From 812788d50cc363b82947f25da9ecd77bdbd02b12 Mon Sep 17 00:00:00 2001
From: Martin Peverelli <martin.peverelli@gmail.com>
Date: Fri, 31 Jul 2020 10:33:05 -0300
Subject: [PATCH] feature/M095M01A-31 [MAGENTO 2] Make sure users on the
 maintenance list are never rate limited

- Added early return when current IP is found on `.maintenance.ip` file for Sensitie Path Protection
---
 Model/FrontControllerPlugin.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/Model/FrontControllerPlugin.php b/Model/FrontControllerPlugin.php
index 4c44fec6..7fe1a0d2 100644
--- a/Model/FrontControllerPlugin.php
+++ b/Model/FrontControllerPlugin.php
@@ -148,6 +148,12 @@ public function aroundDispatch(FrontControllerInterface $subject, callable $proc
      */
     private function sensitivePathProtection($path)
     {
+        $ip = $this->request->getServerValue('HTTP_FASTLY_CLIENT_IP') ?? $this->request->getClientIp();
+
+        if ($this->readMaintenanceIp($ip)) {
+            return false;
+        }
+
         $limitedPaths = json_decode($this->config->getRateLimitPaths());
         if (!$limitedPaths) {
             $limitedPaths = [];
@@ -163,7 +169,6 @@ private function sensitivePathProtection($path)
         if ($limit) {
             $rateLimitingLimit = $this->config->getRateLimitingLimit();
             $rateLimitingTtl = $this->config->getRateLimitingTtl();
-            $ip = $this->request->getServerValue('HTTP_FASTLY_CLIENT_IP') ?? $this->request->getClientIp();
             $tag = self::FASTLY_CACHE_TAG . $ip;
             $data = json_decode($this->cache->load($tag), true);
 
@@ -339,7 +344,7 @@ private function readMaintenanceIp($ip)
 
     private function log($message)
     {
-        if($this->config->isRateLimitingLoggingEnabled()) {
+        if ($this->config->isRateLimitingLoggingEnabled()) {
             $this->logger->info($message);
         }
     }