Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Store attribute in CanCan::Unauthorized exception #716

wants to merge 1 commit into from

3 participants


Stores the attribute for which authorized in fails in the raised CanCan::Unauthorized when calling ability.authorize!

This should help with error messages and debugging.


This pull request passes (merged 1c83429 into aed9f26).


Dear submitter, Since cancan/raynB hasn't been active for more than 6 months and no body else then ryam himself has commit permissions the cancan project is on a stand still.
Since cancan has several issues including missing support for rails 4 cancan is moving forward to cancancan. More details on: #994

If your feel that your pull request or bug is still applicable (and hasn't been merged in to cancan) it would be really appreciated if you would resubmit it to cancancan (

We hope to see you on the other side!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Aug 12, 2012
  1. @jhawthorn
This page is out of date. Refresh to see the latest.
2  lib/cancan/ability.rb
@@ -204,7 +204,7 @@ def authorize!(action, subject, *args)
attribute = args.first
if cannot?(action, subject, *args)
message ||= unauthorized_message(action, subject)
- raise, action, subject)
+ raise, action, subject, attribute)
elsif sufficient_attribute_check?(action, subject, attribute) && sufficient_condition_check?(action, subject)
fully_authorized!(action, subject)
5 lib/cancan/exceptions.rb
@@ -36,13 +36,14 @@ class InsufficientAuthorizationCheck < Error; end
# See ControllerAdditions#authorize! for more information on rescuing from this exception
# and customizing the message using I18n.
class Unauthorized < Error
- attr_reader :action, :subject
+ attr_reader :action, :subject, :attribute
attr_writer :default_message
- def initialize(message = nil, action = nil, subject = nil)
+ def initialize(message = nil, action = nil, subject = nil, attribute = nil)
@message = message
@action = action
@subject = subject
+ @attribute = attribute
@default_message = I18n.t(:"unauthorized.default", :default => "You are not authorized to access this page.")
13 spec/cancan/ability_spec.rb
@@ -408,6 +408,19 @@ class Container < Hash; end
e.message.should == "Access denied!"
e.action.should == :read
e.subject.should == :books
+ e.attribute.should be_nil
+ else
+ fail "Expected CanCan::Unauthorized exception to be raised"
+ end
+ end
+ it "raises CanCan::Unauthorized when calling authorize! on unauthorized attribute" do
+ begin
+ @ability.authorize! :read, :books, :title
+ rescue CanCan::Unauthorized => e
+ e.action.should == :read
+ e.subject.should == :books
+ e.attribute.should == :title
fail "Expected CanCan::Unauthorized exception to be raised"
16 spec/cancan/exceptions_spec.rb
@@ -1,6 +1,18 @@
require "spec_helper"
describe CanCan::Unauthorized do
+ describe "with action, subject, and attribute" do
+ before(:each) do
+ @exception =, :some_action, :some_subject, :some_attr)
+ end
+ it "has action, subject, and attribute accessors" do
+ @exception.action.should == :some_action
+ @exception.subject.should == :some_subject
+ @exception.attribute.should == :some_attr
+ end
+ end
describe "with action and subject" do
before(:each) do
@exception =, :some_action, :some_subject)
@@ -9,6 +21,7 @@
it "has action and subject accessors" do
@exception.action.should == :some_action
@exception.subject.should == :some_subject
+ @exception.attribute.should be_nil
it "has a changable default message" do
@@ -23,9 +36,10 @@
@exception ="Access denied!")
- it "has nil action and subject" do
+ it "has nil action, subject, and attribute" do
@exception.action.should be_nil
@exception.subject.should be_nil
+ @exception.attribute.should be_nil
it "has passed message" do
Something went wrong with that request. Please try again.