Merge pull request #2302 from openNAMU/dev

별 문제 없는 것 같으니 일단 절반 승인

app.py

@@ -334,7 +334,7 @@ def do_every_day():
         # 칭호 관리
         curs.execute(db_change("select id from user_set where name = 'user_title' and data = '✅'"))
         for for_a in curs.fetchall():
-            if admin_check('all', None, for_a[0]) != 1:
+            if acl_check('', 'all_admin_auth', '', for_a[0]) == 1:
                 curs.execute(db_change("update user_set set data = '☑️' where name = 'user_title' and data = '✅' and id = ?"), [for_a[0]])
 
         threading.Timer(60 * 60 * 24, do_every_day).start()

lang/ko-KR.json

@@ -296,7 +296,7 @@
     "skin_set": "스킨 설정",
     "edit_help": "편집 창 문구",
     "default_edit_help": "이곳에 내용을 입력해주세요.",
-    "many_delete": "다중 삭제",
+    "many_delete": "다중 문서 삭제",
     "many_delete_help": "한 줄에 문서명을 한 개씩 적어주세요.",
     "content": "내용",
     "upload_acl": "파일 올리기 ACL",

route/bbs_delete.py

@@ -13,7 +13,7 @@ def bbs_delete(bbs_num = ''):
         
         bbs_num_str = str(bbs_num)
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return redirect(conn, '/bbs/in/' + bbs_num_str)
         
         if flask.request.method == 'POST':

route/bbs_make.py

@@ -4,7 +4,7 @@ def bbs_make():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
         
         if flask.request.method == 'POST':

route/bbs_w.py

@@ -9,7 +9,8 @@ def bbs_w(bbs_num = '', tool = 'bbs', page = 1, name = ''):
         sub = ''
         bbs_name_dict = {}
 
-        admin_auth = admin_check()
+        admin_auth = acl_check(tool = 'owner_auth')
+        admin_auth = 1 if admin_auth == 0 else 0
 
         if tool == 'bbs':
             curs.execute(db_change('select set_data from bbs_set where set_id = ? and set_name = "bbs_name"'), [bbs_num])

route/bbs_w_comment_tool.py

@@ -15,7 +15,7 @@ def bbs_w_comment_tool(bbs_num = '', post_num = '', comment_num = ''):
             </ul>
         '''
 
-        if admin_check() == 1:
+        if acl_check('', 'owner_auth', '', '') != 1:
             data += '''
                 <h3>''' + get_lang(conn, 'owner') + '''</h2>
                 <ul>

route/bbs_w_delete.py

@@ -16,7 +16,7 @@ def bbs_w_delete(bbs_num = '', post_num = '', comment_num = ''):
         bbs_num_str = str(bbs_num)
         post_num_str = str(post_num)
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '') == 1:
             return redirect(conn, '/bbs/in/' + bbs_num_str)
         
         temp_dict = json.loads(api_bbs_w_post(bbs_num_str + '-' + post_num_str).data)

route/bbs_w_edit.py

@@ -21,14 +21,14 @@ def bbs_w_edit(bbs_num = '', post_num = '', comment_num = ''):
         if comment_num != '':
             temp_dict = json.loads(api_bbs_w_comment_one(bbs_num_str + '-' + post_num_str + '-' + comment_num).data)
             if 'comment_user_id' in temp_dict:
-                if not temp_dict['comment_user_id'] == ip and admin_check() != 1:
+                if not temp_dict['comment_user_id'] == ip and acl_check('', 'owner_auth', '', '') == 1:
                     return re_error(conn, '/ban')
             else:
                 return redirect(conn, '/bbs/main')
         elif post_num != '':
             temp_dict = json.loads(api_bbs_w_post(bbs_num_str + '-' + post_num_str).data)
             if 'user_id' in temp_dict:
-                if not temp_dict['user_id'] == ip and admin_check() != 1:
+                if not temp_dict['user_id'] == ip and acl_check('', 'owner_auth', '', '') == 1:
                     return re_error(conn, '/ban')
             else:
                 return redirect(conn, '/bbs/main')

route/bbs_w_hide.py

@@ -14,7 +14,7 @@ def bbs_w_hide(bbs_num = '', post_num = ''):
         bbs_num_str = str(bbs_num)
         post_num_str = str(post_num)
 
-        if admin_check() != 1:
+        if acl_check('', 'bbs_auth', '', '') == 1:
             return redirect(conn, '/bbs/in/' + bbs_num_str)
         
         if flask.request.method == 'POST':

route/bbs_w_pinned.py

@@ -16,7 +16,7 @@ def bbs_w_pinned(bbs_num = '', post_num = ''):
         bbs_num_str = str(bbs_num)
         post_num_str = str(post_num)
 
-        if admin_check() != 1:
+        if acl_check('', 'bbs_auth', '', '') == 1:
             return redirect(conn, '/bbs/in/' + bbs_num_str)
         
         temp_dict = json.loads(api_bbs_w_post(bbs_num_str + '-' + post_num_str).data)

route/bbs_w_set.py

@@ -16,7 +16,7 @@ def bbs_w_set(bbs_num = ''):
         i_list = ['bbs_acl', 'bbs_edit_acl', 'bbs_comment_acl', 'bbs_view_acl', 'bbs_markup']
 
         if flask.request.method == 'POST':
-            if admin_check(None, 'bbs_set (acl)') != 1:
+            if acl_check('', 'owner_auth', '', '', 'bbs_set (acl)') == 1:
                 return re_error(conn, '/ban')
             else:
                 for for_a in range(len(i_list)):
@@ -31,7 +31,7 @@ def bbs_w_set(bbs_num = ''):
             d_list = ['' for _ in range(0, len(i_list))]
 
             other_menu = []
-            if admin_check() != 1:
+            if acl_check('', 'bbs_auth', '', '') == 1:
                 disable = 'disabled'
             else:
                 disable = ''

route/bbs_w_tool.py

@@ -16,7 +16,7 @@ def bbs_w_tool(bbs_num = '', post_num = ''):
             </ul>
         '''
 
-        if admin_check() == 1:
+        if acl_check('', 'bbs_auth', '', '') != 1:
             curs.execute(db_change('select set_data from bbs_data where set_code = ? and set_id = ? and set_name = "pinned"'), [post_num_str, bbs_num_str])
             pinned = get_lang(conn, 'pinned') if not curs.fetchall() else get_lang(conn, 'pinned_release')
 

route/edit_delete_file.py

@@ -4,10 +4,7 @@ from .edit_delete import edit_delete
 
 def edit_delete_file(name = 'test.jpg'):
     with get_db_connect() as conn:
-        curs = conn.cursor()
-
-        ip = ip_check()
-        if admin_check() == 0:
+        if acl_check('', 'owner_auth', '', '') != 0:
             return re_error(conn, '/ban')
 
         mime_type = re.search(r'([^.]+)$', name)
@@ -25,7 +22,7 @@ def edit_delete_file(name = 'test.jpg'):
             return redirect(conn, '/w/' + url_pas(name))
 
         if flask.request.method == 'POST':
-            admin_check(None, 'file del (' + name + ')')
+            acl_check(tool = 'owner_auth', memo = 'file del (' + name + ')')
             os.remove(file_directory)
 
             if flask.request.form.get('with_doc', '') != '':

route/edit_delete_multiple.py

@@ -4,7 +4,7 @@ from .edit_delete import edit_delete
 
 def edit_delete_multiple():
     with get_db_connect() as conn:
-        if admin_check() != 1:
+        if acl_check('', 'acl_auth', '', '') == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':

route/edit_move.py

@@ -44,7 +44,7 @@ def edit_move(name):
             # 문서 이동 파트 S
             curs.execute(db_change("select title from history where title = ?"), [move_title])
             if curs.fetchall():
-                if move_option == 'merge' and admin_check(None, 'merge documents (' + name + ') (' + move_title + ')') == 1:
+                if move_option == 'merge' and acl_check(tool = 'owner_auth', memo = 'merge documents (' + name + ') (' + move_title + ')') != 1:
                     curs.execute(db_change("select data from data where title = ?"), [move_title])
                     data = curs.fetchall()
                     if data:
@@ -160,7 +160,7 @@ def edit_move(name):
             # 토론 이동 파트 S
             curs.execute(db_change("select title from rd where title = ?"), [move_title])
             if curs.fetchall():
-                if move_option_topic == 'merge' and admin_check(None, 'merge document\'s topics (' + name + ') (' + move_title + ')') == 1:
+                if move_option_topic == 'merge' and acl_check(tool = 'owner_auth', memo = 'merge document\'s topics (' + name + ') (' + move_title + ')') != 1:
                     curs.execute(db_change("update rd set title = ? where title = ?"), [move_title, name])
                 elif move_option_topic == 'reverse':
                     i = 0
@@ -210,7 +210,8 @@ def edit_move(name):
             else:
                 return re_error(conn, '/error/19')
         else:
-            owner_auth = admin_check()
+            owner_auth = acl_check(tool = 'owner_auth')
+            owner_auth = 1 if owner_auth == 0 else 0
 
             return easy_minify(conn, flask.render_template(skin_check(conn),
                 imp = [name, wiki_set(conn), wiki_custom(conn), wiki_css(['(' + get_lang(conn, 'move') + ')', 0])],

route/edit_revert.py

@@ -5,7 +5,7 @@ def edit_revert(name, num):
         curs = conn.cursor()
 
         curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, str(num)])
-        if curs.fetchall() and admin_check(6) != 1:
+        if curs.fetchall() and acl_check(tool = 'hidel_auth') == 1:
             return re_error(conn, '/error/3')
 
         if acl_check(name, 'document_edit') == 1:

route/filter_all.py

@@ -13,7 +13,8 @@ def filter_all(tool):
 
         div += '</tr>'
 
-        admin = admin_check()
+        admin = acl_check(tool = 'owner_auth')
+        admin = 1 if admin == 0 else 0
 
         if tool == 'inter_wiki':
             title = get_lang(conn, 'interwiki_list')

route/filter_all_add.py

@@ -8,7 +8,7 @@ def filter_all_add(tool, name = None):
             return redirect(conn, '/manager/9')
 
         if flask.request.method == 'POST':
-            if admin_check() != 1:
+            if acl_check('', 'owner_auth', '', '') == 1:
                 return re_error(conn, '/error/3')
 
             title = flask.request.form.get('title', 'test')
@@ -23,7 +23,7 @@ def filter_all_add(tool, name = None):
                     curs.execute(db_change("delete from html_filter where html = ? and kind = 'inter_wiki_sub'"), [title])
                     curs.execute(db_change('insert into html_filter (html, plus, plus_t, kind) values (?, "inter_wiki_type", ?, "inter_wiki_sub")'), [title, inter_type])
                 
-                admin_check(None, tool + ' edit')
+                acl_check(tool = 'owner_auth', memo = tool + ' edit')
             elif tool == 'edit_filter':
                 day = flask.request.form.get('day', '0')
                 end = 'X' if day == '0' else day
@@ -39,7 +39,7 @@ def filter_all_add(tool, name = None):
                 
                 curs.execute(db_change("delete from html_filter where html = ? and kind = 'regex_filter'"), [name])
                 curs.execute(db_change("insert into html_filter (html, plus, plus_t, kind) values (?, ?, ?, 'regex_filter')"), [name, content, end])
-                admin_check(None, 'edit_filter edit')
+                acl_check(tool = 'owner_auth', memo = 'edit_filter edit')
             elif tool == 'document':
                 post_name = flask.request.form.get('name', '')
                 if post_name == '':
@@ -53,7 +53,7 @@ def filter_all_add(tool, name = None):
                     return re_error(conn, '/error/23')
                 
                 curs.execute(db_change('insert into html_filter (html, kind, plus, plus_t) values (?, "document", ?, ?)'), [post_name, post_regex, post_acl])
-                admin_check(None, 'document_filter edit')
+                acl_check(tool = 'owner_auth', memo = 'document_filter edit')
             else:
                 plus_d = ''
                 if tool == 'name_filter':
@@ -62,7 +62,7 @@ def filter_all_add(tool, name = None):
                     except:
                         return re_error(conn, '/error/23')
 
-                    admin_check(None, 'name_filter edit')
+                    acl_check(tool = 'owner_auth', memo = 'name_filter edit')
                     type_d = 'name'
                 elif tool == 'file_filter':
                     try:
@@ -70,26 +70,26 @@ def filter_all_add(tool, name = None):
                     except:
                         return re_error(conn, '/error/23')
 
-                    admin_check(None, 'file_filter edit')
+                    acl_check(tool = 'owner_auth', memo = 'file_filter edit')
                     type_d = 'file'
                 elif tool == 'email_filter':
-                    admin_check(None, 'email_filter edit')
+                    acl_check(tool = 'owner_auth', memo = 'email_filter edit')
                     type_d = 'email'
                 elif tool == 'image_license':
-                    admin_check(None, 'image_license edit')
+                    acl_check(tool = 'owner_auth', memo = 'image_license edit')
                     type_d = 'image_license'
                 elif tool == 'extension_filter':
-                    admin_check(None, 'extension_filter edit')
+                    acl_check(tool = 'owner_auth', memo = 'extension_filter edit')
                     type_d = 'extension'
                     plus_d = flask.request.form.get('max_file_size', '')
                     if plus_d != '':
                         plus_d = number_check(plus_d)
                 elif tool == 'template':
-                    admin_check(None, 'template_document edit')
+                    acl_check(tool = 'owner_auth', memo = 'template_document edit')
                     type_d = 'template'
                     plus_d = flask.request.form.get('exp', 'test')
                 else:
-                    admin_check(None, 'edit_top edit')
+                    acl_check(tool = 'owner_auth', memo = 'edit_top edit')
                     type_d = 'edit_top'
                     plus_d = flask.request.form.get('markup', 'test')
 
@@ -101,7 +101,7 @@ def filter_all_add(tool, name = None):
             return redirect(conn, '/filter/' + tool)
         else:
             get_sub = 0
-            stat = 'disabled' if admin_check() != 1 else ''
+            stat = 'disabled' if acl_check('', 'owner_auth', '', '') == 1 else ''
             name = name if name else ''
 
             if tool in ('inter_wiki', 'outer_link'):

route/filter_all_delete.py

@@ -4,7 +4,7 @@ def filter_all_delete(tool, name = 'Test'):
     with get_db_connect() as conn:
         curs = conn.cursor()
         
-        if admin_check(None, 'del_' + tool) != 1:
+        if acl_check(tool = 'owner_auth', memo = 'del_' + tool) == 1:
             return re_error(conn, '/error/3')
 
         if tool == 'inter_wiki':

route/give_admin_groups.py

@@ -6,7 +6,7 @@ def give_admin_groups(name = 'test'):
 
         acl_name_list = [
             [1, 'owner', get_lang(conn, 'owner_authority')],
-            [2, 'all_function', get_lang(conn, 'all_function_authority')],
+            [2, '', get_lang(conn, 'all_function_authority'), True],
             [2, 'admin', get_lang(conn, 'admin_authority')],
             [3, 'ban', get_lang(conn, 'ban_authority')],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
@@ -22,6 +22,8 @@ def give_admin_groups(name = 'test'):
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'bbs', get_lang(conn, 'bbs_authority')],
             [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
+            [3, 'vote', get_lang(conn, 'vote_authority')],
+            [4, '', get_lang(conn, 'admin_default_feature_authority'), True],
             [3, 'admin_default_feature', get_lang(conn, 'admin_default_feature_authority')],
             [4, 'treat_as_admin', get_lang(conn, 'treat_as_admin_authority')],
             [4, 'user_name_bold', get_lang(conn, 'user_name_bold_authority')],
@@ -46,7 +48,7 @@ def give_admin_groups(name = 'test'):
         ]
 
         if flask.request.method == 'POST':
-            if admin_check(None, 'auth list add (' + name + ')') != 1:
+            if acl_check(tool = 'owner_auth', memo = 'auth list add (' + name + ')') == 1:
                 return re_error(conn, '/error/3')
             elif name in get_default_admin_group():
                 return re_error(conn, '/error/3')
@@ -58,7 +60,7 @@ def give_admin_groups(name = 'test'):
 
             return redirect(conn, '/auth/list/add/' + url_pas(name))
         else:
-            state = 'disabled' if admin_check() != 1 else ''
+            state = 'disabled' if acl_check('', 'owner_auth', '', '') == 1 else ''
             state = 'disabled' if name in get_default_admin_group() else ''
 
             data = '<ul>'

route/give_auth.py

@@ -5,8 +5,12 @@ def give_auth(name):
         curs = conn.cursor()
 
         ip = ip_check()
-        owner_auth = admin_check()
-        admin_auth = admin_check(7)
+        
+        owner_auth = acl_check(tool = 'owner_auth')
+        owner_auth = 1 if owner_auth == 0 else 0
+
+        admin_auth = acl_check(tool = 'give_auth')
+        admin_auth = 1 if admin_auth == 0 else 0
 
         curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [name])
         user_acl = curs.fetchall()
@@ -24,7 +28,7 @@ def give_auth(name):
                 return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            if admin_check(7, 'admin (' + name + ')') != 1:
+            if acl_check(tool = 'give_auth', memo = 'admin (' + name + ')') == 1:
                 return re_error(conn, '/error/3')
 
             select_data = flask.request.form.get('select', 'X')

route/give_delete_admin_group.py

@@ -4,11 +4,11 @@ def give_delete_admin_group_2(name = 'test'):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'auth list delete (' + name + ')')
+            acl_check(tool = 'owner_auth', memo = 'auth list delete (' + name + ')')
 
             curs.execute(db_change("delete from alist where name = ?"), [name])
             curs.execute(db_change("update user_set set data = 'user' where name = 'acl' and data = ?"), [name])

route/give_user_ban.py

@@ -7,10 +7,10 @@ def give_user_ban(name = None, ban_type = ''):
         ip = ip_check()
         
         if ban_check(ip = ip, tool = 'login')[0] == 1:
-            if ip_or_user(ip) == 1 or admin_check('all', None, ip) == 0:
+            if ip_or_user(ip) == 1 or acl_check(tool = 'all_admin_auth', ip = ip) != 0:
                 return re_error(conn, '/ban')
         else:
-            if admin_check(1, None, ip) != 1:
+            if acl_check(tool = 'ban_auth', ip = ip) == 1:
                 return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
@@ -76,14 +76,14 @@ def give_user_ban(name = None, ban_type = ''):
                     type_d = None
 
                 if type_d:
-                    if admin_check(None, 'ban ' + type_d + ' (' + name + ')') != 1:
+                    if acl_check(tool = 'owner_auth', memo = 'ban ' + type_d + ' (' + name + ')') == 1:
                         return re_error(conn, '/error/3')
                 else:
                     if name == ip:
-                        if admin_check('all', 'ban (' + name + ')') != 1:
+                        if acl_check(tool = 'all_admin_auth', memo = 'ban (' + name + ')') == 1:
                             return re_error(conn, '/error/3')
                     else:
-                        if admin_check(1, 'ban (' + name + ')') != 1:
+                        if acl_check(tool = 'ban_auth', memo = 'ban (' + name + ')') == 1:
                             return re_error(conn, '/error/3')
 
                 ban_insert(conn, 

route/give_user_fix.py

@@ -8,13 +8,13 @@ def give_user_fix(user_name = ''):
         if not curs.fetchall():
             return re_error(conn, '/error/2')
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
             select = flask.request.form.get('select', '')
 
-            admin_check(None, 'user_fix (' + user_name + ') (' + select + ')')
+            acl_check(tool = 'owner_auth', memo = 'user_fix (' + user_name + ') (' + select + ')')
             if select == 'password_change':
                 password = flask.request.form.get('new_password', '')
                 check_password = flask.request.form.get('password_check', '')

route/list_admin_auth_use.py

@@ -26,7 +26,7 @@ def list_admin_auth_use(arg_num = 1, arg_search = 'normal'):
                     curs.execute(db_change("select data from other where name = 'ip_view'"))
                     db_data = curs.fetchall()
                     ip_view = db_data[0][0] if db_data else ''
-                    ip_view = '' if admin_check(1) == 1 else ip_view
+                    ip_view = '' if acl_check(tool = 'ban_auth') != 1 else ip_view
                     
                     if ip_view != '':
                         do_data = do_data.split(' ')

route/list_admin_group.py

@@ -9,7 +9,7 @@ def list_admin_group_2():
 
         curs.execute(db_change("select distinct name from alist order by name asc"))
         for data in curs.fetchall():
-            if admin_check() == 1 and not data[0] in org_acl_list:
+            if acl_check('', 'owner_auth', '', '') != 1 and not data[0] in org_acl_list:
                 delete_admin_group = ' <a href="/auth/list/delete/' + url_pas(data[0]) + '">(' + get_lang(conn, "delete") + ')</a>'
             else:
                 delete_admin_group = ''

route/list_user_check.py

@@ -12,13 +12,13 @@ def list_user_check(name = 'test', plus_name = None, arg_num = 1, do_type = 'nor
         num = arg_num
         sql_num = (num * 50 - 50) if num * 50 > 0 else 0
 
-        if admin_check('all', None, name) == 1 or (plus_id and admin_check('all', None, plus_id) == 1):
-            if admin_check() != 1:
+        if acl_check(tool = 'all_admin_auth', ip = name) != 1 or (plus_id and acl_check(tool = 'all_admin_auth', ip = plus_id) != 1):
+            if acl_check('', 'owner_auth', '', '') == 1:
                 return re_error(conn, '/error/4')
 
         div = ''
 
-        if admin_check(4, (check_type + ' ' if check_type != '' else '') + 'check (' + name + ')') != 1:
+        if acl_check(tool = 'check_auth', memo = (check_type + ' ' if check_type != '' else '') + 'check (' + name + ')') == 1:
             return re_error(conn, '/error/3')
 
         if check_type == '':

route/list_user_check_delete.py

@@ -4,7 +4,7 @@ def list_user_check_delete(name = None, ip = None, time = None, do_type = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/4')
 
         user_id = name

route/login_register.py

@@ -8,7 +8,9 @@ def login_register_2():
             return re_error(conn, '/ban')
 
         ip = ip_check()
-        admin = admin_check()
+        admin = acl_check(tool = 'owner_auth')
+        admin = 1 if admin == 0 else 0
+
         if admin != 1 and ip_or_user(ip) == 0:
             return redirect(conn, '/user')
 

route/login_register_submit.py

@@ -50,9 +50,6 @@ def login_register_submit_2():
 
             curs.execute(db_change("insert into user_set (id, name, data) values (?, ?, ?)"), [user_app_data['id'], 'application', json.dumps(user_app_data)])
 
-            for for_a in get_admin_list(conn):
-                add_alarm(conn, for_a, user_app_data['id'], '<a href="/app_submit">' + get_lang(conn, 'new_application') + '</a>')
-
             return re_error(conn, '/error/43')
         else:
             return easy_minify(conn, flask.render_template(skin_check(conn),

route/main_setting_acl.py

@@ -26,7 +26,7 @@ def main_setting_acl():
         }
 
         if flask.request.method == 'POST':
-            if admin_check(None, 'edit_set (acl)') != 1:
+            if acl_check(tool = 'owner_auth', memo = 'edit_set (acl)') == 1:
                 return re_error(conn, '/ban')
             else:
                 curs.executemany(db_change("update other set data = ? where name = ?"), [[flask.request.form.get(i_list[for_a], 'normal'), i_list[for_a]] for for_a in i_list])
@@ -34,7 +34,7 @@ def main_setting_acl():
                 return redirect(conn, '/setting/acl')
         else:
             d_list = {}
-            disable = 'disabled' if admin_check() != 1 else ''
+            disable = 'disabled' if acl_check('', 'owner_auth', '', '') == 1 else ''
             acl_div = ['' for _ in range(0, len(i_list))]
 
             for for_a in i_list:

route/main_setting_external.py

@@ -4,7 +4,7 @@ def main_setting_external():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         i_list = [
@@ -26,7 +26,7 @@ def main_setting_external():
 
                 curs.execute(db_change("update other set data = ? where name = ?"), [into_data, data])
 
-            admin_check(None, 'edit_set (external)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (external)')
 
             return redirect(conn, '/setting/external')
         else:

route/main_setting_head.py

@@ -4,7 +4,7 @@ def main_setting_head(num, skin_name = '', set_preview = 0):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         if flask.request.method == 'POST' and set_preview == 0:
@@ -30,7 +30,7 @@ def main_setting_head(num, skin_name = '', set_preview = 0):
             else:
                 curs.execute(db_change("insert into other (name, data, coverage) values (?, ?, ?)"), [info_d, flask.request.form.get('content', ''), coverage])
 
-            admin_check(None, 'edit_set (' + info_d + ')')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (' + info_d + ')')
 
             if skin_name == '':
                 return redirect(conn, '/setting/' + end_r)

route/main_setting_main.py

@@ -4,7 +4,7 @@ def main_setting_main():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         setting_list = {
@@ -55,7 +55,7 @@ def main_setting_main():
                     setting_list[i][0]
                 ])
 
-            admin_check(None, 'edit_set (main)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (main)')
 
             return redirect(conn, '/setting/main')
         else:

route/main_setting_main_logo.py

@@ -4,7 +4,7 @@ def main_setting_main_logo():
     with get_db_connect() as conn:
         curs = conn.cursor()
         
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
 
         skin_list = [0] + load_skin(conn, '', 1)
@@ -20,7 +20,7 @@ def main_setting_main_logo():
                     i[1]
                 ])
 
-            admin_check(None, 'edit_set (logo)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (logo)')
 
             return redirect(conn, '/setting/main/logo')
         else:

route/main_setting_phrase.py

@@ -4,7 +4,7 @@ def main_setting_phrase():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         i_list = [
@@ -42,7 +42,7 @@ def main_setting_phrase():
         if flask.request.method == 'POST':
             curs.executemany(db_change("update other set data = ? where name = ?"), [[flask.request.form.get(for_a, ''), for_a] for for_a in i_list])
 
-            admin_check(None, 'edit_set (phrase)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (phrase)')
 
             return redirect(conn, '/setting/phrase')
         else:

route/main_setting_robot.py

@@ -4,7 +4,7 @@ def main_setting_robot():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
 
         curs.execute(db_change("select data from other where name = 'robot'"))
@@ -32,7 +32,7 @@ def main_setting_robot():
             else:
                 curs.execute(db_change("insert into other (name, data, coverage) values ('robot_default', ?, '')"), [flask.request.form.get('default', '')])
 
-            admin_check(None, 'edit_set (robot)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (robot)')
 
             return redirect(conn, '/setting/robot')
         else:

route/main_setting_sitemap.py

@@ -5,12 +5,12 @@ def main_setting_sitemap(do_type = 0):
         curs = conn.cursor()
 
         if not do_type == 1:
-            if admin_check() != 1:
+            if acl_check('', 'owner_auth', '', '') == 1:
                 return re_error(conn, '/ban')
         
         if do_type == 1 or flask.request.method == 'POST':
             if not do_type == 1:
-                admin_check(None, 'make sitemap')
+                acl_check(tool = 'owner_auth', memo = 'make sitemap')
 
             data = '' + \
                 '<?xml version="1.0" encoding="UTF-8"?>\n' + \

route/main_setting_sitemap_set.py

@@ -4,7 +4,7 @@ def main_setting_sitemap_set():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         setting_list = {
@@ -22,7 +22,7 @@ def main_setting_sitemap_set():
                     setting_list[i][0]
                 ])
 
-            admin_check(None, 'edit_set (sitemap)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (sitemap)')
 
             return redirect(conn, '/setting/sitemap_set')
         else:

route/main_setting_skin_set.py

@@ -6,7 +6,7 @@ def main_setting_skin_set():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
             
         set_list = user_setting_skin_set_main_set_list(conn)
@@ -19,7 +19,7 @@ def main_setting_skin_set():
                 else:
                     curs.execute(db_change('insert into other (name, data, coverage) values (?, ?, "")'), [for_b, flask.request.form.get(for_b, set_list[for_b][0][0])])
 
-            admin_check(None, 'edit_set (skin_set)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (skin_set)')
 
             return redirect(conn, '/setting/skin_set')
         else:

route/main_setting_top_menu.py

@@ -4,7 +4,7 @@ def main_setting_top_menu():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
         
         if flask.request.method == 'POST':
@@ -14,7 +14,7 @@ def main_setting_top_menu():
             else:
                 curs.execute(db_change("insert into other (name, data, coverage) values ('top_menu', ?, '')"), [flask.request.form.get('content', '')])
 
-            admin_check(None, 'edit_set (top_menu)')
+            acl_check(tool = 'owner_auth', memo = 'edit_set (top_menu)')
 
             return redirect(conn, '/setting/top_menu')
         else:

route/main_sys_restart.py

@@ -2,11 +2,11 @@ from .tool.func import *
 
 def main_sys_restart():
     with get_db_connect() as conn:
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'restart')
+            acl_check(tool = 'owner_auth', memo = 'restart')
 
             print('Restart')
 

route/main_sys_shutdown.py

@@ -2,11 +2,11 @@ from .tool.func import *
 
 def main_sys_shutdown():
     with get_db_connect() as conn:
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'shutdown')
+            acl_check(tool = 'owner_auth', memo = 'shutdown')
 
             print('Shutdown')
 

route/main_sys_update.py

@@ -7,11 +7,11 @@ def main_sys_update():
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'update')
+            acl_check(tool = 'owner_auth', memo = 'update')
 
             curs.execute(db_change('select data from other where name = "update"'))
             up_data = curs.fetchall()

route/main_tool_admin.py

@@ -13,12 +13,12 @@ def main_tool_admin():
                     <li><a href="/auth/ban">''' + get_lang(conn, 'ban') + '''</a></li>
                     <li><a href="/auth/ban/multiple">''' + get_lang(conn, 'multiple_ban') + '''</a></li>
                     <li><a href="/manager/5">''' + get_lang(conn, 'authorize') + '''</a></li>
+                    <li><a href="/delete_multiple">''' + get_lang(conn, 'many_delete') + '''</a></li>
+                    <li><a href="/app_submit">''' + get_lang(conn, 'application_list') + '''</a></li>
                 </ul>
                 <h2>''' + get_lang(conn, 'owner') + '''</h2>
                 <ul>
                     <li><a href="/auth/list">''' + get_lang(conn, 'admin_group_list') + '''</a></li>
-                    <li><a href="/delete_multiple">''' + get_lang(conn, 'many_delete') + '''</a></li>
-                    <li><a href="/app_submit">''' + get_lang(conn, 'application_list') + '''</a></li>
                     <li><a href="/register">''' + get_lang(conn, 'add_user') + '''</a></li>
                     <li><a href="/setting">''' + get_lang(conn, 'setting') + '''</a></li>
                     <li><a href="/manager/18">''' + get_lang(conn, 'user_fix') + '''</a></li>

route/n_bbs_main.py

@@ -9,5 +9,5 @@ def bbs_main():
                 '<script defer src="/views/main_css/js/route/bbs_main.js' + cache_v() + '"></script>' + \
                 '<script>window.addEventListener("DOMContentLoaded", function() { opennamu_bbs_main(); });</script>' + \
             '',
-            menu = [['other', get_lang(conn, 'other_tool')]] + ([['bbs/make', get_lang(conn, 'add')], ['bbs/set', get_lang(conn, 'bbs_set')]] if admin_check() == 1 else [])
+            menu = [['other', get_lang(conn, 'other_tool')]] + ([['bbs/make', get_lang(conn, 'add')], ['bbs/set', get_lang(conn, 'bbs_set')]] if acl_check('', 'owner_auth', '', '') != 1 else [])
         ))

route/recent_app_submit.py

@@ -92,7 +92,7 @@ def recent_app_submit_2():
                 menu = [['other', get_lang(conn, 'return')]]
             ))
         else:
-            if admin_check(None, 'app submit') != 1:
+            if acl_check(tool = 'ban_auth', memo = 'app submit') == 1:
                 return re_error(conn, '/ban')
 
             if flask.request.form.get('approve', '') != '':

route/recent_change.py

@@ -28,8 +28,12 @@ def recent_change(name = '', tool = '', num = 1, set_type = 'normal'):
         curs = conn.cursor()
 
         ip = ip_check()
-        all_admin = admin_check('all', None, ip)
-        owner = admin_check(None, None, ip)
+        
+        all_admin = acl_check(tool = 'all_admin_auth', ip = ip)
+        all_admin = 1 if all_admin == 0 else 0
+
+        owner = acl_check(tool = 'owner_auth', ip = ip)
+        owner = 1 if owner == 0 else 0
 
         option_list = [
             ['normal', get_lang(conn, 'normal')],

route/recent_history_add.py

@@ -7,11 +7,11 @@ def recent_history_add(name = 'Test', do_type = ''):
         curs = conn.cursor()
 
         ip = ip_check()
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/ban')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'history_add (' + name + ')')
+            acl_check(tool = 'owner_auth', memo = 'history_add (' + name + ')')
 
             today = get_time()
             content = flask.request.form.get('content', '')

route/recent_history_delete.py

@@ -6,11 +6,11 @@ def recent_history_delete(name = 'Test', rev = 1):
 
         num = str(rev)
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'history delete ' + name + ' r' + num)
+            acl_check(tool = 'owner_auth', memo = 'history delete ' + name + ' r' + num)
 
             curs.execute(db_change("delete from history where id = ? and title = ?"), [num, name])
 

route/recent_history_hidden.py

@@ -6,7 +6,7 @@ def recent_history_hidden(name = 'Test', rev = 1):
 
         num = str(rev)
 
-        if admin_check(6, 'history_hidden (' + name + '#' + num + ')') == 1:
+        if acl_check(tool = 'hidel_auth', memo = 'history_hidden (' + name + '#' + num + ')') != 1:
             curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, num])
             if curs.fetchall():
                 curs.execute(db_change("update history set hide = '' where title = ? and id = ?"), [name, num])

route/recent_history_reset.py

@@ -4,11 +4,11 @@ def recent_history_reset(name = 'Test'):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'history reset ' + name)
+            acl_check(tool = 'owner_auth', memo = 'history reset ' + name)
 
             curs.execute(db_change("delete from history where title = ?"), [name])
 

route/recent_history_send.py

@@ -6,11 +6,11 @@ def recent_history_send(name = 'Test', rev = 1):
 
         num = str(rev)
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'send edit ' + name + ' r' + num)
+            acl_check(tool = 'owner_auth', memo = 'send edit ' + name + ' r' + num)
 
             curs.execute(db_change("select send from history where title = ? and id = ?"), [name, num])
             if curs.fetchall():

route/recent_history_tool.py

@@ -22,7 +22,7 @@ def recent_history_tool(name = 'Test', rev = 1):
         data += '<li><a href="/history/' + url_pas(name) + '">' + get_lang(conn, 'history') + '</a></li>'
         data += '</ul>'
 
-        if admin_check(6) == 1:
+        if acl_check(tool = 'hidel_auth') != 1:
             data += '<h3>' + get_lang(conn, 'admin') + '</h3>'
             data += '<ul>'
             curs.execute(db_change('select title from history where title = ? and id = ? and hide = "O"'), [name, num])
@@ -35,7 +35,7 @@ def recent_history_tool(name = 'Test', rev = 1):
             data += '</a></li>'
             data += '</ul>'
 
-        if admin_check() == 1:
+        if acl_check('', 'owner_auth', '', '') != 1:
             data += '<h3>' + get_lang(conn, 'owner') + '</h3>'
             data += '<ul>'
             data += '<li><a href="/history_delete/' + num + '/' + url_pas(name) + '">' + get_lang(conn, 'history_delete') + '</a></li>'

route/recent_record_reset.py

@@ -4,11 +4,11 @@ def recent_record_reset(name = 'Test'):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check() != 1:
+        if acl_check('', 'owner_auth', '', '') == 1:
             return re_error(conn, '/error/3')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'record reset ' + name)
+            acl_check(tool = 'owner_auth', memo = 'record reset ' + name)
 
             curs.execute(db_change("delete from history where ip = ?"), [name])
 

route/tool/func.py

@@ -995,7 +995,7 @@ def get_user_title_list(conn, ip = ''):
     if curs.fetchall():
         user_title['☑️'] = '☑️ before_admin'
 
-    if admin_check('all') == 1:
+    if acl_check(tool = 'all_admin_auth') != 1:
         user_title['✅'] = '✅ admin'
     
     return user_title
@@ -1396,7 +1396,7 @@ def wiki_custom(conn):
         email = curs.fetchall()
         email = email[0][0] if email else ''
 
-        if admin_check('all') == 1:
+        if acl_check(tool = 'all_admin_auth') != 1:
             user_admin = '1'
 
             curs.execute(db_change("select data from user_set where id = ? and name = 'acl'"), [ip])
@@ -1874,50 +1874,6 @@ def do_user_name_check(conn, user_name):
     
     return 0
 
-def get_admin_auth_list(num = None):
-    # without_DB
-
-    check = {
-        0 : 'owner',
-        1 : 'ban',
-        2 : 'nothing',
-        3 : 'toron',
-        4 : 'check',
-        5 : 'acl',
-        6 : 'hidel',
-        7 : 'give'
-    }
-    if not num:
-        check = check[0]
-    elif num == 'all':
-        check = [check[i] for i in check]
-    else:
-        check = check[num]
-        
-    return check
-
-def get_admin_list(conn, num = None):
-    curs = conn.cursor()
-    
-    if num == 'all':
-        curs.execute(db_change("select data from user_set where data != 'user' and name = 'acl'"))
-        db_data = curs.fetchall()
-        db_data = [db_data_in[0] for db_data_in in db_data] if db_data else []
-        
-        return db_data
-    else:
-        check = get_admin_auth_list(num)
-        admin_list = []
-        
-        curs.execute(db_change('select name from alist where acl = ?'), [check])
-        db_data = curs.fetchall()
-        for db_data_in in db_data:
-            curs.execute(db_change("select id from user_set where data = ? and name = 'acl'"), [db_data_in[0]])
-            db_data_2 = curs.fetchall()
-            admin_list += [db_data_2_in[0] for db_data_2_in in db_data_2] if db_data_2 else []
-            
-        return admin_list
-
 def level_check(conn, ip = ''):
     curs = conn.cursor()
 
@@ -1943,36 +1899,8 @@ def level_check(conn, ip = ''):
 
     return [level, exp, max_exp]
 
-def admin_check(num = None, what = None, name = ''):
-    ip = ip_check() if name == '' else name
-    pass_ok = 0
-
-    other_set = {}
-    other_set['ip'] = ip
-
-    data_str = python_to_golang_sync('api_func_auth_list', other_set)
-    data = json.loads(data_str)
-
-    if num == 'all':
-        if "treat_as_admin" in data:
-            pass_ok = 1
-    else:
-        auth_name = get_admin_auth_list(num)
-        if auth_name in data:
-            pass_ok = 1
-
-    if pass_ok == 1:
-        if what:
-            other_set['what'] = what
-            python_to_golang_sync('api_func_auth_post', other_set)
-
-        return 1
-    else:
-        return 0
-
-def acl_check(name = '', tool = '', topic_num = ''):
-    name = '' if name == None else name
-    ip = ip_check()
+def acl_check(name = '', tool = '', topic_num = '', ip = '', memo = ''):
+    ip = ip_check() if ip == '' else ip
 
     other_set = {}
     other_set['ip'] = ip
@@ -1983,7 +1911,16 @@ def acl_check(name = '', tool = '', topic_num = ''):
     data_str = python_to_golang_sync('api_func_acl', other_set)
     data = json.loads(data_str)
 
-    return 0 if data["data"] else 1
+    result = 0 if data["data"] else 1
+
+    if memo != '' and result == 0:
+        other_set = {}
+        other_set['ip'] = ip
+        other_set['what'] = memo
+
+        python_to_golang_sync('api_func_auth_post', other_set)
+
+    return result
 
 def ban_check(ip = None, tool = ''):
     ip = ip_check() if not ip else ip
@@ -2107,7 +2044,7 @@ def do_edit_filter(conn, data):
     curs = conn.cursor()
 
     ip = ip_check()
-    if admin_check(1) != 1:
+    if acl_check(tool = 'ban_auth') == 1:
         curs.execute(db_change("select plus, plus_t from html_filter where kind = 'regex_filter' and plus != ''"))
         for data_list in curs.fetchall():
             match = re.compile(data_list[0], re.I)

route/topic_comment_blind.py

@@ -7,7 +7,7 @@ def topic_comment_blind(topic_num = 1, num = 1):
         topic_num = str(topic_num)
         num = str(num)
         
-        if admin_check(3, 'blind (code ' + topic_num + '#' + num + ')') != 1:
+        if acl_check(tool = 'toron_auth', memo = 'blind (code ' + topic_num + '#' + num + ')') == 1:
             return re_error(conn, '/error/3')
 
         curs.execute(db_change("select block from topic where code = ? and id = ?"), [topic_num, num])

route/topic_comment_delete.py

@@ -4,7 +4,7 @@ def topic_comment_delete(topic_num = 1, num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check(None) != 1:
+        if acl_check(tool = 'owner_auth') == 1:
             return re_error(conn, '/error/3')
 
         topic_num = str(topic_num)

route/topic_comment_notice.py

@@ -7,7 +7,7 @@ def topic_comment_notice(topic_num = 1, num = 1):
         topic_num = str(topic_num)
         num = str(num)
         
-        if admin_check(3, 'notice (code ' + topic_num + '#' + num + ')') != 1:
+        if acl_check(tool = 'toron_auth', memo = 'notice (code ' + topic_num + '#' + num + ')') == 1:
             return re_error(conn, '/error/3')
 
         curs.execute(db_change("select code from topic where code = ? and id = ?"), [topic_num, num])

route/topic_comment_tool.py

@@ -29,7 +29,7 @@ def topic_comment_tool(topic_num = 1, num = 1):
             </ul>
         '''
 
-        if admin_check(3) == 1:
+        if acl_check(tool = 'toron_auth') != 1:
             ban += '''
                 <h2>''' + get_lang(conn, 'admin_tool') + '''</h2>
                 <ul>

route/topic_tool.py

@@ -42,7 +42,7 @@ def topic_tool(topic_num = 1):
         else:
             acl_view_state = 'normal'
 
-        if admin_check(3) == 1:
+        if acl_check(tool = 'toron_auth') != 1:
             data = '''
                 <h2>''' + get_lang(conn, 'admin_tool') + '''</h2>
                 <ul>
@@ -59,7 +59,7 @@ def topic_tool(topic_num = 1):
             </ul>
         '''
 
-        if admin_check(None) == 1:
+        if acl_check(tool = 'owner_auth') != 1:
             data += '''
                 <h2>''' + get_lang(conn, 'owner') + '''</h2>
                 <ul>

route/topic_tool_acl.py

@@ -4,7 +4,7 @@ def topic_tool_acl(topic_num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check(3) != 1:
+        if acl_check(tool = 'toron_auth') == 1:
             return re_error(conn, '/error/3')
 
         ip = ip_check()
@@ -17,7 +17,7 @@ def topic_tool_acl(topic_num = 1):
             return redirect(conn, '/')
 
         if flask.request.method == 'POST':
-            admin_check(3, 'topic_acl_set (code ' + topic_num + ')')
+            acl_check(tool = 'toron_auth', memo = 'topic_acl_set (code ' + topic_num + ')')
 
             curs.execute(db_change("select id from topic where code = ? order by id + 0 desc limit 1"), [topic_num])
             topic_check = curs.fetchall()

route/topic_tool_change.py

@@ -4,7 +4,7 @@ def topic_tool_change(topic_num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check(None) != 1:
+        if acl_check(tool = 'owner_auth') == 1:
             return re_error(conn, '/error/3')
 
         time = get_time()
@@ -16,7 +16,7 @@ def topic_tool_change(topic_num = 1):
             return redirect(conn, '/')
 
         if flask.request.method == 'POST':
-            admin_check(None, 'move_topic (code ' + topic_num + ')')
+            acl_check(tool = 'owner_auth', memo = 'move_topic (code ' + topic_num + ')')
 
             title_d = flask.request.form.get('title', 'test')
             sub_d = flask.request.form.get('sub', 'test')

route/topic_tool_delete.py

@@ -4,12 +4,14 @@ def topic_tool_delete(topic_num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check(None) != 1:
+        if acl_check(tool = 'owner_auth') == 1:
             return re_error(conn, '/error/3')
 
         topic_num = str(topic_num)
 
         if flask.request.method == 'POST':
+            acl_check(tool = 'owner_auth', memo = 'delete topic (' + topic_num + ')')
+
             curs.execute(db_change("delete from topic where code = ?"), [topic_num])
             curs.execute(db_change("delete from rd where code = ?"), [topic_num])
 

route/topic_tool_setting.py

@@ -4,7 +4,7 @@ def topic_tool_setting(topic_num = 1):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        if admin_check(3) != 1:
+        if acl_check(tool = 'toron_auth') == 1:
             return re_error(conn, '/error/3')
 
         ip = ip_check()
@@ -17,7 +17,7 @@ def topic_tool_setting(topic_num = 1):
             return redirect(conn, '/')
 
         if flask.request.method == 'POST':
-            admin_check(3, 'change_topic_set (code ' + topic_num + ')')
+            acl_check(tool = 'toron_auth', memo = 'change_topic_set (code ' + topic_num + ')')
 
             stop_d = flask.request.form.get('stop_d', '')
             why_d = flask.request.form.get('why', '')

route/user_challenge.py

@@ -89,7 +89,7 @@ def user_challenge():
 
             curs.execute(db_change('select data from user_set where name = ? and id = ?'), ['challenge_admin', ip])
             db_data = curs.fetchall()
-            if admin_check('all') == 1 or db_data:
+            if acl_check(tool = 'all_admin_auth') != 1 or db_data:
                 curs.execute(db_change("delete from user_set where id = ? and name = 'challenge_admin'"), [ip])
                 curs.execute(db_change("insert into user_set (name, id, data) values ('challenge_admin', ?, '1')"), [ip])
                 user_exp += 10000

route/user_edit_filter.py

@@ -4,7 +4,9 @@ def user_edit_filter(name = ''):
     with get_db_connect() as conn:
         curs = conn.cursor()
 
-        owner_auth = admin_check(1, None)
+        owner_auth = acl_check(tool = 'ban_auth')
+        owner_auth = 1 if owner_auth == 0 else 0
+
         if ip_check() != name:
             if owner_auth != 1:
                 return redirect(conn, '/recent_block')

route/user_info.py

@@ -41,7 +41,7 @@ def user_info(name = ''):
             login_menu = '<h2>' + get_lang(conn, 'login') + '</h2><ul>' + login_menu + '</ul>'
             tool_menu = '<h2>' + get_lang(conn, 'tool') + '</h2><ul>' + tool_menu + '</ul>'
     
-        if admin_check(1) == 1:
+        if acl_check(tool = 'ban_auth') != 1:
             curs.execute(db_change("select block from rb where block = ? and ongoing = '1'"), [ip])
             ban_name = get_lang(conn, 'release') if curs.fetchall() else get_lang(conn, 'ban')
             

route/user_setting_user_name.py

@@ -6,7 +6,7 @@ def user_setting_user_name(user_name = ''):
 
         ip = ip_check()
         if user_name != '':
-            if admin_check() != 1:
+            if acl_check('', 'owner_auth', '', '') == 1:
                 return re_error(conn, '/error/3')
             else:
                 ip = user_name

route/view_diff.py

@@ -73,7 +73,7 @@ def view_diff(name = 'Test', num_a = 1, num_b = 1):
             return re_error(conn, '/ban')
 
         curs.execute(db_change("select title from history where title = ? and (id = ? or id = ?) and hide = 'O'"), [name, first, second])
-        if curs.fetchall() and admin_check(6) != 1:
+        if curs.fetchall() and acl_check(tool = 'hidel_auth') == 1:
             return re_error(conn, '/error/3')
 
         curs.execute(db_change("select data from history where id = ? and title = ?"), [first, name])

route/view_raw.py

@@ -39,7 +39,7 @@ def view_raw(name = '', topic_num = '', num = '', doc_acl = 0, bbs_num = '', pos
                 sub += ' (' + comment_num + ')'
         elif topic_num == '' and num != '':
             curs.execute(db_change("select title from history where title = ? and id = ? and hide = 'O'"), [name, num])
-            if curs.fetchall() and admin_check(6) != 1:
+            if curs.fetchall() and acl_check(tool = 'hidel_auth') == 1:
                 return re_error(conn, '/error/3')
 
             curs.execute(db_change("select data from history where title = ? and id = ?"), [name, num])
@@ -48,7 +48,7 @@ def view_raw(name = '', topic_num = '', num = '', doc_acl = 0, bbs_num = '', pos
 
             menu = [['history_tool/' + url_pas(num) + '/' + url_pas(name), get_lang(conn, 'return')]]
         elif topic_num != '':
-            if admin_check(6) != 1:
+            if acl_check(tool = 'hidel_auth') == 1:
                 curs.execute(db_change("select data from topic where id = ? and code = ? and block = ''"), [num, topic_num])
             else:
                 curs.execute(db_change("select data from topic where id = ? and code = ?"), [num, topic_num])

route/view_set.py

@@ -43,7 +43,7 @@ def view_set(name = 'Test', multiple = False):
             if flask.request.method == 'POST':
                 check_data = 'document_set (' + name + ')'
             else:
-                check_data = None
+                check_data = ''
 
             user_data = re.search(r'^user:(.+)$', name)
             if user_data:
@@ -51,13 +51,13 @@ def view_set(name = 'Test', multiple = False):
                     return redirect(conn, '/login')
 
                 if user_data.group(1) != ip:
-                    if admin_check(5) != 1:
+                    if acl_check(tool = 'acl_auth') == 1:
                         if check_data:
                             return re_error(conn, '/error/3')
                         else:
                             check_ok = 'disabled'
             else:
-                if admin_check(5) != 1:
+                if acl_check(tool = 'acl_auth') == 1:
                     if check_data:
                         return re_error(conn, '/error/3')
                     else:
@@ -112,7 +112,7 @@ def view_set(name = 'Test', multiple = False):
 
             markup_data = markup_data if markup_data != '' else 'normal'
 
-            if admin_check() == 1:
+            if acl_check('', 'owner_auth', '', '') != 1:
                 document_top = flask.request.form.get('document_top', '')
 
                 acl_text += 'document_top\n'
@@ -129,7 +129,7 @@ def view_set(name = 'Test', multiple = False):
                 curs.execute(db_change("delete from data_set where doc_name = ? and set_name = 'document_editor_top'"), [name])
                 curs.execute(db_change("insert into data_set (doc_name, doc_rev, set_name, set_data) values (?, '', 'document_editor_top', ?)"), [name, document_editor_top])
 
-            admin_check(5, check_data)
+            acl_check(tool = 'acl_auth', memo = check_data)
 
             history_plus(conn, 
                 name,
@@ -220,7 +220,7 @@ def view_set(name = 'Test', multiple = False):
             data += view_set_markup(conn, document_name = name, disable = check_ok)
 
             save_button = '<button type="submit" ' + check_ok + '>' + get_lang(conn, 'save') + '</button>'
-            if admin_check() != 1:
+            if acl_check('', 'owner_auth', '', '') == 1:
                 check_ok = 'disabled'
 
             curs.execute(db_change("select set_data from data_set where doc_name = ? and set_name = 'document_top'"), [name])

route/view_w.py

@@ -94,8 +94,8 @@ def view_w(name = 'Test', do_type = ''):
             user_doc = ''
             
             # S admin or owner 특수 틀 추가
-            if admin_check('all', None, user_name) == 1:
-                if admin_check(None, None, user_name) == 1:
+            if acl_check(tool = 'all_admin_auth', ip = user_name) != 1:
+                if acl_check(tool = 'owner_auth', ip = user_name) != 1:
                     curs.execute(db_change('select data from other where name = "phrase_user_page_owner"'))
                     db_data = curs.fetchall()
                     if db_data and db_data[0][0] != '':

route/vote_add.py

@@ -16,8 +16,6 @@ def vote_add():
             id_data = curs.fetchall()
             id_data = str((int(id_data[0][0]) + 1) if id_data else 1)
 
-            admin_check(None, 'add vote ' + id_data)
-
             if flask.request.form.get('open_select', 'N') == 'Y':
                 open_data = 'open'
             else:

route/vote_close.py

@@ -17,7 +17,7 @@ def vote_close(num = 1):
         curs.execute(db_change('select data from vote where id = ? and name = "open_user" and type = "option"'), [num])
         db_data = curs.fetchall()
         open_user = db_data[0][0] if db_data else ''
-        if open_user != ip_check() and admin_check() != 1:
+        if open_user != ip_check() and acl_check('', 'vote_auth', '', '') == 1:
             return re_error(conn, '/ban')
 
         if data_list[0][0] == 'close':

route_go/route/tool/acl_and_auth.go

@@ -128,7 +128,7 @@ func Check_auth(auth_info map[string]bool) map[string]bool {
 		auth_info["admin"] = true
 	}
 
-	admin_auth := []string{"ban", "toron", "check", "acl", "hidel", "give", "bbs"}
+	admin_auth := []string{"ban", "toron", "check", "acl", "hidel", "give", "bbs", "vote"}
 
 	if _, ok := auth_info["admin"]; ok {
 		for _, v := range admin_auth {
@@ -282,7 +282,34 @@ func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip str
 		acl_data := ""
 		acl_pass_auth := ""
 
-		if tool == "" {
+		if tool == "all_admin_auth" {
+			acl_pass_auth = "treat_as_admin"
+			acl_data = "owner"
+		} else if tool == "owner_auth" {
+			acl_pass_auth = "owner"
+			acl_data = "owner"
+		} else if tool == "ban_auth" {
+			acl_pass_auth = "bbs"
+			acl_data = "owner"
+		} else if tool == "toron_auth" {
+			acl_pass_auth = "toron"
+			acl_data = "owner"
+		} else if tool == "check_auth" {
+			acl_pass_auth = "check"
+			acl_data = "owner"
+		} else if tool == "acl_auth" {
+			acl_pass_auth = "acl"
+			acl_data = "owner"
+		} else if tool == "hidel_auth" {
+			acl_pass_auth = "hidel"
+			acl_data = "owner"
+		} else if tool == "give_auth" {
+			acl_pass_auth = "give"
+			acl_data = "owner"
+		} else if tool == "vote_auth" {
+			acl_pass_auth = "vote_fix"
+			acl_data = "owner"
+		} else if tool == "" {
 			acl_pass_auth = "acl"
 
 			if for_a == 0 {
@@ -489,7 +516,7 @@ func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip str
 				}
 			}
 		} else if tool == "vote" {
-			acl_pass_auth = "owner"
+			acl_pass_auth = "vote_fix"
 
 			if for_a == 0 {
 				end_number += 1
@@ -691,7 +718,7 @@ func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip str
 				}
 			}
 		} else if tool == "recaptcha" {
-			acl_pass_auth = "admin_default_feature"
+			acl_pass_auth = "captcha_pass"
 
 			err := db.QueryRow(DB_change("select data from other where name = 'recaptcha_pass_acl'")).Scan(&acl_data)
 			if err != nil {
@@ -702,7 +729,7 @@ func Check_acl(db *sql.DB, name string, topic_number string, tool string, ip str
 				}
 			}
 		} else if tool == "recaptcha_five_pass" {
-			acl_pass_auth = "admin_default_feature"
+			acl_pass_auth = "captcha_one_check_five_pass"
 
 			err := db.QueryRow(DB_change("select data from other where name = 'recaptcha_one_check_five_pass_acl'")).Scan(&acl_data)
 			if err != nil {