fix: enforce elevated authentication

api/user.go

@@ -69,6 +69,8 @@ type UserAPI struct {
 //
 // Return all users.
 //
+// Requires elevated authentication.
+//
 //	---
 //	produces: [application/json]
 //	security: [clientTokenAuthorizationHeader: [], clientTokenHeader: [], clientTokenQuery: [], basicAuth: []]
@@ -105,6 +107,8 @@ func (a *UserAPI) GetUsers(ctx *gin.Context) {
 //
 // Return the current user.
 //
+// Requires elevated authentication.
+//
 //	---
 //	produces: [application/json]
 //	security: [clientTokenAuthorizationHeader: [], clientTokenHeader: [], clientTokenQuery: [], basicAuth: []]
@@ -147,6 +151,8 @@ func (a *UserAPI) GetCurrentUser(ctx *gin.Context) {
 // With enabled registration: non admin users can be created without authentication.
 // With disabled registrations: users can only be created by admin users.
 //
+// Requires elevated authentication.
+//
 //	---
 //	consumes: [application/json]
 //	produces: [application/json]
@@ -233,6 +239,8 @@ func (a *UserAPI) CreateUser(ctx *gin.Context) {
 //
 // Get a user.
 //
+// Requires elevated authentication.
+//
 //	---
 //	consumes: [application/json]
 //	produces: [application/json]
@@ -284,6 +292,8 @@ func (a *UserAPI) GetUserByID(ctx *gin.Context) {
 //
 // Deletes a user.
 //
+// Requires elevated authentication.
+//
 //	---
 //	produces: [application/json]
 //	security: [clientTokenAuthorizationHeader: [], clientTokenHeader: [], clientTokenQuery: [], basicAuth: []]
@@ -344,6 +354,8 @@ func (a *UserAPI) DeleteUserByID(ctx *gin.Context) {
 //
 // Update the password of the current user.
 //
+// Requires elevated authentication.
+//
 //	---
 //	consumes: [application/json]
 //	produces: [application/json]
@@ -387,6 +399,8 @@ func (a *UserAPI) ChangePassword(ctx *gin.Context) {
 //
 // Update a user.
 //
+// Requires elevated authentication.
+//
 //	---
 //	consumes: [application/json]
 //	produces: [application/json]