# File lib/puppet/network/rights.rb, line 32
32:   def is_request_forbidden_and_why?(request)
33:     methods_to_check = if request.method == :head
34:                          # :head is ok if either :find or :save is ok.
35:                          [:find, :save]
36:                        else
37:                          [request.method]
38:                        end
39:     authorization_failure_exceptions = methods_to_check.map do |method|
40:       is_forbidden_and_why?("/#{request.indirection_name}/#{request.key}",
41:                             :node => request.node,
42:                             :ip => request.ip,
43:                             :method => method,
44:                             :environment => request.environment,
45:                             :authenticated => request.authenticated)
46:     end
47:     if authorization_failure_exceptions.include? nil
48:       # One of the methods we checked is ok, therefore this request is ok.
49:       nil
50:     else
51:       # Just need to return any of the failure exceptions.
52:       authorization_failure_exceptions.first
53:     end
54:   end