Fix jsonapi.rb update breakages

[zwolf]

jsonapi.rb has updated and changed the way that its error handling and deserialization work.

• The error handler no longer includes ActiveSupport::Concern, and therefore doesn't have rescue_from for the ErrorExtender to work with. The base.class_eval { rescue_from(...) } syntax seems to have replaced it for some reason. ErrorExtender needs to be updated to work somehow. See stas/jsonapi.rb@ace0e24#diff-469289c4fae6d78ec04d5ecd3df83beeL10

• The deserializer went from type checking for ActionController::Parameters (fine) to checking document.respond_to?(:permit!), which is not fine because the goal was to NOT use strong params and instead to use a whitelist of params to the deserialize method. See stas/jsonapi.rb@ace0e24#diff-e86fe4b4d2ba087be81a0a031f138fd8L19

These changes aren't great for us, frankly, but I see how they move the library to being less tightly coupled to Rails, which is a net positive.

[nciemniak]

The deserializer went from type checking for ActionController::Parameters (fine) to checking document.respond_to?(:permit!), which is not fine because the goal was to NOT use strong params and instead to use a whitelist of params to the deserialize method. See stas/jsonapi.rb@ace0e24#diff-e86fe4b4d2ba087be81a0a031f138fd8L19

Interestingly enough, the params that we are passing to jsonapi_deserialize in the TranscriptionController do respond to the permit method (i.e. params.respond_to?(:permit!) evaluates to true), which means they pass through the serializer the same way as they did before the update. So... we should be fine on this front.

[zwolf]

I'm not seeing the error I saw previously in the broken travis builds, so maybe something changed in an update. They're still failing (the ErrorExtender one and another related to coveralls) but yeah, this seems fine.