Customize confluence source code within plugin

We want to customize an implementation of Confluence source code to modify the DefaultContentPermissionManager, but instead of making a modification to the source code, we would like to write this as an app/plugin.

Is there a mechanism in Confluence to extend or modify the DefaultContentPermissionManager without modifying core confluence code? For example, if there was a configuration option somewhere that would allow us to use our own implementation of the ContentPermissionManager within our app?

Alternately, if it’s not that simple or modifying the DefaultContentPermissionManager isn’t the right way to go: Is there an API or process we can use to insert our custom permission check into the regular flow of permission checking before a page is displayed to the user?

Objective: We would like to extend Confluence source code to modify the DefaultContentPermission manager to identify if users are signed in via 2FA and factor the results into page permissions.

We have tried using EventListeners, however, they are not designed to veto the ViewPageAction that triggers them in the first place.