allow changing username if user has no password set, ie sso login

src/socket.io/user/profile.js

@@ -25,12 +25,9 @@ module.exports = function(SocketUser) {
 
 	function isAdminOrSelfAndPasswordMatch(uid, data, callback) {
 		async.parallel({
-			isAdmin: function(next) {
+			isAdmin: async.apply(user.isAdministrator, uid),
-				user.isAdministrator(uid, next);
+			hasPassword: async.apply(user.hasPassword, data.uid),
-			},
+			passwordMatch: async.apply(user.isPasswordCorrect, data.uid, data.password)
-			passwordMatch: function(next) {
-				user.isPasswordCorrect(data.uid, data.password, next);
-			}
 		}, function(err, results) {
 			if (err) {
 				return callback(err);
@@ -41,7 +38,7 @@ module.exports = function(SocketUser) {
 				return callback(new Error('[[error:no-privileges]]'));
 			}
 
-			if (self && !results.passwordMatch) {
+			if (self && results.hasPassword && !results.passwordMatch) {
 				return callback(new Error('[[error:invalid-password]]'));
 			}
 

src/user/password.js

@@ -25,4 +25,10 @@ module.exports = function(User) {
 		});
 	};
 
+	User.hasPassword = function(uid, callback) {
+		db.getObjectField('user:' + uid, 'password', function(err, hashedPassword) {
+			callback(err, !!hashedPassword);
+		});
+	};
+
 };