+ def current_ability
+ Ability.new(current_user).merge(granted_capability)
+ end
+
+ def granted_capability
+ Capability.new(current_user, current_token)
+ end
+
+ def deny_access(_exception)
+ if current_token
+ set_locale
+ report_error t("oauth.permissions.missing"), :forbidden
+ elsif current_user
+ set_locale
+ report_error t("application.permission_denied"), :forbidden
+ elsif request.get?
+ redirect_to :controller => "users", :action => "login", :referer => request.fullpath
+ else
+ head :forbidden
+ end
+ end
+