Merge pull request #2357 from openNAMU/dev

드디어 Auth를 beta로 전달

app.py

@@ -150,10 +150,11 @@ with get_db_connect(init_mode = True) as conn:
     app.config['JSONIFY_PRETTYPRINT_REGULAR'] = False
     app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 3600
     if run_mode == 'dev':
+        app.config['TEMPLATES_AUTO_RELOAD'] = True
         app.config['DEBUG'] = True
         app.config['ENV'] = 'development'
 
-    log = logging.getLogger('hypercorn')
+    log = logging.getLogger('waitress')
     log.setLevel(logging.ERROR)
 
     app.jinja_env.filters['md5_replace'] = md5_replace
@@ -478,7 +479,8 @@ app.route('/list/user/check/delete/<name>/<ip>/<time>/<do_type>', methods = ['PO
 
 # Func-auth
 app.route('/auth/give', methods = ['POST', 'GET'])(give_auth)
-app.route('/auth/give/<name>', methods = ['POST', 'GET'])(give_auth)
+app.route('/auth/give_total', methods = ['POST', 'GET'])(give_auth)
+app.route('/auth/give/<user_name>', methods = ['POST', 'GET'])(give_auth)
 
 app.route('/auth/ban', methods = ['POST', 'GET'])(give_user_ban)
 app.route('/auth/ban/multiple', methods = ['POST', 'GET'], defaults = { 'ban_type' : 'multiple' })(give_user_ban)
@@ -531,8 +533,8 @@ app.route('/record/topic/<name>')(recent_record_topic)
 app.route('/record/bbs/<name>', defaults = { 'tool' : 'record' })(bbs_w)
 app.route('/record/bbs_comment/<name>', defaults = { 'tool' : 'comment_record' })(bbs_w)
 
-app.route('/history/<everything:name>', defaults = { 'tool' : 'history' }, methods = ['POST', 'GET'])(recent_change)
-app.route('/history_page/<int:num>/<set_type>/<everything:name>', defaults = { 'tool' : 'history' }, methods = ['POST', 'GET'])(recent_change)
+app.route('/history/<everything:doc_name>', methods = ['POST', 'GET'])(list_history)
+app.route('/history_page/<int:num>/<set_type>/<everything:doc_name>', methods = ['POST', 'GET'])(list_history)
 
 app.route('/history_tool/<int(signed = True):rev>/<everything:name>')(recent_history_tool)
 app.route('/history_delete/<int(signed = True):rev>/<everything:name>', methods = ['POST', 'GET'])(recent_history_delete)
@@ -689,7 +691,6 @@ app.route('/vote/add', methods = ['POST', 'GET'])(vote_add)
 # Func-bbs
 app.route('/bbs/main')(bbs_main)
 app.route('/bbs/make', methods = ['POST', 'GET'])(bbs_make)
-app.route('/bbs/set')(bbs_set)
 app.route('/bbs/in/<int:bbs_num>')(bbs_in)
 app.route('/bbs/in/<int:bbs_num>/<int:page>')(bbs_in)
 # app.route('/bbs/blind/<int:bbs_num>', methods = ['POST', 'GET'])(bbs_hide)
@@ -724,25 +725,21 @@ app.route('/api/random')(api_w_random)
 
 app.route('/api/bbs/w/<sub_code>')(api_bbs_w_post)
 app.route('/api/bbs/w/comment/<sub_code>')(api_bbs_w_comment)
-app.route('/api/bbs/w/comment_one/<sub_code>')(api_bbs_w_comment)
+app.route('/api/bbs/w/comment_one/<sub_code>')(api_bbs_w_comment_one)
 
 app.route('/api/version', defaults = { 'version_list' : version_list })(api_version)
 app.route('/api/skin_info')(api_skin_info)
 app.route('/api/skin_info/<name>')(api_skin_info)
 app.route('/api/user_info/<user_name>')(api_user_info)
-app.route('/api/setting/<name>')(api_setting)
-
-app.route('/api/auth')(api_func_auth)
-app.route('/api/auth/<user_name>')(api_func_auth)
 
 app.route('/api/thread/<int:topic_num>/<int:s_num>/<int:e_num>')(api_topic)
 app.route('/api/thread/<int:topic_num>/<tool>')(api_topic)
 app.route('/api/thread/<int:topic_num>')(api_topic)
 
-app.route('/api/search/<everything:name>')(api_search)
-app.route('/api/search_page/<int:num>/<everything:name>')(api_search)
-app.route('/api/search_data/<everything:name>', defaults = { 'search_type' : 'data' })(api_search)
-app.route('/api/search_data_page/<int:num>/<everything:name>', defaults = { 'search_type' : 'data' })(api_search)
+app.route('/api/search/<everything:name>')(api_func_search)
+app.route('/api/search_page/<int:num>/<everything:name>')(api_func_search)
+app.route('/api/search_data/<everything:name>', defaults = { 'search_type' : 'data' })(api_func_search)
+app.route('/api/search_data_page/<int:num>/<everything:name>', defaults = { 'search_type' : 'data' })(api_func_search)
 
 app.route('/api/recent_change')(api_list_recent_change)
 app.route('/api/recent_changes')(api_list_recent_change)
@@ -772,27 +769,37 @@ app.route('/api/v2/recent_block/<set_type>/<int:num>/<user_name>')(api_list_rece
 app.route('/api/v2/list/document/old/<int:num>', defaults = { 'set_type' : 'old' })(api_list_old_page)
 app.route('/api/v2/list/document/new/<int:num>', defaults = { 'set_type' : 'new' })(api_list_old_page)
 app.route('/api/v2/list/document/<int:num>')(api_list_title_index)
+app.route('/api/v2/list/auth')(api_list_auth)
+app.route('/api/v2/list/markup')(api_list_markup)
+app.route('/api/v2/list/acl/<data_type>')(api_list_acl)
+app.route('/api/v2/history/<int:num>/<set_type>/<everything:doc_name>')(api_list_history)
 
 app.route('/api/v2/topic/<int:num>/<set_type>/<everything:name>')(api_topic_list)
 
 app.route('/api/v2/bbs')(api_bbs_list)
 app.route('/api/v2/bbs/main')(api_bbs)
+app.route('/api/v2/bbs/set/<int:bbs_num>/<name>', methods = ['GET', 'PUT'])(api_bbs_w_set)
 app.route('/api/v2/bbs/in/<int:bbs_num>/<int:page>')(api_bbs)
-app.route('/api/v2/bbs/w/comment/<int:bbs_num>/<int:post_num>/<tool>')(api_bbs_w_comment_n)
+app.route('/api/v2/bbs/w/comment/<sub_code>/<tool>', defaults = { 'legacy' : '' })(api_bbs_w_comment)
+app.route('/api/v2/bbs/w/comment_one/<sub_code>/<tool>', defaults = { 'legacy' : '' })(api_bbs_w_comment_one)
 
 app.route('/api/v2/doc_star_doc/<int:num>/<everything:name>', defaults = { 'do_type' : 'star_doc' })(api_w_watch_list)
 app.route('/api/v2/doc_watch_list/<int:num>/<everything:name>')(api_w_watch_list)
 app.route('/api/v2/set_reset/<everything:name>')(api_w_set_reset)
+app.route('/api/v2/page_view/<everything:name>')(api_w_page_view)
 
 app.route('/api/v2/setting/<name>', methods = ['GET', 'PUT'])(api_setting)
 
+app.route('/api/v2/auth')(api_func_auth)
+app.route('/api/v2/auth/<user_name>')(api_func_auth)
+app.route('/api/v2/auth/give', methods = ['PATCH'])(api_give_auth)
+
 app.route('/api/v2/user/rankup', methods = ['GET', 'PATCH'])(api_user_rankup)
 app.route('/api/v2/user/setting/editor', methods = ['GET', 'POST', 'DELETE'])(api_user_setting_editor)
 
 app.route('/api/v2/ip/<everything:data>', methods = ['GET', 'POST'])(api_func_ip)
 app.route('/api/v2/ip_menu/<everything:ip>', defaults = { 'option' : 'user' }, methods = ['GET', 'POST'])(api_func_ip_menu)
 app.route('/api/v2/user_menu/<everything:ip>')(api_func_ip_menu)
-app.route('/api/v2/acl_list/<data_type>')(api_func_acl_list)
 app.route('/api/v2/lang', defaults = { 'legacy' : '' }, methods = ['POST'])(api_func_language)
 
 # Func-main
@@ -823,7 +830,6 @@ app.route('/setting/body/bottom', defaults = { 'num' : 7 }, methods = ['POST', '
 app.route('/setting_preview/body/bottom', defaults = { 'num' : 7, 'set_preview' : 1 }, methods = ['POST'])(main_setting_head)
 app.route('/setting/robot', methods = ['POST', 'GET'])(main_setting_robot)
 app.route('/setting/external', methods = ['POST', 'GET'])(main_setting_external)
-app.route('/setting/acl', methods = ['POST', 'GET'])(main_setting_acl)
 app.route('/setting/sitemap', methods = ['POST', 'GET'])(main_setting_sitemap)
 app.route('/setting/sitemap_set', methods = ['POST', 'GET'])(main_setting_sitemap_set)
 app.route('/setting/skin_set', methods = ['POST', 'GET'])(main_setting_skin_set)

emergency_tool.py

@@ -33,7 +33,7 @@ print('4. Change host')
 print('5. Change port')
 print('6. Change skin')
 print('7. Change password')
-print('8. Change version')
+print('8. Set db version')
 print('9. Delete set.json')
 print('10. Change name')
 print('11. Delete mysql.json')

lang/en-US.json

@@ -21,6 +21,35 @@
     "option" : "Option",
     "edit_request_able" : "Edit request available",
     "date" : "Date",
+    "wiki_load_ip_select" : "Header to get IP",
+    "auto_login" : "Auto login",
+    "view_hide_user_name_authority" : "View hidden username and IP authority",
+    "view_user_watchlist_authority" : "View user watchlist authority",
+    "doc_watch_list_view_authority" : "View the list of people who have added document to the watchlist authority",
+    "bbs_view_authority" : "BBS view authority",
+    "bbs_comment_authority" : "BBS comment authority",
+    "bbs_edit_authority" : "BBS edit authority",
+    "user_analyze_authority" : "Analyze user authority",
+    "still_use_auth_error" : "Someone still has this authority",
+    "xss_data_include_error" : "You cannot enter characters that can be used for XSS.",
+    "nothing_authority" : "Ineffective authority",
+    "multiple_authorize" : "Multiple authorize",
+    "auth_to_auth" : "Auth group to auth group",
+    "vote_management_authority" : "Vote management authority",
+    "bbs_management_authority" : "BBS management authority",
+    "discuss_view_authority" : "Discussion view authority",
+    "page_view" : "Page views",
+    "discuss_make_new_thread_authority" : "Create a new discussion authority",
+    "multiple_move" : "Multiple move documents",
+    "url" : "URL",
+    "resolution" : "Resolution",
+    "file_delete_with_document" : "Delete document and file at the same time",
+    "method" : "Method",
+    "edit_filter_pass_authority" : "Contents filter pass authority",
+    "edit_filter_view_authority" : "Contents filter view authority",
+    "post_view_acl" : "Post view ACL",
+    "post_comment_acl" : "Post comment ACL",
+    "remove_hidden" : "Don't show hide content",
 
     "_comment_" : "Common",
     "data" : "Data",
@@ -228,7 +257,7 @@
     "direct_input" : "Direct input",
     "acl_record" : "ACL record",
     "last_edit_time" : "Last edited time",
-    "admin_group" : "Administrator groups",
+    "admin_group" : "Auth group(s)",
     "topic_setting" : "Discussion settings",
     "old_page" : "Document(s) modified a long time ago",
     "skin_set" : "Skin setting(s)",
@@ -240,7 +269,7 @@
     "all_register_num" : "The number of application forms",
     "replace_move" : "Interchange",
     "merge_move" : "Merging documents",
-    "add_admin_group" : "Add administrator groups",
+    "add_admin_group" : "Add auth group",
     "add_watchlist" : "Add watchlist",
     "blocked_user" : "Blocked user",
     "blocked_admin" : "Blocked administrator",
@@ -248,7 +277,7 @@
     "topic_name_change" : "Change discussion name",
     "topic_acl_setting" : "Discussion ACL setting",
     "topic_acl" : "Discussion ACL",
-    "delete_admin_group": "Delete admin group",
+    "delete_admin_group": "Delete auth group",
     "main_skin_set" : "Main skin settings",
     "reset_backlink" : "Reset backlink",
     "link_in_this" : "Links in this document",
@@ -523,7 +552,7 @@
     "discussion_list" : "Discussion(s) list",
     "admin_list" : "Administrator(s) list",
     "member_list" : "Member(s) list",
-    "admin_group_list" : "Administrator group(s) list",
+    "admin_group_list" : "Auth group(s) list",
     "all_document_list" : "All document(s) list",
     "watchlist" : "Watchlist",
     "image_file_list" : "Image file(s) list",
@@ -576,7 +605,6 @@
     "discussion_record" : "Discussion record",
     
     "_comment_" : "Topic",
-    "remove_blind_thread" : "Hide blind thread",
     "make_new_topic" : "Make new discussion",
     "topic_tool" : "Discussion management tools",
     "topic_state" : "Discussion status",
@@ -667,7 +695,7 @@
     "user_reset_sign" : "Your account information has changed like this.",
     "default_edit_help" : "Describe it here",
     "markup_enabled" : "Markup enabled",
-    "many_delete_help" : "Please write down the documents name one by one on the line.",
+    "many_delete_help" : "Please write down the name one by one on the line.",
     "name_or_ip_or_regex_or_cidr_multiple" : "Please write down the username or IP or Regex or CIDR one by one on the line.",
     "sqlite_only" : "SQLite only",
     "linux_only" : "Linux OS only",
@@ -698,7 +726,7 @@
     "file_capacity_error" : "Maximum file capacity (MB): ",
     "move_error" : "An error occurred while moving. All or part of it has not been moved.",
     "password_diffrent_error" : "Reconfirm password and input password are different.",
-    "edit_filter_error" : "Censored by edit filter.",
+    "edit_filter_error" : "Censored by contents filter.",
     "file_name_error" : "You cannot use dots in the file name.",
     "topic_long_error" : "The discussions topic must not exceed 256 characters.",
     "email_error" : "No one has this email.",

lang/ko-KR.json

@@ -297,7 +297,7 @@
     "edit_help": "편집 창 문구",
     "default_edit_help": "이곳에 내용을 입력해주세요.",
     "many_delete": "다중 문서 삭제",
-    "many_delete_help": "한 줄에 문서명을 한 개씩 적어주세요.",
+    "many_delete_help": "한 줄에 이름을 한 개씩 적어주세요.",
     "content": "내용",
     "upload_acl": "파일 올리기 ACL",
     "topic_delete": "토론 삭제",
@@ -357,7 +357,7 @@
     "empty": "빈칸",
     "email_send_error": "이메일 전송이 실패했습니다.",
     "sitemap_management": "sitemap.xml 관리",
-    "same_ip_exist": "동일한 아이피가 존재합니다.",
+    "same_ip_exist": "동일한 IP가 존재합니다.",
     "restart_fail_error": "재시작이 실패했습니다. 수동 재시작을 이용해주세요.",
     "domain": "도메인",
     "simple_check": "간편 검사",
@@ -587,7 +587,6 @@
     "list_view_change": "숫자 리스트의 보기 방식 변경",
     "view_joke": "농담 매크로 내용 보이기",
     "math_scroll": "Math 매크로에서 스크롤 사용",
-    "remove_blind_thread": "숨겨진 토론 보이지 않기",
     "trace": "추적",
     "view_history": "문서 열람 추적 사용",
     "start_with_search": "첫 글자부터 검색",
@@ -667,5 +666,34 @@
     "cidr": "CIDR",
     "option": "옵션",
     "edit_request_able": "편집 요청 가능",
-    "date": "날짜"
+    "date": "날짜",
+    "wiki_load_ip_select" : "IP를 가져올 헤더",
+    "auto_login" : "자동 로그인",
+    "view_hide_user_name_authority" : "숨겨진 사용자 이름과 IP 보기",
+    "view_user_watchlist_authority" : "사용자 주시 목록 보기",
+    "doc_watch_list_view_authority" : "문서를 주시 목록에 추가한 사람 목록 보기",
+    "bbs_view_authority" : "BBS 보기 권한",
+    "bbs_comment_authority" : "BBS 댓글 권한",
+    "bbs_edit_authority" : "BBS 편집 권한",
+    "user_analyze_authority" : "사용자 분석 권한",
+    "still_use_auth_error" : "이 권한을 보유한 사람이 아직 존재합니다.",
+    "xss_data_include_error" : "XSS에 이용될 수 있는 문자는 입력할 수 없습니다.",
+    "nothing_authority" : "아무 기능 없는 권한",
+    "multiple_authorize" : "다중 권한 부여",
+    "auth_to_auth" : "권한 그룹에서 권한 그룹으로",
+    "vote_management_authority" : "투표 관리 권한",
+    "bbs_management_authority" : "BBS 관리 권한",
+    "discuss_view_authority" : "토론 보기 권한",
+    "page_view" : "조회수",
+    "discuss_make_new_thread_authority" : "새 토론 만들기 권한",
+    "multiple_move" : "다중 문서 이동",
+    "file_delete_with_document" : "문서와 파일 동시 삭제",
+    "url" : "URL",
+    "resolution" : "해상도",
+    "method" : "방법",
+    "edit_filter_pass_authority" : "편집 필터 통과 권한",
+    "edit_filter_view_authority" : "편집 필터 보기 권한",
+    "post_view_acl" : "게시글 보기 ACL",
+    "post_comment_acl" : "게시글 댓글 ACL",
+    "remove_hidden": "숨겨진 내용 보이지 않기"
 }

route/__init__.py

@@ -1,11 +1,8 @@
 from route.api_image_view import api_image_view
-from route.api_setting import api_setting
 from route.api_skin_info import api_skin_info
 from route.api_user_info import api_user_info
 from route.api_version import api_version
 from route.api_bbs_w_post import api_bbs_w_post
-from route.api_bbs_w_comment import api_bbs_w_comment
-from route.api_bbs_w_comment_one import api_bbs_w_comment_one
 
 from route.bbs_w_edit import bbs_w_edit
 from route.bbs_make import bbs_make
@@ -16,7 +13,6 @@ from route.bbs_w import bbs_w
 from route.bbs_delete import bbs_delete
 # from route.bbs_hide import bbs_hide
 from route.bbs_w_post import bbs_w_post
-from route.bbs_w_set import bbs_w_set
 from route.bbs_w_comment_tool import bbs_w_comment_tool
 from route.bbs_w_tool import bbs_w_tool
 
@@ -35,7 +31,6 @@ from route.filter_all_add import filter_all_add
 from route.filter_all_delete import filter_all_delete
 
 from route.give_admin_groups import give_admin_groups
-from route.give_auth import give_auth
 from route.give_delete_admin_group import give_delete_admin_group_2
 from route.give_user_ban import give_user_ban
 from route.give_user_fix import give_user_fix
@@ -74,7 +69,6 @@ from route.main_search_deep import main_search_deep
 from route.main_search_goto import main_search_goto
 
 from route.main_setting import main_setting
-from route.main_setting_acl import main_setting_acl
 from route.main_setting_external import main_setting_external
 from route.main_setting_head import main_setting_head
 from route.main_setting_main import main_setting_main
@@ -166,9 +160,7 @@ from route.n_list_recent_discuss import list_recent_discuss
 from route.n_list_recent_block import list_recent_block
 from route.n_list_old_page import list_old_page
 from route.n_list_user_check_submit import list_user_check_submit
-
-from route.n_bbs_in import bbs_in
-from route.n_bbs_set import bbs_set
+from route.n_list_history import list_history
 
 from route.n_w_watch_list import w_watch_list
 
@@ -176,9 +168,13 @@ from route.n_user_rankup import user_rankup
 
 from route.n_topic_list import topic_list
 
+from route.n_give_auth import give_auth
+
 from route.n_setting_404_page import setting_404_page
 
 from route.n_bbs_main import bbs_main
+from route.n_bbs_in import bbs_in
+from route.n_bbs_w_set import bbs_w_set
 
 from route.n_edit_move_all import edit_move_all
 
@@ -188,9 +184,10 @@ from route.go_api_func_sha224 import api_func_sha224
 from route.go_api_func_ip import api_func_ip
 from route.go_api_func_ip_menu import api_func_ip_menu
 from route.go_api_func_auth import api_func_auth
-from route.go_api_func_acl_list import api_func_acl_list
 
-from route.go_api_search import api_search
+from route.go_api_func_search import api_func_search
+
+from route.go_api_give_auth import api_give_auth
 
 from route.go_api_list_recent_change import api_list_recent_change
 from route.go_api_list_recent_discuss import api_list_recent_discuss
@@ -198,10 +195,16 @@ from route.go_api_list_recent_block import api_list_recent_block
 from route.go_api_list_recent_edit_request import api_list_recent_edit_request
 from route.go_api_list_old_page import api_list_old_page
 from route.go_api_list_title_index import api_list_title_index
+from route.go_api_list_acl import api_list_acl
+from route.go_api_list_auth import api_list_auth
+from route.go_api_list_markup import api_list_markup
+from route.go_api_list_history import api_list_history
 
 from route.go_api_bbs import api_bbs
 from route.go_api_bbs_list import api_bbs_list
-from route.go_api_bbs_w_comment import api_bbs_w_comment_n
+from route.go_api_bbs_w_set import api_bbs_w_set
+from route.go_api_bbs_w_comment import api_bbs_w_comment
+from route.go_api_bbs_w_comment_one import api_bbs_w_comment_one
 
 from route.go_api_setting import api_setting
 
@@ -217,5 +220,6 @@ from route.go_api_w_xref import api_w_xref
 from route.go_api_w_watch_list import api_w_watch_list
 from route.go_api_w_render import api_w_render
 from route.go_api_w_set_reset import api_w_set_reset
+from route.go_api_w_page_view import api_w_page_view
 
 from route.go_main_func_easter_egg import main_func_easter_egg

route/api_bbs_w_comment.py

@@ -1,29 +0,0 @@
-from .tool.func import *
-
-def api_bbs_w_comment(sub_code = ''):
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        curs.execute(db_change('select set_name, set_data, set_code, set_id from bbs_data where (set_name = "comment" or set_name = "comment_date" or set_name = "comment_user_id") and set_id = ? order by set_code + 0 asc'), [sub_code])
-        db_data = curs.fetchall()
-        if not db_data:
-            return flask.jsonify({})
-        else:
-            temp_id = ''
-            temp_dict = {}
-            temp_list = []
-
-            for for_a in db_data:
-                if temp_id != for_a[2]:
-                    if temp_dict != {}:
-                        temp_list += [dict(temp_dict)]
-
-                    temp_id = for_a[2]
-                    temp_dict['code'] = for_a[2]
-
-                temp_dict[for_a[0]] = for_a[1]
-
-            if temp_dict != {}:
-                temp_list += [dict(temp_dict)]
-
-            return flask.jsonify(temp_list)

route/api_bbs_w_comment_one.py

@@ -1,30 +0,0 @@
-from .tool.func import *
-
-def api_bbs_w_comment_one(sub_code = ''):
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-        
-        sub_code = sub_code.split('-')
-        sub_code_last = ''
-        if len(sub_code) > 2:
-            sub_code_last = sub_code[len(sub_code) - 1]
-            del sub_code[len(sub_code) - 1]
-            
-        sub_code = '-'.join(sub_code)
-
-        curs.execute(db_change('select set_name, set_data, set_code, set_id from bbs_data where (set_name = "comment" or set_name = "comment_date" or set_name = "comment_user_id") and set_id = ? and set_code = ?'), [sub_code, sub_code_last])
-        db_data = curs.fetchall()
-        if not db_data:
-            return flask.jsonify({})
-        else:
-            temp_id = ''
-            temp_dict = {}
-
-            for for_a in db_data:
-                if temp_id != for_a[2]:
-                    temp_id = for_a[2]
-                    temp_dict['code'] = for_a[2]
-
-                temp_dict[for_a[0]] = for_a[1]
-
-            return flask.jsonify(temp_dict)

route/api_setting.py

@@ -1,27 +0,0 @@
-from .tool.func import *
-
-from .user_setting_skin_set_main import user_setting_skin_set_main_set_list
-
-def api_setting(name = 'markup'):
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-        
-        # from other
-        ok_list_1 = ['markup']
-        ok_list_1 += [for_a for for_a in user_setting_skin_set_main_set_list(conn)]
-
-        # from html_filter
-        ok_list_2 = ['inter_wiki']
-        
-        if name in ok_list_1:
-            curs.execute(db_change('select data from other where name = ?'), [name])
-            rep_data = curs.fetchall()
-            if rep_data:
-                return flask.jsonify({ name : rep_data })
-        elif name in ok_list_2:
-            curs.execute(db_change("select html, plus, plus_t from html_filter where kind = ?"), [name])
-            rep_data = curs.fetchall()
-            if rep_data:
-                return flask.jsonify({ name : rep_data })
-
-        return flask.jsonify({})

route/api_user_info.py

@@ -13,16 +13,11 @@ def api_user_info(user_name = ''):
         curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [user_name])
         db_data = curs.fetchall()
         if db_data:
-            if db_data[0][0] != 'user':
-                curs.execute(db_change("select name from alist where name = ?"), [db_data[0][0]])
-                if curs.fetchall() or db_data[0][0] in get_default_admin_group():
-                    data_result['auth'] = db_data[0][0]
-                else:
-                    data_result['auth'] = '1'
-            else:
-                data_result['auth'] = '1'
+            data_result['auth'] = db_data[0][0]
+        elif ip_or_user(user_name) == 1:
+            data_result['auth'] = 'ip'
         else:
-            data_result['auth'] = '0'
+            data_result['auth'] = 'user'
 
         curs.execute(db_change("select data from user_set where id = ? and name = 'auth_date'"), [user_name])
         db_data = curs.fetchall()

route/bbs_make.py

@@ -5,7 +5,7 @@ def bbs_make():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
         
         if flask.request.method == 'POST':
             curs.execute(db_change('select set_id from bbs_set where set_name = "bbs_name" order by set_id + 0 desc'))

route/bbs_w_edit.py

@@ -1,11 +1,11 @@
 from .tool.func import *
 
 from .api_bbs_w_post import api_bbs_w_post
-from .api_bbs_w_comment_one import api_bbs_w_comment_one
+from .go_api_bbs_w_comment_one import api_bbs_w_comment_one
 
 from .edit import edit_editor
 
-def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
+async def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
@@ -19,17 +19,17 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
             return redirect(conn, '/bbs/main')
         
         if comment_num != '':
-            temp_dict = orjson.loads(api_bbs_w_comment_one(bbs_num_str + '-' + post_num_str + '-' + comment_num).data)
+            temp_dict = orjson.loads((await api_bbs_w_comment_one(bbs_num_str + '-' + post_num_str + '-' + comment_num)).get_data(as_text = True))
             if 'comment_user_id' in temp_dict:
                 if not temp_dict['comment_user_id'] == ip and acl_check('', 'owner_auth', '', '') == 1:
-                    return re_error(conn, '/ban')
+                    return re_error(conn, 0)
             else:
                 return redirect(conn, '/bbs/main')
         elif post_num != '':
             temp_dict = orjson.loads(api_bbs_w_post(bbs_num_str + '-' + post_num_str).data)
             if 'user_id' in temp_dict:
                 if not temp_dict['user_id'] == ip and acl_check('', 'owner_auth', '', '') == 1:
-                    return re_error(conn, '/ban')
+                    return re_error(conn, 0)
             else:
                 return redirect(conn, '/bbs/main')
             
@@ -40,7 +40,7 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
         
             if post_num == '':
                 curs.execute(db_change('select set_code from bbs_data where set_name = "title" and set_id = ? order by set_code + 0 desc'), [bbs_num_str])
@@ -57,10 +57,10 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
                 return redirect(conn, '/bbs/in/' + bbs_num_str)
             
             if do_edit_filter(conn, title) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
 
             if do_edit_filter(conn, data) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
             
             date = get_time()
 
@@ -92,7 +92,7 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
             option_display = ''
 
             if comment_num != '':
-                temp_dict = orjson.loads(api_bbs_w_comment_one(bbs_num_str + '-' + post_num_str + '-' + comment_num).data)
+                temp_dict = orjson.loads((await api_bbs_w_comment_one(bbs_num_str + '-' + post_num_str + '-' + comment_num)).get_data(as_text = True))
 
                 title = ''
                 data = temp_dict['comment']

route/bbs_w_post.py

@@ -1,23 +1,20 @@
 from .tool.func import *
 
 from .api_bbs_w_post import api_bbs_w_post
-from .api_bbs_w_comment import api_bbs_w_comment
+from .go_api_bbs_w_comment import api_bbs_w_comment
 
 from .go_api_topic import api_topic_thread_make, api_topic_thread_pre_render
 
 from .edit import edit_editor
 
-def bbs_w_post_comment(conn, user_id, sub_code, comment_num, bbs_num_str, post_num_str):
+async def bbs_w_post_comment(conn, user_id, sub_code, comment_num, bbs_num_str, post_num_str):
     comment_data = ''
     comment_select = ''
 
     comment_count = 0
     comment_add_count = 0
 
-    thread_data = orjson.loads(api_bbs_w_comment(sub_code).data)
-    
-    comment_count += len(thread_data)
-    comment_add_count += comment_count
+    thread_data = orjson.loads((await api_bbs_w_comment(sub_code)).get_data(as_text = True))
 
     for temp_dict in thread_data:
         if temp_dict['comment_user_id'] != '':
@@ -25,9 +22,14 @@ def bbs_w_post_comment(conn, user_id, sub_code, comment_num, bbs_num_str, post_n
             if user_id == temp_dict['comment_user_id']:
                 color = 'green'
 
-            sub_code_check = re.sub(r'^[0-9]+-[0-9]+-', '', sub_code + '-' + temp_dict['code'])
+            sub_code_check = re.sub(r'^[0-9]+-[0-9]+-', '', temp_dict['id'] + '-' + temp_dict['code'])
             margin_count = sub_code_check.count('-')
 
+            if margin_count == 0:
+                comment_count += 1
+            else:
+                comment_add_count += 1
+
             date = ''
             date += '<a href="javascript:opennamu_change_comment(\'' + sub_code_check + '\');">(' + get_lang(conn, 'comment') + ')</a> '
             date += '<a href="/bbs/tool/' + bbs_num_str + '/' + post_num_str + '/' + sub_code_check + '">(' + get_lang(conn, 'tool') + ')</a> '
@@ -49,15 +51,9 @@ def bbs_w_post_comment(conn, user_id, sub_code, comment_num, bbs_num_str, post_n
 
             comment_select += '<option value="' + sub_code_check + '" ' + comment_default + '>' + sub_code_check + '</option>'
 
-        temp_data = bbs_w_post_comment(conn, user_id, sub_code + '-' + temp_dict['code'], comment_num, bbs_num_str, post_num_str)
-
-        comment_data += temp_data[0]
-        comment_select += temp_data[1]
-        comment_add_count += temp_data[3]
-
     return (comment_data, comment_select, comment_count, comment_add_count)
 
-def bbs_w_post(bbs_num = '', post_num = ''):
+async def bbs_w_post(bbs_num = '', post_num = ''):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
@@ -87,7 +83,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                     return redirect(conn, '/bbs/set/' + bbs_num_str)
                 
                 if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                    return re_error(conn, '/error/13')
+                    return re_error(conn, 13)
 
                 set_id = bbs_num_str + '-' + post_num_str
 
@@ -109,12 +105,12 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                 curs.execute(db_change("insert into bbs_data (set_name, set_code, set_id, set_data) values ('comment_date', ?, ?, ?)"), [id_data, set_id, date])
                 curs.execute(db_change("insert into bbs_data (set_name, set_code, set_id, set_data) values ('comment_user_id', ?, ?, ?)"), [id_data, set_id, ip])
 
-                add_alarm(conn, temp_dict['user_id'], ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + id_data + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + id_data + '</a>')
+                add_alarm(temp_dict['user_id'], ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + id_data + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + id_data + '</a>')
 
                 return redirect(conn, '/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + id_data)
             else:
                 if acl_check(bbs_num_str, 'bbs_view') == 1:
-                    return re_error(conn, '/ban')
+                    return re_error(conn, 0)
 
                 text = ''
 
@@ -134,7 +130,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                 user_id = temp_dict['user_id']
                 count = 0
 
-                thread_data = orjson.loads(api_bbs_w_comment(bbs_num_str + '-' + post_num_str).data)
+                thread_data = orjson.loads((await api_bbs_w_comment(bbs_num_str + '-' + post_num_str)).get_data(as_text = True))
                 for temp_dict in thread_data:
                     count += 1
                     if user_id == temp_dict['comment_user_id']:
@@ -172,7 +168,7 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                     return redirect(conn, '/bbs/set/' + bbs_num_str)
                 
                 if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                    return re_error(conn, '/error/13')
+                    return re_error(conn, 13)
                 
                 select = flask.request.form.get('comment_select', '0')
                 select = '' if select == '0' else select
@@ -223,14 +219,14 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                     set_id += '-' if set_id != '' else ''
                     end_id = set_id + id_data
 
-                add_alarm(conn, temp_dict['user_id'], ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + end_id + '</a>')
+                add_alarm(temp_dict['user_id'], ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + end_id + '</a>')
                 if comment_user_name != '':
-                    add_alarm(conn, comment_user_name, ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + end_id + '</a>')
+                    add_alarm(comment_user_name, ip, 'BBS <a href="/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id + '">' + html.escape(bbs_name) + ' - ' + html.escape(temp_dict['title']) + '#' + end_id + '</a>')
 
                 return redirect(conn, '/bbs/w/' + bbs_num_str + '/' + post_num_str + '#' + end_id)
             else:
                 if acl_check(bbs_num_str, 'bbs_view') == 1:
-                    return re_error(conn, '/ban')
+                    return re_error(conn, 0)
                     
                 text = ''
                 comment_num = ''
@@ -258,13 +254,12 @@ def bbs_w_post(bbs_num = '', post_num = ''):
                 comment_count = 0
                 comment_add_count = 0
 
-                temp_data = bbs_w_post_comment(conn, user_id, bbs_num_str + '-' + post_num_str, comment_num, bbs_num_str, post_num_str)
+                temp_data = await bbs_w_post_comment(conn, user_id, bbs_num_str + '-' + post_num_str, comment_num, bbs_num_str, post_num_str)
 
                 comment_data += temp_data[0]
                 comment_select += temp_data[1]
                 comment_count += temp_data[2]
                 comment_add_count += temp_data[3]
-                comment_add_count -= comment_count
 
                 if comment_data != '':
                     data += '<hr>'

route/bbs_w_set.py

@@ -1,91 +0,0 @@
-from .tool.func import *
-
-def bbs_w_set(bbs_num = ''):
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        curs.execute(db_change('select set_data from bbs_set where set_id = ? and set_name = "bbs_name"'), [bbs_num])
-        db_data = curs.fetchall()
-        if not db_data:
-            return redirect(conn, '/bbs/main')
-        else:
-            bbs_name = db_data[0][0]
-        
-        bbs_num_str = str(bbs_num)
-
-        i_list = ['bbs_acl', 'bbs_edit_acl', 'bbs_comment_acl', 'bbs_view_acl', 'bbs_markup']
-
-        if flask.request.method == 'POST':
-            if acl_check('', 'owner_auth', '', '', 'bbs_set (acl)') == 1:
-                return re_error(conn, '/ban')
-            else:
-                for for_a in range(len(i_list)):
-                    curs.execute(db_change("update bbs_set set set_data = ? where set_name = ? and set_id = ?"), [
-                        flask.request.form.get(i_list[for_a], 'normal'),
-                        i_list[for_a],
-                        bbs_num
-                    ])
-
-                return redirect(conn, '/bbs/set/' + bbs_num_str)
-        else:
-            d_list = ['' for _ in range(0, len(i_list))]
-
-            other_menu = []
-            if acl_check('', 'bbs_auth', '', '') == 1:
-                disable = 'disabled'
-            else:
-                disable = ''
-                other_menu += [['bbs/delete/' + bbs_num_str, get_lang(conn, 'delete')]]
-
-            for for_a in range(len(i_list)):
-                curs.execute(db_change('select set_data from bbs_set where set_name = ? and set_id = ?'), [i_list[for_a], bbs_num])
-                sql_d = curs.fetchall()
-                if sql_d:
-                    d_list[for_a] = sql_d[0][0]
-                else:
-                    curs.execute(db_change('insert into bbs_set (set_name, set_code, set_id, set_data) values (?, "", ?, ?)'), [i_list[for_a], bbs_num, 'normal'])
-                    d_list[for_a] = 'normal'
-
-            acl_div = ['' for _ in range(0, len(i_list))]
-            acl_list = get_acl_list()
-            for for_a in range(0, len(i_list)):
-                if for_a == 4:
-                    acl_list = ['normal'] + get_init_set_list('markup')['list']
-
-                for data_list in acl_list:
-                    if data_list == d_list[for_a]:
-                        check = 'selected="selected"'
-                    else:
-                        check = ''
-
-                    acl_div[for_a] += '<option value="' + data_list + '" ' + check + '>' + (data_list if data_list != '' else 'normal') + '</option>'
-
-            return easy_minify(conn, flask.render_template(skin_check(conn),
-                imp = [get_lang(conn, 'bbs_set'), wiki_set(conn), wiki_custom(conn), wiki_css(['(' + bbs_name + ')', 0])],
-                data = render_simple_set(conn, '''
-                    <form method="post">
-                        <hr class="main_hr">
-                        <a href="/acl/TEST#exp">(''' + get_lang(conn, 'reference') + ''')</a>
-                        
-                        <h2>''' + get_lang(conn, 'acl') + '''</h2>
-                        <h3>''' + get_lang(conn, 'bbs_view_acl') + '''</h3>
-                        <select ''' + disable + ''' name="bbs_view_acl">''' + acl_div[3] + '''</select>
-
-                        <h4>''' + get_lang(conn, 'bbs_acl') + '''</h4>
-                        <select ''' + disable + ''' name="bbs_acl">''' + acl_div[0] + '''</select>
-
-                        <h5>''' + get_lang(conn, 'bbs_edit_acl') + '''</h5>
-                        <select ''' + disable + ''' name="bbs_edit_acl">''' + acl_div[1] + '''</select>
-
-                        <h5>''' + get_lang(conn, 'bbs_comment_acl') + '''</h5>
-                        <select ''' + disable + ''' name="bbs_comment_acl">''' + acl_div[2] + '''</select>
-
-                        <h2>''' + get_lang(conn, 'markup') + '''</h2>
-                        <select ''' + disable + ''' name="bbs_markup">''' + acl_div[4] + '''</select>
-                        
-                        <hr class="main_hr">
-                        <button id="opennamu_save_button" type="submit">''' + get_lang(conn, 'save') + '''</button>
-                    </form>
-                '''),
-                menu = [['bbs/in/' + bbs_num_str, get_lang(conn, 'return')]] + other_menu
-            ))

route/edit.py

@@ -129,7 +129,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
                 return redirect(conn, '/raw_acl/' + url_pas(name))
             
         if do_title_length_check(conn, name) == 1:
-            return re_error(conn, '/error/38')
+            return re_error(conn, 38)
         
         curs.execute(db_change("select id from history where title = ? order by id + 0 desc"), [name])
         doc_ver = curs.fetchall()
@@ -152,10 +152,10 @@ def edit(name = 'Test', section = 0, do_type = ''):
         
         if edit_repeat == 'post':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
     
             if do_edit_slow_check(conn) == 1:
-                return re_error(conn, '/error/24')
+                return re_error(conn, 24)
     
             today = get_time()
             content = flask.request.form.get('content', '').replace('\r', '')
@@ -163,16 +163,16 @@ def edit(name = 'Test', section = 0, do_type = ''):
             agree = flask.request.form.get('copyright_agreement', '')
             
             if do_edit_filter(conn, content) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
             
             if do_edit_filter(conn, send) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
 
             if do_edit_send_check(conn, send) == 1:
-                return re_error(conn, '/error/37')
+                return re_error(conn, 37)
 
             if do_edit_text_bottom_check_box_check(conn, agree) == 1:
-                return re_error(conn, '/error/29')
+                return re_error(conn, 29)
             
             curs.execute(db_change("select data from data where title = ?"), [name])
             db_data = curs.fetchall()
@@ -206,7 +206,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
             db_data_3 = curs.fetchall()
             if db_data_3 and db_data_3[0][0] != '':
                 if int(number_check(db_data_3[0][0])) < len(content):
-                    return re_error(conn, '/error/44')
+                    return re_error(conn, 44)
 
             curs.execute(db_change("select data from other where name = 'edit_timeout'"))
             db_data_2 = curs.fetchall()
@@ -217,7 +217,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
                 timeout = 0
 
             if timeout == 1:
-                return re_error(conn, '/error/41')
+                return re_error(conn, 41)
             
             if edit_req_mode == 0:
                 # 진짜 기록 부분
@@ -226,7 +226,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
         
                 curs.execute(db_change("select id from user_set where name = 'watchlist' and data = ?"), [name])
                 for scan_user in curs.fetchall():
-                    add_alarm(conn, scan_user[0], ip, '<a href="/w/' + url_pas(name) + '">' + html.escape(name) + '</a>')
+                    add_alarm(scan_user[0], ip, '<a href="/w/' + url_pas(name) + '">' + html.escape(name) + '</a>')
                         
                 history_plus(conn, 
                     name,
@@ -255,7 +255,7 @@ def edit(name = 'Test', section = 0, do_type = ''):
 
                 curs.execute(db_change("select id from user_set where name = 'watchlist' and data = ?"), [name])
                 for scan_user in curs.fetchall():
-                    add_alarm(conn, scan_user[0], ip, '<a href="/edit_request/' + url_pas(name) + '">' + html.escape(name) + '</a> edit_request')
+                    add_alarm(scan_user[0], ip, '<a href="/edit_request/' + url_pas(name) + '">' + html.escape(name) + '</a> edit_request')
             
                 return redirect(conn, '/edit_request_from/' + url_pas(name))
         else:

route/edit_delete.py

@@ -6,7 +6,7 @@ def edit_delete(name):
 
         ip = ip_check()
         if acl_check(name, 'document_delete') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         curs.execute(db_change("select title from data where title = ?"), [name])
         if not curs.fetchall():
@@ -14,19 +14,19 @@ def edit_delete(name):
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             if do_edit_slow_check(conn) == 1:
-                return re_error(conn, '/error/24')
+                return re_error(conn, 24)
             
             send = flask.request.form.get('send', '')
             agree = flask.request.form.get('copyright_agreement', '')
             
             if do_edit_send_check(conn, send) == 1:
-                return re_error(conn, '/error/37')
+                return re_error(conn, 37)
             
             if do_edit_text_bottom_check_box_check(conn, agree) == 1:
-                return re_error(conn, '/error/29')
+                return re_error(conn, 29)
 
             curs.execute(db_change("select data from data where title = ?"), [name])
             data = curs.fetchall()

route/edit_delete_file.py

@@ -5,7 +5,7 @@ from .edit_delete import edit_delete
 def edit_delete_file(name = 'test.jpg'):
     with get_db_connect() as conn:
         if acl_check('', 'owner_auth', '', '') != 0:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         mime_type = re.search(r'([^.]+)$', name)
         mime_type_str = 'jpg'

route/edit_delete_multiple.py

@@ -5,17 +5,17 @@ from .edit_delete import edit_delete
 def edit_delete_multiple():
     with get_db_connect() as conn:
         if acl_check('', 'acl_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             send = flask.request.form.get('send', '')
             agree = flask.request.form.get('copyright_agreement', '')
             
             if do_edit_send_check(conn, send) == 1:
-                return re_error(conn, '/error/37')
+                return re_error(conn, 37)
             
             if do_edit_text_bottom_check_box_check(conn, agree) == 1:
-                return re_error(conn, '/error/29')
+                return re_error(conn, 29)
             
             all_title = re.findall(r'([^\n]+)\n', flask.request.form.get('content', '').replace('\r', '') + '\n')
             for name in all_title:

route/edit_move.py

@@ -5,21 +5,21 @@ def edit_move(name):
         curs = conn.cursor()
 
         if acl_check(name, 'document_move') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         if do_title_length_check(conn, name) == 1:
-            return re_error(conn, '/error/38')
+            return re_error(conn, 38)
 
         if flask.request.method == 'POST':
             move_title = flask.request.form.get('title', 'test')
             if acl_check(move_title) == 1:
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
 
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             if do_edit_slow_check(conn) == 1:
-                return re_error(conn, '/error/24')
+                return re_error(conn, 24)
             
             send = flask.request.form.get('send', '')
             agree = flask.request.form.get('copyright_agreement', '')
@@ -34,10 +34,10 @@ def edit_move(name):
             document_set_option = flask.request.form.get('document_set_option', 'none')
             
             if do_edit_send_check(conn, send) == 1:
-                return re_error(conn, '/error/37')
+                return re_error(conn, 37)
             
             if do_edit_text_bottom_check_box_check(conn, agree) == 1:
-                return re_error(conn, '/error/29')
+                return re_error(conn, 29)
 
             # 역링크 관련 패치 해야할 듯
 
@@ -208,7 +208,7 @@ def edit_move(name):
             if has_error == 0:
                 return redirect(conn, '/w/' + url_pas(move_title))
             else:
-                return re_error(conn, '/error/19')
+                return re_error(conn, 19)
         else:
             owner_auth = acl_check(tool = 'owner_auth')
             owner_auth = 1 if owner_auth == 0 else 0

route/edit_request.py

@@ -47,7 +47,7 @@ def edit_request(name = 'Test', do_type = ''):
             
             curs.execute(db_change("select id from user_set where name = 'watchlist' and data = ?"), [name])
             for scan_user in curs.fetchall():
-                add_alarm(conn, scan_user[0], edit_request_user, '<a href="/w/' + url_pas(name) + '">' + html.escape(name) + '</a>')
+                add_alarm(scan_user[0], edit_request_user, '<a href="/w/' + url_pas(name) + '">' + html.escape(name) + '</a>')
 
             if flask.request.form.get('check', '') == 'Y':
                 curs.execute(db_change("delete from data where title = ?"), [name])

route/edit_revert.py

@@ -6,10 +6,10 @@ def edit_revert(name, num):
 
         curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, str(num)])
         if curs.fetchall() and acl_check(tool = 'hidel_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if acl_check(name, 'document_edit') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         curs.execute(db_change("select data from history where title = ? and id = ?"), [name, str(num)])
         data = curs.fetchall()
@@ -18,28 +18,28 @@ def edit_revert(name, num):
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             if do_edit_slow_check(conn) == 1:
-                return re_error(conn, '/error/24')
+                return re_error(conn, 24)
             
             send = flask.request.form.get('send', '')
             agree = flask.request.form.get('copyright_agreement', '')
             
             if do_edit_send_check(conn, send) == 1:
-                return re_error(conn, '/error/37')
+                return re_error(conn, 37)
             
             if do_edit_text_bottom_check_box_check(conn, agree) == 1:
-                return re_error(conn, '/error/29')
+                return re_error(conn, 29)
 
             if do_edit_filter(conn, data[0][0]) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
             
             curs.execute(db_change("select data from other where name = 'document_content_max_length'"))
             db_data = curs.fetchall()
             if db_data and db_data[0][0] != '':
                 if int(number_check(db_data[0][0])) < len(data[0][0]):
-                    return re_error(conn, '/error/44')
+                    return re_error(conn, 44)
 
             curs.execute(db_change("select data from data where title = ?"), [name])
             data_old = curs.fetchall()

route/edit_upload.py

@@ -5,7 +5,7 @@ def edit_upload():
         curs = conn.cursor()
 
         if acl_check('', 'upload') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         curs.execute(db_change('select data from other where name = "upload"'))
         db_data = curs.fetchall()
@@ -14,7 +14,7 @@ def edit_upload():
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             file_data = flask.request.files.getlist("f_data[]")
             file_len = len(file_data)
@@ -24,20 +24,20 @@ def edit_upload():
                 file_size_all = 0
 
             if (file_max * 1000 * 1000 * file_len) < file_size_all or file_size_all == 0:
-                return re_error(conn, '/error/17')
+                return re_error(conn, 17)
 
             if file_len == 1:
                 file_num = None
             else:
                 if acl_check('', 'many_upload') == 1:
-                    return re_error(conn, '/ban')
+                    return re_error(conn, 0)
 
                 file_num = 1
 
             for data in file_data:
                 file_name = data.filename if data.filename else ''
                 if file_name == '':
-                    return re_error(conn, '/error/9')
+                    return re_error(conn, 9)
                 
                 value_tmp = os.path.splitext(file_name)
                 value = ''
@@ -47,7 +47,7 @@ def edit_upload():
                 curs.execute(db_change("select html from html_filter where kind = 'extension'"))
                 extension = [i[0].lower() for i in curs.fetchall()]
                 if not re.sub(r'^\.', '', value).lower() in extension:
-                    return re_error(conn, '/error/14')
+                    return re_error(conn, 14)
 
                 name = ''
                 if flask.request.form.get('f_name', None):
@@ -57,13 +57,13 @@ def edit_upload():
 
                 piece = os.path.splitext(name)
                 if re.search(r'\.', piece[0]):
-                    return re_error(conn, '/error/22')
+                    return re_error(conn, 22)
 
                 e_data = sha224_replace(piece[0]) + piece[1]
 
                 curs.execute(db_change("select title from data where title = ?"), ['file:' + name])
                 if curs.fetchall():
-                    return re_error(conn, '/error/16')
+                    return re_error(conn, 16)
 
                 curs.execute(db_change("select html from html_filter where kind = 'file'"))
                 db_data = curs.fetchall()
@@ -74,7 +74,7 @@ def edit_upload():
 
                 data_url_image = load_image_url(conn)
                 if os.path.exists(os.path.join(data_url_image, e_data)):
-                    return re_error(conn, '/error/16')
+                    return re_error(conn, 16)
                 else:
                     data.save(os.path.join(data_url_image, e_data))
 

route/filter_all.py

@@ -16,6 +16,10 @@ def filter_all(tool):
         admin = acl_check(tool = 'owner_auth')
         admin = 1 if admin == 0 else 0
 
+        if tool == 'edit_filter':
+            if acl_check('', 'edit_filter_view', '', '') == 1:
+                return re_error(conn, 0)
+
         if tool == 'inter_wiki':
             title = get_lang(conn, 'interwiki_list')
             curs.execute(db_change("select html, plus, plus_t from html_filter where kind = 'inter_wiki'"))

route/filter_all_add.py

@@ -9,7 +9,7 @@ def filter_all_add(tool, name = None):
 
         if flask.request.method == 'POST':
             if acl_check('', 'owner_auth', '', '') == 1:
-                return re_error(conn, '/error/3')
+                return re_error(conn, 3)
 
             title = flask.request.form.get('title', 'test')
             if tool in ('inter_wiki', 'outer_link'):
@@ -35,7 +35,7 @@ def filter_all_add(tool, name = None):
                 try:
                     re.compile(content)
                 except:
-                    return re_error(conn, '/error/23')
+                    return re_error(conn, 23)
                 
                 curs.execute(db_change("delete from html_filter where html = ? and kind = 'regex_filter'"), [name])
                 curs.execute(db_change("insert into html_filter (html, plus, plus_t, kind) values (?, ?, ?, 'regex_filter')"), [name, content, end])
@@ -50,7 +50,7 @@ def filter_all_add(tool, name = None):
                 try:
                     re.compile(post_regex)
                 except:
-                    return re_error(conn, '/error/23')
+                    return re_error(conn, 23)
                 
                 curs.execute(db_change('insert into html_filter (html, kind, plus, plus_t) values (?, "document", ?, ?)'), [post_name, post_regex, post_acl])
                 acl_check(tool = 'owner_auth', memo = 'document_filter edit')
@@ -60,7 +60,7 @@ def filter_all_add(tool, name = None):
                     try:
                         re.compile(title)
                     except:
-                        return re_error(conn, '/error/23')
+                        return re_error(conn, 23)
 
                     acl_check(tool = 'owner_auth', memo = 'name_filter edit')
                     type_d = 'name'
@@ -68,7 +68,7 @@ def filter_all_add(tool, name = None):
                     try:
                         re.compile(title)
                     except:
-                        return re_error(conn, '/error/23')
+                        return re_error(conn, 23)
 
                     acl_check(tool = 'owner_auth', memo = 'file_filter edit')
                     type_d = 'file'

route/filter_all_delete.py

@@ -5,7 +5,7 @@ def filter_all_delete(tool, name = 'Test'):
         curs = conn.cursor()
         
         if acl_check(tool = 'owner_auth', memo = 'del_' + tool) == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if tool == 'inter_wiki':
             curs.execute(db_change("delete from html_filter where html = ? and kind = 'inter_wiki'"), [name])

route/give_admin_groups.py

@@ -12,7 +12,9 @@ def give_admin_groups(name = 'test'):
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'toron', get_lang(conn, 'discussion_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
-                    [3, 'check', get_lang(conn, 'user_check_authority')],
+                    [3, 'check', get_lang(conn, 'user_analyze_authority')],
+                        [4, 'view_user_watchlist', get_lang(conn, 'view_user_watchlist_authority')],
+                        [4, '', get_lang(conn, 'user_check_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'acl', get_lang(conn, 'document_acl_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
@@ -20,16 +22,19 @@ def give_admin_groups(name = 'test'):
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'give', get_lang(conn, 'authorization_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
-                    [3, 'bbs', get_lang(conn, 'bbs_authority')],
+                    [3, 'bbs', get_lang(conn, 'bbs_management_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
-                    [3, 'vote', get_lang(conn, 'vote_authority')],
+                    [3, 'vote_fix', get_lang(conn, 'vote_management_authority')],
                         [4, '', get_lang(conn, 'admin_default_feature_authority')],
                     [3, 'admin_default_feature', get_lang(conn, 'admin_default_feature_authority')],
+                        [4, 'doc_watch_list_view', get_lang(conn, 'doc_watch_list_view_authority')],
                         [4, 'treat_as_admin', get_lang(conn, 'treat_as_admin_authority')],
+                        [4, 'view_hide_user_name', get_lang(conn, 'view_hide_user_name_authority')],
                         [4, 'user_name_bold', get_lang(conn, 'user_name_bold_authority')],
                         [4, 'multiple_upload', get_lang(conn, 'multiple_upload_authority')],
                         [4, 'slow_edit_pass', get_lang(conn, 'slow_edit_pass_authority')],
                         [4, 'edit_bottom_compulsion_pass', get_lang(conn, 'edit_bottom_compulsion_pass_authority')],
+                        [4, 'edit_filter_pass', get_lang(conn, 'edit_filter_pass_authority')],
                         [4, '', get_lang(conn, 'user_authority')],
             [1, 'user', get_lang(conn, 'user_authority')],
                 [2, 'captcha_pass', get_lang(conn, 'captcha_pass_authority')],
@@ -47,39 +52,53 @@ def give_admin_groups(name = 'test'):
                             [5, '', get_lang(conn, 'view_authority')],
                         [4, 'view', get_lang(conn, 'view_authority')],
                     [3, 'discuss', get_lang(conn, 'discuss_authority')],
+                        [4, 'discuss_make_new_thread', get_lang(conn, 'discuss_make_new_thread_authority')],
+                            [5, '', get_lang(conn, 'discuss_view_authority')],
+                        [4, 'discuss_view', get_lang(conn, 'discuss_view_authority')],
                     [3, 'upload', get_lang(conn, 'upload_authority')],
                     [3, 'vote', get_lang(conn, 'vote_authority')],
-                    [3, 'captcha_one_check_five_pass', get_lang(conn, 'captcha_one_check_five_pass_authority')]
+                    [3, 'bbs_use', get_lang(conn, 'bbs_authority')],
+                        [4, 'bbs_edit', get_lang(conn, 'bbs_edit_authority')],
+                            [5, '', get_lang(conn, 'bbs_view_authority')],
+                        [4, 'bbs_comment', get_lang(conn, 'bbs_comment_authority')],
+                            [5, '', get_lang(conn, 'bbs_view_authority')],
+                        [4, 'bbs_view', get_lang(conn, 'bbs_view_authority')],
+                    [3, 'captcha_one_check_five_pass', get_lang(conn, 'captcha_one_check_five_pass_authority')],
+                    [3, 'edit_filter_view', get_lang(conn, 'edit_filter_view_authority')],
+                    [3, 'nothing', get_lang(conn, 'nothing_authority')]
         ]
 
+        if html.escape(name) != name:
+            return re_error(conn, 48)
+
         if flask.request.method == 'POST':
             if acl_check(tool = 'owner_auth', memo = 'auth list add (' + name + ')') == 1:
-                return re_error(conn, '/error/3')
-            elif name in get_default_admin_group():
-                return re_error(conn, '/error/3')
+                return re_error(conn, 3)
 
             curs.execute(db_change("delete from alist where name = ?"), [name])
             for for_a in acl_name_list:
                 if flask.request.form.get(for_a[1], 0) != 0:
                     curs.execute(db_change("insert into alist (name, acl) values (?, ?)"), [name, for_a[1]])
 
+            curs.execute(db_change("insert into alist (name, acl) values (?, 'nothing')"), [name])
+
             return redirect(conn, '/auth/list/add/' + url_pas(name))
         else:
             state = 'disabled' if acl_check('', 'owner_auth', '', '') == 1 else ''
-            state = 'disabled' if name in get_default_admin_group() else ''
+
+            curs.execute(db_change('select acl from alist where name = ?'), [name])
+            acl_list = curs.fetchall()
+            acl_list = [for_b[0] for for_b in acl_list]
 
             data = '<ul>'
-            for for_a in acl_name_list:
-                curs.execute(db_change('select acl from alist where name = ?'), [name])
-                acl_list = curs.fetchall()
-                acl_list = [for_a[0] for for_a in acl_list]
-                
+            for for_a in acl_name_list:                
                 checked = ''
+                if for_a[1] in acl_list:
+                    checked = 'checked'
+                    
                 choice = '<input type="checkbox" ' + state + ' name="' + for_a[1] + '" ' + checked + '> ' + for_a[2]
                 if for_a[1] == '':
                     choice = for_a[2]
-                elif for_a[1] in acl_list:
-                    checked = 'checked'
 
                 data += '' + \
                     '<li class="opennamu_list_1" style="margin-left: ' + str(int(for_a[0]) * 20) + 'px;">' + \

route/give_auth.py

@@ -1,89 +0,0 @@
-from .tool.func import *
-
-def give_auth(name):
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        ip = ip_check()
-        
-        owner_auth = acl_check(tool = 'owner_auth')
-        owner_auth = 1 if owner_auth == 0 else 0
-
-        admin_auth = acl_check(tool = 'give_auth')
-        admin_auth = 1 if admin_auth == 0 else 0
-
-        curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [name])
-        user_acl = curs.fetchall()
-        if not user_acl:
-            return re_error(conn, '/error/2')
-        else:
-            user_acl = user_acl[0][0]
-
-        if owner_auth != 1:
-            curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [user_acl])
-            if curs.fetchall():
-                return re_error(conn, '/error/3')
-
-            if ip == name:
-                return re_error(conn, '/error/3')
-
-        if flask.request.method == 'POST':
-            if acl_check(tool = 'give_auth', memo = 'admin (' + name + ')') == 1:
-                return re_error(conn, '/error/3')
-
-            select_data = flask.request.form.get('select', 'X')
-            if select_data == 'X':
-                select_data = 'user'
-
-            curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [select_data])
-            if owner_auth != 1 and curs.fetchall():
-                return re_error(conn, '/error/3')
-
-            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'acl'"), [select_data, name])
-            curs.execute(db_change('delete from user_set where name = "auth_date" and id = ?'), [name])
-
-            time_limit = flask.request.form.get('date', '')
-            if re.search(r'^[0-9]{4}-[0-9]{2}-[0-9]{2}$', time_limit):
-                curs.execute(db_change("insert into user_set (id, name, data) values (?, 'auth_date', ?)"), [name, time_limit])
-            else:
-                time_limit = ''
-
-            add_alarm(conn, name, ip, 'Auth change to ' + select_data + (' (' + time_limit + ')' if time_limit != '' else ''))
-
-            return redirect(conn, '/auth/give/' + url_pas(name))
-        else:
-            if admin_auth != 1:
-                return re_error(conn, '/error/3')
-
-            div = '<option value="X">' + get_lang(conn, 'normal') + '</option>'
-            div += '<option value="ban">' + get_lang(conn, 'ban') + '</option>'
-
-            curs.execute(db_change('select distinct name from alist order by name asc'))
-            for data in curs.fetchall():
-                if user_acl == data[0]:
-                    div = '<option value="' + data[0] + '">' + data[0] + '</option>' + div
-                else:
-                    div += '<option value="' + data[0] + '">' + data[0] + '</option>'
-                    
-            date_value = ''
-            
-            curs.execute(db_change('select data from user_set where name = "auth_date" and id = ?'), [name])
-            db_data = curs.fetchall()
-            if db_data:
-                date_value = db_data[0][0]
-
-            return easy_minify(conn, flask.render_template(skin_check(conn),
-                imp = [name, wiki_set(conn), wiki_custom(conn), wiki_css(['(' + get_lang(conn, 'authorize') + ')', 0])],
-                data =  '''
-                    <form method="post">
-                        <div id="opennamu_get_user_info">''' + html.escape(name) + '''</div>
-                        <hr class="main_hr">
-                        <select name="select">''' + div + '''</select>
-                        <hr class="main_hr">
-                        <input type="date" value="''' + date_value + '''" name="date" pattern="\\d{4}-\\d{2}-\\d{2}">
-                        <hr class="main_hr">
-                        <button type="submit">''' + get_lang(conn, 'save') + '''</button>
-                    </form>
-                ''',
-                menu = [['manager', get_lang(conn, 'return')]]
-            ))

route/give_delete_admin_group.py

@@ -4,23 +4,29 @@ def give_delete_admin_group_2(name = 'test'):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
+        if name in get_default_admin_group():
+            return redirect(conn, '/auth/list')
+
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
-            acl_check(tool = 'owner_auth', memo = 'auth list delete (' + name + ')')
+            curs.execute(db_change("select name from user_set where name = 'acl' and data = ? limit 1"), [name])
+            if not curs.fetchall():
+                acl_check(tool = 'owner_auth', memo = 'auth list delete (' + name + ')')
 
-            curs.execute(db_change("delete from alist where name = ?"), [name])
-            curs.execute(db_change("update user_set set data = 'user' where name = 'acl' and data = ?"), [name])
+                curs.execute(db_change("delete from alist where name = ?"), [name])
 
-            return redirect(conn, '/auth/list')
+                return redirect(conn, '/auth/list')
+            else:
+                return re_error(conn, 47)
         else:
             return easy_minify(conn, flask.render_template(skin_check(conn),
                 imp = [get_lang(conn, "delete_admin_group"), wiki_set(conn), wiki_custom(conn), wiki_css(['(' + name + ')', 0])],
-                data = '''
-                    <form method=post>
-                        <button type=submit>''' + get_lang(conn, 'delete') + '''</button>
-                    </form>
-                ''',
+                data = '' + \
+                    '<form method="post">' + \
+                        '<button type="submit">' + get_lang(conn, 'delete') + '</button>' + \
+                    '</form>' + \
+                '',
                 menu = [['auth/list', get_lang(conn, 'return')]]
             ))

route/give_user_ban.py

@@ -8,10 +8,10 @@ def give_user_ban(name = None, ban_type = ''):
         
         if ban_check(ip = ip, tool = 'login')[0] == 1:
             if ip_or_user(ip) == 1 or acl_check(tool = 'all_admin_auth', ip = ip) != 0:
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
         else:
             if acl_check(tool = 'ban_auth', ip = ip) == 1:
-                return re_error(conn, '/error/3')
+                return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             end = '0'
@@ -61,7 +61,7 @@ def give_user_ban(name = None, ban_type = ''):
                     try:
                         re.compile(name)
                     except:
-                        return re_error(conn, '/error/23')
+                        return re_error(conn, 23)
                 elif regex_get == 'cidr':
                     type_d = 'cidr'
 
@@ -71,16 +71,16 @@ def give_user_ban(name = None, ban_type = ''):
                         try:
                             ipaddress.IPv6Network(name, False)
                         except:
-                            return re_error(conn, '/error/45')
+                            return re_error(conn, 45)
                 else:
                     type_d = None
 
                 if name == ip:
                     if acl_check(tool = 'all_admin_auth', memo = 'ban (' + name + ')') == 1:
-                        return re_error(conn, '/error/3')
+                        return re_error(conn, 3)
                 else:
                     if acl_check(tool = 'ban_auth', memo = 'ban (' + name + ')') == 1:
-                        return re_error(conn, '/error/3')
+                        return re_error(conn, 3)
 
                 ban_insert(conn, 
                     name,

route/give_user_fix.py

@@ -6,10 +6,10 @@ def give_user_fix(user_name = ''):
 
         curs.execute(db_change("select data from user_set where id = ? and name = 'pw'"), [user_name])
         if not curs.fetchall():
-            return re_error(conn, '/error/2')
+            return re_error(conn, 2)
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             select = flask.request.form.get('select', '')
@@ -26,7 +26,7 @@ def give_user_fix(user_name = ''):
                         user_name
                     ])
                 else:
-                    return re_error(conn, '/error/20')
+                    return re_error(conn, 20)
             elif select == '2fa_password_change':
                 password = flask.request.form.get('new_password', '')
                 check_password = flask.request.form.get('password_check', '')
@@ -39,7 +39,7 @@ def give_user_fix(user_name = ''):
                     else:
                         curs.execute(db_change("insert into user_set (name, id, data) values ('2fa_pw', ?, ?)"), [user_name, hashed])
                 else:
-                    return re_error(conn, '/error/20')
+                    return re_error(conn, 20)
             elif select == '2fa_off':
                 curs.execute(db_change('select data from user_set where name = "2fa" and id = ?'), [user_name])
                 if curs.fetchall():

route/go_api_bbs_w_comment.py

@@ -1,9 +1,9 @@
 from .tool.func import *
 
-async def api_bbs_w_comment_n(bbs_num = "", post_num = "", tool = "length"):
+async def api_bbs_w_comment(sub_code = '', tool = "", legacy = 'on'):
     other_set = {}
-    other_set["bbs_num"] = str(bbs_num)
-    other_set["post_num"] = str(post_num)
+    other_set["sub_code"] = sub_code
     other_set["tool"] = tool
+    other_set["legacy"] = legacy
 
     return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_bbs_w_comment_one.py

@@ -0,0 +1,9 @@
+from .tool.func import *
+
+async def api_bbs_w_comment_one(sub_code = '', legacy = 'on', tool = ''):
+    other_set = {}
+    other_set["sub_code"] = sub_code
+    other_set["legacy"] = legacy
+    other_set["tool"] = tool
+
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_bbs_w_set.py

@@ -0,0 +1,14 @@
+from .tool.func import *
+
+async def api_bbs_w_set(name = 'Test', set_id = '1'):
+    other_set = {}
+    other_set["set_name"] = name
+    other_set["set_id"] = set_id
+    other_set["ip"] = ip_check()
+
+    func_name = sys._getframe().f_code.co_name
+    if flask.request.method == 'PUT':
+        func_name += '_put'
+        other_set['data'] = flask.request.form.get('data', 'Test')
+    
+    return flask.Response(response = (await python_to_golang(func_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_search.py → route/go_api_func_search.py

@@ -1,6 +1,6 @@
 from .tool.func import *
 
-async def api_search(name = 'Test', search_type = 'title', num = 1):
+async def api_func_search(name = 'Test', search_type = 'title', num = 1):
     other_set = {}
     other_set["name"] = name
     other_set["search_type"] = search_type

route/go_api_give_auth.py

@@ -0,0 +1,16 @@
+from .tool.func import *
+
+async def api_give_auth():
+    if flask.request.method == 'PATCH':
+        func_name = sys._getframe().f_code.co_name
+        func_name += '_patch'
+
+        other_set = {}
+        other_set["ip"] = ip_check()
+        other_set["user_name"] = flask.request.form.get('user_name', '')
+        other_set['auth'] = flask.request.form.get('auth', '')
+        other_set['change_auth'] = flask.request.form.get('change_auth', '')
+
+        return flask.Response(response = (await python_to_golang(func_name, other_set)), status = 200, mimetype = 'application/json')
+    else:
+        return flask.jsonify({}) 

route/go_api_func_acl_list.py → route/go_api_list_acl.py

@@ -1,6 +1,6 @@
 from .tool.func import *
 
-async def api_func_acl_list(data_type = ''):
+async def api_list_acl(data_type = ''):
     other_set = {}
     other_set = data_type
 

route/go_api_list_auth.py

@@ -0,0 +1,6 @@
+from .tool.func import *
+
+async def api_list_auth():
+    other_set = {}
+
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_list_history.py

@@ -0,0 +1,10 @@
+from .tool.func import *
+
+async def api_list_history(num = 1, set_type = 'normal', doc_name = 'Test'):
+    other_set = {}
+    other_set["num"] = str(num)
+    other_set["doc_name"] = doc_name
+    other_set["set_type"] = set_type
+    other_set["ip"] = ip_check()
+    
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_list_markup.py

@@ -0,0 +1,6 @@
+from .tool.func import *
+
+async def api_list_markup():
+    other_set = {}
+
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_topic.py

@@ -7,7 +7,7 @@ def api_topic_thread_make(user_id, date, data, code, color = '', blind = '', add
         else:
             color_b = 'opennamu_comment_blind_admin'
 
-        class_b = 'opennamu_comment_blind_js'
+        class_b = 'opennamu_comment_blind_js opennamu_list_hidden'
     else:
         color_b = 'opennamu_comment_blind_not'
         class_b = ''
@@ -79,12 +79,12 @@ def api_topic_thread_pre_render(conn, data, num, ip, topic_num = '', name = '',
             ip_data = curs.fetchall()
             if ip_data and ip_or_user(ip_data[0][0]) == 0:
                 if do_type == 'thread':
-                    add_alarm(conn, ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                    add_alarm(ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
                 else:
                     set_id = topic_num.split('-')
                     set_id = ['', ''] if len(set_id) < 2 else set_id
 
-                    add_alarm(conn, ip_data[0][0], ip, 'BBS <a href="/bbs/w/' + set_id[0] + '/' + set_id[1] + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                    add_alarm(ip_data[0][0], ip, 'BBS <a href="/bbs/w/' + set_id[0] + '/' + set_id[1] + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
 
             data = re.sub(call_thread_regex, rd_data[0] + '<topic_a_' + do_type + '>#' + view_data + '</topic_a_' + do_type + '>' + rd_data[3], data, 1)
 
@@ -109,10 +109,10 @@ def api_topic_thread_pre_render(conn, data, num, ip, topic_num = '', name = '',
 
             if ip_data and ip_or_user(ip_data[0][0]) == 0:
                 if do_type == 'thread':
-                    add_alarm(conn, ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                    add_alarm(ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
                 else:
                     set_id = topic_num.split('-')
-                    add_alarm(conn, ip_data[0][0], ip, 'BBS <a href="/bbs/w/' + set_id[0] + '/' + set_id[1] + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                    add_alarm(ip_data[0][0], ip, 'BBS <a href="/bbs/w/' + set_id[0] + '/' + set_id[1] + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
 
             data = re.sub(call_user_regex, rd_data[0] + '<topic_call>@' + rd_data[1] + '</topic_call>' + rd_data[2], data, 1)
 

route/go_api_w_page_view.py

@@ -0,0 +1,7 @@
+from .tool.func import *
+
+async def api_w_page_view(name = 'Test'):
+    other_set = {}
+    other_set["doc_name"] = name
+
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/go_api_w_raw.py

@@ -1,13 +1,10 @@
 from .tool.func import *
 
 async def api_w_raw(name = 'Test', rev = '', exist_check = ''):
-    with get_db_connect() as conn:
-        if acl_check(name, 'render') != 1:
-            other_set = {}
-            other_set["name"] = name
-            other_set["rev"] = str(rev)
-            other_set["exist_check"] = exist_check
+    other_set = {}
+    other_set["name"] = name
+    other_set["rev"] = str(rev)
+    other_set["exist_check"] = exist_check
+    other_set["ip"] = ip_check()
 
-            return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')
-        else:
-            return flask.jsonify({})
+    return flask.Response(response = (await python_to_golang(sys._getframe().f_code.co_name, other_set)), status = 200, mimetype = 'application/json')

route/list_user.py

@@ -11,11 +11,10 @@ def list_user(arg_num = 1):
         curs.execute(db_change("select id, data from user_set where name = 'date' order by data desc limit ?, 50"), [sql_num])
         user_list = curs.fetchall()
         for data in user_list:
-            list_data += '' + \
-                '<li>' + \
-                    ip_pas(data[0]) + (' (' + data[1] + ')' if data[1] != '' else '') + \
-                '</li>' + \
-            ''
+            list_data += '<li>'
+            list_data += ip_pas(data[0])
+            list_data += ' | ' + data[1] if data[1] != '' else ''
+            list_data += '</li>'
 
         list_data += '</ul>' + next_fix(conn, '/list/user/', arg_num, user_list)
 

route/list_user_check.py

@@ -14,12 +14,12 @@ def list_user_check(name = 'test', plus_name = None, arg_num = 1, do_type = 'nor
 
         if acl_check(tool = 'all_admin_auth', ip = name) != 1 or (plus_id and acl_check(tool = 'all_admin_auth', ip = plus_id) != 1):
             if acl_check('', 'owner_auth', '', '') == 1:
-                return re_error(conn, '/error/4')
+                return re_error(conn, 4)
 
         div = ''
 
         if acl_check(tool = 'check_auth', memo = (check_type + ' ' if check_type != '' else '') + 'check (' + name + ')') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if check_type == '':
             if ip_or_user(name) == 0:

route/list_user_check_delete.py

@@ -5,7 +5,7 @@ def list_user_check_delete(name = None, ip = None, time = None, do_type = 1):
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/4')
+            return re_error(conn, 4)
 
         user_id = name
         user_ip = ip

route/login_find_email.py

@@ -37,7 +37,7 @@ def login_find_email(tool):
                     for i in re_set_list:
                         flask.session.pop(i, None)
                     
-                    return re_error(conn, '/error/36')
+                    return re_error(conn, 36)
         
             curs.execute(db_change('select data from other where name = "email_title"'))
             sql_d = curs.fetchall()
@@ -50,10 +50,10 @@ def login_find_email(tool):
             if tool == 'pass_find':
                 curs.execute(db_change("select id from user_set where id = ? and name = 'email' and data = ?"), [user_id, user_email])
                 if not curs.fetchall():
-                    return re_error(conn, '/error/12')
+                    return re_error(conn, 12)
                     
                 if send_email(conn, user_email, t_text, i_text) == 0:
-                    return re_error(conn, '/error/18')
+                    return re_error(conn, 18)
         
                 return redirect(conn, '/pass_find/email')
             else:
@@ -62,13 +62,13 @@ def login_find_email(tool):
                     for i in re_set_list:
                         flask.session.pop(i, None)
         
-                    return re_error(conn, '/error/35')
+                    return re_error(conn, 35)
                 
                 if send_email(conn, user_email, t_text, i_text) == 0:
                     for i in re_set_list:
                         flask.session.pop(i, None)
         
-                    return re_error(conn, '/error/18')
+                    return re_error(conn, 18)
         
                 flask.session['c_email'] = user_email
         

route/login_find_email_check.py

@@ -56,14 +56,14 @@ def login_find_email_check(tool):
                         for i in re_set_list:
                             flask.session.pop(i, None)
         
-                        return re_error(conn, '/error/8')
+                        return re_error(conn, 8)
                 
                     curs.execute(db_change("select id from user_set where id = ? and name = 'application'"), [flask.session['c_id']])
                     if curs.fetchall():
                         for i in re_set_list:
                             flask.session.pop(i, None)
         
-                        return re_error(conn, '/error/8')
+                        return re_error(conn, 8)
         
                     curs.execute(db_change('select data from other where name = "requires_approval"'))
                     requires_approval = curs.fetchall()

route/login_find_key.py

@@ -5,7 +5,7 @@ def login_find_key():
         curs = conn.cursor()
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
             
             input_key = flask.request.form.get('key', '')
             curs.execute(db_change('select id from user_set where name = "random_key" and data = ?'), [input_key])

route/login_login.py

@@ -9,11 +9,11 @@ def login_login_2():
             return redirect(conn, '/user')
 
         if ban_check(None, 'login')[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.request.form.get('id', '')
@@ -22,19 +22,19 @@ def login_login_2():
             curs.execute(db_change("select data from user_set where id = ? and name = 'pw'"), [user_id])
             db_data = curs.fetchall()
             if not db_data:
-                return re_error(conn, '/error/2')
+                return re_error(conn, 2)
             else:
                 db_user_pw = db_data[0][0]
                 
             curs.execute(db_change("select data from user_set where id = ? and name = 'encode'"), [user_id])
             db_data = curs.fetchall()
             if not db_data:
-                return re_error(conn, '/error/2')
+                return re_error(conn, 2)
             else:
                 db_user_encode = db_data[0][0]
 
             if pw_check(conn, user_pw, db_user_pw, db_user_encode, user_id) != 1:
-                return re_error(conn, '/error/10')
+                return re_error(conn, 10)
 
             curs.execute(db_change('select data from user_set where name = "2fa" and id = ?'), [user_id])
             fa_data = curs.fetchall()

route/login_login_2fa.py

@@ -15,11 +15,11 @@ def login_login_2fa_2():
             return redirect(conn, '/user')
 
         if ban_check(None, 'login')[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.session['login_id']
@@ -34,7 +34,7 @@ def login_login_2fa_2():
 
                 pw_check_d = pw_check(conn, user_pw, user_1, user_2, user_id)
                 if pw_check_d != 1:
-                    return re_error(conn, '/error/10')
+                    return re_error(conn, 10)
 
             flask.session['id'] = user_id
 

route/login_login_2fa_email.py

@@ -15,11 +15,11 @@ def login_login_2fa_email_2():
             return redirect(conn, '/user')
 
         if ban_check(None, 'login')[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             user_agent = flask.request.headers.get('User-Agent', '')
             user_id = flask.session['b_id']
@@ -34,7 +34,7 @@ def login_login_2fa_email_2():
 
                 pw_check_d = pw_check(conn, user_pw, user_1, user_2, user_id)
                 if pw_check_d != 1:
-                    return re_error(conn, '/error/10')
+                    return re_error(conn, 10)
 
             flask.session['id'] = user_id
 

route/login_register.py

@@ -5,7 +5,7 @@ def login_register_2():
         curs = conn.cursor()
 
         if ban_check(None, 'login')[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         ip = ip_check()
         admin = acl_check(tool = 'owner_auth')
@@ -18,12 +18,12 @@ def login_register_2():
             curs.execute(db_change('select data from other where name = "reg"'))
             set_d = curs.fetchall()
             if set_d and set_d[0][0] == 'on':
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             # 리캡차
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             user_id = flask.request.form.get('id', '')
             user_pw = flask.request.form.get('pw', '')
@@ -31,10 +31,10 @@ def login_register_2():
 
             # PW 검증
             if user_id == '' or user_pw == '':
-                return re_error(conn, '/error/27')
+                return re_error(conn, 27)
 
             if user_pw != user_repeat:
-                return re_error(conn, '/error/20')
+                return re_error(conn, 20)
 
             # PW 길이 제한
             curs.execute(db_change("select data from other where name = 'password_min_length'"))
@@ -42,10 +42,10 @@ def login_register_2():
             if db_data and db_data[0][0] != '':
                 password_min_length = int(number_check(db_data[0][0]))
                 if password_min_length > len(user_pw):
-                    return re_error(conn, '/error/40')
+                    return re_error(conn, 40)
 
             if do_user_name_check(conn, user_id) == 1:
-                return re_error(conn, '/error/8')
+                return re_error(conn, 8)
 
             if admin != 1:
                 # 이메일 필요시 /register/email로 발송

route/login_register_email.py

@@ -38,10 +38,10 @@ def login_register_email_2():
 
             curs.execute(db_change('select id from user_set where name = "email" and data = ?'), [user_email])
             if curs.fetchall():
-                return re_error(conn, '/error/35')
+                return re_error(conn, 35)
 
             if send_email(conn, user_email, t_text, i_text) == 0:
-                return re_error(conn, '/error/18')
+                return re_error(conn, 18)
 
             flask.session['reg_email'] = user_email
 

route/login_register_submit.py

@@ -50,7 +50,7 @@ def login_register_submit_2():
 
             curs.execute(db_change("insert into user_set (id, name, data) values (?, ?, ?)"), [user_app_data['id'], 'application', orjson.dumps(user_app_data).decode('utf-8')])
 
-            return re_error(conn, '/error/43')
+            return re_error(conn, 43)
         else:
             return easy_minify(conn, flask.render_template(skin_check(conn),
                 imp = [get_lang(conn, 'approval_question'), wiki_set(conn), wiki_custom(conn), wiki_css([0, 0])],

route/main_func_error_404.py

@@ -29,4 +29,4 @@ def main_func_error_404(e = ''):
                         menu = 0
                     )), 404
                 else:
-                    return re_error(conn, '/error/46')
+                    return re_error(conn, 46)

route/main_search_deep.py

@@ -1,6 +1,6 @@
 from .tool.func import *
 
-from .go_api_search import api_search
+from .go_api_func_search import api_func_search
 
 async def main_search_deep(name = 'Test', search_type = 'title', num = 1):
     with get_db_connect() as conn:
@@ -51,7 +51,7 @@ async def main_search_deep(name = 'Test', search_type = 'title', num = 1):
                 <ul>
             '''
 
-            all_list = orjson.loads((await api_search(name, search_type, num)).get_data(as_text = True))
+            all_list = orjson.loads((await api_func_search(name, search_type, num)).get_data(as_text = True))
             for data in all_list:
                 div += '<li><a href="/w/' + url_pas(data) + '">' + data + '</a></li>'
 

route/main_setting.py

@@ -13,7 +13,6 @@ def main_setting():
             ['sitemap_set', get_lang(conn, 'sitemap_management')],
             ['top_menu', get_lang(conn, 'top_menu_setting')],
             ['skin_set', get_lang(conn, 'main_skin_set_default')],
-            ['acl', get_lang(conn, 'main_acl_setting')],
             ['404_page', get_lang(conn, '404_page_setting')]
         ]
 

route/main_setting_acl.py

@@ -1,112 +0,0 @@
-from .tool.func import *
-
-def main_setting_acl():
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        i_list = {
-            1 : 'edit',
-            2 : 'discussion',
-            3 : 'upload_acl',
-            4 : 'all_view_acl',
-            5 : 'many_upload_acl',
-            6 : 'vote_acl',
-            7 : 'document_edit_acl',
-            8 : 'document_move_acl',
-            9 : 'document_delete_acl',
-            10 : 'slow_edit_acl',
-            11 : 'edit_bottom_compulsion_acl',
-            12 : 'recaptcha_pass_acl',
-            13 : 'recaptcha_one_check_five_pass_acl',
-            14 : 'document_edit_request_acl',
-            15 : 'document_make_acl'
-        }
-        default_list = {
-            12 : 'user'
-        }
-
-        if flask.request.method == 'POST':
-            if acl_check(tool = 'owner_auth', memo = 'edit_set (acl)') == 1:
-                return re_error(conn, '/ban')
-            else:
-                curs.executemany(db_change("update other set data = ? where name = ?"), [[flask.request.form.get(i_list[for_a], 'normal'), i_list[for_a]] for for_a in i_list])
-
-                return redirect(conn, '/setting/acl')
-        else:
-            d_list = {}
-            disable = 'disabled' if acl_check('', 'owner_auth', '', '') == 1 else ''
-            acl_div = ['' for _ in range(0, len(i_list))]
-
-            for for_a in i_list:
-                curs.execute(db_change('select data from other where name = ?'), [i_list[for_a]])
-                sql_d = curs.fetchall()
-                if sql_d:
-                    d_list[for_a] = sql_d[0][0]
-                else:
-                    default_data = 'normal' if not for_a in default_list else default_list[for_a]
-                    curs.execute(db_change('insert into other (name, data, coverage) values (?, ?, "")'), [i_list[for_a], default_data])
-                    d_list[for_a] = default_data
-
-            acl_list = get_acl_list()
-            for for_a in range(0, len(i_list)):
-                for data_list in acl_list:
-                    acl_div[for_a] += '<option value="' + data_list + '" ' + ('selected="selected"' if data_list == d_list[for_a + 1] else '') + '>' + (data_list if data_list != '' else 'normal') + '</option>'
-
-            return easy_minify(conn, flask.render_template(skin_check(conn),
-                imp = [get_lang(conn, 'main_acl_setting'), wiki_set(conn), wiki_custom(conn), wiki_css([0, 0])],
-                data = render_simple_set(conn, '''
-                    <form method="post">
-                        <hr class="main_hr">
-                        <a href="/acl/TEST#exp">(''' + get_lang(conn, 'reference') + ''')</a>
-                        
-                        <h2>''' + get_lang(conn, 'document_acl') + '''</h2>
-                        <select ''' + disable + ''' name="edit">''' + acl_div[0] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'document_make_acl') + '''</h3>
-                        <select ''' + disable + ''' name="document_make_acl">''' + acl_div[14] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'document_edit_acl') + '''</h3>
-                        <select ''' + disable + ''' name="document_edit_acl">''' + acl_div[6] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'document_edit_request_acl') + '''</h3>
-                        <select ''' + disable + ''' name="document_edit_request_acl">''' + acl_div[13] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'document_move_acl') + '''</h3>
-                        <select ''' + disable + ''' name="document_move_acl">''' + acl_div[7] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'document_delete_acl') + '''</h3>
-                        <select ''' + disable + ''' name="document_delete_acl">''' + acl_div[8] + '''</select>
-                        
-                        <h2>''' + get_lang(conn, 'discussion_acl') + '''</h2>
-                        <select ''' + disable + ''' name="discussion">''' + acl_div[1] + '''</select>
-                        
-                        <h2>''' + get_lang(conn, 'upload_acl') + '''</h2>
-                        <select ''' + disable + ''' name="upload_acl">''' + acl_div[2] + '''</select>
-                        
-                        <h3>''' + get_lang(conn, 'many_upload_acl') + '''</h3>
-                        <select ''' + disable + ''' name="many_upload_acl">''' + acl_div[4] + '''</select>
-                        
-                        <h2>''' + get_lang(conn, 'view_acl') + '''</h2>
-                        <select ''' + disable + ''' name="all_view_acl">''' + acl_div[3] + '''</select>
-                        
-                        <h2>''' + get_lang(conn, 'vote_acl') + '''</h2>
-                        <select ''' + disable + ''' name="vote_acl">''' + acl_div[5] + '''</select>
-
-                        <h2>''' + get_lang(conn, 'slow_edit_acl') + '''</h2>
-                        <select ''' + disable + ''' name="slow_edit_acl">''' + acl_div[9] + '''</select>
-
-                        <h2>''' + get_lang(conn, 'edit_bottom_compulsion_acl') + '''</h2>
-                        <select ''' + disable + ''' name="edit_bottom_compulsion_acl">''' + acl_div[10] + '''</select>
-
-                        <h2>''' + get_lang(conn, 'recaptcha_pass_acl') + '''</h2>
-                        <select ''' + disable + ''' name="recaptcha_pass_acl">''' + acl_div[11] + '''</select>
-
-                        <h3>''' + get_lang(conn, 'recaptcha_one_check_five_pass_acl') + '''</h3>
-                        <select ''' + disable + ''' name="recaptcha_one_check_five_pass_acl">''' + acl_div[12] + '''</select>
-                        
-                        <hr class="main_hr">
-                        <button id="opennamu_save_button" type="submit">''' + get_lang(conn, 'save') + '''</button>
-                    </form>
-                '''),
-                menu = [['setting/main', get_lang(conn, 'return')]]
-            ))

route/main_setting_external.py

@@ -5,7 +5,7 @@ def main_setting_external():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         i_list = [
             'recaptcha',

route/main_setting_head.py

@@ -5,7 +5,7 @@ def main_setting_head(num, skin_name = '', set_preview = 0):
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         if flask.request.method == 'POST' and set_preview == 0:
             if num == 4:

route/main_setting_main.py

@@ -5,7 +5,7 @@ def main_setting_main():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         setting_list = {
             0 : ['name', 'Wiki'],
@@ -45,7 +45,8 @@ def main_setting_main():
             42 : ['ua_expiration_date', ''],
             43 : ['auth_history_expiration_date', ''],
             44 : ['auth_history_off', ''],
-            45 : ['user_name_level', '']
+            45 : ['user_name_level', ''],
+            46 : ['load_ip_select', '']
         }
 
         if flask.request.method == 'POST':
@@ -114,6 +115,18 @@ def main_setting_main():
 
                 sqlite_only = 'style="display:none;"' if set_data != 'sqlite' else ''
 
+            ip_load_select_data = ''
+            ip_load_option = ['default', 'HTTP_X_REAL_IP', 'HTTP_CF_CONNECTING_IP', 'REMOTE_ADDR']
+            for for_a in ip_load_option:
+                view_ip_option = for_a
+                if for_a == 'default':
+                    view_ip_option = get_lang(conn, 'default')
+
+                if d_list[46] == for_a:
+                    ip_load_select_data = '<option value="' + for_a + '">' + view_ip_option + '</option>' + ip_load_select_data
+                else:
+                    ip_load_select_data += '<option value="' + for_a + '">' + view_ip_option + '</option>'
+
             basic_set = '''
                 <h2>''' + get_lang(conn, 'basic_set') + '''</h2>
                             
@@ -161,6 +174,11 @@ def main_setting_main():
                 <span>''' + get_lang(conn, 'set_wiki_access_password') + '''</span> (''' + get_lang(conn, 'restart_required') + ''')
                 <hr class="main_hr">
                 <input type="password" name="wiki_access_password" value="''' + html.escape(d_list[32]) + '''">
+                <hr class="main_hr">
+
+                <span>''' + get_lang(conn, 'wiki_load_ip_select') + '''</span> (''' + get_lang(conn, 'restart_required') + ''')
+                <hr class="main_hr">
+                <select name="load_ip_select">''' + ip_load_select_data + '''</select>
                 
                 <h3>''' + get_lang(conn, 'authority_use_list') + '''</h3>
                 

route/main_setting_main_logo.py

@@ -5,7 +5,7 @@ def main_setting_main_logo():
         curs = conn.cursor()
         
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         skin_list = [0] + load_skin(conn, '', 1)
         i_list = []

route/main_setting_phrase.py

@@ -5,7 +5,7 @@ def main_setting_phrase():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         i_list = [
             'contract',

route/main_setting_robot.py

@@ -5,7 +5,7 @@ def main_setting_robot():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         curs.execute(db_change("select data from other where name = 'robot'"))
         db_data = curs.fetchall()

route/main_setting_sitemap.py

@@ -6,7 +6,7 @@ def main_setting_sitemap(do_type = 0):
 
         if not do_type == 1:
             if acl_check('', 'owner_auth', '', '') == 1:
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
         
         if do_type == 1 or flask.request.method == 'POST':
             if not do_type == 1:

route/main_setting_sitemap_set.py

@@ -5,7 +5,7 @@ def main_setting_sitemap_set():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         setting_list = {
             0 : ['sitemap_auto_exclude_domain', ''],

route/main_setting_skin_set.py

@@ -7,7 +7,7 @@ def main_setting_skin_set():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
             
         set_list = user_setting_skin_set_main_set_list(conn)
 

route/main_setting_top_menu.py

@@ -5,7 +5,7 @@ def main_setting_top_menu():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
         
         if flask.request.method == 'POST':
             curs.execute(db_change("select name from other where name = 'top_menu'"))

route/main_sys_restart.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def main_sys_restart():
     with get_db_connect() as conn:
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'restart')
@@ -30,7 +30,7 @@ def main_sys_restart():
                 except:
                     pass
             else:
-                return re_error(conn, '/error/33')
+                return re_error(conn, 33)
         else:
             return easy_minify(conn, flask.render_template(skin_check(conn),
                 imp = [get_lang(conn, 'wiki_restart'), wiki_set(conn), wiki_custom(conn), wiki_css([0, 0])],

route/main_sys_shutdown.py

@@ -3,7 +3,7 @@ from .tool.func import *
 def main_sys_shutdown():
     with get_db_connect() as conn:
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'shutdown')

route/main_sys_update.py

@@ -8,7 +8,7 @@ def main_sys_update():
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'update')
@@ -50,7 +50,7 @@ def main_sys_update():
             
             print('Error : update failed')
 
-            return re_error(conn, '/error/34')
+            return re_error(conn, 34)
         else:
             return easy_minify(conn, flask.render_template(skin_check(conn),
                 imp = [get_lang(conn, 'update'), wiki_set(conn), wiki_custom(conn), wiki_css([0, 0])],

route/main_tool_admin.py

@@ -13,6 +13,8 @@ def main_tool_admin():
                     <li><a href="/auth/ban">''' + get_lang(conn, 'ban') + '''</a></li>
                     <li><a href="/auth/ban/multiple">''' + get_lang(conn, 'multiple_ban') + '''</a></li>
                     <li><a href="/manager/5">''' + get_lang(conn, 'authorize') + '''</a></li>
+                    <li><a href="/auth/give">''' + get_lang(conn, 'multiple_authorize') + '''</a></li>
+                    <li><a href="/auth/give_total">''' + get_lang(conn, 'auth_to_auth') + '''</a></li>
                     <li><a href="/delete_multiple">''' + get_lang(conn, 'many_delete') + '''</a></li>
                     <li><a href="/app_submit">''' + get_lang(conn, 'application_list') + '''</a></li>
                 </ul>

route/main_view_image.py

@@ -14,4 +14,4 @@ def main_view_image(name = ''):
             else:
                 return ''
         else:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)

route/n_bbs_main.py

@@ -9,5 +9,5 @@ def bbs_main():
                 '<script defer src="/views/main_css/js/route/bbs_main.js' + cache_v() + '"></script>' + \
                 '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_bbs_main(); });</script>' + \
             '',
-            menu = [['other', get_lang(conn, 'other_tool')]] + ([['bbs/make', get_lang(conn, 'add')], ['bbs/set', get_lang(conn, 'bbs_set')]] if acl_check('', 'owner_auth', '', '') != 1 else [])
+            menu = [['other', get_lang(conn, 'other_tool')], ['bbs/make', get_lang(conn, 'add')]]
         ))

route/n_bbs_set.py

@@ -1,13 +0,0 @@
-from .tool.func import *
-
-def bbs_set():
-    with get_db_connect() as conn:
-        return easy_minify(conn, flask.render_template(skin_check(conn),
-            imp = [get_lang(conn, 'bbs_set'), wiki_set(conn), wiki_custom(conn), wiki_css([0, 0])],
-            data = '' + \
-                '<div id="opennamu_bbs_set"></div>' + \
-                '<script defer src="/views/main_css/js/route/bbs_set.js' + cache_v() + '"></script>' + \
-                '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_bbs_set(); });</script>' + \
-            '',
-            menu = [['bbs/main', get_lang(conn, 'bbs_main')]]
-        ))

route/n_bbs_w_set.py

@@ -0,0 +1,24 @@
+from .tool.func import *
+
+def bbs_w_set(bbs_num = ''):
+    with get_db_connect() as conn:
+        curs = conn.cursor()
+
+        curs.execute(db_change('select set_data from bbs_set where set_id = ? and set_name = "bbs_name"'), [bbs_num])
+        db_data = curs.fetchall()
+        if not db_data:
+            return redirect(conn, '/bbs/main')
+        else:
+            bbs_name = db_data[0][0]
+
+        bbs_num_str = str(bbs_num)
+
+        return easy_minify(conn, flask.render_template(skin_check(conn),
+            imp = [get_lang(conn, 'bbs_set'), wiki_set(conn), wiki_custom(conn), wiki_css(['(' + bbs_name + ')', 0])],
+            data = '' + \
+                '<div id="opennamu_bbs_w_set"></div>' + \
+                '<script defer src="/views/main_css/js/route/bbs_w_set.js' + cache_v() + '"></script>' + \
+                '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_bbs_w_set(); });</script>' + \
+            '',
+            menu = [['bbs/in/' + bbs_num_str, get_lang(conn, 'return')]]
+        ))

route/n_give_auth.py

@@ -0,0 +1,19 @@
+from .tool.func import *
+
+def give_auth(user_name = ''):
+    with get_db_connect() as conn:
+        if user_name == '':
+            user_name = get_lang(conn, 'authorize')
+            sub = 0
+        else:
+            sub = '(' + get_lang(conn, 'authorize') + ')'
+
+        return easy_minify(conn, flask.render_template(skin_check(conn),
+            imp = [user_name, wiki_set(conn), wiki_custom(conn), wiki_css([sub, 0])],
+            data = '' + \
+                '<div id="opennamu_give_auth"></div>' + \
+                '<script defer src="/views/main_css/js/route/give_auth.js' + cache_v() + '"></script>' + \
+                '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_give_auth(); });</script>' + \
+            '',
+            menu = [['manager', get_lang(conn, 'return')]]
+        ))

route/n_list_history.py

@@ -0,0 +1,13 @@
+from .tool.func import *
+
+def list_history(num = 1, set_type = 'normal', doc_name = 'Test'):
+    with get_db_connect() as conn:
+        return easy_minify(conn, flask.render_template(skin_check(conn),
+            imp = [doc_name, wiki_set(conn), wiki_custom(conn), wiki_css(['(' + get_lang(conn, 'history') + ')', 0])],
+            data = '' + \
+                '<div id="opennamu_list_history"></div>' + \
+                '<script defer src="/views/main_css/js/route/list_history.js' + cache_v() + '"></script>' + \
+                '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_list_history(); });</script>' + \
+            '',
+            menu = [['other', get_lang(conn, 'return')], ['history_add/' + url_pas(doc_name), get_lang(conn, 'history_add')], ['history_reset/' + url_pas(doc_name), get_lang(conn, 'history_reset')]]
+        ))

route/recent_app_submit.py

@@ -93,13 +93,13 @@ def recent_app_submit_2():
             ))
         else:
             if acl_check(tool = 'ban_auth', memo = 'app submit') == 1:
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
 
             if flask.request.form.get('approve', '') != '':
                 curs.execute(db_change('select data from user_set where id = ? and name = "application"'), [flask.request.form.get('approve', '')])
                 application = curs.fetchall()
                 if not application:
-                    return re_error(conn, '/error/26')
+                    return re_error(conn, 26)
                 else:
                     application = orjson.loads(application[0][0])
 

route/recent_history_add.py

@@ -8,7 +8,7 @@ def recent_history_add(name = 'Test', do_type = ''):
 
         ip = ip_check()
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'history_add (' + name + ')')

route/recent_history_delete.py

@@ -7,7 +7,7 @@ def recent_history_delete(name = 'Test', rev = 1):
         num = str(rev)
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'history delete ' + name + ' r' + num)

route/recent_history_reset.py

@@ -5,7 +5,7 @@ def recent_history_reset(name = 'Test'):
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'history reset ' + name)

route/recent_history_send.py

@@ -7,7 +7,7 @@ def recent_history_send(name = 'Test', rev = 1):
         num = str(rev)
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'send edit ' + name + ' r' + num)

route/recent_record_reset.py

@@ -5,7 +5,7 @@ def recent_record_reset(name = 'Test'):
         curs = conn.cursor()
 
         if acl_check('', 'owner_auth', '', '') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         if flask.request.method == 'POST':
             acl_check(tool = 'owner_auth', memo = 'record reset ' + name)

route/tool/func.py

@@ -4,7 +4,6 @@ import sys
 import platform
 import orjson
 import smtplib
-import random
 import shutil
 import datetime
 import ipaddress
@@ -150,6 +149,9 @@ def python_to_golang_sync(func_name, other_set = {}):
 
         time.sleep(0.01)
 
+    if data == '':
+        data = '{}'
+
     return data
 
 async def python_to_golang(func_name, other_set = {}):
@@ -190,6 +192,9 @@ async def python_to_golang(func_name, other_set = {}):
 
         await asyncio.sleep(0.01)
 
+    if data == '':
+        data = '{}'
+
     return data
 
 # Func-init
@@ -741,6 +746,17 @@ def update(conn, ver_num, set_data):
     if ver_num < 20240513:
         curs.execute(db_change("update user_set set data = '☑️' where name = 'user_title' and data = '✅'"))
 
+    if ver_num < 20240732:
+        curs.execute(db_change("select distinct name from alist where acl = 'owner'"))
+        for for_a in curs.fetchall():
+            curs.execute(db_change("select distinct id from user_set where name = 'acl' and data = ?"), [for_a[0]])
+            for for_b in curs.fetchall():
+                lang_name = get_lang_name(conn, tool = 'inter')
+                if lang_name == 'ko-KR':
+                    add_alarm(for_b[0], 'tool:system', '메인 ACL이 권한으로 개편되면서 기존 설정 값이 날라갔으니 권한으로 재설정 해주세요.')
+                else:
+                    add_alarm(for_b[0], 'tool:system', 'As the main ACL has been reorganized into the auth, the existing setting values have been lost, so please reset it to the auth.')
+
     print('Update completed')
 
 def set_init_always(conn, ver_num, run_mode):
@@ -756,14 +772,17 @@ def set_init_always(conn, ver_num, run_mode):
         curs.execute(db_change('delete from alist where name = "owner"'))
         curs.execute(db_change('insert into alist (name, acl) values ("owner", "owner")'))
 
-        curs.execute(db_change('delete from alist where name = "user"'))
-        curs.execute(db_change('insert into alist (name, acl) values ("user", "user")'))
+        curs.execute(db_change("select name from alist where name = 'user' limit 1"))
+        if not curs.fetchall():
+            curs.execute(db_change('insert into alist (name, acl) values ("user", "user")'))
 
-        curs.execute(db_change('delete from alist where name = "ip"'))
-        curs.execute(db_change('insert into alist (name, acl) values ("ip", "ip")'))
+        curs.execute(db_change("select name from alist where name = 'ip' limit 1"))
+        if not curs.fetchall():
+            curs.execute(db_change('insert into alist (name, acl) values ("ip", "ip")'))
 
-        curs.execute(db_change('delete from alist where name = "ban"'))
-        curs.execute(db_change('insert into alist (name, acl) values ("ban", "view")'))
+        curs.execute(db_change("select name from alist where name = 'ban' limit 1"))
+        if not curs.fetchall():
+            curs.execute(db_change('insert into alist (name, acl) values ("ban", "view")'))
 
         # 이미지 폴더 없으면 생성
         if not os.path.exists(load_image_url(conn)):
@@ -793,6 +812,11 @@ def set_init_always(conn, ver_num, run_mode):
             if db_data:
                 m_curs.execute('insert into temp (name, data) values ("wiki_access_password", ?)', [db_data[0][0]])
 
+        curs.execute(db_change('select data from other where name = "load_ip_select"'))
+        db_data = curs.fetchall()
+        if db_data and db_data[0][0] != '':
+            m_curs.execute('insert into temp (name, data) values ("load_ip_select", ?)', [db_data[0][0]])
+
         # OS마다 실행 파일 설정
         exe_type = linux_exe_chmod()
         if run_mode == '':
@@ -941,7 +965,7 @@ def get_acl_list(type_data = 'normal'):
     other_set = {}
     other_set['type'] = type_data
 
-    data_str = python_to_golang_sync('api_func_acl_list', other_set)
+    data_str = python_to_golang_sync('api_list_acl', other_set)
     data = orjson.loads(data_str)
 
     return data["data"]
@@ -1132,11 +1156,10 @@ def pw_check(conn, data, data2, type_d = 'no', id_d = ''):
 def easy_minify(conn, data, tool = None):
     return data
 
-def get_lang(conn, data, safe = 0):
-    with class_temp_db() as m_conn:
-        m_curs = m_conn.cursor()
-        curs = conn.cursor()
+def get_lang_name(conn, tool = ''):
+    curs = conn.cursor()
 
+    if tool != 'inter':
         ip = ip_check()
         if ip_or_user(ip) == 0:
             curs.execute(db_change('select data from user_set where name = "lang" and id = ?'), [ip])
@@ -1146,16 +1169,27 @@ def get_lang(conn, data, safe = 0):
         else:
             curs.execute(db_change("select data from other where name = 'language'"))
             rep_data = curs.fetchall()
+    else:
+        curs.execute(db_change("select data from other where name = 'language'"))
+        rep_data = curs.fetchall()
 
-        if not rep_data or rep_data[0][0] in ('', 'default'):
-            curs.execute(db_change("select data from other where name = 'language'"))
-            rep_data = curs.fetchall()
+    if not rep_data or rep_data[0][0] in ('', 'default'):
+        curs.execute(db_change("select data from other where name = 'language'"))
+        rep_data = curs.fetchall()
 
-        if rep_data:
-            lang_name = rep_data[0][0]
-        else:
-            lang_name = 'en-US'
-            
+    if rep_data:
+        lang_name = rep_data[0][0]
+    else:
+        lang_name = 'en-US'
+
+    return lang_name
+
+def get_lang(conn, data, safe = 0):
+    with class_temp_db() as m_conn:
+        m_curs = m_conn.cursor()
+
+        lang_name = get_lang_name(conn)
+        
         m_curs.execute('select data from temp where name = ?', ['lang_' + lang_name + '_' + data])
         db_data = m_curs.fetchall()
         if db_data:
@@ -1222,7 +1256,7 @@ def skin_check(conn, set_n = 0):
         return skin
     
 def cache_v():
-    return '.cache_v270'
+    return '.cache_v274'
 
 def wiki_css(data):
     with class_temp_db() as m_conn:
@@ -2052,7 +2086,7 @@ def do_edit_filter(conn, data):
     curs = conn.cursor()
 
     ip = ip_check()
-    if acl_check(tool = 'ban_auth') == 1:
+    if acl_check(tool = 'edit_filter_pass') == 1:
         curs.execute(db_change("select plus, plus_t from html_filter where kind = 'regex_filter' and plus != ''"))
         for data_list in curs.fetchall():
             match = re.compile(data_list[0], re.I)
@@ -2132,20 +2166,14 @@ def do_reload_recent_thread(conn, topic_num, date, name = None, sub = None):
     else:
         curs.execute(db_change("insert into rd (title, sub, code, date, band, stop, agree, acl) values (?, ?, ?, ?, '', '', '', '')"), [name, sub, topic_num, date])
 
-def add_alarm(conn, to_user, from_user, context):
-    curs = conn.cursor()
-
-    if to_user != from_user:
-        context = from_user + ' | ' + context
+def add_alarm(to_user, from_user, context):
+    other_set = {}
+    other_set['to'] = to_user
+    other_set['from'] = from_user
+    other_set['data'] = context
 
-        count = '1'
-        curs.execute(db_change("select id from user_notice where name = ? order by id + 0 desc"), [to_user])
-        db_data = curs.fetchall()
-        if db_data:
-            count = str(int(db_data[0][0]) + 1)
+    python_to_golang_sync('api_func_alarm_post', other_set)
 
-        curs.execute(db_change('insert into user_notice (id, name, data, date, readme) values (?, ?, ?, ?, "")'), [count, to_user, context, get_time()])
-    
 def add_user(conn, user_name, user_pw, user_email = '', user_encode = ''):
     curs = conn.cursor()
 
@@ -2294,7 +2322,7 @@ def history_plus(conn, title, data, date, ip, send, leng, t_check = '', mode = '
 def re_error(conn, data):
     curs = conn.cursor()
 
-    if data == '/ban':
+    if data == 0:
         if ban_check()[0] == 1:
             end = '<div id="opennamu_get_user_info">' + html.escape(ip_check()) + '</div>'
         else:
@@ -2310,7 +2338,7 @@ def re_error(conn, data):
         sub_title = title
         return_code = 400
 
-        num = int(number_check(data.replace('/error/', '')))
+        num = data
         if num == 1:
             data = get_lang(conn, 'no_login_error')
         elif num == 2:
@@ -2427,6 +2455,10 @@ def re_error(conn, data):
             data = get_lang(conn, 'func_404_error')
             title = '404'
             return_code = 404
+        elif num == 47:
+            data = get_lang(conn, 'still_use_auth_error')
+        elif num == 48:
+            data = get_lang(conn, 'xss_data_include_error')
         else:
             data = '???'
 

route/tool/func_render.py

@@ -17,6 +17,12 @@ class class_do_render:
         self.lang_data = lang_data
         self.markup = markup
 
+    def generate_random_string(self, length = 32):
+        characters = string.ascii_letters + string.digits
+
+        random_string = ''.join(random.choice(characters) for _ in range(length))
+        return random_string
+
     def do_render(self, doc_name, doc_data, data_type):
         curs = self.conn.cursor()
 
@@ -32,7 +38,7 @@ class class_do_render:
         else:
             doc_set['doc_type'] = data_type
         
-        doc_set['doc_include'] = str(time.time_ns()) + '_'
+        doc_set['doc_include'] = self.generate_random_string() + '_'
     
         rep_data = self.markup
         if rep_data == '' and doc_name != '':

route/tool/func_tool.py

@@ -2,6 +2,7 @@ import urllib.parse
 import datetime
 import hashlib
 import flask
+import random
 import string
 import re
 
@@ -46,20 +47,30 @@ def db_change(data):
         return data
 
 def ip_check(d_type = 0):
-    ip = ''
+    ip = '::1'
     if d_type == 0 and (flask.session and 'id' in flask.session):
         ip = flask.session['id']
-    else:        
-        ip = flask.request.environ.get('HTTP_X_REAL_IP',
-            flask.request.environ.get('HTTP_CF_CONNECTING_IP',
-                flask.request.environ.get('REMOTE_ADDR',
-                    '::1'
-                )
-            )
-        )
+    else:
+        with class_temp_db() as m_conn:
+            m_curs = m_conn.cursor()
 
-        if ip_or_user(ip) == 0:
-            ip = '::1'
+            m_curs.execute('select data from temp where name = "load_ip_select"')
+            db_data = m_curs.fetchall()
+            set_data = db_data[0][0] if db_data else 'default'
+        
+            if set_data == "default":
+                ip = flask.request.environ.get('HTTP_X_REAL_IP',
+                    flask.request.environ.get('HTTP_CF_CONNECTING_IP',
+                        flask.request.environ.get('REMOTE_ADDR',
+                            '::1'
+                        )
+                    )
+                )
+            else:
+                ip = flask.request.environ.get(set_data, '::1')
+            
+            if ip_or_user(ip) == 0:
+                ip = '::1'
 
     return ip
 

route/topic.py

@@ -30,29 +30,32 @@ def topic(topic_num = 0, do_type = '', doc_name = 'Test'):
         topic_acl = acl_check(name_value, 'topic', topic_num)
         topic_view_acl = acl_check('', 'topic_view', topic_num)
         if topic_view_acl == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
+        elif topic_num == '0':
+            if acl_check('', 'discuss_make_new_thread', topic_num) == 1:
+                return re_error(conn, 0)
 
         ip = ip_check()
 
         if flask.request.method == 'POST' and do_type == '':
             if do_edit_slow_check(conn, 'thread') == 1:
-                return re_error(conn, '/error/42')
+                return re_error(conn, 42)
 
             name = flask.request.form.get('topic', 'Test')
             sub = flask.request.form.get('title', 'Test')
             data = flask.request.form.get('content', 'Test').replace('\r', '')
             
             if do_title_length_check(conn, name) == 1:
-                return re_error(conn, '/error/38')
+                return re_error(conn, 38)
             
             if do_title_length_check(conn, sub, 'topic') == 1:
-                return re_error(conn, '/error/38')
+                return re_error(conn, 38)
             
             if do_edit_filter(conn, sub) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
             
             if do_edit_filter(conn, data) == 1:
-                return re_error(conn, '/error/21')
+                return re_error(conn, 21)
             
             if topic_num == '0':
                 curs.execute(db_change("select code from topic order by code + 0 desc limit 1"))
@@ -63,12 +66,12 @@ def topic(topic_num = 0, do_type = '', doc_name = 'Test'):
                 return redirect(conn, '/thread/' + topic_num)
 
             if captcha_post(conn, flask.request.form.get('g-recaptcha-response', flask.request.form.get('g-recaptcha', ''))) == 1:
-                return re_error(conn, '/error/13')
+                return re_error(conn, 13)
 
             today = get_time()
 
             if topic_acl == 1:
-                return re_error(conn, '/ban')
+                return re_error(conn, 0)
 
             curs.execute(db_change("select id from topic where code = ? order by id + 0 desc limit 1"), [topic_num])
             old_num = curs.fetchall()
@@ -95,12 +98,12 @@ def topic(topic_num = 0, do_type = '', doc_name = 'Test'):
                         y_check = 1
 
                 if y_check == 1:
-                    add_alarm(conn, match, ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                    add_alarm(match, ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
             
             curs.execute(db_change("select ip from topic where code = ? and id = '1'"), [topic_num])
             ip_data = curs.fetchall()
             if ip_data and ip_or_user(ip_data[0][0]) == 0:
-                add_alarm(conn, ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
+                add_alarm(ip_data[0][0], ip, '<a href="/thread/' + topic_num + '#' + num + '">' + html.escape(name) + ' - ' + html.escape(sub) + '#' + num + '</a>')
 
             data = api_topic_thread_pre_render(conn, data, num, ip, topic_num, name, sub)
 
@@ -134,12 +137,8 @@ def topic(topic_num = 0, do_type = '', doc_name = 'Test'):
                 imp = [name, wiki_set(conn), wiki_custom(conn), wiki_css(['(' + get_lang(conn, 'discussion') + ')', 0])],
                 data = '''
                     <script defer src="/views/main_css/js/route/topic.js''' + cache_v() + '''"></script>
-                    <style id="opennamu_remove_blind">
-                        .opennamu_comment_blind_js {
-                            display: none;
-                        }
-                    </style>
-                    <input type="checkbox" onclick="opennamu_do_remove_blind_thread();" checked> ''' + get_lang(conn, 'remove_blind_thread') + '''
+                    <style id="opennamu_list_hidden_style">.opennamu_list_hidden { display: none; }</style>
+                    <input type="checkbox" onclick="opennamu_list_hidden_remove();" checked> ''' + get_lang(conn, 'remove_hidden') + '''
                     <hr class="main_hr">
 
                     ''' + shortcut + '''

route/topic_comment_blind.py

@@ -8,7 +8,7 @@ def topic_comment_blind(topic_num = 1, num = 1):
         num = str(num)
         
         if acl_check(tool = 'toron_auth', memo = 'blind (code ' + topic_num + '#' + num + ')') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         curs.execute(db_change("select block from topic where code = ? and id = ?"), [topic_num, num])
         block = curs.fetchall()

route/topic_comment_delete.py

@@ -5,7 +5,7 @@ def topic_comment_delete(topic_num = 1, num = 1):
         curs = conn.cursor()
 
         if acl_check(tool = 'owner_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         topic_num = str(topic_num)
         num = str(num)

route/topic_comment_notice.py

@@ -8,7 +8,7 @@ def topic_comment_notice(topic_num = 1, num = 1):
         num = str(num)
         
         if acl_check(tool = 'toron_auth', memo = 'notice (code ' + topic_num + '#' + num + ')') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         curs.execute(db_change("select code from topic where code = ? and id = ?"), [topic_num, num])
         if curs.fetchall():

route/topic_comment_tool.py

@@ -8,7 +8,7 @@ def topic_comment_tool(topic_num = 1, num = 1):
         topic_num = str(topic_num)
         
         if acl_check('', 'topic_view', topic_num) == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         curs.execute(db_change("select block, ip, date from topic where code = ? and id = ?"), [topic_num, num])
         data = curs.fetchall()

route/topic_tool_acl.py

@@ -5,7 +5,7 @@ def topic_tool_acl(topic_num = 1):
         curs = conn.cursor()
 
         if acl_check(tool = 'toron_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         ip = ip_check()
         time = get_time()

route/topic_tool_change.py

@@ -5,7 +5,7 @@ def topic_tool_change(topic_num = 1):
         curs = conn.cursor()
 
         if acl_check(tool = 'owner_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         time = get_time()
         topic_num = str(topic_num)

route/topic_tool_delete.py

@@ -5,7 +5,7 @@ def topic_tool_delete(topic_num = 1):
         curs = conn.cursor()
 
         if acl_check(tool = 'owner_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         topic_num = str(topic_num)
 

route/topic_tool_setting.py

@@ -5,7 +5,7 @@ def topic_tool_setting(topic_num = 1):
         curs = conn.cursor()
 
         if acl_check(tool = 'toron_auth') == 1:
-            return re_error(conn, '/error/3')
+            return re_error(conn, 3)
 
         ip = ip_check()
         time = get_time()

route/user_setting_email.py

@@ -26,7 +26,7 @@ def user_setting_email_2():
                 for i in re_set_list:
                     flask.session.pop(i, None)
 
-                return re_error(conn, '/error/36')
+                return re_error(conn, 36)
 
             curs.execute(db_change('select data from other where name = "email_title"'))
             sql_d = curs.fetchall()
@@ -44,13 +44,13 @@ def user_setting_email_2():
                 for i in re_set_list:
                     flask.session.pop(i, None)
 
-                return re_error(conn, '/error/35')
+                return re_error(conn, 35)
 
             if send_email(conn, user_email, t_text, i_text) == 0:
                 for i in re_set_list:
                     flask.session.pop(i, None)
 
-                return re_error(conn, '/error/18')
+                return re_error(conn, 18)
 
             flask.session['c_email'] = user_email
 

route/user_setting_pw.py

@@ -5,7 +5,7 @@ def user_setting_pw():
         curs = conn.cursor()
 
         if ban_check()[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         ip = ip_check()
         if ip_or_user(ip) != 0:
@@ -18,10 +18,10 @@ def user_setting_pw():
         
             # PW 검증
             if user_pw == '':
-                return re_error(conn, '/error/27')
+                return re_error(conn, 27)
 
             if user_pw != user_repeat:
-                return re_error(conn, '/error/20')
+                return re_error(conn, 20)
     
             # PW 길이 제한
             curs.execute(db_change("select data from other where name = 'password_min_length'"))
@@ -29,24 +29,24 @@ def user_setting_pw():
             if db_data and db_data[0][0] != '':
                 password_min_length = int(number_check(db_data[0][0]))
                 if password_min_length > len(user_pw):
-                    return re_error(conn, '/error/40')
+                    return re_error(conn, 40)
 
             curs.execute(db_change("select data from user_set where id = ? and name = 'pw'"), [ip])
             db_data = curs.fetchall()
             if not db_data:
-                return re_error(conn, '/error/2')
+                return re_error(conn, 2)
             else:
                 db_user_pw = db_data[0][0]
                 
             curs.execute(db_change("select data from user_set where id = ? and name = 'encode'"), [ip])
             db_data = curs.fetchall()
             if not db_data:
-                return re_error(conn, '/error/2')
+                return re_error(conn, 2)
             else:
                 db_user_encode = db_data[0][0]
                 
             if pw_check(conn, user_pw_now, db_user_pw, db_user_encode, ip) != 1:
-                return re_error(conn, '/error/10')
+                return re_error(conn, 10)
 
             curs.execute(db_change("update user_set set data = ? where id = ? and name = 'pw'"), [pw_encode(conn, user_pw), ip])
 

route/user_setting_skin_set.py

@@ -4,7 +4,7 @@ def user_setting_skin_set():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        data = flask.make_response(re_error(conn, '/error/5'))
+        data = flask.make_response(re_error(conn, 5))
 
         curs.execute(db_change("select data from other where name = 'language'"))
         main_data = curs.fetchall()

route/user_setting_skin_set_main.py

@@ -108,7 +108,7 @@ def user_setting_skin_set_main():
 
         ip = ip_check()
         if ban_check(ip)[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
             
         set_list = user_setting_skin_set_main_set_list(conn)
         use_cookie = ['main_css_darkmode']

route/user_setting_top_menu.py

@@ -6,7 +6,7 @@ def user_setting_top_menu():
 
         ip = ip_check()
         if ban_check(ip)[0] == 1:
-            return re_error(conn, '/ban')
+            return re_error(conn, 0)
 
         if ip_or_user(ip) == 1:
             return redirect(conn, '/login')