Add note to readme to explain DoubleRenderError

[michaelem]

Since there have been a few issues opened on the subject I propose to modify the readme to reflect the potential DoubleRenderError that Rails users might encounter using verify_policy_scoped and verify_authorized.

[thomasklemm]

Hi Michael, thanks for your PR. It's a good addition explaining how the DoubleRenderError came to be and thus differs from #53.

[jnicklas]

I still don't understand how you'd get a double render error. The only reasonable explanation I have is that you'd use a rescue_from for all StandardErrors in your ApplicationController. In development. Why would anyone do that? That seems like a horrible development experience and I can't for the life of me understand why you'd want to do that.

[michaelem]

@jnicklas I do not have such a catch all. What I do have is a rescue_from Pundit::NotAuthorizedError as recomended in the readme: https://github.com/michaelem/pundit#rescuing-a-denied-authorization-in-rails

(Also: please don't assume the worst of other humans on the internet.)

[jnicklas]

@michaelem maybe too much OSS has left me jaded, I apologize. I didn't mean any offence though, I was genuinely trying to understand what's going on. I just checked the code and it turns out I was wrong, and it is indeed possible to cause the DoubleRenderError.

I actually didn't remember correctly how we'd defined errors, I'd assumed that we raised a different error when verify_authorized kicked in, but it seems that we raise the same NotAuthorizedError in both cases. So rescue_from kicks in for verify_authorized as well. If it didn't, this problem would go away.

So we have a better solution in raising a different exception on verify_authorized, that way we fix the problem and we don't need any documentation on how to work around it.

[jnicklas]

I just created #109 which fixes this issue by raising a different error for verify_authorized, more details inside the PR. @michaelem, @thomasklemm what do you guys think?