Passwords and REST API

[kynx]

Currently the user returned by the rest/saiku/admin/users/ endpoint has the password property populated with their password hash. If the exact same user object is PUT back, this password gets re-encrypted, effectively preventing them logging in.

I'm aware that omitting the password will stop the password being overwritten. But it would be useful to be able to backup and restore users via the REST API. I would like to add a check to org.saiku.database.JdbcUserDAO to see if the password is a bcrypt hash before encoding it.