From 6dcb51b16efc3fcbd8b54c6d154195a52641f37f Mon Sep 17 00:00:00 2001
From: Saw-jan <saw.jan.grg3e@gmail.com>
Date: Wed, 2 Aug 2023 19:06:32 +0545
Subject: [PATCH] fix: return 403 when non-admin tries to do admin requests

---
 services/graph/pkg/middleware/requireadmin.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/graph/pkg/middleware/requireadmin.go b/services/graph/pkg/middleware/requireadmin.go
index 15d679041c5..d4775e43792 100644
--- a/services/graph/pkg/middleware/requireadmin.go
+++ b/services/graph/pkg/middleware/requireadmin.go
@@ -47,7 +47,7 @@ func RequireAdmin(rm *roles.Manager, logger log.Logger) func(next http.Handler)
 				return
 			}
 
-			errorcode.AccessDenied.Render(w, r, http.StatusUnauthorized, "Unauthorized")
+			errorcode.AccessDenied.Render(w, r, http.StatusForbidden, "Forbidden")
 		})
 	}
 }