BEGIN;
CREATE EXTENSION anon CASCADE;
SELECT anon.init();
 init 
------
 t
(1 row)

SELECT anon.ternary(true,'a'::TEXT,'b'::TEXT) = 'a';
 ?column? 
----------
 t
(1 row)

SELECT anon.ternary(true,0,100) = 0;
 ?column? 
----------
 t
(1 row)

SELECT anon.ternary(false,0,100) = 100;
 ?column? 
----------
 t
(1 row)

SELECT anon.ternary(NULL,0,100) = 100;
 ?column? 
----------
 t
(1 row)

CREATE TABLE account (
  id SERIAL,
  login TEXT,
  password TEXT,
  name TEXT
);
INSERT INTO account
VALUES
  ( 1, 'admin', 'not_a_real_password', NULL),
  ( 26879, 'alice', 'alice123', 'Alice')
;
--
-- For practical reason, the admin user should be able to log in the
-- test database. Given that application users laways have an higher id, we
-- can limit the anonymization of the password to a certain category of users.
--
SECURITY LABEL FOR anon ON COLUMN account.password
  IS 'MASKED WITH FUNCTION anon.ternary( id > 1000, NULL::TEXT, password)';
SECURITY LABEL FOR anon ON COLUMN account.name
  IS 'MASKED WITH FUNCTION anon.ternary(name IS NULL, name, anon.fake_first_name())';
SELECT anon.anonymize_database();
 anonymize_database 
--------------------
 t
(1 row)

SELECT password = 'not_a_real_password' FROM account WHERE id = 1;
 ?column? 
----------
 t
(1 row)

SELECT name IS NULL FROM account WHERE id = 1;
 ?column? 
----------
 t
(1 row)

SELECT password IS NULL FROM account WHERE id = 26879;
 ?column? 
----------
 t
(1 row)

SELECT name != 'Alice' FROM account WHERE id = 26879;
 ?column? 
----------
 t
(1 row)

ROLLBACK;