Enable PII Manually

Procedure

Edit your entity model definition to mark properties as PII.
1. In your favorite text editor, open your entity model definition.
2. Under the definitions node, search for the key named pii.
3. Add the name of the property to be marked as PII. This property must be defined under the properties node.
  For example, the following model snippet defines a Customer entity that contains an address property designated as PII:
```
   { "info": { ... },
    "definitions": {
      "Customer": {
        "pii" : ["address"],
        ...,
        "properties": {
          "address": {
            "datatype": "string",
            "collation": "http://marklogic.com/collation/codepoint"
          },
          ...
        }
      }
    }
  }
```
Run the Gradle tasks mlLoadModules and hubGeneratePii to generate the PII security configuration files.
./gradlew mlLoadModules hubGeneratePii -igradlew.bat mlLoadModules hubGeneratePii -i
- mlLoadModules (or mlDeploy) - Deploys the model to the FINAL database. Run this task if the latest version of your model is not yet deployed to your FINAL database.
- hubGeneratePii - Generates the PII security configuration files from an entity model stored in your FINAL database and saves them to your project.

The PII security configuration files are saved in the following locations in your project:

Protected paths are stored in PROJECT_DIR/src/main/ml-config/security/protected-paths/.
Query rolesets are stored in PROJECT_DIR/src/main/ml-config/security/query-rolesets/.

After the configuration files are deployed,

Only users with the pii-reader role will be able to view PII properties in harmonized documents that they are allowed to view.
When the document is displayed to users who do not have the "pii-reader" role, PII properties are omitted entirely (i.e., neither property names nor values are visible).