Add reason to Pundit::NotAuthorizedError

README.md

@@ -538,6 +538,37 @@ en:
 Of course, this is just an example. Pundit is agnostic as to how you implement
 your error messaging.
 
+## Deep error messages customisation
+
+If you have different authorization deny reasons you want to inform user with descriptive message then:
+
+In your policy class raise `Pundit::NotAuthorizedError` with custom error message or I18n key in `reason` argument:
+
+```ruby
+class ProjectPolicy < ApplicationPolicy
+  def create?
+    if user.has_paid_subscription?
+      if user.project_limit_reached?
+        raise Pundit::NotAuthorizedError, reason: 'user.project_limit_reached'
+      else
+        true
+      end
+    else
+      raise Pundit::NotAuthorizedError, reason: 'user.paid_subscription_required'
+    end
+  end
+end
+```
+
+Then you can get this error message in exception handler:
+```ruby
+rescue_from Pundit::NotAuthorizedError do |e|
+  message = e.reason ? I18n.t("errors.#{e.reason}") : e.message
+  flash[:error] = message, scope: "pundit", default: :default
+  redirect_to(request.referrer || root_path)
+end
+```
+
 ## Manually retrieving policies and scopes
 
 Sometimes you want to retrieve a policy for a record outside the controller or

lib/pundit.rb

@@ -22,7 +22,7 @@ module Generators; end
 
   # Error that will be raised when authorization has failed
   class NotAuthorizedError < Error
-    attr_reader :query, :record, :policy
+    attr_reader :query, :record, :policy, :reason
 
     def initialize(options = {})
       if options.is_a? String
@@ -31,6 +31,7 @@ def initialize(options = {})
         @query  = options[:query]
         @record = options[:record]
         @policy = options[:policy]
+        @reason = options[:reason]
 
         message = options.fetch(:message) { "not allowed to #{query} this #{record.class}" }
       end