Postgresql Anonymizer ( dynamic with schema

Question

I have a problem with PostgreSQL Anonymizer. I want to put an anonymizer function on a table in a schema, but it doesn't work. When I connect with my masked user, I have to give him the rights to the schema and the table. Once the rights are set, I see the unmasked data.

Thanks in advance

Here are the commands I used:

CREATE DATABASE test;
    
    CREATE SCHEMA schema;



    CREATE TABLE schema.personnelmedical (
        id SERIAL PRIMARY KEY, 
        nom VARCHAR(30),
        prenom VARCHAR(30),
        numeroTel VARCHAR(20),
        matricule VARCHAR(20)
    );


    INSERT INTO schema.personnelmedical (nom, prenom, numeroTel, matricule) VALUES
    ('Dupont', 'Jean', '123-456-7890', 'M123'),
    ('Martin', 'Marie', '987-654-3210', 'F456'),
    ('Doe', 'John', '555-123-4567', 'M789'),
    ('Smith', 'Alice', '777-888-9999', 'F012');

    

    ALTER DATABASE test SET session_preload_libraries = 'anon';

    ALTER DATABASE test SET anon.sourceschema TO 'schema';
    
    exit
    
    systemctl restart postgresql14.service
    
    CREATE EXTENSION anon CASCADE;
    
    SELECT anon.init();

    SELECT anon.start_dynamic_masking();

    SECURITY LABEL FOR anon ON COLUMN schema.personnelmedical.matricule IS 'MASKED WITH FUNCTION anon.partial(matricule,1,$$****************$$,1)';
    
    CREATE USER useranonymise WITH PASSWORD 'mdp';

    SECURITY LABEL FOR anon ON ROLE useranonymise IS 'MASKED';

    SELECT * FROM schema.personnelmedical;

I hope someone can help me find a solution.

Answer 1

I've made some progress on the subject, I used the masking tag you gave me. But if I want to see the data masked with the useranonymise user I have to do:

SELECT * FROM mask.personnelmedical;

I get the impression that it doesn't redirect to my masked table when I do:

SELECT * FROM schema.personnelmedical;