1 files changed, 9 insertions, 8 deletions

diff --git a/src/main/java/com/juick/www/api/Users.java b/src/main/java/com/juick/www/api/Users.java
index 124632d0..afca7ee3 100644
--- a/src/main/java/com/juick/www/api/Users.java
+++ b/src/main/java/com/juick/www/api/Users.java
@@ -42,6 +42,7 @@ import com.juick.util.HttpUtils;
 import com.juick.util.WebUtils;
 import com.juick.www.WebApp;
 
+import io.swagger.v3.oas.annotations.Parameter;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -74,7 +75,7 @@ public class Users {
 
     @RequestMapping(value = "/api/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
     public List<User> doGetUsers(
-            @ModelAttribute User visitor,
+            @Parameter(hidden = true) User visitor,
             @RequestParam(value = "uname", required = false) List<String> unames) {
         List<User> users = new ArrayList<>();
 
@@ -96,7 +97,7 @@ public class Users {
     }
 
     @GetMapping("/api/me")
-    public SecureUser getMe(@ModelAttribute User visitor) {
+    public SecureUser getMe(@Parameter(hidden = true) User visitor) {
         SecureUser me = new SecureUser();
         me.setUid(visitor.getUid());
         me.setName(visitor.getName());
@@ -115,7 +116,7 @@ public class Users {
         return (SecureUser)userService.getUserInfo(me);
     }
     @PostMapping("/api/me")
-    public void updateMe(@ModelAttribute User visitor,
+    public void updateMe(@Parameter(hidden = true) User visitor,
                                          @RequestParam(required = false) String password,
                                          @RequestParam(value = "jid-del", required = false) String jidForDeletion,
                                          @RequestParam(value = "email-add", required = false) String newEmail,
@@ -159,12 +160,12 @@ public class Users {
         }
     }
     @PostMapping("/api/me/subscribe")
-    public void subscribeMe(@ModelAttribute User visitor, String email) {
+    public void subscribeMe(@Parameter(hidden = true) User visitor, String email) {
         // TODO: check status
         emailService.setNotificationsEmail(visitor.getUid(), email);
     }
     @PostMapping("/api/me/upload")
-    public void updateInfo(@ModelAttribute User visitor,
+    public void updateInfo(@Parameter(hidden = true) User visitor,
                            @RequestParam MultipartFile avatar) throws IOException {
         String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, storageService.getTemporaryDirectory()).getHost();
         if (StringUtils.isNotEmpty(avatarTmpPath)) {
@@ -175,7 +176,7 @@ public class Users {
 
     @RequestMapping(value = "/api/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
     public List<User> doGetUserRead(
-            @ModelAttribute User visitor,
+            @Parameter(hidden = true) User visitor,
             @RequestParam String uname) {
         int uid = 0;
         if (uname == null) {
@@ -199,7 +200,7 @@ public class Users {
 
     @RequestMapping(value = "/api/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
     public List<User> doGetUserReaders(
-            @ModelAttribute User visitor,
+            @Parameter(hidden = true) User visitor,
             @RequestParam String uname) {
         int uid = 0;
         if (uname == null) {
@@ -222,7 +223,7 @@ public class Users {
     }
 
     @GetMapping("/api/info/{uname}")
-    public User getUserInfo(@ModelAttribute User visitor, @PathVariable String uname) {
+    public User getUserInfo(@Parameter(hidden = true) User visitor, @PathVariable String uname) {
         User user = userService.getUserByName(uname);
         if (!user.isBanned()) {
             user.setRead(doGetUserRead(visitor, uname));