Password-update command is redundant and behaves inconsistently to password-set - Githubissues

vaticle / typedb-console

TypeDB Console: CLI for TypeDB and TypeDB Cluster

https://typedb.com

Mozilla Public License 2.0

7 stars 16 forks source link

Password-update command is redundant and behaves inconsistently to password-set #219

Closed izmalk closed 7 months ago

izmalk commented 7 months ago

Problem to Solve

Password-update is redundant when we have password-set that can do the same.
Password-update asks for the Old password first, while password-set does not.

Current Workaround

> user password-update
Old password: ***
New password: ***

> user password-set admin
New password: ***
Set password for user 'admin'
Please login again with your updated password.

Proposed Solution

One of the following:

Make password-update useful by implementing different user roles (so that all users can change their own password).
Remove password-update and use password-set instead.
At the very least, make them both work similarly to each other. No need to check the old password in password-update if we used this password to connect with the current user.

Additional Information

Currently, any user can change the password for any user, which is a completely different problem.

dmitrii-ubskii commented 7 months ago

Password-set allows the admin to set any user's password, password-update allows the user to update their own password.