I want to mask some data. I'm testing in the 2.6.3 sandbox
I have created a tag:
{"category": "CLASSIFICATION",
"guid": "bb29dc29-11ba-4d92-8d8f-fdca8ae92ea4",
"createdBy": "holger_gov",
"updatedBy": "holger_gov",
"createTime": 1518326442355,
"updateTime": 1518326442355,
"version": 1,
"name": "test_pii_tag",
"description": "test_pii_tag",
"typeVersion": "1.0",
"attributeDefs": [ {"name": "masking_type",
"typeName": "string",
"isOptional": true,
"cardinality": "SINGLE",
"valuesMinCount": 0,
"valuesMaxCount": 1,
"isUnique": false,
"isIndexable": false
},
{"name": "last_4",
"typeName": "boolean",
"isOptional": true,
"cardinality": "SINGLE",
"valuesMinCount": 0,
"valuesMaxCount": 1,
"isUnique": false,
"isIndexable": false
}
],
"superTypes": [],
}
I have tagged 4 columns on foodmart.customer with test_pii_tag and set the following attributes:
lname (attribute string masking_type = "hash")
fname (attribute string masking_type = "nullify")
address1 (attribute boolean last_4 = true )
birthdate (attribute string masking_type = "year")
I created one Ranger tag policy and set the following deny setting for raj_ops:
Mask: Hive hash
if ( tagAttr.get('masking_type').equals("hash") ) {
ctx.result = true;
}
Mask: Hive nullify
if ( tagAttr.get('masking_type').equals("nullify") ) {
ctx.result = true;
}
Mask: Hive Date: show only year
if ( tagAttr.get('masking_type').equals("year") ) {
ctx.result = true;
}
Mask: Hive Partial mask show last 4
if ( tagAttr.get('last_4').equals("true") ) {
ctx.result = true;
}
-- I also tried the below with the same results
if ( tagAttr.get('last_4') ) {
ctx.result = true;
}When I run SELECT * FROM customer LIMIT 100; I see the following:
lname is hashed - as expected
fname null - as expected
address1 is hashed - not as expected
birthdate yyyy-01-01 as expected
What is wrong with my javascript expressions to cause address1 to be hashed instead of 'Partial mask show last 4'?
