Remove unneeded scope

In this case using `joins` doesn't prevent N+1 queries to get titles for every record, and since we cannot order translations with just SQL due to fallbacks, we don't need it. Automatic SQL injection checks were showing a false positive in this scope; there was no real vulnerability here because foreign keys, table names and locales were under our control.
2019-11-11 01:13:02 +01:00
parent e470ea1cc1
commit a76ed31a94
2 changed files with 1 additions and 3 deletions
--- a/app/models/budget/investment.rb
+++ b/app/models/budget/investment.rb
@@ -126,7 +126,7 @@ class Budget
    end

    def self.sort_by_title
-      with_translation.sort_by(&:title)
+      all.sort_by(&:title)
    end

    def self.filter_params(params)
--- a/app/models/concerns/globalizable.rb
+++ b/app/models/concerns/globalizable.rb
@@ -29,8 +29,6 @@ module Globalizable
      translation_class.send :acts_as_paranoid, column: :hidden_at
    end

-    scope :with_translation, -> { joins("LEFT OUTER JOIN #{translations_table_name} ON #{table_name}.id = #{translations_table_name}.#{reflections["translations"].foreign_key} AND #{translations_table_name}.locale='#{I18n.locale}'") }
-
    private

      def required_attribute?(attribute)