Sanitize user object in user plugin update method return value

[drewtownchi]

Description of what you did:

Issue: fix #6000

This change sanitizes the user plugin's update method return object. There should be no reason to return the password hash and the reset token when updating a user object.

I verified locally that the admin workflow is not disrupted by this change because the UI goes from the user list->queries the user->performs PUT and doesn't seem to use the password hash field (or any data for that matter) returned from the PUT request.

[codecov]

Codecov Report

Merging #6003 into master will increase coverage by 0.56%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #6003      +/-   ##
==========================================
+ Coverage   19.28%   19.85%   +0.56%     
==========================================
  Files         863      856       -7     
  Lines       12044    12046       +2     
  Branches     1930     1950      +20     
==========================================
+ Hits         2323     2392      +69     
+ Misses       8148     8079      -69     
- Partials     1573     1575       +2     

Flag	Coverage Δ
#front	14.64% <ø> (+0.07%)	⬆️
#unit	41.34% <ø> (+1.53%)	⬆️

Impacted Files	Coverage Δ
packages/strapi-plugin-email/admin/src/pluginId.js	0.00% <0.00%> (-100.00%)	⬇️
packages/strapi-utils/lib/stringFormatting.js	50.00% <0.00%> (-50.00%)	⬇️
.../admin/src/components/LeftMenuLink/LeftMenuIcon.js	50.00% <0.00%> (-7.15%)	⬇️
...strapi-plugin-upload/config/functions/bootstrap.js	62.06% <0.00%> (-6.69%)	⬇️
...api-admin/admin/src/components/PluginCard/index.js	4.87% <0.00%> (-2.27%)	⬇️
...pload/admin/src/containers/SettingsPage/reducer.js	90.90% <0.00%> (-0.76%)	⬇️
packages/strapi-utils/lib/index.js	100.00% <0.00%> (ø)
packages/strapi-plugin-email/admin/src/index.js	0.00% <0.00%> (ø)
packages/strapi-provider-upload-local/lib/index.js	22.72% <0.00%> (ø)
...ackages/strapi/lib/load/check-reserved-filename.js	100.00% <0.00%> (ø)
... and 89 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e79daad...f26abb9. Read the comment docs.

[alexandrebodin]

Hi, Thank you for this change. I think we should apply this to the other methods too (create, delete) etc :) Can you add this ?

[alexandrebodin]

Hey @drewtownchi seems like our CI is having trouble. Do you mind amending your last commit and doing a push force on your branche to trigger it again ?

[drewtownchi]

@alexandrebodin I'm not sure why the DCO isn't working. I did what it said and nothing is happening.