acm-uiuc · devksingh4 · Mar 27, 2025 · Mar 27, 2025
diff --git a/src/api/routes/iam.ts b/src/api/routes/iam.ts
@@ -1,5 +1,5 @@
 import { FastifyPluginAsync } from "fastify";
 import { allAppRoles, AppRoles } from "../../common/roles.js";
 import { zodToJsonSchema } from "zod-to-json-schema";
 import {
  addToTenant,
@@ -16,7 +16,7 @@
  EntraInvitationError,
  InternalServerError,
  NotFoundError,
  UnauthorizedError,
 } from "../../common/errors/index.js";
 import { DynamoDBClient, PutItemCommand } from "@aws-sdk/client-dynamodb";
 import { genericConfig, roleArns } from "../../common/config.js";
@@ -79,13 +79,13 @@
         await fastify.zodValidateBody(request, reply, entraProfilePatchRequest);
       },
       onRequest: async (request, reply) => {
-        await fastify.authorize(request, reply, allAppRoles);
+        await fastify.authorize(request, reply, []);
       },
     },
     async (request, reply) => {
       if (!request.tokenPayload || !request.username) {
-        throw new UnauthorizedError({
-          message: "User does not have the privileges for this task.",
+        throw new InternalServerError({
+          message: "Could not find token payload and/or username.",
         });
       }
       const userOid = request.tokenPayload["oid"];
@@ -99,7 +99,7 @@
         userOid,
         request.body,
       );
-      reply.send(201);
+      reply.status(201);
     },
   );
   fastify.get<{