ACS-3788: Handling null/empty rule action parameter values. (#1505)

* ACS-3788: Handling null rule action parameter values.

* ACS-3788: Throwing exception when empty/null rule action parameter values.

remote-api/src/main/java/org/alfresco/rest/api/impl/rules/ActionParameterConverter.java

@@ -34,6 +34,7 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 
 import org.alfresco.rest.api.Nodes;
 import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
@@ -51,6 +52,7 @@ import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
+import org.apache.logging.log4j.util.Strings;
 import org.json.JSONArray;
 import org.json.JSONException;
 import org.springframework.beans.factory.NoSuchBeanDefinitionException;
@@ -58,6 +60,8 @@ import org.springframework.beans.factory.NoSuchBeanDefinitionException;
 @Experimental
 public class ActionParameterConverter
 {
+    static final String ACTION_PARAMETER_SHOULD_NOT_HAVE_EMPTY_OR_NULL_VALUE =
+            "Action parameter should not have empty or null value";
     private final DictionaryService dictionaryService;
     private final ActionService actionService;
     private final NamespaceService namespaceService;
@@ -93,6 +97,9 @@ public class ActionParameterConverter
 
         for (Map.Entry<String, Serializable> param : params.entrySet())
         {
+            if (Objects.toString(param.getValue(), Strings.EMPTY).isEmpty()) {
+                throw new InvalidArgumentException(ACTION_PARAMETER_SHOULD_NOT_HAVE_EMPTY_OR_NULL_VALUE, new String[] {param.getKey()});
+            }
             final ParameterDefinition paramDef = definition.getParameterDefintion(param.getKey());
             if (paramDef == null && !definition.getAdhocPropertiesAllowed())
             {
@@ -159,16 +166,17 @@ public class ActionParameterConverter
         }
         else
         {
-            if (typeQName.equals(DataTypeDefinition.QNAME) && typeQName.toString().contains(":"))
+            final String stringValue = Objects.toString(propertyValue, Strings.EMPTY);
+            if (typeQName.isMatch(DataTypeDefinition.QNAME) && typeQName.toString().contains(":"))
             {
-                value = QName.createQName(propertyValue.toString(), namespaceService);
+                value = QName.createQName(stringValue, namespaceService);
             }
             else if (typeQName.isMatch(DataTypeDefinition.NODE_REF))
             {
-                NodeRef nodeRef = nodes.validateOrLookupNode(propertyValue.toString(), null);
+                NodeRef nodeRef = nodes.validateOrLookupNode(stringValue, null);
                 if (permissionService.hasReadPermission(nodeRef) != ALLOWED)
                 {
-                    throw new EntityNotFoundException(propertyValue.toString());
+                    throw new EntityNotFoundException(stringValue);
                 }
                 value = nodeRef;
             }

remote-api/src/test/java/org/alfresco/rest/api/impl/rules/ActionParameterConverterTest.java

@@ -44,6 +44,7 @@ import java.io.Serializable;
 import java.util.List;
 import java.util.Map;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
 import org.alfresco.repo.action.executer.AddFeaturesActionExecuter;
 import org.alfresco.repo.action.executer.CheckInActionExecuter;
 import org.alfresco.repo.action.executer.CheckOutActionExecuter;
@@ -56,6 +57,7 @@ import org.alfresco.repo.action.executer.SetPropertyValueActionExecuter;
 import org.alfresco.repo.action.executer.SimpleWorkflowActionExecuter;
 import org.alfresco.rest.api.Nodes;
 import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
+import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
 import org.alfresco.rest.framework.core.exceptions.NotFoundException;
 import org.alfresco.service.Experimental;
 import org.alfresco.service.cmr.action.ActionDefinition;
@@ -67,6 +69,7 @@ import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
+import org.apache.logging.log4j.util.Strings;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -609,6 +612,28 @@ public class ActionParameterConverterTest
         assertThatExceptionOfType(EntityNotFoundException.class).isThrownBy(() -> objectUnderTest.getConvertedParams(params, name));
     }
 
+    @Test
+    public void testNullParamValue()
+    {
+        final String name = CheckOutActionExecuter.NAME;
+        final String destinationFolderKey = CheckOutActionExecuter.PARAM_DESTINATION_FOLDER;
+        final String assocNameKey = CheckOutActionExecuter.PARAM_ASSOC_QNAME;
+        final String assocTypeKey = CheckOutActionExecuter.PARAM_ASSOC_TYPE_QNAME;
+        final Map<String, Serializable> params =
+                Map.of(destinationFolderKey, Strings.EMPTY, assocNameKey, Strings.EMPTY, assocTypeKey, Strings.EMPTY);
+
+        given(actionService.getActionDefinition(name)).willReturn(actionDefinition);
+
+        //when
+        assertThrows(InvalidArgumentException.class, () ->objectUnderTest.getConvertedParams(params, name));
+
+        then(actionService).should().getActionDefinition(name);
+        then(actionService).shouldHaveNoMoreInteractions();
+        then(actionDefinition).shouldHaveNoInteractions();
+        then(dictionaryService).shouldHaveNoInteractions();
+        then(namespaceService).shouldHaveNoInteractions();
+    }
+
     @Test
     public void testInvalidActionDefinitionConversion() {
         final String invalidName = "dummy-definition";