have policy_scope always use scope.all or something else to ensure it's an ActiveRecord relation

2016-06-28 14:49:46 +08:00 · 2016-06-28 14:49:46 +08:00 · 6c22ebcc51
parent b72536853f
commit 6c22ebcc51
2 changed files with 2 additions and 2 deletions
--- a/app/policies/application_policy.rb
+++ b/app/policies/application_policy.rb
@ -55,7 +55,7 @@ class ApplicationPolicy
    end

    def resolve
-      scope
+      scope.all
    end
  end
 end
--- a/app/policies/token_policy.rb
+++ b/app/policies/token_policy.rb
@ -4,7 +4,7 @@ class TokenPolicy < ApplicationPolicy
      if user
        scope.where('tokens.user_id = ?', user.id)
      else
-        where(:id => nil).where("id IS NOT ?", nil) # to just return none
+        scope.where(:id => nil).where("id IS NOT ?", nil) # to just return none
      end
    end
  end