From 8f001bdb1b33a6e08d6f63576b9d1510caf63eb3 Mon Sep 17 00:00:00 2001
From: Sam Saffron <sam.saffron@gmail.com>
Date: Wed, 9 Oct 2019 12:49:22 +1100
Subject: [PATCH] SECURITY: mini profiler enabled incorrectly for admins

We expect mini profiler only to show up on accounts that are flagged as
developer accounts.

Unfortunately there was a bypass on any controllers that mix in ApplicationHelper
---
 app/helpers/application_helper.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 8e2e44781c..0c88a93dc6 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -187,10 +187,6 @@ module ApplicationHelper
     @guardian ||= Guardian.new(current_user)
   end
 
-  def mini_profiler_enabled?
-    defined?(Rack::MiniProfiler) && admin?
-  end
-
   def admin?
     current_user.try(:admin?)
   end