You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Originally posted by Zigreal December 29, 2022
Hi everybody! Can you please tell me if it makes sense that rescue_from CanCan::AccessDenied, with: :unauthorized returns 401 when the user is denied an action? For example, "authorize! :update, @order, order_token" - if I set a condition in the rights set that I can't update the order, then I'll get 401, not 403, because the controller has rescue_from CanCan::AccessDenied, with: :unauthorized. How can i get 403 in normal way?
The text was updated successfully, but these errors were encountered:
Discussed in #4819
Originally posted by Zigreal December 29, 2022
Hi everybody! Can you please tell me if it makes sense that rescue_from CanCan::AccessDenied, with: :unauthorized returns 401 when the user is denied an action? For example, "authorize! :update, @order, order_token" - if I set a condition in the rights set that I can't update the order, then I'll get 401, not 403, because the controller has rescue_from CanCan::AccessDenied, with: :unauthorized. How can i get 403 in normal way?
The text was updated successfully, but these errors were encountered: