From 3330a73da934ef678928de5575734cd6647a1526 Mon Sep 17 00:00:00 2001
From: entechlog <38563714+entechlog@users.noreply.github.com>
Date: Mon, 3 Apr 2023 15:33:22 -0700
Subject: [PATCH] BUG-59, changes to update README on how to add model level
 hooks (#64)

---
 README.md                                              |  6 ++++++
 integration_tests/dbt_project.yml                      |  2 +-
 .../snow-mask-ddl/create_masking_policy_mp_ip.sql      | 10 ++++++++++
 integration_tests/models/staging/pii/stg_contacts.sql  |  2 ++
 integration_tests/models/staging/pii/stg_contacts.yml  |  3 +++
 5 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 integration_tests/macros/snow-mask-ddl/create_masking_policy_mp_ip.sql

diff --git a/README.md b/README.md
index c0ec80b..453b323 100644
--- a/README.md
+++ b/README.md
@@ -192,6 +192,12 @@ vars:
       - "{{ dbt_snow_mask.apply_masking_policy('snapshots') }}"
   ```
 
+- If you prefer to add this directly to a dbt model, see below command for an correct example
+  
+  ```yaml
+  {{ config(post_hook = "{{ dbt_snow_mask.apply_masking_policy('models') }}") }}
+  ```
+
 # How to remove masking policy ?
 
 - Remove the masking policy applied by this package by running below commands  
diff --git a/integration_tests/dbt_project.yml b/integration_tests/dbt_project.yml
index 6932a08..ff16b04 100644
--- a/integration_tests/dbt_project.yml
+++ b/integration_tests/dbt_project.yml
@@ -35,7 +35,7 @@ models:
   pre-hook:
     - "{{ dbt_snow_mask.create_masking_policy('models')}}"
   post-hook: 
-    - "{{ dbt_snow_mask.apply_masking_policy('models') }}"
+#    - "{{ dbt_snow_mask.apply_masking_policy('models') }}"
 #    - "{{ dbt_snow_mask.unapply_masking_policy('models') }}"
 
 snapshots:
diff --git a/integration_tests/macros/snow-mask-ddl/create_masking_policy_mp_ip.sql b/integration_tests/macros/snow-mask-ddl/create_masking_policy_mp_ip.sql
new file mode 100644
index 0000000..ebf1324
--- /dev/null
+++ b/integration_tests/macros/snow-mask-ddl/create_masking_policy_mp_ip.sql
@@ -0,0 +1,10 @@
+{% macro create_masking_policy_mp_ip(node_database,node_schema) %}
+
+CREATE MASKING POLICY IF NOT EXISTS {{node_database}}.{{node_schema}}.mp_ip AS (val string) 
+  RETURNS string ->
+      CASE WHEN CURRENT_ROLE() IN ('SYSADMIN') THEN val 
+           WHEN CURRENT_ROLE() IN ('DEVELOPER') THEN SPLIT(val,'.')[3]::VARCHAR
+      ELSE '**********'
+      END
+
+{% endmacro %}
\ No newline at end of file
diff --git a/integration_tests/models/staging/pii/stg_contacts.sql b/integration_tests/models/staging/pii/stg_contacts.sql
index 2a26686..dafd03a 100644
--- a/integration_tests/models/staging/pii/stg_contacts.sql
+++ b/integration_tests/models/staging/pii/stg_contacts.sql
@@ -1,3 +1,5 @@
+{{ config(post_hook = "{{ dbt_snow_mask.apply_masking_policy('models') }}") }}
+
 WITH contacts AS (
     SELECT
         contact_id,
diff --git a/integration_tests/models/staging/pii/stg_contacts.yml b/integration_tests/models/staging/pii/stg_contacts.yml
index 60a590e..7f6dca4 100644
--- a/integration_tests/models/staging/pii/stg_contacts.yml
+++ b/integration_tests/models/staging/pii/stg_contacts.yml
@@ -12,6 +12,7 @@ models:
           masking_policy: mp_conditional_contacts_pii
           mp_conditional_columns: 
             - last_name 
+            
       - name: last_name
         description: ""
       - name: email
@@ -23,6 +24,8 @@ models:
 
       - name: ip_address
         description: ""
+        meta:
+          masking_policy: mp_ip
 
       - name: ssn
         description: ""