From 8eb7aa11ce9fd99b02118747760305fa624ccea7 Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Wed, 15 Aug 2012 02:31:30 +0200
Subject: [PATCH] better errors on missing token or not matching scope

---
 lib/travis/api/app/extensions/scoping.rb | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/travis/api/app/extensions/scoping.rb b/lib/travis/api/app/extensions/scoping.rb
index 255ab079..16d7e5d6 100644
--- a/lib/travis/api/app/extensions/scoping.rb
+++ b/lib/travis/api/app/extensions/scoping.rb
@@ -31,7 +31,14 @@ class Travis::Api::App
           name = settings.default_scope if name == :default
           headers['X-OAuth-Scopes'] = scopes.map(&:to_s).join(',')
           headers['X-Accepted-OAuth-Scopes'] = name.to_s
-          scopes.include? name
+
+          if scopes.include? name
+            true
+          elsif logged_in?
+            halt 403, "insufficient access"
+          else
+            halt 401, "no access token supplied"
+          end
         end
       end