How to permit all attributes besides user_id using strong_parameters?

Question

I would like to use something like that:

def answer_params
  params.require(:answer).permit!.without(:user_id)
end

Answer 1

will this work?

params.require(:answer).permit!.except(:user_id)

Answer 2

I just want to put this out here, whitelisting is not DRY. Imagine a JSON API for a document based entry that could have up to 100 (or more) attributes (key value pairs). Generally the only pieces you need concern with are attributes that can escalate privileges like user_id.