in edge branch, the limit scope doesn't work unless you explicitly regulate it

[adamcreekroad]

Currently to use it on the client you must do this:

class ApplicationRecord < ActiveRecord::Base
  regulate_scope limit: :always_allow
end

Even if you have regulate_scope for all and unscoped

[catmando]

not sure but I think this might be because scope :limit, ->() {} scope :offset, ->() {}
is in the CLIENT side base class.

this means the client will assume there is a secure_remote_access_limit method on the server, but there is NOT.

by calling regulate_scope... this creates (I think) the secure_remote_access_limit method to be created.