Fix inconsistent status codes

HTTP 401 should be used when logging in (i.e. authenticating) would make
a difference; HTTP 403 is reserved for requests that fail because the
already authenticated user is not authorized (i.e. lacking permissions)
to do something.

tests/integration/api/Auth/AuthenticateWithApiKeyTest.php

@@ -65,7 +65,7 @@ class AuthenticateWithApiKeyTest extends TestCase
 
         $response = $api->send(CreateGroupController::class, new Guest);
 
-        $this->assertEquals(403, $response->getStatusCode());
+        $this->assertEquals(401, $response->getStatusCode());
     }
 
     /**

tests/integration/api/Controller/CreateGroupControllerTest.php

@@ -80,7 +80,7 @@ class CreateGroupControllerTest extends ApiControllerTestCase
     /**
      * @test
      */
-    public function unauthorized_user_cannot_create_group()
+    public function normal_user_cannot_create_group()
     {
         $this->actor = User::find(2);
 

tests/integration/api/Controller/ListNotificationsControllerTest.php

@@ -36,7 +36,7 @@ class ListNotificationsControllerTest extends ApiControllerTestCase
     {
         $response = $this->callWith();
 
-        $this->assertEquals(403, $response->getStatusCode());
+        $this->assertEquals(401, $response->getStatusCode());
     }
 
     /**

tests/integration/api/Controller/ListUsersControllerTest.php

@@ -42,7 +42,7 @@ class ListUsersControllerTest extends ApiControllerTestCase
     {
         $response = $this->callWith();
 
-        $this->assertEquals(403, $response->getStatusCode());
+        $this->assertEquals(401, $response->getStatusCode());
     }
 
     /**