edit ticket controller

app/controllers/api/auth_controller.rb

@@ -1,9 +1,10 @@
 class Api::AuthController < ApplicationController
 	skip_before_filter  :verify_authenticity_token
 	def login
+ 
 		username = params[:username]
     access = params[:access_code]
-   		 
+
    	member = Member.find_by_email(username)
 		if member && member.valid_password?(access)
 		 	member.session_token = SecureRandom.hex 		 	 

app/controllers/api/batch_line_items_controller.rb

@@ -3,8 +3,7 @@ class Api::BatchLineItemsController < ApplicationController
 	def register
         batch_id=params[:batch_id]
         session_token=params[:session_token]
-        manufacture_uid = params[:card_manufacture]
-        # card_type = params[:card_type]
+        manufacture_uid = params[:card_manufacture] 
         user_id=""      
 
         check_member= Member.authenticate_session_token(session_token)
@@ -15,44 +14,51 @@ class Api::BatchLineItemsController < ApplicationController
                 encrypt_key=find_user.secrect_key
                 user_id=find_user.id
             end
-            if !encrypt_key.nil?
-                serial_no=BatchLineItem.generate_serial_no(user_id.to_s)
-                str="manufacture_uid="+manufacture_uid.to_s+"&serial_no="+serial_no.to_s               
+
+            if !encrypt_key.nil?  
+                check_manufacture = BatchLineItem.find_by_manufacture_uid(manufacture_uid)            
+                if check_manufacture.nil? 
+                    serial_no=BatchLineItem.generate_serial_no(user_id.to_s)
+                    str="manufacture_uid="+manufacture_uid.to_s+"&serial_no="+serial_no.to_s               
                      
-                digest_data= Digest::MD5.hexdigest(str)                 
-                hex_data=digest_data.hex            
-                hex_str=hex_data.to_s
-                wristband_code=hex_str[0..15]
+                    digest_data= Digest::MD5.hexdigest(str)                 
+                    hex_data=digest_data.hex            
+                    hex_str=hex_data.to_s
+                    wristband_code=hex_str[0..15]   
+                    check_wirstband=BatchLineItem.find_by_wristband_code(wristband_code)
+                            
+                    if check_wirstband.nil?
+                            puts  'Check Wristband'
+                        card_type=""           
+                        find_batch= Batch.find_by_id(batch_id)
+                        if !find_batch.nil?
+                            card_type=find_batch.adult_or_child.upcase
+                        end
+                        batchLineItem=BatchLineItem.new
+                        batchLineItem.wristband_code=wristband_code
+                        batchLineItem.serial_no=serial_no
+                        batchLineItem.batch_id=batch_id
+                        batchLineItem.manufacture_uid = manufacture_uid
+                        batchLineItem.card_type = card_type
+          
+                        if batchLineItem.save
+                            lookup=Lookup.find_by_name('generate_serial_no')
+                            max_serail_no=lookup.max_value
+                            lookup.max_value=max_serail_no.to_i+1
+                            lookup.save
 
-                check_manufacture = BatchLineItem.find_by_manufacture_uid_and_wristband_code(manufacture_uid,wristband_code)            
-                if check_manufacture.nil?    
-                    card_type=""           
-                    find_batch= Batch.find_by_id(batch_id)
-                    if !find_batch.nil?
-                        card_type=find_batch.adult_or_child.upcase
-                    end
-                    batchLineItem=BatchLineItem.new
-                    batchLineItem.wristband_code=wristband_code
-                    batchLineItem.serial_no=serial_no
-                    batchLineItem.batch_id=batch_id
-                    batchLineItem.manufacture_uid = manufacture_uid
-                    batchLineItem.card_type = card_type
-                      
-                    if batchLineItem.save
-                        lookup=Lookup.find_by_name('generate_serial_no')
-                        max_serail_no=lookup.max_value
-                        lookup.max_value=max_serail_no.to_i+1
-                        lookup.save
-
-                        @out = true,batchLineItem.serial_no,batchLineItem.wristband_code
+                            @out = true,batchLineItem.serial_no,batchLineItem.wristband_code
+                        else
+                            @out=false,'Error occurs in registration encoder!'
+                        end 
                     else
-                        @out=false,'Error occurs in registration encoder!'
-                    end 
+                        @out=false,'Wristband  is already registered!'  
+                    end
                 else
-                    @out=false,'Wristband code is already exists!'           
+                    @out=false,'Wristband  is already registered!'           
                 end
             else
-                @out=false,'Invalid Encryption Key!'      
+                @out=false,'Invalid User!'      
             end
          else
             @out=false,'Sorry!Unauthorized user!'

app/controllers/batch_line_items_controller.rb

@@ -6,7 +6,9 @@ class BatchLineItemsController < ApplicationController
 		user_id=current_member.user_id
 
 		@batches=Batch.where('user_id=?',user_id)			 
-		@batchLineItems=BatchLineItem.joins('inner join batches on batches.id=batch_line_items.batch_id').select('batch_line_items.*,batches.order_ref as batch_name').page(params[:page]).per(2)
+		@batchLineItems=BatchLineItem.joins('inner join batches on batches.id=batch_line_items.batch_id')
+									 .where('batches.user_id=?',user_id)
+									 .select('batch_line_items.*,batches.order_ref as batch_name').page(params[:page]).per(2)
 	end	 
 	def export
 		batch_list=params[:batch]
@@ -30,7 +32,7 @@ class BatchLineItemsController < ApplicationController
 			end
 			@batchLineItems = BatchLineItem.all.select('serial_no,wristband_code,batch_id,manufacture_uid,card_type')
 		end 
-	 
+	  
 		respond_to do |format|	 
 			format.html
 		   	format.csv { send_data @batchLineItems.to_csv(user_id), filename: "encoder-#{Date.today}.csv" }

app/controllers/batches_controller.rb

@@ -1,4 +1,6 @@
 class BatchesController < ApplicationController    
+	 skip_before_filter  :verify_authenticity_token 
+     before_action :authenticate_member!
     def index
     	@batches=Batch.joins('inner join users on users.id=batches.user_id')
     				  .select('batches.*,users.name as user_name').order('batches.id desc').page(params[:page])

app/controllers/home_controller.rb

@@ -1,5 +1,6 @@
 class HomeController < ApplicationController
   skip_before_filter  :verify_authenticity_token 
+  before_action :authenticate_member!
 
 	def index		
       redirect_to new_member_session_path

app/controllers/users_controller.rb

@@ -1,5 +1,6 @@
 class UsersController < ApplicationController
   skip_before_filter  :verify_authenticity_token 
+  before_action :authenticate_member!
   before_action :set_user, only: [:show, :edit, :update, :destroy]
 
   # GET /users
@@ -32,7 +33,7 @@ class UsersController < ApplicationController
     key=cipher.random_key
     secrect_key= Base64.encode64(key)
     @user.secrect_key=secrect_key      
-
+    @email=email
     respond_to do |format|
       if @user.save
         member_id= current_member.id