Verified Commit 68747ea4 authored by
Let Authorizer raise the error, name the method appropriately.
If we use exceptions for authorization failures, we should do it consistently also for code that checks authorization on its own (not through the controllers). This also paves the way to raise different exceptions (or provide different messages) for different authorization problems.
Showing with 26 additions and 14 deletions