fix(swagger): EE-868: elide the password field in the swagger docs (#5636)

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2021-09-27 14:00:04 +10:00
parent 9c80501738
commit 7437006359
3 changed files with 3 additions and 1 deletions
--- a/api/http/handler/users/user_inspect.go
+++ b/api/http/handler/users/user_inspect.go
@@ -15,6 +15,7 @@ import (
 // @id UserInspect
 // @summary Inspect a user
 // @description Retrieve details about a user.
+// @description User passwords are filtered out, and should never be accessible.
 // @description **Access policy**: administrator
 // @tags users
 // @security jwt
--- a/api/http/handler/users/user_list.go
+++ b/api/http/handler/users/user_list.go
@@ -12,6 +12,7 @@ import (
 // @summary List users
 // @description List Portainer users.
 // @description Non-administrator users will only be able to list other non-administrator user accounts.
+// @description User passwords are filtered out, and should never be accessible.
 // @description **Access policy**: restricted
 // @tags users
 // @security jwt