diff options
Diffstat (limited to 'module/web/api_app.py')
| -rw-r--r-- | module/web/api_app.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/module/web/api_app.py b/module/web/api_app.py index 156922d6a..12fffe099 100644 --- a/module/web/api_app.py +++ b/module/web/api_app.py @@ -46,10 +46,10 @@ def call_api(func, args=""): s = s.get_by_id(request.POST['session']) if not s or not s.get("authenticated", False): - return HTTPError(401, json_dumps("Unauthorized")) + return HTTPError(403, json_dumps("Forbidden")) if not PYLOAD.isAuthorized(func, {"role": s["role"], "permission": s["perms"]}): - return HTTPError(403, json_dumps("Forbidden")) + return HTTPError(401, json_dumps("Unauthorized")) args = args.split("/")[1:] kwargs = {} |