lib/param_accessible/rule.rb in param_accessible-0.0.1 vs lib/param_accessible/rule.rb in param_accessible-0.0.2

@@ -38,31 +38,71 @@
       return if @unless_option != nil && controller.send(@unless_option)
       
       return if @only_options != nil && !@only_options.include?(controller.action_name)
       return if @except_options != nil && @except_options.include?(controller.action_name)
       
-      accessible_hash_for controller, @attributes, dest
+      accessible_hash_for controller.params, @attributes, dest
     end
     
     protected
     
-    def accessible_hash_for controller, attributes, dest
+    def accessible_hash_for params, attributes, dest
       attributes.each do |key, value|
-        if value.is_a?(Hash)
+        if key.to_s =~ /\[\]$/
+          accessible_array_for key, params, value, dest
+        elsif value.is_a?(Hash)
           attrs = dest[key]
           if attrs.nil?
             attrs = {}
             dest[key] = attrs
           end
           
-          accessible_hash_for controller, value, attrs
-        else
+          nested_params = params[key] if params.is_a?(Hash)
+          accessible_hash_for nested_params, value, attrs
+          
+        elsif key.is_a?(String)
           dest[key] = value
+          
+        elsif key.is_a?(Regexp) && params
+          accessible_params_for_regex key, params, dest
         end
       end
     end
     
+    def accessible_params_for_regex regex, params, dest
+      params.keys.each do |key|
+        if key.to_s =~ regex
+          dest[key] = nil
+        end
+      end
+      
+      dest
+    end
+
+    def accessible_array_for key, params, value, dest
+      key = key.to_s.chomp('[]')
+
+      if params and params[key].is_a? Hash
+        params[key].each do |index, nested_params|
+          dest[key] ||= {}
+          attrs = dest[key][index] = {}
+          accessible_hash_for nested_params, value, attrs if value
+        end
+      elsif params and params[key].is_a? Array
+        params[key].each do |nested_params|
+          if nested_params.is_a? Hash
+            dest[key] ||= []
+            attrs = {}
+            accessible_hash_for nested_params, value, attrs if value
+            dest[key].push(attrs)
+          else
+            dest[key] = nil
+          end
+        end
+      end
+    end
+
     # When specifying params to protect, we allow a combination of arrays and hashes much like how
     # ActiveRecord::Base#find's :include options works.  This method normalizes that into just nested hashes,
     # stringifying the keys and setting all values to nil.  This format is easier/faster to work with when
     # filtering the controller params.
     # Example...
@@ -83,10 +123,14 @@
       end
       params_out
     end
 
     def normalize_key(k)
-      k.to_s
+      if k.is_a?(Regexp)
+        k
+      else
+        k.to_s
+      end
     end
 
   end
   
 end