有以下路由:
resources :accounts, only: [:update] do
get 'search', on: :collection
resources :transactions, only: [:create]
end
能力:
can [:update, :search], Account
can [:create, :index], Transaction
控制器:
# Web API controller for actions on Transaction
class Api::V1::Web::TransactionsController < Api::V1::Web::ApplicationController
load_and_authorize_resource :account
load_and_authorize_resource :transaction, through: :account
def create
render json: params and return
end
end
当我尝试创建新事务时,我收到错误:
CanCan::AccessDenied
in Api::V1::Web::TransactionsController#create
我做错了什么?我该如何解决?提前致谢。