Terms for data types

Terms that can be used with all data types

The following terms are used with all data types.

AND

Narrows the search for objects. The objects must meet all of the criteria.

OR

Broadens the search for objects. The objects must meet one of the criteria, not all of them.

NOT

Narrows the search by excluding all objects that match the specified criteria.

( ) (parentheses)

Groups criteria together to show the order in which the rule is applied.

If parentheses are not used, the precedence rules are:

1. NOT
2. AND
3. OR

Terms that are used with numeric data types

The following operators are used with numeric data types, such as decimal, integer, and currency data types. Security rules do not support field criteria on computed text fields or large text fields.

= (equal)

Compares the values in two fields and returns "true" if both contain the same value.

< (less than)

Compares the values in two fields and returns "true" if the second field is less than the first field. The two fields must be of the same data type. For example, both are decimal data types.

> (greater than)

Compares the values in two fields and returns "true" if the second field is greater than the first field. The two fields must be of the same data type. For example, both are decimal data types.

<= (less than or equal)

Compares the values in two fields and returns "true" if the second field is less than or equal to the first field. The two fields must be of the same data type.

>= (greater than or equal)

Compares the values in two fields and returns "true" if the second field is greater than or equal to the first field. The two fields must be of the same data type.

< > (not equal)

Compares the values in two fields and returns "true" if both contain different values.

Uses string variables.

Terms that are used with string data types

The following operators are used with data types that require strings, such as enumerated strings and simple strings. Security rules do not support long strings.

CONTAINS

Determines whether a multiple-select field contains a specific value or set of values.

ENDS WITH

Determines if the field value ends with the specified text.

LIKE

Determines if a field value matches the specified pattern string.

STARTS WITH

Determines if the field value starts with the specified text.

IN

Determines if the field value is in the specified field.

Terms that are used with date data types

TODAY

Returns today's date.

TOMORROW

Returns tomorrow's date.

NOW

Returns the current date and time.

You can specify a date in the future or in the past. For example:

• NOW(5) specifies a date five days from now.
• NOW(2,'m') specifies a date two months from now.
• NOW(-5) specifies a date five days ago.
• NOW(-2,'y') specifies a date two years ago.

You can use year, month, week, day, hour, minute, or second.

YESTERDAY

Returns yesterday's date.

DATE

Specifies the date and time as a string in the ISO format: YYYY-MM-DD and hh:mm:ss.sTZD.

You can also specify the date and its format as a string: DATE('09/05/2013','MM/dd/yyyy')

Terms that are used with other data types

END_USER

Returns the logged-in user.

END_USER_PROFILE

Returns the profile for the logged-in user.

IN GROUP

Returns the user group for the logged-in user.

IN PROFILE

Returns the specified field value that is in the specified profile.

INTENDED PARENT

Tests the parent under which a new object is to be created. It can be used only when you define a Create rule.

Use INTENDED PARENT when you want to control what a user or group can create. For example, you can allow specific users to create risks for subprocesses but not for issues.

When you use INTENDED PARENT, the condition can depend on the object type that is referenced as intended parent. The condition can also depend on the object type of the security rule's subject. A path expression that uses intended parent is considered false if the intended parent is not of the specified object type.