Redmine

I would like to define few prefixes for URL (query string) that if current redmine page contains one of them, it will only render "ACCESS DENIED" as an output if the client is browsing from outside of LAN, or alternatively, if client's IP does not match specific prefix.

For example something like:

if request.remote_ip[0,10] != "192.168.1." then
   # print "ACCESS DENIED" or some other message to the output
   return false; #and nothing else past that
end

I have no idea if the above code snipped is even a valid one, it's just my rough guess, and also I don't know where would I need to put it in order to take effect.

Ultimately I want to prevent possibility that redmine users can browse pages that belong to certain repositories UNLESS they are browsing redmine from LAN or even more specifically from an IP range matching a prefix (simpler, and will do). That would enforce that if these users are not in LAN, they'd need VPN before they can see the content. An additional condition on top of all built-in access control.

So far I thought that I can perhaps include snippets of code similar to the one above into the files under /usr/share/redmine/app/views/repositories but I was not able to see any effect.

I would love if this could be a plugin, but it will suffice if I can add code snippets by hand to any file(s) needed, like a patch.