kotovalexarian-likes-github/varvet--pundit
1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00
Code Releases Activity

Merge pull request #684 from varvet/kbs/revert-error-reason

Browse source 
Revert "Merge pull request #625 from holyketzer/custom-messages"
This commit is contained in:
Kim Burgestrand 2021-08-11 09:06:08 +02:00 committed by GitHub
commit 2823669370
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 1 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
README.md
View file

@ -544,46 +544,6 @@ en:
Of course, this is just an example. Pundit is agnostic as to how you implement
your error messaging.
## Multiple error messages per one policy action
If there are multiple reasons that authorization can be denied, you can show different messages by raising exceptions in your policy:
In your policy class raise `Pundit::NotAuthorizedError` with custom error message or I18n key in `reason` argument:
```ruby
class ProjectPolicy < ApplicationPolicy
def create?
if user.has_paid_subscription?
if user.project_limit_reached?
raise Pundit::NotAuthorizedError, reason: 'user.project_limit_reached'
else
true
end
else
raise Pundit::NotAuthorizedError, reason: 'user.paid_subscription_required'
end
end
end
```
Then you can get this error message in exception handler:
```ruby
rescue_from Pundit::NotAuthorizedError do |e|
message = e.reason ? I18n.t("pundit.errors.#{e.reason}") : e.message
flash[:error] = message, scope: "pundit", default: :default
redirect_to(request.referrer || root_path)
end
```
```yaml
en:
pundit:
errors:
user:
paid_subscription_required: 'Paid subscription is required'
project_limit_reached: 'Project limit is reached'
```
## Manually retrieving policies and scopes
Sometimes you want to retrieve a policy for a record outside the controller or

3
lib/pundit.rb
View file

@ -22,7 +22,7 @@ module Pundit
# Error that will be raised when authorization has failed
class NotAuthorizedError < Error
attr_reader :query, :record, :policy, :reason
attr_reader :query, :record, :policy
def initialize(options = {})
if options.is_a? String
@ -31,7 +31,6 @@ module Pundit
@query = options[:query]
@record = options[:record]
@policy = options[:policy]
@reason = options[:reason]
message = options.fetch(:message) { "not allowed to #{query} this #{record.class}" }
end