diff --git a/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb b/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
index 3db7525d58..16a830d336 100644
--- a/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
+++ b/engines/dfc_provider/app/controllers/dfc_provider/application_controller.rb
@@ -8,6 +8,7 @@ module DfcProvider
     protect_from_forgery with: :null_session
 
     rescue_from ActiveRecord::RecordNotFound, with: :not_found
+    rescue_from CanCan::AccessDenied, with: :unauthorized
 
     before_action :check_authorization
 
@@ -16,7 +17,7 @@ module DfcProvider
     private
 
     def check_authorization
-      head :unauthorized if current_user.nil?
+      unauthorized if current_user.nil?
     end
 
     def check_enterprise
@@ -50,5 +51,13 @@ module DfcProvider
     def not_found
       head :not_found
     end
+
+    def unauthorized
+      head :unauthorized
+    end
+
+    def current_ability
+      @current_ability ||= Spree::Ability.new(current_user)
+    end
   end
 end