From 5c17376cd898ea9d4e5e1ca10ca9449c2d6fd2cc Mon Sep 17 00:00:00 2001
From: Timur Vafin <timur.vafin@flatstack.com>
Date: Wed, 14 Oct 2015 16:46:40 +0300
Subject: [PATCH] Move Rack::MiniProfiler authorization to initializer

---
 app/controllers/application_controller.rb       |  1 -
 .../concerns/mini_profiler_authorization.rb     | 17 -----------------
 config/initializers/mini_profiler.rb            |  7 +++++++
 3 files changed, 7 insertions(+), 18 deletions(-)
 delete mode 100644 app/controllers/concerns/mini_profiler_authorization.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 67fe4c23..0b0c213e 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,7 +1,6 @@
 class ApplicationController < ActionController::Base
   include Authentication
   include Authorization
-  include MiniProfilerAuthorization
 
   protect_from_forgery with: :exception
   responders :flash
diff --git a/app/controllers/concerns/mini_profiler_authorization.rb b/app/controllers/concerns/mini_profiler_authorization.rb
deleted file mode 100644
index 29afb5ed..00000000
--- a/app/controllers/concerns/mini_profiler_authorization.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-module MiniProfilerAuthorization
-  extend ActiveSupport::Concern
-
-  included do
-    before_action :authorize_mini_profiler
-  end
-
-  private
-
-  def authorize_mini_profiler
-    Rack::MiniProfiler.authorize_request if mini_profiler_authorized?
-  end
-
-  def mini_profiler_authorized?
-    ENV.fetch("MINI_PROFILER_IP_WHITELIST",  "").split(",").include?(request.remote_ip)
-  end
-end
diff --git a/config/initializers/mini_profiler.rb b/config/initializers/mini_profiler.rb
index 7784d1f6..3f278774 100644
--- a/config/initializers/mini_profiler.rb
+++ b/config/initializers/mini_profiler.rb
@@ -1 +1,8 @@
+mini_profiler_ip_whitelist = ENV.fetch("MINI_PROFILER_IP_WHITELIST",  "").split(",")
+
+Rack::MiniProfiler.config.pre_authorize_cb = lambda { |env|
+  request = Rack::Request.new(env)
+  mini_profiler_ip_whitelist.include?(request.ip)
+}
+
 Rack::MiniProfiler.config.storage = Rack::MiniProfiler::MemoryStore