Menu
I am trying to install Rack-mini-profiler on my ROR application. I installed the gem and the profiler works great in development but I can't deauthorize specific requests for non admin users. I placed the following code in my ApplicationController before_filter
def authorize_mini_profiler
if current_user.nil?
Rack::MiniProfiler.deauthorize_request
return
elsif is_admin_user
Rack::MiniProfiler.authorize_request
return
end
Rack::MiniProfiler.deauthorize_request
end
In debug I saw that the deauthorize method is called but the profiler is still displayed.
I even tried using this code
def authorize_mini_profiler
Rack::MiniProfiler.deauthorize_request
end
but still, every request by any user displays the profiler.
Does anyone knows what might be the problem?
272
Well, for those who run into the same problem...
Deeper debugging found that the gem is configured for ignoring the authorization mechanism on init. In order to enable profiling only on some cases (e.g. non production or only for admin users) you need to override the default configuration in application.rb (or preferably some specific config file):
Rack::MiniProfiler.config.authorization_mode = :whitelist if Rails.env.production?
otherwise the configuration is set to :allowall
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With