Forbidden reasons do not work with regular rules
See original GitHub issueBug Report
When a rule has condition object, it’s custom message is ignored.
const { AbilityBuilder, ForbiddenError } = require("@casl/ability")
class Post {
constructor(owner) {
this.owner = owner;
}
}
const ability = AbilityBuilder.define((can, cannot) => {
can('read', 'Post', { owner: 'user_id_1' }).because('Only owner');
});
try {
ForbiddenError.from(ability).throwUnlessCan('read', new Post('user_id_2'));
} catch (error) {
console.log(error.message) // "Cannot execute "read" on "Post""
}
Expected behavior
error.message
should be "Only owner"
but it is "Cannot execute "read" on "Post""
Environment
- node version: 12.15.0
- @casl/ability version: 3.4.0
- os: Ubuntu 18.04
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
What Is the 403 Forbidden Error and How to Fix It (8 Methods ...
Causes of 403 Forbidden Often, HTTP 403 forbidden errors are caused by an access misconfiguration on the client-side, which means you can usually...
Read more >3 Ways To Fix '403 Forbidden Request Forbidden By ...
To fix your WordPress file permissions, follow these steps: Step 1: Go to cPanel > File Manager, and open a folder called public_html....
Read more >How to Fix a 403 Forbidden Error on Your WordPress Site
The 403 Forbidden error means that your server is working, but you no longer have permission to view all or some of your...
Read more >403 Forbidden Error: What It Is and How to Fix It - Airbrake Blog
Check the Requested URL The most common cause of a 403 Forbidden Error is simply inputting an incorrect URL. As discussed before, many...
Read more >Prohibited Employment Policies/Practices
Under the laws enforced by EEOC, it is illegal to discriminate against someone (applicant or employee) because of that person's race, color, religion, ......
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
The example above can be used to implement desired behavior starting from
@casl/ability@4.1.0
After some thinking, I realized there is no sense to enumerate all reasons which are not met, you can just say “none of the expected checks are satisfied”. But if you very need this, you can implement it by defining custom
defaultErrorMessage
:error.ability
is currently a private property, I will expose it in the next release to be a public one