app/controllers/locomotive/api/base_controller.rb in locomotive_cms-2.0.1 vs app/controllers/locomotive/api/base_controller.rb in locomotive_cms-2.0.2
- old
+ new
@@ -13,10 +13,12 @@
before_filter :set_locale
before_filter :set_current_thread_variables
+ rescue_from Exception, with: :render_access_denied
+
self.responder = Locomotive::ActionController::Responder # custom responder
respond_to :json, :xml
protected
@@ -37,9 +39,18 @@
def set_locale
::Mongoid::Fields::I18n.locale = params[:locale] || current_site.default_locale
::I18n.locale = ::Mongoid::Fields::I18n.locale
self.setup_i18n_fallbacks
+ end
+
+ def render_access_denied(exception)
+ status = (case exception
+ when ::CanCan::AccessDenied then 401
+ when ::Mongoid::Errors::DocumentNotFound then 404
+ else 500
+ end)
+ render json: { error: exception.message }, status: status, layout: false
end
def self.cancan_resource_class
Locomotive::Api::CanCan::ControllerResource
end