[ACS-9697] Backport to 23.N (#3375)

2025-09-17 14:21:39 +00:00 · 2025-06-05 16:23:23 +05:30
parent dcf9f65f6b
commit 9bfd274127
2 changed files with 109 additions and 118 deletions
--- a/remote-api/src/main/java/org/alfresco/rest/api/impl/validator/actions/ActionNodeParameterValidator.java
+++ b/remote-api/src/main/java/org/alfresco/rest/api/impl/validator/actions/ActionNodeParameterValidator.java
@@ -2,7 +2,7 @@
 * #%L
 * Alfresco Remote API
 * %%
- * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * Copyright (C) 2005 - 2025 Alfresco Software Limited
 * %%
 * This file is part of the Alfresco software.
 * If the software was purchased under a paid Alfresco license, the terms of
@@ -39,6 +39,9 @@ import java.util.Objects;
 import java.util.Set;
 import java.util.stream.Collectors;

+import org.apache.commons.collections.MapUtils;
+import org.apache.logging.log4j.util.Strings;
+
 import org.alfresco.repo.action.executer.CheckOutActionExecuter;
 import org.alfresco.repo.action.executer.CopyActionExecuter;
 import org.alfresco.repo.action.executer.ImageTransformActionExecuter;
@@ -58,8 +61,6 @@ import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.NamespaceService;
-import org.apache.commons.collections.MapUtils;
-import org.apache.logging.log4j.util.Strings;

 /**
 * This class provides logic for validation of permissions for action parameters which reference node.
@@ -67,15 +68,14 @@ import org.apache.logging.log4j.util.Strings;
 public class ActionNodeParameterValidator implements ActionValidator
 {
    /**
-     * This list holds action parameter names which require only READ permission on a referenced node
-     * That means, all other parameters that reference nodes will require WRITE permission
+     * This list holds action parameter names which require only READ permission on a referenced node That means, all other parameters that reference nodes will require WRITE permission
     */
-    static final Map<String, List<String>> REQUIRE_READ_PERMISSION_PARAMS =
-            Map.of(LinkCategoryActionExecuter.NAME, List.of(LinkCategoryActionExecuter.PARAM_CATEGORY_VALUE));
+    static final Map<String, List<String>> REQUIRE_READ_PERMISSION_PARAMS = Map.of(LinkCategoryActionExecuter.NAME, List.of(LinkCategoryActionExecuter.PARAM_CATEGORY_VALUE));

    static final String NO_PROPER_PERMISSIONS_FOR_NODE = "No proper permissions for node: ";
    static final String NOT_A_CATEGORY = "Node is not a category ";
    static final String NOT_A_FOLDER = "Node is not a folder ";
+    static final String NO_LONGER_EXISTS = "%s having Id: %s no longer exists. Please update your rule definition.";

    private final Actions actions;
    private final NamespaceService namespaceService;
@@ -83,7 +83,7 @@ public class ActionNodeParameterValidator implements ActionValidator
    private final PermissionService permissionService;

    public ActionNodeParameterValidator(Actions actions, NamespaceService namespaceService, Nodes nodes,
-                                        PermissionService permissionService)
+            PermissionService permissionService)
    {
        this.actions = actions;
        this.namespaceService = namespaceService;
@@ -94,7 +94,8 @@ public class ActionNodeParameterValidator implements ActionValidator
    /**
     * Validates action parameters that reference nodes against access permissions for executing user.
     *
-     * @param action Action to be validated
+     * @param action
+     *            Action to be validated
     */
    @Override
    public void validate(Action action)
@@ -124,7 +125,7 @@ public class ActionNodeParameterValidator implements ActionValidator
    }

    private void validateNodes(final List<ActionDefinition.ParameterDefinition> nodeRefParamDefinitions,
-                               final Action action)
+            final Action action)
    {
        if (MapUtils.isNotEmpty(action.getParams()))
        {
@@ -132,7 +133,15 @@ public class ActionNodeParameterValidator implements ActionValidator
                    .filter(pd -> action.getParams().containsKey(pd.getName()))
                    .forEach(p -> {
                        final String nodeId = Objects.toString(action.getParams().get(p.getName()), Strings.EMPTY);
-                        final NodeRef nodeRef = nodes.validateNode(nodeId);
+                        NodeRef nodeRef;
+                        try
+                        {
+                            nodeRef = nodes.validateNode(nodeId);
+                        }
+                        catch (EntityNotFoundException e)
+                        {
+                            throw new EntityNotFoundException(String.format(NO_LONGER_EXISTS, p.getDisplayLabel(), nodeId), e);
+                        }
                        validatePermission(action.getActionDefinitionId(), p.getName(), nodeRef);
                        validateType(action.getActionDefinitionId(), nodeRef);
                    });
@@ -163,7 +172,8 @@ public class ActionNodeParameterValidator implements ActionValidator
            {
                throw new InvalidArgumentException(NOT_A_FOLDER + nodeRef.getId());
            }
-        } else if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet()))
+        }
+        else if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet()))
        {
            throw new InvalidArgumentException(NOT_A_CATEGORY + nodeRef.getId());
        }