func (l LibsecurityRestful) sameUserFilterCheckPasswordUpdate(req *restful.Request, resp *restful.Response, chain *restful.FilterChain, passwordUpdateOnly bool) {
	if l.toFilter() == false {
		chain.ProcessFilter(req, resp)
		return
	}

	name := req.PathParameter(userIDParam)
	logger.Trace.Println("SameUserFilter: user name:", name)
	tokenStr := l.getCookieAccessTokenValue(req)
	if tokenStr == "" {
		l.setError(resp, http.StatusMethodNotAllowed, fmt.Errorf("Authentication is required"))
		return
	}
	isUserMatch, err := app.IsItTheSameUser(tokenStr, name, getIPAddress(req), l.verifyKey)
	if err != nil {
		l.setError(resp, http.StatusMethodNotAllowed, err)
		return
	}
	isPrivilegeOk, _ := app.IsPrivilegeOk(tokenStr, am.SuperUserPermission, getIPAddress(req), l.verifyKey)
	if isPrivilegeOk == false && isUserMatch == false {
		tokenData, _ := app.ParseToken(tokenStr, getIPAddress(req), l.verifyKey)
		l.setError(resp, http.StatusMethodNotAllowed, fmt.Errorf("User '%v' is not permitted to run the operation, Only root or the user can run it.", tokenData.UserName))
		return
	}
	if passwordUpdateOnly == true {
		updatePasswordOnly := l.isUpdatePasswordOnly(req, resp, chain)
		if updatePasswordOnly == true {
			l.setError(resp, http.StatusMethodNotAllowed, fmt.Errorf("The only permitted operation is to update the user password"))
			return
		}
	}
	chain.ProcessFilter(req, resp)
}
func (l LibsecurityRestful) verifyUserPermissions(req *restful.Request, resp *restful.Response, chain *restful.FilterChain, userPermission string) bool {
	if l.toFilter() == false {
		return true
	}

	tokenStr := l.getCookieAccessTokenValue(req)
	if tokenStr == "" {
		l.setError(resp, http.StatusMethodNotAllowed, fmt.Errorf("Authentication is required"))
		return false
	}
	isPrivilegeOk, err := app.IsPrivilegeOk(tokenStr, userPermission, getIPAddress(req), l.verifyKey)
	if err != nil {
		l.setError(resp, http.StatusMethodNotAllowed, err)
		return false
	}
	if isPrivilegeOk == false {
		l.setError(resp, http.StatusMethodNotAllowed, fmt.Errorf("This command must be called by root user"))
		return false
	}
	return true
}