Inconsistency status codes when user has no access
When I requested a search at url "https://{baseURL}/api/search/v2/search" with headers like:
[Authorization, Bearer ey...]
[Accept, application/json]
[data-partition-id, slb]
and body: {"kind":"*:*:*:*","limit":100,"query":"(kind:osdu\\:wks\\:master-data--Wellbore\\:*) AND (\"mnagy-12\" )","queryAsOwner":false,"offset":0}
on an environment where there is no "slb" data partition, or at least I have no access to that.
I've got result: {"code":401,"reason":"Access denied","message":"The user is not authorized to perform this action"}
And the next query was successful when the data-partition-id header was changed to a valid data partition for which I have access.
Instead of 401 I would think a 403 - Forbidden would much more clear, as 401 usually means "I don't know who you are", and 403 "I know who you are, but you cannot do that".