*/
public User update(Session s, User toUpdate, String changeSet) throws WPISuiteException
{
// TODO: permissions checking here
User changes;
// Inflate the changeSet into a User object.
try
{
logger.log(Level.FINE, "User update being attempted...");
changes = User.fromJSON(changeSet);
}
catch(JsonParseException e)
{
logger.log(Level.WARNING, "UserManager.update() had a failure in the changeset mapper.");
throw new SerializationException("Error inflating the changeset: " + e.getMessage());
}
if(s.getUser().getUsername().equals(toUpdate.getUsername()) || s.getUser().getRole().equals(Role.ADMIN))
{
// Resolve differences toUpdate using changes, field-by-field.
toUpdate.setIdNum(changes.getIdNum());
if(changes.getName() != null)
{
toUpdate.setName(changes.getName());
}
//shouldn't be able to change unique identifier
/*if(changes.getUsername() != null)
{
toUpdate.setUserName(changes.getUsername());
}*/
if(changes.getPassword() != null)
{
String encryptedPass = this.passwordHash.generateHash(changes.getPassword());
toUpdate.setPassword(encryptedPass);
}
if((changes.getRole() != null))
{
if(s.getUser().getRole().equals(Role.ADMIN))
{
toUpdate.setRole(changes.getRole());
}
else
{
logger.log(Level.WARNING,"User: "+s.getUser().getUsername()+" attempted unauthorized priveledge elevation");
}