Search Query Reference
This page provides a list of attributes and keywords that are used in Hub query language.
For information about Hub search syntax, see Search Query Grammar.
Operators
Use the following operators to create logical combinations of attributes in a search query.
Operator | Description | Examples |
---|---|---|
not | Exclude a subset from a set of search query results. | To find users that do not have a Google login associated with their account and have any role granted directly to their account, enter:not authModule: Google and has: ownRole |
and | Combine multiple search attributes to expand the search request. The AND-expression is always processed as group and has a higher priority than OR-expressions in the query. | To find all projects in which a user "Vader" has Developer role and also a user "Yoda" has any access, enter: accessible(for: {Vader}, with: Developer) and accessible(for: Yoda) |
or | Combine multiple search attribute subsets to restrict the search request. | To find users that can administrate YouTrack service, enter:(login: admin or login: root) and hasLicense: YouTrack |
( ) | Combine various search attributes to change the order in which attributes and operators are processed. The part of a search query inside the parentheses has priority and is always processed as a single unit. | To find all users that have "Low-level Read Administration" access permissions in the "Death Star" project, and are either members of the "star-team" group or have the login name "admin", on the Users page, enter:(login: admin or group: star-team) and access(project: {Death Star}, with: {Low-level Read Administration}) |
Symbols
The following symbols can be used to extend or refine a search query.
Symbol | Description | Examples |
---|---|---|
, | List multiple values for a single attribute or a sub-query. | To find user accountss with the login name darth.vader or yoda that have access with the Developer role to the project with the key "DS", enter:login: {darth.vader}, yoda access(project: DS,with: Developer) |
{ } | Encloses attribute values that contain spaces. | To find a project that has the specified resource (let's say a project in YouTrack), on the Projects page, enter:resource: {Death Star Backlog} |
Boolean Search
The has
and is
keywords function as Boolean search terms. When used in a search query, they return all entities that contain a value for the specified attribute. Use the not
operator (-
) before the specified attribute to find entities that have empty values.
For example, to find all trusted services that have any resources, open the Services page and enter:
has: resource is: trusted
The attributes that you can use in combination with the has
and is
keywords depend on the type of the entity that you search for. See a section related to a particular entity type for the list of available attributes.
Date and Period Values
Several search attributes reference values that are stored as a date. You can search for dates as single values or use a range of values to define a period.
Specify dates in the format: YYYY-MM-DD
or YYYY-MM
or MM-DD
. You also can specify a time in 24h format: HH:MM:SS
or HH:MM
. To specify both date and time, use the format: YYYY-MM-DD}T{HH:MM:SS
. For example, to find all accounts that were created after 12:00 of May 26, 2017, on the Users page, enter
after: {2017-05-26T12:00}
Search by ID
Every entity in Hub has its unique identifier. You can find the entity id in logs, events, URLs and API requests and responses.
Please remember that you can use entity id in a search query only on the page that lists entities of the same type. That is: searching by an id of a user account on the Services page returns no results. However, if you search by this id on the Users page, you will be navigated to the settings page of the user account with this id.
Projects
The following search attributes are supported for projects in Hub:
Attribute | Value | Description |
---|---|---|
key | <project key> | Returns a project with the specified key. For example: key: DSB |
name | <project name> | Returns a project with the specified name. For example: name: {Death Star Development} |
resource | <resource name> | Returns projects with the specified resource. For example: resource: {Death Star Backlog} |
has | resource | Returns projects that have any associated resources. |
is | archived | Returns archived projects. |
Supported sub-queries
Sub-query | Description |
---|---|
accessible(for: user, with: role) | Returns projects where the user is granted access with the specified role. For example: accessible(for: Vader, with: {Project Admin}) |
accessible(for: group, with: role) | Returns projects that the specified group can access with the specified role. For example: accessible(for: {Storm Troopers}, with: Developer) |
accessible(for: service, with: role) | Returns projects that the specified service can access with the specified role. For example: accessible(for:YouTrack, with: {Public Observer}) |
accessible(for: user, with: permission) | Returns projects that the specified user can access with the specified permission. For example: accessible(for:Vader, with: {Read Issue}) |
accessible(for: group, with: permission) | Returns projects that the group can access with the specified permission. For example: accessible(for: Ewoks, with: {Update Project}) |
accessible(for: service, with: permission) | Returns projects that the service can access with the specified permission. For example: accessible(for:YouTrack, with: {Read Project}) |
accessible(for: user) | Returns projects that the specified user can access. For example: accessible(for: Yoda}) |
accessible(for: group) | Returns projects that the specified group can access. For example: accessible(for: {Jedi Order}) |
accessible(for: service) | Returns projects that the specified service can access. For example: accessible(for: {Jedi Mobile}) |
accessible(with: role) | Returns projects for which a user or a group is granted the specified role. For example: accessible(with: Developer) |
accessible(with: permission) | Returns projects for which a user or a group is granted the specified permission. For example: accessible(with: {Read Project}) |
resource(key: resourceKey, service: service) | Returns projects with the specified resource of the specified service. For example: resource(key:DSB, service:{Death Star Tracker) |
resource(service: service) | Returns projects with resources of the specified service. For example: resource(service: {Death Star Tracker) |
Users
The following table describes search attributes supported for users list:
Attribute | Value | Description |
---|---|---|
login | <user login> | Returns a user with the specified Hub login name. For example: login: darth.vader |
loginStartsWith | <string> | Returns users with login names that start with the specified prefix. |
name | <user full name> | Returns a user with the specified full name in Hub. For example: name: {Darth Vader} |
nameStartsWith | string | Returns users with the full name that start with the specified prefix. |
Returns users with the specified email. | ||
jabber | <jabber> | Returns users with the specified jabber. |
vcsUserName | <VCS User Name> | Returns users with the specified VCS user name. |
ownRole | <role> | Returns users with the specified role that is granted directly in any project. |
in | <group> | Returns users that are members of the specified group or any of its subgroups. |
group | group | Returns users that are members of the specified group. |
authMethod authModule | authModule | Returns users with user details associated with the specified auth provider. |
authName | userName | Returns users with the specified full name in any auth provide service enabled in Hub (including Hub auth module) |
authLogin | userLogin | Returns users with the specified login name registered in any auth provider service enabled in Hub (including Hub auth module) |
originService | service | Returns user accounts with credentials that were imported from the specified service. |
googleID | value | Returns all user accounts with the specified googleID identifier |
openID | value | Returns user accounts with the specified openID identifier |
sshPublicKey | value | Returns a user account that has SSH public key with the specified fingerprint. |
hasLicense | service | Returns users who are licensed to use the specified service. |
after | date | Returns user accounts that were created after the specified date. For example: To find all accounts that were created after 12:00 of May 26, 2017, enter after: {2017-05-26T12:00} |
before | date | Returns user accounts that were created before the specified date. For example: To find all accounts that have a license for the YouTrack service and that were created before May 26, 2017, enter: before: {2017-05-26} hasLicense: YouTrack |
has | ownRole | Users with own roles |
group | Returns users that are members of any group apart from the All Users group. | |
authMethod | Returns users that have at least one set of credentials. | |
Returns user accounts that have at least one email defined. | ||
jabber | Returns user accounts with the defined jabber. | |
originService | Returns user accounts with a set of credentials that was imported from a service. | |
login | Returns user accounts that have credentials created in Hub service, and not imported from a service or another auth provider. | |
sshPublicKey | Returns users that have SSH public key. | |
license | Returns user accounts that are granted with any license. | |
refresh token | User who has emitted refresh tokens | |
permanent token | Returns user accounts that have generated a permanent token. | |
approved resource | Users with approved resources | |
is | guest | The guest user |
banned | Banned users |
Supported sub-queries
Sub-query | Description |
---|---|
access(project: project, with: role) | Returns users who have the specified role in the specified project |
access(project: project, with: permission) | Returns users who have the specified permission in the specified project |
access(project: project) | Returns users who have any role granted in the specified project |
access(with: role) | Returns users who have the specified role granted in any project |
access(with: permission) | Returns users who have the specified permission in any project |
lastAccess(after: instant) | Returns users that accessed Hub after the specified date |
lastAccess(before: instant) | Returns users that accessed Hub before the specified date |
lastAccess(after: instant, before: instant) | Returns users that accessed Hub between the specified dates |
Groups
Attribute | Value | Description |
---|---|---|
id | <group id> | Returns a group with the specified id and opens its page. |
name | <group name> | Returns a group by its name. |
user | <user name> <user login> | Returns groups that contain the specified user. |
parent | <group> | Returns sub-groups of the specified parent group. |
subgroup | <group> | Returns a parent group that contains the specified sub-group. |
project | <project name> <project key> | Returns all groups from the specified project. |
has | user | Returns groups that have members. |
subgroup | Returns groups that have at least one sub-group. | |
ownRole | Returns groups that are granted at least one role in a project directly. | |
icon | Returns groups with an icon. | |
is | allUsers | Returns the "All users" group |
autoJoin | Returns groups with enabled auto-join option. |
Supported sub-queries
Sub-query | Description |
---|---|
access(project: project, with: role) | Returns groups that have the specified role granted in the specified project. |
access(project: project, with: permission) | Returns groups that have the specified permission granted in the specified project. |
access(project: project) | Returns groups that have any permission granted in the specified project |
access(with: role) | Returns groups that have the specified role granted in any project. |
access(with: permission) | Returns groups that have the specified permission granted in any project. |
Roles
The following search attributes are supported for roles in Hub:
Attribute | Value | Description |
---|---|---|
id | value | Returns a role with the specified id and opens its page. |
key | <role key> | Returns a role with the specified key. |
name | <role name> | Returns a role with the specified name. |
permission | <permission> | Returns roles that include the specified permission. |
is | team | Returns roles that are marked as team roles. |
has | permission | Returns roles with at least one permission. |
Supported sub-queries
Sub-query | Description |
---|---|
permission(key: permissionKey, service: service) | Returns roles that include the specified permission from the specified service. For example, to find roles that contain permission to create groups in the service "YouTrack Administration", enter permission(key: {jetbrains.jetpass.group-create}, service: {YouTrack Administration}) |
permission(service: service) | Returns roles that include any permission from the specified service. For example, to find roles that contain permission from the service "Dark Forth", enter permission(service: {Dark Side}) |
Auth Modules
The following search attributes are supported for auth modules:
Attribute | Value | Description |
---|---|---|
serverUrl | authModuleServerUrl | Returns auth modules that have the specified server Url. |
name | authModuleName | Returns an auth provider with the specified name |
type | authModuleType | Returns auth providers of the specified type. |
user | <user> | Returns all auth modules that provide login credentials for the specified user. |
has | user | Returns auth modules that have associated users. |
is | disabled | Returns the list of all disabled auth modules. |
Trusted SSL Certificates
The following search attributes are supported for the Trusted SSL Certificates:
Attribute | Value | Description |
---|---|---|
id | <cert id> | Returns a certificate with the specified ID. |
name | <certificate name> | Returns an SSL certificate with the specified name. |
is | enabled | Returns the list of all enabled trusted certificates. |
SSL Key Stores
The following search attributes are supported for the SSL Key Stores and Certificates:
Attribute | Value | Description |
---|---|---|
id | <key store id> | Returns a key store with the specified ID. |
name | <key store name> | Returns a key store with the specified name. |
Services
The following search attributes are supported for services in Hub:
Attribute | Value | Description |
---|---|---|
id | <service id> | Returns a service with the specified id |
key | <service key> | Returns a service with the specified key |
name | <service name> | Returns a service with the specified name |
applicationName | <service application name> | Returns services with the specified application name |
vendor | <vendor name> | Returns services from the specified vendor |
version | <version number> | Returns services of the specified version |
homeUrl | <URL> | Returns services with the specified homeURL |
userUriPattern | <URI> | Returns services with the specified user uri |
groupUriPattern | <URI> | Returns services with the specified group uri |
redirectUri | <URI> | Returns services with the specified redirectUri |
permission | <permission> | Returns a service that provide the specified permission |
defaultRole | <role name> | Returns a service that provide the specified default role |
resource | <resource name> | Returns a service that holds the specified resource |
has | applicationName | Returns services with defined applicationName |
vendor | Returns services with vendor name provided. | |
version | Returns services with the version provided. | |
homeUrl | Returns services with the homeUrl provided. | |
userUriPattern | Returns services with the user URI provided. | |
groupUriPattern | Returns services with the group URI provided. | |
redirectUri | Returns services with Redirect URI provided. | |
permission | Returns services that provide any permissions. | |
defaultRole | Returns services that provide any permissions. | |
resource | Returns services that provide any resources. | |
license | Returns services that require license. | |
is | trusted | Returns trusted services. |
Audit Events
The following search attributes are supported for the events in Hub:
Attribute | Value | Description |
---|---|---|
author | <user> <group> <service> | Returns events triggered by the specified user, group or service. |
event | Created Updated Deleted | Returns events of the specified type. For example, event: Deleted author: admin |
entityType | <type> | Returns events related to the entities of the specified type. For example, entityType:service event:Created |
target | string | Returns events related to the specified target. |
authModule | Returns events related to the specified auth module. | |
role | Returns events related to the specified role. | |
service | Returns events related to the specified service. | |
user | Returns events related to the specified user. | |
group | Returns events related to the specified group. | |
before | <date> | Returns events registered before the specified moment. |
beforeId | string | Events before the specified id (including) |
after | <date> | Returns events registered after the specified moment. |
afterId | string | Events after the specified id (excluding) |