1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00

Raise more description exception for verify_policy_scoped

* The AuthorizationNotPerformedError is very descriptive of the
  situation when authorization is forgotten. In the case of no
  scoping, it can be a head scratcher.
* This new error type is implemented as a subclass of the current error
  type to prevent regressions in existing code. While this is not ideal,
  it is the simplest solution I could come up with for compatibility.
This commit is contained in:
Jay Hayes 2014-07-07 20:50:22 -05:00
parent 509be500c3
commit 2f20c58484
2 changed files with 3 additions and 2 deletions

View file

@ -11,6 +11,7 @@ module Pundit
attr_accessor :query, :record, :policy attr_accessor :query, :record, :policy
end end
class AuthorizationNotPerformedError < StandardError; end class AuthorizationNotPerformedError < StandardError; end
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
class NotDefinedError < StandardError; end class NotDefinedError < StandardError; end
extend ActiveSupport::Concern extend ActiveSupport::Concern
@ -58,7 +59,7 @@ module Pundit
end end
def verify_policy_scoped def verify_policy_scoped
raise AuthorizationNotPerformedError unless @_policy_scoped raise PolicyScopingNotPerformedError unless @_policy_scoped
end end
def authorize(record, query=nil) def authorize(record, query=nil)

View file

@ -148,7 +148,7 @@ describe Pundit do
end end
it "raises an exception when policy_scope is not used" do it "raises an exception when policy_scope is not used" do
expect { controller.verify_policy_scoped }.to raise_error(Pundit::AuthorizationNotPerformedError) expect { controller.verify_policy_scoped }.to raise_error(Pundit::PolicyScopingNotPerformedError)
end end
end end