🐛 Allowed administrators to change other users' passwords (#10891)

closes #10427

- Administrators don't know other users' passwords, but they should be able to change other users' password
- Don't require oldPassword to be provided

core/server/api/v2/users.js

@@ -146,7 +146,7 @@ module.exports = {
             data: {
                 newPassword: {required: true},
                 ne2Password: {required: true},
-                oldPassword: {required: true},
+                oldPassword: {required: false},
                 user_id: {required: true}
             }
         },