Operators reference

Detecte's policy expression language is a subset of MongoDB's query language. Expressions live inside the when clause and evaluate against the action context.

Context shape

{
  action: string,                       // the action name
  params: Record<string, unknown>,      // action parameters
  context: Record<string, unknown>,     // free-form metadata
  agent: { id, name, tier, risk_score }
}

You can refer to nested fields with dot syntax: "params.amount", "agent.tier", "context.user.role".

Comparison

Operator	Meaning	Example
`$eq`	equal	`{ "agent.tier": { $eq: "high" } }`
`$ne`	not equal	`{ action: { $ne: "ping" } }`
`$gt`, `$gte`	greater than	`{ "params.amount": { $gt: 1000 } }`
`$lt`, `$lte`	less than	`{ "params.amount": { $lte: 5 } }`
`$in`	in list	`{ "params.country": { $in: ["US","CA"] } }`
`$nin`	not in list	`{ "params.country": { $nin: ["XX"] } }`
`$regex`	matches regex	`{ "context.email": { $regex: "@acme\\.com$" } }`
`$exists`	field present	`{ "params.recipient": { $exists: true } }`

Logical

{
  "$and": [
    { "action": "transfer" },
    { "params.amount": { "$gt": 10000 } },
    { "$or": [
      { "context.region": "US" },
      { "context.region": "EU" }
    ]}
  ]
}

$and, $or, and $not compose normally. The implicit operator on a top-level object is $and.

Time

Operator	Meaning
`$hourBetween: [start, end]`	UTC hour falls between (inclusive). Wraps midnight.
`$dayOfWeek: { $in: [0,6] }`	0 = Sunday.

Strict-equality shortcut

A bare scalar means $eq:

{ "action": "refund_order" }

is equivalent to

{ "action": { "$eq": "refund_order" } }