kotovalexarian-likes-github/varvet--pundit
1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00
Code Releases Activity

return a safer NotAuthorizedError message

Browse source
This commit is contained in:
Brendan Thomas 2019-03-04 16:38:26 -05:00
parent 74ea5fac6d
commit b0cf1a5642
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/pundit.rb
View file

@ -30,7 +30,7 @@ module Pundit
@record = options[:record] @record = options[:record]
@policy = options[:policy] @policy = options[:policy]
message = options.fetch(:message) { "not allowed to #{query} this #{record.inspect}" } message = options.fetch(:message) { "not allowed to #{query} this #{record.class}" }
end end
super(message) super(message)

2
spec/pundit_spec.rb
View file

@ -36,7 +36,7 @@ describe Pundit do
# rubocop:disable Style/MultilineBlockChain # rubocop:disable Style/MultilineBlockChain
expect do expect do
Pundit.authorize(user, post, :destroy?) Pundit.authorize(user, post, :destroy?)
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this #<Post>") do |error| end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this Post") do |error|
expect(error.query).to eq :destroy? expect(error.query).to eq :destroy?
expect(error.record).to eq post expect(error.record).to eq post
expect(error.policy).to eq Pundit.policy(user, post) expect(error.policy).to eq Pundit.policy(user, post)