superapp
BackendPermissions

Operators

Complete reference of MongoDB-style operators available in filters, checks, and presets.

Permissions use MongoDB-style operators to define conditions. These operators work in both filter (WHERE clauses) and check (write validation) contexts.

filter: {
  amount: { $gte: 0, $lte: 100_000 },
  status: { $in: ['active', 'pending'] },
  customer_id: { $eq: '$user.id' },
}

Comparison Operators

OperatorDescriptionSQL EquivalentExample
$eqEqual to={ status: { $eq: 'active' } }
$neNot equal to!={ status: { $ne: 'deleted' } }
$gtGreater than>{ amount: { $gt: 100 } }
$gteGreater than or equal>={ amount: { $gte: 0 } }
$ltLess than<{ amount: { $lt: 50_000 } }
$lteLess than or equal<={ amount: { $lte: 100_000 } }
$inIn arrayIN (...){ status: { $in: ['active', 'pending'] } }
$ninNot in arrayNOT IN (...){ status: { $nin: ['deleted', 'archived'] } }

Logical Operators

OperatorDescriptionSQL EquivalentExample
$andAll conditions must matchAND{ $and: [{ a: { $gt: 0 } }, { b: { $lt: 100 } }] }
$orAny condition must matchOR{ $or: [{ status: { $eq: 'active' } }, { status: { $eq: 'pending' } }] }
$notNegate a conditionNOT{ $not: { status: { $eq: 'deleted' } } }

Special Values

ValueDescriptionResolves To
'$user.id'Current user ID'usr_123'
'$user.email'Current user email'alice@example.com'
'$user.current_org_id'Current organization'org_456'
'$user.org_ids'User's organization IDs['org_1', 'org_2']
'$user.*'Any session propertyValue from resolveSession
'$now'Current timestamp'2025-01-15T10:30:00Z'

Usage in Filters

Filters add WHERE clauses. Multiple conditions at the same level are combined with AND:

filter: {
  organization_id: { $eq: '$user.current_org_id' },  // AND
  status: { $ne: 'deleted' },                         // AND
  amount: { $gte: 0 },
}
WHERE organization_id = 'org_456'
  AND status != 'deleted'
  AND amount >= 0

OR Logic

filter: {
  $or: [
    { customer_id: { $eq: '$user.id' } },
    { assigned_to: { $eq: '$user.id' } },
  ],
}
WHERE (customer_id = 'usr_123' OR assigned_to = 'usr_123')

Nested Logic

filter: {
  $and: [
    { status: { $in: ['active', 'pending'] } },
    {
      $or: [
        { customer_id: { $eq: '$user.id' } },
        { organization_id: { $in: '$user.org_ids' } },
      ],
    },
  ],
}
WHERE status IN ('active', 'pending')
  AND (customer_id = 'usr_123' OR organization_id IN ('org_1', 'org_2'))

Usage in Checks

Checks validate request body values. The same operators apply, but they validate data rather than generating SQL:

check: {
  amount: { $gte: 0, $lte: 100_000 },
  status: { $in: ['draft', 'active', 'closed'] },
}

A request with { amount: -5 } is rejected because $gte: 0 fails.

Combining Multiple Operators

You can combine multiple operators on the same field:

// Range: 0 <= amount <= 100,000
{ amount: { $gte: 0, $lte: 100_000 } }

// Not in a set
{ status: { $nin: ['deleted', 'archived'] } }

Array Values with $in / $nin

When using $in or $nin, provide an array of allowed/disallowed values:

// Static array
{ role: { $in: ['admin', 'editor'] } }

// Session variable (resolves to array)
{ organization_id: { $in: '$user.org_ids' } }
Edit on GitHub

Presets

Automatically inject values like created_by and organization_id on insert and update.

Custom SQL

Write advanced WHERE clauses with raw SQL for cases that standard operators cannot express.

On this page

Comparison OperatorsLogical OperatorsSpecial ValuesUsage in FiltersOR LogicNested LogicUsage in ChecksCombining Multiple OperatorsArray Values with $in / $nin