Refactor the `StrongParametersMatcher` to work without depending on
bourne for spying on methods. Use an internal spying tool to provide
platform independence.
Other improvements include:
* Standardize `failure_message` method naming
* Properly detect when a matcher does not match
* Add documentation for `permit` matcher.
The code that sets up the blank Rails application we use for testing is
a little messy. Let's use an object to encapsulate this and then refer
to this object every time we access Rails.application.