CORE-11942, CORE-11860 - Block blank strings as regex for approval ru…

…les (#4716)

Returning a 400 when a user tries to provide a blank string as a regex for an approval (or pre-auth) rule.

components/membership/membership-rest-impl/src/main/kotlin/net/corda/membership/impl/rest/v1/MGMRestResourceImpl.kt

@@ -763,6 +763,10 @@ class MGMRestResourceImpl internal constructor(
         }
 
         private fun validateRegex(expression: String) {
+            if (expression.isBlank()) {
+                throw BadRequestException("The regular expression was a blank string.")
+            }
+
             try {
                 expression.toRegex()
             } catch (e: PatternSyntaxException) {

components/membership/membership-rest-impl/src/test/kotlin/net/corda/membership/impl/rest/v1/MGMRestResourceTest.kt

@@ -237,6 +237,15 @@ class MGMRestResourceTest {
             stopService()
         }
 
+        @Test
+        fun `addGroupApprovalRule throws invalid input for blank string regex`() {
+            startService()
+
+            assertThrows<BadRequestException> {
+                mgmRestResource.addGroupApprovalRule(HOLDING_IDENTITY_ID, ApprovalRuleRequestParams("  ", RULE_LABEL))
+            }
+        }
+
         @Test
         fun `addGroupApprovalRule throws bad request if short hash is invalid`() {
             startService()
@@ -862,6 +871,16 @@ class MGMRestResourceTest {
                 )
             }
         }
+
+        @Test
+        fun `it throws bad request for blank string regex`() {
+            assertThrows<BadRequestException> {
+                callFunctionUnderTest(
+                    HOLDING_IDENTITY_ID,
+                    ApprovalRuleRequestParams("  ", RULE_LABEL)
+                )
+            }
+        }
     }
 
     @Nested