Fix SAR not returning 403/401 correctly (#2274)

ministryofjustice · Jun 10, 2024 · 1c79faf · 1c79faf
1 parent f14e7d2
commit 1c79faf
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/app/controllers/subject_access_requests_controller.rb b/app/controllers/subject_access_requests_controller.rb
@@ -29,7 +29,7 @@ def show
   # Overrides parent due to endpoint-specific roles
   def verify_token
     unless token.valid_token_with_scope?('read', role: SAR_ROLE)
-      if token.valid_token_with_scope?('read', role: '')
+      if token.valid_token_with_scope?('read')
         render_error("Missing role: #{SAR_ROLE}", 1, 403)
       else
         render_error('Valid authorisation token required', 1, 401)