feature/M095M01A-31 [MAGENTO 2] Make sure users on the maintenance li…

…st are never rate limited - Added early return when current IP is found on `.maintenance.ip` file for Sensitie Path Protection
fastly · Jul 31, 2020 · 812788d · 812788d
1 parent fb111c2
commit 812788d
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/Model/FrontControllerPlugin.php b/Model/FrontControllerPlugin.php
@@ -148,6 +148,12 @@ public function aroundDispatch(FrontControllerInterface $subject, callable $proc
      */
     private function sensitivePathProtection($path)
     {
+        $ip = $this->request->getServerValue('HTTP_FASTLY_CLIENT_IP') ?? $this->request->getClientIp();
+
+        if ($this->readMaintenanceIp($ip)) {
+            return false;
+        }
+
         $limitedPaths = json_decode($this->config->getRateLimitPaths());
         if (!$limitedPaths) {
             $limitedPaths = [];
@@ -163,7 +169,6 @@ private function sensitivePathProtection($path)
         if ($limit) {
             $rateLimitingLimit = $this->config->getRateLimitingLimit();
             $rateLimitingTtl = $this->config->getRateLimitingTtl();
-            $ip = $this->request->getServerValue('HTTP_FASTLY_CLIENT_IP') ?? $this->request->getClientIp();
             $tag = self::FASTLY_CACHE_TAG . $ip;
             $data = json_decode($this->cache->load($tag), true);
 
@@ -339,7 +344,7 @@ private function readMaintenanceIp($ip)
 
     private function log($message)
     {
-        if($this->config->isRateLimitingLoggingEnabled()) {
+        if ($this->config->isRateLimitingLoggingEnabled()) {
             $this->logger->info($message);
         }
     }