Update team and collection authorization

server/api/middlewares/authentication.js

@@ -7,7 +7,6 @@ import { User, ApiKey } from '../../models';
 
 type AuthOptions = {
   require?: boolean,
-  adminOnly?: boolean,
 };
 
 export default function auth(options: AuthOptions = {}) {
@@ -96,10 +95,6 @@ export default function auth(options: AuthOptions = {}) {
         }
       }
 
-      if (options.adminOnly && !user.isAdmin) {
-        throw httpErrors.Forbidden('Only available for admins');
-      }
-
       ctx.state.token = token;
       ctx.state.user = user;
       // $FlowFixMe

server/api/middlewares/authentication.test.js

@@ -91,45 +91,6 @@ describe('Authentication middleware', async () => {
     });
   });
 
-  describe('adminOnly', () => {
-    it('should work if user is an admin', async () => {
-      const state = {};
-      const { user } = await seed();
-      const authMiddleware = auth({ adminOnly: true });
-      user.isAdmin = true;
-      await user.save();
-
-      await authMiddleware(
-        {
-          request: {
-            get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
-          },
-          state,
-          cache: {},
-        },
-        jest.fn()
-      );
-      expect(state.user.id).toEqual(user.id);
-    });
-
-    it('should raise 403 if user is not an admin', async () => {
-      const { user } = await seed();
-      const authMiddleware = auth({ adminOnly: true });
-      user.idAdmin = true;
-      await user.save();
-
-      try {
-        await authMiddleware({
-          request: {
-            get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
-          },
-        });
-      } catch (e) {
-        expect(e.message).toBe('Only available for admins');
-      }
-    });
-  });
-
   it('should return error message if no auth token is available', async () => {
     const state = {};
     const authMiddleware = auth();