stardog-union · anneeb · May 23, 2025 · May 20, 2025
@@ -86,7 +86,8 @@ Each release of stardog.js is tested against the most recent version of Stardog
 
 | stardog.js Version | Supported Stardog Version(s) |
 | ------------------ | ---------------------------- |
-| 7.x.x              | 11.x.x                       |
+| 8.x.x              | 11.1.x                       |
+| 7.x.x              | 11.0.x                       |
 | 6.x.x              | 10.x.x                       |
 | 5.x.x              | 9.x.x                        |
 | 4.x.x              | 8.x.x                        |
@@ -1528,7 +1529,7 @@ Expects the following parameters:
 
 Returns [`Promise<HTTP.Body>`](#body)
 
-#### <a name="changepassword">`user.changePassword(conn, username, password, params)`</a>
+#### <a name="changepassword">`user.changePassword(conn, username, currentPassword, password, params)`</a>
 
 Changes a user's password.
 
@@ -1538,6 +1539,8 @@ Expects the following parameters:
 
 - username (`string`)
 
+- currentPassword (`string`)
+
 - password (`string`)
 
 - params (`object`)

@@ -970,10 +970,11 @@ declare namespace Stardog {
          *
          * @param {Connection} conn the Stardog server connection
          * @param {string} username the username of the user
+         * @param {string} currentPassword the current password for the user
          * @param {string} password the new password for the user
          * @param {object} params additional parameters if needed
          */
-        function changePassword(conn: Connection, username: string, password: string, params?: object): Promise<HTTP.Body>;
+        function changePassword(conn: Connection, username: string, currentPassword: string, password: string, params?: object): Promise<HTTP.Body>;
 
         /**
          * Verifies that a Connection's credentials are valid.

@@ -40,11 +40,12 @@ const create = (conn, user, params) => {
   }).then(httpBody);
 };
 
-const changePassword = (conn, username, password, params) => {
+const changePassword = (conn, username, currentPassword, password, params) => {
   const headers = conn.headers();
   headers.set('Accept', 'application/json');
 
   const body = {
+    current_password: currentPassword,
     password,
   };
 

@@ -1,57 +1,70 @@
 /* eslint-env jest */
 
-const { user, db } = require('../lib');
-const {
-  seedDatabase,
-  dropDatabase,
-  generateRandomString,
-  generateDatabaseName,
-  ConnectionFactory,
-} = require('./setup-database');
+const { user } = require('../lib');
+const { generateRandomString, ConnectionFactory } = require('./setup-database');
 
 describe('changePwd()', () => {
-  const database = generateDatabaseName();
   let conn;
 
   beforeEach(() => {
     conn = ConnectionFactory();
-    conn.config({ database });
+    conn.config({});
   });
 
-  beforeAll(seedDatabase(database));
-  afterAll(dropDatabase(database));
-
   it('should fail trying to change a password (char[]) from an non-existent user', () =>
-    user.changePassword(conn, 'someuser', 'passworddd').then(res => {
+    user.changePassword(conn, 'user', 'password', 'password').then(res => {
       expect(res.status).toEqual(404);
     }));
 
-  it('should change the password and allow calls with new credentials', () => {
+  it('should allow a user to change a password with the current password', () => {
     const username = generateRandomString();
     const password = generateRandomString();
     const newPassword = generateRandomString();
     return user
-      .create(conn, {
-        username,
-        password,
-        superuser: true,
+      .create(conn, { username, password })
+      .then(res => {
+        expect(res.status).toBe(201);
+        // Switch to new user
+        conn.config({ username, password });
+        return user.changePassword(conn, username, '', newPassword);
+      })
+      .then(res => {
+        expect(res.status).toEqual(400);
+        return user.changePassword(conn, username, newPassword, newPassword);
+      })
+      .then(res => {
+        expect(res.status).toEqual(403);
+        return user.changePassword(conn, username, password, newPassword);
+      })
+      .then(res => {
+        expect(res.status).toEqual(200);
+        // Switch to new user
+        conn.config({ username, password: newPassword });
+        return user.token(conn);
       })
+      .then(res => {
+        expect(res.status).toEqual(200);
+      });
+  });
+
+  it('should allow a superuser to change the password without the current password', () => {
+    const username = generateRandomString();
+    const password = generateRandomString();
+    const newPassword = generateRandomString();
+    return user
+      .create(conn, { username, password })
       .then(res => {
         expect(res.status).toEqual(201);
-        return user.changePassword(conn, username, newPassword);
+        return user.changePassword(conn, username, '', newPassword);
       })
       .then(res => {
         expect(res.status).toEqual(200);
         // Switch to new user
-        conn.config({
-          username,
-          password: newPassword,
-        });
-        return db.list(conn);
+        conn.config({ username, password: newPassword });
+        return user.token(conn);
       })
       .then(res => {
         expect(res.status).toEqual(200);
-        expect(res.body.databases.length).toBeGreaterThan(0);
       });
   });
 });