+ if (user.getTicket() == null) {
+ return false;
+ }
+ if (user.getTargetUser() == LoginPage.getUser(req)) {
+ throw new GigiApiException("Supporter may not modify himself.");
+ }
+ if ((req.getParameter("detailupdate") != null ? 1 : 0) + (req.getParameter("addGroup") != null ? 1 : 0) + (req.getParameter("removeGroup") != null ? 1 : 0) + (req.getParameter("resetPass") != null ? 1 : 0) != 1) {
+ throw new GigiApiException("More than one action requested!");
+ }
+ if (req.getParameter("addGroup") != null || req.getParameter("removeGroup") != null) {
+ value.update(req);
+ Group toMod = value.getGroup();
+ if (req.getParameter("addGroup") != null) {
+ user.grant(toMod);
+ } else {
+ user.revoke(toMod);
+ }
+ return true;
+ }
+ if (req.getParameter("resetPass") != null) {
+ String aword = req.getParameter("aword");
+ if (aword == null || aword.equals("")) {
+ throw new GigiApiException("An A-Word is required to perform a password reset.");
+ }
+ user.triggerPasswordReset(aword, out, req);
+ return true;
+ }
+ dobSelector.update(req);
+ if ( !dobSelector.isValid()) {
+ throw new GigiApiException("Invalid date of birth!");
+ }
+ user.setDob(dobSelector.getDate());
+ return true;