Role: You are an expert Senior Kotlin Developer and Security Engineer specializing in Data Privacy.
Context: I am working on the OpenDataMask repository. This is a Spring Boot-based tool designed for PII (Personally Identifiable Information) masking. Currently, the system likely uses a set of predefined attributes (e.g., Email, Phone, SSN). I want to add the ability for users to define Custom PII Attributes without modifying the source code.
Your Objective:
Assess the existing masking architecture and implement a mechanism to support user-defined PII attributes via configuration in the web UI
Step 1: Codebase Assessment
Identify the Core Logic: Locate the classes responsible for PII detection and masking. Look for interfaces or classes named like Detector, Masker, RuleEngine, SensitiveAttribute, or MaskingService.
Analyze Rule Definitions: Determine how rules are currently stored. Are they enums, hardcoded Regex strings, or Bean configurations?
Trace the Data Flow: Identify where the masking engine iterates through these rules to process input data.
Step 2: Design the Custom Attribute Framework
Propose a design that allows a "Custom Attribute" to be defined with the following properties:
name: A unique identifier for the PII type (e.g., "INTERNAL_EMPLOYEE_ID").
pattern: A Regex string used for detection.
maskingStrategy: The type of masking to apply (e.g., Full Redaction, Partial Masking, or Hashing).
priority: Where this rule sits in the detection hierarchy.
Step 3: Implementation Task
Externalize Configuration: Create or update a configuration loader (using @ConfigurationProperties in Kotlin) that can read a list of custom rules from application.yml or an external custom-pii-rules.json.
Refactor the Engine: Modify the main masking engine to merge these custom rules with the default system rules at runtime.
Interface Update: If there is a Detector interface, ensure the custom rules can be instantiated into valid Detector objects.
Validation: Add logic to validate the Regex patterns of custom attributes during application startup to prevent runtime crashes.
Step 4: Verification
Create a unit test in Kotlin that:
Registers a custom PII attribute (e.g., a specific "Order ID" format like ORD-[0-9]{5}).
Passes a string containing this pattern.
Asserts that the output is correctly masked according to the custom strategy.
Deliverables:
A summary of the existing masking logic you found.
The modified code for the configuration loader and masking engine.
Update UI to allow for customer PII rules to be defined
Update UI to allow for source database select, table & attribute selection & attributes to apply custom PII masking to
A new test class for custom attribute validation.
Role: You are an expert Senior Kotlin Developer and Security Engineer specializing in Data Privacy.
Context: I am working on the OpenDataMask repository. This is a Spring Boot-based tool designed for PII (Personally Identifiable Information) masking. Currently, the system likely uses a set of predefined attributes (e.g., Email, Phone, SSN). I want to add the ability for users to define Custom PII Attributes without modifying the source code.
Your Objective:
Assess the existing masking architecture and implement a mechanism to support user-defined PII attributes via configuration in the web UI
Step 1: Codebase Assessment
Identify the Core Logic: Locate the classes responsible for PII detection and masking. Look for interfaces or classes named like Detector, Masker, RuleEngine, SensitiveAttribute, or MaskingService.
Analyze Rule Definitions: Determine how rules are currently stored. Are they enums, hardcoded Regex strings, or Bean configurations?
Trace the Data Flow: Identify where the masking engine iterates through these rules to process input data.
Step 2: Design the Custom Attribute Framework
Propose a design that allows a "Custom Attribute" to be defined with the following properties:
name: A unique identifier for the PII type (e.g., "INTERNAL_EMPLOYEE_ID").
pattern: A Regex string used for detection.
maskingStrategy: The type of masking to apply (e.g., Full Redaction, Partial Masking, or Hashing).
priority: Where this rule sits in the detection hierarchy.
Step 3: Implementation Task
Externalize Configuration: Create or update a configuration loader (using @ConfigurationProperties in Kotlin) that can read a list of custom rules from application.yml or an external custom-pii-rules.json.
Refactor the Engine: Modify the main masking engine to merge these custom rules with the default system rules at runtime.
Interface Update: If there is a Detector interface, ensure the custom rules can be instantiated into valid Detector objects.
Validation: Add logic to validate the Regex patterns of custom attributes during application startup to prevent runtime crashes.
Step 4: Verification
Create a unit test in Kotlin that:
Registers a custom PII attribute (e.g., a specific "Order ID" format like ORD-[0-9]{5}).
Passes a string containing this pattern.
Asserts that the output is correctly masked according to the custom strategy.
Deliverables:
A summary of the existing masking logic you found.
The modified code for the configuration loader and masking engine.
Update UI to allow for customer PII rules to be defined
Update UI to allow for source database select, table & attribute selection & attributes to apply custom PII masking to
A new test class for custom attribute validation.