diff --git a/app/policies/mapping_policy.rb b/app/policies/mapping_policy.rb
index 49e134ef..39dbd86a 100644
--- a/app/policies/mapping_policy.rb
+++ b/app/policies/mapping_policy.rb
@@ -5,7 +5,8 @@ class MappingPolicy < ApplicationPolicy
       # it would be nice if we could also base this on the mappable, but that
       # gets really complicated. Devin thinks it's OK to SHOW a mapping for
       # a private topic, since you can't see the private topic anyways
-      scope.joins(:maps).where('maps.permission IN ("public", "commons") OR maps.user_id = ?', user.id)
+      scope.joins(:maps).where('maps.permission IN (?) OR maps.user_id = ?',
+                                 ["public", "commons"], user.id)
     end
   end
 
diff --git a/app/policies/synapse_policy.rb b/app/policies/synapse_policy.rb
index 6763014a..12f9c8ca 100644
--- a/app/policies/synapse_policy.rb
+++ b/app/policies/synapse_policy.rb
@@ -1,7 +1,7 @@
 class SynapsePolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
-      scope.where('permission IN ("public", "commons") OR user_id = ?', user.id)
+      scope.where('permission IN (?) OR user_id = ?', ["public", "commons"], user.id)
     end
   end
 
diff --git a/app/policies/topic_policy.rb b/app/policies/topic_policy.rb
index 03b42895..97fefdcc 100644
--- a/app/policies/topic_policy.rb
+++ b/app/policies/topic_policy.rb
@@ -1,7 +1,7 @@
 class TopicPolicy < ApplicationPolicy
   class Scope < Scope
     def resolve
-      scope.where('permission IN ("public", "commons") OR user_id = ?', user.id)
+      scope.where('permission IN (?) OR user_id = ?', ["public", "commons"], user.id)
     end
   end