I have implemented Devise for Authentication and Authorization in ROR
application everything seems fine but getting one issue. I have two
modals “Account” and “Transactiona” , and so two controllers
respectively.
My Transaction Index view call one of Account Controller method like
this
$.post(“accounts/our_miles_balance/?account_number=”+$("#account_number").val(),function(data)
{
$("#our_miles_balance").val(data);
});
When this ajax post run it gives following error and sign out admin user
You need to sign in or sign up before continuing
Here is my Ability Class
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new # guest user
if user.role == 1 #admin
can :manage, :all
can :read, :all
elsif user.role == 2 #Vendor
can :manage, VendorTransaction
can :index, Account
end
end
end
Ok Here is my Transaction controller
require ‘csv’
class TransactionsController < ApplicationController
load_and_authorize_resource
helper_method :sort_column, :sort_direction
respond_to :html, :js
def index
per_page = 40
@transactions = Transaction.search(params[:id]).order(sort_column + "
" + sort_direction)
respond_to do |format|
format.html # index.html.erb
format.csv { render :csv => @transactions}
end
AND Account Controller
class AccountsController < ApplicationController
load_and_authorize_resource
helper_method :sort_column, :sort_direction
def index
@accounts = Account.search(params[:program_id]
respond_to do |format|
format.html # index.html.erb
format.json { render :json => @accounts}
end
def our_miles_balance
a = Account.find_by_account_number(params[:account_number])
@miles = Account.our_miles_balance(a.id) if ?a!=nil
respond_to do |format|
format.json { render json: @miles}
end
end
end
What i m doing wrong here, please help…