move checks to factory

Author: kardymonds

ydb/core/base/appdata_fwd.h

@@ -287,8 +287,6 @@ struct TAppData {
     // Tracing configurator (look for tracing config in ydb/core/jaeger_tracing/actors_tracing_control)
     TIntrusivePtr<NKikimr::NJaegerTracing::TSamplingThrottlingConfigurator> TracingConfigurator;
 
-    TSet<TString> AvailableExternalDataSources;
-
     TAppData(
             ui32 sysPoolId, ui32 userPoolId, ui32 ioPoolId, ui32 batchPoolId,
             TMap<TString, ui32> servicePools,

ydb/core/driver_lib/run/run.cpp

@@ -251,13 +251,6 @@ class TDomainsInitializer : public IAppDataInitializer {
         appData->CompactionConfig = Config.GetCompactionConfig();
         appData->BackgroundCleaningConfig = Config.GetBackgroundCleaningConfig();
         appData->DataErasureConfig = Config.GetDataErasureConfig();
-
-        const auto& queryServiceConfig = Config.GetQueryServiceConfig();
-        if (queryServiceConfig.AvailableExternalDataSourcesSize() > 0) {
-            const auto& availableSources = queryServiceConfig.GetAvailableExternalDataSources();
-            TSet<TString> set(availableSources.cbegin(), availableSources.cend());
-            appData->AvailableExternalDataSources = std::move(set);
-        }
     }
 };
 

ydb/core/external_sources/external_source_factory.cpp

@@ -14,20 +14,27 @@ namespace NKikimr::NExternalSource {
 namespace {
 
 struct TExternalSourceFactory : public IExternalSourceFactory {
-    TExternalSourceFactory(const TMap<TString, IExternalSource::TPtr>& sources)
+    TExternalSourceFactory(
+        const TMap<TString, IExternalSource::TPtr>& sources,
+        const std::set<TString>& availableExternalDataSources)
         : Sources(sources)
+        , AvailableExternalDataSources(availableExternalDataSources)
     {}
 
     IExternalSource::TPtr GetOrCreate(const TString& type) const override {
         auto it = Sources.find(type);
-        if (it != Sources.end()) {
-            return it->second;
+        if (it == Sources.end()) {
+            throw TExternalSourceException() << "External source with type " << type << " was not found";
         }
-        throw TExternalSourceException() << "External source with type " << type << " was not found";
+        if (!AvailableExternalDataSources.empty() && !AvailableExternalDataSources.contains(type)) {
+            throw TExternalSourceException() << "External source with type " << type << " are disabled. Please contact your system administrator to enable it";
+        }
+        return it->second;
     }
 
 private:
     TMap<TString, IExternalSource::TPtr> Sources;
+    std::set<TString> AvailableExternalDataSources;
 };
 
 }
@@ -37,7 +44,8 @@ IExternalSourceFactory::TPtr CreateExternalSourceFactory(const std::vector<TStri
                                                          size_t pathsLimit,
                                                          std::shared_ptr<NYql::ISecuredServiceAccountCredentialsFactory> credentialsFactory,
                                                          bool enableInfer,
-                                                         bool allowLocalFiles) {
+                                                         bool allowLocalFiles,
+                                                         const std::set<TString>& availableExternalDataSources) {
     std::vector<TRegExMatch> hostnamePatternsRegEx(hostnamePatterns.begin(), hostnamePatterns.end());
     return MakeIntrusive<TExternalSourceFactory>(TMap<TString, IExternalSource::TPtr>{
         {
@@ -84,7 +92,8 @@ IExternalSourceFactory::TPtr CreateExternalSourceFactory(const std::vector<TStri
             ToString(NYql::EDatabaseType::Solomon),
             CreateExternalDataSource(TString{NYql::SolomonProviderName}, {"NONE", "TOKEN"}, {}, hostnamePatternsRegEx)
         }
-    }); 
+    },
+    availableExternalDataSources); 
 }
 
 }

ydb/core/external_sources/external_source_factory.h

@@ -16,6 +16,7 @@ IExternalSourceFactory::TPtr CreateExternalSourceFactory(const std::vector<TStri
                                                          size_t pathsLimit = 50000,
                                                          std::shared_ptr<NYql::ISecuredServiceAccountCredentialsFactory> credentialsFactory = nullptr,
                                                          bool enableInfer = false,
-                                                         bool allowLocalFiles = false);
+                                                         bool allowLocalFiles = false,
+                                                         const std::set<TString>& availableExternalDataSources = {});
 
 }

ydb/core/kqp/gateway/behaviour/external_data_source/manager.cpp

@@ -122,18 +122,6 @@ TYqlConclusion<std::pair<TString, TString>> SplitPath(const TString& tableName,
     return TYqlConclusionStatus::Success();
 }
 
-[[nodiscard]] TYqlConclusionStatus CheckAvailableExternalDataSources(const NKikimrSchemeOp::TExternalDataSourceDescription& externaDataSourceDesc, const TExternalDataSourceManager::TInternalModificationContext& context) {
-    auto* actorSystem = context.GetExternalData().GetActorSystem();
-    if (!actorSystem) {
-        return TYqlConclusionStatus::Fail(NYql::TIssuesIds::KIKIMR_INTERNAL_ERROR, "Internal error. EXTERNAL_DATA_SOURCE creation and drop operations needs an actor system. Please contact internal support");
-    }
-    auto sourceType = externaDataSourceDesc.GetSourceType();
-    if (!AppData(actorSystem)->AvailableExternalDataSources.empty() && !AppData(actorSystem)->AvailableExternalDataSources.contains(sourceType)) {
-        return TYqlConclusionStatus::Fail(NYql::TIssuesIds::KIKIMR_UNSUPPORTED, TStringBuilder() << "External data source " << sourceType << " are disabled. Please contact your system administrator to enable it");
-    }
-    return TYqlConclusionStatus::Success();
-}
-
 [[nodiscard]] TYqlConclusionStatus ErrorFromActivityType(TExternalDataSourceManager::EActivityType activityType) {
     using EActivityType = TExternalDataSourceManager::EActivityType;
 
@@ -221,13 +209,7 @@ TYqlConclusionStatus TExternalDataSourceManager::PrepareCreateExternalDataSource
     schemeTx.SetOperationType(NKikimrSchemeOp::ESchemeOpCreateExternalDataSource);
     schemeTx.SetFailedOnAlreadyExists(!settings.GetExistingOk());
 
-    if (auto status = FillCreateExternalDataSourceDesc(*schemeTx.MutableCreateExternalDataSource(), name, settings); status.IsFail()) {
-        return status;
-    }
-    if (auto status = CheckAvailableExternalDataSources(schemeTx.GetCreateExternalDataSource(), context); status.IsFail()) {
-        return status;
-    }
-    return TYqlConclusionStatus::Success(); 
+    return FillCreateExternalDataSourceDesc(*schemeTx.MutableCreateExternalDataSource(), name, settings);
 }
 
 TYqlConclusionStatus TExternalDataSourceManager::PrepareDropExternalDataSource(NKqpProto::TKqpSchemeOperation& schemeOperation, const NYql::TDropObjectSettings& settings, TInternalModificationContext& context) const {

ydb/core/kqp/host/kqp_host.cpp

@@ -1169,7 +1169,8 @@ class TKqpHost : public IKqpHost {
                                                                                  FederatedQuerySetup->S3GatewayConfig.GetGeneratorPathsLimit(),
                                                                                  FederatedQuerySetup ? FederatedQuerySetup->CredentialsFactory : nullptr,
                                                                                  Config->FeatureFlags.GetEnableExternalSourceSchemaInference(),
-                                                                                 FederatedQuerySetup->S3GatewayConfig.GetAllowLocalFiles());
+                                                                                 FederatedQuerySetup->S3GatewayConfig.GetAllowLocalFiles(),
+                                                                                 {});
         }
     }
 

ydb/core/kqp/ut/scheme/kqp_scheme_ut.cpp

@@ -6618,36 +6618,66 @@ Y_UNIT_TEST_SUITE(KqpScheme) {
     }
 
     Y_UNIT_TEST(DisableS3ExternalDataSource) {
-        TKikimrRunner kikimr;
+        NKikimrConfig::TAppConfig appCfg;
+        appCfg.MutableQueryServiceConfig()->AddAvailableExternalDataSources("PostgreSQL");
+        TKikimrRunner kikimr(appCfg);
         kikimr.GetTestServer().GetRuntime()->GetAppData(0).FeatureFlags.SetEnableExternalDataSources(true);
-        kikimr.GetTestServer().GetRuntime()->GetAppData(0).AvailableExternalDataSources.insert("PostgreSQL");
+        {
+            auto db = kikimr.GetTableClient();
+            auto session = db.CreateSession().GetValueSync().GetSession();
+            TString externalDataSourceName = "/Root/ExternalDataSource2";
+            auto query = TStringBuilder() << R"(
+                CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
+                    SOURCE_TYPE="ObjectStorage",
+                    LOCATION="my-bucket",
+                    AUTH_METHOD="NONE"
+                );)";
+            auto result = session.ExecuteSchemeQuery(query).GetValueSync();
+            UNIT_ASSERT_VALUES_EQUAL(result.GetStatus(), EStatus::SCHEME_ERROR);
+            UNIT_ASSERT_STRING_CONTAINS_C(result.GetIssues().ToString(), "External source with type ObjectStorage are disabled. Please contact your system administrator to enable it", result.GetIssues().ToString());
 
-        auto db = kikimr.GetTableClient();
-        auto session = db.CreateSession().GetValueSync().GetSession();
-        TString externalDataSourceName = "/Root/ExternalDataSource";
-        auto query = TStringBuilder() << R"(
-            CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
-                SOURCE_TYPE="ObjectStorage",
-                LOCATION="my-bucket",
-                AUTH_METHOD="NONE"
-            );)";
-        auto result = session.ExecuteSchemeQuery(query).GetValueSync();
-        UNIT_ASSERT_VALUES_EQUAL(result.GetStatus(), EStatus::UNSUPPORTED);
-        UNIT_ASSERT_STRING_CONTAINS_C(result.GetIssues().ToString(), "External data source ObjectStorage are disabled. Please contact your system administrator to enable it", result.GetIssues().ToString());
+            auto query2 = TStringBuilder() << R"(
+                CREATE OBJECT `baz2` (TYPE SECRET) WITH value=`MySecretData`;
 
-        auto query2 = TStringBuilder() << R"(
-            CREATE OBJECT `baz` (TYPE SECRET) WITH value=`MySecretData`;
+                CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
+                    SOURCE_TYPE="PostgreSQL",
+                    LOCATION="my-bucket",
+                    AUTH_METHOD="BASIC",
+                    LOGIN="admin",
+                    PASSWORD_SECRET_NAME = "baz2",
+                    DATABASE_NAME="cheburashka"
+                );)";
+            result = session.ExecuteSchemeQuery(query2).GetValueSync();
+            UNIT_ASSERT_VALUES_EQUAL_C(result.GetStatus(), EStatus::SUCCESS, result.GetIssues().ToString());
+        }
+        {
+            auto client = kikimr.GetQueryClient();
+            auto session = client.GetSession().GetValueSync().GetSession();
+            TString externalDataSourceName = "/Root/ExternalDataSource";
+            auto query = TStringBuilder() << R"(
+                CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
+                    SOURCE_TYPE="ObjectStorage",
+                    LOCATION="my-bucket",
+                    AUTH_METHOD="NONE"
+                );)";
+            auto result = session.ExecuteQuery(query, NYdb::NQuery::TTxControl::NoTx()).ExtractValueSync();
+            UNIT_ASSERT_VALUES_EQUAL(result.GetStatus(), EStatus::GENERIC_ERROR);
+            UNIT_ASSERT_STRING_CONTAINS_C(result.GetIssues().ToString(), "External source with type ObjectStorage are disabled. Please contact your system administrator to enable it", result.GetIssues().ToString());
 
-            CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
-                SOURCE_TYPE="PostgreSQL",
-                LOCATION="my-bucket",
-                AUTH_METHOD="BASIC",
-                LOGIN="admin",
-                PASSWORD_SECRET_NAME = "baz",
-                DATABASE_NAME="cheburashka"
-            );)";
-        result = session.ExecuteSchemeQuery(query2).GetValueSync();
-        UNIT_ASSERT_VALUES_EQUAL_C(result.GetStatus(), EStatus::SUCCESS, result.GetIssues().ToString());
+            auto query2 = TStringBuilder() << R"(
+                CREATE OBJECT `baz` (TYPE SECRET) WITH value=`MySecretData`;
+
+                CREATE EXTERNAL DATA SOURCE `)" << externalDataSourceName << R"(` WITH (
+                    SOURCE_TYPE="PostgreSQL",
+                    LOCATION="my-bucket",
+                    AUTH_METHOD="BASIC",
+                    LOGIN="admin",
+                    PASSWORD_SECRET_NAME = "baz",
+                    DATABASE_NAME="cheburashka"
+                );)";
+            result = session.ExecuteQuery(query2, NYdb::NQuery::TTxControl::NoTx()).ExtractValueSync();
+            UNIT_ASSERT_VALUES_EQUAL_C(result.GetStatus(), EStatus::SUCCESS, result.GetIssues().ToString());
+        }
     }
 
     Y_UNIT_TEST(CreateExternalDataSourceValidationAuthMethod) {

ydb/core/tx/schemeshard/schemeshard_impl.cpp

@@ -7231,13 +7231,15 @@ void TSchemeShard::ApplyConsoleConfigs(const NKikimrConfig::TAppConfig& appConfi
 
     if (appConfig.HasQueryServiceConfig()) {
         const auto& hostnamePatterns = appConfig.GetQueryServiceConfig().GetHostnamePatterns();
+        const auto& availableExternalDataSources = appConfig.GetQueryServiceConfig().GetAvailableExternalDataSources();
         ExternalSourceFactory = NExternalSource::CreateExternalSourceFactory(
             std::vector<TString>(hostnamePatterns.begin(), hostnamePatterns.end()),
             nullptr,
             appConfig.GetQueryServiceConfig().GetS3().GetGeneratorPathsLimit(),
             nullptr,
             appConfig.GetFeatureFlags().GetEnableExternalSourceSchemaInference(),
-            appConfig.GetQueryServiceConfig().GetS3().GetAllowLocalFiles()
+            appConfig.GetQueryServiceConfig().GetS3().GetAllowLocalFiles(),
+            std::set<TString>(availableExternalDataSources.cbegin(), availableExternalDataSources.cend())
         );
     }