mirror of
https://github.com/varvet/pundit.git
synced 2022-11-09 12:30:11 -05:00
Raise more description exception for verify_policy_scoped
* The AuthorizationNotPerformedError is very descriptive of the situation when authorization is forgotten. In the case of no scoping, it can be a head scratcher. * This new error type is implemented as a subclass of the current error type to prevent regressions in existing code. While this is not ideal, it is the simplest solution I could come up with for compatibility.
This commit is contained in:
parent
509be500c3
commit
2f20c58484
2 changed files with 3 additions and 2 deletions
|
@ -11,6 +11,7 @@ module Pundit
|
||||||
attr_accessor :query, :record, :policy
|
attr_accessor :query, :record, :policy
|
||||||
end
|
end
|
||||||
class AuthorizationNotPerformedError < StandardError; end
|
class AuthorizationNotPerformedError < StandardError; end
|
||||||
|
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
|
||||||
class NotDefinedError < StandardError; end
|
class NotDefinedError < StandardError; end
|
||||||
|
|
||||||
extend ActiveSupport::Concern
|
extend ActiveSupport::Concern
|
||||||
|
@ -58,7 +59,7 @@ module Pundit
|
||||||
end
|
end
|
||||||
|
|
||||||
def verify_policy_scoped
|
def verify_policy_scoped
|
||||||
raise AuthorizationNotPerformedError unless @_policy_scoped
|
raise PolicyScopingNotPerformedError unless @_policy_scoped
|
||||||
end
|
end
|
||||||
|
|
||||||
def authorize(record, query=nil)
|
def authorize(record, query=nil)
|
||||||
|
|
|
@ -148,7 +148,7 @@ describe Pundit do
|
||||||
end
|
end
|
||||||
|
|
||||||
it "raises an exception when policy_scope is not used" do
|
it "raises an exception when policy_scope is not used" do
|
||||||
expect { controller.verify_policy_scoped }.to raise_error(Pundit::AuthorizationNotPerformedError)
|
expect { controller.verify_policy_scoped }.to raise_error(Pundit::PolicyScopingNotPerformedError)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue