renaming AccessDenied exception to Unauthorized

README.rdoc

@@ -66,10 +66,10 @@ See {Authorizing Controller Actions}[https://github.com/ryanb/cancan/wiki/author
 
 === 3. Handle Unauthorized Access
 
-If the user authorization fails, a <tt>CanCan::AccessDenied</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
+If the user authorization fails, a <tt>CanCan::Unauthorized</tt> exception will be raised. You can catch this and modify its behavior in the +ApplicationController+.
 
   class ApplicationController < ActionController::Base
-    rescue_from CanCan::AccessDenied do |exception|
+    rescue_from CanCan::Unauthorized do |exception|
       redirect_to root_url, :alert => exception.message
     end
   end

lib/cancan/ability.rb

@@ -219,7 +219,7 @@ module CanCan
       attribute = args.first
       if cannot?(action, subject, *args)
         message ||= unauthorized_message(action, subject)
-        raise AccessDenied.new(message, action, subject)
+        raise Unauthorized.new(message, action, subject)
       elsif sufficient_attribute_check?(action, subject, attribute) && sufficient_condition_check?(action, subject)
         fully_authorized!(action, subject)
       end

lib/cancan/controller_additions.rb

@@ -292,7 +292,7 @@ module CanCan
       base.helper_method :can?, :cannot?
     end
 
-    # Raises a CanCan::AccessDenied exception if the current_ability cannot
+    # Raises a CanCan::Unauthorized exception if the current_ability cannot
     # perform the given action. This is usually called in a controller action or
     # before filter to perform the authorization.
     #
@@ -319,12 +319,12 @@ module CanCan
     # access is displayed to the user.
     #
     #   class ApplicationController < ActionController::Base
-    #     rescue_from CanCan::AccessDenied do |exception|
+    #     rescue_from CanCan::Unauthorized do |exception|
     #       redirect_to root_url, :alert => exception.message
     #     end
     #   end
     #
-    # See the CanCan::AccessDenied exception for more details on working with the exception.
+    # See the CanCan::Unauthorized exception for more details on working with the exception.
     #
     # See the load_and_authorize_resource method to automatically add the authorize! behavior
     # to the default RESTful actions.

lib/cancan/controller_resource.rb

@@ -163,7 +163,7 @@ module CanCan
         elsif @options[:shallow]
           resource_class
         else
-          raise AccessDenied # maybe this should be a record not found error instead?
+          raise Unauthorized # maybe this should be a record not found error instead?
         end
       else
         resource_class

lib/cancan/exceptions.rb

@@ -18,7 +18,7 @@ module CanCan
   # This usually happens within a call to ControllerAdditions#authorize! but can be
   # raised manually.
   #
-  #   raise CanCan::AccessDenied.new("Not authorized!", :read, Article)
+  #   raise CanCan::Unauthorized.new("Not authorized!", :read, Article)
   #
   # The passed message, action, and subject are optional and can later be retrieved when
   # rescuing from the exception.
@@ -33,9 +33,9 @@ module CanCan
   #   exception.default_message = "Default error message"
   #   exception.message # => "Default error message"
   #
-  # See ControllerAdditions#authorized! for more information on rescuing from this exception
+  # See ControllerAdditions#authorize! for more information on rescuing from this exception
   # and customizing the message using I18n.
-  class AccessDenied < Error
+  class Unauthorized < Error
     attr_reader :action, :subject
     attr_writer :default_message
 

spec/cancan/ability_spec.rb

@@ -277,6 +277,8 @@ describe CanCan::Ability do
     @ability.should_not be_fully_authorized(:update, :users)
     @ability.authorize! :create, :users
     @ability.should_not be_fully_authorized(:create, :users)
+    @ability.authorize! :create, :users, :name
+    @ability.should be_fully_authorized(:create, :users)
     @ability.authorize! :destroy, :users
     @ability.should be_fully_authorized(:destroy, :users)
   end
@@ -347,15 +349,15 @@ describe CanCan::Ability do
 
   # Unauthorized Exception
 
-  it "raises CanCan::AccessDenied when calling authorize! on unauthorized action" do
+  it "raises CanCan::Unauthorized when calling authorize! on unauthorized action" do
     begin
       @ability.authorize! :read, :books, :message => "Access denied!"
-    rescue CanCan::AccessDenied => e
+    rescue CanCan::Unauthorized => e
       e.message.should == "Access denied!"
       e.action.should == :read
       e.subject.should == :books
     else
-      fail "Expected CanCan::AccessDenied exception to be raised"
+      fail "Expected CanCan::Unauthorized exception to be raised"
     end
   end
 
@@ -385,11 +387,11 @@ describe CanCan::Ability do
   it "should raise access denied exception with default message if not specified" do
     begin
       @ability.authorize! :read, :books
-    rescue CanCan::AccessDenied => e
+    rescue CanCan::Unauthorized => e
       e.default_message = "Access denied!"
       e.message.should == "Access denied!"
     else
-      fail "Expected CanCan::AccessDenied exception to be raised"
+      fail "Expected CanCan::Unauthorized exception to be raised"
     end
   end
 

spec/cancan/controller_resource_spec.rb

@@ -96,32 +96,32 @@ describe CanCan::ControllerResource do
   it "should not authorize single resource in collection action" do
     @params[:action] = "index"
     @controller.instance_variable_set(:@project, :some_project)
-    stub(@controller).authorize!(:index, :projects) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:index, :projects) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should authorize parent resource in collection action" do
     @params[:action] = "index"
     @controller.instance_variable_set(:@category, :some_category)
-    stub(@controller).authorize!(:show, :some_category) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, :some_category) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller, :category, :parent => true)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should perform authorization using controller action and loaded model" do
     @params.merge!(:action => "show", :id => 123)
     @controller.instance_variable_set(:@project, :some_project)
-    stub(@controller).authorize!(:show, :some_project) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, :some_project) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should perform authorization using controller action and non loaded model" do
     @params.merge!(:action => "show", :id => 123)
-    stub(@controller).authorize!(:show, :projects) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, :projects) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should call load_resource and authorize_resource for load_and_authorize_resource" do
@@ -229,13 +229,13 @@ describe CanCan::ControllerResource do
     @controller.instance_variable_get(:@project).should == project
   end
 
-  it "should raise AccessDenied when attempting to load resource through nil" do
+  it "should raise Unauthorized when attempting to load resource through nil" do
     project = Project.create!
     @params.merge!(:action => "show", :id => project.id)
     resource = CanCan::ControllerResource.new(@controller, :through => :category)
     lambda {
       resource.load_resource
-    }.should raise_error(CanCan::AccessDenied)
+    }.should raise_error(CanCan::Unauthorized)
     @controller.instance_variable_get(:@project).should be_nil
   end
 
@@ -243,9 +243,9 @@ describe CanCan::ControllerResource do
     @params.merge!(:action => "index")
     category = Object.new
     @controller.instance_variable_set(:@category, category)
-    stub(@controller).authorize!(:index, category => :projects) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:index, category => :projects) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller, :through => :category)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should load through first matching if multiple are given" do
@@ -296,9 +296,9 @@ describe CanCan::ControllerResource do
   it "should only authorize :show action on parent resource" do
     project = Project.create!
     @params.merge!(:action => "new", :project_id => project.id)
-    stub(@controller).authorize!(:show, project) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, project) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller, :project, :parent => true)
-    lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should load the model using a custom class" do
@@ -311,17 +311,17 @@ describe CanCan::ControllerResource do
 
   it "should authorize based on resource name if class is false" do
     @params.merge!(:action => "show", :id => 123)
-    stub(@controller).authorize!(:show, :projects) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, :projects) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller, :class => false)
-    lambda { resource.authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.authorize_resource }.should raise_error(CanCan::Unauthorized)
   end
 
   it "should load and authorize using custom instance name" do
     project = Project.create!
     @params.merge!(:action => "show", :id => project.id)
-    stub(@controller).authorize!(:show, project) { raise CanCan::AccessDenied }
+    stub(@controller).authorize!(:show, project) { raise CanCan::Unauthorized }
     resource = CanCan::ControllerResource.new(@controller, :instance_name => :custom_project)
-    lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::AccessDenied)
+    lambda { resource.load_and_authorize_resource }.should raise_error(CanCan::Unauthorized)
     @controller.instance_variable_get(:@custom_project).should == project
   end
 

spec/cancan/exceptions_spec.rb

@@ -1,9 +1,9 @@
 require "spec_helper"
 
-describe CanCan::AccessDenied do
+describe CanCan::Unauthorized do
   describe "with action and subject" do
     before(:each) do
-      @exception = CanCan::AccessDenied.new(nil, :some_action, :some_subject)
+      @exception = CanCan::Unauthorized.new(nil, :some_action, :some_subject)
     end
 
     it "should have action and subject accessors" do
@@ -20,7 +20,7 @@ describe CanCan::AccessDenied do
 
   describe "with only a message" do
     before(:each) do
-      @exception = CanCan::AccessDenied.new("Access denied!")
+      @exception = CanCan::Unauthorized.new("Access denied!")
     end
 
     it "should have nil action and subject" do