From 3216f83ad83fd348a4ea96b73bc664427318f41c Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Sun, 1 Sep 2019 13:10:37 -0500
Subject: [PATCH] users: fix deprecation warning in current_user_first.

    DEPRECATION WARNING: Dangerous query method (method whose arguments
    are used as raw SQL) called with non-attribute argument(s): "id =
    52664 desc". Non-attribute arguments will be disallowed in Rails
    6.1. This method should not be called with user-provided values,
    such as request parameters or model attributes. Known-safe values
    can be passed by wrapping them in Arel.sql().
---
 app/models/user.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index d5beefdb9..cbc87041c 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -752,9 +752,9 @@ class User < ApplicationRecord
       end
 
       if params[:current_user_first].to_s.truthy? && !CurrentUser.is_anonymous?
-        q = q.order("id = #{CurrentUser.user.id.to_i} desc")
+        q = q.order(Arel.sql("id = #{CurrentUser.id} desc"))
       end
-      
+
       case params[:order]
       when "name"
         q = q.order("name")