Tries to fix the problem with the kernel not finding the setting

core/src/main/java/apoc/ApocConfig.java

@@ -113,7 +113,6 @@ public class ApocConfig extends LifecycleAdapter {
 
     public ApocConfig(Config neo4jConfig, LogService log, GlobalProcedures globalProceduresRegistry, DatabaseManagementService databaseManagementService) {
         this.neo4jConfig = neo4jConfig;
-        this.blockedIpRanges = neo4jConfig.get(Neo4jSettings.cypher_ip_blocklist);
         this.log = log.getInternalLog(ApocConfig.class);
         this.databaseManagementService = databaseManagementService;
         theInstance = this;
@@ -204,7 +203,11 @@ protected void loadConfiguration() {
 
             boolean allowFileUrls = neo4jConfig.get(GraphDatabaseSettings.allow_file_urls);
             config.setProperty(APOC_IMPORT_FILE_ALLOW__READ__FROM__FILESYSTEM, allowFileUrls);
-
+
+            var blockedIpRanges = neo4jConfig.get(ApocSettings.cypher_ip_blocklist);
+            if (!config.containsKey(CYPHER_IP_BLOCKLIST) && blockedIpRanges != null)
+                config.setProperty(CYPHER_IP_BLOCKLIST, blockedIpRanges);
+
             // todo - evaluate default timezone here [maybe is reusable], otherwise through db.execute('CALL dbms.listConfig()')
             final Setting<ZoneId> db_temporal_timezone = GraphDatabaseSettings.db_temporal_timezone;
             config.setProperty(db_temporal_timezone.name(), neo4jConfig.get(db_temporal_timezone));
@@ -267,23 +270,25 @@ public void isImportFileEnabled() {
         }
     }
 
-    private void checkNotBlocked( URL url, List<IPAddressString> blockedIpRanges ) throws Exception
+    private void checkNotBlocked(URL url) throws Exception
     {
-        InetAddress inetAddress = InetAddress.getByName( url.getHost() );
-
-        for ( var blockedIpRange : blockedIpRanges )
-        {
-            if ( blockedIpRange.contains( new IPAddressString( inetAddress.getHostAddress() ) ) )
-            {
-                throw new URLAccessValidationError( "access to " + inetAddress + " is blocked via the configuration property "
-                                                    + Neo4jSettings.cypher_ip_blocklist.name() );
+        List<IPAddressString> blockedIpRanges = config.getList(IPAddressString.class, CYPHER_IP_BLOCKLIST);
+
+        if (blockedIpRanges != null && !blockedIpRanges.isEmpty()) {
+            InetAddress inetAddress = InetAddress.getByName( url.getHost() );
+
+            for (var blockedIpRange : blockedIpRanges) {
+                if (blockedIpRange.contains(new IPAddressString(inetAddress.getHostAddress()))) {
+                    throw new URLAccessValidationError("access to " + inetAddress + " is blocked via the configuration property "
+                                                        + ApocSettings.cypher_ip_blocklist.name());
+                }
             }
         }
     }
 
     private void checkAllowedUrl(String url) throws IOException {
         try {
-            checkNotBlocked(new URL(url), blockedIpRanges);
+            checkNotBlocked(new URL(url));
         } catch (Exception e) {
             throw new IOException(e);
         }

core/src/main/java/apoc/ApocSettings.java

@@ -1,12 +1,16 @@
 package apoc;
 
+import inet.ipaddr.AddressStringException;
+import inet.ipaddr.IPAddressString;
+
 import org.neo4j.annotations.service.ServiceProvider;
 import org.neo4j.configuration.Description;
 import org.neo4j.configuration.SettingValueParser;
 import org.neo4j.configuration.SettingsDeclaration;
 import org.neo4j.graphdb.config.Setting;
 
 import java.time.Duration;
+import java.util.List;
 
 import static apoc.ApocConfig.*;
 import static org.neo4j.configuration.SettingImpl.newBuilder;
@@ -19,6 +23,37 @@
  */
 @ServiceProvider
 public class ApocSettings implements SettingsDeclaration {
+    public static final SettingValueParser<IPAddressString> CIDR_IP = new SettingValueParser<>()
+    {
+        @Override
+        public IPAddressString parse( String value )
+        {
+            IPAddressString ipAddress = new IPAddressString( value.trim() );
+            try
+            {
+                ipAddress.validate();
+            }
+            catch ( AddressStringException e )
+            {
+                throw new IllegalArgumentException( String.format( "'%s' is not a valid CIDR ip", value ), e );
+            }
+            return ipAddress;
+        }
+
+        @Override
+        public String getDescription()
+        {
+            return "an ip with subnet in CDIR format. e.g. 127.168.0.1/8";
+        }
+
+        @Override
+        public Class<IPAddressString> getType()
+        {
+            return IPAddressString.class;
+        }
+    };
+
+    public static final Setting<List<IPAddressString>> cypher_ip_blocklist = newBuilder( CYPHER_IP_BLOCKLIST, listOf( CIDR_IP ), List.of() ).build();
 
     public static final Setting<Boolean> apoc_export_file_enabled = newBuilder( APOC_EXPORT_FILE_ENABLED, BOOL, false ).build();
 

core/src/test/java/apoc/load/LoadJsonTest.java

@@ -1,6 +1,6 @@
 package apoc.load;
 
-import apoc.Neo4jSettings;
+import apoc.ApocSettings;
 import apoc.util.CompressionAlgo;
 import apoc.util.JsonUtil;
 import apoc.util.TestUtil;
@@ -60,7 +60,7 @@ public static void stopServer() {
 
     @Rule
     public DbmsRule db = new ImpermanentDbmsRule()
-            .withSetting(Neo4jSettings.cypher_ip_blocklist, List.of(new IPAddressString("127.168.0.0/8")));
+            .withSetting(ApocSettings.cypher_ip_blocklist, List.of(new IPAddressString("127.168.0.0/8")));
 //            .withSetting(ApocSettings.apoc_import_file_enabled, true)
 //            .withSetting(ApocSettings.apoc_import_file_use__neo4j__config, false);