Most of the table functions are disabled in readonly mode, as they allow to enter of arbitrary addresses, and without the remote_url_allow_hosts configured, it may open up the server to SSRF. Some table functions can be heavy and risky (like the format table function) and should be disabled as well.

But the cluster table function does not allow to enter of an arbitrary hostname and is lightweight, so we can allow it in the readonly mode. The same is for the numbers, numbers_mt, generateRandom, and values.

Use case

Metrics dashboard.

Describe the solution you'd like

See ITableFunction::execute
Currently, it is implemented with hard coding:

if ((function_name != "null") && (function_name != "view") && (function_name != "viewIfPermitted"))
    required_access |= AccessType::CREATE_TEMPORARY_TABLE;

which is not suitable anymore and needs to be rewritten to metadata struct in the factory, similarly to AggregateFunctionProperties.
Then we can add a field allow_readonly to the system.table_functions table.