Fixing some confusion between 401 vs 403 error code. 401 indicates that the user should attempt to authenticate again. Where as 403 indicates the user is authenticated but not allowed to complete an action. (#804)

Closes #767
2017-05-18 13:20:17 -07:00
parent 7ad471a810
commit 307a73c752
3 changed files with 6 additions and 6 deletions
--- a/lemur/certificates/views.py
+++ b/lemur/certificates/views.py
@ -271,7 +271,7 @@ class CertificatesList(AuthenticatedResource):
            data['creator'] = g.user
            return service.create(**data)

-        return dict(message="You are not authorized to use {0}".format(data['authority'].name)), 403
+        return dict(message="You are not authorized to use the authority: {0}".format(data['authority'].name)), 403


 class CertificatesUpload(AuthenticatedResource):