Strong params not permit dynamic keys

Question

my controller is receiving this params

{"utf8"=>"✓",
 "_method"=>"patch",
 "authenticity_token"=>"r5KaLCrb1PR//q4HZ0p30dUeK1OHE7cjtoken=",
 "servidor"=>
  {"nome"=>"USER NAME",
   "tipo"=>"1",
   "lotacao_ids"=>{"1"=>["", "86", "13"], "2"=>["", "86"], "3"=>["", "66","103","69"]},
   "contatos_attributes"=>{"0"=>{"telefone"=>"9229-8396 ", "id"=>"453"}},
   "matricula"=>"8741883",
   "cpf"=>"16450724870"},
 "action"=>"update",
 "controller"=>"servidores",
 "id"=>"238"}

But after passing by

params.require(:servidor).permit(:nome, :tipo, :matricula, :cpf, :contatos_attributes=>[:telefone,:id],:lotacao_ids=>{})

result in

{"nome"=>"USER NAME",
 "tipo"=>"1",
 "matricula"=>"8741883",
 "cpf"=>"16450724870",
 "contatos_attributes"=>{"0"=>{"telefone"=>"9229-8396 ", "id"=>"453"}},
 "lotacao_ids"=>{}}

how I can receive my params lotacao_ids as lotacao_ids=>{1=>86, 2=>86, 3=>66} tnks

Answer with help of @phoet

     def servidor_params
       params.require(:servidor).permit(:nome, :tipo, :matricula, :cpf, :contatos_attributes=>[:telefone,:id]).tap do |whitelisted|        
         whitelisted["lotacao_ids"] = params[:servidor]["lotacao_ids"]
       end
     end

Answer 1

what you want to do goes against the idea of strong parameters, because you would basically have no control over what is in that hash of lotacao_ids.

Note that if you use permit in a key that points to a hash, it won't allow all the hash. You also need to specify which attributes inside the hash should be whitelisted.

the part of the params that you gave as an example indicate that this should actually be an array of ids instead of a hash?

in any case, if you don't care about the content of that field, you can still merge it into the hash that you get after permitting stuff in the first place. it's still just a hash...