From 99d6c5e179657c8414298007d47b5736d04c568f Mon Sep 17 00:00:00 2001
From: Zhongwen Deng <zhongwencool@gmail.com>
Date: Fri, 14 Apr 2023 21:57:09 +0800
Subject: [PATCH 1/2] feat: hide dashboard's default_username/default_password
 conf

---
 apps/emqx_dashboard/src/emqx_dashboard_schema.erl | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/apps/emqx_dashboard/src/emqx_dashboard_schema.erl b/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
index 7df661fb2..0ba970842 100644
--- a/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
+++ b/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
@@ -42,6 +42,7 @@ fields("dashboard") ->
                 #{
                     default => <<"10s">>,
                     desc => ?DESC(sample_interval),
+                    importance => ?IMPORTANCE_HIDDEN,
                     validator => fun validate_sample_interval/1
                 }
             )},
@@ -61,6 +62,7 @@ fields("dashboard") ->
                 #{
                     desc => ?DESC(bootstrap_users_file),
                     required => false,
+                    importance => ?IMPORTANCE_HIDDEN,
                     default => <<>>
                     %% deprecated => {since, "5.1.0"}
                 }
@@ -97,7 +99,7 @@ fields("https") ->
         bind(18084)
         | common_listener_fields() ++
             exclude_fields(
-                ["fail_if_no_peer_cert"],
+                ["fail_if_no_peer_cert", "password"],
                 emqx_schema:server_ssl_opts_schema(#{}, true)
             )
     ].
@@ -210,6 +212,7 @@ default_username(default) -> <<"admin">>;
 default_username(required) -> true;
 default_username(desc) -> ?DESC(default_username);
 default_username('readOnly') -> true;
+default_username(importance) -> ?IMPORTANCE_HIDDEN;
 default_username(_) -> undefined.
 
 default_password(type) -> binary();
@@ -219,6 +222,7 @@ default_password('readOnly') -> true;
 default_password(sensitive) -> true;
 default_password(converter) -> fun emqx_schema:password_converter/2;
 default_password(desc) -> ?DESC(default_password);
+default_password(importance) -> ?IMPORTANCE_HIDDEN;
 default_password(_) -> undefined.
 
 cors(type) -> boolean();
@@ -231,6 +235,7 @@ i18n_lang(type) -> ?ENUM([en, zh]);
 i18n_lang(default) -> en;
 i18n_lang('readOnly') -> true;
 i18n_lang(desc) -> ?DESC(i18n_lang);
+i18n_lang(importance) -> ?IMPORTANCE_HIDDEN;
 i18n_lang(_) -> undefined.
 
 validate_sample_interval(Second) ->

From 98e8287260f3e000eab7715082e8be17a2b06c91 Mon Sep 17 00:00:00 2001
From: Zhongwen Deng <zhongwencool@gmail.com>
Date: Sun, 16 Apr 2023 10:11:36 +0800
Subject: [PATCH 2/2] fix: hidden password in dashboard https's shema

---
 apps/emqx_dashboard/src/emqx_dashboard_schema.erl | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/apps/emqx_dashboard/src/emqx_dashboard_schema.erl b/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
index 0ba970842..d3e4233d3 100644
--- a/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
+++ b/apps/emqx_dashboard/src/emqx_dashboard_schema.erl
@@ -97,13 +97,15 @@ fields("https") ->
     [
         enable(false),
         bind(18084)
-        | common_listener_fields() ++
-            exclude_fields(
-                ["fail_if_no_peer_cert", "password"],
-                emqx_schema:server_ssl_opts_schema(#{}, true)
-            )
+        | common_listener_fields() ++ server_ssl_opts()
     ].
 
+server_ssl_opts() ->
+    Opts0 = emqx_schema:server_ssl_opts_schema(#{}, true),
+    Opts1 = exclude_fields(["fail_if_no_peer_cert"], Opts0),
+    {value, {_, Meta}, Opts2} = lists:keytake("password", 1, Opts1),
+    [{"password", Meta#{importance => ?IMPORTANCE_HIDDEN}} | Opts2].
+
 exclude_fields([], Fields) ->
     Fields;
 exclude_fields([FieldName | Rest], Fields) ->