From b8c3ab6960c1eb513d8e941edbfff445349333f9 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Thu, 16 Mar 2017 19:56:58 -0400
Subject: [PATCH] closes #339

---
 CHANGELOG.md                                | 1 +
 app/Http/Controllers/Base/APIController.php | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e655bbe97..b2841bb7f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,7 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * `[pre.4]` — Fixes bug preventing server updates from occurring by the system due to undefined `Auth::user()` in the event listener.
 * `[pre.4]` — Fixes `Server::byUuid()` caching to actually clear the cache for *all* users, rather than the logged in user by using cache tags.
 * `[pre.4]` — Fixes server listing on frontend not displaying a page selector when more than 10 servers exist.
+* `[pre.4]` — Fixes non-admin users being unable to create personal API keys.
 
 ### Added
 * Ability to assign multiple allocations at once when creating a new server.
diff --git a/app/Http/Controllers/Base/APIController.php b/app/Http/Controllers/Base/APIController.php
index 68045a722..f4133bc7f 100644
--- a/app/Http/Controllers/Base/APIController.php
+++ b/app/Http/Controllers/Base/APIController.php
@@ -52,7 +52,7 @@ class APIController extends Controller
     {
         try {
             $repo = new APIRepository($request->user());
-            $secret = $repo->create($request->only([
+            $secret = $repo->create($request->intersect([
                 'memo', 'allowed_ips',
                 'adminPermissions', 'permissions',
             ]));