Merge pull request #2020 from openNAMU/dev

Dev

app.py

@@ -258,38 +258,45 @@ def back_up(data_db_set):
 
         threading.Timer(60 * 60 * back_time, back_up, [data_db_set]).start()
 
-def do_ban_end():
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        curs.execute(db_change("update rb set ongoing = '' where end < ? and end != '' and ongoing = '1'"), [get_time()])
-        conn.commit()
-
-        threading.Timer(60, do_ban_end).start()
-
-def do_vote_end():
+def do_every_day():
     with get_db_connect() as conn:
         curs = conn.cursor()
+        
+        # 오늘의 날짜 불러오기
+        time_today = get_time().split()[0]
     
+        # vote 관리
         curs.execute(db_change('select id, type from vote where type = "open" or type = "n_open"'))
         for for_a in curs.fetchall():
             curs.execute(db_change('select data from vote where id = ? and name = "end_date" and type = "option"'), [for_a[0]])
             db_data = curs.fetchall()
             if db_data:
                 time_db = db_data[0][0].split()[0]
-                time_today = get_time().split()[0]
-
                 if time_today > time_db:
                     curs.execute(db_change("update vote set type = ? where user = '' and id = ? and type = ?"), ['close' if for_a[1] == 'open' else 'n_close', for_a[0], for_a[1]])
 
-        conn.commit()
-
-        threading.Timer(60 * 60 * 24, do_ban_end).start()
+        # ban 관리
+        curs.execute(db_change("update rb set ongoing = '' where end < ? and end != '' and ongoing = '1'"), [get_time()])
 
-def do_make_sitemap():
-    with get_db_connect() as conn:
-        curs = conn.cursor()
+        # auth 관리
+        curs.execute(db_change('select id, data from user_set where name = "auth_date"'))
+        db_data = curs.fetchall()
+        for for_a in db_data:
+            time_db = for_a[1].split()[0]
+            if time_today > time_db:
+                curs.execute(db_change("update user_set set data = 'user' where id = ? and name = 'acl'"), [for_a[0]])
+                curs.execute(db_change('delete from user_set where name = "auth_date" and id = ?'), [for_a[0]])
+                
+        # acl 관리
+        curs.execute(db_change("select doc_name, doc_rev, set_data from data_set where set_name = 'acl_date'"))
+        db_data = curs.fetchall()
+        for for_a in db_data:
+            time_db = for_a[2].split()[0]
+            if time_today > time_db:
+                curs.execute(db_change("delete from acl where title = ? and type = ?"), [for_a[0], for_a[1]])
+                curs.execute(db_change("delete from data_set where doc_name = ? and doc_rev = ? and set_name = 'acl_date'"), [for_a[0], for_a[1]])
 
+        # 사이트맵 생성 관리
         curs.execute(db_change('select data from other where name = "sitemap_auto_make"'))
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
@@ -297,15 +304,15 @@ def do_make_sitemap():
 
             print('Make sitemap')
 
-        threading.Timer(60 * 60 * 24, do_make_sitemap).start()
+        conn.commit()
+
+        threading.Timer(60 * 60 * 24, do_every_day).start()
 
 def auto_do_something(data_db_set):
     if data_db_set['type'] == 'sqlite':
         back_up(data_db_set)
 
-    do_ban_end()
-    do_vote_end()
-    do_make_sitemap()
+    do_every_day()
 
 auto_do_something(data_db_set)
 

route/api_user_info.py

@@ -24,7 +24,7 @@ def api_user_info(name = ''):
                 if db_data:
                     if db_data[0][0] != 'user':
                         curs.execute(db_change("select name from alist where name = ?"), [db_data[0][0]])
-                        if curs.fetchall():
+                        if curs.fetchall() or db_data[0][0] in get_default_admin_group():
                             data_result[user_name]['auth'] = db_data[0][0]
                         else:
                             data_result[user_name]['auth'] = '1'
@@ -32,6 +32,13 @@ def api_user_info(name = ''):
                         data_result[user_name]['auth'] = '1'
                 else:
                     data_result[user_name]['auth'] = '0'
+
+                curs.execute(db_change("select data from user_set where id = ? and name = 'auth_date'"), [user_name])
+                db_data = curs.fetchall()
+                if db_data:
+                    data_result[user_name]['auth_date'] = db_data[0][0]
+                else:
+                    data_result[user_name]['auth_date'] = '0'
                     
                 # ban part
                 if ban_check(name) == 0:

route/give_auth.py

@@ -26,19 +26,20 @@ def give_auth(name):
             if admin_check(7, 'admin (' + name + ')') != 1:
                 return re_error('/error/3')
 
-            if flask.request.form.get('select', 'X') == 'X':
+            select_data = flask.request.form.get('select', 'X')
+            if select_data == 'X':
                 select_data = 'user'
-            else:
-                select_data = flask.request.form.get('select', 'X')
 
             curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [select_data])
             if owner_auth != 1 and curs.fetchall():
                 return re_error('/error/3')
 
-            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'acl'"), [
-                select_data, 
-                name
-            ])
+            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'acl'"), [select_data, name])
+            curs.execute(db_change('delete from user_set where name = "auth_date" and id = ?'), [name])
+
+            time_limit = flask.request.form.get('date', '')
+            if re.search(r'^[0-9]{4}-[0-9]{2}-[0-9]{2}$', time_limit):
+                curs.execute(db_change("insert into user_set (id, name, data) values (?, 'auth_date', ?)"), [name, time_limit])
 
             conn.commit()
 
@@ -48,6 +49,7 @@ def give_auth(name):
                 return re_error('/error/3')
 
             div = '<option value="X">' + load_lang('normal') + '</option>'
+            div += '<option value="ban">' + load_lang('ban') + '</option>'
 
             curs.execute(db_change('select distinct name from alist order by name asc'))
             for data in curs.fetchall():
@@ -55,15 +57,26 @@ def give_auth(name):
                     div = '<option value="' + data[0] + '">' + data[0] + '</option>' + div
                 else:
                     div += '<option value="' + data[0] + '">' + data[0] + '</option>'
+                    
+            date_value = ''
+            
+            curs.execute(db_change('select data from user_set where name = "auth_date" and id = ?'), [name])
+            db_data = curs.fetchall()
+            if db_data:
+                date_value = db_data[0][0]
 
             return easy_minify(flask.render_template(skin_check(),
                 imp = [name, wiki_set(), wiki_custom(), wiki_css(['(' + load_lang('authorize') + ')', 0])],
                 data =  '''
-                        <form method="post">
-                            <select name="select">''' + div + '''</select>
-                            <hr class="main_hr">
-                            <button type="submit">''' + load_lang('save') + '''</button>
-                        </form>
-                        ''',
+                    <form method="post">
+                        <div id="opennamu_get_user_info">''' + html.escape(name) + '''</div>
+                        <hr class="main_hr">
+                        <select name="select">''' + div + '''</select>
+                        <hr class="main_hr">
+                        <input type="date" value="''' + date_value + '''" name="date" pattern="\\d{4}-\\d{2}-\\d{2}">
+                        <hr class="main_hr">
+                        <button type="submit">''' + load_lang('save') + '''</button>
+                    </form>
+                ''',
                 menu = [['manager', load_lang('return')]]
             ))

route/give_user_ban.py

@@ -115,11 +115,11 @@ def give_user_ban(name = None, ban_type = ''):
                 ]
                 insert_data = ''
                 for i in time_data:
-                    insert_data += '<a href="javascript:insert_v(\'second\', \'' + i[0] + '\')">(' + i[1] + ')</a> '
+                    insert_data += '<a href="javascript:opennamu_insert_v(\'second\', \'' + i[0] + '\')">(' + i[1] + ')</a> '
 
                 data = n_name + '''
                     ''' + regex + '''
-                    <script>function insert_v(name, data) { document.getElementById(name).value = data; }</script>''' + insert_data + '''
+                    ''' + insert_data + '''
                     <hr class="main_hr">
                     <input placeholder="''' + load_lang('ban_period') + ''' (''' + load_lang('second') + ''')" name="second" id="second" type="text">
                     <hr class="main_hr">

route/tool/func.py

@@ -2058,6 +2058,11 @@ def ban_check(ip = None, tool = ''):
             else:
                 return 1
 
+        curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [ip])
+        db_data = curs.fetchall()
+        if db_data and db_data[0][0] == 'ban':
+            return 1
+
         return 0
 
 def ip_pas(raw_ip, type_data = 0):
@@ -2521,7 +2526,7 @@ def re_error(data):
 
         if data == '/ban':
             if ban_check() == 1:
-                end = '<div id="opennamu_get_user_info">' + ip_check() + '</div>'
+                end = '<div id="opennamu_get_user_info">' + html.escape(ip_check()) + '</div>'
             else:
                 end = '<ul class="opennamu_ul"><li>' + load_lang('authority_error') + '</li></ul>'
 

route/user_info.py

@@ -59,7 +59,7 @@ def user_info(name = ''):
             imp = [load_lang('user_tool'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
             data = '''
                 <h2>''' + load_lang('state') + '''</h2>
-                <div id="opennamu_get_user_info">''' + ip + '''</div>
+                <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                 ''' + login_menu + '''
                 ''' + tool_menu + '''
                 <h2>''' + load_lang('other') + '''</h2>

route/user_setting.py

@@ -107,7 +107,7 @@ def user_setting():
                     imp = [load_lang('user_setting'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
                     data = '''
                         <form method="post">
-                            <div id="opennamu_get_user_info">''' + ip + '''</div>
+                            <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                             <hr class="main_hr">
                             <a href="/change/pw">(''' + load_lang('password_change') + ''')</a>
                             <hr class="main_hr">
@@ -174,7 +174,7 @@ def user_setting():
                     imp = [load_lang('user_setting'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
                     data = '''
                         <form method="post">
-                            <div id="opennamu_get_user_info">''' + ip + '''</div>
+                            <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                             <hr class="main_hr">
                             <h2>''' + load_lang('main') + '''</h2>
                             <span>''' + load_lang('skin') + '''</span>

route/view_acl.py

@@ -34,23 +34,22 @@ def view_acl(name):
                     check_ok = 'disabled'
 
         if flask.request.method == 'POST':
-            acl_data = [['decu', flask.request.form.get('decu', '')]]
-            acl_data += [['document_edit_acl', flask.request.form.get('document_edit_acl', '')]]
-            acl_data += [['document_move_acl', flask.request.form.get('document_move_acl', '')]]
-            acl_data += [['document_delete_acl', flask.request.form.get('document_delete_acl', '')]]
-            acl_data += [['dis', flask.request.form.get('dis', '')]]
-            acl_data += [['view', flask.request.form.get('view', '')]]
-            acl_data += [['why', flask.request.form.get('why', '')]]
+            acl_data = ['decu', 'document_edit_acl', 'document_move_acl', 'document_delete_acl', 'dis', 'view', 'why']
 
             for i in acl_data:
-                curs.execute(db_change("select title from acl where title = ? and type = ?"), [name, i[0]])
-                if curs.fetchall():
-                    curs.execute(db_change("update acl set data = ? where title = ? and type = ?"), [i[1], name, i[0]])
-                else:
-                    curs.execute(db_change("insert into acl (title, data, type) values (?, ?, ?)"), [name, i[1], i[0]])
+                form_data = flask.request.form.get(i, '')
+            
+                curs.execute(db_change("delete from acl where title = ? and type = ?"), [name, i])
+                curs.execute(db_change("insert into acl (title, data, type) values (?, ?, ?)"), [name, form_data, i])
+                
+                curs.execute(db_change("delete from data_set where doc_name = ? and doc_rev = ? and set_name = 'acl_date'"), [name, i])
+                    
+                time_limit = flask.request.form.get(i + '_date', '')
+                if re.search(r'^[0-9]{4}-[0-9]{2}-[0-9]{2}$', time_limit):
+                    curs.execute(db_change("insert into data_set (doc_name, doc_rev, set_name, set_data) values (?, ?, 'acl_date', ?)"), [name, i, time_limit])
 
             all_d = ''
-            for i in ['decu', 'document_edit_acl', 'document_move_acl', 'document_delete_acl', 'dis', 'view']:
+            for i in acl_data[:-1]:
                 if flask.request.form.get(i, '') == '':
                     all_d += 'normal'
                     if i != 'view':
@@ -64,14 +63,9 @@ def view_acl(name):
 
             curs.execute(db_change("select set_data from data_set where doc_name = ? and set_name = 'document_markup'"), [name])
             db_data = curs.fetchall()
-            if db_data:
-                curs.execute(db_change("update data_set set set_data = ? where doc_name = ? and set_name = 'document_markup'"), [
-                    markup_data, name
-                ])
-            else:
-                curs.execute(db_change("insert into data_set (doc_name, doc_rev, set_name, set_data) values (?, '', 'document_markup', ?)"), [
-                    name, markup_data
-                ])
+
+            curs.execute(db_change("delete from data_set where doc_name = ? and set_name = 'document_markup'"), [name])
+            curs.execute(db_change("insert into data_set (doc_name, doc_rev, set_name, set_data) values (?, '', 'document_markup', ?)"), [name, markup_data])
 
             if not db_data or db_data[0][0] != markup_data:
                 curs.execute(db_change("select data from data where title = ?"), [name])
@@ -110,7 +104,7 @@ def view_acl(name):
 
             for i in acl_get_list:
                 data += '' + \
-                    '<h' + i[2] + '>' + i[0] + (' (' + load_lang('beta') + ')' if i[2] == '4' else '') + '</h' + i[2] + '>' + \
+                    '<h' + i[2] + '>' + i[0] + '</h' + i[2] + '>' + \
                     '<hr class="main_hr">' + \
                     '<select name="' + i[1] + '" ' + check_ok + '>' + \
                 ''
@@ -123,13 +117,23 @@ def view_acl(name):
 
                 data += '</select>'
                 data += '<hr class="main_hr">'
+                
+                date_value = ''
+                
+                curs.execute(db_change("select set_data from data_set where doc_name = ? and doc_rev = ? and set_name = 'acl_date'"), [name, i[1]])
+                db_data = curs.fetchall()
+                if db_data:
+                    date_value = db_data[0][0]
+                
+                data += '<input type="date" ' + check_ok + ' value="' + date_value + '" name="' + i[1] + '_date" pattern="\\d{4}-\\d{2}-\\d{2}">'
+                data += '<hr class="main_hr">'
 
             curs.execute(db_change("select data from acl where title = ? and type = ?"), [name, 'why'])
             acl_data = curs.fetchall()
             acl_why = html.escape(acl_data[0][0]) if acl_data else ''
             data += '' + \
                 '<h3>' + load_lang('why') + '</h3>' + \
-                '<input value="' + acl_why + '" placeholder="' + load_lang('why') + '" name="why" ' + check_ok + '>' + \
+                '<input value="' + acl_why + '" ' + check_ok + ' placeholder="' + load_lang('why') + '" name="why" ' + check_ok + '>' + \
                 '<hr class="main_hr">' + \
             ''
 

version.json

@@ -1,6 +1,6 @@
 {
     "beta" : {
-        "r_ver" : "v3.4.6-RC5-dev72",
+        "r_ver" : "v3.4.6-RC5-dev75",
         "c_ver" : "3500373",
         "s_ver" : "3500112"
     }

views/main_css/js/func/insert_user_info.js

@@ -1,6 +1,5 @@
 "use strict";
 
-// 폐지하고 다시 SSR 방식으로 전환 예정
 function do_insert_user_info() {
     if(document.getElementById('opennamu_get_user_info')) {
         let name = document.getElementById('opennamu_get_user_info').innerHTML;
@@ -50,6 +49,11 @@ function do_insert_user_info() {
                         } else {
                             get_data_auth = get_data[name]['auth'];
                         }
+
+                        let get_data_auth_date = get_data[name]['auth_date'];
+                        if(get_data_auth_date !== '0') {
+                            get_data_auth += ' (~' + get_data_auth_date + ')'
+                        }
                         
                         let get_data_ban = get_data[name]['ban'];
                         if(get_data_ban === '0') {