add password changing support

com/Unit/Create.lua

@@ -15,6 +15,7 @@ local crypt = require("internal.crypt.bcrypt")
 local sha256 = require("internal.crypt.sha256")
 
 local common = require("com/Unit/_common")
+local errors = require("com/Unit/_errors")
 
 -- Preparing for first db query
 local function close_db()
@@ -30,7 +31,7 @@ local params = session.request.params.get()
 local ok, mp = common.CheckMissingElement({"username", "password", "email"}, params)
 if not ok then
   close_db()
-  session.response.send_error(-32602, "Missing params", mp)
+  session.response.send_error(errors.MISSING_PARAMS.code, errors.MISSING_PARAMS.message, mp)
 end
 
 local hashPass = crypt.generate(params.password, crypt.DefaultCost)
@@ -57,7 +58,7 @@ end
 
 if existing and #existing > 0 then
   close_db()
-  session.response.send_error(-32101, "Unit is already exists")
+  session.response.send_error(errors.UNIT_EXISTS.code, errors.UNIT_EXISTS.message)
 end
 
 -- Second db query: insert new unit
@@ -73,14 +74,14 @@ local ctx, err = db:exec(
 if err ~= nil then
   log.error("Insert failed: "..tostring(err))
   close_db()
-  session.response.send_error("Failed to create unit")
+  session.response.send_error(errors.DB_INSERT_FAILED.code, errors.DB_INSERT_FAILED.message)
 end
 
 local res, err = ctx:wait()
 if err ~= nil then
   log.error("Insert confirmation failed: "..tostring(err))
   close_db()
-  session.response.send_error("Failed to create unit")
+  session.response.send_error(errors.DB_INSERT_FAILED.code, errors.DB_INSERT_FAILED.message)
 end
 
 close_db()

com/Unit/Delete.lua

@@ -9,6 +9,7 @@ local db = require("internal.database.sqlite").connect("db/unit.db", {log = true
 local session = require("internal.session")
 
 local common = require("com/Unit/_common")
+local errors = require("com/Unit/_errors")
 
 -- Preparing for first db query
 local function close_db()
@@ -24,7 +25,7 @@ local params = session.request.params.get()
 local ok, mp = common.CheckMissingElement({"user_id"}, params)
 if not ok then
   close_db()
-  session.response.send_error(-32602, "Missing params", mp)
+  session.response.send_error(errors.MISSING_PARAMS.code, errors.MISSING_PARAMS.message, mp)
 end
 
 local existing, err = db:query([[
@@ -46,7 +47,7 @@ end
 
 if existing and #existing == 0 then
   close_db()
-  session.response.send_error(-32102, "Unit is not exists")
+  session.response.send_error(errors.UNIT_NOT_FOUND.code, errors.UNIT_NOT_FOUND.message)
 end
 
 local ctx, err = db:exec(
@@ -62,14 +63,14 @@ local ctx, err = db:exec(
 if err ~= nil then
   log.error("Soft delete failed: " .. tostring(err))
   close_db()
-  session.response.send_error("Failed to delete unit")
+  session.response.send_error(errors.DB_DELETE_FAILED.code, errors.DB_DELETE_FAILED.message)
 end
 
 local res, err = ctx:wait()
 if err ~= nil then
   log.error("Soft delete confirmation failed: " .. tostring(err))
   close_db()
-  session.response.send_error("Failed to delete unit")
+  session.response.send_error(errors.DB_DELETE_FAILED.code, errors.DB_DELETE_FAILED.message)
 end
 
 close_db()

com/Unit/Get.lua

@@ -9,6 +9,7 @@ local db = require("internal.database.sqlite").connect("db/unit.db", {log = true
 local session = require("internal.session")
 
 local common = require("com/Unit/_common")
+local errors = require("com/Unit/_errors")
 
 -- Preparing for first db query
 local function close_db()
@@ -24,12 +25,12 @@ local params = session.request.params.get()
 local ok, mp = common.CheckMissingElement({"by", "value"}, params)
 if not ok then
   close_db()
-  session.response.send_error(-32602, "Missing params", mp)
+  session.response.send_error(errors.MISSING_PARAMS.code, errors.MISSING_PARAMS.message, mp)
 end
 
 if not (params.by == "email" or params.by == "username" or params.by == "user_id") then
   close_db()
-  session.response.send_error(-32602, "Invalid 'by' param")
+  session.response.send_error(errors.INVALID_BY_PARAM.code, errors.INVALID_BY_PARAM.message)
 end
 
 local unit, err = db:query_row(
@@ -42,12 +43,12 @@ local unit, err = db:query_row(
 if err then
   close_db()
   log.error("DB query error: " .. tostring(err))
-  session.response.send_error("Database query failed")
+  session.response.send_error()
 end
 
 if not unit then
   close_db()
-  session.response.send_error(-32102, "Unit is not exists")
+  session.response.send_error(errors.UNIT_NOT_FOUND.code, errors.UNIT_NOT_FOUND.message)
 end
 
 close_db()

com/Unit/Update.lua

@@ -0,0 +1,106 @@
+-- File com/Unit/Update.lua
+--
+-- Created at 2025-10-10
+--
+
+local log = require("internal.log")
+local db = require("internal.database.sqlite").connect("db/unit.db", { log = true })
+local session = require("internal.session")
+local crypt = require("internal.crypt.bcrypt")
+
+local common = require("com/Unit/_common")
+local errors = require("com/Unit/_errors")
+
+local function close_db()
+  if db then
+    log.debug("Closing DB connection")
+    db:close()
+    db = nil
+  end
+end
+
+local params = session.request.params.get()
+
+local ok, mp = common.CheckMissingElement({"user_id", "fields"}, params)
+if not ok then
+  close_db()
+  session.response.send_error(errors.MISSING_PARAMS.code, errors.MISSING_PARAMS.message, mp)
+end
+
+if type(params.fields) ~= "table" or next(params.fields) == nil then
+  close_db()
+  session.response.send_error(errors.INVALID_FIELD_TYPE.code, errors.INVALID_FIELD_TYPE.message)
+end
+
+local allowed = {
+  username = true,
+  email = true,
+  password = true,
+  entry_status = true
+}
+
+local exists = db:query_row(
+  "SELECT 1 FROM units WHERE user_id = ? AND deleted_at IS NULL LIMIT 1",
+  { params.user_id }
+)
+
+if not exists then
+  close_db()
+  session.response.send_error(errors.UNIT_NOT_FOUND.code, errors.UNIT_NOT_FOUND.message)
+end
+
+local set_clauses = {}
+local values = {}
+
+for k, v in pairs(params.fields) do
+  if allowed[k] then
+    if k == "password" then
+      v = crypt.generate(v, crypt.DefaultCost)
+    end
+    table.insert(set_clauses, k .. " = ?")
+    table.insert(values, v)
+  else
+    log.warn("Ignoring unsupported field: " .. k)
+  end
+end
+
+if #set_clauses == 0 then
+  close_db()
+  session.response.send_error(errors.NO_VALID_FIELDS.code, errors.NO_VALID_FIELDS.message)
+end
+
+table.insert(set_clauses, "updated_at = CURRENT_TIMESTAMP")
+
+local query = "UPDATE units SET " .. table.concat(set_clauses, ", ")
+  .. " WHERE user_id = ? AND deleted_at IS NULL"
+
+table.insert(values, params.user_id)
+
+local ctx, err = db:exec(query, values)
+if not ctx then
+  close_db()
+  if tostring(err):match("UNIQUE constraint failed") then
+    session.response.send_error(errors.UNIQUE_CONSTRAINT.code, errors.UNIQUE_CONSTRAINT.message)
+  else
+    session.response.send_error()
+  end
+end
+
+local _, err = ctx:wait()
+if err ~= nil then
+  close_db()
+  if tostring(err):match("UNIQUE constraint failed") then
+    session.response.send_error(errors.UNIQUE_CONSTRAINT.code, errors.UNIQUE_CONSTRAINT.message)
+  else
+    log.error("Insert confirmation failed: "..tostring(err))
+  session.response.send_error()
+  end
+end
+
+close_db()
+
+session.response.send({
+  message = "User updated successfully",
+  fields_updated = #set_clauses - 1, -- excluding updated_at
+  fields = params.fields
+})

com/Unit/_errors.lua

@@ -0,0 +1,30 @@
+-- File com/Unit/_errors.lua
+--
+-- Created at 2025-10-10
+-- Description:
+--- Centralized error definitions for Unit operations
+--- to keep API responses consistent and clean.
+
+local errors = {
+  -- Common validation
+  MISSING_PARAMS = { code = -32602, message = "Missing params" },
+  INVALID_FIELD_TYPE = { code = -32602, message = "'fields' must be a non-empty table" },
+  INVALID_BY_PARAM = { code = -32602, message = "Invalid 'by' param" },
+  NO_VALID_FIELDS = { code = -32604, message = "No valid fields to update" },
+
+  -- Existence / duplication
+  UNIT_NOT_FOUND = { code = -32102, message = "Unit is not exists" },
+  UNIT_EXISTS = { code = -32101, message = "Unit is already exists" },
+
+  -- Database & constraint
+  UNIQUE_CONSTRAINT = { code = -32602, message = "Unique constraint failed" },
+  DB_QUERY_FAILED = { code = -32001, message = "Database query failed" },
+  DB_EXEC_FAILED = { code = -32002, message = "Database execution failed" },
+  DB_INSERT_FAILED = { code = -32003, message = "Failed to create unit" },
+  DB_DELETE_FAILED = { code = -32004, message = "Failed to delete unit" },
+
+  -- Generic fallback
+  UNKNOWN = { code = -32099, message = "Unexpected internal error" },
+}
+
+return errors