Add support for symfony's AccessDenied exception

composer.json

@@ -29,6 +29,7 @@
 
         "symfony/form": "~2.1",
         "symfony/validator": "~2.1",
+        "symfony/security-core": "~2.1",
 
         "willdurand/negotiation": "~1.3",
         "willdurand/stack-negotiation": "~0.1"

src/Response/VndErrorResponse.php

@@ -26,19 +26,25 @@ public static function fromException(\Exception $exception, $prettyPrint = false
     {
         $statusCode = 500;
         $headers = [];
+        $message = null;
 
         if ($exception instanceof HttpExceptionInterface) {
             $statusCode = $exception->getStatusCode();
             $headers = $exception->getHeaders();
+            $message = $exception->getMessage();
+        } elseif ($exception instanceof \Symfony\Component\Security\Core\Exception\AccessDeniedException) {
+            $statusCode = 403;
+            $message = $exception->getMessage();
+        } elseif ($debug) {
+            // Expose exception message only in debug mode
+            $message = $exception->getMessage();
         }
 
         if ($exception instanceof HalException) {
             $hal = $exception->getHal();
-        } elseif ($debug || $exception instanceof HttpExceptionInterface) {
+        } elseif ($message) {
             $hal = new Hal(null, ['message' => $exception->getMessage()]);
         } else {
-            // Discard exception messages from exceptions not implementing
-            // HttpExceptionInterface (if $debug is false)
             $hal = new Hal();
         }
 

tests/ExceptionConverterTest.php

@@ -2,10 +2,10 @@
 
 namespace Jsor\Stack\Hal;
 
-use Nocarrier\Hal;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 
 class ExceptionConverterTest extends \PHPUnit_Framework_TestCase
 {
@@ -93,6 +93,34 @@ public function it_serializes_http_exception_with_custom_message_to_json()
         );
     }
 
+    /** @test */
+    public function it_serializes_access_denied_exception_to_json()
+    {
+        $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
+
+        $kernel
+            ->expects($this->once())
+            ->method('handle')
+            ->will($this->throwException(new AccessDeniedException('Forbidden')));
+
+        $app = new ExceptionConverter($kernel);
+
+        $request = new Request();
+        $request->attributes->set('_format', 'json');
+
+        $response = $app->handle($request)->prepare($request);
+
+        $this->assertSame(403, $response->getStatusCode());
+        $this->assertJsonStringEqualsJsonString(
+            json_encode(
+                [
+                    'message' => 'Forbidden',
+                ]
+            ),
+            $response->getContent()
+        );
+    }
+
     /** @test */
     public function it_serializes_exception_to_xml()
     {
@@ -165,6 +193,30 @@ public function it_serializes_http_exception_with_custom_message_to_xml()
         );
     }
 
+    /** @test */
+    public function it_serializes_access_denied_exception_to_xml()
+    {
+        $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
+
+        $kernel
+            ->expects($this->once())
+            ->method('handle')
+            ->will($this->throwException(new AccessDeniedException('Forbidden')));
+
+        $app = new ExceptionConverter($kernel);
+
+        $request = new Request();
+        $request->attributes->set('_format', 'xml');
+
+        $response = $app->handle($request)->prepare($request);
+
+        $this->assertSame(403, $response->getStatusCode());
+        $this->assertXmlStringEqualsXmlString(
+            '<resource><message>Forbidden</message></resource>',
+            $response->getContent()
+        );
+    }
+
     /** @test */
     public function it_discards_standard_exception_message()
     {