From 01fe983a0cd1bf501e8dc4749076a31bcae0edcd Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Sun, 13 Jan 2013 20:08:56 +0100
Subject: [PATCH] pass if scope does not match

---
 lib/travis/api/app/extensions/scoping.rb |  4 ++--
 spec/unit/extensions/scoping_spec.rb     | 13 +++++++++++++
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/lib/travis/api/app/extensions/scoping.rb b/lib/travis/api/app/extensions/scoping.rb
index 72643ffe..626bdbb2 100644
--- a/lib/travis/api/app/extensions/scoping.rb
+++ b/lib/travis/api/app/extensions/scoping.rb
@@ -31,9 +31,9 @@ class Travis::Api::App
             headers['Vary'] << ', Authorization' unless public?
             true
           elsif env['travis.access_token']
-            halt 403, "insufficient access"
+            pass { halt 403, "insufficient access" }
           else
-            halt 401, "no access token supplied"
+            pass { halt 401, "no access token supplied" }
           end
         end
       end
diff --git a/spec/unit/extensions/scoping_spec.rb b/spec/unit/extensions/scoping_spec.rb
index ca4a1270..80e1152a 100644
--- a/spec/unit/extensions/scoping_spec.rb
+++ b/spec/unit/extensions/scoping_spec.rb
@@ -8,6 +8,8 @@ describe Travis::Api::App::Extensions::Scoping do
       register Travis::Api::App::Extensions::Scoping
       get('/') { 'ok' }
       get('/private', scope: :private) { 'ok' }
+      get('/pass_me', scope: :private) { 'first' }
+      get('/pass_me') { 'second' }
     end
 
     User.stubs(:find).with(user.id).returns(user)
@@ -62,4 +64,15 @@ describe Travis::Api::App::Extensions::Scoping do
     headers['X-Accepted-OAuth-Scopes'].should == 'private'
     headers['X-OAuth-Scopes'].should == 'foo,bar'
   end
+
+  it 'passes on to unscoped routes' do
+    get('/pass_me').should be_ok
+    body.should == 'second'
+  end
+
+
+  it 'does not pass if scope matches' do
+    with_scopes('/pass_me', :private).should be_ok
+    body.should == 'first'
+  end
 end