From 0096f5d06815b706b6df309102ef8dbd166be8f5 Mon Sep 17 00:00:00 2001
From: Madhan Neethiraj <madhan@apache.org>
Date: Tue, 12 Dec 2023 13:23:49 -0800
Subject: [PATCH] RANGER-4587: blog: dynamic expressions - #2

---
 .../resources/blogs/dynamic_expressions.html  | 463 +++++++++++-------
 1 file changed, 286 insertions(+), 177 deletions(-)

diff --git a/docs/src/site/resources/blogs/dynamic_expressions.html b/docs/src/site/resources/blogs/dynamic_expressions.html
index 039ad5a533..d9e6943f11 100644
--- a/docs/src/site/resources/blogs/dynamic_expressions.html
+++ b/docs/src/site/resources/blogs/dynamic_expressions.html
@@ -28,6 +28,10 @@
          /* Style Definitions */
          p.MsoNormal, li.MsoNormal, div.MsoNormal
                 {margin:0in; font-size:12.0pt; font-family:"Calibri",sans-serif;}
+         p.MsoSmaller, li.MsoNormal, div.MsoNormal
+                {margin:0in; font-size:10.0pt; font-family:"Calibri",sans-serif;}
+         p.MsoSmall, li.MsoNormal, div.MsoNormal
+                {margin:0in; font-size:8.0pt; font-family:"Calibri",sans-serif;}
          p.HalfLine
                 {margin:0in; font-size:6.0pt; font-family:"Calibri",sans-serif;}
         h1
@@ -59,11 +63,11 @@
 
 <body lang=EN-US style='width:800px;word-wrap:break-word;align:center;margin:auto;border:ridge'>
 <div style="margin-left:10pt;margin-right:10pt">
-    <h1 style="text-align:center">Apache Ranger - Dynamic Expression</h1>
+    <h1 style="text-align:center">Apache Ranger - Dynamic Expressions</h1>
     <p class=MsoNormal style='font:5.0pt "Times New Roman"'>&nbsp;</p>
     <div style="text-align:center">
         <p class=MsoNormal>Madhan Neethiraj, Apache Ranger committer</p>
-        <p class=MsoNormal>Dec 10, 2023</p>
+        <p class=MsoNormal>Dec 12, 2023</p>
     </div>
     <p class=MsoNormal>&nbsp;</p>
 
@@ -79,21 +83,21 @@ <h1>Introduction</h1>
         <p class=HalfLine>&nbsp;</p>
 
         <span lang=ENG>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>1. Consistent model to authorize access for data across large number of services</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>1. Consistent model to authorize access data in large number of services</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>2. Ability to dynamically apply data masking and row-filtering</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>2. Ability to dynamically apply data masking and row-filtering</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>3. Delegated access control administration</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>3. Delegated access control administration</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>4. Ability to explicitly deny access</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>4. Ability to explicitly deny access</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>5. Use of wildcards in resource names in access policies</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>5. Use of wildcards in resource names in access policies</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>6. Role-based access control (RBAC)</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>6. Role-based access control (RBAC)</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>7. Tag-based access control (TBAC), based on tags associated with resources</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>7. Tag-based access control (TBAC), based on tags associated with resources</p>
             <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>8. Attribute-based access control (ABAC), based on attributes of users, groups and tags</p>
+            <p class=MsoSmaller style='margin-left:0.5in;text-indent:-.25in'>8. Attribute-based access control (ABAC), based on attributes of users, groups and tags</p>
             <p class=HalfLine>&nbsp;</p>
         </span>
 
@@ -119,53 +123,67 @@ <h1>Dynamic expressions</h1>
         </p>
 
         <h2>Policy conditions</h2>
-
         <p class=MsoNormal>
-            Expressions used in policy conditions should evaluate to a boolean value i.e., true or false. Examples:
+            Expressions can used in policy conditions to decide whether to evaluate the policy or a policy-item. These
+            expressions should evaluate to a boolean value i.e., <span lang=EN style='font-family:"Courier New"'>true</span>
+            or <span lang=EN style='font-family:"Courier New"'>false</span>. Examples:
         </p>
+        <p class=HalfLine>&nbsp;</p>
 
-        <p class=MsoNormal>&nbsp;</p>
+        <p class="MsoSmaller">Condition for highly sensitive data (level >= 10)</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>TAG.sensitiveLevel >= 10</p>
+        <p class=HalfLine>&nbsp;</p>
 
-        <span lang=ENG>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>TAG.sensitiveLevel >= 10</p>
-            <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>USER.allowedSensitiveLevel >= TAG.sensitiveLevel</p>
-            <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>IS_IN_GROUP('finance') AND IS_IN_ROLE('analyst')</p>
-            <p class=HalfLine>&nbsp;</p>
-        </span>
+        <p class="MsoSmaller">Condition to check if the user has appropriate level of clearance to access sensitive data</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>USER.allowedSensitiveLevel >= TAG.sensitiveLevel</p>
+        <p class=HalfLine>&nbsp;</p>
+
+        <p class="MsoSmaller">Condition to check if the user belongs to group <span lang=EN style='font-family:"Courier New"'>finance</span> and is in role <span lang=EN style='font-family:"Courier New"'>analyst</span></p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>IS_IN_GROUP('finance') AND IS_IN_ROLE('analyst')</p>
+        <p class=HalfLine>&nbsp;</p>
 
         <h2>Row filters</h2>
         <p class=MsoNormal>
-            Expressions can be used to set up row-filters with dynamic values. To distinguish
-            expressions from the rest of the row-filter text, they should be enclosed within delimiters
-            ${{ and }}. Examples:
+            Expressions can be used to set up row-filters with dynamic values. To distinguish expressions from the rest
+            of the row-filter text, they should be enclosed within delimiters <span lang=EN style='font-family:"Courier New"'>${{</span>
+            and <span lang=EN style='font-family:"Courier New"'>}}</span>. Examples:
         </p>
-        <p class=MsoNormal>&nbsp;</p>
+        <p class=HalfLine>&nbsp;</p>
 
-        <span lang=ENG>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>dept_code == ${{USER.department}}</p>
-            <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>data_source in (${{USER.allowedSources}})</p>
-            <p class=HalfLine>&nbsp;</p>
-        </span>
+        <p class="MsoSmaller">Row-filter expression to restrict users to access only rows belonging to their department:</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>dept_code == ${{USER.department}}</p>
+        <p class=HalfLine>&nbsp;</p>
+
+        <p class="MsoSmaller">Row-filter expression to restrict users to access only rows from data sources specified in user attribute named <span lang=EN style='font-family:"Courier New"'>allowedSources</span>:</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>data_source in (${{USER.allowedSources}})</p>
+        <p class=HalfLine>&nbsp;</p>
 
         <h2>Resource names</h2>
         <p class=MsoNormal>
             Use of expressions in resource names can help reduce the number of policies, which in
             turn makes it easier to manage policies. Examples:
         </p>
+        <p class=HalfLine>&nbsp;</p>
 
-        <p class=MsoNormal>&nbsp;</p>
+        <p class="MsoSmaller">Policy resource for home directory of the user:</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>/home/${{REQ.user}}</p>
+        <p class=HalfLine>&nbsp;</p>
 
-        <span lang=ENG>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>/home/${{REQ.user}}</p>
-            <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>/data/dept/${{USER.dept}}</p>
-            <p class=HalfLine>&nbsp;</p>
-            <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>db_${{USER.dept}}</p>
-            <p class=HalfLine>&nbsp;</p>
-        </span>
+        <p class="MsoSmaller">Policy resource for directory of each user's department:</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>/data/dept/${{USER.dept}}</p>
+        <p class=HalfLine>&nbsp;</p>
+
+        <p class="MsoSmaller">Policy resource for database of each user's department:</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoSmaller style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>db_${{USER.dept}}</p>
+        <p class=HalfLine>&nbsp;</p>
 
         <h1>Supported expressions</h1>
         <p class=MsoNormal>&nbsp;</p>
@@ -175,10 +193,10 @@ <h1>Supported expressions</h1>
               <td style='width:150pt;border:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='text-align:center;line-height:normal; border:none'><b><span lang=EN>Variable/Function name</span></b></p>
               </td>
-              <td style='width:300pt;border:solid black 1.0pt; border-left:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border:solid black 1.0pt; border-left:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='text-align:center;line-height:normal; border:none'><b><span lang=EN>Description</span></b></p>
               </td>
-              <td style='width:200pt;border:solid black 1.0pt; border-left:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:225pt;border:solid black 1.0pt; border-left:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='text-align:center;line-height:normal; border:none'><b><span lang=EN>Example values</span></b></p>
               </td>
             </tr>
@@ -186,365 +204,456 @@ <h1>Supported expressions</h1>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_TAG_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of tags associated with the resource, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of tags associated with the resource, as a CSV (comma separated values) string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>PII,FINANCE</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>PII,FINANCE</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_TAG_ATTR_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of attributes in all tags associated with the resource, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of attributes in all tags associated with the resource, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>piiType,sensitiveLevel</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>piiType,sensitiveLevel</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_TAG_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Value of the given attribute in tags associated with the resource, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Value of the given attribute in tags associated with the resource, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>email</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>email</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_UG_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of groups the user belongs to, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of groups the user belongs to, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>managers,finance-admins</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>managers,finance-admins</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_UG_ATTR_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of all attributes in groups the user belongs to, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of all attributes in groups the user belongs to, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>attr1,attr2</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>attr1,attr2</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_UG_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN>Value of the given attribute in groups the user belongs to, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal'><span lang=EN>Value of the given attribute in groups the user belongs to, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>val1</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>val1</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_UR_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of roles assigned to the user,  as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of roles assigned to the user,  as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>analyst,dba</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>analyst,dba</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_USER_ATTR_NAMES()</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of all attributes of the user, as CSV</span></p>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Names of all attributes of the user, as a CSV string</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>allowedSensitiveLevel, allowedSources</span></p>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>&nbsp;</span></p>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>&nbsp;</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>allowedSensitiveLevel, allowedSources</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>GET_USER_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Value of the given attribute associated with the user</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>10</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>10</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_TAG(tagName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Is the given tag associated with the resource?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_ANY_TAG</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Is any tag associated with the resource?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_NO_TAG</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Are not tags associated with the resource?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_USER_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Does the user have the given attribute?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal;border:none'><span lang=EN style='font-family:"Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_UG_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Does any group associated with the user have the specified attribute?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>HAS_TAG_ATTR(attrName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Does any tag associated with the resource have the specified attribute?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_IN_GROUP(groupName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Does the user belong to the specified group?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_IN_ROLE(roleName)</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Is the user assigned to the specified role?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_IN_ANY_GROUP</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Does the user belong to any group?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_IN_ANY_ROLE</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>Is any role assigned to the user?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_NOT_IN_ANY_GROUP</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Does the user belong to no group?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal;border:none'><span lang=EN>IS_NOT_IN_ANY_ROLE</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Is the user associated with no roles?</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>true</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>false</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>REQ</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Request details, as a map</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;accessType&quot;:  &quot;select&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clientIPAddress&quot;: &quot;10.120.27.49&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clusterType&quot;: &quot;etl&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clusterName&quot;: &quot;etl-e1&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;accessType&quot;:  &quot;select&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;user&quot;:        &quot;scott&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;userGroups&quot;:  [ &quot;g1&quot; ],</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;userRoles&quot;:   [ &quot;r1&quot; ],</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;accessType&quot;:  &quot;select&quot;,</span></p>
+                <p class=MsoSmall style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clientIPAddress&quot;: &quot;10.120.27.49&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clusterType&quot;: &quot;etl&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;clusterName&quot;: &quot;etl-e1&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;accessType&quot;:  &quot;select&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;user&quot;:        &quot;scott&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;userGroups&quot;:  [ &quot;g1&quot; ],</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;userRoles&quot;:   [ &quot;r1&quot; ],</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>RES</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Resource details, as a map</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;database&quot;:   &quot;db1&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;table&quot;:      &quot;tbl1&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;Column&quot;:     &quot;col1&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_ownerUser&quot;: &quot;jane&quot;</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;database&quot;:   &quot;db1&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;table&quot;:      &quot;tbl1&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;Column&quot;:     &quot;col1&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_ownerUser&quot;: &quot;jane&quot;</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>TAG</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Current tag, as a map.</span></p>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>This is available only in tag-based policies.</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;_type&quot;: &quot;SENSITIVE&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;sensitiveLevel&quot;: 10</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;_type&quot;: &quot;SENSITIVE&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;sensitiveLevel&quot;: 10</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>TAGNAMES</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of tags associated with the resource, as a list </span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;PII&quot;, &quot;SENSITIVE&quot; ]</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;PII&quot;, &quot;SENSITIVE&quot; ]</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>TAGS</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>All tags associated with the resource, as a map</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;SENSITIVE&quot;: {</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_type&quot;, &quot;SENSITIVE&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;level&quot;: 10</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> },</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;PII&quot;: {</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_type&quot;,   &quot;PII&quot;,</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;piiType&quot;: &quot;email&quot;</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> }</span></p>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>{</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;SENSITIVE&quot;: {</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_type&quot;, &quot;SENSITIVE&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;level&quot;: 10</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> },</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> &quot;PII&quot;: {</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;_type&quot;,   &quot;PII&quot;,</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>  &quot;piiType&quot;: &quot;email&quot;</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'> }</span></p>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>}</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>UGNAMES</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of groups the user belongs to, as a list</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;g1&quot; ]</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;g1&quot; ]</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>URNAMES</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Names of roles the user is assigned to, as a list</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;r1&quot; ]</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>[ &quot;r1&quot; ]</span></p>
               </td>
             </tr>
             <tr>
               <td style='width:150pt;border:solid black 1.0pt; border-top:none;padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>USER</span></p>
               </td>
-              <td style='width:300pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+              <td style='width:275pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
                 <p class=MsoNormal style='line-height:normal'><span lang=EN>Name of the user</span></p>
               </td>
-              <td style='width:200pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
-                <p class=MsoNormal style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>&quot;scott&quot;</span></p>
+              <td style='width:225pt;border-top:none;border-left: none;border-bottom:solid black 1.0pt;border-right:solid black 1.0pt; padding:5.0pt 5.0pt 5.0pt 5.0pt'>
+                <p class=MsoSmaller style='line-height:normal'><span lang=EN style='font-family: "Courier New"'>&quot;scott&quot;</span></p>
               </td>
             </tr>
           </table>
     </div>
     <p class=MsoNormal>&nbsp;</p>
+
+    <p class=MsoNormal>
+        Most functions listed in the table above take optional parameters, to make it easier to handle use cases that require special handling.
+    </p>
+
+    <p class=HalfLine>&nbsp;</p>
+
+    <h2>Default value</h2>
+    <p class=MsoNormal>
+        A function call can include a default value as an optional parameter, which will be returned when there is no
+        value available. For example, consider the following expression:
+    </p>
+
+    <p class=MsoNormal>&nbsp;</p>
+
+    <span lang=ENG>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>USER.allowedSensitiveLevel >= TAG.sensitiveLevel</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <p class=MsoNormal>
+        When the user doesn’t have an attribute named <span lang=EN style='font-family:"Courier New"'>allowedSensitiveLevel</span>, the expression will always evaluate to
+        false since <span lang=EN style='font-family:"Courier New"'>USER.allowedSensitiveLevel</span> would evaluate to <span lang=EN style='font-family:"Courier New"'>null</span>. To handle such cases, consider the following
+        alternate expression which would use <span lang=EN style='font-family:"Courier New"'>0</span> as the value instead of <span lang=EN style='font-family:"Courier New"'>null</span>:
+    </p>
+
+    <p class=MsoNormal>&nbsp;</p>
+
+    <span lang=ENG>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>GET_USER_ATTR('allowedSensitiveLevel', 0) >= TAG.sensitiveLevel</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <p class=MsoNormal>
+        Here is another example of using default value in function calls:
+    </p>
+
+    <p class=MsoNormal>&nbsp;</p>
+
+    <span lang=ENG>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>dept_code in  (${{GET_UG_ATTR('deptCode', -1)}})</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <p class=HalfLine>&nbsp;</p>
+
+    <h2>Separator</h2>
+    <p class=MsoNormal>
+        Functions that return a CSV string, like GET_TAG_NAMES(), can include following optional parameters:
+    </p>
+
+    <span lang=ENG>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>optional #1. default value: value to return when no value is available</p>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoNormal style='margin-left:0.5in;text-indent:-.25in'>optional #2. separator: string to use as the separator between values</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <p class=MsoNormal>&nbsp;</p>
+    <p class=MsoNormal>
+        Here is an example of using optional parameters:
+    </p>
+
+    <span lang=ENG>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>GET_TAG_NAMES('', '|') == 'tag1|tag2|tag3'</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <h2>Quotes</h2>
+    <p class=MsoNormal>
+        Each function that returns a CSV string has another version with _Q appended to the function name; this version
+        surrounds each value within quotes. For example, consider the following row-filter expression:
+    </p>
+
+    <span lang=ENG>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>location_state IN (${{GET_UG_ATTR_Q('state')}})</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
+    <p class=MsoNormal>&nbsp;</p>
+    <p class=MsoNormal>
+        The expression can evaluate to the following, if the user belongs to groups having an attribute named state:
+    </p>
+
+    <span lang=ENG>
+        <p class=HalfLine>&nbsp;</p>
+        <p class=MsoNormal style='margin-left:1.0in;text-indent:-.25in;font-family:"Courier New"'>location_state IN ('CA','OR','WA')</p>
+        <p class=HalfLine>&nbsp;</p>
+    </span>
+
 </div>
 </body>