The AuthorizationException handled here can have an optionally set status code. By default this status is null, so the previous code to map this to 403 seems correct. But if I throw a (new AuthorizationException())->withStatus(401) I would expect the exception handler to respect this code.
The AuthorizationException handled here can have an optionally set status code. By default this status is
null
, so the previous code to map this to 403 seems correct. But if I throw a(new AuthorizationException())->withStatus(401)
I would expect the exception handler to respect this code.