openapi: add user role update endpoint and request/response schemas

meet-ce/backend/openapi/components/requestBodies/internal/update-user-role-request.yaml

@@ -0,0 +1,12 @@
+description: Update user role request
+required: true
+content:
+    application/json:
+        schema:
+            type: object
+            properties:
+                role:
+                    type: string
+                    enum: [admin, user, room_member]
+                    description: The new role to assign to the user.
+                    example: 'user'

meet-ce/backend/openapi/components/responses/internal/success-update-user-role.yaml

@@ -0,0 +1,11 @@
+description: Successfully updated user role
+content:
+    application/json:
+        schema:
+            type: object
+            properties:
+                message:
+                    type: string
+                    example: Role for user 'alice_smith' updated successfully to 'admin'
+                user:
+                    $ref: '../../schemas/internal/meet-user.yaml'

meet-ce/backend/openapi/openvidu-meet-internal-api.yaml

@@ -26,6 +26,8 @@ paths:
         $ref: './paths/internal/users.yaml#/~1users~1{userId}'
     /users/{userId}/password:
         $ref: './paths/internal/users.yaml#/~1users~1{userId}~1password'
+    /users/{userId}/role:
+        $ref: './paths/internal/users.yaml#/~1users~1{userId}~1role'
     /config/webhooks:
         $ref: './paths/internal/meet-global-config.yaml#/~1config~1webhooks'
     /config/webhooks/test:

meet-ce/backend/openapi/paths/internal/users.yaml

@@ -149,6 +149,8 @@
 
             This operation will remove the user account and may affect rooms and resources
             associated with this user.
+
+            > **Note:** Cannot delete your own user account or the root admin user.
         tags:
             - Internal API - Users
         security:
@@ -170,8 +172,10 @@
     put:
         operationId: resetUserPassword
         summary: Reset user password
-        description: >
+        description: |
             Allows an admin to reset the password of a specific user.
+
+            > **Note:** Cannot reset your own password using this endpoint. Use the `change-password` endpoint instead.
         tags:
             - Internal API - Users
         security:
@@ -193,3 +197,32 @@
                 $ref: '../../components/responses/validation-error.yaml'
             '500':
                 $ref: '../../components/responses/internal-server-error.yaml'
+/users/{userId}/role:
+    put:
+        operationId: updateUserRole
+        summary: Update user role
+        description: |
+            Allows an admin to change the role of a specific user.
+
+            > **Note:** Cannot change your own role or the role of the root admin user.
+        tags:
+            - Internal API - Users
+        security:
+            - accessTokenHeader: []
+        parameters:
+            - $ref: '../../components/parameters/internal/user-id-path.yaml'
+        requestBody:
+            $ref: '../../components/requestBodies/internal/update-user-role-request.yaml'
+        responses:
+            '200':
+                $ref: '../../components/responses/internal/success-update-user-role.yaml'
+            '401':
+                $ref: '../../components/responses/unauthorized-error.yaml'
+            '403':
+                $ref: '../../components/responses/forbidden-error.yaml'
+            '404':
+                $ref: '../../components/responses/internal/error-user-not-found.yaml'
+            '422':
+                $ref: '../../components/responses/validation-error.yaml'
+            '500':
+                $ref: '../../components/responses/internal-server-error.yaml'