diff --git a/api/policies/RolePolicy.js b/api/policies/RolePolicy.js
index 6f436d2..6e6e843 100644
--- a/api/policies/RolePolicy.js
+++ b/api/policies/RolePolicy.js
@@ -33,8 +33,9 @@ module.exports = function(req, res, next) {
     // Some parsing must happen on the query down the line,
     // as req.query has no impact on the results from PermissionService.findTargetObjects.
     // I had to look at the actionUtil parseCriteria method to see where to augment the criteria
-    req.params.all().where = req.params.all().where || {};
-    req.params.all().where.owner = req.user.id;
+    if (!req.query.where) {
+      req.query.where = {};
+    }
     req.query.owner = req.user.id;
     _.isObject(req.body) && (req.body.owner = req.user.id);
   }
diff --git a/package.json b/package.json
index 8cff0f9..3a4871e 100644
--- a/package.json
+++ b/package.json
@@ -53,7 +53,7 @@
     "lodash": "^3.10.0",
     "marlinspike": "^1.0",
     "pluralize": "^1.0.1",
-    "sails-auth": "^2.0",
+    "sails-auth": "^2.1",
     "sails-generate-entities": "latest",
     "waterline-criteria": "^0.11.1"
   },