MiniProfiler icon indicating copy to clipboard operation
MiniProfiler copied to clipboard
verified publisher icon SamSaffron

deauthorize Rack-mini-profiler for non admin users

Open guysopher opened this issue 13 years ago • 2 comments

Hi, I am trying to install Rack-mini-profiler on my ROR application. I installed the gem and the profiler works great in development but I can't deauthorize specific requests for non admin users. I placed the following code in my ApplicationController before_filter

def authorize_mini_profiler if current_user.nil? Rack::MiniProfiler.deauthorize_request return elsif is_admin_user Rack::MiniProfiler.authorize_request return end Rack::MiniProfiler.deauthorize_request end In debug I saw that the deauthorize method is called but the profiler is still displayed.

I even tried using this code

def authorize_mini_profiler Rack::MiniProfiler.deauthorize_request end but still, every request by any user displays the profiler.

Does anyone knows what might be the problem? Thanks

guysopher avatar Apr 08 '13 15:04 guysopher

I am having this same problem. Basically, the deauthorize_request method does not seem to have the affect I was expecting. The mini_profiler always shows the profile stats regardless of the authorize / deauthorize and regardless of the environment I am running.

jonuhal avatar Apr 11 '13 05:04 jonuhal

create a rack_mini_profiler.rb in your initializers dir and add to following line:

Rack::MiniProfiler.config.authorization_mode = :whitelist

The default is :all

chrisdebruin avatar May 30 '13 11:05 chrisdebruin