메인 ACL 폐지 및 Auth로 전환

lang/en-US.json

@@ -23,6 +23,7 @@
     "date" : "Date",
     "wiki_load_ip_select" : "Header to get IP",
     "auto_login" : "Auto login",
+    "view_hide_user_name_authority" : "View hidden username and IP",
 
     "_comment_" : "Common",
     "data" : "Data",

lang/ko-KR.json

@@ -669,5 +669,6 @@
     "edit_request_able": "편집 요청 가능",
     "date": "날짜",
     "wiki_load_ip_select" : "IP를 가져올 헤더",
-    "auto_login" : "자동 로그인"
+    "auto_login" : "자동 로그인",
+    "view_hide_user_name_authority" : "숨겨진 사용자 이름과 IP 보기"
 }

route/give_admin_groups.py

@@ -12,7 +12,9 @@ def give_admin_groups(name = 'test'):
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'toron', get_lang(conn, 'discussion_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
-                    [3, 'check', get_lang(conn, 'user_check_authority')],
+                    [3, 'check', get_lang(conn, 'user_analyze_authority')],
+                        [4, 'view_user_watchlist', get_lang(conn, 'view_user_watchlist_authority')],
+                        [4, '', get_lang(conn, 'user_check_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'acl', get_lang(conn, 'document_acl_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
@@ -25,7 +27,9 @@ def give_admin_groups(name = 'test'):
                     [3, 'vote', get_lang(conn, 'vote_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'admin_default_feature', get_lang(conn, 'admin_default_feature_authority')],
+                        [4, 'doc_watch_list_view', get_lang(conn, 'doc_watch_list_view_authority')],
                         [4, 'treat_as_admin', get_lang(conn, 'treat_as_admin_authority')],
+                        [4, 'view_hide_user_name', get_lang(conn, 'view_hide_user_name_authority')],
                         [4, 'user_name_bold', get_lang(conn, 'user_name_bold_authority')],
                         [4, 'multiple_upload', get_lang(conn, 'multiple_upload_authority')],
                         [4, 'slow_edit_pass', get_lang(conn, 'slow_edit_pass_authority')],

route_go/route/api_func_auth_move_patch.go

@@ -0,0 +1,23 @@
+package route
+
+import (
+	"opennamu/route/tool"
+
+	jsoniter "github.com/json-iterator/go"
+)
+
+func Api_func_auth_move_patch(call_arg []string) string {
+	var json = jsoniter.ConfigCompatibleWithStandardLibrary
+
+	other_set := map[string]string{}
+	json.Unmarshal([]byte(call_arg[0]), &other_set)
+
+	db := tool.DB_connect()
+	defer db.Close()
+
+	new_data := make(map[string]interface{})
+	new_data["response"] = "ok"
+
+	json_data, _ := json.Marshal(new_data)
+	return string(json_data)
+}

route_go/route/api_list_recent_change.go

@@ -57,7 +57,7 @@ func Api_list_recent_change(call_arg []string) string {
 
 	data_list := [][]string{}
 
-	admin_auth := tool.Get_user_auth(db, other_set["ip"])
+	admin_auth := tool.Check_acl(db, "", "", "hidel_auth", other_set["ip"])
 	ip_parser_temp := map[string][]string{}
 
 	for rows.Next() {
@@ -109,7 +109,7 @@ func Api_list_recent_change(call_arg []string) string {
 			ip_parser_temp[ip] = []string{ip_pre, ip_render}
 		}
 
-		if hide == "" || admin_auth != "" {
+		if hide == "" || admin_auth {
 			data_list = append(data_list, []string{
 				id,
 				title,

route_go/route/api_setting.go

@@ -36,10 +36,7 @@ func Api_setting(call_arg []string) string {
 
 	if val, ok := setting_acl[other_set["set_name"]]; ok {
 		if val != "" {
-			auth_name := tool.Get_user_auth(db, other_set["ip"])
-			auth_info := tool.Get_auth_group_info(db, auth_name)
-
-			if _, ok := auth_info["owner"]; !ok {
+			if tool.Check_acl(db, "", "", "owner_auth", other_set["ip"]) {
 				return_data := make(map[string]interface{})
 				return_data["response"] = "require auth"
 

route_go/route/api_setting_delete.go

@@ -16,14 +16,13 @@ func Api_setting_delete(call_arg []string) string {
 	db := tool.DB_connect()
 	defer db.Close()
 
-	auth_name := tool.Get_user_auth(db, other_set["ip"])
-	auth_info := tool.Get_auth_group_info(db, auth_name)
+	auth_info := tool.Check_acl(db, "", "", "owner_auth", other_set["ip"])
 
 	setting_acl := Setting_list()
 	return_data := make(map[string]interface{})
 
 	if _, ok := setting_acl[other_set["set_name"]]; ok {
-		if _, ok := auth_info["owner"]; ok {
+		if auth_info {
 			stmt, err := db.Prepare(tool.DB_change("delete from other where name = ?"))
 			if err != nil {
 				log.Fatal(err)

route_go/route/api_setting_put.go

@@ -16,14 +16,13 @@ func Api_setting_put(call_arg []string) string {
 	db := tool.DB_connect()
 	defer db.Close()
 
-	auth_name := tool.Get_user_auth(db, other_set["ip"])
-	auth_info := tool.Get_auth_group_info(db, auth_name)
+	auth_info := tool.Check_acl(db, "", "", "owner_auth", other_set["ip"])
 
 	setting_acl := Setting_list()
 	return_data := make(map[string]interface{})
 
 	if _, ok := setting_acl[other_set["set_name"]]; ok {
-		if _, ok := auth_info["owner"]; ok {
+		if auth_info {
 			if _, ok := other_set["coverage"]; !ok {
 				stmt, err := db.Prepare(tool.DB_change("delete from other where name = ?"))
 				if err != nil {

route_go/route/api_topic.go

@@ -99,14 +99,14 @@ func Api_topic(call_arg []string) string {
 		new_data["data"] = []map[string]string{}
 		data_slice := []map[string]string{}
 
-		admin_auth := tool.Get_user_auth(db, other_set["ip"])
+		admin_auth := tool.Check_acl(db, "", "", "toron_auth", other_set["ip"])
 
 		var ip_pre string
 		var ip_render string
 
 		for for_a := 0; for_a < len(data_list); for_a++ {
 			data := ""
-			if data_list[for_a][4] != "O" || admin_auth != "" {
+			if data_list[for_a][4] != "O" || admin_auth {
 				data = data_list[for_a][1]
 			}
 

route_go/route/api_user_watch_list.go

@@ -26,47 +26,51 @@ func Api_user_watch_list(call_arg []string) string {
 
 	ip := other_set["ip"]
 	name := other_set["name"]
-	if ip != name && tool.Get_user_auth(db, ip) == "" {
-		return "{}"
-	}
-
-	var stmt *sql.Stmt
-	var err error
-	if other_set["do_type"] == "star_doc" {
-		stmt, err = db.Prepare(tool.DB_change("select data from user_set where name = 'star_doc' and id = ? limit ?, 50"))
-	} else {
-		stmt, err = db.Prepare(tool.DB_change("select data from user_set where name = 'watchlist' and id = ? limit ?, 50"))
-	}
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer stmt.Close()
 
-	rows, err := stmt.Query(name, num)
-	if err != nil {
-		log.Fatal(err)
+	return_data := make(map[string]interface{})
+	return_data["language"] = map[string]string{
+		"watchlist": tool.Get_language(db, "watchlist", false),
+		"star_doc":  tool.Get_language(db, "star_doc", false),
 	}
-	defer rows.Close()
 
-	data_list := []string{}
-
-	for rows.Next() {
-		var title_data string
+	if ip != name && !tool.Check_acl(db, "", "", "view_user_watchlist", ip) {
+		return_data["response"] = "require auth"
+		return_data["data"] = []string{}
+	} else {
+		var stmt *sql.Stmt
+		var err error
+		if other_set["do_type"] == "star_doc" {
+			stmt, err = db.Prepare(tool.DB_change("select data from user_set where name = 'star_doc' and id = ? limit ?, 50"))
+		} else {
+			stmt, err = db.Prepare(tool.DB_change("select data from user_set where name = 'watchlist' and id = ? limit ?, 50"))
+		}
+		if err != nil {
+			log.Fatal(err)
+		}
+		defer stmt.Close()
 
-		err := rows.Scan(&title_data)
+		rows, err := stmt.Query(name, num)
 		if err != nil {
 			log.Fatal(err)
 		}
+		defer rows.Close()
 
-		data_list = append(data_list, title_data)
-	}
+		data_list := []string{}
 
-	return_data := make(map[string]interface{})
-	return_data["language"] = map[string]string{
-		"watchlist": tool.Get_language(db, "watchlist", false),
-		"star_doc":  tool.Get_language(db, "star_doc", false),
+		for rows.Next() {
+			var title_data string
+
+			err := rows.Scan(&title_data)
+			if err != nil {
+				log.Fatal(err)
+			}
+
+			data_list = append(data_list, title_data)
+		}
+
+		return_data["response"] = "ok"
+		return_data["data"] = data_list
 	}
-	return_data["data"] = data_list
 
 	json_data, _ := json.Marshal(return_data)
 	return string(json_data)

route_go/route/api_w_set_reset.go

@@ -18,10 +18,8 @@ func Api_w_set_reset(call_arg []string) string {
 
 	doc_name := other_set["name"]
 	ip := other_set["ip"]
-	auth_name := tool.Get_user_auth(db, ip)
-	auth_info := tool.Get_auth_group_info(db, auth_name)
 
-	if auth_info["owner"] {
+	if tool.Check_acl(db, "", "", "owner_auth", ip) {
 		stmt, err := db.Prepare(tool.DB_change("delete from acl where title = ?"))
 		if err != nil {
 			log.Fatal(err)

route_go/route/api_w_watch_list.go

@@ -24,61 +24,64 @@ func Api_w_watch_list(call_arg []string) string {
 	db := tool.DB_connect()
 	defer db.Close()
 
-	if tool.Get_user_auth(db, other_set["ip"]) == "" {
-		return "{}"
+	return_data := make(map[string]interface{})
+	return_data["language"] = map[string]string{
+		"watchlist": tool.Get_language(db, "watchlist", false),
+		"star_doc":  tool.Get_language(db, "star_doc", false),
 	}
 
-	var stmt *sql.Stmt
-	var err error
-	if other_set["do_type"] == "star_doc" {
-		stmt, err = db.Prepare(tool.DB_change("select id from user_set where name = 'star_doc' and data = ? limit ?, 50"))
+	if !tool.Check_acl(db, "", "", "doc_watch_list_view", other_set["ip"]) {
+		return_data["response"] = "require auth"
+		return_data["data"] = []string{}
 	} else {
-		stmt, err = db.Prepare(tool.DB_change("select id from user_set where name = 'watchlist' and data = ? limit ?, 50"))
-	}
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer stmt.Close()
-
-	rows, err := stmt.Query(other_set["name"], num)
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer rows.Close()
-
-	data_list := [][]string{}
-	ip_parser_temp := map[string][]string{}
-
-	for rows.Next() {
-		var user_name string
+		var stmt *sql.Stmt
+		var err error
+		if other_set["do_type"] == "star_doc" {
+			stmt, err = db.Prepare(tool.DB_change("select id from user_set where name = 'star_doc' and data = ? limit ?, 50"))
+		} else {
+			stmt, err = db.Prepare(tool.DB_change("select id from user_set where name = 'watchlist' and data = ? limit ?, 50"))
+		}
+		if err != nil {
+			log.Fatal(err)
+		}
+		defer stmt.Close()
 
-		err := rows.Scan(&user_name)
+		rows, err := stmt.Query(other_set["name"], num)
 		if err != nil {
 			log.Fatal(err)
 		}
+		defer rows.Close()
 
-		var ip_pre string
-		var ip_render string
+		data_list := [][]string{}
+		ip_parser_temp := map[string][]string{}
 
-		if _, ok := ip_parser_temp[user_name]; ok {
-			ip_pre = ip_parser_temp[user_name][0]
-			ip_render = ip_parser_temp[user_name][1]
-		} else {
-			ip_pre = tool.IP_preprocess(db, user_name, other_set["ip"])[0]
-			ip_render = tool.IP_parser(db, user_name, other_set["ip"])
+		for rows.Next() {
+			var user_name string
 
-			ip_parser_temp[user_name] = []string{ip_pre, ip_render}
-		}
+			err := rows.Scan(&user_name)
+			if err != nil {
+				log.Fatal(err)
+			}
 
-		data_list = append(data_list, []string{ip_pre, ip_render})
-	}
+			var ip_pre string
+			var ip_render string
 
-	return_data := make(map[string]interface{})
-	return_data["language"] = map[string]string{
-		"watchlist": tool.Get_language(db, "watchlist", false),
-		"star_doc":  tool.Get_language(db, "star_doc", false),
+			if _, ok := ip_parser_temp[user_name]; ok {
+				ip_pre = ip_parser_temp[user_name][0]
+				ip_render = ip_parser_temp[user_name][1]
+			} else {
+				ip_pre = tool.IP_preprocess(db, user_name, other_set["ip"])[0]
+				ip_render = tool.IP_parser(db, user_name, other_set["ip"])
+
+				ip_parser_temp[user_name] = []string{ip_pre, ip_render}
+			}
+
+			data_list = append(data_list, []string{ip_pre, ip_render})
+		}
+
+		return_data["response"] = "ok"
+		return_data["data"] = data_list
 	}
-	return_data["data"] = data_list
 
 	json_data, _ := json.Marshal(return_data)
 	return string(json_data)

route_go/route/tool/acl_and_auth.go

@@ -136,6 +136,10 @@ func Check_auth(auth_info map[string]bool) map[string]bool {
 		}
 	}
 
+	if _, ok := auth_info["check"]; ok {
+		auth_info["view_user_watchlist"] = true
+	}
+
 	check := false
 	for _, v := range admin_auth {
 		if _, ok := auth_info[v]; ok {
@@ -148,7 +152,7 @@ func Check_auth(auth_info map[string]bool) map[string]bool {
 		auth_info["admin_default_feature"] = true
 	}
 
-	admin_default_feature := []string{"treat_as_admin", "user_name_bold", "multiple_upload", "slow_edit_pass", "edit_bottom_compulsion_pass", "user"}
+	admin_default_feature := []string{"treat_as_admin", "user_name_bold", "multiple_upload", "slow_edit_pass", "edit_bottom_compulsion_pass", "view_hide_user_name", "doc_watch_list_view", "user"}
 
 	if _, ok := auth_info["admin_default_feature"]; ok {
 		for _, v := range admin_default_feature {
@@ -742,6 +746,30 @@ func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip str
 			} else {
 				acl_data = "owner"
 			}
+		} else if tool == "view_hide_user_name" {
+			acl_pass_auth = "admin_default_feature"
+
+			if auth_info["view_hide_user_name"] {
+				acl_data = ""
+			} else {
+				acl_data = "owner"
+			}
+		} else if tool == "user_name_bold" {
+			acl_pass_auth = "admin_default_feature"
+
+			if auth_info["user_name_bold"] {
+				acl_data = ""
+			} else {
+				acl_data = "owner"
+			}
+		} else if tool == "doc_watch_list_view" {
+			acl_pass_auth = "admin_default_feature"
+
+			if auth_info["doc_watch_list_view"] {
+				acl_data = ""
+			} else {
+				acl_data = "owner"
+			}
 		} else if tool == "document_edit_request" {
 			acl_pass_auth = "acl"
 

route_go/route/tool/ip_parser.go

@@ -88,7 +88,7 @@ func IP_preprocess(db *sql.DB, ip string, my_ip string) []string {
 		}
 	}
 
-	if Get_user_auth(db, my_ip) != "" {
+	if Check_acl(db, "", "", "view_hide_user_name", my_ip) {
 		ip_view = ""
 		user_name_view = ""
 	}
@@ -199,8 +199,8 @@ func IP_menu(db *sql.DB, ip string, my_ip string, option string) map[string][][]
 		}
 	}
 
-	auth_name := Get_user_auth(db, my_ip)
-	if auth_name != "" {
+	auth_name := Check_acl(db, "", "", "ban_auth", my_ip)
+	if auth_name {
 		menu[Get_language(db, "admin", false)] = [][]string{
 			{"/auth/ban/" + Url_parser(ip), Get_language(db, "ban", false)},
 			{"/list/user/check_submit/" + Url_parser(ip), Get_language(db, "check", false)},
@@ -234,10 +234,6 @@ func Get_user_ban_type(ban_type string) string {
 }
 
 func Get_user_ban(db *sql.DB, ip string, tool string) []string {
-	if Get_user_auth(db, ip) != "" {
-		return []string{"", ""}
-	}
-
 	rows, err := db.Query(DB_change("select login, block from rb where band = 'regex' and ongoing = '1'"))
 	if err != nil {
 		log.Fatal(err)
@@ -408,7 +404,7 @@ func IP_parser(db *sql.DB, ip string, my_ip string) string {
 				}
 			}
 
-			if Get_user_auth(db, raw_ip) != "" {
+			if Check_acl(db, "", "", "user_name_bold", raw_ip) {
 				ip = "<b>" + ip + "</b>"
 			}
 

version.json

@@ -1,6 +1,6 @@
 {
     "beta" : {
-        "r_ver" : "v3.5.0-v163",
+        "r_ver" : "v3.5.0-v164",
         "c_ver" : "20240513",
         "s_ver" : "20240426"
     }