fix: qualify ambiguous id column in FollowedUsersFilter (issue #47)

On PostgreSQL, whereIn/whereNotIn with an unqualified 'id' column fails
with "column reference is ambiguous" when the user query has a JOIN in
scope (e.g. from another extension's global scope).

Qualify as 'users.id' in both branches of FollowedUsersFilter::constrain().

Also fix the test helper calls to use withQueryParams() instead of the
unsupported 'queryParams' option, so the filter is actually applied.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: imorland

src/Query/FollowedUsersFilter.php

@@ -43,9 +43,9 @@ protected function constrain(\Illuminate\Database\Eloquent\Builder $query, User
         $query->where(function ($query) use ($actor, $negate) {
             $ids = $actor->followedUsers()->pluck('users.id');
             if ($negate) {
-                $query->whereNotIn('id', $ids);
+                $query->whereNotIn('users.id', $ids);
             } else {
-                $query->whereIn('id', $ids);
+                $query->whereIn('users.id', $ids);
             }
         });
     }

tests/integration/api/FollowedUsersFilterTest.php

@@ -25,12 +25,6 @@
  *   PDOException: SQLSTATE[42702]: Ambiguous column: column reference "id" is ambiguous
  *
  * The column references must be qualified as `users.id`.
- *
- * Note: SQLite (used in CI) does not raise an ambiguity error, so these tests
- * will appear to pass on the current (buggy) code under SQLite. They exist to:
- *   1. Document and lock in the correct behaviour.
- *   2. Fail on PostgreSQL until the fix is applied.
- *   3. Act as a regression guard going forward.
  */
 class FollowedUsersFilterTest extends TestCase
 {
@@ -60,16 +54,8 @@ public function setUp(): void
     public function followeduser_filter_returns_only_followed_users()
     {
         $response = $this->send(
-            $this->request(
-                'GET',
-                '/api/users',
-                [
-                    'authenticatedAs' => 2,
-                    'queryParams'     => [
-                        'filter' => ['followeduser' => '1'],
-                    ],
-                ]
-            )
+            $this->request('GET', '/api/users', ['authenticatedAs' => 2])
+                ->withQueryParams(['filter' => ['followeduser' => '1']])
         );
 
         $this->assertEquals(200, $response->getStatusCode());
@@ -87,16 +73,8 @@ public function followeduser_filter_returns_only_followed_users()
     public function negated_followeduser_filter_excludes_followed_users()
     {
         $response = $this->send(
-            $this->request(
-                'GET',
-                '/api/users',
-                [
-                    'authenticatedAs' => 2,
-                    'queryParams'     => [
-                        'filter' => ['-followeduser' => '1'],
-                    ],
-                ]
-            )
+            $this->request('GET', '/api/users', ['authenticatedAs' => 2])
+                ->withQueryParams(['filter' => ['-followeduser' => '1']])
         );
 
         $this->assertEquals(200, $response->getStatusCode());
@@ -114,16 +92,8 @@ public function negated_followeduser_filter_excludes_followed_users()
     public function followeduser_filter_returns_empty_when_actor_follows_nobody()
     {
         $response = $this->send(
-            $this->request(
-                'GET',
-                '/api/users',
-                [
-                    'authenticatedAs' => 5,
-                    'queryParams'     => [
-                        'filter' => ['followeduser' => '1'],
-                    ],
-                ]
-            )
+            $this->request('GET', '/api/users', ['authenticatedAs' => 5])
+                ->withQueryParams(['filter' => ['followeduser' => '1']])
         );
 
         $this->assertEquals(200, $response->getStatusCode());