@GET
  @Produces(MediaType.TEXT_HTML)
  public Response detailView(@Context HttpServletRequest request) {

    ModelAndView view;
    ModelMap model = new ModelMap();
    ResponseBuilder builder;

    try {
      model.addAttribute("title", "Account Settings - " + getContextName());
      model.addAttribute("user", getCurrentUser());
      model.addAttribute("currentView", "detail");

      addFlashMessage(request, model);

      view = new ModelAndView("user.detail", model);
      builder = Response.ok();
    } catch (UserNotFoundException e) {
      logger.warn("User not found", e);

      view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
      builder = Response.serverError();
    }

    return builder.entity(view).build();
  }
  @POST
  @Path("provider")
  public Response changeProviderStatus(@Context UriInfo uri, @Context HttpServletRequest request) {

    ModelAndView view;
    ResponseBuilder builder;
    User currentUser;
    URI redirectURI;

    try {
      currentUser = getCurrentUser();
      boolean wasProvider = currentUser.isProvider();
      getUserBo().changeProviderStatus(currentUser.getUserName());

      redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build();

      String flashMessage;
      if (wasProvider) {
        flashMessage = "You are <strong>not</strong> a provider anymore.";
      } else {
        flashMessage = "You are a provider now.";
      }

      setFlashMessage(request, flashMessage);

      builder = Response.seeOther(redirectURI);
    } catch (UserNotFoundException e) {
      logger.warn("User not found", e);

      view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
      builder = Response.serverError().entity(view);
    } catch (NotAuthorizedException e) {
      logger.info("User unauthorized", e);

      view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
      builder = Response.status(Status.UNAUTHORIZED).entity(view);
    }

    return builder.build();
  }
  @POST
  @Produces(MediaType.TEXT_HTML)
  @Path("delete")
  public Response deleteView(@Context HttpServletRequest request, @Context UriInfo uri) {

    HttpSession session;
    ModelAndView view;
    ResponseBuilder builder;
    URI redirectURI;

    try {
      User user = getCurrentUser();
      getUserBo().delete(user.getUserName());

      session = request.getSession();

      // TODO: Delete all the user's session
      synchronized (session) {
        session.invalidate();
      }

      redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 2).build();
      builder = Response.seeOther(redirectURI);
    } catch (UserNotFoundException e) {
      logger.warn("User not found", e);

      view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
      builder = Response.serverError().entity(view);
    } catch (NotAuthorizedException e) {
      logger.info("User unauthorized", e);

      view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
      builder = Response.status(Status.UNAUTHORIZED).entity(view);
    }

    return builder.build();
  }
  @POST
  @Produces(MediaType.TEXT_HTML)
  public Response updateView(
      @Context UriInfo uri,
      @Context HttpServletRequest request,
      @FormParam("userName") String userName,
      @FormParam("displayName") String displayName,
      @FormParam("email") String email,
      @FormParam("company") String company) {

    ModelAndView view;
    ModelMap model = new ModelMap();
    ResponseBuilder builder;
    User user = new User();
    User currentUser;
    URI redirectURI;

    try {
      currentUser = getCurrentUser();
      model.addAttribute("user", currentUser);
      model.addAttribute("title", "Account Settings - " + getContextName());

      user.setDisplayName(displayName);
      user.setEmail(email);

      if (!company.isEmpty()) {
        user.setCompany(company);
      }

      getUserBo().update(userName, user);

      redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build();
      setFlashMessage(request, "Your profile was updated successfully.");

      builder = Response.seeOther(redirectURI);
    } catch (UserNotFoundException e) {
      logger.warn("User not found", e);

      view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
      builder = Response.serverError().entity(view);
    } catch (NotAuthorizedException e) {
      logger.info("User unauthorized", e);

      view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
      builder = Response.status(Status.UNAUTHORIZED).entity(view);
    } catch (ValidationException e) {
      logger.info("A form field is not valid", e);

      Map<String, String> formInfo = new HashMap<String, String>();

      formInfo.put("userName", userName);
      formInfo.put("displayName", displayName);
      formInfo.put("email", email);
      formInfo.put("company", company);

      model.addAttribute("form_data", formInfo);
      model.addAttribute("form_error", e);

      view = new ModelAndView("user.detail", model);
      builder = Response.status(Status.BAD_REQUEST).entity(view);
    }

    return builder.build();
  }
  @POST
  @Produces(MediaType.TEXT_HTML)
  @Path("password")
  public Response updatePasswordView(
      @Context UriInfo uri,
      @Context HttpServletRequest request,
      @FormParam("oldPassword") String oldPassword,
      @FormParam("password") String password,
      @FormParam("passwordConfirm") String passwordConfirm) {

    HttpSession session;
    ModelAndView view;
    ModelMap model = new ModelMap();
    ResponseBuilder builder;
    User user = new User();
    User currentUser;
    URI redirectURI;

    try {
      currentUser = getCurrentUser();
      model.addAttribute("user", currentUser);
      model.addAttribute("title", "Credentials - " + getContextName());

      user.setPassword(password);

      // Validate old password
      if (!getUserBo().checkCurrentUserPassword(oldPassword)) {
        throw new ValidationException("oldPassword", "The password given is not valid.");
      }

      // Exception risen if passwords don't match
      checkPasswordConfirmation(password, passwordConfirm);

      getUserBo().update(currentUser.getUserName(), user);

      session = request.getSession();

      // TODO: Invalidate all the user's session
      synchronized (session) {
        session.invalidate();
      }

      redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 3).build();
      builder = Response.seeOther(redirectURI);
    } catch (UserNotFoundException e) {
      logger.warn("User not found", e);

      view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
      builder = Response.serverError().entity(view);
    } catch (NotAuthorizedException e) {
      logger.info("User unauthorized", e);

      view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
      builder = Response.status(Status.UNAUTHORIZED).entity(view);
    } catch (ValidationException e) {
      logger.info("A form field is not valid", e);

      model.addAttribute("form_error", e);

      view = new ModelAndView("user.credentials", model);
      builder = Response.status(Status.BAD_REQUEST).entity(view);
    }

    return builder.build();
  }