rubypitaya 2.15.0 → 2.19.1

data/lib/rubypitaya/core/config.rb

@@ -4,11 +4,10 @@ module RubyPitaya
 
   class Config
 
-    attr_writer :config_core_override
-
     def initialize
       @config_core = ConfigCore.new
       @config_core_override = nil
+      @has_config_core_override = false
 
       @result_cache = {}
     end
@@ -17,8 +16,11 @@ module RubyPitaya
       result = @result_cache[key]
       return result unless result.nil?
 
-      result = @config_core_override[key] unless @config_core_override.nil?
-      result = @config_core[key] if result.nil?
+      if @has_config_core_override
+        result = @config_core_override[key]
+      else
+        result = @config_core[key]
+      end
 
       @result_cache[key] = result
 
@@ -33,5 +35,10 @@ module RubyPitaya
     def clear_cache
       @result_cache.clear
     end
+
+    def config_core_override=(value)
+      @config_core_override = value
+      @has_config_core_override = !value.nil?
+    end
   end
 end

data/lib/rubypitaya/core/config_core.rb

@@ -17,8 +17,7 @@ module RubyPitaya
     end
 
     def [](key)
-      split_key = key.split('/')
-      @config.dig(*split_key)
+      @config[key]
     end
 
     def auto_reload
@@ -42,12 +41,11 @@ module RubyPitaya
 
     def load_config_file(configs_folder_path, file_path)
       config_text = File.open(file_path, &:read)
-      config_hash = JSON.parse(config_text)
+      config_hash = JSON.parse(config_text, symbolize_names: true)
 
-      path_array = file_path.sub(/^#{configs_folder_path}/, '')[0..-6]
-                              .split('/')
+      file_name = file_path.sub(/^#{configs_folder_path}/, '')[0..-6]
 
-      set_config_value(path_array, config_hash)
+      @config[file_name] = config_hash
 
       rescue Exception => error
         puts "ERROR: #{error}"
@@ -69,20 +67,5 @@ module RubyPitaya
         puts "MODIFIED @config: #{path}"
       end
     end
-
-    def set_config_value(keys, value)
-      config = @config
-
-      keys.each_with_index do |key, index|
-        is_last_index = index == keys.size - 1
-
-        if is_last_index
-          config[key] = value
-        else
-          config[key] = {} unless config.key?(key)
-          config = config[key]
-        end
-      end
-    end
   end
 end

data/lib/rubypitaya/core/db/migration/0000000001_create_user_migration.rb

@@ -1,6 +1,6 @@
 require 'active_record'
 
-class CreateUserMigration < ActiveRecord::Migration[5.1]
+class CreateUserMigration < ActiveRecord::Migration[6.0]
 
   enable_extension 'pgcrypto'
 

data/lib/rubypitaya/core/handler_base.rb

@@ -17,6 +17,17 @@ module RubyPitaya
       @postman = nil
     end
 
+    def set_attributes(bll, log, redis, setup, config, params, session, postman)
+      @bll = bll
+      @log = log
+      @redis = redis
+      @setup = setup
+      @config = config
+      @params = params
+      @session = session
+      @postman = postman
+    end
+
     def self.non_authenticated_actions(*action_names)
       self.non_authenticated_routes = action_names.map(&:to_s)
     end

data/lib/rubypitaya/core/handler_router.rb

@@ -62,8 +62,7 @@ module RubyPitaya
           msg: "Handler #{handler_name} not founded"
         }
       end
-
-      unless @handler_name_map[handler_name].methods.include?(action_name.to_sym)
+      unless @handler_name_map[handler_name].public_methods(false).include?(action_name.to_sym)
         return {
           code: StatusCodes::CODE_ACTION_NOT_FOUND,
           msg: "Handler #{handler_name} action #{action_name} not founded"
@@ -72,19 +71,12 @@ module RubyPitaya
 
       handler = @handler_name_map[handler_name]
 
-      handler.bll = bll
-      handler.log = log
-      handler.redis = redis
-      handler.setup = setup
-      handler.config = config
-      handler.params = params
-      handler.session = session
-      handler.postman = postman
-
       if !handler.class.authenticated_action_name?(action_name)
+        handler.set_attributes(bll, log, redis, setup, config, params, session, postman)
         handler.send(action_name)
       else
         if session.authenticated?
+          handler.set_attributes(bll, log, redis, setup, config, params, session, postman)
           handler.send(action_name)
         else
           return {

data/lib/rubypitaya/core/http_routes.rb

@@ -19,10 +19,14 @@ module RubyPitaya
     before do
       content_type :json
 
+      return error_unauthorized unless authorized?(request)
+
       @bll = settings.bll
       @setup = settings.setup
       @config = settings.config
 
+      @config.clear_cache
+
       if request.content_type == 'application/json'
         request_body = request.body.read
         @params.merge!(JSON.parse(request_body)) if !request_body.blank?
@@ -30,5 +34,31 @@ module RubyPitaya
 
       @params = Parameters.new(@params)
     end
+
+    private
+
+    def error_unauthorized
+      return halt(401, 'Unauthorized')
+    end
+
+    def authorized?(request)
+      return true unless http_auth_enabled?
+
+      auth_token = request.env['HTTP_AUTHORIZATION']
+      return auth_token == get_http_auth
+    end
+
+    def http_auth_enabled?
+      return ENV.fetch("HTTP_AUTH_ENABLED") { 'false' } == 'true'
+    end
+
+    def get_http_auth
+      user = ENV.fetch("HTTP_AUTH_USER") { '' }
+      pass = ENV.fetch("HTTP_AUTH_PASS") { '' }
+
+      auth_token = ::Base64.strict_encode64("#{user}:#{pass}")
+
+      return "Basic #{auth_token}"
+    end
   end
 end

data/lib/rubypitaya/core/main.rb

@@ -141,10 +141,10 @@ module RubyPitaya
 
     def run_nats_connection
       @nats_connector.connect do |request|
-        start_time_seconds = Time.now.to_i
+        start_time_seconds = Time.now.to_f
 
         message_route = request[:msg][:route]
-        message_data = request[:msg][:data]
+        message_data = request[:msg][:data] || {}
         message_data = JSON.parse(message_data) if message_data.class == String
 
         params = Parameters.new(message_data)
@@ -152,15 +152,16 @@ module RubyPitaya
         session_id = request[:session][:id]
         session_uid = request[:session].fetch(:uid, '')
         session_data = request[:session][:data]
-        session_data = JSON.parse(session_data) if session_data.class == String
+        session_data = JSON.parse(session_data, symbolize_names: true) if session_data.class == String
         frontend_id = request[:frontendID]
         metadata = request[:metadata]
-        metadata = JSON.parse(metadata) if metadata.class == String
+        metadata = JSON.parse(metadata, symbolize_names: true) if metadata.class == String
 
         @session.update(session_id, session_uid, session_data, metadata,
                         frontend_id)
 
-        handler_name, action_name = message_route.split('.')[1..-1]
+        # TODO: Validate if handler and action names are not nil
+        handler_name, action_name = message_route.scan(/\A\w+\.(\w+)\.(\w+)\z/)[0]
 
         @log.info "request  -> route: #{message_route}"
         @log.info "         -> data:  #{message_data}"
@@ -171,9 +172,9 @@ module RubyPitaya
                                         @postman, @redis_connector.redis,
                                         @setup, @config, @bll, @log, params)
 
-        delta_time_seconds = Time.now.to_i - start_time_seconds
+        delta_time_seconds = ((Time.now.to_f - start_time_seconds) * 1000).round(2)
 
-        @log.info "response [#{delta_time_seconds}s] -> #{response.to_json}"
+        @log.info "response [#{delta_time_seconds}ms] -> #{response.to_json}"
 
         response
       end

data/lib/rubypitaya/core/parameters.rb

@@ -1,4 +1,5 @@
 require 'date'
+require 'yaml'
 require 'bigdecimal'
 require 'stringio'
 
@@ -9,12 +10,36 @@ require 'active_support/core_ext/array/wrap'
 module RubyPitaya
 
   class ParameterMissing < IndexError
-    attr_reader :param
+    attr_reader :param, :keys
 
-    def initialize(param)
+    def initialize(param, keys = nil)
       @param = param
+      @keys  = keys
       super("param is missing or the value is empty: #{param}")
     end
+
+    class Correction
+      def initialize(error)
+        @error = error
+      end
+
+      def corrections
+        if @error.param && @error.keys
+          maybe_these = @error.keys
+
+          maybe_these.sort_by { |n|
+            DidYouMean::Jaro.distance(@error.param.to_s, n)
+          }.reverse.first(4)
+        else
+          []
+        end
+      end
+    end
+
+    # We may not have DYM, and DYM might not let us register error handlers
+    if defined?(DidYouMean) && DidYouMean.respond_to?(:correct_error)
+      DidYouMean.correct_error(self, Correction)
+    end
   end
 
   class UnpermittedParameters < IndexError
@@ -26,26 +51,98 @@ module RubyPitaya
     end
   end
 
-  class Parameters < ActiveSupport::HashWithIndifferentAccess
-    attr_accessor :permitted
-    alias :permitted? :permitted
+  class UnfilteredParameters < ArgumentError
+    def initialize # :nodoc:
+      super("unable to convert unpermitted parameters to hash")
+    end
+  end
+
+  class Parameters
+    cattr_accessor :permit_all_parameters, instance_accessor: false, default: false
+    cattr_accessor :action_on_unpermitted_parameters, instance_accessor: false
+
+    delegate :keys, :key?, :has_key?, :member?, :values, :has_value?, :value?, :empty?, :include?,
+      :as_json, :to_s, :each_key, to: :@parameters
+
+    cattr_accessor :always_permitted_parameters, default: %w( controller action )
+
+    class << self
+      def nested_attribute?(key, value) # :nodoc:
+        /\A-?\d+\z/.match?(key) && (value.is_a?(Hash) || value.is_a?(Parameters))
+      end
+    end
 
-    cattr_accessor :action_on_unpermitted_parameters, :instance_accessor => false
+    def initialize(parameters = {})
+      @parameters = parameters.with_indifferent_access
+      @permitted = self.class.permit_all_parameters
+    end
 
-    # Never raise an UnpermittedParameters exception because of these params
-    # are present. They are added by Rails and it's of no concern.
-    NEVER_UNPERMITTED_PARAMS = %w( controller action )
+    def ==(other)
+      if other.respond_to?(:permitted?)
+        permitted? == other.permitted? && parameters == other.parameters
+      else
+        @parameters == other
+      end
+    end
+    alias eql? ==
 
-    def initialize(attributes = nil)
-      super(attributes)
-      @permitted = false
+    def hash
+      [@parameters.hash, @permitted].hash
+    end
+
+    def to_h
+      if permitted?
+        convert_parameters_to_hashes(@parameters, :to_h)
+      else
+        raise UnfilteredParameters
+      end
+    end
+
+    def to_hash
+      to_h.to_hash
+    end
+
+    def to_query(*args)
+      to_h.to_query(*args)
+    end
+    alias_method :to_param, :to_query
+
+    def to_unsafe_h
+      convert_parameters_to_hashes(@parameters, :to_unsafe_h)
+    end
+    alias_method :to_unsafe_hash, :to_unsafe_h
+
+    def each_pair(&block)
+      return to_enum(__callee__) unless block_given?
+      @parameters.each_pair do |key, value|
+        yield [key, convert_hashes_to_parameters(key, value)]
+      end
+
+      self
+    end
+    alias_method :each, :each_pair
+
+    def each_value(&block)
+      return to_enum(:each_value) unless block_given?
+      @parameters.each_pair do |key, value|
+        yield convert_hashes_to_parameters(key, value)
+      end
+
+      self
+    end
+
+    def converted_arrays
+      @converted_arrays ||= Set.new
+    end
+
+    def permitted?
+      @permitted
     end
 
     def permit!
       each_pair do |key, value|
-        value = convert_hashes_to_parameters(key, value)
-        Array.wrap(value).each do |_|
-          _.permit! if _.respond_to? :permit!
+        Array.wrap(value).flatten.each do |v|
+          v.permit! if v.respond_to? :permit!
         end
       end
 
@@ -54,7 +151,13 @@ module RubyPitaya
     end
 
     def require(key)
-      self[key].presence || raise(ParameterMissing.new(key))
+      return key.map { |k| require(k) } if key.is_a?(Array)
+      value = self[key]
+      if value.present? || value == false
+        value
+      else
+        raise ParameterMissing.new(key, @parameters.keys)
+      end
     end
 
     alias :required :require
@@ -66,7 +169,7 @@ module RubyPitaya
         case filter
         when Symbol, String
           permitted_scalar_filter(params, filter)
-        when Hash then
+        when Hash
           hash_filter(params, filter)
         end
       end
@@ -77,169 +180,377 @@ module RubyPitaya
     end
 
     def [](key)
-      convert_hashes_to_parameters(key, super)
+      convert_hashes_to_parameters(key, @parameters[key])
+    end
+
+    def []=(key, value)
+      @parameters[key] = value
     end
 
     def fetch(key, *args)
-      convert_hashes_to_parameters(key, super, false)
-    rescue KeyError, IndexError
-      raise ParameterMissing.new(key)
+      convert_value_to_parameters(
+        @parameters.fetch(key) {
+          if block_given?
+            yield
+          else
+            args.fetch(0) { raise ActionController::ParameterMissing.new(key, @parameters.keys) }
+          end
+        }
+      )
+    end
+
+    def dig(*keys)
+      convert_hashes_to_parameters(keys.first, @parameters[keys.first])
+      @parameters.dig(*keys)
+    end
+
+    def slice!(*keys)
+      @parameters.slice!(*keys)
+      self
+    end
+
+    def except(*keys)
+      new_instance_with_inherited_permitted_status(@parameters.except(*keys))
+    end
+
+    def extract!(*keys)
+      new_instance_with_inherited_permitted_status(@parameters.extract!(*keys))
+    end
+
+    def transform_values
+      return to_enum(:transform_values) unless block_given?
+      new_instance_with_inherited_permitted_status(
+        @parameters.transform_values { |v| yield convert_value_to_parameters(v) }
+      )
+    end
+
+    def transform_values!
+      return to_enum(:transform_values!) unless block_given?
+      @parameters.transform_values! { |v| yield convert_value_to_parameters(v) }
+      self
+    end
+
+    def transform_keys(&block)
+      return to_enum(:transform_keys) unless block_given?
+      new_instance_with_inherited_permitted_status(
+        @parameters.transform_keys(&block)
+      )
+    end
+
+    def transform_keys!(&block)
+      return to_enum(:transform_keys!) unless block_given?
+      @parameters.transform_keys!(&block)
+      self
+    end
+
+    def deep_transform_keys(&block)
+      new_instance_with_inherited_permitted_status(
+        @parameters.deep_transform_keys(&block)
+      )
+    end
+
+    def deep_transform_keys!(&block)
+      @parameters.deep_transform_keys!(&block)
+      self
+    end
+
+    def delete(key, &block)
+      convert_value_to_parameters(@parameters.delete(key, &block))
+    end
+
+    def select(&block)
+      new_instance_with_inherited_permitted_status(@parameters.select(&block))
     end
 
-    def slice(*keys)
-      self.class.new(super).tap do |new_instance|
-        new_instance.instance_variable_set :@permitted, @permitted
+    def select!(&block)
+      @parameters.select!(&block)
+      self
+    end
+    alias_method :keep_if, :select!
+
+    def reject(&block)
+      new_instance_with_inherited_permitted_status(@parameters.reject(&block))
+    end
+
+    def reject!(&block)
+      @parameters.reject!(&block)
+      self
+    end
+    alias_method :delete_if, :reject!
+
+    def compact
+      new_instance_with_inherited_permitted_status(@parameters.compact)
+    end
+
+    def compact!
+      self if @parameters.compact!
+    end
+
+    def compact_blank
+      reject { |_k, v| v.blank? }
+    end
+
+    def compact_blank!
+      reject! { |_k, v| v.blank? }
+    end
+
+    def values_at(*keys)
+      convert_value_to_parameters(@parameters.values_at(*keys))
+    end
+
+    def merge(other_hash)
+      new_instance_with_inherited_permitted_status(
+        @parameters.merge(other_hash.to_h)
+      )
+    end
+
+    def merge!(other_hash)
+      @parameters.merge!(other_hash.to_h)
+      self
+    end
+
+    def reverse_merge(other_hash)
+      new_instance_with_inherited_permitted_status(
+        other_hash.to_h.merge(@parameters)
+      )
+    end
+    alias_method :with_defaults, :reverse_merge
+
+    def reverse_merge!(other_hash)
+      @parameters.merge!(other_hash.to_h) { |key, left, right| left }
+      self
+    end
+    alias_method :with_defaults!, :reverse_merge!
+
+    def stringify_keys 
+      dup
+    end
+
+    def inspect
+      "#<#{self.class} #{@parameters} permitted: #{@permitted}>"
+    end
+
+    def self.hook_into_yaml_loading
+      YAML.load_tags["!ruby/hash-with-ivars:ActionController::Parameters"] = name
+      YAML.load_tags["!ruby/hash:ActionController::Parameters"] = name
+    end
+    hook_into_yaml_loading
+
+    def init_with(coder)
+      case coder.tag
+      when "!ruby/hash:ActionController::Parameters"
+        @parameters = coder.map.with_indifferent_access
+        @permitted  = false
+      when "!ruby/hash-with-ivars:ActionController::Parameters"
+        @parameters = coder.map["elements"].with_indifferent_access
+        @permitted  = coder.map["ivars"][:@permitted]
+      when "!ruby/object:ActionController::Parameters"
+        @parameters, @permitted = coder.map["parameters"], coder.map["permitted"]
       end
     end
 
-    def dup
-      self.class.new(self).tap do |duplicate|
-        duplicate.default = default
-        duplicate.instance_variable_set :@permitted, @permitted
+    def deep_dup
+      self.class.new(@parameters.deep_dup).tap do |duplicate|
+        duplicate.permitted = @permitted
       end
     end
 
     protected
-      def convert_value(value, conversion = nil)
-        if value.class == Hash
-          Parameters.new(value)
-        elsif value.is_a?(Array)
-          value.dup.replace(value.map { |e| convert_value(e) })
-        else
-          value
-        end
-      end
+
+    attr_reader :parameters
+
+    attr_writer :permitted
+
+    def nested_attributes?
+      @parameters.any? { |k, v| Parameters.nested_attribute?(k, v) }
+    end
+
+    def each_nested_attribute
+      hash = self.class.new
+      self.each { |k, v| hash[k] = yield v if Parameters.nested_attribute?(k, v) }
+      hash
+    end
 
     private
 
-      def convert_hashes_to_parameters(key, value, assign_if_converted=true)
-        converted = convert_value_to_parameters(value)
-        self[key] = converted if assign_if_converted && !converted.equal?(value)
+    def new_instance_with_inherited_permitted_status(hash)
+      self.class.new(hash).tap do |new_instance|
+        new_instance.permitted = @permitted
+      end
+    end
+
+    def convert_parameters_to_hashes(value, using)
+      case value
+      when Array
+        value.map { |v| convert_parameters_to_hashes(v, using) }
+      when Hash
+        value.transform_values do |v|
+          convert_parameters_to_hashes(v, using)
+        end.with_indifferent_access
+      when Parameters
+        value.send(using)
+      else
+        value
+      end
+    end
+
+    def convert_hashes_to_parameters(key, value)
+      converted = convert_value_to_parameters(value)
+      @parameters[key] = converted unless converted.equal?(value)
+      converted
+    end
+
+    def convert_value_to_parameters(value)
+      case value
+      when Array
+        return value if converted_arrays.member?(value)
+        converted = value.map { |_| convert_value_to_parameters(_) }
+        converted_arrays << converted
         converted
+      when Hash
+        self.class.new(value)
+      else
+        value
       end
+    end
 
-      def convert_value_to_parameters(value)
-        if value.is_a?(Array)
-          value.map { |_| convert_value_to_parameters(_) }
-        elsif value.is_a?(Parameters) || !value.is_a?(Hash)
-          value
+    def each_element(object, &block)
+      case object
+      when Array
+        object.grep(Parameters).map { |el| yield el }.compact
+      when Parameters
+        if object.nested_attributes?
+          object.each_nested_attribute(&block)
         else
-          self.class.new(value)
+          yield object
         end
       end
+    end
 
-      #
-      # --- Filtering ----------------------------------------------------------
-      #
-
-      # This is a white list of permitted scalar types that includes the ones
-      # supported in XML and JSON requests.
-      #
-      # This list is in particular used to filter ordinary requests, String goes
-      # as first element to quickly short-circuit the common case.
-      #
-      # If you modify this collection please update the README.
-      PERMITTED_SCALAR_TYPES = [
-        String,
-        Symbol,
-        NilClass,
-        Numeric,
-        TrueClass,
-        FalseClass,
-        Date,
-        Time,
-        # DateTimes are Dates, we document the type but avoid the redundant check.
-        StringIO,
-        IO,
-      ]
-
-      def permitted_scalar?(value)
-        PERMITTED_SCALAR_TYPES.any? {|type| value.is_a?(type)}
-      end
-
-      def array_of_permitted_scalars?(value)
-        if value.is_a?(Array)
-          value.all? {|element| permitted_scalar?(element)}
+    def unpermitted_parameters!(params)
+      unpermitted_keys = unpermitted_keys(params)
+      if unpermitted_keys.any?
+        case self.class.action_on_unpermitted_parameters
+        when :log
+          name = "unpermitted_parameters.action_controller"
+          ActiveSupport::Notifications.instrument(name, keys: unpermitted_keys)
+        when :raise
+          raise ActionController::UnpermittedParameters.new(unpermitted_keys)
         end
       end
+    end
 
-      def permitted_scalar_filter(params, key)
-        if has_key?(key) && permitted_scalar?(self[key])
-          params[key] = self[key]
-        end
+    def unpermitted_keys(params)
+      keys - params.keys - always_permitted_parameters
+    end
 
-        keys.grep(/\A#{Regexp.escape(key.to_s)}\(\d+[if]?\)\z/).each do |key|
-          if permitted_scalar?(self[key])
-            params[key] = self[key]
-          end
-        end
+    PERMITTED_SCALAR_TYPES = [
+      String,
+      Symbol,
+      NilClass,
+      Numeric,
+      TrueClass,
+      FalseClass,
+      Date,
+      Time,
+      # DateTimes are Dates, we document the type but avoid the redundant check.
+      StringIO,
+      IO,
+    ]
+
+    def permitted_scalar?(value)
+      PERMITTED_SCALAR_TYPES.any? { |type| value.is_a?(type) }
+    end
+
+    def permitted_scalar_filter(params, permitted_key)
+      permitted_key = permitted_key.to_s
+
+      if has_key?(permitted_key) && permitted_scalar?(self[permitted_key])
+        params[permitted_key] = self[permitted_key]
       end
 
-      def array_of_permitted_scalars_filter(params, key, hash = self)
-        if hash.has_key?(key) && array_of_permitted_scalars?(hash[key])
-          params[key] = hash[key]
-        end
+      each_key do |key|
+        next unless key =~ /\(\d+[if]?\)\z/
+        next unless $~.pre_match == permitted_key
+
+        params[key] = self[key] if permitted_scalar?(self[key])
+      end
+    end
+
+    def array_of_permitted_scalars?(value)
+      if value.is_a?(Array) && value.all? { |element| permitted_scalar?(element) }
+        yield value
       end
+    end
 
-      def hash_filter(params, filter)
-        filter = filter.with_indifferent_access
+    def non_scalar?(value)
+      value.is_a?(Array) || value.is_a?(Parameters)
+    end
 
-        # Slicing filters out non-declared keys.
-        slice(*filter.keys).each do |key, value|
-          next unless value
+    EMPTY_ARRAY = []
+    EMPTY_HASH  = {}
+    def hash_filter(params, filter)
+      filter = filter.with_indifferent_access
 
-          if filter[key] == []
-            # Declaration {:comment_ids => []}.
-            array_of_permitted_scalars_filter(params, key)
-          else
-            # Declaration {:user => :name} or {:user => [:name, :age, {:adress => ...}]}.
-            params[key] = each_element(value) do |element, index|
-              if element.is_a?(Hash)
-                element = self.class.new(element) unless element.respond_to?(:permit)
-                element.permit(*Array.wrap(filter[key]))
-              elsif filter[key].is_a?(Hash) && filter[key][index] == []
-                array_of_permitted_scalars_filter(params, index, value)
-              end
-            end
+      # Slicing filters out non-declared keys.
+      slice(*filter.keys).each do |key, value|
+        next unless value
+        next unless has_key? key
+
+        if filter[key] == EMPTY_ARRAY
+          # Declaration { comment_ids: [] }.
+          array_of_permitted_scalars?(self[key]) do |val|
+            params[key] = val
+          end
+        elsif filter[key] == EMPTY_HASH
+          # Declaration { preferences: {} }.
+          if value.is_a?(Parameters)
+            params[key] = permit_any_in_parameters(value)
+          end
+        elsif non_scalar?(value)
+          # Declaration { user: :name } or { user: [:name, :age, { address: ... }] }.
+          params[key] = each_element(value) do |element|
+            element.permit(*Array.wrap(filter[key]))
           end
         end
       end
+    end
 
-      def each_element(value)
-        if value.is_a?(Array)
-          value.map { |el| yield el }.compact
-          # fields_for on an array of records uses numeric hash keys.
-        elsif fields_for_style?(value)
-          hash = value.class.new
-          value.each { |k,v| hash[k] = yield(v, k) }
-          hash
-        else
-          yield value
+    def permit_any_in_parameters(params)
+      self.class.new.tap do |sanitized|
+        params.each do |key, value|
+          case value
+          when ->(v) { permitted_scalar?(v) }
+            sanitized[key] = value
+          when Array
+            sanitized[key] = permit_any_in_array(value)
+          when Parameters
+            sanitized[key] = permit_any_in_parameters(value)
+          else
+            # Filter this one out.
+          end
         end
       end
+    end
 
-      def fields_for_style?(object)
-        object.is_a?(Hash) && object.all? { |k, v| k =~ /\A-?\d+\z/ && v.is_a?(Hash) }
-      end
-
-      def unpermitted_parameters!(params)
-        return unless self.class.action_on_unpermitted_parameters
-
-        unpermitted_keys = unpermitted_keys(params)
-
-        if unpermitted_keys.any?
-          case self.class.action_on_unpermitted_parameters
-          when :log
-            name = "unpermitted_parameters.action_controller"
-            ActiveSupport::Notifications.instrument(name, :keys => unpermitted_keys)
-          when :raise
-            raise UnpermittedParameters.new(unpermitted_keys)
+    def permit_any_in_array(array)
+      [].tap do |sanitized|
+        array.each do |element|
+          case element
+          when ->(e) { permitted_scalar?(e) }
+            sanitized << element
+          when Parameters
+            sanitized << permit_any_in_parameters(element)
+          else
+            # Filter this one out.
           end
         end
       end
+    end
 
-      def unpermitted_keys(params)
-        self.keys - params.keys - NEVER_UNPERMITTED_PARAMS
-      end
+    def initialize_copy(source)
+      super
+      @parameters = @parameters.dup
+    end
   end
 end