Merge pull request #1829 from wildchild/master

Allow to specify roles for mass-assignment as array

1 files changed, 9 insertions, 2 deletions

diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb
index a7b4706906..c04de5b9a4 100644
--- a/activemodel/lib/active_model/mass_assignment_security.rb
+++ b/activemodel/lib/active_model/mass_assignment_security.rb
@@ -1,5 +1,6 @@
 require 'active_support/core_ext/class/attribute'
 require 'active_support/core_ext/string/inflections'
+require 'active_support/core_ext/array/wrap'
 require 'active_model/mass_assignment_security/permission_set'
 require 'active_model/mass_assignment_security/sanitizer'
 
@@ -111,7 +112,10 @@ module ActiveModel
         role = options[:as] || :default
 
         self._protected_attributes        = protected_attributes_configs.dup
-        self._protected_attributes[role] = self.protected_attributes(role) + args
+
+        Array.wrap(role).each do |name|
+          self._protected_attributes[name] = self.protected_attributes(name) + args
+        end
 
         self._active_authorizer = self._protected_attributes
       end
@@ -170,7 +174,10 @@ module ActiveModel
         role = options[:as] || :default
 
         self._accessible_attributes       = accessible_attributes_configs.dup
-        self._accessible_attributes[role] = self.accessible_attributes(role) + args
+
+        Array.wrap(role).each do |name|
+          self._accessible_attributes[name] = self.accessible_attributes(name) + args
+        end
 
         self._active_authorizer = self._accessible_attributes
       end