@Override
  @Transactional(propagation = Propagation.REQUIRED, readOnly = false)
  public void update(long userId, EditUser editUserForm) {
    User loggedIn = MyTools.getSessionUser();
    MyTools.validate(loggedIn.getId() == userId, "noPermission");
    User user = userRepo.findOne(userId);
    user.setName(editUserForm.getName());

    userRepo.save(user);
  }
  @Override
  public User findOne(long userId) {

    User loggedIn = MyTools.getSessionUser();
    User user = userRepo.findOne(userId);
    // if nobody is logged in or if the user is not seeing is own profile
    if (loggedIn == null || loggedIn.getId() != user.getId()) user.setEmail("********");

    return user;
  }