From 602215a273cd4576ff60264ac31fcaf37bedcfe6 Mon Sep 17 00:00:00 2001
From: Sam Saffron <sam.saffron@gmail.com>
Date: Wed, 9 Oct 2019 12:49:22 +1100
Subject: [PATCH] SECURITY: mini profiler enabled incorrectly for admins

We expect mini profiler only to show up on accounts that are flagged as
developer accounts.

Unfortunately there was a bypass on any controllers that mix in ApplicationHelper
---
 app/helpers/application_helper.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index c45ade5fb2fb6..84d8e383b5de2 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -185,10 +185,6 @@ def guardian
     @guardian ||= Guardian.new(current_user)
   end
 
-  def mini_profiler_enabled?
-    defined?(Rack::MiniProfiler) && admin?
-  end
-
   def admin?
     current_user.try(:admin?)
   end