Adding request body into Attributes for auditing purpose with PII fie…

…lds are filtered (#5151)

* add unit test for filter PII functions to check bugs and error when cloning

* handles when pointers are nil to avoid bugs and errors

* resume the changes from previous reverted branch

* use json tags to filter PII instead of hard copies

* Create a new struct in unit test that only contains PII. Would be much more clearer to see filtered result.

* some clean up

common/authorization/authorizer.go

@@ -58,6 +58,7 @@ type (
 		WorkflowType *types.WorkflowType
 		TaskList     *types.TaskList
 		Permission   Permission
+		RequestBody  FilteredRequestBody // request object except for data inputs (PII)
 	}
 
 	// Result is result from authority.
@@ -97,3 +98,8 @@ func GetAuthProviderClient(privateKey string) (clientworker.AuthorizationProvide
 	}
 	return clientworker.NewAdminJwtAuthorizationProvider(pk), nil
 }
+
+// FilteredRequestBody request object except for data inputs (PII)
+type FilteredRequestBody interface {
+	SerializeForLogging() (string, error)
+}

common/log/tag/tags.go

@@ -469,11 +469,21 @@ func ActorID(actorID string) Tag {
 	return newStringTag("actor-id", actorID)
 }
 
+// ActorEmail returns tag for the actor's email address
+func ActorEmail(actorEmail string) Tag {
+	return newStringTag("actor-email", actorEmail)
+}
+
 // HandlerCall returns tag for the API name of a request
 func HandlerCall(handlerCall string) Tag {
 	return newStringTag("handler-call", handlerCall)
 }
 
+// RequestBody returns the tag for the API request body
+func RequestBody(requestBody string) Tag {
+	return newStringTag("request-body", requestBody)
+}
+
 // history engine shard
 
 // ShardID returns tag for ShardID

common/types/admin.go

@@ -26,6 +26,13 @@ type AddSearchAttributeRequest struct {
 	SecurityToken   string                      `json:"securityToken,omitempty"`
 }
 
+func (v *AddSearchAttributeRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetSearchAttribute is an internal getter (TBD...)
 func (v *AddSearchAttributeRequest) GetSearchAttribute() (o map[string]IndexedValueType) {
 	if v != nil && v.SearchAttribute != nil {
@@ -47,6 +54,13 @@ type AdminDescribeWorkflowExecutionRequest struct {
 	Execution *WorkflowExecution `json:"execution,omitempty"`
 }
 
+func (v *AdminDescribeWorkflowExecutionRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetDomain is an internal getter (TBD...)
 func (v *AdminDescribeWorkflowExecutionRequest) GetDomain() (o string) {
 	if v != nil {
@@ -91,6 +105,13 @@ type GetWorkflowExecutionRawHistoryV2Request struct {
 	NextPageToken     []byte             `json:"nextPageToken,omitempty"`
 }
 
+func (v *GetWorkflowExecutionRawHistoryV2Request) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetDomain is an internal getter (TBD...)
 func (v *GetWorkflowExecutionRawHistoryV2Request) GetDomain() (o string) {
 	if v != nil {
@@ -206,6 +227,13 @@ type ResendReplicationTasksRequest struct {
 	EndVersion    *int64 `json:"endVersion,omitempty"`
 }
 
+func (v *ResendReplicationTasksRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetWorkflowID is an internal getter (TBD...)
 func (v *ResendReplicationTasksRequest) GetWorkflowID() (o string) {
 	if v != nil {
@@ -242,6 +270,13 @@ type GetDynamicConfigRequest struct {
 	Filters    []*DynamicConfigFilter `json:"filters,omitempty"`
 }
 
+func (v *GetDynamicConfigRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 type GetDynamicConfigResponse struct {
 	Value *DataBlob `json:"value,omitempty"`
 }
@@ -251,18 +286,39 @@ type UpdateDynamicConfigRequest struct {
 	ConfigValues []*DynamicConfigValue `json:"configValues,omitempty"`
 }
 
+func (v *UpdateDynamicConfigRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 type RestoreDynamicConfigRequest struct {
 	ConfigName string                 `json:"configName,omitempty"`
 	Filters    []*DynamicConfigFilter `json:"filters,omitempty"`
 }
 
+func (v *RestoreDynamicConfigRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // AdminDeleteWorkflowRequest is an internal type (TBD...)
 type AdminDeleteWorkflowRequest struct {
 	Domain     string             `json:"domain,omitempty"`
 	Execution  *WorkflowExecution `json:"execution,omitempty"`
 	SkipErrors bool               `json:"skipErrors,omitempty"`
 }
 
+func (v *AdminDeleteWorkflowRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 func (v *AdminDeleteWorkflowRequest) GetDomain() (o string) {
 	if v != nil {
 		return v.Domain
@@ -298,6 +354,13 @@ type ListDynamicConfigRequest struct {
 	ConfigName string `json:"configName,omitempty"`
 }
 
+func (v *ListDynamicConfigRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 type ListDynamicConfigResponse struct {
 	Entries []*DynamicConfigEntry `json:"entries,omitempty"`
 }

common/types/replicator.go

@@ -229,6 +229,13 @@ type GetDLQReplicationMessagesRequest struct {
 	TaskInfos []*ReplicationTaskInfo `json:"taskInfos,omitempty"`
 }
 
+func (v *GetDLQReplicationMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetTaskInfos is an internal getter (TBD...)
 func (v *GetDLQReplicationMessagesRequest) GetTaskInfos() (o []*ReplicationTaskInfo) {
 	if v != nil && v.TaskInfos != nil {
@@ -249,6 +256,13 @@ type GetDomainReplicationMessagesRequest struct {
 	ClusterName            string `json:"clusterName,omitempty"`
 }
 
+func (v *GetDomainReplicationMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetLastRetrievedMessageID is an internal getter (TBD...)
 func (v *GetDomainReplicationMessagesRequest) GetLastRetrievedMessageID() (o int64) {
 	if v != nil && v.LastRetrievedMessageID != nil {
@@ -284,6 +298,13 @@ type GetReplicationMessagesRequest struct {
 	ClusterName string              `json:"clusterName,omitempty"`
 }
 
+func (v *GetReplicationMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetClusterName is an internal getter (TBD...)
 func (v *GetReplicationMessagesRequest) GetClusterName() (o string) {
 	if v != nil {
@@ -393,6 +414,13 @@ type MergeDLQMessagesRequest struct {
 	NextPageToken         []byte   `json:"nextPageToken,omitempty"`
 }
 
+func (v *MergeDLQMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetType is an internal getter (TBD...)
 func (v *MergeDLQMessagesRequest) GetType() (o DLQType) {
 	if v != nil && v.Type != nil {
@@ -454,6 +482,13 @@ type PurgeDLQMessagesRequest struct {
 	InclusiveEndMessageID *int64   `json:"inclusiveEndMessageID,omitempty"`
 }
 
+func (v *PurgeDLQMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetType is an internal getter (TBD...)
 func (v *PurgeDLQMessagesRequest) GetType() (o DLQType) {
 	if v != nil && v.Type != nil {
@@ -496,6 +531,13 @@ type ReadDLQMessagesRequest struct {
 	NextPageToken         []byte   `json:"nextPageToken,omitempty"`
 }
 
+func (v *ReadDLQMessagesRequest) SerializeForLogging() (string, error) {
+	if v == nil {
+		return "", nil
+	}
+	return SerializeRequest(v)
+}
+
 // GetType is an internal getter (TBD...)
 func (v *ReadDLQMessagesRequest) GetType() (o DLQType) {
 	if v != nil && v.Type != nil {