Skip to content

Commit

Permalink
Add policy instead of user to a NotAuthorizedError
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomasklemm
thomasklemm committed Mar 5, 2014
1 parent 2752223 commit e2f465d
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions lib/pundit.rb
View file
Expand Up @@ -6,7 +6,7 @@

module Pundit
class NotAuthorizedError < StandardError
attr_accessor :user, :record, :query
attr_accessor :policy, :record, :query
end
class NotDefinedError < StandardError; end

Expand Down Expand Up @@ -59,7 +59,7 @@ def authorize(record, query=nil)
@_policy_authorized = true
unless policy(record).public_send(query)
e = NotAuthorizedError.new
e.user, e.record, e.query = policy(record).user, record, query
e.policy, e.record, e.query = policy(record), record, query
raise e, "not allowed to #{query} this #{record}"
end
true
Expand Down
4 changes: 2 additions & 2 deletions spec/pundit_spec.rb
View file
Expand Up @@ -225,9 +225,9 @@ def destroy?
expect { controller.authorize(Post.new) }.to raise_error(Pundit::NotAuthorizedError)
end

it "raises an error with a user, record and query" do
it "raises an error with a policy, record and query" do
expect { controller.authorize(post, :destroy?) }.to raise_error do |error|
expect(error.user).to eq user
expect(error.policy).to eq controller.policy(post)
expect(error.record).to eq post
expect(error.query).to eq :destroy?
expect(error.message).to eq "not allowed to #{error.query} this #{error.record}"
Expand Down

0 comments on commit e2f465d

Please sign in to comment.