Procedure
- Edit your entity model definition to mark properties as PII.
- In your favorite text editor, open your entity model definition.
- Under the
definitions node, search for the key named pii.
- Add the name of the property to be marked as PII. This property must be defined under the
properties node.
For example, the following model snippet defines a Customer entity that contains an address property designated as PII:
{ "info": { ... },
"definitions": {
"Customer": {
"pii" : ["address"],
...,
"properties": {
"address": {
"datatype": "string",
"collation": "http://marklogic.com/collation/codepoint"
},
...
}
}
}
}
- To generate and deploy the PII security configuration files, run the Gradle task hubDeploy or hubDeployAsDeveloper.
Results
The PII security configuration files are saved in the following locations in your project:
- Protected paths are stored in PROJECT_DIR/src/main/ml-config/security/protected-paths/.
- Query rolesets are stored in PROJECT_DIR/src/main/ml-config/security/query-rolesets/.
After the configuration files are deployed, only users with the pii-reader role will be able to view PII values in harmonized documents that they are allowed to view.
