diff --git a/examples/redaction-ruleset-project/.gitignore b/examples/redaction-ruleset-project/.gitignore new file mode 100644 index 000000000..2b1e2f3ae --- /dev/null +++ b/examples/redaction-ruleset-project/.gitignore @@ -0,0 +1,6 @@ +/bin +.classpath +.project +/build +.gradle +.settings diff --git a/examples/redaction-ruleset-project/README.md b/examples/redaction-ruleset-project/README.md new file mode 100644 index 000000000..3b461add0 --- /dev/null +++ b/examples/redaction-ruleset-project/README.md @@ -0,0 +1,15 @@ +This project shows an example of how MarkLogic 9 Redaction Rulesets can be loaded into a schemas +database from src/main/ml-schemas (the default path - this can be overridden via +mlSchemasPath). + +Note that in order for this to work, the content-database.json file must specify the schema +database that it's associated with. And in most cases, you'll want your own schemas database - not the default Schemas one - so schemas-database.json can be used to create own with a name based on mlAppName. + +Within each folder containing one or more Redaction Rulesets, you must provide a **collections.properties** and (optionally) a **permissions.properties** file. +These files contain the definitions for the applicable collections to be applied to the rulesets as well as the document permissions (if included). + +***Note***: Rulesets must have a .json or .xml file extension. + +See [Specifying collections and permissions](https://github.com/marklogic-community/ml-javaclient-util/wiki/Loading-files#specifying-collections-and-permissions) for information on how to apply the collections and permission when the rulesets are loaded + +See [Redacting Document Content](http://docs.marklogic.com/guide/app-dev/redaction) for more information on redacting content diff --git a/examples/redaction-ruleset-project/build.gradle b/examples/redaction-ruleset-project/build.gradle new file mode 100644 index 000000000..76603af9d --- /dev/null +++ b/examples/redaction-ruleset-project/build.gradle @@ -0,0 +1,87 @@ +buildscript { + repositories { + jcenter() + // Needed for mlcp dependency: XCC + maven { url "http://developer.marklogic.com/maven2/" } + } + dependencies { + classpath "com.marklogic:marklogic-contentpump:9.0.3" + classpath "com.marklogic:ml-gradle:3.0.0" + } +} + +apply plugin: "com.marklogic.ml-gradle" + +repositories { + jcenter() + // Needed for mlcp dependency + maven { url "http://developer.marklogic.com/maven2/" } + maven { url "http://repository.cloudera.com/artifactory/cloudera-repos/" } +} + +configurations { + mlcp { + resolutionStrategy { + force "xml-apis:xml-apis:1.4.01" + } + } +} + + +dependencies { + mlcp "com.marklogic:mlcp:9.0.3" + mlcp files("lib") +} + +/*************************************************************** + Optional tasks to test redaction of data +***************************************************************/ + +/* +* The import task below is an example of using the built-in MLCP Task in ml-gradle and will import sample JSON +* documents to the specified content database while applying the applicable collections to the content so that +* the redaction rules can be applied +* */ +task importSampleRedactionData(type: com.marklogic.gradle.task.MlcpTask) { + description = "Example of using mlcp and MlcpTask to import documents to test redaction rules" + classpath = configurations.mlcp + command = "IMPORT" + database = mlAppConfig.contentDatabaseName + input_file_path = "data/import" + output_collections = "security-rules,pii-rules,email-rules" + output_permissions = "rest-reader,read,rest-writer,update" + output_uri_replace = ".*import,'/import'" + logOutputUri = "/redaction.txt" +} + + +/* +* The export task below shows an example of using JavaExec inside Gradle to invoke MLCP to export the documents. +* This task, while a useful example, must be invoked this way because the built-in MLCP task does not yet recognize +* the "redaction" option being passed. This will be addressed in a future release. +* Exported documents will be within this project folder under /data/export +* */ +task exportSampleRedactionData(type: JavaExec) { + classpath = configurations.mlcp + main = 'com.marklogic.contentpump.ContentPump' + + args = [ + "EXPORT", + "-host", "${mlHost}", + "-port", "8130", + "-username", "${mlUsername}", + "-password", "${mlPassword}", + "-database", mlAppConfig.contentDatabaseName, + "-output_file_path", "data/export", + "-collection_filter", "security-rules", + "-redaction", "security-rules"] + /* + * Applying "security-rules" as the redaction collection will redact both email and SSN fields in the documents + * You may also redact just the email or ths SSN fields individually by applying only those specific collections + * i.e. "pii-rules" OR "email-rules" + + */ + +} + + diff --git a/examples/redaction-ruleset-project/data/import/sample1.json b/examples/redaction-ruleset-project/data/import/sample1.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample10.json b/examples/redaction-ruleset-project/data/import/sample10.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample2.json b/examples/redaction-ruleset-project/data/import/sample2.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample3.json b/examples/redaction-ruleset-project/data/import/sample3.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample4.json b/examples/redaction-ruleset-project/data/import/sample4.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample5.json b/examples/redaction-ruleset-project/data/import/sample5.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample6.json b/examples/redaction-ruleset-project/data/import/sample6.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample7.json b/examples/redaction-ruleset-project/data/import/sample7.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample8.json b/examples/redaction-ruleset-project/data/import/sample8.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/data/import/sample9.json b/examples/redaction-ruleset-project/data/import/sample9.json new file mode 100644 index 000000000..e69de29bb diff --git a/examples/redaction-ruleset-project/gradle.properties b/examples/redaction-ruleset-project/gradle.properties new file mode 100644 index 000000000..33bbf429a --- /dev/null +++ b/examples/redaction-ruleset-project/gradle.properties @@ -0,0 +1,5 @@ +mlHost=localhost +mlAppName=redaction-project +mlRestPort=8130 +mlUsername=admin +mlPassword=admin diff --git a/examples/redaction-ruleset-project/lib/log4j.properties b/examples/redaction-ruleset-project/lib/log4j.properties new file mode 100644 index 000000000..1da823016 --- /dev/null +++ b/examples/redaction-ruleset-project/lib/log4j.properties @@ -0,0 +1,8 @@ +# Root logger option +log4j.rootLogger=INFO, stdout + +# Direct log messages to stdout +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.Target=System.out +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n diff --git a/examples/redaction-ruleset-project/src/main/ml-config/databases/content-database.json b/examples/redaction-ruleset-project/src/main/ml-config/databases/content-database.json new file mode 100644 index 000000000..593bca40b --- /dev/null +++ b/examples/redaction-ruleset-project/src/main/ml-config/databases/content-database.json @@ -0,0 +1,4 @@ +{ + "database-name": "%%DATABASE%%", + "schema-database": "%%SCHEMAS_DATABASE%%" +} \ No newline at end of file diff --git a/examples/redaction-ruleset-project/src/main/ml-config/databases/schemas-database.json b/examples/redaction-ruleset-project/src/main/ml-config/databases/schemas-database.json new file mode 100644 index 000000000..f0f14c748 --- /dev/null +++ b/examples/redaction-ruleset-project/src/main/ml-config/databases/schemas-database.json @@ -0,0 +1,3 @@ +{ + "database-name": "%%SCHEMAS_DATABASE%%" +} \ No newline at end of file diff --git a/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/collections.properties b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/collections.properties new file mode 100644 index 000000000..3d8db9c51 --- /dev/null +++ b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/collections.properties @@ -0,0 +1,5 @@ +#Add one or more collections to add the ruleset to (comma separated) +# Example: file.json=collection1,collection2 + +ssn.json=security-rules,pii-rules +email.json=security-rules,email-rules diff --git a/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/email.json b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/email.json new file mode 100644 index 000000000..ac94638b3 --- /dev/null +++ b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/email.json @@ -0,0 +1,12 @@ +{ + "rule": { + "description": "hide email addresses", + "path": "//email", + "method": { + "function": "redact-email" + }, + "options": { + "pattern": "partial" + } + } +} diff --git a/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/ssn.json b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/ssn.json new file mode 100644 index 000000000..0e8e4d457 --- /dev/null +++ b/examples/redaction-ruleset-project/src/main/ml-schemas/redactionRules/ssn.json @@ -0,0 +1,12 @@ +{ + "rule": { + "description": "hide SSNs", + "path": "//ssn", + "method": { + "function": "redact-us-ssn" + }, + "options": { + "pattern": "partial" + } + } +}