From 7f40a430fd704320e2a1712d132284f6ae3568a8 Mon Sep 17 00:00:00 2001 From: Athou Date: Wed, 1 May 2019 23:33:55 +0200 Subject: [PATCH] hide securitycheck user from swagger documentation --- pom.xml | 2 +- .../frontend/resource/AdminREST.java | 15 +++---- .../frontend/resource/CategoryREST.java | 25 +++++++----- .../frontend/resource/EntryREST.java | 15 ++++--- .../commafeed/frontend/resource/FeedREST.java | 40 +++++++++++-------- .../frontend/resource/ServerREST.java | 5 ++- .../commafeed/frontend/resource/UserREST.java | 10 ++--- 7 files changed, 64 insertions(+), 48 deletions(-) diff --git a/pom.xml b/pom.xml index be4c6088..2170483e 100644 --- a/pom.xml +++ b/pom.xml @@ -326,7 +326,7 @@ io.swagger swagger-annotations - 1.5.0 + 1.5.22 diff --git a/src/main/java/com/commafeed/frontend/resource/AdminREST.java b/src/main/java/com/commafeed/frontend/resource/AdminREST.java index e9f136ed..8ecf9325 100644 --- a/src/main/java/com/commafeed/frontend/resource/AdminREST.java +++ b/src/main/java/com/commafeed/frontend/resource/AdminREST.java @@ -46,7 +46,7 @@ import lombok.RequiredArgsConstructor; @Api(value = "/admin") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -@RequiredArgsConstructor(onConstructor = @__({ @Inject }) ) +@RequiredArgsConstructor(onConstructor = @__({ @Inject })) @Singleton public class AdminREST { @@ -62,7 +62,7 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Save or update a user", notes = "Save or update a user. If the id is not specified, a new user will be created") @Timed - public Response save(@SecurityCheck(Role.ADMIN) User user, @ApiParam(required = true) UserModel userModel) { + public Response save(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user, @ApiParam(required = true) UserModel userModel) { Preconditions.checkNotNull(userModel); Preconditions.checkNotNull(userModel.getName()); @@ -117,7 +117,8 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Get user information", notes = "Get user information", response = UserModel.class) @Timed - public Response getUser(@SecurityCheck(Role.ADMIN) User user, @ApiParam(value = "user id", required = true) @PathParam("id") Long id) { + public Response getUser(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user, + @ApiParam(value = "user id", required = true) @PathParam("id") Long id) { Preconditions.checkNotNull(id); User u = userDAO.findById(id); UserModel userModel = new UserModel(); @@ -134,7 +135,7 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Get all users", notes = "Get all users", response = UserModel.class, responseContainer = "List") @Timed - public Response getUsers(@SecurityCheck(Role.ADMIN) User user) { + public Response getUsers(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user) { Map users = new HashMap<>(); for (UserRole role : userRoleDAO.findAll()) { User u = role.getUser(); @@ -162,7 +163,7 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Delete a user", notes = "Delete a user, and all his subscriptions") @Timed - public Response delete(@SecurityCheck(Role.ADMIN) User user, @ApiParam(required = true) IDRequest req) { + public Response delete(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user, @ApiParam(required = true) IDRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -182,7 +183,7 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Retrieve application settings", notes = "Retrieve application settings", response = ApplicationSettings.class) @Timed - public Response getSettings(@SecurityCheck(Role.ADMIN) User user) { + public Response getSettings(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user) { return Response.ok(config.getApplicationSettings()).build(); } @@ -191,7 +192,7 @@ public class AdminREST { @UnitOfWork @ApiOperation(value = "Retrieve server metrics") @Timed - public Response getMetrics(@SecurityCheck(Role.ADMIN) User user) { + public Response getMetrics(@ApiParam(hidden = true) @SecurityCheck(Role.ADMIN) User user) { return Response.ok(metrics).build(); } diff --git a/src/main/java/com/commafeed/frontend/resource/CategoryREST.java b/src/main/java/com/commafeed/frontend/resource/CategoryREST.java index af28313c..65d2a9ac 100644 --- a/src/main/java/com/commafeed/frontend/resource/CategoryREST.java +++ b/src/main/java/com/commafeed/frontend/resource/CategoryREST.java @@ -74,7 +74,7 @@ import lombok.extern.slf4j.Slf4j; @Slf4j @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -@RequiredArgsConstructor(onConstructor = @__({ @Inject }) ) +@RequiredArgsConstructor(onConstructor = @__({ @Inject })) @Singleton public class CategoryREST { @@ -94,7 +94,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Get category entries", notes = "Get a list of category entries", response = Entries.class) @Timed - public Response getCategoryEntries(@SecurityCheck User user, + public Response getCategoryEntries(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "id of the category, 'all' or 'starred'", required = true) @QueryParam("id") String id, @ApiParam( value = "all entries or only unread ones", @@ -103,7 +103,9 @@ public class CategoryREST { @ApiParam(value = "only entries newer than this") @QueryParam("newerThan") Long newerThan, @ApiParam(value = "offset for paging") @DefaultValue("0") @QueryParam("offset") int offset, @ApiParam(value = "limit for paging, default 20, maximum 1000") @DefaultValue("20") @QueryParam("limit") int limit, - @ApiParam(value = "ordering", allowableValues = "asc,desc,abc,zyx") @QueryParam("order") @DefaultValue("desc") ReadingOrder order, + @ApiParam( + value = "ordering", + allowableValues = "asc,desc,abc,zyx") @QueryParam("order") @DefaultValue("desc") ReadingOrder order, @ApiParam( value = "search for keywords in either the title or the content of the entries, separated by spaces, 3 characters minimum") @QueryParam("keywords") String keywords, @ApiParam(value = "return only entry ids") @DefaultValue("false") @QueryParam("onlyIds") boolean onlyIds, @@ -191,7 +193,7 @@ public class CategoryREST { @ApiOperation(value = "Get category entries as feed", notes = "Get a feed of category entries") @Produces(MediaType.APPLICATION_XML) @Timed - public Response getCategoryEntriesAsFeed(@SecurityCheck(apiKeyAllowed = true) User user, + public Response getCategoryEntriesAsFeed(@ApiParam(hidden = true) @SecurityCheck(apiKeyAllowed = true) User user, @ApiParam(value = "id of the category, 'all' or 'starred'", required = true) @QueryParam("id") String id, @ApiParam( value = "all entries or only unread ones", @@ -238,7 +240,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Mark category entries", notes = "Mark feed entries of this category as read") @Timed - public Response markCategoryEntries(@SecurityCheck User user, + public Response markCategoryEntries(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "category id, or 'all'", required = true) MarkRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -280,7 +282,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Add a category", notes = "Add a new feed category", response = Long.class) @Timed - public Response addCategory(@SecurityCheck User user, @ApiParam(required = true) AddCategoryRequest req) { + public Response addCategory(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) AddCategoryRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getName()); @@ -304,7 +306,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Delete a category", notes = "Delete an existing feed category") @Timed - public Response deleteCategory(@SecurityCheck User user, @ApiParam(required = true) IDRequest req) { + public Response deleteCategory(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) IDRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -337,7 +339,8 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Rename a category", notes = "Rename an existing feed category") @Timed - public Response modifyCategory(@SecurityCheck User user, @ApiParam(required = true) CategoryModificationRequest req) { + public Response modifyCategory(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(required = true) CategoryModificationRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -392,7 +395,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Collapse a category", notes = "Save collapsed or expanded status for a category") @Timed - public Response collapse(@SecurityCheck User user, @ApiParam(required = true) CollapseRequest req) { + public Response collapse(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) CollapseRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -411,7 +414,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Get unread count for feed subscriptions", response = UnreadCount.class, responseContainer = "List") @Timed - public Response getUnreadCount(@SecurityCheck User user) { + public Response getUnreadCount(@ApiParam(hidden = true) @SecurityCheck User user) { Map unreadCount = feedSubscriptionService.getUnreadCount(user); return Response.ok(Lists.newArrayList(unreadCount.values())).build(); } @@ -421,7 +424,7 @@ public class CategoryREST { @UnitOfWork @ApiOperation(value = "Get feed categories", notes = "Get all categories and subscriptions of the user", response = Category.class) @Timed - public Response getSubscriptions(@SecurityCheck User user) { + public Response getSubscriptions(@ApiParam(hidden = true) @SecurityCheck User user) { Category root = cache.getUserRootCategory(user); if (root == null) { log.debug("tree cache miss for {}", user.getId()); diff --git a/src/main/java/com/commafeed/frontend/resource/EntryREST.java b/src/main/java/com/commafeed/frontend/resource/EntryREST.java index 57591f4e..0aaebe80 100644 --- a/src/main/java/com/commafeed/frontend/resource/EntryREST.java +++ b/src/main/java/com/commafeed/frontend/resource/EntryREST.java @@ -34,7 +34,7 @@ import lombok.RequiredArgsConstructor; @Api(value = "/entry") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -@RequiredArgsConstructor(onConstructor = @__({ @Inject }) ) +@RequiredArgsConstructor(onConstructor = @__({ @Inject })) @Singleton public class EntryREST { @@ -47,7 +47,8 @@ public class EntryREST { @UnitOfWork @ApiOperation(value = "Mark a feed entry", notes = "Mark a feed entry as read/unread") @Timed - public Response markFeedEntry(@SecurityCheck User user, @ApiParam(value = "Mark Request", required = true) MarkRequest req) { + public Response markFeedEntry(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "Mark Request", required = true) MarkRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -60,7 +61,7 @@ public class EntryREST { @UnitOfWork @ApiOperation(value = "Mark multiple feed entries", notes = "Mark feed entries as read/unread") @Timed - public Response markFeedEntries(@SecurityCheck User user, + public Response markFeedEntries(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "Multiple Mark Request", required = true) MultipleMarkRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getRequests()); @@ -77,7 +78,8 @@ public class EntryREST { @UnitOfWork @ApiOperation(value = "Mark a feed entry", notes = "Mark a feed entry as read/unread") @Timed - public Response starFeedEntry(@SecurityCheck User user, @ApiParam(value = "Star Request", required = true) StarRequest req) { + public Response starFeedEntry(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "Star Request", required = true) StarRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); Preconditions.checkNotNull(req.getFeedId()); @@ -92,7 +94,7 @@ public class EntryREST { @UnitOfWork @ApiOperation(value = "Get list of tags for the user", notes = "Get list of tags for the user") @Timed - public Response getTags(@SecurityCheck User user) { + public Response getTags(@ApiParam(hidden = true) @SecurityCheck User user) { List tags = feedEntryTagDAO.findByUser(user); return Response.ok(tags).build(); } @@ -102,7 +104,8 @@ public class EntryREST { @UnitOfWork @ApiOperation(value = "Mark a feed entry", notes = "Mark a feed entry as read/unread") @Timed - public Response tagFeedEntry(@SecurityCheck User user, @ApiParam(value = "Tag Request", required = true) TagRequest req) { + public Response tagFeedEntry(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "Tag Request", required = true) TagRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getEntryId()); diff --git a/src/main/java/com/commafeed/frontend/resource/FeedREST.java b/src/main/java/com/commafeed/frontend/resource/FeedREST.java index 3a61e331..8efd8e42 100644 --- a/src/main/java/com/commafeed/frontend/resource/FeedREST.java +++ b/src/main/java/com/commafeed/frontend/resource/FeedREST.java @@ -95,7 +95,7 @@ import lombok.extern.slf4j.Slf4j; @Slf4j @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -@RequiredArgsConstructor(onConstructor = @__({ @Inject }) ) +@RequiredArgsConstructor(onConstructor = @__({ @Inject })) @Singleton public class FeedREST { @@ -132,7 +132,7 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Get feed entries", notes = "Get a list of feed entries", response = Entries.class) @Timed - public Response getFeedEntries(@SecurityCheck User user, + public Response getFeedEntries(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "id of the feed", required = true) @QueryParam("id") String id, @ApiParam( value = "all entries or only unread ones", @@ -141,7 +141,9 @@ public class FeedREST { @ApiParam(value = "only entries newer than this") @QueryParam("newerThan") Long newerThan, @ApiParam(value = "offset for paging") @DefaultValue("0") @QueryParam("offset") int offset, @ApiParam(value = "limit for paging, default 20, maximum 1000") @DefaultValue("20") @QueryParam("limit") int limit, - @ApiParam(value = "ordering", allowableValues = "asc,desc,abc,zyx") @QueryParam("order") @DefaultValue("desc") ReadingOrder order, + @ApiParam( + value = "ordering", + allowableValues = "asc,desc,abc,zyx") @QueryParam("order") @DefaultValue("desc") ReadingOrder order, @ApiParam( value = "search for keywords in either the title or the content of the entries, separated by spaces, 3 characters minimum") @QueryParam("keywords") String keywords, @ApiParam(value = "return only entry ids") @DefaultValue("false") @QueryParam("onlyIds") boolean onlyIds) { @@ -200,7 +202,7 @@ public class FeedREST { @ApiOperation(value = "Get feed entries as a feed", notes = "Get a feed of feed entries") @Produces(MediaType.APPLICATION_XML) @Timed - public Response getFeedEntriesAsFeed(@SecurityCheck(apiKeyAllowed = true) User user, + public Response getFeedEntriesAsFeed(@ApiParam(hidden = true) @SecurityCheck(apiKeyAllowed = true) User user, @ApiParam(value = "id of the feed", required = true) @QueryParam("id") String id, @ApiParam( value = "all entries or only unread ones", @@ -260,7 +262,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Fetch a feed", notes = "Fetch a feed by its url", response = FeedInfo.class) @Timed - public Response fetchFeed(@SecurityCheck User user, @ApiParam(value = "feed url", required = true) FeedInfoRequest req) { + public Response fetchFeed(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "feed url", required = true) FeedInfoRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getUrl()); @@ -279,7 +282,7 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Queue all feeds of the user for refresh", notes = "Manually add all feeds of the user to the refresh queue") @Timed - public Response queueAllForRefresh(@SecurityCheck User user) { + public Response queueAllForRefresh(@ApiParam(hidden = true) @SecurityCheck User user) { feedSubscriptionService.refreshAll(user); return Response.ok().build(); } @@ -289,7 +292,7 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Queue a feed for refresh", notes = "Manually add a feed to the refresh queue") @Timed - public Response queueForRefresh(@SecurityCheck User user, @ApiParam(value = "Feed id") IDRequest req) { + public Response queueForRefresh(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "Feed id") IDRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -308,7 +311,7 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Mark feed entries", notes = "Mark feed entries as read (unread is not supported)") @Timed - public Response markFeedEntries(@SecurityCheck User user, @ApiParam(value = "Mark request") MarkRequest req) { + public Response markFeedEntries(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(value = "Mark request") MarkRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -328,7 +331,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "", notes = "") @Timed - public Response get(@SecurityCheck User user, @ApiParam(value = "user id", required = true) @PathParam("id") Long id) { + public Response get(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "user id", required = true) @PathParam("id") Long id) { Preconditions.checkNotNull(id); FeedSubscription sub = feedSubscriptionDAO.findById(user, id); @@ -344,7 +348,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Fetch a feed's icon", notes = "Fetch a feed's icon") @Timed - public Response getFavicon(@SecurityCheck User user, @ApiParam(value = "subscription id") @PathParam("id") Long id) { + public Response getFavicon(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "subscription id") @PathParam("id") Long id) { Preconditions.checkNotNull(id); FeedSubscription subscription = feedSubscriptionDAO.findById(user, id); @@ -374,7 +379,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Subscribe to a feed", notes = "Subscribe to a feed") @Timed - public Response subscribe(@SecurityCheck User user, @ApiParam(value = "subscription request", required = true) SubscribeRequest req) { + public Response subscribe(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "subscription request", required = true) SubscribeRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getTitle()); Preconditions.checkNotNull(req.getUrl()); @@ -401,7 +407,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Subscribe to a feed", notes = "Subscribe to a feed") @Timed - public Response subscribe(@SecurityCheck User user, @ApiParam(value = "feed url", required = true) @QueryParam("url") String url) { + public Response subscribe(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "feed url", required = true) @QueryParam("url") String url) { try { Preconditions.checkNotNull(url); @@ -429,7 +436,7 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Unsubscribe from a feed", notes = "Unsubscribe from a feed") @Timed - public Response unsubscribe(@SecurityCheck User user, @ApiParam(required = true) IDRequest req) { + public Response unsubscribe(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) IDRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -446,7 +453,8 @@ public class FeedREST { @UnitOfWork @ApiOperation(value = "Modify a subscription", notes = "Modify a feed subscription") @Timed - public Response modify(@SecurityCheck User user, @ApiParam(value = "subscription id", required = true) FeedModificationRequest req) { + public Response modify(@ApiParam(hidden = true) @SecurityCheck User user, + @ApiParam(value = "subscription id", required = true) FeedModificationRequest req) { Preconditions.checkNotNull(req); Preconditions.checkNotNull(req.getId()); @@ -506,7 +514,7 @@ public class FeedREST { @Consumes(MediaType.MULTIPART_FORM_DATA) @ApiOperation(value = "OPML import", notes = "Import an OPML file, posted as a FORM with the 'file' name") @Timed - public Response importOpml(@SecurityCheck User user, @FormDataParam("file") InputStream input) { + public Response importOpml(@ApiParam(hidden = true) @SecurityCheck User user, @FormDataParam("file") InputStream input) { String publicUrl = config.getApplicationSettings().getPublicUrl(); if (StringUtils.isBlank(publicUrl)) { @@ -533,7 +541,7 @@ public class FeedREST { @Produces(MediaType.APPLICATION_XML) @ApiOperation(value = "OPML export", notes = "Export an OPML file of the user's subscriptions") @Timed - public Response exportOpml(@SecurityCheck User user) { + public Response exportOpml(@ApiParam(hidden = true) @SecurityCheck User user) { Opml opml = opmlExporter.export(user); WireFeedOutput output = new WireFeedOutput(); String opmlString = null; diff --git a/src/main/java/com/commafeed/frontend/resource/ServerREST.java b/src/main/java/com/commafeed/frontend/resource/ServerREST.java index eeebc160..4fdefdd3 100644 --- a/src/main/java/com/commafeed/frontend/resource/ServerREST.java +++ b/src/main/java/com/commafeed/frontend/resource/ServerREST.java @@ -25,13 +25,14 @@ import com.commafeed.frontend.model.ServerInfo; import io.dropwizard.hibernate.UnitOfWork; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; import lombok.RequiredArgsConstructor; @Path("/server") @Api(value = "/server") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) -@RequiredArgsConstructor(onConstructor = @__({ @Inject }) ) +@RequiredArgsConstructor(onConstructor = @__({ @Inject })) @Singleton public class ServerREST { @@ -60,7 +61,7 @@ public class ServerREST { @ApiOperation(value = "proxy image") @Produces("image/png") @Timed - public Response get(@SecurityCheck User user, @QueryParam("u") String url) { + public Response get(@ApiParam(hidden = true) @SecurityCheck User user, @QueryParam("u") String url) { if (!config.getApplicationSettings().getImageProxyEnabled()) { return Response.status(Status.FORBIDDEN).build(); } diff --git a/src/main/java/com/commafeed/frontend/resource/UserREST.java b/src/main/java/com/commafeed/frontend/resource/UserREST.java index 52df3d55..0499b3e4 100644 --- a/src/main/java/com/commafeed/frontend/resource/UserREST.java +++ b/src/main/java/com/commafeed/frontend/resource/UserREST.java @@ -83,7 +83,7 @@ public class UserREST { @UnitOfWork @ApiOperation(value = "Retrieve user settings", notes = "Retrieve user settings", response = Settings.class) @Timed - public Response getSettings(@SecurityCheck User user) { + public Response getSettings(@ApiParam(hidden = true) @SecurityCheck User user) { Settings s = new Settings(); UserSettings settings = userSettingsDAO.findByUser(user); if (settings != null) { @@ -138,7 +138,7 @@ public class UserREST { @UnitOfWork @ApiOperation(value = "Save user settings", notes = "Save user settings") @Timed - public Response saveSettings(@SecurityCheck User user, @ApiParam(required = true) Settings settings) { + public Response saveSettings(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) Settings settings) { Preconditions.checkNotNull(settings); UserSettings s = userSettingsDAO.findByUser(user); @@ -177,7 +177,7 @@ public class UserREST { @UnitOfWork @ApiOperation(value = "Retrieve user's profile", response = UserModel.class) @Timed - public Response get(@SecurityCheck User user) { + public Response get(@ApiParam(hidden = true) @SecurityCheck User user) { UserModel userModel = new UserModel(); userModel.setId(user.getId()); userModel.setName(user.getName()); @@ -197,7 +197,7 @@ public class UserREST { @UnitOfWork @ApiOperation(value = "Save user's profile") @Timed - public Response save(@SecurityCheck User user, @ApiParam(required = true) ProfileModificationRequest request) { + public Response save(@ApiParam(hidden = true) @SecurityCheck User user, @ApiParam(required = true) ProfileModificationRequest request) { Preconditions.checkArgument(StringUtils.isBlank(request.getPassword()) || request.getPassword().length() >= 6); if (StringUtils.isNotBlank(request.getEmail())) { User u = userDAO.findByEmail(request.getEmail()); @@ -330,7 +330,7 @@ public class UserREST { @UnitOfWork @ApiOperation(value = "Delete the user account") @Timed - public Response delete(@SecurityCheck User user) { + public Response delete(@ApiParam(hidden = true) @SecurityCheck User user) { if (CommaFeedApplication.USERNAME_ADMIN.equals(user.getName()) || CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) { return Response.status(Status.FORBIDDEN).build(); }