Custom authorization messages when policy check fails

Hello, everyone. I apologize if this has been asked before, but I’m having a hard time finding anything on this subject.

I have the Authorization plugin loaded in my application, and it works fine, except for the messages the user gets back when they’re not authorized to do something. For example, only Site Admins are allowed to do anything with user accounts:

public function canAdd(IdentityInterface $user, User $resource)
    {
        // Site admins can add users
        $session = Router::getRequest()->getSession();
        $groups = $session->read('groups');
        return in_array('site_admin', $groups);
    }    

Calling $this->Authorization->authorize($user) in UsersController works, but how can I customize the error message an unauthorized user sees and redirect them somewhere else? There doesn’t seem to be an obvious way to do this.

I normally just redirect to a friendly page I up set up with an explanation.

Or you could create a modal, with a message.

Several ways to achieve this.

Me I’d rather redirect to somewhere else.

This is what im trying to do but cannot find a way of making it work.