kinda done

- use uint for Operation.Owner
- remove IsSubmitter

.drone.yml

@@ -25,6 +25,8 @@ steps:
       branch:
         - master
         - staging
+      event:
+        - push
 
   - name: frontend
     image: plugins/docker
@@ -44,6 +46,8 @@ steps:
       branch:
         - master
         - staging
+      event:
+        - push
 
   - name: validator
     image: plugins/docker
@@ -63,11 +67,16 @@ steps:
       branch:
         - master
         - staging
+      event:
+        - push
 
   - name: deploy
     image: argoproj/argocd:latest
     commands:
-      - echo "Deploy!" # Not going to do actually do this until 
+      - argocd login --grpc-web cd.stricity.com --username $USERNAME --password $PASSWORD
+      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-api:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
+      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-frontend:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
+      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-validator:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
     environment:
       USERNAME:
         from_secret: ARGO_USER
@@ -81,8 +90,68 @@ steps:
       branch:
         - master
         - staging
+      event:
+        - push
+
+# pr dry run
+  - name: api-pr
+    image: plugins/docker
+    settings:
+      registry: registry.itzana.me
+      repo: registry.itzana.me/strafesnet/maptest-validator
+      tags:
+        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
+        - ${DRONE_BRANCH}
+      dockerfile: Containerfile
+      context: .
+      dry_run: true
+    when:
+      event:
+        - pull_request
+
+  - name: frontend-pr
+    image: plugins/docker
+    settings:
+      registry: registry.itzana.me
+      repo: registry.itzana.me/strafesnet/maptest-validator
+      tags:
+        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
+        - ${DRONE_BRANCH}
+      dockerfile: web/Containerfile
+      context: web
+      dry_run: true
+    when:
+      event:
+      - pull_request
+
+  - name: validator-pr
+    image: plugins/docker
+    settings:
+      registry: registry.itzana.me
+      repo: registry.itzana.me/strafesnet/maptest-validator
+      tags:
+        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
+        - ${DRONE_BRANCH}
+      dockerfile: validation/Containerfile
+      context: validation
+      dry_run: true
+    when:
+      event:
+        - pull_request
+
+  - name: build-pr
+    image: alpine
+    commands:
+      - echo "Success!"
+    depends_on:
+      - api-pr
+      - frontend-pr
+      - validator-pr
+    when:
+      event:
+        - pull_request
 ---
 kind: signature
-hmac: 9958fd5b01af1ebcc75f7277fe71eb5336b899445c359cecf1b14e83b3d05059
+hmac: 11e6d7f1eb839d3798fdcb642ca5523c011bd14c1f3a0343a9c3106bab9ef142
 
 ...

.gitignore

@@ -1 +1,2 @@
-.idea
+.idea
+/target

Cargo.toml

@@ -0,0 +1,6 @@
+[workspace]
+members = [
+	"validation",
+	"validation/api",
+]
+resolver = "2"

Containerfile

@@ -1,5 +1,5 @@
 # Stage 1: Build
-FROM docker.io/golang:1.23 AS builder
+FROM registry.itzana.me/docker-proxy/golang:1.24 AS builder
 
 # Set the working directory in the container
 WORKDIR /app
@@ -14,7 +14,7 @@ COPY . .
 RUN CGO_ENABLED=0 GOOS=linux go build -o service ./cmd/maps-service/service.go
 
 # Stage 2: Run
-FROM alpine
+FROM registry.itzana.me/docker-proxy/alpine:3.21
 
 # Set up a non-root user for security
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup

README.md

@@ -26,6 +26,12 @@ Prerequisite: golang installed
 
 Prerequisite: bun installed
 
+The environment variable `API_HOST` will need to be set for the middleware.
+Example `.env` in web's root:
+```
+API_HOST="http://localhost:8082/v1/"
+```
+
 1. `cd web`
 2. `bun install`
 
@@ -43,6 +49,12 @@ Prerequisite: rust installed
 1. `cd validation`
 2. `cargo run --release`
 
+Environment Variables:
+- ROBLOX_GROUP_ID
+- RBXCOOKIE
+- API_HOST_INTERNAL
+- NATS_HOST
+
 #### License
 
 <sup>

compose.yaml

@@ -30,7 +30,8 @@ services:
       "--pg-password","happypostgresuser",
       # other hosts
       "--nats-host","nats:4222",
-      "--auth-rpc-host","authrpc:8081"
+      "--auth-rpc-host","authrpc:8081",
+      "--data-rpc-host","dataservice:9000",
     ]
     depends_on:
       - authrpc
@@ -47,18 +48,19 @@ services:
       - maps-service-network
     ports:
       - "3000:3000"
+    environment:
+      - API_HOST=http://submissions:8082/v1
 
   validation:
     image:
       maps-service-validation
     container_name: validation
     env_file:
-      - ../auth-compose/strafesnet.env
+      - ../auth-compose/strafesnet_staging.env
     environment:
-      - API_HOST=http://submissions:8082
-      - API_HOST_INTERNAL=http://submissions:8083
+      - ROBLOX_GROUP_ID=17032139 # "None" is special case string value
+      - API_HOST_INTERNAL=http://submissions:8083/v1
       - NATS_HOST=nats:4222
-      - DATA_HOST=http://dataservice:9000
     depends_on:
       - nats
       # note: this races the submissions which creates a nats stream
@@ -91,11 +93,12 @@ services:
       - maps-service-network
 
   authrpc:
-    image: registry.itzana.me/strafesnet/auth-service:master
+    image: registry.itzana.me/strafesnet/auth-service:staging
     container_name: authrpc
     command: ["serve", "rpc"]
     environment:
       - REDIS_ADDR=authredis:6379
+      - RBX_GROUP_ID=17032139
     env_file:
       - ../auth-compose/auth-service.env
     depends_on:
@@ -106,7 +109,7 @@ services:
       driver: "none"
 
   auth-web:
-    image: registry.itzana.me/strafesnet/auth-service:master
+    image: registry.itzana.me/strafesnet/auth-service:staging
     command: ["serve", "web"]
     environment:
       - REDIS_ADDR=authredis:6379

openapi-internal.yaml

@@ -4,9 +4,239 @@ info:
   description: Internal operations inaccessible from the public internet.
   version: 0.1.0
 tags:
+  - name: Mapfixes
+    description: Mapfix operations
   - name: Submissions
     description: Submission operations
 paths:
+  /mapfixes:
+    post:
+      summary: Create a mapfix
+      operationId: createMapfix
+      tags:
+        - Mapfixes
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/MapfixCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/MapfixID"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /mapfixes/{MapfixID}/validated-model:
+    post:
+      summary: Update validated model
+      operationId: updateMapfixValidatedModel
+      tags:
+        - Mapfixes
+      parameters:
+        - $ref: '#/components/parameters/MapfixID'
+        - name: ValidatedModelID
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: uint64
+            minimum: 0
+        - name: ValidatedModelVersion
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: uint64
+            minimum: 0
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /mapfixes/{MapfixID}/status/validator-submitted:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Submitting -> Submitted
+      operationId: actionMapfixSubmitted
+      tags:
+        - Mapfixes
+      parameters:
+        - $ref: '#/components/parameters/MapfixID'
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /mapfixes/{MapfixID}/status/validator-validated:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
+      operationId: actionMapfixValidated
+      tags:
+        - Mapfixes
+      parameters:
+        - $ref: '#/components/parameters/MapfixID'
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /mapfixes/{MapfixID}/status/validator-failed:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
+      operationId: actionMapfixAccepted
+      tags:
+        - Mapfixes
+      parameters:
+        - $ref: '#/components/parameters/MapfixID'
+        - name: StatusMessage
+          in: query
+          required: true
+          schema:
+            type: string
+            minLength: 0
+            maxLength: 4096
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /mapfixes/{MapfixID}/status/validator-uploaded:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
+      operationId: actionMapfixUploaded
+      tags:
+        - Mapfixes
+      parameters:
+        - $ref: '#/components/parameters/MapfixID'
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /operations/{OperationID}/status/operation-failed:
+    post:
+      summary: (Internal endpoint) Fail an operation and write a StatusMessage
+      operationId: actionOperationFailed
+      tags:
+        - Operations
+      parameters:
+        - $ref: '#/components/parameters/OperationID'
+        - name: StatusMessage
+          in: query
+          required: true
+          schema:
+            type: string
+            minLength: 0
+            maxLength: 4096
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /submissions:
+    post:
+      summary: Create a new submission
+      operationId: createSubmission
+      tags:
+        - Submissions
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SubmissionCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/SubmissionID"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/validated-model:
+    post:
+      summary: Update validated model
+      operationId: updateSubmissionValidatedModel
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+        - name: ValidatedModelID
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: uint64
+            minimum: 0
+        - name: ValidatedModelVersion
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: uint64
+            minimum: 0
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/status/validator-submitted:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Submitting -> Submitted
+      operationId: actionSubmissionSubmitted
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /submissions/{SubmissionID}/status/validator-validated:
     post:
       summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
@@ -24,6 +254,30 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/status/validator-failed:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
+      operationId: actionSubmissionAccepted
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+        - name: StatusMessage
+          in: query
+          required: true
+          schema:
+            type: string
+            minLength: 0
+            maxLength: 4096
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /submissions/{SubmissionID}/status/validator-uploaded:
     post:
       summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
@@ -32,11 +286,13 @@ paths:
         - Submissions
       parameters:
         - $ref: '#/components/parameters/SubmissionID'
-        - name: TargetAssetID
+        - name: UploadedAssetID
           in: query
+          required: true
           schema:
             type: integer
-            format: int64
+            format: uint64
+            minimum: 0
       responses:
         "204":
           description: Successful response
@@ -46,17 +302,163 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/releaser-released:
-    post:
-      summary: (Internal endpoint) Role Releaser changes status from releasing -> released
-      operationId: actionSubmissionReleased
+  /script-policy:
+    get:
+      summary: Get list of script policies
+      operationId: listScriptPolicy
       tags:
-        - Submissions
+        - ScriptPolicy
       parameters:
-        - $ref: '#/components/parameters/SubmissionID'
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      - name: FromScriptHash
+        in: query
+        schema:
+          type: string
+          minLength: 16
+          maxLength: 16
+      - name: ToScriptID
+        in: query
+        schema:
+          type: integer
+          format: uint64
+          minimum: 0
+      - name: Policy
+        in: query
+        schema:
+          type: integer
+          format: uint32
+          minimum: 0
       responses:
-        "204":
+        "200":
           description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/ScriptPolicy"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+    post:
+      summary: Create a new script policy
+      operationId: createScriptPolicy
+      tags:
+        - ScriptPolicy
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptPolicyCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ScriptPolicyID"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /scripts:
+    get:
+      summary: Get list of scripts
+      operationId: listScripts
+      tags:
+        - Script
+      parameters:
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      - name: Hash
+        in: query
+        schema:
+          type: string
+          minLength: 16
+          maxLength: 16
+      - name: Name
+        in: query
+        schema:
+          type: string
+          maxLength: 128
+      - name: Source
+        in: query
+        schema:
+          type: string
+          maxLength: 1048576
+      - name: ResourceType
+        in: query
+        schema:
+          type: integer
+          format: uint32
+          minimum: 0
+      - name: ResourceID
+        in: query
+        schema:
+          type: integer
+          format: uint64
+          minimum: 0
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/Script"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+    post:
+      summary: Create a new script
+      operationId: createScript
+      tags:
+        - Scripts
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ScriptID"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /scripts/{ScriptID}:
+    get:
+      summary: Get the specified script by ID
+      operationId: getScript
+      tags:
+        - Scripts
+      parameters:
+        - $ref: '#/components/parameters/ScriptID'
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Script"
         default:
           description: General Error
           content:
@@ -65,6 +467,24 @@ paths:
                 $ref: "#/components/schemas/Error"
 components:
   parameters:
+    MapfixID:
+      name: MapfixID
+      in: path
+      required: true
+      description: The unique identifier for a submission.
+      schema:
+        type: integer
+        format: uint64
+        minimum: 0
+    OperationID:
+      name: OperationID
+      in: path
+      required: true
+      description: The unique identifier for a long-running operation.
+      schema:
+        type: integer
+        format: uint32
+        minimum: 0
     SubmissionID:
       name: SubmissionID
       in: path
@@ -72,30 +492,255 @@ components:
       description: The unique identifier for a submission.
       schema:
         type: integer
-        format: int64
+        format: uint64
+        minimum: 0
+    ScriptID:
+      name: ScriptID
+      in: path
+      required: true
+      description: The unique identifier for a script.
+      schema:
+        type: integer
+        format: uint64
+        minimum: 0
+    Page:
+      name: Page
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: uint32
+        minimum: 1
+    Limit:
+      name: Limit
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: uint32
+        minimum: 1
+        maximum: 100
   schemas:
-    Pagination:
-      type: object
+    MapfixID:
       required:
-        - Page
-        - Limit
+      - MapfixID
+      type: object
       properties:
-        Page:
+        MapfixID:
           type: integer
-          format: int32
-          minimum: 1
-        Limit:
+          format: uint64
+          minimum: 0
+    SubmissionID:
+      required:
+      - SubmissionID
+      type: object
+      properties:
+        SubmissionID:
           type: integer
-          format: int32
-          minimum: 1
-          maximum: 100
+          format: uint64
+          minimum: 0
+    ScriptID:
+      required:
+      - ScriptID
+      type: object
+      properties:
+        ScriptID:
+          type: integer
+          format: uint64
+          minimum: 0
+    ScriptPolicyID:
+      required:
+      - ScriptPolicyID
+      type: object
+      properties:
+        ScriptPolicyID:
+          type: integer
+          format: uint64
+          minimum: 0
+    MapfixCreate:
+      required:
+      - OperationID
+      - AssetOwner
+      - DisplayName
+      - Creator
+      - GameID
+      - AssetID
+      - AssetVersion
+      - TargetAssetID
+      type: object
+      properties:
+        OperationID:
+          type: integer
+          format: uint32
+          minimum: 0
+        AssetOwner:
+          type: integer
+          format: uint64
+          minimum: 0
+        DisplayName:
+          type: string
+          maxLength: 128
+        Creator:
+          type: string
+          maxLength: 128
+        GameID:
+          type: integer
+          format: uint32
+          minimum: 0
+        AssetID:
+          type: integer
+          format: uint64
+          minimum: 0
+        AssetVersion:
+          type: integer
+          format: uint64
+          minimum: 0
+        TargetAssetID:
+          type: integer
+          format: uint64
+          minimum: 0
+    SubmissionCreate:
+      required:
+      - OperationID
+      - AssetOwner
+      - DisplayName
+      - Creator
+      - GameID
+      - AssetID
+      - AssetVersion
+      type: object
+      properties:
+        OperationID:
+          type: integer
+          format: uint32
+          minimum: 0
+        AssetOwner:
+          type: integer
+          format: uint64
+          minimum: 0
+        DisplayName:
+          type: string
+          maxLength: 128
+        Creator:
+          type: string
+          maxLength: 128
+        GameID:
+          type: integer
+          format: uint32
+          minimum: 0
+        AssetID:
+          type: integer
+          format: uint64
+          minimum: 0
+        AssetVersion:
+          type: integer
+          format: uint64
+          minimum: 0
+    Script:
+      required:
+      - ID
+      - Name
+      - Hash
+      - Source
+      - ResourceType
+      - ResourceID
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: uint64
+          minimum: 0
+        Name:
+          type: string
+          maxLength: 128
+        Hash:
+          type: string
+          minLength: 16
+          maxLength: 16
+        Source:
+          type: string
+          maxLength: 1048576
+        ResourceType:
+          type: integer
+          format: uint32
+          minimum: 0
+        ResourceID:
+          type: integer
+          format: uint64
+          minimum: 0
+    ScriptCreate:
+      required:
+      - Name
+      - Source
+      - ResourceType
+#     - ResourceID
+      type: object
+      properties:
+        Name:
+          type: string
+          maxLength: 128
+        Source:
+          type: string
+          maxLength: 1048576
+        ResourceType:
+          type: integer
+          format: uint32
+          minimum: 0
+        ResourceID:
+          type: integer
+          format: uint64
+          minimum: 0
+    ScriptPolicy:
+      required:
+      - ID
+      - FromScriptHash
+      - ToScriptID
+      - Policy
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: uint64
+          minimum: 0
+        FromScriptHash:
+          type: string
+          minLength: 16
+          maxLength: 16
+        ToScriptID:
+          type: integer
+          format: uint64
+          minimum: 0
+        Policy:
+          type: integer
+          format: uint32
+          minimum: 0
+    ScriptPolicyCreate:
+      required:
+      - FromScriptID
+      - ToScriptID
+      - Policy
+      type: object
+      properties:
+        FromScriptID:
+          type: integer
+          format: uint64
+          minimum: 0
+        ToScriptID:
+          type: integer
+          format: uint64
+          minimum: 0
+        Policy:
+          type: integer
+          format: uint32
+          minimum: 0
     Error:
       description: Represents error object
       type: object
       properties:
         code:
           type: integer
-          format: int64
+          format: uint64
+          minimum: 0
         message:
           type: string
       required:

pkg/api/oas_operations_gen.go

@@ -6,24 +6,54 @@ package api
 type OperationName = string
 
 const (
+	ActionMapfixAcceptedOperation            OperationName = "ActionMapfixAccepted"
+	ActionMapfixRejectOperation              OperationName = "ActionMapfixReject"
+	ActionMapfixRequestChangesOperation      OperationName = "ActionMapfixRequestChanges"
+	ActionMapfixResetSubmittingOperation     OperationName = "ActionMapfixResetSubmitting"
+	ActionMapfixRetryValidateOperation       OperationName = "ActionMapfixRetryValidate"
+	ActionMapfixRevokeOperation              OperationName = "ActionMapfixRevoke"
+	ActionMapfixTriggerSubmitOperation       OperationName = "ActionMapfixTriggerSubmit"
+	ActionMapfixTriggerUploadOperation       OperationName = "ActionMapfixTriggerUpload"
+	ActionMapfixTriggerValidateOperation     OperationName = "ActionMapfixTriggerValidate"
+	ActionMapfixValidatedOperation           OperationName = "ActionMapfixValidated"
+	ActionSubmissionAcceptedOperation        OperationName = "ActionSubmissionAccepted"
 	ActionSubmissionRejectOperation          OperationName = "ActionSubmissionReject"
 	ActionSubmissionRequestChangesOperation  OperationName = "ActionSubmissionRequestChanges"
+	ActionSubmissionResetSubmittingOperation OperationName = "ActionSubmissionResetSubmitting"
+	ActionSubmissionRetryValidateOperation   OperationName = "ActionSubmissionRetryValidate"
 	ActionSubmissionRevokeOperation          OperationName = "ActionSubmissionRevoke"
-	ActionSubmissionSubmitOperation          OperationName = "ActionSubmissionSubmit"
+	ActionSubmissionTriggerSubmitOperation   OperationName = "ActionSubmissionTriggerSubmit"
 	ActionSubmissionTriggerUploadOperation   OperationName = "ActionSubmissionTriggerUpload"
 	ActionSubmissionTriggerValidateOperation OperationName = "ActionSubmissionTriggerValidate"
+	ActionSubmissionValidatedOperation       OperationName = "ActionSubmissionValidated"
+	CreateMapfixOperation                    OperationName = "CreateMapfix"
+	CreateMapfixAuditCommentOperation        OperationName = "CreateMapfixAuditComment"
 	CreateScriptOperation                    OperationName = "CreateScript"
 	CreateScriptPolicyOperation              OperationName = "CreateScriptPolicy"
 	CreateSubmissionOperation                OperationName = "CreateSubmission"
+	CreateSubmissionAuditCommentOperation    OperationName = "CreateSubmissionAuditComment"
 	DeleteScriptOperation                    OperationName = "DeleteScript"
 	DeleteScriptPolicyOperation              OperationName = "DeleteScriptPolicy"
+	GetMapOperation                          OperationName = "GetMap"
+	GetMapfixOperation                       OperationName = "GetMapfix"
+	GetOperationOperation                    OperationName = "GetOperation"
 	GetScriptOperation                       OperationName = "GetScript"
 	GetScriptPolicyOperation                 OperationName = "GetScriptPolicy"
-	GetScriptPolicyFromHashOperation         OperationName = "GetScriptPolicyFromHash"
 	GetSubmissionOperation                   OperationName = "GetSubmission"
+	ListMapfixAuditEventsOperation           OperationName = "ListMapfixAuditEvents"
+	ListMapfixesOperation                    OperationName = "ListMapfixes"
+	ListMapsOperation                        OperationName = "ListMaps"
 	ListScriptPolicyOperation                OperationName = "ListScriptPolicy"
+	ListScriptsOperation                     OperationName = "ListScripts"
+	ListSubmissionAuditEventsOperation       OperationName = "ListSubmissionAuditEvents"
 	ListSubmissionsOperation                 OperationName = "ListSubmissions"
+	ReleaseSubmissionsOperation              OperationName = "ReleaseSubmissions"
+	SessionRolesOperation                    OperationName = "SessionRoles"
+	SessionUserOperation                     OperationName = "SessionUser"
+	SessionValidateOperation                 OperationName = "SessionValidate"
+	SetMapfixCompletedOperation              OperationName = "SetMapfixCompleted"
 	SetSubmissionCompletedOperation          OperationName = "SetSubmissionCompleted"
+	UpdateMapfixModelOperation               OperationName = "UpdateMapfixModel"
 	UpdateScriptOperation                    OperationName = "UpdateScript"
 	UpdateScriptPolicyOperation              OperationName = "UpdateScriptPolicy"
 	UpdateSubmissionModelOperation           OperationName = "UpdateSubmissionModel"

pkg/api/oas_request_decoders_gen.go

@@ -3,6 +3,7 @@
 package api
 
 import (
+	"fmt"
 	"io"
 	"mime"
 	"net/http"
@@ -15,6 +16,111 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 
+func (s *Server) decodeCreateMapfixRequest(r *http.Request) (
+	req *MapfixTriggerCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request MapfixTriggerCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
+func (s *Server) decodeCreateMapfixAuditCommentRequest(r *http.Request) (
+	req CreateMapfixAuditCommentReq,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "text/plain":
+		reader := r.Body
+		request := CreateMapfixAuditCommentReq{Data: reader}
+		return request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
 func (s *Server) decodeCreateScriptRequest(r *http.Request) (
 	req *ScriptCreate,
 	close func() error,
@@ -143,6 +249,14 @@ func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
 			}
 			return req, close, err
 		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
@@ -150,7 +264,7 @@ func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
 }
 
 func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
-	req *SubmissionCreate,
+	req *SubmissionTriggerCreate,
 	close func() error,
 	rerr error,
 ) {
@@ -189,7 +303,7 @@ func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 
 		d := jx.DecodeBytes(buf)
 
-		var request SubmissionCreate
+		var request SubmissionTriggerCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
@@ -220,8 +334,8 @@ func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 	}
 }
 
-func (s *Server) decodeListScriptPolicyRequest(r *http.Request) (
-	req *ListScriptPolicyReq,
+func (s *Server) decodeCreateSubmissionAuditCommentRequest(r *http.Request) (
+	req CreateSubmissionAuditCommentReq,
 	close func() error,
 	rerr error,
 ) {
@@ -245,54 +359,17 @@ func (s *Server) decodeListScriptPolicyRequest(r *http.Request) (
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request ListScriptPolicyReq
-		if err := func() error {
-			if err := request.Decode(d); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		if err := func() error {
-			if err := request.Validate(); err != nil {
-				return err
-			}
-			return nil
-		}(); err != nil {
-			return req, close, errors.Wrap(err, "validate")
-		}
-		return &request, close, nil
+	case ct == "text/plain":
+		reader := r.Body
+		request := CreateSubmissionAuditCommentReq{Data: reader}
+		return request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
 
-func (s *Server) decodeListSubmissionsRequest(r *http.Request) (
-	req *ListSubmissionsReq,
+func (s *Server) decodeReleaseSubmissionsRequest(r *http.Request) (
+	req []ReleaseInfo,
 	close func() error,
 	rerr error,
 ) {
@@ -331,9 +408,17 @@ func (s *Server) decodeListSubmissionsRequest(r *http.Request) (
 
 		d := jx.DecodeBytes(buf)
 
-		var request ListSubmissionsReq
+		var request []ReleaseInfo
 		if err := func() error {
-			if err := request.Decode(d); err != nil {
+			request = make([]ReleaseInfo, 0)
+			if err := d.Arr(func(d *jx.Decoder) error {
+				var elem ReleaseInfo
+				if err := elem.Decode(d); err != nil {
+					return err
+				}
+				request = append(request, elem)
+				return nil
+			}); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
@@ -349,14 +434,39 @@ func (s *Server) decodeListSubmissionsRequest(r *http.Request) (
 			return req, close, err
 		}
 		if err := func() error {
-			if err := request.Validate(); err != nil {
-				return err
+			if request == nil {
+				return errors.New("nil is invalid value")
+			}
+			if err := (validate.Array{
+				MinLength:    1,
+				MinLengthSet: true,
+				MaxLength:    255,
+				MaxLengthSet: true,
+			}).ValidateLength(len(request)); err != nil {
+				return errors.Wrap(err, "array")
+			}
+			var failures []validate.FieldError
+			for i, elem := range request {
+				if err := func() error {
+					if err := elem.Validate(); err != nil {
+						return err
+					}
+					return nil
+				}(); err != nil {
+					failures = append(failures, validate.FieldError{
+						Name:  fmt.Sprintf("[%d]", i),
+						Error: err,
+					})
+				}
+			}
+			if len(failures) > 0 {
+				return &validate.Error{Fields: failures}
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
-		return &request, close, nil
+		return request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
@@ -490,6 +600,14 @@ func (s *Server) decodeUpdateScriptPolicyRequest(r *http.Request) (
 			}
 			return req, close, err
 		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)

pkg/api/oas_request_encoders_gen.go

@@ -11,6 +11,30 @@ import (
 	ht "github.com/ogen-go/ogen/http"
 )
 
+func encodeCreateMapfixRequest(
+	req *MapfixTriggerCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
+func encodeCreateMapfixAuditCommentRequest(
+	req CreateMapfixAuditCommentReq,
+	r *http.Request,
+) error {
+	const contentType = "text/plain"
+	body := req
+	ht.SetBody(r, body, contentType)
+	return nil
+}
+
 func encodeCreateScriptRequest(
 	req *ScriptCreate,
 	r *http.Request,
@@ -40,7 +64,7 @@ func encodeCreateScriptPolicyRequest(
 }
 
 func encodeCreateSubmissionRequest(
-	req *SubmissionCreate,
+	req *SubmissionTriggerCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
@@ -53,28 +77,28 @@ func encodeCreateSubmissionRequest(
 	return nil
 }
 
-func encodeListScriptPolicyRequest(
-	req *ListScriptPolicyReq,
+func encodeCreateSubmissionAuditCommentRequest(
+	req CreateSubmissionAuditCommentReq,
 	r *http.Request,
 ) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		req.Encode(e)
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	const contentType = "text/plain"
+	body := req
+	ht.SetBody(r, body, contentType)
 	return nil
 }
 
-func encodeListSubmissionsRequest(
-	req *ListSubmissionsReq,
+func encodeReleaseSubmissionsRequest(
+	req []ReleaseInfo,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
-		req.Encode(e)
+		e.ArrStart()
+		for _, elem := range req {
+			elem.Encode(e)
+		}
+		e.ArrEnd()
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)

pkg/api/oas_response_encoders_gen.go

@@ -13,6 +13,83 @@ import (
 	ht "github.com/ogen-go/ogen/http"
 )
 
+func encodeActionMapfixAcceptedResponse(response *ActionMapfixAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixRejectResponse(response *ActionMapfixRejectNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixRequestChangesResponse(response *ActionMapfixRequestChangesNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixResetSubmittingResponse(response *ActionMapfixResetSubmittingNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixRetryValidateResponse(response *ActionMapfixRetryValidateNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixRevokeResponse(response *ActionMapfixRevokeNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixTriggerSubmitResponse(response *ActionMapfixTriggerSubmitNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixTriggerUploadResponse(response *ActionMapfixTriggerUploadNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixTriggerValidateResponse(response *ActionMapfixTriggerValidateNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixValidatedResponse(response *ActionMapfixValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeActionSubmissionRejectResponse(response *ActionSubmissionRejectNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -27,6 +104,20 @@ func encodeActionSubmissionRequestChangesResponse(response *ActionSubmissionRequ
 	return nil
 }
 
+func encodeActionSubmissionResetSubmittingResponse(response *ActionSubmissionResetSubmittingNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionSubmissionRetryValidateResponse(response *ActionSubmissionRetryValidateNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeActionSubmissionRevokeResponse(response *ActionSubmissionRevokeNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -34,7 +125,7 @@ func encodeActionSubmissionRevokeResponse(response *ActionSubmissionRevokeNoCont
 	return nil
 }
 
-func encodeActionSubmissionSubmitResponse(response *ActionSubmissionSubmitNoContent, w http.ResponseWriter, span trace.Span) error {
+func encodeActionSubmissionTriggerSubmitResponse(response *ActionSubmissionTriggerSubmitNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 
@@ -55,7 +146,14 @@ func encodeActionSubmissionTriggerValidateResponse(response *ActionSubmissionTri
 	return nil
 }
 
-func encodeCreateScriptResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
+func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeCreateMapfixResponse(response *OperationID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
@@ -69,7 +167,14 @@ func encodeCreateScriptResponse(response *ID, w http.ResponseWriter, span trace.
 	return nil
 }
 
-func encodeCreateScriptPolicyResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
+func encodeCreateMapfixAuditCommentResponse(response *CreateMapfixAuditCommentNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeCreateScriptResponse(response *ScriptID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
@@ -83,7 +188,7 @@ func encodeCreateScriptPolicyResponse(response *ID, w http.ResponseWriter, span
 	return nil
 }
 
-func encodeCreateSubmissionResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
+func encodeCreateScriptPolicyResponse(response *ScriptPolicyID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
@@ -97,6 +202,27 @@ func encodeCreateSubmissionResponse(response *ID, w http.ResponseWriter, span tr
 	return nil
 }
 
+func encodeCreateSubmissionResponse(response *OperationID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeCreateSubmissionAuditCommentResponse(response *CreateSubmissionAuditCommentNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeDeleteScriptResponse(response *DeleteScriptNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -111,6 +237,48 @@ func encodeDeleteScriptPolicyResponse(response *DeleteScriptPolicyNoContent, w h
 	return nil
 }
 
+func encodeGetMapResponse(response *Map, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetMapfixResponse(response *Mapfix, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetOperationResponse(response *Operation, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeGetScriptResponse(response *Script, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -139,7 +307,7 @@ func encodeGetScriptPolicyResponse(response *ScriptPolicy, w http.ResponseWriter
 	return nil
 }
 
-func encodeGetScriptPolicyFromHashResponse(response *ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
+func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
@@ -153,7 +321,25 @@ func encodeGetScriptPolicyFromHashResponse(response *ScriptPolicy, w http.Respon
 	return nil
 }
 
-func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, span trace.Span) error {
+func encodeListMapfixAuditEventsResponse(response []AuditEvent, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListMapfixesResponse(response *Mapfixes, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
@@ -167,6 +353,24 @@ func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, sp
 	return nil
 }
 
+func encodeListMapsResponse(response []Map, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -185,7 +389,7 @@ func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWrit
 	return nil
 }
 
-func encodeListSubmissionsResponse(response []Submission, w http.ResponseWriter, span trace.Span) error {
+func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
@@ -203,6 +407,94 @@ func encodeListSubmissionsResponse(response []Submission, w http.ResponseWriter,
 	return nil
 }
 
+func encodeListSubmissionAuditEventsResponse(response []AuditEvent, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListSubmissionsResponse(response *Submissions, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeReleaseSubmissionsResponse(response *ReleaseSubmissionsCreated, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	return nil
+}
+
+func encodeSessionRolesResponse(response *Roles, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeSessionUserResponse(response *User, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeSessionValidateResponse(response bool, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.Bool(response)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeSetMapfixCompletedResponse(response *SetMapfixCompletedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeSetSubmissionCompletedResponse(response *SetSubmissionCompletedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -210,6 +502,13 @@ func encodeSetSubmissionCompletedResponse(response *SetSubmissionCompletedNoCont
 	return nil
 }
 
+func encodeUpdateMapfixModelResponse(response *UpdateMapfixModelNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeUpdateScriptResponse(response *UpdateScriptNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))

pkg/api/oas_server_gen.go

@@ -8,6 +8,73 @@ import (
 
 // Handler handles operations described by OpenAPI v3 specification.
 type Handler interface {
+	// ActionMapfixAccepted implements actionMapfixAccepted operation.
+	//
+	// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+	//
+	// POST /mapfixes/{MapfixID}/status/reset-validating
+	ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error
+	// ActionMapfixReject implements actionMapfixReject operation.
+	//
+	// Role Reviewer changes status from Submitted -> Rejected.
+	//
+	// POST /mapfixes/{MapfixID}/status/reject
+	ActionMapfixReject(ctx context.Context, params ActionMapfixRejectParams) error
+	// ActionMapfixRequestChanges implements actionMapfixRequestChanges operation.
+	//
+	// Role Reviewer changes status from Validated|Accepted|Submitted -> ChangesRequested.
+	//
+	// POST /mapfixes/{MapfixID}/status/request-changes
+	ActionMapfixRequestChanges(ctx context.Context, params ActionMapfixRequestChangesParams) error
+	// ActionMapfixResetSubmitting implements actionMapfixResetSubmitting operation.
+	//
+	// Role Submitter manually resets submitting softlock and changes status from Submitting ->
+	// UnderConstruction.
+	//
+	// POST /mapfixes/{MapfixID}/status/reset-submitting
+	ActionMapfixResetSubmitting(ctx context.Context, params ActionMapfixResetSubmittingParams) error
+	// ActionMapfixRetryValidate implements actionMapfixRetryValidate operation.
+	//
+	// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
+	//
+	// POST /mapfixes/{MapfixID}/status/retry-validate
+	ActionMapfixRetryValidate(ctx context.Context, params ActionMapfixRetryValidateParams) error
+	// ActionMapfixRevoke implements actionMapfixRevoke operation.
+	//
+	// Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
+	//
+	// POST /mapfixes/{MapfixID}/status/revoke
+	ActionMapfixRevoke(ctx context.Context, params ActionMapfixRevokeParams) error
+	// ActionMapfixTriggerSubmit implements actionMapfixTriggerSubmit operation.
+	//
+	// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitting.
+	//
+	// POST /mapfixes/{MapfixID}/status/trigger-submit
+	ActionMapfixTriggerSubmit(ctx context.Context, params ActionMapfixTriggerSubmitParams) error
+	// ActionMapfixTriggerUpload implements actionMapfixTriggerUpload operation.
+	//
+	// Role Admin changes status from Validated -> Uploading.
+	//
+	// POST /mapfixes/{MapfixID}/status/trigger-upload
+	ActionMapfixTriggerUpload(ctx context.Context, params ActionMapfixTriggerUploadParams) error
+	// ActionMapfixTriggerValidate implements actionMapfixTriggerValidate operation.
+	//
+	// Role Reviewer triggers validation and changes status from Submitted -> Validating.
+	//
+	// POST /mapfixes/{MapfixID}/status/trigger-validate
+	ActionMapfixTriggerValidate(ctx context.Context, params ActionMapfixTriggerValidateParams) error
+	// ActionMapfixValidated implements actionMapfixValidated operation.
+	//
+	// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+	//
+	// POST /mapfixes/{MapfixID}/status/reset-uploading
+	ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error
+	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+	//
+	// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+	//
+	// POST /submissions/{SubmissionID}/status/reset-validating
+	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
 	// ActionSubmissionReject implements actionSubmissionReject operation.
 	//
 	// Role Reviewer changes status from Submitted -> Rejected.
@@ -20,18 +87,31 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/request-changes
 	ActionSubmissionRequestChanges(ctx context.Context, params ActionSubmissionRequestChangesParams) error
+	// ActionSubmissionResetSubmitting implements actionSubmissionResetSubmitting operation.
+	//
+	// Role Submitter manually resets submitting softlock and changes status from Submitting ->
+	// UnderConstruction.
+	//
+	// POST /submissions/{SubmissionID}/status/reset-submitting
+	ActionSubmissionResetSubmitting(ctx context.Context, params ActionSubmissionResetSubmittingParams) error
+	// ActionSubmissionRetryValidate implements actionSubmissionRetryValidate operation.
+	//
+	// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
+	//
+	// POST /submissions/{SubmissionID}/status/retry-validate
+	ActionSubmissionRetryValidate(ctx context.Context, params ActionSubmissionRetryValidateParams) error
 	// ActionSubmissionRevoke implements actionSubmissionRevoke operation.
 	//
 	// Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
 	//
 	// POST /submissions/{SubmissionID}/status/revoke
 	ActionSubmissionRevoke(ctx context.Context, params ActionSubmissionRevokeParams) error
-	// ActionSubmissionSubmit implements actionSubmissionSubmit operation.
+	// ActionSubmissionTriggerSubmit implements actionSubmissionTriggerSubmit operation.
 	//
-	// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitted.
+	// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitting.
 	//
-	// POST /submissions/{SubmissionID}/status/submit
-	ActionSubmissionSubmit(ctx context.Context, params ActionSubmissionSubmitParams) error
+	// POST /submissions/{SubmissionID}/status/trigger-submit
+	ActionSubmissionTriggerSubmit(ctx context.Context, params ActionSubmissionTriggerSubmitParams) error
 	// ActionSubmissionTriggerUpload implements actionSubmissionTriggerUpload operation.
 	//
 	// Role Admin changes status from Validated -> Uploading.
@@ -40,28 +120,52 @@ type Handler interface {
 	ActionSubmissionTriggerUpload(ctx context.Context, params ActionSubmissionTriggerUploadParams) error
 	// ActionSubmissionTriggerValidate implements actionSubmissionTriggerValidate operation.
 	//
-	// Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating.
+	// Role Reviewer triggers validation and changes status from Submitted -> Validating.
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-validate
 	ActionSubmissionTriggerValidate(ctx context.Context, params ActionSubmissionTriggerValidateParams) error
+	// ActionSubmissionValidated implements actionSubmissionValidated operation.
+	//
+	// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+	//
+	// POST /submissions/{SubmissionID}/status/reset-uploading
+	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
+	// CreateMapfix implements createMapfix operation.
+	//
+	// Trigger the validator to create a mapfix.
+	//
+	// POST /mapfixes
+	CreateMapfix(ctx context.Context, req *MapfixTriggerCreate) (*OperationID, error)
+	// CreateMapfixAuditComment implements createMapfixAuditComment operation.
+	//
+	// Post a comment to the audit log.
+	//
+	// POST /mapfixes/{MapfixID}/comment
+	CreateMapfixAuditComment(ctx context.Context, req CreateMapfixAuditCommentReq, params CreateMapfixAuditCommentParams) error
 	// CreateScript implements createScript operation.
 	//
 	// Create a new script.
 	//
 	// POST /scripts
-	CreateScript(ctx context.Context, req *ScriptCreate) (*ID, error)
+	CreateScript(ctx context.Context, req *ScriptCreate) (*ScriptID, error)
 	// CreateScriptPolicy implements createScriptPolicy operation.
 	//
 	// Create a new script policy.
 	//
 	// POST /script-policy
-	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ID, error)
+	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ScriptPolicyID, error)
 	// CreateSubmission implements createSubmission operation.
 	//
-	// Create new submission.
+	// Trigger the validator to create a new submission.
 	//
 	// POST /submissions
-	CreateSubmission(ctx context.Context, req *SubmissionCreate) (*ID, error)
+	CreateSubmission(ctx context.Context, req *SubmissionTriggerCreate) (*OperationID, error)
+	// CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
+	//
+	// Post a comment to the audit log.
+	//
+	// POST /submissions/{SubmissionID}/comment
+	CreateSubmissionAuditComment(ctx context.Context, req CreateSubmissionAuditCommentReq, params CreateSubmissionAuditCommentParams) error
 	// DeleteScript implements deleteScript operation.
 	//
 	// Delete the specified script by ID.
@@ -72,8 +176,26 @@ type Handler interface {
 	//
 	// Delete the specified script policy by ID.
 	//
-	// DELETE /script-policy/id/{ScriptPolicyID}
+	// DELETE /script-policy/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
+	// GetMap implements getMap operation.
+	//
+	// Retrieve map with ID.
+	//
+	// GET /maps/{MapID}
+	GetMap(ctx context.Context, params GetMapParams) (*Map, error)
+	// GetMapfix implements getMapfix operation.
+	//
+	// Retrieve map with ID.
+	//
+	// GET /mapfixes/{MapfixID}
+	GetMapfix(ctx context.Context, params GetMapfixParams) (*Mapfix, error)
+	// GetOperation implements getOperation operation.
+	//
+	// Retrieve operation with ID.
+	//
+	// GET /operations/{OperationID}
+	GetOperation(ctx context.Context, params GetOperationParams) (*Operation, error)
 	// GetScript implements getScript operation.
 	//
 	// Get the specified script by ID.
@@ -84,38 +206,98 @@ type Handler interface {
 	//
 	// Get the specified script policy by ID.
 	//
-	// GET /script-policy/id/{ScriptPolicyID}
+	// GET /script-policy/{ScriptPolicyID}
 	GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (*ScriptPolicy, error)
-	// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-	//
-	// Get the policy for the given hash of script source code.
-	//
-	// GET /script-policy/hash/{FromScriptHash}
-	GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (*ScriptPolicy, error)
 	// GetSubmission implements getSubmission operation.
 	//
 	// Retrieve map with ID.
 	//
 	// GET /submissions/{SubmissionID}
 	GetSubmission(ctx context.Context, params GetSubmissionParams) (*Submission, error)
+	// ListMapfixAuditEvents implements listMapfixAuditEvents operation.
+	//
+	// Retrieve a list of audit events.
+	//
+	// GET /mapfixes/{MapfixID}/audit-events
+	ListMapfixAuditEvents(ctx context.Context, params ListMapfixAuditEventsParams) ([]AuditEvent, error)
+	// ListMapfixes implements listMapfixes operation.
+	//
+	// Get list of mapfixes.
+	//
+	// GET /mapfixes
+	ListMapfixes(ctx context.Context, params ListMapfixesParams) (*Mapfixes, error)
+	// ListMaps implements listMaps operation.
+	//
+	// Get list of maps.
+	//
+	// GET /maps
+	ListMaps(ctx context.Context, params ListMapsParams) ([]Map, error)
 	// ListScriptPolicy implements listScriptPolicy operation.
 	//
 	// Get list of script policies.
 	//
 	// GET /script-policy
-	ListScriptPolicy(ctx context.Context, req *ListScriptPolicyReq) ([]ScriptPolicy, error)
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts implements listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
+	// ListSubmissionAuditEvents implements listSubmissionAuditEvents operation.
+	//
+	// Retrieve a list of audit events.
+	//
+	// GET /submissions/{SubmissionID}/audit-events
+	ListSubmissionAuditEvents(ctx context.Context, params ListSubmissionAuditEventsParams) ([]AuditEvent, error)
 	// ListSubmissions implements listSubmissions operation.
 	//
 	// Get list of submissions.
 	//
 	// GET /submissions
-	ListSubmissions(ctx context.Context, req *ListSubmissionsReq) ([]Submission, error)
+	ListSubmissions(ctx context.Context, params ListSubmissionsParams) (*Submissions, error)
+	// ReleaseSubmissions implements releaseSubmissions operation.
+	//
+	// Release a set of uploaded maps.
+	//
+	// POST /release-submissions
+	ReleaseSubmissions(ctx context.Context, req []ReleaseInfo) error
+	// SessionRoles implements sessionRoles operation.
+	//
+	// Get list of roles for the current session.
+	//
+	// GET /session/roles
+	SessionRoles(ctx context.Context) (*Roles, error)
+	// SessionUser implements sessionUser operation.
+	//
+	// Get information about the currently logged in user.
+	//
+	// GET /session/user
+	SessionUser(ctx context.Context) (*User, error)
+	// SessionValidate implements sessionValidate operation.
+	//
+	// Ask if the current session is valid.
+	//
+	// GET /session/validate
+	SessionValidate(ctx context.Context) (bool, error)
+	// SetMapfixCompleted implements setMapfixCompleted operation.
+	//
+	// Called by maptest when a player completes the map.
+	//
+	// POST /mapfixes/{MapfixID}/completed
+	SetMapfixCompleted(ctx context.Context, params SetMapfixCompletedParams) error
 	// SetSubmissionCompleted implements setSubmissionCompleted operation.
 	//
-	// Retrieve map with ID.
+	// Called by maptest when a player completes the map.
 	//
 	// POST /submissions/{SubmissionID}/completed
 	SetSubmissionCompleted(ctx context.Context, params SetSubmissionCompletedParams) error
+	// UpdateMapfixModel implements updateMapfixModel operation.
+	//
+	// Update model following role restrictions.
+	//
+	// POST /mapfixes/{MapfixID}/model
+	UpdateMapfixModel(ctx context.Context, params UpdateMapfixModelParams) error
 	// UpdateScript implements updateScript operation.
 	//
 	// Update the specified script by ID.
@@ -126,7 +308,7 @@ type Handler interface {
 	//
 	// Update the specified script policy by ID.
 	//
-	// POST /script-policy/id/{ScriptPolicyID}
+	// POST /script-policy/{ScriptPolicyID}
 	UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error
 	// UpdateSubmissionModel implements updateSubmissionModel operation.
 	//

pkg/api/oas_unimplemented_gen.go

@@ -13,6 +13,106 @@ type UnimplementedHandler struct{}
 
 var _ Handler = UnimplementedHandler{}
 
+// ActionMapfixAccepted implements actionMapfixAccepted operation.
+//
+// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+//
+// POST /mapfixes/{MapfixID}/status/reset-validating
+func (UnimplementedHandler) ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixReject implements actionMapfixReject operation.
+//
+// Role Reviewer changes status from Submitted -> Rejected.
+//
+// POST /mapfixes/{MapfixID}/status/reject
+func (UnimplementedHandler) ActionMapfixReject(ctx context.Context, params ActionMapfixRejectParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixRequestChanges implements actionMapfixRequestChanges operation.
+//
+// Role Reviewer changes status from Validated|Accepted|Submitted -> ChangesRequested.
+//
+// POST /mapfixes/{MapfixID}/status/request-changes
+func (UnimplementedHandler) ActionMapfixRequestChanges(ctx context.Context, params ActionMapfixRequestChangesParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixResetSubmitting implements actionMapfixResetSubmitting operation.
+//
+// Role Submitter manually resets submitting softlock and changes status from Submitting ->
+// UnderConstruction.
+//
+// POST /mapfixes/{MapfixID}/status/reset-submitting
+func (UnimplementedHandler) ActionMapfixResetSubmitting(ctx context.Context, params ActionMapfixResetSubmittingParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixRetryValidate implements actionMapfixRetryValidate operation.
+//
+// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
+//
+// POST /mapfixes/{MapfixID}/status/retry-validate
+func (UnimplementedHandler) ActionMapfixRetryValidate(ctx context.Context, params ActionMapfixRetryValidateParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixRevoke implements actionMapfixRevoke operation.
+//
+// Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
+//
+// POST /mapfixes/{MapfixID}/status/revoke
+func (UnimplementedHandler) ActionMapfixRevoke(ctx context.Context, params ActionMapfixRevokeParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixTriggerSubmit implements actionMapfixTriggerSubmit operation.
+//
+// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitting.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-submit
+func (UnimplementedHandler) ActionMapfixTriggerSubmit(ctx context.Context, params ActionMapfixTriggerSubmitParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixTriggerUpload implements actionMapfixTriggerUpload operation.
+//
+// Role Admin changes status from Validated -> Uploading.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-upload
+func (UnimplementedHandler) ActionMapfixTriggerUpload(ctx context.Context, params ActionMapfixTriggerUploadParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixTriggerValidate implements actionMapfixTriggerValidate operation.
+//
+// Role Reviewer triggers validation and changes status from Submitted -> Validating.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-validate
+func (UnimplementedHandler) ActionMapfixTriggerValidate(ctx context.Context, params ActionMapfixTriggerValidateParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixValidated implements actionMapfixValidated operation.
+//
+// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+//
+// POST /mapfixes/{MapfixID}/status/reset-uploading
+func (UnimplementedHandler) ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+//
+// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+//
+// POST /submissions/{SubmissionID}/status/reset-validating
+func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
+	return ht.ErrNotImplemented
+}
+
 // ActionSubmissionReject implements actionSubmissionReject operation.
 //
 // Role Reviewer changes status from Submitted -> Rejected.
@@ -31,6 +131,25 @@ func (UnimplementedHandler) ActionSubmissionRequestChanges(ctx context.Context,
 	return ht.ErrNotImplemented
 }
 
+// ActionSubmissionResetSubmitting implements actionSubmissionResetSubmitting operation.
+//
+// Role Submitter manually resets submitting softlock and changes status from Submitting ->
+// UnderConstruction.
+//
+// POST /submissions/{SubmissionID}/status/reset-submitting
+func (UnimplementedHandler) ActionSubmissionResetSubmitting(ctx context.Context, params ActionSubmissionResetSubmittingParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionSubmissionRetryValidate implements actionSubmissionRetryValidate operation.
+//
+// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
+//
+// POST /submissions/{SubmissionID}/status/retry-validate
+func (UnimplementedHandler) ActionSubmissionRetryValidate(ctx context.Context, params ActionSubmissionRetryValidateParams) error {
+	return ht.ErrNotImplemented
+}
+
 // ActionSubmissionRevoke implements actionSubmissionRevoke operation.
 //
 // Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
@@ -40,12 +159,12 @@ func (UnimplementedHandler) ActionSubmissionRevoke(ctx context.Context, params A
 	return ht.ErrNotImplemented
 }
 
-// ActionSubmissionSubmit implements actionSubmissionSubmit operation.
+// ActionSubmissionTriggerSubmit implements actionSubmissionTriggerSubmit operation.
 //
-// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitted.
+// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitting.
 //
-// POST /submissions/{SubmissionID}/status/submit
-func (UnimplementedHandler) ActionSubmissionSubmit(ctx context.Context, params ActionSubmissionSubmitParams) error {
+// POST /submissions/{SubmissionID}/status/trigger-submit
+func (UnimplementedHandler) ActionSubmissionTriggerSubmit(ctx context.Context, params ActionSubmissionTriggerSubmitParams) error {
 	return ht.ErrNotImplemented
 }
 
@@ -60,19 +179,46 @@ func (UnimplementedHandler) ActionSubmissionTriggerUpload(ctx context.Context, p
 
 // ActionSubmissionTriggerValidate implements actionSubmissionTriggerValidate operation.
 //
-// Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating.
+// Role Reviewer triggers validation and changes status from Submitted -> Validating.
 //
 // POST /submissions/{SubmissionID}/status/trigger-validate
 func (UnimplementedHandler) ActionSubmissionTriggerValidate(ctx context.Context, params ActionSubmissionTriggerValidateParams) error {
 	return ht.ErrNotImplemented
 }
 
+// ActionSubmissionValidated implements actionSubmissionValidated operation.
+//
+// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+//
+// POST /submissions/{SubmissionID}/status/reset-uploading
+func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// CreateMapfix implements createMapfix operation.
+//
+// Trigger the validator to create a mapfix.
+//
+// POST /mapfixes
+func (UnimplementedHandler) CreateMapfix(ctx context.Context, req *MapfixTriggerCreate) (r *OperationID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// CreateMapfixAuditComment implements createMapfixAuditComment operation.
+//
+// Post a comment to the audit log.
+//
+// POST /mapfixes/{MapfixID}/comment
+func (UnimplementedHandler) CreateMapfixAuditComment(ctx context.Context, req CreateMapfixAuditCommentReq, params CreateMapfixAuditCommentParams) error {
+	return ht.ErrNotImplemented
+}
+
 // CreateScript implements createScript operation.
 //
 // Create a new script.
 //
 // POST /scripts
-func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ID, _ error) {
+func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ScriptID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
@@ -81,19 +227,28 @@ func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate)
 // Create a new script policy.
 //
 // POST /script-policy
-func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ID, _ error) {
+func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ScriptPolicyID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
 // CreateSubmission implements createSubmission operation.
 //
-// Create new submission.
+// Trigger the validator to create a new submission.
 //
 // POST /submissions
-func (UnimplementedHandler) CreateSubmission(ctx context.Context, req *SubmissionCreate) (r *ID, _ error) {
+func (UnimplementedHandler) CreateSubmission(ctx context.Context, req *SubmissionTriggerCreate) (r *OperationID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
+// CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
+//
+// Post a comment to the audit log.
+//
+// POST /submissions/{SubmissionID}/comment
+func (UnimplementedHandler) CreateSubmissionAuditComment(ctx context.Context, req CreateSubmissionAuditCommentReq, params CreateSubmissionAuditCommentParams) error {
+	return ht.ErrNotImplemented
+}
+
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
@@ -107,11 +262,38 @@ func (UnimplementedHandler) DeleteScript(ctx context.Context, params DeleteScrip
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }
 
+// GetMap implements getMap operation.
+//
+// Retrieve map with ID.
+//
+// GET /maps/{MapID}
+func (UnimplementedHandler) GetMap(ctx context.Context, params GetMapParams) (r *Map, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetMapfix implements getMapfix operation.
+//
+// Retrieve map with ID.
+//
+// GET /mapfixes/{MapfixID}
+func (UnimplementedHandler) GetMapfix(ctx context.Context, params GetMapfixParams) (r *Mapfix, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetOperation implements getOperation operation.
+//
+// Retrieve operation with ID.
+//
+// GET /operations/{OperationID}
+func (UnimplementedHandler) GetOperation(ctx context.Context, params GetOperationParams) (r *Operation, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // GetScript implements getScript operation.
 //
 // Get the specified script by ID.
@@ -125,20 +307,11 @@ func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParam
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (r *ScriptPolicy, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
-// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (UnimplementedHandler) GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (r *ScriptPolicy, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
 // GetSubmission implements getSubmission operation.
 //
 // Retrieve map with ID.
@@ -148,12 +321,57 @@ func (UnimplementedHandler) GetSubmission(ctx context.Context, params GetSubmiss
 	return r, ht.ErrNotImplemented
 }
 
+// ListMapfixAuditEvents implements listMapfixAuditEvents operation.
+//
+// Retrieve a list of audit events.
+//
+// GET /mapfixes/{MapfixID}/audit-events
+func (UnimplementedHandler) ListMapfixAuditEvents(ctx context.Context, params ListMapfixAuditEventsParams) (r []AuditEvent, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListMapfixes implements listMapfixes operation.
+//
+// Get list of mapfixes.
+//
+// GET /mapfixes
+func (UnimplementedHandler) ListMapfixes(ctx context.Context, params ListMapfixesParams) (r *Mapfixes, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListMaps implements listMaps operation.
+//
+// Get list of maps.
+//
+// GET /maps
+func (UnimplementedHandler) ListMaps(ctx context.Context, params ListMapsParams) (r []Map, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
-func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, req *ListScriptPolicyReq) (r []ScriptPolicy, _ error) {
+func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListSubmissionAuditEvents implements listSubmissionAuditEvents operation.
+//
+// Retrieve a list of audit events.
+//
+// GET /submissions/{SubmissionID}/audit-events
+func (UnimplementedHandler) ListSubmissionAuditEvents(ctx context.Context, params ListSubmissionAuditEventsParams) (r []AuditEvent, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
@@ -162,19 +380,73 @@ func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, req *ListScrip
 // Get list of submissions.
 //
 // GET /submissions
-func (UnimplementedHandler) ListSubmissions(ctx context.Context, req *ListSubmissionsReq) (r []Submission, _ error) {
+func (UnimplementedHandler) ListSubmissions(ctx context.Context, params ListSubmissionsParams) (r *Submissions, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
+// ReleaseSubmissions implements releaseSubmissions operation.
+//
+// Release a set of uploaded maps.
+//
+// POST /release-submissions
+func (UnimplementedHandler) ReleaseSubmissions(ctx context.Context, req []ReleaseInfo) error {
+	return ht.ErrNotImplemented
+}
+
+// SessionRoles implements sessionRoles operation.
+//
+// Get list of roles for the current session.
+//
+// GET /session/roles
+func (UnimplementedHandler) SessionRoles(ctx context.Context) (r *Roles, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// SessionUser implements sessionUser operation.
+//
+// Get information about the currently logged in user.
+//
+// GET /session/user
+func (UnimplementedHandler) SessionUser(ctx context.Context) (r *User, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// SessionValidate implements sessionValidate operation.
+//
+// Ask if the current session is valid.
+//
+// GET /session/validate
+func (UnimplementedHandler) SessionValidate(ctx context.Context) (r bool, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// SetMapfixCompleted implements setMapfixCompleted operation.
+//
+// Called by maptest when a player completes the map.
+//
+// POST /mapfixes/{MapfixID}/completed
+func (UnimplementedHandler) SetMapfixCompleted(ctx context.Context, params SetMapfixCompletedParams) error {
+	return ht.ErrNotImplemented
+}
+
 // SetSubmissionCompleted implements setSubmissionCompleted operation.
 //
-// Retrieve map with ID.
+// Called by maptest when a player completes the map.
 //
 // POST /submissions/{SubmissionID}/completed
 func (UnimplementedHandler) SetSubmissionCompleted(ctx context.Context, params SetSubmissionCompletedParams) error {
 	return ht.ErrNotImplemented
 }
 
+// UpdateMapfixModel implements updateMapfixModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /mapfixes/{MapfixID}/model
+func (UnimplementedHandler) UpdateMapfixModel(ctx context.Context, params UpdateMapfixModelParams) error {
+	return ht.ErrNotImplemented
+}
+
 // UpdateScript implements updateScript operation.
 //
 // Update the specified script by ID.
@@ -188,7 +460,7 @@ func (UnimplementedHandler) UpdateScript(ctx context.Context, req *ScriptUpdate,
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }

pkg/cmds/serve.go

@@ -5,6 +5,7 @@ import (
 	"net/http"
 
 	"git.itzana.me/strafesnet/go-grpc/auth"
+	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore/gormstore"
 	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
@@ -77,6 +78,12 @@ func NewServeCommand() *cli.Command {
 				EnvVars: []string{"AUTH_RPC_HOST"},
 				Value:   "auth-service:8090",
 			},
+			&cli.StringFlag{
+				Name:    "data-rpc-host",
+				Usage:   "Host of data rpc",
+				EnvVars: []string{"DATA_RPC_HOST"},
+				Value:   "data-service:9000",
+			},
 			&cli.StringFlag{
 				Name:    "nats-host",
 				Usage:   "Host of nats",
@@ -110,12 +117,18 @@ func serve(ctx *cli.Context) error {
 		log.WithError(err).Fatal("failed to add stream")
 	}
 
+	// connect to main game database
+	conn, err := grpc.Dial(ctx.String("data-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
+	if err != nil {
+		log.Fatal(err)
+	}
 	svc := &service.Service{
 		DB:   db,
 		Nats: js,
+		Client: maps.NewMapsServiceClient(conn),
 	}
 
-	conn, err := grpc.Dial(ctx.String("auth-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
+	conn, err = grpc.Dial(ctx.String("auth-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		log.Fatal(err)
 	}
@@ -133,12 +146,32 @@ func serve(ctx *cli.Context) error {
 		Nats: js,
 	}
 
-	srv2, err := internal.NewServer(svc2, nil, internal.WithPathPrefix("/v1"))
+	srv2, err := internal.NewServer(svc2, internal.WithPathPrefix("/v1"))
 	if err != nil {
 		log.WithError(err).Fatal("failed to initialize api server")
 	}
+	// Channel to collect errors
+	errChan := make(chan error, 2)
 
-	// idk how else to do this
-	go http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
-	return http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
+	// First server
+	go func(errChan chan error) {
+		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
+	}(errChan)
+
+	// Second server
+	go func(errChan chan error) {
+		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
+	}(errChan)
+
+	// Wait for the first error or completion of both tasks
+	for i := 0; i < 2; i++ {
+		err := <-errChan
+		if err != nil {
+			fmt.Println("Exiting due to:", err)
+			return err
+		}
+	}
+	log.Println("Both servers have stopped.")
+
+	return nil
 }

pkg/datastore/datastore.go

@@ -3,29 +3,73 @@ package datastore
 import (
 	"context"
 	"errors"
+	"time"
+
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 
 var (
 	ErrNotExist        = errors.New("resource does not exist")
 	ErroNoRowsAffected = errors.New("query did not affect any rows")
+	ErrInvalidListSort = errors.New("invalid list sort parameter [1,2,3,4]")
+)
+
+type ListSort uint32
+const (
+	ListSortDisabled ListSort = 0
+	ListSortDisplayNameAscending ListSort = 1
+	ListSortDisplayNameDescending ListSort = 2
+	ListSortDateAscending ListSort = 3
+	ListSortDateDescending ListSort = 4
 )
 
 type Datastore interface {
+	AuditEvents() AuditEvents
+	Mapfixes() Mapfixes
+	Operations() Operations
 	Submissions() Submissions
 	Scripts() Scripts
 	ScriptPolicy() ScriptPolicy
 }
 
+type AuditEvents interface {
+	Get(ctx context.Context, id int64) (model.AuditEvent, error)
+	Create(ctx context.Context, smap model.AuditEvent) (model.AuditEvent, error)
+	Update(ctx context.Context, id int64, values OptionalMap) error
+	Delete(ctx context.Context, id int64) error
+	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.AuditEvent, error)
+}
+
+type Mapfixes interface {
+	Get(ctx context.Context, id int64) (model.Mapfix, error)
+	GetList(ctx context.Context, id []int64) ([]model.Mapfix, error)
+	Create(ctx context.Context, smap model.Mapfix) (model.Mapfix, error)
+	Update(ctx context.Context, id int64, values OptionalMap) error
+	IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.MapfixStatus, values OptionalMap) error
+	IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.MapfixStatus, values OptionalMap) (model.Mapfix, error)
+	Delete(ctx context.Context, id int64) error
+	List(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) ([]model.Mapfix, error)
+	ListWithTotal(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) (uint64, []model.Mapfix, error)
+}
+
+type Operations interface {
+	Get(ctx context.Context, id int32) (model.Operation, error)
+	Create(ctx context.Context, smap model.Operation) (model.Operation, error)
+	Update(ctx context.Context, id int32, values OptionalMap) error
+	Delete(ctx context.Context, id int32) error
+	CountSince(ctx context.Context, owner int64, since time.Time) (int64, error)
+}
+
 type Submissions interface {
 	Get(ctx context.Context, id int64) (model.Submission, error)
 	GetList(ctx context.Context, id []int64) ([]model.Submission, error)
 	Create(ctx context.Context, smap model.Submission) (model.Submission, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
-	IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values OptionalMap) error
-	IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.Status, values OptionalMap) (model.Submission, error)
+	IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values OptionalMap) error
+	IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.SubmissionStatus, values OptionalMap) (model.Submission, error)
 	Delete(ctx context.Context, id int64) error
-	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Submission, error)
+	List(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) ([]model.Submission, error)
+	ListWithTotal(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) (int64, []model.Submission, error)
 }
 
 type Scripts interface {
@@ -33,6 +77,7 @@ type Scripts interface {
 	Create(ctx context.Context, smap model.Script) (model.Script, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
 	Delete(ctx context.Context, id int64) error
+	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Script, error)
 }
 
 type ScriptPolicy interface {

pkg/datastore/filter.go

@@ -10,7 +10,17 @@ func Optional() OptionalMap {
 	return OptionalMap{filter: map[string]interface{}{}}
 }
 
-func (q OptionalMap) Add(column string, value interface{}) OptionalMap {
+func (q OptionalMap) Add2(column string, value interface{}) OptionalMap {
+	q.filter[column] = value
+	return q
+}
+
+func (q OptionalMap) AddPostgresInt32(column string, value uint32) OptionalMap {
+	q.filter[column] = value
+	return q
+}
+
+func (q OptionalMap) AddPostgresInt64(column string, value uint64) OptionalMap {
 	q.filter[column] = value
 	return q
 }

pkg/datastore/gormstore/audit_events.go

@@ -0,0 +1,64 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+)
+
+type AuditEvents struct {
+	db *gorm.DB
+}
+
+func (env *AuditEvents) Get(ctx context.Context, id int64) (model.AuditEvent, error) {
+	var mdl model.AuditEvent
+	if err := env.db.First(&mdl, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return mdl, datastore.ErrNotExist
+		}
+		return mdl, err
+	}
+	return mdl, nil
+}
+
+func (env *AuditEvents) Create(ctx context.Context, smap model.AuditEvent) (model.AuditEvent, error) {
+	if err := env.db.Create(&smap).Error; err != nil {
+		return smap, err
+	}
+
+	return smap, nil
+}
+
+func (env *AuditEvents) Update(ctx context.Context, id int64, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.AuditEvent{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *AuditEvents) Delete(ctx context.Context, id int64) error {
+	if err := env.db.Delete(&model.AuditEvent{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *AuditEvents) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.AuditEvent, error) {
+	var events []model.AuditEvent
+	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&events).Error; err != nil {
+		return nil, err
+	}
+
+	return events, nil
+}

pkg/datastore/gormstore/db.go

@@ -31,6 +31,9 @@ func New(ctx *cli.Context) (datastore.Datastore, error) {
 
 	if ctx.Bool("migrate") {
 		if err := db.AutoMigrate(
+			&model.AuditEvent{},
+			&model.Mapfix{},
+			&model.Operation{},
 			&model.Submission{},
 			&model.Script{},
 			&model.ScriptPolicy{},

pkg/datastore/gormstore/gormstore.go

@@ -9,6 +9,18 @@ type Gormstore struct {
 	db *gorm.DB
 }
 
+func (g Gormstore) AuditEvents() datastore.AuditEvents {
+	return &AuditEvents{db: g.db}
+}
+
+func (g Gormstore) Mapfixes() datastore.Mapfixes {
+	return &Mapfixes{db: g.db}
+}
+
+func (g Gormstore) Operations() datastore.Operations {
+	return &Operations{db: g.db}
+}
+
 func (g Gormstore) Submissions() datastore.Submissions {
 	return &Submissions{db: g.db}
 }

pkg/datastore/gormstore/mapfixes.go

@@ -0,0 +1,148 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+	"gorm.io/gorm/clause"
+)
+
+type Mapfixes struct {
+	db *gorm.DB
+}
+
+func (env *Mapfixes) Get(ctx context.Context, id int64) (model.Mapfix, error) {
+	var mapfix model.Mapfix
+	if err := env.db.First(&mapfix, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return mapfix, datastore.ErrNotExist
+		}
+		return mapfix, err
+	}
+	return mapfix, nil
+}
+
+func (env *Mapfixes) GetList(ctx context.Context, id []int64) ([]model.Mapfix, error) {
+	var mapList []model.Mapfix
+	if err := env.db.Find(&mapList, "id IN ?", id).Error; err != nil {
+		return mapList, err
+	}
+
+	return mapList, nil
+}
+
+func (env *Mapfixes) Create(ctx context.Context, smap model.Mapfix) (model.Mapfix, error) {
+	if err := env.db.Create(&smap).Error; err != nil {
+		return smap, err
+	}
+
+	return smap, nil
+}
+
+func (env *Mapfixes) Update(ctx context.Context, id int64, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.Mapfix{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+// the update can only occur if the status matches one of the provided values.
+func (env *Mapfixes) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.MapfixStatus, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.Mapfix{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+// the update can only occur if the status matches one of the provided values.
+// returns the updated value
+func (env *Mapfixes) IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.MapfixStatus, values datastore.OptionalMap) (model.Mapfix, error) {
+	var mapfix model.Mapfix
+	result := env.db.Model(&mapfix).
+		Clauses(clause.Returning{}).
+		Where("id = ?", id).
+		Where("status_id IN ?", statuses).
+		Updates(values.Map())
+	if result.Error != nil {
+		if result.Error == gorm.ErrRecordNotFound {
+			return mapfix, datastore.ErrNotExist
+		}
+		return mapfix, result.Error
+	}
+
+	if result.RowsAffected == 0 {
+		return mapfix, datastore.ErroNoRowsAffected
+	}
+
+	return mapfix, nil
+}
+
+func (env *Mapfixes) Delete(ctx context.Context, id int64) error {
+	if err := env.db.Delete(&model.Mapfix{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *Mapfixes) List(ctx context.Context, filters datastore.OptionalMap, page model.Page, sort datastore.ListSort) ([]model.Mapfix, error) {
+	var maps []model.Mapfix
+
+	db := env.db
+
+	switch sort {
+	case datastore.ListSortDisabled:
+		// No sort
+		break
+	case datastore.ListSortDisplayNameAscending:
+		db=db.Order("display_name ASC")
+		break
+	case datastore.ListSortDisplayNameDescending:
+		db=db.Order("display_name DESC")
+		break
+	case datastore.ListSortDateAscending:
+		db=db.Order("created_at ASC")
+		break
+	case datastore.ListSortDateDescending:
+		db=db.Order("created_at DESC")
+		break
+	default:
+		return nil, datastore.ErrInvalidListSort
+	}
+
+	if err := db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
+		return nil, err
+	}
+
+	return maps, nil
+}
+
+func (env *Mapfixes) ListWithTotal(ctx context.Context, filters datastore.OptionalMap, page model.Page, sort datastore.ListSort) (uint64, []model.Mapfix, error) {
+	// grab page items
+	maps, err := env.List(ctx, filters, page, sort)
+	if err != nil{
+		return 0, nil, err
+	}
+
+	// count total with filters
+	var total int64
+	if err := env.db.Model(&model.Mapfix{}).Where(filters.Map()).Count(&total).Error; err != nil {
+		return 0, nil, err
+	}
+
+	return uint64(total), maps, nil
+}

pkg/datastore/gormstore/operations.go

@@ -0,0 +1,65 @@
+package gormstore
+
+import (
+	"context"
+	"errors"
+	"time"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"gorm.io/gorm"
+)
+
+type Operations struct {
+	db *gorm.DB
+}
+
+func (env *Operations) Get(ctx context.Context, id int32) (model.Operation, error) {
+	var operation model.Operation
+	if err := env.db.First(&operation, id).Error; err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			return operation, datastore.ErrNotExist
+		}
+		return operation, err
+	}
+	return operation, nil
+}
+
+func (env *Operations) Create(ctx context.Context, smap model.Operation) (model.Operation, error) {
+	if err := env.db.Create(&smap).Error; err != nil {
+		return smap, err
+	}
+
+	return smap, nil
+}
+
+func (env *Operations) Update(ctx context.Context, id int32, values datastore.OptionalMap) error {
+	if err := env.db.Model(&model.Operation{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *Operations) Delete(ctx context.Context, id int32) error {
+	if err := env.db.Delete(&model.Operation{}, id).Error; err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return datastore.ErrNotExist
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (env *Operations) CountSince(ctx context.Context, owner int64, since time.Time) (int64, error) {
+	var count int64
+	if err := env.db.Model(&model.Operation{}).Where("owner = ? AND created_at > ?",owner,since).Count(&count).Error; err != nil {
+		return count, err
+	}
+
+	return count, nil
+}

pkg/datastore/gormstore/script_policy.go

@@ -19,16 +19,18 @@ func (env *ScriptPolicy) Get(ctx context.Context, id int64) (model.ScriptPolicy,
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }
 
 func (env *ScriptPolicy) GetFromHash(ctx context.Context, hash uint64) (model.ScriptPolicy, error) {
 	var mdl model.ScriptPolicy
-	if err := env.db.Model(&model.ScriptPolicy{}).Where("hash = ?", hash).Error; err != nil {
+	if err := env.db.Take(&mdl,"from_script_hash = ?", hash).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }

pkg/datastore/gormstore/scripts.go

@@ -19,6 +19,7 @@ func (env *Scripts) Get(ctx context.Context, id int64) (model.Script, error) {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }
@@ -52,7 +53,7 @@ func (env *Scripts) Update(ctx context.Context, id int64, values datastore.Optio
 }
 
 // the update can only occur if the status matches one of the provided values.
-func (env *Scripts) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) error {
+func (env *Scripts) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) error {
 	if err := env.db.Model(&model.Script{}).Where("id = ?", id).Where("status IN ?", statuses).Updates(values.Map()).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist

pkg/datastore/gormstore/submissions.go

@@ -20,6 +20,7 @@ func (env *Submissions) Get(ctx context.Context, id int64) (model.Submission, er
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return submission, datastore.ErrNotExist
 		}
+		return submission, err
 	}
 	return submission, nil
 }
@@ -53,7 +54,7 @@ func (env *Submissions) Update(ctx context.Context, id int64, values datastore.O
 }
 
 // the update can only occur if the status matches one of the provided values.
-func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) error {
+func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) error {
 	if err := env.db.Model(&model.Submission{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map()).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
@@ -66,7 +67,7 @@ func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, status
 
 // the update can only occur if the status matches one of the provided values.
 // returns the updated value
-func (env *Submissions) IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) (model.Submission, error) {
+func (env *Submissions) IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) (model.Submission, error) {
 	var submission model.Submission
 	result := env.db.Model(&submission).
 		Clauses(clause.Returning{}).
@@ -98,11 +99,50 @@ func (env *Submissions) Delete(ctx context.Context, id int64) error {
 	return nil
 }
 
-func (env *Submissions) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.Submission, error) {
+func (env *Submissions) List(ctx context.Context, filters datastore.OptionalMap, page model.Page, sort datastore.ListSort) ([]model.Submission, error) {
 	var maps []model.Submission
-	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
+
+	db := env.db
+
+	switch sort {
+	case datastore.ListSortDisabled:
+		// No sort
+		break
+	case datastore.ListSortDisplayNameAscending:
+		db=db.Order("display_name ASC")
+		break
+	case datastore.ListSortDisplayNameDescending:
+		db=db.Order("display_name DESC")
+		break
+	case datastore.ListSortDateAscending:
+		db=db.Order("created_at ASC")
+		break
+	case datastore.ListSortDateDescending:
+		db=db.Order("created_at DESC")
+		break
+	default:
+		return nil, datastore.ErrInvalidListSort
+	}
+
+	if err := db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
 		return nil, err
 	}
 
 	return maps, nil
 }
+
+func (env *Submissions) ListWithTotal(ctx context.Context, filters datastore.OptionalMap, page model.Page, sort datastore.ListSort) (int64, []model.Submission, error) {
+	// grab page items
+	maps, err := env.List(ctx, filters, page, sort)
+	if err != nil{
+		return 0, nil, err
+	}
+
+	// count total with filters
+	var total int64
+	if err := env.db.Model(&model.Submission{}).Where(filters.Map()).Count(&total).Error; err != nil {
+		return 0, nil, err
+	}
+
+	return total, maps, nil
+}

pkg/internal/oas_operations_gen.go

@@ -6,7 +6,22 @@ package api
 type OperationName = string
 
 const (
-	ActionSubmissionReleasedOperation  OperationName = "ActionSubmissionReleased"
-	ActionSubmissionUploadedOperation  OperationName = "ActionSubmissionUploaded"
-	ActionSubmissionValidatedOperation OperationName = "ActionSubmissionValidated"
+	ActionMapfixAcceptedOperation           OperationName = "ActionMapfixAccepted"
+	ActionMapfixSubmittedOperation          OperationName = "ActionMapfixSubmitted"
+	ActionMapfixUploadedOperation           OperationName = "ActionMapfixUploaded"
+	ActionMapfixValidatedOperation          OperationName = "ActionMapfixValidated"
+	ActionOperationFailedOperation          OperationName = "ActionOperationFailed"
+	ActionSubmissionAcceptedOperation       OperationName = "ActionSubmissionAccepted"
+	ActionSubmissionSubmittedOperation      OperationName = "ActionSubmissionSubmitted"
+	ActionSubmissionUploadedOperation       OperationName = "ActionSubmissionUploaded"
+	ActionSubmissionValidatedOperation      OperationName = "ActionSubmissionValidated"
+	CreateMapfixOperation                   OperationName = "CreateMapfix"
+	CreateScriptOperation                   OperationName = "CreateScript"
+	CreateScriptPolicyOperation             OperationName = "CreateScriptPolicy"
+	CreateSubmissionOperation               OperationName = "CreateSubmission"
+	GetScriptOperation                      OperationName = "GetScript"
+	ListScriptPolicyOperation               OperationName = "ListScriptPolicy"
+	ListScriptsOperation                    OperationName = "ListScripts"
+	UpdateMapfixValidatedModelOperation     OperationName = "UpdateMapfixValidatedModel"
+	UpdateSubmissionValidatedModelOperation OperationName = "UpdateSubmissionValidatedModel"
 )

pkg/internal/oas_request_decoders_gen.go

@@ -1,3 +1,300 @@
 // Code generated by ogen, DO NOT EDIT.
 
 package api
+
+import (
+	"io"
+	"mime"
+	"net/http"
+
+	"github.com/go-faster/errors"
+	"github.com/go-faster/jx"
+	"go.uber.org/multierr"
+
+	"github.com/ogen-go/ogen/ogenerrors"
+	"github.com/ogen-go/ogen/validate"
+)
+
+func (s *Server) decodeCreateMapfixRequest(r *http.Request) (
+	req *MapfixCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request MapfixCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
+func (s *Server) decodeCreateScriptRequest(r *http.Request) (
+	req *ScriptCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request ScriptCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
+func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
+	req *ScriptPolicyCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request ScriptPolicyCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
+func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
+	req *SubmissionCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request SubmissionCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}

pkg/internal/oas_request_encoders_gen.go

@@ -1,3 +1,68 @@
 // Code generated by ogen, DO NOT EDIT.
 
 package api
+
+import (
+	"bytes"
+	"net/http"
+
+	"github.com/go-faster/jx"
+
+	ht "github.com/ogen-go/ogen/http"
+)
+
+func encodeCreateMapfixRequest(
+	req *MapfixCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
+func encodeCreateScriptRequest(
+	req *ScriptCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
+func encodeCreateScriptPolicyRequest(
+	req *ScriptPolicyCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
+func encodeCreateSubmissionRequest(
+	req *SubmissionCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}

pkg/internal/oas_response_encoders_gen.go

@@ -13,7 +13,49 @@ import (
 	ht "github.com/ogen-go/ogen/http"
 )
 
-func encodeActionSubmissionReleasedResponse(response *ActionSubmissionReleasedNoContent, w http.ResponseWriter, span trace.Span) error {
+func encodeActionMapfixAcceptedResponse(response *ActionMapfixAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixSubmittedResponse(response *ActionMapfixSubmittedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixUploadedResponse(response *ActionMapfixUploadedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionMapfixValidatedResponse(response *ActionMapfixValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionOperationFailedResponse(response *ActionOperationFailedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeActionSubmissionSubmittedResponse(response *ActionSubmissionSubmittedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 
@@ -34,6 +76,126 @@ func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidated
 	return nil
 }
 
+func encodeCreateMapfixResponse(response *MapfixID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeCreateScriptResponse(response *ScriptID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeCreateScriptPolicyResponse(response *ScriptPolicyID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeCreateSubmissionResponse(response *SubmissionID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetScriptResponse(response *Script, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeUpdateMapfixValidatedModelResponse(response *UpdateMapfixValidatedModelNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
+func encodeUpdateSubmissionValidatedModelResponse(response *UpdateSubmissionValidatedModelNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeErrorResponse(response *ErrorStatusCode, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	code := response.StatusCode

pkg/internal/oas_schemas_gen.go

@@ -10,8 +10,26 @@ func (s *ErrorStatusCode) Error() string {
 	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
 }
 
-// ActionSubmissionReleasedNoContent is response for ActionSubmissionReleased operation.
-type ActionSubmissionReleasedNoContent struct{}
+// ActionMapfixAcceptedNoContent is response for ActionMapfixAccepted operation.
+type ActionMapfixAcceptedNoContent struct{}
+
+// ActionMapfixSubmittedNoContent is response for ActionMapfixSubmitted operation.
+type ActionMapfixSubmittedNoContent struct{}
+
+// ActionMapfixUploadedNoContent is response for ActionMapfixUploaded operation.
+type ActionMapfixUploadedNoContent struct{}
+
+// ActionMapfixValidatedNoContent is response for ActionMapfixValidated operation.
+type ActionMapfixValidatedNoContent struct{}
+
+// ActionOperationFailedNoContent is response for ActionOperationFailed operation.
+type ActionOperationFailedNoContent struct{}
+
+// ActionSubmissionAcceptedNoContent is response for ActionSubmissionAccepted operation.
+type ActionSubmissionAcceptedNoContent struct{}
+
+// ActionSubmissionSubmittedNoContent is response for ActionSubmissionSubmitted operation.
+type ActionSubmissionSubmittedNoContent struct{}
 
 // ActionSubmissionUploadedNoContent is response for ActionSubmissionUploaded operation.
 type ActionSubmissionUploadedNoContent struct{}
@@ -22,12 +40,12 @@ type ActionSubmissionValidatedNoContent struct{}
 // Represents error object.
 // Ref: #/components/schemas/Error
 type Error struct {
-	Code    int64  `json:"code"`
+	Code    uint64 `json:"code"`
 	Message string `json:"message"`
 }
 
 // GetCode returns the value of Code.
-func (s *Error) GetCode() int64 {
+func (s *Error) GetCode() uint64 {
 	return s.Code
 }
 
@@ -37,7 +55,7 @@ func (s *Error) GetMessage() string {
 }
 
 // SetCode sets the value of Code.
-func (s *Error) SetCode(val int64) {
+func (s *Error) SetCode(val uint64) {
 	s.Code = val
 }
 
@@ -72,38 +90,145 @@ func (s *ErrorStatusCode) SetResponse(val Error) {
 	s.Response = val
 }
 
-// NewOptInt64 returns new OptInt64 with value set to v.
-func NewOptInt64(v int64) OptInt64 {
-	return OptInt64{
+// Ref: #/components/schemas/MapfixCreate
+type MapfixCreate struct {
+	OperationID   uint32 `json:"OperationID"`
+	AssetOwner    uint64 `json:"AssetOwner"`
+	DisplayName   string `json:"DisplayName"`
+	Creator       string `json:"Creator"`
+	GameID        uint32 `json:"GameID"`
+	AssetID       uint64 `json:"AssetID"`
+	AssetVersion  uint64 `json:"AssetVersion"`
+	TargetAssetID uint64 `json:"TargetAssetID"`
+}
+
+// GetOperationID returns the value of OperationID.
+func (s *MapfixCreate) GetOperationID() uint32 {
+	return s.OperationID
+}
+
+// GetAssetOwner returns the value of AssetOwner.
+func (s *MapfixCreate) GetAssetOwner() uint64 {
+	return s.AssetOwner
+}
+
+// GetDisplayName returns the value of DisplayName.
+func (s *MapfixCreate) GetDisplayName() string {
+	return s.DisplayName
+}
+
+// GetCreator returns the value of Creator.
+func (s *MapfixCreate) GetCreator() string {
+	return s.Creator
+}
+
+// GetGameID returns the value of GameID.
+func (s *MapfixCreate) GetGameID() uint32 {
+	return s.GameID
+}
+
+// GetAssetID returns the value of AssetID.
+func (s *MapfixCreate) GetAssetID() uint64 {
+	return s.AssetID
+}
+
+// GetAssetVersion returns the value of AssetVersion.
+func (s *MapfixCreate) GetAssetVersion() uint64 {
+	return s.AssetVersion
+}
+
+// GetTargetAssetID returns the value of TargetAssetID.
+func (s *MapfixCreate) GetTargetAssetID() uint64 {
+	return s.TargetAssetID
+}
+
+// SetOperationID sets the value of OperationID.
+func (s *MapfixCreate) SetOperationID(val uint32) {
+	s.OperationID = val
+}
+
+// SetAssetOwner sets the value of AssetOwner.
+func (s *MapfixCreate) SetAssetOwner(val uint64) {
+	s.AssetOwner = val
+}
+
+// SetDisplayName sets the value of DisplayName.
+func (s *MapfixCreate) SetDisplayName(val string) {
+	s.DisplayName = val
+}
+
+// SetCreator sets the value of Creator.
+func (s *MapfixCreate) SetCreator(val string) {
+	s.Creator = val
+}
+
+// SetGameID sets the value of GameID.
+func (s *MapfixCreate) SetGameID(val uint32) {
+	s.GameID = val
+}
+
+// SetAssetID sets the value of AssetID.
+func (s *MapfixCreate) SetAssetID(val uint64) {
+	s.AssetID = val
+}
+
+// SetAssetVersion sets the value of AssetVersion.
+func (s *MapfixCreate) SetAssetVersion(val uint64) {
+	s.AssetVersion = val
+}
+
+// SetTargetAssetID sets the value of TargetAssetID.
+func (s *MapfixCreate) SetTargetAssetID(val uint64) {
+	s.TargetAssetID = val
+}
+
+// Ref: #/components/schemas/MapfixID
+type MapfixID struct {
+	MapfixID uint64 `json:"MapfixID"`
+}
+
+// GetMapfixID returns the value of MapfixID.
+func (s *MapfixID) GetMapfixID() uint64 {
+	return s.MapfixID
+}
+
+// SetMapfixID sets the value of MapfixID.
+func (s *MapfixID) SetMapfixID(val uint64) {
+	s.MapfixID = val
+}
+
+// NewOptString returns new OptString with value set to v.
+func NewOptString(v string) OptString {
+	return OptString{
 		Value: v,
 		Set:   true,
 	}
 }
 
-// OptInt64 is optional int64.
-type OptInt64 struct {
-	Value int64
+// OptString is optional string.
+type OptString struct {
+	Value string
 	Set   bool
 }
 
-// IsSet returns true if OptInt64 was set.
-func (o OptInt64) IsSet() bool { return o.Set }
+// IsSet returns true if OptString was set.
+func (o OptString) IsSet() bool { return o.Set }
 
 // Reset unsets value.
-func (o *OptInt64) Reset() {
-	var v int64
+func (o *OptString) Reset() {
+	var v string
 	o.Value = v
 	o.Set = false
 }
 
 // SetTo sets value to v.
-func (o *OptInt64) SetTo(v int64) {
+func (o *OptString) SetTo(v string) {
 	o.Set = true
 	o.Value = v
 }
 
 // Get returns value and boolean that denotes whether value was set.
-func (o OptInt64) Get() (v int64, ok bool) {
+func (o OptString) Get() (v string, ok bool) {
 	if !o.Set {
 		return v, false
 	}
@@ -111,9 +236,436 @@ func (o OptInt64) Get() (v int64, ok bool) {
 }
 
 // Or returns value if set, or given parameter if does not.
-func (o OptInt64) Or(d int64) int64 {
+func (o OptString) Or(d string) string {
 	if v, ok := o.Get(); ok {
 		return v
 	}
 	return d
 }
+
+// NewOptUint32 returns new OptUint32 with value set to v.
+func NewOptUint32(v uint32) OptUint32 {
+	return OptUint32{
+		Value: v,
+		Set:   true,
+	}
+}
+
+// OptUint32 is optional uint32.
+type OptUint32 struct {
+	Value uint32
+	Set   bool
+}
+
+// IsSet returns true if OptUint32 was set.
+func (o OptUint32) IsSet() bool { return o.Set }
+
+// Reset unsets value.
+func (o *OptUint32) Reset() {
+	var v uint32
+	o.Value = v
+	o.Set = false
+}
+
+// SetTo sets value to v.
+func (o *OptUint32) SetTo(v uint32) {
+	o.Set = true
+	o.Value = v
+}
+
+// Get returns value and boolean that denotes whether value was set.
+func (o OptUint32) Get() (v uint32, ok bool) {
+	if !o.Set {
+		return v, false
+	}
+	return o.Value, true
+}
+
+// Or returns value if set, or given parameter if does not.
+func (o OptUint32) Or(d uint32) uint32 {
+	if v, ok := o.Get(); ok {
+		return v
+	}
+	return d
+}
+
+// NewOptUint64 returns new OptUint64 with value set to v.
+func NewOptUint64(v uint64) OptUint64 {
+	return OptUint64{
+		Value: v,
+		Set:   true,
+	}
+}
+
+// OptUint64 is optional uint64.
+type OptUint64 struct {
+	Value uint64
+	Set   bool
+}
+
+// IsSet returns true if OptUint64 was set.
+func (o OptUint64) IsSet() bool { return o.Set }
+
+// Reset unsets value.
+func (o *OptUint64) Reset() {
+	var v uint64
+	o.Value = v
+	o.Set = false
+}
+
+// SetTo sets value to v.
+func (o *OptUint64) SetTo(v uint64) {
+	o.Set = true
+	o.Value = v
+}
+
+// Get returns value and boolean that denotes whether value was set.
+func (o OptUint64) Get() (v uint64, ok bool) {
+	if !o.Set {
+		return v, false
+	}
+	return o.Value, true
+}
+
+// Or returns value if set, or given parameter if does not.
+func (o OptUint64) Or(d uint64) uint64 {
+	if v, ok := o.Get(); ok {
+		return v
+	}
+	return d
+}
+
+// Ref: #/components/schemas/Script
+type Script struct {
+	ID           uint64 `json:"ID"`
+	Name         string `json:"Name"`
+	Hash         string `json:"Hash"`
+	Source       string `json:"Source"`
+	ResourceType uint32 `json:"ResourceType"`
+	ResourceID   uint64 `json:"ResourceID"`
+}
+
+// GetID returns the value of ID.
+func (s *Script) GetID() uint64 {
+	return s.ID
+}
+
+// GetName returns the value of Name.
+func (s *Script) GetName() string {
+	return s.Name
+}
+
+// GetHash returns the value of Hash.
+func (s *Script) GetHash() string {
+	return s.Hash
+}
+
+// GetSource returns the value of Source.
+func (s *Script) GetSource() string {
+	return s.Source
+}
+
+// GetResourceType returns the value of ResourceType.
+func (s *Script) GetResourceType() uint32 {
+	return s.ResourceType
+}
+
+// GetResourceID returns the value of ResourceID.
+func (s *Script) GetResourceID() uint64 {
+	return s.ResourceID
+}
+
+// SetID sets the value of ID.
+func (s *Script) SetID(val uint64) {
+	s.ID = val
+}
+
+// SetName sets the value of Name.
+func (s *Script) SetName(val string) {
+	s.Name = val
+}
+
+// SetHash sets the value of Hash.
+func (s *Script) SetHash(val string) {
+	s.Hash = val
+}
+
+// SetSource sets the value of Source.
+func (s *Script) SetSource(val string) {
+	s.Source = val
+}
+
+// SetResourceType sets the value of ResourceType.
+func (s *Script) SetResourceType(val uint32) {
+	s.ResourceType = val
+}
+
+// SetResourceID sets the value of ResourceID.
+func (s *Script) SetResourceID(val uint64) {
+	s.ResourceID = val
+}
+
+// Ref: #/components/schemas/ScriptCreate
+type ScriptCreate struct {
+	Name         string    `json:"Name"`
+	Source       string    `json:"Source"`
+	ResourceType uint32    `json:"ResourceType"`
+	ResourceID   OptUint64 `json:"ResourceID"`
+}
+
+// GetName returns the value of Name.
+func (s *ScriptCreate) GetName() string {
+	return s.Name
+}
+
+// GetSource returns the value of Source.
+func (s *ScriptCreate) GetSource() string {
+	return s.Source
+}
+
+// GetResourceType returns the value of ResourceType.
+func (s *ScriptCreate) GetResourceType() uint32 {
+	return s.ResourceType
+}
+
+// GetResourceID returns the value of ResourceID.
+func (s *ScriptCreate) GetResourceID() OptUint64 {
+	return s.ResourceID
+}
+
+// SetName sets the value of Name.
+func (s *ScriptCreate) SetName(val string) {
+	s.Name = val
+}
+
+// SetSource sets the value of Source.
+func (s *ScriptCreate) SetSource(val string) {
+	s.Source = val
+}
+
+// SetResourceType sets the value of ResourceType.
+func (s *ScriptCreate) SetResourceType(val uint32) {
+	s.ResourceType = val
+}
+
+// SetResourceID sets the value of ResourceID.
+func (s *ScriptCreate) SetResourceID(val OptUint64) {
+	s.ResourceID = val
+}
+
+// Ref: #/components/schemas/ScriptID
+type ScriptID struct {
+	ScriptID uint64 `json:"ScriptID"`
+}
+
+// GetScriptID returns the value of ScriptID.
+func (s *ScriptID) GetScriptID() uint64 {
+	return s.ScriptID
+}
+
+// SetScriptID sets the value of ScriptID.
+func (s *ScriptID) SetScriptID(val uint64) {
+	s.ScriptID = val
+}
+
+// Ref: #/components/schemas/ScriptPolicy
+type ScriptPolicy struct {
+	ID             uint64 `json:"ID"`
+	FromScriptHash string `json:"FromScriptHash"`
+	ToScriptID     uint64 `json:"ToScriptID"`
+	Policy         uint32 `json:"Policy"`
+}
+
+// GetID returns the value of ID.
+func (s *ScriptPolicy) GetID() uint64 {
+	return s.ID
+}
+
+// GetFromScriptHash returns the value of FromScriptHash.
+func (s *ScriptPolicy) GetFromScriptHash() string {
+	return s.FromScriptHash
+}
+
+// GetToScriptID returns the value of ToScriptID.
+func (s *ScriptPolicy) GetToScriptID() uint64 {
+	return s.ToScriptID
+}
+
+// GetPolicy returns the value of Policy.
+func (s *ScriptPolicy) GetPolicy() uint32 {
+	return s.Policy
+}
+
+// SetID sets the value of ID.
+func (s *ScriptPolicy) SetID(val uint64) {
+	s.ID = val
+}
+
+// SetFromScriptHash sets the value of FromScriptHash.
+func (s *ScriptPolicy) SetFromScriptHash(val string) {
+	s.FromScriptHash = val
+}
+
+// SetToScriptID sets the value of ToScriptID.
+func (s *ScriptPolicy) SetToScriptID(val uint64) {
+	s.ToScriptID = val
+}
+
+// SetPolicy sets the value of Policy.
+func (s *ScriptPolicy) SetPolicy(val uint32) {
+	s.Policy = val
+}
+
+// Ref: #/components/schemas/ScriptPolicyCreate
+type ScriptPolicyCreate struct {
+	FromScriptID uint64 `json:"FromScriptID"`
+	ToScriptID   uint64 `json:"ToScriptID"`
+	Policy       uint32 `json:"Policy"`
+}
+
+// GetFromScriptID returns the value of FromScriptID.
+func (s *ScriptPolicyCreate) GetFromScriptID() uint64 {
+	return s.FromScriptID
+}
+
+// GetToScriptID returns the value of ToScriptID.
+func (s *ScriptPolicyCreate) GetToScriptID() uint64 {
+	return s.ToScriptID
+}
+
+// GetPolicy returns the value of Policy.
+func (s *ScriptPolicyCreate) GetPolicy() uint32 {
+	return s.Policy
+}
+
+// SetFromScriptID sets the value of FromScriptID.
+func (s *ScriptPolicyCreate) SetFromScriptID(val uint64) {
+	s.FromScriptID = val
+}
+
+// SetToScriptID sets the value of ToScriptID.
+func (s *ScriptPolicyCreate) SetToScriptID(val uint64) {
+	s.ToScriptID = val
+}
+
+// SetPolicy sets the value of Policy.
+func (s *ScriptPolicyCreate) SetPolicy(val uint32) {
+	s.Policy = val
+}
+
+// Ref: #/components/schemas/ScriptPolicyID
+type ScriptPolicyID struct {
+	ScriptPolicyID uint64 `json:"ScriptPolicyID"`
+}
+
+// GetScriptPolicyID returns the value of ScriptPolicyID.
+func (s *ScriptPolicyID) GetScriptPolicyID() uint64 {
+	return s.ScriptPolicyID
+}
+
+// SetScriptPolicyID sets the value of ScriptPolicyID.
+func (s *ScriptPolicyID) SetScriptPolicyID(val uint64) {
+	s.ScriptPolicyID = val
+}
+
+// Ref: #/components/schemas/SubmissionCreate
+type SubmissionCreate struct {
+	OperationID  uint32 `json:"OperationID"`
+	AssetOwner   uint64 `json:"AssetOwner"`
+	DisplayName  string `json:"DisplayName"`
+	Creator      string `json:"Creator"`
+	GameID       uint32 `json:"GameID"`
+	AssetID      uint64 `json:"AssetID"`
+	AssetVersion uint64 `json:"AssetVersion"`
+}
+
+// GetOperationID returns the value of OperationID.
+func (s *SubmissionCreate) GetOperationID() uint32 {
+	return s.OperationID
+}
+
+// GetAssetOwner returns the value of AssetOwner.
+func (s *SubmissionCreate) GetAssetOwner() uint64 {
+	return s.AssetOwner
+}
+
+// GetDisplayName returns the value of DisplayName.
+func (s *SubmissionCreate) GetDisplayName() string {
+	return s.DisplayName
+}
+
+// GetCreator returns the value of Creator.
+func (s *SubmissionCreate) GetCreator() string {
+	return s.Creator
+}
+
+// GetGameID returns the value of GameID.
+func (s *SubmissionCreate) GetGameID() uint32 {
+	return s.GameID
+}
+
+// GetAssetID returns the value of AssetID.
+func (s *SubmissionCreate) GetAssetID() uint64 {
+	return s.AssetID
+}
+
+// GetAssetVersion returns the value of AssetVersion.
+func (s *SubmissionCreate) GetAssetVersion() uint64 {
+	return s.AssetVersion
+}
+
+// SetOperationID sets the value of OperationID.
+func (s *SubmissionCreate) SetOperationID(val uint32) {
+	s.OperationID = val
+}
+
+// SetAssetOwner sets the value of AssetOwner.
+func (s *SubmissionCreate) SetAssetOwner(val uint64) {
+	s.AssetOwner = val
+}
+
+// SetDisplayName sets the value of DisplayName.
+func (s *SubmissionCreate) SetDisplayName(val string) {
+	s.DisplayName = val
+}
+
+// SetCreator sets the value of Creator.
+func (s *SubmissionCreate) SetCreator(val string) {
+	s.Creator = val
+}
+
+// SetGameID sets the value of GameID.
+func (s *SubmissionCreate) SetGameID(val uint32) {
+	s.GameID = val
+}
+
+// SetAssetID sets the value of AssetID.
+func (s *SubmissionCreate) SetAssetID(val uint64) {
+	s.AssetID = val
+}
+
+// SetAssetVersion sets the value of AssetVersion.
+func (s *SubmissionCreate) SetAssetVersion(val uint64) {
+	s.AssetVersion = val
+}
+
+// Ref: #/components/schemas/SubmissionID
+type SubmissionID struct {
+	SubmissionID uint64 `json:"SubmissionID"`
+}
+
+// GetSubmissionID returns the value of SubmissionID.
+func (s *SubmissionID) GetSubmissionID() uint64 {
+	return s.SubmissionID
+}
+
+// SetSubmissionID sets the value of SubmissionID.
+func (s *SubmissionID) SetSubmissionID(val uint64) {
+	s.SubmissionID = val
+}
+
+// UpdateMapfixValidatedModelNoContent is response for UpdateMapfixValidatedModel operation.
+type UpdateMapfixValidatedModelNoContent struct{}
+
+// UpdateSubmissionValidatedModelNoContent is response for UpdateSubmissionValidatedModel operation.
+type UpdateSubmissionValidatedModelNoContent struct{}

pkg/internal/oas_server_gen.go

@@ -8,12 +8,48 @@ import (
 
 // Handler handles operations described by OpenAPI v3 specification.
 type Handler interface {
-	// ActionSubmissionReleased implements actionSubmissionReleased operation.
+	// ActionMapfixAccepted implements actionMapfixAccepted operation.
 	//
-	// (Internal endpoint) Role Releaser changes status from releasing -> released.
+	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 	//
-	// POST /submissions/{SubmissionID}/status/releaser-released
-	ActionSubmissionReleased(ctx context.Context, params ActionSubmissionReleasedParams) error
+	// POST /mapfixes/{MapfixID}/status/validator-failed
+	ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error
+	// ActionMapfixSubmitted implements actionMapfixSubmitted operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
+	//
+	// POST /mapfixes/{MapfixID}/status/validator-submitted
+	ActionMapfixSubmitted(ctx context.Context, params ActionMapfixSubmittedParams) error
+	// ActionMapfixUploaded implements actionMapfixUploaded operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
+	//
+	// POST /mapfixes/{MapfixID}/status/validator-uploaded
+	ActionMapfixUploaded(ctx context.Context, params ActionMapfixUploadedParams) error
+	// ActionMapfixValidated implements actionMapfixValidated operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Validating -> Validated.
+	//
+	// POST /mapfixes/{MapfixID}/status/validator-validated
+	ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error
+	// ActionOperationFailed implements actionOperationFailed operation.
+	//
+	// (Internal endpoint) Fail an operation and write a StatusMessage.
+	//
+	// POST /operations/{OperationID}/status/operation-failed
+	ActionOperationFailed(ctx context.Context, params ActionOperationFailedParams) error
+	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+	//
+	// POST /submissions/{SubmissionID}/status/validator-failed
+	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
+	// ActionSubmissionSubmitted implements actionSubmissionSubmitted operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
+	//
+	// POST /submissions/{SubmissionID}/status/validator-submitted
+	ActionSubmissionSubmitted(ctx context.Context, params ActionSubmissionSubmittedParams) error
 	// ActionSubmissionUploaded implements actionSubmissionUploaded operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
@@ -26,6 +62,60 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/validator-validated
 	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
+	// CreateMapfix implements createMapfix operation.
+	//
+	// Create a mapfix.
+	//
+	// POST /mapfixes
+	CreateMapfix(ctx context.Context, req *MapfixCreate) (*MapfixID, error)
+	// CreateScript implements createScript operation.
+	//
+	// Create a new script.
+	//
+	// POST /scripts
+	CreateScript(ctx context.Context, req *ScriptCreate) (*ScriptID, error)
+	// CreateScriptPolicy implements createScriptPolicy operation.
+	//
+	// Create a new script policy.
+	//
+	// POST /script-policy
+	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ScriptPolicyID, error)
+	// CreateSubmission implements createSubmission operation.
+	//
+	// Create a new submission.
+	//
+	// POST /submissions
+	CreateSubmission(ctx context.Context, req *SubmissionCreate) (*SubmissionID, error)
+	// GetScript implements getScript operation.
+	//
+	// Get the specified script by ID.
+	//
+	// GET /scripts/{ScriptID}
+	GetScript(ctx context.Context, params GetScriptParams) (*Script, error)
+	// ListScriptPolicy implements listScriptPolicy operation.
+	//
+	// Get list of script policies.
+	//
+	// GET /script-policy
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts implements listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
+	// UpdateMapfixValidatedModel implements updateMapfixValidatedModel operation.
+	//
+	// Update validated model.
+	//
+	// POST /mapfixes/{MapfixID}/validated-model
+	UpdateMapfixValidatedModel(ctx context.Context, params UpdateMapfixValidatedModelParams) error
+	// UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
+	//
+	// Update validated model.
+	//
+	// POST /submissions/{SubmissionID}/validated-model
+	UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error
 	// NewError creates *ErrorStatusCode from error returned by handler.
 	//
 	// Used for common default response.

pkg/internal/oas_unimplemented_gen.go

@@ -13,12 +13,66 @@ type UnimplementedHandler struct{}
 
 var _ Handler = UnimplementedHandler{}
 
-// ActionSubmissionReleased implements actionSubmissionReleased operation.
+// ActionMapfixAccepted implements actionMapfixAccepted operation.
 //
-// (Internal endpoint) Role Releaser changes status from releasing -> released.
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
-// POST /submissions/{SubmissionID}/status/releaser-released
-func (UnimplementedHandler) ActionSubmissionReleased(ctx context.Context, params ActionSubmissionReleasedParams) error {
+// POST /mapfixes/{MapfixID}/status/validator-failed
+func (UnimplementedHandler) ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixSubmitted implements actionMapfixSubmitted operation.
+//
+// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
+//
+// POST /mapfixes/{MapfixID}/status/validator-submitted
+func (UnimplementedHandler) ActionMapfixSubmitted(ctx context.Context, params ActionMapfixSubmittedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixUploaded implements actionMapfixUploaded operation.
+//
+// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
+//
+// POST /mapfixes/{MapfixID}/status/validator-uploaded
+func (UnimplementedHandler) ActionMapfixUploaded(ctx context.Context, params ActionMapfixUploadedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionMapfixValidated implements actionMapfixValidated operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Validated.
+//
+// POST /mapfixes/{MapfixID}/status/validator-validated
+func (UnimplementedHandler) ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionOperationFailed implements actionOperationFailed operation.
+//
+// (Internal endpoint) Fail an operation and write a StatusMessage.
+//
+// POST /operations/{OperationID}/status/operation-failed
+func (UnimplementedHandler) ActionOperationFailed(ctx context.Context, params ActionOperationFailedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+//
+// POST /submissions/{SubmissionID}/status/validator-failed
+func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
+	return ht.ErrNotImplemented
+}
+
+// ActionSubmissionSubmitted implements actionSubmissionSubmitted operation.
+//
+// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
+//
+// POST /submissions/{SubmissionID}/status/validator-submitted
+func (UnimplementedHandler) ActionSubmissionSubmitted(ctx context.Context, params ActionSubmissionSubmittedParams) error {
 	return ht.ErrNotImplemented
 }
 
@@ -40,6 +94,87 @@ func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, param
 	return ht.ErrNotImplemented
 }
 
+// CreateMapfix implements createMapfix operation.
+//
+// Create a mapfix.
+//
+// POST /mapfixes
+func (UnimplementedHandler) CreateMapfix(ctx context.Context, req *MapfixCreate) (r *MapfixID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// CreateScript implements createScript operation.
+//
+// Create a new script.
+//
+// POST /scripts
+func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ScriptID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// CreateScriptPolicy implements createScriptPolicy operation.
+//
+// Create a new script policy.
+//
+// POST /script-policy
+func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ScriptPolicyID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// CreateSubmission implements createSubmission operation.
+//
+// Create a new submission.
+//
+// POST /submissions
+func (UnimplementedHandler) CreateSubmission(ctx context.Context, req *SubmissionCreate) (r *SubmissionID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetScript implements getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /scripts/{ScriptID}
+func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParams) (r *Script, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScriptPolicy implements listScriptPolicy operation.
+//
+// Get list of script policies.
+//
+// GET /script-policy
+func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// UpdateMapfixValidatedModel implements updateMapfixValidatedModel operation.
+//
+// Update validated model.
+//
+// POST /mapfixes/{MapfixID}/validated-model
+func (UnimplementedHandler) UpdateMapfixValidatedModel(ctx context.Context, params UpdateMapfixValidatedModelParams) error {
+	return ht.ErrNotImplemented
+}
+
+// UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
+//
+// Update validated model.
+//
+// POST /submissions/{SubmissionID}/validated-model
+func (UnimplementedHandler) UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error {
+	return ht.ErrNotImplemented
+}
+
 // NewError creates *ErrorStatusCode from error returned by handler.
 //
 // Used for common default response.

pkg/internal/oas_validators_gen.go

@@ -0,0 +1,901 @@
+// Code generated by ogen, DO NOT EDIT.
+
+package api
+
+import (
+	"github.com/go-faster/errors"
+
+	"github.com/ogen-go/ogen/validate"
+)
+
+func (s *Error) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.Code)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "code",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ErrorStatusCode) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := s.Response.Validate(); err != nil {
+			return err
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Response",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *MapfixCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.OperationID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "OperationID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetOwner)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetOwner",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.DisplayName)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "DisplayName",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Creator)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Creator",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.GameID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "GameID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetVersion)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetVersion",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.TargetAssetID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "TargetAssetID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *MapfixID) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.MapfixID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "MapfixID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *Script) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    16,
+			MinLengthSet: true,
+			MaxLength:    16,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Hash)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Hash",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    1048576,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Source)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Source",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ResourceType)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ResourceType",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ResourceID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ResourceID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    1048576,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Source)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Source",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ResourceType)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ResourceType",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if value, ok := s.ResourceID.Get(); ok {
+			if err := func() error {
+				if err := (validate.Int{
+					MinSet:        true,
+					Min:           0,
+					MaxSet:        false,
+					Max:           0,
+					MinExclusive:  false,
+					MaxExclusive:  false,
+					MultipleOfSet: false,
+					MultipleOf:    0,
+				}).Validate(int64(value)); err != nil {
+					return errors.Wrap(err, "int")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ResourceID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptID) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ScriptID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ScriptID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptPolicy) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    16,
+			MinLengthSet: true,
+			MaxLength:    16,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.FromScriptHash)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "FromScriptHash",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ToScriptID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ToScriptID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.Policy)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Policy",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptPolicyCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.FromScriptID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "FromScriptID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ToScriptID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ToScriptID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.Policy)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Policy",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptPolicyID) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.ScriptPolicyID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "ScriptPolicyID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *SubmissionCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.OperationID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "OperationID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetOwner)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetOwner",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.DisplayName)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "DisplayName",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Creator)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Creator",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.GameID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "GameID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetID",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.AssetVersion)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "AssetVersion",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *SubmissionID) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           0,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.SubmissionID)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "SubmissionID",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}

pkg/model/audit_event.go

@@ -0,0 +1,53 @@
+package model
+
+import (
+	"encoding/json"
+	"time"
+)
+
+type AuditEventType uint32
+
+// User clicked "Submit", "Accept" etc
+const AuditEventTypeAction    AuditEventType = 0
+type AuditEventDataAction struct {
+	TargetStatus uint32 `json:"target_status"`
+}
+
+// User wrote a comment
+const AuditEventTypeComment   AuditEventType = 1
+type AuditEventDataComment struct {
+	Comment string `json:"comment"`
+}
+
+// User changed Model
+const AuditEventTypeChangeModel AuditEventType = 2
+type AuditEventDataChangeModel struct {
+	OldModelID      uint64 `json:"old_model_id"`
+	OldModelVersion uint64 `json:"old_model_version"`
+	NewModelID      uint64 `json:"new_model_id"`
+	NewModelVersion uint64 `json:"new_model_version"`
+}
+// Validator validates model
+const AuditEventTypeChangeValidatedModel AuditEventType = 3
+type AuditEventDataChangeValidatedModel struct {
+	ValidatedModelID      uint64 `json:"validated_model_id"`
+	ValidatedModelVersion uint64 `json:"validated_model_version"`
+}
+
+// User changed DisplayName / Creator
+const AuditEventTypeChangeDisplayName AuditEventType = 4
+const AuditEventTypeChangeCreator AuditEventType = 5
+type AuditEventDataChangeName struct {
+	OldName string `json:"old_name"`
+	NewName string `json:"new_name"`
+}
+
+type AuditEvent struct {
+	ID           uint64 `gorm:"primaryKey"`
+	CreatedAt    time.Time
+	User         uint64
+	ResourceType ResourceType // is this a submission or is it a mapfix
+	ResourceID   uint64 // submission / mapfix / map ID
+	EventType    AuditEventType
+	EventData    json.RawMessage `gorm:"type:jsonb"`
+}

pkg/model/mapfix.go

@@ -0,0 +1,43 @@
+package model
+
+import "time"
+
+type MapfixStatus uint32
+
+const (
+	// Phase: Creation
+	MapfixStatusUnderConstruction   MapfixStatus = 0
+	MapfixStatusChangesRequested    MapfixStatus = 1
+
+	// Phase: Review
+	MapfixStatusSubmitting          MapfixStatus = 2
+	MapfixStatusSubmitted           MapfixStatus = 3
+
+	// Phase: Testing
+	MapfixStatusAcceptedUnvalidated MapfixStatus = 4 // pending script review, can re-trigger validation
+	MapfixStatusValidating          MapfixStatus = 5
+	MapfixStatusValidated           MapfixStatus = 6
+	MapfixStatusUploading           MapfixStatus = 7
+
+	// Phase: Final MapfixStatus
+	MapfixStatusUploaded            MapfixStatus = 8 // uploaded to the group, but pending release
+	MapfixStatusRejected            MapfixStatus = 9
+)
+
+type Mapfix struct {
+	ID            uint64 `gorm:"primaryKey"`
+	DisplayName   string
+	Creator       string
+	GameID        uint32
+	CreatedAt     time.Time
+	UpdatedAt     time.Time
+	Submitter     uint64 // UserID
+	AssetID       uint64
+	AssetVersion  uint64
+	ValidatedAssetID       uint64
+	ValidatedAssetVersion  uint64
+	Completed     bool   // Has this version of the map been completed at least once on maptest
+	TargetAssetID uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
+	StatusID      MapfixStatus
+	StatusMessage string
+}

pkg/model/nats.go

@@ -5,24 +5,43 @@ package model
 
 // Requests are sent from maps-service to validator
 
-type ValidateRequest struct {
+type CreateSubmissionRequest struct {
+	// operation_id is passed back in the response message
+	OperationID   uint32
+	ModelID       uint64
+}
+
+type CreateMapfixRequest struct {
+	OperationID   uint32
+	ModelID       uint64
+	TargetAssetID uint64
+}
+
+type ValidateSubmissionRequest struct {
 	// submission_id is passed back in the response message
-	SubmissionID     int64
-	ModelID          uint64
-	ModelVersion     uint64
-	ValidatedModelID uint64 // optional value
+	SubmissionID      uint64
+	ModelID           uint64
+	ModelVersion      uint64
+	ValidatedModelID *uint64 // optional value
+}
+
+type ValidateMapfixRequest struct {
+	MapfixID          uint64
+	ModelID           uint64
+	ModelVersion      uint64
+	ValidatedModelID *uint64 // optional value
 }
 
 // Create a new map
-type PublishNewRequest struct {
-	SubmissionID int64
+type UploadSubmissionRequest struct {
+	SubmissionID uint64
 	ModelID      uint64
 	ModelVersion uint64
 	ModelName    string
 }
 
-type PublishFixRequest struct {
-	SubmissionID  int64
+type UploadMapfixRequest struct {
+	MapfixID      uint64
 	ModelID       uint64
 	ModelVersion  uint64
 	TargetAssetID uint64

pkg/model/operation.go

@@ -0,0 +1,19 @@
+package model
+
+import "time"
+
+type OperationStatus uint32
+const (
+	OperationStatusCreated   OperationStatus = 0
+	OperationStatusCompleted OperationStatus = 1
+	OperationStatusFailed    OperationStatus = 2
+)
+
+type Operation struct {
+	ID            uint32 `gorm:"primaryKey"`
+	CreatedAt     time.Time
+	Owner         uint64 // UserID
+	StatusID      OperationStatus
+	StatusMessage string
+	Path          string // redirect to view completed operation e.g. "/mapfixes/4"
+}

pkg/model/page.go

@@ -1,6 +1,6 @@
 package model
 
 type Page struct {
-	Number int32
-	Size   int32
+	Number uint32
+	Size   uint32
 }

pkg/model/policy.go

@@ -2,7 +2,7 @@ package model
 
 import "time"
 
-type Policy int32
+type Policy uint32
 
 const (
 	ScriptPolicyNone    Policy = 0 // not yet reviewed
@@ -13,15 +13,15 @@ const (
 )
 
 type ScriptPolicy struct {
-	ID int64 `gorm:"primaryKey"`
+	ID uint64 `gorm:"primaryKey"`
 	// Hash of the source code that leads to this policy.
 	// If this is a replacement mapping, the original source may not be pointed to by any policy.
 	// The original source should still exist in the scripts table, which can be located by the same hash.
-	FromScriptHash uint64
+	FromScriptHash int64 // postgres does not support unsigned integers, so we have to pretend
 	// The ID of the replacement source (ScriptPolicyReplace)
 	// or verbatim source (ScriptPolicyAllowed)
 	// or 0 (other)
-	ToScriptID int64
+	ToScriptID uint64
 	Policy     Policy
 	CreatedAt  time.Time
 	UpdatedAt  time.Time

pkg/model/script.go

@@ -1,12 +1,47 @@
 package model
 
-import "time"
+import (
+	"fmt"
+	"strconv"
+	"time"
+
+	"github.com/dchest/siphash"
+)
+
+// compute the hash of a source code string
+func HashSource(source string) uint64{
+	return siphash.Hash(0, 0, []byte(source))
+}
+
+// format a hash value as a hexidecimal string
+func HashFormat(hash uint64) string{
+	return fmt.Sprintf("%016x", hash)
+}
+
+// parse a hexidecimal hash string
+func HashParse(hash string) (uint64, error){
+	return strconv.ParseUint(hash, 16, 64)
+}
+
+type ResourceType uint32
+const (
+	ResourceUnknown    ResourceType = 0
+	ResourceMapfix     ResourceType = 1
+	ResourceSubmission ResourceType = 2
+)
 
 type Script struct {
-	ID           int64 `gorm:"primaryKey"`
-	Hash         uint64
+	ID           uint64 `gorm:"primaryKey"`
+	Name         string
+	hash         uint64
 	Source       string
-	SubmissionID int64 // which submission did this script first appear in
+	ResourceType ResourceType // is this a submission or is it a mapfix
+	ResourceID   uint64 // which submission / mapfix did this script first appear in
 	CreatedAt    time.Time
 	UpdatedAt    time.Time
 }
+
+// postgres does not support unsigned integers, so we have to pretend
+func (script *Script) GetPostgresInt64() (int64) {
+	return int64(script.hash)
+}

pkg/model/submission.go

@@ -2,37 +2,43 @@ package model
 
 import "time"
 
-type Status int32
+type SubmissionStatus uint32
 
 const (
-	// Phase: Final Status
-	StatusReleased  Status = 9
-	StatusRejected  Status = 8
+	// Phase: Creation
+	SubmissionStatusUnderConstruction   SubmissionStatus = 0
+	SubmissionStatusChangesRequested    SubmissionStatus = 1
+
+	// Phase: Review
+	SubmissionStatusSubmitting          SubmissionStatus = 2
+	SubmissionStatusSubmitted           SubmissionStatus = 3
 
 	// Phase: Testing
-	StatusUploaded   Status = 7 // uploaded to the group, but pending release
-	StatusUploading  Status = 6
-	StatusValidated  Status = 5
-	StatusValidating Status = 4
-	StatusAccepted   Status = 3
+	SubmissionStatusAcceptedUnvalidated SubmissionStatus = 4 // pending script review, can re-trigger validation
+	SubmissionStatusValidating          SubmissionStatus = 5
+	SubmissionStatusValidated           SubmissionStatus = 6
+	SubmissionStatusUploading           SubmissionStatus = 7
+	SubmissionStatusUploaded            SubmissionStatus = 8 // uploaded to the group, but pending release
 
-	// Phase: Creation
-	StatusChangesRequested  Status = 2
-	StatusSubmitted         Status = 1
-	StatusUnderConstruction Status = 0
+	// Phase: Final SubmissionStatus
+	SubmissionStatusRejected            SubmissionStatus = 9
+	SubmissionStatusReleased            SubmissionStatus = 10
 )
 
 type Submission struct {
-	ID            int64 `gorm:"primaryKey"`
+	ID            uint64 `gorm:"primaryKey"`
 	DisplayName   string
 	Creator       string
-	GameID        int32
+	GameID        uint32
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
 	Submitter     uint64 // UserID
 	AssetID       uint64
 	AssetVersion  uint64
+	ValidatedAssetID       uint64
+	ValidatedAssetVersion  uint64
 	Completed     bool   // Has this version of the map been completed at least once on maptest
-	TargetAssetID uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
-	StatusID      Status
+	UploadedAssetID        uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
+	StatusID      SubmissionStatus
+	StatusMessage string
 }

pkg/service/audit_events.go

@@ -0,0 +1,200 @@
+package service
+
+import (
+	"context"
+	"encoding/json"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// CreateMapfixAuditComment implements createMapfixAuditComment operation.
+//
+// Post a comment to the audit log
+//
+// POST /mapfixes/{MapfixID}/comment
+func (svc *Service) CreateMapfixAuditComment(ctx context.Context, req api.CreateMapfixAuditCommentReq, params api.CreateMapfixAuditCommentParams) (error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	data := []byte{}
+	_, err = req.Read(data)
+	if err != nil {
+		return err
+	}
+	Comment := string(data)
+
+	event_data := model.AuditEventDataComment{
+		Comment: Comment,
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeComment,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ListMapfixAuditEvents invokes listMapfixAuditEvents operation.
+//
+// Retrieve a list of audit events.
+//
+// GET /mapfixes/{MapfixID}/audit-events
+func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMapfixAuditEventsParams) ([]api.AuditEvent, error) {
+	filter := datastore.Optional()
+
+	filter.AddPostgresInt32("resource_type", uint32(model.ResourceMapfix))
+	filter.AddPostgresInt64("resource_id", params.MapfixID)
+
+	items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.AuditEvent
+	for _, item := range items {
+		EventData := api.AuditEventEventData{}
+		err = EventData.UnmarshalJSON(item.EventData)
+		if err != nil {
+			return nil, err
+		}
+		resp = append(resp, api.AuditEvent{
+			ID:           item.ID,
+			Date:         item.CreatedAt.Unix(),
+			User:         item.User,
+			ResourceType: uint32(item.ResourceType),
+			ResourceID:   item.ResourceID,
+			EventType:    uint32(item.EventType),
+			EventData:    EventData,
+		})
+	}
+
+	return resp, nil
+}
+
+// CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
+//
+// Post a comment to the audit log
+//
+// POST /submissions/{SubmissionID}/comment
+func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.CreateSubmissionAuditCommentReq, params api.CreateSubmissionAuditCommentParams) (error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleSubmissionReview()
+	if err != nil {
+		return err
+	}
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleSubmissionReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	data := []byte{}
+	_, err = req.Read(data)
+	if err != nil {
+		return err
+	}
+	Comment := string(data)
+
+	event_data := model.AuditEventDataComment{
+		Comment: Comment,
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeComment,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ListSubmissionAuditEvents invokes listSubmissionAuditEvents operation.
+//
+// Retrieve a list of audit events.
+//
+// GET /submissions/{SubmissionID}/audit-events
+func (svc *Service) ListSubmissionAuditEvents(ctx context.Context, params api.ListSubmissionAuditEventsParams) ([]api.AuditEvent, error) {
+	filter := datastore.Optional()
+
+	filter.AddPostgresInt32("resource_type", uint32(model.ResourceSubmission))
+	filter.AddPostgresInt64("resource_id", params.SubmissionID)
+
+	items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.AuditEvent
+	for _, item := range items {
+		EventData := api.AuditEventEventData{}
+		err = EventData.UnmarshalJSON(item.EventData)
+		if err != nil {
+			return nil, err
+		}
+		resp = append(resp, api.AuditEvent{
+			ID:           item.ID,
+			Date:         item.CreatedAt.Unix(),
+			User:         item.User,
+			ResourceType: uint32(item.ResourceType),
+			ResourceID:   item.ResourceID,
+			EventType:    uint32(item.EventType),
+			EventData:    EventData,
+		})
+	}
+
+	return resp, nil
+}

pkg/service/mapfixes.go

@@ -0,0 +1,991 @@
+package service
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"time"
+
+	"git.itzana.me/strafesnet/go-grpc/maps"
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+var(
+	CreationPhaseMapfixesLimit = 20
+	CreationPhaseMapfixStatuses = []model.MapfixStatus{
+		model.MapfixStatusChangesRequested,
+		model.MapfixStatusSubmitted,
+		model.MapfixStatusUnderConstruction,
+	}
+	// limit mapfixes in the pipeline to one per target map
+	ActiveAcceptedMapfixStatuses = []model.MapfixStatus{
+		model.MapfixStatusUploading,
+		model.MapfixStatusValidated,
+		model.MapfixStatusValidating,
+		model.MapfixStatusAcceptedUnvalidated,
+	}
+	// Allow 5 mapfixes every 10 minutes
+	CreateMapfixRateLimit int64 = 5
+	CreateMapfixRecencyWindow = time.Second*600
+)
+
+var (
+	ErrCreationPhaseMapfixesLimit = errors.New("Active mapfixes limited to 20")
+	ErrActiveMapfixSameTargetAssetID = errors.New("There is an active mapfix with the same TargetAssetID")
+	ErrAcceptOwnMapfix = fmt.Errorf("%w: You cannot accept your own mapfix as the submitter", ErrPermissionDenied)
+	ErrCreateMapfixRateLimit = errors.New("You must not create more than 5 mapfixes every 10 minutes")
+)
+
+// POST /mapfixes
+func (svc *Service) CreateMapfix(ctx context.Context, request *api.MapfixTriggerCreate) (*api.OperationID, error) {
+	// sanitization
+	if request.AssetID<0 || request.TargetAssetID<0{
+		return nil, ErrNegativeID
+	}
+	var ModelID=uint64(request.AssetID);
+	var TargetAssetID=uint64(request.TargetAssetID);
+
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return nil, err
+	}
+
+	// Check if user's mapfixes in the creation phase exceeds the limit
+	{
+		filter := datastore.Optional()
+		filter.Add("submitter", int64(userId))
+		filter.Add("status_id", CreationPhaseMapfixStatuses)
+		creation_mapfixes, err := svc.DB.Mapfixes().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   uint32(CreationPhaseMapfixesLimit),
+		},datastore.ListSortDisabled)
+		if err != nil {
+			return nil, err
+		}
+
+		if CreationPhaseMapfixesLimit <= len(creation_mapfixes) {
+			return nil, ErrCreationPhaseMapfixesLimit
+		}
+	}
+
+	// Check if TargetAssetID actually exists
+	{
+		_, err := svc.Client.Get(ctx, &maps.IdMessage{
+			ID: request.TargetAssetID,
+		})
+		if err != nil {
+			// TODO: match specific does not exist grpc error
+			return nil, err
+		}
+	}
+
+	// Check if too many operations have been created recently
+	{
+		count, err := svc.DB.Operations().CountSince(ctx,
+			int64(userId),
+			time.Now().Add(-CreateMapfixRecencyWindow),
+		)
+		if err != nil {
+			return nil, err
+		}
+
+		if CreateMapfixRateLimit < count {
+			return nil, ErrCreateMapfixRateLimit
+		}
+	}
+
+	operation, err := svc.DB.Operations().Create(ctx, model.Operation{
+		Owner:         userId,
+		StatusID:      model.OperationStatusCreated,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	create_request := model.CreateMapfixRequest{
+		OperationID:   operation.ID,
+		ModelID:       ModelID,
+		TargetAssetID: TargetAssetID,
+	}
+
+	j, err := json.Marshal(create_request)
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = svc.Nats.Publish("maptest.mapfixes.create", []byte(j))
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.OperationID{
+		OperationID: operation.ID,
+	}, nil
+}
+
+// GetMapfix implements getMapfix operation.
+//
+// Retrieve map with ID.
+//
+// GET /mapfixes/{MapfixID}
+func (svc *Service) GetMapfix(ctx context.Context, params api.GetMapfixParams) (*api.Mapfix, error) {
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, int64(params.MapfixID))
+	if err != nil {
+		return nil, err
+	}
+	return &api.Mapfix{
+		ID:            mapfix.ID,
+		DisplayName:   mapfix.DisplayName,
+		Creator:       mapfix.Creator,
+		GameID:        uint32(mapfix.GameID),
+		CreatedAt:     mapfix.CreatedAt.Unix(),
+		UpdatedAt:     mapfix.UpdatedAt.Unix(),
+		Submitter:     mapfix.Submitter,
+		AssetID:       mapfix.AssetID,
+		AssetVersion:  mapfix.AssetVersion,
+		Completed:     mapfix.Completed,
+		TargetAssetID: mapfix.TargetAssetID,
+		StatusID:      uint32(mapfix.StatusID),
+		StatusMessage: mapfix.StatusMessage,
+	}, nil
+}
+
+// ListMapfixes implements listMapfixes operation.
+//
+// Get list of mapfixes.
+//
+// GET /mapfixes
+func (svc *Service) ListMapfixes(ctx context.Context, params api.ListMapfixesParams) (*api.Mapfixes, error) {
+	filter := datastore.Optional()
+
+	if params.DisplayName.IsSet(){
+		filter.Add2("display_name", params.DisplayName.Value)
+	}
+	if params.Creator.IsSet(){
+		filter.Add2("creator", params.Creator.Value)
+	}
+	if params.GameID.IsSet(){
+		filter.AddPostgresInt32("game_id", params.GameID.Value)
+	}
+	if params.Submitter.IsSet(){
+		filter.AddPostgresInt64("submitter", params.Submitter.Value)
+	}
+	if params.AssetID.IsSet(){
+		filter.AddPostgresInt64("asset_id", params.AssetID.Value)
+	}
+	if params.TargetAssetID.IsSet(){
+		filter.AddPostgresInt64("target_asset_id", params.TargetAssetID.Value)
+	}
+	if params.StatusID.IsSet(){
+		filter.AddPostgresInt32("status_id", params.StatusID.Value)
+	}
+
+	sort := datastore.ListSort(params.Sort.Or(uint32(datastore.ListSortDisabled)))
+
+	total, items, err := svc.DB.Mapfixes().ListWithTotal(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	},sort)
+	if err != nil {
+		return nil, err
+	}
+
+	var resp api.Mapfixes
+	resp.Total=total
+	for _, item := range items {
+		resp.Mapfixes = append(resp.Mapfixes, api.Mapfix{
+			ID:            item.ID,
+			DisplayName:   item.DisplayName,
+			Creator:       item.Creator,
+			GameID:        item.GameID,
+			CreatedAt:     item.CreatedAt.Unix(),
+			UpdatedAt:     item.UpdatedAt.Unix(),
+			Submitter:     item.Submitter,
+			AssetID:       item.AssetID,
+			AssetVersion:  item.AssetVersion,
+			Completed:     item.Completed,
+			TargetAssetID: item.TargetAssetID,
+			StatusID:      uint32(item.StatusID),
+		})
+	}
+
+	return &resp, nil
+}
+
+// PatchMapfixCompleted implements patchMapfixCompleted operation.
+//
+// Retrieve map with ID.
+//
+// POST /mapfixes/{MapfixID}/completed
+func (svc *Service) SetMapfixCompleted(ctx context.Context, params api.SetMapfixCompletedParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMaptest()
+	if err != nil {
+		return err
+	}
+	// check if caller has MaptestGame role (request must originate from a maptest roblox game)
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMaptest
+	}
+
+	pmap := datastore.Optional()
+	pmap.Add("completed", true)
+	return svc.DB.Mapfixes().Update(ctx, params.MapfixID, pmap)
+}
+
+// UpdateMapfixModel implements patchMapfixModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /mapfixes/{MapfixID}/model
+func (svc *Service) UpdateMapfixModel(ctx context.Context, params api.UpdateMapfixModelParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	// read mapfix (this could be done with a transaction WHERE clause)
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check if caller is the submitter
+	has_role := userId == mapfix.Submitter
+	if !has_role {
+		return ErrPermissionDeniedNotSubmitter
+	}
+
+	OldModelID := mapfix.AssetID
+	OldModelVersion := mapfix.AssetVersion
+	NewModelID := uint64(params.ModelID)
+	NewModelVersion := uint64(params.ModelVersion)
+
+	// check if Status is ChangesRequested|Submitted|UnderConstruction
+	pmap := datastore.Optional()
+	pmap.Add("asset_id", NewModelID)
+	pmap.Add("asset_version", NewModelVersion)
+	//always reset completed when model changes
+	pmap.Add("completed", false)
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusChangesRequested, model.MapfixStatusSubmitted, model.MapfixStatusUnderConstruction}, pmap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataChangeModel{
+		OldModelID: OldModelID,
+		OldModelVersion: OldModelVersion,
+		NewModelID: NewModelID,
+		NewModelVersion: NewModelVersion,
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeChangeModel,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixReject invokes actionMapfixReject operation.
+//
+// Role Reviewer changes status from Submitted -> Rejected.
+//
+// POST /mapfixes/{MapfixID}/status/reject
+func (svc *Service) ActionMapfixReject(ctx context.Context, params api.ActionMapfixRejectParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// transaction
+	target_status := model.MapfixStatusRejected
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitted}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixRequestChanges invokes actionMapfixRequestChanges operation.
+//
+// Role Reviewer changes status from Validated|Accepted|Submitted -> ChangesRequested.
+//
+// POST /mapfixes/{MapfixID}/status/request-changes
+func (svc *Service) ActionMapfixRequestChanges(ctx context.Context, params api.ActionMapfixRequestChangesParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	// transaction
+	smap := datastore.Optional()
+	smap.Add("status_id", model.MapfixStatusChangesRequested)
+	return svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidated, model.MapfixStatusAcceptedUnvalidated, model.MapfixStatusSubmitted}, smap)
+}
+
+// ActionMapfixRevoke invokes actionMapfixRevoke operation.
+//
+// Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
+//
+// POST /mapfixes/{MapfixID}/status/revoke
+func (svc *Service) ActionMapfixRevoke(ctx context.Context, params api.ActionMapfixRevokeParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	// read mapfix (this could be done with a transaction WHERE clause)
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check if caller is the submitter
+	has_role := userId == mapfix.Submitter
+	if !has_role {
+		return ErrPermissionDeniedNotSubmitter
+	}
+
+	// transaction
+	target_status := model.MapfixStatusUnderConstruction
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitted, model.MapfixStatusChangesRequested}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixTriggerSubmit invokes actionMapfixTriggerSubmit operation.
+//
+// Role Submitter changes status from UnderConstruction|ChangesRequested -> Submitting.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-submit
+func (svc *Service) ActionMapfixTriggerSubmit(ctx context.Context, params api.ActionMapfixTriggerSubmitParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	// read mapfix (this could be done with a transaction WHERE clause)
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check if caller is the submitter
+	has_role := userId == mapfix.Submitter
+	if !has_role {
+		return ErrPermissionDeniedNotSubmitter
+	}
+
+	// transaction
+	target_status := model.MapfixStatusSubmitted
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusUnderConstruction, model.MapfixStatusChangesRequested}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixResetSubmitting implements actionMapfixResetSubmitting operation.
+//
+// Role MapfixReview changes status from Submitting -> UnderConstruction.
+//
+// POST /mapfixes/{MapfixID}/status/reset-submitting
+func (svc *Service) ActionMapfixResetSubmitting(ctx context.Context, params api.ActionMapfixResetSubmittingParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check when mapfix was updated
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+	if time.Now().Before(mapfix.UpdatedAt.Add(time.Second*10)) {
+		// the last time the mapfix was updated must be longer than 10 seconds ago
+		return ErrDelayReset
+	}
+
+	// check if caller has required role
+	has_role := userId == mapfix.Submitter
+	if !has_role {
+		return ErrPermissionDeniedNotSubmitter
+	}
+
+	// transaction
+	target_status := model.MapfixStatusUnderConstruction
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	smap.Add("status_message", "Manually forced reset")
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitting}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixTriggerUpload invokes actionMapfixTriggerUpload operation.
+//
+// Role Admin changes status from Validated -> Uploading.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-upload
+func (svc *Service) ActionMapfixTriggerUpload(ctx context.Context, params api.ActionMapfixTriggerUploadParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixUpload()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixUpload
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// transaction
+	target_status := model.MapfixStatusUploading
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	mapfix, err := svc.DB.Mapfixes().IfStatusThenUpdateAndGet(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidated}, smap)
+	if err != nil {
+		return err
+	}
+
+	// this is a map fix
+	upload_fix_request := model.UploadMapfixRequest{
+		MapfixID:      mapfix.ID,
+		ModelID:       mapfix.ValidatedAssetID,
+		ModelVersion:  mapfix.ValidatedAssetVersion,
+		TargetAssetID: mapfix.TargetAssetID,
+	}
+
+	j, err := json.Marshal(upload_fix_request)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.Nats.Publish("maptest.mapfixes.upload", []byte(j))
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixValidate invokes actionMapfixValidate operation.
+//
+// Role MapfixRelease changes status from Uploading -> Validated.
+//
+// POST /mapfixes/{MapfixID}/status/reset-uploading
+func (svc *Service) ActionMapfixValidated(ctx context.Context, params api.ActionMapfixValidatedParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixUpload()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixUpload
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check when mapfix was updated
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+	if time.Now().Before(mapfix.UpdatedAt.Add(time.Second*10)) {
+		// the last time the mapfix was updated must be longer than 10 seconds ago
+		return ErrDelayReset
+	}
+
+	// transaction
+	target_status := model.MapfixStatusValidated
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusUploading}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixTriggerValidate invokes actionMapfixTriggerValidate operation.
+//
+// Role Reviewer triggers validation and changes status from Submitted -> Validating.
+//
+// POST /mapfixes/{MapfixID}/status/trigger-validate
+func (svc *Service) ActionMapfixTriggerValidate(ctx context.Context, params api.ActionMapfixTriggerValidateParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	// read mapfix (this could be done with a transaction WHERE clause)
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check if caller is NOT the submitter
+	has_role = userId == mapfix.Submitter
+	if has_role {
+		return ErrAcceptOwnMapfix
+	}
+
+	// Check if an active mapfix with the same target asset id exists
+	if mapfix.TargetAssetID != 0 {
+		filter := datastore.Optional()
+		filter.Add("target_asset_id", mapfix.TargetAssetID)
+		filter.Add("status_id", ActiveAcceptedMapfixStatuses)
+		active_mapfixes, err := svc.DB.Mapfixes().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   1,
+		},datastore.ListSortDisabled)
+		if err != nil {
+			return err
+		}
+		if len(active_mapfixes) != 0{
+			return ErrActiveMapfixSameTargetAssetID
+		}
+	}
+
+	// transaction
+	target_status := model.MapfixStatusValidating
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	mapfix, err = svc.DB.Mapfixes().IfStatusThenUpdateAndGet(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitted}, smap)
+	if err != nil {
+		return err
+	}
+
+	validate_request := model.ValidateMapfixRequest{
+		MapfixID:         mapfix.ID,
+		ModelID:          mapfix.AssetID,
+		ModelVersion:     mapfix.AssetVersion,
+		ValidatedModelID: nil,
+	}
+
+	// sentinel values because we're not using rust
+	if mapfix.ValidatedAssetID != 0 {
+		validate_request.ValidatedModelID = &mapfix.ValidatedAssetID
+	}
+
+	j, err := json.Marshal(validate_request)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.Nats.Publish("maptest.mapfixes.validate", []byte(j))
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixRetryValidate invokes actionMapfixRetryValidate operation.
+//
+// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
+//
+// POST /mapfixes/{MapfixID}/status/retry-validate
+func (svc *Service) ActionMapfixRetryValidate(ctx context.Context, params api.ActionMapfixRetryValidateParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// transaction
+	target_status := model.MapfixStatusValidating
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	mapfix, err := svc.DB.Mapfixes().IfStatusThenUpdateAndGet(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusAcceptedUnvalidated}, smap)
+	if err != nil {
+		return err
+	}
+
+	validate_request := model.ValidateMapfixRequest{
+		MapfixID:     mapfix.ID,
+		ModelID:          mapfix.AssetID,
+		ModelVersion:     mapfix.AssetVersion,
+		ValidatedModelID: nil,
+	}
+
+	// sentinel values because we're not using rust
+	if mapfix.ValidatedAssetID != 0 {
+		validate_request.ValidatedModelID = &mapfix.ValidatedAssetID
+	}
+
+	j, err := json.Marshal(validate_request)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.Nats.Publish("maptest.mapfixes.validate", []byte(j))
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixAccepted implements actionMapfixAccepted operation.
+//
+// Role MapfixReview changes status from Validating -> Accepted.
+//
+// POST /mapfixes/{MapfixID}/status/reset-validating
+func (svc *Service) ActionMapfixAccepted(ctx context.Context, params api.ActionMapfixAcceptedParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	has_role, err := userInfo.HasRoleMapfixReview()
+	if err != nil {
+		return err
+	}
+	// check if caller has required role
+	if !has_role {
+		return ErrPermissionDeniedNeedRoleMapfixReview
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return err
+	}
+
+	// check when mapfix was updated
+	mapfix, err := svc.DB.Mapfixes().Get(ctx, params.MapfixID)
+	if err != nil {
+		return err
+	}
+	if time.Now().Before(mapfix.UpdatedAt.Add(time.Second*10)) {
+		// the last time the mapfix was updated must be longer than 10 seconds ago
+		return ErrDelayReset
+	}
+
+	// transaction
+	target_status := model.MapfixStatusAcceptedUnvalidated
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	smap.Add("status_message", "Manually forced reset")
+	err = svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         userId,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

pkg/service/maps.go

@@ -0,0 +1,73 @@
+package service
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/go-grpc/maps"
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+)
+
+// ListMaps implements listMaps operation.
+//
+// Get list of maps.
+//
+// GET /maps
+func (svc *Service) ListMaps(ctx context.Context, params api.ListMapsParams) ([]api.Map, error) {
+	filter := maps.MapFilter{}
+
+	if params.DisplayName.IsSet(){
+		filter.DisplayName = &params.DisplayName.Value
+	}
+	if params.Creator.IsSet(){
+		filter.Creator = &params.Creator.Value
+	}
+	if params.GameID.IsSet(){
+		filter.GameID = &params.GameID.Value
+	}
+
+	mapList, err := svc.Client.List(ctx, &maps.ListRequest{
+		Filter: &filter,
+		Page: &maps.Pagination{
+			Size:   params.Limit,
+			Number: params.Page,
+		},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Map
+	for _, item := range mapList.Maps {
+		resp = append(resp, api.Map{
+			ID:           item.ID,
+			DisplayName:  item.DisplayName,
+			Creator:      item.Creator,
+			GameID:       item.GameID,
+			Date:         item.Date,
+		})
+	}
+
+	return resp, nil
+}
+
+// GetMap implements getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /maps/{MapID}
+func (svc *Service) GetMap(ctx context.Context, params api.GetMapParams) (*api.Map, error) {
+	mapResponse, err := svc.Client.Get(ctx, &maps.IdMessage{
+		ID:          params.MapID,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.Map{
+		ID:           mapResponse.ID,
+		DisplayName:  mapResponse.DisplayName,
+		Creator:      mapResponse.Creator,
+		GameID:       mapResponse.GameID,
+		Date:         mapResponse.Date,
+	}, nil
+}

pkg/service/operations.go

@@ -0,0 +1,46 @@
+package service
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+)
+
+// GetOperation implements getOperation operation.
+//
+// Get the specified operation by ID.
+//
+// GET /operations/{OperationID}
+func (svc *Service) GetOperation(ctx context.Context, params api.GetOperationParams) (*api.Operation, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	// You must be the operation owner to read it
+
+	operation, err := svc.DB.Operations().Get(ctx, params.OperationID)
+	if err != nil {
+		return nil, err
+	}
+
+	userId, err := userInfo.GetUserID()
+	if err != nil {
+		return nil, err
+	}
+
+	// check if caller is the submitter
+	has_role := userId == operation.Owner
+	if !has_role {
+		return nil, ErrPermissionDeniedNotSubmitter
+	}
+
+	return &api.Operation{
+		OperationID:   operation.ID,
+		Date:          operation.CreatedAt.Unix(),
+		Owner:         int64(operation.Owner),
+		Status:        int32(operation.StatusID),
+		StatusMessage: operation.StatusMessage,
+		Path:          operation.Path,
+	}, nil
+}

pkg/service/script_policy.go

@@ -2,8 +2,6 @@ package service
 
 import (
 	"context"
-	"fmt"
-	"strconv"
 
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
@@ -15,13 +13,17 @@ import (
 // Create a new script policy.
 //
 // POST /script-policy
-func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ID, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ScriptPolicyID, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return nil, err
+	}
+	if !has_role {
 		return nil, ErrPermissionDenied
 	}
 
@@ -42,8 +44,8 @@ func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolic
 		return nil, err
 	}
 
-	return &api.ID{
-		ID: script.ID,
+	return &api.ScriptPolicyID{
+		ScriptPolicyID: script.ID,
 	}, nil
 }
 
@@ -53,30 +55,38 @@ func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolic
 // Get list of script policies.
 //
 // GET /script-policy
-func (svc *Service) ListScriptPolicy(ctx context.Context, request *api.ListScriptPolicyReq) ([]api.ScriptPolicy, error) {
+func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
 	filter := datastore.Optional()
-	//fmt.Println(request)
-	if request.Filter.IsSet() {
-		filter.AddNotNil("from_script_hash", request.Filter.Value.FromScriptHash)
-		filter.AddNotNil("to_script_id", request.Filter.Value.ToScriptID)
-		filter.AddNotNil("policy", request.Filter.Value.Policy)
+
+	if params.FromScriptHash.IsSet(){
+		hash, err := model.HashParse(params.FromScriptHash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.Add("from_script_hash", int64(hash)) // No type safety!
+	}
+	if params.ToScriptID.IsSet(){
+		filter.Add("to_script_id", params.ToScriptID.Value)
+	}
+	if params.Policy.IsSet(){
+		filter.Add("policy", params.Policy.Value)
 	}
 
 	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
-		Number: request.Page.GetPage(),
-		Size:   request.Page.GetLimit(),
+		Number: params.Page,
+		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 
 	var resp []api.ScriptPolicy
-	for i := 0; i < len(items); i++ {
+	for _, item := range items {
 		resp = append(resp, api.ScriptPolicy{
-			ID:             items[i].ID,
-			FromScriptHash: fmt.Sprintf("%x", items[i].FromScriptHash),
-			ToScriptID:     items[i].ToScriptID,
-			Policy:         int32(items[i].Policy),
+			ID:             item.ID,
+			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
+			ToScriptID:     item.ToScriptID,
+			Policy:         int32(item.Policy),
 		})
 	}
 
@@ -87,14 +97,18 @@ func (svc *Service) ListScriptPolicy(ctx context.Context, request *api.ListScrip
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScriptPolicyParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return err
+	}
+	if !has_role {
 		return ErrPermissionDenied
 	}
 
@@ -105,15 +119,8 @@ func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScr
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPolicyParams) (*api.ScriptPolicy, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfo)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	// Read permission for script policy only requires you to be logged in
-
 	policy, err := svc.DB.ScriptPolicy().Get(ctx, params.ScriptPolicyID)
 	if err != nil {
 		return nil, err
@@ -121,39 +128,7 @@ func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPol
 
 	return &api.ScriptPolicy{
 		ID:             policy.ID,
-		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
-		ToScriptID:     policy.ToScriptID,
-		Policy:         int32(policy.Policy),
-	}, nil
-}
-
-// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (svc *Service) GetScriptPolicyFromHash(ctx context.Context, params api.GetScriptPolicyFromHashParams) (*api.ScriptPolicy, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfo)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	// Read permission for script policy only requires you to be logged in
-
-	// parse hash from hex
-	hash, err := strconv.ParseUint(params.FromScriptHash, 16, 64)
-	if err != nil {
-		return nil, err
-	}
-
-	policy, err := svc.DB.ScriptPolicy().GetFromHash(ctx, hash)
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.ScriptPolicy{
-		ID:             policy.ID,
-		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
+		FromScriptHash: model.HashFormat(uint64(policy.FromScriptHash)),
 		ToScriptID:     policy.ToScriptID,
 		Policy:         int32(policy.Policy),
 	}, nil
@@ -163,14 +138,18 @@ func (svc *Service) GetScriptPolicyFromHash(ctx context.Context, params api.GetS
 //
 // Update the specified script policy by ID.
 //
-// PATCH /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (svc *Service) UpdateScriptPolicy(ctx context.Context, req *api.ScriptPolicyUpdate, params api.UpdateScriptPolicyParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return err
+	}
+	if !has_role {
 		return ErrPermissionDenied
 	}
 

pkg/service/scripts.go

@@ -2,12 +2,10 @@ package service
 
 import (
 	"context"
-	"fmt"
 
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
-	"github.com/dchest/siphash"
 )
 
 // CreateScript implements createScript operation.
@@ -15,43 +13,103 @@ import (
 // Create a new script.
 //
 // POST /scripts
-func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ID, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ScriptID, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return nil, err
+	}
+	if !has_role {
 		return nil, ErrPermissionDenied
 	}
 
 	script, err := svc.DB.Scripts().Create(ctx, model.Script{
 		ID:           0,
-		Hash:         siphash.Hash(0, 0, []byte(req.Source)),
+		Name:         req.Name,
+		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
-		SubmissionID: req.SubmissionID.Or(0),
+		ResourceType: model.ResourceType(req.ResourceType),
+		ResourceID:   req.ResourceID.Or(0),
 	})
 	if err != nil {
 		return nil, err
 	}
 
-	return &api.ID{
-		ID: script.ID,
+	return &api.ScriptID{
+		ScriptID: script.ID,
 	}, nil
 }
 
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
+	filter := datastore.Optional()
+
+	if params.Hash.IsSet(){
+		hash, err := model.HashParse(params.Hash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.Add("hash", int64(hash)) // No type safety!
+	}
+	if params.Name.IsSet(){
+		filter.Add("name", params.Name.Value)
+	}
+	if params.Source.IsSet(){
+		filter.Add("source", params.Source.Value)
+	}
+	if params.ResourceType.IsSet(){
+		filter.Add("resource_type", params.ResourceType.Value)
+	}
+	if params.ResourceID.IsSet(){
+		filter.Add("resource_id", params.ResourceID.Value)
+	}
+
+	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Script
+	for _, item := range items {
+		resp = append(resp, api.Script{
+			ID:           item.ID,
+			Hash:         model.HashFormat(uint64(item.Hash)),
+			Source:       item.Source,
+			ResourceType: int32(item.ResourceType),
+			ResourceID:   item.ResourceID,
+		})
+	}
+
+	return resp, nil
+}
+
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
 //
 // DELETE /scripts/{ScriptID}
 func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return err
+	}
+	if !has_role {
 		return ErrPermissionDenied
 	}
 
@@ -64,13 +122,6 @@ func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptPar
 //
 // GET /scripts/{ScriptID}
 func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfo)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	// Read permission for scripts only requires you to be logged in
-
 	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
 	if err != nil {
 		return nil, err
@@ -78,9 +129,11 @@ func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (
 
 	return &api.Script{
 		ID:           script.ID,
-		Hash:         fmt.Sprintf("%x", script.Hash),
+		Name:         script.Name,
+		Hash:         model.HashFormat(uint64(script.Hash)),
 		Source:       script.Source,
-		SubmissionID: script.SubmissionID,
+		ResourceType: int32(script.ResourceType),
+		ResourceID:   script.ResourceID,
 	}, nil
 }
 
@@ -90,22 +143,32 @@ func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (
 //
 // PATCH /scripts/{ScriptID}
 func (svc *Service) UpdateScript(ctx context.Context, req *api.ScriptUpdate, params api.UpdateScriptParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 
-	if !userInfo.Roles.ScriptWrite {
+	has_role, err := userInfo.HasRoleScriptWrite()
+	if err != nil {
+		return err
+	}
+	if !has_role {
 		return ErrPermissionDenied
 	}
 
 	pmap := datastore.Optional()
+	if Name, ok := req.Name.Get(); ok {
+		pmap.Add("name", Name)
+	}
 	if source, ok := req.Source.Get(); ok {
 		pmap.Add("source", source)
-		pmap.Add("hash", siphash.Hash(0, 0, []byte(source)))
+		pmap.Add("hash", int64(model.HashSource(source))) // No type safety!
 	}
-	if SubmissionID, ok := req.SubmissionID.Get(); ok {
-		pmap.Add("submission_id", SubmissionID)
+	if ResourceType, ok := req.ResourceType.Get(); ok {
+		pmap.Add("resource_type", ResourceType)
+	}
+	if ResourceID, ok := req.ResourceID.Get(); ok {
+		pmap.Add("resource_id", ResourceID)
 	}
 	return svc.DB.Scripts().Update(ctx, req.ID, pmap)
 }

pkg/service/security.go

@@ -14,32 +14,140 @@ var (
 	ErrInvalidSession = errors.New("Session invalid")
 )
 
+// Submissions roles bitflag
+type Roles int32
 var (
-	// has SubmissionPublish
-	RoleMapAdmin int32 = 128
-	// has SubmissionReview
-	RoleMapCouncil int32 = 64
+	RolesSubmissionUpload Roles = 1<<6
+	RolesSubmissionReview Roles = 1<<5
+	RolesSubmissionRelease Roles = 1<<4
+	RolesScriptWrite Roles = 1<<3
+	RolesMapfixUpload Roles = 1<<2
+	RolesMapfixReview Roles = 1<<1
+	RolesMapDownload Roles = 1<<0
+	RolesEmpty Roles = 0
 )
 
-type Roles struct {
-	// human roles
-	SubmissionRelease bool
-	SubmissionReview  bool
-	ScriptWrite       bool
-	// Thumbnail bool
-	// MapDownload
+// StrafesNET group roles
+type GroupRole int32
+var (
+	// has ScriptWrite
+	RoleQuat GroupRole = 255
+	RoleItzaname GroupRole = 254
+	RoleStagingDeveloper GroupRole = 240
+	RolesAll Roles = ^RolesEmpty
+	// has SubmissionUpload
+	RoleMapAdmin GroupRole = 128
+	RolesMapAdmin Roles = RolesSubmissionRelease|RolesSubmissionUpload|RolesSubmissionReview|RolesMapCouncil
+	// has MapfixReview
+	RoleMapCouncil GroupRole = 64
+	RolesMapCouncil Roles = RolesMapfixReview|RolesMapfixUpload|RolesMapAccess
+	// access to downloading maps
+	RoleMapAccess GroupRole = 32
+	RolesMapAccess Roles = RolesMapDownload
+)
 
-	// automated roles
-	Maptest   bool
+type UserInfoHandle struct {
+	// Would love to know a better way to do this
+	svc       *SecurityHandler
+	ctx       *context.Context
+	sessionId string
 }
-
 type UserInfo struct {
-	Roles  Roles
-	UserID uint64
+	UserID    uint64
+	Username  string
+	AvatarURL string
 }
 
-func (usr UserInfo) IsSubmitter(submitter uint64) bool {
-	return usr.UserID == submitter
+func (usr UserInfoHandle) GetUserInfo() (userInfo UserInfo, err error) {
+	session, err := usr.svc.Client.GetSessionUser(*usr.ctx, &auth.IdMessage{
+		SessionID: usr.sessionId,
+	})
+	if err != nil {
+		return userInfo, err
+	}
+	userInfo.UserID = session.UserID
+	userInfo.Username = session.Username
+	userInfo.AvatarURL = session.AvatarURL
+	return userInfo, nil
+}
+func (usr UserInfoHandle) GetUserID() (uint64, error) {
+	session, err := usr.svc.Client.GetSessionUser(*usr.ctx, &auth.IdMessage{
+		SessionID: usr.sessionId,
+	})
+	if err != nil {
+		return 0, err
+	}
+	return session.UserID, nil
+}
+func (usr UserInfoHandle) Validate() (bool, error) {
+	validate, err := usr.svc.Client.ValidateSession(*usr.ctx, &auth.IdMessage{
+		SessionID: usr.sessionId,
+	})
+	if err != nil {
+		return false, err
+	}
+	return validate.Valid, nil
+}
+func (usr UserInfoHandle) hasRoles(wantRoles Roles) (bool, error) {
+	haveroles, err := usr.GetRoles()
+	if err != nil {
+		return false, err
+	}
+
+	return haveroles & wantRoles == wantRoles, nil
+}
+func (usr UserInfoHandle) GetRoles() (Roles, error) {
+	roles, err := usr.svc.Client.GetGroupRole(*usr.ctx, &auth.IdMessage{
+		SessionID: usr.sessionId,
+	})
+
+	if err != nil {
+		return RolesEmpty, err
+	}
+
+	// map roles into bitflag
+	rolesBitflag := RolesEmpty;
+	for _, r := range roles.Roles {
+		switch GroupRole(r.Rank){
+		case RoleQuat, RoleItzaname, RoleStagingDeveloper:
+			rolesBitflag|=RolesAll
+		case RoleMapAdmin:
+			rolesBitflag|=RolesMapAdmin
+		case RoleMapCouncil:
+			rolesBitflag|=RolesMapCouncil
+		case RoleMapAccess:
+			rolesBitflag|=RolesMapAccess
+		}
+	}
+	return rolesBitflag, nil
+}
+
+// RoleThumbnail
+func (usr UserInfoHandle) HasRoleMapfixUpload() (bool, error) {
+	return usr.hasRoles(RolesMapfixUpload)
+}
+func (usr UserInfoHandle) HasRoleMapfixReview() (bool, error) {
+	return usr.hasRoles(RolesMapfixReview)
+}
+func (usr UserInfoHandle) HasRoleMapDownload() (bool, error) {
+	return usr.hasRoles(RolesMapDownload)
+}
+func (usr UserInfoHandle) HasRoleSubmissionRelease() (bool, error) {
+	return usr.hasRoles(RolesSubmissionRelease)
+}
+func (usr UserInfoHandle) HasRoleSubmissionUpload() (bool, error) {
+	return usr.hasRoles(RolesSubmissionUpload)
+}
+func (usr UserInfoHandle) HasRoleSubmissionReview() (bool, error) {
+	return usr.hasRoles(RolesSubmissionReview)
+}
+func (usr UserInfoHandle) HasRoleScriptWrite() (bool, error) {
+	return usr.hasRoles(RolesScriptWrite)
+}
+/// Not implemented
+func (usr UserInfoHandle) HasRoleMaptest() (bool, error) {
+	println("HasRoleMaptest is not implemented!")
+	return false, nil
 }
 
 type SecurityHandler struct {
@@ -52,45 +160,10 @@ func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName a
 		return nil, ErrMissingSessionID
 	}
 
-	session, err := svc.Client.GetSessionUser(ctx, &auth.IdMessage{
-		SessionID: sessionId,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	role, err := svc.Client.GetGroupRole(ctx, &auth.IdMessage{
-		SessionID: sessionId,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
-		SessionID: sessionId,
-	})
-	if err != nil {
-		return nil, err
-	}
-	if !validate.Valid {
-		return nil, ErrInvalidSession
-	}
-
-	roles := Roles{}
-
-	// fix this when roblox udpates group roles
-	for _, r := range role.Roles {
-		if RoleMapAdmin <= r.Rank {
-			roles.SubmissionRelease = true
-		}
-		if RoleMapCouncil <= r.Rank {
-			roles.SubmissionReview = true
-		}
-	}
-
-	newCtx := context.WithValue(ctx, "UserInfo", UserInfo{
-		Roles:  roles,
-		UserID: session.UserID,
+	newCtx := context.WithValue(ctx, "UserInfo", UserInfoHandle{
+		svc:       &svc,
+		ctx:       &ctx,
+		sessionId: sessionId,
 	})
 
 	return newCtx, nil

pkg/service/service.go

@@ -3,6 +3,9 @@ package service
 import (
 	"context"
 	"errors"
+	"fmt"
+
+	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"github.com/nats-io/nats.go"
@@ -13,11 +16,23 @@ var (
 	ErrPermissionDenied = errors.New("Permission denied")
 	// ErrUserInfo user info is missing for some reason
 	ErrUserInfo = errors.New("Missing user info")
+	ErrDelayReset = errors.New("Please give the validator at least 10 seconds to operate before attempting to reset the status")
+	ErrPermissionDeniedNotSubmitter = fmt.Errorf("%w: You must be the submitter to perform this action", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleSubmissionRelease = fmt.Errorf("%w: Need Role SubmissionRelease", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleMapfixUpload = fmt.Errorf("%w: Need Role MapfixUpload", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleMapfixReview = fmt.Errorf("%w: Need Role MapfixReview", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleSubmissionUpload = fmt.Errorf("%w: Need Role SubmissionUpload", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleSubmissionReview = fmt.Errorf("%w: Need Role SubmissionReview", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleMapDownload = fmt.Errorf("%w: Need Role MapDownload", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleScriptWrite = fmt.Errorf("%w: Need Role ScriptWrite", ErrPermissionDenied)
+	ErrPermissionDeniedNeedRoleMaptest = fmt.Errorf("%w: Need Role Maptest", ErrPermissionDenied)
+	ErrNegativeID = errors.New("A negative ID was provided")
 )
 
 type Service struct {
 	DB   datastore.Datastore
 	Nats nats.JetStreamContext
+	Client maps.MapsServiceClient
 }
 
 // NewError creates *ErrorStatusCode from error returned by handler.
@@ -25,6 +40,9 @@ type Service struct {
 // Used for common default response.
 func (svc *Service) NewError(ctx context.Context, err error) *api.ErrorStatusCode {
 	status := 500
+	if errors.Is(err, datastore.ErrNotExist) {
+		status = 404
+	}
 	if errors.Is(err, ErrPermissionDenied) {
 		status = 403
 	}

pkg/service/session.go

@@ -0,0 +1,68 @@
+package service
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/api"
+)
+
+// SessionRoles implements getSessionRoles operation.
+//
+// Get bitflags of permissions the currently logged in user has.
+//
+// GET /session/roles
+func (svc *Service) SessionRoles(ctx context.Context) (*api.Roles, error) {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	roles, err := userInfo.GetRoles();
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.Roles{Roles: int32(roles)}, nil
+}
+
+// SessionUser implements sessionUser operation.
+//
+// Get information about the currently logged in user.
+//
+// GET /session/roles
+func (svc *Service) SessionUser(ctx context.Context) (*api.User, error) {
+	userInfoHandle, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	userInfo, err := userInfoHandle.GetUserInfo();
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.User{
+		UserID:int64(userInfo.UserID),
+		Username:userInfo.Username,
+		AvatarURL:userInfo.AvatarURL,
+	}, nil
+}
+
+// SessionUser implements sessionUser operation.
+//
+// Get information about the currently logged in user.
+//
+// GET /session/roles
+func (svc *Service) SessionValidate(ctx context.Context) (bool, error) {
+	userInfoHandle, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	if !ok {
+		return false, ErrUserInfo
+	}
+
+	valid, err := userInfoHandle.Validate();
+	if err != nil {
+		return false, err
+	}
+
+	return valid, nil
+}

pkg/service_internal/mapfixes.go

@@ -0,0 +1,280 @@
+package service_internal
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+var(
+	// prevent two mapfixes with same asset id
+	ActiveMapfixStatuses = []model.MapfixStatus{
+		model.MapfixStatusUploading,
+		model.MapfixStatusValidated,
+		model.MapfixStatusValidating,
+		model.MapfixStatusAcceptedUnvalidated,
+		model.MapfixStatusChangesRequested,
+		model.MapfixStatusSubmitted,
+		model.MapfixStatusUnderConstruction,
+	}
+)
+
+var(
+	ErrActiveMapfixSameAssetID = errors.New("There is an active mapfix with the same AssetID")
+	ErrNotAssetOwner = errors.New("You can only submit an asset you own")
+)
+
+// UpdateMapfixValidatedModel implements patchMapfixModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /mapfixes/{MapfixID}/validated-model
+func (svc *Service) UpdateMapfixValidatedModel(ctx context.Context, params internal.UpdateMapfixValidatedModelParams) error {
+	ValidatedModelID := uint64(params.ValidatedModelID)
+	ValidatedModelVersion := uint64(params.ValidatedModelVersion)
+
+	// check if Status is ChangesRequested|Submitted|UnderConstruction
+	pmap := datastore.Optional()
+	pmap.Add("validated_asset_id", ValidatedModelID)
+	pmap.Add("validated_asset_version", ValidatedModelVersion)
+	// DO NOT reset completed when validated model is updated
+	// pmap.Add("completed", false)
+	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, pmap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataChangeValidatedModel{
+		ValidatedModelID: ValidatedModelID,
+		ValidatedModelVersion: ValidatedModelVersion,
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeChangeValidatedModel,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixValidate invokes actionMapfixValidate operation.
+//
+// Role Validator changes status from Submitting -> Submitted.
+//
+// POST /mapfixes/{MapfixID}/status/validator-submitted
+func (svc *Service) ActionMapfixSubmitted(ctx context.Context, params internal.ActionMapfixSubmittedParams) error {
+	// transaction
+	target_status := model.MapfixStatusSubmitted
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitting}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixValidate invokes actionMapfixValidate operation.
+//
+// Role Validator changes status from Validating -> Validated.
+//
+// POST /mapfixes/{MapfixID}/status/validator-validated
+func (svc *Service) ActionMapfixValidated(ctx context.Context, params internal.ActionMapfixValidatedParams) error {
+	// transaction
+	smap := datastore.Optional()
+	smap.Add("status_id", model.MapfixStatusValidated)
+	return svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, smap)
+}
+
+// ActionMapfixAccepted implements actionMapfixAccepted operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+//
+// POST /mapfixes/{MapfixID}/status/validator-failed
+func (svc *Service) ActionMapfixAccepted(ctx context.Context, params internal.ActionMapfixAcceptedParams) error {
+	// transaction
+	target_status := model.MapfixStatusAcceptedUnvalidated
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	smap.Add("status_message", params.StatusMessage)
+	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionMapfixUploaded implements actionMapfixUploaded operation.
+//
+// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
+//
+// POST /mapfixes/{MapfixID}/status/validator-uploaded
+func (svc *Service) ActionMapfixUploaded(ctx context.Context, params internal.ActionMapfixUploadedParams) error {
+	// transaction
+	target_status := model.MapfixStatusUploaded
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusUploading}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceMapfix,
+		ResourceID:   params.MapfixID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// POST /mapfixes
+func (svc *Service) CreateMapfix(ctx context.Context, request *internal.MapfixCreate) (*internal.MapfixID, error) {
+	// sanitization
+	if request.GameID<0||
+	request.AssetOwner<0||
+	request.AssetID<0||
+	request.AssetVersion<0||
+	request.TargetAssetID<0{
+		return nil, ErrNegativeID
+	}
+	var GameID=uint32(request.GameID);
+	var Submitter=uint64(request.AssetOwner);
+	var AssetID=uint64(request.AssetID);
+	var AssetVersion=uint64(request.AssetVersion);
+	var TargetAssetID=uint64(request.TargetAssetID);
+
+	// Check if an active mapfix with the same asset id exists
+	{
+		filter := datastore.Optional()
+		filter.Add("asset_id", request.AssetID)
+		filter.Add("asset_version", request.AssetVersion)
+		filter.Add("status_id", ActiveMapfixStatuses)
+		active_mapfixes, err := svc.DB.Mapfixes().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   1,
+		},datastore.ListSortDisabled)
+		if err != nil {
+			return nil, err
+		}
+		if len(active_mapfixes) != 0{
+			return nil, ErrActiveMapfixSameAssetID
+		}
+	}
+
+	operation, err := svc.DB.Operations().Get(ctx, request.OperationID)
+	if err != nil {
+		return nil, err
+	}
+
+	// check if user owns asset
+	// TODO: allow bypass by admin
+	if operation.Owner != Submitter {
+		return nil, ErrNotAssetOwner
+	}
+
+	mapfix, err := svc.DB.Mapfixes().Create(ctx, model.Mapfix{
+		ID:            0,
+		DisplayName:   request.DisplayName,
+		Creator:       request.Creator,
+		GameID:        GameID,
+		Submitter:     Submitter,
+		AssetID:       AssetID,
+		AssetVersion:  AssetVersion,
+		Completed:     false,
+		TargetAssetID: TargetAssetID,
+		StatusID:      model.MapfixStatusUnderConstruction,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// mark the operation as completed and provide the path
+	pmap := datastore.Optional()
+	pmap.Add("status_id", model.OperationStatusCompleted)
+	pmap.Add("path", fmt.Sprintf("/mapfixes/%d", mapfix.ID))
+	err = svc.DB.Operations().Update(ctx, request.OperationID, pmap)
+	if err != nil {
+		return nil, err
+	}
+
+	return &internal.MapfixID{
+		MapfixID: mapfix.ID,
+	}, nil
+}

pkg/service_internal/operations.go

@@ -0,0 +1,21 @@
+package service_internal
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// ActionOperationFailed implements actionOperationFailed operation.
+//
+// Fail the specified OperationID with a StatusMessage.
+//
+// POST /operations/{OperationID}/status/operation-failed
+func (svc *Service) ActionOperationFailed(ctx context.Context, params internal.ActionOperationFailedParams) (error) {
+	pmap := datastore.Optional()
+	pmap.Add("status_id", model.OperationStatusFailed)
+	pmap.Add("status_message", params.StatusMessage)
+	return svc.DB.Operations().Update(ctx, params.OperationID, pmap)
+}

pkg/service_internal/script_policy.go

@@ -0,0 +1,80 @@
+package service_internal
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	api "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// CreateScriptPolicy implements createScriptPolicy operation.
+//
+// Create a new script policy.
+//
+// POST /script-policy
+func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ScriptPolicyID, error) {
+	from_script, err := svc.DB.Scripts().Get(ctx, req.FromScriptID)
+	if err != nil {
+		return nil, err
+	}
+
+	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
+
+	script, err := svc.DB.ScriptPolicy().Create(ctx, model.ScriptPolicy{
+		ID:             0,
+		FromScriptHash: from_script.Hash,
+		ToScriptID:     req.ToScriptID,
+		Policy:         model.Policy(req.Policy),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.ScriptPolicyID{
+		ScriptPolicyID: script.ID,
+	}, nil
+}
+
+// ListScriptPolicy implements listScriptPolicy operation.
+//
+// Get list of script policies.
+//
+// GET /script-policy
+func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
+	filter := datastore.Optional()
+
+	if params.FromScriptHash.IsSet(){
+		hash, err := model.HashParse(params.FromScriptHash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.Add("from_script_hash", int64(hash)) // No type safety!
+	}
+	if params.ToScriptID.IsSet(){
+		filter.Add("to_script_id", params.ToScriptID.Value)
+	}
+	if params.Policy.IsSet(){
+		filter.Add("policy", params.Policy.Value)
+	}
+
+	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.ScriptPolicy
+	for _, item := range items {
+		resp = append(resp, api.ScriptPolicy{
+			ID:             item.ID,
+			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
+			ToScriptID:     item.ToScriptID,
+			Policy:         int32(item.Policy),
+		})
+	}
+
+	return resp, nil
+}

pkg/service_internal/scripts.go

@@ -0,0 +1,103 @@
+package service_internal
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	api "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// CreateScript implements createScript operation.
+//
+// Create a new script.
+//
+// POST /scripts
+func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ScriptID, error) {
+	script, err := svc.DB.Scripts().Create(ctx, model.Script{
+		ID:           0,
+		Name:         req.Name,
+		Hash:         int64(model.HashSource(req.Source)),
+		Source:       req.Source,
+		ResourceType: model.ResourceType(req.ResourceType),
+		ResourceID:   req.ResourceID.Or(0),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.ScriptID{
+		ScriptID: script.ID,
+	}, nil
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
+	filter := datastore.Optional()
+
+	if params.Hash.IsSet(){
+		hash, err := model.HashParse(params.Hash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.Add("hash", int64(hash)) // No type safety!
+	}
+	if params.Name.IsSet(){
+		filter.Add("name", params.Name.Value)
+	}
+	if params.Source.IsSet(){
+		filter.Add("source", params.Source.Value)
+	}
+	if params.ResourceType.IsSet(){
+		filter.Add("resource_type", params.ResourceType.Value)
+	}
+	if params.ResourceID.IsSet(){
+		filter.Add("resource_id", params.ResourceID.Value)
+	}
+
+	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Script
+	for _, item := range items {
+		resp = append(resp, api.Script{
+			ID:           item.ID,
+			Hash:         model.HashFormat(uint64(item.Hash)),
+			Source:       item.Source,
+			ResourceType: int32(item.ResourceType),
+			ResourceID:   item.ResourceID,
+		})
+	}
+
+	return resp, nil
+}
+
+// GetScript implements getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /scripts/{ScriptID}
+func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
+	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.Script{
+		ID:           script.ID,
+		Name:         script.Name,
+		Hash:         model.HashFormat(uint64(script.Hash)),
+		Source:       script.Source,
+		ResourceType: int32(script.ResourceType),
+		ResourceID:   script.ResourceID,
+	}, nil
+}

pkg/service_internal/service_internal.go

@@ -2,11 +2,22 @@ package service_internal
 
 import (
 	"context"
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"errors"
+	"math"
+
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"github.com/nats-io/nats.go"
 )
 
+const (
+	ValidtorUserID uint64 = uint64(math.MaxInt64)
+)
+
+var (
+	ErrNegativeID = errors.New("A negative ID was provided")
+)
+
 type Service struct {
 	DB   datastore.Datastore
 	Nats nats.JetStreamContext
@@ -15,6 +26,9 @@ type Service struct {
 // yay duplicate code
 func (svc *Service) NewError(ctx context.Context, err error) *internal.ErrorStatusCode {
 	status := 500
+	if errors.Is(err, datastore.ErrNotExist) {
+		status = 404
+	}
 	return &internal.ErrorStatusCode{
 		StatusCode: status,
 		Response: internal.Error{

pkg/service_internal/submissions.go

@@ -2,38 +2,193 @@ package service_internal
 
 import (
 	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
 
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 
+var(
+	// prevent two mapfixes with same asset id
+	ActiveSubmissionStatuses = []model.SubmissionStatus{
+		model.SubmissionStatusUploading,
+		model.SubmissionStatusValidated,
+		model.SubmissionStatusValidating,
+		model.SubmissionStatusAcceptedUnvalidated,
+		model.SubmissionStatusChangesRequested,
+		model.SubmissionStatusSubmitted,
+		model.SubmissionStatusUnderConstruction,
+	}
+)
+
+var(
+	ErrActiveSubmissionSameAssetID = errors.New("There is an active submission with the same AssetID")
+)
+
+// UpdateSubmissionValidatedModel implements patchSubmissionModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /submissions/{SubmissionID}/validated-model
+func (svc *Service) UpdateSubmissionValidatedModel(ctx context.Context, params internal.UpdateSubmissionValidatedModelParams) error {
+	ValidatedModelID := uint64(params.ValidatedModelID)
+	ValidatedModelVersion := uint64(params.ValidatedModelVersion)
+
+	// check if Status is ChangesRequested|Submitted|UnderConstruction
+	pmap := datastore.Optional()
+	pmap.Add("validated_asset_id", ValidatedModelID)
+	pmap.Add("validated_asset_version", ValidatedModelVersion)
+	// DO NOT reset completed when validated model is updated
+	// pmap.Add("completed", false)
+	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, pmap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataChangeValidatedModel{
+		ValidatedModelID: ValidatedModelID,
+		ValidatedModelVersion: ValidatedModelVersion,
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeChangeValidatedModel,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ActionSubmissionValidate invokes actionSubmissionValidate operation.
+//
+// Role Validator changes status from Submitting -> Submitted.
+//
+// POST /submissions/{SubmissionID}/status/validator-submitted
+func (svc *Service) ActionSubmissionSubmitted(ctx context.Context, params internal.ActionSubmissionSubmittedParams) error {
+	// transaction
+	target_status := model.SubmissionStatusSubmitted
+	smap := datastore.Optional()
+	smap.Add("status_id", target_status)
+	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusSubmitting}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
-// POST /submissions/{SubmissionID}/status/validate
+// POST /submissions/{SubmissionID}/status/validator-validated
 func (svc *Service) ActionSubmissionValidated(ctx context.Context, params internal.ActionSubmissionValidatedParams) error {
-	println("[ActionSubmissionValidate] Implicit Validator permission granted!")
-
 	// transaction
+	target_status := model.SubmissionStatusValidated
 	smap := datastore.Optional()
-	smap.Add("status_id", model.StatusValidated)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidating}, smap)
+	smap.Add("status_id", target_status)
+	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
-// ActionSubmissionReleased implements actionSubmissionReleased operation.
+// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
 //
-// (Internal endpoint) Role Releaser changes status from Uploaded -> Released.
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
-// POST /submissions/{SubmissionID}/status/releaser-released
-func (svc *Service) ActionSubmissionReleased(ctx context.Context, params internal.ActionSubmissionReleasedParams) error {
-	println("[ActionSubmissionReleased] Implicit Validator permission granted!")
-
+// POST /submissions/{SubmissionID}/status/validator-failed
+func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params internal.ActionSubmissionAcceptedParams) error {
 	// transaction
+	target_status := model.SubmissionStatusAcceptedUnvalidated
 	smap := datastore.Optional()
-	smap.Add("status_id", model.StatusReleased)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusUploaded}, smap)
+	smap.Add("status_id", target_status)
+	smap.Add("status_message", params.StatusMessage)
+	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
+	if err != nil {
+		return err
+	}
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 // ActionSubmissionUploaded implements actionSubmissionUploaded operation.
@@ -42,13 +197,108 @@ func (svc *Service) ActionSubmissionReleased(ctx context.Context, params interna
 //
 // POST /submissions/{SubmissionID}/status/validator-uploaded
 func (svc *Service) ActionSubmissionUploaded(ctx context.Context, params internal.ActionSubmissionUploadedParams) error {
-	println("[ActionSubmissionUploaded] Implicit Validator permission granted!")
-
 	// transaction
+	target_status := model.SubmissionStatusUploaded
 	smap := datastore.Optional()
-	smap.Add("status_id", model.StatusUploaded)
-	if params.TargetAssetID.IsSet() {
-		smap.AddNotNil("target_asset_id", params.TargetAssetID.Value)
+	smap.Add("status_id", target_status)
+	smap.Add("uploaded_asset_id", params.UploadedAssetID)
+	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusUploading}, smap)
+	if err != nil {
+		return err
 	}
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusUploading}, smap)
+
+	event_data := model.AuditEventDataAction{
+		TargetStatus: uint32(target_status),
+	}
+
+	EventData, err := json.Marshal(event_data)
+	if err != nil {
+		return err
+	}
+
+	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+		ID:           0,
+		User:         ValidtorUserID,
+		ResourceType: model.ResourceSubmission,
+		ResourceID:   params.SubmissionID,
+		EventType:    model.AuditEventTypeAction,
+		EventData:    EventData,
+	})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// POST /submissions
+func (svc *Service) CreateSubmission(ctx context.Context, request *internal.SubmissionCreate) (*internal.SubmissionID, error) {
+	// sanitization
+	if request.GameID<0||
+	request.AssetOwner<0||
+	request.AssetID<0||
+	request.AssetVersion<0{
+		return nil, ErrNegativeID
+	}
+	var GameID=uint32(request.GameID);
+	var Submitter=uint64(request.AssetOwner);
+	var AssetID=uint64(request.AssetID);
+	var AssetVersion=uint64(request.AssetVersion);
+
+	// Check if an active submission with the same asset id exists
+	{
+		filter := datastore.Optional()
+		filter.Add("asset_id", request.AssetID)
+		filter.Add("asset_version", request.AssetVersion)
+		filter.Add("status_id", ActiveSubmissionStatuses)
+		active_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   1,
+		},datastore.ListSortDisabled)
+		if err != nil {
+			return nil, err
+		}
+		if len(active_submissions) != 0{
+			return nil, ErrActiveSubmissionSameAssetID
+		}
+	}
+
+	operation, err := svc.DB.Operations().Get(ctx, request.OperationID)
+	if err != nil {
+		return nil, err
+	}
+
+	// check if user owns asset
+	// TODO: allow bypass by admin
+	if operation.Owner != Submitter {
+		return nil, ErrNotAssetOwner
+	}
+
+	submission, err := svc.DB.Submissions().Create(ctx, model.Submission{
+		ID:            0,
+		DisplayName:   request.DisplayName,
+		Creator:       request.Creator,
+		GameID:        GameID,
+		Submitter:     Submitter,
+		AssetID:       AssetID,
+		AssetVersion:  AssetVersion,
+		Completed:     false,
+		StatusID:      model.SubmissionStatusUnderConstruction,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	// mark the operation as completed and provide the path
+	pmap := datastore.Optional()
+	pmap.Add("status_id", model.OperationStatusCompleted)
+	pmap.Add("path", fmt.Sprintf("/submissions/%d", submission.ID))
+	err = svc.DB.Operations().Update(ctx, request.OperationID, pmap)
+	if err != nil {
+		return nil, err
+	}
+
+	return &internal.SubmissionID{
+		SubmissionID: submission.ID,
+	}, nil
 }

submissions-api-rs/src/context.rs

@@ -1,23 +0,0 @@
-#[derive(Clone)]
-pub struct Context{
-	pub base_url:String,
-	client:reqwest::Client,
-}
-
-impl Context{
-	pub fn new(mut base_url:String)->reqwest::Result<Self>{
-		base_url+="/v1";
-		Ok(Self{
-			base_url,
-			client:reqwest::Client::new(),
-		})
-	}
-	pub async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.get(url)
-		.send().await
-	}
-	pub async fn post(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.post(url)
-		.send().await
-	}
-}

submissions-api-rs/src/external.rs

@@ -1,86 +0,0 @@
-use crate::Error;
-
-#[derive(serde::Deserialize)]
-pub struct ScriptID(pub(crate) i64);
-
-#[allow(nonstandard_style)]
-pub struct GetScriptRequest{
-	pub ScriptID:ScriptID,
-}
-#[allow(nonstandard_style)]
-#[derive(serde::Deserialize)]
-pub struct ScriptResponse{
-	pub ID:i64,
-	pub Hash:String,
-	pub Source:String,
-	pub SubmissionID:i64,
-}
-
-#[derive(serde::Deserialize)]
-#[repr(i32)]
-pub enum Policy{
-	None=0, // not yet reviewed
-	Allowed=1,
-	Blocked=2,
-	Delete=3,
-	Replace=4,
-}
-
-pub struct ScriptPolicyHashRequest{
-	pub hash:String,
-}
-#[allow(nonstandard_style)]
-#[derive(serde::Deserialize)]
-pub struct ScriptPolicyResponse{
-	pub ID:i64,
-	pub FromScriptHash:String,
-	pub ToScriptID:ScriptID,
-	pub Policy:Policy
-}
-
-#[allow(nonstandard_style)]
-pub struct UpdateSubmissionModelRequest{
-	pub SubmissionID:i64,
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-}
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-impl Context{
-	pub fn new(base_url:String)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url)?))
-	}
-	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
-		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		self.0.get(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policy_from_hash(&self,config:ScriptPolicyHashRequest)->Result<ScriptPolicyResponse,Error>{
-		let url_raw=format!("{}/script-policy/hash/{}",self.0.base_url,config.hash);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		self.0.get(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn update_submission_model(&self,config:UpdateSubmissionModelRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/model",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		{
-			url.query_pairs_mut()
-				.append_pair("ModelID",config.ModelID.to_string().as_str())
-				.append_pair("ModelVersion",config.ModelVersion.to_string().as_str());
-		}
-
-		self.0.post(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?;
-
-		Ok(())
-	}
-}

submissions-api-rs/src/internal.rs

@@ -1,48 +0,0 @@
-use crate::Error;
-
-#[allow(nonstandard_style)]
-pub struct ActionSubmissionUploadedRequest{
-	pub SubmissionID:i64,
-	pub TargetAssetID:Option<u64>,
-}
-
-pub struct SubmissionID(pub i64);
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-// there are lots of action endpoints and they all follow the same pattern
-macro_rules! action{
-	($fname:ident,$action:expr)=>{
-		pub async fn $fname(&self,config:SubmissionID)->Result<(),Error>{
-			let url_raw=format!(concat!("{}/submissions/{}/status/",$action),self.0.base_url,config.0);
-			let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-			self.0.post(url).await.map_err(Error::Reqwest)?
-			.error_for_status().map_err(Error::Reqwest)?;
-
-			Ok(())
-		}
-	};
-}
-impl Context{
-	pub fn new(base_url:String)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url)?))
-	}
-	pub async fn action_submission_uploaded(&self,config:ActionSubmissionUploadedRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/status/uploaded",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		if let Some(target_asset_id)=config.TargetAssetID{
-			url.query_pairs_mut()
-				.append_pair("TargetAssetID",target_asset_id.to_string().as_str());
-		}
-
-		self.0.post(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?;
-
-		Ok(())
-	}
-	action!(action_submission_validated,"validator-validated");
-	action!(action_submission_released,"releaser-released");
-}

submissions-api-rs/src/lib.rs

@@ -1,22 +0,0 @@
-mod context;
-
-#[cfg(feature="internal")]
-pub mod internal;
-
-#[cfg(feature="external")]
-pub mod external;
-
-//lazy reexport
-pub type ReqwestError=reqwest::Error;
-
-#[derive(Debug)]
-pub enum Error{
-	ParseError(url::ParseError),
-	Reqwest(reqwest::Error),
-}
-impl std::fmt::Display for Error{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for Error{}

validation/.gitignore

@@ -1 +0,0 @@
-/target

validation/Cargo.toml

@@ -1,13 +1,13 @@
 [package]
 name = "maps-validation"
-version = "0.1.0"
+version = "0.1.1"
 edition = "2021"
 
 [dependencies]
-submissions-api = { version = "0.2.1", features = ["internal","external"], registry = "strafesnet" }
-async-nats = "0.38.0"
+submissions-api = { path = "api", features = ["internal"], default-features = false, registry = "strafesnet" }
+async-nats = "0.40.0"
 futures = "0.3.31"
-rbx_asset = { version = "0.2.5", registry = "strafesnet" }
+rbx_asset = { version = "0.4.3", registry = "strafesnet" }
 rbx_binary = { version = "0.7.4", registry = "strafesnet"}
 rbx_dom_weak = { version = "2.9.0", registry = "strafesnet"}
 rbx_reflection_database = { version = "0.2.12", registry = "strafesnet"}

validation/Containerfile

@@ -1,6 +1,6 @@
 # Using the `rust-musl-builder` as base image, instead of
 # the official Rust toolchain
-FROM docker.io/clux/muslrust:stable AS chef
+FROM registry.itzana.me/docker-proxy/clux/muslrust:1.86.0-stable AS chef
 USER root
 RUN cargo install cargo-chef
 WORKDIR /app
@@ -11,13 +11,13 @@ RUN cargo chef prepare --recipe-path recipe.json
 
 FROM chef AS builder
 COPY --from=planner /app/recipe.json recipe.json
-
+COPY api ./api
 # Notice that we are specifying the --target flag!
 RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
 COPY . .
 RUN cargo build --release --target x86_64-unknown-linux-musl --bin maps-validation
 
-FROM docker.io/alpine:latest AS runtime
+FROM registry.itzana.me/docker-proxy/alpine:3.21 AS runtime
 RUN addgroup -S myuser && adduser -S myuser -G myuser
 COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/maps-validation /usr/local/bin/
 USER myuser

validation/api/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "submissions-api"
-version = "0.2.1"
+version = "0.7.0"
 edition = "2021"
 publish = ["strafesnet"]
 repository = "https://git.itzana.me/StrafesNET/maps-service"
@@ -14,6 +14,7 @@ authors = ["Rhys Lloyd <krakow20@gmail.com>"]
 reqwest = { version = "0", features = ["json"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
+serde_repr = "0.1.19"
 url = "2"
 
 [features]

validation/api/src/context.rs

@@ -0,0 +1,47 @@
+pub struct Cookie(reqwest::header::HeaderValue);
+
+impl Cookie{
+	/// cookie is prepended with "session_id=" by this function
+	pub fn new(cookie:&str)->Result<Self,reqwest::header::InvalidHeaderValue>{
+		Ok(Self(reqwest::header::HeaderValue::from_str(&format!("session_id={}",cookie))?))
+	}
+}
+
+#[derive(Clone)]
+pub struct Context{
+	pub base_url:String,
+	client:reqwest::Client,
+}
+
+impl Context{
+	pub fn new(base_url:String,cookie:Option<Cookie>)->reqwest::Result<Self>{
+		Ok(Self{
+			base_url,
+			client:{
+				let mut builder=reqwest::ClientBuilder::new();
+				if let Some(mut cookie)=cookie{
+					cookie.0.set_sensitive(true);
+					let mut headers=reqwest::header::HeaderMap::new();
+					headers.insert("Cookie",cookie.0);
+					builder=builder.default_headers(headers);
+				}
+				builder.build()?
+			},
+		})
+	}
+	pub async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.get(url)
+		.send().await
+	}
+	#[cfg(feature="internal")]
+	pub async fn post_empty_body(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.post(url)
+		.send().await
+	}
+	pub async fn post(&self,url:impl reqwest::IntoUrl,body:impl Into<reqwest::Body>)->Result<reqwest::Response,reqwest::Error>{
+		self.client.post(url)
+    	.header("Content-Type","application/json")
+    	.body(body)
+		.send().await
+	}
+}

validation/api/src/external.rs

@@ -0,0 +1,135 @@
+use crate::types::*;
+
+#[derive(Clone)]
+pub struct Context(crate::context::Context);
+
+impl Context{
+	pub fn new(base_url:String,cookie:crate::context::Cookie)->reqwest::Result<Self>{
+		Ok(Self(crate::context::Context::new(base_url,Some(cookie))?))
+	}
+	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
+		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_scripts<'a>(&self,config:GetScriptsRequest<'a>)->Result<Vec<ScriptResponse>,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(name)=config.Name{
+				query_pairs.append_pair("Name",name);
+			}
+			if let Some(hash)=config.Hash{
+				query_pairs.append_pair("Hash",hash);
+			}
+			if let Some(source)=config.Source{
+				query_pairs.append_pair("Source",source);
+			}
+			if let Some(resource_type)=config.ResourceType{
+				query_pairs.append_pair("ResourceType",(resource_type as i32).to_string().as_str());
+			}
+			if let Some(resource_id)=config.ResourceID{
+				query_pairs.append_pair("ResourceID",resource_id.to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptResponse>,SingleItemError>{
+		let scripts=self.get_scripts(GetScriptsRequest{
+			Page:1,
+			Limit:2,
+			Hash:Some(config.hash),
+			Name:None,
+			Source:None,
+			ResourceType:None,
+			ResourceID:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<scripts.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(scripts.into_iter().next())
+	}
+	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(hash)=config.FromScriptHash{
+				query_pairs.append_pair("FromScriptHash",hash);
+			}
+			if let Some(script_id)=config.ToScriptID{
+				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
+			}
+			if let Some(policy)=config.Policy{
+				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
+		let policies=self.get_script_policies(GetScriptPoliciesRequest{
+			Page:1,
+			Limit:2,
+			FromScriptHash:Some(config.hash),
+			ToScriptID:None,
+			Policy:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<policies.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(policies.into_iter().next())
+	}
+	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn update_script_policy(&self,config:UpdateScriptPolicyRequest)->Result<(),Error>{
+		let url_raw=format!("{}/script-policy/{}",self.0.base_url,config.ID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?;
+
+		Ok(())
+	}
+}

validation/api/src/internal.rs

@@ -0,0 +1,201 @@
+use crate::types::*;
+
+#[derive(Clone)]
+pub struct Context(crate::context::Context);
+
+// conditionally include specified query pairs
+macro_rules! query_pairs{
+	($url:expr,)=>{
+		$url
+	};
+	($url:expr,$(($param:expr,$value:expr))+)=>{
+		{
+			let mut url=$url;
+			url.query_pairs_mut()
+				$(.append_pair($param,$value))*;
+			url
+		}
+	};
+}
+
+// there are lots of action endpoints and they all follow the same pattern
+macro_rules! action{
+	($system:expr,$fname:ident,$config:ident,$config_type:ident,$action:expr,$config_submission_id:expr,$(($param:expr,$value:expr))*)=>{
+		pub async fn $fname(&self,$config:$config_type)->Result<(),Error>{
+			let url_raw=format!(concat!("{}/",$system,"/{}/",$action),self.0.base_url,$config_submission_id);
+			let url=query_pairs!(reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?,$(($param,$value))*);
+
+			response_ok(
+				self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
+			).await.map_err(Error::Response)?;
+
+			Ok(())
+		}
+	};
+}
+impl Context{
+	pub fn new(base_url:String)->reqwest::Result<Self>{
+		Ok(Self(crate::context::Context::new(base_url,None)?))
+	}
+	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
+		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_scripts<'a>(&self,config:GetScriptsRequest<'a>)->Result<Vec<ScriptResponse>,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(name)=config.Name{
+				query_pairs.append_pair("Name",name);
+			}
+			if let Some(hash)=config.Hash{
+				query_pairs.append_pair("Hash",hash);
+			}
+			if let Some(source)=config.Source{
+				query_pairs.append_pair("Source",source);
+			}
+			if let Some(resource_type)=config.ResourceType{
+				query_pairs.append_pair("ResourceType",(resource_type as i32).to_string().as_str());
+			}
+			if let Some(resource_id)=config.ResourceID{
+				query_pairs.append_pair("ResourceID",resource_id.to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptResponse>,SingleItemError>{
+		let scripts=self.get_scripts(GetScriptsRequest{
+			Page:1,
+			Limit:2,
+			Hash:Some(config.hash),
+			Name:None,
+			Source:None,
+			ResourceType:None,
+			ResourceID:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<scripts.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(scripts.into_iter().next())
+	}
+	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(hash)=config.FromScriptHash{
+				query_pairs.append_pair("FromScriptHash",hash);
+			}
+			if let Some(script_id)=config.ToScriptID{
+				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
+			}
+			if let Some(policy)=config.Policy{
+				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
+		let policies=self.get_script_policies(GetScriptPoliciesRequest{
+			Page:1,
+			Limit:2,
+			FromScriptHash:Some(config.hash),
+			ToScriptID:None,
+			Policy:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<policies.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(policies.into_iter().next())
+	}
+	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	pub async fn create_submission<'a>(&self,config:CreateSubmissionRequest<'a>)->Result<SubmissionIDResponse,Error>{
+		let url_raw=format!("{}/submissions",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	// simple submission endpoints
+	action!("submissions",action_submission_validated,config,SubmissionID,"status/validator-validated",config.0,);
+	action!("submissions",update_submission_validated_model,config,UpdateSubmissionModelRequest,"validated-model",config.SubmissionID,
+		("ValidatedModelID",config.ModelID.to_string().as_str())
+		("ValidatedModelVersion",config.ModelVersion.to_string().as_str())
+	);
+	action!("submissions",action_submission_uploaded,config,ActionSubmissionUploadedRequest,"status/validator-uploaded",config.SubmissionID,
+		("UploadedAssetID",config.UploadedAssetID.to_string().as_str())
+	);
+	action!("submissions",action_submission_accepted,config,ActionSubmissionAcceptedRequest,"status/validator-failed",config.SubmissionID,
+		("StatusMessage",config.StatusMessage.as_str())
+	);
+	pub async fn create_mapfix<'a>(&self,config:CreateMapfixRequest<'a>)->Result<MapfixIDResponse,Error>{
+		let url_raw=format!("{}/mapfixes",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::ReqwestJson)
+	}
+	// simple mapfixes endpoints
+	action!("mapfixes",action_mapfix_validated,config,MapfixID,"status/validator-validated",config.0,);
+	action!("mapfixes",update_mapfix_validated_model,config,UpdateMapfixModelRequest,"validated-model",config.MapfixID,
+		("ValidatedModelID",config.ModelID.to_string().as_str())
+		("ValidatedModelVersion",config.ModelVersion.to_string().as_str())
+	);
+	action!("mapfixes",action_mapfix_uploaded,config,ActionMapfixUploadedRequest,"status/validator-uploaded",config.MapfixID,);
+	action!("mapfixes",action_mapfix_accepted,config,ActionMapfixAcceptedRequest,"status/validator-failed",config.MapfixID,
+		("StatusMessage",config.StatusMessage.as_str())
+	);
+	// simple operation endpoint
+	action!("operations",action_operation_failed,config,ActionOperationFailedRequest,"status/operation-failed",config.OperationID,
+		("StatusMessage",config.StatusMessage.as_str())
+	);
+}

validation/api/src/lib.rs

@@ -0,0 +1,15 @@
+mod context;
+pub use context::Cookie;
+
+pub mod types;
+
+#[cfg(feature="internal")]
+pub mod internal;
+
+#[cfg(feature="external")]
+pub mod external;
+
+//lazy reexports
+pub use types::Error;
+pub type ReqwestError=reqwest::Error;
+pub type CookieError=reqwest::header::InvalidHeaderValue;

validation/api/src/types.rs

@@ -0,0 +1,271 @@
+#[derive(Debug)]
+pub enum Error{
+	Parse(url::ParseError),
+	Reqwest(reqwest::Error),
+	ReqwestJson(reqwest::Error),
+	Response(ResponseError),
+	JSON(serde_json::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+#[derive(Debug)]
+pub enum SingleItemError{
+	DuplicateItems,
+	Other(Error),
+}
+impl std::fmt::Display for SingleItemError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for SingleItemError{}
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub struct StatusCodeWithUrlAndBody{
+	pub status_code:reqwest::StatusCode,
+	pub url:url::Url,
+	pub body:String,
+}
+
+#[derive(Debug)]
+pub enum ResponseError{
+	Reqwest(reqwest::Error),
+	StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody),
+}
+impl std::fmt::Display for ResponseError{
+	fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for ResponseError{}
+// lazy function to draw out meaningful info from http response on failure
+pub async fn response_ok(response:reqwest::Response)->Result<reqwest::Response,ResponseError>{
+	let status_code=response.status();
+	if status_code.is_success(){
+		Ok(response)
+	}else{
+		let url=response.url().to_owned();
+		let bytes=response.bytes().await.map_err(ResponseError::Reqwest)?;
+		let body=String::from_utf8_lossy(&bytes).to_string();
+		Err(ResponseError::StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody{
+			status_code,
+			url,
+			body,
+		}))
+	}
+}
+
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct CreateMapfixRequest<'a>{
+	pub OperationID:i32,
+	pub AssetOwner:i64,
+	pub DisplayName:&'a str,
+	pub Creator:&'a str,
+	pub GameID:i32,
+	pub AssetID:u64,
+	pub AssetVersion:u64,
+	pub TargetAssetID:u64,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct MapfixIDResponse{
+	pub MapfixID:MapfixID,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct CreateSubmissionRequest<'a>{
+	pub OperationID:i32,
+	pub AssetOwner:i64,
+	pub DisplayName:&'a str,
+	pub Creator:&'a str,
+	pub GameID:i32,
+	pub AssetID:u64,
+	pub AssetVersion:u64,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct SubmissionIDResponse{
+	pub SubmissionID:SubmissionID,
+}
+
+#[derive(Clone,Copy,Debug,PartialEq,Eq,serde::Serialize,serde::Deserialize)]
+pub struct ScriptID(pub(crate)i64);
+#[derive(Clone,Copy,Debug,serde::Serialize,serde::Deserialize)]
+pub struct ScriptPolicyID(pub(crate)i64);
+
+#[derive(Clone,Copy,Debug,PartialEq,Eq,serde_repr::Serialize_repr,serde_repr::Deserialize_repr)]
+#[repr(i32)]
+pub enum ResourceType{
+	Unknown=0,
+	Mapfix=1,
+	Submission=2,
+}
+
+#[allow(nonstandard_style)]
+pub struct GetScriptRequest{
+	pub ScriptID:ScriptID,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct GetScriptsRequest<'a>{
+	pub Page:u32,
+	pub Limit:u32,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Name:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Hash:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Source:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ResourceType:Option<ResourceType>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ResourceID:Option<i64>,
+}
+#[derive(Clone,Copy,Debug)]
+pub struct HashRequest<'a>{
+	pub hash:&'a str,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct ScriptResponse{
+	pub ID:ScriptID,
+	pub Name:String,
+	pub Hash:String,
+	pub Source:String,
+	pub ResourceType:ResourceType,
+	pub ResourceID:i64,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct CreateScriptRequest<'a>{
+	pub Name:&'a str,
+	pub Source:&'a str,
+	pub ResourceType:ResourceType,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ResourceID:Option<i64>,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct ScriptIDResponse{
+	pub ScriptID:ScriptID,
+}
+
+#[derive(Clone,Copy,Debug,PartialEq,Eq,serde_repr::Serialize_repr,serde_repr::Deserialize_repr)]
+#[repr(i32)]
+pub enum Policy{
+	None=0, // not yet reviewed
+	Allowed=1,
+	Blocked=2,
+	Delete=3,
+	Replace=4,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct GetScriptPoliciesRequest<'a>{
+	pub Page:u32,
+	pub Limit:u32,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub FromScriptHash:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ToScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Policy:Option<Policy>,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct ScriptPolicyResponse{
+	pub ID:ScriptPolicyID,
+	pub FromScriptHash:String,
+	pub ToScriptID:ScriptID,
+	pub Policy:Policy
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct CreateScriptPolicyRequest{
+	pub FromScriptID:ScriptID,
+	pub ToScriptID:ScriptID,
+	pub Policy:Policy,
+}
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Deserialize)]
+pub struct ScriptPolicyIDResponse{
+	pub ScriptPolicyID:ScriptPolicyID,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug,serde::Serialize)]
+pub struct UpdateScriptPolicyRequest{
+	pub ID:ScriptPolicyID,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub FromScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ToScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Policy:Option<Policy>,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct UpdateSubmissionModelRequest{
+	pub SubmissionID:i64,
+	pub ModelID:u64,
+	pub ModelVersion:u64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct ActionSubmissionUploadedRequest{
+	pub SubmissionID:i64,
+	pub UploadedAssetID:u64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct ActionSubmissionAcceptedRequest{
+	pub SubmissionID:i64,
+	pub StatusMessage:String,
+}
+
+#[derive(Clone,Copy,Debug,serde::Deserialize)]
+pub struct SubmissionID(pub i64);
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct UpdateMapfixModelRequest{
+	pub MapfixID:i64,
+	pub ModelID:u64,
+	pub ModelVersion:u64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct ActionMapfixUploadedRequest{
+	pub MapfixID:i64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct ActionMapfixAcceptedRequest{
+	pub MapfixID:i64,
+	pub StatusMessage:String,
+}
+
+#[derive(Clone,Copy,Debug,serde::Deserialize)]
+pub struct MapfixID(pub i64);
+
+#[allow(nonstandard_style)]
+#[derive(Clone,Debug)]
+pub struct ActionOperationFailedRequest{
+	pub OperationID:i32,
+	pub StatusMessage:String,
+}

validation/src/create.rs

@@ -0,0 +1,86 @@
+use crate::rbx_util::{get_mapinfo,read_dom,MapInfo,ReadDomError,GetMapInfoError,ParseGameIDError};
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub enum Error{
+	CreatorTypeMustBeUser,
+	ModelInfoDownload(rbx_asset::cloud::GetError),
+	ModelLocationDownload(rbx_asset::cloud::GetError),
+	NonFreeModel,
+	ModelFileDownload(rbx_asset::cloud::GetError),
+	ParseUserID(core::num::ParseIntError),
+	ParseModelVersion(core::num::ParseIntError),
+	ModelFileDecode(ReadDomError),
+	GetMapInfo(GetMapInfoError),
+	ParseGameID(ParseGameIDError),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+#[allow(nonstandard_style)]
+pub struct CreateRequest{
+	pub ModelID:u64,
+}
+#[allow(nonstandard_style)]
+pub struct CreateResult{
+	pub AssetOwner:i64,
+	pub DisplayName:String,
+	pub Creator:String,
+	pub GameID:i32,
+	pub AssetVersion:u64,
+}
+impl crate::message_handler::MessageHandler{
+	pub async fn create_inner(&self,create_info:CreateRequest)->Result<CreateResult,Error>{
+		// discover asset creator and latest version
+		let info=self.cloud_context.get_asset_info(
+			rbx_asset::cloud::GetAssetLatestRequest{asset_id:create_info.ModelID}
+		).await.map_err(Error::ModelInfoDownload)?;
+
+		// reject models created by a group
+		let rbx_asset::cloud::Creator::userId(user_id_string)=info.creationContext.creator else{
+			return Err(Error::CreatorTypeMustBeUser);
+		};
+
+		// parse user string and model version string
+		let user_id:u64=user_id_string.parse().map_err(Error::ParseUserID)?;
+		let asset_version=info.revisionId.parse().map_err(Error::ParseModelVersion)?;
+
+		// download the location of the map model
+		let location=self.cloud_context.get_asset_version_location(rbx_asset::cloud::GetAssetVersionRequest{
+			asset_id:create_info.ModelID,
+			version:asset_version,
+		}).await.map_err(Error::ModelLocationDownload)?;
+
+		// if the location does not exist, you are not allowed to donwload it
+		let Some(location)=location.location else{
+			return Err(Error::NonFreeModel);
+		};
+
+		// download the map model
+		let model_data=self.cloud_context.get_asset(&location).await.map_err(Error::ModelFileDownload)?;
+
+		// decode dom (slow!)
+		let dom=read_dom(std::io::Cursor::new(model_data)).map_err(Error::ModelFileDecode)?;
+
+		// parse create fields out of asset
+		let MapInfo{
+			display_name,
+			creator,
+			game_id,
+		}=get_mapinfo(&dom).map_err(Error::GetMapInfo)?;
+
+		let game_id=game_id.map_err(Error::ParseGameID)?;
+
+		Ok(CreateResult{
+			AssetOwner:user_id as i64,
+			DisplayName:display_name.unwrap_or_default().to_owned(),
+			Creator:creator.unwrap_or_default().to_owned(),
+			GameID:game_id as i32,
+			AssetVersion:asset_version,
+		})
+	}
+}

validation/src/create_mapfix.rs

@@ -0,0 +1,52 @@
+use crate::nats_types::CreateMapfixRequest;
+use crate::create::CreateRequest;
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub enum Error{
+	Create(crate::create::Error),
+	ApiActionMapfixCreate(submissions_api::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+impl crate::message_handler::MessageHandler{
+	async fn create_mapfix_inner(&self,create_info:CreateMapfixRequest)->Result<(),Error>{
+		// call deduplicated inner code
+		let create_request=self.create_inner(CreateRequest{
+			ModelID:create_info.ModelID,
+		}).await.map_err(Error::Create)?;
+
+		// call create on api
+		self.api.create_mapfix(submissions_api::types::CreateMapfixRequest{
+			OperationID:create_info.OperationID,
+			AssetOwner:create_request.AssetOwner,
+			DisplayName:create_request.DisplayName.as_str(),
+			Creator:create_request.Creator.as_str(),
+			GameID:create_request.GameID,
+			AssetID:create_info.ModelID,
+			AssetVersion:create_request.AssetVersion,
+			TargetAssetID:create_info.TargetAssetID,
+		}).await.map_err(Error::ApiActionMapfixCreate)?;
+
+		Ok(())
+	}
+	pub async fn create_mapfix(&self,create_info:CreateMapfixRequest)->Result<(),submissions_api::Error>{
+		let operation_id=create_info.OperationID;
+
+		let create_result=self.create_mapfix_inner(create_info).await;
+
+		if let Err(e)=create_result{
+			self.api.action_operation_failed(submissions_api::types::ActionOperationFailedRequest{
+				OperationID:operation_id,
+				StatusMessage:format!("{e}"),
+			}).await?;
+		}
+
+		Ok(())
+	}
+}

validation/src/create_submission.rs

@@ -0,0 +1,49 @@
+use crate::nats_types::CreateSubmissionRequest;
+use crate::create::CreateRequest;
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub enum Error{
+	Create(crate::create::Error),
+	ApiActionSubmissionCreate(submissions_api::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+impl crate::message_handler::MessageHandler{
+	async fn create_submission_inner(&self,create_info:CreateSubmissionRequest)->Result<(),Error>{
+		let create_request=self.create_inner(CreateRequest{
+			ModelID:create_info.ModelID,
+		}).await.map_err(Error::Create)?;
+		// call create on api
+		self.api.create_submission(submissions_api::types::CreateSubmissionRequest{
+			OperationID:create_info.OperationID,
+			AssetOwner:create_request.AssetOwner,
+			DisplayName:create_request.DisplayName.as_str(),
+			Creator:create_request.Creator.as_str(),
+			GameID:create_request.GameID,
+			AssetID:create_info.ModelID,
+			AssetVersion:create_request.AssetVersion,
+		}).await.map_err(Error::ApiActionSubmissionCreate)?;
+
+		Ok(())
+	}
+	pub async fn create_submission(&self,create_info:CreateSubmissionRequest)->Result<(),submissions_api::Error>{
+		let operation_id=create_info.OperationID;
+
+		let create_result=self.create_submission_inner(create_info).await;
+
+		if let Err(e)=create_result{
+			self.api.action_operation_failed(submissions_api::types::ActionOperationFailedRequest{
+				OperationID:operation_id,
+				StatusMessage:format!("{e}"),
+			}).await?;
+		}
+
+		Ok(())
+	}
+}

validation/src/main.rs

@@ -1,19 +1,26 @@
 use futures::StreamExt;
 
-mod nats_types;
-mod validator;
-mod publish_new;
-mod publish_fix;
+mod rbx_util;
 mod message_handler;
+mod nats_types;
+mod types;
+mod create;
+mod create_mapfix;
+mod create_submission;
+mod upload_mapfix;
+mod upload_submission;
+mod validator;
+mod validate_mapfix;
+mod validate_submission;
 
 #[allow(dead_code)]
 #[derive(Debug)]
 pub enum StartupError{
 	API(submissions_api::ReqwestError),
-	APIInternal(submissions_api::ReqwestError),
 	NatsConnect(async_nats::ConnectError),
 	NatsGetStream(async_nats::jetstream::context::GetStreamError),
 	NatsConsumer(async_nats::jetstream::stream::ConsumerError),
+	NatsConsumerUpdate(async_nats::jetstream::stream::ConsumerUpdateError),
 	NatsStream(async_nats::jetstream::consumer::StreamError),
 }
 impl std::fmt::Display for StartupError{
@@ -23,40 +30,61 @@ impl std::fmt::Display for StartupError{
 }
 impl std::error::Error for StartupError{}
 
-pub const GROUP_STRAFESNET:u64=6980477;
-
 pub const PARALLEL_REQUESTS:usize=16;
 
 #[tokio::main]
 async fn main()->Result<(),StartupError>{
-	// talk to roblox through STRAFESNET_CI2 account
+	let group_id:Option<u64>=match std::env::var("ROBLOX_GROUP_ID"){
+		Ok(s)=>match s.as_str(){
+			"None"=>None,
+			_=>Some(s.parse().expect("ROBLOX_GROUP_ID int parse")),
+		},
+		Err(e)=>Err(e).expect("ROBLOX_GROUP_ID env required"),
+	};
+
+	// create / upload models through STRAFESNET_CI2 account
 	let cookie=std::env::var("RBXCOOKIE").expect("RBXCOOKIE env required");
-	let cookie_context=rbx_asset::cookie::CookieContext::new(rbx_asset::cookie::Cookie::new(cookie));
+	let cookie_context=rbx_asset::cookie::Context::new(rbx_asset::cookie::Cookie::new(cookie));
+	// download models through cloud api
+	let api_key=std::env::var("RBX_API_KEY").expect("RBX_API_KEY env required");
+	let cloud_context=rbx_asset::cloud::Context::new(rbx_asset::cloud::ApiKey::new(api_key));
 
 	// maps-service api
-	let api_host=std::env::var("API_HOST").expect("API_HOST env required");
-	let api=submissions_api::external::Context::new(api_host).map_err(StartupError::API)?;
-
 	let api_host_internal=std::env::var("API_HOST_INTERNAL").expect("API_HOST_INTERNAL env required");
-	let api_internal=submissions_api::internal::Context::new(api_host_internal).map_err(StartupError::APIInternal)?;
+	let api=submissions_api::internal::Context::new(api_host_internal).map_err(StartupError::API)?;
 
 	// nats
 	let nats_host=std::env::var("NATS_HOST").expect("NATS_HOST env required");
 	let nats_fut=async{
+		const STREAM_NAME:&str="maptest";
+		const DURABLE_NAME:&str="validation";
+		const FILTER_SUBJECT:&str="maptest.>";
+
+		let nats_config=async_nats::jetstream::consumer::pull::Config{
+			name:Some(DURABLE_NAME.to_owned()),
+			durable_name:Some(DURABLE_NAME.to_owned()),
+			filter_subject:FILTER_SUBJECT.to_owned(),
+			..Default::default()
+		};
+
 		let nasty=async_nats::connect(nats_host).await.map_err(StartupError::NatsConnect)?;
+
 		// use nats jetstream
-		async_nats::jetstream::new(nasty)
-			.get_stream("maptest").await.map_err(StartupError::NatsGetStream)?
-			.get_or_create_consumer("validation",async_nats::jetstream::consumer::pull::Config{
-				name:Some("validation".to_owned()),
-				durable_name:Some("validation".to_owned()),
-				filter_subject:"maptest.submissions.>".to_owned(),
-				..Default::default()
-			}).await.map_err(StartupError::NatsConsumer)?
-			.messages().await.map_err(StartupError::NatsStream)
+		let stream=async_nats::jetstream::new(nasty)
+			.get_stream(STREAM_NAME).await.map_err(StartupError::NatsGetStream)?;
+
+		let consumer=stream.get_or_create_consumer(DURABLE_NAME,nats_config.clone()).await.map_err(StartupError::NatsConsumer)?;
+
+		// check if config matches expected config
+		if consumer.cached_info().config.filter_subject!=FILTER_SUBJECT{
+			stream.update_consumer(nats_config).await.map_err(StartupError::NatsConsumerUpdate)?;
+		}
+
+		// only need messages
+		consumer.messages().await.map_err(StartupError::NatsStream)
 	};
 
-	let message_handler=message_handler::MessageHandler::new(cookie_context,api,api_internal);
+	let message_handler=message_handler::MessageHandler::new(cloud_context,cookie_context,group_id,api);
 
 	// Create a signal listener for SIGTERM
 	let mut sig_term=tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate()).expect("Failed to create SIGTERM signal listener");
@@ -78,7 +106,7 @@ async fn main()->Result<(),StartupError>{
 					Err(e)=>println!("[Validation] There was an error, oopsie! {e}"),
 				}
 				// explicitly call drop to make the move semantics and permit release more obvious
-				core::mem::drop(permit);
+				drop(permit);
 			});
 		}
 	};

validation/src/message_handler.rs

@@ -3,10 +3,14 @@
 pub enum HandleMessageError{
 	Messages(async_nats::jetstream::consumer::pull::MessagesError),
 	DoubleAck(async_nats::Error),
+	Json(serde_json::Error),
 	UnknownSubject(String),
-	PublishNew(crate::publish_new::PublishError),
-	PublishFix(crate::publish_fix::PublishError),
-	Validation(crate::validator::ValidateError),
+	CreateMapfix(submissions_api::Error),
+	CreateSubmission(submissions_api::Error),
+	UploadMapfix(crate::upload_mapfix::Error),
+	UploadSubmission(crate::upload_submission::Error),
+	ValidateMapfix(crate::validate_mapfix::Error),
+	ValidateSubmission(crate::validate_submission::Error),
 }
 impl std::fmt::Display for HandleMessageError{
 	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
@@ -17,31 +21,41 @@ impl std::error::Error for HandleMessageError{}
 
 pub type MessageResult=Result<async_nats::jetstream::Message,async_nats::jetstream::consumer::pull::MessagesError>;
 
+fn from_slice<'a,T:serde::de::Deserialize<'a>>(slice:&'a [u8])->Result<T,HandleMessageError>{
+	serde_json::from_slice(slice).map_err(HandleMessageError::Json)
+}
+
 pub struct MessageHandler{
-	publish_new:crate::publish_new::Publisher,
-	publish_fix:crate::publish_fix::Publisher,
-	validator:crate::validator::Validator,
+	pub(crate) cloud_context:rbx_asset::cloud::Context,
+	pub(crate) cookie_context:rbx_asset::cookie::Context,
+	pub(crate) group_id:Option<u64>,
+	pub(crate) api:submissions_api::internal::Context,
 }
 
 impl MessageHandler{
 	pub fn new(
-		cookie_context:rbx_asset::cookie::CookieContext,
-		api:submissions_api::external::Context,
-		api_internal:submissions_api::internal::Context,
+		cloud_context:rbx_asset::cloud::Context,
+		cookie_context:rbx_asset::cookie::Context,
+		group_id:Option<u64>,
+		api:submissions_api::internal::Context,
 	)->Self{
 		Self{
-			publish_new:crate::publish_new::Publisher::new(cookie_context.clone(),api_internal.clone()),
-			publish_fix:crate::publish_fix::Publisher::new(cookie_context.clone(),api_internal.clone()),
-			validator:crate::validator::Validator::new(cookie_context,api,api_internal),
+			cloud_context,
+			cookie_context,
+			group_id,
+			api,
 		}
 	}
 	pub async fn handle_message_result(&self,message_result:MessageResult)->Result<(),HandleMessageError>{
 		let message=message_result.map_err(HandleMessageError::Messages)?;
 		message.double_ack().await.map_err(HandleMessageError::DoubleAck)?;
 		match message.subject.as_str(){
-			"maptest.submissions.publishnew"=>self.publish_new.publish(message).await.map_err(HandleMessageError::PublishNew),
-			"maptest.submissions.publishfix"=>self.publish_fix.publish(message).await.map_err(HandleMessageError::PublishFix),
-			"maptest.submissions.validate"=>self.validator.validate(message).await.map_err(HandleMessageError::Validation),
+			"maptest.mapfixes.create"=>self.create_mapfix(from_slice(&message.payload)?).await.map_err(HandleMessageError::CreateMapfix),
+			"maptest.submissions.create"=>self.create_submission(from_slice(&message.payload)?).await.map_err(HandleMessageError::CreateSubmission),
+			"maptest.mapfixes.upload"=>self.upload_mapfix(from_slice(&message.payload)?).await.map_err(HandleMessageError::UploadMapfix),
+			"maptest.submissions.upload"=>self.upload_submission(from_slice(&message.payload)?).await.map_err(HandleMessageError::UploadSubmission),
+			"maptest.mapfixes.validate"=>self.validate_mapfix(from_slice(&message.payload)?).await.map_err(HandleMessageError::ValidateMapfix),
+			"maptest.submissions.validate"=>self.validate_submission(from_slice(&message.payload)?).await.map_err(HandleMessageError::ValidateSubmission),
 			other=>Err(HandleMessageError::UnknownSubject(other.to_owned()))
 		}
 	}

validation/src/nats_types.rs

@@ -6,7 +6,23 @@
 
 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct ValidateRequest{
+pub struct CreateSubmissionRequest{
+	// operation_id is passed back in the response message
+	pub OperationID:i32,
+	pub ModelID:u64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct CreateMapfixRequest{
+	pub OperationID:i32,
+	pub ModelID:u64,
+	pub TargetAssetID:u64,
+}
+
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ValidateSubmissionRequest{
 	// submission_id is passed back in the response message
 	pub SubmissionID:i64,
 	pub ModelID:u64,
@@ -14,10 +30,20 @@ pub struct ValidateRequest{
 	pub ValidatedModelID:Option<u64>,
 }
 
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ValidateMapfixRequest{
+	// submission_id is passed back in the response message
+	pub MapfixID:i64,
+	pub ModelID:u64,
+	pub ModelVersion:u64,
+	pub ValidatedModelID:Option<u64>,
+}
+
 // Create a new map
 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct PublishNewRequest{
+pub struct UploadSubmissionRequest{
 	pub SubmissionID:i64,
 	pub ModelID:u64,
 	pub ModelVersion:u64,
@@ -26,8 +52,8 @@ pub struct PublishNewRequest{
 
 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct PublishFixRequest{
-	pub SubmissionID:i64,
+pub struct UploadMapfixRequest{
+	pub MapfixID:i64,
 	pub ModelID:u64,
 	pub ModelVersion:u64,
 	pub TargetAssetID:u64,

validation/src/publish_fix.rs

@@ -1,63 +0,0 @@
-use crate::nats_types::PublishFixRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum PublishError{
-	Get(rbx_asset::cookie::GetError),
-	Json(serde_json::Error),
-	Upload(rbx_asset::cookie::UploadError),
-	ApiActionSubmissionUploaded(submissions_api::Error),
-}
-impl std::fmt::Display for PublishError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for PublishError{}
-
-pub struct Publisher{
-	roblox_cookie:rbx_asset::cookie::CookieContext,
-	api_internal:submissions_api::internal::Context,
-}
-impl Publisher{
-	pub const fn new(
-		roblox_cookie:rbx_asset::cookie::CookieContext,
-		api_internal:submissions_api::internal::Context,
-	)->Self{
-		Self{
-			roblox_cookie,
-			api_internal,
-		}
-	}
-	pub async fn publish(&self,message:async_nats::jetstream::Message)->Result<(),PublishError>{
-		println!("publish_fix {:?}",message.message.payload);
-		// decode json
-		let publish_info:PublishFixRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
-
-		// download the map model version
-		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
-			asset_id:publish_info.ModelID,
-			version:Some(publish_info.ModelVersion),
-		}).await.map_err(PublishError::Get)?;
-
-		// upload the map to the strafesnet group
-		let _upload_response=self.roblox_cookie.upload(rbx_asset::cookie::UploadRequest{
-			assetid:publish_info.TargetAssetID,
-			groupId:Some(crate::GROUP_STRAFESNET),
-			name:None,
-			description:None,
-			ispublic:None,
-			allowComments:None,
-		},model_data).await.map_err(PublishError::Upload)?;
-
-		// that's it, the database entry does not need to be changed.
-
-		// mark submission as uploaded, TargetAssetID is unchanged
-		self.api_internal.action_submission_uploaded(submissions_api::internal::ActionSubmissionUploadedRequest{
-			SubmissionID:publish_info.SubmissionID,
-			TargetAssetID:None,
-		}).await.map_err(PublishError::ApiActionSubmissionUploaded)?;
-
-		Ok(())
-	}
-}

validation/src/publish_new.rs

@@ -1,61 +0,0 @@
-use crate::nats_types::PublishNewRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum PublishError{
-	Get(rbx_asset::cookie::GetError),
-	Json(serde_json::Error),
-	Create(rbx_asset::cookie::CreateError),
-	SystemTime(std::time::SystemTimeError),
-	ApiActionSubmissionPublish(submissions_api::Error),
-}
-impl std::fmt::Display for PublishError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for PublishError{}
-
-pub struct Publisher{
-	roblox_cookie:rbx_asset::cookie::CookieContext,
-	api:submissions_api::internal::Context,
-}
-impl Publisher{
-	pub const fn new(
-		roblox_cookie:rbx_asset::cookie::CookieContext,
-		api:submissions_api::internal::Context,
-	)->Self{
-		Self{
-			roblox_cookie,
-			api,
-		}
-	}
-	pub async fn publish(&self,message:async_nats::jetstream::Message)->Result<(),PublishError>{
-		println!("publish_new {:?}",message.message.payload);
-		// decode json
-		let publish_info:PublishNewRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
-
-		// download the map model version
-		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
-			asset_id:publish_info.ModelID,
-			version:Some(publish_info.ModelVersion),
-		}).await.map_err(PublishError::Get)?;
-
-		// upload the map to the strafesnet group
-		let upload_response=self.roblox_cookie.create(rbx_asset::cookie::CreateRequest{
-			name:publish_info.ModelName.clone(),
-			description:"".to_owned(),
-			ispublic:false,
-			allowComments:false,
-			groupId:Some(crate::GROUP_STRAFESNET),
-		},model_data).await.map_err(PublishError::Create)?;
-
-		// note the asset id of the created model for later release, and mark the submission as uploaded
-		self.api.action_submission_uploaded(submissions_api::internal::ActionSubmissionUploadedRequest{
-			SubmissionID:publish_info.SubmissionID,
-			TargetAssetID:Some(upload_response.AssetId),
-		}).await.map_err(PublishError::ApiActionSubmissionPublish)?;
-
-		Ok(())
-	}
-}

validation/src/rbx_util.rs

@@ -0,0 +1,119 @@
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub enum ReadDomError{
+	Binary(rbx_binary::DecodeError),
+	Xml(rbx_xml::DecodeError),
+	Read(std::io::Error),
+	Seek(std::io::Error),
+	UnknownFormat([u8;8]),
+}
+impl std::fmt::Display for ReadDomError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for ReadDomError{}
+
+pub fn read_dom<R:std::io::Read+std::io::Seek>(mut input:R)->Result<rbx_dom_weak::WeakDom,ReadDomError>{
+	let mut first_8=[0u8;8];
+	std::io::Read::read_exact(&mut input,&mut first_8).map_err(ReadDomError::Read)?;
+	std::io::Seek::rewind(&mut input).map_err(ReadDomError::Seek)?;
+	match &first_8[0..4]{
+		b"<rob"=>{
+			match &first_8[4..8]{
+				b"lox!"=>rbx_binary::from_reader(input).map_err(ReadDomError::Binary),
+				b"lox "=>rbx_xml::from_reader(input,rbx_xml::DecodeOptions::default()).map_err(ReadDomError::Xml),
+				_=>Err(ReadDomError::UnknownFormat(first_8)),
+			}
+		},
+		_=>Err(ReadDomError::UnknownFormat(first_8)),
+	}
+}
+
+pub fn class_is_a(class:&str,superclass:&str)->bool{
+	if class==superclass{
+		return true
+	}
+	let class_descriptor=rbx_reflection_database::get().classes.get(class);
+	if let Some(descriptor)=&class_descriptor{
+		if let Some(class_super)=&descriptor.superclass{
+			return class_is_a(&class_super,superclass)
+		}
+	}
+	false
+}
+
+pub fn find_first_child_class<'a>(dom:&'a rbx_dom_weak::WeakDom,instance:&rbx_dom_weak::Instance,name:&str,class:&str)->Option<&'a rbx_dom_weak::Instance>{
+	for &referent in instance.children(){
+		if let Some(c)=dom.get_by_ref(referent){
+			if c.name==name&&class_is_a(c.class.as_str(),class) {
+				return Some(c);
+			}
+		}
+	}
+	None
+}
+
+pub enum GameID{
+	Bhop=1,
+	Surf=2,
+	FlyTrials=5,
+}
+#[derive(Debug)]
+pub struct ParseGameIDError;
+impl std::str::FromStr for GameID{
+	type Err=ParseGameIDError;
+	fn from_str(s:&str)->Result<Self,Self::Err>{
+		if s.starts_with("bhop_"){
+			return Ok(GameID::Bhop);
+		}
+		if s.starts_with("surf_"){
+			return Ok(GameID::Surf);
+		}
+		if s.starts_with("flytrials_"){
+			return Ok(GameID::FlyTrials);
+		}
+		return Err(ParseGameIDError);
+	}
+}
+
+pub struct MapInfo<'a>{
+	pub display_name:Result<&'a str,StringValueError>,
+	pub creator:Result<&'a str,StringValueError>,
+	pub game_id:Result<GameID,ParseGameIDError>,
+}
+
+pub enum StringValueError{
+	ObjectNotFound,
+	ValueNotSet,
+	NonStringValue,
+}
+
+fn string_value(instance:Option<&rbx_dom_weak::Instance>)->Result<&str,StringValueError>{
+	let instance=instance.ok_or(StringValueError::ObjectNotFound)?;
+	let value=instance.properties.get("Value").ok_or(StringValueError::ValueNotSet)?;
+	match value{
+		rbx_dom_weak::types::Variant::String(value)=>Ok(value),
+		_=>Err(StringValueError::NonStringValue),
+	}
+}
+
+#[derive(Debug)]
+pub enum GetMapInfoError{
+	ModelFileRootMustHaveOneChild,
+	ModelFileChildRefIsNil,
+}
+
+pub fn get_mapinfo(dom:&rbx_dom_weak::WeakDom)->Result<MapInfo,GetMapInfoError>{
+	let &[map_ref]=dom.root().children()else{
+		return Err(GetMapInfoError::ModelFileRootMustHaveOneChild);
+	};
+	let model_instance=dom.get_by_ref(map_ref).ok_or(GetMapInfoError::ModelFileChildRefIsNil)?;
+
+	Ok(MapInfo{
+		display_name:string_value(find_first_child_class(dom,model_instance,"DisplayName","StringValue")),
+		creator:string_value(find_first_child_class(dom,model_instance,"Creator","StringValue")),
+		game_id:model_instance.name.parse(),
+	})
+}

validation/src/types.rs

@@ -0,0 +1,4 @@
+pub enum ResourceID{
+	Mapfix(i64),
+	Submission(i64),
+}

validation/src/upload_mapfix.rs

@@ -0,0 +1,55 @@
+use crate::nats_types::UploadMapfixRequest;
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub enum Error{
+	GetLocation(rbx_asset::cloud::GetError),
+	NonFreeModel,
+	Get(rbx_asset::cloud::GetError),
+	Json(serde_json::Error),
+	Upload(rbx_asset::cookie::UploadError),
+	ApiActionMapfixUploaded(submissions_api::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+impl crate::message_handler::MessageHandler{
+	pub async fn upload_mapfix(&self,upload_info:UploadMapfixRequest)->Result<(),Error>{
+		// download the location of the map model
+		let location=self.cloud_context.get_asset_version_location(rbx_asset::cloud::GetAssetVersionRequest{
+			asset_id:upload_info.ModelID,
+			version:upload_info.ModelVersion,
+		}).await.map_err(Error::GetLocation)?;
+
+		// if the location does not exist, you are not allowed to donwload it
+		let Some(location)=location.location else{
+			return Err(Error::NonFreeModel);
+		};
+
+		// download the map model
+		let model_data=self.cloud_context.get_asset(&location).await.map_err(Error::Get)?;
+
+		// upload the map to the strafesnet group
+		let _upload_response=self.cookie_context.upload(rbx_asset::cookie::UploadRequest{
+			assetid:upload_info.TargetAssetID,
+			groupId:self.group_id,
+			name:None,
+			description:None,
+			ispublic:None,
+			allowComments:None,
+		},model_data).await.map_err(Error::Upload)?;
+
+		// that's it, the database entry does not need to be changed.
+
+		// mark mapfix as uploaded, TargetAssetID is unchanged
+		self.api.action_mapfix_uploaded(submissions_api::types::ActionMapfixUploadedRequest{
+			MapfixID:upload_info.MapfixID,
+		}).await.map_err(Error::ApiActionMapfixUploaded)?;
+
+		Ok(())
+	}
+}