From caf2c202108791a2e89061259ddfbe27c0244e3e Mon Sep 17 00:00:00 2001
From: Mickael Remond <mremond@process-one.net>
Date: Sat, 23 Jul 2016 17:56:15 +0200
Subject: [PATCH] Error when not authorized should be 403

---
 test/mod_http_api_test.exs | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs
index 99b8d9b28..b440f3eb8 100644
--- a/test/mod_http_api_test.exs
+++ b/test/mod_http_api_test.exs
@@ -54,20 +54,20 @@ defmodule ModHttpApiTest do
   end
 
   # This related to the commands config file option
-  test "Attempting to access a command that is not exposed as HTTP API returns 401" do
+  test "Attempting to access a command that is not exposed as HTTP API returns 403" do
     setup_mocks()
     :ejabberd_config.add_local_option(:commands, [])
     request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
-    {401, _, _} = :mod_http_api.process(["open_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["open_cmd"], request)
   end
 
   test "Call to user, admin or restricted commands without authentication are rejected" do
     setup_mocks()
     :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]])
     request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
-    {401, _, _} = :mod_http_api.process(["user_cmd"], request)
-    {401, _, _} = :mod_http_api.process(["admin_cmd"], request)
-    {401, _, _} = :mod_http_api.process(["restricted_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["user_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["admin_cmd"], request)
+    {403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
   end
 
   @tag pending: true