kotovalexarian-likes-github/varvet--pundit
1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00
Code Releases Activity

Raise more description exception for verify_policy_scoped

Browse source 
* The AuthorizationNotPerformedError is very descriptive of the
  situation when authorization is forgotten. In the case of no
  scoping, it can be a head scratcher.
* This new error type is implemented as a subclass of the current error
  type to prevent regressions in existing code. While this is not ideal,
  it is the simplest solution I could come up with for compatibility.
This commit is contained in:
Jay Hayes 2014-07-07 20:50:22 -05:00
parent 509be500c3
commit 2f20c58484
2 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/pundit.rb
View file

@ -11,6 +11,7 @@ module Pundit
attr_accessor :query, :record, :policy
end
class AuthorizationNotPerformedError < StandardError; end
class PolicyScopingNotPerformedError < AuthorizationNotPerformedError; end
class NotDefinedError < StandardError; end
extend ActiveSupport::Concern
@ -58,7 +59,7 @@ module Pundit
end
def verify_policy_scoped
raise AuthorizationNotPerformedError unless @_policy_scoped
raise PolicyScopingNotPerformedError unless @_policy_scoped
end
def authorize(record, query=nil)

2
spec/pundit_spec.rb
View file

@ -148,7 +148,7 @@ describe Pundit do
end
it "raises an exception when policy_scope is not used" do
expect { controller.verify_policy_scoped }.to raise_error(Pundit::AuthorizationNotPerformedError)
expect { controller.verify_policy_scoped }.to raise_error(Pundit::PolicyScopingNotPerformedError)
end
end