diff --git a/build/deb-rust-pluriton-interface/Babelfish.png b/build/deb-rust-pluriton-interface/Babelfish.png new file mode 100644 index 0000000..4be7d42 Binary files /dev/null and b/build/deb-rust-pluriton-interface/Babelfish.png differ diff --git a/build/deb-rust-pluriton-interface/Digi_3corner.png b/build/deb-rust-pluriton-interface/Digi_3corner.png new file mode 100644 index 0000000..84e4fd6 Binary files /dev/null and b/build/deb-rust-pluriton-interface/Digi_3corner.png differ diff --git a/build/deb-rust-pluriton-interface/Digi_3corner_up.png b/build/deb-rust-pluriton-interface/Digi_3corner_up.png new file mode 100644 index 0000000..ea86658 Binary files /dev/null and b/build/deb-rust-pluriton-interface/Digi_3corner_up.png differ diff --git a/build/deb-rust-pluriton-interface/Dockerfile b/build/deb-rust-pluriton-interface/Dockerfile new file mode 100644 index 0000000..1b25311 --- /dev/null +++ b/build/deb-rust-pluriton-interface/Dockerfile @@ -0,0 +1,21 @@ +FROM rust:slim + +WORKDIR /opt + +# Install needed dependecies +RUN echo "deb http://deb.debian.org/debian/ stretch main contrib non-free" >> /etc/apt/sources.list + +RUN echo "deb-src http://deb.debian.org/debian/ stretch main contrib non-free" >> /etc/apt/sources.list + +RUN apt-get update && apt-cache search libssl +RUN apt-get update && apt-get install -y \ +build-essential checkinstall zlib1g-dev pkg-config libssl1.0-dev -y + +COPY pluriton-interface pluriton-interface + +WORKDIR /opt/pluriton-interface + +CMD cargo run --no-default-features + + + diff --git a/build/deb-rust-pluriton-interface/Dockerfile.save b/build/deb-rust-pluriton-interface/Dockerfile.save new file mode 100644 index 0000000..df75125 --- /dev/null +++ b/build/deb-rust-pluriton-interface/Dockerfile.save @@ -0,0 +1,48 @@ +FROM rust:slim + +WORKDIR /opt + +# Install needed dependecies + +RUN echo "deb http://ftp.de.debian.org/debian unstable main contrib" | tee -a /etc/apt/sources.list + +RUN apt-get update && apt-get install -y libmysql++-dev git + +RUN git clone https://git.42l.fr/neil/sncf.git + +WORKDIR /opt/sncf + +COPY config.toml /opt/sncf/config.toml + +# graphics individualization + +COPY foorms_logo_beta.svg /opt/sncf/templates/assets/foorms_logo_beta.svg + +COPY white-background.png /opt/sncf/templates/assets/index-background.png + +COPY Digi_3corner.png /opt/sncf/templates/assets/flavicon.ico + +COPY index.css /opt/sncf/templates/assets/index.css + +COPY cloud.css /opt/sncf/templates/assets/cloud.css + +COPY bootstrap.min.css /opt/sncf/templates/assets/bootstrap.min.css + +COPY digitalcourage.css /opt/sncf/templates/assets/digitalcourage.css + +COPY index.html /opt/sncf/templates/index.html + +COPY link.html /opt/sncf/templates/link.html + +COPY forward.rs /opt/sncf/src/forward.rs + +#COPY templates.rs /opt/sncf/src/templates.rs + +# The written is just firstly a hack + +COPY lang.json /opt/sncf/lang.json + +CMD cargo run --no-default-features --features mysql + + + diff --git a/build/deb-rust-pluriton-interface/account.rs b/build/deb-rust-pluriton-interface/account.rs new file mode 100644 index 0000000..55ce1ba --- /dev/null +++ b/build/deb-rust-pluriton-interface/account.rs @@ -0,0 +1,281 @@ +use actix_web::client::Client; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use base64::URL_SAFE_NO_PAD; +use percent_encoding::percent_decode_str; +use rand::rngs::OsRng; +use rand::Rng; +use rand::RngCore; +use regex::Regex; +use std::collections::HashMap; +use std::time::Duration; +use crate::config::{ADJ_LIST, NAME_LIST, PROXY_TIMEOUT, USER_AGENT}; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::templates::get_lang; +use crate::CONFIG; +#[derive(Serialize)] +struct NCLoginForm<'a> { + pub user: &'a str, + pub password: &'a str, + pub timezone: &'a str, + pub timezone_offset: &'a str, + pub requesttoken: &'a str, +} +// check if the user is connected to Nextcloud +// returns Some(cookie_raw_value) if connected +// returns None if disconnected +pub fn is_logged_in(req: &HttpRequest) -> Option<&str> { + let c = req.headers().get("Cookie")?.to_str().ok()?; + if c.contains("nc_username") { + Some(c) + } else { + None + } +} +// attempts to create the account from Nextcloud's API +// returns the newly created username. +// if it fails (bad return code), returns None. +pub async fn create_account( + client: &web::Data, + user: &str, + password: &str, + lang: String, +) -> Result { + let mut register_query = client + .post(format!( + "{}/{}", + CONFIG.nextcloud_url, "ocs/v1.php/cloud/users" + )) + .timeout(Duration::new(PROXY_TIMEOUT, 0)) + .basic_auth(&CONFIG.admin_username, Some(&CONFIG.admin_password)) + .header( + http::header::CONTENT_TYPE, + "application/x-www-form-urlencoded", + ) + .header("OCS-APIRequest", "true") + .send_form(&NCCreateAccountForm { + userid: user, + password, + quota: "0B", + language: &lang, + }) + .await + .map_err(|e| { + eprintln!("error_createaccount_post: {}", e); + crash(lang.clone(), "error_createaccount_post") + })?; + // only 200 http status code is allowed + if register_query.status() != 200 { + eprintln!("error_createaccount_status: {}", register_query.status()); + // + extract response body for debugging purposes + let response_body = register_query.body().await.map_err(|e| { + eprintln!("error_createaccount_post_body: {}", e); + crash(lang.clone(), "error_createaccount_post_body") + })?; + debug(&format!("Body: {:#?}", response_body)); + return Err(crash(lang.clone(), "error_createaccount_status")); + } + // extract response body + let response_body = register_query.body().await.map_err(|e| { + eprintln!("error_createaccount_post_body: {}", e); + crash(lang.clone(), "error_createaccount_post_body") + })?; + let response_body = String::from_utf8_lossy(&response_body); + // grasp NC status code + let status_start = response_body.find("").ok_or_else(|| { + eprintln!("error_createaccount_ncstatus_parse: start missing"); + crash(lang.clone(), "error_createaccount_ncstatus_parse") + })? + 12; + let status_end = response_body.find("").ok_or_else(|| { + eprintln!("error_createaccount_ncstatus_parse: end missing"); + crash(lang.clone(), "error_createaccount_ncstatus_parse") + })?; + let code = &response_body[status_start..status_end]; + match code.parse::() { + Ok(100) => Ok(String::from(user)), // success + Ok(r) => { + eprintln!("error_createaccount_ncstatus: {}", r); + Err(crash(lang.clone(), "error_createaccount_ncstatus")) + } + Err(e) => { + eprintln!("error_createaccount_ncstatus_parse: {}", e); + Err(crash(lang.clone(), "error_createaccount_ncstatus_parse")) + } + } +} +#[derive(Serialize)] +struct NCCreateAccountForm<'a> { + pub userid: &'a str, + pub password: &'a str, + pub quota: &'a str, + pub language: &'a str, +} +pub async fn login( + client: &web::Data, + req: &HttpRequest, + user: &str, + password: &str, +) -> Result { + debug(&format!("Sending forged login for user {}", user)); + // 1. GET /csrftoken + let mut login_get = client + .get(format!("{}/{}", CONFIG.nextcloud_url, "csrftoken")) + .timeout(Duration::new(PROXY_TIMEOUT, 0)) + .header("User-Agent", USER_AGENT) + .header("Accept-Language" , "fr" ) + .send() + .await + .map_err(|e| { + eprintln!("error_login_get: {}", e); + crash(get_lang(&req), "error_login_get") + })?; + // rewrite cookie headers from GET to POST + let mut str_cookiepair = String::new(); + // remove duplicate oc cookie (nextcloud bug) + // leading to sncf being unable to forge logins + let cookie_set = login_get.headers().get_all("set-cookie"); + let mut cookie_map: HashMap = HashMap::new(); + for c in cookie_set { + // get str version of cookie header + let c_str = c.to_str().map_err(|e| { + eprintln!("error_login_cookiepair (1): {}", e); + crash(get_lang(&req), "error_login_cookiepair") + })?; + // percent decode + let c_str = percent_decode_str(c_str).decode_utf8_lossy(); + //then remove values after ';' + let c_str_arr = c_str.split(';').collect::>(); + let c_str = c_str_arr + .first() + .expect("error: cookiepair split does not have a first value. shouldn't happen."); + // split cookie key and cookie value + // split_once would work best but it's nightly-only for now + let c_str_arr = c_str.split('=').collect::>(); + let c_key = c_str_arr + .first() + .expect("error: cookie key split does not have a first value, shouldn't happen."); + let c_value = c_str.replace(&format!("{}=", c_key), ""); + if c_key != c_str { + // if the key already exists in hashmap, replace its value + // else, insert it + if let Some(c_sel) = cookie_map.get_mut(*c_key) { + *c_sel = c_value; + } else { + cookie_map.insert(c_key.to_string(), c_value); + } + } else { + eprintln!("error_login_cookiepair (2)"); + return Err(crash(get_lang(&req), "error_login_cookiepair")); + } + } + for (cookie_k, cookie_v) in cookie_map { + str_cookiepair.push_str(&format!("{}={}; ", cookie_k, cookie_v)); + } + // load requesttoken regex + lazy_static! { + static ref RE: Regex = Regex::new(r#"\{"token":"(?P[^"]*)"\}"#) + .expect("Error while parsing the requesttoken regex"); + } + let post_body = login_get.body().await.map_err(|e| { + eprintln!("error_login_get_body: {}", e); + crash(get_lang(&req), "error_login_get_body") + })?; + let post_body_str = String::from_utf8_lossy(&post_body); + // save requesttoken (CSRF) for POST + let requesttoken = RE + .captures(&post_body_str) + .ok_or_else(|| { + eprintln!("error_login_regex (no capture)"); + crash(get_lang(&req), "error_login_regex") + })? + .name("token") + .ok_or_else(|| { + eprintln!("error_login_regex (no capture named token)"); + crash(get_lang(&req), "error_login_regex") + })? + .as_str(); + // 2. POST /login + let mut login_post = client + .post(format!("{}/{}", CONFIG.nextcloud_url, "login")) + .timeout(Duration::new(PROXY_TIMEOUT, 0)) + .header("User-Agent", USER_AGENT) + .header("Accept-Language" , "fr" ); + // include all NC cookies in one cookie (cookie pair) + login_post = login_post.header("Cookie", str_cookiepair); + // send the same POST data as you'd log in from a web browser + let response_post = login_post + .send_form(&NCLoginForm { + user, + password, + timezone: "UTC", + timezone_offset: "2", + requesttoken, + }) + .await + .map_err(|e| { + eprintln!("error_login_post: {}", e); + crash(get_lang(&req), "error_login_post") + })?; + // 3. set the same cookies in the user's browser + let mut user_response = HttpResponse::SeeOther(); + for item in response_post.headers().clone().get_all("set-cookie") { + user_response.header( + "Set-Cookie", + item.to_str().map_err(|e| { + eprintln!("error_login_setcookie: {}", e); + crash(get_lang(&req), "error_login_setcookie") + })?, + ); + } + // redirect to forms! + Ok(user_response + .header("Accept-Language", "fr" ) + .header(http::header::LOCATION, "/apps/forms") + .finish() + .await + .map_err(|e| { + eprintln!("error_login_redir: {}", e); + crash(get_lang(&req), "error_login_redir") + })?) +} +// checks if the token seems valid before asking the db. +// The token must be 45 bytes long and base64-encoded. +// returns true if the token is valid +pub fn check_token(token: &str) -> bool { + let token_dec = base64::decode_config(token, URL_SAFE_NO_PAD); + if let Ok(token_bytes) = token_dec { + token_bytes.len() == 45 + } else { + false + } +} +// generates a new token +pub fn gen_token(size: usize) -> String { + // Using /dev/random to generate random bytes + let mut r = OsRng; + let mut my_secure_bytes = vec![0u8; size]; + r.fill_bytes(&mut my_secure_bytes); + base64::encode_config(my_secure_bytes, URL_SAFE_NO_PAD) +} +// generates a random username composed of +// an adjective, a name and a 4-byte base64-encoded token. +// with the default list, that represents: +// 141 * 880 = 124 080 +// 255^4 / 2 = 2 114 125 312 (we lose approx. the half because of uppercase) +// 2 114 125 312 * 124 080 = 2.623206687*10^14 possible combinations?? +pub fn gen_name() -> String { + // uppercasing gen_token because NC would probably refuse two + // users with the same name but a different case + // and that'd be a pain to debug + format!( + "{}{}-{}", + list_rand(&ADJ_LIST), + list_rand(&NAME_LIST), + gen_token(4).to_uppercase() + ) +} +pub fn list_rand(list: &[String]) -> &String { + let mut rng = rand::thread_rng(); + let roll = rng.gen_range(0..list.len() - 1); + &list[roll] +} diff --git a/build/deb-rust-pluriton-interface/bootstrap.min.css b/build/deb-rust-pluriton-interface/bootstrap.min.css new file mode 100644 index 0000000..aa60b30 --- /dev/null +++ b/build/deb-rust-pluriton-interface/bootstrap.min.css @@ -0,0 +1,6 @@ +/*! + * Bootstrap v3.3.7 (http://getbootstrap.com) + * Copyright 2011-2016 Twitter, Inc. + * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) + *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr{height:0;-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box}pre{overflow:auto}code,kbd,pre,samp{font-family:monospace,monospace;font-size:1em}button,input,optgroup,select,textarea{margin:0;font:inherit;color:inherit}button{overflow:visible}button,select{text-transform:none}button,html input[type=button],input[type=reset],input[type=submit]{-webkit-appearance:button;cursor:pointer}button[disabled],html input[disabled]{cursor:default}button::-moz-focus-inner,input::-moz-focus-inner{padding:0;border:0}input{line-height:normal}input[type=checkbox],input[type=radio]{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;padding:0}input[type=number]::-webkit-inner-spin-button,input[type=number]::-webkit-outer-spin-button{height:auto}input[type=search]{-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;-webkit-appearance:textfield}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}fieldset{padding:.35em .625em .75em;margin:0 2px;border:1px solid silver}legend{padding:0;border:0}textarea{overflow:auto}optgroup{font-weight:700}table{border-spacing:0;border-collapse:collapse}td,th{padding:0}/*! Source: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css */@media print{*,:after,:before{color:#000!important;text-shadow:none!important;background:0 0!important;-webkit-box-shadow:none!important;box-shadow:none!important}a,a:visited{text-decoration:underline}a[href]:after{content:" (" attr(href) ")"}abbr[title]:after{content:" (" attr(title) ")"}a[href^="javascript:"]:after,a[href^="#"]:after{content:""}blockquote,pre{border:1px solid #999;page-break-inside:avoid}thead{display:table-header-group}img,tr{page-break-inside:avoid}img{max-width:100%!important}h2,h3,p{orphans:3;widows:3}h2,h3{page-break-after:avoid}.navbar{display:none}.btn>.caret,.dropup>.btn>.caret{border-top-color:#000!important}.label{border:1px solid #000}.table{border-collapse:collapse!important}.table td,.table th{background-color:#fff!important}.table-bordered td,.table-bordered th{border:1px solid #ddd!important}}@font-face{font-family:'Glyphicons Halflings';src:url(../fonts/glyphicons-halflings-regular.eot);src:url(../fonts/glyphicons-halflings-regular.eot?#iefix) format('embedded-opentype'),url(../fonts/glyphicons-halflings-regular.woff2) format('woff2'),url(../fonts/glyphicons-halflings-regular.woff) format('woff'),url(../fonts/glyphicons-halflings-regular.ttf) format('truetype'),url(../fonts/glyphicons-halflings-regular.svg#glyphicons_halflingsregular) format('svg')}.glyphicon{position:relative;top:1px;display:inline-block;font-family:'Glyphicons Halflings';font-style:normal;font-weight:400;line-height:1;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.glyphicon-asterisk:before{content:"\002a"}.glyphicon-plus:before{content:"\002b"}.glyphicon-eur:before,.glyphicon-euro:before{content:"\20ac"}.glyphicon-minus:before{content:"\2212"}.glyphicon-cloud:before{content:"\2601"}.glyphicon-envelope:before{content:"\2709"}.glyphicon-pencil:before{content:"\270f"}.glyphicon-glass:before{content:"\e001"}.glyphicon-music:before{content:"\e002"}.glyphicon-search:before{content:"\e003"}.glyphicon-heart:before{content:"\e005"}.glyphicon-star:before{content:"\e006"}.glyphicon-star-empty:before{content:"\e007"}.glyphicon-user:before{content:"\e008"}.glyphicon-film:before{content:"\e009"}.glyphicon-th-large:before{content:"\e010"}.glyphicon-th:before{content:"\e011"}.glyphicon-th-list:before{content:"\e012"}.glyphicon-ok:before{content:"\e013"}.glyphicon-remove:before{content:"\e014"}.glyphicon-zoom-in:before{content:"\e015"}.glyphicon-zoom-out:before{content:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:before{content:"\e018"}.glyphicon-cog:before{content:"\e019"}.glyphicon-trash:before{content:"\e020"}.glyphicon-home:before{content:"\e021"}.glyphicon-file:before{content:"\e022"}.glyphicon-time:before{content:"\e023"}.glyphicon-road:before{content:"\e024"}.glyphicon-download-alt:before{content:"\e025"}.glyphicon-download:before{content:"\e026"}.glyphicon-upload:before{content:"\e027"}.glyphicon-inbox:before{content:"\e028"}.glyphicon-play-circle:before{content:"\e029"}.glyphicon-repeat:before{content:"\e030"}.glyphicon-refresh:before{content:"\e031"}.glyphicon-list-alt:before{content:"\e032"}.glyphicon-lock:before{content:"\e033"}.glyphicon-flag:before{content:"\e034"}.glyphicon-headphones:before{content:"\e035"}.glyphicon-volume-off:before{content:"\e036"}.glyphicon-volume-down:before{content:"\e037"}.glyphicon-volume-up:before{content:"\e038"}.glyphicon-qrcode:before{content:"\e039"}.glyphicon-barcode:before{content:"\e040"}.glyphicon-tag:before{content:"\e041"}.glyphicon-tags:before{content:"\e042"}.glyphicon-book:before{content:"\e043"}.glyphicon-bookmark:before{content:"\e044"}.glyphicon-print:before{content:"\e045"}.glyphicon-camera:before{content:"\e046"}.glyphicon-font:before{content:"\e047"}.glyphicon-bold:before{content:"\e048"}.glyphicon-italic:before{content:"\e049"}.glyphicon-text-height:before{content:"\e050"}.glyphicon-text-width:before{content:"\e051"}.glyphicon-align-left:before{content:"\e052"}.glyphicon-align-center:before{content:"\e053"}.glyphicon-align-right:before{content:"\e054"}.glyphicon-align-justify:before{content:"\e055"}.glyphicon-list:before{content:"\e056"}.glyphicon-indent-left:before{content:"\e057"}.glyphicon-indent-right:before{content:"\e058"}.glyphicon-facetime-video:before{content:"\e059"}.glyphicon-picture:before{content:"\e060"}.glyphicon-map-marker:before{content:"\e062"}.glyphicon-adjust:before{content:"\e063"}.glyphicon-tint:before{content:"\e064"}.glyphicon-edit:before{content:"\e065"}.glyphicon-share:before{content:"\e066"}.glyphicon-check:before{content:"\e067"}.glyphicon-move:before{content:"\e068"}.glyphicon-step-backward:before{content:"\e069"}.glyphicon-fast-backward:before{content:"\e070"}.glyphicon-backward:before{content:"\e071"}.glyphicon-play:before{content:"\e072"}.glyphicon-pause:before{content:"\e073"}.glyphicon-stop:before{content:"\e074"}.glyphicon-forward:before{content:"\e075"}.glyphicon-fast-forward:before{content:"\e076"}.glyphicon-step-forward:before{content:"\e077"}.glyphicon-eject:before{content:"\e078"}.glyphicon-chevron-left:before{content:"\e079"}.glyphicon-chevron-right:before{content:"\e080"}.glyphicon-plus-sign:before{content:"\e081"}.glyphicon-minus-sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e083"}.glyphicon-ok-sign:before{content:"\e084"}.glyphicon-question-sign:before{content:"\e085"}.glyphicon-info-sign:before{content:"\e086"}.glyphicon-screenshot:before{content:"\e087"}.glyphicon-remove-circle:before{content:"\e088"}.glyphicon-ok-circle:before{content:"\e089"}.glyphicon-ban-circle:before{content:"\e090"}.glyphicon-arrow-left:before{content:"\e091"}.glyphicon-arrow-right:before{content:"\e092"}.glyphicon-arrow-up:before{content:"\e093"}.glyphicon-arrow-down:before{content:"\e094"}.glyphicon-share-alt:before{content:"\e095"}.glyphicon-resize-full:before{content:"\e096"}.glyphicon-resize-small:before{content:"\e097"}.glyphicon-exclamation-sign:before{content:"\e101"}.glyphicon-gift:before{content:"\e102"}.glyphicon-leaf:before{content:"\e103"}.glyphicon-fire:before{content:"\e104"}.glyphicon-eye-open:before{content:"\e105"}.glyphicon-eye-close:before{content:"\e106"}.glyphicon-warning-sign:before{content:"\e107"}.glyphicon-plane:before{content:"\e108"}.glyphicon-calendar:before{content:"\e109"}.glyphicon-random:before{content:"\e110"}.glyphicon-comment:before{content:"\e111"}.glyphicon-magnet:before{content:"\e112"}.glyphicon-chevron-up:before{content:"\e113"}.glyphicon-chevron-down:before{content:"\e114"}.glyphicon-retweet:before{content:"\e115"}.glyphicon-shopping-cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\e117"}.glyphicon-folder-open:before{content:"\e118"}.glyphicon-resize-vertical:before{content:"\e119"}.glyphicon-resize-horizontal:before{content:"\e120"}.glyphicon-hdd:before{content:"\e121"}.glyphicon-bullhorn:before{content:"\e122"}.glyphicon-bell:before{content:"\e123"}.glyphicon-certificate:before{content:"\e124"}.glyphicon-thumbs-up:before{content:"\e125"}.glyphicon-thumbs-down:before{content:"\e126"}.glyphicon-hand-right:before{content:"\e127"}.glyphicon-hand-left:before{content:"\e128"}.glyphicon-hand-up:before{content:"\e129"}.glyphicon-hand-down:before{content:"\e130"}.glyphicon-circle-arrow-right:before{content:"\e131"}.glyphicon-circle-arrow-left:before{content:"\e132"}.glyphicon-circle-arrow-up:before{content:"\e133"}.glyphicon-circle-arrow-down:before{content:"\e134"}.glyphicon-globe:before{content:"\e135"}.glyphicon-wrench:before{content:"\e136"}.glyphicon-tasks:before{content:"\e137"}.glyphicon-filter:before{content:"\e138"}.glyphicon-briefcase:before{content:"\e139"}.glyphicon-fullscreen:before{content:"\e140"}.glyphicon-dashboard:before{content:"\e141"}.glyphicon-paperclip:before{content:"\e142"}.glyphicon-heart-empty:before{content:"\e143"}.glyphicon-link:before{content:"\e144"}.glyphicon-phone:before{content:"\e145"}.glyphicon-pushpin:before{content:"\e146"}.glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e149"}.glyphicon-sort:before{content:"\e150"}.glyphicon-sort-by-alphabet:before{content:"\e151"}.glyphicon-sort-by-alphabet-alt:before{content:"\e152"}.glyphicon-sort-by-order:before{content:"\e153"}.glyphicon-sort-by-order-alt:before{content:"\e154"}.glyphicon-sort-by-attributes:before{content:"\e155"}.glyphicon-sort-by-attributes-alt:before{content:"\e156"}.glyphicon-unchecked:before{content:"\e157"}.glyphicon-expand:before{content:"\e158"}.glyphicon-collapse-down:before{content:"\e159"}.glyphicon-collapse-up:before{content:"\e160"}.glyphicon-log-in:before{content:"\e161"}.glyphicon-flash:before{content:"\e162"}.glyphicon-log-out:before{content:"\e163"}.glyphicon-new-window:before{content:"\e164"}.glyphicon-record:before{content:"\e165"}.glyphicon-save:before{content:"\e166"}.glyphicon-open:before{content:"\e167"}.glyphicon-saved:before{content:"\e168"}.glyphicon-import:before{content:"\e169"}.glyphicon-export:before{content:"\e170"}.glyphicon-send:before{content:"\e171"}.glyphicon-floppy-disk:before{content:"\e172"}.glyphicon-floppy-saved:before{content:"\e173"}.glyphicon-floppy-remove:before{content:"\e174"}.glyphicon-floppy-save:before{content:"\e175"}.glyphicon-floppy-open:before{content:"\e176"}.glyphicon-credit-card:before{content:"\e177"}.glyphicon-transfer:before{content:"\e178"}.glyphicon-cutlery:before{content:"\e179"}.glyphicon-header:before{content:"\e180"}.glyphicon-compressed:before{content:"\e181"}.glyphicon-earphone:before{content:"\e182"}.glyphicon-phone-alt:before{content:"\e183"}.glyphicon-tower:before{content:"\e184"}.glyphicon-stats:before{content:"\e185"}.glyphicon-sd-video:before{content:"\e186"}.glyphicon-hd-video:before{content:"\e187"}.glyphicon-subtitles:before{content:"\e188"}.glyphicon-sound-stereo:before{content:"\e189"}.glyphicon-sound-dolby:before{content:"\e190"}.glyphicon-sound-5-1:before{content:"\e191"}.glyphicon-sound-6-1:before{content:"\e192"}.glyphicon-sound-7-1:before{content:"\e193"}.glyphicon-copyright-mark:before{content:"\e194"}.glyphicon-registration-mark:before{content:"\e195"}.glyphicon-cloud-download:before{content:"\e197"}.glyphicon-cloud-upload:before{content:"\e198"}.glyphicon-tree-conifer:before{content:"\e199"}.glyphicon-tree-deciduous:before{content:"\e200"}.glyphicon-cd:before{content:"\e201"}.glyphicon-save-file:before{content:"\e202"}.glyphicon-open-file:before{content:"\e203"}.glyphicon-level-up:before{content:"\e204"}.glyphicon-copy:before{content:"\e205"}.glyphicon-paste:before{content:"\e206"}.glyphicon-alert:before{content:"\e209"}.glyphicon-equalizer:before{content:"\e210"}.glyphicon-king:before{content:"\e211"}.glyphicon-queen:before{content:"\e212"}.glyphicon-pawn:before{content:"\e213"}.glyphicon-bishop:before{content:"\e214"}.glyphicon-knight:before{content:"\e215"}.glyphicon-baby-formula:before{content:"\e216"}.glyphicon-tent:before{content:"\26fa"}.glyphicon-blackboard:before{content:"\e218"}.glyphicon-bed:before{content:"\e219"}.glyphicon-apple:before{content:"\f8ff"}.glyphicon-erase:before{content:"\e221"}.glyphicon-hourglass:before{content:"\231b"}.glyphicon-lamp:before{content:"\e223"}.glyphicon-duplicate:before{content:"\e224"}.glyphicon-piggy-bank:before{content:"\e225"}.glyphicon-scissors:before{content:"\e226"}.glyphicon-bitcoin:before{content:"\e227"}.glyphicon-btc:before{content:"\e227"}.glyphicon-xbt:before{content:"\e227"}.glyphicon-yen:before{content:"\00a5"}.glyphicon-jpy:before{content:"\00a5"}.glyphicon-ruble:before{content:"\20bd"}.glyphicon-rub:before{content:"\20bd"}.glyphicon-scale:before{content:"\e230"}.glyphicon-ice-lolly:before{content:"\e231"}.glyphicon-ice-lolly-tasted:before{content:"\e232"}.glyphicon-education:before{content:"\e233"}.glyphicon-option-horizontal:before{content:"\e234"}.glyphicon-option-vertical:before{content:"\e235"}.glyphicon-menu-hamburger:before{content:"\e236"}.glyphicon-modal-window:before{content:"\e237"}.glyphicon-oil:before{content:"\e238"}.glyphicon-grain:before{content:"\e239"}.glyphicon-sunglasses:before{content:"\e240"}.glyphicon-text-size:before{content:"\e241"}.glyphicon-text-color:before{content:"\e242"}.glyphicon-text-background:before{content:"\e243"}.glyphicon-object-align-top:before{content:"\e244"}.glyphicon-object-align-bottom:before{content:"\e245"}.glyphicon-object-align-horizontal:before{content:"\e246"}.glyphicon-object-align-left:before{content:"\e247"}.glyphicon-object-align-vertical:before{content:"\e248"}.glyphicon-object-align-right:before{content:"\e249"}.glyphicon-triangle-right:before{content:"\e250"}.glyphicon-triangle-left:before{content:"\e251"}.glyphicon-triangle-bottom:before{content:"\e252"}.glyphicon-triangle-top:before{content:"\e253"}.glyphicon-console:before{content:"\e254"}.glyphicon-superscript:before{content:"\e255"}.glyphicon-subscript:before{content:"\e256"}.glyphicon-menu-left:before{content:"\e257"}.glyphicon-menu-right:before{content:"\e258"}.glyphicon-menu-down:before{content:"\e259"}.glyphicon-menu-up:before{content:"\e260"}*{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}:after,:before{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}html{font-size:10px;-webkit-tap-highlight-color:rgba(0,0,0,0)}body{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;line-height:1.42857143;color:#333;background-color:#fff}button,input,select,textarea{font-family:inherit;font-size:inherit;line-height:inherit}a{color:#337ab7;text-decoration:none}a:focus,a:hover{color:#23527c;text-decoration:none}a:focus{outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}figure{margin:0}img{vertical-align:middle}.carousel-inner>.item>a>img,.carousel-inner>.item>img,.img-responsive,.thumbnail a>img,.thumbnail>img{display:block;max-width:100%;height:auto}.img-rounded{border-radius:6px}.img-thumbnail{display:inline-block;max-width:100%;height:auto;padding:4px;line-height:1.42857143;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:all .2s ease-in-out;-o-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.img-circle{border-radius:50%}hr{margin-top:20px;margin-bottom:20px;border:0;border-top:1px solid #eee}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);border:0}.sr-only-focusable:active,.sr-only-focusable:focus{position:static;width:auto;height:auto;margin:0;overflow:visible;clip:auto}[role=button]{cursor:pointer}.h1,.h2,.h3,.h4,.h5,.h6,h1,h2,h3,h4,h5,h6{font-family:inherit;line-height:1.1;color:inherit}.h1 .small,.h1 small,.h2 .small,.h2 small,.h3 .small,.h3 small,.h4 .small,.h4 small,.h5 .small,.h5 small,.h6 .small,.h6 small,h1 .small,h1 small,h2 .small,h2 small,h3 .small,h3 small,h4 .small,h4 small,h5 .small,h5 small,h6 .small,h6 small{font-weight:400;line-height:1;color:#777}.h1,.h2,.h3,h1,h2,h3{margin-top:0px;margin-bottom:0px}.h1 .small,.h1 small,.h2 .small,.h2 small,.h3 .small,.h3 small,h1 .small,h1 small,h2 .small,h2 small,h3 .small,h3 small{font-size:65%}.h4,.h5,.h6,h4,h5,h6{margin-top:10px;margin-bottom:10px}.h4 .small,.h4 small,.h5 .small,.h5 small,.h6 .small,.h6 small,h4 .small,h4 small,h5 .small,h5 small,h6 .small,h6 small{font-size:75%}.h1,h1{font-size:36px}.h2,h2{font-size:30px}.h3,h3{font-size:24px}.h4,h4{font-size:18px}.h5,h5{font-size:14px}.h6,h6{font-size:12px}p{margin:0 0 0px}.lead{margin-bottom:0px;font-size:16px;font-weight:300;line-height:1.4}@media (min-width:768px){.lead{font-size:21px}}.small,small{font-size:85%}.mark,mark{padding:.2em;background-color:#fcf8e3}.text-left{text-align:left}.text-right{text-align:right}.text-center{text-align:center}.text-justify{text-align:justify}.text-nowrap{white-space:nowrap}.text-lowercase{text-transform:lowercase}.text-uppercase{text-transform:uppercase}.text-capitalize{text-transform:capitalize}.text-muted{color:#777}.text-primary{color:#337ab7}a.text-primary:focus,a.text-primary:hover{color:#286090}.text-success{color:#3c763d}a.text-success:focus,a.text-success:hover{color:#2b542c}.text-info{color:#31708f}a.text-info:focus,a.text-info:hover{color:#245269}.text-warning{color:#8a6d3b}a.text-warning:focus,a.text-warning:hover{color:#66512c}.text-danger{color:#a94442}a.text-danger:focus,a.text-danger:hover{color:#843534}.bg-primary{color:#fff;background-color:#337ab7}a.bg-primary:focus,a.bg-primary:hover{background-color:#286090}.bg-success{background-color:#dff0d8}a.bg-success:focus,a.bg-success:hover{background-color:#c1e2b3}.bg-info{background-color:#d9edf7}a.bg-info:focus,a.bg-info:hover{background-color:#afd9ee}.bg-warning{background-color:#fcf8e3}a.bg-warning:focus,a.bg-warning:hover{background-color:#f7ecb5}.bg-danger{background-color:#f2dede}a.bg-danger:focus,a.bg-danger:hover{background-color:#e4b9b9}.page-header{padding-bottom:9px;margin:40px 0 20px;border-bottom:1px solid #eee}ol,ul{margin-top:0;margin-bottom:10px}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}.list-unstyled{padding-left:0;list-style:none}.list-inline{padding-left:0;margin-left:-5px;list-style:none}.list-inline>li{display:inline-block;padding-right:5px;padding-left:5px}dl{margin-top:0;margin-bottom:20px}dd,dt{line-height:1.42857143}dt{font-weight:700}dd{margin-left:0}@media (min-width:768px){.dl-horizontal dt{float:left;width:160px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap}.dl-horizontal dd{margin-left:180px}}abbr[data-original-title],abbr[title]{cursor:help;border-bottom:1px dotted #777}.initialism{font-size:90%;text-transform:uppercase}blockquote{padding:10px 20px;margin:0 0 20px;font-size:17.5px;border-left:5px solid #eee}blockquote ol:last-child,blockquote p:last-child,blockquote ul:last-child{margin-bottom:0}blockquote .small,blockquote footer,blockquote small{display:block;font-size:80%;line-height:1.42857143;color:#777}blockquote .small:before,blockquote footer:before,blockquote small:before{content:'\2014 \00A0'}.blockquote-reverse,blockquote.pull-right{padding-right:15px;padding-left:0;text-align:right;border-right:5px solid #eee;border-left:0}.blockquote-reverse .small:before,.blockquote-reverse footer:before,.blockquote-reverse small:before,blockquote.pull-right .small:before,blockquote.pull-right footer:before,blockquote.pull-right small:before{content:''}.blockquote-reverse .small:after,.blockquote-reverse footer:after,.blockquote-reverse small:after,blockquote.pull-right .small:after,blockquote.pull-right footer:after,blockquote.pull-right small:after{content:'\00A0 \2014'}address{margin-bottom:20px;font-style:normal;line-height:1.42857143}code,kbd,pre,samp{font-family:Menlo,Monaco,Consolas,"Courier New",monospace}code{padding:2px 4px;font-size:90%;color:#c7254e;background-color:#f9f2f4;border-radius:4px}kbd{padding:2px 4px;font-size:90%;color:#fff;background-color:#333;border-radius:3px;-webkit-box-shadow:inset 0 -1px 0 rgba(0,0,0,.25);box-shadow:inset 0 -1px 0 rgba(0,0,0,.25)}kbd kbd{padding:0;font-size:100%;font-weight:700;-webkit-box-shadow:none;box-shadow:none}pre{display:block;padding:9.5px;margin:0 0 10px;font-size:13px;line-height:1.42857143;color:#333;word-break:break-all;word-wrap:break-word;background-color:#f5f5f5;border:1px solid #ccc;border-radius:4px}pre code{padding:0;font-size:inherit;color:inherit;white-space:pre-wrap;background-color:transparent;border-radius:0}.pre-scrollable{max-height:340px;overflow-y:scroll}.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}@media (min-width:768px){.container{width:750px}}@media (min-width:992px){.container{width:970px}}@media (min-width:1200px){.container{width:1170px}}.container-fluid{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}.row{margin-right:-15px;margin-left:-15px}.col-lg-1,.col-lg-10,.col-lg-11,.col-lg-12,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-5,.col-lg-6,.col-lg-7,.col-lg-8,.col-lg-9,.col-md-1,.col-md-10,.col-md-11,.col-md-12,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-xs-1,.col-xs-10,.col-xs-11,.col-xs-12,.col-xs-2,.col-xs-3,.col-xs-4,.col-xs-5,.col-xs-6,.col-xs-7,.col-xs-8,.col-xs-9{position:relative;min-height:1px;padding-right:15px;padding-left:15px}.col-xs-1,.col-xs-10,.col-xs-11,.col-xs-12,.col-xs-2,.col-xs-3,.col-xs-4,.col-xs-5,.col-xs-6,.col-xs-7,.col-xs-8,.col-xs-9{float:left}.col-xs-12{width:100%}.col-xs-11{width:91.66666667%}.col-xs-10{width:83.33333333%}.col-xs-9{width:75%}.col-xs-8{width:66.66666667%}.col-xs-7{width:58.33333333%}.col-xs-6{width:50%}.col-xs-5{width:41.66666667%}.col-xs-4{width:33.33333333%}.col-xs-3{width:25%}.col-xs-2{width:16.66666667%}.col-xs-1{width:8.33333333%}.col-xs-pull-12{right:100%}.col-xs-pull-11{right:91.66666667%}.col-xs-pull-10{right:83.33333333%}.col-xs-pull-9{right:75%}.col-xs-pull-8{right:66.66666667%}.col-xs-pull-7{right:58.33333333%}.col-xs-pull-6{right:50%}.col-xs-pull-5{right:41.66666667%}.col-xs-pull-4{right:33.33333333%}.col-xs-pull-3{right:25%}.col-xs-pull-2{right:16.66666667%}.col-xs-pull-1{right:8.33333333%}.col-xs-pull-0{right:auto}.col-xs-push-12{left:100%}.col-xs-push-11{left:91.66666667%}.col-xs-push-10{left:83.33333333%}.col-xs-push-9{left:75%}.col-xs-push-8{left:66.66666667%}.col-xs-push-7{left:58.33333333%}.col-xs-push-6{left:50%}.col-xs-push-5{left:41.66666667%}.col-xs-push-4{left:33.33333333%}.col-xs-push-3{left:25%}.col-xs-push-2{left:16.66666667%}.col-xs-push-1{left:8.33333333%}.col-xs-push-0{left:auto}.col-xs-offset-12{margin-left:100%}.col-xs-offset-11{margin-left:91.66666667%}.col-xs-offset-10{margin-left:83.33333333%}.col-xs-offset-9{margin-left:75%}.col-xs-offset-8{margin-left:66.66666667%}.col-xs-offset-7{margin-left:58.33333333%}.col-xs-offset-6{margin-left:50%}.col-xs-offset-5{margin-left:41.66666667%}.col-xs-offset-4{margin-left:33.33333333%}.col-xs-offset-3{margin-left:25%}.col-xs-offset-2{margin-left:16.66666667%}.col-xs-offset-1{margin-left:8.33333333%}.col-xs-offset-0{margin-left:0}@media (min-width:768px){.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9{float:left}.col-sm-12{width:100%}.col-sm-11{width:91.66666667%}.col-sm-10{width:83.33333333%}.col-sm-9{width:75%}.col-sm-8{width:66.66666667%}.col-sm-7{width:58.33333333%}.col-sm-6{width:50%}.col-sm-5{width:41.66666667%}.col-sm-4{width:33.33333333%}.col-sm-3{width:25%}.col-sm-2{width:16.66666667%}.col-sm-1{width:8.33333333%}.col-sm-pull-12{right:100%}.col-sm-pull-11{right:91.66666667%}.col-sm-pull-10{right:83.33333333%}.col-sm-pull-9{right:75%}.col-sm-pull-8{right:66.66666667%}.col-sm-pull-7{right:58.33333333%}.col-sm-pull-6{right:50%}.col-sm-pull-5{right:41.66666667%}.col-sm-pull-4{right:33.33333333%}.col-sm-pull-3{right:25%}.col-sm-pull-2{right:16.66666667%}.col-sm-pull-1{right:8.33333333%}.col-sm-pull-0{right:auto}.col-sm-push-12{left:100%}.col-sm-push-11{left:91.66666667%}.col-sm-push-10{left:83.33333333%}.col-sm-push-9{left:75%}.col-sm-push-8{left:66.66666667%}.col-sm-push-7{left:58.33333333%}.col-sm-push-6{left:50%}.col-sm-push-5{left:41.66666667%}.col-sm-push-4{left:33.33333333%}.col-sm-push-3{left:25%}.col-sm-push-2{left:16.66666667%}.col-sm-push-1{left:8.33333333%}.col-sm-push-0{left:auto}.col-sm-offset-12{margin-left:100%}.col-sm-offset-11{margin-left:91.66666667%}.col-sm-offset-10{margin-left:83.33333333%}.col-sm-offset-9{margin-left:75%}.col-sm-offset-8{margin-left:66.66666667%}.col-sm-offset-7{margin-left:58.33333333%}.col-sm-offset-6{margin-left:50%}.col-sm-offset-5{margin-left:41.66666667%}.col-sm-offset-4{margin-left:33.33333333%}.col-sm-offset-3{margin-left:25%}.col-sm-offset-2{margin-left:16.66666667%}.col-sm-offset-1{margin-left:8.33333333%}.col-sm-offset-0{margin-left:0}}@media (min-width:992px){.col-md-1,.col-md-10,.col-md-11,.col-md-12,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9{float:left}.col-md-12{width:100%}.col-md-11{width:91.66666667%}.col-md-10{width:83.33333333%}.col-md-9{width:75%}.col-md-8{width:66.66666667%}.col-md-7{width:58.33333333%}.col-md-6{width:50%}.col-md-5{width:41.66666667%}.col-md-4{width:33.33333333%}.col-md-3{width:25%}.col-md-2{width:16.66666667%}.col-md-1{width:8.33333333%}.col-md-pull-12{right:100%}.col-md-pull-11{right:91.66666667%}.col-md-pull-10{right:83.33333333%}.col-md-pull-9{right:75%}.col-md-pull-8{right:66.66666667%}.col-md-pull-7{right:58.33333333%}.col-md-pull-6{right:50%}.col-md-pull-5{right:41.66666667%}.col-md-pull-4{right:33.33333333%}.col-md-pull-3{right:25%}.col-md-pull-2{right:16.66666667%}.col-md-pull-1{right:8.33333333%}.col-md-pull-0{right:auto}.col-md-push-12{left:100%}.col-md-push-11{left:91.66666667%}.col-md-push-10{left:83.33333333%}.col-md-push-9{left:75%}.col-md-push-8{left:66.66666667%}.col-md-push-7{left:58.33333333%}.col-md-push-6{left:50%}.col-md-push-5{left:41.66666667%}.col-md-push-4{left:33.33333333%}.col-md-push-3{left:25%}.col-md-push-2{left:16.66666667%}.col-md-push-1{left:8.33333333%}.col-md-push-0{left:auto}.col-md-offset-12{margin-left:100%}.col-md-offset-11{margin-left:91.66666667%}.col-md-offset-10{margin-left:83.33333333%}.col-md-offset-9{margin-left:75%}.col-md-offset-8{margin-left:66.66666667%}.col-md-offset-7{margin-left:58.33333333%}.col-md-offset-6{margin-left:50%}.col-md-offset-5{margin-left:41.66666667%}.col-md-offset-4{margin-left:33.33333333%}.col-md-offset-3{margin-left:25%}.col-md-offset-2{margin-left:16.66666667%}.col-md-offset-1{margin-left:8.33333333%}.col-md-offset-0{margin-left:0}}@media (min-width:1200px){.col-lg-1,.col-lg-10,.col-lg-11,.col-lg-12,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-5,.col-lg-6,.col-lg-7,.col-lg-8,.col-lg-9{float:left}.col-lg-12{width:100%}.col-lg-11{width:91.66666667%}.col-lg-10{width:83.33333333%}.col-lg-9{width:75%}.col-lg-8{width:66.66666667%}.col-lg-7{width:58.33333333%}.col-lg-6{width:50%}.col-lg-5{width:41.66666667%}.col-lg-4{width:33.33333333%}.col-lg-3{width:25%}.col-lg-2{width:16.66666667%}.col-lg-1{width:8.33333333%}.col-lg-pull-12{right:100%}.col-lg-pull-11{right:91.66666667%}.col-lg-pull-10{right:83.33333333%}.col-lg-pull-9{right:75%}.col-lg-pull-8{right:66.66666667%}.col-lg-pull-7{right:58.33333333%}.col-lg-pull-6{right:50%}.col-lg-pull-5{right:41.66666667%}.col-lg-pull-4{right:33.33333333%}.col-lg-pull-3{right:25%}.col-lg-pull-2{right:16.66666667%}.col-lg-pull-1{right:8.33333333%}.col-lg-pull-0{right:auto}.col-lg-push-12{left:100%}.col-lg-push-11{left:91.66666667%}.col-lg-push-10{left:83.33333333%}.col-lg-push-9{left:75%}.col-lg-push-8{left:66.66666667%}.col-lg-push-7{left:58.33333333%}.col-lg-push-6{left:50%}.col-lg-push-5{left:41.66666667%}.col-lg-push-4{left:33.33333333%}.col-lg-push-3{left:25%}.col-lg-push-2{left:16.66666667%}.col-lg-push-1{left:8.33333333%}.col-lg-push-0{left:auto}.col-lg-offset-12{margin-left:100%}.col-lg-offset-11{margin-left:91.66666667%}.col-lg-offset-10{margin-left:83.33333333%}.col-lg-offset-9{margin-left:75%}.col-lg-offset-8{margin-left:66.66666667%}.col-lg-offset-7{margin-left:58.33333333%}.col-lg-offset-6{margin-left:50%}.col-lg-offset-5{margin-left:41.66666667%}.col-lg-offset-4{margin-left:33.33333333%}.col-lg-offset-3{margin-left:25%}.col-lg-offset-2{margin-left:16.66666667%}.col-lg-offset-1{margin-left:8.33333333%}.col-lg-offset-0{margin-left:0}}table{background-color:transparent}caption{padding-top:8px;padding-bottom:8px;color:#777;text-align:left}th{text-align:left}.table{width:100%;max-width:100%;margin-bottom:20px}.table>tbody>tr>td,.table>tbody>tr>th,.table>tfoot>tr>td,.table>tfoot>tr>th,.table>thead>tr>td,.table>thead>tr>th{padding:8px;line-height:1.42857143;vertical-align:top;border-top:1px solid #ddd}.table>thead>tr>th{vertical-align:bottom;border-bottom:2px solid #ddd}.table>caption+thead>tr:first-child>td,.table>caption+thead>tr:first-child>th,.table>colgroup+thead>tr:first-child>td,.table>colgroup+thead>tr:first-child>th,.table>thead:first-child>tr:first-child>td,.table>thead:first-child>tr:first-child>th{border-top:0}.table>tbody+tbody{border-top:2px solid #ddd}.table .table{background-color:#fff}.table-condensed>tbody>tr>td,.table-condensed>tbody>tr>th,.table-condensed>tfoot>tr>td,.table-condensed>tfoot>tr>th,.table-condensed>thead>tr>td,.table-condensed>thead>tr>th{padding:5px}.table-bordered{border:1px solid #ddd}.table-bordered>tbody>tr>td,.table-bordered>tbody>tr>th,.table-bordered>tfoot>tr>td,.table-bordered>tfoot>tr>th,.table-bordered>thead>tr>td,.table-bordered>thead>tr>th{border:1px solid #ddd}.table-bordered>thead>tr>td,.table-bordered>thead>tr>th{border-bottom-width:2px}.table-striped>tbody>tr:nth-of-type(odd){background-color:#f9f9f9}.table-hover>tbody>tr:hover{background-color:#f5f5f5}table col[class*=col-]{position:static;display:table-column;float:none}table td[class*=col-],table th[class*=col-]{position:static;display:table-cell;float:none}.table>tbody>tr.active>td,.table>tbody>tr.active>th,.table>tbody>tr>td.active,.table>tbody>tr>th.active,.table>tfoot>tr.active>td,.table>tfoot>tr.active>th,.table>tfoot>tr>td.active,.table>tfoot>tr>th.active,.table>thead>tr.active>td,.table>thead>tr.active>th,.table>thead>tr>td.active,.table>thead>tr>th.active{background-color:#f5f5f5}.table-hover>tbody>tr.active:hover>td,.table-hover>tbody>tr.active:hover>th,.table-hover>tbody>tr:hover>.active,.table-hover>tbody>tr>td.active:hover,.table-hover>tbody>tr>th.active:hover{background-color:#e8e8e8}.table>tbody>tr.success>td,.table>tbody>tr.success>th,.table>tbody>tr>td.success,.table>tbody>tr>th.success,.table>tfoot>tr.success>td,.table>tfoot>tr.success>th,.table>tfoot>tr>td.success,.table>tfoot>tr>th.success,.table>thead>tr.success>td,.table>thead>tr.success>th,.table>thead>tr>td.success,.table>thead>tr>th.success{background-color:#dff0d8}.table-hover>tbody>tr.success:hover>td,.table-hover>tbody>tr.success:hover>th,.table-hover>tbody>tr:hover>.success,.table-hover>tbody>tr>td.success:hover,.table-hover>tbody>tr>th.success:hover{background-color:#d0e9c6}.table>tbody>tr.info>td,.table>tbody>tr.info>th,.table>tbody>tr>td.info,.table>tbody>tr>th.info,.table>tfoot>tr.info>td,.table>tfoot>tr.info>th,.table>tfoot>tr>td.info,.table>tfoot>tr>th.info,.table>thead>tr.info>td,.table>thead>tr.info>th,.table>thead>tr>td.info,.table>thead>tr>th.info{background-color:#d9edf7}.table-hover>tbody>tr.info:hover>td,.table-hover>tbody>tr.info:hover>th,.table-hover>tbody>tr:hover>.info,.table-hover>tbody>tr>td.info:hover,.table-hover>tbody>tr>th.info:hover{background-color:#c4e3f3}.table>tbody>tr.warning>td,.table>tbody>tr.warning>th,.table>tbody>tr>td.warning,.table>tbody>tr>th.warning,.table>tfoot>tr.warning>td,.table>tfoot>tr.warning>th,.table>tfoot>tr>td.warning,.table>tfoot>tr>th.warning,.table>thead>tr.warning>td,.table>thead>tr.warning>th,.table>thead>tr>td.warning,.table>thead>tr>th.warning{background-color:#fcf8e3}.table-hover>tbody>tr.warning:hover>td,.table-hover>tbody>tr.warning:hover>th,.table-hover>tbody>tr:hover>.warning,.table-hover>tbody>tr>td.warning:hover,.table-hover>tbody>tr>th.warning:hover{background-color:#faf2cc}.table>tbody>tr.danger>td,.table>tbody>tr.danger>th,.table>tbody>tr>td.danger,.table>tbody>tr>th.danger,.table>tfoot>tr.danger>td,.table>tfoot>tr.danger>th,.table>tfoot>tr>td.danger,.table>tfoot>tr>th.danger,.table>thead>tr.danger>td,.table>thead>tr.danger>th,.table>thead>tr>td.danger,.table>thead>tr>th.danger{background-color:#f2dede}.table-hover>tbody>tr.danger:hover>td,.table-hover>tbody>tr.danger:hover>th,.table-hover>tbody>tr:hover>.danger,.table-hover>tbody>tr>td.danger:hover,.table-hover>tbody>tr>th.danger:hover{background-color:#ebcccc}.table-responsive{min-height:.01%;overflow-x:auto}@media screen and (max-width:767px){.table-responsive{width:100%;margin-bottom:15px;overflow-y:hidden;-ms-overflow-style:-ms-autohiding-scrollbar;border:1px solid #ddd}.table-responsive>.table{margin-bottom:0}.table-responsive>.table>tbody>tr>td,.table-responsive>.table>tbody>tr>th,.table-responsive>.table>tfoot>tr>td,.table-responsive>.table>tfoot>tr>th,.table-responsive>.table>thead>tr>td,.table-responsive>.table>thead>tr>th{white-space:nowrap}.table-responsive>.table-bordered{border:0}.table-responsive>.table-bordered>tbody>tr>td:first-child,.table-responsive>.table-bordered>tbody>tr>th:first-child,.table-responsive>.table-bordered>tfoot>tr>td:first-child,.table-responsive>.table-bordered>tfoot>tr>th:first-child,.table-responsive>.table-bordered>thead>tr>td:first-child,.table-responsive>.table-bordered>thead>tr>th:first-child{border-left:0}.table-responsive>.table-bordered>tbody>tr>td:last-child,.table-responsive>.table-bordered>tbody>tr>th:last-child,.table-responsive>.table-bordered>tfoot>tr>td:last-child,.table-responsive>.table-bordered>tfoot>tr>th:last-child,.table-responsive>.table-bordered>thead>tr>td:last-child,.table-responsive>.table-bordered>thead>tr>th:last-child{border-right:0}.table-responsive>.table-bordered>tbody>tr:last-child>td,.table-responsive>.table-bordered>tbody>tr:last-child>th,.table-responsive>.table-bordered>tfoot>tr:last-child>td,.table-responsive>.table-bordered>tfoot>tr:last-child>th{border-bottom:0}}fieldset{min-width:0;padding:0;margin:0;border:0}legend{display:block;width:100%;padding:0;margin-bottom:20px;font-size:21px;line-height:inherit;color:#333;border:0;border-bottom:1px solid #e5e5e5}label{display:inline-block;max-width:100%;margin-bottom:5px;font-weight:700}input[type=search]{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}input[type=checkbox],input[type=radio]{margin:4px 0 0;margin-top:1px\9;line-height:normal}input[type=file]{display:block}input[type=range]{display:block;width:100%}select[multiple],select[size]{height:auto}input[type=file]:focus,input[type=checkbox]:focus,input[type=radio]:focus{outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}output{display:block;padding-top:7px;font-size:14px;line-height:1.42857143;color:#555}.form-control{display:block;width:100%;height:34px;padding:6px 12px;font-size:14px;line-height:1.42857143;color:#555;background-color:#fff;background-image:none;border:1px solid #ccc;border-radius:4px;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 1px rgba(0,0,0,.075);-webkit-transition:border-color ease-in-out .15s,-webkit-box-shadow ease-in-out .15s;-o-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}.form-control:focus{border-color:#66afe9;outline:0;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 8px rgba(102,175,233,.6);box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 8px rgba(102,175,233,.6)}.form-control::-moz-placeholder{color:#999;opacity:1}.form-control:-ms-input-placeholder{color:#999}.form-control::-webkit-input-placeholder{color:#999}.form-control::-ms-expand{background-color:transparent;border:0}.form-control[disabled],.form-control[readonly],fieldset[disabled] .form-control{background-color:#eee;opacity:1}.form-control[disabled],fieldset[disabled] .form-control{cursor:not-allowed}textarea.form-control{height:auto}input[type=search]{-webkit-appearance:none}@media screen and (-webkit-min-device-pixel-ratio:0){input[type=date].form-control,input[type=time].form-control,input[type=datetime-local].form-control,input[type=month].form-control{line-height:34px}.input-group-sm input[type=date],.input-group-sm input[type=time],.input-group-sm input[type=datetime-local],.input-group-sm input[type=month],input[type=date].input-sm,input[type=time].input-sm,input[type=datetime-local].input-sm,input[type=month].input-sm{line-height:30px}.input-group-lg input[type=date],.input-group-lg input[type=time],.input-group-lg input[type=datetime-local],.input-group-lg input[type=month],input[type=date].input-lg,input[type=time].input-lg,input[type=datetime-local].input-lg,input[type=month].input-lg{line-height:46px}}.form-group{margin-bottom:15px}.checkbox,.radio{position:relative;display:block;margin-top:10px;margin-bottom:10px}.checkbox label,.radio label{min-height:20px;padding-left:20px;margin-bottom:0;font-weight:400;cursor:pointer}.checkbox input[type=checkbox],.checkbox-inline input[type=checkbox],.radio input[type=radio],.radio-inline input[type=radio]{position:absolute;margin-top:4px\9;margin-left:-20px}.checkbox+.checkbox,.radio+.radio{margin-top:-5px}.checkbox-inline,.radio-inline{position:relative;display:inline-block;padding-left:20px;margin-bottom:0;font-weight:400;vertical-align:middle;cursor:pointer}.checkbox-inline+.checkbox-inline,.radio-inline+.radio-inline{margin-top:0;margin-left:10px}fieldset[disabled] input[type=checkbox],fieldset[disabled] input[type=radio],input[type=checkbox].disabled,input[type=checkbox][disabled],input[type=radio].disabled,input[type=radio][disabled]{cursor:not-allowed}.checkbox-inline.disabled,.radio-inline.disabled,fieldset[disabled] .checkbox-inline,fieldset[disabled] .radio-inline{cursor:not-allowed}.checkbox.disabled label,.radio.disabled label,fieldset[disabled] .checkbox label,fieldset[disabled] .radio label{cursor:not-allowed}.form-control-static{min-height:34px;padding-top:7px;padding-bottom:7px;margin-bottom:0}.form-control-static.input-lg,.form-control-static.input-sm{padding-right:0;padding-left:0}.input-sm{height:30px;padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}select.input-sm{height:30px;line-height:30px}select[multiple].input-sm,textarea.input-sm{height:auto}.form-group-sm .form-control{height:30px;padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}.form-group-sm select.form-control{height:30px;line-height:30px}.form-group-sm select[multiple].form-control,.form-group-sm textarea.form-control{height:auto}.form-group-sm .form-control-static{height:30px;min-height:32px;padding:6px 10px;font-size:12px;line-height:1.5}.input-lg{height:46px;padding:10px 16px;font-size:18px;line-height:1.3333333;border-radius:6px}select.input-lg{height:46px;line-height:46px}select[multiple].input-lg,textarea.input-lg{height:auto}.form-group-lg .form-control{height:46px;padding:10px 16px;font-size:18px;line-height:1.3333333;border-radius:6px}.form-group-lg select.form-control{height:46px;line-height:46px}.form-group-lg select[multiple].form-control,.form-group-lg textarea.form-control{height:auto}.form-group-lg .form-control-static{height:46px;min-height:38px;padding:11px 16px;font-size:18px;line-height:1.3333333}.has-feedback{position:relative}.has-feedback .form-control{padding-right:42.5px}.form-control-feedback{position:absolute;top:0;right:0;z-index:2;display:block;width:34px;height:34px;line-height:34px;text-align:center;pointer-events:none}.form-group-lg .form-control+.form-control-feedback,.input-group-lg+.form-control-feedback,.input-lg+.form-control-feedback{width:46px;height:46px;line-height:46px}.form-group-sm .form-control+.form-control-feedback,.input-group-sm+.form-control-feedback,.input-sm+.form-control-feedback{width:30px;height:30px;line-height:30px}.has-success .checkbox,.has-success .checkbox-inline,.has-success .control-label,.has-success .help-block,.has-success .radio,.has-success .radio-inline,.has-success.checkbox label,.has-success.checkbox-inline label,.has-success.radio label,.has-success.radio-inline label{color:#3c763d}.has-success .form-control{border-color:#3c763d;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 1px rgba(0,0,0,.075)}.has-success .form-control:focus{border-color:#2b542c;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #67b168;box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #67b168}.has-success .input-group-addon{color:#3c763d;background-color:#dff0d8;border-color:#3c763d}.has-success .form-control-feedback{color:#3c763d}.has-warning .checkbox,.has-warning .checkbox-inline,.has-warning .control-label,.has-warning .help-block,.has-warning .radio,.has-warning .radio-inline,.has-warning.checkbox label,.has-warning.checkbox-inline label,.has-warning.radio label,.has-warning.radio-inline label{color:#8a6d3b}.has-warning .form-control{border-color:#8a6d3b;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 1px rgba(0,0,0,.075)}.has-warning .form-control:focus{border-color:#66512c;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #c0a16b;box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #c0a16b}.has-warning .input-group-addon{color:#8a6d3b;background-color:#fcf8e3;border-color:#8a6d3b}.has-warning .form-control-feedback{color:#8a6d3b}.has-error .checkbox,.has-error .checkbox-inline,.has-error .control-label,.has-error .help-block,.has-error .radio,.has-error .radio-inline,.has-error.checkbox label,.has-error.checkbox-inline label,.has-error.radio label,.has-error.radio-inline label{color:#a94442}.has-error .form-control{border-color:#a94442;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 1px rgba(0,0,0,.075)}.has-error .form-control:focus{border-color:#843534;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #ce8483;box-shadow:inset 0 1px 1px rgba(0,0,0,.075),0 0 6px #ce8483}.has-error .input-group-addon{color:#a94442;background-color:#f2dede;border-color:#a94442}.has-error .form-control-feedback{color:#a94442}.has-feedback label~.form-control-feedback{top:25px}.has-feedback label.sr-only~.form-control-feedback{top:0}.help-block{display:block;margin-top:5px;margin-bottom:10px;color:#737373}@media (min-width:768px){.form-inline .form-group{display:inline-block;margin-bottom:0;vertical-align:middle}.form-inline .form-control{display:inline-block;width:auto;vertical-align:middle}.form-inline .form-control-static{display:inline-block}.form-inline .input-group{display:inline-table;vertical-align:middle}.form-inline .input-group .form-control,.form-inline .input-group .input-group-addon,.form-inline .input-group .input-group-btn{width:auto}.form-inline .input-group>.form-control{width:100%}.form-inline .control-label{margin-bottom:0;vertical-align:middle}.form-inline .checkbox,.form-inline .radio{display:inline-block;margin-top:0;margin-bottom:0;vertical-align:middle}.form-inline .checkbox label,.form-inline .radio label{padding-left:0}.form-inline .checkbox input[type=checkbox],.form-inline .radio input[type=radio]{position:relative;margin-left:0}.form-inline .has-feedback .form-control-feedback{top:0}}.form-horizontal .checkbox,.form-horizontal .checkbox-inline,.form-horizontal .radio,.form-horizontal .radio-inline{padding-top:7px;margin-top:0;margin-bottom:0}.form-horizontal .checkbox,.form-horizontal .radio{min-height:27px}.form-horizontal .form-group{margin-right:-15px;margin-left:-15px}@media (min-width:768px){.form-horizontal .control-label{padding-top:7px;margin-bottom:0;text-align:right}}.form-horizontal .has-feedback .form-control-feedback{right:15px}@media (min-width:768px){.form-horizontal .form-group-lg .control-label{padding-top:11px;font-size:18px}}@media (min-width:768px){.form-horizontal .form-group-sm .control-label{padding-top:6px;font-size:12px}}.btn{display:inline-block;padding:6px 12px;margin-bottom:0;font-size:14px;font-weight:400;line-height:1.42857143;text-align:center;white-space:nowrap;vertical-align:middle;-ms-touch-action:manipulation;touch-action:manipulation;cursor:pointer;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;background-image:none;border:1px solid transparent;border-radius:4px}.btn.active.focus,.btn.active:focus,.btn.focus,.btn:active.focus,.btn:active:focus,.btn:focus{outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}.btn.focus,.btn:focus,.btn:hover{color:#333;text-decoration:none}.btn.active,.btn:active{background-image:none;outline:0;-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,.125);box-shadow:inset 0 3px 5px rgba(0,0,0,.125)}.btn.disabled,.btn[disabled],fieldset[disabled] .btn{cursor:not-allowed;filter:alpha(opacity=65);-webkit-box-shadow:none;box-shadow:none;opacity:.65}a.btn.disabled,fieldset[disabled] a.btn{pointer-events:none}.btn-default{color:#333;background-color:#fff;border-color:#ccc}.btn-default.focus,.btn-default:focus{color:#333;background-color:#e6e6e6;border-color:#8c8c8c}.btn-default:hover{color:#333;background-color:#e6e6e6;border-color:#adadad}.btn-default.active,.btn-default:active,.open>.dropdown-toggle.btn-default{color:#333;background-color:#e6e6e6;border-color:#adadad}.btn-default.active.focus,.btn-default.active:focus,.btn-default.active:hover,.btn-default:active.focus,.btn-default:active:focus,.btn-default:active:hover,.open>.dropdown-toggle.btn-default.focus,.open>.dropdown-toggle.btn-default:focus,.open>.dropdown-toggle.btn-default:hover{color:#333;background-color:#d4d4d4;border-color:#8c8c8c}.btn-default.active,.btn-default:active,.open>.dropdown-toggle.btn-default{background-image:none}.btn-default.disabled.focus,.btn-default.disabled:focus,.btn-default.disabled:hover,.btn-default[disabled].focus,.btn-default[disabled]:focus,.btn-default[disabled]:hover,fieldset[disabled] .btn-default.focus,fieldset[disabled] .btn-default:focus,fieldset[disabled] .btn-default:hover{background-color:#fff;border-color:#ccc}.btn-default .badge{color:#fff;background-color:#333}.btn-primary{color:#fff;background-color:#337ab7;border-color:#2e6da4}.btn-primary.focus,.btn-primary:focus{color:#fff;background-color:#286090;border-color:#122b40}.btn-primary:hover{color:#fff;background-color:#286090;border-color:#204d74}.btn-primary.active,.btn-primary:active,.open>.dropdown-toggle.btn-primary{color:#fff;background-color:#286090;border-color:#204d74}.btn-primary.active.focus,.btn-primary.active:focus,.btn-primary.active:hover,.btn-primary:active.focus,.btn-primary:active:focus,.btn-primary:active:hover,.open>.dropdown-toggle.btn-primary.focus,.open>.dropdown-toggle.btn-primary:focus,.open>.dropdown-toggle.btn-primary:hover{color:#fff;background-color:#204d74;border-color:#122b40}.btn-primary.active,.btn-primary:active,.open>.dropdown-toggle.btn-primary{background-image:none}.btn-primary.disabled.focus,.btn-primary.disabled:focus,.btn-primary.disabled:hover,.btn-primary[disabled].focus,.btn-primary[disabled]:focus,.btn-primary[disabled]:hover,fieldset[disabled] .btn-primary.focus,fieldset[disabled] .btn-primary:focus,fieldset[disabled] .btn-primary:hover{background-color:#337ab7;border-color:#2e6da4}.btn-primary .badge{color:#337ab7;background-color:#fff}.btn-success{color:#fff;background-color:#5cb85c;border-color:#4cae4c}.btn-success.focus,.btn-success:focus{color:#fff;background-color:#449d44;border-color:#255625}.btn-success:hover{color:#fff;background-color:#449d44;border-color:#398439}.btn-success.active,.btn-success:active,.open>.dropdown-toggle.btn-success{color:#fff;background-color:#449d44;border-color:#398439}.btn-success.active.focus,.btn-success.active:focus,.btn-success.active:hover,.btn-success:active.focus,.btn-success:active:focus,.btn-success:active:hover,.open>.dropdown-toggle.btn-success.focus,.open>.dropdown-toggle.btn-success:focus,.open>.dropdown-toggle.btn-success:hover{color:#fff;background-color:#398439;border-color:#255625}.btn-success.active,.btn-success:active,.open>.dropdown-toggle.btn-success{background-image:none}.btn-success.disabled.focus,.btn-success.disabled:focus,.btn-success.disabled:hover,.btn-success[disabled].focus,.btn-success[disabled]:focus,.btn-success[disabled]:hover,fieldset[disabled] .btn-success.focus,fieldset[disabled] .btn-success:focus,fieldset[disabled] .btn-success:hover{background-color:#5cb85c;border-color:#4cae4c}.btn-success .badge{color:#5cb85c;background-color:#fff}.btn-info{color:#fff;background-color:#5bc0de;border-color:#46b8da}.btn-info.focus,.btn-info:focus{color:#fff;background-color:#31b0d5;border-color:#1b6d85}.btn-info:hover{color:#fff;background-color:#31b0d5;border-color:#269abc}.btn-info.active,.btn-info:active,.open>.dropdown-toggle.btn-info{color:#fff;background-color:#31b0d5;border-color:#269abc}.btn-info.active.focus,.btn-info.active:focus,.btn-info.active:hover,.btn-info:active.focus,.btn-info:active:focus,.btn-info:active:hover,.open>.dropdown-toggle.btn-info.focus,.open>.dropdown-toggle.btn-info:focus,.open>.dropdown-toggle.btn-info:hover{color:#fff;background-color:#269abc;border-color:#1b6d85}.btn-info.active,.btn-info:active,.open>.dropdown-toggle.btn-info{background-image:none}.btn-info.disabled.focus,.btn-info.disabled:focus,.btn-info.disabled:hover,.btn-info[disabled].focus,.btn-info[disabled]:focus,.btn-info[disabled]:hover,fieldset[disabled] .btn-info.focus,fieldset[disabled] .btn-info:focus,fieldset[disabled] .btn-info:hover{background-color:#5bc0de;border-color:#46b8da}.btn-info .badge{color:#5bc0de;background-color:#fff}.btn-warning{color:#fff;background-color:#f0ad4e;border-color:#eea236}.btn-warning.focus,.btn-warning:focus{color:#fff;background-color:#ec971f;border-color:#985f0d}.btn-warning:hover{color:#fff;background-color:#ec971f;border-color:#d58512}.btn-warning.active,.btn-warning:active,.open>.dropdown-toggle.btn-warning{color:#fff;background-color:#ec971f;border-color:#d58512}.btn-warning.active.focus,.btn-warning.active:focus,.btn-warning.active:hover,.btn-warning:active.focus,.btn-warning:active:focus,.btn-warning:active:hover,.open>.dropdown-toggle.btn-warning.focus,.open>.dropdown-toggle.btn-warning:focus,.open>.dropdown-toggle.btn-warning:hover{color:#fff;background-color:#d58512;border-color:#985f0d}.btn-warning.active,.btn-warning:active,.open>.dropdown-toggle.btn-warning{background-image:none}.btn-warning.disabled.focus,.btn-warning.disabled:focus,.btn-warning.disabled:hover,.btn-warning[disabled].focus,.btn-warning[disabled]:focus,.btn-warning[disabled]:hover,fieldset[disabled] .btn-warning.focus,fieldset[disabled] .btn-warning:focus,fieldset[disabled] .btn-warning:hover{background-color:#f0ad4e;border-color:#eea236}.btn-warning .badge{color:#f0ad4e;background-color:#fff}.btn-danger{color:#fff;background-color:#d9534f;border-color:#d43f3a}.btn-danger.focus,.btn-danger:focus{color:#fff;background-color:#c9302c;border-color:#761c19}.btn-danger:hover{color:#fff;background-color:#c9302c;border-color:#ac2925}.btn-danger.active,.btn-danger:active,.open>.dropdown-toggle.btn-danger{color:#fff;background-color:#c9302c;border-color:#ac2925}.btn-danger.active.focus,.btn-danger.active:focus,.btn-danger.active:hover,.btn-danger:active.focus,.btn-danger:active:focus,.btn-danger:active:hover,.open>.dropdown-toggle.btn-danger.focus,.open>.dropdown-toggle.btn-danger:focus,.open>.dropdown-toggle.btn-danger:hover{color:#fff;background-color:#ac2925;border-color:#761c19}.btn-danger.active,.btn-danger:active,.open>.dropdown-toggle.btn-danger{background-image:none}.btn-danger.disabled.focus,.btn-danger.disabled:focus,.btn-danger.disabled:hover,.btn-danger[disabled].focus,.btn-danger[disabled]:focus,.btn-danger[disabled]:hover,fieldset[disabled] .btn-danger.focus,fieldset[disabled] .btn-danger:focus,fieldset[disabled] .btn-danger:hover{background-color:#d9534f;border-color:#d43f3a}.btn-danger .badge{color:#d9534f;background-color:#fff}.btn-link{font-weight:400;color:#337ab7;border-radius:0}.btn-link,.btn-link.active,.btn-link:active,.btn-link[disabled],fieldset[disabled] .btn-link{background-color:transparent;-webkit-box-shadow:none;box-shadow:none}.btn-link,.btn-link:active,.btn-link:focus,.btn-link:hover{border-color:transparent}.btn-link:focus,.btn-link:hover{color:#23527c;text-decoration:underline;background-color:transparent}.btn-link[disabled]:focus,.btn-link[disabled]:hover,fieldset[disabled] .btn-link:focus,fieldset[disabled] .btn-link:hover{color:#777;text-decoration:none}.btn-group-lg>.btn,.btn-lg{padding:10px 16px;font-size:18px;line-height:1.3333333;border-radius:6px}.btn-group-sm>.btn,.btn-sm{padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}.btn-group-xs>.btn,.btn-xs{padding:1px 5px;font-size:12px;line-height:1.5;border-radius:3px}.btn-block{display:block;width:100%}.btn-block+.btn-block{margin-top:5px}input[type=button].btn-block,input[type=reset].btn-block,input[type=submit].btn-block{width:100%}.fade{opacity:0;-webkit-transition:opacity .15s linear;-o-transition:opacity .15s linear;transition:opacity .15s linear}.fade.in{opacity:1}.collapse{display:none}.collapse.in{display:block}tr.collapse.in{display:table-row}tbody.collapse.in{display:table-row-group}.collapsing{position:relative;height:0;overflow:hidden;-webkit-transition-timing-function:ease;-o-transition-timing-function:ease;transition-timing-function:ease;-webkit-transition-duration:.35s;-o-transition-duration:.35s;transition-duration:.35s;-webkit-transition-property:height,visibility;-o-transition-property:height,visibility;transition-property:height,visibility}.caret{display:inline-block;width:0;height:0;margin-left:2px;vertical-align:middle;border-top:4px dashed;border-top:4px solid\9;border-right:4px solid transparent;border-left:4px solid transparent}.dropdown,.dropup{position:relative}.dropdown-toggle:focus{outline:0}.dropdown-menu{position:absolute;top:100%;left:0;z-index:1000;display:none;float:left;min-width:160px;padding:5px 0;margin:2px 0 0;font-size:14px;text-align:left;list-style:none;background-color:#fff;-webkit-background-clip:padding-box;background-clip:padding-box;border:1px solid #ccc;border:1px solid rgba(0,0,0,.15);border-radius:4px;-webkit-box-shadow:0 6px 12px rgba(0,0,0,.175);box-shadow:0 6px 12px rgba(0,0,0,.175)}.dropdown-menu.pull-right{right:0;left:auto}.dropdown-menu .divider{height:1px;margin:9px 0;overflow:hidden;background-color:#e5e5e5}.dropdown-menu>li>a{display:block;padding:3px 20px;clear:both;font-weight:400;line-height:1.42857143;color:#333;white-space:nowrap}.dropdown-menu>li>a:focus,.dropdown-menu>li>a:hover{color:white;text-decoration:none;background-color:#f5f5f5}.dropdown-menu>.active>a,.dropdown-menu>.active>a:focus,.dropdown-menu>.active>a:hover{color:#fff;text-decoration:none;background-color:#337ab7;outline:0}.dropdown-menu>.disabled>a,.dropdown-menu>.disabled>a:focus,.dropdown-menu>.disabled>a:hover{color:#777}.dropdown-menu>.disabled>a:focus,.dropdown-menu>.disabled>a:hover{text-decoration:none;cursor:not-allowed;background-color:transparent;background-image:none;filter:progid:DXImageTransform.Microsoft.gradient(enabled=false)}.open>.dropdown-menu{display:block}.open>a{outline:0}.dropdown-menu-right{right:0;left:auto}.dropdown-menu-left{right:auto;left:0}.dropdown-header{display:block;padding:3px 20px;font-size:12px;line-height:1.42857143;color:#777;white-space:nowrap}.dropdown-backdrop{position:fixed;top:0;right:0;bottom:0;left:0;z-index:990}.pull-right>.dropdown-menu{right:0;left:auto}.dropup .caret,.navbar-fixed-bottom .dropdown .caret{content:"";border-top:0;border-bottom:4px dashed;border-bottom:4px solid\9}.dropup .dropdown-menu,.navbar-fixed-bottom .dropdown .dropdown-menu{top:auto;bottom:100%;margin-bottom:2px}@media (min-width:768px){.navbar-right .dropdown-menu{right:0;left:auto}.navbar-right .dropdown-menu-left{right:auto;left:0}}.btn-group,.btn-group-vertical{position:relative;display:inline-block;vertical-align:middle}.btn-group-vertical>.btn,.btn-group>.btn{position:relative;float:left}.btn-group-vertical>.btn.active,.btn-group-vertical>.btn:active,.btn-group-vertical>.btn:focus,.btn-group-vertical>.btn:hover,.btn-group>.btn.active,.btn-group>.btn:active,.btn-group>.btn:focus,.btn-group>.btn:hover{z-index:2}.btn-group .btn+.btn,.btn-group .btn+.btn-group,.btn-group .btn-group+.btn,.btn-group .btn-group+.btn-group{margin-left:-1px}.btn-toolbar{margin-left:-5px}.btn-toolbar .btn,.btn-toolbar .btn-group,.btn-toolbar .input-group{float:left}.btn-toolbar>.btn,.btn-toolbar>.btn-group,.btn-toolbar>.input-group{margin-left:5px}.btn-group>.btn:not(:first-child):not(:last-child):not(.dropdown-toggle){border-radius:0}.btn-group>.btn:first-child{margin-left:0}.btn-group>.btn:first-child:not(:last-child):not(.dropdown-toggle){border-top-right-radius:0;border-bottom-right-radius:0}.btn-group>.btn:last-child:not(:first-child),.btn-group>.dropdown-toggle:not(:first-child){border-top-left-radius:0;border-bottom-left-radius:0}.btn-group>.btn-group{float:left}.btn-group>.btn-group:not(:first-child):not(:last-child)>.btn{border-radius:0}.btn-group>.btn-group:first-child:not(:last-child)>.btn:last-child,.btn-group>.btn-group:first-child:not(:last-child)>.dropdown-toggle{border-top-right-radius:0;border-bottom-right-radius:0}.btn-group>.btn-group:last-child:not(:first-child)>.btn:first-child{border-top-left-radius:0;border-bottom-left-radius:0}.btn-group .dropdown-toggle:active,.btn-group.open .dropdown-toggle{outline:0}.btn-group>.btn+.dropdown-toggle{padding-right:8px;padding-left:8px}.btn-group>.btn-lg+.dropdown-toggle{padding-right:12px;padding-left:12px}.btn-group.open .dropdown-toggle{-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,.125);box-shadow:inset 0 3px 5px rgba(0,0,0,.125)}.btn-group.open .dropdown-toggle.btn-link{-webkit-box-shadow:none;box-shadow:none}.btn .caret{margin-left:0}.btn-lg .caret{border-width:5px 5px 0;border-bottom-width:0}.dropup .btn-lg .caret{border-width:0 5px 5px}.btn-group-vertical>.btn,.btn-group-vertical>.btn-group,.btn-group-vertical>.btn-group>.btn{display:block;float:none;width:100%;max-width:100%}.btn-group-vertical>.btn-group>.btn{float:none}.btn-group-vertical>.btn+.btn,.btn-group-vertical>.btn+.btn-group,.btn-group-vertical>.btn-group+.btn,.btn-group-vertical>.btn-group+.btn-group{margin-top:-1px;margin-left:0}.btn-group-vertical>.btn:not(:first-child):not(:last-child){border-radius:0}.btn-group-vertical>.btn:first-child:not(:last-child){border-top-left-radius:4px;border-top-right-radius:4px;border-bottom-right-radius:0;border-bottom-left-radius:0}.btn-group-vertical>.btn:last-child:not(:first-child){border-top-left-radius:0;border-top-right-radius:0;border-bottom-right-radius:4px;border-bottom-left-radius:4px}.btn-group-vertical>.btn-group:not(:first-child):not(:last-child)>.btn{border-radius:0}.btn-group-vertical>.btn-group:first-child:not(:last-child)>.btn:last-child,.btn-group-vertical>.btn-group:first-child:not(:last-child)>.dropdown-toggle{border-bottom-right-radius:0;border-bottom-left-radius:0}.btn-group-vertical>.btn-group:last-child:not(:first-child)>.btn:first-child{border-top-left-radius:0;border-top-right-radius:0}.btn-group-justified{display:table;width:100%;table-layout:fixed;border-collapse:separate}.btn-group-justified>.btn,.btn-group-justified>.btn-group{display:table-cell;float:none;width:1%}.btn-group-justified>.btn-group .btn{width:100%}.btn-group-justified>.btn-group .dropdown-menu{left:auto}[data-toggle=buttons]>.btn input[type=checkbox],[data-toggle=buttons]>.btn input[type=radio],[data-toggle=buttons]>.btn-group>.btn input[type=checkbox],[data-toggle=buttons]>.btn-group>.btn input[type=radio]{position:absolute;clip:rect(0,0,0,0);pointer-events:none}.input-group{position:relative;display:table;border-collapse:separate}.input-group[class*=col-]{float:none;padding-right:0;padding-left:0}.input-group .form-control{position:relative;z-index:2;float:left;width:100%;margin-bottom:0}.input-group .form-control:focus{z-index:3}.input-group-lg>.form-control,.input-group-lg>.input-group-addon,.input-group-lg>.input-group-btn>.btn{height:46px;padding:10px 16px;font-size:18px;line-height:1.3333333;border-radius:6px}select.input-group-lg>.form-control,select.input-group-lg>.input-group-addon,select.input-group-lg>.input-group-btn>.btn{height:46px;line-height:46px}select[multiple].input-group-lg>.form-control,select[multiple].input-group-lg>.input-group-addon,select[multiple].input-group-lg>.input-group-btn>.btn,textarea.input-group-lg>.form-control,textarea.input-group-lg>.input-group-addon,textarea.input-group-lg>.input-group-btn>.btn{height:auto}.input-group-sm>.form-control,.input-group-sm>.input-group-addon,.input-group-sm>.input-group-btn>.btn{height:30px;padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}select.input-group-sm>.form-control,select.input-group-sm>.input-group-addon,select.input-group-sm>.input-group-btn>.btn{height:30px;line-height:30px}select[multiple].input-group-sm>.form-control,select[multiple].input-group-sm>.input-group-addon,select[multiple].input-group-sm>.input-group-btn>.btn,textarea.input-group-sm>.form-control,textarea.input-group-sm>.input-group-addon,textarea.input-group-sm>.input-group-btn>.btn{height:auto}.input-group .form-control,.input-group-addon,.input-group-btn{display:table-cell}.input-group .form-control:not(:first-child):not(:last-child),.input-group-addon:not(:first-child):not(:last-child),.input-group-btn:not(:first-child):not(:last-child){border-radius:0}.input-group-addon,.input-group-btn{width:1%;white-space:nowrap;vertical-align:middle}.input-group-addon{padding:6px 12px;font-size:14px;font-weight:400;line-height:1;color:#555;text-align:center;background-color:#eee;border:1px solid #ccc;border-radius:4px}.input-group-addon.input-sm{padding:5px 10px;font-size:12px;border-radius:3px}.input-group-addon.input-lg{padding:10px 16px;font-size:18px;border-radius:6px}.input-group-addon input[type=checkbox],.input-group-addon input[type=radio]{margin-top:0}.input-group .form-control:first-child,.input-group-addon:first-child,.input-group-btn:first-child>.btn,.input-group-btn:first-child>.btn-group>.btn,.input-group-btn:first-child>.dropdown-toggle,.input-group-btn:last-child>.btn-group:not(:last-child)>.btn,.input-group-btn:last-child>.btn:not(:last-child):not(.dropdown-toggle){border-top-right-radius:0;border-bottom-right-radius:0}.input-group-addon:first-child{border-right:0}.input-group .form-control:last-child,.input-group-addon:last-child,.input-group-btn:first-child>.btn-group:not(:first-child)>.btn,.input-group-btn:first-child>.btn:not(:first-child),.input-group-btn:last-child>.btn,.input-group-btn:last-child>.btn-group>.btn,.input-group-btn:last-child>.dropdown-toggle{border-top-left-radius:0;border-bottom-left-radius:0}.input-group-addon:last-child{border-left:0}.input-group-btn{position:relative;font-size:0;white-space:nowrap}.input-group-btn>.btn{position:relative}.input-group-btn>.btn+.btn{margin-left:-1px}.input-group-btn>.btn:active,.input-group-btn>.btn:focus,.input-group-btn>.btn:hover{z-index:2}.input-group-btn:first-child>.btn,.input-group-btn:first-child>.btn-group{margin-right:-1px}.input-group-btn:last-child>.btn,.input-group-btn:last-child>.btn-group{z-index:2;margin-left:-1px}.nav{padding-left:0;margin-bottom:0;list-style:none}.nav>li{position:relative;display:block}.nav>li>a{position:relative;display:block;padding:10px 15px}.nav>li>a:focus,.nav>li>a:hover{text-decoration:none;background-color:#eee}.nav>li.disabled>a{color:#777}.nav>li.disabled>a:focus,.nav>li.disabled>a:hover{color:#777;text-decoration:none;cursor:not-allowed;background-color:transparent}.nav .open>a,.nav .open>a:focus,.nav .open>a:hover{background-color:#eee;border-color:#337ab7}.nav .nav-divider{height:1px;margin:9px 0;overflow:hidden;background-color:#e5e5e5}.nav>li>a>img{max-width:none}.nav-tabs{border-bottom:1px solid #ddd}.nav-tabs>li{float:left;margin-bottom:-1px}.nav-tabs>li>a{margin-right:2px;line-height:1.42857143;border:1px solid transparent;border-radius:4px 4px 0 0}.nav-tabs>li>a:hover{border-color:#eee #eee #ddd}.nav-tabs>li.active>a,.nav-tabs>li.active>a:focus,.nav-tabs>li.active>a:hover{color:#555;cursor:default;background-color:#fff;border:1px solid #ddd;border-bottom-color:transparent}.nav-tabs.nav-justified{width:100%;border-bottom:0}.nav-tabs.nav-justified>li{float:none}.nav-tabs.nav-justified>li>a{margin-bottom:5px;text-align:center}.nav-tabs.nav-justified>.dropdown .dropdown-menu{top:auto;left:auto}@media (min-width:768px){.nav-tabs.nav-justified>li{display:table-cell;width:1%}.nav-tabs.nav-justified>li>a{margin-bottom:0}}.nav-tabs.nav-justified>li>a{margin-right:0;border-radius:4px}.nav-tabs.nav-justified>.active>a,.nav-tabs.nav-justified>.active>a:focus,.nav-tabs.nav-justified>.active>a:hover{border:1px solid #ddd}@media (min-width:768px){.nav-tabs.nav-justified>li>a{border-bottom:1px solid #ddd;border-radius:4px 4px 0 0}.nav-tabs.nav-justified>.active>a,.nav-tabs.nav-justified>.active>a:focus,.nav-tabs.nav-justified>.active>a:hover{border-bottom-color:#fff}}.nav-pills>li{float:left}.nav-pills>li>a{border-radius:4px}.nav-pills>li+li{margin-left:2px}.nav-pills>li.active>a,.nav-pills>li.active>a:focus,.nav-pills>li.active>a:hover{color:#fff;background-color:#337ab7}.nav-stacked>li{float:none}.nav-stacked>li+li{margin-top:2px;margin-left:0}.nav-justified{width:100%}.nav-justified>li{float:none}.nav-justified>li>a{margin-bottom:5px;text-align:center}.nav-justified>.dropdown .dropdown-menu{top:auto;left:auto}@media (min-width:768px){.nav-justified>li{display:table-cell;width:1%}.nav-justified>li>a{margin-bottom:0}}.nav-tabs-justified{border-bottom:0}.nav-tabs-justified>li>a{margin-right:0;border-radius:4px}.nav-tabs-justified>.active>a,.nav-tabs-justified>.active>a:focus,.nav-tabs-justified>.active>a:hover{border:1px solid #ddd}@media (min-width:768px){.nav-tabs-justified>li>a{border-bottom:1px solid #ddd;border-radius:4px 4px 0 0}.nav-tabs-justified>.active>a,.nav-tabs-justified>.active>a:focus,.nav-tabs-justified>.active>a:hover{border-bottom-color:#fff}}.tab-content>.tab-pane{display:none}.tab-content>.active{display:block}.nav-tabs .dropdown-menu{margin-top:-1px;border-top-left-radius:0;border-top-right-radius:0}.navbar{position:relative;min-height:50px;margin-bottom:20px;border:1px solid transparent}@media (min-width:768px){.navbar{border-radius:4px}}@media (min-width:768px){.navbar-header{float:left}}.navbar-collapse{padding-right:15px;padding-left:15px;overflow-x:visible;-webkit-overflow-scrolling:touch;border-top:1px solid transparent;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.1);box-shadow:inset 0 1px 0 rgba(255,255,255,.1)}.navbar-collapse.in{overflow-y:auto}@media (min-width:768px){.navbar-collapse{width:auto;border-top:0;-webkit-box-shadow:none;box-shadow:none}.navbar-collapse.collapse{display:block!important;height:auto!important;padding-bottom:0;overflow:visible!important}.navbar-collapse.in{overflow-y:visible}.navbar-fixed-bottom .navbar-collapse,.navbar-fixed-top .navbar-collapse,.navbar-static-top .navbar-collapse{padding-right:0;padding-left:0}}.navbar-fixed-bottom .navbar-collapse,.navbar-fixed-top .navbar-collapse{max-height:340px}@media (max-device-width:480px) and (orientation:landscape){.navbar-fixed-bottom .navbar-collapse,.navbar-fixed-top .navbar-collapse{max-height:200px}}.container-fluid>.navbar-collapse,.container-fluid>.navbar-header,.container>.navbar-collapse,.container>.navbar-header{margin-right:-15px;margin-left:-15px}@media (min-width:768px){.container-fluid>.navbar-collapse,.container-fluid>.navbar-header,.container>.navbar-collapse,.container>.navbar-header{margin-right:0;margin-left:0}}.navbar-static-top{z-index:1000;border-width:0 0 1px}@media (min-width:768px){.navbar-static-top{border-radius:0}}.navbar-fixed-bottom,.navbar-fixed-top{position:fixed;right:0;left:0;z-index:1030}@media (min-width:768px){.navbar-fixed-bottom,.navbar-fixed-top{border-radius:0}}.navbar-fixed-top{top:0;border-width:0 0 1px}.navbar-fixed-bottom{bottom:0;margin-bottom:0;border-width:1px 0 0}.navbar-brand{float:left;height:50px;padding:15px 15px;font-size:18px;line-height:20px}.navbar-brand:focus,.navbar-brand:hover{text-decoration:none}.navbar-brand>img{display:block}@media (min-width:768px){.navbar>.container .navbar-brand,.navbar>.container-fluid .navbar-brand{margin-left:-15px}}.navbar-toggle{position:relative;float:right;padding:9px 10px;margin-top:8px;margin-right:15px;margin-bottom:8px;background-color:transparent;background-image:none;border:1px solid transparent;border-radius:4px}.navbar-toggle:focus{outline:0}.navbar-toggle .icon-bar{display:block;width:22px;height:2px;border-radius:1px}.navbar-toggle .icon-bar+.icon-bar{margin-top:4px}@media (min-width:768px){.navbar-toggle{display:none}}.navbar-nav{margin:7.5px -15px}.navbar-nav>li>a{padding-top:10px;padding-bottom:10px;line-height:20px}@media (max-width:767px){.navbar-nav .open .dropdown-menu{position:static;float:none;width:auto;margin-top:0;background-color:transparent;border:0;-webkit-box-shadow:none;box-shadow:none}.navbar-nav .open .dropdown-menu .dropdown-header,.navbar-nav .open .dropdown-menu>li>a{padding:5px 15px 5px 25px}.navbar-nav .open .dropdown-menu>li>a{line-height:20px}.navbar-nav .open .dropdown-menu>li>a:focus,.navbar-nav .open .dropdown-menu>li>a:hover{background-image:none}}@media (min-width:768px){.navbar-nav{float:left;margin:0}.navbar-nav>li{float:left}.navbar-nav>li>a{padding-top:15px;padding-bottom:15px}}.navbar-form{padding:10px 15px;margin-top:8px;margin-right:-15px;margin-bottom:8px;margin-left:-15px;border-top:1px solid transparent;border-bottom:1px solid transparent;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.1),0 1px 0 rgba(255,255,255,.1);box-shadow:inset 0 1px 0 rgba(255,255,255,.1),0 1px 0 rgba(255,255,255,.1)}@media (min-width:768px){.navbar-form .form-group{display:inline-block;margin-bottom:0;vertical-align:middle}.navbar-form .form-control{display:inline-block;width:auto;vertical-align:middle}.navbar-form .form-control-static{display:inline-block}.navbar-form .input-group{display:inline-table;vertical-align:middle}.navbar-form .input-group .form-control,.navbar-form .input-group .input-group-addon,.navbar-form .input-group .input-group-btn{width:auto}.navbar-form .input-group>.form-control{width:100%}.navbar-form .control-label{margin-bottom:0;vertical-align:middle}.navbar-form .checkbox,.navbar-form .radio{display:inline-block;margin-top:0;margin-bottom:0;vertical-align:middle}.navbar-form .checkbox label,.navbar-form .radio label{padding-left:0}.navbar-form .checkbox input[type=checkbox],.navbar-form .radio input[type=radio]{position:relative;margin-left:0}.navbar-form .has-feedback .form-control-feedback{top:0}}@media (max-width:767px){.navbar-form .form-group{margin-bottom:5px}.navbar-form .form-group:last-child{margin-bottom:0}}@media (min-width:768px){.navbar-form{width:auto;padding-top:0;padding-bottom:0;margin-right:0;margin-left:0;border:0;-webkit-box-shadow:none;box-shadow:none}}.navbar-nav>li>.dropdown-menu{margin-top:0;border-top-left-radius:0;border-top-right-radius:0}.navbar-fixed-bottom .navbar-nav>li>.dropdown-menu{margin-bottom:0;border-top-left-radius:4px;border-top-right-radius:4px;border-bottom-right-radius:0;border-bottom-left-radius:0}.navbar-btn{margin-top:8px;margin-bottom:8px}.navbar-btn.btn-sm{margin-top:10px;margin-bottom:10px}.navbar-btn.btn-xs{margin-top:14px;margin-bottom:14px}.navbar-text{margin-top:15px;margin-bottom:15px}@media (min-width:768px){.navbar-text{float:left;margin-right:15px;margin-left:15px}}@media (min-width:768px){.navbar-left{float:left!important}.navbar-right{float:right!important;margin-right:-15px}.navbar-right~.navbar-right{margin-right:0}}.navbar-default{background-color:#f8f8f8;border-color:#e7e7e7}.navbar-default .navbar-brand{color:#777}.navbar-default .navbar-brand:focus,.navbar-default .navbar-brand:hover{color:#5e5e5e;background-color:transparent}.navbar-default .navbar-text{color:#777}.navbar-default .navbar-nav>li>a{color:#777}.navbar-default .navbar-nav>li>a:focus,.navbar-default .navbar-nav>li>a:hover{color:#333;background-color:transparent}.navbar-default .navbar-nav>.active>a,.navbar-default .navbar-nav>.active>a:focus,.navbar-default .navbar-nav>.active>a:hover{color:#555;background-color:#e7e7e7}.navbar-default .navbar-nav>.disabled>a,.navbar-default .navbar-nav>.disabled>a:focus,.navbar-default .navbar-nav>.disabled>a:hover{color:#ccc;background-color:transparent}.navbar-default .navbar-toggle{border-color:#ddd}.navbar-default .navbar-toggle:focus,.navbar-default .navbar-toggle:hover{background-color:#ddd}.navbar-default .navbar-toggle .icon-bar{background-color:#888}.navbar-default .navbar-collapse,.navbar-default .navbar-form{border-color:#e7e7e7}.navbar-default .navbar-nav>.open>a,.navbar-default .navbar-nav>.open>a:focus,.navbar-default .navbar-nav>.open>a:hover{color:#555;background-color:#e7e7e7}@media (max-width:767px){.navbar-default .navbar-nav .open .dropdown-menu>li>a{color:#777}.navbar-default .navbar-nav .open .dropdown-menu>li>a:focus,.navbar-default .navbar-nav .open .dropdown-menu>li>a:hover{color:#333;background-color:transparent}.navbar-default .navbar-nav .open .dropdown-menu>.active>a,.navbar-default .navbar-nav .open .dropdown-menu>.active>a:focus,.navbar-default .navbar-nav .open .dropdown-menu>.active>a:hover{color:#555;background-color:#e7e7e7}.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a,.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a:focus,.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a:hover{color:#ccc;background-color:transparent}}.navbar-default .navbar-link{color:#777}.navbar-default .navbar-link:hover{color:#333}.navbar-default .btn-link{color:#777}.navbar-default .btn-link:focus,.navbar-default .btn-link:hover{color:#333}.navbar-default .btn-link[disabled]:focus,.navbar-default .btn-link[disabled]:hover,fieldset[disabled] .navbar-default .btn-link:focus,fieldset[disabled] .navbar-default .btn-link:hover{color:#ccc}.navbar-inverse{background-color:#222;border-color:#080808}.navbar-inverse .navbar-brand{color:#9d9d9d}.navbar-inverse .navbar-brand:focus,.navbar-inverse .navbar-brand:hover{color:#fff;background-color:transparent}.navbar-inverse .navbar-text{color:#9d9d9d}.navbar-inverse .navbar-nav>li>a{color:#9d9d9d}.navbar-inverse .navbar-nav>li>a:focus,.navbar-inverse .navbar-nav>li>a:hover{color:#fff;background-color:transparent}.navbar-inverse .navbar-nav>.active>a,.navbar-inverse .navbar-nav>.active>a:focus,.navbar-inverse .navbar-nav>.active>a:hover{color:#fff;background-color:#080808}.navbar-inverse .navbar-nav>.disabled>a,.navbar-inverse .navbar-nav>.disabled>a:focus,.navbar-inverse .navbar-nav>.disabled>a:hover{color:#444;background-color:transparent}.navbar-inverse .navbar-toggle{border-color:#333}.navbar-inverse .navbar-toggle:focus,.navbar-inverse .navbar-toggle:hover{background-color:#333}.navbar-inverse .navbar-toggle .icon-bar{background-color:#fff}.navbar-inverse .navbar-collapse,.navbar-inverse .navbar-form{border-color:#101010}.navbar-inverse .navbar-nav>.open>a,.navbar-inverse .navbar-nav>.open>a:focus,.navbar-inverse .navbar-nav>.open>a:hover{color:#fff;background-color:#080808}@media (max-width:767px){.navbar-inverse .navbar-nav .open .dropdown-menu>.dropdown-header{border-color:#080808}.navbar-inverse .navbar-nav .open .dropdown-menu .divider{background-color:#080808}.navbar-inverse .navbar-nav .open .dropdown-menu>li>a{color:#9d9d9d}.navbar-inverse .navbar-nav .open .dropdown-menu>li>a:focus,.navbar-inverse .navbar-nav .open .dropdown-menu>li>a:hover{color:#fff;background-color:transparent}.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a,.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a:focus,.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a:hover{color:#fff;background-color:#080808}.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a,.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a:focus,.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a:hover{color:#444;background-color:transparent}}.navbar-inverse .navbar-link{color:#9d9d9d}.navbar-inverse .navbar-link:hover{color:#fff}.navbar-inverse .btn-link{color:#9d9d9d}.navbar-inverse .btn-link:focus,.navbar-inverse .btn-link:hover{color:#fff}.navbar-inverse .btn-link[disabled]:focus,.navbar-inverse .btn-link[disabled]:hover,fieldset[disabled] .navbar-inverse .btn-link:focus,fieldset[disabled] .navbar-inverse .btn-link:hover{color:#444}.breadcrumb{padding:8px 15px;margin-bottom:20px;list-style:none;background-color:#f5f5f5;border-radius:4px}.breadcrumb>li{display:inline-block}.breadcrumb>li+li:before{padding:0 5px;color:#ccc;content:"/\00a0"}.breadcrumb>.active{color:#777}.pagination{display:inline-block;padding-left:0;margin:20px 0;border-radius:4px}.pagination>li{display:inline}.pagination>li>a,.pagination>li>span{position:relative;float:left;padding:6px 12px;margin-left:-1px;line-height:1.42857143;color:#337ab7;text-decoration:none;background-color:#fff;border:1px solid #ddd}.pagination>li:first-child>a,.pagination>li:first-child>span{margin-left:0;border-top-left-radius:4px;border-bottom-left-radius:4px}.pagination>li:last-child>a,.pagination>li:last-child>span{border-top-right-radius:4px;border-bottom-right-radius:4px}.pagination>li>a:focus,.pagination>li>a:hover,.pagination>li>span:focus,.pagination>li>span:hover{z-index:2;color:#23527c;background-color:#eee;border-color:#ddd}.pagination>.active>a,.pagination>.active>a:focus,.pagination>.active>a:hover,.pagination>.active>span,.pagination>.active>span:focus,.pagination>.active>span:hover{z-index:3;color:#fff;cursor:default;background-color:#337ab7;border-color:#337ab7}.pagination>.disabled>a,.pagination>.disabled>a:focus,.pagination>.disabled>a:hover,.pagination>.disabled>span,.pagination>.disabled>span:focus,.pagination>.disabled>span:hover{color:#777;cursor:not-allowed;background-color:#fff;border-color:#ddd}.pagination-lg>li>a,.pagination-lg>li>span{padding:10px 16px;font-size:18px;line-height:1.3333333}.pagination-lg>li:first-child>a,.pagination-lg>li:first-child>span{border-top-left-radius:6px;border-bottom-left-radius:6px}.pagination-lg>li:last-child>a,.pagination-lg>li:last-child>span{border-top-right-radius:6px;border-bottom-right-radius:6px}.pagination-sm>li>a,.pagination-sm>li>span{padding:5px 10px;font-size:12px;line-height:1.5}.pagination-sm>li:first-child>a,.pagination-sm>li:first-child>span{border-top-left-radius:3px;border-bottom-left-radius:3px}.pagination-sm>li:last-child>a,.pagination-sm>li:last-child>span{border-top-right-radius:3px;border-bottom-right-radius:3px}.pager{padding-left:0;margin:20px 0;text-align:center;list-style:none}.pager li{display:inline}.pager li>a,.pager li>span{display:inline-block;padding:5px 14px;background-color:#fff;border:1px solid #ddd;border-radius:15px}.pager li>a:focus,.pager li>a:hover{text-decoration:none;background-color:#eee}.pager .next>a,.pager .next>span{float:right}.pager .previous>a,.pager .previous>span{float:left}.pager .disabled>a,.pager .disabled>a:focus,.pager .disabled>a:hover,.pager .disabled>span{color:#777;cursor:not-allowed;background-color:#fff}.label{display:inline;padding:.2em .6em .3em;font-size:75%;font-weight:700;line-height:1;color:#fff;text-align:center;white-space:nowrap;vertical-align:baseline;border-radius:.25em}a.label:focus,a.label:hover{color:#fff;text-decoration:none;cursor:pointer}.label:empty{display:none}.btn .label{position:relative;top:-1px}.label-default{background-color:#777}.label-default[href]:focus,.label-default[href]:hover{background-color:#5e5e5e}.label-primary{background-color:#337ab7}.label-primary[href]:focus,.label-primary[href]:hover{background-color:#286090}.label-success{background-color:#5cb85c}.label-success[href]:focus,.label-success[href]:hover{background-color:#449d44}.label-info{background-color:#5bc0de}.label-info[href]:focus,.label-info[href]:hover{background-color:#31b0d5}.label-warning{background-color:#f0ad4e}.label-warning[href]:focus,.label-warning[href]:hover{background-color:#ec971f}.label-danger{background-color:#d9534f}.label-danger[href]:focus,.label-danger[href]:hover{background-color:#c9302c}.badge{display:inline-block;min-width:10px;padding:3px 7px;font-size:12px;font-weight:700;line-height:1;color:#fff;text-align:center;white-space:nowrap;vertical-align:middle;background-color:#777;border-radius:10px}.badge:empty{display:none}.btn .badge{position:relative;top:-1px}.btn-group-xs>.btn .badge,.btn-xs .badge{top:0;padding:1px 5px}a.badge:focus,a.badge:hover{color:#fff;text-decoration:none;cursor:pointer}.list-group-item.active>.badge,.nav-pills>.active>a>.badge{color:#337ab7;background-color:#fff}.list-group-item>.badge{float:right}.list-group-item>.badge+.badge{margin-right:5px}.nav-pills>li>a>.badge{margin-left:3px}.jumbotron{padding-top:30px;padding-bottom:30px;margin-bottom:30px;color:inherit;background-color:#eee}.jumbotron .h1,.jumbotron h1{color:inherit}.jumbotron p{margin-bottom:15px;font-size:21px;font-weight:200}.jumbotron>hr{border-top-color:#d5d5d5}.container .jumbotron,.container-fluid .jumbotron{padding-right:15px;padding-left:15px;border-radius:6px}.jumbotron .container{max-width:100%}@media screen and (min-width:768px){.jumbotron{padding-top:48px;padding-bottom:48px}.container .jumbotron,.container-fluid .jumbotron{padding-right:60px;padding-left:60px}.jumbotron .h1,.jumbotron h1{font-size:63px}}.thumbnail{display:block;padding:4px;margin-bottom:20px;line-height:1.42857143;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:border .2s ease-in-out;-o-transition:border .2s ease-in-out;transition:border .2s ease-in-out}.thumbnail a>img,.thumbnail>img{margin-right:auto;margin-left:auto}a.thumbnail.active,a.thumbnail:focus,a.thumbnail:hover{border-color:#337ab7}.thumbnail .caption{padding:9px;color:#333}.alert{padding:15px;margin-bottom:20px;border:1px solid transparent;border-radius:4px}.alert h4{margin-top:0;color:inherit}.alert .alert-link{font-weight:700}.alert>p,.alert>ul{margin-bottom:0}.alert>p+p{margin-top:5px}.alert-dismissable,.alert-dismissible{padding-right:35px}.alert-dismissable .close,.alert-dismissible .close{position:relative;top:-2px;right:-21px;color:inherit}.alert-success{color:#3c763d;background-color:#dff0d8;border-color:#d6e9c6}.alert-success hr{border-top-color:#c9e2b3}.alert-success .alert-link{color:#2b542c}.alert-info{color:#31708f;background-color:#d9edf7;border-color:#bce8f1}.alert-info hr{border-top-color:#a6e1ec}.alert-info .alert-link{color:#245269}.alert-warning{color:#8a6d3b;background-color:#fcf8e3;border-color:#faebcc}.alert-warning hr{border-top-color:#f7e1b5}.alert-warning .alert-link{color:#66512c}.alert-danger{color:#a94442;background-color:#f2dede;border-color:#ebccd1}.alert-danger hr{border-top-color:#e4b9c0}.alert-danger .alert-link{color:#843534}@-webkit-keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}@-o-keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}@keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}.progress{height:20px;margin-bottom:20px;overflow:hidden;background-color:#f5f5f5;border-radius:4px;-webkit-box-shadow:inset 0 1px 2px rgba(0,0,0,.1);box-shadow:inset 0 1px 2px rgba(0,0,0,.1)}.progress-bar{float:left;width:0;height:100%;font-size:12px;line-height:20px;color:#fff;text-align:center;background-color:#337ab7;-webkit-box-shadow:inset 0 -1px 0 rgba(0,0,0,.15);box-shadow:inset 0 -1px 0 rgba(0,0,0,.15);-webkit-transition:width .6s ease;-o-transition:width .6s ease;transition:width .6s ease}.progress-bar-striped,.progress-striped .progress-bar{background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:-o-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);-webkit-background-size:40px 40px;background-size:40px 40px}.progress-bar.active,.progress.active .progress-bar{-webkit-animation:progress-bar-stripes 2s linear infinite;-o-animation:progress-bar-stripes 2s linear infinite;animation:progress-bar-stripes 2s linear infinite}.progress-bar-success{background-color:#5cb85c}.progress-striped .progress-bar-success{background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:-o-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent)}.progress-bar-info{background-color:#5bc0de}.progress-striped .progress-bar-info{background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:-o-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent)}.progress-bar-warning{background-color:#f0ad4e}.progress-striped .progress-bar-warning{background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:-o-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent)}.progress-bar-danger{background-color:#d9534f}.progress-striped .progress-bar-danger{background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:-o-linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,.15) 50%,rgba(255,255,255,.15) 75%,transparent 75%,transparent)}.media{margin-top:15px}.media:first-child{margin-top:0}.media,.media-body{overflow:hidden;zoom:1}.media-body{width:10000px}.media-object{display:block}.media-object.img-thumbnail{max-width:none}.media-right,.media>.pull-right{padding-left:10px}.media-left,.media>.pull-left{padding-right:10px}.media-body,.media-left,.media-right{display:table-cell;vertical-align:top}.media-middle{vertical-align:middle}.media-bottom{vertical-align:bottom}.media-heading{margin-top:0;margin-bottom:5px}.media-list{padding-left:0;list-style:none}.list-group{padding-left:0;margin-bottom:20px}.list-group-item{position:relative;display:block;padding:10px 15px;margin-bottom:-1px;background-color:#fff;border:1px solid #ddd}.list-group-item:first-child{border-top-left-radius:4px;border-top-right-radius:4px}.list-group-item:last-child{margin-bottom:0;border-bottom-right-radius:4px;border-bottom-left-radius:4px}a.list-group-item,button.list-group-item{color:#555}a.list-group-item .list-group-item-heading,button.list-group-item .list-group-item-heading{color:#333}a.list-group-item:focus,a.list-group-item:hover,button.list-group-item:focus,button.list-group-item:hover{color:#555;text-decoration:none;background-color:#f5f5f5}button.list-group-item{width:100%;text-align:left}.list-group-item.disabled,.list-group-item.disabled:focus,.list-group-item.disabled:hover{color:#777;cursor:not-allowed;background-color:#eee}.list-group-item.disabled .list-group-item-heading,.list-group-item.disabled:focus .list-group-item-heading,.list-group-item.disabled:hover .list-group-item-heading{color:inherit}.list-group-item.disabled .list-group-item-text,.list-group-item.disabled:focus .list-group-item-text,.list-group-item.disabled:hover .list-group-item-text{color:#777}.list-group-item.active,.list-group-item.active:focus,.list-group-item.active:hover{z-index:2;color:#fff;background-color:#337ab7;border-color:#337ab7}.list-group-item.active .list-group-item-heading,.list-group-item.active .list-group-item-heading>.small,.list-group-item.active .list-group-item-heading>small,.list-group-item.active:focus .list-group-item-heading,.list-group-item.active:focus .list-group-item-heading>.small,.list-group-item.active:focus .list-group-item-heading>small,.list-group-item.active:hover .list-group-item-heading,.list-group-item.active:hover .list-group-item-heading>.small,.list-group-item.active:hover .list-group-item-heading>small{color:inherit}.list-group-item.active .list-group-item-text,.list-group-item.active:focus .list-group-item-text,.list-group-item.active:hover .list-group-item-text{color:#c7ddef}.list-group-item-success{color:#3c763d;background-color:#dff0d8}a.list-group-item-success,button.list-group-item-success{color:#3c763d}a.list-group-item-success .list-group-item-heading,button.list-group-item-success .list-group-item-heading{color:inherit}a.list-group-item-success:focus,a.list-group-item-success:hover,button.list-group-item-success:focus,button.list-group-item-success:hover{color:#3c763d;background-color:#d0e9c6}a.list-group-item-success.active,a.list-group-item-success.active:focus,a.list-group-item-success.active:hover,button.list-group-item-success.active,button.list-group-item-success.active:focus,button.list-group-item-success.active:hover{color:#fff;background-color:#3c763d;border-color:#3c763d}.list-group-item-info{color:#31708f;background-color:#d9edf7}a.list-group-item-info,button.list-group-item-info{color:#31708f}a.list-group-item-info .list-group-item-heading,button.list-group-item-info .list-group-item-heading{color:inherit}a.list-group-item-info:focus,a.list-group-item-info:hover,button.list-group-item-info:focus,button.list-group-item-info:hover{color:#31708f;background-color:#c4e3f3}a.list-group-item-info.active,a.list-group-item-info.active:focus,a.list-group-item-info.active:hover,button.list-group-item-info.active,button.list-group-item-info.active:focus,button.list-group-item-info.active:hover{color:#fff;background-color:#31708f;border-color:#31708f}.list-group-item-warning{color:#8a6d3b;background-color:#fcf8e3}a.list-group-item-warning,button.list-group-item-warning{color:#8a6d3b}a.list-group-item-warning .list-group-item-heading,button.list-group-item-warning .list-group-item-heading{color:inherit}a.list-group-item-warning:focus,a.list-group-item-warning:hover,button.list-group-item-warning:focus,button.list-group-item-warning:hover{color:#8a6d3b;background-color:#faf2cc}a.list-group-item-warning.active,a.list-group-item-warning.active:focus,a.list-group-item-warning.active:hover,button.list-group-item-warning.active,button.list-group-item-warning.active:focus,button.list-group-item-warning.active:hover{color:#fff;background-color:#8a6d3b;border-color:#8a6d3b}.list-group-item-danger{color:#a94442;background-color:#f2dede}a.list-group-item-danger,button.list-group-item-danger{color:#a94442}a.list-group-item-danger .list-group-item-heading,button.list-group-item-danger .list-group-item-heading{color:inherit}a.list-group-item-danger:focus,a.list-group-item-danger:hover,button.list-group-item-danger:focus,button.list-group-item-danger:hover{color:#a94442;background-color:#ebcccc}a.list-group-item-danger.active,a.list-group-item-danger.active:focus,a.list-group-item-danger.active:hover,button.list-group-item-danger.active,button.list-group-item-danger.active:focus,button.list-group-item-danger.active:hover{color:#fff;background-color:#a94442;border-color:#a94442}.list-group-item-heading{margin-top:0;margin-bottom:5px}.list-group-item-text{margin-bottom:0;line-height:1.3}.panel{margin-bottom:20px;background-color:#fff;border:1px solid transparent;border-radius:4px;-webkit-box-shadow:0 1px 1px rgba(0,0,0,.05);box-shadow:0 1px 1px rgba(0,0,0,.05)}.panel-body{padding:15px}.panel-heading{padding:10px 15px;border-bottom:1px solid transparent;border-top-left-radius:3px;border-top-right-radius:3px}.panel-heading>.dropdown .dropdown-toggle{color:inherit}.panel-title{margin-top:0;margin-bottom:0;font-size:16px;color:inherit}.panel-title>.small,.panel-title>.small>a,.panel-title>a,.panel-title>small,.panel-title>small>a{color:inherit}.panel-footer{padding:10px 15px;background-color:#f5f5f5;border-top:1px solid #ddd;border-bottom-right-radius:3px;border-bottom-left-radius:3px}.panel>.list-group,.panel>.panel-collapse>.list-group{margin-bottom:0}.panel>.list-group .list-group-item,.panel>.panel-collapse>.list-group .list-group-item{border-width:1px 0;border-radius:0}.panel>.list-group:first-child .list-group-item:first-child,.panel>.panel-collapse>.list-group:first-child .list-group-item:first-child{border-top:0;border-top-left-radius:3px;border-top-right-radius:3px}.panel>.list-group:last-child .list-group-item:last-child,.panel>.panel-collapse>.list-group:last-child .list-group-item:last-child{border-bottom:0;border-bottom-right-radius:3px;border-bottom-left-radius:3px}.panel>.panel-heading+.panel-collapse>.list-group .list-group-item:first-child{border-top-left-radius:0;border-top-right-radius:0}.panel-heading+.list-group .list-group-item:first-child{border-top-width:0}.list-group+.panel-footer{border-top-width:0}.panel>.panel-collapse>.table,.panel>.table,.panel>.table-responsive>.table{margin-bottom:0}.panel>.panel-collapse>.table caption,.panel>.table caption,.panel>.table-responsive>.table caption{padding-right:15px;padding-left:15px}.panel>.table-responsive:first-child>.table:first-child,.panel>.table:first-child{border-top-left-radius:3px;border-top-right-radius:3px}.panel>.table-responsive:first-child>.table:first-child>tbody:first-child>tr:first-child,.panel>.table-responsive:first-child>.table:first-child>thead:first-child>tr:first-child,.panel>.table:first-child>tbody:first-child>tr:first-child,.panel>.table:first-child>thead:first-child>tr:first-child{border-top-left-radius:3px;border-top-right-radius:3px}.panel>.table-responsive:first-child>.table:first-child>tbody:first-child>tr:first-child td:first-child,.panel>.table-responsive:first-child>.table:first-child>tbody:first-child>tr:first-child th:first-child,.panel>.table-responsive:first-child>.table:first-child>thead:first-child>tr:first-child td:first-child,.panel>.table-responsive:first-child>.table:first-child>thead:first-child>tr:first-child th:first-child,.panel>.table:first-child>tbody:first-child>tr:first-child td:first-child,.panel>.table:first-child>tbody:first-child>tr:first-child th:first-child,.panel>.table:first-child>thead:first-child>tr:first-child td:first-child,.panel>.table:first-child>thead:first-child>tr:first-child th:first-child{border-top-left-radius:3px}.panel>.table-responsive:first-child>.table:first-child>tbody:first-child>tr:first-child td:last-child,.panel>.table-responsive:first-child>.table:first-child>tbody:first-child>tr:first-child th:last-child,.panel>.table-responsive:first-child>.table:first-child>thead:first-child>tr:first-child td:last-child,.panel>.table-responsive:first-child>.table:first-child>thead:first-child>tr:first-child th:last-child,.panel>.table:first-child>tbody:first-child>tr:first-child td:last-child,.panel>.table:first-child>tbody:first-child>tr:first-child th:last-child,.panel>.table:first-child>thead:first-child>tr:first-child td:last-child,.panel>.table:first-child>thead:first-child>tr:first-child th:last-child{border-top-right-radius:3px}.panel>.table-responsive:last-child>.table:last-child,.panel>.table:last-child{border-bottom-right-radius:3px;border-bottom-left-radius:3px}.panel>.table-responsive:last-child>.table:last-child>tbody:last-child>tr:last-child,.panel>.table-responsive:last-child>.table:last-child>tfoot:last-child>tr:last-child,.panel>.table:last-child>tbody:last-child>tr:last-child,.panel>.table:last-child>tfoot:last-child>tr:last-child{border-bottom-right-radius:3px;border-bottom-left-radius:3px}.panel>.table-responsive:last-child>.table:last-child>tbody:last-child>tr:last-child td:first-child,.panel>.table-responsive:last-child>.table:last-child>tbody:last-child>tr:last-child th:first-child,.panel>.table-responsive:last-child>.table:last-child>tfoot:last-child>tr:last-child td:first-child,.panel>.table-responsive:last-child>.table:last-child>tfoot:last-child>tr:last-child th:first-child,.panel>.table:last-child>tbody:last-child>tr:last-child td:first-child,.panel>.table:last-child>tbody:last-child>tr:last-child th:first-child,.panel>.table:last-child>tfoot:last-child>tr:last-child td:first-child,.panel>.table:last-child>tfoot:last-child>tr:last-child th:first-child{border-bottom-left-radius:3px}.panel>.table-responsive:last-child>.table:last-child>tbody:last-child>tr:last-child td:last-child,.panel>.table-responsive:last-child>.table:last-child>tbody:last-child>tr:last-child th:last-child,.panel>.table-responsive:last-child>.table:last-child>tfoot:last-child>tr:last-child td:last-child,.panel>.table-responsive:last-child>.table:last-child>tfoot:last-child>tr:last-child th:last-child,.panel>.table:last-child>tbody:last-child>tr:last-child td:last-child,.panel>.table:last-child>tbody:last-child>tr:last-child th:last-child,.panel>.table:last-child>tfoot:last-child>tr:last-child td:last-child,.panel>.table:last-child>tfoot:last-child>tr:last-child th:last-child{border-bottom-right-radius:3px}.panel>.panel-body+.table,.panel>.panel-body+.table-responsive,.panel>.table+.panel-body,.panel>.table-responsive+.panel-body{border-top:1px solid #ddd}.panel>.table>tbody:first-child>tr:first-child td,.panel>.table>tbody:first-child>tr:first-child th{border-top:0}.panel>.table-bordered,.panel>.table-responsive>.table-bordered{border:0}.panel>.table-bordered>tbody>tr>td:first-child,.panel>.table-bordered>tbody>tr>th:first-child,.panel>.table-bordered>tfoot>tr>td:first-child,.panel>.table-bordered>tfoot>tr>th:first-child,.panel>.table-bordered>thead>tr>td:first-child,.panel>.table-bordered>thead>tr>th:first-child,.panel>.table-responsive>.table-bordered>tbody>tr>td:first-child,.panel>.table-responsive>.table-bordered>tbody>tr>th:first-child,.panel>.table-responsive>.table-bordered>tfoot>tr>td:first-child,.panel>.table-responsive>.table-bordered>tfoot>tr>th:first-child,.panel>.table-responsive>.table-bordered>thead>tr>td:first-child,.panel>.table-responsive>.table-bordered>thead>tr>th:first-child{border-left:0}.panel>.table-bordered>tbody>tr>td:last-child,.panel>.table-bordered>tbody>tr>th:last-child,.panel>.table-bordered>tfoot>tr>td:last-child,.panel>.table-bordered>tfoot>tr>th:last-child,.panel>.table-bordered>thead>tr>td:last-child,.panel>.table-bordered>thead>tr>th:last-child,.panel>.table-responsive>.table-bordered>tbody>tr>td:last-child,.panel>.table-responsive>.table-bordered>tbody>tr>th:last-child,.panel>.table-responsive>.table-bordered>tfoot>tr>td:last-child,.panel>.table-responsive>.table-bordered>tfoot>tr>th:last-child,.panel>.table-responsive>.table-bordered>thead>tr>td:last-child,.panel>.table-responsive>.table-bordered>thead>tr>th:last-child{border-right:0}.panel>.table-bordered>tbody>tr:first-child>td,.panel>.table-bordered>tbody>tr:first-child>th,.panel>.table-bordered>thead>tr:first-child>td,.panel>.table-bordered>thead>tr:first-child>th,.panel>.table-responsive>.table-bordered>tbody>tr:first-child>td,.panel>.table-responsive>.table-bordered>tbody>tr:first-child>th,.panel>.table-responsive>.table-bordered>thead>tr:first-child>td,.panel>.table-responsive>.table-bordered>thead>tr:first-child>th{border-bottom:0}.panel>.table-bordered>tbody>tr:last-child>td,.panel>.table-bordered>tbody>tr:last-child>th,.panel>.table-bordered>tfoot>tr:last-child>td,.panel>.table-bordered>tfoot>tr:last-child>th,.panel>.table-responsive>.table-bordered>tbody>tr:last-child>td,.panel>.table-responsive>.table-bordered>tbody>tr:last-child>th,.panel>.table-responsive>.table-bordered>tfoot>tr:last-child>td,.panel>.table-responsive>.table-bordered>tfoot>tr:last-child>th{border-bottom:0}.panel>.table-responsive{margin-bottom:0;border:0}.panel-group{margin-bottom:20px}.panel-group .panel{margin-bottom:0;border-radius:4px}.panel-group .panel+.panel{margin-top:5px}.panel-group .panel-heading{border-bottom:0}.panel-group .panel-heading+.panel-collapse>.list-group,.panel-group .panel-heading+.panel-collapse>.panel-body{border-top:1px solid #ddd}.panel-group .panel-footer{border-top:0}.panel-group .panel-footer+.panel-collapse .panel-body{border-bottom:1px solid #ddd}.panel-default{border-color:#ddd}.panel-default>.panel-heading{color:#333;background-color:#f5f5f5;border-color:#ddd}.panel-default>.panel-heading+.panel-collapse>.panel-body{border-top-color:#ddd}.panel-default>.panel-heading .badge{color:#f5f5f5;background-color:#333}.panel-default>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#ddd}.panel-primary{border-color:#337ab7}.panel-primary>.panel-heading{color:#fff;background-color:#337ab7;border-color:#337ab7}.panel-primary>.panel-heading+.panel-collapse>.panel-body{border-top-color:#337ab7}.panel-primary>.panel-heading .badge{color:#337ab7;background-color:#fff}.panel-primary>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#337ab7}.panel-success{border-color:#d6e9c6}.panel-success>.panel-heading{color:#3c763d;background-color:#dff0d8;border-color:#d6e9c6}.panel-success>.panel-heading+.panel-collapse>.panel-body{border-top-color:#d6e9c6}.panel-success>.panel-heading .badge{color:#dff0d8;background-color:#3c763d}.panel-success>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#d6e9c6}.panel-info{border-color:#bce8f1}.panel-info>.panel-heading{color:#31708f;background-color:#d9edf7;border-color:#bce8f1}.panel-info>.panel-heading+.panel-collapse>.panel-body{border-top-color:#bce8f1}.panel-info>.panel-heading .badge{color:#d9edf7;background-color:#31708f}.panel-info>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#bce8f1}.panel-warning{border-color:#faebcc}.panel-warning>.panel-heading{color:#8a6d3b;background-color:#fcf8e3;border-color:#faebcc}.panel-warning>.panel-heading+.panel-collapse>.panel-body{border-top-color:#faebcc}.panel-warning>.panel-heading .badge{color:#fcf8e3;background-color:#8a6d3b}.panel-warning>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#faebcc}.panel-danger{border-color:#ebccd1}.panel-danger>.panel-heading{color:#a94442;background-color:#f2dede;border-color:#ebccd1}.panel-danger>.panel-heading+.panel-collapse>.panel-body{border-top-color:#ebccd1}.panel-danger>.panel-heading .badge{color:#f2dede;background-color:#a94442}.panel-danger>.panel-footer+.panel-collapse>.panel-body{border-bottom-color:#ebccd1}.embed-responsive{position:relative;display:block;height:0;padding:0;overflow:hidden}.embed-responsive .embed-responsive-item,.embed-responsive embed,.embed-responsive iframe,.embed-responsive object,.embed-responsive video{position:absolute;top:0;bottom:0;left:0;width:100%;height:100%;border:0}.embed-responsive-16by9{padding-bottom:56.25%}.embed-responsive-4by3{padding-bottom:75%}.well{min-height:20px;padding:19px;margin-bottom:20px;background-color:#f5f5f5;border:1px solid #e3e3e3;border-radius:4px;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,.05);box-shadow:inset 0 1px 1px rgba(0,0,0,.05)}.well blockquote{border-color:#ddd;border-color:rgba(0,0,0,.15)}.well-lg{padding:24px;border-radius:6px}.well-sm{padding:9px;border-radius:3px}.close{float:right;font-size:21px;font-weight:700;line-height:1;color:#000;text-shadow:0 1px 0 #fff;filter:alpha(opacity=20);opacity:.2}.close:focus,.close:hover{color:#000;text-decoration:none;cursor:pointer;filter:alpha(opacity=50);opacity:.5}button.close{-webkit-appearance:none;padding:0;cursor:pointer;background:0 0;border:0}.modal-open{overflow:hidden}.modal{position:fixed;top:0;right:0;bottom:0;left:0;z-index:1050;display:none;overflow:hidden;-webkit-overflow-scrolling:touch;outline:0}.modal.fade .modal-dialog{-webkit-transition:-webkit-transform .3s ease-out;-o-transition:-o-transform .3s ease-out;transition:transform .3s ease-out;-webkit-transform:translate(0,-25%);-ms-transform:translate(0,-25%);-o-transform:translate(0,-25%);transform:translate(0,-25%)}.modal.in .modal-dialog{-webkit-transform:translate(0,0);-ms-transform:translate(0,0);-o-transform:translate(0,0);transform:translate(0,0)}.modal-open .modal{overflow-x:hidden;overflow-y:auto}.modal-dialog{position:relative;width:auto;margin:10px}.modal-content{position:relative;background-color:#fff;-webkit-background-clip:padding-box;background-clip:padding-box;border:1px solid #999;border:1px solid rgba(0,0,0,.2);border-radius:6px;outline:0;-webkit-box-shadow:0 3px 9px rgba(0,0,0,.5);box-shadow:0 3px 9px rgba(0,0,0,.5)}.modal-backdrop{position:fixed;top:0;right:0;bottom:0;left:0;z-index:1040;background-color:#000}.modal-backdrop.fade{filter:alpha(opacity=0);opacity:0}.modal-backdrop.in{filter:alpha(opacity=50);opacity:.5}.modal-header{padding:15px;border-bottom:1px solid #e5e5e5}.modal-header .close{margin-top:-2px}.modal-title{margin:0;line-height:1.42857143}.modal-body{position:relative;padding:15px}.modal-footer{padding:15px;text-align:right;border-top:1px solid #e5e5e5}.modal-footer .btn+.btn{margin-bottom:0;margin-left:5px}.modal-footer .btn-group .btn+.btn{margin-left:-1px}.modal-footer .btn-block+.btn-block{margin-left:0}.modal-scrollbar-measure{position:absolute;top:-9999px;width:50px;height:50px;overflow:scroll}@media (min-width:768px){.modal-dialog{width:600px;margin:30px auto}.modal-content{-webkit-box-shadow:0 5px 15px rgba(0,0,0,.5);box-shadow:0 5px 15px rgba(0,0,0,.5)}.modal-sm{width:300px}}@media (min-width:992px){.modal-lg{width:900px}}.tooltip{position:absolute;z-index:1070;display:block;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:12px;font-style:normal;font-weight:400;line-height:1.42857143;text-align:left;text-align:start;text-decoration:none;text-shadow:none;text-transform:none;letter-spacing:normal;word-break:normal;word-spacing:normal;word-wrap:normal;white-space:normal;filter:alpha(opacity=0);opacity:0;line-break:auto}.tooltip.in{filter:alpha(opacity=90);opacity:.9}.tooltip.top{padding:5px 0;margin-top:-3px}.tooltip.right{padding:0 5px;margin-left:3px}.tooltip.bottom{padding:5px 0;margin-top:3px}.tooltip.left{padding:0 5px;margin-left:-3px}.tooltip-inner{max-width:200px;padding:3px 8px;color:#fff;text-align:center;background-color:#000;border-radius:4px}.tooltip-arrow{position:absolute;width:0;height:0;border-color:transparent;border-style:solid}.tooltip.top .tooltip-arrow{bottom:0;left:50%;margin-left:-5px;border-width:5px 5px 0;border-top-color:#000}.tooltip.top-left .tooltip-arrow{right:5px;bottom:0;margin-bottom:-5px;border-width:5px 5px 0;border-top-color:#000}.tooltip.top-right .tooltip-arrow{bottom:0;left:5px;margin-bottom:-5px;border-width:5px 5px 0;border-top-color:#000}.tooltip.right .tooltip-arrow{top:50%;left:0;margin-top:-5px;border-width:5px 5px 5px 0;border-right-color:#000}.tooltip.left .tooltip-arrow{top:50%;right:0;margin-top:-5px;border-width:5px 0 5px 5px;border-left-color:#000}.tooltip.bottom .tooltip-arrow{top:0;left:50%;margin-left:-5px;border-width:0 5px 5px;border-bottom-color:#000}.tooltip.bottom-left .tooltip-arrow{top:0;right:5px;margin-top:-5px;border-width:0 5px 5px;border-bottom-color:#000}.tooltip.bottom-right .tooltip-arrow{top:0;left:5px;margin-top:-5px;border-width:0 5px 5px;border-bottom-color:#000}.popover{position:absolute;top:0;left:0;z-index:1060;display:none;max-width:276px;padding:1px;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;font-style:normal;font-weight:400;line-height:1.42857143;text-align:left;text-align:start;text-decoration:none;text-shadow:none;text-transform:none;letter-spacing:normal;word-break:normal;word-spacing:normal;word-wrap:normal;white-space:normal;background-color:#fff;-webkit-background-clip:padding-box;background-clip:padding-box;border:1px solid #ccc;border:1px solid rgba(0,0,0,.2);border-radius:6px;-webkit-box-shadow:0 5px 10px rgba(0,0,0,.2);box-shadow:0 5px 10px rgba(0,0,0,.2);line-break:auto}.popover.top{margin-top:-10px}.popover.right{margin-left:10px}.popover.bottom{margin-top:10px}.popover.left{margin-left:-10px}.popover-title{padding:8px 14px;margin:0;font-size:14px;background-color:#f7f7f7;border-bottom:1px solid #ebebeb;border-radius:5px 5px 0 0}.popover-content{padding:9px 14px}.popover>.arrow,.popover>.arrow:after{position:absolute;display:block;width:0;height:0;border-color:transparent;border-style:solid}.popover>.arrow{border-width:11px}.popover>.arrow:after{content:"";border-width:10px}.popover.top>.arrow{bottom:-11px;left:50%;margin-left:-11px;border-top-color:#999;border-top-color:rgba(0,0,0,.25);border-bottom-width:0}.popover.top>.arrow:after{bottom:1px;margin-left:-10px;content:" ";border-top-color:#fff;border-bottom-width:0}.popover.right>.arrow{top:50%;left:-11px;margin-top:-11px;border-right-color:#999;border-right-color:rgba(0,0,0,.25);border-left-width:0}.popover.right>.arrow:after{bottom:-10px;left:1px;content:" ";border-right-color:#fff;border-left-width:0}.popover.bottom>.arrow{top:-11px;left:50%;margin-left:-11px;border-top-width:0;border-bottom-color:#999;border-bottom-color:rgba(0,0,0,.25)}.popover.bottom>.arrow:after{top:1px;margin-left:-10px;content:" ";border-top-width:0;border-bottom-color:#fff}.popover.left>.arrow{top:50%;right:-11px;margin-top:-11px;border-right-width:0;border-left-color:#999;border-left-color:rgba(0,0,0,.25)}.popover.left>.arrow:after{right:1px;bottom:-10px;content:" ";border-right-width:0;border-left-color:#fff}.carousel{position:relative}.carousel-inner{position:relative;width:100%;overflow:hidden}.carousel-inner>.item{position:relative;display:none;-webkit-transition:.6s ease-in-out left;-o-transition:.6s ease-in-out left;transition:.6s ease-in-out left}.carousel-inner>.item>a>img,.carousel-inner>.item>img{line-height:1}@media all and (transform-3d),(-webkit-transform-3d){.carousel-inner>.item{-webkit-transition:-webkit-transform .6s ease-in-out;-o-transition:-o-transform .6s ease-in-out;transition:transform .6s ease-in-out;-webkit-backface-visibility:hidden;backface-visibility:hidden;-webkit-perspective:1000px;perspective:1000px}.carousel-inner>.item.active.right,.carousel-inner>.item.next{left:0;-webkit-transform:translate3d(100%,0,0);transform:translate3d(100%,0,0)}.carousel-inner>.item.active.left,.carousel-inner>.item.prev{left:0;-webkit-transform:translate3d(-100%,0,0);transform:translate3d(-100%,0,0)}.carousel-inner>.item.active,.carousel-inner>.item.next.left,.carousel-inner>.item.prev.right{left:0;-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}}.carousel-inner>.active,.carousel-inner>.next,.carousel-inner>.prev{display:block}.carousel-inner>.active{left:0}.carousel-inner>.next,.carousel-inner>.prev{position:absolute;top:0;width:100%}.carousel-inner>.next{left:100%}.carousel-inner>.prev{left:-100%}.carousel-inner>.next.left,.carousel-inner>.prev.right{left:0}.carousel-inner>.active.left{left:-100%}.carousel-inner>.active.right{left:100%}.carousel-control{position:absolute;top:0;bottom:0;left:0;width:15%;font-size:20px;color:#fff;text-align:center;text-shadow:0 1px 2px rgba(0,0,0,.6);background-color:rgba(0,0,0,0);filter:alpha(opacity=50);opacity:.5}.carousel-control.left{background-image:-webkit-linear-gradient(left,rgba(0,0,0,.5) 0,rgba(0,0,0,.0001) 100%);background-image:-o-linear-gradient(left,rgba(0,0,0,.5) 0,rgba(0,0,0,.0001) 100%);background-image:-webkit-gradient(linear,left top,right top,from(rgba(0,0,0,.5)),to(rgba(0,0,0,.0001)));background-image:linear-gradient(to right,rgba(0,0,0,.5) 0,rgba(0,0,0,.0001) 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#80000000', endColorstr='#00000000', GradientType=1);background-repeat:repeat-x}.carousel-control.right{right:0;left:auto;background-image:-webkit-linear-gradient(left,rgba(0,0,0,.0001) 0,rgba(0,0,0,.5) 100%);background-image:-o-linear-gradient(left,rgba(0,0,0,.0001) 0,rgba(0,0,0,.5) 100%);background-image:-webkit-gradient(linear,left top,right top,from(rgba(0,0,0,.0001)),to(rgba(0,0,0,.5)));background-image:linear-gradient(to right,rgba(0,0,0,.0001) 0,rgba(0,0,0,.5) 100%);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#00000000', endColorstr='#80000000', GradientType=1);background-repeat:repeat-x}.carousel-control:focus,.carousel-control:hover{color:#fff;text-decoration:none;filter:alpha(opacity=90);outline:0;opacity:.9}.carousel-control .glyphicon-chevron-left,.carousel-control .glyphicon-chevron-right,.carousel-control .icon-next,.carousel-control .icon-prev{position:absolute;top:50%;z-index:5;display:inline-block;margin-top:-10px}.carousel-control .glyphicon-chevron-left,.carousel-control .icon-prev{left:50%;margin-left:-10px}.carousel-control .glyphicon-chevron-right,.carousel-control .icon-next{right:50%;margin-right:-10px}.carousel-control .icon-next,.carousel-control .icon-prev{width:20px;height:20px;font-family:serif;line-height:1}.carousel-control .icon-prev:before{content:'\2039'}.carousel-control .icon-next:before{content:'\203a'}.carousel-indicators{position:absolute;bottom:10px;left:50%;z-index:15;width:60%;padding-left:0;margin-left:-30%;text-align:center;list-style:none}.carousel-indicators li{display:inline-block;width:10px;height:10px;margin:1px;text-indent:-999px;cursor:pointer;background-color:#000\9;background-color:rgba(0,0,0,0);border:1px solid #fff;border-radius:10px}.carousel-indicators .active{width:12px;height:12px;margin:0;background-color:#fff}.carousel-caption{position:absolute;right:15%;bottom:20px;left:15%;z-index:10;padding-top:20px;padding-bottom:20px;color:#fff;text-align:center;text-shadow:0 1px 2px rgba(0,0,0,.6)}.carousel-caption .btn{text-shadow:none}@media screen and (min-width:768px){.carousel-control .glyphicon-chevron-left,.carousel-control .glyphicon-chevron-right,.carousel-control .icon-next,.carousel-control .icon-prev{width:30px;height:30px;margin-top:-10px;font-size:30px}.carousel-control .glyphicon-chevron-left,.carousel-control .icon-prev{margin-left:-10px}.carousel-control .glyphicon-chevron-right,.carousel-control .icon-next{margin-right:-10px}.carousel-caption{right:20%;left:20%;padding-bottom:30px}.carousel-indicators{bottom:20px}}.btn-group-vertical>.btn-group:after,.btn-group-vertical>.btn-group:before,.btn-toolbar:after,.btn-toolbar:before,.clearfix:after,.clearfix:before,.container-fluid:after,.container-fluid:before,.container:after,.container:before,.dl-horizontal dd:after,.dl-horizontal dd:before,.form-horizontal .form-group:after,.form-horizontal .form-group:before,.modal-footer:after,.modal-footer:before,.modal-header:after,.modal-header:before,.nav:after,.nav:before,.navbar-collapse:after,.navbar-collapse:before,.navbar-header:after,.navbar-header:before,.navbar:after,.navbar:before,.pager:after,.pager:before,.panel-body:after,.panel-body:before,.row:after,.row:before{display:table;content:" "}.btn-group-vertical>.btn-group:after,.btn-toolbar:after,.clearfix:after,.container-fluid:after,.container:after,.dl-horizontal dd:after,.form-horizontal .form-group:after,.modal-footer:after,.modal-header:after,.nav:after,.navbar-collapse:after,.navbar-header:after,.navbar:after,.pager:after,.panel-body:after,.row:after{clear:both}.center-block{display:block;margin-right:auto;margin-left:auto}.pull-right{float:right!important}.pull-left{float:left!important}.hide{display:none!important}.show{display:block!important}.invisible{visibility:hidden}.text-hide{font:0/0 a;color:transparent;text-shadow:none;background-color:transparent;border:0}.hidden{display:none!important}.affix{position:fixed}@-ms-viewport{width:device-width}.visible-lg,.visible-md,.visible-sm,.visible-xs{display:none!important}.visible-lg-block,.visible-lg-inline,.visible-lg-inline-block,.visible-md-block,.visible-md-inline,.visible-md-inline-block,.visible-sm-block,.visible-sm-inline,.visible-sm-inline-block,.visible-xs-block,.visible-xs-inline,.visible-xs-inline-block{display:none!important}@media (max-width:767px){.visible-xs{display:block!important}table.visible-xs{display:table!important}tr.visible-xs{display:table-row!important}td.visible-xs,th.visible-xs{display:table-cell!important}}@media (max-width:767px){.visible-xs-block{display:block!important}}@media (max-width:767px){.visible-xs-inline{display:inline!important}}@media (max-width:767px){.visible-xs-inline-block{display:inline-block!important}}@media (min-width:768px) and (max-width:991px){.visible-sm{display:block!important}table.visible-sm{display:table!important}tr.visible-sm{display:table-row!important}td.visible-sm,th.visible-sm{display:table-cell!important}}@media (min-width:768px) and (max-width:991px){.visible-sm-block{display:block!important}}@media (min-width:768px) and (max-width:991px){.visible-sm-inline{display:inline!important}}@media (min-width:768px) and (max-width:991px){.visible-sm-inline-block{display:inline-block!important}}@media (min-width:992px) and (max-width:1199px){.visible-md{display:block!important}table.visible-md{display:table!important}tr.visible-md{display:table-row!important}td.visible-md,th.visible-md{display:table-cell!important}}@media (min-width:992px) and (max-width:1199px){.visible-md-block{display:block!important}}@media (min-width:992px) and (max-width:1199px){.visible-md-inline{display:inline!important}}@media (min-width:992px) and (max-width:1199px){.visible-md-inline-block{display:inline-block!important}}@media (min-width:1200px){.visible-lg{display:block!important}table.visible-lg{display:table!important}tr.visible-lg{display:table-row!important}td.visible-lg,th.visible-lg{display:table-cell!important}}@media (min-width:1200px){.visible-lg-block{display:block!important}}@media (min-width:1200px){.visible-lg-inline{display:inline!important}}@media (min-width:1200px){.visible-lg-inline-block{display:inline-block!important}}@media (max-width:767px){.hidden-xs{display:none!important}}@media (min-width:768px) and (max-width:991px){.hidden-sm{display:none!important}}@media (min-width:992px) and (max-width:1199px){.hidden-md{display:none!important}}@media (min-width:1200px){.hidden-lg{display:none!important}}.visible-print{display:none!important}@media print{.visible-print{display:block!important}table.visible-print{display:table!important}tr.visible-print{display:table-row!important}td.visible-print,th.visible-print{display:table-cell!important}}.visible-print-block{display:none!important}@media print{.visible-print-block{display:block!important}}.visible-print-inline{display:none!important}@media print{.visible-print-inline{display:inline!important}}.visible-print-inline-block{display:none!important}@media print{.visible-print-inline-block{display:inline-block!important}}@media print{.hidden-print{display:none!important}} +/*# sourceMappingURL=bootstrap.min.css.map */ diff --git a/build/deb-rust-pluriton-interface/cloud.css b/build/deb-rust-pluriton-interface/cloud.css new file mode 100644 index 0000000..f2f76f6 --- /dev/null +++ b/build/deb-rust-pluriton-interface/cloud.css @@ -0,0 +1,148 @@ +.has-text-centered > * { + text-align: center; +} + +.c-subelem, .c-fullwidth > * { + color: #2c2c2c; +} + + +.c-blue { +} + +.c-blue > a { + color: white; + background: #4b97ca; + width: 154px; + height: 35px; +} + +.c-flex { + display: flex; + flex-wrap: wrap; + justify-content: space-evenly; +} + +@media screen and (min-width:1280px) { + .c-flex.c-flex-reverse { + flex-direction: row-reverse; + } + .c-jumbo { + padding: 1.5rem 0; + } + .c-subelem { + padding: 0; + max-width: 40vw; + margin: auto 0; + } +} + +.c-jumbo.c-jumbo-big { + min-height: 25rem; + padding: 1rem; +} + +.c-jumbo.c-jumbo-medium { + min-height: 18rem; + padding: 1rem; +} + +.c-jumbo.c-jumbo-small { + min-height: 10rem; + padding: 1rem; +} + +.c-button { + display: block; + box-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18); + border-radius: 10pt; + text-align: center; + transition: all .2s ease-in-out; + white-space: nowrap; + cursor: pointer; + text-decoration: none; + padding: 0.4em; + width: max-content; + height: max-content; + min-width: 154px; + min-height: 35px; + margin: 0.5rem; + color: white; + text-weight: bolder; +} + +.c-button:only-child { + margin: auto; +} + +.c-button.c-big { + font-size: x-large; +} + +.c-subelem { + margin: auto 2rem; + padding: 1rem 0; + width: 100%; +} + +.c-img-shadow { + height: auto; + max-width: 100%; + box-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18); + border-radius: 2px; +} + +.c-img-center { + display: block; + margin: auto; +} + +.c-fullwidth { + width: 100%; + margin: auto 2rem; +} + +@media screen and (max-width:1279px) { + .c-no-margin-mobile { + margin: 0 !important; + } +} + +.c-jumbo { + padding: .5rem 0; + width: 100%; +} + +.c-fade-left { + opacity: 0; + transform: translateX(-100px); + animation: fadeInLeft 2s ease-in-out both; +} + +.c-fade-right { + opacity: 0; + transform: translateX(100px); + animation: fadeInRight 2s ease-in-out both; +} + +@keyframes fadeInLeft { + 0% { + opacity: 0; + transform: translateX(-100px); + } + 100% { + opacity: 1; + transform: translateX(0); + } +} + +@keyframes fadeInRight { + 0% { + opacity: 0; + transform: translateX(100px); + } + 100% { + opacity: 1; + transform: translateX(0); + } +} diff --git a/build/deb-rust-pluriton-interface/config.toml b/build/deb-rust-pluriton-interface/config.toml new file mode 100644 index 0000000..35ee1fa --- /dev/null +++ b/build/deb-rust-pluriton-interface/config.toml @@ -0,0 +1,34 @@ +# The address and port sncf will listen +listening_address = "0.0.0.0" +listening_port = 8000 + +# Public-facing domain for sncf. +# includes protocol, FQDN and port, without the trailing slash. +sncf_url = "http://basabuuka.org" + +# SQLite: path to the SQLite DB +# PostgreSQL: postgres://user:password@address:port/database +# MySQL: mysql://user:password@address:port/database +database_path = "mysql://nextcloud:KF8zUh1q4HovFmBa6lnk7xCmvoonfBoE@nextcloud-db:3306/nextcloud" + +# IP address of the Nextcloud instance, including protocol and port +nextcloud_url = "http://nextcloud-web:80" + +# Nextcloud admin account credentials +# TODO hash adminpw +admin_username = "sncf_admin" +admin_password = "DieHeiligeKuhDerNacht1635" + +# How many days of inactivity for an admin token before deleting NC accounts +prune_days = 40 + +# Displays route names and a lot of information +debug_mode = true + +# Used to encrypt csrf tokens and csrf cookies. +# Generate random bytes: openssl rand -base64 32 +# Then paste the result in this variable +cookie_key = "Af3v5KMNPmwYYBRRjm/W5ds1rHDdyCEvpxVTMLKEKl0=" + +# Don't touch this unless you know what you're doing +config_version = 2 diff --git a/build/deb-rust-pluriton-interface/digitalcourage.css b/build/deb-rust-pluriton-interface/digitalcourage.css new file mode 100644 index 0000000..e83ad82 --- /dev/null +++ b/build/deb-rust-pluriton-interface/digitalcourage.css @@ -0,0 +1,572 @@ +/* This software is governed by the CeCILL-B license. If a copy of this license + * is not distributed with this file, you can obtain one at + * http://www.cecill.info/licences/Licence_CeCILL_V2.1-en.txt + * + * Authors of STUdS (initial project) : Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ + * Authors of OpenSondage : Framasoft (https://github.com/framasoft) + * + * ============================= + * + * Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence + * ne se trouve pas avec ce fichier vous pouvez l'obtenir sur + * http://www.cecill.info/licences/Licence_CeCILL_V2.1-fr.txt + * + * Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ + * Auteurs d'OpenSondage : Framasoft (https://github.com/framasoft) + */ +@font-face { + font-family: "DejaVu Sans"; + src: url('../fonts/DejaVuSans.ttf'); +} +body { + font-family: "DejaVu Sans", Verdana, Geneva, sans-serif; + color:#333; + background:#eee; +} + +.trait { /* hr */ + background-color: #EEE; + height: 5px; + margin: 5px 0; + border: none; +} + +.ombre { + background-color: #FFF; + box-shadow: -4px 6px 9px rgba(50, 50, 50, 0.5); + margin: 15px auto 30px; +} + +.hide { + display: none; +} + +/* Commentaires */ +div.comment{ + margin-bottom: 10px; + border-left: 1px dashed #999; + background: #F5F5F5; + padding-top: 4px; + padding-bottom: 4px; + padding-left: 14px; +} + +.comment_date { + font-style: italic; + font-size: 12px; + letter-spacing: -0.7px; + color: grey; +} + +/* Règles générales */ + +a:focus { /* a11y */ + outline:#000 dotted 1px; +} + +header, footer { +} +main { + margin-top: 20px; +} +header h1 { + margin-top: 0; +} +.container { + padding: 30px; +} +.container .jumbotron { + padding: 20px 20px; + border-radius: 2px; +} +.container .jumbotron p { + font-size: 1em; +} +.container .jumbotron .btn-group >.btn { + margin-bottom: 20px; + white-space: normal; +} + +.summary h4 { + margin-top:0; +} + +.summary { + font-weight:bold; +} + +.summary img { + max-width:100px; +} + +.alert { + border-radius: 2px; +} + +.very-small { + font-size: 70%; +} + +/* Effet sur les images en page d'accueil */ +.opacity img { + opacity: 0.8; +} + +.opacity:hover img { + opacity: 1; +} + +.home-choice { + margin-bottom:50px; +} + +/* Description du sondage */ + /* studs.php et adminstuds.php */ +header .lead { + padding: 10px 0; + margin:0; +} +header form .input-group .form-control { + margin-bottom: 20px; +} +header form .input-group .input-group-btn { + vertical-align: top; +} + +#admin-link, #public-link { + cursor:text; +} +.admin-link, .public-link, +.admin-link:hover, .public-link:hover { + color:#333; + text-decoration:none; + border:none; +} + +.jumbotron h3, .jumbotron .js-title { + margin-bottom:20px; + margin-top:0; +} + +.poll-description { + font-family: inherit; + word-break: initial; +} + +/** Description in markdown **/ +.form-group .CodeMirror, .form-group .CodeMirror-scroll { + min-height: 200px; +} +#description-form .CodeMirror { + background-color: #f5f5f5; +} + + +.editor-toolbar { + margin-top: 10px; + background-color: #eee; +} +#poll_comments { + margin-top: 10px; +} + +h4.control-label { + display: inline-block; + max-width: 100%; + margin-bottom: 5px; + font-weight: 700; + font-size: 14px; + line-height: 1.42857; + margin-top:0; +} + +caption { + padding: 0 10px 10px; + font-weight:bold; +} + +.results a.btn-default.btn-sm { + padding: 3px 7px; + font-size: 0.7em; +} + + /* adminstuds.php */ +#title-form h3 .btn-edit, +#email-form .btn-edit, +#description-form .btn-edit, +#poll-rules-form .btn-edit, +#poll-hidden-form .btn-edit, +#expiration-form .btn-edit, +#password-form .btn-edit, +#name-form .btn-edit { + position:absolute; + left:-2000px; +} + +#title-form .btn-edit:focus, +#title-form h3:hover .btn-edit, +#email-form .btn-edit:focus, +#email-form:hover .btn-edit, +#description-form .btn-edit:focus, +#description-form:hover .btn-edit, +#poll-rules-form .btn-edit:focus, +#poll-rules-form:hover .btn-edit, +#poll-hidden-form .btn-edit:focus, +#poll-hidden-form:hover .btn-edit, +#expiration-form .btn-edit:focus, +#expiration-form:hover .btn-edit, +#password-form .btn-edit:focus, +#password-form:hover .btn-edit, +#name-form .btn-edit:focus, +#name-form:hover .btn-edit { + position:relative !important; + left:0; + padding: 0 10px; +} + +.js-desc textarea { + margin-bottom:5px; +} + +#author-form .form-control-static { + margin-bottom:0; +} + +#poll-rules-form p, #poll-hidden-form p, +.jumbotron p.well { + font-size:16px; +} +.jumbotron p { + font-weight: normal; +} + +/* Tableau du sondage */ +#tableContainer { + overflow-x:auto; + margin:5px auto; +} + +table.results { + margin:0 auto; +} + +table.results > tbody > tr:hover > td, +table.results > tbody > tr:hover > th { + opacity:0.85; +} + +table.results > tbody > tr#vote-form:hover > td, +table.results > tbody > tr#vote-form:hover > th { + opacity:1; +} + +table.results tbody td { + text-align:center; + padding:1px 5px; + border-bottom: 2px solid white; + border-top: 2px solid white; +} + +table.results thead th { + text-align:center; + border:2px solid white; + padding: 5px; + min-width:40px; + font-size:12px; + max-width:100px; + overflow:hidden; + text-overflow:ellipsis; +} + +table.results thead th img { + max-width: 100%; +} + +table.results thead .btn { + margin: 0 auto; + display: block; +} + +table.results th.rbd.day, +table.results th.rbd.bg-info, +table.results td.rbd { + border-right: 2px dotted white; +} + +table.results th.bg-primary.month, +table.results th.day, +table.results th.bg-info { + border-bottom:none; + border-top:none; + border-right: 2px dotted white; + border-left: 2px dotted white; +} + +table.results tbody th.bg-info { + border-right: 2px solid white; + border-left: 2px solid white; + text-align:center; + min-width:150px; +} + +table.results th.bg-primary.month, +table.results th.day { + text-align:left; +} + +table.results #nom { + width:115px; +} + +table.results .btn-link.btn-sm { + padding:2px; +} + +#addition { + vertical-align:top; +} + +#showChart { + margin-top:30px; +} + +#Chart { + padding-right:30px; +} + +/* Formulaire de création de sondage */ +@media (max-width: 767px) { + #formulaire .col-xs-12 { + padding-left: 0; + margin-bottom: 20px; + } +} + +/* Formulaire de vote */ +#vote-form td ul, #vote-form td label { + margin:0; + font-size:12px; +} +#vote-form td label { + padding: 1px 3px; +} + +#vote-form td { + border-top:2px solid white; +} +#vote-form td:first-child { + min-width: 180px; +} +.yes input, .ifneedbe input,.no input { + position: absolute; + width: 1px; + height: 1px; + padding: 0; + margin: -1px; + overflow: hidden; + clip: rect(0px, 0px, 0px, 0px); + border: 0 none; +} + +.choice input:focus + label { + outline: 2px dotted #000; + outline-offset: -2px; +} +.choice { + width: 35px; + margin:0 auto !important; +} + +.choice label { + cursor: pointer; +} + +td.btn-edit { + padding: 5px; +} + +span.edit-username-left { + float: right; +} + +.yes .btn, .ifneedbe .btn, .no .btn { + width: 35px; + color: #555; +} + +.yes .btn,.yes .btn:hover { + border-bottom-right-radius:0 !important; + border-bottom-left-radius:0 !important; + margin-bottom:-1px !important; + margin-top:4px !important; + color: #677835; +} + +.ifneedbe .btn,.ifneedbe .btn:hover { + border-radius: 0; + color: #C48A1B; +} + +.no .btn,.no .btn:hover{ + border-top-right-radius:0 !important; + border-top-left-radius:0 !important; + margin-bottom:4px !important; + margin-top:-1px !important; + color: #AD220F; +} + +.yes input[type="radio"]:checked + label { /* =.btn-success.active */ + color: #fff; + background-color: #768745; + border-color: #67753C; + box-shadow: 0 3px 5px rgba(0, 0, 0, 0.125) inset; +} + +.ifneedbe input[type="radio"]:checked + label { /* =.btn-warning.active */ + color: #fff; + background-color: #CF9800; + border-color: #BD8A00; + box-shadow: 0 3px 5px rgba(0, 0, 0, 0.125) inset; +} + +.no input[type="radio"]:checked + label { /* =.btn-danger.active */ + color: #fff; + background-color: #BF2511; + border-color: #AD220F; + box-shadow: 0 3px 5px rgba(0, 0, 0, 0.125) inset; +} + +/* Button and results "No" */ +.no .btn.startunchecked { + box-shadow:none !important; + color:#AD220F !important; + background:#fff !important; + border-color:#bdbdbd !important; +} + +.no .btn.startunchecked:hover { + background-color: #E0E0E0 !important; + border-color: #949494 !important; +} + +table.results .bg-danger .glyphicon { + opacity:0; + + -moz-animation-name: hideNoIcon; + -moz-animation-iteration-count: 1; + -moz-animation-timing-function: ease-in; + -moz-animation-duration: 2s; + + -webkit-animation-name: hideNoIcon; + -webkit-animation-iteration-count: 1; + -webkit-animation-timing-function: ease-in; + -webkit-animation-duration: 2s; + + animation-name: hideNoIcon; + animation-iteration-count: 1; + animation-timing-function: ease-in; + animation-duration: 2s; +} + +@-moz-keyframes hideNoIcon { + 0% { + opacity:1; + } + 100% { + opacity:0; + } +} +@-webkit-keyframes hideNoIcon { + 0% { + opacity:1; + } + 100% { + opacity:0; + } +} +@keyframes hideNoIcon { + 0% { + opacity:1; + } + 100% { + opacity:0; + } +} + +table.results > tbody > tr:hover > td .glyphicon { + opacity:1 +} + +/* create_date_poll.php */ +#selected-days .form-group { + margin-left:0; + margin-right:0; +} + +#selected-days legend input { + box-shadow: none; + border-width:0; + color: #333; + font-size: 21px; + border-radius:0; + margin-bottom:-1px; + background:transparent; +} + +#selected-days legend input:hover, +#selected-days legend input:focus { + border-bottom-width:1px; + background-color:#E6E6E6; +} + +#selected-days legend .input-group-addon { + border:none; + background:transparent; +} + +#selected-days legend .input-group-addon:last-of-type { + padding-top: 0; + padding-bottom: 0; +} +#selected-days legend { + height: 33px; +} + +/* create_classic_poll.php */ +.md-a-img { + text-decoration:none !important; +} + +#md-a-imgModal .form-group { + margin:10px 0; +} + +#md-a-imgModalLabel { + font-size: 24px; +} + +/* Admin */ +#poll_search { + cursor: pointer; +} +.table-of-polls { + overflow-x: scroll; + margin-bottom: 0; + border: 0; + box-shadow: none; +} + +/* Studs */ +.password_request { + padding-top: 15px; + padding-bottom: 15px; +} + +#password-form .btn-cancel { + float: right; +} + +/* Buttons */ +.btn { + white-space: normal; +} diff --git a/build/deb-rust-pluriton-interface/error.html b/build/deb-rust-pluriton-interface/error.html new file mode 100644 index 0000000..91b4b04 --- /dev/null +++ b/build/deb-rust-pluriton-interface/error.html @@ -0,0 +1,29 @@ + + + + {{ "error_title"|tr(lang) }} + + + + + + + + +
+
+
+

{{ "error_title"|tr(lang) }}

+

{{ "error_description"|tr(lang) }}

+

{{ error_msg|tr(lang) }}

+

{{ "error_note1"|tr(lang) }} +

{{ "error_note2"|tr(lang) }} +

+
+
+ {{ "error_back"|tr(lang) }} +
+
+ + + diff --git a/build/deb-rust-pluriton-interface/foorms_favicon.svg b/build/deb-rust-pluriton-interface/foorms_favicon.svg new file mode 100644 index 0000000..df2c582 --- /dev/null +++ b/build/deb-rust-pluriton-interface/foorms_favicon.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/build/deb-rust-pluriton-interface/foorms_logo_beta.svg b/build/deb-rust-pluriton-interface/foorms_logo_beta.svg new file mode 100644 index 0000000..9959442 --- /dev/null +++ b/build/deb-rust-pluriton-interface/foorms_logo_beta.svg @@ -0,0 +1 @@ +foormsBETA \ No newline at end of file diff --git a/build/deb-rust-pluriton-interface/forward.rs b/build/deb-rust-pluriton-interface/forward.rs new file mode 100644 index 0000000..a88740e --- /dev/null +++ b/build/deb-rust-pluriton-interface/forward.rs @@ -0,0 +1,423 @@ +use actix_web::client::{Client, ClientRequest}; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use actix_session::Session; +use askama::Template; +use chrono::Utc; +use csrf::{AesGcmCsrfProtection, CsrfProtection}; +use std::time::Duration; +use url::Url; + +use crate::account::*; +use crate::config::get_csrf_key; +use crate::config::PAYLOAD_LIMIT; +use crate::config::PROXY_TIMEOUT; +use crate::database::methods::InsertableForm; +use crate::database::structs::Form; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::sniff::*; +use crate::templates::*; +use crate::DbPool; +use crate::CONFIG; + +pub async fn forward( + req: HttpRequest, + body: web::Bytes, + url: web::Data, + client: web::Data, +) -> Result { + let route = req.uri().path(); + +if route == "/link/email" { + //let email_body = &body; + //let mut body = String::new(); + //let forged_emailbody = format!( + // "{:?}", + // email_body + // ); + + //let body = email_response_body.escape_ascii().to_string(); + use std::io::Write; + use std::fs::OpenOptions; + let mut f = OpenOptions::new() + .append(true) + .create(true) // Optionally create the file if it doesn't already exist + .open("/var/tokmails/tuples.csv") + .expect("Unable to open file"); + //f.write_all(forged_emailheaders.as_bytes()).expect("Unable to write data"); + ////f.write_all(forged_emailbody.as_bytes()).expect("Unable to write data"); + f.write_all(&body).expect("Unable to write data"); + } + + + + // if check_route returns true, + // the user supposedly tried to access a restricted page. + // They get redirected to the main page. + if route.starts_with("/apps/files") { + // exception for /apps/files: always redirect to /apps/forms + debug(&format!("Files route blocked: {}", route)); + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } else check_route(route) { + debug(&format!("Restricted route blocked: {}", route)); + return Ok(web_redir("/").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + let forwarded_req = forge_from(route, &req, &url, &client); + + // check the request before sending it + // (prevents the user from sending some specific POST requests) + if check_request(route, &body) { + debug(&format!( + "Restricted request: {}", + String::from_utf8_lossy(&body) + )); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + // send the request to the Nextcloud instance + let mut res = forwarded_req.send_body(body).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_req") + })?; + + let mut client_resp = HttpResponse::build(res.status()); + // remove connection as per the spec + // and content-encoding since we have to decompress the traffic to edit it + // and basic-auth, because this feature is not needed. + for (header_name, header_value) in res + .headers() + .iter() + .filter(|(h, _)| *h != "connection" && *h != "content-encoding") + { + client_resp.header(header_name.clone(), header_value.clone()); + } + + // sparing the use of a mutable body when not needed + // For now, the body only needs to be modified when the route + // is "create a new form" route + if route == "/ocs/v2.php/apps/forms/api/v1/form" { + // retreive the body from the request result + let response_body = res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_resp") + })?; + + // if a new form is created, automatically set some fields. + // this is very hackish but it works! for now. + let form_id = check_new_form(&response_body); + if form_id > 0 { + debug(&format!( + "New form. Forging request to set isAnonymous for id {}", + form_id + )); + + let forged_body = format!( + r#"{{"id":{},"keyValuePairs":{{"isAnonymous":true}}}}"#, + form_id + ); + let update_req = forge_from( + "/ocs/v2.php/apps/forms/api/v1/form/update", + &req, + &url, + &client, + ) + .set_header("content-length", forged_body.len()) + .set_header("content-type", "application/json;charset=utf-8"); + + let res = update_req.send_body(forged_body).await.map_err(|e| { + eprintln!("error_forward_isanon: {}", e); + crash(get_lang(&req), "error_forward_isanon") + })?; + debug(&format!("(new_form) Request returned {}", res.status())); + } + Ok(client_resp.body(response_body).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_newform") + })?) + } else { + Ok( + client_resp.body(res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_std") + })?), + ) + } + + // check the response before returning it (unused) + /*if check_response(route, &response_body) { + return Ok(web_redir("/")); + }*/ +} + +#[derive(Deserialize)] +pub struct LoginToken { + pub token: String, +} + +#[derive(Deserialize)] +pub struct CsrfToken { + pub csrf_token: String, + pub link_lang: String, +} + +pub async fn forward_login( + req: HttpRequest, + s: Session, + params: web::Path, + client: web::Data, + dbpool: web::Data, + +) -> Result { + + // check if the provided token seems valid. If not, early return. + if !check_token(¶ms.token) { + debug("Incorrect admin token given in params."); + debug(&format!("Token: {:#?}", params.token)); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardlogin_db: {}", e); + crash(get_lang(&req), "error_forwardlogin_db") + })?; + + let moved_token = params.token.clone(); + // check if the link exists in DB. if it does, update lastvisit_at. + let formdata = web::block(move || Form::get_from_token(¶ms.token, &conn)) + .await + .map_err(|e| { + eprintln!("error_forwardlogin_db_get (diesel error): {}", e); + crash(get_lang(&req), "error_forwardlogin_db_get") + })? + .ok_or_else(|| { + debug("error: Token not found."); + crash(get_lang(&req), "error_forwardlogin_notfound") + })?; + + // copy the token in cookies. + s.set("sncf_admin_token", &moved_token).map_err(|e| { + eprintln!("error_login_setcookie (in login): {}", e); + crash(get_lang(&req),"error_login_setcookie") + })?; + + // if the user is already logged in, skip the login process + // we don't care if someone edits their cookies, Nextcloud will properly + // check them anyway + if let Some(nc_username) = is_logged_in(&req) { + if nc_username.contains(&format!("nc_username={}", formdata.nc_username)) { + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect (1:/apps/forms/): {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + } + //let route = req.uri().path(); + //let lang_req = forge_from( + // &route, + // &req, + // &url, + // &client, + // ) + // .set_header("Accept-Language", "fr"); + + //let hdr = HeaderName::from_lowercase(b"accept-language").unwrap(); + //let val = HeaderValue::from_static("fr"); + + //let mutreq = &mut req; + + //mutreq.headers().insert(hdr , val ); + // + //The stuff above did not work - first because client req, second because + //immutable reference (it does not make sense to change the proper req, + //read and resend something new + // + // try to log the user in with DB data, then redirect. + login(&client, &req, &formdata.nc_username, &formdata.nc_password).await +} + +// creates a NC account using a random name and password. +// the account gets associated with a token in sqlite DB. +// POST /link route +pub async fn forward_register( + req: HttpRequest, + s: Session, + csrf_post: web::Form, + client: web::Data, + dbpool: web::Data, +) -> Result { + + + let old_csrf_token = csrf_post.csrf_token.clone(); + let lang = csrf_post.link_lang.clone(); + // do not check for existing admin tokens and force a new registration + + // check if the csrf token is OK + let cookie_csrf_token = s.get::("sncf_csrf_token").map_err(|e| { + eprintln!("error_csrf_cookie: {}", e); + crash(get_lang(&req), "error_csrf_cookie") + })?; + if let Some(cookie_token) = cookie_csrf_token { + let raw_ctoken = + base64::decode_config(cookie_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err( + |e| { + eprintln!("error_csrf_cookie (base64): {}", e); + crash(get_lang(&req), "error_csrf_cookie") + }, + )?; + + let raw_token = + base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD) + .map_err(|e| { + eprintln!("error_csrf_token (base64): {}", e); + crash(get_lang(&req), "error_csrf_token") + })?; + + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let parsed_token = seed.parse_token(&raw_token).expect("error: token not parsed"); + let parsed_cookie = seed.parse_cookie(&raw_ctoken).expect("error: cookie not parsed"); + if !seed.verify_token_pair(&parsed_token, &parsed_cookie) { + debug("warn: CSRF token doesn't match."); + return Err(crash(lang, "error_csrf_token")); + } + } else { + debug("warn: missing CSRF token."); + return Err(crash(lang, "error_csrf_cookie")); + } + + let nc_username = gen_name(); + println!("gen_name: {}", nc_username); + let nc_password = gen_token(45); + // attempts to create the account + create_account(&client, &nc_username, &nc_password, lang.clone()).await?; + + debug(&format!("Created user {}", nc_username)); + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardregister_pool: {}", e); + crash(lang.clone(), "error_forwardregister_pool") + })?; + + let token = gen_token(45); + + let token_mv = token.clone(); + + // store the result in DB + let form_result = web::block(move || { + Form::insert( + InsertableForm { + created_at: Utc::now().naive_utc(), + lastvisit_at: Utc::now().naive_utc(), + token: token_mv, + nc_username, + nc_password, + }, + &conn, + ) + }) + .await; + + if form_result.is_err() { + return Err(crash(lang, "error_forwardregister_db")); + } + + s.set("sncf_admin_token", &token).map_err(|e| { + eprintln!("error_login_setcookie (in register): {}", e); + crash(lang.clone(), "error_login_setcookie") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplLink { + lang: &lang, + admin_token: &token, + config: &CONFIG, + csrf_token: &old_csrf_token + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplLink): {}", e); + crash(lang.clone(), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplLink): {}", e); + crash(lang, "error_tplrender_resp") + })?) +} + +// create a new query destined to the nextcloud instance +// needed to forward any query +fn forge_from( + route: &str, + req: &HttpRequest, + url: &web::Data, + client: &web::Data, +) -> ClientRequest { + let mut new_url = url.get_ref().clone(); + new_url.set_path(route); + new_url.set_query(req.uri().query()); + + // insert forwarded header if we can + let mut forwarded_req = client + .request_from(new_url.as_str(), req.head()) + .timeout(Duration::new(PROXY_TIMEOUT, 0)); + + // attempt to remove basic-auth header + forwarded_req.headers_mut().remove("authorization"); + if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + } +} + +fn web_redir(location: &str) -> HttpResponse { + HttpResponse::SeeOther() + .header(http::header::LOCATION, location) + .finish() +} + +pub async fn index(req: HttpRequest, s: Session) -> Result { + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let (csrf_token, csrf_cookie) = seed + .generate_token_pair(None, 43200) + .expect("couldn't generate token/cookie pair"); + + s.set("sncf_csrf_token", &base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)).map_err(|e| { + eprintln!("error_login_setcookie (in index): {}", e); + crash(get_lang(&req), "error_login_setcookie") + })?; + + let cookie_admin_token = s.get::("sncf_admin_token").map_err(|e| { + eprintln!("error_forwardregister_tokenparse (index): {}", e); + crash(get_lang(&req), "error_forwardregister_tokenparse") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplIndex { + lang: &get_lang(&req), + csrf_token: &base64::encode_config(&csrf_token.value(), base64::URL_SAFE_NO_PAD), + sncf_admin_token: cookie_admin_token, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender_resp") + })?) +} + diff --git a/build/deb-rust-pluriton-interface/forward.rs.save b/build/deb-rust-pluriton-interface/forward.rs.save new file mode 100644 index 0000000..0dfc505 --- /dev/null +++ b/build/deb-rust-pluriton-interface/forward.rs.save @@ -0,0 +1,390 @@ +use actix_web::client::{Client, ClientRequest}; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use actix_session::Session; +use askama::Template; +use chrono::Utc; +use csrf::{AesGcmCsrfProtection, CsrfProtection}; +use std::time::Duration; +use url::Url; + +use crate::account::*; +use crate::config::get_csrf_key; +use crate::config::PAYLOAD_LIMIT; +use crate::config::PROXY_TIMEOUT; +use crate::database::methods::InsertableForm; +use crate::database::structs::Form; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::sniff::*; +use crate::templates::*; +use crate::DbPool; +use crate::CONFIG; + +pub async fn forward( + req: HttpRequest, + body: web::Bytes, + url: web::Data, + client: web::Data, +) -> Result { + let route = req.uri().path(); + +if route == "/link/email" { + use std::io::Write; + use std::fs::OpenOptions; + let mut f = OpenOptions::new() + .append(true) + .create(true) // Optionally create the file if it doesn't already exist + .open("/var/tokmails/tuples.csv") + .expect("Unable to open file"); + + f.write_all(&body).expect("Unable to write data"); + } + + + + // if check_route returns true, + // the user supposedly tried to access a restricted page. + // They get redirected to the main page. + if route.starts_with("/apps/files") { + // exception for /apps/files: always redirect to /apps/forms + debug(&format!("Files route blocked: {}", route)); + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } else if check_route(route) { + debug(&format!("Restricted route blocked: {}", route)); + return Ok(web_redir("/").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + let forwarded_req = forge_from(route, &req, &url, &client); + + // check the request before sending it + // (prevents the user from sending some specific POST requests) + if check_request(route, &body) { + debug(&format!( + "Restricted request: {}", + String::from_utf8_lossy(&body) + )); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + // send the request to the Nextcloud instance + let mut res = forwarded_req.send_body(body).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_req") + })?; + + let mut client_resp = HttpResponse::build(res.status()); + // remove connection as per the spec + // and content-encoding since we have to decompress the traffic to edit it + // and basic-auth, because this feature is not needed. + for (header_name, header_value) in res + .headers() + .iter() + .filter(|(h, _)| *h != "connection" && *h != "content-encoding") + { + client_resp.header(header_name.clone(), header_value.clone()); + } + + // sparing the use of a mutable body when not needed + // For now, the body only needs to be modified when the route + // is "create a new form" route + if route == "/ocs/v2.php/apps/forms/api/v1/form" { + // retreive the body from the request result + let response_body = res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_resp") + })?; + + // if a new form is created, automatically set some fields. + // this is very hackish but it works! for now. + let form_id = check_new_form(&response_body); + if form_id > 0 { + debug(&format!( + "New form. Forging request to set isAnonymous for id {}", + form_id + )); + + let forged_body = format!( + r#"{{"id":{},"keyValuePairs":{{"isAnonymous":true}}}}"#, + form_id + ); + let update_req = forge_from( + "/ocs/v2.php/apps/forms/api/v1/form/update", + &req, + &url, + &client, + ) + .set_header("content-length", forged_body.len()) + .set_header("content-type", "application/json;charset=utf-8"); + + let res = update_req.send_body(forged_body).await.map_err(|e| { + eprintln!("error_forward_isanon: {}", e); + crash(get_lang(&req), "error_forward_isanon") + })?; + debug(&format!("(new_form) Request returned {}", res.status())); + } + Ok(client_resp.body(response_body).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_newform") + })?) + } else { + Ok( + client_resp.body(res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_std") + })?), + ) + } + + // check the response before returning it (unused) + /*if check_response(route, &response_body) { + return Ok(web_redir("/")); + }*/ +} + +#[derive(Deserialize)] +pub struct LoginToken { + pub token: String, +} + +#[derive(Deserialize)] +pub struct CsrfToken { + pub csrf_token: String, +} + +pub async fn forward_login( + req: HttpRequest, + s: Session, + params: web::Path, + client: web::Data, + dbpool: web::Data, +) -> Result { + + // check if the provided token seems valid. If not, early return. + if !check_token(¶ms.token) { + debug("Incorrect admin token given in params."); + debug(&format!("Token: {:#?}", params.token)); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardlogin_db: {}", e); + crash(get_lang(&req), "error_forwardlogin_db") + })?; + + let moved_token = params.token.clone(); + // check if the link exists in DB. if it does, update lastvisit_at. + let formdata = web::block(move || Form::get_from_token(¶ms.token, &conn)) + .await + .map_err(|e| { + eprintln!("error_forwardlogin_db_get (diesel error): {}", e); + crash(get_lang(&req), "error_forwardlogin_db_get") + })? + .ok_or_else(|| { + debug("error: Token not found."); + crash(get_lang(&req), "error_forwardlogin_notfound") + })?; + + // copy the token in cookies. + s.set("sncf_admin_token", &moved_token).map_err(|e| { + eprintln!("error_login_setcookie (in login): {}", e); + crash(get_lang(&req),"error_login_setcookie") + })?; + + // if the user is already logged in, skip the login process + // we don't care if someone edits their cookies, Nextcloud will properly + // check them anyway + if let Some(nc_username) = is_logged_in(&req) { + if nc_username.contains(&format!("nc_username={}", formdata.nc_username)) { + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect (1:/apps/forms/): {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + } + + // try to log the user in with DB data, then redirect. + login(&client, &req, &formdata.nc_username, &formdata.nc_password).await +} + +// creates a NC account using a random name and password. +// the account gets associated with a token in sqlite DB. +// POST /link route +pub async fn forward_register( + req: HttpRequest, + s: Session, + csrf_post: web::Form, + client: web::Data, + dbpool: web::Data, +) -> Result { + let lang = get_lang(&req); + + // do not check for existing admin tokens and force a new registration + + // check if the csrf token is OK + let cookie_csrf_token = s.get::("sncf_csrf_token").map_err(|e| { + eprintln!("error_csrf_cookie: {}", e); + crash(get_lang(&req), "error_csrf_cookie") + })?; + if let Some(cookie_token) = cookie_csrf_token { + let raw_ctoken = + base64::decode_config(cookie_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err( + |e| { + eprintln!("error_csrf_cookie (base64): {}", e); + crash(get_lang(&req), "error_csrf_cookie") + }, + )?; + + let raw_token = + base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD) + .map_err(|e| { + eprintln!("error_csrf_token (base64): {}", e); + crash(get_lang(&req), "error_csrf_token") + })?; + + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let parsed_token = seed.parse_token(&raw_token).expect("error: token not parsed"); + let parsed_cookie = seed.parse_cookie(&raw_ctoken).expect("error: cookie not parsed"); + if !seed.verify_token_pair(&parsed_token, &parsed_cookie) { + debug("warn: CSRF token doesn't match."); + return Err(crash(lang, "error_csrf_token")); + } + } else { + debug("warn: missing CSRF token."); + return Err(crash(lang, "error_csrf_cookie")); + } + + let nc_username = gen_name(); + println!("gen_name: {}", nc_username); + let nc_password = gen_token(45); + // attempts to create the account + create_account(&client, &nc_username, &nc_password, lang.clone()).await?; + + debug(&format!("Created user {}", nc_username)); + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardregister_pool: {}", e); + crash(lang.clone(), "error_forwardregister_pool") + })?; + + let token = gen_token(45); + + let token_mv = token.clone(); + + // store the result in DB + let form_result = web::block(move || { + Form::insert( + InsertableForm { + created_at: Utc::now().naive_utc(), + lastvisit_at: Utc::now().naive_utc(), + token: token_mv, + nc_username, + nc_password, + }, + &conn, + ) + }) + .await; + + if form_result.is_err() { + return Err(crash(lang, "error_forwardregister_db")); + } + + s.set("sncf_admin_token", &token).map_err(|e| { + eprintln!("error_login_setcookie (in register): {}", e); + crash(lang.clone(), "error_login_setcookie") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplLink { + lang: &lang, + admin_token: &token, + config: &CONFIG, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplLink): {}", e); + crash(lang.clone(), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplLink): {}", e); + crash(lang, "error_tplrender_resp") + })?) +} + +// create a new query destined to the nextcloud instance +// needed to forward any query +fn forge_from( + route: &str, + req: &HttpRequest, + url: &web::Data, + client: &web::Data, +) -> ClientRequest { + let mut new_url = url.get_ref().clone(); + new_url.set_path(route); + new_url.set_query(req.uri().query()); + + // insert forwarded header if we can + let mut forwarded_req = client + .request_from(new_url.as_str(), req.head()) + .timeout(Duration::new(PROXY_TIMEOUT, 0)); + + // attempt to remove basic-auth header + forwarded_req.headers_mut().remove("authorization"); + if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + } +} + +fn web_redir(location: &str) -> HttpResponse { + HttpResponse::SeeOther() + .header(http::header::LOCATION, location) + .finish() +} + +pub async fn index(req: HttpRequest, s: Session) -> Result { + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let (csrf_token, csrf_cookie) = seed + .generate_token_pair(None, 43200) + .expect("couldn't generate token/cookie pair"); + + s.set("sncf_csrf_token", &base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)).map_err(|e| { + eprintln!("error_login_setcookie (in index): {}", e); + crash(get_lang(&req), "error_login_setcookie") + })?; + + let cookie_admin_token = s.get::("sncf_admin_token").map_err(|e| { + eprintln!("error_forwardregister_tokenparse (index): {}", e); + crash(get_lang(&req), "error_forwardregister_tokenparse") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplIndex { + lang: &get_lang(&req), + csrf_token: &base64::encode_config(&csrf_token.value(), base64::URL_SAFE_NO_PAD), + sncf_admin_token: cookie_admin_token, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender_resp") + })?) +} + diff --git a/build/deb-rust-pluriton-interface/forward.rs_notwork b/build/deb-rust-pluriton-interface/forward.rs_notwork new file mode 100644 index 0000000..ef9de7f --- /dev/null +++ b/build/deb-rust-pluriton-interface/forward.rs_notwork @@ -0,0 +1,421 @@ +use actix_web::client::{Client, ClientRequest}; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use askama::Template; +use chrono::Utc; +use regex::Regex; +use std::time::Duration; +use url::Url; +use csrf::{AesGcmCsrfProtection, CsrfProtection}; + +use crate::config::get_csrf_key; +use crate::account::*; +use crate::config::PAYLOAD_LIMIT; +use crate::config::PROXY_TIMEOUT; +use crate::database::methods::InsertableForm; +use crate::database::structs::Form; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::sniff::*; +use crate::templates::*; +use crate::DbPool; +use crate::CONFIG; + +pub async fn forward( + req: HttpRequest, + body: web::Bytes, + url: web::Data, + client: web::Data, +) -> Result { + let route = req.uri().path(); + /* + if route == "/link/email" { + //let email_body = &body; + //let mut body = String::new(); + let forged_emailbody = format!( + "{:?}", + email_body + ); + + //let body = email_response_body.escape_ascii().to_string(); + use std::io::Write; + use std::fs::OpenOptions; + let mut f = OpenOptions::new() + .append(true) + .create(true) // Optionally create the file if it doesn't already exist + .open("/var/tokmails/tuple") + .expect("Unable to open file"); + //f.write_all(forged_emailheaders.as_bytes()).expect("Unable to write data"); + ////f.write_all(forged_emailbody.as_bytes()).expect("Unable to write data"); + f.write_all(&body).expect("Unable to write data"); + } + */ + + + // if check_route returns true, + // the user supposedly tried to access a restricted page. + // They get redirected to the main page. + if check_route(route) { + debug(&format!("Restricted route blocked: {}", route)); + return Ok(web_redir("/").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + let forwarded_req = forge_from(route, &req, &url, &client); + + // check the request before sending it + // (prevents the user from sending some specific POST requests) + if check_request(route, &body) { + debug(&format!( + "Restricted request: {}", + String::from_utf8_lossy(&body) + )); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + // send the request to the Nextcloud instance + let mut res = forwarded_req.send_body(body).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_req") + })?; + + let mut client_resp = HttpResponse::build(res.status()); + // remove connection as per the spec + // and content-encoding since we have to decompress the traffic to edit it + // and basic-auth, because this feature is not needed. + for (header_name, header_value) in res + .headers() + .iter() + .filter(|(h, _)| *h != "connection" && *h != "content-encoding") + { + client_resp.header(header_name.clone(), header_value.clone()); + } + // sparing the use of a mutable body when not needed + // For now, the body only needs to be modified when the route + // is "create a new form" route + if route == "/ocs/v2.php/apps/forms/api/v1/form" { + // retreive the body from the request result + let response_body = res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_resp") + })?; + + // if a new form is created, automatically set some fields. + // this is very hackish but it works! for now. + let form_id = check_new_form(&response_body); + if form_id > 0 { + debug(&format!( + "New form. Forging request to set isAnonymous for id {}", + form_id + )); + + let forged_body = format!( + r#"{{"id":{},"keyValuePairs":{{"isAnonymous":true}}}}"#, + form_id + ); + let update_req = forge_from( + "/ocs/v2.php/apps/forms/api/v1/form/update", + &req, + &url, + &client, + ) + .set_header("content-length", forged_body.len()) + .set_header("content-type", "application/json;charset=utf-8"); + + let res = update_req.send_body(forged_body).await.map_err(|e| { + eprintln!("error_forward_isanon: {}", e); + crash(get_lang(&req), "error_forward_isanon") + })?; + debug(&format!("(new_form) Request returned {}", res.status())); + } + Ok(client_resp.body(response_body).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_newform") + })?) + } else { + Ok( + client_resp.body(res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_std") + })?), + ) + } + + // check the response before returning it (unused) + /*if check_response(route, &response_body) { + return Ok(web_redir("/")); + }*/ +} + +#[derive(Deserialize)] +pub struct LoginToken { + pub token: String, +} + +#[derive(Deserialize)] +pub struct CsrfToken { + pub csrf_token: String, +} + +pub async fn forward_login( + req: HttpRequest, + params: web::Path, + client: web::Data, + dbpool: web::Data, +) -> Result { + // if the user is already logged in, redirect to the Forms app + if is_logged_in(&req).is_some() { + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect (1:/apps/forms/): {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + // check if the provided token seems valid. If not, early return. + if !check_token(¶ms.token) { + debug("Incorrect admin token given in params."); + debug(&format!("Token: {:#?}", params.token)); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardlogin_db: {}", e); + crash(get_lang(&req), "error_forwardlogin_db") + })?; + + // check if the link exists in DB. if it does, update lastvisit_at. + let formdata = web::block(move || Form::get_from_token(¶ms.token, &conn)) + .await + .map_err(|e| { + eprintln!("error_forwardlogin_db_get (diesel error): {}", e); + crash(get_lang(&req), "error_forwardlogin_db_get") + })? + .ok_or_else(|| { + debug("Token not found."); + crash(get_lang(&req), "error_forwardlogin_notfound") + })?; + + // else, try to log the user in with DB data, then redirect. + login(&client, &req, &formdata.nc_username, &formdata.nc_password).await +} + + + + +// creates a NC account using a random name and password. +// the account gets associated with a token in sqlite DB. +pub async fn forward_register( + req: HttpRequest, + csrf_post: web::Form, + client: web::Data, + dbpool: web::Data, +) -> Result { + let lang = get_lang(&req); + + // if the user is already logged in, redirect to the Forms app + if is_logged_in(&req).is_some() { + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect (2:/apps/forms/): {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + // if the user has already generated an admin token, redirect too + if let Some(token) = has_admintoken(&req) { + lazy_static! { + static ref RE: Regex = Regex::new(r#"sncf_admin_token=(?P[0-9A-Za-z_\-]*)"#) + .expect("Error while parsing the sncf_admin_token regex"); + } + let admin_token = RE + .captures(&token) + .ok_or_else(|| { + eprintln!("error_forwardregister_tokenparse (no capture)"); + crash(get_lang(&req), "error_forwardregister_tokenparse") + })? + .name("token") + .ok_or_else(|| { + eprintln!("error_forwardregister_tokenparse (no capture named token)"); + crash(get_lang(&req), "error_forwardregister_tokenparse") + })? + .as_str(); + // sanitize the token beforehand, cookies are unsafe + if check_token(&admin_token) { + return Ok( + web_redir(&format!("{}/admin/{}", CONFIG.sncf_url, &admin_token)) + .await + .map_err(|e| { + eprintln!("error_redirect (admin): {}", e); + crash(get_lang(&req), "error_redirect") + })?, + ); + } else { + debug("Incorrect admin token given in cookies."); + debug(&format!("Token: {:#?}", &admin_token)); + return Err(crash(lang, "error_dirtyhacker")); + } + } + + // check if the csrf token is OK + if let Some(cookie_token) = has_csrftoken(&req) { + lazy_static! { + static ref RE: Regex = Regex::new(r#"sncf_csrf_cookie=(?P[0-9A-Za-z_\-]*)"#) + .expect("Error while parsing the sncf_csrf_cookie regex"); + } + let cookie_csrf_token = RE + .captures(&cookie_token) + .ok_or_else(|| { + eprintln!("error_csrf_cookie: no capture"); + crash(get_lang(&req), "error_csrf_cookie") + })? + .name("token") + .ok_or_else(|| { + eprintln!("error_csrf_cookie: no capture named token"); + crash(get_lang(&req), "error_csrf_cookie") + })? + .as_str(); + + let raw_ctoken = base64::decode_config(cookie_csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err(|e| { + eprintln!("error_csrf_cookie (base64): {}", e); + crash(get_lang(&req), "error_csrf_cookie") + })?; + + let raw_token = base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err(|e| { + eprintln!("error_csrf_token (base64): {}", e); + crash(get_lang(&req), "error_csrf_token") + })?; + + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let parsed_token = seed.parse_token(&raw_token).expect("token not parsed"); + let parsed_cookie = seed.parse_cookie(&raw_ctoken).expect("cookie not parsed"); + if !seed.verify_token_pair(&parsed_token, &parsed_cookie) { + debug("warn: CSRF token doesn't match."); + return Err(crash(lang, "error_csrf_token")); + } + } + else { + debug("warn: missing CSRF token."); + return Err(crash(lang, "error_csrf_cookie")); + } + + let nc_username = gen_name(); + println!("gen_name: {}", nc_username); + let nc_password = gen_token(45); + // attempts to create the account + create_account(&client, &nc_username, &nc_password, lang.clone()).await?; + + debug(&format!("Created user {}", nc_username)); + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardregister_pool: {}", e); + crash(lang.clone(), "error_forwardregister_pool") + })?; + + let token = gen_token(45); + + let token_mv = token.clone(); + + // store the result in DB + let form_result = web::block(move || Form::insert( + InsertableForm { + created_at: Utc::now().naive_utc(), + lastvisit_at: Utc::now().naive_utc(), + token: token_mv, + nc_username, + nc_password, + }, + &conn, + )) + .await; + + if form_result.is_err() { + return Err(crash(lang, "error_forwardregister_db")); + } + + Ok(HttpResponse::Ok() + .content_type("text/html") + .set_header( + "Set-Cookie", + format!("sncf_admin_token={}; HttpOnly; SameSite=Strict", &token), + ) + .body( + TplLink { + lang: &lang, + admin_token: &token, + config: &CONFIG, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplLink): {}", e); + crash(lang.clone(), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplLink): {}", e); + crash(lang, "error_tplrender_resp") + })?) +} + +// create a new query destined to the nextcloud instance +// needed to forward any query +fn forge_from( + route: &str, + req: &HttpRequest, + url: &web::Data, + client: &web::Data, +) -> ClientRequest { + let mut new_url = url.get_ref().clone(); + new_url.set_path(route); + new_url.set_query(req.uri().query()); + + // insert forwarded header if we can + let mut forwarded_req = client + .request_from(new_url.as_str(), req.head()) + .timeout(Duration::new(PROXY_TIMEOUT, 0)); + + // attempt to remove basic-auth header + forwarded_req.headers_mut().remove("authorization"); + if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + } +} + +fn web_redir(location: &str) -> HttpResponse { + HttpResponse::SeeOther() + .header(http::header::LOCATION, location) + .finish() +} + +pub async fn index(req: HttpRequest) -> Result { + + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let (csrf_token, csrf_cookie) = seed.generate_token_pair(None, 43200) + .expect("couldn't generate token/cookie pair"); + + Ok(HttpResponse::Ok() + .content_type("text/html") + .set_header( + "Set-Cookie", + format!("sncf_csrf_cookie={}; HttpOnly; SameSite=Strict", + base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD))) + .body( + TplIndex { + lang: &get_lang(&req), + csrf_token: &base64::encode_config(&csrf_token.value(), base64::URL_SAFE_NO_PAD), + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender_resp") + })?) +} + diff --git a/build/deb-rust-pluriton-interface/forward.rs_work b/build/deb-rust-pluriton-interface/forward.rs_work new file mode 100644 index 0000000..183518d --- /dev/null +++ b/build/deb-rust-pluriton-interface/forward.rs_work @@ -0,0 +1,376 @@ +use actix_web::client::{Client, ClientRequest}; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use actix_session::Session; +use askama::Template; +use chrono::Utc; +use csrf::{AesGcmCsrfProtection, CsrfProtection}; +use std::time::Duration; +use url::Url; + +use crate::account::*; +use crate::config::get_csrf_key; +use crate::config::PAYLOAD_LIMIT; +use crate::config::PROXY_TIMEOUT; +use crate::database::methods::InsertableForm; +use crate::database::structs::Form; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::sniff::*; +use crate::templates::*; +use crate::DbPool; +use crate::CONFIG; + +pub async fn forward( + req: HttpRequest, + body: web::Bytes, + url: web::Data, + client: web::Data, +) -> Result { + let route = req.uri().path(); + + // if check_route returns true, + // the user supposedly tried to access a restricted page. + // They get redirected to the main page. + if route.starts_with("/apps/files") { + // exception for /apps/files: always redirect to /apps/forms + debug(&format!("Files route blocked: {}", route)); + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } else if check_route(route) { + debug(&format!("Restricted route blocked: {}", route)); + return Ok(web_redir("/").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + let forwarded_req = forge_from(route, &req, &url, &client); + + // check the request before sending it + // (prevents the user from sending some specific POST requests) + if check_request(route, &body) { + debug(&format!( + "Restricted request: {}", + String::from_utf8_lossy(&body) + )); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + // send the request to the Nextcloud instance + let mut res = forwarded_req.send_body(body).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_req") + })?; + + let mut client_resp = HttpResponse::build(res.status()); + // remove connection as per the spec + // and content-encoding since we have to decompress the traffic to edit it + // and basic-auth, because this feature is not needed. + for (header_name, header_value) in res + .headers() + .iter() + .filter(|(h, _)| *h != "connection" && *h != "content-encoding") + { + client_resp.header(header_name.clone(), header_value.clone()); + } + + // sparing the use of a mutable body when not needed + // For now, the body only needs to be modified when the route + // is "create a new form" route + if route == "/ocs/v2.php/apps/forms/api/v1/form" { + // retreive the body from the request result + let response_body = res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_resp: {}", e); + crash(get_lang(&req), "error_forward_resp") + })?; + + // if a new form is created, automatically set some fields. + // this is very hackish but it works! for now. + let form_id = check_new_form(&response_body); + if form_id > 0 { + debug(&format!( + "New form. Forging request to set isAnonymous for id {}", + form_id + )); + + let forged_body = format!( + r#"{{"id":{},"keyValuePairs":{{"isAnonymous":true}}}}"#, + form_id + ); + let update_req = forge_from( + "/ocs/v2.php/apps/forms/api/v1/form/update", + &req, + &url, + &client, + ) + .set_header("content-length", forged_body.len()) + .set_header("content-type", "application/json;charset=utf-8"); + + let res = update_req.send_body(forged_body).await.map_err(|e| { + eprintln!("error_forward_isanon: {}", e); + crash(get_lang(&req), "error_forward_isanon") + })?; + debug(&format!("(new_form) Request returned {}", res.status())); + } + Ok(client_resp.body(response_body).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_newform") + })?) + } else { + Ok( + client_resp.body(res.body().limit(PAYLOAD_LIMIT).await.map_err(|e| { + eprintln!("error_forward_clientresp_newform: {}", e); + crash(get_lang(&req), "error_forward_clientresp_std") + })?), + ) + } + + // check the response before returning it (unused) + /*if check_response(route, &response_body) { + return Ok(web_redir("/")); + }*/ +} + +#[derive(Deserialize)] +pub struct LoginToken { + pub token: String, +} + +#[derive(Deserialize)] +pub struct CsrfToken { + pub csrf_token: String, +} + +pub async fn forward_login( + req: HttpRequest, + s: Session, + params: web::Path, + client: web::Data, + dbpool: web::Data, +) -> Result { + + // check if the provided token seems valid. If not, early return. + if !check_token(¶ms.token) { + debug("Incorrect admin token given in params."); + debug(&format!("Token: {:#?}", params.token)); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardlogin_db: {}", e); + crash(get_lang(&req), "error_forwardlogin_db") + })?; + + let moved_token = params.token.clone(); + // check if the link exists in DB. if it does, update lastvisit_at. + let formdata = web::block(move || Form::get_from_token(¶ms.token, &conn)) + .await + .map_err(|e| { + eprintln!("error_forwardlogin_db_get (diesel error): {}", e); + crash(get_lang(&req), "error_forwardlogin_db_get") + })? + .ok_or_else(|| { + debug("error: Token not found."); + crash(get_lang(&req), "error_forwardlogin_notfound") + })?; + + // copy the token in cookies. + s.set("sncf_admin_token", &moved_token).map_err(|e| { + eprintln!("error_login_setcookie (in login): {}", e); + crash(get_lang(&req),"error_login_setcookie") + })?; + + // if the user is already logged in, skip the login process + // we don't care if someone edits their cookies, Nextcloud will properly + // check them anyway + if let Some(nc_username) = is_logged_in(&req) { + if nc_username.contains(&format!("nc_username={}", formdata.nc_username)) { + return Ok(web_redir("/apps/forms").await.map_err(|e| { + eprintln!("error_redirect (1:/apps/forms/): {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + } + + // try to log the user in with DB data, then redirect. + login(&client, &req, &formdata.nc_username, &formdata.nc_password).await +} + +// creates a NC account using a random name and password. +// the account gets associated with a token in sqlite DB. +// POST /link route +pub async fn forward_register( + req: HttpRequest, + s: Session, + csrf_post: web::Form, + client: web::Data, + dbpool: web::Data, +) -> Result { + let lang = get_lang(&req); + + // do not check for existing admin tokens and force a new registration + + // check if the csrf token is OK + let cookie_csrf_token = s.get::("sncf_csrf_token").map_err(|e| { + eprintln!("error_csrf_cookie: {}", e); + crash(get_lang(&req), "error_csrf_cookie") + })?; + if let Some(cookie_token) = cookie_csrf_token { + let raw_ctoken = + base64::decode_config(cookie_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err( + |e| { + eprintln!("error_csrf_cookie (base64): {}", e); + crash(get_lang(&req), "error_csrf_cookie") + }, + )?; + + let raw_token = + base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD) + .map_err(|e| { + eprintln!("error_csrf_token (base64): {}", e); + crash(get_lang(&req), "error_csrf_token") + })?; + + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let parsed_token = seed.parse_token(&raw_token).expect("error: token not parsed"); + let parsed_cookie = seed.parse_cookie(&raw_ctoken).expect("error: cookie not parsed"); + if !seed.verify_token_pair(&parsed_token, &parsed_cookie) { + debug("warn: CSRF token doesn't match."); + return Err(crash(lang, "error_csrf_token")); + } + } else { + debug("warn: missing CSRF token."); + return Err(crash(lang, "error_csrf_cookie")); + } + + let nc_username = gen_name(); + println!("gen_name: {}", nc_username); + let nc_password = gen_token(45); + // attempts to create the account + create_account(&client, &nc_username, &nc_password, lang.clone()).await?; + + debug(&format!("Created user {}", nc_username)); + + let conn = dbpool.get().map_err(|e| { + eprintln!("error_forwardregister_pool: {}", e); + crash(lang.clone(), "error_forwardregister_pool") + })?; + + let token = gen_token(45); + + let token_mv = token.clone(); + + // store the result in DB + let form_result = web::block(move || { + Form::insert( + InsertableForm { + created_at: Utc::now().naive_utc(), + lastvisit_at: Utc::now().naive_utc(), + token: token_mv, + nc_username, + nc_password, + }, + &conn, + ) + }) + .await; + + if form_result.is_err() { + return Err(crash(lang, "error_forwardregister_db")); + } + + s.set("sncf_admin_token", &token).map_err(|e| { + eprintln!("error_login_setcookie (in register): {}", e); + crash(lang.clone(), "error_login_setcookie") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplLink { + lang: &lang, + admin_token: &token, + config: &CONFIG, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplLink): {}", e); + crash(lang.clone(), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplLink): {}", e); + crash(lang, "error_tplrender_resp") + })?) +} + +// create a new query destined to the nextcloud instance +// needed to forward any query +fn forge_from( + route: &str, + req: &HttpRequest, + url: &web::Data, + client: &web::Data, +) -> ClientRequest { + let mut new_url = url.get_ref().clone(); + new_url.set_path(route); + new_url.set_query(req.uri().query()); + + // insert forwarded header if we can + let mut forwarded_req = client + .request_from(new_url.as_str(), req.head()) + .timeout(Duration::new(PROXY_TIMEOUT, 0)); + + // attempt to remove basic-auth header + forwarded_req.headers_mut().remove("authorization"); + if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + } +} + +fn web_redir(location: &str) -> HttpResponse { + HttpResponse::SeeOther() + .header(http::header::LOCATION, location) + .finish() +} + +pub async fn index(req: HttpRequest, s: Session) -> Result { + let seed = AesGcmCsrfProtection::from_key(get_csrf_key()); + let (csrf_token, csrf_cookie) = seed + .generate_token_pair(None, 43200) + .expect("couldn't generate token/cookie pair"); + + s.set("sncf_csrf_token", &base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)).map_err(|e| { + eprintln!("error_login_setcookie (in index): {}", e); + crash(get_lang(&req), "error_login_setcookie") + })?; + + let cookie_admin_token = s.get::("sncf_admin_token").map_err(|e| { + eprintln!("error_forwardregister_tokenparse (index): {}", e); + crash(get_lang(&req), "error_forwardregister_tokenparse") + })?; + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplIndex { + lang: &get_lang(&req), + csrf_token: &base64::encode_config(&csrf_token.value(), base64::URL_SAFE_NO_PAD), + sncf_admin_token: cookie_admin_token, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender_resp") + })?) +} + diff --git a/build/deb-rust-pluriton-interface/index.css b/build/deb-rust-pluriton-interface/index.css new file mode 100644 index 0000000..19b436d --- /dev/null +++ b/build/deb-rust-pluriton-interface/index.css @@ -0,0 +1,292 @@ +@font-face { + font-family: 'Ubuntu-R'; + src: url('/assets/Ubuntu-R.ttf'); + font-weight: normal; + font-style: normal; +} + +.hidden { + display: none !important; +} + +* { + font-family: Ubuntu,"Ubuntu-R",sans-serif; +} + +a { + text-decoration: none; + /*color: #2359fb;*/ +} + +.flex { + display: flex; + flex-wrap: wrap; + justify-content: center; +} + +.fullheight { + min-height: 100vh; +} + +.fullheight-nav { + min-height: calc(100vh - 50px); +} + +.fullwidth { + width: 100%; + text-align: center; +} + +.title { + color: black; + /*text-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18);*/ +} + +h1 { + font-size: 4vw; +} + +h2 { + font-size: 2.25vw; +} + +h3 { + font-size: 17pt bold; + text-align: left; +} + +p { + font-size: 15pt medium; + /*line-height: 1.6;*/ + text-align: left; +} + +.beta-tag { + background: #ff00ff; + color: white; + border-radius: 5px; + font-size: 0.9rem; + padding: 0.3rem; + margin-left: 0.5rem; +} +.beta-banner a { + color: #ff00ff; +} + +.beta-banner { + background: repeating-linear-gradient( 45deg, #ff00ff, #ff00ff 10px, #c44c05 10px, #c44c05 20px ); + color: white; + padding: 1rem; + text-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18); +} + +.logo { + width: 10vw; + margin-right: 2vw; +} + +.page-heading { + background-image: url("/assets/index-background.png"); /*, linear-gradient(0deg, #1f58c6 0%, #1c66f2 100%);*/ + background-position: 50% 50%; + background-repeat: no-repeat; + background-size: cover; + background-attachment: fixed; +} + +.page-heading-text { + width: auto; + margin: auto; + padding: 1rem; + +} + +.page-heading > p { + color: black; +} + +.page-heading > p > a { + color: #000000; +} + +.page-heading.error { + background: url("/assets/index-background.png"); /*, linear-gradient(0deg, #790000 0%, #a40000 100%)*/ +} + +.ncstyle-button.error { + background: #ee4040; +} + +.error.ncstyle-button:hover { + background: #c82323; +} + +.navbar { + height: 50px; +} + +body, html { + margin: 0; + padding: 0; +} + +.ncstyle-button { + background-color: #ffcc00; + box-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18); + border-radius: 1vw; + text-decoration: none; + text-shadow: 0 0 5px rgba(0, 0, 0, 0.18),0 5px 5px rgba(0, 0, 0, 0.18); + white-space: nowrap; + height: 48px; + width: auto; + line-height: 2.25rem; + padding: 0.5em; + background: #ffcc00; + font-size: 20pt; + min-width: 18vw; + display: block; + transition: all .25s ease-in-out; + color: white; + +} + + + +.margin-bottom { + margin-bottom: 1rem; +} + +.ncstyle-button_blue:hover { + background: #fbc617; +} +.ncstyle-button_yellow:hover { + background: #fbc617; +} + +.ncstyle-input { + margin: auto; + padding: 7px 6px; + font-size: 16px; + background-color: white; + color: #454545; + border: 1px solid #dbdbdb; + outline: none; + border-radius: 3px; + cursor: text; + width: 80vw; +} + +.click { + cursor: pointer; +} + +#script-copy { + display: none; +} + +@media only screen and (max-width: 1080px) { + h1 { + font-size: 48px; + } + + h2 { + font-size: 32px; + } + + h3 { + font-size: 24px; + } + + p { + font-size: 16px; + } + + + .title { + text-align: center; + } + + .logo { + width: 20vw; + margin: 0; + } + + .ncstyle-button_blue { + font-size: 24px; + } + +} + +@media only screen and (max-width: 1080px), screen and (max-height: 600px) { + .scroll-down-arrow { + display: none; + } +} + +.scroll-down-arrow { + background-image: url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48IURPQ1RZUEUgc3ZnIFBVQkxJQyAiLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9HcmFwaGljcy9TVkcvMS4xL0RURC9zdmcxMS5kdGQiPjxzdmcgdmVyc2lvbj0iMS4xIiBpZD0iQ2hldnJvbl90aGluX2Rvd24iIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMjAgMjAiIGVuYWJsZS1iYWNrZ3JvdW5kPSJuZXcgMCAwIDIwIDIwIiBmaWxsPSJ3aGl0ZSIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+PHBhdGggZD0iTTE3LjQxOCw2LjEwOWMwLjI3Mi0wLjI2OCwwLjcwOS0wLjI2OCwwLjk3OSwwYzAuMjcsMC4yNjgsMC4yNzEsMC43MDEsMCwwLjk2OWwtNy45MDgsNy44M2MtMC4yNywwLjI2OC0wLjcwNywwLjI2OC0wLjk3OSwwbC03LjkwOC03LjgzYy0wLjI3LTAuMjY4LTAuMjctMC43MDEsMC0wLjk2OWMwLjI3MS0wLjI2OCwwLjcwOS0wLjI2OCwwLjk3OSwwTDEwLDEzLjI1TDE3LjQxOCw2LjEwOXoiLz48L3N2Zz4=); + background-size: contain; + background-repeat: no-repeat; +} + +.scroll-down-link { + cursor:pointer; + height: 60px; + width: 80px; + margin: 0px 0 0 -40px; + line-height: 60px; + position: absolute; + left: 50%; + bottom: 10px; + color: #FFF; + text-align: center; + font-size: 70px; + z-index: 100; + text-decoration: none; + text-shadow: 0px 0px 3px rgba(0, 0, 0, 0.4); + animation: fade_move_down 2s ease-in-out infinite; +} + +/*animated scroll arrow animation*/ +@keyframes fade_move_down { + 0% { transform:translate(0,-20px); opacity: 0; } + 50% { opacity: 1; } + 100% { transform:translate(0,20px); opacity: 0; } +} + + +.lds-ring { + display: inline-block; + position: relative; + width: 80px; + height: 80px; +} +.lds-ring div { + box-sizing: border-box; + display: block; + position: absolute; + width: 64px; + height: 64px; + margin: 8px; + border: 8px solid #fff; + border-radius: 50%; + animation: lds-ring 1.2s cubic-bezier(0.5, 0, 0.5, 1) infinite; + border-color: #fff transparent transparent transparent; +} +.lds-ring div:nth-child(1) { + animation-delay: -0.45s; +} +.lds-ring div:nth-child(2) { + animation-delay: -0.3s; +} +.lds-ring div:nth-child(3) { + animation-delay: -0.15s; +} +@keyframes lds-ring { + 0% { + transform: rotate(0deg); + } + 100% { + transform: rotate(360deg); + } +} + diff --git a/build/deb-rust-pluriton-interface/index.html b/build/deb-rust-pluriton-interface/index.html new file mode 100644 index 0000000..8eba336 --- /dev/null +++ b/build/deb-rust-pluriton-interface/index.html @@ -0,0 +1,349 @@ +
+ + + + {{ "index_title"|tr(lang) }} – {{ "index_description"|tr(lang) }} + + + + + + + + + + + + + + + + + +
+ +
+
+
+
+
+

+

+

{{ "index_title2"|tr(lang) }}

+
+
+
+
+
+
+
+

{{ "index_description"|tr(lang) }}

+
+
+
+

{{ "index_description2"|tr(lang) }}

+
+
+

+
+
+
+ + + + +
+
+
+
+
+

{{ "index_panel1_title"|tr(lang) }}

+
+
+
+
+
+ +
+
+

{{ "index_panel2_title"|tr(lang) }}

+

{{ "index_panel2_desc1"|tr(lang) }}

{{ "index_panel2_desc2"|tr(lang) }}{{ "index_panel2_desc2_link"|tr(lang) }}.

+
+
+
+
+
+
+ +
+
+

{{ "index_panel3_title"|tr(lang) }}

+

{{ "index_panel3_desc1"|tr(lang) }}

+
+
+
+
+
+ +
+
+

{{ "index_panel4_title"|tr(lang) }}

+

{{ "index_panel4_desc1"|tr(lang) }}

+
+
+
+
+
+ +
+
+

{{ "index_panel5_title"|tr(lang) }}

+

{{ "index_panel5_desc1"|tr(lang) }}

+

{{ "index_panel5_desc2"|tr(lang) }}

+
+
+
+
+
+ +
+
+

{{ "index_panel6_title"|tr(lang) }}

+

{{ "index_panel5_desc1"|tr(lang) }}

+
+
+
+
+
+ + + +
+
+
+

+

+
+

{{ "index_disclaimer_title"|tr(lang) }}

+
+ +
+
+ +
+
+ +
+
+
+ {{ "index_disclaimer3"|tr(lang) }} + {{ "index_disclaimer3_link"|tr(lang) }} + {{ "index_disclaimer4"|tr(lang) }} +
+
+

+
+
+ {{ "index_bottom_docs"|tr(lang) }} + {{ "index_bottom_source"|tr(lang) }} + {{ "index_bottom_lic"|tr(lang) }} +
+
+
+
+
+ +
+

Digitalcourage | Newsletter | {{ "impressum_donations"|tr(lang) }} | Impressum | {{ "impressum_privacy"|tr(lang) }}

+
+ + + + diff --git a/build/deb-rust-pluriton-interface/lang.json b/build/deb-rust-pluriton-interface/lang.json new file mode 100644 index 0000000..d780e71 --- /dev/null +++ b/build/deb-rust-pluriton-interface/lang.json @@ -0,0 +1,520 @@ +{ + "lang_code": { + "en": "en", + "fr": "fr", + "de": "de" + }, + "lang_full": { + "en": "English", + "fr": "Français", + "de": "Deutsch" + }, + "meta_description": { + "en": "foorms : create forms for free, without registration while protecting your privacy", + "fr": "foorms : créez des formulaires ou questionnaires gratuitement, sans inscription et dans le respect de votre vie privée", + "de": "foorms: erstellen Sie gratis Umfragen, ohne Registrierung und unter Wahrung Ihrer Privatssphäre" + }, + "impressum_donations": { + "en": "Donations", + "fr": "Dons", + "de": "Spenden" + }, + "impressum_privacy": { + "en": "Privacy", + "fr": "Protection des données", + "de": "Datenschutz" + }, + "index_title": { + "en": "foorms", + "fr": "foorms", + "de": "foorms" + }, + "index_title2": { + "en": "What is foorms?", + "fr": "Qu'est-ce que c'est foorms?", + "de": "Was ist foorms?" + }, + "index_title3": { + "en": "How does foorms work?", + "fr": "Comme foorms functionne?", + "de": "Wie funktioniert foorms?" + }, + "index_description": { + "en": "Create forms fast and simple - without registration,", + "fr": "Créez des questionnaires en facon simple et vite - sans inscription,", + "de": "Erstellen Sie schnell und einfach Umfragen - ohne Registrierung," + }, + + "index_description2": { + "en": "advertisement, tracking and saving of metadata.", + "fr": "publicité, tracking et sauvegarde des métadonnées.", + "de": "Werbung, Tracking und Speicherung von Metadaten." + }, + "index_beta_tag": { + "en": "BETA", + "fr": "BETA", + "de": "BETA" + }, + "index_nojs": { + "en": "Please enable JavaScript in your browser!", + "fr": "Veuillez activer JavaScript dans votre navigateur !", + "de": "Bitte aktivieren Sie JavaScript in ihrem Browser!" + }, + "index_createform_button": { + "en": "Create a form", + "fr": "Créer un formulaire", + "de": "Umfrage erstellen" + }, + "index_continueform_button": { + "en": "Access your forms", + "fr": "Accéder à vos formulaires", + "de": "Zu deinen Umfragen" + }, + "index_beta_banner_title": { + "en": "Warning: Service in beta.", + "fr": "Attention : Service en bêta.", + "de": "Achtung: Seite in Beta Version" + }, + "index_beta_banner_desc1": { + "en": "This service is currently under development and might behave in an unexpected way.", + "fr": "Ce service est en cours de développement et pourrait se comporter de manière inattendue.", + "de": "Diese Seite ist in Entwicklung und könnte sich unerwartet verhalten." + }, + "index_beta_banner_desc2": { + "en": "Feel free to send feedbacks on our ", + "fr": "Vous pouvez nous envoyer vos retours sur ", + "de": "Feedback gerne an " + }, + "index_beta_banner_desc_link": { + "en": "our contact page", + "fr": "notre page de contact", + "de": "unsere Kontaktseite" + }, + "index_disclaimer_title": { + "en": "Who keeps foorms running?", + "fr": "Qui a organisé foorms?", + "de": "Wer betreibt foorms?" + }, + "index_disclaimer1": { + "en": "This service is maintained for you from ", + "fr": "Ce service vous est fourni gratuitement de ", + "de": "Diese Seite wird von " + }, + "index_disclaimer2": { + "en": " for free.", + "fr": " gratuitement.", + "de": " für Sie kostenlos angeboten" + }, + "index_disclaimer2_link_org": { + "en": " Digitalcourage e.V. ", + "fr": " Digitalcourage e.V. ", + "de": " Digitalcourage e.V. " + }, + "index_disclaimer2_but": { + "en": " But you have the possibility to ", + "fr": " Mais vous avez la possibilité de ", + "de": " Aber Sie können gern " + }, + "index_disclaimer2_link_don": { + "en": "donate.", + "fr": "faire une donation.", + "de": "spenden." + }, + "index_disclaimer3": { + "en": "Subscribe to the ", + "fr": "Inscrivez-vous à notre ", + "de": "Abonnieren Sie den " + }, + "index_disclaimer3_link": { + "en": "newsletter, ", + "fr": "newsletter, ", + "de": "Newsletter, " + }, + "index_disclaimer4": { + "en": " to stay informed about our work!", + "fr": " pour rester informé de notre travail!", + "de": " um über unsere Arbeit informiert zu bleiben!" + }, + + "index_panel1_title": { + "en": "How does foorms work?", + "fr": "Comme foorms functionne?", + "de": "Wie funktioniert foorms?" + }, + "index_panel1_desc1": { + "en": "Are you searching for a privacy-friendly alternative to Google Forms while keeping its ease of use?", + "fr": "Cherchez-vous une alternative éthique à Google Forms qui reste simple d'utilisation ?", + "de": "Suchen Sie eine ethisch sinnvolle Alternative zu Google Forms, welche gleichzeitig einfach in der Bedienung ist?" + }, + "index_panel1_desc2": { + "en": "You've just found it.", + "fr": "Vous venez de la trouver.", + "de": "Sie haben sie gefunden." + }, + "index_panel2_title": { + "en": "Choose and order your fields", + "fr": "Choisissez et ordonnez vos champs", + "de": "Wählen und Ordnen Sie ihre Felder" + }, + "index_panel2_desc1": { + "en": "The software currently supports seven field types.", + "fr": "Pour le moment, le logiciel supporte sept types de champs.", + "de": "Im Moment unterstützt die Software sieben Typen von Feldern." + }, + "index_panel2_desc2": { + "en": "New field types are ", + "fr": "De nouveaux types de champs sont ", + "de": "Neue Typen von Feldern sind " + }, + "index_panel2_desc2_link": { + "en": "currently in the works", + "fr": "en cours d'élaboration", + "de": "momentan in Bearbeitung" + }, + "index_panel3_title": { + "en": "Analyze the answers", + "fr": "Analysez les réponses", + "de": "Analysieren Sie die Antworten" + }, + "index_panel3_desc1": { + "en": "See detailed graphs of the answers to your form.", + "fr": "Visualisez les réponses à votre formulaire avec un graphique.", + "de": "Visualisieren Sie die Antworten Ihrer Umfrage graphisch." + }, + "index_panel4_title": { + "en": "Export the answers", + "fr": "Exportez les réponses", + "de": "Export der Antworten" + }, + "index_panel4_desc1": { + "en": "Export the raw data of your form in CSV format to integrate the answers in other software (e.g. LibreOffice Calc or Microsoft Excel).", + "fr": "Exportez les données brutes de votre formulaire en format CSV pour intégrer les réponses dans d'autres logiciels (ex. LibreOffice Calc ou Microsoft Excel).", + "de": "Exportieren Sie die Rohdaten Ihrer Umfrage im CSV Format um die Antworten in anderer Software zu integrieren( z.B. LibreOffice Calc)" + }, + "index_panel5_title": { + "en": "Edit your form's settings", + "fr": "Paramétrez vos formulaires", + "de": "Einstellungen Ihrer Umfragen" + }, + "index_panel5_desc1": { + "en": "Use the share link to send your form to other people.", + "fr": "Utilisez le lien de partage pour envoyer votre formulaire à d'autres personnes.", + "de": "Nutzen Sie den Teilen Link um Ihre Umfrage anderen Menschen zu schicken." + }, + "index_panel5_desc2": { + "en": "You can also define an expiration date for your form.", + "fr": "Vous pouvez également définir une date d'expiration pour votre formulaire.", + "de": "Sie können auch ein Ablaufdatum für ihre Umfrage festsetzen." + }, + "index_panel6_title": { + "en": "All your forms in one place", + "fr": "Tous vos formulaires au même endroit", + "de": "Alle Ihre Umfragen an einem Ort" + }, + "index_panel6_desc1": { + "en": "Find all your forms in the same panel.", + "fr": "Retrouvez tous vos formulaires sur un même panel.", + "de": "Finde alle deine Umfragen in einem Panel." + }, + "index_bottom_docs": { + "en": "Documentation", + "fr": "Documentation", + "de": "Dokumentation" + }, + "index_bottom_source": { + "en": "Source code", + "fr": "Code source", + "de": "Quellcode" + }, + "index_bottom_lic": { + "en": "License", + "fr": "Licence", + "de": "Lizenz" + }, + "index_credits_title": { + "en": "Credits", + "fr": "Crédits", + "de": "Credits" + }, + "index_credits_desc1": { + "en": "The Nextcloud software suite and the Nextcloud Forms application has been developed by ", + "fr": "La suite logicielle Nextcloud et l'application Nextcloud Forms a été développée par ", + "de": "Die Nextcloud Software Sammlung und die Nextcloud Forms Applikation wurden entwickelt von " + }, + "index_credits_desc1_link": { + "en": "the Nextcloud team", + "fr": "l'équipe Nextcloud", + "de": "dem Nextcloud Team" + }, + "index_credits_desc1_a": { + "en": " and its contributors.", + "fr": " et ses contributeur·ices.", + "de": " und ihren Kontributor*innen" + }, + "index_credits_desc2": { + "en": "The Simple Nextcloud Forms software, which simplifies the form creation process, has been developed by ", + "fr": "Le logiciel Simple Nextcloud Forms, qui simplifie la création de formulaires, a été développé par ", + "de": "Die Simple Nextcloud Forms Software, welche die Erstellung von Umfragen erleichtert, wurde entwickelt von " + }, + "index_credits_desc2_for": { + "en": " for ", + "fr": " pour ", + "de": " für " + }, + "index_credits_desc2_org": { + "en": "the 42l association", + "fr": "l'association 42l", + "de": "die 42l Assoziation" + }, + "index_credits_desc3": { + "en": "source code", + "fr": "code source", + "de": "Quellcode" + }, + "link_title": { + "en": "Link created", + "fr": "Lien créé", + "de": "Link erstellt" + }, + "link_desc1_1": { + "en": "Here's an administration link, which will allow you to access all", + "fr": "Voici un lien d'administration, qui vous permettra d'accéder à tous", + "de": "Hier ist ein Administrations Link, der es ermöglicht wieder zu" + }, + "link_desc1_2": { + "en": "your forms and check your answers.", + "fr": "vos formulaires et de consulter vos réponses.", + "de": "ihren Umfragen zu gelangen und die Antworten einzusehen." + }, + "link_desc2_1": { + "en": "Keep it carefully and don't give it away", + "fr": "Conservez-le bien précieusement et ne le donnez pas", + "de": "Bewahren Sie diese gut und sicher auf" + }, + "link_desc2_2": { + "en": "(it'd be the same as giving out your password!).", + "fr": "(cela reviendrait à donner un mot de passe!).", + "de": "(Die Weitergabe entspricht der Weitergabe eines Passwortes!)." + }, + "link_desc3_1": { + "en": "Once your link copied, click on the button below to", + "fr": "Une fois votre lien copié, cliquez sur le bouton ci-dessous pour", + "de": "Ist der Link kopiert, drücken sie auf den unteren Button um" + }, + "link_desc3_2": { + "en": "start editing your forms.", + "fr": "commencer à éditer vos formulaires.", + "de": "Umfragen zu erstellen oder zu bearbeiten." + }, + "link_access_btn": { + "en": "to foorms", + "fr": "Accéder foorms", + "de": "zu foorms" + }, + "link_note": { + "en": "Note: If you don't use your administration link during more than ", + "fr": "Note : Si vous n'utilisez pas votre lien d'administration pendant plus de ", + "de": "Notiz: Wenn Sie den Administrations Link für länger als " + }, + "link_note2": { + "en": " days, your forms will be automatically deleted.", + "fr": " jours, vos formulaires seront automatiquement supprimés.", + "de": " Tage nicht benutzen, werden ihre Umfragen automatisch gelöscht." + }, + "link_copy": { + "en": "Copy link", + "fr": "Copier le lien", + "de": "Link kopieren" + }, + "link_copied": { + "en": "Link copied!", + "fr": "Lien copié !", + "de": "Link kopiert !" + }, + "link_mail": { + "en": "send Link", + "fr": "envoyer lien", + "de": "Link senden" + }, + "error_title": { + "en": "Oops!...", + "fr": "Oups !...", + "de": "Ups !..." + }, + "error_description": { + "en": "The application encountered a problem:", + "fr": "L'application a rencontré un problème :", + "de": "Die Anwendung hat ein Problem festgestellt:" + }, + "error_back": { + "en": "Back to the main page", + "fr": "Retour à la page principale", + "de": "Zurück zur Hauptseite" + }, + "error_note1": { + "en": "We are (probably) aware of this bug, but feel free to contact us if you need assistance.", + "fr": "Nous sommes (probablement) au courant, mais n'hésitez pas à nous contacter si vous avez besoin d'aide.", + "de": "Wir sind uns (wahrscheinlich) bewusst, was diesen Fehler angeht. Fühlen sie sich frei uns zu kontaktieren, wenn Sie Hilfe benötigen." + }, + "error_note2": { + "en": "Sorry for the inconvenience.", + "fr": "Désolés pour les désagréments occasionnés.", + "de": "Entschuldigen Sie die Störung." + }, + "error_forward_req": { + "en": "Error while connecting to the Nextcloud instance.", + "fr": "Erreur lors de la connexion à l'instance Nextcloud.", + "de": "Fehler beim Verbinden zur Nextcloud Instanz." + }, + "error_forward_resp": { + "en": "Error while reading Nextcloud instance's response.", + "fr": "Erreur lors de la lecture de la réponse de l'instance Nextcloud.", + "de": "Feher beim Lesen der Antwort der Nextcloud Instanz." + }, + "error_forward_isanon": { + "en": "Couldn't set the form's isAnonymous value.", + "fr": "Échec lors de la définition de la valeur isAnonymous du formulaire.", + "de": "Es ist nicht möglich, die isAnonymous Wert des Formulars zu setzen." + }, + "error_forward_clientresp_newform": { + "en": "Failed to send the response body (new form).", + "fr": "Échec lors de l'envoi du corps de la réponse (nouveau formulaire).", + "de": "Fehler beim senden des Response body (neues Formular)." + }, + "error_forward_clientresp_std": { + "en": "Failed to send the response body.", + "fr": "Échec lors de l'envoi du corps de la réponse.", + "de": "Fehler beim Senden des Response Body." + }, + "error_forwardlogin_db": { + "en": "Couldn't connect to the local database.", + "fr": "Échec lors de la connexion à la base de données locale.", + "de": "Fehler beim verbinden zur lokalen Datenbank." + }, + "error_forwardlogin_db_get": { + "en": "Error during information retrieval from the local database.", + "fr": "Erreur lors de la récupération des informations dans la base de données locale.", + "de": "Fehler beim Empfangen von Daten der lokalen Datenbank." + }, + "error_forwardlogin_notfound": { + "en": "The specified token doesn't exist in local database.", + "fr": "Le token spécifié n'existe pas dans la base de données locale.", + "de": "Der gesetzte Token existiert nicht in der lokalen Datenbank." + }, + "error_login_get": { + "en": "The account creation request (GET) to Nextcloud has failed.", + "fr": "La requête de création de compte (GET) vers l'instance Nextcloud a échoué.", + "de": "Das Account Erstellungs Request (GET) zu Nextcloud hat nicht funktioniert." + }, + "error_login_get_body": { + "en": "Reading response from the account creation request to Nextcloud has failed.", + "fr": "La lecture de la réponse à la requête de création de compte vers l'instance Nextcloud a échoué.", + "de": "Das Lesen der Response vom Account Erstellungs Request zu Nextcloud hat nicht funktioniert." + }, + "error_login_post": { + "en": "The account creation request (POST) to Nextcloud has failed.", + "fr": "La requête de création de compte (POST) vers l'instance Nextcloud a échoué.", + "de": "Der Account Erstellungs Request (POST) zu Nextcloud hat nicht funktioniert. " + }, + "error_login_redir": { + "en": "Redirection to Nextcloud account failed.", + "fr": "La redirection vers le compte Nextcloud a échoué.", + "de": "Die Weiterleitung zum Nextcloud account hat nicht funktioniert." + }, + "error_createaccount_post": { + "en": "Account creation: connection to the Nextcloud API failed.", + "fr": "Création de compte : la connexion à l'API Nextcloud a échoué.", + "de": "Account Erstellung: Verbindung zur Nextcloud API hat nicht funktioniert." + }, + "error_createaccount_post_body": { + "en": "Account creation: reading the answer from the Nextcloud API failed.", + "fr": "Création de compte : le traitement de la réponse de l'API Nextcloud a échoué.", + "de": "Account Erstellung : das Lesen der Antwort der Nextcloud API hat nicht funktioniert." + }, + "error_createaccount_status": { + "en": "The Nextcloud instance responded with an unexpected status code.", + "fr": "L'instance Nextcloud a répondu avec un code de statut inattendu.", + "de": "Die Nextcloud Instanz hat mit einem unexpected status code geantwortet." + }, + "error_createaccount_ncstatus": { + "en": "The Nextcloud API responded with an unexpected status code.", + "fr": "L'API Nextcloud a répondu avec un code de statut inattendu.", + "de": "Die Nextcloud API hat mit unexpected ncstatus geantwortet." + }, + "error_createaccount_ncstatus_parse": { + "en": "Error parsing Nextcloud API's status code.", + "fr": "Erreur lors de la lecture du code de statut de l'API Nextcloud.", + "de": "Fehler beim Lesen des Nextcloud API status codes." + }, + "error_forwardregister_pool": { + "en": "Error while connecting to the local database.", + "fr": "Erreur lors de la connexion à la base de données locale.", + "de": "Fehler beim Verbinden zu der lokalen Datenbank." + }, + "error_forwardregister_db": { + "en": "Failed adding the Nextcloud account in the local database.", + "fr": "L'ajout du compte Nextcloud dans la base de données locale a échoué.", + "de": "Fehlre beim Hinzufügen des Nextcloud Accounts zur lokalen Datenbank." + }, + "error_forwardregister_tokenparse": { + "en": "Failed parsing the admin token.", + "fr": "Échec lors de la lecture du token administrateur.", + "de": "Fehler beim Parsen des Admin Tokens." + }, + "error_login_cookiepair": { + "en": "Couldn't read cookies.", + "fr": "Échec lors de la lecture de cookies.", + "de": "Fehler beim Lesen der Cookies" + }, + "error_login_regex": { + "en": "Couldn't read the CSRF token.", + "fr": "Échec lors de la lecture du token CSRF.", + "de": "Fehler beim Lesen des CSRF Tokens." + }, + "error_login_setcookie": { + "en": "Error during cookies transfer.", + "fr": "Erreur lors du transfert de cookies.", + "de": "Feheler beim Transfer der Cookies." + }, + "error_form_insert": { + "en": "The local database couldn't be reached.", + "fr": "Échec de la connexion avec la base de données locale.", + "de": "Die lokale Datenbank ist nicht erreichbar." + }, + "error_createaccount": { + "en": "The Nextcloud API returned an unexpected result.", + "fr": "L'API de Nextcloud a retourné un résultat inattendu.", + "de": "Die Nextcloud API hat ein unerwartetes Resultat zurückgesendet." + }, + "error_redirect": { + "en": "Failed to redirect.", + "fr": "La redirection a échoué.", + "de": "Weiterleitung (Redirect) hat nicht funktioniert." + }, + "error_csrf_cookie": { + "en": "Your CSRF token (cookie) seems incorrect, please retry.", + "fr": "Votre token CSRF (cookie) semble incorrect, veuillez réessayer.", + "de": "Dein CSRF Token (Cookie) scheint inkorrekt, versuchen Sie es erneut." + }, + "error_csrf_token": { + "en": "Your CSRF token seems incorrect, please retry.", + "fr": "Votre token CSRF semble incorrect, veuillez réessayer.", + "de": "Ihr CSRF Token scheint nicht korrekt, versuchen Sie es erneut. " + }, + "error_dirtyhacker": { + "en": "Attempt to access an unauthorized resource.", + "fr": "Tentative d'accès à une ressource non autorisée.", + "de": "Zugangs-Versuch einer unauthorisierten Quelle." + }, + "error_tplrender": { + "en": "Template rendering failed.", + "fr": "Le rendu du template a échoué.", + "de": "Template rendering hat nicht funktioniert." + }, + "error_tplrender_resp": { + "en": "Sending response failed.", + "fr": "L'envoi de la réponse a échoué.", + "de": "Senden der Antwort hat nicht funktioniert." + } +} + diff --git a/build/deb-rust-pluriton-interface/link.html b/build/deb-rust-pluriton-interface/link.html new file mode 100644 index 0000000..1bc9ab3 --- /dev/null +++ b/build/deb-rust-pluriton-interface/link.html @@ -0,0 +1,305 @@ + + + + + + {{ "link_title"|tr(lang) }} – {{ "index_title"|tr(lang) }} + + + + + + + + + + + + + +
+ + +
+ + +
+
+
+

{{ "link_title"|tr(lang) }}

+
+

{{ "link_desc1_1"|tr(lang)|safe }}

+
+

{{ "link_desc1_2"|tr(lang)|safe }}

+
+
+ +
+
+ +
+

{{ "link_desc2_1"|tr(lang)|safe }}

+
+

{{ "link_desc2_2"|tr(lang)|safe }}

+
+
+ +
+
+ + +

{{ "link_desc3_1"|tr(lang) }}

+
+

{{ "link_desc3_2"|tr(lang) }}

+
+
+ {{ "link_access_btn"|tr(lang) }} +
+
+
+
+
+
+ {{ "index_bottom_docs"|tr(lang) }} + {{ "index_bottom_source"|tr(lang) }} + {{ "index_bottom_lic"|tr(lang) }} +
+ +
+
+
+
+
+
+ +
+

Digitalcourage | Newsletter | {{ "impressum_donations"|tr(lang)|safe }} | Impressum | {{ "impressum_privacy"|tr(lang)|safe }}

+
+ + + + + diff --git a/build/deb-rust-pluriton-interface/main.rs b/build/deb-rust-pluriton-interface/main.rs new file mode 100644 index 0000000..ca619e7 --- /dev/null +++ b/build/deb-rust-pluriton-interface/main.rs @@ -0,0 +1,104 @@ +#[macro_use] +extern crate lazy_static; +#[macro_use] +extern crate serde_derive; +#[macro_use] +extern crate diesel; +#[macro_use] +extern crate diesel_migrations; +use actix_session::CookieSession; +use actix_web::cookie::SameSite; +use actix_files::Files; +use actix_web::client::Client; +use actix_web::{web, App, FromRequest, HttpServer}; +use diesel::prelude::*; +use diesel::r2d2::{self, ConnectionManager}; +use url::Url; +use crate::config::CONFIG; +use crate::config::PAYLOAD_LIMIT; +use crate::forward::*; +mod account; +mod config; +mod database; +mod errors; +mod forward; +mod sniff; +mod templates; +// default to postgres +#[cfg(feature = "default")] +type DbConn = PgConnection; +#[cfg(feature = "default")] +embed_migrations!("migrations/postgres"); +#[cfg(feature = "postgres")] +type DbConn = PgConnection; +#[cfg(feature = "postgres")] +embed_migrations!("migrations/postgres"); +#[cfg(feature = "sqlite")] +type DbConn = SqliteConnection; +#[cfg(feature = "sqlite")] +embed_migrations!("migrations/sqlite"); +#[cfg(feature = "mysql")] +type DbConn = MysqlConnection; +#[cfg(feature = "mysql")] +embed_migrations!("migrations/mysql"); +type DbPool = r2d2::Pool>; +#[actix_web::main] +async fn main() -> std::io::Result<()> { + /* std::env::set_var("RUST_LOG", "actix_web=debug"); + env_logger::init();*/ + println!("ta ta tala ~ SNCF init"); + println!("Checking configuration file..."); + CONFIG.check_version(); + if CONFIG.database_path.is_empty() { + println!("No database specified. Please enter a MySQL, PostgreSQL or SQLite connection string in config.toml."); + } + debug(&format!("Opening database {}", CONFIG.database_path)); + let manager = ConnectionManager::::new(&CONFIG.database_path); + let pool = r2d2::Pool::builder() + .build(manager) + .expect("ERROR: main: Failed to create the database pool."); + let conn = pool.get().expect("ERROR: main: DB connection failed"); + println!("Running migrations..."); + embedded_migrations::run(&*conn).expect("ERROR: main: Failed to run database migrations"); + let forward_url = + Url::parse(&CONFIG.nextcloud_url).expect("Couldn't parse the forward url from config"); + println!( + "Now listening at {}:{}", + CONFIG.listening_address, CONFIG.listening_port + ); + // starting the http server + HttpServer::new(move || { + App::new() + .data(pool.clone()) + .data(Client::new()) + .data(forward_url.clone()) + .wrap( + CookieSession::signed(&[0; 32]) + .secure(true) + .same_site(SameSite::Strict) + .http_only(true) + .name("sncf_cookies") + ) + /*.route("/mimolette", web::get().to(login))*/ + /*.route("/login", web::post().to(forward))*/ + /*.wrap(middleware::Compress::default())*/ + .service(Files::new("/assets/", "./templates/assets/").index_file("index.html")) + .route("/", web::get().to(index)) + .route("/link", web::post().to(forward_register)) + .route("/admin/{token}", web::get().to(forward_login)) + .default_service(web::route().to(forward)) + .data(String::configure(|cfg| cfg.limit(PAYLOAD_LIMIT))) + .app_data(actix_web::web::Bytes::configure(|cfg| { + cfg.limit(PAYLOAD_LIMIT) + })) + }) + .bind((CONFIG.listening_address.as_str(), CONFIG.listening_port))? + .system_exit() + .run() + .await +} +pub fn debug(text: &str) { + if CONFIG.debug_mode { + println!("{}", text); + } +} diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/account.rs b/build/deb-rust-pluriton-interface/old_src_try/src/account.rs new file mode 100644 index 0000000..e69de29 diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/config.rs b/build/deb-rust-pluriton-interface/old_src_try/src/config.rs new file mode 100644 index 0000000..349fda0 --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/config.rs @@ -0,0 +1,76 @@ +use serde_json::Value; +use std::fs::File; +use std::io::Read; +use std::io::{self, BufRead, BufReader}; +use std::path::Path; + +// payload limit set to 5MiB +pub const PAYLOAD_LIMIT: usize = 10_000_000; +pub const PROXY_TIMEOUT: u64 = 15; + +pub const CONFIG_FILE: &str = "./config.toml"; +pub const CONFIG_VERSION: u8 = 2; + +pub const ADJ_LIST_FILE: &str = "./adj-list.txt"; +pub const NAME_LIST_FILE: &str = "./name-list.txt"; +pub const LOC_FILE: &str = "./lang.json"; + +pub const USER_AGENT: &str = "Actix-web"; + +lazy_static! { + pub static ref CONFIG: Config = Config::init(); + pub static ref ADJ_LIST: Vec = + lines_from_file(ADJ_LIST_FILE).expect("Failed to load adjectives list"); + pub static ref NAME_LIST: Vec = + lines_from_file(NAME_LIST_FILE).expect("Failed to load names list"); + pub static ref LOC: Value = init_lang(); +} + +// Open LOC_FILE and store it in memory (LOC) +fn init_lang() -> Value { + let mut file = File::open(LOC_FILE).expect("init_lang: Can't open translations file"); + let mut data = String::new(); + file.read_to_string(&mut data) + .expect("init_lang: Can't read translations file"); + serde_json::from_str(&data).expect("init_lang(): Can't parse translations file") +} + +// Open a file from its path +fn lines_from_file(filename: impl AsRef) -> io::Result> { + BufReader::new(File::open(filename)?).lines().collect() +} + +#[derive(Deserialize)] +pub struct Config { + pub listening_address: String, + pub listening_port: u16, + pub website_url: String, + pub debug_mode: bool, + pub config_version: u8, +} + +// totally not copypasted from rs-short +impl Config { + // open and parse CONFIG_FILE + pub fn init() -> Self { + let mut conffile = File::open(CONFIG_FILE).expect( + r#"Config file config.toml not found. + Please create it using config.toml.sample."#, + ); + let mut confstr = String::new(); + conffile + .read_to_string(&mut confstr) + .expect("Couldn't read config to string"); + toml::from_str(&confstr).expect("Couldn't deserialize the config. Please update at https://git.42l.fr/neil/sncf/wiki/Upgrade-from-a-previous-version --- Error") + } + + // if config.config_version doesn't match the hardcoded version, + // ask the admin to manually upgrade its config file + pub fn check_version(&self) { + if self.config_version != CONFIG_VERSION { + eprintln!("Your configuration file is obsolete!\nPlease update it following the instructions in https://git.42l.fr/neil/sncf/wiki/Upgrade-from-a-previous-version and update its version to {}.", CONFIG_VERSION); + panic!(); + } + } +} + diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/errors.rs b/build/deb-rust-pluriton-interface/old_src_try/src/errors.rs new file mode 100644 index 0000000..a1e2f87 --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/errors.rs @@ -0,0 +1,58 @@ +use crate::templates::TplError; + +use actix_web::dev::HttpResponseBuilder; +use actix_web::{error, http::header, http::StatusCode, HttpResponse}; +use askama::Template; +use std::fmt; + +pub fn crash(lang: String, error_msg: &'static str) -> TrainCrash { + TrainCrash { lang, error_msg } +} + +#[derive(Debug)] +pub struct TrainCrash { + pub error_msg: &'static str, + pub lang: String, +} + +// gonna avoid using failure crate +// by implementing display +impl fmt::Display for TrainCrash { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + write!(f, "{:?}", self.error_msg) + } +} + +impl error::ResponseError for TrainCrash { + fn error_response(&self) -> HttpResponse { + eprintln!("Error reached: {}", self.error_msg); + HttpResponseBuilder::new(self.status_code()) + .set_header(header::CONTENT_TYPE, "text/html; charset=utf-8") + .body( + TplError { + lang: &self.lang, + error_msg: self.error_msg, + } + .render() + .expect("error_tplrender (TplError). Empty page sent to client."), + ) + } + fn status_code(&self) -> StatusCode { + match self.error_msg { + "error_forward_req" => StatusCode::BAD_GATEWAY, + "error_forward_resp" => StatusCode::BAD_GATEWAY, + "error_login_get" => StatusCode::BAD_GATEWAY, + "error_login_get_body" => StatusCode::BAD_GATEWAY, + "error_login_post" => StatusCode::BAD_GATEWAY, + "error_login_redir" => StatusCode::BAD_GATEWAY, + "error_forwardlogin_notfound" => StatusCode::NOT_FOUND, + "error_forwardregister_tokenparse" => StatusCode::BAD_REQUEST, + "error_login_cookiepair" => StatusCode::BAD_GATEWAY, + "error_login_regex" => StatusCode::BAD_GATEWAY, + "error_login_setcookie" => StatusCode::BAD_REQUEST, + "error_createaccount" => StatusCode::BAD_GATEWAY, + "error_dirtyhacker" => StatusCode::UNAUTHORIZED, + _ => StatusCode::INTERNAL_SERVER_ERROR, + } + } +} diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/forward.rs b/build/deb-rust-pluriton-interface/old_src_try/src/forward.rs new file mode 100644 index 0000000..e42abfd --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/forward.rs @@ -0,0 +1,147 @@ +use actix_web::client::{Client, ClientRequest}; +use actix_web::{http, web, HttpRequest, HttpResponse}; +use actix_session::Session; +use askama::Template; +use chrono::Utc; +use std::time::Duration; +use url::Url; + +use crate::config::PAYLOAD_LIMIT; +use crate::config::PROXY_TIMEOUT; +use crate::debug; +use crate::errors::{crash, TrainCrash}; +use crate::sniff::*; +use crate::templates::*; +use crate::CONFIG; + +pub async fn forward( + req: HttpRequest, + body: web::Bytes, + url: web::Data, + client: web::Data, +) -> Result { + let route = req.uri().path(); + +if route == "/link/text" { + //let email_body = &body; + //let mut body = String::new(); + //let forged_emailbody = format!( + // "{:?}", + // email_body + // ); + + //let body = email_response_body.escape_ascii().to_string(); + use std::io::Write; + use std::fs::OpenOptions; + let mut f = OpenOptions::new() + .append(true) + .create(true) // Optionally create the file if it doesn't already exist + .open("tuples.csv") + .expect("Unable to open file"); + + ////f.write_all(forged_emailbody.as_bytes()).expect("Unable to write data"); + f.write_all(&body).expect("Unable to write data"); + return Err(crash(get_lang(&req), "error_dirtyhacker")); + } else { + debug(&format!("Restricted route blocked: {}", route)); + return Ok(web_redir("/").await.map_err(|e| { + eprintln!("error_redirect: {}", e); + crash(get_lang(&req), "error_redirect") + })?); + } + + + +} + + +#[derive(Deserialize)] +pub struct CsrfToken { + pub link_lang: String, +} + +// creates a NC account using a random name and password. +// the account gets associated with a token in sqlite DB. +// POST /link route +pub async fn forward_register( + req: HttpRequest, + s: Session, + csrf_post: web::Form, + client: web::Data, +) -> Result { + + + let lang = csrf_post.link_lang.clone(); + + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplLink { + lang: &lang, + config: &CONFIG, + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplLink): {}", e); + crash(lang.clone(), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplLink): {}", e); + crash(lang, "error_tplrender_resp") + })?) +} + +// create a new query destined to the nextcloud instance +// needed to forward any query +fn forge_from( + route: &str, + req: &HttpRequest, + url: &web::Data, + client: &web::Data, +) -> ClientRequest { + let mut new_url = url.get_ref().clone(); + new_url.set_path(route); + new_url.set_query(req.uri().query()); + + // insert forwarded header if we can + let mut forwarded_req = client + .request_from(new_url.as_str(), req.head()) + .timeout(Duration::new(PROXY_TIMEOUT, 0)); + + // attempt to remove basic-auth header + forwarded_req.headers_mut().remove("authorization"); + if let Some(addr) = req.head().peer_addr { + forwarded_req.header("x-forwarded-for", format!("{}", addr.ip())) + } else { + forwarded_req + } +} + +fn web_redir(location: &str) -> HttpResponse { + HttpResponse::SeeOther() + .header(http::header::LOCATION, location) + .finish() +} + +pub async fn index(req: HttpRequest, s: Session) -> Result { + Ok(HttpResponse::Ok() + .content_type("text/html") + .body( + TplIndex { + lang: &get_lang(&req), + } + .render() + .map_err(|e| { + eprintln!("error_tplrender (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender") + })?, + ) + .await + .map_err(|e| { + eprintln!("error_tplrender_resp (TplIndex): {}", e); + crash(get_lang(&req), "error_tplrender_resp") + })?) +} + diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/main.rs b/build/deb-rust-pluriton-interface/old_src_try/src/main.rs new file mode 100644 index 0000000..93e8aef --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/main.rs @@ -0,0 +1,69 @@ +#[macro_use] +extern crate lazy_static; +#[macro_use] +extern crate serde_derive; +#[macro_use] +extern crate diesel; +#[macro_use] +extern crate diesel_migrations; +use actix_session::CookieSession; +use actix_web::cookie::SameSite; +use actix_files::Files; +use actix_web::client::Client; +use actix_web::{web, App, FromRequest, HttpServer}; +use diesel::prelude::*; +use url::Url; +use crate::config::CONFIG; +use crate::config::PAYLOAD_LIMIT; +use crate::forward::*; +mod config; +mod errors; +mod forward; +mod sniff; +mod templates; + + +#[actix_web::main] +async fn main() -> std::io::Result<()> { + /* std::env::set_var("RUST_LOG", "actix_web=debug"); + env_logger::init();*/ + println!("ta ta tala ~ SNCF init"); + println!("Checking configuration file..."); + CONFIG.check_version(); + println!( + "Now listening at {}:{}", + CONFIG.listening_address, CONFIG.listening_port + ); + + // starting the http server + HttpServer::new(move || { + App::new() + .data(Client::new()) + .data(forward_url.clone()) + //.wrap( + // CookieSession::signed(&[0; 32]) + // .secure(true) + // .same_site(SameSite::Strict) + // .http_only(true) + // .name("pluriton_cookies") + // ) + .service(Files::new("/assets/", "./templates/assets/").index_file("index.html")) + .route("/", web::get().to(index)) + .route("/link/text", web::post().to(forward_register)) + .default_service(web::route().to(forward)) + .data(String::configure(|cfg| cfg.limit(PAYLOAD_LIMIT))) + .app_data(actix_web::web::Bytes::configure(|cfg| { + cfg.limit(PAYLOAD_LIMIT) + })) + }) + .bind((CONFIG.listening_address.as_str(), CONFIG.listening_port))? + .system_exit() + .run() + .await +} + +pub fn debug(text: &str) { + if CONFIG.debug_mode { + println!("{}", text); + } +} diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/sniff.rs b/build/deb-rust-pluriton-interface/old_src_try/src/sniff.rs new file mode 100644 index 0000000..9bbd614 --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/sniff.rs @@ -0,0 +1,101 @@ +use actix_web::web; +use serde_json::Value; + +use crate::debug; + +// checks to be done on user requests +// if it returns true, cancels the request +pub fn check_request(route: &str, body: &web::Bytes) -> bool { + match route { + "/ocs/v2.php/apps/forms/api/v1/form/update" => rq_form_update(body), + _ => false, + } +} + +// prevents the user from doing anything other than link sharing. +fn rq_form_update(body: &web::Bytes) -> bool { + let req = String::from_utf8_lossy(body); + + // try to serialize the body. + // If the parsing fails, drop the request + let v: Value = serde_json::from_str(&req).unwrap_or_else(|e| { + eprintln!("check_request: failed to parse JSON: {}", e); + Value::Null + }); + // if the type or isAnonymous is set (isn't null), + // drop the request. + // Also drop if v is null because of parsing fail. + v == Value::Null + || v["keyValuePairs"]["isAnonymous"] != Value::Null + || v["keyValuePairs"]["access"]["type"] != Value::Null +} + +// checks to be done on responses from the Nextcloud instance +// if it returns true, cancels the request +// NOTE: unused for now +/*pub fn check_response(_route: &str, _body: &web::Bytes) -> bool { + false +}*/ + +// checks if a form has been created. +// if it's the case, sets some parameters. +// this part may need code quality improvements +// the body MUST come from the "create new form" route +// (this is checked upstream) +// returns the form UID and the request body +pub fn check_new_form(body: &web::Bytes) -> u64 { + let req = String::from_utf8_lossy(body); + + // finds the form ID + let v: Value = serde_json::from_str(&req).unwrap_or_else(|e| { + eprintln!("check_new_form: failed to parse JSON: {}", e); + Value::Null + }); + + if v != Value::Null + && v["ocs"].is_object() + && v["ocs"]["data"].is_object() + && v["ocs"]["data"]["id"] != Value::Null + && v["ocs"]["data"]["isAnonymous"] == Value::Null + { + //getting form id + v["ocs"]["data"]["id"].as_u64().unwrap_or_else(|| { + eprintln!("check_new_form: failed to parse formid: {}", v); + 0 + }) + } else { + eprintln!("error: check_new_form: can't find formid: {}", v); + 0 + } +} + +// those routes won't be redirected +const BLOCKED_ROUTES: &[&str] = &[ + "/apps/settings", + "/login", + "/settings", + "/ocs/v", + "/remote.php", + "/core/templates/filepicker.html", +]; + +// ...except if they are in this list +const ALLOWED_ROUTES: &[&str] = &["/ocs/v2.php/apps/forms/", "/status.php"]; + +// checks if the accessed route is allowed for the user. +// if it returns true, redirects elsewhere +pub fn check_route(route: &str) -> bool { + debug(route); + + for r in BLOCKED_ROUTES { + if route.starts_with(r) { + for s in ALLOWED_ROUTES { + if route.starts_with(s) { + return false; + } + } + return true; + } + } + false +} diff --git a/build/deb-rust-pluriton-interface/old_src_try/src/templates.rs b/build/deb-rust-pluriton-interface/old_src_try/src/templates.rs new file mode 100644 index 0000000..d9baed6 --- /dev/null +++ b/build/deb-rust-pluriton-interface/old_src_try/src/templates.rs @@ -0,0 +1,61 @@ +use actix_web::HttpRequest; +use askama::Template; +use crate::config::Config; +#[derive(Template)] +#[template(path = "index.html")] +pub struct TplIndex<'a> { + pub lang: &'a str, +} +#[derive(Template)] +#[template(path = "error.html")] +pub struct TplError<'a> { + pub lang: &'a str, + pub error_msg: &'a str, +} +#[derive(Template)] +#[template(path = "link.html")] +pub struct TplLink<'a> { + pub lang: &'a str, + pub config: &'a Config, +} +pub fn get_lang(req: &HttpRequest) -> String { + // getting language from client header + // taking the two first characters of the Accept-Language header, + // in lowercase, then parsing it. + // if it fails, returns "en" + if let Some(la) = req.uri().query() { + + return la[5..].to_string(); + + } else { + if let Some(l) = req.headers().get("Accept-Language") { + if let Ok(s) = l.to_str() { + return s.to_lowercase()[..2].to_string(); + } + } + } + String::from("en") +} +mod filters { + use crate::config::LOC; + pub fn tr(key: &str, lang: &str) -> askama::Result { + let translation = LOC.get(key).ok_or_else(|| { + eprintln!("tr filter: couldn't find the key {}", key); + askama::Error::from(std::fmt::Error) + })?; + Ok(String::from( + translation + .get(lang) + .unwrap_or(translation.get("en").ok_or_else(|| { + eprintln!("tr filter: couldn't find the lang {} in key {}", lang, key); + askama::Error::from(std::fmt::Error) + })?) + .as_str() + .ok_or_else(|| { + eprintln!("tr filter: lang {} in key {} is not str", lang, key); + askama::Error::from(std::fmt::Error) + })?, + )) + } +} + diff --git a/build/deb-rust-pluriton-interface/pluriton-interface b/build/deb-rust-pluriton-interface/pluriton-interface new file mode 160000 index 0000000..b1fd3fc --- /dev/null +++ b/build/deb-rust-pluriton-interface/pluriton-interface @@ -0,0 +1 @@ +Subproject commit b1fd3fccaeb98678c6a36973bac2666def4b3da1 diff --git a/build/deb-rust-pluriton-interface/templates.rs b/build/deb-rust-pluriton-interface/templates.rs new file mode 100644 index 0000000..6be93f1 --- /dev/null +++ b/build/deb-rust-pluriton-interface/templates.rs @@ -0,0 +1,65 @@ +use actix_web::HttpRequest; +use askama::Template; +use crate::config::Config; +#[derive(Template)] +#[template(path = "index.html")] +pub struct TplIndex<'a> { + pub lang: &'a str, + pub csrf_token: &'a str, + pub sncf_admin_token: Option, +} +#[derive(Template)] +#[template(path = "error.html")] +pub struct TplError<'a> { + pub lang: &'a str, + pub error_msg: &'a str, +} +#[derive(Template)] +#[template(path = "link.html")] +pub struct TplLink<'a> { + pub lang: &'a str, + pub admin_token: &'a str, + pub csrf_token: &'a str, + pub config: &'a Config, +} +pub fn get_lang(req: &HttpRequest) -> String { + // getting language from client header + // taking the two first characters of the Accept-Language header, + // in lowercase, then parsing it. + // if it fails, returns "en" + if let Some(la) = req.uri().query() { + + return la[5..].to_string(); + + } else { + if let Some(l) = req.headers().get("Accept-Language") { + if let Ok(s) = l.to_str() { + return s.to_lowercase()[..2].to_string(); + } + } + } + String::from("en") +} +mod filters { + use crate::config::LOC; + pub fn tr(key: &str, lang: &str) -> askama::Result { + let translation = LOC.get(key).ok_or_else(|| { + eprintln!("tr filter: couldn't find the key {}", key); + askama::Error::from(std::fmt::Error) + })?; + Ok(String::from( + translation + .get(lang) + .unwrap_or(translation.get("en").ok_or_else(|| { + eprintln!("tr filter: couldn't find the lang {} in key {}", lang, key); + askama::Error::from(std::fmt::Error) + })?) + .as_str() + .ok_or_else(|| { + eprintln!("tr filter: lang {} in key {} is not str", lang, key); + askama::Error::from(std::fmt::Error) + })?, + )) + } +} + diff --git a/build/deb-rust-pluriton-interface/templates.rs.save b/build/deb-rust-pluriton-interface/templates.rs.save new file mode 100644 index 0000000..3efbc81 --- /dev/null +++ b/build/deb-rust-pluriton-interface/templates.rs.save @@ -0,0 +1,65 @@ +use actix_web::HttpRequest; +use askama::Template; +use crate::config::Config; +#[derive(Template)] +#[template(path = "index.html")] +pub struct TplIndex<'a> { + pub lang: &'a str, + pub csrf_token: &'a str, +} +#[derive(Template)] +#[template(path = "error.html")] +pub struct TplError<'a> { + pub lang: &'a str, + pub error_msg: &'a str, +} +#[derive(Template)] +#[template(path = "link.html")] +pub struct TplLink<'a> { + pub lang: &'a str, + pub admin_token: &'a str, + pub config: &'a Config, +} + + +pub fn get_lang(req: &HttpRequest) -> String { + // getting language from client header + // taking the two first characters of the Accept-Language header, + // in lowercase, then parsing it. + // if it fails, returns "en" + if let Some(l) = req.headers().get("Accept-Language") { + if let Ok(s) = l.to_str() { + return s.to_lowercase()[..2].to_string(); + } + } + if let Some(l) = req.headers().get("lang") { + if let Ok(s) = l.to_str() { + return s.to_lowercase()[..2].to_string(); + } + } + + String::from("en") +} +mod filters { + use crate::config::LOC; + pub fn tr(key: &str, lang: &str) -> askama::Result { + let translation = LOC.get(key).ok_or_else(|| { + eprintln!("tr filter: couldn't find the key {}", key); + askama::Error::from(std::fmt::Error) + })?; + Ok(String::from( + translation + .get(lang) + .unwrap_or(translation.get("en").ok_or_else(|| { + eprintln!("tr filter: couldn't find the lang {} in key {}", lang, key); + askama::Error::from(std::fmt::Error) + })?) + .as_str() + .ok_or_else(|| { + eprintln!("tr filter: lang {} in key {} is not str", lang, key); + askama::Error::from(std::fmt::Error) + })?, + )) + } +} + diff --git a/build/deb-rust-pluriton-interface/white-background.png b/build/deb-rust-pluriton-interface/white-background.png new file mode 100644 index 0000000..0dc1957 Binary files /dev/null and b/build/deb-rust-pluriton-interface/white-background.png differ diff --git a/build/tf-gpu-FASTsearch/Dockerfile b/build/tf-gpu-FASTsearch/Dockerfile deleted file mode 100644 index ab5790d..0000000 --- a/build/tf-gpu-FASTsearch/Dockerfile +++ /dev/null @@ -1,46 +0,0 @@ -FROM tensorflow/tensorflow:1.12.0-gpu - -COPY Prototyp /home/Prototyp - -COPY requis.txt /home/requis.txt - -RUN apt-get update && apt-get install -y wget libssl-dev openssl -#RUN wget https://www.python.org/ftp/python/3.5.3/Python-3.5.3.tgz -#RUN tar -xzvf Python-3.5.3.tgz -#RUN cd Python-3.5.3 && ./configure && make && make install - -RUN python --version - -RUN apt-get update && apt-get install -y virtualenv python-dev python-pip build-essential - -#RUN python3.5 -m venv /home/venv - -#ENV PATH="home/venv/bin:$PATH" - -RUN python --version - -#RUN pip3 install --upgrade pip - -RUN pip install -r /home/requis.txt && python -m spacy download de - -RUN pip install hickle==3.4.9 Twisted joblib -#nodejs npm - -#RUN python -m pip install incremental - -#RUN python -m pip install cffi - -#RUN python -m pip install -r /home/requis.txt - -#RUN python3 -m spacy download de - -#RUN pip3 install pandas bs4 - - - -RUN apt-get update && apt-get install -y nodejs - -#ENTRYPOINT ["tail"] -#CMD ["-f","/dev/null"] - -CMD /bin/sh -c "cd /home/Prototyp && nodejs server.js" diff --git a/build/tfgpu-pluriton/Dockerfile b/build/tfgpu-pluriton/Dockerfile new file mode 100644 index 0000000..8eea302 --- /dev/null +++ b/build/tfgpu-pluriton/Dockerfile @@ -0,0 +1,44 @@ +FROM tensorflow/tensorflow:2.3.0-gpu + +# why 2.3 ? I looked it up on stack overflow +# https://stackoverflow.com/questions/50622525/which-tensorflow-and-cuda-version-combinations-are-compatible +# here is a nice list, which tf version is compatible with which cuda +# from the cmmand docker run --runtime=nvidia --rm nvidia/cuda:9.0-base nvidia-smi +# you get your installed cuda version running + +RUN useradd -ms /bin/bash pluritonian + +COPY Translations.txt /home/pluritonian/Translations.txt + +COPY test_runwithgen.py /home/pluritonian/test_runwithgen.py +COPY test_runwithload.py /home/pluritonian/test_runwithload.py +COPY generateModels.py /home/pluritonian/generateModels.py + +COPY req.js /home/pluritonian/req.js + +COPY postcommand /home/pluritonian/postcommand + +COPY updateDatabase.py /home/pluritonian/updateDatabase.py + +COPY FASTsearch.py /home/pluritonian/FASTsearch.py + +COPY fastapi_server.py /home/pluritonian/fastapi_server.py + +#USER pluritonian + +WORKDIR /home/pluritonian + +RUN apt-get update && apt-get install nano + +RUN pip install joblib scikit-learn hickle==3.4.9 fastapi uvicorn[standard] + +RUN pip install idna==2.9 python-multipart==0.0.5 + +RUN python generateModels.py + +# to let the container running: + +CMD uvicorn --host 0.0.0.0 fastapi_server:app + +#ENTRYPOINT ["tail"] +#CMD ["-f","/dev/null"] diff --git a/build/tf-gpu-FASTsearch/FASTsearch.py b/build/tfgpu-pluriton/FASTsearch.py similarity index 99% rename from build/tf-gpu-FASTsearch/FASTsearch.py rename to build/tfgpu-pluriton/FASTsearch.py index 960a52f..b7a47b9 100644 --- a/build/tf-gpu-FASTsearch/FASTsearch.py +++ b/build/tfgpu-pluriton/FASTsearch.py @@ -13,8 +13,9 @@ from sklearn.feature_extraction.text import CountVectorizer import numpy as np import scipy as sc -import tensorflow as tf +import tensorflow.compat.v1 as tf +tf.compat.v1.disable_eager_execution() import _pickle as cPickle diff --git a/build/tfgpu-pluriton/Translations.txt b/build/tfgpu-pluriton/Translations.txt new file mode 100644 index 0000000..ef653b6 --- /dev/null +++ b/build/tfgpu-pluriton/Translations.txt @@ -0,0 +1,2 @@ +[['Ich gehe nach Hause, weil es regnet.'], ['Ich gehe nach Hause. Weil es regnet.']] +[['Es wäre sinnvoller, wenn die Maschinen aufhören zu regieren.'], ['Wenn die Maschinen aufhören zu regieren. Das ist sinnvoller.']] diff --git a/build/tfgpu-pluriton/fastapi_server.py b/build/tfgpu-pluriton/fastapi_server.py new file mode 100644 index 0000000..67f4411 --- /dev/null +++ b/build/tfgpu-pluriton/fastapi_server.py @@ -0,0 +1,37 @@ +from fastapi import FastAPI, Response, Request + +from fastapi.responses import JSONResponse + +app = FastAPI() + +from updateDatabase import * + +pluriDBupdater = PluritonUpdater() + +pluriDBupdater.loadModels() + + +@app.post("/datext", response_class=JSONResponse) +async def root(data: Request): + + text_bytes = await data.body() + + text = str(text_bytes) + + print(text) + + einfach, schwer = pluriDBupdater.searchNearest2Translate(text) + + einfachstr = '' + schwerstr = '' + + for word in einfach: + einfachstr += word + ' ' + for word in schwer: + schwerstr += word + ' ' + + daresponse = einfachstr + '?&?&' + schwerstr + + + return JSONResponse(content=daresponse) + diff --git a/build/tfgpu-pluriton/generateModels.py b/build/tfgpu-pluriton/generateModels.py new file mode 100644 index 0000000..01f1501 --- /dev/null +++ b/build/tfgpu-pluriton/generateModels.py @@ -0,0 +1,18 @@ +from updateDatabase import * + +print('Init Pluriton..') +pluriDBupdater = PluritonUpdater() +print('done') +print('creaing hklDB from the Translations..') +pluriDBupdater.create_hklDB_from_csv('Translations.txt') +print('done') +print('generating BOW models..') + +pluriDBupdater.load_DB_into_FASTsearch_and_generate_BOW() +print('done') +#pluriDBupdater.loadModels() + +#einfach, schwer = pluriDBupdater.searchNearest2Translate('Die Maschinen besser') + +#print('Schwer', schwer) + diff --git a/build/tfgpu-pluriton/postcommand b/build/tfgpu-pluriton/postcommand new file mode 100644 index 0000000..0c2b5a6 --- /dev/null +++ b/build/tfgpu-pluriton/postcommand @@ -0,0 +1 @@ +curl -X POST -H "Content-Type: application/json" -d @req.json http://localhost:8000/datext diff --git a/build/tfgpu-pluriton/req.js b/build/tfgpu-pluriton/req.js new file mode 100644 index 0000000..72febaf --- /dev/null +++ b/build/tfgpu-pluriton/req.js @@ -0,0 +1,3 @@ +{ + "Text": "Die Maschinen werrden immer besser" +} diff --git a/build/tfgpu-pluriton/test_runwithgen.py b/build/tfgpu-pluriton/test_runwithgen.py new file mode 100644 index 0000000..47bdd79 --- /dev/null +++ b/build/tfgpu-pluriton/test_runwithgen.py @@ -0,0 +1,16 @@ +from updateDatabase import * + + +pluriDBupdater = PluritonUpdater() + + +pluriDBupdater.create_hklDB_from_csv('Translations.txt') + +pluriDBupdater.load_DB_into_FASTsearch_and_generate_BOW() + +#pluriDBupdater.loadModels() + +einfach, schwer = pluriDBupdater.searchNearest2Translate('Die Maschinen besser') + +print('Schwer', schwer) + diff --git a/build/tfgpu-pluriton/test_runwithload.py b/build/tfgpu-pluriton/test_runwithload.py new file mode 100644 index 0000000..8b8b246 --- /dev/null +++ b/build/tfgpu-pluriton/test_runwithload.py @@ -0,0 +1,11 @@ +from updateDatabase import * + + +pluriDBupdater = PluritonUpdater() + +pluriDBupdater.loadModels() + +einfach, schwer = pluriDBupdater.searchNearest2Translate('Die Maschinen besser') + +print('Schwer', schwer) + diff --git a/build/tfgpu-pluriton/updateDatabase.py b/build/tfgpu-pluriton/updateDatabase.py new file mode 100644 index 0000000..e439eb5 --- /dev/null +++ b/build/tfgpu-pluriton/updateDatabase.py @@ -0,0 +1,126 @@ +import hickle as hkl + +import FASTsearch + + +class PluritonUpdater(object): + + def __init__(self): + + self.ole = 1 + + # Input: csv file with the form ['eine', 'schwere', 'Sprache'] , ['in', 'leicht'] for each line + # Output: hkl dump of array in form [[['eine', 'schwere', 'Sprache'],['in', 'leicht']],[..]] + + def create_hklDB_from_csv(self, csvDbDir): + + with open(csvDbDir) as lines: + + TranslationsDB_All = [] + + for line in lines: + + TranslationsDB_All.append(list(eval(line))) + + + #print(ShortsDB_All) + + #print(ShortsDB_All[0][0]) + + + hkldbTranslations1 = [] + hkldbTranslations2 = [] + counter = 0 + for n in range(len(TranslationsDB_All)): + + counter += 1 + #if counter % 1000 == 0: + #print(counter) + + hkldbTranslations1.append([TranslationsDB_All[n][0][0]]) + hkldbTranslations2.append([TranslationsDB_All[n][1][0]]) + + + + #print(hkldbTranslations1, TranslationsDB_All) + #print('creating the hkl dump of TranslationsDBAll') + hkl.dump(TranslationsDB_All, 'hkldbTranslations_All.hkl', mode='w', compression='gzip') + #print('done..') + + #print('Creating the hkl dump of TranslationsDB') + hkl.dump(hkldbTranslations1, 'hkldbTranslations1.hkl', mode='w', compression='gzip') + hkl.dump(hkldbTranslations2, 'hkldbTranslations2.hkl', mode='w', compression='gzip') + #print('done..') + + return 'done' + + + def load_DB_into_FASTsearch_and_generate_BOW(self): + + print('loading the hkldbTranslations1...') + self.hkldbTranslations1 = hkl.load('hkldbTranslations1.hkl') + print('done') + + print('loading the hkldbTranslations2...') + self.hkldbTranslations2 = hkl.load('hkldbTranslations2.hkl') + print('done') + + print('loading hkldbTranslations 1 into FASTsearch..') + self.fsearch1 = FASTsearch.FASTsearch('hkldbTranslations1.hkl') + print('done') + + print('loading hkldbTranslations 2 into FASTsearch..') + self.fsearch2 = FASTsearch.FASTsearch('hkldbTranslations2.hkl') + print('done') + + print('generating BoW Model 1..') + self.fsearch1.Gen_BoW_Model(50000, "word", punctuation = False) + print('done') + + print('generating BoW Model 2..') + self.fsearch2.Gen_BoW_Model(50000, "word", punctuation = False) + print('done') + + return 'done' + + def loadModels(self): + + print('loading the hkldbTranslations1...') + self.hkldbTranslations1 = hkl.load('hkldbTranslations1.hkl') + print('done') + + print('loading the hkldbTranslations2...') + self.hkldbTranslations2 = hkl.load('hkldbTranslations2.hkl') + print('done') + + print('loading hkldbTranslations 1 into FASTsearch..') + self.fsearch1 = FASTsearch.FASTsearch('hkldbTranslations1.hkl') + print('done') + + print('loading hkldbTranslations 2 into FASTsearch..') + self.fsearch2 = FASTsearch.FASTsearch('hkldbTranslations2.hkl') + print('done') + + print('loading the bow model 1') + self.fsearch1.Load_BoW_Model('bagofwordshkldbTranslations1.pkl', 'DataBaseOneZeroshkldbTranslations1.hkl') + print('done') + + print('loading the bow model 2') + self.fsearch2.Load_BoW_Model('bagofwordshkldbTranslations2.pkl', 'DataBaseOneZeroshkldbTranslations2.hkl') + print('done') + + + return 'done' + + def searchNearest2Translate(self, text): + + + bestmatches2, matchindex2 = self.fsearch1.search_with_highest_multiplikation_Output(text, 1) + + + + DifficultText = self.hkldbTranslations1[matchindex2[0]][0].split() + LeichterText = self.hkldbTranslations2[matchindex2[0]][0].split() + + return DifficultText, LeichterText + diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index 822756d..df6dbb9 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -1,12 +1,33 @@ -version: '2.3' +version: '3.1' services: - prototype: + pluriton: - build: ../build/tf-gpu-Prototyp - container_name: prototype + build: ../build/tfgpu-pluriton + container_name: pluriton_python_app restart: always + deploy: + resources: + reservations: + devices: + - capabilities: [gpu] + networks: + - pluritonNet + + deb-rust-pluriton-interface: + build: ../build/deb-rust-pluriton-interface + container_name: deb-rust-pluriton-interface + restart: always + environment: + - RUST_BACKTRACE=full ports: - - "127.0.0.1:7000:7000" + - "127.0.0.1:1020:7050" + networks: + - pluritonNet + + +networks: + pluritonNet: + driver: bridge diff --git a/in b/in new file mode 100644 index 0000000..e69de29 diff --git a/out.html b/out.html new file mode 100644 index 0000000..e69de29