Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Include policy name in NotAuthorizedError message #681

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ and the given record. It then infers from the action name, that it should call

``` ruby
unless PostPolicy.new(current_user, @post).update?
raise Pundit::NotAuthorizedError, "not allowed to update? this #{@post.inspect}"
raise Pundit::NotAuthorizedError, "not allowed to update? with PostPolicy"
end
```

Expand Down
2 changes: 1 addition & 1 deletion lib/pundit.rb
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ def initialize(options = {})
@policy = options[:policy]
@reason = options[:reason]

message = options.fetch(:message) { "not allowed to #{query} this #{record.class}" }
message = options.fetch(:message) { "not allowed to #{query} with #{policy.class}" }
end

super(message)
Expand Down
11 changes: 8 additions & 3 deletions spec/pundit_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -51,14 +51,19 @@

it "works with anonymous class policies" do
expect(Pundit.authorize(user, article_tag, :show?)).to be_truthy
expect { Pundit.authorize(user, article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError)
expect { Pundit.authorize(user, article_tag, :destroy?) }.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? with ArticleTagOtherNamePolicy")
end

it "raises an error with a query and action" do
it "works with an array of a symbol and plain model class" do
expect(Pundit.authorize(user, [:project, Comment], :update?)).to be_truthy
expect { Pundit.authorize(user, [:project, Comment], :destroy?) }.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? with Project::CommentPolicy")
end

it "raises an error with a query and policy" do
# rubocop:disable Style/MultilineBlockChain
expect do
Pundit.authorize(user, post, :destroy?)
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this Post") do |error|
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? with PostPolicy") do |error|
expect(error.query).to eq :destroy?
expect(error.record).to eq post
expect(error.policy).to eq Pundit.policy(user, post)
Expand Down
4 changes: 4 additions & 0 deletions spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,10 @@ def update?
true
end

def destroy?
false
end

class Scope < Struct.new(:user, :scope)
def resolve
scope
Expand Down