如何从我的ability.rb中指定自定义异常消息？

Question

In my ability.rb , I have the following rule:

elsif user.has_role? :demo
  can :read, Profile, demo_featured: true, demo_linked: true, message: "To access this profile, please subscribe here."

But that doesn't produce the message I want.

How do I get this specific rule to produce the message I want?

Edit 1

Here is the full ability.rb if condition:

  def initialize(user)
    user ||= User.new # guest user (not logged in)
    alias_action :create, :show, :new, :destroy, to: :csnd

    if user.has_role? :admin
      can :manage, :all
    elsif user.has_role? :coach
      # do some stuff
    elsif user.has_role? :demo
      can :read, Profile, demo_featured: true, demo_linked: true
    elsif user.has_role? :player
      # can do some stuff
    else
      can :read, Profile
    end    
  end

These are some bits from my ProfilesController :

  before_action :set_profile, only: [:show, :edit, :update, :destroy, :invite_user, :profiles]

    def set_profile
      @profile = Profile.published.includes(:grades, :positions, :achievements, :videos, :transcripts).friendly.find(params[:id])
    end

Answer 1

This is what you are looking for:

https://github.com/CanCanCommunity/cancancan/wiki/Exception-Handling

Answer 2

The cancan docs give examples of customizing the message when you authorize! in the controller, and when you manually raise an error, but there doesn't seem to be any mechanism for specifying messages in ability.rb .

Instead, you could catch and modify it in your ApplicationController :

class ApplicationController < ActionController::Base
  rescue_from CanCan::AccessDenied do |exception|
    if current_user.has_role? :demo
      redirect_to :back, :alert => "To access this profile, please subscribe here."
    end
    # render 403, etc.
  end
end

Answer 3

Look for rescue_from CanCan::AccessDenied in your main application controller or in your specific controller. It should do something like redirecting to a login page. In my case it's something like this:

rescue_from CanCan::AccessDenied do ||
  redirect_to new_user_session_path
end

Since you're producing a different exception message and then displaying it it'd probably be like this, using the flash:

rescue_from CanCan::AccessDenied do |exception|
  flash[:notice] = exception.message
  redirect_to new_user_session_path
end

Your own logic may vary depending on how you want to handle when the user doesn't have access. It's possible you may even have it setup in a per-controller basis, but this should be the gist of it.