오버헤드 때문에 더 느려진 기분이라서 검토 필요

route/api_user_info.py

@@ -37,7 +37,7 @@ def api_user_info(user_name = ''):
         data_result['max_exp'] = level_data[2]
             
         # ban part
-        ban = ban_check(conn, user_name)
+        ban = ban_check(user_name)
         if ban[0] == 0:
             data_result['ban'] = '0'
         else:

route/bbs_w_edit.py

@@ -33,7 +33,7 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
             else:
                 return redirect(conn, '/bbs/main')
             
-        if acl_check(conn, bbs_num_str, 'bbs_edit') == 1:
+        if acl_check(bbs_num_str, 'bbs_edit') == 1:
             return redirect(conn, '/bbs/set/' + bbs_num_str)
         
         i_list = ['post_view_acl', 'post_comment_acl']

route/bbs_w_post.py

@@ -70,7 +70,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
 
         bbs_num_str = str(bbs_num)
         post_num_str = str(post_num)
-        bbs_comment_acl = acl_check(conn, bbs_num_str, 'bbs_comment')
+        bbs_comment_acl = acl_check(bbs_num_str, 'bbs_comment')
         ip = ip_check()
 
         temp_dict = json.loads(api_bbs_w_post(bbs_num_str + '-' + post_num_str).data)
@@ -115,7 +115,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
 
                 return redirect(conn, '/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + id_data)
             else:
-                if acl_check(conn, bbs_num_str, 'bbs_view') == 1:
+                if acl_check(bbs_num_str, 'bbs_view') == 1:
                     return re_error(conn, '/ban')
 
                 text = ''
@@ -233,7 +233,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
 
                 return redirect(conn, '/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id)
             else:
-                if acl_check(conn, bbs_num_str, 'bbs_view') == 1:
+                if acl_check(bbs_num_str, 'bbs_view') == 1:
                     return re_error(conn, '/ban')
                     
                 text = ''

route/edit.py

@@ -123,9 +123,9 @@ def edit(name = 'Test', section = 0, do_type = ''):
         ip = ip_check()
 
         edit_req_mode = 0
-        if acl_check(conn, name, 'document_edit') == 1:
+        if acl_check(name, 'document_edit') == 1:
             edit_req_mode = 1
-            if acl_check(conn, name, 'document_edit_request') == 1:
+            if acl_check(name, 'document_edit_request') == 1:
                 return redirect(conn, '/raw_acl/' + url_pas(name))
             
         if do_title_length_check(conn, name) == 1:
@@ -136,7 +136,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
         doc_ver = doc_ver[0][0] if doc_ver else '0'
 
         if doc_ver == '0':
-            if acl_check(conn, name, 'document_make_acl') == 1:
+            if acl_check(name, 'document_make_acl') == 1:
                 edit_req_mode = 1
 
         curs.execute(db_change("select set_data from data_set where doc_name = ? and doc_rev = ? and set_name = 'edit_request_data'"), [name, doc_ver])

route/edit_delete.py

@@ -5,7 +5,7 @@ def edit_delete(name):
         curs = conn.cursor()
 
         ip = ip_check()
-        if acl_check(conn, name, 'document_delete') == 1:
+        if acl_check(name, 'document_delete') == 1:
             return re_error(conn, '/ban')
 
         curs.execute(db_change("select title from data where title = ?"), [name])

route/edit_move.py

@@ -4,7 +4,7 @@ def edit_move(name):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if acl_check(conn, name, 'document_move') == 1:
+        if acl_check(name, 'document_move') == 1:
             return re_error(conn, '/ban')
         
         if do_title_length_check(conn, name) == 1:
@@ -12,7 +12,7 @@ def edit_move(name):
 
         if flask.request.method == 'POST':
             move_title = flask.request.form.get('title', 'test')
-            if acl_check(conn, move_title) == 1:
+            if acl_check(move_title) == 1:
                 return re_error(conn, '/ban')
 
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:

route/edit_request.py

@@ -7,7 +7,7 @@ def edit_request(name = 'Test', do_type = ''):
         curs = conn.cursor()
 
         disabled = ""
-        if acl_check(conn, name, 'document_edit') == 1:
+        if acl_check(name, 'document_edit') == 1:
             disabled = "disabled"
 
         curs.execute(db_change("select id from history where title = ? order by id + 0 desc"), [name])
@@ -15,7 +15,7 @@ def edit_request(name = 'Test', do_type = ''):
         doc_ver = doc_ver[0][0] if doc_ver else '0'
 
         if doc_ver == '0':
-            if acl_check(conn, name, 'document_make_acl') == 1:
+            if acl_check(name, 'document_make_acl') == 1:
                 disabled = "disabled"
 
         curs.execute(db_change("select set_data from data_set where doc_name = ? and doc_rev = ? and set_name = 'edit_request_data'"), [name, doc_ver])

route/edit_revert.py

@@ -8,7 +8,7 @@ def edit_revert(name, num):
         if curs.fetchall() and admin_check(conn, 6) != 1:
             return re_error(conn, '/error/3')
 
-        if acl_check(conn, name, 'document_edit') == 1:
+        if acl_check(name, 'document_edit') == 1:
             return re_error(conn, '/ban')
         
         curs.execute(db_change("select data from history where title = ? and id = ?"), [name, str(num)])

route/edit_upload.py

@@ -4,7 +4,7 @@ def edit_upload():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if acl_check(conn, '', 'upload') == 1:
+        if acl_check('', 'upload') == 1:
             return re_error(conn, '/ban')
         
         curs.execute(db_change('select data from other where name = "upload"'))
@@ -31,7 +31,7 @@ def edit_upload():
             if file_len == 1:
                 file_num = None
             else:
-                if acl_check(conn, '', 'many_upload') == 1:
+                if acl_check('', 'many_upload') == 1:
                     return re_error(conn, '/ban')
 
                 file_num = 1

route/give_admin_groups.py

@@ -8,22 +8,16 @@ def give_admin_groups(name = 'test'):
             [1, 'owner', get_lang(conn, 'owner_authority')],
             [2, 'admin', get_lang(conn, 'admin_authority')],
             [3, 'ban', get_lang(conn, 'ban_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'toron', get_lang(conn, 'discussion_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'check', get_lang(conn, 'user_check_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'acl', get_lang(conn, 'document_acl_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'hidel', get_lang(conn, 'history_hide_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'give', get_lang(conn, 'authorization_authority')],
-            [4, '', get_lang(conn, 'user_authority'), True],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'admin_default_feature', get_lang(conn, 'admin_default_feature_authority')],
             [4, 'user_name_bold', get_lang(conn, 'user_name_bold_authority')],

route/give_user_ban.py

@@ -6,7 +6,7 @@ def give_user_ban(name = None, ban_type = ''):
 
         ip = ip_check()
         
-        if ban_check(conn, ip = ip, tool = 'login')[0] == 1:
+        if ban_check(ip = ip, tool = 'login')[0] == 1:
             if ip_or_user(ip) == 1 or admin_check(conn, 'all', None, ip) == 0:
                 return re_error(conn, '/ban')
         else:

route/go_api_topic.py

@@ -124,7 +124,7 @@ async def api_topic(topic_num = 1, tool = 'normal', s_num = '', e_num = ''):
     with get_db_connect() as conn:
         topic_num = str(topic_num)
 
-        if acl_check(conn, '', 'topic_view', topic_num) != 1:
+        if acl_check('', 'topic_view', topic_num) != 1:
             other_set = {}
             other_set["topic_num"] = topic_num
             other_set["tool"] = tool

route/go_api_w_raw.py

@@ -2,7 +2,7 @@ from .tool.func import *
 
 async def api_w_raw(name = 'Test', rev = '', exist_check = ''):
     with get_db_connect() as conn:
-        if acl_check(conn, name, 'render') != 1:
+        if acl_check(name, 'render') != 1:
             other_set = {}
             other_set["name"] = name
             other_set["rev"] = str(rev)

route/login_login.py

@@ -8,7 +8,7 @@ def login_login_2():
         if ip_or_user(ip) == 0:
             return redirect(conn, '/user')
 
-        if ban_check(conn, None, 'login')[0] == 1:
+        if ban_check(None, 'login')[0] == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':

route/login_login_2fa.py

@@ -14,7 +14,7 @@ def login_login_2fa_2():
         if ip_or_user(ip) == 0:
             return redirect(conn, '/user')
 
-        if ban_check(conn, None, 'login')[0] == 1:
+        if ban_check(None, 'login')[0] == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':

route/login_login_2fa_email.py

@@ -14,7 +14,7 @@ def login_login_2fa_email_2():
         if ip_or_user(ip) == 0:
             return redirect(conn, '/user')
 
-        if ban_check(conn, None, 'login')[0] == 1:
+        if ban_check(None, 'login')[0] == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':

route/login_register.py

@@ -4,7 +4,7 @@ def login_register_2():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if ban_check(conn, None, 'login')[0] == 1:
+        if ban_check(None, 'login')[0] == 1:
             return re_error(conn, '/ban')
 
         ip = ip_check()

route/main_view_image.py

@@ -2,7 +2,7 @@ from .tool.func import *
 
 def main_view_image(name = ''):
     with get_db_connect() as conn:
-        if acl_check(conn, '', 'render') != 1:
+        if acl_check('', 'render') != 1:
             name = re.sub(r'\.cache_v(?:[0-9]+)$', '', name)
             mime_type = re.search(r'([^.]+)$', name)
             if mime_type:

route/tool/func.py

@@ -1417,7 +1417,7 @@ def wiki_custom(conn):
         email,
         user_name,
         user_admin,
-        str(ban_check(conn)[0]),
+        str(ban_check()[0]),
         user_notice,
         user_acl_list,
         ip,
@@ -1718,9 +1718,9 @@ def captcha_get(conn):
 
     data = ''
     
-    if acl_check(conn, '', 'recaptcha_five_pass') == 0 and 'recapcha_pass' in flask.session and flask.session['recapcha_pass'] > 0:
+    if acl_check('', 'recaptcha_five_pass') == 0 and 'recapcha_pass' in flask.session and flask.session['recapcha_pass'] > 0:
         pass
-    elif acl_check(conn, '', 'recaptcha') == 1:
+    elif acl_check('', 'recaptcha') == 1:
         curs.execute(db_change('select data from other where name = "recaptcha"'))
         recaptcha = curs.fetchall()
         
@@ -1769,9 +1769,9 @@ def captcha_post(conn, re_data, num = 1):
 
     if num != 1:
         pass
-    elif acl_check(conn, '', 'recaptcha_five_pass') == 0 and 'recapcha_pass' in flask.session and flask.session['recapcha_pass'] > 0:
+    elif acl_check('', 'recaptcha_five_pass') == 0 and 'recapcha_pass' in flask.session and flask.session['recapcha_pass'] > 0:
         pass
-    elif acl_check(conn, '', 'recaptcha') == 1:
+    elif acl_check('', 'recaptcha') == 1:
         curs.execute(db_change('select data from other where name = "sec_re"'))
         sec_re = curs.fetchall()
         
@@ -1967,379 +1967,34 @@ def admin_check(conn, num = None, what = None, name = ''):
 
     return 0
 
-def acl_check(conn, name = '', tool = '', topic_num = ''):
-    curs = conn.cursor()
-
-    if name == None:
-        name = ''
-
+def acl_check(name = '', tool = '', topic_num = ''):
+    name = '' if name == None else name
     ip = ip_check()
-    if tool == 'document_edit_request':
-        get_ban = ban_check(conn, ip, 'edit_request')[0]
-    else:
-        get_ban = ban_check(conn, ip)[0]
-    
-    if tool == '' and name != '':
-        if acl_check(conn, name, 'render') == 1:
-            return 1
-        
-        user_page = re.search(r"^user:((?:(?!\/).)*)", name)
-        if user_page:
-            user_page = user_page.group(1)
-            if admin_check(conn, 5) == 1:
-                return 0
-                
-            if get_ban == 1:
-                return 1
-                
-            curs.execute(db_change("select data from acl where title = ? and type = 'decu'"), [name])
-            acl_data = curs.fetchall()
-            if acl_data:
-                if acl_data[0][0] == 'all':
-                    return 0
-                elif acl_data[0][0] == 'user' and not ip_or_user(ip) == 1:
-                    return 0
-            
-            if ip == user_page and not ip_or_user(ip) == 1:
-                return 0
-    
-            return 1
-    elif tool in ['document_edit', 'document_edit_request', 'document_move', 'document_delete']:
-        if acl_check(conn, name, '') == 1:
-            return 1
-    elif tool in ['bbs_edit', 'bbs_comment']:
-        if acl_check(conn, name, 'bbs_view') == 1:
-            return 1
-    elif tool == 'topic':
-        if name == '':
-            curs.execute(db_change("select title from rd where code = ?"), [topic_num])
-            name = curs.fetchall()
-            name = name[0][0] if name else 'test'
-
-    if tool in ['bbs_edit', 'bbs_comment']:
-        end = 4
-    elif tool in ['topic']:
-        end = 3
-    elif tool in ['render', 'vote', '', 'document_edit', 'document_edit_request', 'document_move', 'document_delete', 'document_edit', 'bbs_view']:
-        end = 2
-    else:
-        end = 1
-
-    for i in range(0, end):
-        if tool == '':
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'decu'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "edit"'))
-
-            '''
-            elif i == 1:
-                curs.execute(db_change("select plus from html_filter where kind = 'document'"))
-            '''
-
-            num = 5
-        elif tool == 'document_move':
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'document_move_acl'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "document_move_acl"'))
-
-            num = 5
-        elif tool == 'document_edit':
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'document_edit_acl'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "document_edit_acl"'))
-
-            num = 5
-        elif tool == 'document_delete':
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'document_delete_acl'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "document_delete_acl"'))
-
-            num = 5
-        elif tool == 'topic':
-            if i == 0:
-                curs.execute(db_change("select acl from rd where code = ?"), [topic_num])
-            elif i == 1:
-                curs.execute(db_change("select data from acl where title = ? and type = 'dis'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "discussion"'))
-
-            num = 3
-        elif tool == 'topic_view':
-            curs.execute(db_change("select set_data from topic_set where thread_code = ? and set_name = 'thread_view_acl'"), [topic_num])
-            
-            num = 3
-        elif tool == 'upload':
-            curs.execute(db_change("select data from other where name = 'upload_acl'"))
-
-            num = 5
-        elif tool == 'many_upload':
-            curs.execute(db_change("select data from other where name = 'many_upload_acl'"))
-
-            num = 5
-        elif tool == 'vote':
-            if i == 0:
-                if topic_num != '':
-                    curs.execute(db_change('select acl from vote where id = ? and user = ""'), [topic_num])
-                else:
-                    continue
-            else:
-                curs.execute(db_change('select data from other where name = "vote_acl"'))
-
-            num = None
-        elif tool == 'slow_edit':
-            curs.execute(db_change('select data from other where name = "slow_edit_acl"'))
-
-            num = 'all'
-        elif tool == 'edit_bottom_compulsion':
-            curs.execute(db_change('select data from other where name = "edit_bottom_compulsion_acl"'))
-
-            num = 'all'
-        elif tool == 'bbs_edit':
-            if i == 0:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_edit_acl" and set_id = ?'), [name])
-            elif i == 1:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_acl" and set_id = ?'), [name])
-            elif i == 2:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_edit_acl_all" and set_id = ?'), [name])
-            else:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_acl_all" and set_id = ?'), [name])
-
-            num = 'all'
-        elif tool == 'bbs_comment':
-            if i == 0:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_comment_acl" and set_id = ?'), [name])
-            elif i == 1:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_acl" and set_id = ?'), [name])
-            elif i == 2:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_comment_acl_all" and set_id = ?'), [name])
-            else:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_acl_all" and set_id = ?'), [name])
-
-            num = 'all'
-        elif tool == 'bbs_view':
-            if i == 0:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_view_acl" and set_id = ?'), [name])
-            else:
-                curs.execute(db_change('select set_data from bbs_set where set_name = "bbs_view_acl_all" and set_id = ?'), [name])
-
-            num = 'all'
-        elif tool == 'recaptcha':
-            curs.execute(db_change('select data from other where name = "recaptcha_pass_acl"'))
 
-            num = 'all'
-        elif tool == 'recaptcha_five_pass':
-            curs.execute(db_change('select data from other where name = "recaptcha_one_check_five_pass_acl"'))
-
-            num = 'all'
-        elif tool == 'document_edit_request':
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'document_edit_request_acl'"), [name])
-            else:
-                curs.execute(db_change('select data from other where name = "document_edit_request_acl"'))
-
-            num = 5
-        elif tool == 'document_make_acl':
-            curs.execute(db_change('select data from other where name = "document_make_acl"'))
-
-            num = 5
-        else:
-            # tool == 'render'
-            if i == 0:
-                curs.execute(db_change("select data from acl where title = ? and type = 'view'"), [name])
-            else:
-                curs.execute(db_change("select data from other where name = 'all_view_acl'"))
-
-            num = 5
-
-        acl_data = curs.fetchall()
-        if not acl_data or acl_data[0][0] == '':
-            if tool == 'recaptcha':
-                acl_data = [['admin']]
-            elif tool == 'slow_edit' or tool == 'edit_bottom_compulsion':
-                acl_data = [['not_all']]
-            else:
-                acl_data = [['normal']]
-
-        except_ban_tool_list = ['render', 'topic_view', 'bbs_view']
-        if acl_data[0][0] != 'normal':
-            if not acl_data[0][0] in ['ban', 'ban_admin'] and not tool in except_ban_tool_list:
-                if get_ban == 1:
-                    return 1
-            
-            if acl_data[0][0] in ['all', 'ban']:
-                return 0
-            elif acl_data[0][0] == 'user':
-                if ip_or_user(ip) != 1:
-                    return 0
-            elif acl_data[0][0] == 'admin':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-            elif acl_data[0][0] == '50_edit':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-                    else:
-                        curs.execute(db_change("select count(*) from history where ip = ?"), [ip])
-                        count = curs.fetchall()
-                        count = count[0][0] if count else 0
-                        if count >= 50:
-                            return 0
-            elif acl_data[0][0] == 'before':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-                
-                curs.execute(db_change("select ip from history where title = ? and ip = ?"), [name, ip])
-                if curs.fetchall():
-                    return 0
-            elif acl_data[0][0] == '30_day' or acl_data[0][0] == '90_day':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-                    else:
-                        curs.execute(db_change("select data from user_set where id = ? and name = 'date'"), [ip])
-                        user_date = curs.fetchall()[0][0]
-                        
-                        if acl_data[0][0] == '30_day':
-                            time_1 = datetime.datetime.strptime(user_date, '%Y-%m-%d %H:%M:%S') + datetime.timedelta(days = 30)
-                        else:
-                            time_1 = datetime.datetime.strptime(user_date, '%Y-%m-%d %H:%M:%S') + datetime.timedelta(days = 90)
-
-                        time_2 = datetime.datetime.strptime(get_time(), '%Y-%m-%d %H:%M:%S')
-                        if time_2 > time_1:
-                            return 0
-            elif acl_data[0][0] == 'email':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-                    else:
-                        curs.execute(db_change("select data from user_set where id = ? and name = 'email'"), [ip])
-                        if curs.fetchall():
-                            return 0
-            elif acl_data[0][0] == 'owner':
-                if admin_check(conn) == 1:
-                    return 0
-            elif acl_data[0][0] == 'ban_admin':
-                if admin_check(conn, 1) == 1 or get_ban == 1:
-                    return 0
-            elif acl_data[0][0] == 'not_all':
-                return 1
-            elif acl_data[0][0] == 'up_to_level_3':
-                if int(level_check(conn, ip)[0]) >= 3:
-                    return 0
-            elif acl_data[0][0] == 'up_to_level_10':
-                if int(level_check(conn, ip)[0]) >= 10:
-                    return 0
-            elif acl_data[0][0] == '30_day_50_edit':
-                if ip_or_user(ip) != 1:
-                    if admin_check(conn, num) == 1:
-                        return 0
-                    else:
-                        curs.execute(db_change("select count(*) from history where ip = ?"), [ip])
-                        count = curs.fetchall()
-                        count = count[0][0] if count else 0
-                        if count >= 50:
-                            curs.execute(db_change("select data from user_set where id = ? and name = 'date'"), [ip])
-                            user_date = curs.fetchall()[0][0]
-
-                            time_1 = datetime.datetime.strptime(user_date, '%Y-%m-%d %H:%M:%S') + datetime.timedelta(days = 30)
-                            time_2 = datetime.datetime.strptime(get_time(), '%Y-%m-%d %H:%M:%S')
-                            if time_2 > time_1:
-                                return 0
-
-            return 1
-        elif i == (end - 1):
-            if not tool in except_ban_tool_list:
-                if get_ban == 1:
-                    return 1
-            
-            if tool == 'topic':
-                curs.execute(db_change("select title from rd where code = ? and stop != ''"), [topic_num])
-                if curs.fetchall():
-                    if admin_check(conn, 3, 'topic (code ' + topic_num + ')') == 1:
-                        return 0
-                    else:
-                        return 1
-                else:
-                    return 0
-            else:
-                return 0
-
-    return 1
+    other_set = {}
+    other_set['ip'] = ip
+    other_set['name'] = name
+    other_set['topic_number'] = topic_num
+    other_set['tool'] = tool
 
-def ban_type_check(data):
-    if data == 'O':
-        return '1'
-    elif data == 'E':
-        return '2'
-    else:
-        return ''
+    data_str = python_to_golang_sync('api_func_acl', other_set)
+    data = json.loads(data_str)
 
-def ban_check(conn, ip = None, tool = ''):
-    curs = conn.cursor()
+    return 0 if data["data"] else 1
 
+def ban_check(ip = None, tool = ''):
     ip = ip_check() if not ip else ip
     tool = '' if not tool else tool
 
-    if admin_check(conn, None, None, ip) == 1:
-        return [0, '']
-
-    curs.execute(db_change("select login, block from rb where band = 'regex' and ongoing = '1'"))
-    regex_d = curs.fetchall()
-    for test_r in regex_d:
-        ban_type = ban_type_check(test_r[0])
-
-        g_regex = re.compile(test_r[1])
-        if g_regex.search(ip):
-            if tool == 'login':
-                if ban_type != '1':
-                    return [1, 'a' + ban_type]
-            elif tool == 'edit_request':
-                if ban_type != '2':
-                    return [1, 'a' + ban_type]
-            else:
-                return [1, 'a' + ban_type]
-            
-    curs.execute(db_change("select login, block from rb where band = 'cidr' and ongoing = '1'"))
-    regex_d = curs.fetchall()
-    for test_r in regex_d:
-        ban_type = ban_type_check(test_r[0])
-        
-        cidr_list = [str(ip) for ip in ipaddress.IPv4Network(test_r[1], False)]
-        if ip in cidr_list:
-            if tool == 'login':
-                if ban_type != '1':
-                    return [1, 'b' + ban_type]
-            elif tool == 'edit_request':
-                if ban_type != '2':
-                    return [1, 'b' + ban_type]
-            else:
-                return [1, 'b' + ban_type]
-
-    curs.execute(db_change("select login from rb where block = ? and band = '' and ongoing = '1'"), [ip])
-    ban_d = curs.fetchall()
-    if ban_d:
-        ban_type = ban_type_check(ban_d[0][0])
-        if tool == 'login':
-            if ban_type != '1':
-                return [1, ban_type]
-        elif tool == 'edit_request':
-            if ban_type != '2':
-                return [1, ban_type]
-        else:
-            return [1, ban_type]
+    other_set = {}
+    other_set['ip'] = ip
+    other_set['type'] = tool
 
-    curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [ip])
-    db_data = curs.fetchall()
-    if db_data and db_data[0][0] == 'ban':
-        return [1, 'c']
+    data_str = python_to_golang_sync('api_func_ban', other_set)
+    data = json.loads(data_str)
+    data["ban"] = 1 if data["ban"] == "true" else 0
 
-    return [0, '']
+    return [data["ban"], data["ban_type"]]
 
 def ip_pas(raw_ip):
     other_set = {}
@@ -2358,10 +2013,7 @@ def ip_pas(raw_ip):
     data_str = python_to_golang_sync('api_func_ip_post', other_set)
     data = json.loads(data_str)
 
-    if return_data == 1:
-        return data["data"][raw_ip]
-    else:
-        return data["data"]
+    return data["data"][raw_ip] if return_data == 1 else data["data"]
         
 # Func-edit
 def get_edit_text_bottom(conn) :
@@ -2411,7 +2063,7 @@ def do_edit_send_check(conn, data):
     curs.execute(db_change('select data from other where name = "edit_bottom_compulsion"'))
     db_data = curs.fetchall()
     if db_data and db_data[0][0] != '':
-        if acl_check(conn, '', 'edit_bottom_compulsion') == 1:
+        if acl_check('', 'edit_bottom_compulsion') == 1:
             if data == '':
                 return 1
     
@@ -2428,7 +2080,7 @@ def do_edit_slow_check(conn, do_type = 'edit'):
     
     slow_edit = curs.fetchall()
     if slow_edit and slow_edit[0][0] != '':
-        if acl_check(conn, '', 'slow_edit') == 1:
+        if acl_check('', 'slow_edit') == 1:
             slow_edit = int(number_check(slow_edit[0][0]))
 
             if do_type == 'edit':
@@ -2695,7 +2347,7 @@ def re_error(conn, data):
     curs = conn.cursor()
 
     if data == '/ban':
-        if ban_check(conn)[0] == 1:
+        if ban_check()[0] == 1:
             end = '<div id="opennamu_get_user_info">' + html.escape(ip_check()) + '</div>'
         else:
             end = '<ul class="opennamu_ul"><li>' + get_lang(conn, 'authority_error') + '</li></ul>'

route/topic.py

@@ -27,8 +27,8 @@ def topic(topic_num = 0, do_type = '', doc_name = 'Test'):
             else:
                 return redirect(conn, '/')
                 
-        topic_acl = acl_check(conn, name_value, 'topic', topic_num)
-        topic_view_acl = acl_check(conn, '', 'topic_view', topic_num)
+        topic_acl = acl_check(name_value, 'topic', topic_num)
+        topic_view_acl = acl_check('', 'topic_view', topic_num)
         if topic_view_acl == 1:
             return re_error(conn, '/ban')
 

route/topic_comment_tool.py

@@ -7,7 +7,7 @@ def topic_comment_tool(topic_num = 1, num = 1):
         num = str(num)
         topic_num = str(topic_num)
         
-        if acl_check(conn, '', 'topic_view', topic_num) == 1:
+        if acl_check('', 'topic_view', topic_num) == 1:
             return re_error(conn, '/ban')
 
         curs.execute(db_change("select block, ip, date from topic where code = ? and id = ?"), [topic_num, num])

route/user_setting_pw.py

@@ -4,7 +4,7 @@ def user_setting_pw():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if ban_check(conn)[0] == 1:
+        if ban_check()[0] == 1:
             return re_error(conn, '/ban')
 
         ip = ip_check()

route/user_setting_skin_set_main.py

@@ -107,7 +107,7 @@ def user_setting_skin_set_main():
         curs = conn.cursor()
 
         ip = ip_check()
-        if ban_check(conn, ip)[0] == 1:
+        if ban_check(ip)[0] == 1:
             return re_error(conn, '/ban')
             
         set_list = user_setting_skin_set_main_set_list(conn)

route/user_setting_top_menu.py

@@ -5,7 +5,7 @@ def user_setting_top_menu():
         curs = conn.cursor()
 
         ip = ip_check()
-        if ban_check(conn, ip)[0] == 1:
+        if ban_check(ip)[0] == 1:
             return re_error(conn, '/ban')
 
         if ip_or_user(ip) == 1:

route/view_diff.py

@@ -69,7 +69,7 @@ def view_diff(name = 'Test', num_a = 1, num_b = 1):
         first = str(num_a)
         second = str(num_b)
 
-        if acl_check(conn, name, 'render') == 1:
+        if acl_check(name, 'render') == 1:
             return re_error(conn, '/ban')
 
         curs.execute(db_change("select title from history where title = ? and (id = ? or id = ?) and hide = 'O'"), [name, first, second])

route/view_raw.py

@@ -11,17 +11,17 @@ def view_raw(name = '', topic_num = '', num = '', doc_acl = 0, bbs_num = '', pos
         post_num_str = str(post_num)
 
         if bbs_num != '' and post_num != '':
-            if acl_check(conn, bbs_num_str, 'bbs_view') == 1:
+            if acl_check(bbs_num_str, 'bbs_view') == 1:
                 return re_error(conn, '/ban')
                     
             name = ''
         elif topic_num != '':
             topic_num = str(topic_num)
             
-            if acl_check(conn, '', 'topic_view', topic_num) == 1:
+            if acl_check('', 'topic_view', topic_num) == 1:
                 return re_error(conn, '/ban')
         else:
-            if acl_check(conn, name, 'render') == 1:
+            if acl_check(name, 'render') == 1:
                 return re_error(conn, '/ban')
 
         if num:

route/view_w.py

@@ -188,7 +188,7 @@ def view_w(name = 'Test', do_type = ''):
         data = curs.fetchall()
 
         description = ''
-        if acl_check(conn, name, 'render') == 1:
+        if acl_check(name, 'render') == 1:
             response_data = 401
 
             curs.execute(db_change('select data from other where name = "error_401"'))
@@ -216,7 +216,7 @@ def view_w(name = 'Test', do_type = ''):
 
         curs.execute(db_change("select title from acl where title = ?"), [name])
         acl = 1 if curs.fetchall() else 0
-        menu_acl = 1 if acl_check(conn, name, 'document_edit') == 1 else 0
+        menu_acl = 1 if acl_check(name, 'document_edit') == 1 else 0
         if response_data == 404:
             menu += [['edit/' + url_pas(name), get_lang(conn, 'create'), menu_acl]] 
         else:

route/view_xref.py

@@ -4,7 +4,7 @@ def view_xref(name = 'Test', xref_type = 1, num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if acl_check(conn, name, 'render') == 1:
+        if acl_check(name, 'render') == 1:
             return re_error(conn, '/ban')
 
         sql_num = (num * 50 - 50) if num * 50 > 0 else 0

route/vote_add.py

@@ -4,7 +4,7 @@ def vote_add():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if acl_check(conn, '', 'vote') == 1:
+        if acl_check('', 'vote') == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':

route/vote_close.py

@@ -6,7 +6,7 @@ def vote_close(num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if acl_check(conn, '', 'vote') == 1:
+        if acl_check('', 'vote') == 1:
             return re_error(conn, '/ban')
 
         curs.execute(db_change('select type from vote where id = ? and user = ""'), [num])

route/vote_list.py

@@ -30,7 +30,7 @@ def vote_list(list_type = 'normal', num = 1):
         data += '</ul>'
         menu = []
         if list_type == 'normal':
-            menu = [["vote/add", get_lang(conn, 'add_vote')]] if acl_check(conn, '', 'vote') != 1 else []
+            menu = [["vote/add", get_lang(conn, 'add_vote')]] if acl_check('', 'vote') != 1 else []
             data += next_fix(conn, '/vote/list/', num, data_list)
         else:
             data += next_fix(conn, '/vote/list/close/', num, data_list)

route/vote_select.py

@@ -14,7 +14,7 @@ def vote_select(num = 1):
         if data_list[0][3] == 'close' or data_list[0][3] == 'n_close':
             return redirect(conn, '/vote/end/' + num)
 
-        if acl_check(conn, '', 'vote', num) == 1:
+        if acl_check('', 'vote', num) == 1:
             return redirect(conn, '/vote/end/' + num)
 
         curs.execute(db_change('select user from vote where id = ? and user = ?'), [num, ip_check()])

route_go/main.go

@@ -83,6 +83,10 @@ func main() {
 		route_data = route.Api_func_acl_list(call_arg[1:])
 	} else if call_arg[0] == "api_user_rankup" {
 		route_data = route.Api_user_rankup(call_arg[1:])
+	} else if call_arg[0] == "api_func_acl" {
+		route_data = route.Api_func_acl(call_arg[1:])
+	} else if call_arg[0] == "api_func_ban" {
+		route_data = route.Api_func_ban(call_arg[1:])
 	} else {
 		log.Fatal(call_arg[0] + " is 404")
 	}

route_go/route/api_func_acl.go

@@ -0,0 +1,21 @@
+package route
+
+import (
+	"encoding/json"
+	"opennamu/route/tool"
+)
+
+func Api_func_acl(call_arg []string) string {
+	other_set := map[string]string{}
+	json.Unmarshal([]byte(call_arg[0]), &other_set)
+
+	db := tool.DB_connect()
+	defer db.Close()
+
+	new_data := make(map[string]interface{})
+	new_data["response"] = "ok"
+	new_data["data"] = tool.Check_acl(db, other_set["name"], other_set["topic_number"], other_set["tool"], other_set["ip"])
+
+	json_data, _ := json.Marshal(new_data)
+	return string(json_data)
+}

route_go/route/api_func_ban.go

@@ -0,0 +1,24 @@
+package route
+
+import (
+	"encoding/json"
+	"opennamu/route/tool"
+)
+
+func Api_func_ban(call_arg []string) string {
+	other_set := map[string]string{}
+	json.Unmarshal([]byte(call_arg[0]), &other_set)
+
+	db := tool.DB_connect()
+	defer db.Close()
+
+	ip_data := tool.Get_user_ban(db, other_set["ip"], other_set["type"])
+
+	new_data := make(map[string]interface{})
+	new_data["response"] = "ok"
+	new_data["ban"] = ip_data[0]
+	new_data["ban_type"] = ip_data[1]
+
+	json_data, _ := json.Marshal(new_data)
+	return string(json_data)
+}

route_go/route/tool/acl_and_auth.go

@@ -1,5 +1,13 @@
 package tool
 
+import (
+	"database/sql"
+	"log"
+	"strconv"
+	"strings"
+	"time"
+)
+
 func List_acl(func_type string) []string {
 	if func_type == "user_document" {
 		return []string{
@@ -28,3 +36,948 @@ func List_acl(func_type string) []string {
 		}
 	}
 }
+
+func Get_user_auth(db *sql.DB, ip string) string {
+	if !IP_or_user(ip) {
+		var auth string
+
+		stmt, err := db.Prepare(DB_change("select data from user_set where id = ? and name = 'acl'"))
+		if err != nil {
+			log.Fatal(err)
+		}
+		defer stmt.Close()
+
+		err = stmt.QueryRow(ip).Scan(&auth)
+		if err != nil {
+			if err == sql.ErrNoRows {
+				auth = "user"
+			} else {
+				log.Fatal(err)
+			}
+		}
+
+		if auth != "user" && auth != "ban" {
+			return auth
+		} else {
+			return ""
+		}
+	}
+
+	return ""
+}
+
+func Get_auth_group_info(db *sql.DB, auth string) map[string]bool {
+	stmt, err := db.Prepare(DB_change("select name from alist where name = ?"))
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer stmt.Close()
+
+	rows, err := stmt.Query(auth)
+	if err != nil {
+		log.Fatal(err)
+	}
+	defer rows.Close()
+
+	data_list := map[string]bool{}
+
+	for rows.Next() {
+		var name string
+
+		err := rows.Scan(&name)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		data_list[name] = true
+	}
+
+	return Check_auth(data_list)
+}
+
+func Check_auth(auth_info map[string]bool) map[string]bool {
+	if _, ok := auth_info["owner"]; ok {
+		auth_info["admin"] = true
+	}
+
+	admin_auth := []string{"ban", "toron", "check", "acl", "hidel", "give", "bbs"}
+
+	if _, ok := auth_info["admin"]; ok {
+		for _, v := range admin_auth {
+			auth_info[v] = true
+		}
+	}
+
+	check := false
+	for _, v := range admin_auth {
+		if _, ok := auth_info[v]; ok {
+			check = true
+			break
+		}
+	}
+
+	if check {
+		auth_info["admin_default_feature"] = true
+	}
+
+	admin_default_feature := []string{"user_name_bold", "multiple_upload", "slow_edit_pass", "edit_bottom_compulsion_pass"}
+
+	if _, ok := auth_info["admin_default_feature"]; ok {
+		for _, v := range admin_default_feature {
+			auth_info[v] = true
+		}
+
+		auth_info["user"] = true
+	}
+
+	return auth_info
+}
+
+func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip string) bool {
+	auth_name := Get_user_auth(db, ip)
+	auth_info := Get_auth_group_info(db, auth_name)
+
+	ip_or_user := IP_or_user(ip)
+	level := "0"
+	if !ip_or_user {
+		level = Get_level(db, ip)[0]
+	}
+
+	level_int, _ := strconv.Atoi(level)
+
+	get_ban := ""
+	if tool == "document_edit_request" {
+		get_ban = Get_user_ban(db, ip, "edit_request")[0]
+	} else {
+		get_ban = Get_user_ban(db, ip, "")[0]
+	}
+
+	if tool == "" && name != "" {
+		if !Check_acl(db, name, "", "render", ip) {
+			return false
+		}
+
+		if strings.HasPrefix(name, "user:") {
+			user_page_str := name[5:]
+			if slash_index := strings.Index(user_page_str, "/"); slash_index != -1 {
+				user_page_str = user_page_str[:slash_index]
+			}
+
+			if auth_info["acl"] {
+				return true
+			}
+
+			if get_ban == "true" {
+				return false
+			}
+
+			stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'decu'"))
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer stmt.Close()
+
+			var acl_data string
+
+			err = stmt.QueryRow(name).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+
+			if acl_data == "all" {
+				return true
+			} else if acl_data == "user" {
+				if !ip_or_user {
+					return true
+				}
+			} else if ip == user_page_str {
+				if !ip_or_user {
+					return true
+				}
+			}
+
+			return false
+		}
+	}
+
+	if Arr_in_str([]string{"document_edit", "document_edit_request", "document_move", "document_delete"}, tool) {
+		if !Check_acl(db, name, topic_number, "", ip) {
+			return false
+		}
+	} else if Arr_in_str([]string{"bbs_edit", "bbs_comment"}, tool) {
+		if !Check_acl(db, name, topic_number, "bbs_view", ip) {
+			return false
+		}
+	}
+
+	if tool == "topic" {
+		if name == "" {
+			stmt, err := db.Prepare(DB_change("select title from rd where code = ?"))
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer stmt.Close()
+
+			err = stmt.QueryRow(topic_number).Scan(&name)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					name = "test"
+				} else {
+					log.Fatal(err)
+				}
+			}
+		}
+	}
+
+	end_number := 1
+	for for_a := 0; for_a < end_number; for_a++ {
+		acl_data := ""
+		acl_pass_auth := ""
+
+		if tool == "" {
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'decu'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'edit'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "document_move" {
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'document_move_acl'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'document_move_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "document_edit" {
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'document_edit_acl'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'document_edit_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "document_edit" {
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'document_delete_acl'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'document_delete_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "topic" {
+			acl_pass_auth = "topic"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select acl from rd where code = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(topic_number).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else if for_a == 1 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'dis'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(topic_number).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'discussion'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "topic_view" {
+			acl_pass_auth = "topic"
+
+			stmt, err := db.Prepare(DB_change("select set_data from topic_set where thread_code = ? and set_name = 'thread_view_acl'"))
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer stmt.Close()
+
+			err = stmt.QueryRow(topic_number).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "upload" {
+			acl_pass_auth = "multiple_upload"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'upload_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "many_upload" {
+			acl_pass_auth = "multiple_upload"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'many_upload_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "vote" {
+			acl_pass_auth = "owner"
+
+			if for_a == 0 {
+				end_number += 1
+
+				if topic_number != "" {
+					stmt, err := db.Prepare(DB_change("select acl from vote where id = ? and user = ''"))
+					if err != nil {
+						log.Fatal(err)
+					}
+					defer stmt.Close()
+
+					err = stmt.QueryRow(topic_number).Scan(&acl_data)
+					if err != nil {
+						if err == sql.ErrNoRows {
+							acl_data = ""
+						} else {
+							log.Fatal(err)
+						}
+					}
+				} else {
+					continue
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'vote_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "slow_edit" {
+			acl_pass_auth = "slow_edit_pass"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'slow_edit_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "edit_bottom_compulsion" {
+			acl_pass_auth = "edit_bottom_compulsion_pass"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'edit_bottom_compulsion_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "bbs_edit" {
+			acl_pass_auth = "bbs"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select set_data from bbs_set where set_name = 'bbs_edit_acl' and set_id = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else if for_a == 1 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select set_data from bbs_set where set_name = 'bbs_acl' and set_id = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else if for_a == 2 {
+				end_number += 1
+
+				err := db.QueryRow(DB_change("select set_data from bbs_set where set_name = 'bbs_edit_acl_all'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select set_data from bbs_set where set_name = 'bbs_acl_all'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "bbs_comment" {
+			acl_pass_auth = "bbs"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select set_data from bbs_set where set_name = 'bbs_comment_acl' and set_id = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else if for_a == 1 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select set_data from bbs_set where set_name = 'bbs_acl' and set_id = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else if for_a == 2 {
+				end_number += 1
+
+				err := db.QueryRow(DB_change("select set_data from bbs_set where set_name = 'bbs_comment_acl_all'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select set_data from bbs_set where set_name = 'bbs_acl_all'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "bbs_view" {
+			acl_pass_auth = "bbs"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select set_data from bbs_set where set_name = 'bbs_view_acl' and set_id = ?"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select set_data from bbs_set where set_name = 'bbs_view_acl_all'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "recaptcha" {
+			acl_pass_auth = "admin_default_feature"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'recaptcha_pass_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "recaptcha_five_pass" {
+			acl_pass_auth = "admin_default_feature"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'recaptcha_one_check_five_pass_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else if tool == "document_edit_request" {
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'document_edit_request_acl'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'document_edit_request_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+		} else if tool == "document_make_acl" {
+			acl_pass_auth = "acl"
+
+			err := db.QueryRow(DB_change("select data from other where name = 'document_make_acl'")).Scan(&acl_data)
+			if err != nil {
+				if err == sql.ErrNoRows {
+					acl_data = ""
+				} else {
+					log.Fatal(err)
+				}
+			}
+		} else {
+			// tool == "render"
+			acl_pass_auth = "acl"
+
+			if for_a == 0 {
+				end_number += 1
+
+				stmt, err := db.Prepare(DB_change("select data from acl where title = ? and type = 'view'"))
+				if err != nil {
+					log.Fatal(err)
+				}
+				defer stmt.Close()
+
+				err = stmt.QueryRow(name).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			} else {
+				err := db.QueryRow(DB_change("select data from other where name = 'all_view_acl'")).Scan(&acl_data)
+				if err != nil {
+					if err == sql.ErrNoRows {
+						acl_data = ""
+					} else {
+						log.Fatal(err)
+					}
+				}
+			}
+
+			if acl_data == "" {
+				if tool == "recaptcha" {
+					acl_data = "admin"
+				} else if tool == "slow_edit" || tool == "edit_bottom_compulsion" {
+					acl_data = "not_all"
+				} else {
+					acl_data = "normal"
+				}
+			}
+
+			except_ban_tool_list := []string{"render", "topic_view", "bbs_view"}
+			if acl_data != "normal" {
+				if !(acl_data == "ban" || acl_data == "ban_admin") && !Arr_in_str(except_ban_tool_list, tool) {
+					if get_ban == "true" {
+						return false
+					}
+				}
+
+				if auth_info[acl_pass_auth] {
+					return true
+				} else if acl_data == "all" || acl_data == "ban" {
+					return true
+				} else if acl_data == "user" {
+					if !ip_or_user {
+						return true
+					}
+				} else if acl_data == "admin" {
+					if auth_info["admin_default_feature"] {
+						return true
+					}
+				} else if acl_data == "50_edit" {
+					if !ip_or_user {
+						stmt, err := db.Prepare(DB_change("select count(*) from history where ip = ?"))
+						if err != nil {
+							log.Fatal(err)
+						}
+						defer stmt.Close()
+
+						var count int
+
+						err = stmt.QueryRow(ip).Scan(&count)
+						if err != nil {
+							if err == sql.ErrNoRows {
+								count = 0
+							} else {
+								log.Fatal(err)
+							}
+						}
+
+						if count >= 50 {
+							return true
+						}
+					}
+				} else if acl_data == "before" {
+					stmt, err := db.Prepare(DB_change("select ip from history where title = ? and ip = ?"))
+					if err != nil {
+						log.Fatal(err)
+					}
+					defer stmt.Close()
+
+					var exist string
+
+					err = stmt.QueryRow(name, ip).Scan(&exist)
+					if err != nil {
+						if err == sql.ErrNoRows {
+							exist = ""
+						} else {
+							log.Fatal(err)
+						}
+					}
+
+					if exist != "" {
+						return true
+					}
+				} else if acl_data == "30_day" || acl_data == "90_day" {
+					if !ip_or_user {
+						stmt, err := db.Prepare(DB_change("select data from user_set where id = ? and name = 'date'"))
+						if err != nil {
+							log.Fatal(err)
+						}
+						defer stmt.Close()
+
+						var signup_date string
+
+						err = stmt.QueryRow(ip).Scan(&signup_date)
+						if err != nil {
+							if err == sql.ErrNoRows {
+								signup_date = Get_time()
+							} else {
+								log.Fatal(err)
+							}
+						}
+
+						time_1, _ := time.Parse("2006-01-02 15:04:05", signup_date)
+						if acl_data == "30_day" {
+							time_1 = time_1.AddDate(0, 0, 30)
+						} else {
+							time_1 = time_1.AddDate(0, 0, 90)
+						}
+
+						time_2, _ := time.Parse("2006-01-02 15:04:05", Get_time())
+						if time_2.After(time_1) {
+							return true
+						}
+					}
+				} else if acl_data == "email" {
+					if !ip_or_user {
+						stmt, err := db.Prepare(DB_change("select data from user_set where id = ? and name = 'email'"))
+						if err != nil {
+							log.Fatal(err)
+						}
+						defer stmt.Close()
+
+						var exist string
+
+						err = stmt.QueryRow(ip).Scan(&exist)
+						if err != nil {
+							if err == sql.ErrNoRows {
+								exist = ""
+							} else {
+								log.Fatal(err)
+							}
+						}
+
+						if exist != "" {
+							return true
+						}
+					}
+				} else if acl_data == "owner" {
+					if auth_info["owner"] {
+						return true
+					}
+				} else if acl_data == "ban_admin" {
+					if auth_info["admin_default_feature"] || get_ban == "true" {
+						return true
+					}
+				} else if acl_data == "not_all" {
+					return false
+				} else if acl_data == "up_to_level_3" || acl_data == "up_to_level_10" {
+					if acl_data == "up_to_level_3" {
+						if level_int >= 3 {
+							return true
+						}
+					} else if acl_data == "up_to_level_10" {
+						if level_int >= 10 {
+							return true
+						}
+					}
+				} else if acl_data == "30_day_50_edit" {
+					if !ip_or_user {
+						stmt, err := db.Prepare(DB_change("select data from user_set where id = ? and name = 'date'"))
+						if err != nil {
+							log.Fatal(err)
+						}
+						defer stmt.Close()
+
+						var signup_date string
+
+						err = stmt.QueryRow(ip).Scan(&signup_date)
+						if err != nil {
+							if err == sql.ErrNoRows {
+								signup_date = Get_time()
+							} else {
+								log.Fatal(err)
+							}
+						}
+
+						time_1, _ := time.Parse("2006-01-02 15:04:05", signup_date)
+						time_1 = time_1.AddDate(0, 0, 30)
+
+						time_2, _ := time.Parse("2006-01-02 15:04:05", Get_time())
+						if time_2.After(time_1) {
+							stmt, err := db.Prepare(DB_change("select count(*) from history where ip = ?"))
+							if err != nil {
+								log.Fatal(err)
+							}
+							defer stmt.Close()
+
+							var count int
+
+							err = stmt.QueryRow(ip).Scan(&count)
+							if err != nil {
+								if err == sql.ErrNoRows {
+									count = 0
+								} else {
+									log.Fatal(err)
+								}
+							}
+
+							if count >= 50 {
+								return true
+							}
+						}
+					}
+				}
+
+				return false
+			} else if for_a == end_number-1 {
+				if !Arr_in_str(except_ban_tool_list, tool) {
+					if get_ban == "true" {
+						return false
+					}
+				}
+
+				if tool == "topic" {
+					stmt, err := db.Prepare(DB_change("select title from rd where code = ? and stop != ''"))
+					if err != nil {
+						log.Fatal(err)
+					}
+					defer stmt.Close()
+
+					var topic_state string
+
+					err = stmt.QueryRow(topic_number).Scan(&topic_state)
+					if err != nil {
+						if err == sql.ErrNoRows {
+							topic_state = ""
+						} else {
+							log.Fatal(err)
+						}
+					}
+
+					if topic_state != "" {
+						if auth_info["topic"] {
+							return true
+						} else {
+							return false
+						}
+					} else {
+						return true
+					}
+				} else {
+					return true
+				}
+			}
+		}
+	}
+
+	return false
+}

route_go/route/tool/ip_parser.go

@@ -61,64 +61,6 @@ func Get_level(db *sql.DB, ip string) []string {
 	return []string{level, exp, max_exp}
 }
 
-func Get_user_auth(db *sql.DB, ip string) string {
-	if !IP_or_user(ip) {
-		var auth string
-
-		stmt, err := db.Prepare(DB_change("select data from user_set where id = ? and name = 'acl'"))
-		if err != nil {
-			log.Fatal(err)
-		}
-		defer stmt.Close()
-
-		err = stmt.QueryRow(ip).Scan(&auth)
-		if err != nil {
-			if err == sql.ErrNoRows {
-				auth = "user"
-			} else {
-				log.Fatal(err)
-			}
-		}
-
-		if auth != "user" && auth != "ban" {
-			return auth
-		} else {
-			return ""
-		}
-	}
-
-	return ""
-}
-
-func Get_auth_group_info(db *sql.DB, auth string) map[string]bool {
-	stmt, err := db.Prepare(DB_change("select name from alist where name = ?"))
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer stmt.Close()
-
-	rows, err := stmt.Query(auth)
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer rows.Close()
-
-	data_list := map[string]bool{}
-
-	for rows.Next() {
-		var name string
-
-		err := rows.Scan(&name)
-		if err != nil {
-			log.Fatal(err)
-		}
-
-		data_list[name] = true
-	}
-
-	return data_list
-}
-
 func IP_preprocess(db *sql.DB, ip string, my_ip string) []string {
 	var ip_view string
 	var user_name_view string

route_go/route/tool/some_tool.go

@@ -5,6 +5,7 @@ import (
 	"encoding/hex"
 	"html/template"
 	"net/url"
+	"time"
 )
 
 func Sha224(data string) string {
@@ -23,3 +24,17 @@ func Url_parser(data string) string {
 func HTML_escape(data string) string {
 	return template.HTMLEscapeString(data)
 }
+
+func Arr_in_str(arr []string, data string) bool {
+	for _, v := range arr {
+		if v == data {
+			return true
+		}
+	}
+
+	return false
+}
+
+func Get_time() string {
+	return time.Now().Format("2006-01-02 15:04:05")
+}

version.json

@@ -1,6 +1,6 @@
 {
     "beta" : {
-        "r_ver" : "v3.5.0-v148",
+        "r_ver" : "v3.5.0-v149",
         "c_ver" : "20240513",
         "s_ver" : "20240426"
     }