/**
  * Copy fields for updating or display. Does <b>not</b> copy some fields:
  *
  * <ul>
  *   <li>ID: never overwrite IDs on hibernate objects
  *   <li>userAccountUri: these don't come down from display layer, so we don't want to overwrite
  *       with null
  *   <li>userProfileUri: these don't come down from display layer, so we don't want to overwrite
  *       with null
  *   <li>roles: don't want to overwrite a user's roles when updating their profile
  * </ul>
  *
  * @param source
  * @param destination
  */
 private void copyFields(UserProfile source, UserProfile destination) {
   destination.setAuthId(source.getAuthId());
   destination.setRealName(source.getRealName());
   destination.setGivenNames(source.getGivenNames());
   destination.setSurname(source.getSurname());
   destination.setTitle(source.getTitle());
   destination.setGender(source.getGender());
   destination.setEmail(source.getEmail());
   destination.setHomePage(source.getHomePage());
   destination.setWeblog(source.getWeblog());
   destination.setPublications(source.getPublications());
   destination.setDisplayName(source.getDisplayName());
   destination.setSuffix(source.getSuffix());
   destination.setPositionType(source.getPositionType());
   destination.setOrganizationName(source.getOrganizationName());
   destination.setOrganizationType(source.getOrganizationType());
   destination.setPostalAddress(source.getPostalAddress());
   destination.setCity(source.getCity());
   destination.setCountry(source.getCountry());
   destination.setBiography(source.getBiography());
   destination.setInterests(source.getInterests());
   destination.setResearchAreas(source.getResearchAreas());
   destination.setOrganizationVisibility(source.getOrganizationVisibility());
   destination.setAlertsJournals(source.getAlertsJournals());
 }
  @Override
  public UserProfile getProfileForDisplay(UserProfile userProfile, boolean showPrivateFields) {
    UserProfile display = new UserProfile();
    copyFields(userProfile, display);
    if (!showPrivateFields) {
      log.debug("Removing private fields for display on user: {}", userProfile.getDisplayName());
      display.setOrganizationName(null);
      display.setOrganizationType(null);
      display.setPostalAddress(null);
      display.setPositionType(null);
    }

    // escape html in all string fields
    BeanWrapper wrapper = new BeanWrapperImpl(display);
    for (PropertyDescriptor property : wrapper.getPropertyDescriptors()) {
      if (String.class.isAssignableFrom(property.getPropertyType())) {
        String name = property.getName();
        wrapper.setPropertyValue(
            name, TextUtils.escapeHtml((String) wrapper.getPropertyValue(name)));
      }
    }

    return display;
  }