From f1ff888e2a1269e6f0d4b875fd20f96f8b154c70 Mon Sep 17 00:00:00 2001
From: iandyh <mail@andyh.io>
Date: Fri, 13 Oct 2023 15:15:13 +0900
Subject: [PATCH] Revert "Merge pull request #88 from iandyh/ownership"

This reverts commit 1b4b5ffdeb629741020b405caa7beadd4362b8a9, reversing
changes made to d9dd77110944976cb27946b77359fa1e8d4ab36c.
---
 shibuya/api/main.go   |  8 ++++----
 shibuya/api/utils.go  | 24 ------------------------
 shibuya/model/user.go | 11 -----------
 shibuya/ui/handler.go | 11 ++++++++++-
 4 files changed, 14 insertions(+), 40 deletions(-)

diff --git a/shibuya/api/main.go b/shibuya/api/main.go
index 18c3cd5c..df4d7730 100644
--- a/shibuya/api/main.go
+++ b/shibuya/api/main.go
@@ -5,7 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io"
+	"io/ioutil"
 	"net/http"
 	"strconv"
 	"time"
@@ -492,7 +492,7 @@ func (s *ShibuyaAPI) collectionDeleteHandler(w http.ResponseWriter, r *http.Requ
 }
 
 func (s *ShibuyaAPI) collectionGetHandler(w http.ResponseWriter, r *http.Request, params httprouter.Params) {
-	collection, err := checkCollectionOwnership(r, params)
+	collection, err := getCollection(params.ByName("collection_id"))
 	if err != nil {
 		s.handleErrors(w, err)
 		return
@@ -538,7 +538,7 @@ func (s *ShibuyaAPI) collectionUploadHandler(w http.ResponseWriter, r *http.Requ
 		s.handleErrors(w, makeInvalidResourceError("file"))
 		return
 	}
-	raw, err := io.ReadAll(file)
+	raw, err := ioutil.ReadAll(file)
 	if err != nil {
 		s.handleErrors(w, makeInvalidRequestError("invalid file"))
 		return
@@ -657,7 +657,7 @@ func (s *ShibuyaAPI) collectionDeploymentHandler(w http.ResponseWriter, r *http.
 }
 
 func (s *ShibuyaAPI) collectionTriggerHandler(w http.ResponseWriter, r *http.Request, params httprouter.Params) {
-	collection, err := checkCollectionOwnership(r, params)
+	collection, err := getCollection(params.ByName("collection_id"))
 	if err != nil {
 		s.handleErrors(w, err)
 		return
diff --git a/shibuya/api/utils.go b/shibuya/api/utils.go
index c5040d81..bfe56440 100644
--- a/shibuya/api/utils.go
+++ b/shibuya/api/utils.go
@@ -3,9 +3,6 @@ package api
 import (
 	"net/http"
 	"strings"
-
-	"github.com/julienschmidt/httprouter"
-	"github.com/rakutentech/shibuya/shibuya/model"
 )
 
 func retrieveClientIP(r *http.Request) string {
@@ -15,24 +12,3 @@ func retrieveClientIP(r *http.Request) string {
 	}
 	return strings.Split(t, ",")[0]
 }
-
-func checkCollectionOwnership(r *http.Request, params httprouter.Params) (*model.Collection, error) {
-	account := model.GetAccountBySession(r)
-	if account == nil {
-		return nil, makeLoginError()
-	}
-	collection, err := getCollection(params.ByName("collection_id"))
-	if err != nil {
-		return nil, err
-	}
-	project, err := model.GetProject(collection.ProjectID)
-	if err != nil {
-		return nil, err
-	}
-	if _, ok := account.MLMap[project.Owner]; !ok {
-		if !account.IsAdmin() {
-			return nil, makeNoPermissionErr("")
-		}
-	}
-	return collection, nil
-}
diff --git a/shibuya/model/user.go b/shibuya/model/user.go
index e50f2ba9..f8c88049 100644
--- a/shibuya/model/user.go
+++ b/shibuya/model/user.go
@@ -39,14 +39,3 @@ func GetAccountBySession(r *http.Request) *Account {
 	}
 	return a
 }
-
-func (a *Account) IsAdmin() bool {
-	for _, ml := range a.ML {
-		for _, admin := range config.SC.AuthConfig.AdminUsers {
-			if ml == admin {
-				return true
-			}
-		}
-	}
-	return false
-}
diff --git a/shibuya/ui/handler.go b/shibuya/ui/handler.go
index d8692c44..082fb219 100644
--- a/shibuya/ui/handler.go
+++ b/shibuya/ui/handler.go
@@ -45,7 +45,16 @@ func (u *UI) homeHandler(w http.ResponseWriter, r *http.Request, params httprout
 		http.Redirect(w, r, "/login", http.StatusSeeOther)
 		return
 	}
-	IsAdmin := account.IsAdmin()
+	IsAdmin := false
+outer:
+	for _, ml := range account.ML {
+		for _, admin := range config.SC.AuthConfig.AdminUsers {
+			if ml == admin {
+				IsAdmin = true
+				break outer
+			}
+		}
+	}
 	enableSid := config.SC.EnableSid
 	resultDashboardURL := config.SC.DashboardConfig.Url + config.SC.DashboardConfig.RunDashboard
 	engineHealthDashboardURL := config.SC.DashboardConfig.Url + config.SC.DashboardConfig.EnginesDashboard