Merge pull request #30708 from ClickHouse/revert-30707-revert-30673-improve-usability-remote-host-filter

Revert "Revert "Improve usability of `remote_url_allow_hosts`""

src/Common/RemoteHostFilter.cpp

@@ -18,14 +18,14 @@ void RemoteHostFilter::checkURL(const Poco::URI & uri) const
 {
     if (!checkForDirectEntry(uri.getHost()) &&
         !checkForDirectEntry(uri.getHost() + ":" + toString(uri.getPort())))
-        throw Exception("URL \"" + uri.toString() + "\" is not allowed in config.xml", ErrorCodes::UNACCEPTABLE_URL);
+        throw Exception("URL \"" + uri.toString() + "\" is not allowed in configuration file, see <remote_url_allow_hosts>", ErrorCodes::UNACCEPTABLE_URL);
 }
 
 void RemoteHostFilter::checkHostAndPort(const std::string & host, const std::string & port) const
 {
     if (!checkForDirectEntry(host) &&
         !checkForDirectEntry(host + ":" + port))
-        throw Exception("URL \"" + host + ":" + port + "\" is not allowed in config.xml", ErrorCodes::UNACCEPTABLE_URL);
+        throw Exception("URL \"" + host + ":" + port + "\" is not allowed in configuration file, see <remote_url_allow_hosts>", ErrorCodes::UNACCEPTABLE_URL);
 }
 
 void RemoteHostFilter::setValuesFromConfig(const Poco::Util::AbstractConfiguration & config)

tests/integration/test_allowed_url_from_config/test.py

@@ -73,23 +73,23 @@ def test_config_without_allowed_hosts(start_cluster):
 
 
 def test_table_function_remote(start_cluster):
-    assert "not allowed in config.xml" not in node6.query_and_get_error(
+    assert "not allowed in configuration file" not in node6.query_and_get_error(
         "SELECT * FROM remoteSecure('example01-01-{1|2}', system, events)",
         settings={"connections_with_failover_max_tries": 1, "connect_timeout_with_failover_ms": 1000,
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
-    assert "not allowed in config.xml" not in node6.query_and_get_error(
+    assert "not allowed in configuration file" not in node6.query_and_get_error(
         "SELECT * FROM remoteSecure('example01-01-1,example01-02-1', system, events)",
         settings={"connections_with_failover_max_tries": 1, "connect_timeout_with_failover_ms": 1000,
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
-    assert "not allowed in config.xml" not in node6.query_and_get_error(
+    assert "not allowed in configuration file" not in node6.query_and_get_error(
         "SELECT * FROM remote('example01-0{1,2}-1', system, events",
         settings={"connections_with_failover_max_tries": 1, "connect_timeout_with_failover_ms": 1000,
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
-    assert "not allowed in config.xml" not in node6.query_and_get_error(
+    assert "not allowed in configuration file" not in node6.query_and_get_error(
         "SELECT * FROM remote('example01-0{1,2}-{1|2}', system, events)",
         settings={"connections_with_failover_max_tries": 1, "connect_timeout_with_failover_ms": 1000,
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
-    assert "not allowed in config.xml" not in node6.query_and_get_error(
+    assert "not allowed in configuration file" not in node6.query_and_get_error(
         "SELECT * FROM remoteSecure('example01-{01..02}-{1|2}', system, events)",
         settings={"connections_with_failover_max_tries": 1, "connect_timeout_with_failover_ms": 1000,
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
@@ -108,9 +108,9 @@ def test_table_function_remote(start_cluster):
                   "connect_timeout_with_failover_secure_ms": 1000, "connect_timeout": 1, "send_timeout": 1})
     assert node6.query("SELECT * FROM remote('localhost', system, events)") != ""
     assert node6.query("SELECT * FROM remoteSecure('localhost', system, metrics)") != ""
-    assert "URL \"localhost:800\" is not allowed in config.xml" in node6.query_and_get_error(
+    assert "URL \"localhost:800\" is not allowed in configuration file" in node6.query_and_get_error(
         "SELECT * FROM remoteSecure('localhost:800', system, events)")
-    assert "URL \"localhost:800\" is not allowed in config.xml" in node6.query_and_get_error(
+    assert "URL \"localhost:800\" is not allowed in configuration file" in node6.query_and_get_error(
         "SELECT * FROM remote('localhost:800', system, metrics)")
 
 

tests/integration/test_dictionaries_ddl/test.py

@@ -228,7 +228,7 @@ def test_http_dictionary_restrictions(started_cluster):
         """)
         node3.query("SELECT dictGetString('test.restricted_http_dictionary', 'value', toUInt64(1))")
     except QueryRuntimeException as ex:
-        assert 'is not allowed in config.xml' in str(ex)
+        assert 'is not allowed in configuration file' in str(ex)
     node3.query("DROP DICTIONARY test.restricted_http_dictionary")
 
 

tests/integration/test_storage_s3/test.py

@@ -436,12 +436,12 @@ def test_remote_host_filter(started_cluster):
 
     query = "select *, column1*column2*column3 from s3('http://{}:{}/{}/test.csv', 'CSV', '{}')".format(
         "invalid_host", MINIO_INTERNAL_PORT, started_cluster.minio_bucket, format)
-    assert "not allowed in config.xml" in instance.query_and_get_error(query)
+    assert "not allowed in configuration file" in instance.query_and_get_error(query)
 
     other_values = "(1, 1, 1), (1, 1, 1), (11, 11, 11)"
     query = "insert into table function s3('http://{}:{}/{}/test.csv', 'CSV', '{}') values {}".format(
         "invalid_host", MINIO_INTERNAL_PORT, started_cluster.minio_bucket, format, other_values)
-    assert "not allowed in config.xml" in instance.query_and_get_error(query)
+    assert "not allowed in configuration file" in instance.query_and_get_error(query)
 
 
 @pytest.mark.parametrize("s3_storage_args", [