MassAssignmentSecurity: add ability to specify your own sanitizer

Added an ability to specify your own behavior on mass assingment
protection, controlled by option:
ActiveModel::MassAssignmentSecurity.mass_assignment_sanitizer

1 files changed, 20 insertions, 0 deletions

diff --git a/activemodel/test/cases/mass_assignment_security_test.rb b/activemodel/test/cases/mass_assignment_security_test.rb
index 43a12eed61..a778240827 100644
--- a/activemodel/test/cases/mass_assignment_security_test.rb
+++ b/activemodel/test/cases/mass_assignment_security_test.rb
@@ -1,6 +1,15 @@
 require "cases/helper"
 require 'models/mass_assignment_specific'
 
+
+class CustomSanitizer < ActiveModel::MassAssignmentSecurity::Sanitizer
+
+  def process_removed_attributes(attrs)
+    raise StandardError
+  end
+
+end
+
 class MassAssignmentSecurityTest < ActiveModel::TestCase
 
   def test_attribute_protection
@@ -76,4 +85,15 @@ class MassAssignmentSecurityTest < ActiveModel::TestCase
     assert_equal sanitized, { }
   end
 
+  def test_custom_sanitizer
+    user = User.new
+    User.mass_assignment_sanitizer = CustomSanitizer.new
+    assert_raise StandardError do
+      user.sanitize_for_mass_assignment("admin" => true)
+    end
+  ensure
+    User.mass_assignment_sanitizer = nil
+
+  end
+
 end