Can't get CanCan to restrict view of items

So I got CanCan and Devise working well. I have two types of users: Admins and Nonadmins. Admins can view ALL appointments from the same Account or Organization.

The problem is, every user (either Admin or Nonadmin) belongs to an Account or Organization. Admins should only be able to view appointments from their own Account or Organization.

Can't get it to do it.

Every appointment has an account_id Every user has an account_id

So this is what I have on ABILITY.RB