Skip to content

005_0001 - EmptyStringCheckNotComplete

Empty String check not complete

Always check a string for empty based on != empty and != "". The first one equals database NULL value, the latter one indicates a truncated string.

Metadata

authors:
- Xiwen Cheng <x@cinaq.com>
category: Error
input: '**/*$Microflow.yaml'
rulename: EmptyStringCheckNotComplete
rulenumber: '005_0001'
scope: package
severity: MEDIUM

Description

Technically, there is a difference between empty and "". Make sure to check them both.

Remediation

Always check a string for empty based on != empty and != "". The first one equals database NULL value, the latter one indicates a truncated string.

Test cases

package app.mendix.microflows.empty_string_check_not_complete
import rego.v1


# Test data
microflow_good = {
    "$Type": "Microflow$Page",
    "Name": "mf1",
    "ObjectCollection": {
        "$Type": "Microflows$MicroflowObjectCollection",
        "Objects": [
            {
                "$Type": "Microflows$ExclusiveSplit",
                "SplitCondition": {
                    "$Type": "Microflows$ExpressionSplitCondition",
                    "Expression": "$Variable != empty and $Variable != ''",
                },
            },
        ],
    },
}

microflow_bad = {
    "$Type": "Microflow$Page",
    "Name": "mf1",
    "ObjectCollection": {
        "$Type": "Microflows$MicroflowObjectCollection",
        "Objects": [
            {
                "$Type": "Microflows$ExclusiveSplit",
                "SplitCondition": {
                    "$Type": "Microflows$ExpressionSplitCondition",
                    "Expression": "$Variable != ''",
                },
            },
        ],
    },
}

# Test cases
test_simple if {
    allow with input as microflow_good
}

test_simple_negative if {
    not allow with input as microflow_bad
}