fixes #4463 - use unattended URL for hostgroup provisioning

fixes #3492 - API v2 nested routes for each controller

fixes #7332 - Host Create API documentation missing required parameters

Refs #3809 - Use parentheses in method definitions

Refs #3809 - Remove rubocop TODOs

Removed the following TODOs so that cops for these will run from now on:

Lint/AmbiguousOperator, DefEndAlignment, DeprecatedClassMethods
EnsureReturn, RequireParentheses, Void, BlockAlignment, EndAlignment,
UselessAccessModifier,...

refs #2127 - add password_hash to API

fixes #4386 - gem friendly_id to simplify find by id, name, label, etc

fixes #5896 - Set Compute Resource's 'Console passwords' option in API

Fixes #5926 - hide sensitive parameter values

User can check to hide value when creating or editing global parameter.
The value is masked by *** and is also not displayed when overriding.

Fixes #6538 - User group vs usergroup name consistency