@POST
  public Response add(final String body) {
    logger.debug("Adding a new user with body {}", body);
    User user = userJsonConverter.convertFrom(body);
    if (user.getUserType().equals(User.UserType.EMPLOYEE)) {
      return Response.status(HttpCode.FORBIDDEN.getCode()).build();
    }

    HttpCode httpCode = HttpCode.CREATED;
    OperationResult result;
    try {
      user = userService.add(user);
      result = OperationResult.success(JsonUtils.getJsonElementWithId(user.getId()));
    } catch (final FieldNotValidException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("One of the fields of the user is not valid", e);
      result = getOperationResultInvalidField(RESOURCE_MESSAGE, e);
    } catch (final UserExistException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("There is already an user for the given email", e);
      result = getOperationResultExists(RESOURCE_MESSAGE, "email");
    }

    logger.debug("Returning the operation result after adding user: {}", result);
    return Response.status(httpCode.getCode())
        .entity(OperationResultJsonWriter.toJson(result))
        .build();
  }
  @PUT
  @Path("/{id}/password")
  @PermitAll
  public Response updatePassword(@PathParam("id") final Long id, final String body) {
    logger.debug("Updating the password for user {}", id);

    if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) {
      if (!isLoggedUser(id)) {
        return Response.status(HttpCode.FORBIDDEN.getCode()).build();
      }
    }

    HttpCode httpCode = HttpCode.OK;
    OperationResult result;
    try {
      userService.updatePassword(id, getPasswordFromJson(body));
      result = OperationResult.success();
    } catch (UserNotFoundException e) {
      httpCode = HttpCode.NOT_FOUND;
      logger.error("No user found for the given id", e);
      result = getOperationResultNotFound(RESOURCE_MESSAGE);
    }

    logger.debug("Returning the operation result after updating user password: {}", result);
    return Response.status(httpCode.getCode())
        .entity(OperationResultJsonWriter.toJson(result))
        .build();
  }
  @GET
  @Path("/{id}")
  @RolesAllowed({"ADMINISTRATOR"})
  public Response find(@PathParam("id") final Long id) {
    logger.debug("Find user by id: {}", id);
    Response.ResponseBuilder responseBuilder;
    try {
      User user = userService.find(id);
      OperationResult result =
          OperationResult.success(userJsonConverter.convertToJsonElement(user));
      responseBuilder =
          Response.status(HttpCode.OK.getCode()).entity(OperationResultJsonWriter.toJson(result));
      logger.debug("User found by id: {}", user);
    } catch (UserNotFoundException e) {
      logger.error("No user found for id", id);
      responseBuilder = Response.status(HttpCode.NOT_FOUND.getCode());
    }

    return responseBuilder.build();
  }
  @PUT
  @Path("/{id}")
  @PermitAll
  public Response update(@PathParam("id") final Long id, final String body) {
    logger.debug("Updating the user {} with body {}", id, body);

    if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) {
      if (!isLoggedUser(id)) {
        return Response.status(HttpCode.FORBIDDEN.getCode()).build();
      }
    }

    final User user = userJsonConverter.convertFrom(body);
    user.setId(id);

    HttpCode httpCode = HttpCode.OK;
    OperationResult result;
    try {
      userService.update(user);
      result = OperationResult.success();
    } catch (FieldNotValidException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("One of the fields of the user is not valid", e);
      result = getOperationResultInvalidField(RESOURCE_MESSAGE, e);
    } catch (UserExistException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("There is already an user for the given email", e);
      result = getOperationResultExists(RESOURCE_MESSAGE, "email");
    } catch (UserNotFoundException e) {
      httpCode = HttpCode.NOT_FOUND;
      logger.error("No user found for the given id", e);
      result = getOperationResultNotFound(RESOURCE_MESSAGE);
    }

    logger.debug("Returning the operation result after updating user: {}", result);
    return Response.status(httpCode.getCode())
        .entity(OperationResultJsonWriter.toJson(result))
        .build();
  }
  @POST
  @Path("/authenticate")
  @PermitAll
  public Response findByEmailAndPassword(final String body) {
    logger.debug("Find user by email and password");
    Response.ResponseBuilder responseBuilder;
    try {
      User userWithEmailAndPassword = getUserWithEmailAndPasswordFromJson(body);
      User user =
          userService.find(
              userWithEmailAndPassword.getEmail(), userWithEmailAndPassword.getPassword());
      OperationResult result =
          OperationResult.success(userJsonConverter.convertToJsonElement(user));
      responseBuilder =
          Response.status(HttpCode.OK.getCode()).entity(OperationResultJsonWriter.toJson(result));
      logger.debug("User found by email/password: {}", user);
    } catch (UserNotFoundException e) {
      logger.error("No user found for email/password");
      responseBuilder = Response.status(HttpCode.NOT_FOUND.getCode());
    }

    return responseBuilder.build();
  }
  @GET
  @RolesAllowed({"ADMINISTRATOR"})
  public Response findByFilter() {
    final UserFilter userFilter = new UserUrlFilterExtractor(uriInfo).getFilter();
    logger.debug("Finding users using filter: {}", userFilter);

    final PaginatedData<User> users = userService.find(userFilter);

    logger.debug("Found {} users", users.getNumberOfRows());

    final JsonElement jsonWithPagingAndEntries =
        JsonUtils.getJsonElementWithPagingAndEntries(users, userJsonConverter);
    return Response.status(HttpCode.OK.getCode())
        .entity(JsonWriter.writeToString(jsonWithPagingAndEntries))
        .build();
  }