Hello, everyone. I apologize if this has been asked before, but I’m having a hard time finding anything on this subject.
I have the Authorization plugin loaded in my application, and it works fine, except for the messages the user gets back when they’re not authorized to do something. For example, only Site Admins are allowed to do anything with user accounts:
public function canAdd(IdentityInterface $user, User $resource)
{
// Site admins can add users
$session = Router::getRequest()->getSession();
$groups = $session->read('groups');
return in_array('site_admin', $groups);
}
Calling $this->Authorization->authorize($user) in UsersController works, but how can I customize the error message an unauthorized user sees and redirect them somewhere else? There doesn’t seem to be an obvious way to do this.