diff --git a/app/controllers/match_scores_controller.rb b/app/controllers/match_scores_controller.rb
index daffca8..80c18ae 100644
--- a/app/controllers/match_scores_controller.rb
+++ b/app/controllers/match_scores_controller.rb
@@ -28,6 +28,6 @@ class MatchScoresController < ApplicationController
 
   # Only allow a trusted parameter "white list" through.
   def match_score_params
-    params.require(:match_score).permit(:points)
+    params.slice(:points).permit!
   end
 end
diff --git a/app/controllers/teams_controller.rb b/app/controllers/teams_controller.rb
index 9ac727e..522820d 100644
--- a/app/controllers/teams_controller.rb
+++ b/app/controllers/teams_controller.rb
@@ -26,6 +26,6 @@ class TeamsController < ApplicationController
   end
 
   def team_params
-    params.require(:team).permit(:name)
+    params.slice(:name).permit!
   end
 end
diff --git a/app/controllers/tournaments_controller.rb b/app/controllers/tournaments_controller.rb
index 0bb0334..e43cc51 100644
--- a/app/controllers/tournaments_controller.rb
+++ b/app/controllers/tournaments_controller.rb
@@ -48,6 +48,6 @@ class TournamentsController < ApplicationController
   end
 
   def tournament_params
-    params.require(:tournament).permit(:name, :description, :public, :teams)
+    params.slice(:name, :description, :public, :teams).permit!
   end
 end
diff --git a/spec/controllers/match_scores_controller_spec.rb b/spec/controllers/match_scores_controller_spec.rb
index f2429ce..67f9b1a 100644
--- a/spec/controllers/match_scores_controller_spec.rb
+++ b/spec/controllers/match_scores_controller_spec.rb
@@ -36,13 +36,13 @@ RSpec.describe MatchScoresController, type: :controller do
         end
 
         it 'updates the requested score' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
           @match_score.reload
           expect(@match_score.points).to eq(valid_update[:points])
         end
 
         it 'renders a response with the updated team' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
           expect(response).to be_successful
           body = deserialize_response response
           expect(body[:points]).to eq(valid_update[:points])
@@ -55,7 +55,7 @@ RSpec.describe MatchScoresController, type: :controller do
         end
 
         it 'renders a forbidden error response' do
-          put :update, params: { id: @match_score.to_param, match_score: valid_update }
+          put :update, params: { id: @match_score.to_param }.merge(valid_update)
           expect(response).to have_http_status(:forbidden)
         end
       end
diff --git a/spec/controllers/teams_controller_spec.rb b/spec/controllers/teams_controller_spec.rb
index 1eaaec7..7bcbdb8 100644
--- a/spec/controllers/teams_controller_spec.rb
+++ b/spec/controllers/teams_controller_spec.rb
@@ -34,14 +34,14 @@ RSpec.describe TeamsController, type: :controller do
       end
 
       it 'updates the requested team' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
         @team.reload
         expect(response).to be_successful
         expect(@team.name).to eq(valid_update[:name])
       end
 
       it 'renders a response with the updated team' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
         expect(response).to be_successful
         body = deserialize_response response
         expect(body[:name]).to eq(valid_update[:name])
@@ -54,7 +54,7 @@ RSpec.describe TeamsController, type: :controller do
       end
 
       it 'renders a forbidden error response' do
-        put :update, params: { id: @team.to_param, team: valid_update }
+        put :update, params: { id: @team.to_param }.merge(valid_update)
         expect(response).to have_http_status(:forbidden)
       end
     end
diff --git a/spec/controllers/tournaments_controller_spec.rb b/spec/controllers/tournaments_controller_spec.rb
index 8558a35..468054b 100644
--- a/spec/controllers/tournaments_controller_spec.rb
+++ b/spec/controllers/tournaments_controller_spec.rb
@@ -116,7 +116,7 @@ RSpec.describe TournamentsController, type: :controller do
     context 'with valid params' do
       context 'without authentication headers' do
         it 'renders a unauthorized error response' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
           expect(response).to have_http_status(:unauthorized)
         end
       end
@@ -127,13 +127,13 @@ RSpec.describe TournamentsController, type: :controller do
         end
 
         it 'updates the requested tournament' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
           @tournament.reload
           expect(@tournament.name).to eq(valid_update[:name])
         end
 
         it 'renders a JSON response with the tournament' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
           expect(response).to have_http_status(:ok)
           expect(response.content_type).to eq('application/json')
         end
@@ -145,7 +145,7 @@ RSpec.describe TournamentsController, type: :controller do
         end
 
         it 'renders a forbidden error response' do
-          put :update, params: { id: @tournament.to_param, tournament: valid_update }
+          put :update, params: { id: @tournament.to_param }.merge(valid_update)
           expect(response).to have_http_status(:forbidden)
         end
       end