From 5c0697ed857f7565326d43458102decb6a9d4b49 Mon Sep 17 00:00:00 2001
From: Piotr Sarnacki <drogus@gmail.com>
Date: Thu, 21 Jan 2016 13:58:49 +0100
Subject: [PATCH] Always authenticate ajax calls

Our mechanism for blacklisting IPs, which was developed as a protection
against a DDoS attach, sometimes classifies IPs as offenders
incorrectly. In order to temporary improve the situation of 403
responses from API we're now going to authenticate all of the ajax
calls, because authenticated calls are not blacklisted that easily.
---
 app/services/ajax.js | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

diff --git a/app/services/ajax.js b/app/services/ajax.js
index 81af72f0..4f62c57e 100644
--- a/app/services/ajax.js
+++ b/app/services/ajax.js
@@ -12,8 +12,6 @@ default_options = {
 
 export default Ember.Service.extend({
   auth: Ember.inject.service(),
-  publicEndpoints: [/\/repos\/?.*/, /\/builds\/?.*/, /\/jobs\/?.*/],
-  privateEndpoints: [/\/repos\/\d+\/caches/],
 
   get(url, callback, errorCallback) {
     return this.ajax(url, 'get', {
@@ -37,20 +35,7 @@ export default Ember.Service.extend({
   },
 
   needsAuth(method, url) {
-    var privateEndpoint, publicEndpoint;
-    if (config.pro) {
-      return true;
-    }
-    if (method !== 'GET') {
-      return true;
-    }
-    publicEndpoint = this.publicEndpoints.find(function(pattern) {
-      return url.match(pattern);
-    });
-    privateEndpoint = this.privateEndpoints.find(function(pattern) {
-      return url.match(pattern);
-    });
-    return !publicEndpoint || privateEndpoint;
+    return true;
   },
 
   ajax(url, method, options) {