Auth 권한 기간 설정 기능 추가

app.py

@@ -258,38 +258,36 @@ def back_up(data_db_set):
 
         threading.Timer(60 * 60 * back_time, back_up, [data_db_set]).start()
 
-def do_ban_end():
-    with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        curs.execute(db_change("update rb set ongoing = '' where end < ? and end != '' and ongoing = '1'"), [get_time()])
-        conn.commit()
-
-        threading.Timer(60, do_ban_end).start()
-
-def do_vote_end():
+def do_every_day():
     with get_db_connect() as conn:
         curs = conn.cursor()
+        
+        # 오늘의 날짜 불러오기
+        time_today = get_time().split()[0]
     
+        # vote 관리
         curs.execute(db_change('select id, type from vote where type = "open" or type = "n_open"'))
         for for_a in curs.fetchall():
             curs.execute(db_change('select data from vote where id = ? and name = "end_date" and type = "option"'), [for_a[0]])
             db_data = curs.fetchall()
             if db_data:
                 time_db = db_data[0][0].split()[0]
-                time_today = get_time().split()[0]
-
                 if time_today > time_db:
                     curs.execute(db_change("update vote set type = ? where user = '' and id = ? and type = ?"), ['close' if for_a[1] == 'open' else 'n_close', for_a[0], for_a[1]])
 
-        conn.commit()
-
-        threading.Timer(60 * 60 * 24, do_ban_end).start()
+        # ban 관리
+        curs.execute(db_change("update rb set ongoing = '' where end < ? and end != '' and ongoing = '1'"), [get_time()])
 
-def do_make_sitemap():
-    with get_db_connect() as conn:
-        curs = conn.cursor()
+        # auth 관리
+        curs.execute(db_change('select id, data from user_set where name = "auth_date"'))
+        db_data = curs.fetchall()
+        for for_a in db_data:
+            time_db = for_a[1].split()[0]
+            if time_today > time_db:
+                curs.execute(db_change("update user_set set data = 'user' where id = ? and name = 'acl'"), [for_a[0]])
+                curs.execute(db_change('delete from user_set where name = "auth_date" and id = ?'), [for_a[0]])
 
+        # 사이트맵 생성 관리
         curs.execute(db_change('select data from other where name = "sitemap_auto_make"'))
         db_data = curs.fetchall()
         if db_data and db_data[0][0] != '':
@@ -297,15 +295,15 @@ def do_make_sitemap():
 
             print('Make sitemap')
 
-        threading.Timer(60 * 60 * 24, do_make_sitemap).start()
+        conn.commit()
+
+        threading.Timer(60 * 60 * 24, do_every_day).start()
 
 def auto_do_something(data_db_set):
     if data_db_set['type'] == 'sqlite':
         back_up(data_db_set)
 
-    do_ban_end()
-    do_vote_end()
-    do_make_sitemap()
+    do_every_day()
 
 auto_do_something(data_db_set)
 

route/api_user_info.py

@@ -32,6 +32,13 @@ def api_user_info(name = ''):
                         data_result[user_name]['auth'] = '1'
                 else:
                     data_result[user_name]['auth'] = '0'
+
+                curs.execute(db_change("select data from user_set where id = ? and name = 'auth_date'"), [user_name])
+                db_data = curs.fetchall()
+                if db_data:
+                    data_result[user_name]['auth_date'] = db_data[0][0]
+                else:
+                    data_result[user_name]['auth_date'] = '0'
                     
                 # ban part
                 if ban_check(name) == 0:

route/give_auth.py

@@ -26,19 +26,22 @@ def give_auth(name):
             if admin_check(7, 'admin (' + name + ')') != 1:
                 return re_error('/error/3')
 
-            if flask.request.form.get('select', 'X') == 'X':
+            select_data = flask.request.form.get('select', 'X')
+            if select_data == 'X':
                 select_data = 'user'
-            else:
-                select_data = flask.request.form.get('select', 'X')
 
             curs.execute(db_change('select name from alist where name = ? and acl = "owner"'), [select_data])
             if owner_auth != 1 and curs.fetchall():
                 return re_error('/error/3')
 
-            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'acl'"), [
-                select_data, 
-                name
-            ])
+            curs.execute(db_change("update user_set set data = ? where id = ? and name = 'acl'"), [select_data, name])
+            curs.execute(db_change('delete from user_set where name = "auth_date" and id = ?'), [name])
+
+            time_limitless = flask.request.form.get('limitless', '')
+            if time_limitless == '' and select_data != 'user':
+                time_limit = flask.request.form.get('date', '')
+                if re.search(r'^[0-9]{4}-[0-9]{2}-[0-9]{2}$', time_limit):
+                    curs.execute(db_change("insert into user_set (id, name, data) values (?, 'auth_date', ?)"), [name, time_limit])
 
             conn.commit()
 
@@ -59,11 +62,17 @@ def give_auth(name):
             return easy_minify(flask.render_template(skin_check(),
                 imp = [name, wiki_set(), wiki_custom(), wiki_css(['(' + load_lang('authorize') + ')', 0])],
                 data =  '''
-                        <form method="post">
-                            <select name="select">''' + div + '''</select>
-                            <hr class="main_hr">
-                            <button type="submit">''' + load_lang('save') + '''</button>
-                        </form>
-                        ''',
+                    <form method="post">
+                        <div id="opennamu_get_user_info">''' + html.escape(name) + '''</div>
+                        <hr class="main_hr">
+                        <select name="select">''' + div + '''</select>
+                        <hr class="main_hr">
+                        <input type="date" name="date" pattern="\\d{4}-\\d{2}-\\d{2}">
+                        <hr class="main_hr">
+                        <input type="checkbox" value="Y" name="limitless"> ''' + load_lang('limitless') + '''
+                        <hr class="main_hr">
+                        <button type="submit">''' + load_lang('save') + '''</button>
+                    </form>
+                ''',
                 menu = [['manager', load_lang('return')]]
             ))

route/give_user_ban.py

@@ -115,11 +115,11 @@ def give_user_ban(name = None, ban_type = ''):
                 ]
                 insert_data = ''
                 for i in time_data:
-                    insert_data += '<a href="javascript:insert_v(\'second\', \'' + i[0] + '\')">(' + i[1] + ')</a> '
+                    insert_data += '<a href="javascript:opennamu_insert_v(\'second\', \'' + i[0] + '\')">(' + i[1] + ')</a> '
 
                 data = n_name + '''
                     ''' + regex + '''
-                    <script>function insert_v(name, data) { document.getElementById(name).value = data; }</script>''' + insert_data + '''
+                    ''' + insert_data + '''
                     <hr class="main_hr">
                     <input placeholder="''' + load_lang('ban_period') + ''' (''' + load_lang('second') + ''')" name="second" id="second" type="text">
                     <hr class="main_hr">

route/tool/func.py

@@ -2521,7 +2521,7 @@ def re_error(data):
 
         if data == '/ban':
             if ban_check() == 1:
-                end = '<div id="opennamu_get_user_info">' + ip_check() + '</div>'
+                end = '<div id="opennamu_get_user_info">' + html.escape(ip_check()) + '</div>'
             else:
                 end = '<ul class="opennamu_ul"><li>' + load_lang('authority_error') + '</li></ul>'
 

route/user_info.py

@@ -59,7 +59,7 @@ def user_info(name = ''):
             imp = [load_lang('user_tool'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
             data = '''
                 <h2>''' + load_lang('state') + '''</h2>
-                <div id="opennamu_get_user_info">''' + ip + '''</div>
+                <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                 ''' + login_menu + '''
                 ''' + tool_menu + '''
                 <h2>''' + load_lang('other') + '''</h2>

route/user_setting.py

@@ -107,7 +107,7 @@ def user_setting():
                     imp = [load_lang('user_setting'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
                     data = '''
                         <form method="post">
-                            <div id="opennamu_get_user_info">''' + ip + '''</div>
+                            <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                             <hr class="main_hr">
                             <a href="/change/pw">(''' + load_lang('password_change') + ''')</a>
                             <hr class="main_hr">
@@ -174,7 +174,7 @@ def user_setting():
                     imp = [load_lang('user_setting'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
                     data = '''
                         <form method="post">
-                            <div id="opennamu_get_user_info">''' + ip + '''</div>
+                            <div id="opennamu_get_user_info">''' + html.escape(ip) + '''</div>
                             <hr class="main_hr">
                             <h2>''' + load_lang('main') + '''</h2>
                             <span>''' + load_lang('skin') + '''</span>

version.json

@@ -1,6 +1,6 @@
 {
     "beta" : {
-        "r_ver" : "v3.4.6-RC5-dev72",
+        "r_ver" : "v3.4.6-RC5-dev73",
         "c_ver" : "3500373",
         "s_ver" : "3500112"
     }

views/main_css/js/func/insert_user_info.js

@@ -1,6 +1,5 @@
 "use strict";
 
-// 폐지하고 다시 SSR 방식으로 전환 예정
 function do_insert_user_info() {
     if(document.getElementById('opennamu_get_user_info')) {
         let name = document.getElementById('opennamu_get_user_info').innerHTML;
@@ -50,6 +49,11 @@ function do_insert_user_info() {
                         } else {
                             get_data_auth = get_data[name]['auth'];
                         }
+
+                        let get_data_auth_date = get_data[name]['auth_date'];
+                        if(get_data_auth_date !== '0') {
+                            get_data_auth += ' (~' + get_data_auth_date + ')'
+                        }
                         
                         let get_data_ban = get_data[name]['ban'];
                         if(get_data_ban === '0') {