The parameter of the request body takes a JSON-serialized query. Some query types (e.g., task queries) allow to specify EL expressions in their parameters and may therefore be abused for remote code execution. See the section on security considerations for custom code in the user guide for details.

Method

POST /filter/create

Parameters

Result

A JSON object corresponding to the Filter interface in the engine.Its properties are as follows:

Response codes

Example

POST /filter/create

Status 200.

  2.   "id": "aFilterId",
  3.   "resourceType": "Task",
  4.   "name": "Accounting Tasks",
  5.   "owner": "jonny1",
  6.     "candidateGroup": "accounting"
  8.   "properties": {
  9.     "color": "#3e4d2f",
  10.     "description": "Tasks assigned to group accounting",
  11.     "priority": 5
  12. }