CVE-2015-7577: Nested attributes rejection proc bypass

When using the nested attributes feature in Active Record you can prevent the destruction of associated records by passing the allow_destroy: false option to the accepts_nested_attributes_for method. The allow_destroy flag prevents the :reject_if proc from being called because it assumes that the record will be destroyed anyway. However, this is not true if :allow_destroy is false so this leads to changes that would have been rejected being applied to the record. Attackers could set attributes to invalid values or clear all the attributes.