repo-mirrors/dlsync
1
0
Fork 0
mirror of https://github.com/Snowflake-Labs/dlsync.git synced 2025-12-18 00:51:27 +00:00
Code Actions Packages Releases Activity

add MASKING POLICY

Browse Source
This commit is contained in:
Ben Luu
2025-11-20 10:37:36 -08:00
parent 0384c28f0d
commit a776e6d596
4 changed files with 29 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -91,7 +91,7 @@ Inside this directory create a directory structure like:
Where Where
- **database_name_*:** is the database name of your project, - **database_name_*:** is the database name of your project,
- **schema_name_*:** are schemas inside the database, - **schema_name_*:** are schemas inside the database,
- **object_type:** is type of the object only 1 of the following (VIEWS, FUNCTIONS, PROCEDURES, FILE_FORMATS, TABLES, SEQUENCES, STAGES, STREAMS, TASKS, STREAMLITS, PIPES, ALERTS, DYNAMIC_TABLES), - **object_type:** is type of the object only 1 of the following (VIEWS, FUNCTIONS, PROCEDURES, FILE_FORMATS, TABLES, SEQUENCES, STAGES, STREAMS, TASKS, STREAMLITS, PIPES, ALERTS, DYNAMIC_TABLES, MASKING_POLICIES),
- **object_name_*.sql:** are individual database object scripts. - **object_name_*.sql:** are individual database object scripts.
- **config.yml:** is a configuration file used to configure DLSync behavior. - **config.yml:** is a configuration file used to configure DLSync behavior.
- **parameter-[profile-*].properties:** is parameter to value map file. This is going to be used by corresponding individual instances of your database. - **parameter-[profile-*].properties:** is parameter to value map file. This is going to be used by corresponding individual instances of your database.

7
example_scripts/main/example_db/MAIN_SCHEMA/MASKING_POLICIES/EMAIL_MASK.SQL Normal file
View File

@@ -0,0 +1,7 @@
CREATE OR REPLACE MASKING POLICY ${EXAMPLE_DB}.${MAIN_SCHEMA}.EMAIL_MASK AS (val STRING)
RETURNS STRING ->
CASE
WHEN CURRENT_ROLE() IN ('ADMIN', 'ANALYST') THEN val
ELSE '***MASKED***'
END;

2
src/main/java/com/snowflake/dlsync/models/ScriptObjectType.java
View File

@@ -1,7 +1,7 @@
package com.snowflake.dlsync.models; package com.snowflake.dlsync.models;
public enum ScriptObjectType { public enum ScriptObjectType {
VIEWS("VIEW"),FUNCTIONS("FUNCTION"),PROCEDURES("PROCEDURE"),FILE_FORMATS("FILE FORMAT"),TABLES("TABLE"),STREAMS("STREAM"),SEQUENCES("SEQUENCE"),STAGES("STAGE"),TASKS("TASK"),STREAMLITS("STREAMLIT"),PIPES("PIPE"),ALERTS("ALERT"),DYNAMIC_TABLES("DYNAMIC TABLE"); VIEWS("VIEW"),FUNCTIONS("FUNCTION"),PROCEDURES("PROCEDURE"),FILE_FORMATS("FILE FORMAT"),TABLES("TABLE"),STREAMS("STREAM"),SEQUENCES("SEQUENCE"),STAGES("STAGE"),TASKS("TASK"),STREAMLITS("STREAMLIT"),PIPES("PIPE"),ALERTS("ALERT"),DYNAMIC_TABLES("DYNAMIC TABLE"),MASKING_POLICIES("MASKING POLICY");
private final String singular; private final String singular;
private ScriptObjectType(String type) { private ScriptObjectType(String type) {

20
src/test/java/com/snowflake/dlsync/parser/SqlTokenizerTest.java
View File

@@ -586,6 +586,26 @@ class SqlTokenizerTest {
assertEquals(content, script.getContent(), "Script content should match the input content"); assertEquals(content, script.getContent(), "Script content should match the input content");
} }
@Test
void parseScriptTypeMaskingPolicy() {
String filePath = "db_scripts/db1/schema1/MASKING_POLICIES/EMAIL_MASK.SQL";
String name = "EMAIL_MASK.SQL";
String scriptType = "MASKING_POLICIES";
String content = "CREATE OR REPLACE MASKING POLICY db1.schema1.EMAIL_MASK AS (val STRING) RETURNS STRING -> CASE WHEN CURRENT_ROLE() IN ('ADMIN') THEN val ELSE '***MASKED***' END;";
Set<Script> scripts = SqlTokenizer.parseScript(filePath, name, scriptType, content);
assertNotNull(scripts, "Scripts should not be null");
assertEquals(1, scripts.size(), "There should be exactly one script parsed");
Script script = scripts.iterator().next();
assertEquals("EMAIL_MASK", script.getObjectName(), "Object name should be EMAIL_MASK");
assertEquals("db1".toUpperCase(), script.getDatabaseName(), "Database name should be db1");
assertEquals("schema1".toUpperCase(), script.getSchemaName(), "Schema name should be schema1");
assertEquals(ScriptObjectType.MASKING_POLICIES, script.getObjectType(), "Object type should be MASKING_POLICIES");
assertEquals(content, script.getContent(), "Script content should match the input content");
}
@Test @Test
void parseScriptUnsupportedObjectType() { void parseScriptUnsupportedObjectType() {
String filePath = "db_scripts/db1/schema1/UNKNOWN/OBJECT1.SQL"; String filePath = "db_scripts/db1/schema1/UNKNOWN/OBJECT1.SQL";