Update test_user_api.py

OpenOversight/tests/routes/test_user_api.py

@@ -37,24 +37,24 @@ def test_user_api_login_required(route, methods, client, mockdata):
 def test_user_cannot_access_user_api(route, methods, mockdata, client, session):
     with current_app.test_request_context():
         login_user(client)
-    if HTTPMethod.GET in methods:
-        rv = client.get(route)
-        assert rv.status_code == HTTPStatus.FORBIDDEN
-    if HTTPMethod.POST in methods:
-        rv = client.post(route)
-        assert rv.status_code == HTTPStatus.FORBIDDEN
+        if HTTPMethod.GET in methods:
+            rv = client.get(route)
+            assert rv.status_code == HTTPStatus.FORBIDDEN
+        if HTTPMethod.POST in methods:
+            rv = client.post(route)
+            assert rv.status_code == HTTPStatus.FORBIDDEN
 
 
 @pytest.mark.parametrize("route,methods", routes_methods)
 def test_ac_cannot_access_user_api(route, methods, mockdata, client, session):
     with current_app.test_request_context():
         login_ac(client)
-    if HTTPMethod.GET in methods:
-        rv = client.get(route)
-        assert rv.status_code == HTTPStatus.FORBIDDEN
-    if HTTPMethod.POST in methods:
-        rv = client.post(route)
-        assert rv.status_code == HTTPStatus.FORBIDDEN
+        if HTTPMethod.GET in methods:
+            rv = client.get(route)
+            assert rv.status_code == HTTPStatus.FORBIDDEN
+        if HTTPMethod.POST in methods:
+            rv = client.post(route)
+            assert rv.status_code == HTTPStatus.FORBIDDEN
 
 
 def test_admin_can_update_users_to_ac(mockdata, client, session):