1
0
Fork 0
mirror of https://github.com/varvet/pundit.git synced 2022-11-09 12:30:11 -05:00

Merge pull request #583 from brendanthomas1/return-safer-not-authorized-message

return a safer default NotAuthorizedError message
This commit is contained in:
Linus Marton 2019-04-17 10:53:33 +02:00 committed by GitHub
commit bd188470f9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View file

@ -30,7 +30,7 @@ module Pundit
@record = options[:record] @record = options[:record]
@policy = options[:policy] @policy = options[:policy]
message = options.fetch(:message) { "not allowed to #{query} this #{record.inspect}" } message = options.fetch(:message) { "not allowed to #{query} this #{record.class}" }
end end
super(message) super(message)

View file

@ -36,7 +36,7 @@ describe Pundit do
# rubocop:disable Style/MultilineBlockChain # rubocop:disable Style/MultilineBlockChain
expect do expect do
Pundit.authorize(user, post, :destroy?) Pundit.authorize(user, post, :destroy?)
end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this #<Post>") do |error| end.to raise_error(Pundit::NotAuthorizedError, "not allowed to destroy? this Post") do |error|
expect(error.query).to eq :destroy? expect(error.query).to eq :destroy?
expect(error.record).to eq post expect(error.record).to eq post
expect(error.policy).to eq Pundit.policy(user, post) expect(error.policy).to eq Pundit.policy(user, post)