#### More examples #####

USE ROLE ACCOUNTADMIN;

--- 1) Apply policy to multiple columns

-- Apply policy on a specific column

ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN full_name
SET MASKING POLICY phone;

-- Apply policy on another specific column

ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN phone
SET MASKING POLICY phone;

--- 2) Replace or drop policy

DROP masking policy phone;

create or replace masking policy phone as (val varchar) returns varchar ->
case
when current_role() in ('ANALYST_FULL', 'ACCOUNTADMIN') then val
else CONCAT(LEFT(val,2),'*******')
end;

-- List and describe policies

DESC MASKING POLICY phone;
SHOW MASKING POLICIES;

-- Show columns with applied policies

SELECT * FROM table(information_schema.policy_references(policy_name=>'phone'));

-- Remove policy before replacing/dropping

ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN full_name
SET MASKING POLICY phone;

ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN email

UNSET MASKING POLICY;

ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN phone

UNSET MASKING POLICY;

-- replace policy
create or replace masking policy names as (val varchar) returns varchar ->
case
when current_role() in ('ANALYST_FULL', 'ACCOUNTADMIN') then val
else CONCAT(LEFT(val,2),'*******')
end;

-- apply policy
ALTER TABLE IF EXISTS CUSTOMERS MODIFY COLUMN full_name
SET MASKING POLICY names;
-- Validating policies
USE ROLE ANALYST_FULL;
SELECT * FROM CUSTOMERS;

USE ROLE ANALYST_MASKED;

SELECT * FROM CUSTOMERS;