The parameter of the request body takes a JSON-serialized query. Some query types (e.g., task queries) allow to specify EL expressions in their parameters and may therefore be abused for remote code execution. See the section on security considerations for custom code in the user guide for details.
Method
POST /filter/create
Parameters
Result
A JSON object corresponding to the Filter
interface in the engine.Its properties are as follows:
Response codes
Example
POST /filter/create
Status 200.
"id": "aFilterId",
"resourceType": "Task",
"name": "Accounting Tasks",
"owner": "jonny1",
"candidateGroup": "accounting"
"properties": {
"color": "#3e4d2f",
"description": "Tasks assigned to group accounting",
"priority": 5
}