This fixes the grants on a user's session when creating a repository with only the creator permission Fixes #117
This fixes the issue whereby attempting to pull a public repository as an authenticated user with anonymous access disabled caused an unexpected 401. This change also adds tests for a few other use cases to verify we haven't broken anything.
