View Table Rules
The View Table Rules tab displays all CS:Govern fields organized in a table with one line per table. For each table in the list a user can:
- Double click on a table to launch a dialog of information about the table.
- Right click on a table to launch a context menu with operations such as:
- Reinstall Protection — upgrade the CS:Govern protection rules (even if the code thinks this is unnecessary).
- Install Protection — apply CS:Govern rules to just the selected table.
- Remove Protection — remove CS:Govern protection for all fields in the table.
- View Details — show CS:Govern details about the table. The same details can be displayed using a double-click.
Of course, pending CS:Govern changes can also be Saved & Protected, or Undone using the standard buttons are the bottom of the tab.
Double-clicking on a table will show a dialog with details about a table and its protection.
| Name | Description |
|---|---|
| Salesforce Table | Name of the Salesforce table. This may be different than the CopyStorm database table name. |
| Deployed | Yes if the database protection code has been deployed to the database. No if there are changes pending deployment. |
| Storage Table | Name of the database table used to store encrypted field values. |
| Decryption Function | Name of the function which can decrypt field values. Of course, it will decrypt a field only if the current database user has permission to see a field. Note: This function should made executable for all users. |
| Insert Trigger | Name of the CS:Govern created insert trigger on the CopyStorm table. This trigger is foundational to how CS:Govern enforces transparent encryption. Note: Often the Insert and Update trigger are the same. |
| Update Trigger | Name of the CS:Govern created update trigger on the CopyStorm table. |
| Delete Trigger | Name of the CS:Govern created delete trigger on the CopyStorm table. When a record is deleted by CopyStorm the trigger automatically deletes the corresponding encrypted data for the record. |
| Truncate Trigger | If a database supports triggers on TRUNCATE operations, CS:Govern will install a trigger on a CopyStorm table to mimic truncate operation. Most database do not support this type of trigger. |
| Insert Function | Some databases require the code for a trigger to be separate from a trigger declaration (PostgresSQL for example). When required, this is the function invoked by the insert trigger. |
| Update Function | Some databases require the code for a trigger to be separate from a trigger declaration (PostgresSQL for example). When required, this is the function invoked by the update trigger. |
| Delete Function | Some databases require the code for a trigger to be separate from a trigger declaration (PostgresSQL for example). When required, this is the function invoked by the deletetrigger. |
| Truncate Function | Some databases require the code for a trigger to be separate from a trigger declaration (PostgresSQL for example). When required, this is the function invoked by the truncate trigger. |
The lower part of the dialog lists each field protected in the table. The following table lists each field property displayed.
| Name | Description |
|---|---|
| Id | Internal unique CS:Govern id for a field. |
| Field | Salesforce API name for a field. |
| Guardian Masking Rule | Rule for showing field data to a person without permission to see the unencrypted value. |
| Compliance Category | Semi-colon separated list of compliance categories assigned to the field. |
| Deployed | Yes if the field is protected. No if there are pending changes to be deployed for the field. |