pundit.rb in pundit-0.2.3

- old
+ new

@@ -3,11 +3,14 @@
 require "active_support/concern"
 require "active_support/core_ext/string/inflections"
 require "active_support/core_ext/object/blank"
 
 module Pundit
-  class NotAuthorizedError < StandardError; end
+  class NotAuthorizedError < StandardError
+    attr_accessor :query, :record, :policy
+  end
+  class AuthorizationNotPerformedError < StandardError; end
   class NotDefinedError < StandardError; end
 
   extend ActiveSupport::Concern
 
   class << self
@@ -35,30 +38,40 @@
       helper_method :policy_scope
       helper_method :policy
       helper_method :pundit_user
     end
     if respond_to?(:hide_action)
+      hide_action :policy_scope
+      hide_action :policy_scope=
+      hide_action :policy
+      hide_action :policy=
       hide_action :authorize
       hide_action :verify_authorized
       hide_action :verify_policy_scoped
       hide_action :pundit_user
     end
   end
 
   def verify_authorized
-    raise NotAuthorizedError unless @_policy_authorized
+    raise AuthorizationNotPerformedError unless @_policy_authorized
   end
 
   def verify_policy_scoped
-    raise NotAuthorizedError unless @_policy_scoped
+    raise AuthorizationNotPerformedError unless @_policy_scoped
   end
 
   def authorize(record, query=nil)
     query ||= params[:action].to_s + "?"
     @_policy_authorized = true
-    unless policy(record).public_send(query)
-      raise NotAuthorizedError, "not allowed to #{query} this #{record}"
+
+    policy = policy(record)
+    unless policy.public_send(query)
+      error = NotAuthorizedError.new("not allowed to #{query} this #{record}")
+      error.query, error.record, error.policy = query, record, policy
+
+      raise error
     end
+
     true
   end
 
   def policy_scope(scope)
     @_policy_scoped = true