🧪 test(errors): fix unauthorized error tests

src/__tests__/api/account/mine.spec.ts

@@ -100,16 +100,16 @@ describe("/api/account/mine", () => {
 
     await handler(req, res);
 
-    expect(res._getStatusCode()).toBe(403);
+    expect(res._getStatusCode()).toBe(401);
 
     expect(res._getJSONData()).toMatchInlineSnapshot(`
       {
         "errorCode": "NOT_AUTHENTICATED",
         "message": "role-doesn't-exist not found for 'roles'",
         "method": "GET",
-        "name": "ForbiddenError",
+        "name": "UnauthorizedError",
         "path": "",
-        "statusCode": 403,
+        "statusCode": 401,
       }
     `);
   });

src/__tests__/api/integrations/constants/[key].spec.ts

@@ -228,7 +228,7 @@ describe("/api/integrations/constants/[key]", () => {
   });
 
   describe("permission", () => {
-    it("should return 401 when user has no permission", async () => {
+    it("should return 403 when user has no permission", async () => {
       const { req, res } = createAuthenticatedViewerMocks({
         method: "PUT",
         query: {
@@ -241,7 +241,7 @@ describe("/api/integrations/constants/[key]", () => {
 
       await handler(req, res);
 
-      expect(res._getStatusCode()).toBe(401);
+      expect(res._getStatusCode()).toBe(403);
     });
     it("should work when user has correct permission", async () => {
       await setupRolesTestData([

src/__tests__/api/integrations/credentials/[key].spec.ts

@@ -295,7 +295,7 @@ describe("/api/integrations/credentials/[key]", () => {
   });
 
   describe("permission", () => {
-    it("should return 401 when user has incorrect permission", async () => {
+    it("should return 403 when user has incorrect permission", async () => {
       await setupRolesTestData([
         {
           id: "custom-role",
@@ -315,7 +315,7 @@ describe("/api/integrations/credentials/[key]", () => {
 
       await handler(req, res);
 
-      expect(res._getStatusCode()).toBe(401);
+      expect(res._getStatusCode()).toBe(403);
     });
     it("should work when user has correct permission", async () => {
       await Promise.all([

src/__tests__/api/integrations/env/[key].spec.ts

@@ -228,7 +228,7 @@ describe("/api/integrations/env/[key]", () => {
   });
 
   describe("permission", () => {
-    it("should return 401 when user has no permission", async () => {
+    it("should return 403 when user has no permission", async () => {
       const { req, res } = createAuthenticatedViewerMocks({
         method: "PUT",
         query: {
@@ -241,7 +241,7 @@ describe("/api/integrations/env/[key]", () => {
 
       await handler(req, res);
 
-      expect(res._getStatusCode()).toBe(401);
+      expect(res._getStatusCode()).toBe(403);
     });
     it("should work when user has correct permission", async () => {
       await setupRolesTestData([

src/backend/lib/errors/error-handler.spec.ts

@@ -92,6 +92,7 @@ describe("/api/error/handling", () => {
     expect(res._getStatusCode()).toBe(401);
     expect(res._getJSONData()).toMatchInlineSnapshot(`
       {
+        "errorCode": "",
         "message": "Invalid Login",
         "method": "GET",
         "name": "UnauthorizedError",

src/backend/lib/request/validations/implementations/__tests__/can-user.spec.ts

@@ -41,15 +41,15 @@ describe("Request Validations => canUserValidationImpl", () => {
 
     await handler(req, res);
 
-    expect(res._getStatusCode()).toBe(401);
+    expect(res._getStatusCode()).toBe(403);
     expect(res._getJSONData()).toMatchInlineSnapshot(`
       {
         "errorCode": "",
         "message": "Your account doesn't have enough priviledge to perform this action: (Can Manage Dashboard)",
         "method": "GET",
         "name": "ForbiddenError",
         "path": "",
-        "statusCode": 401,
+        "statusCode": 403,
       }
     `);
   });