Am using Devise for authentication and cancancan for authorization.cancancan is working fine for some controller but throws undefined method error for some screens..
assessments_controller.rb
def index
@projects = Project.find_by_sql("SELECT project_id, project_name FROM projects WHERE company_id = "+ current_dashboard_user.company_id.to_s +
" ORDER BY project_name")
getProjectId
getResult #get search result
respond_to do |format|
format.html
format.js
end
end
def getResult
#Search Result page
if (@project_id != nil && @project_id != "") then
@assessments = Assessment.find_by_sql("SELECT assess.assessment_id, assess.company_id, assess.project_id, assess.release_cycle_no,
assess.assessment_description, DATE_FORMAT(assess.start_date,'%d/%m/%Y') start_date_display,
DATE_FORMAT(assess.end_date,'%d/%m/%Y') end_date_display, assess.project_phase_id, pp.project_phase_name,
CASE WHEN assess.closed_status = 'Y' THEN 'Closed' ELSE 'Open' END AS closed_status
FROM assessments assess, project_phases pp
WHERE assess.company_id = " + current_dashboard_user.company_id.to_s +
" AND assess.project_id = " + @project_id.to_s +
" AND assess.project_phase_id = pp.project_phase_id ORDER BY assess.assessment_id DESC")
@assessments = @assessments.paginate(:per_page => 5, :page => params[:page])
end
end
https://gist.github.com/anonymous/9ccee7be3e7fa2df2bca
My views. https://gist.github.com/anonymous/272e6cc05e01d526ef0a
the error i got is https://i.stack.imgur.com/hozKw.jpg
So you have to define authorization manually for your index action.