renaming AccessDenied exception to Unauthorized
This commit is contained in:
parent
bcac159b3e
commit
cf2896f011
|
@ -66,10 +66,10 @@ See {Authorizing Controller Actions}[https://github.com/ryanb/cancan/wiki/author
|
|||
|
||||
=== 3. Handle Unauthorized Access
|
||||
|
||||
If the user authorization fails, a <tt>CanCan::AccessDenied</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
|
||||
If the user authorization fails, a <tt>CanCan::Unauthorized</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
|
||||
|
||||
class ApplicationController < ActionController::Base
|
||||
rescue_from CanCan::AccessDenied do |exception|
|
||||
rescue_from CanCan::Unauthorized do |exception|
|
||||
redirect_to root_url, :alert => exception.message
|
||||
end
|
||||
end
|
||||
|
|
|
@ -219,7 +219,7 @@ module CanCan
|
|||
attribute = args.first
|
||||
if cannot?(action, subject, *args)
|
||||
message ||= unauthorized_message(action, subject)
|
||||
raise AccessDenied.new(message, action, subject)
|
||||
raise Unauthorized.new(message, action, subject)
|
||||
elsif sufficient_attribute_check?(action, subject, attribute) && sufficient_condition_check?(action, subject)
|
||||
fully_authorized!(action, subject)
|
||||
end
|
||||
|
|
|
@ -292,7 +292,7 @@ module CanCan
|
|||
base.helper_method :can?, :cannot?
|
||||
end
|
||||
|
||||
# Raises a CanCan::AccessDenied exception if the current_ability cannot
|
||||
# Raises a CanCan::Unauthorized exception if the current_ability cannot
|
||||
# perform the given action. This is usually called in a controller action or
|
||||
# before filter to perform the authorization.
|
||||
#
|
||||
|
@ -319,12 +319,12 @@ module CanCan
|
|||
# access is displayed to the user.
|
||||
#
|
||||
# class ApplicationController < ActionController::Base
|
||||
# rescue_from CanCan::AccessDenied do |exception|
|
||||
# rescue_from CanCan::Unauthorized do |exception|
|
||||
# redirect_to root_url, :alert => exception.message
|
||||
# end
|
||||
# end
|
||||
#
|
||||
# See the CanCan::AccessDenied exception for more details on working with the exception.
|
||||
# See the CanCan::Unauthorized exception for more details on working with the exception.
|
||||
#
|
||||
# See the load_and_authorize_resource method to automatically add the authorize! behavior
|
||||
# to the default RESTful actions.
|
||||
|
|
|
@ -163,7 +163,7 @@ module CanCan
|
|||
elsif @options[:shallow]
|
||||
resource_class
|
||||
else
|
||||
raise AccessDenied # maybe this should be a record not found error instead?
|
||||
raise Unauthorized # maybe this should be a record not found error instead?
|
||||
end
|
||||
else
|
||||
resource_class
|
||||
|
|
|
@ -18,7 +18,7 @@ module CanCan
|
|||
# This usually happens within a call to ControllerAdditions#authorize! but can be
|
||||
# raised manually.
|
||||
#
|
||||
# raise CanCan::AccessDenied.new("Not authorized!", :read, Article)
|
||||
# raise CanCan::Unauthorized.new("Not authorized!", :read, Article)
|
||||
#
|
||||
# The passed message, action, and subject are optional and can later be retrieved when
|
||||
# rescuing from the exception.
|
||||
|
@ -33,9 +33,9 @@ module CanCan
|
|||
# exception.default_message = "Default error message"
|
||||
# exception.message # => "Default error message"
|
||||
#
|
||||
# See ControllerAdditions#authorized! for more information on rescuing from this exception
|
||||
# See ControllerAdditions#authorize! for more information on rescuing from this exception
|
||||
# and customizing the message using I18n.
|
||||
class AccessDenied < Error
|
||||
class Unauthorized < Error
|
||||
attr_reader :action, :subject
|
||||
attr_writer :default_message
|
||||
|
||||
|
|
|
@ -277,6 +277,8 @@ describe CanCan::Ability do
|
|||
@ability.should_not be_fully_authorized(:update, :users)
|
||||
@ability.authorize! :create, :users
|
||||
@ability.should_not be_fully_authorized(:create, :users)
|
||||
@ability.authorize! :create, :users, :name
|
||||
@ability.should be_fully_authorized(:create, :users)
|
||||
@ability.authorize! :destroy, :users
|
||||
@ability.should be_fully_authorized(:destroy, :users)
|
||||
end
|
||||
|
@ -347,15 +349,15 @@ describe CanCan::Ability do
|
|||
|
||||
# Unauthorized Exception
|
||||
|
||||
it "raises CanCan::AccessDenied when calling authorize! on unauthorized action" do
|
||||
it "raises CanCan::Unauthorized when calling authorize! on unauthorized action" do
|
||||
begin
|
||||
@ability.authorize! :read, :books, :message => "Access denied!"
|
||||
rescue CanCan::AccessDenied => e
|
||||
rescue CanCan::Unauthorized => e
|
||||
e.message.should == "Access denied!"
|
||||
e.action.should == :read
|
||||
e.subject.should == :books
|
||||
else
|
||||
fail "Expected CanCan::AccessDenied exception to be raised"
|
||||
fail "Expected CanCan::Unauthorized exception to be raised"
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -385,11 +387,11 @@ describe CanCan::Ability do
|
|||
it "should raise access denied exception with default message if not specified" do
|
||||
begin
|
||||
@ability.authorize! :read, :books
|
||||
rescue CanCan::AccessDenied => e
|
||||
rescue CanCan::Unauthorized => e
|
||||
e.default_message = "Access denied!"
|
||||
e.message.should == "Access denied!"
|
||||
else
|
||||
fail "Expected CanCan::AccessDenied exception to be raised"
|
||||
fail "Expected CanCan::Unauthorized exception to be raised"
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -96,32 +96,32 @@ describe CanCan::ControllerResource do
|
|||
it "should not authorize single resource in collection action" do
|
||||
@params[:action] = "index"
|
||||
@controller.instance_variable_set(:@project, :some_project)
|
||||
stub(@controller).authorize!(:index, :projects) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:index, :projects) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should authorize parent resource in collection action" do
|
||||
@params[:action] = "index"
|
||||
@controller.instance_variable_set(:@category, :some_category)
|
||||
stub(@controller).authorize!(:show, :some_category) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, :some_category) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller, :category, :parent => true)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should perform authorization using controller action and loaded model" do
|
||||
@params.merge!(:action => "show", :id => 123)
|
||||
@controller.instance_variable_set(:@project, :some_project)
|
||||
stub(@controller).authorize!(:show, :some_project) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, :some_project) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should perform authorization using controller action and non loaded model" do
|
||||
@params.merge!(:action => "show", :id => 123)
|
||||
stub(@controller).authorize!(:show, :projects) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, :projects) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should call load_resource and authorize_resource for load_and_authorize_resource" do
|
||||
|
@ -229,13 +229,13 @@ describe CanCan::ControllerResource do
|
|||
@controller.instance_variable_get(:@project).should == project
|
||||
end
|
||||
|
||||
it "should raise AccessDenied when attempting to load resource through nil" do
|
||||
it "should raise Unauthorized when attempting to load resource through nil" do
|
||||
project = Project.create!
|
||||
@params.merge!(:action => "show", :id => project.id)
|
||||
resource = CanCan::ControllerResource.new(@controller, :through => :category)
|
||||
lambda {
|
||||
resource.load_resource
|
||||
}.should raise_error(CanCan::AccessDenied)
|
||||
}.should raise_error(CanCan::Unauthorized)
|
||||
@controller.instance_variable_get(:@project).should be_nil
|
||||
end
|
||||
|
||||
|
@ -243,9 +243,9 @@ describe CanCan::ControllerResource do
|
|||
@params.merge!(:action => "index")
|
||||
category = Object.new
|
||||
@controller.instance_variable_set(:@category, category)
|
||||
stub(@controller).authorize!(:index, category => :projects) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:index, category => :projects) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller, :through => :category)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should load through first matching if multiple are given" do
|
||||
|
@ -296,9 +296,9 @@ describe CanCan::ControllerResource do
|
|||
it "should only authorize :show action on parent resource" do
|
||||
project = Project.create!
|
||||
@params.merge!(:action => "new", :project_id => project.id)
|
||||
stub(@controller).authorize!(:show, project) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, project) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller, :project, :parent => true)
|
||||
lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should load the model using a custom class" do
|
||||
|
@ -311,17 +311,17 @@ describe CanCan::ControllerResource do
|
|||
|
||||
it "should authorize based on resource name if class is false" do
|
||||
@params.merge!(:action => "show", :id => 123)
|
||||
stub(@controller).authorize!(:show, :projects) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, :projects) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller, :class => false)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
end
|
||||
|
||||
it "should load and authorize using custom instance name" do
|
||||
project = Project.create!
|
||||
@params.merge!(:action => "show", :id => project.id)
|
||||
stub(@controller).authorize!(:show, project) { raise CanCan::AccessDenied }
|
||||
stub(@controller).authorize!(:show, project) { raise CanCan::Unauthorized }
|
||||
resource = CanCan::ControllerResource.new(@controller, :instance_name => :custom_project)
|
||||
lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied)
|
||||
lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::Unauthorized)
|
||||
@controller.instance_variable_get(:@custom_project).should == project
|
||||
end
|
||||
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
require "spec_helper"
|
||||
|
||||
describe CanCan::AccessDenied do
|
||||
describe CanCan::Unauthorized do
|
||||
describe "with action and subject" do
|
||||
before(:each) do
|
||||
@exception = CanCan::AccessDenied.new(nil, :some_action, :some_subject)
|
||||
@exception = CanCan::Unauthorized.new(nil, :some_action, :some_subject)
|
||||
end
|
||||
|
||||
it "should have action and subject accessors" do
|
||||
|
@ -20,7 +20,7 @@ describe CanCan::AccessDenied do
|
|||
|
||||
describe "with only a message" do
|
||||
before(:each) do
|
||||
@exception = CanCan::AccessDenied.new("Access denied!")
|
||||
@exception = CanCan::Unauthorized.new("Access denied!")
|
||||
end
|
||||
|
||||
it "should have nil action and subject" do
|
||||
|
|
Loading…
Reference in New Issue
Block a user