lib/authority.rb in authority-1.0.0.pre3 vs lib/authority.rb in authority-1.0.0.pre4

@@ -24,17 +24,16 @@
   end
 
   # @param [Symbol] action
   # @param [Model] resource instance
   # @param [User] user instance
-  # @raise [SecurityTransgression] if user is not allowed to perform action on resource
+  # @raise [SecurityViolation] if user is not allowed to perform action on resource
   # @return [Model] resource instance
   def self.enforce(action, resource, user)
     action_authorized = user.send("can_#{action}?", resource)
     unless action_authorized
-      message = "#{user} is not authorized to #{action} this resource: #{resource.inspect}"
-      raise SecurityTransgression.new(message)
+      raise SecurityViolation.new(user, action, resource)
     end
     resource
   end
 
   class << self
@@ -55,10 +54,20 @@
     require 'authority/abilities'
     require 'authority/authorizer'
     require 'authority/user_abilities'
   end
 
-  class SecurityTransgression < StandardError ; end
+  class SecurityViolation < StandardError
+    def initialize(user, action, resource)
+      @user = user
+      @action = action
+      @resource = resource
+    end
+
+    def message
+      "#{@user} is not authorized to #{@action} this resource: #{@resource}"
+    end
+  end
 
 end
 
 require 'authority/configuration'
 require 'authority/controller'