fix(swagger): EE-868: elide the password field in the swagger docs (#5636)

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>

api/http/handler/users/user_inspect.go

@@ -15,6 +15,7 @@ import (
 // @id UserInspect
 // @summary Inspect a user
 // @description Retrieve details about a user.
+// @description User passwords are filtered out, and should never be accessible.
 // @description **Access policy**: administrator
 // @tags users
 // @security jwt

api/http/handler/users/user_list.go

@@ -12,6 +12,7 @@ import (
 // @summary List users
 // @description List Portainer users.
 // @description Non-administrator users will only be able to list other non-administrator user accounts.
+// @description User passwords are filtered out, and should never be accessible.
 // @description **Access policy**: restricted
 // @tags users
 // @security jwt

api/portainer.go

@@ -1023,7 +1023,7 @@ type (
 		// User Identifier
 		ID       UserID `json:"Id" example:"1"`
 		Username string `json:"Username" example:"bob"`
-		Password string `json:"Password,omitempty" example:"passwd"`
+		Password string `json:"Password,omitempty" swaggerignore:"true"`
 		// User Theme
 		UserTheme string `example:"dark"`
 		// User role (1 for administrator account and 2 for regular account)