Restful Convention path with action and login context

I read the Restful convention. However, I wonder about 2 cases:

Case 1: Different design about:

1. Admin updates the password of a user. PUT users/{id}/password?old_pass....
2. He updates his password. Because we know who login, I disagree the path has users/{id} . So, What path should we design ? like PUT self/password?old_pass...

Case 2: Some actions for an resource:

1. I create a order by POST payments/orders
2. I would like execute it. Of course, it should change the status of order into success but it's only one part in the series of executing order, some other actions like call to bank, to external partner to move money, check rule.. . So, could it be PUT payments/orders/{id}/statuses/success or any idea better? Because I read on https://restfulapi.net/resource-naming/ , we can use A controller resource , but I disagree about use verb in the path like /orders/{id}/execute

The theory of restful is simple to understand these case.