3 files changed, 32 insertions, 14 deletions

diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb
index 483b577681..cc30609f2b 100644
--- a/activemodel/lib/active_model/mass_assignment_security.rb
+++ b/activemodel/lib/active_model/mass_assignment_security.rb
@@ -1,5 +1,6 @@
 require 'active_support/core_ext/class/attribute.rb'
 require 'active_model/mass_assignment_security/permission_set'
+require 'active_model/mass_assignment_security/sanitizer'
 
 module ActiveModel
   # = Active Model Mass-Assignment Security
@@ -10,6 +11,7 @@ module ActiveModel
       class_attribute :_accessible_attributes
       class_attribute :_protected_attributes
       class_attribute :_active_authorizer
+      class_attribute :mass_assignment_sanitizer
     end
 
     # Mass assignment security provides an interface for protecting attributes
@@ -181,16 +183,14 @@ module ActiveModel
 
       def protected_attributes_configs
         self._protected_attributes ||= begin
-          default_black_list = BlackList.new(attributes_protected_by_default).tap do |w|
-            w.logger = self.logger if self.respond_to?(:logger)
-          end
+          default_black_list = BlackList.new(attributes_protected_by_default)
           Hash.new(default_black_list)
         end
       end
 
       def accessible_attributes_configs
         self._accessible_attributes ||= begin
-          default_white_list = WhiteList.new.tap { |w| w.logger = self.logger if self.respond_to?(:logger) }
+          default_white_list = WhiteList.new
           Hash.new(default_white_list)
         end
       end
@@ -199,7 +199,11 @@ module ActiveModel
   protected
 
     def sanitize_for_mass_assignment(attributes, role = :default)
-      mass_assignment_authorizer(role).sanitize(attributes)
+      (mass_assignment_sanitizer || default_mass_assignment_sanitizer).sanitize(attributes, mass_assignment_authorizer(role))
+    end
+
+    def default_mass_assignment_sanitizer
+      DefaultSanitizer.new(self.respond_to?(:logger) && self.logger)
     end
 
     def mass_assignment_authorizer(role = :default)
diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
index 9fcb94d48a..a1fcdf1a38 100644
--- a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
+++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
@@ -1,10 +1,8 @@
 require 'set'
-require 'active_model/mass_assignment_security/sanitizer'
 
 module ActiveModel
   module MassAssignmentSecurity
     class PermissionSet < Set
-      attr_accessor :logger
 
       def +(values)
         super(values.map(&:to_s))
@@ -14,6 +12,10 @@ module ActiveModel
         super(remove_multiparameter_id(key))
       end
 
+      def deny?(key)
+        raise NotImplementedError, "#deny?(key) suppose to be overwritten"
+      end
+
     protected
 
       def remove_multiparameter_id(key)
@@ -22,7 +24,6 @@ module ActiveModel
     end
 
     class WhiteList < PermissionSet
-      include Sanitizer
 
       def deny?(key)
         !include?(key)
@@ -30,7 +31,6 @@ module ActiveModel
     end
 
     class BlackList < PermissionSet
-      include Sanitizer
 
       def deny?(key)
         include?(key)
diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
index 150beb1ff2..5dbcf473bd 100644
--- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
+++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
@@ -1,9 +1,9 @@
 module ActiveModel
   module MassAssignmentSecurity
-    module Sanitizer
+    class Sanitizer
       # Returns all attributes not denied by the authorizer.
-      def sanitize(attributes)
-        sanitized_attributes = attributes.reject { |key, value| deny?(key) }
+      def sanitize(attributes, authorizer)
+        sanitized_attributes = attributes.reject { |key, value| authorizer.deny?(key) }
         debug_protected_attribute_removal(attributes, sanitized_attributes)
         sanitized_attributes
       end
@@ -12,10 +12,24 @@ module ActiveModel
 
       def debug_protected_attribute_removal(attributes, sanitized_attributes)
         removed_keys = attributes.keys - sanitized_attributes.keys
-        warn!(removed_keys) if removed_keys.any?
+        process_removed_attributes(removed_keys) if removed_keys.any?
       end
+      
+      def process_removed_attributes(attrs)
+        raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten"
+      end
+
+    end
+    class DefaultSanitizer < Sanitizer
 
-      def warn!(attrs)
+      attr_accessor :logger
+
+      def initialize(logger = nil)
+        self.logger = logger
+        super()
+      end
+      
+      def process_removed_attributes(attrs)
         self.logger.debug "WARNING: Can't mass-assign protected attributes: #{attrs.join(', ')}" if self.logger
       end
     end