQb)zHJ!odWB}d+*K?#sY_jqPdg{Sm2HdYzdEx
zOGVPhVRTGPtv0o}RfVP;Nd(|CB)<HrC1(%ZOEd8PI?r9b_$Cp-${bh59Z_R7n&YCp
zl8lfMpes*8{FVm;oJH@0LLoWmxD59u?JwHz2iRrAaE0`Hc&g;t5~$P*kdeOZn9OJ3
zRczo@ZkWU)RG+hcfH~{49Vvb3D(W0wRX#|$cA0Iqy^VR~(4hqA2AFI-rK!FM!#fJ_
zGFI@iqJOPXZ!=VjTS3dMuu~9xU3K1&?th;$)cqM#WGxbDEyB$y`#9j%>I;*t&QO8h
zFfekr30S!-LHmV_Su-W+rEwYXJ^;6&3|L$mMC8*bQptyOo9;>Qb9Q9`ySe3%V$A*9
zeKEe+b0{#KWGp$F+tga)0RtI)nhMa-K@JS}2krK~n8vJ=Ngm?R!9G<~RyuU0d?nz#
z-5EK$o(!F?hmX*2Yt6+coY`6jGbb7t<dboft~zeDZwK=+l2bFWs5^+|r{J6GO9Cwl
z&SW58BRs?XdFLuhtzl7WLbQ#~z#`jAB3AbSUg6jW6@qVd2Q~9qN(izT1y*>F#6nHA
zuKk=GGJ;ZwON1iAfG$E#Y7MnZVmrY|j0eVI(DN_MNFJmyZ|;w4tf@=CCDZ#5N_0K=
z$;R~bbk?}TpfDjfB&aiQ$VA}s?P}xPERJG{kxk5~R`iRS(SK5d+Xs9swCozZISbnS
zk!)I0>t=A<-^z(cmSFz3=jZ23u13X><0b)P)^1T_))Kr`e!-pb#q&J*Q`p+B6la%C
zuVl&0duN<;uOsB3%T9Fp8t{ED108<?)`y_~Hnd9AUX7h-H?jVuU|}My+C=TjH(jKz
zqMVr0re3S$H@t{zI95qa)+Crz*5Zj}Ao%4Z><+W(nOZd?gDnfNBC3>M8WE61$So|P
zVvqH0SNtDTcs<xiU1;=a39$d&&l5EwoIH1db#`S9Kw!YC1jhR)VbCWMptlUUkpfif
zMzi-i8)WL?|C$*Q?iqbS{w<lA9XN(rD)VS<zn>UdzaMDpT=Ty0pDHHNL@Z0w$Y`XO
z2M-_r1S+GaH%pz#Uy0*w$Vdl=X=rQXEzO}d6J^R6zjM1u&c9vYLvLp?W7w(?np9x1
zE_0JSAJCPB%i7p*Wvg)pn5T`8k3-uR?*NT|J`eS#_#54p>!p(mLDvmc-3o0mX*mp_
zN*AeS<>#^-{S%W<*mz^!X$w_2dHWpcJ6^j64qFBft-o}o_Vx80o0>}Du;>kLts;$8
zC`7q$QI(dKYG`Wa8#wl@V4jVWBRGQ@1dr-hstpQL)Tl+aqVpGpbSfN>5i&QMXfiZ>
zaA?T1VGe?rpQ@;+pkrVdd{klI&jVS@I5_iz!=UMpTsa~mBga?1r}a<Xwa$pLotZk<
zsykXwQO37I=aXew7x=}YWiW)^p)|C#g+)an!@j?EcY8C0t)BlK#y{YLtkJ6=D6H-5
zp2*ANf@>RBm1WS;TT*s0f0lY=JBl66Upy)-k4J}lh=P^8(SXk~0xW=T9v*B|gzIhN
z>qsO7dFd~mgxAy4V?&)=5ieYq?zi?ZEoj)&2o)RLy=<bK!vY7J*RP!&i_xU}i*o6o
z?xN*1<rEe1L2HBkCSgiYM3a|4w?Bo7CJL7?Eh;9An1m$1t?h1v92<Xg2(#)bjbL|o
zH_H0}!Og=1dOBynXHu>@hbCRcfT5ji<pmK_U*~T(A$I-*rM$8-BCv{=@=7F)2pdtU
z5==tp!}A*&Xgf{F>gwtQGE{L*8<@Yd{zg;CsL5mvzfDY}P-wos_6PfprFVaeqNE%h
zKZhLtcQld;ZD+>=nqN~>GvROfueSzJD&<KAVm#0W>BE*}XfU|H&(FssBqY=hPCt`d
zH?@s2>I(|;fcW&YM6#V<T#ysvE$@4oRO>#!kUIP8$Nkdh0A(bEVj``-AAyYgwY~jB
zT|I7Bf@%;7aL7Wf4dZ%VqF$eiaC38OV6oy3Z#TER2G+fOCd9Iaoy6aLYbPTN{XRPz
z;U!V|vBf%H!}52L2gH_+j;`bTcQRXB+y9onc^wLm5wi3-Be}U>k_u>2Eg$=k!(l@I
zcCg+flakT2Nej3i0yn+g+}%NYb?ta;R<sv-KjYb}UVFjITQ)VAEWu*)Lz7*-f^A*H
z<25#Ynt~-Qh?$wWx4$1=T2`j@bKp!)3IXh(LC@)%WGW$+j(tGz(6#bGw&K0j=Np@B
zt}@t$R`z(>?(g5SnwsQ49U8Wng8d|{B+lyRcEDvR3+`O{zfmrmvFrL6acVP%yG98X
zo&+VBg@px@i)%o?dG(`T;n*$S5*rnyiR#=wW}}GsAcfyQpE|>a{=$Hjg=-*_K;UtD
z<sX7(ZJc+Q;#xP8uk`jnF@a^|TWw*55if6@@}%7lOBaGo9Ia-e?`RPQc^w^EWfhe}
zHWHTvDA+r}Xf5Yqpr;QU-88%QC9F_>#z-)AXwSRY?<M%E84!g*1GC?E>OPefw^iI+
z)AXz#PfEjlwTes|_{sB?4(O@fg0AJ^g8gP}ex9Ucf*@_^J(s_5jJV}c)s$`Myn|Kd
z$<h)Fm>6>}#q^n{4vN@+Os$m7KV+`}c%4)4pv@06af4-x5#wj!KKb%caK{A&Y#Rfs
z-po?Dcb1({W=6FKIUirH&(yg=*6aLCekcKwyfK^JN5{wcA3nhO(o}SK#!CINhI`-I
z1)6&n7O&ZmyFMuNwvEic#IiOAwNkR=u5it{B9n2sAJV5pNhar=j5`*N!Na;c7g!l$
z3aYBqUkqqTJ=Re-;)s!EOeij=7SQZ3Hq}ZRds%IM*PtM$wV<GYik+VfZene%bm(n6
z`r@rc^TVw7EN{|O7rORMlw)zt(Z#enc3joE#IIk!M)L8gk^go9E9AxiP9o#OqmvV>
z@;rlc*NRK7i3y5BETSKuumEN`Xu_8<BQ)z0!-JuC8x}?$qo8SEko}oUWNI(4h*VHO
zAi!Egy!f(o9aHs2dhSE6ki(be*&w&+WLOB<(b3T_Hide(NvVvLQV{BN|2?UJFaY*@
z9CXA5B_*8i5Bf6sn~d`R>GP1Ri=OK<SGIb#BCTo3qI#UBUg+dkR+2ilUwIg%XFV;l
z+>Q$@I^ko8>H6)4rjiG5{VBM>B|%`&&s^)jS|-_95&yc=GqjNo{zFkw%%HHhS~e=s
zD#sfS+-?*t|J!+ozP6KvtOl!R)@@-z24}`9{QaVLD^9VCSR2b`b!KC#o;Ki<+wXB6
zx3&O0LOWcg4&rv4QG0)4yb}7BFSEg~=IR5<g6yi=XozU}zReXL{rA%c`$IQAs<ObZ
zep*ITZ0C(~W*`?XH^l1t7&+qigAfY9tVJ5DH!~jY>#ZRj8kg}dS7_V&^%#Do==#`u
zpy6{ox?jWuR(;pg+f@mT>#HGWHAJRRDDDv~@(IDw&R>9643kK<aUZ^OhBu;1e6t#{
zxKehVgz`HT;A`FMivG<tq0OcrXwHUX_<$j<uk%m>#HN`!1vBJHnC+RM&yIh8{gG2q
zA%e*U3|N0XSRa~oX-3EAneep)@{h2vvd3Xvy$7og(sayr@95+e6~Xvi1tUqnIxoIH
zVWo*OwYElb#uyW{Imam6f2<eMTQj#)z8+N&ZY?tSPo%&2eVNU=4=?rlO<*9Twaxco
zEVE=Jh?_x>rGbjR!Y3`#gPqkv57dB6K^wRGxc9B(t|aYDGS=m$&S!NmCtrMMaUg(c
zc2qC=2Z`EEFMW-me5B)24AqF*bV5Dr-M5ig(l-WPS%CgaPzs6p_gnCIvTJ=Y<6!gT
zVt@AfYCzjjsMEGi=rDQHo0yc;HqoRNnNFeWZgcm?f;cp(6CNylj36DoL(?TS7eU#+
z7&mfr#y))+CJOXQKUMZ7QIdS9@#-}7y2K1{8)cCt0~-X0O!O?Qx#E4Og+;A2SjalQ
zs7r?qn0H044=sDN$SRG$arw~n=+T_DNdSrarmu)V6@|?1-ZB#hRn`uilTGPJ@fqEy
zGt(f0B+^JDP&f=r{#Y_wi#AVDf-y!RIXU^0jXsFpf>=Ji*TeqSY!H~AMbJdCGLhC)
zn7Rx+sXw6uYj;WRYrLd^5IZq@6JI1C^YkgnedZEYy<&4(z%Q$5yv#B<pkvWZft^C&
z;+zNo+VJNluxaDF!`gW+F0=MxsCQ~~#CYKa;ULfj5hTa8a6;d*(<eeQ7-ZQgz2et^
zf|7URfj;x*#HiF0wuBCOTEpbeD&kkENqolCm2#cQGHCeEC<&I3j+P6?sX?BPp4~46
zx-S~EJ>oo{AH8n$<d4loB?vL3RqXwK_COrQ6xRoWGOdFnWy(hhzrG8k;2k}8Zj&>a
zhb4Y3PWdr269&?V%uI$xMcUrMzl=;w<_nm*qr=c3Rl@i5wWB;e-`t7D&c-mcQl7x!
zZWB`UGcw=Y2=}~wzrfLx=uet<;m3~=8I~ZRuzvMQUQdr+yTV|ATf1Uuomr__nDf=X
zZ3WYJtHp_ri(}SQAPjv+Y+0=<GD??Na(2AG`s>fH4krOP@S&=zZ-t1jW1o@}z;xk8
z(Nz1co&El^HK^NrhVHa-_;&88vTU>_J33=%{if;BEY*J#1n59=07jrGQ#IP>@u#3A
z;!q+E1Rj3ZJ+!4bq9F8PXJ@yMgZL;>&gYA0%_Kbi8?S=XGM~dnQZQ!yBSgcZhY96H
zrWnU;k)qy`rX&&xlDyA%(a1Hhi5CWkmg(`Gb%m(HKi-7Z!LKGRP_B8@`7&hdDy5n=
z`OIxqxiVfX@OX1p(mQu>0Ai*v_cTMiw4qRt3~N<X{IYiJ3k=4u-u*nJEBnJ<OdI8P
zXmK`OYkO5a{YDhI3PL|H4m=p>Bvr9oBy0)r>w3p~V0SCm=An6@3n)>@z!|o-$HvDK
z|3D2ZMJkLE5loMKl6R^ez@Zz%S$&mbeoqH5`Bb){Ei21q&VP)hWS2tjShfFtGE+$z
zzCR$P#uktu+#!w)cX!<osOkId_HzAT-HD2N`M+v2l+zwdW%GgZbQMuhfE*hHjKXKg
z45hphqVETPDbX6wpTlZqza0gFaRGh`3L~0id)F6#%@9;w(e%PjzuD7@inuToA!B?F
zCMLJc!u{3N)s?lB-!11!GxXsCak8zQomO)gmn02f-5~OkMYnm~#jVwwYNw@LAv!KN
z-n`q1|AXw*TW>lWN1XU%K-r=s{|j?)Akf@q#3b#{6cZCuJ~gCxuMXRmI$nGtnH+-h
z+GEi!*X=AP<|fG`1>MBdTb?28JYc=fGvAi2I<$B(rs$;eoJCyR6_bc~p!XR@O-+sD
z=eH`-ye})I5ic1eL~TDmtfJ|8`0VJ*Yr=hNCd)G1p2MMz4C3^Mj?7;!w|Ly%JqmuW
zlIEW^Ft%z?*|fpXda>Jr^1noFZEwFgVV%|*XhH@acv8rdGxeEX{M$(vG{Zw+x(ei@
zmfXb22}8-?Fi`vo-YVrTH*C?a8%M=Hv9MqVH7H^J$KsD?>!SFZ;ZsvnHr_gn=7acz
z#W?0eCdVhVMWN12VV^$>WlQ?f;P^{(&pYTops|btm6aj>_Uz+hqpGwB)vWp0Cf5y<
zft8-je~nn?W11plq}N)4A{l8I7$!ks_x$PXW-2XaRFswX_BnF{R#6YIwMhAgd5F9X
zGmwdadS6(a^fjHtXg8=l?Rc0Sm%hk6E9!5cLVloEy4eh(=FwgP`)~I^5~pBEWo+F6
zSf2ncyMurJN91#cJTy_u8Y}@%!bq1RkGC~-bV@SXRd4F{R-*V<h953|jk-C&|3)z%
ze&_30-6q1)a0(!xXqA+_t(WC`HA_yYaW@>`bS+6;W5vZ(&+I<9$;-V|eNfLa5n-6%
z2(}&uGRF;p9<Q%jdNy1%e7XTzyu7EEQT(5LrnvX~T%K!IuDyHY`ZneVJu#k_1T)xA
z*yxB?y4!pOJ$DTZzBm|8OIQq+AtV25aJ+X5EJjAu><tfuiNClI2BSoMgqLnU-5t95
zEnZ(^g~1RgD=UMB({c;$HujG&%DqGF;5jI~roRT+(rOoS$6f6SsURIuAVkAeIVc~{
z5ZxLN%m%Z*Sg;qYCf3<$dE6~&w_!EBx%yl4YC~LH{FCFNRBc_I>2eS*sE*o<YSPrx
z{M(reV{~jKue#Y6ZOnqJia{fQc!UxV4m)l389OmzR6A3|2!i<P{r82jKw+zq4%@ny
znopi6g!1Vx9Bml#a~KdL2lp2C)qSTKIh43vgycQHfQb_I!kQY&p;X@Bz|{^SXsW1K
zP&Ag1CW_r6u5-4=s(W>R$@pexaqr*meB)VhmIg@h{uzkk$9~qh#cHhw#>O%)b@+(|
z^IQgqzuj~Sk(J;swEM-3TrJAPCq9k^^^`q{IItKBRXYe}e0Tdr=Huf7da3$l4<V=<
zfr<*%iOB1EY}w3tF2Cwl7a2OS&~Y-lu<s)T^9=OFU8(CeN|63BiMxf*)5gesGU<eZ
z9DigzL3+quZ1o2T<KAZbCGJx&lrl*e#}Dpv24bZO$B<Yoc5hbeP0y?@P%|Tvw||e%
zV#e^q0D2R_Oq_c+=x5vP&hg4k+df{o7$aNZCM>PdpwWDop%^}n;dD#K4s#DYA8SHZ
z&1!riV4W4R7R#C))JH1~axJ)RYnM$$lIR%6fIVA@zV{XVyx}C+a-Dt8Y9M)^KU0+H
zR4IUb2CJ{Hg>CuaXtD50jB(_Tcx=Z$^W<wsNa}nUDpNk$q{>Yu2u5kubqmwp%drJ6
z?Fo40g!Qd<-l=TQxqHEOuPX0;^z7iX?Ke^a%XT<13TA^5`4Xcw6D@Ur&VT&CUe0d}
z1GjOVF1^L@>O)l@?bD~$wzgf(nxX1OGD8fEV?TdJcZc2KoUe|oP1#=$$7ee|xbY)A
zDZq+cuTpc(fFdj^=!;{k03C69lMQ(|>uhRfRu%+!k&<F<Z7l=VnwB^RA&^APMi=Tn
zNc}%IJL~xB4OP6bJNwAw)~Ma2=UP0dhr%X=kco(it+@F<#$xrIJ8@|{Buh<)h`xg?
z_U}pe=3#zmDfdqE4`Hyn<!?&CfCp#GTeXo8;AYd1Opd&cXER8cBSOF3iFJ#XPgQVp
zZSiQf7V^Dt?ITs8aMF~e1hq0P@^oB)#byh|6q_7F1B%ST%WL~J?ySn>YOi-3|1QKB
z<?_cUy)V3go%%^l)lRa=dmY_XQG3Z{Q?52d$qG}vIe|EZbYEtrR$rh(iS)O#dU-(>
z?n?eq1XP>p-IM$Z^C;2L3itnbJZAip*Zo0aw2bs8@(s^~*8T9go!%dHcAz2lM;`yp
zD=7&xjFV$S&5uDaiScyD?B-i1ze`+CoRtz`Wn+Zl&#<i<Zx(`=7k~{%`w&<EbG}U<
z0%E^8lyw>s4&}MO{@N!ufrzjG$B79)Y2d3tBk&)TxUTw@<TSeYlROCt(gU?O((-qu
zs>QS0TEL_?njX|<LXnSC4TlId(D4W|GQ?L@$3Ue@N8p=l9-sC<=z(lPk;^sT(v2*k
zc~vp#Hp`mXjzhml2NMCh^h5)sqsan+jJ_l<a4w|G&ac02hrz8#6|kFraA~rta0}!q
zB4BE{QWY7MtxHn_xB);Avf#Lf<GG<A?Q3JVyc1p8^H}$8(Gn=_&F1!m8$sKyeue+L
z5&392wm+wO;_oXoTEJ=wxVXk}dt<d~CgUUMW_PPTe(c<7n18#mVaX)vK}-PzZq7<b
zNJbVTFaq(8ZLx|A*G$H3ugT2aVziDEGa66FVt@hr1|D{RWN6yuqlglM!rp^YG;UpG
zrnm?ek079l3VoOU^p%f^A9Yzn8IVX?^rB4LbgJ|PONhzM_0{P?S(V$OI=u5IBjfT#
z0ntLLnhg5$0fAHJaG6HCx4X7;RmvMtE}8C>@vq?Uz(nBFK5Pq7*xj#u*R&i|?7+6#
z+|r_n#SW&LXhtheZdah{ZVoqwyT{D>MC3nkFF#N)xLi{p7J1jXlmVeb;cP5?e(=f#
zuT7fv<Q3o5LspCx-RPkzLw{VsDE>jSbjS781v?7{)-X3*?>tq?)Yd)~|1{BDS(pqC
zC}~H#WXlkUW*H5CDOo<)#x7%RY)A;ShGhI5s*#cRDA8YgqG(HeKDx+#(ZQ?386dv!
zlXCO)w91~Vw4AmOcATuV653fa9R$fyK8<JV*@W33SMHM;w!OmUXar{O;_8j>ul%rG
z-<zwGD)!Y{+(T{%ob~79zpXX%zulyiy1_UHWvu@YqxKAK3e9GO6Os4R0Naujn>wfS
zihugoZyr38Im?Zuh6@RcF~t1anQu7>#lPpb#}4cOA!EM11`%f*07RqOVkmX{p~KJ9
z^zP;K#|)$`^Rb{rnH<AdQ^(;gQMcF>GH{~>1(fawV0*Z#)}M`m8-?ZJV<+e}s9wE#
z)l&az?w^5{)`S(%MRzxdNqrs1n*-=jS^_jqE*5XDrA0+VE`5^*p3CuM<&dZEeCjoz
zR;uu_H9ZPZV|fQq`Cyw4nscrVwi!fE6ciMmX$!_hN7uF;jjKG)d2@aC4ropY)8<!P
zAOHj?oPbjQ%hh|vE_1IMB)43eQpeLi&)R>etW=xJvni)8eHi`H$%#zn^WJ<U7gogJ
z?A^!2J~rI78JH|Ml2EldmKY5K8;Zx(FGcBdM<5oe#G+nd6dObqz@Af%%M*aBE_pn8
zXQo2`Bw*IwvP3#1Ev<%YocpBodO9+Rw~`5*CY3{L;qf1PxV!r%NI+#Q1f8GU7$~#U
zAA9$4&g-k=8BYi*3i@0^UX}nTQVyOf)8T(}G^Ti?Vqvk~bJRR#EAQ?u`dClPxk@{;
zxvO?%jSX`2{8|^z0*C5DR1Z^>5NLc-rqk|u&&4Z6fD_m&JfSI1Bvb?b<*n&sfl0^t
z=HnmRl`XrFvMKB%9}>PaA`m-fK6a0(8=qPkWS5bb4=v?XcWi&hRY?O5HdulRi4?fN
zlsJ*N-0Qw+Yic@s0(2uy%F@ib;GjXt01F<S%GT3P{Ck&Y*^gWuie`o_g+ZNDNIV|F
z)zEe|Ij*4$H1(<RLz0($;AD3VsUJwI@liw^?fh(V?VC`Sz7h`*Q<VYlhbHJ?&h+!W
zAJC)U;Lx_QRaSNFYbyi|7+MeNTgA+Znh}qFzf>mx5XbRo6+n|pP(&nodMoap^z{~q
ziEeaUT@Mxe3vJSfI6?uLND(CNr=#^W<1b}jzW58bIfyWTDle$mmS(|x-0|2UlX+9k
zQ<WB5+u#`K#~J$81)#?BuTOKLk|+S>^EX7Nw}?EzVoBfT(-LT|=9N@^hcn-_p&sqG
z&*oVs2JSU+N4ZD`FhCAWaS;>|wH2G*Id|?pa#@>tyxX`+4HyIArWDvVrX)2WAOQff
z0qyHu&-S@i^MS-+j--!pr4fPBj~_8({~e1bfcl0wI1kaoN>mJL6KUPQm5N7lB(ui1
zE-o%kq)&djzWJ}ob<-GfDlkB;F31j-VHKvQUGQ3sp`CwyGJk_i!y^sD0fqC@$9|jO
zOqN!r!8-p==F@ZVP=U$qSpY(gQ0)59P1&t@y?5rvg<}E+GB}2<F#{*|k0E{$&_`~)
zkzDcsi#!7r<a8lPUCMj?{CK;e|9#-xj>6NYPp4f2YFQrQtot5mn3wu_qprZ=>Ig-$
zbW26Ws~IgY>}^5w`vTB(G`PTZaDiGBo5o(tp)qli|NeV(<Rzgqw(Ze!7hEGKKx((>
z@H_=R8V39rt5J5YB2Ky?4eJJ#b`_iBe2ot~6%7mLt5t8Vwi^Jy7|jWXqa3amOIoRb
zOr}WVFP--DsS`1WpN%~)t3R!arKF^Q$e12KEqU36AWwnCBICpH4XCsfnyrHr>$I$4
z!DpKX$OKLWarN7nv@!uIA+~RNO)l$$w}p(;b>mx8pwYvu;dD_unryX_N<mojSrG!`
zgkqx4t<XLL6ZUppvjeV9PJ6dG>hT8*Tj>BTrTTL&!?O+%Rv;b?B??gSzdp?6Uug9{
zd@V08Z$BdI?fpoCS$)t4mg4rT8Q_I}h`0d-vYZ^|dOB*Q^S|xqTV*<bTMtKO;_Z)R
zRSOJrd5TFO0aO%#%-sNa{`SiQ^$$1^@oUd&^lB{MKZ>vIg?@fVFSmMpaw0qtTRbx}
z({Pg?#{2`sc9)M5N$*N|4;^t$+Q<Wh^yJ?FzJ*$wiB{j;CMy+?m1MbsJo0ubR==f9
z>P?#mo<zt1E6=Ilm*nbmYmpxfAj7*m*Wh@=7|;!%(-pviW`nuCktLveet9^$*y^>v
zGVC@I*lBVrOU-%2y!7%)fAKjpEFsgQc4{amtiHb95KQEwvf<(3T<9-Zm$xIew#P22
zc2Ix|App^>v6(3L_MCU0d3W##AB<Fxl*nmny6_RsCu%1a)so}}uCXSzwY70Y@uTxK
z=5nu(N*2HDbrIcL)t_*{*84mvmV_Y9<vxHJJ;0gUdNjyW)jDb|@|j*qR8;gsMa5Ir
z02fHv=%xyN9VLv_ZLL4y|F*p$S^^T47m{aok5{rmM{$s7^Xu2!_fo1$IG6kkG_Tgx
zFfjPm3;g>0M~3D00EWoKZqsJYT(#@w$Y_H7G22M~ApVFTRHMI_3be)Lkn#0F*V8Pq
zc}`Cjy$bE;FJ6H7p=0y#R>`}-m4(0F>%@P|?7fx{=R^uFdISRnZ2W_xQhD{YuR3t<
z{6yxu=4~JkeA;|(J6_nv#>Nvs&FuLA&PW^he@t(UwFFE8)|a!R{`E`K`i^ZnyE4$k
z;(749Ix|oi$c3QbEJ3b~D_kQsPz~fIUKym($a_7dJ?o+40*OLl^{=&oq$<#Q(yyrp
z{J-FAniyAw9tPbe&IhQ|a`DqFTVQGQ&Gq3!C2==4x{6EJwiPZ8zub-iXoUtkJiG{}
zPaR&}_fn8_z~(=;5lD-aPWD3z8PZS@AaUiomF!G8I}Mf>e~0g#BelA-5#`cj;O5>N
Xviia!U7SGha1wx#SCgwmn*{w2TRX*I

literal 0
HcmV?d00001

diff --git a/sql_export/tests/__init__.py b/sql_export/tests/__init__.py
new file mode 100644
index 000000000..db699b61a
--- /dev/null
+++ b/sql_export/tests/__init__.py
@@ -0,0 +1,2 @@
+# -*- coding: utf-8 -*-
+from . import test_sql_query
diff --git a/sql_export/tests/test_sql_query.py b/sql_export/tests/test_sql_query.py
new file mode 100644
index 000000000..0a3eea4a1
--- /dev/null
+++ b/sql_export/tests/test_sql_query.py
@@ -0,0 +1,71 @@
+# -*- coding: utf-8 -*-
+##############################################################################
+#
+#    Author: Florian da Costa
+#    Copyright 2015 Akretion
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU Affero General Public License as
+#    published by the Free Software Foundation, either version 3 of the
+#    License, or (at your option) any later version.
+#
+#    This program is distnaributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU Affero General Public License for more details.
+#
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+##############################################################################
+import base64
+from openerp.tests.common import TransactionCase
+from openerp import exceptions
+
+
+class TestExportSqlQuery(TransactionCase):
+
+    def setUp(self):
+        super(TestExportSqlQuery, self).setUp()
+        query_vals = {
+            'name': 'test',
+            'query': "SELECT name, street FROM res_partner;"
+        }
+        self.sql_model = self.registry('sql.export')
+        self.query_id = self.sql_model.create(
+            self.cr,
+            self.uid,
+            query_vals)
+
+    def test_sql_query(self):
+        test = self.sql_model.export_sql_query(
+            self.cr, self.uid, [self.query_id])
+        wizard = self.registry('sql.file.wizard').browse(
+            self.cr, self.uid, test['res_id'])
+        export = base64.b64decode(wizard.binary_file)
+        self.assertEqual(export.split(';')[0], 'name')
+        self.assertTrue(len(export.split(';')) > 6)
+
+    def test_prohibited_queries_creation(self):
+        prohibited_queries = [
+            "upDaTe res_partner SET name = 'test' WHERE id = 1",
+            "DELETE FROM sql_export WHERE name = 'test';",
+            "  DELETE FROM sql_export WHERE name = 'test'   ;",
+            """DELETE
+            FROM
+            sql_export
+            WHERE name = 'test'
+            """,
+        ]
+        for query in prohibited_queries:
+            with self.assertRaises(exceptions.ValidationError):
+                self.sql_model.create(
+                    self.cr, self.uid,
+                    {'name': 'test_prohibited',
+                     'query': query})
+        ok_query = {
+            'name': 'test ok',
+            'query': "SELECT create_date FROM res_partner"
+        }
+        query_id = self.sql_model.create(self.cr, self.uid, ok_query)
+        self.assertIsNotNone(query_id)
diff --git a/sql_export/wizard/__init__.py b/sql_export/wizard/__init__.py
new file mode 100644
index 000000000..ddf406aa1
--- /dev/null
+++ b/sql_export/wizard/__init__.py
@@ -0,0 +1 @@
+from . import wizard_file
diff --git a/sql_export/wizard/wizard_file.py b/sql_export/wizard/wizard_file.py
new file mode 100644
index 000000000..c21162044
--- /dev/null
+++ b/sql_export/wizard/wizard_file.py
@@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+##############################################################################
+#
+#    OpenERP, Open Source Management Solution
+#    Copyright (C) 2015 Akretion (<http://www.akretion.com>).
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU Affero General Public License as
+#    published by the Free Software Foundation, either version 3 of the
+#    License, or (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU Affero General Public License for more details.
+#
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+##############################################################################
+from openerp import models, fields
+
+
+class SqlFileWizard(models.TransientModel):
+    _name = "sql.file.wizard"
+    _description = "Allow the user to save the file with sql request's data"
+
+    binary_file = fields.Binary('File', required=True, readonly=True)
+    file_name = fields.Char('File Name', readonly=True)
diff --git a/sql_export/wizard/wizard_file_view.xml b/sql_export/wizard/wizard_file_view.xml
new file mode 100644
index 000000000..9773d208a
--- /dev/null
+++ b/sql_export/wizard/wizard_file_view.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<openerp>
+    <data>
+
+        <record id="sql_file_wizard_view_form" model="ir.ui.view">
+            <field name="name">sql.file.wizard.view.form</field>
+            <field name="model">sql.file.wizard</field>
+            <field name="arch" type="xml">
+                <form string="Csv File">
+                        <field name="binary_file" filename="file_name"/>
+                        <field name="file_name" invisible="1"/>
+                </form>
+            </field>
+        </record>
+
+    </data>
+</openerp>