Fix kustomize

cmd/maps-service/service.go

@@ -26,6 +26,7 @@ func main() {
 	app.Commands = []*cli.Command{
 		cmds.NewServeCommand(),
 		cmds.NewApiCommand(),
+		cmds.NewAORCommand(),
 	}
 
 	if err := app.Run(os.Args); err != nil {

go.mod

@@ -6,7 +6,7 @@ toolchain go1.24.5
 
 require (
 	git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed
-	git.itzana.me/strafesnet/go-grpc v0.0.0-20251228204118-c20dbb42afec
+	git.itzana.me/strafesnet/go-grpc v0.0.0-20250815013325-1c84f73bdcb1
 	git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9
 	github.com/dchest/siphash v1.2.3
 	github.com/gin-gonic/gin v1.10.1

go.sum

@@ -2,8 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed h1:eGWIQx2AOrSsLC2dieuSs8MCliRE60tvpZnmxsTBtKc=
 git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed/go.mod h1:KJal0K++M6HEzSry6JJ2iDPZtOQn5zSstNlDbU3X4Jg=
-git.itzana.me/strafesnet/go-grpc v0.0.0-20251228204118-c20dbb42afec h1:JSar9If1kzb02+Erp+zmSqHKWPPP2NqMQVK15pRmkLE=
-git.itzana.me/strafesnet/go-grpc v0.0.0-20251228204118-c20dbb42afec/go.mod h1:X7XTRUScRkBWq8q8bplbeso105RPDlnY7J6Wy1IwBMs=
+git.itzana.me/strafesnet/go-grpc v0.0.0-20250815013325-1c84f73bdcb1 h1:imXibfeYcae6og0TTDUFRQ3CQtstGjIoLbCn+pezD2o=
+git.itzana.me/strafesnet/go-grpc v0.0.0-20250815013325-1c84f73bdcb1/go.mod h1:X7XTRUScRkBWq8q8bplbeso105RPDlnY7J6Wy1IwBMs=
 git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9 h1:7lU6jyR7S7Rhh1dnUp7GyIRHUTBXZagw8F4n4hOyxLw=
 git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9/go.mod h1:uyYerSieEt4v0MJCdPLppG0LtJ4Yj035vuTetWGsxjY=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
@@ -47,6 +47,8 @@ github.com/dchest/siphash v1.2.3 h1:QXwFc8cFOR2dSa/gE6o/HokBMWtLUaNDVd+22aKHeEA=
 github.com/dchest/siphash v1.2.3/go.mod h1:0NvQU092bT0ipiFN++/rXm69QG9tVxLAlQHIXMPAkHc=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
+github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI=
+github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/dlclark/regexp2 v1.11.5 h1:Q/sSnsKerHeCkc/jSTNq1oCm7KiVgUMZRDUoRu0JQZQ=
 github.com/dlclark/regexp2 v1.11.5/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -55,6 +57,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
 github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4=
+github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI=
 github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM=
 github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU=
 github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
@@ -69,6 +73,8 @@ github.com/gin-gonic/gin v1.10.1 h1:T0ujvqyCSqRopADpgPgiTT63DUQVSfojyME59Ei63pQ=
 github.com/gin-gonic/gin v1.10.1/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
 github.com/go-faster/errors v0.7.1 h1:MkJTnDoEdi9pDabt1dpWf7AA8/BaSYZqibYyhZ20AYg=
 github.com/go-faster/errors v0.7.1/go.mod h1:5ySTjWFiphBs07IKuiL69nxdfd5+fzh1u7FPGZP2quo=
+github.com/go-faster/jx v1.1.0 h1:ZsW3wD+snOdmTDy9eIVgQdjUpXRRV4rqW8NS3t+20bg=
+github.com/go-faster/jx v1.1.0/go.mod h1:vKDNikrKoyUmpzaJ0OkIkRQClNHFX/nF3dnTJZb3skg=
 github.com/go-faster/jx v1.2.0 h1:T2YHJPrFaYu21fJtUxC9GzmluKu8rVIFDwwGBKTDseI=
 github.com/go-faster/jx v1.2.0/go.mod h1:UWLOVDmMG597a5tBFPLIWJdUxz5/2emOpfsj9Neg0PE=
 github.com/go-faster/yaml v0.4.6 h1:lOK/EhI04gCpPgPhgt0bChS6bvw7G3WwI8xxVe0sw9I=
@@ -146,6 +152,8 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/klauspost/compress v1.17.6 h1:60eq2E/jlfwQXtvZEeBUYADs+BwKBWURIY+Gj2eRGjI=
+github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
 github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co=
 github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
@@ -165,8 +173,11 @@ github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA=
 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
 github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -181,6 +192,8 @@ github.com/nats-io/nkeys v0.4.7/go.mod h1:kqXRgRDPlGy7nGaEDMuYzmiJCIAAWDK0IMBtDm
 github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
+github.com/ogen-go/ogen v1.2.1 h1:C5A0lvUMu2wl+eWIxnpXMWnuOJ26a2FyzR1CIC2qG0M=
+github.com/ogen-go/ogen v1.2.1/go.mod h1:P2zQdEu8UqaVRfD5GEFvl+9q63VjMLvDquq1wVbyInM=
 github.com/ogen-go/ogen v1.18.0 h1:6RQ7lFBjOeNaUWu4getfqIh4GJbEY4hqKuzDtec/g60=
 github.com/ogen-go/ogen v1.18.0/go.mod h1:dHFr2Wf6cA7tSxMI+zPC21UR5hAlDw8ZYUkK3PziURY=
 github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
@@ -195,6 +208,8 @@ github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0t
 github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
+github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0=
 github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
@@ -246,6 +261,8 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
 go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
@@ -254,15 +271,21 @@ golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
 golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc h1:O9NuF4s+E/PvMIy+9IUZB9znFwUIXEWSstNjek6VpVg=
+golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
 golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93 h1:fQsdNF2N+/YewlRZiricy4P1iimyPKZ/xwniHj8Q2a0=
 golang.org/x/exp v0.0.0-20251219203646-944ab1f22d93/go.mod h1:EPRbTFwzwjXj9NpYyyrvenVh9Y+GFeEvMNh7Xuz7xgU=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
+golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
 golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -278,6 +301,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
 golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -287,6 +312,8 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
+golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
 golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -302,8 +329,11 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
 golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -314,6 +344,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
+golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
 golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
 golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -323,6 +355,8 @@ golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
 golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
 golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

kind-setup.sh

@@ -0,0 +1,493 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+# Configuration
+CLUSTER_NAME="${KIND_CLUSTER_NAME:-maps-service-local}"
+INFRA_PATH="${INFRA_PATH:-$HOME/Documents/Projects/infra}"
+NAMESPACE="${NAMESPACE:-default}"
+REGISTRY_NAME="kind-registry"
+REGISTRY_PORT="5001"
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+log_info() {
+    echo -e "${GREEN}[INFO]${NC} $1"
+}
+
+log_warn() {
+    echo -e "${YELLOW}[WARN]${NC} $1"
+}
+
+log_error() {
+    echo -e "${RED}[ERROR]${NC} $1"
+}
+
+# Check dependencies
+check_dependencies() {
+    log_info "Checking dependencies..."
+    local deps=("kind" "kubectl" "docker")
+    for dep in "${deps[@]}"; do
+        if ! command -v "$dep" &> /dev/null; then
+            log_error "$dep is not installed. Please install it first."
+            exit 1
+        fi
+    done
+    log_info "All dependencies are installed"
+}
+
+# Create local container registry
+create_registry() {
+    if [ "$(docker ps -q -f name=${REGISTRY_NAME})" ]; then
+        log_info "Registry ${REGISTRY_NAME} already running"
+        return 0
+    fi
+
+    if [ "$(docker ps -aq -f name=${REGISTRY_NAME})" ]; then
+        log_info "Starting existing registry ${REGISTRY_NAME}"
+        docker start ${REGISTRY_NAME}
+        return 0
+    fi
+
+    log_info "Creating local registry ${REGISTRY_NAME}..."
+    docker run -d --restart=always -p "127.0.0.1:${REGISTRY_PORT}:5000" --name "${REGISTRY_NAME}" registry:2
+}
+
+# Create KIND cluster with registry
+create_cluster() {
+    if kind get clusters | grep -q "^${CLUSTER_NAME}$"; then
+        log_warn "Cluster ${CLUSTER_NAME} already exists"
+        read -p "Do you want to delete and recreate it? (y/N): " -n 1 -r
+        echo
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            log_info "Deleting existing cluster..."
+            kind delete cluster --name "${CLUSTER_NAME}"
+        else
+            log_info "Using existing cluster"
+            kubectl config use-context "kind-${CLUSTER_NAME}"
+            return 0
+        fi
+    fi
+
+    log_info "Creating KIND cluster ${CLUSTER_NAME}..."
+    cat <<EOF | kind create cluster --name "${CLUSTER_NAME}" --config=-
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+containerdConfigPatches:
+- |-
+  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${REGISTRY_PORT}"]
+    endpoint = ["http://${REGISTRY_NAME}:5000"]
+nodes:
+- role: control-plane
+  kubeadmConfigPatches:
+  - |
+    kind: InitConfiguration
+    nodeRegistration:
+      kubeletExtraArgs:
+        node-labels: "ingress-ready=true"
+  extraPortMappings:
+  - containerPort: 80
+    hostPort: 80
+    protocol: TCP
+  - containerPort: 443
+    hostPort: 443
+    protocol: TCP
+  - containerPort: 8080
+    hostPort: 8080
+    protocol: TCP
+  - containerPort: 3000
+    hostPort: 3000
+    protocol: TCP
+EOF
+
+    # Connect the registry to the cluster network
+    if [ "$(docker inspect -f='{{json .NetworkSettings.Networks.kind}}' "${REGISTRY_NAME}")" = 'null' ]; then
+        log_info "Connecting registry to cluster network..."
+        docker network connect "kind" "${REGISTRY_NAME}"
+    fi
+
+    # Document the local registry
+    kubectl apply -f - <<EOF
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: local-registry-hosting
+  namespace: kube-public
+data:
+  localRegistryHosting.v1: |
+    host: "localhost:${REGISTRY_PORT}"
+    help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
+EOF
+
+    log_info "KIND cluster created successfully"
+}
+
+# Build Docker images
+build_images() {
+    log_info "Building Docker images..."
+
+    log_info "Building backend..."
+    make build-backend
+    docker build -t localhost:${REGISTRY_PORT}/maptest-api:local .
+    docker push localhost:${REGISTRY_PORT}/maptest-api:local
+
+    log_info "Building validator..."
+    make build-validator
+    docker build -f validation/Containerfile -t localhost:${REGISTRY_PORT}/maptest-validator:local .
+    docker push localhost:${REGISTRY_PORT}/maptest-validator:local
+
+    log_info "Building frontend..."
+    docker build web -f web/Containerfile -t localhost:${REGISTRY_PORT}/maptest-frontend:local .
+    docker push localhost:${REGISTRY_PORT}/maptest-frontend:local
+
+    log_info "All images built and pushed to local registry"
+}
+
+# Create secrets
+create_secrets() {
+    log_info "Creating Kubernetes secrets..."
+
+    # Create dummy secrets for local development
+    kubectl create secret generic cockroach-qtdb \
+        --from-literal=HOST=data-postgres \
+        --from-literal=PORT=5432 \
+        --from-literal=USER=postgres \
+        --from-literal=PASS=localpassword \
+        --dry-run=client -o yaml | kubectl apply -f -
+
+    kubectl create secret generic maptest-cookie \
+        --from-literal=api=dummy-api-key \
+        --dry-run=client -o yaml | kubectl apply -f -
+
+    kubectl create secret generic auth-service-secrets \
+        --from-literal=DISCORD_CLIENT_ID=dummy \
+        --from-literal=DISCORD_CLIENT_SECRET=dummy \
+        --from-literal=RBX_API_KEY=dummy \
+        --dry-run=client -o yaml | kubectl apply -f -
+
+    log_info "Secrets created"
+}
+
+# Deploy dependencies
+deploy_dependencies() {
+    log_info "Deploying dependencies..."
+
+    # Deploy PostgreSQL (manual deployment)
+    log_info "Deploying PostgreSQL..."
+    kubectl apply -f - <<EOF
+apiVersion: v1
+kind: Service
+metadata:
+  name: data-postgres
+spec:
+  ports:
+  - port: 5432
+    targetPort: 5432
+  selector:
+    app: data-postgres
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: data-postgres
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: data-postgres
+  template:
+    metadata:
+      labels:
+        app: data-postgres
+    spec:
+      containers:
+      - name: postgres
+        image: postgres:15
+        ports:
+        - containerPort: 5432
+        env:
+        - name: POSTGRES_USER
+          value: postgres
+        - name: POSTGRES_PASSWORD
+          value: localpassword
+        - name: POSTGRES_DB
+          value: postgres
+        volumeMounts:
+        - name: postgres-storage
+          mountPath: /var/lib/postgresql/data
+      volumes:
+      - name: postgres-storage
+        emptyDir: {}
+EOF
+
+    # Deploy Redis (using a simple deployment)
+    log_info "Deploying Redis..."
+    kubectl apply -f - <<EOF
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis-master
+spec:
+  ports:
+  - port: 6379
+    targetPort: 6379
+  selector:
+    app: redis
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+      - name: redis
+        image: redis:latest
+        ports:
+        - containerPort: 6379
+        command: ["redis-server", "--appendonly", "yes"]
+EOF
+
+    # Deploy NATS
+    log_info "Deploying NATS..."
+    kubectl apply -f - <<EOF
+apiVersion: v1
+kind: Service
+metadata:
+  name: nats
+spec:
+  ports:
+  - port: 4222
+    targetPort: 4222
+  selector:
+    app: nats
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nats
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nats
+  template:
+    metadata:
+      labels:
+        app: nats
+    spec:
+      containers:
+      - name: nats
+        image: nats:latest
+        args: ["-js"]
+        ports:
+        - containerPort: 4222
+EOF
+
+    # Deploy Auth Service (if needed)
+    if [ -d "${INFRA_PATH}/applications/auth-service/base" ]; then
+        log_info "Deploying auth-service..."
+        kubectl apply -k "${INFRA_PATH}/applications/auth-service/base" || log_warn "Auth service deployment failed, continuing..."
+    fi
+
+    # Deploy Data Service (if needed)
+    if [ -d "${INFRA_PATH}/applications/data-service/base" ]; then
+        log_info "Deploying data-service..."
+        kubectl apply -k "${INFRA_PATH}/applications/data-service/base" || log_warn "Data service deployment failed, continuing..."
+    fi
+
+    log_info "Waiting for dependencies to be ready..."
+    kubectl wait --for=condition=ready pod -l app=data-postgres --timeout=120s || log_warn "PostgreSQL not ready yet"
+    kubectl wait --for=condition=ready pod -l app=nats --timeout=60s || log_warn "NATS not ready yet"
+}
+
+# Deploy maps-service
+deploy_maps_service() {
+    log_info "Deploying maps-service..."
+
+    # Create a local overlay for development
+    local temp_dir=$(mktemp -d)
+    trap "rm -rf ${temp_dir}" EXIT
+
+    cp -r "${INFRA_PATH}/applications/maps-services/base" "${temp_dir}/"
+
+    # Create a custom kustomization for local development
+    cat > "${temp_dir}/base/kustomization.yaml" <<EOF
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+commonLabels:
+  service: maps-service
+
+resources:
+- api.yaml
+- configmap.yaml
+- frontend.yaml
+- validator.yaml
+
+images:
+- name: registry.itzana.me/strafesnet/maptest-api
+  newName: localhost:${REGISTRY_PORT}/maptest-api
+  newTag: local
+- name: registry.itzana.me/strafesnet/maptest-frontend
+  newName: localhost:${REGISTRY_PORT}/maptest-frontend
+  newTag: local
+- name: registry.itzana.me/strafesnet/maptest-validator
+  newName: localhost:${REGISTRY_PORT}/maptest-validator
+  newTag: local
+
+patches:
+- target:
+    kind: Deployment
+  patch: |-
+    - op: remove
+      path: /spec/template/spec/imagePullSecrets
+EOF
+
+    kubectl apply -k "${temp_dir}/base" || {
+        log_error "Failed to deploy maps-service"
+        return 1
+    }
+
+    log_info "Waiting for maps-service to be ready..."
+    kubectl wait --for=condition=ready pod -l app=maptest-api --timeout=120s || log_warn "API not ready yet"
+    kubectl wait --for=condition=ready pod -l app=maptest-frontend --timeout=120s || log_warn "Frontend not ready yet"
+    kubectl wait --for=condition=ready pod -l app=maptest-validator --timeout=120s || log_warn "Validator not ready yet"
+}
+
+# Port forwarding
+setup_port_forwarding() {
+    log_info "Setting up port forwarding..."
+
+    log_info "Port forwarding for API (8080)..."
+    kubectl port-forward svc/maptest-api 8080:8080 &
+
+    log_info "Port forwarding for Frontend (3000)..."
+    kubectl port-forward svc/maptest-frontend 3000:3000 &
+
+    log_info "Port forwarding setup complete"
+    log_info "You may need to manually manage these port-forwards or run them in separate terminals"
+}
+
+# Display cluster info
+display_info() {
+    log_info "======================================"
+    log_info "KIND Cluster Setup Complete!"
+    log_info "======================================"
+    echo
+    log_info "Cluster name: ${CLUSTER_NAME}"
+    log_info "Local registry: localhost:${REGISTRY_PORT}"
+    echo
+    log_info "Services:"
+    kubectl get svc
+    echo
+    log_info "Pods:"
+    kubectl get pods
+    echo
+    log_info "Access your application:"
+    log_info "  - Frontend: http://localhost:3000"
+    log_info "  - API: http://localhost:8080"
+    echo
+    log_info "Useful commands:"
+    log_info "  - View logs: kubectl logs -f <pod-name>"
+    log_info "  - Get pods: kubectl get pods"
+    log_info "  - Delete cluster: kind delete cluster --name ${CLUSTER_NAME}"
+    log_info "  - Rebuild and redeploy: ./kind-setup.sh --rebuild"
+}
+
+# Cleanup function
+cleanup() {
+    log_info "Cleaning up..."
+    kind delete cluster --name "${CLUSTER_NAME}"
+    docker stop ${REGISTRY_NAME} && docker rm ${REGISTRY_NAME}
+    log_info "Cleanup complete"
+}
+
+# Main function
+main() {
+    local rebuild=false
+    local cleanup_only=false
+
+    # Parse arguments
+    while [[ $# -gt 0 ]]; do
+        case $1 in
+            --rebuild)
+                rebuild=true
+                shift
+                ;;
+            --cleanup)
+                cleanup_only=true
+                shift
+                ;;
+            --infra-path)
+                INFRA_PATH="$2"
+                shift 2
+                ;;
+            --help)
+                echo "Usage: $0 [OPTIONS]"
+                echo "Options:"
+                echo "  --rebuild           Rebuild and push Docker images"
+                echo "  --cleanup           Delete the cluster and registry"
+                echo "  --infra-path PATH   Path to infra directory (default: ~/Documents/Projects/infra)"
+                echo "  --help              Show this help message"
+                exit 0
+                ;;
+            *)
+                log_error "Unknown option: $1"
+                exit 1
+                ;;
+        esac
+    done
+
+    if [ "$cleanup_only" = true ]; then
+        cleanup
+        exit 0
+    fi
+
+    # Validate infra path
+    if [ ! -d "$INFRA_PATH" ]; then
+        log_error "Infra path does not exist: $INFRA_PATH"
+        log_error "Please provide a valid path using --infra-path"
+        exit 1
+    fi
+
+    if [ ! -d "$INFRA_PATH/applications/maps-services" ]; then
+        log_error "maps-services not found in infra path: $INFRA_PATH/applications/maps-services"
+        exit 1
+    fi
+
+    log_info "Using infra path: $INFRA_PATH"
+
+    check_dependencies
+    create_registry
+    create_cluster
+
+    if [ "$rebuild" = true ]; then
+        build_images
+    fi
+
+    create_secrets
+    deploy_dependencies
+    deploy_maps_service
+    display_info
+
+    log_info "Setup complete! Press Ctrl+C to stop port forwarding and exit."
+    log_warn "Note: You may want to set up port-forwarding manually in separate terminals:"
+    log_info "  kubectl port-forward svc/maptest-api 8080:8080"
+    log_info "  kubectl port-forward svc/maptest-frontend 3000:3000"
+}
+
+# Run main function
+main "$@"

openapi.yaml

@@ -6,6 +6,8 @@ info:
 servers:
   - url: https://submissions.strafes.net/v1
 tags:
+  - name: AOR
+    description: AOR (Accept or Reject) event operations
   - name: Mapfixes
     description: Mapfix operations
   - name: Maps
@@ -960,6 +962,89 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/reviews:
+    get:
+      summary: Get all reviews for a submission
+      operationId: listSubmissionReviews
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/SubmissionReview"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+    post:
+      summary: Create a review for a submission
+      operationId: createSubmissionReview
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SubmissionReviewCreate"
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/SubmissionReview"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/reviews/{ReviewID}:
+    patch:
+      summary: Update an existing review
+      operationId: updateSubmissionReview
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+        - name: ReviewID
+          in: path
+          required: true
+          schema:
+            type: integer
+            format: int64
+            minimum: 0
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SubmissionReviewCreate"
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/SubmissionReview"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /submissions/{SubmissionID}/model:
     post:
       summary: Update model following role restrictions
@@ -1224,6 +1309,109 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
+  /aor-events:
+    get:
+      summary: Get list of AOR events
+      operationId: listAOREvents
+      tags:
+        - AOR
+      security: []
+      parameters:
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/AOREvent"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /aor-events/active:
+    get:
+      summary: Get the currently active AOR event
+      operationId: getActiveAOREvent
+      tags:
+        - AOR
+      security: []
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/AOREvent"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /aor-events/{AOREventID}:
+    get:
+      summary: Get a specific AOR event
+      operationId: getAOREvent
+      tags:
+        - AOR
+      security: []
+      parameters:
+      - name: AOREventID
+        in: path
+        required: true
+        schema:
+          type: integer
+          format: int64
+          minimum: 1
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/AOREvent"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /aor-events/{AOREventID}/submissions:
+    get:
+      summary: Get all submissions for a specific AOR event
+      operationId: getAOREventSubmissions
+      tags:
+        - AOR
+      security: []
+      parameters:
+      - name: AOREventID
+        in: path
+        required: true
+        schema:
+          type: integer
+          format: int64
+          minimum: 1
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/Submission"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /script-policy:
     get:
       summary: Get list of script policies
@@ -1783,6 +1971,56 @@ components:
         minimum: 0
         maximum: 100
   schemas:
+    AOREvent:
+      type: object
+      required:
+      - ID
+      - StartDate
+      - FreezeDate
+      - SelectionDate
+      - DecisionDate
+      - Status
+      - CreatedAt
+      - UpdatedAt
+      properties:
+        ID:
+          type: integer
+          format: int64
+        StartDate:
+          type: integer
+          format: int64
+          description: Unix timestamp for the 1st day of AOR month
+        FreezeDate:
+          type: integer
+          format: int64
+          description: Unix timestamp when submissions are frozen
+        SelectionDate:
+          type: integer
+          format: int64
+          description: Unix timestamp when automatic selection occurs (end of week 1)
+        DecisionDate:
+          type: integer
+          format: int64
+          description: Unix timestamp when final accept/reject decisions are made (end of month)
+        Status:
+          type: integer
+          format: int32
+          minimum: 0
+          maximum: 5
+          description: >
+            AOR Event Status:
+            * `0` - Scheduled
+            * `1` - Open
+            * `2` - Frozen
+            * `3` - Selected
+            * `4` - Completed
+            * `5` - Closed
+        CreatedAt:
+          type: integer
+          format: int64
+        UpdatedAt:
+          type: integer
+          format: int64
     AuditEvent:
       type: object
       required:
@@ -2368,6 +2606,61 @@ components:
         - ReleasedMapfixes
         - SubmittedSubmissions
         - SubmittedMapfixes
+    SubmissionReview:
+      required:
+      - ID
+      - SubmissionID
+      - ReviewerID
+      - Recommend
+      - Description
+      - Outdated
+      - CreatedAt
+      - UpdatedAt
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: int64
+          minimum: 0
+        SubmissionID:
+          type: integer
+          format: int64
+          minimum: 0
+        ReviewerID:
+          type: integer
+          format: int64
+          minimum: 0
+        Recommend:
+          type: boolean
+          description: Whether the reviewer recommends accepting the submission
+        Description:
+          type: string
+          maxLength: 2048
+          description: Text description of the review reasoning
+        Outdated:
+          type: boolean
+          description: Flag indicating if the review is outdated due to submission changes
+        CreatedAt:
+          type: integer
+          format: int64
+          minimum: 0
+        UpdatedAt:
+          type: integer
+          format: int64
+          minimum: 0
+    SubmissionReviewCreate:
+      required:
+      - Recommend
+      - Description
+      type: object
+      properties:
+        Recommend:
+          type: boolean
+          description: Whether the reviewer recommends accepting the submission
+        Description:
+          type: string
+          maxLength: 2048
+          description: Text description of the review reasoning
     Error:
       description: Represents error object
       type: object

pkg/api/oas_client_gen.go

@@ -235,6 +235,12 @@ type Invoker interface {
 	//
 	// POST /submissions/{SubmissionID}/comment
 	CreateSubmissionAuditComment(ctx context.Context, request CreateSubmissionAuditCommentReq, params CreateSubmissionAuditCommentParams) error
+	// CreateSubmissionReview invokes createSubmissionReview operation.
+	//
+	// Create a review for a submission.
+	//
+	// POST /submissions/{SubmissionID}/reviews
+	CreateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params CreateSubmissionReviewParams) (*SubmissionReview, error)
 	// DeleteScript invokes deleteScript operation.
 	//
 	// Delete the specified script by ID.
@@ -253,6 +259,24 @@ type Invoker interface {
 	//
 	// GET /maps/{MapID}/download
 	DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (DownloadMapAssetOK, error)
+	// GetAOREvent invokes getAOREvent operation.
+	//
+	// Get a specific AOR event.
+	//
+	// GET /aor-events/{AOREventID}
+	GetAOREvent(ctx context.Context, params GetAOREventParams) (*AOREvent, error)
+	// GetAOREventSubmissions invokes getAOREventSubmissions operation.
+	//
+	// Get all submissions for a specific AOR event.
+	//
+	// GET /aor-events/{AOREventID}/submissions
+	GetAOREventSubmissions(ctx context.Context, params GetAOREventSubmissionsParams) ([]Submission, error)
+	// GetActiveAOREvent invokes getActiveAOREvent operation.
+	//
+	// Get the currently active AOR event.
+	//
+	// GET /aor-events/active
+	GetActiveAOREvent(ctx context.Context) (*AOREvent, error)
 	// GetAssetThumbnail invokes getAssetThumbnail operation.
 	//
 	// Get single asset thumbnail.
@@ -307,6 +331,12 @@ type Invoker interface {
 	//
 	// GET /thumbnails/user/{UserID}
 	GetUserThumbnail(ctx context.Context, params GetUserThumbnailParams) (*GetUserThumbnailFound, error)
+	// ListAOREvents invokes listAOREvents operation.
+	//
+	// Get list of AOR events.
+	//
+	// GET /aor-events
+	ListAOREvents(ctx context.Context, params ListAOREventsParams) ([]AOREvent, error)
 	// ListMapfixAuditEvents invokes listMapfixAuditEvents operation.
 	//
 	// Retrieve a list of audit events.
@@ -343,6 +373,12 @@ type Invoker interface {
 	//
 	// GET /submissions/{SubmissionID}/audit-events
 	ListSubmissionAuditEvents(ctx context.Context, params ListSubmissionAuditEventsParams) ([]AuditEvent, error)
+	// ListSubmissionReviews invokes listSubmissionReviews operation.
+	//
+	// Get all reviews for a submission.
+	//
+	// GET /submissions/{SubmissionID}/reviews
+	ListSubmissionReviews(ctx context.Context, params ListSubmissionReviewsParams) ([]SubmissionReview, error)
 	// ListSubmissions invokes listSubmissions operation.
 	//
 	// Get list of submissions.
@@ -415,6 +451,12 @@ type Invoker interface {
 	//
 	// POST /submissions/{SubmissionID}/model
 	UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error
+	// UpdateSubmissionReview invokes updateSubmissionReview operation.
+	//
+	// Update an existing review.
+	//
+	// PATCH /submissions/{SubmissionID}/reviews/{ReviewID}
+	UpdateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params UpdateSubmissionReviewParams) (*SubmissionReview, error)
 }
 
 // Client implements OAS client.
@@ -4498,6 +4540,134 @@ func (c *Client) sendCreateSubmissionAuditComment(ctx context.Context, request C
 	return result, nil
 }
 
+// CreateSubmissionReview invokes createSubmissionReview operation.
+//
+// Create a review for a submission.
+//
+// POST /submissions/{SubmissionID}/reviews
+func (c *Client) CreateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params CreateSubmissionReviewParams) (*SubmissionReview, error) {
+	res, err := c.sendCreateSubmissionReview(ctx, request, params)
+	return res, err
+}
+
+func (c *Client) sendCreateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params CreateSubmissionReviewParams) (res *SubmissionReview, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("createSubmissionReview"),
+		semconv.HTTPRequestMethodKey.String("POST"),
+		semconv.URLTemplateKey.String("/submissions/{SubmissionID}/reviews"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, CreateSubmissionReviewOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [3]string
+	pathParts[0] = "/submissions/"
+	{
+		// Encode "SubmissionID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "SubmissionID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/reviews"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "POST", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+	if err := encodeCreateSubmissionReviewRequest(request, r); err != nil {
+		return res, errors.Wrap(err, "encode request")
+	}
+
+	{
+		type bitset = [1]uint8
+		var satisfied bitset
+		{
+			stage = "Security:CookieAuth"
+			switch err := c.securityCookieAuth(ctx, CreateSubmissionReviewOperation, r); {
+			case err == nil: // if NO error
+				satisfied[0] |= 1 << 0
+			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
+				// Skip this security.
+			default:
+				return res, errors.Wrap(err, "security \"CookieAuth\"")
+			}
+		}
+
+		if ok := func() bool {
+		nextRequirement:
+			for _, requirement := range []bitset{
+				{0b00000001},
+			} {
+				for i, mask := range requirement {
+					if satisfied[i]&mask != mask {
+						continue nextRequirement
+					}
+				}
+				return true
+			}
+			return false
+		}(); !ok {
+			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
+		}
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeCreateSubmissionReviewResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // DeleteScript invokes deleteScript operation.
 //
 // Delete the specified script by ID.
@@ -4871,6 +5041,262 @@ func (c *Client) sendDownloadMapAsset(ctx context.Context, params DownloadMapAss
 	return result, nil
 }
 
+// GetAOREvent invokes getAOREvent operation.
+//
+// Get a specific AOR event.
+//
+// GET /aor-events/{AOREventID}
+func (c *Client) GetAOREvent(ctx context.Context, params GetAOREventParams) (*AOREvent, error) {
+	res, err := c.sendGetAOREvent(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendGetAOREvent(ctx context.Context, params GetAOREventParams) (res *AOREvent, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("getAOREvent"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.URLTemplateKey.String("/aor-events/{AOREventID}"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, GetAOREventOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [2]string
+	pathParts[0] = "/aor-events/"
+	{
+		// Encode "AOREventID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "AOREventID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.AOREventID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeGetAOREventResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// GetAOREventSubmissions invokes getAOREventSubmissions operation.
+//
+// Get all submissions for a specific AOR event.
+//
+// GET /aor-events/{AOREventID}/submissions
+func (c *Client) GetAOREventSubmissions(ctx context.Context, params GetAOREventSubmissionsParams) ([]Submission, error) {
+	res, err := c.sendGetAOREventSubmissions(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendGetAOREventSubmissions(ctx context.Context, params GetAOREventSubmissionsParams) (res []Submission, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("getAOREventSubmissions"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.URLTemplateKey.String("/aor-events/{AOREventID}/submissions"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, GetAOREventSubmissionsOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [3]string
+	pathParts[0] = "/aor-events/"
+	{
+		// Encode "AOREventID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "AOREventID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.AOREventID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/submissions"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeGetAOREventSubmissionsResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// GetActiveAOREvent invokes getActiveAOREvent operation.
+//
+// Get the currently active AOR event.
+//
+// GET /aor-events/active
+func (c *Client) GetActiveAOREvent(ctx context.Context) (*AOREvent, error) {
+	res, err := c.sendGetActiveAOREvent(ctx)
+	return res, err
+}
+
+func (c *Client) sendGetActiveAOREvent(ctx context.Context) (res *AOREvent, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("getActiveAOREvent"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.URLTemplateKey.String("/aor-events/active"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, GetActiveAOREventOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/aor-events/active"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeGetActiveAOREventResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // GetAssetThumbnail invokes getAssetThumbnail operation.
 //
 // Get single asset thumbnail.
@@ -5747,6 +6173,111 @@ func (c *Client) sendGetUserThumbnail(ctx context.Context, params GetUserThumbna
 	return result, nil
 }
 
+// ListAOREvents invokes listAOREvents operation.
+//
+// Get list of AOR events.
+//
+// GET /aor-events
+func (c *Client) ListAOREvents(ctx context.Context, params ListAOREventsParams) ([]AOREvent, error) {
+	res, err := c.sendListAOREvents(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendListAOREvents(ctx context.Context, params ListAOREventsParams) (res []AOREvent, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listAOREvents"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.URLTemplateKey.String("/aor-events"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ListAOREventsOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/aor-events"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeListAOREventsResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // ListMapfixAuditEvents invokes listMapfixAuditEvents operation.
 //
 // Retrieve a list of audit events.
@@ -6772,6 +7303,131 @@ func (c *Client) sendListSubmissionAuditEvents(ctx context.Context, params ListS
 	return result, nil
 }
 
+// ListSubmissionReviews invokes listSubmissionReviews operation.
+//
+// Get all reviews for a submission.
+//
+// GET /submissions/{SubmissionID}/reviews
+func (c *Client) ListSubmissionReviews(ctx context.Context, params ListSubmissionReviewsParams) ([]SubmissionReview, error) {
+	res, err := c.sendListSubmissionReviews(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendListSubmissionReviews(ctx context.Context, params ListSubmissionReviewsParams) (res []SubmissionReview, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listSubmissionReviews"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.URLTemplateKey.String("/submissions/{SubmissionID}/reviews"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ListSubmissionReviewsOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [3]string
+	pathParts[0] = "/submissions/"
+	{
+		// Encode "SubmissionID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "SubmissionID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/reviews"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	{
+		type bitset = [1]uint8
+		var satisfied bitset
+		{
+			stage = "Security:CookieAuth"
+			switch err := c.securityCookieAuth(ctx, ListSubmissionReviewsOperation, r); {
+			case err == nil: // if NO error
+				satisfied[0] |= 1 << 0
+			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
+				// Skip this security.
+			default:
+				return res, errors.Wrap(err, "security \"CookieAuth\"")
+			}
+		}
+
+		if ok := func() bool {
+		nextRequirement:
+			for _, requirement := range []bitset{
+				{0b00000001},
+			} {
+				for i, mask := range requirement {
+					if satisfied[i]&mask != mask {
+						continue nextRequirement
+					}
+				}
+				return true
+			}
+			return false
+		}(); !ok {
+			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
+		}
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeListSubmissionReviewsResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // ListSubmissions invokes listSubmissions operation.
 //
 // Get list of submissions.
@@ -8402,3 +9058,149 @@ func (c *Client) sendUpdateSubmissionModel(ctx context.Context, params UpdateSub
 
 	return result, nil
 }
+
+// UpdateSubmissionReview invokes updateSubmissionReview operation.
+//
+// Update an existing review.
+//
+// PATCH /submissions/{SubmissionID}/reviews/{ReviewID}
+func (c *Client) UpdateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params UpdateSubmissionReviewParams) (*SubmissionReview, error) {
+	res, err := c.sendUpdateSubmissionReview(ctx, request, params)
+	return res, err
+}
+
+func (c *Client) sendUpdateSubmissionReview(ctx context.Context, request *SubmissionReviewCreate, params UpdateSubmissionReviewParams) (res *SubmissionReview, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("updateSubmissionReview"),
+		semconv.HTTPRequestMethodKey.String("PATCH"),
+		semconv.URLTemplateKey.String("/submissions/{SubmissionID}/reviews/{ReviewID}"),
+	}
+	otelAttrs = append(otelAttrs, c.cfg.Attributes...)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, UpdateSubmissionReviewOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [4]string
+	pathParts[0] = "/submissions/"
+	{
+		// Encode "SubmissionID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "SubmissionID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/reviews/"
+	{
+		// Encode "ReviewID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "ReviewID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.ReviewID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[3] = encoded
+	}
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "PATCH", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+	if err := encodeUpdateSubmissionReviewRequest(request, r); err != nil {
+		return res, errors.Wrap(err, "encode request")
+	}
+
+	{
+		type bitset = [1]uint8
+		var satisfied bitset
+		{
+			stage = "Security:CookieAuth"
+			switch err := c.securityCookieAuth(ctx, UpdateSubmissionReviewOperation, r); {
+			case err == nil: // if NO error
+				satisfied[0] |= 1 << 0
+			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
+				// Skip this security.
+			default:
+				return res, errors.Wrap(err, "security \"CookieAuth\"")
+			}
+		}
+
+		if ok := func() bool {
+		nextRequirement:
+			for _, requirement := range []bitset{
+				{0b00000001},
+			} {
+				for i, mask := range requirement {
+					if satisfied[i]&mask != mask {
+						continue nextRequirement
+					}
+				}
+				return true
+			}
+			return false
+		}(); !ok {
+			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
+		}
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeUpdateSubmissionReviewResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}

pkg/api/oas_json_gen.go

@@ -12,6 +12,221 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 
+// Encode implements json.Marshaler.
+func (s *AOREvent) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *AOREvent) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("ID")
+		e.Int64(s.ID)
+	}
+	{
+		e.FieldStart("StartDate")
+		e.Int64(s.StartDate)
+	}
+	{
+		e.FieldStart("FreezeDate")
+		e.Int64(s.FreezeDate)
+	}
+	{
+		e.FieldStart("SelectionDate")
+		e.Int64(s.SelectionDate)
+	}
+	{
+		e.FieldStart("DecisionDate")
+		e.Int64(s.DecisionDate)
+	}
+	{
+		e.FieldStart("Status")
+		e.Int32(s.Status)
+	}
+	{
+		e.FieldStart("CreatedAt")
+		e.Int64(s.CreatedAt)
+	}
+	{
+		e.FieldStart("UpdatedAt")
+		e.Int64(s.UpdatedAt)
+	}
+}
+
+var jsonFieldsNameOfAOREvent = [8]string{
+	0: "ID",
+	1: "StartDate",
+	2: "FreezeDate",
+	3: "SelectionDate",
+	4: "DecisionDate",
+	5: "Status",
+	6: "CreatedAt",
+	7: "UpdatedAt",
+}
+
+// Decode decodes AOREvent from json.
+func (s *AOREvent) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode AOREvent to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.ID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		case "StartDate":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Int64()
+				s.StartDate = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"StartDate\"")
+			}
+		case "FreezeDate":
+			requiredBitSet[0] |= 1 << 2
+			if err := func() error {
+				v, err := d.Int64()
+				s.FreezeDate = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"FreezeDate\"")
+			}
+		case "SelectionDate":
+			requiredBitSet[0] |= 1 << 3
+			if err := func() error {
+				v, err := d.Int64()
+				s.SelectionDate = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"SelectionDate\"")
+			}
+		case "DecisionDate":
+			requiredBitSet[0] |= 1 << 4
+			if err := func() error {
+				v, err := d.Int64()
+				s.DecisionDate = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"DecisionDate\"")
+			}
+		case "Status":
+			requiredBitSet[0] |= 1 << 5
+			if err := func() error {
+				v, err := d.Int32()
+				s.Status = int32(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Status\"")
+			}
+		case "CreatedAt":
+			requiredBitSet[0] |= 1 << 6
+			if err := func() error {
+				v, err := d.Int64()
+				s.CreatedAt = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"CreatedAt\"")
+			}
+		case "UpdatedAt":
+			requiredBitSet[0] |= 1 << 7
+			if err := func() error {
+				v, err := d.Int64()
+				s.UpdatedAt = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"UpdatedAt\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode AOREvent")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b11111111,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfAOREvent) {
+					name = jsonFieldsNameOfAOREvent[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *AOREvent) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *AOREvent) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
 // Encode implements json.Marshaler.
 func (s *AuditEvent) Encode(e *jx.Encoder) {
 	e.ObjStart()
@@ -4435,6 +4650,334 @@ func (s *Submission) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }
 
+// Encode implements json.Marshaler.
+func (s *SubmissionReview) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *SubmissionReview) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("ID")
+		e.Int64(s.ID)
+	}
+	{
+		e.FieldStart("SubmissionID")
+		e.Int64(s.SubmissionID)
+	}
+	{
+		e.FieldStart("ReviewerID")
+		e.Int64(s.ReviewerID)
+	}
+	{
+		e.FieldStart("Recommend")
+		e.Bool(s.Recommend)
+	}
+	{
+		e.FieldStart("Description")
+		e.Str(s.Description)
+	}
+	{
+		e.FieldStart("Outdated")
+		e.Bool(s.Outdated)
+	}
+	{
+		e.FieldStart("CreatedAt")
+		e.Int64(s.CreatedAt)
+	}
+	{
+		e.FieldStart("UpdatedAt")
+		e.Int64(s.UpdatedAt)
+	}
+}
+
+var jsonFieldsNameOfSubmissionReview = [8]string{
+	0: "ID",
+	1: "SubmissionID",
+	2: "ReviewerID",
+	3: "Recommend",
+	4: "Description",
+	5: "Outdated",
+	6: "CreatedAt",
+	7: "UpdatedAt",
+}
+
+// Decode decodes SubmissionReview from json.
+func (s *SubmissionReview) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode SubmissionReview to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.ID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		case "SubmissionID":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Int64()
+				s.SubmissionID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
+			}
+		case "ReviewerID":
+			requiredBitSet[0] |= 1 << 2
+			if err := func() error {
+				v, err := d.Int64()
+				s.ReviewerID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ReviewerID\"")
+			}
+		case "Recommend":
+			requiredBitSet[0] |= 1 << 3
+			if err := func() error {
+				v, err := d.Bool()
+				s.Recommend = bool(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Recommend\"")
+			}
+		case "Description":
+			requiredBitSet[0] |= 1 << 4
+			if err := func() error {
+				v, err := d.Str()
+				s.Description = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Description\"")
+			}
+		case "Outdated":
+			requiredBitSet[0] |= 1 << 5
+			if err := func() error {
+				v, err := d.Bool()
+				s.Outdated = bool(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Outdated\"")
+			}
+		case "CreatedAt":
+			requiredBitSet[0] |= 1 << 6
+			if err := func() error {
+				v, err := d.Int64()
+				s.CreatedAt = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"CreatedAt\"")
+			}
+		case "UpdatedAt":
+			requiredBitSet[0] |= 1 << 7
+			if err := func() error {
+				v, err := d.Int64()
+				s.UpdatedAt = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"UpdatedAt\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode SubmissionReview")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b11111111,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfSubmissionReview) {
+					name = jsonFieldsNameOfSubmissionReview[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *SubmissionReview) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *SubmissionReview) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode implements json.Marshaler.
+func (s *SubmissionReviewCreate) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *SubmissionReviewCreate) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("Recommend")
+		e.Bool(s.Recommend)
+	}
+	{
+		e.FieldStart("Description")
+		e.Str(s.Description)
+	}
+}
+
+var jsonFieldsNameOfSubmissionReviewCreate = [2]string{
+	0: "Recommend",
+	1: "Description",
+}
+
+// Decode decodes SubmissionReviewCreate from json.
+func (s *SubmissionReviewCreate) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode SubmissionReviewCreate to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "Recommend":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Bool()
+				s.Recommend = bool(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Recommend\"")
+			}
+		case "Description":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Description = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Description\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode SubmissionReviewCreate")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000011,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfSubmissionReviewCreate) {
+					name = jsonFieldsNameOfSubmissionReviewCreate[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *SubmissionReviewCreate) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *SubmissionReviewCreate) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
 // Encode implements json.Marshaler.
 func (s *SubmissionTriggerCreate) Encode(e *jx.Encoder) {
 	e.ObjStart()

pkg/api/oas_operations_gen.go

@@ -40,9 +40,13 @@ const (
 	CreateSubmissionOperation                       OperationName = "CreateSubmission"
 	CreateSubmissionAdminOperation                  OperationName = "CreateSubmissionAdmin"
 	CreateSubmissionAuditCommentOperation           OperationName = "CreateSubmissionAuditComment"
+	CreateSubmissionReviewOperation                 OperationName = "CreateSubmissionReview"
 	DeleteScriptOperation                           OperationName = "DeleteScript"
 	DeleteScriptPolicyOperation                     OperationName = "DeleteScriptPolicy"
 	DownloadMapAssetOperation                       OperationName = "DownloadMapAsset"
+	GetAOREventOperation                            OperationName = "GetAOREvent"
+	GetAOREventSubmissionsOperation                 OperationName = "GetAOREventSubmissions"
+	GetActiveAOREventOperation                      OperationName = "GetActiveAOREvent"
 	GetAssetThumbnailOperation                      OperationName = "GetAssetThumbnail"
 	GetMapOperation                                 OperationName = "GetMap"
 	GetMapfixOperation                              OperationName = "GetMapfix"
@@ -52,12 +56,14 @@ const (
 	GetStatsOperation                               OperationName = "GetStats"
 	GetSubmissionOperation                          OperationName = "GetSubmission"
 	GetUserThumbnailOperation                       OperationName = "GetUserThumbnail"
+	ListAOREventsOperation                          OperationName = "ListAOREvents"
 	ListMapfixAuditEventsOperation                  OperationName = "ListMapfixAuditEvents"
 	ListMapfixesOperation                           OperationName = "ListMapfixes"
 	ListMapsOperation                               OperationName = "ListMaps"
 	ListScriptPolicyOperation                       OperationName = "ListScriptPolicy"
 	ListScriptsOperation                            OperationName = "ListScripts"
 	ListSubmissionAuditEventsOperation              OperationName = "ListSubmissionAuditEvents"
+	ListSubmissionReviewsOperation                  OperationName = "ListSubmissionReviews"
 	ListSubmissionsOperation                        OperationName = "ListSubmissions"
 	ReleaseSubmissionsOperation                     OperationName = "ReleaseSubmissions"
 	SessionRolesOperation                           OperationName = "SessionRoles"
@@ -70,4 +76,5 @@ const (
 	UpdateScriptOperation                           OperationName = "UpdateScript"
 	UpdateScriptPolicyOperation                     OperationName = "UpdateScriptPolicy"
 	UpdateSubmissionModelOperation                  OperationName = "UpdateSubmissionModel"
+	UpdateSubmissionReviewOperation                 OperationName = "UpdateSubmissionReview"
 )

pkg/api/oas_parameters_gen.go

@@ -2198,6 +2198,90 @@ func decodeCreateSubmissionAuditCommentParams(args [1]string, argsEscaped bool,
 	return params, nil
 }
 
+// CreateSubmissionReviewParams is parameters of createSubmissionReview operation.
+type CreateSubmissionReviewParams struct {
+	// The unique identifier for a submission.
+	SubmissionID int64
+}
+
+func unpackCreateSubmissionReviewParams(packed middleware.Parameters) (params CreateSubmissionReviewParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "SubmissionID",
+			In:   "path",
+		}
+		params.SubmissionID = packed[key].(int64)
+	}
+	return params
+}
+
+func decodeCreateSubmissionReviewParams(args [1]string, argsEscaped bool, r *http.Request) (params CreateSubmissionReviewParams, _ error) {
+	// Decode path: SubmissionID.
+	if err := func() error {
+		param := args[0]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[0])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "SubmissionID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.SubmissionID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.SubmissionID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "SubmissionID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	return params, nil
+}
+
 // DeleteScriptParams is parameters of deleteScript operation.
 type DeleteScriptParams struct {
 	// The unique identifier for a script.
@@ -2449,6 +2533,172 @@ func decodeDownloadMapAssetParams(args [1]string, argsEscaped bool, r *http.Requ
 	return params, nil
 }
 
+// GetAOREventParams is parameters of getAOREvent operation.
+type GetAOREventParams struct {
+	AOREventID int64
+}
+
+func unpackGetAOREventParams(packed middleware.Parameters) (params GetAOREventParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "AOREventID",
+			In:   "path",
+		}
+		params.AOREventID = packed[key].(int64)
+	}
+	return params
+}
+
+func decodeGetAOREventParams(args [1]string, argsEscaped bool, r *http.Request) (params GetAOREventParams, _ error) {
+	// Decode path: AOREventID.
+	if err := func() error {
+		param := args[0]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[0])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "AOREventID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.AOREventID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           1,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.AOREventID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "AOREventID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	return params, nil
+}
+
+// GetAOREventSubmissionsParams is parameters of getAOREventSubmissions operation.
+type GetAOREventSubmissionsParams struct {
+	AOREventID int64
+}
+
+func unpackGetAOREventSubmissionsParams(packed middleware.Parameters) (params GetAOREventSubmissionsParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "AOREventID",
+			In:   "path",
+		}
+		params.AOREventID = packed[key].(int64)
+	}
+	return params
+}
+
+func decodeGetAOREventSubmissionsParams(args [1]string, argsEscaped bool, r *http.Request) (params GetAOREventSubmissionsParams, _ error) {
+	// Decode path: AOREventID.
+	if err := func() error {
+		param := args[0]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[0])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "AOREventID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.AOREventID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           1,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.AOREventID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "AOREventID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	return params, nil
+}
+
 // GetAssetThumbnailParams is parameters of getAssetThumbnail operation.
 type GetAssetThumbnailParams struct {
 	AssetID uint64
@@ -3227,6 +3477,143 @@ func decodeGetUserThumbnailParams(args [1]string, argsEscaped bool, r *http.Requ
 	return params, nil
 }
 
+// ListAOREventsParams is parameters of listAOREvents operation.
+type ListAOREventsParams struct {
+	Page  int32
+	Limit int32
+}
+
+func unpackListAOREventsParams(packed middleware.Parameters) (params ListAOREventsParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "Page",
+			In:   "query",
+		}
+		params.Page = packed[key].(int32)
+	}
+	{
+		key := middleware.ParameterKey{
+			Name: "Limit",
+			In:   "query",
+		}
+		params.Limit = packed[key].(int32)
+	}
+	return params
+}
+
+func decodeListAOREventsParams(args [0]string, argsEscaped bool, r *http.Request) (params ListAOREventsParams, _ error) {
+	q := uri.NewQueryDecoder(r.URL.Query())
+	// Decode query: Page.
+	if err := func() error {
+		cfg := uri.QueryParameterDecodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.HasParam(cfg); err == nil {
+			if err := q.DecodeParam(cfg, func(d uri.Decoder) error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt32(val)
+				if err != nil {
+					return err
+				}
+
+				params.Page = c
+				return nil
+			}); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           1,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.Page)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return err
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "Page",
+			In:   "query",
+			Err:  err,
+		}
+	}
+	// Decode query: Limit.
+	if err := func() error {
+		cfg := uri.QueryParameterDecodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.HasParam(cfg); err == nil {
+			if err := q.DecodeParam(cfg, func(d uri.Decoder) error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt32(val)
+				if err != nil {
+					return err
+				}
+
+				params.Limit = c
+				return nil
+			}); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        true,
+					Max:           100,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.Limit)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return err
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "Limit",
+			In:   "query",
+			Err:  err,
+		}
+	}
+	return params, nil
+}
+
 // ListMapfixAuditEventsParams is parameters of listMapfixAuditEvents operation.
 type ListMapfixAuditEventsParams struct {
 	// The unique identifier for a mapfix.
@@ -5816,6 +6203,90 @@ func decodeListSubmissionAuditEventsParams(args [1]string, argsEscaped bool, r *
 	return params, nil
 }
 
+// ListSubmissionReviewsParams is parameters of listSubmissionReviews operation.
+type ListSubmissionReviewsParams struct {
+	// The unique identifier for a submission.
+	SubmissionID int64
+}
+
+func unpackListSubmissionReviewsParams(packed middleware.Parameters) (params ListSubmissionReviewsParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "SubmissionID",
+			In:   "path",
+		}
+		params.SubmissionID = packed[key].(int64)
+	}
+	return params
+}
+
+func decodeListSubmissionReviewsParams(args [1]string, argsEscaped bool, r *http.Request) (params ListSubmissionReviewsParams, _ error) {
+	// Decode path: SubmissionID.
+	if err := func() error {
+		param := args[0]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[0])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "SubmissionID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.SubmissionID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.SubmissionID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "SubmissionID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	return params, nil
+}
+
 // ListSubmissionsParams is parameters of listSubmissions operation.
 type ListSubmissionsParams struct {
 	Page        int32
@@ -7487,3 +7958,158 @@ func decodeUpdateSubmissionModelParams(args [1]string, argsEscaped bool, r *http
 	}
 	return params, nil
 }
+
+// UpdateSubmissionReviewParams is parameters of updateSubmissionReview operation.
+type UpdateSubmissionReviewParams struct {
+	// The unique identifier for a submission.
+	SubmissionID int64
+	ReviewID     int64
+}
+
+func unpackUpdateSubmissionReviewParams(packed middleware.Parameters) (params UpdateSubmissionReviewParams) {
+	{
+		key := middleware.ParameterKey{
+			Name: "SubmissionID",
+			In:   "path",
+		}
+		params.SubmissionID = packed[key].(int64)
+	}
+	{
+		key := middleware.ParameterKey{
+			Name: "ReviewID",
+			In:   "path",
+		}
+		params.ReviewID = packed[key].(int64)
+	}
+	return params
+}
+
+func decodeUpdateSubmissionReviewParams(args [2]string, argsEscaped bool, r *http.Request) (params UpdateSubmissionReviewParams, _ error) {
+	// Decode path: SubmissionID.
+	if err := func() error {
+		param := args[0]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[0])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "SubmissionID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.SubmissionID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.SubmissionID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "SubmissionID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	// Decode path: ReviewID.
+	if err := func() error {
+		param := args[1]
+		if argsEscaped {
+			unescaped, err := url.PathUnescape(args[1])
+			if err != nil {
+				return errors.Wrap(err, "unescape path")
+			}
+			param = unescaped
+		}
+		if len(param) > 0 {
+			d := uri.NewPathDecoder(uri.PathDecoderConfig{
+				Param:   "ReviewID",
+				Value:   param,
+				Style:   uri.PathStyleSimple,
+				Explode: false,
+			})
+
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				params.ReviewID = c
+				return nil
+			}(); err != nil {
+				return err
+			}
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+					Pattern:       nil,
+				}).Validate(int64(params.ReviewID)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		} else {
+			return validate.ErrFieldRequired
+		}
+		return nil
+	}(); err != nil {
+		return params, &ogenerrors.DecodeParamError{
+			Name: "ReviewID",
+			In:   "path",
+			Err:  err,
+		}
+	}
+	return params, nil
+}

pkg/api/oas_request_decoders_gen.go

@@ -717,6 +717,85 @@ func (s *Server) decodeCreateSubmissionAuditCommentRequest(r *http.Request) (
 	}
 }
 
+func (s *Server) decodeCreateSubmissionReviewRequest(r *http.Request) (
+	req *SubmissionReviewCreate,
+	rawBody []byte,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = errors.Join(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = errors.Join(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, rawBody, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, rawBody, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		defer func() {
+			_ = r.Body.Close()
+		}()
+		if err != nil {
+			return req, rawBody, close, err
+		}
+
+		// Reset the body to allow for downstream reading.
+		r.Body = io.NopCloser(bytes.NewBuffer(buf))
+
+		if len(buf) == 0 {
+			return req, rawBody, close, validate.ErrBodyRequired
+		}
+
+		rawBody = append(rawBody, buf...)
+		d := jx.DecodeBytes(buf)
+
+		var request SubmissionReviewCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, rawBody, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, rawBody, close, errors.Wrap(err, "validate")
+		}
+		return &request, rawBody, close, nil
+	default:
+		return req, rawBody, close, validate.InvalidContentType(ct)
+	}
+}
+
 func (s *Server) decodeReleaseSubmissionsRequest(r *http.Request) (
 	req []ReleaseInfo,
 	rawBody []byte,
@@ -1021,3 +1100,82 @@ func (s *Server) decodeUpdateScriptPolicyRequest(r *http.Request) (
 		return req, rawBody, close, validate.InvalidContentType(ct)
 	}
 }
+
+func (s *Server) decodeUpdateSubmissionReviewRequest(r *http.Request) (
+	req *SubmissionReviewCreate,
+	rawBody []byte,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = errors.Join(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = errors.Join(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, rawBody, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, rawBody, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		defer func() {
+			_ = r.Body.Close()
+		}()
+		if err != nil {
+			return req, rawBody, close, err
+		}
+
+		// Reset the body to allow for downstream reading.
+		r.Body = io.NopCloser(bytes.NewBuffer(buf))
+
+		if len(buf) == 0 {
+			return req, rawBody, close, validate.ErrBodyRequired
+		}
+
+		rawBody = append(rawBody, buf...)
+		d := jx.DecodeBytes(buf)
+
+		var request SubmissionReviewCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, rawBody, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, rawBody, close, errors.Wrap(err, "validate")
+		}
+		return &request, rawBody, close, nil
+	default:
+		return req, rawBody, close, validate.InvalidContentType(ct)
+	}
+}

pkg/api/oas_request_encoders_gen.go

@@ -142,6 +142,20 @@ func encodeCreateSubmissionAuditCommentRequest(
 	return nil
 }
 
+func encodeCreateSubmissionReviewRequest(
+	req *SubmissionReviewCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
 func encodeReleaseSubmissionsRequest(
 	req []ReleaseInfo,
 	r *http.Request,
@@ -197,3 +211,17 @@ func encodeUpdateScriptPolicyRequest(
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
+
+func encodeUpdateSubmissionReviewRequest(
+	req *SubmissionReviewCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}

pkg/api/oas_response_decoders_gen.go

@@ -2358,6 +2358,107 @@ func decodeCreateSubmissionAuditCommentResponse(resp *http.Response) (res *Creat
 	return res, errors.Wrap(defRes, "error")
 }
 
+func decodeCreateSubmissionReviewResponse(resp *http.Response) (res *SubmissionReview, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response SubmissionReview
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeDeleteScriptResponse(resp *http.Response) (res *DeleteScriptNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -2554,6 +2655,334 @@ func decodeDownloadMapAssetResponse(resp *http.Response) (res DownloadMapAssetOK
 	return res, errors.Wrap(defRes, "error")
 }
 
+func decodeGetAOREventResponse(resp *http.Response) (res *AOREvent, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response AOREvent
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeGetAOREventSubmissionsResponse(resp *http.Response) (res []Submission, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []Submission
+			if err := func() error {
+				response = make([]Submission, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem Submission
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeGetActiveAOREventResponse(resp *http.Response) (res *AOREvent, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response AOREvent
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeGetAssetThumbnailResponse(resp *http.Response) (res *GetAssetThumbnailFound, _ error) {
 	switch resp.StatusCode {
 	case 302:
@@ -3459,6 +3888,132 @@ func decodeGetUserThumbnailResponse(resp *http.Response) (res *GetUserThumbnailF
 	return res, errors.Wrap(defRes, "error")
 }
 
+func decodeListAOREventsResponse(resp *http.Response) (res []AOREvent, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []AOREvent
+			if err := func() error {
+				response = make([]AOREvent, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem AOREvent
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeListMapfixAuditEventsResponse(resp *http.Response) (res []AuditEvent, _ error) {
 	switch resp.StatusCode {
 	case 200:
@@ -4190,6 +4745,132 @@ func decodeListSubmissionAuditEventsResponse(resp *http.Response) (res []AuditEv
 	return res, errors.Wrap(defRes, "error")
 }
 
+func decodeListSubmissionReviewsResponse(resp *http.Response) (res []SubmissionReview, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []SubmissionReview
+			if err := func() error {
+				response = make([]SubmissionReview, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem SubmissionReview
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeListSubmissionsResponse(resp *http.Response) (res *Submissions, _ error) {
 	switch resp.StatusCode {
 	case 200:
@@ -5107,3 +5788,104 @@ func decodeUpdateSubmissionModelResponse(resp *http.Response) (res *UpdateSubmis
 	}
 	return res, errors.Wrap(defRes, "error")
 }
+
+func decodeUpdateSubmissionReviewResponse(resp *http.Response) (res *SubmissionReview, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response SubmissionReview
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}

pkg/api/oas_response_encoders_gen.go

@@ -309,6 +309,20 @@ func encodeCreateSubmissionAuditCommentResponse(response *CreateSubmissionAuditC
 	return nil
 }
 
+func encodeCreateSubmissionReviewResponse(response *SubmissionReview, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeDeleteScriptResponse(response *DeleteScriptNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -339,6 +353,52 @@ func encodeDownloadMapAssetResponse(response DownloadMapAssetOK, w http.Response
 	return nil
 }
 
+func encodeGetAOREventResponse(response *AOREvent, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetAOREventSubmissionsResponse(response []Submission, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetActiveAOREventResponse(response *AOREvent, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeGetAssetThumbnailResponse(response *GetAssetThumbnailFound, w http.ResponseWriter, span trace.Span) error {
 	// Encoding response headers.
 	{
@@ -489,6 +549,24 @@ func encodeGetUserThumbnailResponse(response *GetUserThumbnailFound, w http.Resp
 	return nil
 }
 
+func encodeListAOREventsResponse(response []AOREvent, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeListMapfixAuditEventsResponse(response []AuditEvent, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -593,6 +671,24 @@ func encodeListSubmissionAuditEventsResponse(response []AuditEvent, w http.Respo
 	return nil
 }
 
+func encodeListSubmissionReviewsResponse(response []SubmissionReview, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeListSubmissionsResponse(response *Submissions, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -712,6 +808,20 @@ func encodeUpdateSubmissionModelResponse(response *UpdateSubmissionModelNoConten
 	return nil
 }
 
+func encodeUpdateSubmissionReviewResponse(response *SubmissionReview, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeErrorResponse(response *ErrorStatusCode, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	code := response.StatusCode

pkg/api/oas_router_gen.go

@@ -40,7 +40,7 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		s.notFound(w, r)
 		return
 	}
-	args := [1]string{}
+	args := [2]string{}
 
 	// Static code generated router with unwrapped path search.
 	switch {
@@ -61,6 +61,107 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				break
 			}
 			switch elem[0] {
+			case 'a': // Prefix: "aor-events"
+
+				if l := len("aor-events"); len(elem) >= l && elem[0:l] == "aor-events" {
+					elem = elem[l:]
+				} else {
+					break
+				}
+
+				if len(elem) == 0 {
+					switch r.Method {
+					case "GET":
+						s.handleListAOREventsRequest([0]string{}, elemIsEscaped, w, r)
+					default:
+						s.notAllowed(w, r, "GET")
+					}
+
+					return
+				}
+				switch elem[0] {
+				case '/': // Prefix: "/"
+
+					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+						elem = elem[l:]
+					} else {
+						break
+					}
+
+					if len(elem) == 0 {
+						break
+					}
+					switch elem[0] {
+					case 'a': // Prefix: "active"
+						origElem := elem
+						if l := len("active"); len(elem) >= l && elem[0:l] == "active" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						if len(elem) == 0 {
+							// Leaf node.
+							switch r.Method {
+							case "GET":
+								s.handleGetActiveAOREventRequest([0]string{}, elemIsEscaped, w, r)
+							default:
+								s.notAllowed(w, r, "GET")
+							}
+
+							return
+						}
+
+						elem = origElem
+					}
+					// Param: "AOREventID"
+					// Match until "/"
+					idx := strings.IndexByte(elem, '/')
+					if idx < 0 {
+						idx = len(elem)
+					}
+					args[0] = elem[:idx]
+					elem = elem[idx:]
+
+					if len(elem) == 0 {
+						switch r.Method {
+						case "GET":
+							s.handleGetAOREventRequest([1]string{
+								args[0],
+							}, elemIsEscaped, w, r)
+						default:
+							s.notAllowed(w, r, "GET")
+						}
+
+						return
+					}
+					switch elem[0] {
+					case '/': // Prefix: "/submissions"
+
+						if l := len("/submissions"); len(elem) >= l && elem[0:l] == "/submissions" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						if len(elem) == 0 {
+							// Leaf node.
+							switch r.Method {
+							case "GET":
+								s.handleGetAOREventSubmissionsRequest([1]string{
+									args[0],
+								}, elemIsEscaped, w, r)
+							default:
+								s.notAllowed(w, r, "GET")
+							}
+
+							return
+						}
+
+					}
+
+				}
+
 			case 'm': // Prefix: "map"
 
 				if l := len("map"); len(elem) >= l && elem[0:l] == "map" {
@@ -1166,6 +1267,65 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 									return
 								}
 
+							case 'r': // Prefix: "reviews"
+
+								if l := len("reviews"); len(elem) >= l && elem[0:l] == "reviews" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									switch r.Method {
+									case "GET":
+										s.handleListSubmissionReviewsRequest([1]string{
+											args[0],
+										}, elemIsEscaped, w, r)
+									case "POST":
+										s.handleCreateSubmissionReviewRequest([1]string{
+											args[0],
+										}, elemIsEscaped, w, r)
+									default:
+										s.notAllowed(w, r, "GET,POST")
+									}
+
+									return
+								}
+								switch elem[0] {
+								case '/': // Prefix: "/"
+
+									if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+										elem = elem[l:]
+									} else {
+										break
+									}
+
+									// Param: "ReviewID"
+									// Leaf parameter, slashes are prohibited
+									idx := strings.IndexByte(elem, '/')
+									if idx >= 0 {
+										break
+									}
+									args[1] = elem
+									elem = ""
+
+									if len(elem) == 0 {
+										// Leaf node.
+										switch r.Method {
+										case "PATCH":
+											s.handleUpdateSubmissionReviewRequest([2]string{
+												args[0],
+												args[1],
+											}, elemIsEscaped, w, r)
+										default:
+											s.notAllowed(w, r, "PATCH")
+										}
+
+										return
+									}
+
+								}
+
 							case 's': // Prefix: "status/"
 
 								if l := len("status/"); len(elem) >= l && elem[0:l] == "status/" {
@@ -1652,7 +1812,7 @@ type Route struct {
 	operationGroup string
 	pathPattern    string
 	count          int
-	args           [1]string
+	args           [2]string
 }
 
 // Name returns ogen operation name.
@@ -1737,6 +1897,123 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 				break
 			}
 			switch elem[0] {
+			case 'a': // Prefix: "aor-events"
+
+				if l := len("aor-events"); len(elem) >= l && elem[0:l] == "aor-events" {
+					elem = elem[l:]
+				} else {
+					break
+				}
+
+				if len(elem) == 0 {
+					switch method {
+					case "GET":
+						r.name = ListAOREventsOperation
+						r.summary = "Get list of AOR events"
+						r.operationID = "listAOREvents"
+						r.operationGroup = ""
+						r.pathPattern = "/aor-events"
+						r.args = args
+						r.count = 0
+						return r, true
+					default:
+						return
+					}
+				}
+				switch elem[0] {
+				case '/': // Prefix: "/"
+
+					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+						elem = elem[l:]
+					} else {
+						break
+					}
+
+					if len(elem) == 0 {
+						break
+					}
+					switch elem[0] {
+					case 'a': // Prefix: "active"
+						origElem := elem
+						if l := len("active"); len(elem) >= l && elem[0:l] == "active" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						if len(elem) == 0 {
+							// Leaf node.
+							switch method {
+							case "GET":
+								r.name = GetActiveAOREventOperation
+								r.summary = "Get the currently active AOR event"
+								r.operationID = "getActiveAOREvent"
+								r.operationGroup = ""
+								r.pathPattern = "/aor-events/active"
+								r.args = args
+								r.count = 0
+								return r, true
+							default:
+								return
+							}
+						}
+
+						elem = origElem
+					}
+					// Param: "AOREventID"
+					// Match until "/"
+					idx := strings.IndexByte(elem, '/')
+					if idx < 0 {
+						idx = len(elem)
+					}
+					args[0] = elem[:idx]
+					elem = elem[idx:]
+
+					if len(elem) == 0 {
+						switch method {
+						case "GET":
+							r.name = GetAOREventOperation
+							r.summary = "Get a specific AOR event"
+							r.operationID = "getAOREvent"
+							r.operationGroup = ""
+							r.pathPattern = "/aor-events/{AOREventID}"
+							r.args = args
+							r.count = 1
+							return r, true
+						default:
+							return
+						}
+					}
+					switch elem[0] {
+					case '/': // Prefix: "/submissions"
+
+						if l := len("/submissions"); len(elem) >= l && elem[0:l] == "/submissions" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						if len(elem) == 0 {
+							// Leaf node.
+							switch method {
+							case "GET":
+								r.name = GetAOREventSubmissionsOperation
+								r.summary = "Get all submissions for a specific AOR event"
+								r.operationID = "getAOREventSubmissions"
+								r.operationGroup = ""
+								r.pathPattern = "/aor-events/{AOREventID}/submissions"
+								r.args = args
+								r.count = 1
+								return r, true
+							default:
+								return
+							}
+						}
+
+					}
+
+				}
+
 			case 'm': // Prefix: "map"
 
 				if l := len("map"); len(elem) >= l && elem[0:l] == "map" {
@@ -3032,6 +3309,75 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 									}
 								}
 
+							case 'r': // Prefix: "reviews"
+
+								if l := len("reviews"); len(elem) >= l && elem[0:l] == "reviews" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									switch method {
+									case "GET":
+										r.name = ListSubmissionReviewsOperation
+										r.summary = "Get all reviews for a submission"
+										r.operationID = "listSubmissionReviews"
+										r.operationGroup = ""
+										r.pathPattern = "/submissions/{SubmissionID}/reviews"
+										r.args = args
+										r.count = 1
+										return r, true
+									case "POST":
+										r.name = CreateSubmissionReviewOperation
+										r.summary = "Create a review for a submission"
+										r.operationID = "createSubmissionReview"
+										r.operationGroup = ""
+										r.pathPattern = "/submissions/{SubmissionID}/reviews"
+										r.args = args
+										r.count = 1
+										return r, true
+									default:
+										return
+									}
+								}
+								switch elem[0] {
+								case '/': // Prefix: "/"
+
+									if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+										elem = elem[l:]
+									} else {
+										break
+									}
+
+									// Param: "ReviewID"
+									// Leaf parameter, slashes are prohibited
+									idx := strings.IndexByte(elem, '/')
+									if idx >= 0 {
+										break
+									}
+									args[1] = elem
+									elem = ""
+
+									if len(elem) == 0 {
+										// Leaf node.
+										switch method {
+										case "PATCH":
+											r.name = UpdateSubmissionReviewOperation
+											r.summary = "Update an existing review"
+											r.operationID = "updateSubmissionReview"
+											r.operationGroup = ""
+											r.pathPattern = "/submissions/{SubmissionID}/reviews/{ReviewID}"
+											r.args = args
+											r.count = 2
+											return r, true
+										default:
+											return
+										}
+									}
+
+								}
+
 							case 's': // Prefix: "status/"
 
 								if l := len("status/"); len(elem) >= l && elem[0:l] == "status/" {

pkg/api/oas_schemas_gen.go

@@ -15,6 +15,104 @@ func (s *ErrorStatusCode) Error() string {
 	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
 }
 
+// Ref: #/components/schemas/AOREvent
+type AOREvent struct {
+	ID int64 `json:"ID"`
+	// Unix timestamp for the 1st day of AOR month.
+	StartDate int64 `json:"StartDate"`
+	// Unix timestamp when submissions are frozen.
+	FreezeDate int64 `json:"FreezeDate"`
+	// Unix timestamp when automatic selection occurs (end of week 1).
+	SelectionDate int64 `json:"SelectionDate"`
+	// Unix timestamp when final accept/reject decisions are made (end of month).
+	DecisionDate int64 `json:"DecisionDate"`
+	// AOR Event Status: * `0` - Scheduled * `1` - Open * `2` - Frozen * `3` - Selected * `4` - Completed
+	// * `5` - Closed.
+	Status    int32 `json:"Status"`
+	CreatedAt int64 `json:"CreatedAt"`
+	UpdatedAt int64 `json:"UpdatedAt"`
+}
+
+// GetID returns the value of ID.
+func (s *AOREvent) GetID() int64 {
+	return s.ID
+}
+
+// GetStartDate returns the value of StartDate.
+func (s *AOREvent) GetStartDate() int64 {
+	return s.StartDate
+}
+
+// GetFreezeDate returns the value of FreezeDate.
+func (s *AOREvent) GetFreezeDate() int64 {
+	return s.FreezeDate
+}
+
+// GetSelectionDate returns the value of SelectionDate.
+func (s *AOREvent) GetSelectionDate() int64 {
+	return s.SelectionDate
+}
+
+// GetDecisionDate returns the value of DecisionDate.
+func (s *AOREvent) GetDecisionDate() int64 {
+	return s.DecisionDate
+}
+
+// GetStatus returns the value of Status.
+func (s *AOREvent) GetStatus() int32 {
+	return s.Status
+}
+
+// GetCreatedAt returns the value of CreatedAt.
+func (s *AOREvent) GetCreatedAt() int64 {
+	return s.CreatedAt
+}
+
+// GetUpdatedAt returns the value of UpdatedAt.
+func (s *AOREvent) GetUpdatedAt() int64 {
+	return s.UpdatedAt
+}
+
+// SetID sets the value of ID.
+func (s *AOREvent) SetID(val int64) {
+	s.ID = val
+}
+
+// SetStartDate sets the value of StartDate.
+func (s *AOREvent) SetStartDate(val int64) {
+	s.StartDate = val
+}
+
+// SetFreezeDate sets the value of FreezeDate.
+func (s *AOREvent) SetFreezeDate(val int64) {
+	s.FreezeDate = val
+}
+
+// SetSelectionDate sets the value of SelectionDate.
+func (s *AOREvent) SetSelectionDate(val int64) {
+	s.SelectionDate = val
+}
+
+// SetDecisionDate sets the value of DecisionDate.
+func (s *AOREvent) SetDecisionDate(val int64) {
+	s.DecisionDate = val
+}
+
+// SetStatus sets the value of Status.
+func (s *AOREvent) SetStatus(val int32) {
+	s.Status = val
+}
+
+// SetCreatedAt sets the value of CreatedAt.
+func (s *AOREvent) SetCreatedAt(val int64) {
+	s.CreatedAt = val
+}
+
+// SetUpdatedAt sets the value of UpdatedAt.
+func (s *AOREvent) SetUpdatedAt(val int64) {
+	s.UpdatedAt = val
+}
+
 // ActionMapfixAcceptedNoContent is response for ActionMapfixAccepted operation.
 type ActionMapfixAcceptedNoContent struct{}
 
@@ -2234,6 +2332,129 @@ func (s *Submission) SetStatusID(val int32) {
 	s.StatusID = val
 }
 
+// Ref: #/components/schemas/SubmissionReview
+type SubmissionReview struct {
+	ID           int64 `json:"ID"`
+	SubmissionID int64 `json:"SubmissionID"`
+	ReviewerID   int64 `json:"ReviewerID"`
+	// Whether the reviewer recommends accepting the submission.
+	Recommend bool `json:"Recommend"`
+	// Text description of the review reasoning.
+	Description string `json:"Description"`
+	// Flag indicating if the review is outdated due to submission changes.
+	Outdated  bool  `json:"Outdated"`
+	CreatedAt int64 `json:"CreatedAt"`
+	UpdatedAt int64 `json:"UpdatedAt"`
+}
+
+// GetID returns the value of ID.
+func (s *SubmissionReview) GetID() int64 {
+	return s.ID
+}
+
+// GetSubmissionID returns the value of SubmissionID.
+func (s *SubmissionReview) GetSubmissionID() int64 {
+	return s.SubmissionID
+}
+
+// GetReviewerID returns the value of ReviewerID.
+func (s *SubmissionReview) GetReviewerID() int64 {
+	return s.ReviewerID
+}
+
+// GetRecommend returns the value of Recommend.
+func (s *SubmissionReview) GetRecommend() bool {
+	return s.Recommend
+}
+
+// GetDescription returns the value of Description.
+func (s *SubmissionReview) GetDescription() string {
+	return s.Description
+}
+
+// GetOutdated returns the value of Outdated.
+func (s *SubmissionReview) GetOutdated() bool {
+	return s.Outdated
+}
+
+// GetCreatedAt returns the value of CreatedAt.
+func (s *SubmissionReview) GetCreatedAt() int64 {
+	return s.CreatedAt
+}
+
+// GetUpdatedAt returns the value of UpdatedAt.
+func (s *SubmissionReview) GetUpdatedAt() int64 {
+	return s.UpdatedAt
+}
+
+// SetID sets the value of ID.
+func (s *SubmissionReview) SetID(val int64) {
+	s.ID = val
+}
+
+// SetSubmissionID sets the value of SubmissionID.
+func (s *SubmissionReview) SetSubmissionID(val int64) {
+	s.SubmissionID = val
+}
+
+// SetReviewerID sets the value of ReviewerID.
+func (s *SubmissionReview) SetReviewerID(val int64) {
+	s.ReviewerID = val
+}
+
+// SetRecommend sets the value of Recommend.
+func (s *SubmissionReview) SetRecommend(val bool) {
+	s.Recommend = val
+}
+
+// SetDescription sets the value of Description.
+func (s *SubmissionReview) SetDescription(val string) {
+	s.Description = val
+}
+
+// SetOutdated sets the value of Outdated.
+func (s *SubmissionReview) SetOutdated(val bool) {
+	s.Outdated = val
+}
+
+// SetCreatedAt sets the value of CreatedAt.
+func (s *SubmissionReview) SetCreatedAt(val int64) {
+	s.CreatedAt = val
+}
+
+// SetUpdatedAt sets the value of UpdatedAt.
+func (s *SubmissionReview) SetUpdatedAt(val int64) {
+	s.UpdatedAt = val
+}
+
+// Ref: #/components/schemas/SubmissionReviewCreate
+type SubmissionReviewCreate struct {
+	// Whether the reviewer recommends accepting the submission.
+	Recommend bool `json:"Recommend"`
+	// Text description of the review reasoning.
+	Description string `json:"Description"`
+}
+
+// GetRecommend returns the value of Recommend.
+func (s *SubmissionReviewCreate) GetRecommend() bool {
+	return s.Recommend
+}
+
+// GetDescription returns the value of Description.
+func (s *SubmissionReviewCreate) GetDescription() string {
+	return s.Description
+}
+
+// SetRecommend sets the value of Recommend.
+func (s *SubmissionReviewCreate) SetRecommend(val bool) {
+	s.Recommend = val
+}
+
+// SetDescription sets the value of Description.
+func (s *SubmissionReviewCreate) SetDescription(val string) {
+	s.Description = val
+}
+
 // Ref: #/components/schemas/SubmissionTriggerCreate
 type SubmissionTriggerCreate struct {
 	AssetID     int64  `json:"AssetID"`

pkg/api/oas_security_gen.go

@@ -64,10 +64,12 @@ var operationRolesCookieAuth = map[string][]string{
 	CreateSubmissionOperation:                       []string{},
 	CreateSubmissionAdminOperation:                  []string{},
 	CreateSubmissionAuditCommentOperation:           []string{},
+	CreateSubmissionReviewOperation:                 []string{},
 	DeleteScriptOperation:                           []string{},
 	DeleteScriptPolicyOperation:                     []string{},
 	DownloadMapAssetOperation:                       []string{},
 	GetOperationOperation:                           []string{},
+	ListSubmissionReviewsOperation:                  []string{},
 	ReleaseSubmissionsOperation:                     []string{},
 	SessionRolesOperation:                           []string{},
 	SessionUserOperation:                            []string{},
@@ -79,6 +81,7 @@ var operationRolesCookieAuth = map[string][]string{
 	UpdateScriptOperation:                           []string{},
 	UpdateScriptPolicyOperation:                     []string{},
 	UpdateSubmissionModelOperation:                  []string{},
+	UpdateSubmissionReviewOperation:                 []string{},
 }
 
 func (s *Server) securityCookieAuth(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {

pkg/api/oas_server_gen.go

@@ -215,6 +215,12 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/comment
 	CreateSubmissionAuditComment(ctx context.Context, req CreateSubmissionAuditCommentReq, params CreateSubmissionAuditCommentParams) error
+	// CreateSubmissionReview implements createSubmissionReview operation.
+	//
+	// Create a review for a submission.
+	//
+	// POST /submissions/{SubmissionID}/reviews
+	CreateSubmissionReview(ctx context.Context, req *SubmissionReviewCreate, params CreateSubmissionReviewParams) (*SubmissionReview, error)
 	// DeleteScript implements deleteScript operation.
 	//
 	// Delete the specified script by ID.
@@ -233,6 +239,24 @@ type Handler interface {
 	//
 	// GET /maps/{MapID}/download
 	DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (DownloadMapAssetOK, error)
+	// GetAOREvent implements getAOREvent operation.
+	//
+	// Get a specific AOR event.
+	//
+	// GET /aor-events/{AOREventID}
+	GetAOREvent(ctx context.Context, params GetAOREventParams) (*AOREvent, error)
+	// GetAOREventSubmissions implements getAOREventSubmissions operation.
+	//
+	// Get all submissions for a specific AOR event.
+	//
+	// GET /aor-events/{AOREventID}/submissions
+	GetAOREventSubmissions(ctx context.Context, params GetAOREventSubmissionsParams) ([]Submission, error)
+	// GetActiveAOREvent implements getActiveAOREvent operation.
+	//
+	// Get the currently active AOR event.
+	//
+	// GET /aor-events/active
+	GetActiveAOREvent(ctx context.Context) (*AOREvent, error)
 	// GetAssetThumbnail implements getAssetThumbnail operation.
 	//
 	// Get single asset thumbnail.
@@ -287,6 +311,12 @@ type Handler interface {
 	//
 	// GET /thumbnails/user/{UserID}
 	GetUserThumbnail(ctx context.Context, params GetUserThumbnailParams) (*GetUserThumbnailFound, error)
+	// ListAOREvents implements listAOREvents operation.
+	//
+	// Get list of AOR events.
+	//
+	// GET /aor-events
+	ListAOREvents(ctx context.Context, params ListAOREventsParams) ([]AOREvent, error)
 	// ListMapfixAuditEvents implements listMapfixAuditEvents operation.
 	//
 	// Retrieve a list of audit events.
@@ -323,6 +353,12 @@ type Handler interface {
 	//
 	// GET /submissions/{SubmissionID}/audit-events
 	ListSubmissionAuditEvents(ctx context.Context, params ListSubmissionAuditEventsParams) ([]AuditEvent, error)
+	// ListSubmissionReviews implements listSubmissionReviews operation.
+	//
+	// Get all reviews for a submission.
+	//
+	// GET /submissions/{SubmissionID}/reviews
+	ListSubmissionReviews(ctx context.Context, params ListSubmissionReviewsParams) ([]SubmissionReview, error)
 	// ListSubmissions implements listSubmissions operation.
 	//
 	// Get list of submissions.
@@ -395,6 +431,12 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/model
 	UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error
+	// UpdateSubmissionReview implements updateSubmissionReview operation.
+	//
+	// Update an existing review.
+	//
+	// PATCH /submissions/{SubmissionID}/reviews/{ReviewID}
+	UpdateSubmissionReview(ctx context.Context, req *SubmissionReviewCreate, params UpdateSubmissionReviewParams) (*SubmissionReview, error)
 	// NewError creates *ErrorStatusCode from error returned by handler.
 	//
 	// Used for common default response.

pkg/api/oas_unimplemented_gen.go

@@ -322,6 +322,15 @@ func (UnimplementedHandler) CreateSubmissionAuditComment(ctx context.Context, re
 	return ht.ErrNotImplemented
 }
 
+// CreateSubmissionReview implements createSubmissionReview operation.
+//
+// Create a review for a submission.
+//
+// POST /submissions/{SubmissionID}/reviews
+func (UnimplementedHandler) CreateSubmissionReview(ctx context.Context, req *SubmissionReviewCreate, params CreateSubmissionReviewParams) (r *SubmissionReview, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
@@ -349,6 +358,33 @@ func (UnimplementedHandler) DownloadMapAsset(ctx context.Context, params Downloa
 	return r, ht.ErrNotImplemented
 }
 
+// GetAOREvent implements getAOREvent operation.
+//
+// Get a specific AOR event.
+//
+// GET /aor-events/{AOREventID}
+func (UnimplementedHandler) GetAOREvent(ctx context.Context, params GetAOREventParams) (r *AOREvent, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetAOREventSubmissions implements getAOREventSubmissions operation.
+//
+// Get all submissions for a specific AOR event.
+//
+// GET /aor-events/{AOREventID}/submissions
+func (UnimplementedHandler) GetAOREventSubmissions(ctx context.Context, params GetAOREventSubmissionsParams) (r []Submission, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetActiveAOREvent implements getActiveAOREvent operation.
+//
+// Get the currently active AOR event.
+//
+// GET /aor-events/active
+func (UnimplementedHandler) GetActiveAOREvent(ctx context.Context) (r *AOREvent, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // GetAssetThumbnail implements getAssetThumbnail operation.
 //
 // Get single asset thumbnail.
@@ -430,6 +466,15 @@ func (UnimplementedHandler) GetUserThumbnail(ctx context.Context, params GetUser
 	return r, ht.ErrNotImplemented
 }
 
+// ListAOREvents implements listAOREvents operation.
+//
+// Get list of AOR events.
+//
+// GET /aor-events
+func (UnimplementedHandler) ListAOREvents(ctx context.Context, params ListAOREventsParams) (r []AOREvent, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // ListMapfixAuditEvents implements listMapfixAuditEvents operation.
 //
 // Retrieve a list of audit events.
@@ -484,6 +529,15 @@ func (UnimplementedHandler) ListSubmissionAuditEvents(ctx context.Context, param
 	return r, ht.ErrNotImplemented
 }
 
+// ListSubmissionReviews implements listSubmissionReviews operation.
+//
+// Get all reviews for a submission.
+//
+// GET /submissions/{SubmissionID}/reviews
+func (UnimplementedHandler) ListSubmissionReviews(ctx context.Context, params ListSubmissionReviewsParams) (r []SubmissionReview, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // ListSubmissions implements listSubmissions operation.
 //
 // Get list of submissions.
@@ -592,6 +646,15 @@ func (UnimplementedHandler) UpdateSubmissionModel(ctx context.Context, params Up
 	return ht.ErrNotImplemented
 }
 
+// UpdateSubmissionReview implements updateSubmissionReview operation.
+//
+// Update an existing review.
+//
+// PATCH /submissions/{SubmissionID}/reviews/{ReviewID}
+func (UnimplementedHandler) UpdateSubmissionReview(ctx context.Context, req *SubmissionReviewCreate, params UpdateSubmissionReviewParams) (r *SubmissionReview, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // NewError creates *ErrorStatusCode from error returned by handler.
 //
 // Used for common default response.

pkg/api/oas_validators_gen.go

@@ -9,6 +9,39 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 
+func (s *AOREvent) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        true,
+			Max:           5,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.Status)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Status",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
 func (s *AuditEvent) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
@@ -2311,6 +2344,181 @@ func (s *Submission) Validate() error {
 	return nil
 }
 
+func (s *SubmissionReview) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.ID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.SubmissionID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "SubmissionID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.ReviewerID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ReviewerID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:     0,
+			MinLengthSet:  false,
+			MaxLength:     2048,
+			MaxLengthSet:  true,
+			Email:         false,
+			Hostname:      false,
+			Regex:         nil,
+			MinNumeric:    0,
+			MinNumericSet: false,
+			MaxNumeric:    0,
+			MaxNumericSet: false,
+		}).Validate(string(s.Description)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Description",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.CreatedAt)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "CreatedAt",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+			Pattern:       nil,
+		}).Validate(int64(s.UpdatedAt)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "UpdatedAt",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *SubmissionReviewCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:     0,
+			MinLengthSet:  false,
+			MaxLength:     2048,
+			MaxLengthSet:  true,
+			Email:         false,
+			Hostname:      false,
+			Regex:         nil,
+			MinNumeric:    0,
+			MinNumericSet: false,
+			MaxNumeric:    0,
+			MaxNumericSet: false,
+		}).Validate(string(s.Description)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Description",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
 func (s *SubmissionTriggerCreate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer

pkg/cmds/aor.go

@@ -0,0 +1,75 @@
+package cmds
+
+import (
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore/gormstore"
+	"git.itzana.me/strafesnet/maps-service/pkg/service"
+	log "github.com/sirupsen/logrus"
+	"github.com/urfave/cli/v2"
+)
+
+func NewAORCommand() *cli.Command {
+	return &cli.Command{
+		Name:   "aor",
+		Usage:  "Run AOR (Accept or Reject) event processor",
+		Action: runAORProcessor,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:     "pg-host",
+				Usage:    "Host of postgres database",
+				EnvVars:  []string{"PG_HOST"},
+				Required: true,
+			},
+			&cli.IntFlag{
+				Name:     "pg-port",
+				Usage:    "Port of postgres database",
+				EnvVars:  []string{"PG_PORT"},
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:     "pg-db",
+				Usage:    "Name of database to connect to",
+				EnvVars:  []string{"PG_DB"},
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:     "pg-user",
+				Usage:    "User to connect with",
+				EnvVars:  []string{"PG_USER"},
+				Required: true,
+			},
+			&cli.StringFlag{
+				Name:     "pg-password",
+				Usage:    "Password to connect with",
+				EnvVars:  []string{"PG_PASSWORD"},
+				Required: true,
+			},
+			&cli.BoolFlag{
+				Name:    "migrate",
+				Usage:   "Run database migrations",
+				Value:   false,
+				EnvVars: []string{"MIGRATE"},
+			},
+		},
+	}
+}
+
+func runAORProcessor(ctx *cli.Context) error {
+	log.Info("Starting AOR event processor")
+
+	// Connect to database
+	db, err := gormstore.New(ctx)
+	if err != nil {
+		log.WithError(err).Fatal("failed to connect database")
+		return err
+	}
+
+	// Create scheduler and process events
+	scheduler := service.NewAORScheduler(db)
+	if err := scheduler.ProcessAOREvents(); err != nil {
+		log.WithError(err).Error("AOR event processing failed")
+		return err
+	}
+
+	log.Info("AOR event processor completed successfully")
+	return nil
+}

pkg/cmds/serve.go

@@ -8,8 +8,6 @@ import (
 	"git.itzana.me/strafesnet/go-grpc/auth"
 	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/go-grpc/maps_extended"
-	"git.itzana.me/strafesnet/go-grpc/mapfixes"
-	"git.itzana.me/strafesnet/go-grpc/submissions"
 	"git.itzana.me/strafesnet/go-grpc/users"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
@@ -206,11 +204,7 @@ func serve(ctx *cli.Context) error {
 	grpcServer := grpc.NewServer()
 
 	maps_controller := controller.NewMapsController(&svc_inner)
-	mapfixes_controller := controller.NewMapfixesController(&svc_inner)
-	submissions_controller := controller.NewSubmissionsController(&svc_inner)
 	maps_extended.RegisterMapsServiceServer(grpcServer,&maps_controller)
-	mapfixes.RegisterMapfixesServiceServer(grpcServer,&mapfixes_controller)
-	submissions.RegisterSubmissionsServiceServer(grpcServer,&submissions_controller)
 
 	mapfix_controller := validator_controller.NewMapfixesController(&svc_inner)
 	operation_controller := validator_controller.NewOperationsController(&svc_inner)

pkg/controller/mapfixes.go

@@ -1,149 +0,0 @@
-package controller
-
-import (
-	"context"
-
-	"git.itzana.me/strafesnet/go-grpc/mapfixes"
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	"git.itzana.me/strafesnet/maps-service/pkg/model"
-	"git.itzana.me/strafesnet/maps-service/pkg/service"
-)
-
-type Mapfixes struct {
-	*mapfixes.UnimplementedMapfixesServiceServer
-	inner *service.Service
-}
-
-func NewMapfixesController(
-	inner *service.Service,
-) Mapfixes {
-	return Mapfixes{
-		inner: inner,
-	}
-}
-
-func (svc *Mapfixes) Get(ctx context.Context, request *mapfixes.MapfixId) (*mapfixes.MapfixResponse, error) {
-	item, err := svc.inner.GetMapfix(ctx, request.ID)
-	if err != nil {
-		return nil, err
-	}
-
-	var validated_asset_id *uint64
-	if item.ValidatedAssetID != 0 {
-		validated_asset_id = &item.ValidatedAssetID
-	}
-	var validated_asset_version *uint64
-	if item.ValidatedAssetVersion != 0 {
-		validated_asset_version = &item.ValidatedAssetVersion
-	}
-	return &mapfixes.MapfixResponse{
-		ID:                    item.ID,
-		DisplayName:           item.DisplayName,
-		Creator:               item.Creator,
-		GameID:                uint32(item.GameID),
-		CreatedAt:             item.CreatedAt.Unix(),
-		UpdatedAt:             item.UpdatedAt.Unix(),
-		Submitter:             uint64(item.Submitter),
-		AssetVersion:          uint64(item.AssetVersion),
-		AssetID:               item.AssetID,
-		ValidatedAssetID:      validated_asset_id,
-		ValidatedAssetVersion: validated_asset_version,
-		TargetAssetID:         item.TargetAssetID,
-		StatusID:              mapfixes.MapfixStatus(item.StatusID),
-	}, nil
-}
-func (svc *Mapfixes) GetList(ctx context.Context, request *mapfixes.MapfixIdList) (*mapfixes.MapfixList, error) {
-	items, err := svc.inner.GetMapfixList(ctx, request.ID)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := mapfixes.MapfixList{}
-	resp.Mapfixes = make([]*mapfixes.MapfixResponse, len(items))
-	for i, item := range items {
-		var validated_asset_id *uint64
-		if item.ValidatedAssetID != 0 {
-			validated_asset_id = &item.ValidatedAssetID
-		}
-		var validated_asset_version *uint64
-		if item.ValidatedAssetVersion != 0 {
-			validated_asset_version = &item.ValidatedAssetVersion
-		}
-		resp.Mapfixes[i] = &mapfixes.MapfixResponse{
-			ID:                    item.ID,
-			DisplayName:           item.DisplayName,
-			Creator:               item.Creator,
-			GameID:                uint32(item.GameID),
-			CreatedAt:             item.CreatedAt.Unix(),
-			UpdatedAt:             item.UpdatedAt.Unix(),
-			Submitter:             uint64(item.Submitter),
-			AssetVersion:          uint64(item.AssetVersion),
-			AssetID:               item.AssetID,
-			ValidatedAssetID:      validated_asset_id,
-			ValidatedAssetVersion: validated_asset_version,
-			TargetAssetID:         item.TargetAssetID,
-			StatusID:              mapfixes.MapfixStatus(item.StatusID),
-		}
-	}
-
-	return &resp, nil
-}
-func (svc *Mapfixes) List(ctx context.Context, request *mapfixes.ListRequest) (*mapfixes.MapfixList, error) {
-	if request.Page == nil {
-		return nil, PageError
-	}
-
-	filter := service.NewMapfixFilter()
-	if request.Filter != nil {
-		if request.Filter.DisplayName != nil {
-			filter.SetDisplayName(*request.Filter.DisplayName)
-		}
-		if request.Filter.Creator != nil {
-			filter.SetCreator(*request.Filter.Creator)
-		}
-		if request.Filter.GameID != nil {
-			filter.SetGameID(*request.Filter.GameID)
-		}
-		if request.Filter.Submitter != nil {
-			filter.SetSubmitter(*request.Filter.Submitter)
-		}
-	}
-
-	items, err := svc.inner.ListMapfixes(ctx, filter, model.Page{
-		Number: int32(request.Page.Number),
-		Size:   int32(request.Page.Size),
-	}, datastore.ListSortDateDescending)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := mapfixes.MapfixList{}
-	resp.Mapfixes = make([]*mapfixes.MapfixResponse, len(items))
-	for i, item := range items {
-		var validated_asset_id *uint64
-		if item.ValidatedAssetID != 0 {
-			validated_asset_id = &item.ValidatedAssetID
-		}
-		var validated_asset_version *uint64
-		if item.ValidatedAssetVersion != 0 {
-			validated_asset_version = &item.ValidatedAssetVersion
-		}
-		resp.Mapfixes[i] = &mapfixes.MapfixResponse{
-			ID:                    item.ID,
-			DisplayName:           item.DisplayName,
-			Creator:               item.Creator,
-			GameID:                uint32(item.GameID),
-			CreatedAt:             item.CreatedAt.Unix(),
-			UpdatedAt:             item.UpdatedAt.Unix(),
-			Submitter:             uint64(item.Submitter),
-			AssetVersion:          uint64(item.AssetVersion),
-			AssetID:               item.AssetID,
-			ValidatedAssetID:      validated_asset_id,
-			ValidatedAssetVersion: validated_asset_version,
-			TargetAssetID:         item.TargetAssetID,
-			StatusID:              mapfixes.MapfixStatus(item.StatusID),
-		}
-	}
-
-	return &resp, nil
-}

pkg/controller/submissions.go

@@ -1,161 +0,0 @@
-package controller
-
-import (
-	"context"
-
-	"git.itzana.me/strafesnet/go-grpc/submissions"
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	"git.itzana.me/strafesnet/maps-service/pkg/model"
-	"git.itzana.me/strafesnet/maps-service/pkg/service"
-)
-
-type Submissions struct {
-	*submissions.UnimplementedSubmissionsServiceServer
-	inner *service.Service
-}
-
-func NewSubmissionsController(
-	inner *service.Service,
-) Submissions {
-	return Submissions{
-		inner: inner,
-	}
-}
-
-func (svc *Submissions) Get(ctx context.Context, request *submissions.SubmissionId) (*submissions.SubmissionResponse, error) {
-	item, err := svc.inner.GetSubmission(ctx, request.ID)
-	if err != nil {
-		return nil, err
-	}
-
-	var validated_asset_id *uint64
-	if item.ValidatedAssetID != 0 {
-		validated_asset_id = &item.ValidatedAssetID
-	}
-	var validated_asset_version *uint64
-	if item.ValidatedAssetVersion != 0 {
-		validated_asset_version = &item.ValidatedAssetVersion
-	}
-	var uploaded_asset_id *uint64
-	if item.UploadedAssetID != 0 {
-		uploaded_asset_id = &item.UploadedAssetID
-	}
-	return &submissions.SubmissionResponse{
-		ID:                    item.ID,
-		DisplayName:           item.DisplayName,
-		Creator:               item.Creator,
-		GameID:                uint32(item.GameID),
-		CreatedAt:             item.CreatedAt.Unix(),
-		UpdatedAt:             item.UpdatedAt.Unix(),
-		Submitter:             uint64(item.Submitter),
-		AssetVersion:          uint64(item.AssetVersion),
-		AssetID:               item.AssetID,
-		ValidatedAssetID:      validated_asset_id,
-		ValidatedAssetVersion: validated_asset_version,
-		UploadedAssetID:       uploaded_asset_id,
-		StatusID:              submissions.SubmissionStatus(item.StatusID),
-	}, nil
-}
-func (svc *Submissions) GetList(ctx context.Context, request *submissions.SubmissionIdList) (*submissions.SubmissionList, error) {
-	items, err := svc.inner.GetSubmissionList(ctx, request.ID)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := submissions.SubmissionList{}
-	resp.Submissions = make([]*submissions.SubmissionResponse, len(items))
-	for i, item := range items {
-		var validated_asset_id *uint64
-		if item.ValidatedAssetID != 0 {
-			validated_asset_id = &item.ValidatedAssetID
-		}
-		var validated_asset_version *uint64
-		if item.ValidatedAssetVersion != 0 {
-			validated_asset_version = &item.ValidatedAssetVersion
-		}
-		var uploaded_asset_id *uint64
-		if item.UploadedAssetID != 0 {
-			uploaded_asset_id = &item.UploadedAssetID
-		}
-		resp.Submissions[i] = &submissions.SubmissionResponse{
-			ID:                    item.ID,
-			DisplayName:           item.DisplayName,
-			Creator:               item.Creator,
-			GameID:                uint32(item.GameID),
-			CreatedAt:             item.CreatedAt.Unix(),
-			UpdatedAt:             item.UpdatedAt.Unix(),
-			Submitter:             uint64(item.Submitter),
-			AssetVersion:          uint64(item.AssetVersion),
-			AssetID:               item.AssetID,
-			ValidatedAssetID:      validated_asset_id,
-			ValidatedAssetVersion: validated_asset_version,
-			UploadedAssetID:       uploaded_asset_id,
-			StatusID:              submissions.SubmissionStatus(item.StatusID),
-		}
-	}
-
-	return &resp, nil
-}
-func (svc *Submissions) List(ctx context.Context, request *submissions.ListRequest) (*submissions.SubmissionList, error) {
-	if request.Page == nil {
-		return nil, PageError
-	}
-
-	filter := service.NewSubmissionFilter()
-	if request.Filter != nil {
-		if request.Filter.DisplayName != nil {
-			filter.SetDisplayName(*request.Filter.DisplayName)
-		}
-		if request.Filter.Creator != nil {
-			filter.SetCreator(*request.Filter.Creator)
-		}
-		if request.Filter.GameID != nil {
-			filter.SetGameID(*request.Filter.GameID)
-		}
-		if request.Filter.Submitter != nil {
-			filter.SetSubmitter(*request.Filter.Submitter)
-		}
-	}
-
-	items, err := svc.inner.ListSubmissions(ctx, filter, model.Page{
-		Number: int32(request.Page.Number),
-		Size:   int32(request.Page.Size),
-	}, datastore.ListSortDateDescending)
-	if err != nil {
-		return nil, err
-	}
-
-	resp := submissions.SubmissionList{}
-	resp.Submissions = make([]*submissions.SubmissionResponse, len(items))
-	for i, item := range items {
-		var validated_asset_id *uint64
-		if item.ValidatedAssetID != 0 {
-			validated_asset_id = &item.ValidatedAssetID
-		}
-		var validated_asset_version *uint64
-		if item.ValidatedAssetVersion != 0 {
-			validated_asset_version = &item.ValidatedAssetVersion
-		}
-		var uploaded_asset_id *uint64
-		if item.UploadedAssetID != 0 {
-			uploaded_asset_id = &item.UploadedAssetID
-		}
-		resp.Submissions[i] = &submissions.SubmissionResponse{
-			ID:                    item.ID,
-			DisplayName:           item.DisplayName,
-			Creator:               item.Creator,
-			GameID:                uint32(item.GameID),
-			CreatedAt:             item.CreatedAt.Unix(),
-			UpdatedAt:             item.UpdatedAt.Unix(),
-			Submitter:             uint64(item.Submitter),
-			AssetVersion:          uint64(item.AssetVersion),
-			AssetID:               item.AssetID,
-			ValidatedAssetID:      validated_asset_id,
-			ValidatedAssetVersion: validated_asset_version,
-			UploadedAssetID:       uploaded_asset_id,
-			StatusID:              submissions.SubmissionStatus(item.StatusID),
-		}
-	}
-
-	return &resp, nil
-}

pkg/datastore/datastore.go

@@ -24,11 +24,14 @@ const (
 )
 
 type Datastore interface {
+	AOREvents() AOREvents
+	AORSubmissions() AORSubmissions
 	AuditEvents() AuditEvents
 	Maps() Maps
 	Mapfixes() Mapfixes
 	Operations() Operations
 	Submissions() Submissions
+	SubmissionReviews() SubmissionReviews
 	Scripts() Scripts
 	ScriptPolicy() ScriptPolicy
 }
@@ -83,6 +86,16 @@ type Submissions interface {
 	ListWithTotal(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) (int64, []model.Submission, error)
 }
 
+type SubmissionReviews interface {
+	Get(ctx context.Context, id int64) (model.SubmissionReview, error)
+	GetBySubmissionAndReviewer(ctx context.Context, submissionID int64, reviewerID uint64) (model.SubmissionReview, error)
+	Create(ctx context.Context, review model.SubmissionReview) (model.SubmissionReview, error)
+	Update(ctx context.Context, id int64, values OptionalMap) error
+	Delete(ctx context.Context, id int64) error
+	ListBySubmission(ctx context.Context, submissionID int64) ([]model.SubmissionReview, error)
+	MarkOutdatedBySubmission(ctx context.Context, submissionID int64) error
+}
+
 type Scripts interface {
 	Get(ctx context.Context, id int64) (model.Script, error)
 	Create(ctx context.Context, smap model.Script) (model.Script, error)
@@ -99,3 +112,22 @@ type ScriptPolicy interface {
 	Delete(ctx context.Context, id int64) error
 	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.ScriptPolicy, error)
 }
+
+type AOREvents interface {
+	Get(ctx context.Context, id int64) (model.AOREvent, error)
+	GetActive(ctx context.Context) (model.AOREvent, error)
+	GetByStatus(ctx context.Context, status model.AOREventStatus) ([]model.AOREvent, error)
+	Create(ctx context.Context, event model.AOREvent) (model.AOREvent, error)
+	Update(ctx context.Context, id int64, values OptionalMap) error
+	Delete(ctx context.Context, id int64) error
+	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.AOREvent, error)
+}
+
+type AORSubmissions interface {
+	Get(ctx context.Context, id int64) (model.AORSubmission, error)
+	GetByAOREvent(ctx context.Context, eventID int64) ([]model.AORSubmission, error)
+	GetBySubmission(ctx context.Context, submissionID int64) ([]model.AORSubmission, error)
+	Create(ctx context.Context, aorSubmission model.AORSubmission) (model.AORSubmission, error)
+	Delete(ctx context.Context, id int64) error
+	ListWithSubmissions(ctx context.Context, eventID int64) ([]model.Submission, error)
+}

pkg/datastore/gormstore/aor_events.go

@@ -0,0 +1,89 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+)
+
+type AOREvents struct {
+	db *gorm.DB
+}
+
+func (env *AOREvents) Get(ctx context.Context, id int64) (model.AOREvent, error) {
+	var event model.AOREvent
+	if err := env.db.First(&event, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return event, datastore.ErrNotExist
+		}
+		return event, err
+	}
+	return event, nil
+}
+
+func (env *AOREvents) GetActive(ctx context.Context) (model.AOREvent, error) {
+	var event model.AOREvent
+	// Get the most recent non-closed event
+	if err := env.db.Where("status != ?", model.AOREventStatusClosed).
+		Order("start_date DESC").
+		First(&event).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return event, datastore.ErrNotExist
+		}
+		return event, err
+	}
+	return event, nil
+}
+
+func (env *AOREvents) GetByStatus(ctx context.Context, status model.AOREventStatus) ([]model.AOREvent, error) {
+	var events []model.AOREvent
+	if err := env.db.Where("status = ?", status).Order("start_date DESC").Find(&events).Error; err != nil {
+		return nil, err
+	}
+	return events, nil
+}
+
+func (env *AOREvents) Create(ctx context.Context, event model.AOREvent) (model.AOREvent, error) {
+	if err := env.db.Create(&event).Error; err != nil {
+		return event, err
+	}
+	return event, nil
+}
+
+func (env *AOREvents) Update(ctx context.Context, id int64, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.AOREvent{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+	return nil
+}
+
+func (env *AOREvents) Delete(ctx context.Context, id int64) error {
+	if err := env.db.Delete(&model.AOREvent{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+	return nil
+}
+
+func (env *AOREvents) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.AOREvent, error) {
+	var events []model.AOREvent
+	query := env.db.Where(filters.Map())
+
+	if page.Size > 0 {
+		offset := (page.Number - 1) * page.Size
+		query = query.Limit(int(page.Size)).Offset(int(offset))
+	}
+
+	if err := query.Order("start_date DESC").Find(&events).Error; err != nil {
+		return nil, err
+	}
+	return events, nil
+}

pkg/datastore/gormstore/aor_submissions.go

@@ -0,0 +1,70 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+)
+
+type AORSubmissions struct {
+	db *gorm.DB
+}
+
+func (env *AORSubmissions) Get(ctx context.Context, id int64) (model.AORSubmission, error) {
+	var aorSubmission model.AORSubmission
+	if err := env.db.First(&aorSubmission, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return aorSubmission, datastore.ErrNotExist
+		}
+		return aorSubmission, err
+	}
+	return aorSubmission, nil
+}
+
+func (env *AORSubmissions) GetByAOREvent(ctx context.Context, eventID int64) ([]model.AORSubmission, error) {
+	var aorSubmissions []model.AORSubmission
+	if err := env.db.Where("aor_event_id = ?", eventID).Order("added_at DESC").Find(&aorSubmissions).Error; err != nil {
+		return nil, err
+	}
+	return aorSubmissions, nil
+}
+
+func (env *AORSubmissions) GetBySubmission(ctx context.Context, submissionID int64) ([]model.AORSubmission, error) {
+	var aorSubmissions []model.AORSubmission
+	if err := env.db.Where("submission_id = ?", submissionID).Order("added_at DESC").Find(&aorSubmissions).Error; err != nil {
+		return nil, err
+	}
+	return aorSubmissions, nil
+}
+
+func (env *AORSubmissions) Create(ctx context.Context, aorSubmission model.AORSubmission) (model.AORSubmission, error) {
+	if err := env.db.Create(&aorSubmission).Error; err != nil {
+		return aorSubmission, err
+	}
+	return aorSubmission, nil
+}
+
+func (env *AORSubmissions) Delete(ctx context.Context, id int64) error {
+	if err := env.db.Delete(&model.AORSubmission{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+	return nil
+}
+
+func (env *AORSubmissions) ListWithSubmissions(ctx context.Context, eventID int64) ([]model.Submission, error) {
+	var submissions []model.Submission
+	if err := env.db.
+		Joins("JOIN aor_submissions ON aor_submissions.submission_id = submissions.id").
+		Where("aor_submissions.aor_event_id = ?", eventID).
+		Order("aor_submissions.added_at DESC").
+		Find(&submissions).Error; err != nil {
+		return nil, err
+	}
+	return submissions, nil
+}

pkg/datastore/gormstore/db.go

@@ -31,11 +31,14 @@ func New(ctx *cli.Context) (datastore.Datastore, error) {
 
 	if ctx.Bool("migrate") {
 		if err := db.AutoMigrate(
+			&model.AOREvent{},
+			&model.AORSubmission{},
 			&model.AuditEvent{},
 			&model.Map{},
 			&model.Mapfix{},
 			&model.Operation{},
 			&model.Submission{},
+			&model.SubmissionReview{},
 			&model.Script{},
 			&model.ScriptPolicy{},
 		); err != nil {

pkg/datastore/gormstore/gormstore.go

@@ -9,6 +9,14 @@ type Gormstore struct {
 	db *gorm.DB
 }
 
+func (g Gormstore) AOREvents() datastore.AOREvents {
+	return &AOREvents{db: g.db}
+}
+
+func (g Gormstore) AORSubmissions() datastore.AORSubmissions {
+	return &AORSubmissions{db: g.db}
+}
+
 func (g Gormstore) AuditEvents() datastore.AuditEvents {
 	return &AuditEvents{db: g.db}
 }
@@ -29,6 +37,10 @@ func (g Gormstore) Submissions() datastore.Submissions {
 	return &Submissions{db: g.db}
 }
 
+func (g Gormstore) SubmissionReviews() datastore.SubmissionReviews {
+	return &SubmissionReviews{db: g.db}
+}
+
 func (g Gormstore) Scripts() datastore.Scripts {
 	return &Scripts{db: g.db}
 }

pkg/datastore/gormstore/submission_reviews.go

@@ -0,0 +1,83 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+)
+
+type SubmissionReviews struct {
+	db *gorm.DB
+}
+
+func (env *SubmissionReviews) Get(ctx context.Context, id int64) (model.SubmissionReview, error) {
+	var review model.SubmissionReview
+	if err := env.db.First(&review, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return review, datastore.ErrNotExist
+		}
+		return review, err
+	}
+	return review, nil
+}
+
+func (env *SubmissionReviews) GetBySubmissionAndReviewer(ctx context.Context, submissionID int64, reviewerID uint64) (model.SubmissionReview, error) {
+	var review model.SubmissionReview
+	if err := env.db.Where("submission_id = ? AND reviewer_id = ?", submissionID, reviewerID).First(&review).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return review, datastore.ErrNotExist
+		}
+		return review, err
+	}
+	return review, nil
+}
+
+func (env *SubmissionReviews) Create(ctx context.Context, review model.SubmissionReview) (model.SubmissionReview, error) {
+	if err := env.db.Create(&review).Error; err != nil {
+		return review, err
+	}
+
+	return review, nil
+}
+
+func (env *SubmissionReviews) Update(ctx context.Context, id int64, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.SubmissionReview{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *SubmissionReviews) Delete(ctx context.Context, id int64) error {
+	if err := env.db.Delete(&model.SubmissionReview{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *SubmissionReviews) ListBySubmission(ctx context.Context, submissionID int64) ([]model.SubmissionReview, error) {
+	var reviews []model.SubmissionReview
+	if err := env.db.Where("submission_id = ?", submissionID).Order("created_at DESC").Find(&reviews).Error; err != nil {
+		return nil, err
+	}
+
+	return reviews, nil
+}
+
+func (env *SubmissionReviews) MarkOutdatedBySubmission(ctx context.Context, submissionID int64) error {
+	if err := env.db.Model(&model.SubmissionReview{}).Where("submission_id = ?", submissionID).Update("outdated", true).Error; err != nil {
+		return err
+	}
+
+	return nil
+}

pkg/model/aor_event.go

@@ -0,0 +1,37 @@
+package model
+
+import "time"
+
+type AOREventStatus int32
+
+const (
+	AOREventStatusScheduled AOREventStatus = 0 // Event scheduled, waiting for start
+	AOREventStatusOpen      AOREventStatus = 1 // Event started, accepting submissions (1st of month)
+	AOREventStatusFrozen    AOREventStatus = 2 // Submissions frozen (after 1st of month)
+	AOREventStatusSelected  AOREventStatus = 3 // Submissions selected for AOR (after week 1)
+	AOREventStatusCompleted AOREventStatus = 4 // Decisions finalized (end of month)
+	AOREventStatusClosed    AOREventStatus = 5 // Event closed/archived
+)
+
+// AOREvent represents an Accept or Reject event cycle
+// AOR events occur every 4 months (April, August, December)
+type AOREvent struct {
+	ID               int64 `gorm:"primaryKey"`
+	StartDate        time.Time `gorm:"index"` // 1st day of AOR month
+	FreezeDate       time.Time // End of 1st day (23:59:59)
+	SelectionDate    time.Time // End of week 1 (7 days after start)
+	DecisionDate     time.Time // End of month (when final decisions are made)
+	Status           AOREventStatus
+	CreatedAt        time.Time
+	UpdatedAt        time.Time
+}
+
+// AORSubmission represents a submission that was added to an AOR event
+type AORSubmission struct {
+	ID           int64 `gorm:"primaryKey"`
+	AOREventID   int64 `gorm:"index"`
+	SubmissionID int64 `gorm:"index"`
+	AddedAt      time.Time
+	CreatedAt    time.Time
+	UpdatedAt    time.Time
+}

pkg/model/submission_review.go

@@ -0,0 +1,14 @@
+package model
+
+import "time"
+
+type SubmissionReview struct {
+	ID           int64 `gorm:"primaryKey"`
+	SubmissionID int64 `gorm:"index"`
+	ReviewerID   uint64
+	Recommend    bool
+	Description  string
+	Outdated     bool
+	CreatedAt    time.Time
+	UpdatedAt    time.Time
+}

pkg/service/aor_events.go

@@ -0,0 +1,30 @@
+package service
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// AOR Event service methods
+
+func (svc *Service) GetAOREvent(ctx context.Context, id int64) (model.AOREvent, error) {
+	return svc.db.AOREvents().Get(ctx, id)
+}
+
+func (svc *Service) GetActiveAOREvent(ctx context.Context) (model.AOREvent, error) {
+	return svc.db.AOREvents().GetActive(ctx)
+}
+
+func (svc *Service) ListAOREvents(ctx context.Context, page model.Page) ([]model.AOREvent, error) {
+	return svc.db.AOREvents().List(ctx, datastore.Optional(), page)
+}
+
+func (svc *Service) GetAORSubmissionsByEvent(ctx context.Context, eventID int64) ([]model.Submission, error) {
+	return svc.db.AORSubmissions().ListWithSubmissions(ctx, eventID)
+}
+
+func (svc *Service) GetAORSubmissionsBySubmission(ctx context.Context, submissionID int64) ([]model.AORSubmission, error) {
+	return svc.db.AORSubmissions().GetBySubmission(ctx, submissionID)
+}

pkg/service/aor_scheduler.go

@@ -0,0 +1,389 @@
+package service
+
+import (
+	"context"
+	"time"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	log "github.com/sirupsen/logrus"
+)
+
+// AORScheduler manages AOR events and their lifecycle
+type AORScheduler struct {
+	ds  datastore.Datastore
+	ctx context.Context
+}
+
+// NewAORScheduler creates a new AOR scheduler
+func NewAORScheduler(ds datastore.Datastore) *AORScheduler {
+	return &AORScheduler{
+		ds:  ds,
+		ctx: context.Background(),
+	}
+}
+
+// ProcessAOREvents is the main entry point for the cron job
+// It checks and updates AOR event statuses
+func (s *AORScheduler) ProcessAOREvents() error {
+	log.Info("AOR Scheduler: Processing events")
+
+	// Initialize: create next AOR event if none exists
+	if err := s.ensureNextAOREvent(); err != nil {
+		log.WithError(err).Error("Failed to ensure next AOR event")
+		return err
+	}
+
+	// Process current active event
+	if err := s.processAOREvents(); err != nil {
+		log.WithError(err).Error("Failed to process AOR events")
+		return err
+	}
+
+	log.Info("AOR Scheduler: Processing completed successfully")
+	return nil
+}
+
+// ensureNextAOREvent creates the next AOR event if one doesn't exist
+func (s *AORScheduler) ensureNextAOREvent() error {
+	// Check if there's an active or scheduled event
+	_, err := s.ds.AOREvents().GetActive(s.ctx)
+	if err == nil {
+		// Event exists, nothing to do
+		return nil
+	}
+	if err != datastore.ErrNotExist {
+		return err
+	}
+
+	// No active event, create the next one
+	nextDate := s.calculateNextAORDate(time.Now())
+	return s.createAOREvent(nextDate)
+}
+
+// calculateNextAORDate calculates the next AOR start date
+// AOR events are held every 4 months: April, August, December
+func (s *AORScheduler) calculateNextAORDate(from time.Time) time.Time {
+	aorMonths := []time.Month{time.April, time.August, time.December}
+
+	currentYear := from.Year()
+	currentMonth := from.Month()
+
+	// Find the next AOR month
+	for _, month := range aorMonths {
+		if month > currentMonth {
+			// Next AOR is this year
+			return time.Date(currentYear, month, 1, 0, 0, 0, 0, time.UTC)
+		}
+	}
+
+	// Next AOR is in April of next year
+	return time.Date(currentYear+1, time.April, 1, 0, 0, 0, 0, time.UTC)
+}
+
+// createAOREvent creates a new AOR event with calculated dates
+func (s *AORScheduler) createAOREvent(startDate time.Time) error {
+	freezeDate := startDate.Add(24*time.Hour - time.Second) // End of first day (23:59:59)
+	selectionDate := startDate.Add(7 * 24 * time.Hour)      // 7 days after start
+
+	// Decision date is the last day of the month at 23:59:59
+	// Calculate the first day of next month, then subtract 1 second
+	year, month, _ := startDate.Date()
+	firstOfNextMonth := time.Date(year, month+1, 1, 0, 0, 0, 0, time.UTC)
+	decisionDate := firstOfNextMonth.Add(-time.Second)
+
+	event := model.AOREvent{
+		StartDate:     startDate,
+		FreezeDate:    freezeDate,
+		SelectionDate: selectionDate,
+		DecisionDate:  decisionDate,
+		Status:        model.AOREventStatusScheduled,
+	}
+
+	_, err := s.ds.AOREvents().Create(s.ctx, event)
+	if err != nil {
+		return err
+	}
+
+	log.WithFields(log.Fields{
+		"start_date":     startDate,
+		"freeze_date":    freezeDate,
+		"selection_date": selectionDate,
+		"decision_date":  decisionDate,
+	}).Info("Created new AOR event")
+
+	return nil
+}
+
+// processAOREvents checks and updates AOR event statuses
+func (s *AORScheduler) processAOREvents() error {
+	now := time.Now()
+
+	// Get active event
+	event, err := s.ds.AOREvents().GetActive(s.ctx)
+	if err == datastore.ErrNotExist {
+		// No active event, ensure one is created
+		return s.ensureNextAOREvent()
+	}
+	if err != nil {
+		return err
+	}
+
+	// Process event based on current status and dates
+	switch event.Status {
+	case model.AOREventStatusScheduled:
+		// Check if event should start (it's now the 1st of the AOR month)
+		if now.After(event.StartDate) || now.Equal(event.StartDate) {
+			if err := s.openAOREvent(event.ID); err != nil {
+				return err
+			}
+		}
+
+	case model.AOREventStatusOpen:
+		// Check if submissions should be frozen (past the freeze date)
+		if now.After(event.FreezeDate) {
+			if err := s.freezeAOREvent(event.ID); err != nil {
+				return err
+			}
+		}
+
+	case model.AOREventStatusFrozen:
+		// Check if it's time to select submissions (past selection date)
+		if now.After(event.SelectionDate) {
+			if err := s.selectSubmissions(event.ID); err != nil {
+				return err
+			}
+		}
+
+	case model.AOREventStatusSelected:
+		// Check if it's time to finalize decisions (past decision date)
+		if now.After(event.DecisionDate) {
+			if err := s.finalizeDecisions(event.ID); err != nil {
+				return err
+			}
+		}
+
+	case model.AOREventStatusCompleted:
+		// Event completed, create next one and close this one
+		nextDate := s.calculateNextAORDate(event.StartDate)
+		if err := s.createAOREvent(nextDate); err != nil {
+			return err
+		}
+		if err := s.closeAOREvent(event.ID); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// openAOREvent transitions an event to Open status
+func (s *AORScheduler) openAOREvent(eventID int64) error {
+	err := s.ds.AOREvents().Update(s.ctx, eventID, datastore.Optional().Add("status", model.AOREventStatusOpen))
+	if err != nil {
+		return err
+	}
+
+	log.WithField("event_id", eventID).Info("AOR event opened - submissions now accepted")
+	return nil
+}
+
+// freezeAOREvent transitions an event to Frozen status
+// TODO: lock submission from updates
+func (s *AORScheduler) freezeAOREvent(eventID int64) error {
+	err := s.ds.AOREvents().Update(s.ctx, eventID, datastore.Optional().Add("status", model.AOREventStatusFrozen))
+	if err != nil {
+		return err
+	}
+
+	log.WithField("event_id", eventID).Info("AOR event frozen - submissions locked")
+	return nil
+}
+
+// selectSubmissions automatically selects qualifying submissions
+func (s *AORScheduler) selectSubmissions(eventID int64) error {
+	// Get all submissions in Submitted status
+	submissions, err := s.ds.Submissions().List(s.ctx, datastore.Optional().Add("status_id", model.SubmissionStatusSubmitted), model.Page{Number: 0, Size: 0}, datastore.ListSortDisabled)
+	if err != nil {
+		return err
+	}
+
+	selectedCount := 0
+	for _, submission := range submissions {
+		// Get all reviews for this submission
+		reviews, err := s.ds.SubmissionReviews().ListBySubmission(s.ctx, submission.ID)
+		if err != nil {
+			log.WithError(err).WithField("submission_id", submission.ID).Error("Failed to get reviews")
+			continue
+		}
+
+		// Apply selection criteria
+		if s.shouldAddToAOR(reviews) {
+			// Add to AOR event
+			aorSubmission := model.AORSubmission{
+				AOREventID:   eventID,
+				SubmissionID: submission.ID,
+				AddedAt:      time.Now(),
+			}
+			_, err := s.ds.AORSubmissions().Create(s.ctx, aorSubmission)
+			if err != nil {
+				log.WithError(err).WithField("submission_id", submission.ID).Error("Failed to add submission to AOR")
+				continue
+			}
+			selectedCount++
+			log.WithField("submission_id", submission.ID).Info("Added submission to AOR event")
+		}
+	}
+
+	// Mark event as selected (waiting for end of month to finalize)
+	err = s.ds.AOREvents().Update(s.ctx, eventID, datastore.Optional().Add("status", model.AOREventStatusSelected))
+	if err != nil {
+		return err
+	}
+
+	log.WithFields(log.Fields{
+		"event_id":       eventID,
+		"selected_count": selectedCount,
+	}).Info("AOR submission selection completed - waiting for end of month to finalize decisions")
+
+	return nil
+}
+
+// shouldAddToAOR determines if a submission should be added to the AOR event
+// Criteria:
+// - If there are 0 reviews: NOT added
+// - If there is 1+ review with recommend=true and not outdated: added
+// - If majority (>=50%) of non-outdated reviews recommend: added
+// TODO: Audit events
+func (s *AORScheduler) shouldAddToAOR(reviews []model.SubmissionReview) bool {
+	// Filter out outdated reviews
+	var validReviews []model.SubmissionReview
+	for _, review := range reviews {
+		if !review.Outdated {
+			validReviews = append(validReviews, review)
+		}
+	}
+
+	// If there are 0 valid reviews, don't add
+	if len(validReviews) == 0 {
+		return false
+	}
+
+	// Count recommendations
+	recommendCount := 0
+	for _, review := range validReviews {
+		if review.Recommend {
+			recommendCount++
+		}
+	}
+
+	// Need at least 50% recommendations (2 accept + 2 deny = 50% = added)
+	// This means recommendCount * 2 >= len(validReviews)
+	return recommendCount*2 >= len(validReviews)
+}
+
+// shouldAccept determines if a submission should be accepted in final decisions
+// Criteria: Must have >50% (strictly greater than) recommendations
+func (s *AORScheduler) shouldAccept(reviews []model.SubmissionReview) bool {
+	// Filter out outdated reviews
+	var validReviews []model.SubmissionReview
+	for _, review := range reviews {
+		if !review.Outdated {
+			validReviews = append(validReviews, review)
+		}
+	}
+
+	// If there are 0 valid reviews, don't accept
+	if len(validReviews) == 0 {
+		return false
+	}
+
+	// Count recommendations
+	recommendCount := 0
+	for _, review := range validReviews {
+		if review.Recommend {
+			recommendCount++
+		}
+	}
+
+	// Need MORE than 50% recommendations (strictly greater)
+	// This means recommendCount * 2 > len(validReviews)
+	return recommendCount*2 > len(validReviews)
+}
+
+// finalizeDecisions makes final accept/reject decisions at end of month
+// Submissions in the AOR event with >50% recommends are accepted
+// Submissions in the AOR event with <=50% recommends are rejected
+// TODO: Implement acceptance logic
+// TODO: Query roblox group to get get min votes needed for acceptance
+// TODO: Audit events
+func (s *AORScheduler) finalizeDecisions(eventID int64) error {
+	// Get all submissions that were selected for this AOR event
+	aorSubmissions, err := s.ds.AORSubmissions().GetByAOREvent(s.ctx, eventID)
+	if err != nil {
+		return err
+	}
+
+	acceptedCount := 0
+	rejectedCount := 0
+
+	// Process each submission in the AOR event
+	for _, aorSub := range aorSubmissions {
+		// Get the submission
+		submission, err := s.ds.Submissions().Get(s.ctx, aorSub.SubmissionID)
+		if err != nil {
+			log.WithError(err).WithField("submission_id", aorSub.SubmissionID).Error("Failed to get submission")
+			continue
+		}
+
+		// Get all reviews for this submission
+		reviews, err := s.ds.SubmissionReviews().ListBySubmission(s.ctx, aorSub.SubmissionID)
+		if err != nil {
+			log.WithError(err).WithField("submission_id", aorSub.SubmissionID).Error("Failed to get reviews")
+			continue
+		}
+
+		// Check if submission has >50% recommends (strictly greater)
+		if s.shouldAccept(reviews) {
+			// This submission has >50% recommends - accept it
+			// TODO: Implement acceptance logic
+			// For now, this is a placeholder
+			log.WithField("submission_id", submission.ID).Info("TODO: Accept submission (placeholder)")
+			acceptedCount++
+		} else {
+			// This submission does not have >50% recommends - reject it
+			err := s.ds.Submissions().Update(s.ctx, submission.ID, datastore.Optional().Add("status_id", model.SubmissionStatusRejected))
+			if err != nil {
+				log.WithError(err).WithField("submission_id", submission.ID).Error("Failed to reject submission")
+				continue
+			}
+			log.WithField("submission_id", submission.ID).Info("Rejected submission")
+			rejectedCount++
+		}
+	}
+
+	// Mark event as completed
+	err = s.ds.AOREvents().Update(s.ctx, eventID, datastore.Optional().Add("status", model.AOREventStatusCompleted))
+	if err != nil {
+		return err
+	}
+
+	log.WithFields(log.Fields{
+		"event_id":       eventID,
+		"accepted_count": acceptedCount,
+		"rejected_count": rejectedCount,
+	}).Info("AOR decisions finalized")
+
+	return nil
+}
+
+// closeAOREvent transitions an event to Closed status
+func (s *AORScheduler) closeAOREvent(eventID int64) error {
+	err := s.ds.AOREvents().Update(s.ctx, eventID, datastore.Optional().Add("status", model.AOREventStatusClosed))
+	if err != nil {
+		return err
+	}
+
+	log.WithField("event_id", eventID).Info("AOR event closed")
+	return nil
+}

pkg/service/mapfixes.go

@@ -103,10 +103,6 @@ func (svc *Service) GetMapfix(ctx context.Context, id int64) (model.Mapfix, erro
 	return svc.db.Mapfixes().Get(ctx, id)
 }
 
-func (svc *Service) GetMapfixList(ctx context.Context, ids []int64) ([]model.Mapfix, error) {
-	return svc.db.Mapfixes().GetList(ctx, ids)
-}
-
 func (svc *Service) UpdateMapfix(ctx context.Context, id int64, pmap MapfixUpdate) error {
 	return svc.db.Mapfixes().Update(ctx, id, datastore.OptionalMap(pmap))
 }

pkg/service/submission_reviews.go

@@ -0,0 +1,55 @@
+package service
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+type SubmissionReviewUpdate datastore.OptionalMap
+
+func NewSubmissionReviewUpdate() SubmissionReviewUpdate {
+	update := datastore.Optional()
+	return SubmissionReviewUpdate(update)
+}
+
+func (update SubmissionReviewUpdate) SetRecommend(recommend bool) {
+	datastore.OptionalMap(update).Add("recommend", recommend)
+}
+
+func (update SubmissionReviewUpdate) SetDescription(description string) {
+	datastore.OptionalMap(update).Add("description", description)
+}
+
+func (update SubmissionReviewUpdate) SetOutdated(outdated bool) {
+	datastore.OptionalMap(update).Add("outdated", outdated)
+}
+
+func (svc *Service) CreateSubmissionReview(ctx context.Context, review model.SubmissionReview) (model.SubmissionReview, error) {
+	return svc.db.SubmissionReviews().Create(ctx, review)
+}
+
+func (svc *Service) GetSubmissionReview(ctx context.Context, id int64) (model.SubmissionReview, error) {
+	return svc.db.SubmissionReviews().Get(ctx, id)
+}
+
+func (svc *Service) GetSubmissionReviewBySubmissionAndReviewer(ctx context.Context, submissionID int64, reviewerID uint64) (model.SubmissionReview, error) {
+	return svc.db.SubmissionReviews().GetBySubmissionAndReviewer(ctx, submissionID, reviewerID)
+}
+
+func (svc *Service) UpdateSubmissionReview(ctx context.Context, id int64, update SubmissionReviewUpdate) error {
+	return svc.db.SubmissionReviews().Update(ctx, id, datastore.OptionalMap(update))
+}
+
+func (svc *Service) DeleteSubmissionReview(ctx context.Context, id int64) error {
+	return svc.db.SubmissionReviews().Delete(ctx, id)
+}
+
+func (svc *Service) ListSubmissionReviewsBySubmission(ctx context.Context, submissionID int64) ([]model.SubmissionReview, error) {
+	return svc.db.SubmissionReviews().ListBySubmission(ctx, submissionID)
+}
+
+func (svc *Service) MarkSubmissionReviewsOutdated(ctx context.Context, submissionID int64) error {
+	return svc.db.SubmissionReviews().MarkOutdatedBySubmission(ctx, submissionID)
+}

pkg/web_api/aor_events.go

@@ -0,0 +1,121 @@
+package web_api
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// ListAOREvents implements listAOREvents operation.
+//
+// Get list of AOR events.
+//
+// GET /aor-events
+func (svc *Service) ListAOREvents(ctx context.Context, params api.ListAOREventsParams) ([]api.AOREvent, error) {
+	page := model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	}
+
+	events, err := svc.inner.ListAOREvents(ctx, page)
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.AOREvent
+	for _, event := range events {
+		resp = append(resp, api.AOREvent{
+			ID:            event.ID,
+			StartDate:     event.StartDate.Unix(),
+			FreezeDate:    event.FreezeDate.Unix(),
+			SelectionDate: event.SelectionDate.Unix(),
+			DecisionDate:  event.DecisionDate.Unix(),
+			Status:        int32(event.Status),
+			CreatedAt:     event.CreatedAt.Unix(),
+			UpdatedAt:     event.UpdatedAt.Unix(),
+		})
+	}
+
+	return resp, nil
+}
+
+// GetActiveAOREvent implements getActiveAOREvent operation.
+//
+// Get the currently active AOR event.
+//
+// GET /aor-events/active
+func (svc *Service) GetActiveAOREvent(ctx context.Context) (*api.AOREvent, error) {
+	event, err := svc.inner.GetActiveAOREvent(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.AOREvent{
+		ID:            event.ID,
+		StartDate:     event.StartDate.Unix(),
+		FreezeDate:    event.FreezeDate.Unix(),
+		SelectionDate: event.SelectionDate.Unix(),
+		DecisionDate:  event.DecisionDate.Unix(),
+		Status:        int32(event.Status),
+		CreatedAt:     event.CreatedAt.Unix(),
+		UpdatedAt:     event.UpdatedAt.Unix(),
+	}, nil
+}
+
+// GetAOREvent implements getAOREvent operation.
+//
+// Get a specific AOR event.
+//
+// GET /aor-events/{AOREventID}
+func (svc *Service) GetAOREvent(ctx context.Context, params api.GetAOREventParams) (*api.AOREvent, error) {
+	event, err := svc.inner.GetAOREvent(ctx, params.AOREventID)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.AOREvent{
+		ID:            event.ID,
+		StartDate:     event.StartDate.Unix(),
+		FreezeDate:    event.FreezeDate.Unix(),
+		SelectionDate: event.SelectionDate.Unix(),
+		DecisionDate:  event.DecisionDate.Unix(),
+		Status:        int32(event.Status),
+		CreatedAt:     event.CreatedAt.Unix(),
+		UpdatedAt:     event.UpdatedAt.Unix(),
+	}, nil
+}
+
+// GetAOREventSubmissions implements getAOREventSubmissions operation.
+//
+// Get all submissions for a specific AOR event.
+//
+// GET /aor-events/{AOREventID}/submissions
+func (svc *Service) GetAOREventSubmissions(ctx context.Context, params api.GetAOREventSubmissionsParams) ([]api.Submission, error) {
+	submissions, err := svc.inner.GetAORSubmissionsByEvent(ctx, params.AOREventID)
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Submission
+	for _, submission := range submissions {
+		resp = append(resp, api.Submission{
+			ID:                    submission.ID,
+			DisplayName:           submission.DisplayName,
+			Creator:               submission.Creator,
+			GameID:                int32(submission.GameID),
+			CreatedAt:             submission.CreatedAt.Unix(),
+			UpdatedAt:             submission.UpdatedAt.Unix(),
+			Submitter:             int64(submission.Submitter),
+			AssetID:               int64(submission.AssetID),
+			AssetVersion:          int64(submission.AssetVersion),
+			ValidatedAssetID:      api.NewOptInt64(int64(submission.ValidatedAssetID)),
+			ValidatedAssetVersion: api.NewOptInt64(int64(submission.ValidatedAssetVersion)),
+			Completed:             submission.Completed,
+			UploadedAssetID:       api.NewOptInt64(int64(submission.UploadedAssetID)),
+			StatusID:              int32(submission.StatusID),
+		})
+	}
+
+	return resp, nil
+}

pkg/web_api/submission_reviews.go

@@ -0,0 +1,207 @@
+package web_api
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"git.itzana.me/strafesnet/maps-service/pkg/service"
+)
+
+var (
+	ErrReviewNotOwner = errors.New("You can only edit your own review")
+	ErrReviewNotSubmitted = errors.New("Reviews can only be created or edited when the submission is in Submitted status")
+)
+
+// ListSubmissionReviews implements listSubmissionReviews operation.
+//
+// Get all reviews for a submission.
+//
+// GET /submissions/{SubmissionID}/reviews
+func (svc *Service) ListSubmissionReviews(ctx context.Context, params api.ListSubmissionReviewsParams) ([]api.SubmissionReview, error) {
+	reviews, err := svc.inner.ListSubmissionReviewsBySubmission(ctx, params.SubmissionID)
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.SubmissionReview
+	for _, review := range reviews {
+		resp = append(resp, api.SubmissionReview{
+			ID:           review.ID,
+			SubmissionID: review.SubmissionID,
+			ReviewerID:   int64(review.ReviewerID),
+			Recommend:    review.Recommend,
+			Description:  review.Description,
+			Outdated:     review.Outdated,
+			CreatedAt:    review.CreatedAt.Unix(),
+			UpdatedAt:    review.UpdatedAt.Unix(),
+		})
+	}
+
+	return resp, nil
+}
+
+// CreateSubmissionReview implements createSubmissionReview operation.
+//
+// Create a review for a submission.
+//
+// POST /submissions/{SubmissionID}/reviews
+func (svc *Service) CreateSubmissionReview(ctx context.Context, req *api.SubmissionReviewCreate, params api.CreateSubmissionReviewParams) (*api.SubmissionReview, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	// Check if caller has required role
+	has_role, err := userInfo.HasRoleSubmissionReview()
+	if err != nil {
+		return nil, err
+	}
+	if !has_role {
+		return nil, ErrPermissionDeniedNeedRoleSubmissionReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return nil, err
+	}
+
+	// Check if submission exists and is in Submitted status
+	submission, err := svc.inner.GetSubmission(ctx, params.SubmissionID)
+	if err != nil {
+		return nil, err
+	}
+
+	if submission.StatusID != model.SubmissionStatusSubmitted {
+		return nil, ErrReviewNotSubmitted
+	}
+
+	// Check if user already has a review for this submission
+	existingReview, err := svc.inner.GetSubmissionReviewBySubmissionAndReviewer(ctx, params.SubmissionID, userId)
+	if err != nil && !errors.Is(err, datastore.ErrNotExist) {
+		return nil, err
+	}
+
+	// If review exists, update it instead
+	if err == nil {
+		update := service.NewSubmissionReviewUpdate()
+		update.SetRecommend(req.Recommend)
+		update.SetDescription(req.Description)
+		update.SetOutdated(false)
+
+		err = svc.inner.UpdateSubmissionReview(ctx, existingReview.ID, update)
+		if err != nil {
+			return nil, err
+		}
+
+		// Fetch updated review
+		updatedReview, err := svc.inner.GetSubmissionReview(ctx, existingReview.ID)
+		if err != nil {
+			return nil, err
+		}
+
+		return &api.SubmissionReview{
+			ID:           updatedReview.ID,
+			SubmissionID: updatedReview.SubmissionID,
+			ReviewerID:   int64(updatedReview.ReviewerID),
+			Recommend:    updatedReview.Recommend,
+			Description:  updatedReview.Description,
+			Outdated:     updatedReview.Outdated,
+			CreatedAt:    updatedReview.CreatedAt.Unix(),
+			UpdatedAt:    updatedReview.UpdatedAt.Unix(),
+		}, nil
+	}
+
+	// Create new review
+	review := model.SubmissionReview{
+		SubmissionID: params.SubmissionID,
+		ReviewerID:   userId,
+		Recommend:    req.Recommend,
+		Description:  req.Description,
+		Outdated:     false,
+	}
+
+	createdReview, err := svc.inner.CreateSubmissionReview(ctx, review)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.SubmissionReview{
+		ID:           createdReview.ID,
+		SubmissionID: createdReview.SubmissionID,
+		ReviewerID:   int64(createdReview.ReviewerID),
+		Recommend:    createdReview.Recommend,
+		Description:  createdReview.Description,
+		Outdated:     createdReview.Outdated,
+		CreatedAt:    createdReview.CreatedAt.Unix(),
+		UpdatedAt:    createdReview.UpdatedAt.Unix(),
+	}, nil
+}
+
+// UpdateSubmissionReview implements updateSubmissionReview operation.
+//
+// Update an existing review.
+//
+// PATCH /submissions/{SubmissionID}/reviews/{ReviewID}
+func (svc *Service) UpdateSubmissionReview(ctx context.Context, req *api.SubmissionReviewCreate, params api.UpdateSubmissionReviewParams) (*api.SubmissionReview, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return nil, err
+	}
+
+	// Get the existing review
+	review, err := svc.inner.GetSubmissionReview(ctx, params.ReviewID)
+	if err != nil {
+		return nil, err
+	}
+
+	// Check if user is the owner of the review
+	if review.ReviewerID != userId {
+		return nil, ErrReviewNotOwner
+	}
+
+	// Check if submission is still in Submitted status
+	submission, err := svc.inner.GetSubmission(ctx, params.SubmissionID)
+	if err != nil {
+		return nil, err
+	}
+
+	if submission.StatusID != model.SubmissionStatusSubmitted {
+		return nil, ErrReviewNotSubmitted
+	}
+
+	// Update the review
+	update := service.NewSubmissionReviewUpdate()
+	update.SetRecommend(req.Recommend)
+	update.SetDescription(req.Description)
+	update.SetOutdated(false) // Clear outdated flag on edit
+
+	err = svc.inner.UpdateSubmissionReview(ctx, params.ReviewID, update)
+	if err != nil {
+		return nil, err
+	}
+
+	// Fetch updated review
+	updatedReview, err := svc.inner.GetSubmissionReview(ctx, params.ReviewID)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.SubmissionReview{
+		ID:           updatedReview.ID,
+		SubmissionID: updatedReview.SubmissionID,
+		ReviewerID:   int64(updatedReview.ReviewerID),
+		Recommend:    updatedReview.Recommend,
+		Description:  updatedReview.Description,
+		Outdated:     updatedReview.Outdated,
+		CreatedAt:    updatedReview.CreatedAt.Unix(),
+		UpdatedAt:    updatedReview.UpdatedAt.Unix(),
+	}, nil
+}