class ActionController::Parameters

def permit(*filters)

# => {"contact"=>{"email"=>"none@test.com", "phone"=>"555-1234"}}
params.require(:person).permit(contact: [ :email, :phone ])

# => {"contact"=>{"phone"=>"555-1234"}}
params.require(:person).permit(contact: :phone)

# => {}
params.require(:person).permit(:contact)

})
}
}
phone: '555-1234'
email: 'none@test.com',
contact: {
person: {
params = ActionController::Parameters.new({

attributes inside the hash should be whitelisted.
it won't allow all the hash. You also need to specify which
Note that if you use +permit+ in a key that points to a hash,

permitted[:person][:pets][0][:category] # => nil
permitted[:person][:pets][0][:name] # => "Purplish"
permitted[:person][:age] # => nil
permitted[:person][:name] # => "Francesco"
permitted.permitted? # => true
permitted = params.permit(person: [ :name, { pets: :name } ])

})
}
}]
category: 'dogs'
name: 'Purplish',
pets: [{
age: 22,
name: 'Francesco',
person: {
params = ActionController::Parameters.new({

You can also use +permit+ on nested parameters, like:

params.permit(tags: [])
params = ActionController::Parameters.new(tags: ['rails', 'parameters'])

by mapping it to an empty array:
You may declare that the parameter should be an array of permitted scalars

Otherwise, the key +:name+ is filtered out.
+ActionDispatch::Http::UploadedFile+ or +Rack::Test::UploadedFile+.
+Date+, +Time+, +DateTime+, +StringIO+, +IO+,
+String+, +Symbol+, +NilClass+, +Numeric+, +TrueClass+, +FalseClass+,
+:name+ passes if it is a key of +params+ whose associated value is of type

params.permit(:name)

Only permitted scalars pass the filter. For example, given

permitted.has_key?(:role) # => false
permitted.has_key?(:age) # => true
permitted.has_key?(:name) # => true
permitted.permitted? # => true
permitted = params.require(:user).permit(:name, :age)
params = ActionController::Parameters.new(user: { name: 'Francesco', age: 22, role: 'admin' })

should be allowed for mass updating.
for the object to +true+. This is useful for limiting which attributes
includes only the given +filters+ and sets the +permitted+ attribute
Returns a new ActionController::Parameters instance that 
def permit(*filters)
  params = self.class.new
  filters.flatten.each do |filter|
    case filter
    when Symbol, String
      permitted_scalar_filter(params, filter)
    when Hash then
      hash_filter(params, filter)
    end
  end
  unpermitted_parameters!(params) if self.class.action_on_unpermitted_parameters
  params.permit!
end