sysadminsmedia · tankerkiller125 · Aug 23, 2025 · Aug 23, 2025 · Aug 23, 2025 · Jan 3, 2026
diff --git a/backend/app/api/handlers/v1/v1_ctrl_user.go b/backend/app/api/handlers/v1/v1_ctrl_user.go
@@ -9,6 +9,7 @@ import (
 	"github.com/hay-kot/httpkit/server"
 	"github.com/rs/zerolog/log"
 	"github.com/sysadminsmedia/homebox/backend/internal/core/services"
+	"github.com/sysadminsmedia/homebox/backend/internal/data/ent/schema"
 	"github.com/sysadminsmedia/homebox/backend/internal/data/repo"
 	"github.com/sysadminsmedia/homebox/backend/internal/sys/validate"
 )
@@ -121,6 +122,60 @@ func (ctrl *V1Controller) HandleUserSelfDelete() errchain.HandlerFunc {
 	}
 }
 
+// HandleUserSelfSettingsGet godoc
+//
+//	@Summary	Get user settings
+//	@Tags		User
+//	@Produce	json
+//	@Success	200	{object}	Wrapped{item=schema.UserSettings}
+//	@Router		/v1/users/self/settings [GET]
+//	@Security	Bearer
+func (ctrl *V1Controller) HandleUserSelfSettingsGet() errchain.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) error {
+		actor := services.UseUserCtx(r.Context())
+		settings, err := ctrl.svc.User.GetSettings(r.Context(), actor.ID)
+		if err != nil {
+			return validate.NewRequestError(err, http.StatusInternalServerError)
+		}
+
+		w.Header().Set("Cache-Control", "no-store")
+		return server.JSON(w, http.StatusOK, Wrap(settings))
+	}
+}
+
+// HandleUserSelfSettingsUpdate godoc
+//
+//	@Summary	Update user settings
+//	@Tags		User
+//	@Produce	json
+//	@Success	200	{object}	Wrapped{item=schema.UserSettings}
+//	@Router		/v1/users/self/settings [PUT]
+//	@Param		payload	body	schema.UserSettings	true	"Settings Data"
+//	@Security	Bearer
+func (ctrl *V1Controller) HandleUserSelfSettingsUpdate() errchain.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) error {
+		// Cap body to prevent DOS via large payloads.
+		r.Body = http.MaxBytesReader(w, r.Body, 64*1024)
+		var settings schema.UserSettings
+		if err := server.Decode(r, &settings); err != nil {
+			log.Err(err).Msg("failed to decode user settings data")
+			return validate.NewRequestError(err, http.StatusBadRequest)
+		}
+
+		actor := services.UseUserCtx(r.Context())
+		if err := ctrl.svc.User.SetSettings(r.Context(), actor.ID, settings); err != nil {
+			return validate.NewRequestError(err, http.StatusInternalServerError)
+		}
+
+		newSettings, err := ctrl.svc.User.GetSettings(r.Context(), actor.ID)
+		if err != nil {
+			return validate.NewRequestError(err, http.StatusInternalServerError)
+		}
+
+		w.Header().Set("Cache-Control", "no-store")
+		return server.JSON(w, http.StatusOK, Wrap(newSettings))
+	}
+}
 type (
 	ChangePassword struct {
 		Current string `json:"current,omitempty"`

diff --git a/backend/app/api/routes.go b/backend/app/api/routes.go
@@ -89,6 +89,8 @@ func (a *app) mountRoutes(r *chi.Mux, chain *errchain.ErrChain, repos *repo.AllR
 		r.Get("/users/self", chain.ToHandlerFunc(v1Ctrl.HandleUserSelf(), userMW...))
 		r.Put("/users/self", chain.ToHandlerFunc(v1Ctrl.HandleUserSelfUpdate(), userMW...))
 		r.Delete("/users/self", chain.ToHandlerFunc(v1Ctrl.HandleUserSelfDelete(), userMW...))
+		r.Get("/users/self/settings", chain.ToHandlerFunc(v1Ctrl.HandleUserSelfSettingsGet(), userMW...))
+		r.Put("/users/self/settings", chain.ToHandlerFunc(v1Ctrl.HandleUserSelfSettingsUpdate(), userMW...))
 		r.Post("/users/logout", chain.ToHandlerFunc(v1Ctrl.HandleAuthLogout(), userMW...))
 		r.Get("/users/refresh", chain.ToHandlerFunc(v1Ctrl.HandleAuthRefresh(), userMW...))
 		r.Put("/users/self/change-password", chain.ToHandlerFunc(v1Ctrl.HandleUserSelfChangePassword(), userMW...))

diff --git a/backend/app/api/static/docs/docs.go b/backend/app/api/static/docs/docs.go
@@ -2484,6 +2484,87 @@ const docTemplate = `{
                     }
                 }
             }
+        },
+        "/v1/users/self/settings": {
+            "get": {
+                "security": [
+                    {
+                        "Bearer": []
+                    }
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "User"
+                ],
+                "summary": "Get user settings",
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "allOf": [
+                                {
+                                    "$ref": "#/definitions/v1.Wrapped"
+                                },
+                                {
+                                    "type": "object",
+                                    "properties": {
+                                        "item": {
+                                            "$ref": "#/definitions/schema.UserSettings"
+                                        }
+                                    }
+                                }
+                            ]
+                        }
+                    }
+                }
+            },
+            "put": {
+                "security": [
+                    {
+                        "Bearer": []
+                    }
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "User"
+                ],
+                "summary": "Update user settings",
+                "parameters": [
+                    {
+                        "description": "Settings Data",
+                        "name": "payload",
+                        "in": "body",
+                        "required": true,
+                        "schema": {
+                            "$ref": "#/definitions/schema.UserSettings"
+                        }
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "OK",
+                        "schema": {
+                            "allOf": [
+                                {
+                                    "$ref": "#/definitions/v1.Wrapped"
+                                },
+                                {
+                                    "type": "object",
+                                    "properties": {
+                                        "item": {
+                                            "$ref": "#/definitions/schema.UserSettings"
+                                        }
+                                    }
+                                }
+                            ]
+                        }
+                    }
+                }
+            }
         }
     },
     "definitions": {
@@ -3569,6 +3650,14 @@ const docTemplate = `{
                         }
                     ]
                 },
+                "settings": {
+                    "description": "Settings holds the value of the \"settings\" field.",
+                    "allOf": [
+                        {
+                            "$ref": "#/definitions/schema.UserSettings"
+                        }
+                    ]
+                },
                 "superuser": {
                     "description": "Superuser holds the value of the \"superuser\" field.",
                     "type": "boolean"
@@ -4983,6 +5072,64 @@ const docTemplate = `{
                 }
             }
         },
+        "schema.DuplicateSettings": {
+            "type": "object",
+            "properties": {
+                "copyAttachments": {
+                    "type": "boolean"
+                },
+                "copyCustomFields": {
+                    "type": "boolean"
+                },
+                "copyMaintenance": {
+                    "type": "boolean"
+                },
+                "copyPrefixOverride": {
+                    "type": "string"
+                }
+            }
+        },
+        "schema.UserSettings": {
+            "type": "object",
+            "properties": {
+                "displayLegacyHeader": {
+                    "type": "boolean"
+                },
+                "duplicateSettings": {
+                    "$ref": "#/definitions/schema.DuplicateSettings"
+                },
+                "editorAdvancedView": {
+                    "type": "boolean"
+                },
+                "itemDisplayView": {
+                    "type": "string"
+                },
+                "itemsPerPage": {
+                    "type": "integer"
+                },
+                "itemsPerTablePage": {
+                    "type": "integer"
+                },
+                "language": {
+                    "type": "string"
+                },
+                "locale": {
+                    "type": "string"
+                },
+                "overrideFormatLocale": {
+                    "type": "string"
+                },
+                "showDetails": {
+                    "type": "boolean"
+                },
+                "showEmpty": {
+                    "type": "boolean"
+                },
+                "theme": {
+                    "type": "string"
+                }
+            }
+        },
         "services.Latest": {
             "type": "object",
             "properties": {