limit quiz and results scopes to current_user access

now managers and reviewers can only see quizzes and completed results for those quizzes they have been assigned to.

test/policies/quiz_policy_test.rb

@@ -15,7 +15,7 @@ class QuizPolicyTest < PolicyAssertions::Test
 
   test 'should allow manager to scope' do
     scope = QuizPolicy::Scope.new(users(:manager), Quiz).resolve
-    assert_equal Quiz.count, scope.count
+    assert_equal users(:manager).quizzes.count, scope.count
   end
 
   test 'should allow reviewer to scope' do