Filter reference

In IdentityIQ there are a few places where you can edit your own filter source and have it compiled into a search filter.  Some of these areas are:

1. When editing search criteria for an identity search in Analyze > Advanced Analytics > Identity Search (tab) > Advanced Search
2. When editing a role profile under Define > Roles
3. In the API, as you call:  Filter filter = Filter.compile( "some filter expression" );

A compiler that can create a Filter from a string representation using the following grammar (note the Java-like syntax):

• String literals should have double-quotes.
  • e.g.  firstname == "Neil"
• True / false values are treated as boolean literals
  • e.g.  inactive != false
• Digits are treated as numbers
  • e.g.  age < 100
• The string value 'null' (no quotes) is treated as null
  • e.g. name != null
• Fully-qualified constants are resolved to enums
  • e.g. type == sailpoint.object.ResourceObject.TYPE_ACCOUNT
• Everything else is assumed to be the property name
  • e.g. email == contactAddress

Composite Filters:

• And
  • AND - (expr && expr)
  • e.g. ( inactive == false && type == "Employee" )
• Or
  • OR - (expr || expr)
  • e.g. ( type == "Employee" || type == "Contractor" )
• Not
  • NOT - !(expr)
  • e.g.  !( company == "SailPoint" )

Leaf Filters:

Note: Any comparison operator can be prepended with an 'i' to signify a case-insensitive comparison (eg - i==, i!=, etc...).

• Equals
  • EQ - propertyName == value
  • e.g. firstname == "Neil"
• Not Equals
  • NE - propertyName != value
  • e.g. lastname != "Smith"
• Less Than
  • LT - propertyName < value
  • e.g. riskScoreWeight < 500
• Greater Than
  • GT - propertyName > value
  • e.g. riskScoreWeight > 0
• Less Than, Equals
  • LE - propertyName <= value
  • e.g. riskScoreWeight <=1000
• Greater Than, Equals
  • GE - propertyName >= value
  • e.g. riskScoreWeight >=500
• Contains All
  • CONTAINS_ALL - propertyName.containsAll({ "foo", "bar", "baz" }) (or containsAllIgnoreCase())
  • e.g. Groups.containsAll( { "A", "B", "C" } )
• In
  • IN - propertyName.in({ "foo", "bar", "baz" }) (or inIgnoreCase())
  • e.g. Groups.in( { "A", "B", "C" } )
• Is Null
  • ISNULL - propertyName.isNull()
  • e.g. email.isNull()
• Not Null
  • NOTNULL - propertyName.notNull()
  • e.g. company.notNull()
• Is Empty
  • ISEMPTY - propertyName.isEmpty()
  • e.g. Groups.isEmpty()
• Like, Exact
  • EXACT - propertyName == value
  • e.g. firstname == "Neil"
• Like, Start
  • START - propertyName.startsWith(value) (or startsWithIgnoreCase())
  • e.g. lastname.startsWith( "Mc" )
• Like, End
  • END - propertyName.endsWith(value) (or endsWithIgnoreCase())
  • e.g. email.endsWith( "@sailpoint.com" )
• Like, Anywhere
  • ANYWHERE - propertyName.contains(value) (or containsIgnoreCase())
  • e.g. email.contains( "sail" )
• Join
  • JOIN - propertyName.join( ClassName.propertyName )
• Collection Condition
  • COLLECTION_CONDITION - propertyName.collectionCondition( "fooProp == \"bar\"" )
  • Note that the parameter to collectionCondition() is the string representation (with quotes escaped) of the collection element filter.
• Subquery
  • SUBQUERY - propertyName.subquery( property, subquery class, subquery property,  subquery filter );
  • e.g. propertyName.subquery("firstname", sailpoint.object.Bundle, "name", "riskScoreWeight > 500");
  • A subquery takes the following parameters:
1. property
2. subquery class
3. subquery property
4. subquery filter: Either a string representation of a filter (with quotes escaped) or null.