Page tree
Skip to end of metadata
Go to start of metadata

Most endpoints that work with collections allow to filter the results based on certain properties. The filter systems are a powerful tool to save bandwidth and time by avoiding manual filter processes on the full result set.

Conditional Expressions

Starting with RIPS API 2.16 an improved filter system is available that replaces the legacy system. As with the old filter system the same endpoints now allow to filter the results with a JSON-based filter. The new filter is more flexible and allows to create arbitrary logical conditions by nesting them.

The filter is written as a JSON object and passed to the API through the query string (e.g., ?filter=...). If the filter parameter is present the new system is used and all filters of the legacy system are ignored.

Conditions

NameOperatorValueExample
Logical AND__andAn array of expression objects{"__and": [...]}
Logical OR__orAn array of expression objects{"__or": [...]}

Expressions

NameOperatorValueExample
Exact match__equal{"field": value}{"__equal": {"id": 1}}
Exact match (negated)__notEqual{"field": value}{"__notEqual": {"id": "foo"}}
Partial match__like{"field": value}{"__like": {"name": "rips"}}
Partial match (negated)__notLike{"field": value}{"__notLike": {"email": "%ripstech.com"}}
Null__null{"field": ""}{"__null": {"date":""}}
Null (negated)__notNull{"field": ""}{"__notNull": {"date":""}}
Comparison__greaterThan{"field": value}{"__greaterThan": {"age": 21}}
Comparison (inclusive)__greaterThanEqual{"field": value}{"__greaterThanEqual": {"price": 100}}
Comparison__lessThan{"field": value}{"__lessThan": {"price": 200}}
Comparison (inclusive)__lessThanEqual{"field": value}{"__lessThanEqual": {"price": "100"}}

All available fields are documented in the API specification.

Boundaries

OperatorExample
limit/applications?limit=10
offset/applications?offset=20
orderBy/applications?orderBy[name]=desc&orderBy[id]=asc

Examples

Get all entities where the id is 1 or 2:

{
   "__or" : [
      {
         "__equal" : {
            "id" : 1
         }
      },
      {
         "__equal" : {
            "id" : 2
         }
      }
   ]
}


Get all entities where the id is 1 and the name is like "does%exist":

{
   "__and" : [
      {
         "__equal" : {
            "id" : 1
         },
         "__like" : {
            "name" : "does%exist"
         }
      }
   ]
}


A deep nested filter string:

{
   "__or" : [
      {
         "__equal" : {
            "id" : 13
         }
      },
      {
         "__equal" : {
            "id" : 42
         }
      },
      {
         "__and" : [
            {
               "__like" : {
                  "type" : "%_TAG"
               }
            },
            {
               "__notLike" : {
                  "type" : "CQ_%"
               }
            }
         ]
      },
      {
         "__or" : [
            {
               "__equal" : {
                  "name" : "name1"
               }
            },
            {
               "__and" : [
                  {
                     "__like" : {
                        "type" : "XSS%"
                     }
                  },
                  {
                     "__like" : {
                        "name" : "na%e"
                     }
                  }
               ]
            }
         ]
      }
   ]
}


Legacy

Prior to RIPS API 2.16 a different filter system is in use. It is deprecated and will be removed in RIPS API 3.0.

Expressions

Please note that different expressions can be combined but each specific expression has to be unique (e.g., ?equal[x]=a&equal[y]=b works but ?equal[x]=a&equal[x]=b does not). Multiple expressions are always AND-connected.

OperatorExample
equal/applications?equal[name]=DVWA
notEqual/applications?notEqual[name]=Wordpress
null/applications/scans/stats?null[upload]
notNull/applications/scans/stats?notNull[path]
like/applications?like[name]=D_WA
notLike/applications?notLike[name]=W%
lessThan/applications?lessThan[id]=101
greaterThan/applications?greaterThan[id]=9
lessThanEqual/applications?lessThanEqual[id]=100
greaterThanEqual/applications?greaterThanEqual[id]=10

All available fields are documented in the API specification.

Boundaries

OperatorExample
limit/applications?limit=10
offset/applications?offset=20
orderBy/applications?orderBy[name]=desc&orderBy[id]=asc
  • No labels