Allow parameter filters to match multi-parameter attributes (DHH compatible)

[svoop]

This commit (only one line of code plus one test) allows filters to match multi-parameter attributes such as "published_at(1i)" from DateHelper.

The test is shamelessly taken from #17, but the actual code is only one line and thus much more efficient.

DHH wrote in reply to #17:

I'd rather we just default to permit :published_at will also just automatically allow
:published_at(x) -- instead of all this extra configuration. If you want to take a stab
at a pull request that does that, please open a new ticket.

Well, this is it.

[svoop]

As a side note:

I'd also vote for additionally allowing regular expressions as suggested in #21. It makes sense to keep things configuration-less and straight forward (as does this commit for multi parameter attributes), but there are many cases where regular expressions would offer huge benefit. Two examples:

• We're storing i18nized attributes with locale postfixes such as title_en, title_de etc Allowing a regular expression filter such as ^title_\w{2}$ is both elegant and flexible. And it doesn't pose really any new security risks.
• On a submission form, we have several virtual attributes for accept checkboxes such as accept_min_age, accept_terms etc which are never persisted to the db. One regex filter ^accept_ would match them all at no additional risk.

[rafaelfranca]

@svoop could you remove 450b0fb from this pull request?

[rafaelfranca]

I think we should be more restrictive here.

/\A#{filter}\(\di\)\z/

[rafaelfranca]

We should escape filter too

/\A#{Regexp.escape(filter)}\(\di\)\z/

[svoop]

@rafaelfranca Oops, 450b0fb slipped in because I needed it to continue working here. It's removed and I've applied the more restricitve regex you've suggested.