From a93a74f9d192ef13f63ac026ec08687901b4197d Mon Sep 17 00:00:00 2001
From: Saw-jan <saw.jan.grg3e@gmail.com>
Date: Wed, 2 Aug 2023 19:06:32 +0545
Subject: [PATCH] fix: return 403 when non-admin tries to do admin requests

---
 services/graph/pkg/middleware/requireadmin.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/graph/pkg/middleware/requireadmin.go b/services/graph/pkg/middleware/requireadmin.go
index 39bc0102d3..6b9d639ea2 100644
--- a/services/graph/pkg/middleware/requireadmin.go
+++ b/services/graph/pkg/middleware/requireadmin.go
@@ -48,7 +48,7 @@ func RequireAdmin(rm *roles.Manager, logger log.Logger) func(next http.Handler)
 				return
 			}
 
-			errorcode.AccessDenied.Render(w, r, http.StatusUnauthorized, "Unauthorized")
+			errorcode.AccessDenied.Render(w, r, http.StatusForbidden, "Forbidden")
 		})
 	}
 }