You could subscribe to the PostAuthorizeRequest
event and discard the results if the current user is not in a given role or the request is coming from a specific IP or whatever check you want:
protected void Application_BeginRequest()
{
MiniProfiler.Start();
}
protected void Application_PostAuthorizeRequest(object sender, EventArgs e)
{
if (!DoTheCheckHere(this.Context))
{
MiniProfiler.Stop(discardResults: true);
}
}
private bool DoTheCheckHere(HttpContext context)
{
// do your checks here
return context.User.IsInRole("Admin");
}