Error when not authorized should be 403

diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs
index 99b8d9b2870f3dd48de73ed8d5eb7b6287e4e581..b440f3eb8d10a787119665417b1ec0ac4694c90f 100644 (file)
--- a/test/mod_http_api_test.exs
+++ b/test/mod_http_api_test.exs
@@ -54,20 +54,20 @@ defmodule ModHttpApiTest do
   end
 
   # This related to the commands config file option
-  test "Attempting to access a command that is not exposed as HTTP API returns 401" do
+  test "Attempting to access a command that is not exposed as HTTP API returns 403" do
     setup_mocks()
     :ejabberd_config.add_local_option(:commands, [])
     request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
-    {401, _, _} = :mod_http_api.process(["open_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["open_cmd"], request)
   end
 
   test "Call to user, admin or restricted commands without authentication are rejected" do
     setup_mocks()
     :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]])
     request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
-    {401, _, _} = :mod_http_api.process(["user_cmd"], request)
-    {401, _, _} = :mod_http_api.process(["admin_cmd"], request)
-    {401, _, _} = :mod_http_api.process(["restricted_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["user_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["admin_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
   end
 
   @tag pending: true