When building conditions, you need to be aware of the different types of operators you can use to construct your complex condition rules. There are two types of operators that you need to be aware of - Logical and Comparison.
There are currently three types of logical operators you need to be aware of. These work like logic gates and represent a boolean function.
|Logical Operator||Alias (if any)|
Comparison operators enable us to construct much more complex conditions and introduce more concrete rules to our policies.
|Text||String used in condition||Description||Valid for type|
|EQUALS||equals||a = b||Bool, Number, String|
|DOES NOT EQUAL||not-equals||a != b||Bool, Number, String|
|LESS THAN||less-than||a < b||Number|
|GREATER THAN||greater-than||a > b||Number|
|LESS THAN EQUALS||less-than-equals||a ≤ b||Number|
|GREATER THAN EQUALS||greater-than-equals||a ≥ b||Number|
|ARRAY CONTAINS||array_contains||["a", "b", "c"] has "a"||Array|
|ARRAY SUBSET||array_subset||["a", "b"] has ["a", "b", "c"]||Array|
|ARRAY SUPERSET||array_superset||["a", "b", "c"] has ["a", "b"]||Array|
|ARRAY INTERSECT||array_intersect||["a", "b", "c"] and ["c", "d", "e"] share at least one value||Array|
|EQUALS REF (reference)||equals-ref||E.G. equals user email||Number, Array, String|
|NOT EQUAL REF (reference)||not-equals-ref||E.G. not equals user key||Number, Array, String|
|CONTAINS REF (reference)||contains-ref||E.G. tenant name contains user first_name||String|
|ARRAY CONTAINS REF (reference)||array-contains-ref||["admin", "editor"] contains user role||Array|
Now that we have a basic understanding of the language to construct conditions, lets jump into creating Condition Sets.