- def deny_access(exception)
- if current_user
- raise "Access denied on #{exception.action} #{exception.subject.inspect}"
- # ...
+ def granted_capability
+ Capability.new(current_user, current_token)
+ end
+
+ def deny_access(_exception)
+ if current_token
+ set_locale
+ report_error t("oauth.permissions.missing"), :forbidden
+ elsif current_user
+ set_locale
+ report_error t("application.permission_denied"), :forbidden
+ elsif request.get?
+ redirect_to :controller => "users", :action => "login", :referer => request.fullpath