Milo: Use luci-config for storing buildbot acls

milo/appengine/common/acl.go

Index: milo/appengine/common/acl.go
diff --git a/milo/appengine/common/acl.go b/milo/appengine/common/acl.go
index e01af88f5eaa0bfc0b7b64a824e78f7e883cab08..eb9fcef3e7e517945231eac95237e305df8519c6 100644
--- a/milo/appengine/common/acl.go
+++ b/milo/appengine/common/acl.go
@@ -5,10 +5,12 @@
 package common
 
 import (
+	"golang.org/x/net/context"
+
 	"github.com/luci/luci-go/luci_config/common/cfgtypes"
 	"github.com/luci/luci-go/luci_config/server/cfgclient/access"
 	"github.com/luci/luci-go/luci_config/server/cfgclient/backend"
-	"golang.org/x/net/context"
+	"github.com/luci/luci-go/server/auth"
 )
 
 // Helper functions for ACL checking.
@@ -33,6 +35,9 @@ func IsAllowed(c context.Context, project string) (bool, error) {
 // IsAllowedInternal is a shorthand for checking to see if the user is a reader
 // of a magic project named "chrome".
 func IsAllowedInternal(c context.Context) (bool, error) {
-	// TODO(hinoka): Move this to luci-cfg.
-	return IsAllowed(c, "chrome")
+	settings, err := GetSettings(c)
+	if err != nil {
+		return false, err
+	}
+	return auth.IsMember(c, settings.Buildbot.InternalReader)
 }