diff --git a/meet-ce/backend/openapi/components/requestBodies/internal/update-user-role-request.yaml b/meet-ce/backend/openapi/components/requestBodies/internal/update-user-role-request.yaml new file mode 100644 index 00000000..f2ab6767 --- /dev/null +++ b/meet-ce/backend/openapi/components/requestBodies/internal/update-user-role-request.yaml @@ -0,0 +1,12 @@ +description: Update user role request +required: true +content: + application/json: + schema: + type: object + properties: + role: + type: string + enum: [admin, user, room_member] + description: The new role to assign to the user. + example: 'user' diff --git a/meet-ce/backend/openapi/components/responses/internal/success-update-user-role.yaml b/meet-ce/backend/openapi/components/responses/internal/success-update-user-role.yaml new file mode 100644 index 00000000..3f065ec0 --- /dev/null +++ b/meet-ce/backend/openapi/components/responses/internal/success-update-user-role.yaml @@ -0,0 +1,11 @@ +description: Successfully updated user role +content: + application/json: + schema: + type: object + properties: + message: + type: string + example: Role for user 'alice_smith' updated successfully to 'admin' + user: + $ref: '../../schemas/internal/meet-user.yaml' diff --git a/meet-ce/backend/openapi/openvidu-meet-internal-api.yaml b/meet-ce/backend/openapi/openvidu-meet-internal-api.yaml index 3aa7b7a4..a3bc0917 100644 --- a/meet-ce/backend/openapi/openvidu-meet-internal-api.yaml +++ b/meet-ce/backend/openapi/openvidu-meet-internal-api.yaml @@ -26,6 +26,8 @@ paths: $ref: './paths/internal/users.yaml#/~1users~1{userId}' /users/{userId}/password: $ref: './paths/internal/users.yaml#/~1users~1{userId}~1password' + /users/{userId}/role: + $ref: './paths/internal/users.yaml#/~1users~1{userId}~1role' /config/webhooks: $ref: './paths/internal/meet-global-config.yaml#/~1config~1webhooks' /config/webhooks/test: diff --git a/meet-ce/backend/openapi/paths/internal/users.yaml b/meet-ce/backend/openapi/paths/internal/users.yaml index 19b4840b..6aae30c9 100644 --- a/meet-ce/backend/openapi/paths/internal/users.yaml +++ b/meet-ce/backend/openapi/paths/internal/users.yaml @@ -149,6 +149,8 @@ This operation will remove the user account and may affect rooms and resources associated with this user. + + > **Note:** Cannot delete your own user account or the root admin user. tags: - Internal API - Users security: @@ -170,8 +172,10 @@ put: operationId: resetUserPassword summary: Reset user password - description: > + description: | Allows an admin to reset the password of a specific user. + + > **Note:** Cannot reset your own password using this endpoint. Use the `change-password` endpoint instead. tags: - Internal API - Users security: @@ -193,3 +197,32 @@ $ref: '../../components/responses/validation-error.yaml' '500': $ref: '../../components/responses/internal-server-error.yaml' +/users/{userId}/role: + put: + operationId: updateUserRole + summary: Update user role + description: | + Allows an admin to change the role of a specific user. + + > **Note:** Cannot change your own role or the role of the root admin user. + tags: + - Internal API - Users + security: + - accessTokenHeader: [] + parameters: + - $ref: '../../components/parameters/internal/user-id-path.yaml' + requestBody: + $ref: '../../components/requestBodies/internal/update-user-role-request.yaml' + responses: + '200': + $ref: '../../components/responses/internal/success-update-user-role.yaml' + '401': + $ref: '../../components/responses/unauthorized-error.yaml' + '403': + $ref: '../../components/responses/forbidden-error.yaml' + '404': + $ref: '../../components/responses/internal/error-user-not-found.yaml' + '422': + $ref: '../../components/responses/validation-error.yaml' + '500': + $ref: '../../components/responses/internal-server-error.yaml'