From 5b259b27a18433c215d8068ae3c31d446d85c46d Mon Sep 17 00:00:00 2001
From: Julian Pustkuchen <Julian@Pustkuchen.com>
Date: Fri, 9 Dec 2022 17:35:01 +0100
Subject: [PATCH] Issue #3271172 by Anybody, Chandreshgiri Gauswami, nibo,
 Grevil: Ban the Anonymous user requests, except the logged in user

---
 perimeter.permissions.yml                   | 4 ++++
 src/EventSubscriber/PerimeterSubscriber.php | 3 +++
 2 files changed, 7 insertions(+)
 create mode 100644 perimeter.permissions.yml

diff --git a/perimeter.permissions.yml b/perimeter.permissions.yml
new file mode 100644
index 0000000..1c9b539
--- /dev/null
+++ b/perimeter.permissions.yml
@@ -0,0 +1,4 @@
+bypass perimeter defence rules:
+  title: 'Bypass Perimeter Defence ban rules'
+  description: 'Allow users to bypass the rules defined by Perimeter Defence module.'
+  restrict access: true
diff --git a/src/EventSubscriber/PerimeterSubscriber.php b/src/EventSubscriber/PerimeterSubscriber.php
index 970fc0c..fedd27c 100644
--- a/src/EventSubscriber/PerimeterSubscriber.php
+++ b/src/EventSubscriber/PerimeterSubscriber.php
@@ -40,6 +40,9 @@ class PerimeterSubscriber implements EventSubscriberInterface {
    * On page not found events, ban the IP if the request is suspicious.
    */
   public function handleBannedUrls(Event $event) {
+    if (\Drupal::currentUser()->hasPermission('bypass perimeter defence rules')) {
+      return;
+    }
     $exception = $event->getException();
     if ($exception instanceof NotFoundHttpException) {
       $request_path = $event->getRequest()->getPathInfo();
-- 
GitLab