토론 ACL과 문서 ACL 함수 통합, owner ACL 추가

language/en-US.json

@@ -90,6 +90,7 @@
         "pinned" : "Pinned",
         "markup" : "Markup",
         "title" : "Title",
+        "reference" : "Reference",
         "_comment_1.1_" : "Time",
             "second" : "Second(s)",
             "hour" : "Hour(s)",

language/ko-KR.json

@@ -290,5 +290,6 @@
     "image_license_add": "이미지 라이선스 추가",
     "direct_input": "직접 입력",
     "acl_record": "ACL 기록",
-    "main_bottom_body": "본문 하단"
+    "main_bottom_body": "본문 하단",
+    "reference" : "참고"
 }

route/give_acl.py

@@ -48,18 +48,18 @@ def give_acl_2(conn, name):
         if curs.fetchall():
             curs.execute("delete from acl where title = ?", [name])
             
-        all = ''
+        all_d = ''
         for i in ['decu', 'dis', 'view']:
             if flask.request.form.get(i, '') == '':
-                all += 'normal'
+                all_d += 'normal'
                 if i != 'view':
-                    all += ' | '
+                    all_d += ' | '
             else:
-                all += flask.request.form.get(i, '')
+                all_d += flask.request.form.get(i, '')
                 if i != 'view':
-                    all += ' | '
+                    all_d += ' | '
             
-        admin_check(5, check_data + ' (' + all + ')')
+        admin_check(5, check_data + ' (' + all_d + ')')
 
         conn.commit()
             
@@ -70,7 +70,7 @@ def give_acl_2(conn, name):
         if re.search('^user:', name):
             acl_list = ['', 'user', 'all']
         else:
-            acl_list = ['', 'user', 'admin', '50_edit', 'email']
+            acl_list = ['', 'user', 'admin', 'owner', '50_edit', 'email']
         
         curs.execute("select decu from acl where title = ?", [name])
         acl_data = curs.fetchall()
@@ -115,7 +115,7 @@ def give_acl_2(conn, name):
                     <li>normal : ''' + load_lang('default') + '''</li>
                     <li>admin : ''' + load_lang('admin_acl') + '''</li>
                     <li>user : ''' + load_lang('member_acl') + '''</li>
-                    <li>50 edit : ''' + load_lang('50_edit_acl') + '''</li>
+                    <li>50_edit : ''' + load_lang('50_edit_acl') + '''</li>
                     <li>all : ''' + load_lang('all_acl') + '''</li>
                     <li>email : ''' + load_lang('email_acl') + '''</li>
                 </ul>

route/setting.py

@@ -98,23 +98,19 @@ def setting_2(conn, num):
             conn.commit()
             
             div = ''
-            acl_list = [
-                [load_lang('member'), 'login'], 
-                [load_lang('ip'), 'normal'], 
-                [load_lang('admin'), 'admin']
-            ]
+            acl_list = ['normal', 'user', 'admin', 'owner', '50_edit', 'email']
             for i in acl_list:
-                if i[1] == d_list[6]:
-                    div = '<option value="' + i[1] + '">' + i[0] + '</option>' + div
+                if i == d_list[6]:
+                    div = '<option value="' + i + '">' + i + '</option>' + div
                 else:
-                    div += '<option value="' + i[1] + '">' + i[0] + '</option>'
+                    div += '<option value="' + i + '">' + i + '</option>'
 
             div4 = ''
             for i in acl_list:
-                if i[1] == d_list[14]:
-                    div4 = '<option value="' + i[1] + '">' + i[0] + '</option>' + div4
+                if i == d_list[14]:
+                    div4 = '<option value="' + i + '">' + i + '</option>' + div4
                 else:
-                    div4 += '<option value="' + i[1] + '">' + i[0] + '</option>'
+                    div4 += '<option value="' + i + '">' + i + '</option>'
 
             ch_1 = ''
             if d_list[7]:
@@ -178,7 +174,7 @@ def setting_2(conn, num):
                         <hr class=\"main_hr\">
                         <select name="skin">''' + div2 + '''</select>
                         <hr class=\"main_hr\">
-                        <span>''' + load_lang('default_acl') + '''</span>
+                        <span>''' + load_lang('default_acl') + '</span> <a href="/acl/TEST">(' + load_lang('reference') + ''')</a>
                         <hr class=\"main_hr\">
                         <select name="edit">''' + div + '''</select>
                         <hr class=\"main_hr\">
@@ -190,7 +186,7 @@ def setting_2(conn, num):
                         <hr class=\"main_hr\">
                         <input type="checkbox" name="ip_view" ''' + ch_2 + '''> ''' + load_lang('hide_ip') + '''
                         <hr class=\"main_hr\">
-                        <input type="checkbox" name="email_have" ''' + ch_3 + '''> ''' + load_lang('email_required') + ''' {<a href="/setting/6">''' + load_lang('google_imap_required') + '''</a>}
+                        <input type="checkbox" name="email_have" ''' + ch_3 + '''> ''' + load_lang('email_required') + ' <a href="/setting/6">{' + load_lang('google_imap_required') + '''}</a>
                         <hr class=\"main_hr\">
                         <span>''' + load_lang('wiki_host') + '''</span>
                         <hr class=\"main_hr\">

route/tool/func.py

@@ -730,7 +730,7 @@ def view_check(name):
 
     return 0
 
-def acl_check(name, tool = ''):
+def acl_check(name, tool = '', sub):
     ip = ip_check()
     
     if tool == 'render':
@@ -739,102 +739,95 @@ def acl_check(name, tool = ''):
         if ban_check() == 1:
             return 1
 
-        acl_c = re.search("^user:((?:(?!\/).)*)", name)
-        if acl_c:
-            acl_n = acl_c.groups()
+        if tool != 'topic':
+            acl_c = re.search("^user:((?:(?!\/).)*)", name)
+            if acl_c:
+                acl_n = acl_c.groups()
 
-            if admin_check(5) == 1:
-                return 0
-
-            curs.execute("select decu from acl where title = ?", ['user:' + acl_n[0]])
-            acl_data = curs.fetchall()
-            if acl_data:
-                if acl_data[0][0] == 'all':
-                    return 0
-
-                if acl_data[0][0] == 'user' and not re.search("(\.|:)", ip):
+                if admin_check(5) == 1:
                     return 0
 
-                if ip != acl_n[0] or re.search("(\.|:)", ip):
-                    return 1
-            
-            if ip == acl_n[0] and not re.search("(\.|:)", ip) and not re.search("(\.|:)", acl_n[0]):
-                return 0
-            else:
-                return 1
-
-        if re.search("^file:", name) and admin_check(None, 'file edit (' + name + ')') != 1:
-            return 1
+                curs.execute("select decu from acl where title = ?", ['user:' + acl_n[0]])
+                acl_data = curs.fetchall()
+                if acl_data:
+                    if acl_data[0][0] == 'all':
+                        return 0
 
-        curs.execute("select decu from acl where title = ?", [name])
-        acl_data = curs.fetchall()
-        if acl_data:
-            if acl_data[0][0] == 'user':
-                if ip_or_user(ip) == 1:
-                    return 1
+                    if acl_data[0][0] == 'user' and not re.search("(\.|:)", ip):
+                        return 0
 
-            if acl_data[0][0] == 'admin':
-                if ip_or_user(ip) == 1:
+                    if ip != acl_n[0] or re.search("(\.|:)", ip):
+                        return 1
+                
+                if ip == acl_n[0] and not re.search("(\.|:)", ip) and not re.search("(\.|:)", acl_n[0]):
+                    return 0
+                else:
                     return 1
 
-                if admin_check(5) != 1:
-                    return 1
+            if re.search("^file:", name) and admin_check(None, 'file edit (' + name + ')') != 1:
+                return 1
 
-            if acl_data[0][0] == '50_edit':
-                if ip_or_user(ip) == 1:
-                    return 1
-                
-                if admin_check(5) != 1:
-                    curs.execute("select count(title) from history where ip = ?", [ip])
-                    count = curs.fetchall()
-                    if count:
-                        count = count[0][0]
-                    else:
-                        count = 0
+        for i in range(0, 2):
+            if tool != 'topic':
+                if i == 0:
+                    curs.execute("select decu from acl where title = ?", [name])
+                    acl_data = curs.fetchall()
+                else:
+                    curs.execute('select data from other where name = "edit"')
+                    acl_data = curs.fetchall()
+            else:
+                if i == 0:
+                    curs.execute("select dis from acl where title = ?", [name])
+                    acl_data = curs.fetchall()
+                else:
+                    curs.execute('select data from other where name = "discussion"')
+                    acl_data = curs.fetchall()
 
-                    if count < 50:
+            if acl_data and acl_data[0][0] != 'normal':
+                if acl_data[0][0] == 'user':
+                    if ip_or_user(ip) == 1:
                         return 1
 
-            if acl_data[0][0] == 'email':
-                if ip_or_user(ip) == 1:
-                    return 1
-                
-                if admin_check(5) != 1:
-                    curs.execute("select data from user_set where id = ? and name = 'email'", [ip])
-                    email = curs.fetchall()
-                    if not email:
+                if acl_data[0][0] == 'admin':
+                    if ip_or_user(ip) == 1:
                         return 1
 
-        curs.execute('select data from other where name = "edit"')
-        set_data = curs.fetchall()
-        if set_data:
-            if view_check(name) == 1:
-                return 1
-        
-            if set_data[0][0] == 'login':
-                if ip_or_user(ip) == 1:
-                    return 1
-
-            if set_data[0][0] == 'admin':
-                if ip_or_user(ip) == 1:
-                    return 1
-
-                if admin_check(5, 'edit (' + name + ')') != 1:
-                    return 1
+                    if admin_check(5) != 1:
+                        return 1
 
-            if set_data[0][0] == '50_edit':
-                if ip_or_user(ip) == 1:
-                    return 1
-                
-                if admin_check(5, 'edit (' + name + ')') != 1:
-                    curs.execute("select count(title) from history where ip = ?", [ip])
-                    count = curs.fetchall()
-                    if count:
-                        count = count[0][0]
-                    else:
-                        count = 0
+                if acl_data[0][0] == '50_edit':
+                    if ip_or_user(ip) == 1:
+                        return 1
+                    
+                    if admin_check(5) != 1:
+                        curs.execute("select count(title) from history where ip = ?", [ip])
+                        count = curs.fetchall()
+                        if count:
+                            count = count[0][0]
+                        else:
+                            count = 0
+
+                        if count < 50:
+                            return 1
+
+                if acl_data[0][0] == 'email':
+                    if ip_or_user(ip) == 1:
+                        return 1
+                    
+                    if admin_check(5) != 1:
+                        curs.execute("select data from user_set where id = ? and name = 'email'", [ip])
+                        email = curs.fetchall()
+                        if not email:
+                            return 1
+
+                if acl_data[0][0] == 'owner':
+                    if admin_check() != 1:
+                        return 1
 
-                    if count < 50:
+            if tool == 'topic':
+                curs.execute("select title from rd where title = ? and sub = ? and not stop = ''", [name, sub])
+                if curs.fetchall():
+                    if admin_check(3, 'topic (' + name + ')') != 1:
                         return 1
 
         return 0
@@ -884,60 +877,7 @@ def ban_check(ip = None, tool = None):
     return 0
         
 def topic_check(name, sub):
-    ip = ip_check()
-
-    if ban_check() == 1:
-        return 1
-
-    curs.execute('select data from other where name = "discussion"')
-    acl_data = curs.fetchall()
-    if acl_data:
-        if acl_data[0][0] == 'login':
-            if ip_or_user(ip) == 1:
-                return 1
-
-        if acl_data[0][0] == 'admin':
-            if ip_or_user(ip) == 1:
-                return 1
-
-            if admin_check(3, 'topic (' + name + ')') != 1:
-                return 1
-
-    curs.execute("select dis from acl where title = ?", [name])
-    acl_data = curs.fetchall()
-    if acl_data:
-        if acl_data[0][0] == 'user':
-            if ip_or_user(ip) == 1:
-                return 1
-
-        if acl_data[0][0] == '50_edit':
-            if ip_or_user(ip) == 1:
-                return 1
-            
-            if admin_check(3, 'topic (' + name + ')') != 1:
-                curs.execute("select count(title) from history where ip = ?", [ip])
-                count = curs.fetchall()
-                if count:
-                    count = count[0][0]
-                else:
-                    count = 0
-
-                if count < 50:
-                    return 1
-
-        if acl_data[0][0] == 'admin':
-            if ip_or_user(ip) == 1:
-                return 1
-
-            if admin_check(3, 'topic (' + name + ')') != 1:
-                return 1
-        
-    curs.execute("select title from rd where title = ? and sub = ? and not stop = ''", [name, sub])
-    if curs.fetchall():
-        if admin_check(3, 'topic (' + name + ')') != 1:
-            return 1
-
-    return 0
+    return acl_check(name, 'topic', sub)
 
 def ban_insert(name, end, why, login, blocker, type_d = None):
     now_time = get_time()