THREESCALE-12434: Migrate from protected attributes to strong parameters - Part 2

[mayorova]

What this PR does / why we need it:

This is part 2 of the migration from protected attributes to strong parameters. See the first part in #4248

Protected attributes is an old Rails feature which was deprecated a long time ago. We were using protected_attributes_continued gem to keep it working, but now it's also discontinued and does not support Rails 7+, so it's a blocker for upgrading to Rails 7.2 for us.

This Part 2 handles the models that can have custom attributes through FieldsDefinitions - Account, User, Cinstance.

Which issue(s) this PR fixes

https://redhat.atlassian.net/browse/THREESCALE-12434

Verification steps

All tests should pass, and all features should work as before.

Special notes for your reviewer:

[jlledom]

Some comments come from the other PR. Also, I still see a lot of

[mayorova]

So, this is different from other API controller, which have only plain parameters, i.e. not nested under extra_fields.
I only did this because there was an existing test in test/integration/admin/api/accounts_controller_test.rb which was passing extra params in this way:

params: update_params.merge(extra_fields: { my_field: 4 })

I also added a check that plain parameters would also work.

Now I'm not sure if other API controllers need to accept both ways too 🤔

[qltysh]

❌ 28 blocking issues (30 total)

Tool	Category	Rule	Count
reek	Lint	Partners::ProvidersController#assign_account_attributes refers to 'account' more than self (maybe move it to another class?)	10	❌
reek	Lint	Partners::ProvidersController#assign_account_attributes has approx 8 statements	3	❌
reek	Lint	Provider::SignupsController#track_user calls 'analytics_session.traits' 2 times	2	❌
rubocop	Lint	Assignment Branch Condition size for create\_account is too high. [<5, 22, 6> 23.35/20]	2	❌
reek	Lint	Signup::AccountManager takes parameters ['defaults', 'plans'] to 3 methods	2	❌
reek	Lint	Signup::AccountManager#assign_attributes_for_account is controlled by argument 'validate_fields'	2	❌
brakeman	Vulnerability	Specify exact keys allowed for mass assignment instead of using permit\! which allows any keys.	1	❌
rubocop	Lint	Avoid parameter lists longer than 5 parameters. [6/5]	1	❌
reek	Lint	Signup::AccountManager#create has 6 parameters	1	❌
reek	Lint	Signup::AccountManager#create has boolean parameter 'validate_fields'	1	❌
rubocop	Lint	Perceived complexity for create is too high. [9/8]	1	❌
reek	Lint	DeveloperPortal::SignupController has missing safe method 'signup_user!'	1	❌
rubocop	Lint	Predicate method names should end with ?.	1	❌
qlty	Structure	Function with many parameters (count = 6): create	2