add a flag to disable authorization error logs

[Geal]

Fix #4077

Authorization errors can be seen as common usage of the service when filtering fields from queries depending on the client's rights, so they might not warrant error logs to be analyzed by the router operators

---

Checklist

Complete the checklist (and note appropriate exceptions) before the PR is marked ready-for-review.

• Changes are compatible¹
• Documentation² completed
• Performance impact assessed and acceptable
• Tests added and passing³
  • Unit Tests
  • Integration Tests
  • Manual Tests

Exceptions

Note any exceptions here

Notes

Footnotes

1. It may be appropriate to bring upcoming changes to the attention of other (impacted) groups. Please endeavour to do this before seeking PR approval. The mechanism for doing this will vary considerably, so use your judgement as to how and when to do this. ↩

2. Configuration is an important part of many changes. Where applicable please try to document configuration examples. ↩

3. Tick whichever testing boxes are applicable. If you are adding Manual Tests, please document the manual testing (extensively) in the Exceptions. ↩

[router-perf]

CI performance tests

• events_big_cap_high_rate - Stress test for events with a lot of users, deduplication enabled and high rate event with a big queue capacity
• events_without_dedup - Stress test for events with a lot of users and deduplication DISABLED
• events - Stress test for events with a lot of users and deduplication ENABLED
• large-request - Stress test with a 1 MB request payload
• step - Basic stress test that steps up the number of users over time
• xlarge-request - Stress test with 10 MB request payload
• reload - Reload test over a long period of time at a constant rate of users
• no-graphos - Basic stress test, no GraphOS.
• xxlarge-request - Stress test with 100 MB request payload
• step-jemalloc-tuning - Clone of the basic stress test for jemalloc tuning
• const - Basic stress test that runs with a constant number of users

[bnjjj]

I know that looks useless but could you write a small test to check that function ? Basically it's to prevent breaking change when we will remove preview_ prefix and if we decide to change the configuration shape later

[garypen]

I don't have strong feelings about this, but ould this be better as:

authorization:
  preview_directives:
    logging:
      enabled: true

?
We seem to be settling on this enabled true|false style and I wonder if it's just about enabling logging for directives or specifically errors.

also: We should specify if enabled or not by default here and in the docs.

[o0Ignition0o]

cc @BrynCooke as you might have a preference in light of the telemetry recent work

[BrynCooke]

It depends if we see further logging configuration in the future.
If we think there will be more config:

authorization:
  preview_directives:
    log:
      errors: true

We can always tackle this with a migration though, so happy with for now:

authorization:
  preview_directives:
    log_errors: true