From a76ed31a94b6895f1c4a21ead0b263c849c95b85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Mon, 11 Nov 2019 01:13:02 +0100
Subject: [PATCH] Remove unneeded scope

In this case using `joins` doesn't prevent N+1 queries to get titles for
every record, and since we cannot order translations with just SQL due
to fallbacks, we don't need it.

Automatic SQL injection checks were showing a false positive in this
scope; there was no real vulnerability here because foreign keys, table
names and locales were under our control.
---
 app/models/budget/investment.rb     | 2 +-
 app/models/concerns/globalizable.rb | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/app/models/budget/investment.rb b/app/models/budget/investment.rb
index bfa752fb1..dc215d679 100644
--- a/app/models/budget/investment.rb
+++ b/app/models/budget/investment.rb
@@ -126,7 +126,7 @@ class Budget
     end
 
     def self.sort_by_title
-      with_translation.sort_by(&:title)
+      all.sort_by(&:title)
     end
 
     def self.filter_params(params)
diff --git a/app/models/concerns/globalizable.rb b/app/models/concerns/globalizable.rb
index 7fb00d887..230aba1bd 100644
--- a/app/models/concerns/globalizable.rb
+++ b/app/models/concerns/globalizable.rb
@@ -29,8 +29,6 @@ module Globalizable
       translation_class.send :acts_as_paranoid, column: :hidden_at
     end
 
-    scope :with_translation, -> { joins("LEFT OUTER JOIN #{translations_table_name} ON #{table_name}.id = #{translations_table_name}.#{reflections["translations"].foreign_key} AND #{translations_table_name}.locale='#{I18n.locale}'") }
-
     private
 
       def required_attribute?(attribute)