public function testChangePassword_PasswordChanged()
 {
     // create  user with a random password
     $e = new MongoTestEnvironment();
     $userId = $e->createUser('test', 'test user', '*****@*****.**');
     $passwordModel = new PasswordModel($userId);
     $someRandomPassword = '******';
     // bcrypt for 'blahblah'
     $passwordModel->password = $someRandomPassword;
     $passwordModel->write();
     // change the password to 12345
     $password = '******';
     $passwordModel->changePassword($password);
     $passwordModel->write();
     // assert that the password was changed correctly
     $passwordModel2 = new PasswordModel($userId);
     $this->assertTrue($passwordModel2->verifyPassword($password));
 }
 /**
  *
  * @param string $userId
  * @param string $newPassword
  * @param string $currentUserId
  * @throws \Exception
  */
 public static function changePassword($userId, $newPassword, $currentUserId)
 {
     if ($userId != $currentUserId) {
         $currentUserModel = new UserModel($currentUserId);
         if (!SiteRoles::hasRight($currentUserModel->siteRole, Domain::USERS + Operation::EDIT) && !SystemRoles::hasRight($currentUserModel->role, Domain::USERS + Operation::EDIT)) {
             throw new UserUnauthorizedException();
         }
     }
     $user = new PasswordModel($userId);
     $user->changePassword($newPassword);
     $user->write();
 }