DataFilter

Defines row-level and attribute-based filtering rules that restrict which data records a user can access within their permitted resources, implementing fine-grained data access control beyond simple resource permissions. While permissions determine if a user can access a database or API, data filters determine which specific records they see - a manager might have 'read employees' permission but filters ensure they only see their direct reports. This entity enables multi-tenant isolation (customers see only their data), hierarchical visibility (see only your department's data), temporal filtering (hide records older than X), and conditional exposure (show salary only for employees below your level). Filters use expressions that evaluate against record attributes, user properties, and contextual factors. They support complex boolean logic combining multiple conditions with AND/OR/NOT operators. Filters can be positive (defining what to include) or negative (defining what to exclude), with precedence rules for conflicts. They enable dynamic data masking where sensitive fields are hidden or redacted based on viewer privileges. The entity handles filter composition when users have multiple roles, each contributing different filters. This is essential for regulatory compliance (GDPR's data minimization), implementing Chinese walls in financial services, and maintaining data confidentiality in shared systems while allowing necessary access for business operations.

28 properties

Schema

Properties

Property	Type	Mode	Description	Required
filterId	uuid	stored	Unique identifier for this data filter	Required
filterName	string	stored	Human-readable name for the filter Example: `"Department Data Isolation"`	Required
description	string	stored	Explanation of what this filter does Example: `"Restricts data access to records within user's department"`	Optional
resourceType	string	stored	Type of resource this filter applies to Example: `"employee_records"`	Required
filterType	string	enum	Type of filtering Values: `row_level, column_level, cell_level, aggregate, dynamic`	Required
filterMode	string	enum	How the filter operates Values: `include, exclude, mask, transform`	Optional
filterExpression	string	stored	The filter logic expression Example: `"record.department_id == user.department_id OR record.visibility == 'public'"`	Required
sqlWhere	string	stored	SQL WHERE clause implementation Example: `"department_id = :user_dept_id OR visibility = 'public'"`	Optional
jsonPath	string	stored	JSONPath expression for document filtering Example: `"$[?(@.department == $.user.department)]"`	Optional
scope	string	stored	Where this filter applies Example: `"global"`	Optional
priority	integer	stored	Evaluation order when multiple filters exist	Optional
combineStrategy	string	enum	How to combine with other filters Values: `and, or, override, merge`	Optional
parameters	string	stored	JSON parameters used in filter expression Example: `"{\"max_age_days\":90,\"classification_levels\":[\"public\",\"internal\"]}"`	Optional
userAttributes	string	stored	User attributes referenced in filter Example: `"[\"department_id\",\"clearance_level\",\"region\"]"`	Optional
recordAttributes	string	stored	Record attributes checked by filter Example: `"[\"department_id\",\"classification\",\"owner_id\",\"created_date\"]"`	Optional
appliesTo	string	stored	JSON criteria for who gets this filter Example: `"{\"roles\":[\"employee\",\"contractor\"],\"departments\":[\"*\"]}"`	Optional
exceptions	string	stored	JSON array of exception conditions Example: `"[{\"role\":\"admin\",\"bypass\":true},{\"user_id\":\"auditor_001\",\"bypass\":true}]"`	Optional
temporalRestriction	string	stored	Time-based filtering rules Example: `"{\"hide_before\":\"30_days_ago\",\"hide_after\":\"current_date\"}"`	Optional
dataClassification	string	stored	Data classifications this filter handles Example: `"[\"public\",\"internal\",\"confidential\"]"`	Optional
performanceImpact	string	enum	Expected performance impact Values: `minimal, low, medium, high`	Optional
cacheable	boolean	stored	Whether filter results can be cached	Optional
cacheTimeout	integer	stored	Seconds to cache filter results	Optional
auditBypass	boolean	stored	Whether to log when filter is bypassed	Optional
isActive	boolean	stored	Whether this filter is currently active	Optional
testMode	boolean	stored	Run in test mode (log but don't filter)	Optional
createdBy	User	stored	Who created this filter	Optional
createdAt	DateTime	stored	When filter was created	Required
metadata	object	stored	Additional filter configuration	Optional

Examples

Example 1

{
  "@type": "DataFilter",
  "filterId": "filter_dept_001",
  "filterName": "Department Data Isolation",
  "description": "Ensures users only see data from their own department unless marked as public",
  "resourceType": "employee_records",
  "filterType": "row_level",
  "filterMode": "include",
  "filterExpression": "(record.department_id == user.department_id OR record.visibility == 'public') AND record.status != 'deleted'",
  "sqlWhere": "(department_id = :user_dept_id OR visibility = 'public') AND status != 'deleted'",
  "scope": "global",
  "priority": 100,
  "combineStrategy": "and",
  "userAttributes": "[\"department_id\",\"role\"]",
  "recordAttributes": "[\"department_id\",\"visibility\",\"status\"]",
  "appliesTo": "{\"roles\":[\"employee\",\"manager\",\"contractor\"]}",
  "exceptions": "[{\"role\":\"hr_admin\",\"bypass\":true},{\"role\":\"executive\",\"bypass\":true}]",
  "dataClassification": "[\"internal\",\"departmental\"]",
  "performanceImpact": "low",
  "cacheable": true,
  "cacheTimeout": 600,
  "auditBypass": true,
  "isActive": true,
  "testMode": false,
  "createdAt": "2024-01-01T00:00:00Z",
  "metadata": {
    "filter_version": "2.0",
    "indexed_columns": [
      "department_id",
      "visibility"
    ]
  }
}

Example 2

{
  "@type": "DataFilter",
  "filterId": "filter_pii_002",
  "filterName": "PII Data Masking",
  "description": "Masks personally identifiable information based on user clearance level",
  "resourceType": "customer_data",
  "filterType": "cell_level",
  "filterMode": "mask",
  "filterExpression": "user.clearance_level < 3 ? mask_fields(['ssn', 'dob', 'bank_account']) : show_all()",
  "jsonPath": "$[?(@.clearance < 3)].{ssn: '***-**-****', dob: '****-**-**'}",
  "scope": "global",
  "priority": 200,
  "combineStrategy": "override",
  "parameters": "{\"mask_pattern\":\"***\",\"fields_to_mask\":[\"ssn\",\"dob\",\"bank_account\",\"credit_card\"]}",
  "userAttributes": "[\"clearance_level\",\"department\",\"pii_authorization\"]",
  "recordAttributes": "[\"contains_pii\",\"sensitivity_level\"]",
  "appliesTo": "{\"all_users\":true}",
  "exceptions": "[{\"role\":\"compliance_officer\",\"bypass\":true}]",
  "dataClassification": "[\"pii\",\"sensitive\"]",
  "performanceImpact": "medium",
  "cacheable": false,
  "auditBypass": true,
  "isActive": true,
  "testMode": false,
  "createdAt": "2024-01-15T00:00:00Z",
  "metadata": {
    "gdpr_compliant": true,
    "masking_algorithm": "deterministic"
  }
}