From 0c9bb05f294bb336e31026ad2ce7e1dc39a175e6 Mon Sep 17 00:00:00 2001
From: Andreas Nedbal <git@pixelde.su>
Date: Fri, 18 Nov 2022 22:52:02 +0100
Subject: [PATCH] Return 403 by default for Pundit errors

---
 config/application.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/application.rb b/config/application.rb
index d62c8176..d14b74c7 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -26,6 +26,8 @@ module Justask
     config.i18n.fallbacks = [I18n.default_locale]
     config.i18n.enforce_available_locales = false
 
+    config.action_dispatch.rescue_responses["Pundit::NotAuthorizedError"] = :forbidden
+
     config.after_initialize do
       Dir.glob Rails.root.join('config/late_initializers/*.rb') do |f|
         require f