Use "401 Authorized" status code for auth errors.

Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>

1 files changed, 5 insertions, 5 deletions

diff --git a/gn3/api/case_attributes.py b/gn3/api/case_attributes.py
index 60e0272..fa62942 100644
--- a/gn3/api/case_attributes.py
+++ b/gn3/api/case_attributes.py
@@ -249,7 +249,7 @@ def edit_case_attributes(inbredset_id: int, auth_token=None) -> Response:
                 "diff-status": "queued",
                 "message": ("The changes to the case-attributes have been "
                             "queued for approval."),
-            })
+            }), 401
 
 
 @caseattr.route("/<int:inbredset_id>/diff/list", methods=["GET"])
@@ -271,7 +271,7 @@ def list_diffs(inbredset_id: int) -> Response:
     except AuthorisationError as _auth_err:
         return jsonify({
             "message": ("You are not authorised to list diffs."),
-        })
+        }), 401
 
 
 @caseattr.route("/approve/<int:change_id>", methods=["POST"])
@@ -300,7 +300,7 @@ def approve_case_attributes_diff(filename: str, auth_token=None) -> Response:
         return jsonify({
             "diff-status": "queued",
             "message": ("You don't have the right privileges to edit this resource.")
-        })
+        }), 401
 
 
 @caseattr.route("/reject/<int:change_id>", methods=["POST"])
@@ -330,7 +330,7 @@ def reject_case_attributes_diff(filename: str, auth_token=None) -> Response:
     except AuthorisationError as __auth_err:
         return jsonify({
             "message": ("You don't have the right privileges to edit this resource.")
-        })
+        }), 401
 
 
 @caseattr.route("/<int:change_id>/diff/view", methods=["GET"])
@@ -348,4 +348,4 @@ def view_diff(inbredset_id: int, diff_id: int, auth_token=None) -> Response:
     except AuthorisationError as __auth_err:
         return jsonify({
             "message": ("You don't have the right privileges to view the diffs.")
-        })
+        }), 401