/**
* {@inheritDoc}
*/
@Override
public boolean isValid(UserSecurityDto dto, ConstraintValidatorContext context) {
JCUser currentUser = userService.getCurrentUser();
String editedUserName = getUsername(dto.getUserId());
String currentUserName = currentUser.getUsername();
boolean isWillBeChangedByOwner = ObjectUtils.equals(editedUserName, currentUserName);
if (isWillBeChangedByOwner) {
boolean result = dto.getNewUserPassword() == null;
//we must compare the hashes, so we encrypt the entered value
String enteredCurrentPassword = encryptionService.encryptPassword(dto.getCurrentUserPassword());
result |= currentUser.getPassword().equals(enteredCurrentPassword);
if (!result) {
// add validation error to the field
context.buildConstraintViolationWithTemplate(message)
.addNode("currentUserPassword")
.addConstraintViolation();