save_origin_webhooks: Handle private repositories
Private repositories cannot be cloned without authentication so we
cannot create save requests for those.
So return an HTTP 400 error code when receiving push webhooks for such
repositories and inform users about the fact they cannot be publicly
Related to T4548