From 17fd6201b895255b9de55b2422d12f1b2b263879 Mon Sep 17 00:00:00 2001
From: Piotr Sarnacki <drogus@gmail.com>
Date: Tue, 15 Apr 2014 10:58:08 +0200
Subject: [PATCH] Don't error out on settings

We didn't have scope: :private specified on settings endpoint which
resulted in errors (services check permissions of current user anyway,
but it will error out if there is no user available).
---
 lib/travis/api/app/endpoint/repos.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/travis/api/app/endpoint/repos.rb b/lib/travis/api/app/endpoint/repos.rb
index 9dafd733..b6be002c 100644
--- a/lib/travis/api/app/endpoint/repos.rb
+++ b/lib/travis/api/app/endpoint/repos.rb
@@ -43,7 +43,7 @@ class Travis::Api::App
 
       # Get settings for a given repository
       #
-      get '/:id/settings' do
+      get '/:id/settings', scope: :private do
         settings = service(:find_repo_settings, params).run
         if settings
           respond_with({ settings: settings.obfuscated }, version: :v2)
@@ -52,7 +52,7 @@ class Travis::Api::App
         end
       end
 
-      patch '/:id/settings' do
+      patch '/:id/settings', scope: :private do
         payload = JSON.parse request.body.read
 
         if payload['settings'].blank? || !payload['settings'].is_a?(Hash)