3 files changed, 13 insertions, 6 deletions

diff --git a/activemodel/lib/active_model/dirty.rb b/activemodel/lib/active_model/dirty.rb
index 3b412d3dd7..166cccf161 100644
--- a/activemodel/lib/active_model/dirty.rb
+++ b/activemodel/lib/active_model/dirty.rb
@@ -156,7 +156,7 @@ module ActiveModel
         rescue TypeError, NoMethodError
         end
 
-        changed_attributes[attr] = value
+        changed_attributes[attr] = value unless changed_attributes.include?(attr)
       end
 
       # Handle <tt>reset_*!</tt> for +method_missing+.
diff --git a/activemodel/lib/active_model/mass_assignment_security.rb b/activemodel/lib/active_model/mass_assignment_security.rb
index a7b4706906..3f9feb7631 100644
--- a/activemodel/lib/active_model/mass_assignment_security.rb
+++ b/activemodel/lib/active_model/mass_assignment_security.rb
@@ -1,5 +1,6 @@
 require 'active_support/core_ext/class/attribute'
 require 'active_support/core_ext/string/inflections'
+require 'active_support/core_ext/array/wrap'
 require 'active_model/mass_assignment_security/permission_set'
 require 'active_model/mass_assignment_security/sanitizer'
 
@@ -110,8 +111,11 @@ module ActiveModel
         options = args.extract_options!
         role = options[:as] || :default
 
-        self._protected_attributes        = protected_attributes_configs.dup
-        self._protected_attributes[role] = self.protected_attributes(role) + args
+        self._protected_attributes = protected_attributes_configs.dup
+
+        Array.wrap(role).each do |name|
+          self._protected_attributes[name] = self.protected_attributes(name) + args
+        end
 
         self._active_authorizer = self._protected_attributes
       end
@@ -169,8 +173,11 @@ module ActiveModel
         options = args.extract_options!
         role = options[:as] || :default
 
-        self._accessible_attributes       = accessible_attributes_configs.dup
-        self._accessible_attributes[role] = self.accessible_attributes(role) + args
+        self._accessible_attributes = accessible_attributes_configs.dup
+
+        Array.wrap(role).each do |name|
+          self._accessible_attributes[name] = self.accessible_attributes(name) + args
+        end
 
         self._active_authorizer = self._accessible_attributes
       end
diff --git a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
index ee43a6694f..bb0526adc3 100644
--- a/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
+++ b/activemodel/lib/active_model/mass_assignment_security/sanitizer.rb
@@ -19,7 +19,7 @@ module ActiveModel
         removed_keys = attributes.keys - sanitized_attributes.keys
         process_removed_attributes(removed_keys) if removed_keys.any?
       end
-      
+
       def process_removed_attributes(attrs)
         raise NotImplementedError, "#process_removed_attributes(attrs) suppose to be overwritten"
       end