From b4b512dd53ea1a8204c013fe75566c3cb266308f Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Fri, 10 May 2024 14:36:25 +0200
Subject: [PATCH] Return 403 when missing permissions instead of 401

---
 .../Filters/RequireTreeRootAccessAttribute.cs                   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Umbraco.Cms.Api.Management/Filters/RequireTreeRootAccessAttribute.cs b/src/Umbraco.Cms.Api.Management/Filters/RequireTreeRootAccessAttribute.cs
index e9549235dc..2c2902dee9 100644
--- a/src/Umbraco.Cms.Api.Management/Filters/RequireTreeRootAccessAttribute.cs
+++ b/src/Umbraco.Cms.Api.Management/Filters/RequireTreeRootAccessAttribute.cs
@@ -29,7 +29,7 @@ public abstract class RequireTreeRootAccessAttribute : ActionFilterAttribute
             Type = "Error",
         };
 
-        context.Result = new ObjectResult(problemDetails) { StatusCode = StatusCodes.Status401Unauthorized };
+        context.Result = new ObjectResult(problemDetails) { StatusCode = problemDetails.Status };
     }
 
     protected abstract int[] GetUserStartNodeIds(IUser user, ActionExecutingContext context);