我的书签
添加书签
移除书签where generally takes an object from attribute:value pairs, where value can be primitives for equality matches or keyed objects for other operators.
It's also possible to generate complex AND/OR conditions by nesting sets of or and and Operators.
Sequelize exposes symbol operators that can be used for to create more complex comparisons -
const Op = Sequelize.Op[Op.and]: [{a: 5}, {b: 6}] // (a = 5) AND (b = 6)[Op.or]: [{a: 5}, {a: 6}] // (a = 5 OR a = 6)[Op.gt]: 6, // > 6[Op.gte]: 6, // >= 6[Op.lt]: 10, // < 10[Op.lte]: 10, // <= 10[Op.ne]: 20, // != 20[Op.eq]: 3, // = 3[Op.is]: null // IS NULL[Op.not]: true, // IS NOT TRUE[Op.between]: [6, 10], // BETWEEN 6 AND 10[Op.notBetween]: [11, 15], // NOT BETWEEN 11 AND 15[Op.in]: [1, 2], // IN [1, 2][Op.notIn]: [1, 2], // NOT IN [1, 2][Op.like]: '%hat', // LIKE '%hat'[Op.notLike]: '%hat' // NOT LIKE '%hat'[Op.iLike]: '%hat' // ILIKE '%hat' (case insensitive) (PG only)[Op.notILike]: '%hat' // NOT ILIKE '%hat' (PG only)[Op.startsWith]: 'hat' // LIKE 'hat%'[Op.endsWith]: 'hat' // LIKE '%hat'[Op.substring]: 'hat' // LIKE '%hat%'[Op.regexp]: '^[h|a|t]' // REGEXP/~ '^[h|a|t]' (MySQL/PG only)[Op.notRegexp]: '^[h|a|t]' // NOT REGEXP/!~ '^[h|a|t]' (MySQL/PG only)[Op.iRegexp]: '^[h|a|t]' // ~* '^[h|a|t]' (PG only)[Op.notIRegexp]: '^[h|a|t]' // !~* '^[h|a|t]' (PG only)[Op.like]: { [Op.any]: ['cat', 'hat']}// LIKE ANY ARRAY['cat', 'hat'] - also works for iLike and notLike[Op.overlap]: [1, 2] // && [1, 2] (PG array overlap operator)[Op.contains]: [1, 2] // @> [1, 2] (PG array contains operator)[Op.contained]: [1, 2] // <@ [1, 2] (PG array contained by operator)[Op.any]: [2,3] // ANY ARRAY[2, 3]::INTEGER (PG only)[Op.col]: 'user.organization_id' // = "user"."organization_id", with dialect specific column identifiers, PG in this example[Op.gt]: { [Op.all]: literal('SELECT 1') }// > ALL (SELECT 1)
Range Operators
Range types can be queried with all supported operators.
// All the above equality and inequality operators plus the following:[Op.contains]: 2 // @> '2'::integer (PG range contains element operator)[Op.contains]: [1, 2] // @> [1, 2) (PG range contains range operator)[Op.contained]: [1, 2] // <@ [1, 2) (PG range is contained by operator)[Op.overlap]: [1, 2] // && [1, 2) (PG range overlap (have points in common) operator)[Op.adjacent]: [1, 2] // -|- [1, 2) (PG range is adjacent to operator)[Op.strictLeft]: [1, 2] // << [1, 2) (PG range strictly left of operator)[Op.strictRight]: [1, 2] // >> [1, 2) (PG range strictly right of operator)[Op.noExtendLeft]: [1, 2] // &> [1, 2) (PG range does not extend to the left of operator)
Combinations
const Op = Sequelize.Op;{rank: {[Op.or]: {[Op.lt]: 1000,[Op.eq]: null}}// rank < 1000 OR rank IS NULL{createdAt: {[Op.lt]: new Date(),[Op.gt]: new Date(new Date() - 24 * 60 * 60 * 1000)}}// createdAt < [timestamp] AND createdAt > [timestamp]{[Op.or]: [{title: {[Op.like]: 'Boat%'}},{description: {[Op.like]: '%boat%'}}]}// title LIKE 'Boat%' OR description LIKE '%boat%'
Operators Aliases
Sequelize allows setting specific strings as aliases for operators. With v5 this will give you deprecation warning.
Operators security
By default Sequelize will use Symbol operators. Using Sequelize without any aliases improves security. Not having any string aliases will make it extremely unlikely that operators could be injected but you should always properly validate and sanitize user input.
Some frameworks automatically parse user input into js objects and if you fail to sanitize your input it might be possible to inject an Object with string operators to Sequelize.
For better security it is highly advised to use symbol operators from Sequelize.Op like Op.and / Op.or in your code and not depend on any string based operators like $and / $or at all. You can limit alias your application will need by setting operatorsAliases option, remember to sanitize user input especially when you are directly passing them to Sequelize methods.
const Op = Sequelize.Op;//use sequelize without any operators aliasesconst connection = new Sequelize(db, user, pass, { operatorsAliases: false });//use sequelize with only alias for $and => Op.andconst connection2 = new Sequelize(db, user, pass, { operatorsAliases: { $and: Op.and } });
const Op = Sequelize.Op;const operatorsAliases = {$eq: Op.eq,$ne: Op.ne,$gte: Op.gte,$gt: Op.gt,$lte: Op.lte,$lt: Op.lt,$not: Op.not,$in: Op.in,$notIn: Op.notIn,$is: Op.is,$like: Op.like,$notLike: Op.notLike,$iLike: Op.iLike,$notILike: Op.notILike,$regexp: Op.regexp,$iRegexp: Op.iRegexp,$notIRegexp: Op.notIRegexp,$notBetween: Op.notBetween,$overlap: Op.overlap,$contains: Op.contains,$contained: Op.contained,$adjacent: Op.adjacent,$strictLeft: Op.strictLeft,$strictRight: Op.strictRight,$noExtendRight: Op.noExtendRight,$noExtendLeft: Op.noExtendLeft,$and: Op.and,$or: Op.or,$any: Op.any,$all: Op.all,$values: Op.values,$col: Op.col};const connection = new Sequelize(db, user, pass, { operatorsAliases });
The JSON data type is supported by the PostgreSQL, SQLite, MySQL and MariaDB dialects only.
PostgreSQL
The JSON data type in PostgreSQL stores the value as plain text, as opposed to binary representation. If you simply want to store and retrieve a JSON representation, using JSON will take less disk space and less time to build from its input representation. However, if you want to do any operations on the JSON value, you should prefer the JSONB data type described below.
MSSQL
MSSQL does not have a JSON data type, however it does provide support for JSON stored as strings through certain functions since SQL Server 2016. Using these functions, you will be able to query the JSON stored in the string, but any returned values will need to be parsed seperately.
// ISJSON - to test if a string contains valid JSONUser.findAll({where: sequelize.where(sequelize.fn('ISJSON', sequelize.col('userDetails')), 1)})// JSON_VALUE - extract a scalar value from a JSON stringUser.findAll({attributes: [[ sequelize.fn('JSON_VALUE', sequelize.col('userDetails'), '$.address.Line1'), 'address line 1']]})// JSON_VALUE - query a scalar value from a JSON stringUser.findAll({where: sequelize.where(sequelize.fn('JSON_VALUE', sequelize.col('userDetails'), '$.address.Line1'), '14, Foo Street')})// JSON_QUERY - extract an object or arrayUser.findAll({attributes: [[ sequelize.fn('JSON_QUERY', sequelize.col('userDetails'), '$.address'), 'full address']]})
JSONB can be queried in three different ways.
Nested object
Nested key
{"meta.audio.length": {[Op.gt]: 20}}
Containment
{"meta": {[Op.contains]: {site: {url: 'http://google.com'}}}}
// Find all projects with a least one task where task.state === project.stateProject.findAll({include: [{model: Task,where: { state: Sequelize.col('project.state') }}]
