TT#59024 - Disable web_password and sip password fields

for administrators with disabled 'show_passwords'

	 * Add check in master data edit form to disable
	   web_password and sip password fields.
	 * Add check for api GET to not show passwords

Change-Id: Icf95cddc07982a698c893661b529e7542002ec60

lib/NGCP/Panel/Form/Customer/PbxSubscriber.pm

@@ -242,11 +242,11 @@ sub update_fields {
         );
     }
 
-    if($c->config->{security}->{password_sip_autogenerate}) {
+    if($c->config->{security}->{password_sip_autogenerate} || !$c->user->show_passwords) {
         $self->field('password')->inactive(1);
         $self->field('password')->required(0);
     }
-    if($c->config->{security}->{password_web_autogenerate}) {
+    if($c->config->{security}->{password_web_autogenerate} || !$c->user->show_passwords) {
         $self->field('webpassword')->inactive(1);
         $self->field('webpassword')->required(0);
     }

lib/NGCP/Panel/Form/SubscriberEdit.pm

@@ -188,6 +188,13 @@ sub update_fields {
             $c->uri_for_action('/subscriberprofile/profile_ajax', [$set_id])->as_string
         );
     }
+
+    if(!$c->user->show_passwords) {
+        $self->field('webpassword')->inactive(1);
+        $self->field('webpassword')->required(0);
+        $self->field('password')->inactive(1);
+        $self->field('password')->required(0);
+    }
 }
 
 sub validate_password {

lib/NGCP/Panel/Role/API/Subscribers.pm

@@ -148,6 +148,11 @@ sub resource_from_item {
         }else{
             $resource{lock} = undef;
         }
+        unless ($c->user->show_passwords) {
+            foreach my $k(qw/password webpassword/) {
+                delete $resource{$k};
+            }
+        }
     } else {
         if (!$self->subscriberadmin_write_access($c)) {
             # fields we never want to see