diff --git a/lib/pundit.rb b/lib/pundit.rb
index 8da072e0..52fac7cf 100644
--- a/lib/pundit.rb
+++ b/lib/pundit.rb
@@ -6,7 +6,7 @@
 
 module Pundit
   class NotAuthorizedError < StandardError
-    attr_accessor :user, :record, :query
+    attr_accessor :policy, :record, :query
   end
   class NotDefinedError < StandardError; end
 
@@ -59,7 +59,7 @@ def authorize(record, query=nil)
     @_policy_authorized = true
     unless policy(record).public_send(query)
       e = NotAuthorizedError.new
-      e.user, e.record, e.query = policy(record).user, record, query
+      e.policy, e.record, e.query = policy(record), record, query
       raise e, "not allowed to #{query} this #{record}"
     end
     true
diff --git a/spec/pundit_spec.rb b/spec/pundit_spec.rb
index c413e86d..edb24f07 100644
--- a/spec/pundit_spec.rb
+++ b/spec/pundit_spec.rb
@@ -225,9 +225,9 @@ def destroy?
       expect { controller.authorize(Post.new) }.to raise_error(Pundit::NotAuthorizedError)
     end
 
-    it "raises an error with a user, record and query" do
+    it "raises an error with a policy, record and query" do
       expect { controller.authorize(post, :destroy?) }.to raise_error do |error|
-        expect(error.user).to eq user
+        expect(error.policy).to eq controller.policy(post)
         expect(error.record).to eq post
         expect(error.query).to eq :destroy?
         expect(error.message).to eq "not allowed to #{error.query} this #{error.record}"