Put blank check into finder, so we get better errors everywhere

lib/pundit.rb

@@ -75,13 +75,6 @@ module Pundit
   def authorize(record, query=nil)
     query ||= params[:action].to_s + "?"
 
-    if record.blank?
-      raise NotAuthorizedError.new(
-        message: "cannot #{query} a blank object",
-        query: query
-      )
-    end
-
     @_pundit_policy_authorized = true
 
     policy = policy(record)

lib/pundit/policy_finder.rb

@@ -21,17 +21,21 @@ module Pundit
     end
 
     def scope!
-      scope or raise NotDefinedError, "unable to find scope #{find}::Scope for #{object}"
+      raise NotDefinedError, "unable to find policy scope of blank object `#{object.inspect}`" if object.blank?
+      scope or raise NotDefinedError, "unable to find scope `#{find}::Scope` for `#{object.inspect}`"
     end
 
     def policy!
-      policy or raise NotDefinedError, "unable to find policy #{find} for #{object}"
+      raise NotDefinedError, "unable to find policy of blank object `#{object.inspect}`" if object.blank?
+      policy or raise NotDefinedError, "unable to find policy `#{find}` for `#{object.inspect}`"
     end
 
   private
 
     def find
-      if object.respond_to?(:policy_class)
+      if object.blank?
+        nil
+      elsif object.respond_to?(:policy_class)
         object.policy_class
       elsif object.class.respond_to?(:policy_class)
         object.class.policy_class

spec/pundit_spec.rb

@@ -21,6 +21,10 @@ describe Pundit do
     it "returns nil if the given policy scope can't be found" do
       expect(Pundit.policy_scope(user, Article)).to be_nil
     end
+
+    it "returns nil if blank object given" do
+      expect(Pundit.policy_scope(user, nil)).to be_nil
+    end
   end
 
   describe ".policy_scope!" do
@@ -39,6 +43,10 @@ describe Pundit do
     it "throws an exception if the given policy scope can't be found" do
       expect { Pundit.policy_scope!(user, ArticleTag) }.to raise_error(Pundit::NotDefinedError)
     end
+
+    it "throws an exception if the given policy scope is nil" do
+      expect { Pundit.policy_scope!(user, nil) }.to raise_error(Pundit::NotDefinedError, "unable to find policy scope of blank object `nil`")
+    end
   end
 
   describe ".policy" do
@@ -71,6 +79,10 @@ describe Pundit do
       expect(Pundit.policy(user, Article)).to be_nil
     end
 
+    it "returns nil if the given policy is nil" do
+      expect(Pundit.policy(user, nil)).to be_nil
+    end
+
     describe "with .policy_class set on the model" do
       it "returns an instantiated policy given a plain model instance" do
         policy = Pundit.policy(user, artificial_blog)
@@ -155,6 +167,10 @@ describe Pundit do
       expect { Pundit.policy!(user, article) }.to raise_error(Pundit::NotDefinedError)
       expect { Pundit.policy!(user, Article) }.to raise_error(Pundit::NotDefinedError)
     end
+
+    it "throws an exception if the given policy is nil" do
+      expect { Pundit.policy!(user, nil) }.to raise_error(Pundit::NotDefinedError, "unable to find policy of blank object `nil`")
+    end
   end
 
   describe "#verify_authorized" do
@@ -206,16 +222,8 @@ describe Pundit do
       end
     end
 
-    it "raises an error when receives nil and never look for policy" do
-      expect(controller).to receive(:policy).with(nil).never
-
-      expect { controller.authorize(nil, :destroy?) }.to raise_error do |error|
-        expect(error).to be_kind_of(Pundit::NotAuthorizedError)
-
-        expect(error.query).to eq :destroy?
-
-        expect(error.message).to eq "cannot destroy? a blank object"
-      end
+    it "raises an error when the given record is nil" do
+      expect { controller.authorize(nil, :destroy?) }.to raise_error(Pundit::NotDefinedError)
     end
   end
 

spec/spec_helper.rb

@@ -90,3 +90,15 @@ class Controller
     @params = params
   end
 end
+
+class NilClassPolicy
+  class Scope
+    def initialize(*)
+      raise "I'm only here to be annoying!"
+    end
+  end
+
+  def initialize(*)
+    raise "I'm only here to be annoying!"
+  end
+end