use staging

This reverts commit 8bf2c92df3.

compose.yaml

@@ -53,9 +53,9 @@ services:
       maps-service-validation
     container_name: validation
     env_file:
-      - ../auth-compose/strafesnet.env
+      - ../auth-compose/strafesnet_staging.env
     environment:
-      - API_HOST=http://submissions:8082
+      - ROBLOX_GROUP_ID=17032139 # "None" is special case string value
       - API_HOST_INTERNAL=http://submissions:8083
       - NATS_HOST=nats:4222
       - DATA_HOST=http://dataservice:9000
@@ -91,9 +91,9 @@ services:
       - maps-service-network
 
   authrpc:
-    image: registry.itzana.me/strafesnet/auth-service:master
+    image: registry.itzana.me/strafesnet/auth-service:staging
     container_name: authrpc
-    command: ["serve", "rpc"]
+    command: ["--debug", "serve", "rpc"]
     environment:
       - REDIS_ADDR=authredis:6379
     env_file:
@@ -106,7 +106,7 @@ services:
       driver: "none"
 
   auth-web:
-    image: registry.itzana.me/strafesnet/auth-service:master
+    image: registry.itzana.me/strafesnet/auth-service:staging
     command: ["serve", "web"]
     environment:
       - REDIS_ADDR=authredis:6379

openapi-internal.yaml

@@ -7,6 +7,35 @@ tags:
   - name: Submissions
     description: Submission operations
 paths:
+  /submissions/{SubmissionID}/model:
+    post:
+      summary: Update model following role restrictions
+      operationId: updateSubmissionModel
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+        - name: ModelID
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: int64
+        - name: VersionID
+          in: query
+          required: true
+          schema:
+            type: integer
+            format: int64
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /submissions/{SubmissionID}/status/validator-validated:
     post:
       summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
@@ -24,6 +53,23 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
+  /submissions/{SubmissionID}/status/validator-failed:
+    post:
+      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
+      operationId: actionSubmissionAccepted
+      tags:
+        - Submissions
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+      responses:
+        "204":
+          description: Successful response
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
   /submissions/{SubmissionID}/status/validator-uploaded:
     post:
       summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
@@ -63,6 +109,160 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
+  /script-policy:
+    get:
+      summary: Get list of script policies
+      operationId: listScriptPolicy
+      tags:
+        - ScriptPolicy
+      parameters:
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      - name: FromScriptHash
+        in: query
+        schema:
+          type: string
+          minLength: 16
+          maxLength: 16
+      - name: ToScriptID
+        in: query
+        schema:
+          type: integer
+          format: int64
+      - name: Policy
+        in: query
+        schema:
+          type: integer
+          format: int32
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/ScriptPolicy"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+    post:
+      summary: Create a new script policy
+      operationId: createScriptPolicy
+      tags:
+        - ScriptPolicy
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptPolicyCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Id"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /scripts:
+    get:
+      summary: Get list of scripts
+      operationId: listScripts
+      tags:
+        - Script
+      parameters:
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      - name: Hash
+        in: query
+        schema:
+          type: string
+          minLength: 16
+          maxLength: 16
+      - name: Name
+        in: query
+        schema:
+          type: string
+          maxLength: 128
+      - name: Source
+        in: query
+        schema:
+          type: string
+          maxLength: 1048576
+      - name: SubmissionID
+        in: query
+        schema:
+          type: integer
+          format: int64
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/Script"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+    post:
+      summary: Create a new script
+      operationId: createScript
+      tags:
+        - Scripts
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptCreate'
+      responses:
+        "201":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Id"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /scripts/{ScriptID}:
+    get:
+      summary: Get the specified script by ID
+      operationId: getScript
+      tags:
+        - Scripts
+      parameters:
+        - $ref: '#/components/parameters/ScriptID'
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Script"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
 components:
   parameters:
     SubmissionID:
@@ -73,22 +273,118 @@ components:
       schema:
         type: integer
         format: int64
+    ScriptID:
+      name: ScriptID
+      in: path
+      required: true
+      description: The unique identifier for a script.
+      schema:
+        type: integer
+        format: int64
+    Page:
+      name: Page
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: int32
+        minimum: 1
+    Limit:
+      name: Limit
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: int32
+        minimum: 1
+        maximum: 100
   schemas:
-    Pagination:
+    Id:
-      type: object
       required:
-        - Page
+      - ID
-        - Limit
+      type: object
       properties:
-        Page:
+        ID:
+          type: integer
+          format: int64
+    Script:
+      required:
+      - ID
+      - Name
+      - Hash
+      - Source
+      - SubmissionID
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: int64
+        Name:
+          type: string
+          maxLength: 128
+        Hash:
+          type: string
+          minLength: 16
+          maxLength: 16
+        Source:
+          type: string
+          maxLength: 1048576
+        SubmissionID:
+          type: integer
+          format: int64
+    ScriptCreate:
+      required:
+      - Name
+      - Source
+#     - SubmissionID
+      type: object
+      properties:
+        Name:
+          type: string
+          maxLength: 128
+        Source:
+          type: string
+          maxLength: 1048576
+        SubmissionID:
+          type: integer
+          format: int64
+    ScriptPolicy:
+      required:
+      - ID
+      - FromScriptHash
+      - ToScriptID
+      - Policy
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: int64
+        FromScriptHash:
+          type: string
+          minLength: 16
+          maxLength: 16
+        ToScriptID:
+          type: integer
+          format: int64
+        Policy:
           type: integer
           format: int32
-          minimum: 1
+    ScriptPolicyCreate:
-        Limit:
+      required:
+      - FromScriptID
+      - ToScriptID
+      - Policy
+      type: object
+      properties:
+        FromScriptID:
+          type: integer
+          format: int64
+        ToScriptID:
+          type: integer
+          format: int64
+        Policy:
           type: integer
           format: int32
-          minimum: 1
-          maximum: 100
     Error:
       description: Represents error object
       type: object

openapi.yaml

@@ -21,19 +21,24 @@ paths:
       operationId: listSubmissions
       tags:
         - Submissions
-      requestBody:
+      parameters:
-        required: true
+      - $ref: "#/components/parameters/Page"
-        content:
+      - $ref: "#/components/parameters/Limit"
-          application/json:
+      - name: DisplayName
-            schema:
+        in: query
-              required:
+        schema:
-              - Page
+          type: string
-              type: object
+          maxLength: 128
-              properties:
+      - name: Creator
-                Page:
+        in: query
-                  $ref: "#/components/schemas/Pagination"
+        schema:
-                Filter:
+          type: string
-                  $ref: "#/components/schemas/SubmissionFilter"
+          maxLength: 128
+      - name: GameID
+        in: query
+        schema:
+          type: integer
+          format: int32
       responses:
         "200":
           description: Successful response
@@ -248,19 +253,25 @@ paths:
       operationId: listScriptPolicy
       tags:
         - ScriptPolicy
-      requestBody:
+      parameters:
-        required: true
+      - $ref: "#/components/parameters/Page"
-        content:
+      - $ref: "#/components/parameters/Limit"
-          application/json:
+      - name: FromScriptHash
-            schema:
+        in: query
-              required:
+        schema:
-              - Page
+          type: string
-              type: object
+          minLength: 16
-              properties:
+          maxLength: 16
-                Page:
+      - name: ToScriptID
-                  $ref: "#/components/schemas/Pagination"
+        in: query
-                Filter:
+        schema:
-                  $ref: "#/components/schemas/ScriptPolicyFilter"
+          type: integer
+          format: int64
+      - name: Policy
+        in: query
+        schema:
+          type: integer
+          format: int32
       responses:
         "200":
           description: Successful response
@@ -300,34 +311,7 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/Error"
-  /script-policy/hash/{FromScriptHash}:
+  /script-policy/{ScriptPolicyID}:
-    get:
-      summary: Get the policy for the given hash of script source code
-      operationId: getScriptPolicyFromHash
-      tags:
-        - ScriptPolicy
-      parameters:
-        - name: FromScriptHash
-          in: path
-          required: true
-          schema:
-            type: string
-            minLength: 16
-            maxLength: 16
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ScriptPolicy"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /script-policy/id/{ScriptPolicyID}:
     get:
       summary: Get the specified script policy by ID
       operationId: getScriptPolicy
@@ -387,6 +371,50 @@ paths:
               schema:
                 $ref: "#/components/schemas/Error"
   /scripts:
+    get:
+      summary: Get list of scripts
+      operationId: listScripts
+      tags:
+        - Script
+      parameters:
+      - $ref: "#/components/parameters/Page"
+      - $ref: "#/components/parameters/Limit"
+      - name: Hash
+        in: query
+        schema:
+          type: string
+          minLength: 16
+          maxLength: 16
+      - name: Name
+        in: query
+        schema:
+          type: string
+          maxLength: 128
+      - name: Source
+        in: query
+        schema:
+          type: string
+          maxLength: 1048576
+      - name: SubmissionID
+        in: query
+        schema:
+          type: integer
+          format: int64
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: "#/components/schemas/Script"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
     post:
       summary: Create a new script
       operationId: createScript
@@ -501,6 +529,23 @@ components:
       schema:
         type: integer
         format: int64
+    Page:
+      name: Page
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: int32
+        minimum: 1
+    Limit:
+      name: Limit
+      in: query
+      required: true
+      schema:
+        type: integer
+        format: int32
+        minimum: 1
+        maximum: 100
   schemas:
     Id:
       required:
@@ -565,23 +610,6 @@ components:
         StatusID:
           type: integer
           format: int32
-    SubmissionFilter:
-      required:
-      - ID
-      type: object
-      properties:
-        ID:
-          type: integer
-          format: int64
-        DisplayName:
-          type: string
-          maxLength: 128
-        Creator:
-          type: string
-          maxLength: 128
-        GameID:
-          type: integer
-          format: int32
     SubmissionCreate:
       required:
       - DisplayName
@@ -613,6 +641,7 @@ components:
     Script:
       required:
       - ID
+      - Name
       - Hash
       - Source
       - SubmissionID
@@ -621,6 +650,9 @@ components:
         ID:
           type: integer
           format: int64
+        Name:
+          type: string
+          maxLength: 128
         Hash:
           type: string
           minLength: 16
@@ -633,10 +665,14 @@ components:
           format: int64
     ScriptCreate:
       required:
+      - Name
       - Source
 #     - SubmissionID
       type: object
       properties:
+        Name:
+          type: string
+          maxLength: 128
         Source:
           type: string
           maxLength: 1048576
@@ -651,6 +687,9 @@ components:
         ID:
           type: integer
           format: int64
+        Name:
+          type: string
+          maxLength: 128
         Source:
           type: string
           maxLength: 1048576
@@ -678,22 +717,6 @@ components:
         Policy:
           type: integer
           format: int32
-    ScriptPolicyFilter:
-      type: object
-      properties:
-        ID:
-          type: integer
-          format: int64
-        FromScriptHash:
-          type: string
-          minLength: 16
-          maxLength: 16
-        ToScriptID:
-          type: integer
-          format: int64
-        Policy:
-          type: integer
-          format: int32
     ScriptPolicyCreate:
       required:
       - FromScriptID
@@ -727,21 +750,6 @@ components:
         Policy:
           type: integer
           format: int32
-    Pagination:
-      type: object
-      required:
-        - Page
-        - Limit
-      properties:
-        Page:
-          type: integer
-          format: int32
-          minimum: 1
-        Limit:
-          type: integer
-          format: int32
-          minimum: 1
-          maximum: 100
     Error:
       description: Represents error object
       type: object

pkg/api/oas_client_gen.go

@@ -88,7 +88,7 @@ type Invoker interface {
 	//
 	// Delete the specified script policy by ID.
 	//
-	// DELETE /script-policy/id/{ScriptPolicyID}
+	// DELETE /script-policy/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
 	// GetScript invokes getScript operation.
 	//
@@ -100,14 +100,8 @@ type Invoker interface {
 	//
 	// Get the specified script policy by ID.
 	//
-	// GET /script-policy/id/{ScriptPolicyID}
+	// GET /script-policy/{ScriptPolicyID}
 	GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (*ScriptPolicy, error)
-	// GetScriptPolicyFromHash invokes getScriptPolicyFromHash operation.
-	//
-	// Get the policy for the given hash of script source code.
-	//
-	// GET /script-policy/hash/{FromScriptHash}
-	GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (*ScriptPolicy, error)
 	// GetSubmission invokes getSubmission operation.
 	//
 	// Retrieve map with ID.
@@ -119,13 +113,19 @@ type Invoker interface {
 	// Get list of script policies.
 	//
 	// GET /script-policy
-	ListScriptPolicy(ctx context.Context, request *ListScriptPolicyReq) ([]ScriptPolicy, error)
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts invokes listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
 	// ListSubmissions invokes listSubmissions operation.
 	//
 	// Get list of submissions.
 	//
 	// GET /submissions
-	ListSubmissions(ctx context.Context, request *ListSubmissionsReq) ([]Submission, error)
+	ListSubmissions(ctx context.Context, params ListSubmissionsParams) ([]Submission, error)
 	// SetSubmissionCompleted invokes setSubmissionCompleted operation.
 	//
 	// Retrieve map with ID.
@@ -142,7 +142,7 @@ type Invoker interface {
 	//
 	// Update the specified script policy by ID.
 	//
-	// POST /script-policy/id/{ScriptPolicyID}
+	// POST /script-policy/{ScriptPolicyID}
 	UpdateScriptPolicy(ctx context.Context, request *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error
 	// UpdateSubmissionModel invokes updateSubmissionModel operation.
 	//
@@ -1401,7 +1401,7 @@ func (c *Client) sendDeleteScript(ctx context.Context, params DeleteScriptParams
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (c *Client) DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error {
 	_, err := c.sendDeleteScriptPolicy(ctx, params)
 	return err
@@ -1411,7 +1411,7 @@ func (c *Client) sendDeleteScriptPolicy(ctx context.Context, params DeleteScript
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("deleteScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("DELETE"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Run stopwatch.
@@ -1444,7 +1444,7 @@ func (c *Client) sendDeleteScriptPolicy(ctx context.Context, params DeleteScript
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [2]string
-	pathParts[0] = "/script-policy/id/"
+	pathParts[0] = "/script-policy/"
 	{
 		// Encode "ScriptPolicyID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{
@@ -1647,7 +1647,7 @@ func (c *Client) sendGetScript(ctx context.Context, params GetScriptParams) (res
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (c *Client) GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (*ScriptPolicy, error) {
 	res, err := c.sendGetScriptPolicy(ctx, params)
 	return res, err
@@ -1657,7 +1657,7 @@ func (c *Client) sendGetScriptPolicy(ctx context.Context, params GetScriptPolicy
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("getScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("GET"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Run stopwatch.
@@ -1690,7 +1690,7 @@ func (c *Client) sendGetScriptPolicy(ctx context.Context, params GetScriptPolicy
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [2]string
-	pathParts[0] = "/script-policy/id/"
+	pathParts[0] = "/script-policy/"
 	{
 		// Encode "ScriptPolicyID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{
@@ -1766,129 +1766,6 @@ func (c *Client) sendGetScriptPolicy(ctx context.Context, params GetScriptPolicy
 	return result, nil
 }
 
-// GetScriptPolicyFromHash invokes getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (c *Client) GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (*ScriptPolicy, error) {
-	res, err := c.sendGetScriptPolicyFromHash(ctx, params)
-	return res, err
-}
-
-func (c *Client) sendGetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (res *ScriptPolicy, err error) {
-	otelAttrs := []attribute.KeyValue{
-		otelogen.OperationID("getScriptPolicyFromHash"),
-		semconv.HTTPRequestMethodKey.String("GET"),
-		semconv.HTTPRouteKey.String("/script-policy/hash/{FromScriptHash}"),
-	}
-
-	// Run stopwatch.
-	startTime := time.Now()
-	defer func() {
-		// Use floating point division here for higher precision (instead of Millisecond method).
-		elapsedDuration := time.Since(startTime)
-		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
-	}()
-
-	// Increment request counter.
-	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
-
-	// Start a span for this request.
-	ctx, span := c.cfg.Tracer.Start(ctx, GetScriptPolicyFromHashOperation,
-		trace.WithAttributes(otelAttrs...),
-		clientSpanKind,
-	)
-	// Track stage for error reporting.
-	var stage string
-	defer func() {
-		if err != nil {
-			span.RecordError(err)
-			span.SetStatus(codes.Error, stage)
-			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
-		}
-		span.End()
-	}()
-
-	stage = "BuildURL"
-	u := uri.Clone(c.requestURL(ctx))
-	var pathParts [2]string
-	pathParts[0] = "/script-policy/hash/"
-	{
-		// Encode "FromScriptHash" parameter.
-		e := uri.NewPathEncoder(uri.PathEncoderConfig{
-			Param:   "FromScriptHash",
-			Style:   uri.PathStyleSimple,
-			Explode: false,
-		})
-		if err := func() error {
-			return e.EncodeValue(conv.StringToString(params.FromScriptHash))
-		}(); err != nil {
-			return res, errors.Wrap(err, "encode path")
-		}
-		encoded, err := e.Result()
-		if err != nil {
-			return res, errors.Wrap(err, "encode path")
-		}
-		pathParts[1] = encoded
-	}
-	uri.AddPathParts(u, pathParts[:]...)
-
-	stage = "EncodeRequest"
-	r, err := ht.NewRequest(ctx, "GET", u)
-	if err != nil {
-		return res, errors.Wrap(err, "create request")
-	}
-
-	{
-		type bitset = [1]uint8
-		var satisfied bitset
-		{
-			stage = "Security:CookieAuth"
-			switch err := c.securityCookieAuth(ctx, GetScriptPolicyFromHashOperation, r); {
-			case err == nil: // if NO error
-				satisfied[0] |= 1 << 0
-			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
-				// Skip this security.
-			default:
-				return res, errors.Wrap(err, "security \"CookieAuth\"")
-			}
-		}
-
-		if ok := func() bool {
-		nextRequirement:
-			for _, requirement := range []bitset{
-				{0b00000001},
-			} {
-				for i, mask := range requirement {
-					if satisfied[i]&mask != mask {
-						continue nextRequirement
-					}
-				}
-				return true
-			}
-			return false
-		}(); !ok {
-			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
-		}
-	}
-
-	stage = "SendRequest"
-	resp, err := c.cfg.Client.Do(r)
-	if err != nil {
-		return res, errors.Wrap(err, "do request")
-	}
-	defer resp.Body.Close()
-
-	stage = "DecodeResponse"
-	result, err := decodeGetScriptPolicyFromHashResponse(resp)
-	if err != nil {
-		return res, errors.Wrap(err, "decode response")
-	}
-
-	return result, nil
-}
-
 // GetSubmission invokes getSubmission operation.
 //
 // Retrieve map with ID.
@@ -2017,12 +1894,12 @@ func (c *Client) sendGetSubmission(ctx context.Context, params GetSubmissionPara
 // Get list of script policies.
 //
 // GET /script-policy
-func (c *Client) ListScriptPolicy(ctx context.Context, request *ListScriptPolicyReq) ([]ScriptPolicy, error) {
+func (c *Client) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error) {
-	res, err := c.sendListScriptPolicy(ctx, request)
+	res, err := c.sendListScriptPolicy(ctx, params)
 	return res, err
 }
 
-func (c *Client) sendListScriptPolicy(ctx context.Context, request *ListScriptPolicyReq) (res []ScriptPolicy, err error) {
+func (c *Client) sendListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (res []ScriptPolicy, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("listScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("GET"),
@@ -2062,14 +1939,94 @@ func (c *Client) sendListScriptPolicy(ctx context.Context, request *ListScriptPo
 	pathParts[0] = "/script-policy"
 	uri.AddPathParts(u, pathParts[:]...)
 
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "FromScriptHash" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "FromScriptHash",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.FromScriptHash.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "ToScriptID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "ToScriptID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.ToScriptID.Get(); ok {
+				return e.EncodeValue(conv.Int64ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Policy" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Policy",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Policy.Get(); ok {
+				return e.EncodeValue(conv.Int32ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "GET", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
-	if err := encodeListScriptPolicyRequest(request, r); err != nil {
-		return res, errors.Wrap(err, "encode request")
-	}
 
 	{
 		type bitset = [1]uint8
@@ -2120,17 +2077,222 @@ func (c *Client) sendListScriptPolicy(ctx context.Context, request *ListScriptPo
 	return result, nil
 }
 
+// ListScripts invokes listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (c *Client) ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error) {
+	res, err := c.sendListScripts(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendListScripts(ctx context.Context, params ListScriptsParams) (res []Script, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listScripts"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.HTTPRouteKey.String("/scripts"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ListScriptsOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/scripts"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Hash" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Hash",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Hash.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Name" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Name",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Name.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Source" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Source",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Source.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "SubmissionID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "SubmissionID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.SubmissionID.Get(); ok {
+				return e.EncodeValue(conv.Int64ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	{
+		type bitset = [1]uint8
+		var satisfied bitset
+		{
+			stage = "Security:CookieAuth"
+			switch err := c.securityCookieAuth(ctx, ListScriptsOperation, r); {
+			case err == nil: // if NO error
+				satisfied[0] |= 1 << 0
+			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
+				// Skip this security.
+			default:
+				return res, errors.Wrap(err, "security \"CookieAuth\"")
+			}
+		}
+
+		if ok := func() bool {
+		nextRequirement:
+			for _, requirement := range []bitset{
+				{0b00000001},
+			} {
+				for i, mask := range requirement {
+					if satisfied[i]&mask != mask {
+						continue nextRequirement
+					}
+				}
+				return true
+			}
+			return false
+		}(); !ok {
+			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
+		}
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeListScriptsResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // ListSubmissions invokes listSubmissions operation.
 //
 // Get list of submissions.
 //
 // GET /submissions
-func (c *Client) ListSubmissions(ctx context.Context, request *ListSubmissionsReq) ([]Submission, error) {
+func (c *Client) ListSubmissions(ctx context.Context, params ListSubmissionsParams) ([]Submission, error) {
-	res, err := c.sendListSubmissions(ctx, request)
+	res, err := c.sendListSubmissions(ctx, params)
 	return res, err
 }
 
-func (c *Client) sendListSubmissions(ctx context.Context, request *ListSubmissionsReq) (res []Submission, err error) {
+func (c *Client) sendListSubmissions(ctx context.Context, params ListSubmissionsParams) (res []Submission, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("listSubmissions"),
 		semconv.HTTPRequestMethodKey.String("GET"),
@@ -2170,14 +2332,94 @@ func (c *Client) sendListSubmissions(ctx context.Context, request *ListSubmissio
 	pathParts[0] = "/submissions"
 	uri.AddPathParts(u, pathParts[:]...)
 
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "DisplayName" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "DisplayName",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.DisplayName.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Creator" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Creator",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Creator.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "GameID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "GameID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.GameID.Get(); ok {
+				return e.EncodeValue(conv.Int32ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "GET", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
-	if err := encodeListSubmissionsRequest(request, r); err != nil {
-		return res, errors.Wrap(err, "encode request")
-	}
 
 	{
 		type bitset = [1]uint8
@@ -2482,7 +2724,7 @@ func (c *Client) sendUpdateScript(ctx context.Context, request *ScriptUpdate, pa
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (c *Client) UpdateScriptPolicy(ctx context.Context, request *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error {
 	_, err := c.sendUpdateScriptPolicy(ctx, request, params)
 	return err
@@ -2492,7 +2734,7 @@ func (c *Client) sendUpdateScriptPolicy(ctx context.Context, request *ScriptPoli
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("updateScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("POST"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Run stopwatch.
@@ -2525,7 +2767,7 @@ func (c *Client) sendUpdateScriptPolicy(ctx context.Context, request *ScriptPoli
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [2]string
-	pathParts[0] = "/script-policy/id/"
+	pathParts[0] = "/script-policy/"
 	{
 		// Encode "ScriptPolicyID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{

pkg/api/oas_handlers_gen.go

@@ -1984,14 +1984,14 @@ func (s *Server) handleDeleteScriptRequest(args [1]string, argsEscaped bool, w h
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (s *Server) handleDeleteScriptPolicyRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("deleteScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("DELETE"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Start a span for this request.
@@ -2374,14 +2374,14 @@ func (s *Server) handleGetScriptRequest(args [1]string, argsEscaped bool, w http
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (s *Server) handleGetScriptPolicyRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("getScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("GET"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Start a span for this request.
@@ -2565,201 +2565,6 @@ func (s *Server) handleGetScriptPolicyRequest(args [1]string, argsEscaped bool,
 	}
 }
 
-// handleGetScriptPolicyFromHashRequest handles getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (s *Server) handleGetScriptPolicyFromHashRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
-	statusWriter := &codeRecorder{ResponseWriter: w}
-	w = statusWriter
-	otelAttrs := []attribute.KeyValue{
-		otelogen.OperationID("getScriptPolicyFromHash"),
-		semconv.HTTPRequestMethodKey.String("GET"),
-		semconv.HTTPRouteKey.String("/script-policy/hash/{FromScriptHash}"),
-	}
-
-	// Start a span for this request.
-	ctx, span := s.cfg.Tracer.Start(r.Context(), GetScriptPolicyFromHashOperation,
-		trace.WithAttributes(otelAttrs...),
-		serverSpanKind,
-	)
-	defer span.End()
-
-	// Add Labeler to context.
-	labeler := &Labeler{attrs: otelAttrs}
-	ctx = contextWithLabeler(ctx, labeler)
-
-	// Run stopwatch.
-	startTime := time.Now()
-	defer func() {
-		elapsedDuration := time.Since(startTime)
-
-		attrSet := labeler.AttributeSet()
-		attrs := attrSet.ToSlice()
-		code := statusWriter.status
-		if code != 0 {
-			codeAttr := semconv.HTTPResponseStatusCode(code)
-			attrs = append(attrs, codeAttr)
-			span.SetAttributes(codeAttr)
-		}
-		attrOpt := metric.WithAttributes(attrs...)
-
-		// Increment request counter.
-		s.requests.Add(ctx, 1, attrOpt)
-
-		// Use floating point division here for higher precision (instead of Millisecond method).
-		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
-	}()
-
-	var (
-		recordError = func(stage string, err error) {
-			span.RecordError(err)
-
-			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
-			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
-			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
-			// max redirects exceeded), in which case status MUST be set to Error.
-			code := statusWriter.status
-			if code >= 100 && code < 500 {
-				span.SetStatus(codes.Error, stage)
-			}
-
-			attrSet := labeler.AttributeSet()
-			attrs := attrSet.ToSlice()
-			if code != 0 {
-				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
-			}
-
-			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
-		}
-		err          error
-		opErrContext = ogenerrors.OperationContext{
-			Name: GetScriptPolicyFromHashOperation,
-			ID:   "getScriptPolicyFromHash",
-		}
-	)
-	{
-		type bitset = [1]uint8
-		var satisfied bitset
-		{
-			sctx, ok, err := s.securityCookieAuth(ctx, GetScriptPolicyFromHashOperation, r)
-			if err != nil {
-				err = &ogenerrors.SecurityError{
-					OperationContext: opErrContext,
-					Security:         "CookieAuth",
-					Err:              err,
-				}
-				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
-					defer recordError("Security:CookieAuth", err)
-				}
-				return
-			}
-			if ok {
-				satisfied[0] |= 1 << 0
-				ctx = sctx
-			}
-		}
-
-		if ok := func() bool {
-		nextRequirement:
-			for _, requirement := range []bitset{
-				{0b00000001},
-			} {
-				for i, mask := range requirement {
-					if satisfied[i]&mask != mask {
-						continue nextRequirement
-					}
-				}
-				return true
-			}
-			return false
-		}(); !ok {
-			err = &ogenerrors.SecurityError{
-				OperationContext: opErrContext,
-				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
-			}
-			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
-				defer recordError("Security", err)
-			}
-			return
-		}
-	}
-	params, err := decodeGetScriptPolicyFromHashParams(args, argsEscaped, r)
-	if err != nil {
-		err = &ogenerrors.DecodeParamsError{
-			OperationContext: opErrContext,
-			Err:              err,
-		}
-		defer recordError("DecodeParams", err)
-		s.cfg.ErrorHandler(ctx, w, r, err)
-		return
-	}
-
-	var response *ScriptPolicy
-	if m := s.cfg.Middleware; m != nil {
-		mreq := middleware.Request{
-			Context:          ctx,
-			OperationName:    GetScriptPolicyFromHashOperation,
-			OperationSummary: "Get the policy for the given hash of script source code",
-			OperationID:      "getScriptPolicyFromHash",
-			Body:             nil,
-			Params: middleware.Parameters{
-				{
-					Name: "FromScriptHash",
-					In:   "path",
-				}: params.FromScriptHash,
-			},
-			Raw: r,
-		}
-
-		type (
-			Request  = struct{}
-			Params   = GetScriptPolicyFromHashParams
-			Response = *ScriptPolicy
-		)
-		response, err = middleware.HookMiddleware[
-			Request,
-			Params,
-			Response,
-		](
-			m,
-			mreq,
-			unpackGetScriptPolicyFromHashParams,
-			func(ctx context.Context, request Request, params Params) (response Response, err error) {
-				response, err = s.h.GetScriptPolicyFromHash(ctx, params)
-				return response, err
-			},
-		)
-	} else {
-		response, err = s.h.GetScriptPolicyFromHash(ctx, params)
-	}
-	if err != nil {
-		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
-			if err := encodeErrorResponse(errRes, w, span); err != nil {
-				defer recordError("Internal", err)
-			}
-			return
-		}
-		if errors.Is(err, ht.ErrNotImplemented) {
-			s.cfg.ErrorHandler(ctx, w, r, err)
-			return
-		}
-		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
-			defer recordError("Internal", err)
-		}
-		return
-	}
-
-	if err := encodeGetScriptPolicyFromHashResponse(response, w, span); err != nil {
-		defer recordError("EncodeResponse", err)
-		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
-			s.cfg.ErrorHandler(ctx, w, r, err)
-		}
-		return
-	}
-}
-
 // handleGetSubmissionRequest handles getSubmission operation.
 //
 // Retrieve map with ID.
@@ -3075,21 +2880,16 @@ func (s *Server) handleListScriptPolicyRequest(args [0]string, argsEscaped bool,
 			return
 		}
 	}
-	request, close, err := s.decodeListScriptPolicyRequest(r)
+	params, err := decodeListScriptPolicyParams(args, argsEscaped, r)
 	if err != nil {
-		err = &ogenerrors.DecodeRequestError{
+		err = &ogenerrors.DecodeParamsError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
-		defer recordError("DecodeRequest", err)
+		defer recordError("DecodeParams", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
-	defer func() {
-		if err := close(); err != nil {
-			recordError("CloseRequest", err)
-		}
-	}()
 
 	var response []ScriptPolicy
 	if m := s.cfg.Middleware; m != nil {
@@ -3098,14 +2898,35 @@ func (s *Server) handleListScriptPolicyRequest(args [0]string, argsEscaped bool,
 			OperationName:    ListScriptPolicyOperation,
 			OperationSummary: "Get list of script policies",
 			OperationID:      "listScriptPolicy",
-			Body:             request,
+			Body:             nil,
-			Params:           middleware.Parameters{},
+			Params: middleware.Parameters{
-			Raw:              r,
+				{
+					Name: "Page",
+					In:   "query",
+				}: params.Page,
+				{
+					Name: "Limit",
+					In:   "query",
+				}: params.Limit,
+				{
+					Name: "FromScriptHash",
+					In:   "query",
+				}: params.FromScriptHash,
+				{
+					Name: "ToScriptID",
+					In:   "query",
+				}: params.ToScriptID,
+				{
+					Name: "Policy",
+					In:   "query",
+				}: params.Policy,
+			},
+			Raw: r,
 		}
 
 		type (
-			Request  = *ListScriptPolicyReq
+			Request  = struct{}
-			Params   = struct{}
+			Params   = ListScriptPolicyParams
 			Response = []ScriptPolicy
 		)
 		response, err = middleware.HookMiddleware[
@@ -3115,14 +2936,14 @@ func (s *Server) handleListScriptPolicyRequest(args [0]string, argsEscaped bool,
 		](
 			m,
 			mreq,
-			nil,
+			unpackListScriptPolicyParams,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
-				response, err = s.h.ListScriptPolicy(ctx, request)
+				response, err = s.h.ListScriptPolicy(ctx, params)
 				return response, err
 			},
 		)
 	} else {
-		response, err = s.h.ListScriptPolicy(ctx, request)
+		response, err = s.h.ListScriptPolicy(ctx, params)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
@@ -3150,6 +2971,221 @@ func (s *Server) handleListScriptPolicyRequest(args [0]string, argsEscaped bool,
 	}
 }
 
+// handleListScriptsRequest handles listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (s *Server) handleListScriptsRequest(args [0]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
+	statusWriter := &codeRecorder{ResponseWriter: w}
+	w = statusWriter
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listScripts"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.HTTPRouteKey.String("/scripts"),
+	}
+
+	// Start a span for this request.
+	ctx, span := s.cfg.Tracer.Start(r.Context(), ListScriptsOperation,
+		trace.WithAttributes(otelAttrs...),
+		serverSpanKind,
+	)
+	defer span.End()
+
+	// Add Labeler to context.
+	labeler := &Labeler{attrs: otelAttrs}
+	ctx = contextWithLabeler(ctx, labeler)
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		elapsedDuration := time.Since(startTime)
+
+		attrSet := labeler.AttributeSet()
+		attrs := attrSet.ToSlice()
+		code := statusWriter.status
+		if code != 0 {
+			codeAttr := semconv.HTTPResponseStatusCode(code)
+			attrs = append(attrs, codeAttr)
+			span.SetAttributes(codeAttr)
+		}
+		attrOpt := metric.WithAttributes(attrs...)
+
+		// Increment request counter.
+		s.requests.Add(ctx, 1, attrOpt)
+
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
+	}()
+
+	var (
+		recordError = func(stage string, err error) {
+			span.RecordError(err)
+
+			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
+			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
+			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
+			// max redirects exceeded), in which case status MUST be set to Error.
+			code := statusWriter.status
+			if code >= 100 && code < 500 {
+				span.SetStatus(codes.Error, stage)
+			}
+
+			attrSet := labeler.AttributeSet()
+			attrs := attrSet.ToSlice()
+			if code != 0 {
+				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
+			}
+
+			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
+		}
+		err          error
+		opErrContext = ogenerrors.OperationContext{
+			Name: ListScriptsOperation,
+			ID:   "listScripts",
+		}
+	)
+	{
+		type bitset = [1]uint8
+		var satisfied bitset
+		{
+			sctx, ok, err := s.securityCookieAuth(ctx, ListScriptsOperation, r)
+			if err != nil {
+				err = &ogenerrors.SecurityError{
+					OperationContext: opErrContext,
+					Security:         "CookieAuth",
+					Err:              err,
+				}
+				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
+					defer recordError("Security:CookieAuth", err)
+				}
+				return
+			}
+			if ok {
+				satisfied[0] |= 1 << 0
+				ctx = sctx
+			}
+		}
+
+		if ok := func() bool {
+		nextRequirement:
+			for _, requirement := range []bitset{
+				{0b00000001},
+			} {
+				for i, mask := range requirement {
+					if satisfied[i]&mask != mask {
+						continue nextRequirement
+					}
+				}
+				return true
+			}
+			return false
+		}(); !ok {
+			err = &ogenerrors.SecurityError{
+				OperationContext: opErrContext,
+				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
+			}
+			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
+				defer recordError("Security", err)
+			}
+			return
+		}
+	}
+	params, err := decodeListScriptsParams(args, argsEscaped, r)
+	if err != nil {
+		err = &ogenerrors.DecodeParamsError{
+			OperationContext: opErrContext,
+			Err:              err,
+		}
+		defer recordError("DecodeParams", err)
+		s.cfg.ErrorHandler(ctx, w, r, err)
+		return
+	}
+
+	var response []Script
+	if m := s.cfg.Middleware; m != nil {
+		mreq := middleware.Request{
+			Context:          ctx,
+			OperationName:    ListScriptsOperation,
+			OperationSummary: "Get list of scripts",
+			OperationID:      "listScripts",
+			Body:             nil,
+			Params: middleware.Parameters{
+				{
+					Name: "Page",
+					In:   "query",
+				}: params.Page,
+				{
+					Name: "Limit",
+					In:   "query",
+				}: params.Limit,
+				{
+					Name: "Hash",
+					In:   "query",
+				}: params.Hash,
+				{
+					Name: "Name",
+					In:   "query",
+				}: params.Name,
+				{
+					Name: "Source",
+					In:   "query",
+				}: params.Source,
+				{
+					Name: "SubmissionID",
+					In:   "query",
+				}: params.SubmissionID,
+			},
+			Raw: r,
+		}
+
+		type (
+			Request  = struct{}
+			Params   = ListScriptsParams
+			Response = []Script
+		)
+		response, err = middleware.HookMiddleware[
+			Request,
+			Params,
+			Response,
+		](
+			m,
+			mreq,
+			unpackListScriptsParams,
+			func(ctx context.Context, request Request, params Params) (response Response, err error) {
+				response, err = s.h.ListScripts(ctx, params)
+				return response, err
+			},
+		)
+	} else {
+		response, err = s.h.ListScripts(ctx, params)
+	}
+	if err != nil {
+		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
+			if err := encodeErrorResponse(errRes, w, span); err != nil {
+				defer recordError("Internal", err)
+			}
+			return
+		}
+		if errors.Is(err, ht.ErrNotImplemented) {
+			s.cfg.ErrorHandler(ctx, w, r, err)
+			return
+		}
+		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
+			defer recordError("Internal", err)
+		}
+		return
+	}
+
+	if err := encodeListScriptsResponse(response, w, span); err != nil {
+		defer recordError("EncodeResponse", err)
+		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
+			s.cfg.ErrorHandler(ctx, w, r, err)
+		}
+		return
+	}
+}
+
 // handleListSubmissionsRequest handles listSubmissions operation.
 //
 // Get list of submissions.
@@ -3270,21 +3306,16 @@ func (s *Server) handleListSubmissionsRequest(args [0]string, argsEscaped bool,
 			return
 		}
 	}
-	request, close, err := s.decodeListSubmissionsRequest(r)
+	params, err := decodeListSubmissionsParams(args, argsEscaped, r)
 	if err != nil {
-		err = &ogenerrors.DecodeRequestError{
+		err = &ogenerrors.DecodeParamsError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
-		defer recordError("DecodeRequest", err)
+		defer recordError("DecodeParams", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
-	defer func() {
-		if err := close(); err != nil {
-			recordError("CloseRequest", err)
-		}
-	}()
 
 	var response []Submission
 	if m := s.cfg.Middleware; m != nil {
@@ -3293,14 +3324,35 @@ func (s *Server) handleListSubmissionsRequest(args [0]string, argsEscaped bool,
 			OperationName:    ListSubmissionsOperation,
 			OperationSummary: "Get list of submissions",
 			OperationID:      "listSubmissions",
-			Body:             request,
+			Body:             nil,
-			Params:           middleware.Parameters{},
+			Params: middleware.Parameters{
-			Raw:              r,
+				{
+					Name: "Page",
+					In:   "query",
+				}: params.Page,
+				{
+					Name: "Limit",
+					In:   "query",
+				}: params.Limit,
+				{
+					Name: "DisplayName",
+					In:   "query",
+				}: params.DisplayName,
+				{
+					Name: "Creator",
+					In:   "query",
+				}: params.Creator,
+				{
+					Name: "GameID",
+					In:   "query",
+				}: params.GameID,
+			},
+			Raw: r,
 		}
 
 		type (
-			Request  = *ListSubmissionsReq
+			Request  = struct{}
-			Params   = struct{}
+			Params   = ListSubmissionsParams
 			Response = []Submission
 		)
 		response, err = middleware.HookMiddleware[
@@ -3310,14 +3362,14 @@ func (s *Server) handleListSubmissionsRequest(args [0]string, argsEscaped bool,
 		](
 			m,
 			mreq,
-			nil,
+			unpackListSubmissionsParams,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
-				response, err = s.h.ListSubmissions(ctx, request)
+				response, err = s.h.ListSubmissions(ctx, params)
 				return response, err
 			},
 		)
 	} else {
-		response, err = s.h.ListSubmissions(ctx, request)
+		response, err = s.h.ListSubmissions(ctx, params)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
@@ -3754,14 +3806,14 @@ func (s *Server) handleUpdateScriptRequest(args [1]string, argsEscaped bool, w h
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (s *Server) handleUpdateScriptPolicyRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("updateScriptPolicy"),
 		semconv.HTTPRequestMethodKey.String("POST"),
-		semconv.HTTPRouteKey.String("/script-policy/id/{ScriptPolicyID}"),
+		semconv.HTTPRouteKey.String("/script-policy/{ScriptPolicyID}"),
 	}
 
 	// Start a span for this request.

pkg/api/oas_json_gen.go

@@ -221,228 +221,6 @@ func (s *ID) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }
 
-// Encode implements json.Marshaler.
-func (s *ListScriptPolicyReq) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ListScriptPolicyReq) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Page")
-		s.Page.Encode(e)
-	}
-	{
-		if s.Filter.Set {
-			e.FieldStart("Filter")
-			s.Filter.Encode(e)
-		}
-	}
-}
-
-var jsonFieldsNameOfListScriptPolicyReq = [2]string{
-	0: "Page",
-	1: "Filter",
-}
-
-// Decode decodes ListScriptPolicyReq from json.
-func (s *ListScriptPolicyReq) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ListScriptPolicyReq to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "Page":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				if err := s.Page.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Page\"")
-			}
-		case "Filter":
-			if err := func() error {
-				s.Filter.Reset()
-				if err := s.Filter.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Filter\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ListScriptPolicyReq")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000001,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfListScriptPolicyReq) {
-					name = jsonFieldsNameOfListScriptPolicyReq[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ListScriptPolicyReq) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ListScriptPolicyReq) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *ListSubmissionsReq) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ListSubmissionsReq) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Page")
-		s.Page.Encode(e)
-	}
-	{
-		if s.Filter.Set {
-			e.FieldStart("Filter")
-			s.Filter.Encode(e)
-		}
-	}
-}
-
-var jsonFieldsNameOfListSubmissionsReq = [2]string{
-	0: "Page",
-	1: "Filter",
-}
-
-// Decode decodes ListSubmissionsReq from json.
-func (s *ListSubmissionsReq) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ListSubmissionsReq to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "Page":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				if err := s.Page.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Page\"")
-			}
-		case "Filter":
-			if err := func() error {
-				s.Filter.Reset()
-				if err := s.Filter.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Filter\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ListSubmissionsReq")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000001,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfListSubmissionsReq) {
-					name = jsonFieldsNameOfListSubmissionsReq[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ListSubmissionsReq) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ListSubmissionsReq) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
 // Encode encodes int32 as json.
 func (o OptInt32) Encode(e *jx.Encoder) {
 	if !o.Set {
@@ -513,39 +291,6 @@ func (s *OptInt64) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }
 
-// Encode encodes ScriptPolicyFilter as json.
-func (o OptScriptPolicyFilter) Encode(e *jx.Encoder) {
-	if !o.Set {
-		return
-	}
-	o.Value.Encode(e)
-}
-
-// Decode decodes ScriptPolicyFilter from json.
-func (o *OptScriptPolicyFilter) Decode(d *jx.Decoder) error {
-	if o == nil {
-		return errors.New("invalid: unable to decode OptScriptPolicyFilter to nil")
-	}
-	o.Set = true
-	if err := o.Value.Decode(d); err != nil {
-		return err
-	}
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s OptScriptPolicyFilter) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *OptScriptPolicyFilter) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
 // Encode encodes string as json.
 func (o OptString) Encode(e *jx.Encoder) {
 	if !o.Set {
@@ -581,152 +326,6 @@ func (s *OptString) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }
 
-// Encode encodes SubmissionFilter as json.
-func (o OptSubmissionFilter) Encode(e *jx.Encoder) {
-	if !o.Set {
-		return
-	}
-	o.Value.Encode(e)
-}
-
-// Decode decodes SubmissionFilter from json.
-func (o *OptSubmissionFilter) Decode(d *jx.Decoder) error {
-	if o == nil {
-		return errors.New("invalid: unable to decode OptSubmissionFilter to nil")
-	}
-	o.Set = true
-	if err := o.Value.Decode(d); err != nil {
-		return err
-	}
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s OptSubmissionFilter) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *OptSubmissionFilter) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *Pagination) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *Pagination) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Page")
-		e.Int32(s.Page)
-	}
-	{
-		e.FieldStart("Limit")
-		e.Int32(s.Limit)
-	}
-}
-
-var jsonFieldsNameOfPagination = [2]string{
-	0: "Page",
-	1: "Limit",
-}
-
-// Decode decodes Pagination from json.
-func (s *Pagination) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode Pagination to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "Page":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int32()
-				s.Page = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Page\"")
-			}
-		case "Limit":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Int32()
-				s.Limit = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Limit\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode Pagination")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000011,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfPagination) {
-					name = jsonFieldsNameOfPagination[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *Pagination) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *Pagination) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
 // Encode implements json.Marshaler.
 func (s *Script) Encode(e *jx.Encoder) {
 	e.ObjStart()
@@ -740,6 +339,10 @@ func (s *Script) encodeFields(e *jx.Encoder) {
 		e.FieldStart("ID")
 		e.Int64(s.ID)
 	}
+	{
+		e.FieldStart("Name")
+		e.Str(s.Name)
+	}
 	{
 		e.FieldStart("Hash")
 		e.Str(s.Hash)
@@ -754,11 +357,12 @@ func (s *Script) encodeFields(e *jx.Encoder) {
 	}
 }
 
-var jsonFieldsNameOfScript = [4]string{
+var jsonFieldsNameOfScript = [5]string{
 	0: "ID",
-	1: "Hash",
+	1: "Name",
-	2: "Source",
+	2: "Hash",
-	3: "SubmissionID",
+	3: "Source",
+	4: "SubmissionID",
 }
 
 // Decode decodes Script from json.
@@ -782,8 +386,20 @@ func (s *Script) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"ID\"")
 			}
-		case "Hash":
+		case "Name":
 			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Name = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Name\"")
+			}
+		case "Hash":
+			requiredBitSet[0] |= 1 << 2
 			if err := func() error {
 				v, err := d.Str()
 				s.Hash = string(v)
@@ -795,7 +411,7 @@ func (s *Script) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"Hash\"")
 			}
 		case "Source":
-			requiredBitSet[0] |= 1 << 2
+			requiredBitSet[0] |= 1 << 3
 			if err := func() error {
 				v, err := d.Str()
 				s.Source = string(v)
@@ -807,7 +423,7 @@ func (s *Script) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"Source\"")
 			}
 		case "SubmissionID":
-			requiredBitSet[0] |= 1 << 3
+			requiredBitSet[0] |= 1 << 4
 			if err := func() error {
 				v, err := d.Int64()
 				s.SubmissionID = int64(v)
@@ -828,7 +444,7 @@ func (s *Script) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00001111,
+		0b00011111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -883,6 +499,10 @@ func (s *ScriptCreate) Encode(e *jx.Encoder) {
 
 // encodeFields encodes fields.
 func (s *ScriptCreate) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("Name")
+		e.Str(s.Name)
+	}
 	{
 		e.FieldStart("Source")
 		e.Str(s.Source)
@@ -895,9 +515,10 @@ func (s *ScriptCreate) encodeFields(e *jx.Encoder) {
 	}
 }
 
-var jsonFieldsNameOfScriptCreate = [2]string{
+var jsonFieldsNameOfScriptCreate = [3]string{
-	0: "Source",
+	0: "Name",
-	1: "SubmissionID",
+	1: "Source",
+	2: "SubmissionID",
 }
 
 // Decode decodes ScriptCreate from json.
@@ -909,8 +530,20 @@ func (s *ScriptCreate) Decode(d *jx.Decoder) error {
 
 	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
 		switch string(k) {
-		case "Source":
+		case "Name":
 			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Str()
+				s.Name = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Name\"")
+			}
+		case "Source":
+			requiredBitSet[0] |= 1 << 1
 			if err := func() error {
 				v, err := d.Str()
 				s.Source = string(v)
@@ -941,7 +574,7 @@ func (s *ScriptCreate) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000001,
+		0b00000011,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -1264,120 +897,6 @@ func (s *ScriptPolicyCreate) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }
 
-// Encode implements json.Marshaler.
-func (s *ScriptPolicyFilter) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ScriptPolicyFilter) encodeFields(e *jx.Encoder) {
-	{
-		if s.ID.Set {
-			e.FieldStart("ID")
-			s.ID.Encode(e)
-		}
-	}
-	{
-		if s.FromScriptHash.Set {
-			e.FieldStart("FromScriptHash")
-			s.FromScriptHash.Encode(e)
-		}
-	}
-	{
-		if s.ToScriptID.Set {
-			e.FieldStart("ToScriptID")
-			s.ToScriptID.Encode(e)
-		}
-	}
-	{
-		if s.Policy.Set {
-			e.FieldStart("Policy")
-			s.Policy.Encode(e)
-		}
-	}
-}
-
-var jsonFieldsNameOfScriptPolicyFilter = [4]string{
-	0: "ID",
-	1: "FromScriptHash",
-	2: "ToScriptID",
-	3: "Policy",
-}
-
-// Decode decodes ScriptPolicyFilter from json.
-func (s *ScriptPolicyFilter) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ScriptPolicyFilter to nil")
-	}
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "ID":
-			if err := func() error {
-				s.ID.Reset()
-				if err := s.ID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ID\"")
-			}
-		case "FromScriptHash":
-			if err := func() error {
-				s.FromScriptHash.Reset()
-				if err := s.FromScriptHash.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"FromScriptHash\"")
-			}
-		case "ToScriptID":
-			if err := func() error {
-				s.ToScriptID.Reset()
-				if err := s.ToScriptID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ToScriptID\"")
-			}
-		case "Policy":
-			if err := func() error {
-				s.Policy.Reset()
-				if err := s.Policy.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Policy\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ScriptPolicyFilter")
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ScriptPolicyFilter) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ScriptPolicyFilter) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
 // Encode implements json.Marshaler.
 func (s *ScriptPolicyUpdate) Encode(e *jx.Encoder) {
 	e.ObjStart()
@@ -1538,6 +1057,12 @@ func (s *ScriptUpdate) encodeFields(e *jx.Encoder) {
 		e.FieldStart("ID")
 		e.Int64(s.ID)
 	}
+	{
+		if s.Name.Set {
+			e.FieldStart("Name")
+			s.Name.Encode(e)
+		}
+	}
 	{
 		if s.Source.Set {
 			e.FieldStart("Source")
@@ -1552,10 +1077,11 @@ func (s *ScriptUpdate) encodeFields(e *jx.Encoder) {
 	}
 }
 
-var jsonFieldsNameOfScriptUpdate = [3]string{
+var jsonFieldsNameOfScriptUpdate = [4]string{
 	0: "ID",
-	1: "Source",
+	1: "Name",
-	2: "SubmissionID",
+	2: "Source",
+	3: "SubmissionID",
 }
 
 // Decode decodes ScriptUpdate from json.
@@ -1579,6 +1105,16 @@ func (s *ScriptUpdate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"ID\"")
 			}
+		case "Name":
+			if err := func() error {
+				s.Name.Reset()
+				if err := s.Name.Decode(d); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Name\"")
+			}
 		case "Source":
 			if err := func() error {
 				s.Source.Reset()
@@ -2136,150 +1672,3 @@ func (s *SubmissionCreate) UnmarshalJSON(data []byte) error {
 	d := jx.DecodeBytes(data)
 	return s.Decode(d)
 }
-
-// Encode implements json.Marshaler.
-func (s *SubmissionFilter) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *SubmissionFilter) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("ID")
-		e.Int64(s.ID)
-	}
-	{
-		if s.DisplayName.Set {
-			e.FieldStart("DisplayName")
-			s.DisplayName.Encode(e)
-		}
-	}
-	{
-		if s.Creator.Set {
-			e.FieldStart("Creator")
-			s.Creator.Encode(e)
-		}
-	}
-	{
-		if s.GameID.Set {
-			e.FieldStart("GameID")
-			s.GameID.Encode(e)
-		}
-	}
-}
-
-var jsonFieldsNameOfSubmissionFilter = [4]string{
-	0: "ID",
-	1: "DisplayName",
-	2: "Creator",
-	3: "GameID",
-}
-
-// Decode decodes SubmissionFilter from json.
-func (s *SubmissionFilter) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode SubmissionFilter to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "ID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.ID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ID\"")
-			}
-		case "DisplayName":
-			if err := func() error {
-				s.DisplayName.Reset()
-				if err := s.DisplayName.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"DisplayName\"")
-			}
-		case "Creator":
-			if err := func() error {
-				s.Creator.Reset()
-				if err := s.Creator.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Creator\"")
-			}
-		case "GameID":
-			if err := func() error {
-				s.GameID.Reset()
-				if err := s.GameID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"GameID\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode SubmissionFilter")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000001,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfSubmissionFilter) {
-					name = jsonFieldsNameOfSubmissionFilter[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *SubmissionFilter) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *SubmissionFilter) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}

pkg/api/oas_operations_gen.go

@@ -19,9 +19,9 @@ const (
 	DeleteScriptPolicyOperation              OperationName = "DeleteScriptPolicy"
 	GetScriptOperation                       OperationName = "GetScript"
 	GetScriptPolicyOperation                 OperationName = "GetScriptPolicy"
-	GetScriptPolicyFromHashOperation         OperationName = "GetScriptPolicyFromHash"
 	GetSubmissionOperation                   OperationName = "GetSubmission"
 	ListScriptPolicyOperation                OperationName = "ListScriptPolicy"
+	ListScriptsOperation                     OperationName = "ListScripts"
 	ListSubmissionsOperation                 OperationName = "ListSubmissions"
 	SetSubmissionCompletedOperation          OperationName = "SetSubmissionCompleted"
 	UpdateScriptOperation                    OperationName = "UpdateScript"

pkg/api/oas_request_decoders_gen.go

@@ -220,148 +220,6 @@ func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 	}
 }
 
-func (s *Server) decodeListScriptPolicyRequest(r *http.Request) (
-	req *ListScriptPolicyReq,
-	close func() error,
-	rerr error,
-) {
-	var closers []func() error
-	close = func() error {
-		var merr error
-		// Close in reverse order, to match defer behavior.
-		for i := len(closers) - 1; i >= 0; i-- {
-			c := closers[i]
-			merr = multierr.Append(merr, c())
-		}
-		return merr
-	}
-	defer func() {
-		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
-		}
-	}()
-	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
-	if err != nil {
-		return req, close, errors.Wrap(err, "parse media type")
-	}
-	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request ListScriptPolicyReq
-		if err := func() error {
-			if err := request.Decode(d); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		if err := func() error {
-			if err := request.Validate(); err != nil {
-				return err
-			}
-			return nil
-		}(); err != nil {
-			return req, close, errors.Wrap(err, "validate")
-		}
-		return &request, close, nil
-	default:
-		return req, close, validate.InvalidContentType(ct)
-	}
-}
-
-func (s *Server) decodeListSubmissionsRequest(r *http.Request) (
-	req *ListSubmissionsReq,
-	close func() error,
-	rerr error,
-) {
-	var closers []func() error
-	close = func() error {
-		var merr error
-		// Close in reverse order, to match defer behavior.
-		for i := len(closers) - 1; i >= 0; i-- {
-			c := closers[i]
-			merr = multierr.Append(merr, c())
-		}
-		return merr
-	}
-	defer func() {
-		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
-		}
-	}()
-	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
-	if err != nil {
-		return req, close, errors.Wrap(err, "parse media type")
-	}
-	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request ListSubmissionsReq
-		if err := func() error {
-			if err := request.Decode(d); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		if err := func() error {
-			if err := request.Validate(); err != nil {
-				return err
-			}
-			return nil
-		}(); err != nil {
-			return req, close, errors.Wrap(err, "validate")
-		}
-		return &request, close, nil
-	default:
-		return req, close, validate.InvalidContentType(ct)
-	}
-}
-
 func (s *Server) decodeUpdateScriptRequest(r *http.Request) (
 	req *ScriptUpdate,
 	close func() error,

pkg/api/oas_request_encoders_gen.go

@@ -53,34 +53,6 @@ func encodeCreateSubmissionRequest(
 	return nil
 }
 
-func encodeListScriptPolicyRequest(
-	req *ListScriptPolicyReq,
-	r *http.Request,
-) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		req.Encode(e)
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
-	return nil
-}
-
-func encodeListSubmissionsRequest(
-	req *ListSubmissionsReq,
-	r *http.Request,
-) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		req.Encode(e)
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
-	return nil
-}
-
 func encodeUpdateScriptRequest(
 	req *ScriptUpdate,
 	r *http.Request,

pkg/api/oas_response_decoders_gen.go

@@ -856,98 +856,6 @@ func decodeGetScriptPolicyResponse(resp *http.Response) (res *ScriptPolicy, _ er
 	return res, errors.Wrap(defRes, "error")
 }
 
-func decodeGetScriptPolicyFromHashResponse(resp *http.Response) (res *ScriptPolicy, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response ScriptPolicy
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if err := response.Validate(); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
 func decodeGetSubmissionResponse(resp *http.Response) (res *Submission, _ error) {
 	switch resp.StatusCode {
 	case 200:
@@ -1157,6 +1065,123 @@ func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _
 	return res, errors.Wrap(defRes, "error")
 }
 
+func decodeListScriptsResponse(resp *http.Response) (res []Script, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []Script
+			if err := func() error {
+				response = make([]Script, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem Script
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeListSubmissionsResponse(resp *http.Response) (res []Submission, _ error) {
 	switch resp.StatusCode {
 	case 200:

pkg/api/oas_response_encoders_gen.go

@@ -139,20 +139,6 @@ func encodeGetScriptPolicyResponse(response *ScriptPolicy, w http.ResponseWriter
 	return nil
 }
 
-func encodeGetScriptPolicyFromHashResponse(response *ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
 func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
@@ -185,6 +171,24 @@ func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWrit
 	return nil
 }
 
+func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
 func encodeListSubmissionsResponse(response []Submission, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)

pkg/api/oas_router_gen.go

@@ -102,74 +102,31 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 							break
 						}
 
+						// Param: "ScriptPolicyID"
+						// Leaf parameter
+						args[0] = elem
+						elem = ""
+
 						if len(elem) == 0 {
-							break
+							// Leaf node.
-						}
+							switch r.Method {
-						switch elem[0] {
+							case "DELETE":
-						case 'h': // Prefix: "hash/"
+								s.handleDeleteScriptPolicyRequest([1]string{
-							origElem := elem
+									args[0],
-							if l := len("hash/"); len(elem) >= l && elem[0:l] == "hash/" {
+								}, elemIsEscaped, w, r)
-								elem = elem[l:]
+							case "GET":
-							} else {
+								s.handleGetScriptPolicyRequest([1]string{
-								break
+									args[0],
+								}, elemIsEscaped, w, r)
+							case "POST":
+								s.handleUpdateScriptPolicyRequest([1]string{
+									args[0],
+								}, elemIsEscaped, w, r)
+							default:
+								s.notAllowed(w, r, "DELETE,GET,POST")
 							}
 
-							// Param: "FromScriptHash"
+							return
-							// Leaf parameter
-							args[0] = elem
-							elem = ""
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch r.Method {
-								case "GET":
-									s.handleGetScriptPolicyFromHashRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								default:
-									s.notAllowed(w, r, "GET")
-								}
-
-								return
-							}
-
-							elem = origElem
-						case 'i': // Prefix: "id/"
-							origElem := elem
-							if l := len("id/"); len(elem) >= l && elem[0:l] == "id/" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							// Param: "ScriptPolicyID"
-							// Leaf parameter
-							args[0] = elem
-							elem = ""
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch r.Method {
-								case "DELETE":
-									s.handleDeleteScriptPolicyRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								case "GET":
-									s.handleGetScriptPolicyRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								case "POST":
-									s.handleUpdateScriptPolicyRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								default:
-									s.notAllowed(w, r, "DELETE,GET,POST")
-								}
-
-								return
-							}
-
-							elem = origElem
 						}
 
 						elem = origElem
@@ -186,10 +143,12 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 					if len(elem) == 0 {
 						switch r.Method {
+						case "GET":
+							s.handleListScriptsRequest([0]string{}, elemIsEscaped, w, r)
 						case "POST":
 							s.handleCreateScriptRequest([0]string{}, elemIsEscaped, w, r)
 						default:
-							s.notAllowed(w, r, "POST")
+							s.notAllowed(w, r, "GET,POST")
 						}
 
 						return
@@ -684,86 +643,41 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 							break
 						}
 
+						// Param: "ScriptPolicyID"
+						// Leaf parameter
+						args[0] = elem
+						elem = ""
+
 						if len(elem) == 0 {
-							break
+							// Leaf node.
-						}
+							switch method {
-						switch elem[0] {
+							case "DELETE":
-						case 'h': // Prefix: "hash/"
+								r.name = DeleteScriptPolicyOperation
-							origElem := elem
+								r.summary = "Delete the specified script policy by ID"
-							if l := len("hash/"); len(elem) >= l && elem[0:l] == "hash/" {
+								r.operationID = "deleteScriptPolicy"
-								elem = elem[l:]
+								r.pathPattern = "/script-policy/{ScriptPolicyID}"
-							} else {
+								r.args = args
-								break
+								r.count = 1
+								return r, true
+							case "GET":
+								r.name = GetScriptPolicyOperation
+								r.summary = "Get the specified script policy by ID"
+								r.operationID = "getScriptPolicy"
+								r.pathPattern = "/script-policy/{ScriptPolicyID}"
+								r.args = args
+								r.count = 1
+								return r, true
+							case "POST":
+								r.name = UpdateScriptPolicyOperation
+								r.summary = "Update the specified script policy by ID"
+								r.operationID = "updateScriptPolicy"
+								r.pathPattern = "/script-policy/{ScriptPolicyID}"
+								r.args = args
+								r.count = 1
+								return r, true
+							default:
+								return
 							}
-
-							// Param: "FromScriptHash"
-							// Leaf parameter
-							args[0] = elem
-							elem = ""
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch method {
-								case "GET":
-									r.name = GetScriptPolicyFromHashOperation
-									r.summary = "Get the policy for the given hash of script source code"
-									r.operationID = "getScriptPolicyFromHash"
-									r.pathPattern = "/script-policy/hash/{FromScriptHash}"
-									r.args = args
-									r.count = 1
-									return r, true
-								default:
-									return
-								}
-							}
-
-							elem = origElem
-						case 'i': // Prefix: "id/"
-							origElem := elem
-							if l := len("id/"); len(elem) >= l && elem[0:l] == "id/" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							// Param: "ScriptPolicyID"
-							// Leaf parameter
-							args[0] = elem
-							elem = ""
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch method {
-								case "DELETE":
-									r.name = DeleteScriptPolicyOperation
-									r.summary = "Delete the specified script policy by ID"
-									r.operationID = "deleteScriptPolicy"
-									r.pathPattern = "/script-policy/id/{ScriptPolicyID}"
-									r.args = args
-									r.count = 1
-									return r, true
-								case "GET":
-									r.name = GetScriptPolicyOperation
-									r.summary = "Get the specified script policy by ID"
-									r.operationID = "getScriptPolicy"
-									r.pathPattern = "/script-policy/id/{ScriptPolicyID}"
-									r.args = args
-									r.count = 1
-									return r, true
-								case "POST":
-									r.name = UpdateScriptPolicyOperation
-									r.summary = "Update the specified script policy by ID"
-									r.operationID = "updateScriptPolicy"
-									r.pathPattern = "/script-policy/id/{ScriptPolicyID}"
-									r.args = args
-									r.count = 1
-									return r, true
-								default:
-									return
-								}
-							}
-
-							elem = origElem
 						}
 
 						elem = origElem
@@ -780,6 +694,14 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 
 					if len(elem) == 0 {
 						switch method {
+						case "GET":
+							r.name = ListScriptsOperation
+							r.summary = "Get list of scripts"
+							r.operationID = "listScripts"
+							r.pathPattern = "/scripts"
+							r.args = args
+							r.count = 0
+							return r, true
 						case "POST":
 							r.name = CreateScriptOperation
 							r.summary = "Create a new script"

pkg/api/oas_schemas_gen.go

@@ -116,56 +116,6 @@ func (s *ID) SetID(val int64) {
 	s.ID = val
 }
 
-type ListScriptPolicyReq struct {
-	Page   Pagination            `json:"Page"`
-	Filter OptScriptPolicyFilter `json:"Filter"`
-}
-
-// GetPage returns the value of Page.
-func (s *ListScriptPolicyReq) GetPage() Pagination {
-	return s.Page
-}
-
-// GetFilter returns the value of Filter.
-func (s *ListScriptPolicyReq) GetFilter() OptScriptPolicyFilter {
-	return s.Filter
-}
-
-// SetPage sets the value of Page.
-func (s *ListScriptPolicyReq) SetPage(val Pagination) {
-	s.Page = val
-}
-
-// SetFilter sets the value of Filter.
-func (s *ListScriptPolicyReq) SetFilter(val OptScriptPolicyFilter) {
-	s.Filter = val
-}
-
-type ListSubmissionsReq struct {
-	Page   Pagination          `json:"Page"`
-	Filter OptSubmissionFilter `json:"Filter"`
-}
-
-// GetPage returns the value of Page.
-func (s *ListSubmissionsReq) GetPage() Pagination {
-	return s.Page
-}
-
-// GetFilter returns the value of Filter.
-func (s *ListSubmissionsReq) GetFilter() OptSubmissionFilter {
-	return s.Filter
-}
-
-// SetPage sets the value of Page.
-func (s *ListSubmissionsReq) SetPage(val Pagination) {
-	s.Page = val
-}
-
-// SetFilter sets the value of Filter.
-func (s *ListSubmissionsReq) SetFilter(val OptSubmissionFilter) {
-	s.Filter = val
-}
-
 // NewOptInt32 returns new OptInt32 with value set to v.
 func NewOptInt32(v int32) OptInt32 {
 	return OptInt32{
@@ -258,52 +208,6 @@ func (o OptInt64) Or(d int64) int64 {
 	return d
 }
 
-// NewOptScriptPolicyFilter returns new OptScriptPolicyFilter with value set to v.
-func NewOptScriptPolicyFilter(v ScriptPolicyFilter) OptScriptPolicyFilter {
-	return OptScriptPolicyFilter{
-		Value: v,
-		Set:   true,
-	}
-}
-
-// OptScriptPolicyFilter is optional ScriptPolicyFilter.
-type OptScriptPolicyFilter struct {
-	Value ScriptPolicyFilter
-	Set   bool
-}
-
-// IsSet returns true if OptScriptPolicyFilter was set.
-func (o OptScriptPolicyFilter) IsSet() bool { return o.Set }
-
-// Reset unsets value.
-func (o *OptScriptPolicyFilter) Reset() {
-	var v ScriptPolicyFilter
-	o.Value = v
-	o.Set = false
-}
-
-// SetTo sets value to v.
-func (o *OptScriptPolicyFilter) SetTo(v ScriptPolicyFilter) {
-	o.Set = true
-	o.Value = v
-}
-
-// Get returns value and boolean that denotes whether value was set.
-func (o OptScriptPolicyFilter) Get() (v ScriptPolicyFilter, ok bool) {
-	if !o.Set {
-		return v, false
-	}
-	return o.Value, true
-}
-
-// Or returns value if set, or given parameter if does not.
-func (o OptScriptPolicyFilter) Or(d ScriptPolicyFilter) ScriptPolicyFilter {
-	if v, ok := o.Get(); ok {
-		return v
-	}
-	return d
-}
-
 // NewOptString returns new OptString with value set to v.
 func NewOptString(v string) OptString {
 	return OptString{
@@ -350,81 +254,10 @@ func (o OptString) Or(d string) string {
 	return d
 }
 
-// NewOptSubmissionFilter returns new OptSubmissionFilter with value set to v.
-func NewOptSubmissionFilter(v SubmissionFilter) OptSubmissionFilter {
-	return OptSubmissionFilter{
-		Value: v,
-		Set:   true,
-	}
-}
-
-// OptSubmissionFilter is optional SubmissionFilter.
-type OptSubmissionFilter struct {
-	Value SubmissionFilter
-	Set   bool
-}
-
-// IsSet returns true if OptSubmissionFilter was set.
-func (o OptSubmissionFilter) IsSet() bool { return o.Set }
-
-// Reset unsets value.
-func (o *OptSubmissionFilter) Reset() {
-	var v SubmissionFilter
-	o.Value = v
-	o.Set = false
-}
-
-// SetTo sets value to v.
-func (o *OptSubmissionFilter) SetTo(v SubmissionFilter) {
-	o.Set = true
-	o.Value = v
-}
-
-// Get returns value and boolean that denotes whether value was set.
-func (o OptSubmissionFilter) Get() (v SubmissionFilter, ok bool) {
-	if !o.Set {
-		return v, false
-	}
-	return o.Value, true
-}
-
-// Or returns value if set, or given parameter if does not.
-func (o OptSubmissionFilter) Or(d SubmissionFilter) SubmissionFilter {
-	if v, ok := o.Get(); ok {
-		return v
-	}
-	return d
-}
-
-// Ref: #/components/schemas/Pagination
-type Pagination struct {
-	Page  int32 `json:"Page"`
-	Limit int32 `json:"Limit"`
-}
-
-// GetPage returns the value of Page.
-func (s *Pagination) GetPage() int32 {
-	return s.Page
-}
-
-// GetLimit returns the value of Limit.
-func (s *Pagination) GetLimit() int32 {
-	return s.Limit
-}
-
-// SetPage sets the value of Page.
-func (s *Pagination) SetPage(val int32) {
-	s.Page = val
-}
-
-// SetLimit sets the value of Limit.
-func (s *Pagination) SetLimit(val int32) {
-	s.Limit = val
-}
-
 // Ref: #/components/schemas/Script
 type Script struct {
 	ID           int64  `json:"ID"`
+	Name         string `json:"Name"`
 	Hash         string `json:"Hash"`
 	Source       string `json:"Source"`
 	SubmissionID int64  `json:"SubmissionID"`
@@ -435,6 +268,11 @@ func (s *Script) GetID() int64 {
 	return s.ID
 }
 
+// GetName returns the value of Name.
+func (s *Script) GetName() string {
+	return s.Name
+}
+
 // GetHash returns the value of Hash.
 func (s *Script) GetHash() string {
 	return s.Hash
@@ -455,6 +293,11 @@ func (s *Script) SetID(val int64) {
 	s.ID = val
 }
 
+// SetName sets the value of Name.
+func (s *Script) SetName(val string) {
+	s.Name = val
+}
+
 // SetHash sets the value of Hash.
 func (s *Script) SetHash(val string) {
 	s.Hash = val
@@ -472,10 +315,16 @@ func (s *Script) SetSubmissionID(val int64) {
 
 // Ref: #/components/schemas/ScriptCreate
 type ScriptCreate struct {
+	Name         string   `json:"Name"`
 	Source       string   `json:"Source"`
 	SubmissionID OptInt64 `json:"SubmissionID"`
 }
 
+// GetName returns the value of Name.
+func (s *ScriptCreate) GetName() string {
+	return s.Name
+}
+
 // GetSource returns the value of Source.
 func (s *ScriptCreate) GetSource() string {
 	return s.Source
@@ -486,6 +335,11 @@ func (s *ScriptCreate) GetSubmissionID() OptInt64 {
 	return s.SubmissionID
 }
 
+// SetName sets the value of Name.
+func (s *ScriptCreate) SetName(val string) {
+	s.Name = val
+}
+
 // SetSource sets the value of Source.
 func (s *ScriptCreate) SetSource(val string) {
 	s.Source = val
@@ -581,54 +435,6 @@ func (s *ScriptPolicyCreate) SetPolicy(val int32) {
 	s.Policy = val
 }
 
-// Ref: #/components/schemas/ScriptPolicyFilter
-type ScriptPolicyFilter struct {
-	ID             OptInt64  `json:"ID"`
-	FromScriptHash OptString `json:"FromScriptHash"`
-	ToScriptID     OptInt64  `json:"ToScriptID"`
-	Policy         OptInt32  `json:"Policy"`
-}
-
-// GetID returns the value of ID.
-func (s *ScriptPolicyFilter) GetID() OptInt64 {
-	return s.ID
-}
-
-// GetFromScriptHash returns the value of FromScriptHash.
-func (s *ScriptPolicyFilter) GetFromScriptHash() OptString {
-	return s.FromScriptHash
-}
-
-// GetToScriptID returns the value of ToScriptID.
-func (s *ScriptPolicyFilter) GetToScriptID() OptInt64 {
-	return s.ToScriptID
-}
-
-// GetPolicy returns the value of Policy.
-func (s *ScriptPolicyFilter) GetPolicy() OptInt32 {
-	return s.Policy
-}
-
-// SetID sets the value of ID.
-func (s *ScriptPolicyFilter) SetID(val OptInt64) {
-	s.ID = val
-}
-
-// SetFromScriptHash sets the value of FromScriptHash.
-func (s *ScriptPolicyFilter) SetFromScriptHash(val OptString) {
-	s.FromScriptHash = val
-}
-
-// SetToScriptID sets the value of ToScriptID.
-func (s *ScriptPolicyFilter) SetToScriptID(val OptInt64) {
-	s.ToScriptID = val
-}
-
-// SetPolicy sets the value of Policy.
-func (s *ScriptPolicyFilter) SetPolicy(val OptInt32) {
-	s.Policy = val
-}
-
 // Ref: #/components/schemas/ScriptPolicyUpdate
 type ScriptPolicyUpdate struct {
 	ID           int64    `json:"ID"`
@@ -680,6 +486,7 @@ func (s *ScriptPolicyUpdate) SetPolicy(val OptInt32) {
 // Ref: #/components/schemas/ScriptUpdate
 type ScriptUpdate struct {
 	ID           int64     `json:"ID"`
+	Name         OptString `json:"Name"`
 	Source       OptString `json:"Source"`
 	SubmissionID OptInt64  `json:"SubmissionID"`
 }
@@ -689,6 +496,11 @@ func (s *ScriptUpdate) GetID() int64 {
 	return s.ID
 }
 
+// GetName returns the value of Name.
+func (s *ScriptUpdate) GetName() OptString {
+	return s.Name
+}
+
 // GetSource returns the value of Source.
 func (s *ScriptUpdate) GetSource() OptString {
 	return s.Source
@@ -704,6 +516,11 @@ func (s *ScriptUpdate) SetID(val int64) {
 	s.ID = val
 }
 
+// SetName sets the value of Name.
+func (s *ScriptUpdate) SetName(val OptString) {
+	s.Name = val
+}
+
 // SetSource sets the value of Source.
 func (s *ScriptUpdate) SetSource(val OptString) {
 	s.Source = val
@@ -934,54 +751,6 @@ func (s *SubmissionCreate) SetTargetAssetID(val OptInt64) {
 	s.TargetAssetID = val
 }
 
-// Ref: #/components/schemas/SubmissionFilter
-type SubmissionFilter struct {
-	ID          int64     `json:"ID"`
-	DisplayName OptString `json:"DisplayName"`
-	Creator     OptString `json:"Creator"`
-	GameID      OptInt32  `json:"GameID"`
-}
-
-// GetID returns the value of ID.
-func (s *SubmissionFilter) GetID() int64 {
-	return s.ID
-}
-
-// GetDisplayName returns the value of DisplayName.
-func (s *SubmissionFilter) GetDisplayName() OptString {
-	return s.DisplayName
-}
-
-// GetCreator returns the value of Creator.
-func (s *SubmissionFilter) GetCreator() OptString {
-	return s.Creator
-}
-
-// GetGameID returns the value of GameID.
-func (s *SubmissionFilter) GetGameID() OptInt32 {
-	return s.GameID
-}
-
-// SetID sets the value of ID.
-func (s *SubmissionFilter) SetID(val int64) {
-	s.ID = val
-}
-
-// SetDisplayName sets the value of DisplayName.
-func (s *SubmissionFilter) SetDisplayName(val OptString) {
-	s.DisplayName = val
-}
-
-// SetCreator sets the value of Creator.
-func (s *SubmissionFilter) SetCreator(val OptString) {
-	s.Creator = val
-}
-
-// SetGameID sets the value of GameID.
-func (s *SubmissionFilter) SetGameID(val OptInt32) {
-	s.GameID = val
-}
-
 // UpdateScriptNoContent is response for UpdateScript operation.
 type UpdateScriptNoContent struct{}
 

pkg/api/oas_server_gen.go

@@ -72,7 +72,7 @@ type Handler interface {
 	//
 	// Delete the specified script policy by ID.
 	//
-	// DELETE /script-policy/id/{ScriptPolicyID}
+	// DELETE /script-policy/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
 	// GetScript implements getScript operation.
 	//
@@ -84,14 +84,8 @@ type Handler interface {
 	//
 	// Get the specified script policy by ID.
 	//
-	// GET /script-policy/id/{ScriptPolicyID}
+	// GET /script-policy/{ScriptPolicyID}
 	GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (*ScriptPolicy, error)
-	// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-	//
-	// Get the policy for the given hash of script source code.
-	//
-	// GET /script-policy/hash/{FromScriptHash}
-	GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (*ScriptPolicy, error)
 	// GetSubmission implements getSubmission operation.
 	//
 	// Retrieve map with ID.
@@ -103,13 +97,19 @@ type Handler interface {
 	// Get list of script policies.
 	//
 	// GET /script-policy
-	ListScriptPolicy(ctx context.Context, req *ListScriptPolicyReq) ([]ScriptPolicy, error)
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts implements listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
 	// ListSubmissions implements listSubmissions operation.
 	//
 	// Get list of submissions.
 	//
 	// GET /submissions
-	ListSubmissions(ctx context.Context, req *ListSubmissionsReq) ([]Submission, error)
+	ListSubmissions(ctx context.Context, params ListSubmissionsParams) ([]Submission, error)
 	// SetSubmissionCompleted implements setSubmissionCompleted operation.
 	//
 	// Retrieve map with ID.
@@ -126,7 +126,7 @@ type Handler interface {
 	//
 	// Update the specified script policy by ID.
 	//
-	// POST /script-policy/id/{ScriptPolicyID}
+	// POST /script-policy/{ScriptPolicyID}
 	UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error
 	// UpdateSubmissionModel implements updateSubmissionModel operation.
 	//

pkg/api/oas_unimplemented_gen.go

@@ -107,7 +107,7 @@ func (UnimplementedHandler) DeleteScript(ctx context.Context, params DeleteScrip
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }
@@ -125,20 +125,11 @@ func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParam
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (r *ScriptPolicy, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
-// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (UnimplementedHandler) GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (r *ScriptPolicy, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
 // GetSubmission implements getSubmission operation.
 //
 // Retrieve map with ID.
@@ -153,7 +144,16 @@ func (UnimplementedHandler) GetSubmission(ctx context.Context, params GetSubmiss
 // Get list of script policies.
 //
 // GET /script-policy
-func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, req *ListScriptPolicyReq) (r []ScriptPolicy, _ error) {
+func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
@@ -162,7 +162,7 @@ func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, req *ListScrip
 // Get list of submissions.
 //
 // GET /submissions
-func (UnimplementedHandler) ListSubmissions(ctx context.Context, req *ListSubmissionsReq) (r []Submission, _ error) {
+func (UnimplementedHandler) ListSubmissions(ctx context.Context, params ListSubmissionsParams) (r []Submission, _ error) {
 	return r, ht.ErrNotImplemented
 }
 
@@ -188,7 +188,7 @@ func (UnimplementedHandler) UpdateScript(ctx context.Context, req *ScriptUpdate,
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (UnimplementedHandler) UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }

pkg/api/oas_validators_gen.go

@@ -8,146 +8,31 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 
-func (s *ListScriptPolicyReq) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := s.Page.Validate(); err != nil {
-			return err
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Page",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if value, ok := s.Filter.Get(); ok {
-			if err := func() error {
-				if err := value.Validate(); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return err
-			}
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Filter",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
-func (s *ListSubmissionsReq) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := s.Page.Validate(); err != nil {
-			return err
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Page",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if value, ok := s.Filter.Get(); ok {
-			if err := func() error {
-				if err := value.Validate(); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return err
-			}
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Filter",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
-func (s *Pagination) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := (validate.Int{
-			MinSet:        true,
-			Min:           1,
-			MaxSet:        false,
-			Max:           0,
-			MinExclusive:  false,
-			MaxExclusive:  false,
-			MultipleOfSet: false,
-			MultipleOf:    0,
-		}).Validate(int64(s.Page)); err != nil {
-			return errors.Wrap(err, "int")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Page",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if err := (validate.Int{
-			MinSet:        true,
-			Min:           1,
-			MaxSet:        true,
-			Max:           100,
-			MinExclusive:  false,
-			MaxExclusive:  false,
-			MultipleOfSet: false,
-			MultipleOf:    0,
-		}).Validate(int64(s.Limit)); err != nil {
-			return errors.Wrap(err, "int")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Limit",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
 func (s *Script) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 
 	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    16,
@@ -198,6 +83,25 @@ func (s *ScriptCreate) Validate() error {
 	}
 
 	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
@@ -254,19 +158,19 @@ func (s *ScriptPolicy) Validate() error {
 	return nil
 }
 
-func (s *ScriptPolicyFilter) Validate() error {
+func (s *ScriptUpdate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 
 	var failures []validate.FieldError
 	if err := func() error {
-		if value, ok := s.FromScriptHash.Get(); ok {
+		if value, ok := s.Name.Get(); ok {
 			if err := func() error {
 				if err := (validate.String{
-					MinLength:    16,
+					MinLength:    0,
-					MinLengthSet: true,
+					MinLengthSet: false,
-					MaxLength:    16,
+					MaxLength:    128,
 					MaxLengthSet: true,
 					Email:        false,
 					Hostname:     false,
@@ -282,22 +186,10 @@ func (s *ScriptPolicyFilter) Validate() error {
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
-			Name:  "FromScriptHash",
+			Name:  "Name",
 			Error: err,
 		})
 	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
-func (s *ScriptUpdate) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
 	if err := func() error {
 		if value, ok := s.Source.Get(); ok {
 			if err := func() error {
@@ -429,67 +321,3 @@ func (s *SubmissionCreate) Validate() error {
 	}
 	return nil
 }
-
-func (s *SubmissionFilter) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if value, ok := s.DisplayName.Get(); ok {
-			if err := func() error {
-				if err := (validate.String{
-					MinLength:    0,
-					MinLengthSet: false,
-					MaxLength:    128,
-					MaxLengthSet: true,
-					Email:        false,
-					Hostname:     false,
-					Regex:        nil,
-				}).Validate(string(value)); err != nil {
-					return errors.Wrap(err, "string")
-				}
-				return nil
-			}(); err != nil {
-				return err
-			}
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "DisplayName",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if value, ok := s.Creator.Get(); ok {
-			if err := func() error {
-				if err := (validate.String{
-					MinLength:    0,
-					MinLengthSet: false,
-					MaxLength:    128,
-					MaxLengthSet: true,
-					Email:        false,
-					Hostname:     false,
-					Regex:        nil,
-				}).Validate(string(value)); err != nil {
-					return errors.Wrap(err, "string")
-				}
-				return nil
-			}(); err != nil {
-				return err
-			}
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Creator",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}

pkg/cmds/serve.go

@@ -133,12 +133,32 @@ func serve(ctx *cli.Context) error {
 		Nats: js,
 	}
 
-	srv2, err := internal.NewServer(svc2, nil, internal.WithPathPrefix("/v1"))
+	srv2, err := internal.NewServer(svc2, internal.WithPathPrefix("/v1"))
 	if err != nil {
 		log.WithError(err).Fatal("failed to initialize api server")
 	}
+	// Channel to collect errors
+	errChan := make(chan error, 2)
 
-	// idk how else to do this
+	// First server
-	go http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
+	go func(errChan chan error) {
-	return http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
+		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
+	}(errChan)
+
+	// Second server
+	go func(errChan chan error) {
+		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
+	}(errChan)
+
+	// Wait for the first error or completion of both tasks
+	for i := 0; i < 2; i++ {
+		err := <-errChan
+		if err != nil {
+			fmt.Println("Exiting due to:", err)
+			return err
+		}
+	}
+	log.Println("Both servers have stopped.")
+
+	return nil
 }

pkg/datastore/datastore.go

@@ -33,6 +33,7 @@ type Scripts interface {
 	Create(ctx context.Context, smap model.Script) (model.Script, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
 	Delete(ctx context.Context, id int64) error
+	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Script, error)
 }
 
 type ScriptPolicy interface {

pkg/datastore/gormstore/script_policy.go

@@ -19,16 +19,18 @@ func (env *ScriptPolicy) Get(ctx context.Context, id int64) (model.ScriptPolicy,
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }
 
 func (env *ScriptPolicy) GetFromHash(ctx context.Context, hash uint64) (model.ScriptPolicy, error) {
 	var mdl model.ScriptPolicy
-	if err := env.db.Model(&model.ScriptPolicy{}).Where("hash = ?", hash).Error; err != nil {
+	if err := env.db.Take(&mdl,"from_script_hash = ?", hash).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }

pkg/datastore/gormstore/scripts.go

@@ -19,6 +19,7 @@ func (env *Scripts) Get(ctx context.Context, id int64) (model.Script, error) {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
+		return mdl, err
 	}
 	return mdl, nil
 }

pkg/datastore/gormstore/submissions.go

@@ -20,6 +20,7 @@ func (env *Submissions) Get(ctx context.Context, id int64) (model.Submission, er
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return submission, datastore.ErrNotExist
 		}
+		return submission, err
 	}
 	return submission, nil
 }

pkg/internal/oas_client_gen.go

@@ -23,6 +23,12 @@ import (
 
 // Invoker invokes operations described by OpenAPI v3 specification.
 type Invoker interface {
+	// ActionSubmissionAccepted invokes actionSubmissionAccepted operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+	//
+	// POST /submissions/{SubmissionID}/status/validator-failed
+	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
 	// ActionSubmissionReleased invokes actionSubmissionReleased operation.
 	//
 	// (Internal endpoint) Role Releaser changes status from releasing -> released.
@@ -41,6 +47,42 @@ type Invoker interface {
 	//
 	// POST /submissions/{SubmissionID}/status/validator-validated
 	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
+	// CreateScript invokes createScript operation.
+	//
+	// Create a new script.
+	//
+	// POST /scripts
+	CreateScript(ctx context.Context, request *ScriptCreate) (*ID, error)
+	// CreateScriptPolicy invokes createScriptPolicy operation.
+	//
+	// Create a new script policy.
+	//
+	// POST /script-policy
+	CreateScriptPolicy(ctx context.Context, request *ScriptPolicyCreate) (*ID, error)
+	// GetScript invokes getScript operation.
+	//
+	// Get the specified script by ID.
+	//
+	// GET /scripts/{ScriptID}
+	GetScript(ctx context.Context, params GetScriptParams) (*Script, error)
+	// ListScriptPolicy invokes listScriptPolicy operation.
+	//
+	// Get list of script policies.
+	//
+	// GET /script-policy
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts invokes listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
+	// UpdateSubmissionModel invokes updateSubmissionModel operation.
+	//
+	// Update model following role restrictions.
+	//
+	// POST /submissions/{SubmissionID}/model
+	UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error
 }
 
 // Client implements OAS client.
@@ -95,6 +137,97 @@ func (c *Client) requestURL(ctx context.Context) *url.URL {
 	return u
 }
 
+// ActionSubmissionAccepted invokes actionSubmissionAccepted operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+//
+// POST /submissions/{SubmissionID}/status/validator-failed
+func (c *Client) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
+	_, err := c.sendActionSubmissionAccepted(ctx, params)
+	return err
+}
+
+func (c *Client) sendActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) (res *ActionSubmissionAcceptedNoContent, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("actionSubmissionAccepted"),
+		semconv.HTTPRequestMethodKey.String("POST"),
+		semconv.HTTPRouteKey.String("/submissions/{SubmissionID}/status/validator-failed"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ActionSubmissionAcceptedOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [3]string
+	pathParts[0] = "/submissions/"
+	{
+		// Encode "SubmissionID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "SubmissionID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/status/validator-failed"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "POST", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeActionSubmissionAcceptedResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
 // ActionSubmissionReleased invokes actionSubmissionReleased operation.
 //
 // (Internal endpoint) Role Releaser changes status from releasing -> released.
@@ -388,3 +521,693 @@ func (c *Client) sendActionSubmissionValidated(ctx context.Context, params Actio
 
 	return result, nil
 }
+
+// CreateScript invokes createScript operation.
+//
+// Create a new script.
+//
+// POST /scripts
+func (c *Client) CreateScript(ctx context.Context, request *ScriptCreate) (*ID, error) {
+	res, err := c.sendCreateScript(ctx, request)
+	return res, err
+}
+
+func (c *Client) sendCreateScript(ctx context.Context, request *ScriptCreate) (res *ID, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("createScript"),
+		semconv.HTTPRequestMethodKey.String("POST"),
+		semconv.HTTPRouteKey.String("/scripts"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, CreateScriptOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/scripts"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "POST", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+	if err := encodeCreateScriptRequest(request, r); err != nil {
+		return res, errors.Wrap(err, "encode request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeCreateScriptResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// CreateScriptPolicy invokes createScriptPolicy operation.
+//
+// Create a new script policy.
+//
+// POST /script-policy
+func (c *Client) CreateScriptPolicy(ctx context.Context, request *ScriptPolicyCreate) (*ID, error) {
+	res, err := c.sendCreateScriptPolicy(ctx, request)
+	return res, err
+}
+
+func (c *Client) sendCreateScriptPolicy(ctx context.Context, request *ScriptPolicyCreate) (res *ID, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("createScriptPolicy"),
+		semconv.HTTPRequestMethodKey.String("POST"),
+		semconv.HTTPRouteKey.String("/script-policy"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, CreateScriptPolicyOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/script-policy"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "POST", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+	if err := encodeCreateScriptPolicyRequest(request, r); err != nil {
+		return res, errors.Wrap(err, "encode request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeCreateScriptPolicyResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// GetScript invokes getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /scripts/{ScriptID}
+func (c *Client) GetScript(ctx context.Context, params GetScriptParams) (*Script, error) {
+	res, err := c.sendGetScript(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendGetScript(ctx context.Context, params GetScriptParams) (res *Script, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("getScript"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.HTTPRouteKey.String("/scripts/{ScriptID}"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, GetScriptOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [2]string
+	pathParts[0] = "/scripts/"
+	{
+		// Encode "ScriptID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "ScriptID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.ScriptID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeGetScriptResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// ListScriptPolicy invokes listScriptPolicy operation.
+//
+// Get list of script policies.
+//
+// GET /script-policy
+func (c *Client) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error) {
+	res, err := c.sendListScriptPolicy(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (res []ScriptPolicy, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listScriptPolicy"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.HTTPRouteKey.String("/script-policy"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ListScriptPolicyOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/script-policy"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "FromScriptHash" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "FromScriptHash",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.FromScriptHash.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "ToScriptID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "ToScriptID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.ToScriptID.Get(); ok {
+				return e.EncodeValue(conv.Int64ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Policy" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Policy",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Policy.Get(); ok {
+				return e.EncodeValue(conv.Int32ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeListScriptPolicyResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// ListScripts invokes listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (c *Client) ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error) {
+	res, err := c.sendListScripts(ctx, params)
+	return res, err
+}
+
+func (c *Client) sendListScripts(ctx context.Context, params ListScriptsParams) (res []Script, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("listScripts"),
+		semconv.HTTPRequestMethodKey.String("GET"),
+		semconv.HTTPRouteKey.String("/scripts"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, ListScriptsOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [1]string
+	pathParts[0] = "/scripts"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "Page" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Page",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Page))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Limit" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Limit",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int32ToString(params.Limit))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Hash" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Hash",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Hash.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Name" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Name",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Name.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "Source" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "Source",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.Source.Get(); ok {
+				return e.EncodeValue(conv.StringToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "SubmissionID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "SubmissionID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			if val, ok := params.SubmissionID.Get(); ok {
+				return e.EncodeValue(conv.Int64ToString(val))
+			}
+			return nil
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "GET", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeListScriptsResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}
+
+// UpdateSubmissionModel invokes updateSubmissionModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /submissions/{SubmissionID}/model
+func (c *Client) UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error {
+	_, err := c.sendUpdateSubmissionModel(ctx, params)
+	return err
+}
+
+func (c *Client) sendUpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) (res *UpdateSubmissionModelNoContent, err error) {
+	otelAttrs := []attribute.KeyValue{
+		otelogen.OperationID("updateSubmissionModel"),
+		semconv.HTTPRequestMethodKey.String("POST"),
+		semconv.HTTPRouteKey.String("/submissions/{SubmissionID}/model"),
+	}
+
+	// Run stopwatch.
+	startTime := time.Now()
+	defer func() {
+		// Use floating point division here for higher precision (instead of Millisecond method).
+		elapsedDuration := time.Since(startTime)
+		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
+	}()
+
+	// Increment request counter.
+	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+
+	// Start a span for this request.
+	ctx, span := c.cfg.Tracer.Start(ctx, UpdateSubmissionModelOperation,
+		trace.WithAttributes(otelAttrs...),
+		clientSpanKind,
+	)
+	// Track stage for error reporting.
+	var stage string
+	defer func() {
+		if err != nil {
+			span.RecordError(err)
+			span.SetStatus(codes.Error, stage)
+			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
+		}
+		span.End()
+	}()
+
+	stage = "BuildURL"
+	u := uri.Clone(c.requestURL(ctx))
+	var pathParts [3]string
+	pathParts[0] = "/submissions/"
+	{
+		// Encode "SubmissionID" parameter.
+		e := uri.NewPathEncoder(uri.PathEncoderConfig{
+			Param:   "SubmissionID",
+			Style:   uri.PathStyleSimple,
+			Explode: false,
+		})
+		if err := func() error {
+			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
+		}(); err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		encoded, err := e.Result()
+		if err != nil {
+			return res, errors.Wrap(err, "encode path")
+		}
+		pathParts[1] = encoded
+	}
+	pathParts[2] = "/model"
+	uri.AddPathParts(u, pathParts[:]...)
+
+	stage = "EncodeQueryParams"
+	q := uri.NewQueryEncoder()
+	{
+		// Encode "ModelID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "ModelID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int64ToString(params.ModelID))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	{
+		// Encode "VersionID" parameter.
+		cfg := uri.QueryParameterEncodingConfig{
+			Name:    "VersionID",
+			Style:   uri.QueryStyleForm,
+			Explode: true,
+		}
+
+		if err := q.EncodeParam(cfg, func(e uri.Encoder) error {
+			return e.EncodeValue(conv.Int64ToString(params.VersionID))
+		}); err != nil {
+			return res, errors.Wrap(err, "encode query")
+		}
+	}
+	u.RawQuery = q.Values().Encode()
+
+	stage = "EncodeRequest"
+	r, err := ht.NewRequest(ctx, "POST", u)
+	if err != nil {
+		return res, errors.Wrap(err, "create request")
+	}
+
+	stage = "SendRequest"
+	resp, err := c.cfg.Client.Do(r)
+	if err != nil {
+		return res, errors.Wrap(err, "do request")
+	}
+	defer resp.Body.Close()
+
+	stage = "DecodeResponse"
+	result, err := decodeUpdateSubmissionModelResponse(resp)
+	if err != nil {
+		return res, errors.Wrap(err, "decode response")
+	}
+
+	return result, nil
+}

pkg/internal/oas_json_gen.go

@@ -124,3 +124,705 @@ func (s *Error) UnmarshalJSON(data []byte) error {
 	d := jx.DecodeBytes(data)
 	return s.Decode(d)
 }
+
+// Encode implements json.Marshaler.
+func (s *ID) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *ID) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("ID")
+		e.Int64(s.ID)
+	}
+}
+
+var jsonFieldsNameOfID = [1]string{
+	0: "ID",
+}
+
+// Decode decodes ID from json.
+func (s *ID) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode ID to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.ID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode ID")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000001,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfID) {
+					name = jsonFieldsNameOfID[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *ID) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *ID) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode encodes int64 as json.
+func (o OptInt64) Encode(e *jx.Encoder) {
+	if !o.Set {
+		return
+	}
+	e.Int64(int64(o.Value))
+}
+
+// Decode decodes int64 from json.
+func (o *OptInt64) Decode(d *jx.Decoder) error {
+	if o == nil {
+		return errors.New("invalid: unable to decode OptInt64 to nil")
+	}
+	o.Set = true
+	v, err := d.Int64()
+	if err != nil {
+		return err
+	}
+	o.Value = int64(v)
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s OptInt64) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *OptInt64) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode implements json.Marshaler.
+func (s *Script) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *Script) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("ID")
+		e.Int64(s.ID)
+	}
+	{
+		e.FieldStart("Name")
+		e.Str(s.Name)
+	}
+	{
+		e.FieldStart("Hash")
+		e.Str(s.Hash)
+	}
+	{
+		e.FieldStart("Source")
+		e.Str(s.Source)
+	}
+	{
+		e.FieldStart("SubmissionID")
+		e.Int64(s.SubmissionID)
+	}
+}
+
+var jsonFieldsNameOfScript = [5]string{
+	0: "ID",
+	1: "Name",
+	2: "Hash",
+	3: "Source",
+	4: "SubmissionID",
+}
+
+// Decode decodes Script from json.
+func (s *Script) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode Script to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.ID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		case "Name":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Name = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Name\"")
+			}
+		case "Hash":
+			requiredBitSet[0] |= 1 << 2
+			if err := func() error {
+				v, err := d.Str()
+				s.Hash = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Hash\"")
+			}
+		case "Source":
+			requiredBitSet[0] |= 1 << 3
+			if err := func() error {
+				v, err := d.Str()
+				s.Source = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Source\"")
+			}
+		case "SubmissionID":
+			requiredBitSet[0] |= 1 << 4
+			if err := func() error {
+				v, err := d.Int64()
+				s.SubmissionID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode Script")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00011111,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfScript) {
+					name = jsonFieldsNameOfScript[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *Script) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *Script) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode implements json.Marshaler.
+func (s *ScriptCreate) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *ScriptCreate) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("Name")
+		e.Str(s.Name)
+	}
+	{
+		e.FieldStart("Source")
+		e.Str(s.Source)
+	}
+	{
+		if s.SubmissionID.Set {
+			e.FieldStart("SubmissionID")
+			s.SubmissionID.Encode(e)
+		}
+	}
+}
+
+var jsonFieldsNameOfScriptCreate = [3]string{
+	0: "Name",
+	1: "Source",
+	2: "SubmissionID",
+}
+
+// Decode decodes ScriptCreate from json.
+func (s *ScriptCreate) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode ScriptCreate to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "Name":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Str()
+				s.Name = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Name\"")
+			}
+		case "Source":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.Source = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Source\"")
+			}
+		case "SubmissionID":
+			if err := func() error {
+				s.SubmissionID.Reset()
+				if err := s.SubmissionID.Decode(d); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode ScriptCreate")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000011,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfScriptCreate) {
+					name = jsonFieldsNameOfScriptCreate[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *ScriptCreate) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *ScriptCreate) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode implements json.Marshaler.
+func (s *ScriptPolicy) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *ScriptPolicy) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("ID")
+		e.Int64(s.ID)
+	}
+	{
+		e.FieldStart("FromScriptHash")
+		e.Str(s.FromScriptHash)
+	}
+	{
+		e.FieldStart("ToScriptID")
+		e.Int64(s.ToScriptID)
+	}
+	{
+		e.FieldStart("Policy")
+		e.Int32(s.Policy)
+	}
+}
+
+var jsonFieldsNameOfScriptPolicy = [4]string{
+	0: "ID",
+	1: "FromScriptHash",
+	2: "ToScriptID",
+	3: "Policy",
+}
+
+// Decode decodes ScriptPolicy from json.
+func (s *ScriptPolicy) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode ScriptPolicy to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.ID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		case "FromScriptHash":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Str()
+				s.FromScriptHash = string(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"FromScriptHash\"")
+			}
+		case "ToScriptID":
+			requiredBitSet[0] |= 1 << 2
+			if err := func() error {
+				v, err := d.Int64()
+				s.ToScriptID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ToScriptID\"")
+			}
+		case "Policy":
+			requiredBitSet[0] |= 1 << 3
+			if err := func() error {
+				v, err := d.Int32()
+				s.Policy = int32(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Policy\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode ScriptPolicy")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00001111,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfScriptPolicy) {
+					name = jsonFieldsNameOfScriptPolicy[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *ScriptPolicy) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *ScriptPolicy) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}
+
+// Encode implements json.Marshaler.
+func (s *ScriptPolicyCreate) Encode(e *jx.Encoder) {
+	e.ObjStart()
+	s.encodeFields(e)
+	e.ObjEnd()
+}
+
+// encodeFields encodes fields.
+func (s *ScriptPolicyCreate) encodeFields(e *jx.Encoder) {
+	{
+		e.FieldStart("FromScriptID")
+		e.Int64(s.FromScriptID)
+	}
+	{
+		e.FieldStart("ToScriptID")
+		e.Int64(s.ToScriptID)
+	}
+	{
+		e.FieldStart("Policy")
+		e.Int32(s.Policy)
+	}
+}
+
+var jsonFieldsNameOfScriptPolicyCreate = [3]string{
+	0: "FromScriptID",
+	1: "ToScriptID",
+	2: "Policy",
+}
+
+// Decode decodes ScriptPolicyCreate from json.
+func (s *ScriptPolicyCreate) Decode(d *jx.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode ScriptPolicyCreate to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
+		switch string(k) {
+		case "FromScriptID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				v, err := d.Int64()
+				s.FromScriptID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"FromScriptID\"")
+			}
+		case "ToScriptID":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				v, err := d.Int64()
+				s.ToScriptID = int64(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ToScriptID\"")
+			}
+		case "Policy":
+			requiredBitSet[0] |= 1 << 2
+			if err := func() error {
+				v, err := d.Int32()
+				s.Policy = int32(v)
+				if err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Policy\"")
+			}
+		default:
+			return d.Skip()
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode ScriptPolicyCreate")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000111,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(jsonFieldsNameOfScriptPolicyCreate) {
+					name = jsonFieldsNameOfScriptPolicyCreate[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// MarshalJSON implements stdjson.Marshaler.
+func (s *ScriptPolicyCreate) MarshalJSON() ([]byte, error) {
+	e := jx.Encoder{}
+	s.Encode(&e)
+	return e.Bytes(), nil
+}
+
+// UnmarshalJSON implements stdjson.Unmarshaler.
+func (s *ScriptPolicyCreate) UnmarshalJSON(data []byte) error {
+	d := jx.DecodeBytes(data)
+	return s.Decode(d)
+}

pkg/internal/oas_operations_gen.go

@@ -6,7 +6,14 @@ package api
 type OperationName = string
 
 const (
+	ActionSubmissionAcceptedOperation  OperationName = "ActionSubmissionAccepted"
 	ActionSubmissionReleasedOperation  OperationName = "ActionSubmissionReleased"
 	ActionSubmissionUploadedOperation  OperationName = "ActionSubmissionUploaded"
 	ActionSubmissionValidatedOperation OperationName = "ActionSubmissionValidated"
+	CreateScriptOperation              OperationName = "CreateScript"
+	CreateScriptPolicyOperation        OperationName = "CreateScriptPolicy"
+	GetScriptOperation                 OperationName = "GetScript"
+	ListScriptPolicyOperation          OperationName = "ListScriptPolicy"
+	ListScriptsOperation               OperationName = "ListScripts"
+	UpdateSubmissionModelOperation     OperationName = "UpdateSubmissionModel"
 )

pkg/internal/oas_request_decoders_gen.go

@@ -1,3 +1,150 @@
 // Code generated by ogen, DO NOT EDIT.
 
 package api
+
+import (
+	"io"
+	"mime"
+	"net/http"
+
+	"github.com/go-faster/errors"
+	"github.com/go-faster/jx"
+	"go.uber.org/multierr"
+
+	"github.com/ogen-go/ogen/ogenerrors"
+	"github.com/ogen-go/ogen/validate"
+)
+
+func (s *Server) decodeCreateScriptRequest(r *http.Request) (
+	req *ScriptCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request ScriptCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		if err := func() error {
+			if err := request.Validate(); err != nil {
+				return err
+			}
+			return nil
+		}(); err != nil {
+			return req, close, errors.Wrap(err, "validate")
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}
+
+func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
+	req *ScriptPolicyCreate,
+	close func() error,
+	rerr error,
+) {
+	var closers []func() error
+	close = func() error {
+		var merr error
+		// Close in reverse order, to match defer behavior.
+		for i := len(closers) - 1; i >= 0; i-- {
+			c := closers[i]
+			merr = multierr.Append(merr, c())
+		}
+		return merr
+	}
+	defer func() {
+		if rerr != nil {
+			rerr = multierr.Append(rerr, close())
+		}
+	}()
+	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
+	if err != nil {
+		return req, close, errors.Wrap(err, "parse media type")
+	}
+	switch {
+	case ct == "application/json":
+		if r.ContentLength == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+		buf, err := io.ReadAll(r.Body)
+		if err != nil {
+			return req, close, err
+		}
+
+		if len(buf) == 0 {
+			return req, close, validate.ErrBodyRequired
+		}
+
+		d := jx.DecodeBytes(buf)
+
+		var request ScriptPolicyCreate
+		if err := func() error {
+			if err := request.Decode(d); err != nil {
+				return err
+			}
+			if err := d.Skip(); err != io.EOF {
+				return errors.New("unexpected trailing data")
+			}
+			return nil
+		}(); err != nil {
+			err = &ogenerrors.DecodeBodyError{
+				ContentType: ct,
+				Body:        buf,
+				Err:         err,
+			}
+			return req, close, err
+		}
+		return &request, close, nil
+	default:
+		return req, close, validate.InvalidContentType(ct)
+	}
+}

pkg/internal/oas_request_encoders_gen.go

@@ -1,3 +1,40 @@
 // Code generated by ogen, DO NOT EDIT.
 
 package api
+
+import (
+	"bytes"
+	"net/http"
+
+	"github.com/go-faster/jx"
+
+	ht "github.com/ogen-go/ogen/http"
+)
+
+func encodeCreateScriptRequest(
+	req *ScriptCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}
+
+func encodeCreateScriptPolicyRequest(
+	req *ScriptPolicyCreate,
+	r *http.Request,
+) error {
+	const contentType = "application/json"
+	e := new(jx.Encoder)
+	{
+		req.Encode(e)
+	}
+	encoded := e.Bytes()
+	ht.SetBody(r, bytes.NewReader(encoded), contentType)
+	return nil
+}

pkg/internal/oas_response_decoders_gen.go

@@ -3,6 +3,7 @@
 package api
 
 import (
+	"fmt"
 	"io"
 	"mime"
 	"net/http"
@@ -14,6 +15,57 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 
+func decodeActionSubmissionAcceptedResponse(resp *http.Response) (res *ActionSubmissionAcceptedNoContent, _ error) {
+	switch resp.StatusCode {
+	case 204:
+		// Code 204.
+		return &ActionSubmissionAcceptedNoContent{}, nil
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
 func decodeActionSubmissionReleasedResponse(resp *http.Response) (res *ActionSubmissionReleasedNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -166,3 +218,546 @@ func decodeActionSubmissionValidatedResponse(resp *http.Response) (res *ActionSu
 	}
 	return res, errors.Wrap(defRes, "error")
 }
+
+func decodeCreateScriptResponse(resp *http.Response) (res *ID, _ error) {
+	switch resp.StatusCode {
+	case 201:
+		// Code 201.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response ID
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeCreateScriptPolicyResponse(resp *http.Response) (res *ID, _ error) {
+	switch resp.StatusCode {
+	case 201:
+		// Code 201.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response ID
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeGetScriptResponse(resp *http.Response) (res *Script, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Script
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if err := response.Validate(); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return &response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []ScriptPolicy
+			if err := func() error {
+				response = make([]ScriptPolicy, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem ScriptPolicy
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeListScriptsResponse(resp *http.Response) (res []Script, _ error) {
+	switch resp.StatusCode {
+	case 200:
+		// Code 200.
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response []Script
+			if err := func() error {
+				response = make([]Script, 0)
+				if err := d.Arr(func(d *jx.Decoder) error {
+					var elem Script
+					if err := elem.Decode(d); err != nil {
+						return err
+					}
+					response = append(response, elem)
+					return nil
+				}); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			// Validate response.
+			if err := func() error {
+				if response == nil {
+					return errors.New("nil is invalid value")
+				}
+				var failures []validate.FieldError
+				for i, elem := range response {
+					if err := func() error {
+						if err := elem.Validate(); err != nil {
+							return err
+						}
+						return nil
+					}(); err != nil {
+						failures = append(failures, validate.FieldError{
+							Name:  fmt.Sprintf("[%d]", i),
+							Error: err,
+						})
+					}
+				}
+				if len(failures) > 0 {
+					return &validate.Error{Fields: failures}
+				}
+				return nil
+			}(); err != nil {
+				return res, errors.Wrap(err, "validate")
+			}
+			return response, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}
+
+func decodeUpdateSubmissionModelResponse(resp *http.Response) (res *UpdateSubmissionModelNoContent, _ error) {
+	switch resp.StatusCode {
+	case 204:
+		// Code 204.
+		return &UpdateSubmissionModelNoContent{}, nil
+	}
+	// Convenient error response.
+	defRes, err := func() (res *ErrorStatusCode, err error) {
+		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
+		if err != nil {
+			return res, errors.Wrap(err, "parse media type")
+		}
+		switch {
+		case ct == "application/json":
+			buf, err := io.ReadAll(resp.Body)
+			if err != nil {
+				return res, err
+			}
+			d := jx.DecodeBytes(buf)
+
+			var response Error
+			if err := func() error {
+				if err := response.Decode(d); err != nil {
+					return err
+				}
+				if err := d.Skip(); err != io.EOF {
+					return errors.New("unexpected trailing data")
+				}
+				return nil
+			}(); err != nil {
+				err = &ogenerrors.DecodeBodyError{
+					ContentType: ct,
+					Body:        buf,
+					Err:         err,
+				}
+				return res, err
+			}
+			return &ErrorStatusCode{
+				StatusCode: resp.StatusCode,
+				Response:   response,
+			}, nil
+		default:
+			return res, validate.InvalidContentType(ct)
+		}
+	}()
+	if err != nil {
+		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
+	}
+	return res, errors.Wrap(defRes, "error")
+}

pkg/internal/oas_response_encoders_gen.go

@@ -13,6 +13,13 @@ import (
 	ht "github.com/ogen-go/ogen/http"
 )
 
+func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeActionSubmissionReleasedResponse(response *ActionSubmissionReleasedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -34,6 +41,91 @@ func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidated
 	return nil
 }
 
+func encodeCreateScriptResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeCreateScriptPolicyResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(201)
+	span.SetStatus(codes.Ok, http.StatusText(201))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeGetScriptResponse(response *Script, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	response.Encode(e)
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(200)
+	span.SetStatus(codes.Ok, http.StatusText(200))
+
+	e := new(jx.Encoder)
+	e.ArrStart()
+	for _, elem := range response {
+		elem.Encode(e)
+	}
+	e.ArrEnd()
+	if _, err := e.WriteTo(w); err != nil {
+		return errors.Wrap(err, "write")
+	}
+
+	return nil
+}
+
+func encodeUpdateSubmissionModelResponse(response *UpdateSubmissionModelNoContent, w http.ResponseWriter, span trace.Span) error {
+	w.WriteHeader(204)
+	span.SetStatus(codes.Ok, http.StatusText(204))
+
+	return nil
+}
+
 func encodeErrorResponse(response *ErrorStatusCode, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	code := response.StatusCode

pkg/internal/oas_router_gen.go

@@ -49,30 +49,21 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			break
 		}
 		switch elem[0] {
-		case '/': // Prefix: "/submissions/"
+		case '/': // Prefix: "/s"
 			origElem := elem
-			if l := len("/submissions/"); len(elem) >= l && elem[0:l] == "/submissions/" {
+			if l := len("/s"); len(elem) >= l && elem[0:l] == "/s" {
 				elem = elem[l:]
 			} else {
 				break
 			}
 
-			// Param: "SubmissionID"
-			// Match until "/"
-			idx := strings.IndexByte(elem, '/')
-			if idx < 0 {
-				idx = len(elem)
-			}
-			args[0] = elem[:idx]
-			elem = elem[idx:]
-
 			if len(elem) == 0 {
 				break
 			}
 			switch elem[0] {
-			case '/': // Prefix: "/status/"
+			case 'c': // Prefix: "cript"
 				origElem := elem
-				if l := len("/status/"); len(elem) >= l && elem[0:l] == "/status/" {
+				if l := len("cript"); len(elem) >= l && elem[0:l] == "cript" {
 					elem = elem[l:]
 				} else {
 					break
@@ -82,9 +73,9 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 					break
 				}
 				switch elem[0] {
-				case 'r': // Prefix: "releaser-released"
+				case '-': // Prefix: "-policy"
 					origElem := elem
-					if l := len("releaser-released"); len(elem) >= l && elem[0:l] == "releaser-released" {
+					if l := len("-policy"); len(elem) >= l && elem[0:l] == "-policy" {
 						elem = elem[l:]
 					} else {
 						break
@@ -93,21 +84,97 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 					if len(elem) == 0 {
 						// Leaf node.
 						switch r.Method {
+						case "GET":
+							s.handleListScriptPolicyRequest([0]string{}, elemIsEscaped, w, r)
 						case "POST":
-							s.handleActionSubmissionReleasedRequest([1]string{
+							s.handleCreateScriptPolicyRequest([0]string{}, elemIsEscaped, w, r)
-								args[0],
-							}, elemIsEscaped, w, r)
 						default:
-							s.notAllowed(w, r, "POST")
+							s.notAllowed(w, r, "GET,POST")
 						}
 
 						return
 					}
 
 					elem = origElem
-				case 'v': // Prefix: "validator-"
+				case 's': // Prefix: "s"
 					origElem := elem
-					if l := len("validator-"); len(elem) >= l && elem[0:l] == "validator-" {
+					if l := len("s"); len(elem) >= l && elem[0:l] == "s" {
+						elem = elem[l:]
+					} else {
+						break
+					}
+
+					if len(elem) == 0 {
+						switch r.Method {
+						case "GET":
+							s.handleListScriptsRequest([0]string{}, elemIsEscaped, w, r)
+						case "POST":
+							s.handleCreateScriptRequest([0]string{}, elemIsEscaped, w, r)
+						default:
+							s.notAllowed(w, r, "GET,POST")
+						}
+
+						return
+					}
+					switch elem[0] {
+					case '/': // Prefix: "/"
+						origElem := elem
+						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						// Param: "ScriptID"
+						// Leaf parameter
+						args[0] = elem
+						elem = ""
+
+						if len(elem) == 0 {
+							// Leaf node.
+							switch r.Method {
+							case "GET":
+								s.handleGetScriptRequest([1]string{
+									args[0],
+								}, elemIsEscaped, w, r)
+							default:
+								s.notAllowed(w, r, "GET")
+							}
+
+							return
+						}
+
+						elem = origElem
+					}
+
+					elem = origElem
+				}
+
+				elem = origElem
+			case 'u': // Prefix: "ubmissions/"
+				origElem := elem
+				if l := len("ubmissions/"); len(elem) >= l && elem[0:l] == "ubmissions/" {
+					elem = elem[l:]
+				} else {
+					break
+				}
+
+				// Param: "SubmissionID"
+				// Match until "/"
+				idx := strings.IndexByte(elem, '/')
+				if idx < 0 {
+					idx = len(elem)
+				}
+				args[0] = elem[:idx]
+				elem = elem[idx:]
+
+				if len(elem) == 0 {
+					break
+				}
+				switch elem[0] {
+				case '/': // Prefix: "/"
+					origElem := elem
+					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
 						elem = elem[l:]
 					} else {
 						break
@@ -117,9 +184,9 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 						break
 					}
 					switch elem[0] {
-					case 'u': // Prefix: "uploaded"
+					case 'm': // Prefix: "model"
 						origElem := elem
-						if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
+						if l := len("model"); len(elem) >= l && elem[0:l] == "model" {
 							elem = elem[l:]
 						} else {
 							break
@@ -129,7 +196,7 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 							// Leaf node.
 							switch r.Method {
 							case "POST":
-								s.handleActionSubmissionUploadedRequest([1]string{
+								s.handleUpdateSubmissionModelRequest([1]string{
 									args[0],
 								}, elemIsEscaped, w, r)
 							default:
@@ -140,26 +207,125 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 						}
 
 						elem = origElem
-					case 'v': // Prefix: "validated"
+					case 's': // Prefix: "status/"
 						origElem := elem
-						if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
+						if l := len("status/"); len(elem) >= l && elem[0:l] == "status/" {
 							elem = elem[l:]
 						} else {
 							break
 						}
 
 						if len(elem) == 0 {
-							// Leaf node.
+							break
-							switch r.Method {
+						}
-							case "POST":
+						switch elem[0] {
-								s.handleActionSubmissionValidatedRequest([1]string{
+						case 'r': // Prefix: "releaser-released"
-									args[0],
+							origElem := elem
-								}, elemIsEscaped, w, r)
+							if l := len("releaser-released"); len(elem) >= l && elem[0:l] == "releaser-released" {
-							default:
+								elem = elem[l:]
-								s.notAllowed(w, r, "POST")
+							} else {
+								break
 							}
 
-							return
+							if len(elem) == 0 {
+								// Leaf node.
+								switch r.Method {
+								case "POST":
+									s.handleActionSubmissionReleasedRequest([1]string{
+										args[0],
+									}, elemIsEscaped, w, r)
+								default:
+									s.notAllowed(w, r, "POST")
+								}
+
+								return
+							}
+
+							elem = origElem
+						case 'v': // Prefix: "validator-"
+							origElem := elem
+							if l := len("validator-"); len(elem) >= l && elem[0:l] == "validator-" {
+								elem = elem[l:]
+							} else {
+								break
+							}
+
+							if len(elem) == 0 {
+								break
+							}
+							switch elem[0] {
+							case 'f': // Prefix: "failed"
+								origElem := elem
+								if l := len("failed"); len(elem) >= l && elem[0:l] == "failed" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch r.Method {
+									case "POST":
+										s.handleActionSubmissionAcceptedRequest([1]string{
+											args[0],
+										}, elemIsEscaped, w, r)
+									default:
+										s.notAllowed(w, r, "POST")
+									}
+
+									return
+								}
+
+								elem = origElem
+							case 'u': // Prefix: "uploaded"
+								origElem := elem
+								if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch r.Method {
+									case "POST":
+										s.handleActionSubmissionUploadedRequest([1]string{
+											args[0],
+										}, elemIsEscaped, w, r)
+									default:
+										s.notAllowed(w, r, "POST")
+									}
+
+									return
+								}
+
+								elem = origElem
+							case 'v': // Prefix: "validated"
+								origElem := elem
+								if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch r.Method {
+									case "POST":
+										s.handleActionSubmissionValidatedRequest([1]string{
+											args[0],
+										}, elemIsEscaped, w, r)
+									default:
+										s.notAllowed(w, r, "POST")
+									}
+
+									return
+								}
+
+								elem = origElem
+							}
+
+							elem = origElem
 						}
 
 						elem = origElem
@@ -252,30 +418,21 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 			break
 		}
 		switch elem[0] {
-		case '/': // Prefix: "/submissions/"
+		case '/': // Prefix: "/s"
 			origElem := elem
-			if l := len("/submissions/"); len(elem) >= l && elem[0:l] == "/submissions/" {
+			if l := len("/s"); len(elem) >= l && elem[0:l] == "/s" {
 				elem = elem[l:]
 			} else {
 				break
 			}
 
-			// Param: "SubmissionID"
-			// Match until "/"
-			idx := strings.IndexByte(elem, '/')
-			if idx < 0 {
-				idx = len(elem)
-			}
-			args[0] = elem[:idx]
-			elem = elem[idx:]
-
 			if len(elem) == 0 {
 				break
 			}
 			switch elem[0] {
-			case '/': // Prefix: "/status/"
+			case 'c': // Prefix: "cript"
 				origElem := elem
-				if l := len("/status/"); len(elem) >= l && elem[0:l] == "/status/" {
+				if l := len("cript"); len(elem) >= l && elem[0:l] == "cript" {
 					elem = elem[l:]
 				} else {
 					break
@@ -285,9 +442,9 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 					break
 				}
 				switch elem[0] {
-				case 'r': // Prefix: "releaser-released"
+				case '-': // Prefix: "-policy"
 					origElem := elem
-					if l := len("releaser-released"); len(elem) >= l && elem[0:l] == "releaser-released" {
+					if l := len("-policy"); len(elem) >= l && elem[0:l] == "-policy" {
 						elem = elem[l:]
 					} else {
 						break
@@ -296,13 +453,21 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 					if len(elem) == 0 {
 						// Leaf node.
 						switch method {
-						case "POST":
+						case "GET":
-							r.name = ActionSubmissionReleasedOperation
+							r.name = ListScriptPolicyOperation
-							r.summary = "(Internal endpoint) Role Releaser changes status from releasing -> released"
+							r.summary = "Get list of script policies"
-							r.operationID = "actionSubmissionReleased"
+							r.operationID = "listScriptPolicy"
-							r.pathPattern = "/submissions/{SubmissionID}/status/releaser-released"
+							r.pathPattern = "/script-policy"
 							r.args = args
-							r.count = 1
+							r.count = 0
+							return r, true
+						case "POST":
+							r.name = CreateScriptPolicyOperation
+							r.summary = "Create a new script policy"
+							r.operationID = "createScriptPolicy"
+							r.pathPattern = "/script-policy"
+							r.args = args
+							r.count = 0
 							return r, true
 						default:
 							return
@@ -310,34 +475,58 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 					}
 
 					elem = origElem
-				case 'v': // Prefix: "validator-"
+				case 's': // Prefix: "s"
 					origElem := elem
-					if l := len("validator-"); len(elem) >= l && elem[0:l] == "validator-" {
+					if l := len("s"); len(elem) >= l && elem[0:l] == "s" {
 						elem = elem[l:]
 					} else {
 						break
 					}
 
 					if len(elem) == 0 {
-						break
+						switch method {
+						case "GET":
+							r.name = ListScriptsOperation
+							r.summary = "Get list of scripts"
+							r.operationID = "listScripts"
+							r.pathPattern = "/scripts"
+							r.args = args
+							r.count = 0
+							return r, true
+						case "POST":
+							r.name = CreateScriptOperation
+							r.summary = "Create a new script"
+							r.operationID = "createScript"
+							r.pathPattern = "/scripts"
+							r.args = args
+							r.count = 0
+							return r, true
+						default:
+							return
+						}
 					}
 					switch elem[0] {
-					case 'u': // Prefix: "uploaded"
+					case '/': // Prefix: "/"
 						origElem := elem
-						if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
+						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
 							elem = elem[l:]
 						} else {
 							break
 						}
 
+						// Param: "ScriptID"
+						// Leaf parameter
+						args[0] = elem
+						elem = ""
+
 						if len(elem) == 0 {
 							// Leaf node.
 							switch method {
-							case "POST":
+							case "GET":
-								r.name = ActionSubmissionUploadedOperation
+								r.name = GetScriptOperation
-								r.summary = "(Internal endpoint) Role Validator changes status from Uploading -> Uploaded"
+								r.summary = "Get the specified script by ID"
-								r.operationID = "actionSubmissionUploaded"
+								r.operationID = "getScript"
-								r.pathPattern = "/submissions/{SubmissionID}/status/validator-uploaded"
+								r.pathPattern = "/scripts/{ScriptID}"
 								r.args = args
 								r.count = 1
 								return r, true
@@ -347,9 +536,48 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 						}
 
 						elem = origElem
-					case 'v': // Prefix: "validated"
+					}
+
+					elem = origElem
+				}
+
+				elem = origElem
+			case 'u': // Prefix: "ubmissions/"
+				origElem := elem
+				if l := len("ubmissions/"); len(elem) >= l && elem[0:l] == "ubmissions/" {
+					elem = elem[l:]
+				} else {
+					break
+				}
+
+				// Param: "SubmissionID"
+				// Match until "/"
+				idx := strings.IndexByte(elem, '/')
+				if idx < 0 {
+					idx = len(elem)
+				}
+				args[0] = elem[:idx]
+				elem = elem[idx:]
+
+				if len(elem) == 0 {
+					break
+				}
+				switch elem[0] {
+				case '/': // Prefix: "/"
+					origElem := elem
+					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
+						elem = elem[l:]
+					} else {
+						break
+					}
+
+					if len(elem) == 0 {
+						break
+					}
+					switch elem[0] {
+					case 'm': // Prefix: "model"
 						origElem := elem
-						if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
+						if l := len("model"); len(elem) >= l && elem[0:l] == "model" {
 							elem = elem[l:]
 						} else {
 							break
@@ -359,10 +587,10 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 							// Leaf node.
 							switch method {
 							case "POST":
-								r.name = ActionSubmissionValidatedOperation
+								r.name = UpdateSubmissionModelOperation
-								r.summary = "(Internal endpoint) Role Validator changes status from Validating -> Validated"
+								r.summary = "Update model following role restrictions"
-								r.operationID = "actionSubmissionValidated"
+								r.operationID = "updateSubmissionModel"
-								r.pathPattern = "/submissions/{SubmissionID}/status/validator-validated"
+								r.pathPattern = "/submissions/{SubmissionID}/model"
 								r.args = args
 								r.count = 1
 								return r, true
@@ -371,6 +599,136 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 							}
 						}
 
+						elem = origElem
+					case 's': // Prefix: "status/"
+						origElem := elem
+						if l := len("status/"); len(elem) >= l && elem[0:l] == "status/" {
+							elem = elem[l:]
+						} else {
+							break
+						}
+
+						if len(elem) == 0 {
+							break
+						}
+						switch elem[0] {
+						case 'r': // Prefix: "releaser-released"
+							origElem := elem
+							if l := len("releaser-released"); len(elem) >= l && elem[0:l] == "releaser-released" {
+								elem = elem[l:]
+							} else {
+								break
+							}
+
+							if len(elem) == 0 {
+								// Leaf node.
+								switch method {
+								case "POST":
+									r.name = ActionSubmissionReleasedOperation
+									r.summary = "(Internal endpoint) Role Releaser changes status from releasing -> released"
+									r.operationID = "actionSubmissionReleased"
+									r.pathPattern = "/submissions/{SubmissionID}/status/releaser-released"
+									r.args = args
+									r.count = 1
+									return r, true
+								default:
+									return
+								}
+							}
+
+							elem = origElem
+						case 'v': // Prefix: "validator-"
+							origElem := elem
+							if l := len("validator-"); len(elem) >= l && elem[0:l] == "validator-" {
+								elem = elem[l:]
+							} else {
+								break
+							}
+
+							if len(elem) == 0 {
+								break
+							}
+							switch elem[0] {
+							case 'f': // Prefix: "failed"
+								origElem := elem
+								if l := len("failed"); len(elem) >= l && elem[0:l] == "failed" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch method {
+									case "POST":
+										r.name = ActionSubmissionAcceptedOperation
+										r.summary = "(Internal endpoint) Role Validator changes status from Validating -> Accepted"
+										r.operationID = "actionSubmissionAccepted"
+										r.pathPattern = "/submissions/{SubmissionID}/status/validator-failed"
+										r.args = args
+										r.count = 1
+										return r, true
+									default:
+										return
+									}
+								}
+
+								elem = origElem
+							case 'u': // Prefix: "uploaded"
+								origElem := elem
+								if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch method {
+									case "POST":
+										r.name = ActionSubmissionUploadedOperation
+										r.summary = "(Internal endpoint) Role Validator changes status from Uploading -> Uploaded"
+										r.operationID = "actionSubmissionUploaded"
+										r.pathPattern = "/submissions/{SubmissionID}/status/validator-uploaded"
+										r.args = args
+										r.count = 1
+										return r, true
+									default:
+										return
+									}
+								}
+
+								elem = origElem
+							case 'v': // Prefix: "validated"
+								origElem := elem
+								if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
+									elem = elem[l:]
+								} else {
+									break
+								}
+
+								if len(elem) == 0 {
+									// Leaf node.
+									switch method {
+									case "POST":
+										r.name = ActionSubmissionValidatedOperation
+										r.summary = "(Internal endpoint) Role Validator changes status from Validating -> Validated"
+										r.operationID = "actionSubmissionValidated"
+										r.pathPattern = "/submissions/{SubmissionID}/status/validator-validated"
+										r.args = args
+										r.count = 1
+										return r, true
+									default:
+										return
+									}
+								}
+
+								elem = origElem
+							}
+
+							elem = origElem
+						}
+
 						elem = origElem
 					}
 

pkg/internal/oas_schemas_gen.go

@@ -10,6 +10,9 @@ func (s *ErrorStatusCode) Error() string {
 	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
 }
 
+// ActionSubmissionAcceptedNoContent is response for ActionSubmissionAccepted operation.
+type ActionSubmissionAcceptedNoContent struct{}
+
 // ActionSubmissionReleasedNoContent is response for ActionSubmissionReleased operation.
 type ActionSubmissionReleasedNoContent struct{}
 
@@ -72,6 +75,67 @@ func (s *ErrorStatusCode) SetResponse(val Error) {
 	s.Response = val
 }
 
+// Ref: #/components/schemas/Id
+type ID struct {
+	ID int64 `json:"ID"`
+}
+
+// GetID returns the value of ID.
+func (s *ID) GetID() int64 {
+	return s.ID
+}
+
+// SetID sets the value of ID.
+func (s *ID) SetID(val int64) {
+	s.ID = val
+}
+
+// NewOptInt32 returns new OptInt32 with value set to v.
+func NewOptInt32(v int32) OptInt32 {
+	return OptInt32{
+		Value: v,
+		Set:   true,
+	}
+}
+
+// OptInt32 is optional int32.
+type OptInt32 struct {
+	Value int32
+	Set   bool
+}
+
+// IsSet returns true if OptInt32 was set.
+func (o OptInt32) IsSet() bool { return o.Set }
+
+// Reset unsets value.
+func (o *OptInt32) Reset() {
+	var v int32
+	o.Value = v
+	o.Set = false
+}
+
+// SetTo sets value to v.
+func (o *OptInt32) SetTo(v int32) {
+	o.Set = true
+	o.Value = v
+}
+
+// Get returns value and boolean that denotes whether value was set.
+func (o OptInt32) Get() (v int32, ok bool) {
+	if !o.Set {
+		return v, false
+	}
+	return o.Value, true
+}
+
+// Or returns value if set, or given parameter if does not.
+func (o OptInt32) Or(d int32) int32 {
+	if v, ok := o.Get(); ok {
+		return v
+	}
+	return d
+}
+
 // NewOptInt64 returns new OptInt64 with value set to v.
 func NewOptInt64(v int64) OptInt64 {
 	return OptInt64{
@@ -117,3 +181,233 @@ func (o OptInt64) Or(d int64) int64 {
 	}
 	return d
 }
+
+// NewOptString returns new OptString with value set to v.
+func NewOptString(v string) OptString {
+	return OptString{
+		Value: v,
+		Set:   true,
+	}
+}
+
+// OptString is optional string.
+type OptString struct {
+	Value string
+	Set   bool
+}
+
+// IsSet returns true if OptString was set.
+func (o OptString) IsSet() bool { return o.Set }
+
+// Reset unsets value.
+func (o *OptString) Reset() {
+	var v string
+	o.Value = v
+	o.Set = false
+}
+
+// SetTo sets value to v.
+func (o *OptString) SetTo(v string) {
+	o.Set = true
+	o.Value = v
+}
+
+// Get returns value and boolean that denotes whether value was set.
+func (o OptString) Get() (v string, ok bool) {
+	if !o.Set {
+		return v, false
+	}
+	return o.Value, true
+}
+
+// Or returns value if set, or given parameter if does not.
+func (o OptString) Or(d string) string {
+	if v, ok := o.Get(); ok {
+		return v
+	}
+	return d
+}
+
+// Ref: #/components/schemas/Script
+type Script struct {
+	ID           int64  `json:"ID"`
+	Name         string `json:"Name"`
+	Hash         string `json:"Hash"`
+	Source       string `json:"Source"`
+	SubmissionID int64  `json:"SubmissionID"`
+}
+
+// GetID returns the value of ID.
+func (s *Script) GetID() int64 {
+	return s.ID
+}
+
+// GetName returns the value of Name.
+func (s *Script) GetName() string {
+	return s.Name
+}
+
+// GetHash returns the value of Hash.
+func (s *Script) GetHash() string {
+	return s.Hash
+}
+
+// GetSource returns the value of Source.
+func (s *Script) GetSource() string {
+	return s.Source
+}
+
+// GetSubmissionID returns the value of SubmissionID.
+func (s *Script) GetSubmissionID() int64 {
+	return s.SubmissionID
+}
+
+// SetID sets the value of ID.
+func (s *Script) SetID(val int64) {
+	s.ID = val
+}
+
+// SetName sets the value of Name.
+func (s *Script) SetName(val string) {
+	s.Name = val
+}
+
+// SetHash sets the value of Hash.
+func (s *Script) SetHash(val string) {
+	s.Hash = val
+}
+
+// SetSource sets the value of Source.
+func (s *Script) SetSource(val string) {
+	s.Source = val
+}
+
+// SetSubmissionID sets the value of SubmissionID.
+func (s *Script) SetSubmissionID(val int64) {
+	s.SubmissionID = val
+}
+
+// Ref: #/components/schemas/ScriptCreate
+type ScriptCreate struct {
+	Name         string   `json:"Name"`
+	Source       string   `json:"Source"`
+	SubmissionID OptInt64 `json:"SubmissionID"`
+}
+
+// GetName returns the value of Name.
+func (s *ScriptCreate) GetName() string {
+	return s.Name
+}
+
+// GetSource returns the value of Source.
+func (s *ScriptCreate) GetSource() string {
+	return s.Source
+}
+
+// GetSubmissionID returns the value of SubmissionID.
+func (s *ScriptCreate) GetSubmissionID() OptInt64 {
+	return s.SubmissionID
+}
+
+// SetName sets the value of Name.
+func (s *ScriptCreate) SetName(val string) {
+	s.Name = val
+}
+
+// SetSource sets the value of Source.
+func (s *ScriptCreate) SetSource(val string) {
+	s.Source = val
+}
+
+// SetSubmissionID sets the value of SubmissionID.
+func (s *ScriptCreate) SetSubmissionID(val OptInt64) {
+	s.SubmissionID = val
+}
+
+// Ref: #/components/schemas/ScriptPolicy
+type ScriptPolicy struct {
+	ID             int64  `json:"ID"`
+	FromScriptHash string `json:"FromScriptHash"`
+	ToScriptID     int64  `json:"ToScriptID"`
+	Policy         int32  `json:"Policy"`
+}
+
+// GetID returns the value of ID.
+func (s *ScriptPolicy) GetID() int64 {
+	return s.ID
+}
+
+// GetFromScriptHash returns the value of FromScriptHash.
+func (s *ScriptPolicy) GetFromScriptHash() string {
+	return s.FromScriptHash
+}
+
+// GetToScriptID returns the value of ToScriptID.
+func (s *ScriptPolicy) GetToScriptID() int64 {
+	return s.ToScriptID
+}
+
+// GetPolicy returns the value of Policy.
+func (s *ScriptPolicy) GetPolicy() int32 {
+	return s.Policy
+}
+
+// SetID sets the value of ID.
+func (s *ScriptPolicy) SetID(val int64) {
+	s.ID = val
+}
+
+// SetFromScriptHash sets the value of FromScriptHash.
+func (s *ScriptPolicy) SetFromScriptHash(val string) {
+	s.FromScriptHash = val
+}
+
+// SetToScriptID sets the value of ToScriptID.
+func (s *ScriptPolicy) SetToScriptID(val int64) {
+	s.ToScriptID = val
+}
+
+// SetPolicy sets the value of Policy.
+func (s *ScriptPolicy) SetPolicy(val int32) {
+	s.Policy = val
+}
+
+// Ref: #/components/schemas/ScriptPolicyCreate
+type ScriptPolicyCreate struct {
+	FromScriptID int64 `json:"FromScriptID"`
+	ToScriptID   int64 `json:"ToScriptID"`
+	Policy       int32 `json:"Policy"`
+}
+
+// GetFromScriptID returns the value of FromScriptID.
+func (s *ScriptPolicyCreate) GetFromScriptID() int64 {
+	return s.FromScriptID
+}
+
+// GetToScriptID returns the value of ToScriptID.
+func (s *ScriptPolicyCreate) GetToScriptID() int64 {
+	return s.ToScriptID
+}
+
+// GetPolicy returns the value of Policy.
+func (s *ScriptPolicyCreate) GetPolicy() int32 {
+	return s.Policy
+}
+
+// SetFromScriptID sets the value of FromScriptID.
+func (s *ScriptPolicyCreate) SetFromScriptID(val int64) {
+	s.FromScriptID = val
+}
+
+// SetToScriptID sets the value of ToScriptID.
+func (s *ScriptPolicyCreate) SetToScriptID(val int64) {
+	s.ToScriptID = val
+}
+
+// SetPolicy sets the value of Policy.
+func (s *ScriptPolicyCreate) SetPolicy(val int32) {
+	s.Policy = val
+}
+
+// UpdateSubmissionModelNoContent is response for UpdateSubmissionModel operation.
+type UpdateSubmissionModelNoContent struct{}

pkg/internal/oas_server_gen.go

@@ -8,6 +8,12 @@ import (
 
 // Handler handles operations described by OpenAPI v3 specification.
 type Handler interface {
+	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+	//
+	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+	//
+	// POST /submissions/{SubmissionID}/status/validator-failed
+	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
 	// ActionSubmissionReleased implements actionSubmissionReleased operation.
 	//
 	// (Internal endpoint) Role Releaser changes status from releasing -> released.
@@ -26,6 +32,42 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/validator-validated
 	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
+	// CreateScript implements createScript operation.
+	//
+	// Create a new script.
+	//
+	// POST /scripts
+	CreateScript(ctx context.Context, req *ScriptCreate) (*ID, error)
+	// CreateScriptPolicy implements createScriptPolicy operation.
+	//
+	// Create a new script policy.
+	//
+	// POST /script-policy
+	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ID, error)
+	// GetScript implements getScript operation.
+	//
+	// Get the specified script by ID.
+	//
+	// GET /scripts/{ScriptID}
+	GetScript(ctx context.Context, params GetScriptParams) (*Script, error)
+	// ListScriptPolicy implements listScriptPolicy operation.
+	//
+	// Get list of script policies.
+	//
+	// GET /script-policy
+	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
+	// ListScripts implements listScripts operation.
+	//
+	// Get list of scripts.
+	//
+	// GET /scripts
+	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
+	// UpdateSubmissionModel implements updateSubmissionModel operation.
+	//
+	// Update model following role restrictions.
+	//
+	// POST /submissions/{SubmissionID}/model
+	UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error
 	// NewError creates *ErrorStatusCode from error returned by handler.
 	//
 	// Used for common default response.

pkg/internal/oas_unimplemented_gen.go

@@ -13,6 +13,15 @@ type UnimplementedHandler struct{}
 
 var _ Handler = UnimplementedHandler{}
 
+// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+//
+// POST /submissions/{SubmissionID}/status/validator-failed
+func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
+	return ht.ErrNotImplemented
+}
+
 // ActionSubmissionReleased implements actionSubmissionReleased operation.
 //
 // (Internal endpoint) Role Releaser changes status from releasing -> released.
@@ -40,6 +49,60 @@ func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, param
 	return ht.ErrNotImplemented
 }
 
+// CreateScript implements createScript operation.
+//
+// Create a new script.
+//
+// POST /scripts
+func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// CreateScriptPolicy implements createScriptPolicy operation.
+//
+// Create a new script policy.
+//
+// POST /script-policy
+func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ID, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// GetScript implements getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /scripts/{ScriptID}
+func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParams) (r *Script, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScriptPolicy implements listScriptPolicy operation.
+//
+// Get list of script policies.
+//
+// GET /script-policy
+func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
+// UpdateSubmissionModel implements updateSubmissionModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /submissions/{SubmissionID}/model
+func (UnimplementedHandler) UpdateSubmissionModel(ctx context.Context, params UpdateSubmissionModelParams) error {
+	return ht.ErrNotImplemented
+}
+
 // NewError creates *ErrorStatusCode from error returned by handler.
 //
 // Used for common default response.

pkg/internal/oas_validators_gen.go

@@ -0,0 +1,159 @@
+// Code generated by ogen, DO NOT EDIT.
+
+package api
+
+import (
+	"github.com/go-faster/errors"
+
+	"github.com/ogen-go/ogen/validate"
+)
+
+func (s *Script) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    16,
+			MinLengthSet: true,
+			MaxLength:    16,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Hash)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Hash",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    1048576,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Source)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Source",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptCreate) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    128,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Name)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Name",
+			Error: err,
+		})
+	}
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    0,
+			MinLengthSet: false,
+			MaxLength:    1048576,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.Source)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Source",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *ScriptPolicy) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
+	if err := func() error {
+		if err := (validate.String{
+			MinLength:    16,
+			MinLengthSet: true,
+			MaxLength:    16,
+			MaxLengthSet: true,
+			Email:        false,
+			Hostname:     false,
+			Regex:        nil,
+		}).Validate(string(s.FromScriptHash)); err != nil {
+			return errors.Wrap(err, "string")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "FromScriptHash",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}

pkg/model/nats.go

@@ -8,22 +8,22 @@ package model
 type ValidateRequest struct {
 	// submission_id is passed back in the response message
 	SubmissionID     int64
-	ModelID          uint64
+	ModelID          int64
-	ModelVersion     uint64
+	ModelVersion     int64
-	ValidatedModelID uint64 // optional value
+	ValidatedModelID int64 // optional value
 }
 
 // Create a new map
 type PublishNewRequest struct {
 	SubmissionID int64
-	ModelID      uint64
+	ModelID      int64
-	ModelVersion uint64
+	ModelVersion int64
 	ModelName    string
 }
 
 type PublishFixRequest struct {
 	SubmissionID  int64
-	ModelID       uint64
+	ModelID       int64
-	ModelVersion  uint64
+	ModelVersion  int64
-	TargetAssetID uint64
+	TargetAssetID int64
 }

pkg/model/policy.go

@@ -17,7 +17,7 @@ type ScriptPolicy struct {
 	// Hash of the source code that leads to this policy.
 	// If this is a replacement mapping, the original source may not be pointed to by any policy.
 	// The original source should still exist in the scripts table, which can be located by the same hash.
-	FromScriptHash uint64
+	FromScriptHash int64 // postgres does not support unsigned integers, so we have to pretend
 	// The ID of the replacement source (ScriptPolicyReplace)
 	// or verbatim source (ScriptPolicyAllowed)
 	// or 0 (other)

pkg/model/script.go

@@ -1,10 +1,32 @@
 package model
 
-import "time"
+import (
+	"fmt"
+	"strconv"
+	"time"
+
+	"github.com/dchest/siphash"
+)
+
+// compute the hash of a source code string
+func HashSource(source string) uint64{
+	return siphash.Hash(0, 0, []byte(source))
+}
+
+// format a hash value as a hexidecimal string
+func HashFormat(hash uint64) string{
+	return fmt.Sprintf("%016x", hash)
+}
+
+// parse a hexidecimal hash string
+func HashParse(hash string) (uint64, error){
+	return strconv.ParseUint(hash, 16, 64)
+}
 
 type Script struct {
 	ID           int64 `gorm:"primaryKey"`
-	Hash         uint64
+	Name         string
+	Hash         int64 // postgres does not support unsigned integers, so we have to pretend
 	Source       string
 	SubmissionID int64 // which submission did this script first appear in
 	CreatedAt    time.Time

pkg/model/submission.go

@@ -14,7 +14,7 @@ const (
 	StatusUploading  Status = 6
 	StatusValidated  Status = 5
 	StatusValidating Status = 4
-	StatusAccepted   Status = 3
+	StatusAccepted   Status = 3 // pending script review, can re-trigger validation
 
 	// Phase: Creation
 	StatusChangesRequested  Status = 2
@@ -29,10 +29,10 @@ type Submission struct {
 	GameID        int32
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
-	Submitter     uint64 // UserID
+	Submitter     int64 // UserID
-	AssetID       uint64
+	AssetID       int64
-	AssetVersion  uint64
+	AssetVersion  int64
 	Completed     bool   // Has this version of the map been completed at least once on maptest
-	TargetAssetID uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
+	TargetAssetID int64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
 	StatusID      Status
 }

pkg/service/script_policy.go

@@ -2,8 +2,6 @@ package service
 
 import (
 	"context"
-	"fmt"
-	"strconv"
 
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
@@ -53,18 +51,26 @@ func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolic
 // Get list of script policies.
 //
 // GET /script-policy
-func (svc *Service) ListScriptPolicy(ctx context.Context, request *api.ListScriptPolicyReq) ([]api.ScriptPolicy, error) {
+func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
 	filter := datastore.Optional()
-	//fmt.Println(request)
+
-	if request.Filter.IsSet() {
+	if params.FromScriptHash.IsSet(){
-		filter.AddNotNil("from_script_hash", request.Filter.Value.FromScriptHash)
+		hash, err := model.HashParse(params.FromScriptHash.Value)
-		filter.AddNotNil("to_script_id", request.Filter.Value.ToScriptID)
+		if err != nil {
-		filter.AddNotNil("policy", request.Filter.Value.Policy)
+			return nil, err
+		}
+		filter.AddNotNil("from_script_hash", int64(hash)) // No type safety!
+	}
+	if params.ToScriptID.IsSet(){
+		filter.AddNotNil("to_script_id", params.ToScriptID.Value)
+	}
+	if params.Policy.IsSet(){
+		filter.AddNotNil("policy", params.Policy.Value)
 	}
 
 	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
-		Number: request.Page.GetPage(),
+		Number: params.Page,
-		Size:   request.Page.GetLimit(),
+		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
@@ -74,7 +80,7 @@ func (svc *Service) ListScriptPolicy(ctx context.Context, request *api.ListScrip
 	for i := 0; i < len(items); i++ {
 		resp = append(resp, api.ScriptPolicy{
 			ID:             items[i].ID,
-			FromScriptHash: fmt.Sprintf("%x", items[i].FromScriptHash),
+			FromScriptHash: model.HashFormat(uint64(items[i].FromScriptHash)),
 			ToScriptID:     items[i].ToScriptID,
 			Policy:         int32(items[i].Policy),
 		})
@@ -87,7 +93,7 @@ func (svc *Service) ListScriptPolicy(ctx context.Context, request *api.ListScrip
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/id/{ScriptPolicyID}
+// DELETE /script-policy/{ScriptPolicyID}
 func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScriptPolicyParams) error {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
@@ -105,7 +111,7 @@ func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScr
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/id/{ScriptPolicyID}
+// GET /script-policy/{ScriptPolicyID}
 func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPolicyParams) (*api.ScriptPolicy, error) {
 	_, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
@@ -121,39 +127,7 @@ func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPol
 
 	return &api.ScriptPolicy{
 		ID:             policy.ID,
-		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
+		FromScriptHash: model.HashFormat(uint64(policy.FromScriptHash)),
-		ToScriptID:     policy.ToScriptID,
-		Policy:         int32(policy.Policy),
-	}, nil
-}
-
-// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
-//
-// Get the policy for the given hash of script source code.
-//
-// GET /script-policy/hash/{FromScriptHash}
-func (svc *Service) GetScriptPolicyFromHash(ctx context.Context, params api.GetScriptPolicyFromHashParams) (*api.ScriptPolicy, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfo)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	// Read permission for script policy only requires you to be logged in
-
-	// parse hash from hex
-	hash, err := strconv.ParseUint(params.FromScriptHash, 16, 64)
-	if err != nil {
-		return nil, err
-	}
-
-	policy, err := svc.DB.ScriptPolicy().GetFromHash(ctx, hash)
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.ScriptPolicy{
-		ID:             policy.ID,
-		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
 		ToScriptID:     policy.ToScriptID,
 		Policy:         int32(policy.Policy),
 	}, nil
@@ -163,7 +137,7 @@ func (svc *Service) GetScriptPolicyFromHash(ctx context.Context, params api.GetS
 //
 // Update the specified script policy by ID.
 //
-// PATCH /script-policy/id/{ScriptPolicyID}
+// POST /script-policy/{ScriptPolicyID}
 func (svc *Service) UpdateScriptPolicy(ctx context.Context, req *api.ScriptPolicyUpdate, params api.UpdateScriptPolicyParams) error {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {

pkg/service/scripts.go

@@ -2,12 +2,10 @@ package service
 
 import (
 	"context"
-	"fmt"
 
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
-	"github.com/dchest/siphash"
 )
 
 // CreateScript implements createScript operation.
@@ -27,7 +25,8 @@ func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*a
 
 	script, err := svc.DB.Scripts().Create(ctx, model.Script{
 		ID:           0,
-		Hash:         siphash.Hash(0, 0, []byte(req.Source)),
+		Name:         req.Name,
+		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
 		SubmissionID: req.SubmissionID.Or(0),
 	})
@@ -40,6 +39,52 @@ func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*a
 	}, nil
 }
 
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
+	filter := datastore.Optional()
+
+	if params.Hash.IsSet(){
+		hash, err := model.HashParse(params.Hash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.AddNotNil("hash", int64(hash)) // No type safety!
+	}
+	if params.Name.IsSet(){
+		filter.AddNotNil("name", params.Name.Value)
+	}
+	if params.Source.IsSet(){
+		filter.AddNotNil("source", params.Source.Value)
+	}
+	if params.SubmissionID.IsSet(){
+		filter.AddNotNil("submission_id", params.SubmissionID.Value)
+	}
+
+	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Script
+	for i := 0; i < len(items); i++ {
+		resp = append(resp, api.Script{
+			ID:           items[i].ID,
+			Hash:         model.HashFormat(uint64(items[i].Hash)),
+			Source:       items[i].Source,
+			SubmissionID: items[i].SubmissionID,
+		})
+	}
+
+	return resp, nil
+}
+
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
@@ -78,7 +123,8 @@ func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (
 
 	return &api.Script{
 		ID:           script.ID,
-		Hash:         fmt.Sprintf("%x", script.Hash),
+		Name:         script.Name,
+		Hash:         model.HashFormat(uint64(script.Hash)),
 		Source:       script.Source,
 		SubmissionID: script.SubmissionID,
 	}, nil
@@ -100,9 +146,12 @@ func (svc *Service) UpdateScript(ctx context.Context, req *api.ScriptUpdate, par
 	}
 
 	pmap := datastore.Optional()
+	if Name, ok := req.Name.Get(); ok {
+		pmap.Add("name", Name)
+	}
 	if source, ok := req.Source.Get(); ok {
 		pmap.Add("source", source)
-		pmap.Add("hash", siphash.Hash(0, 0, []byte(source)))
+		pmap.Add("hash", int64(model.HashSource(source))) // No type safety!
 	}
 	if SubmissionID, ok := req.SubmissionID.Get(); ok {
 		pmap.Add("submission_id", SubmissionID)

pkg/service/security.go

@@ -15,6 +15,8 @@ var (
 )
 
 var (
+	// has ScriptWrite
+	RoleQuat int32 = 255
 	// has SubmissionPublish
 	RoleMapAdmin int32 = 128
 	// has SubmissionReview
@@ -80,6 +82,9 @@ func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName a
 
 	// fix this when roblox udpates group roles
 	for _, r := range role.Roles {
+		if RoleQuat <= r.Rank {
+			roles.ScriptWrite = true
+		}
 		if RoleMapAdmin <= r.Rank {
 			roles.SubmissionRelease = true
 		}

pkg/service/service.go

@@ -25,6 +25,9 @@ type Service struct {
 // Used for common default response.
 func (svc *Service) NewError(ctx context.Context, err error) *api.ErrorStatusCode {
 	status := 500
+	if errors.Is(err, datastore.ErrNotExist) {
+		status = 404
+	}
 	if errors.Is(err, ErrPermissionDenied) {
 		status = 403
 	}

pkg/service/submissions.go

@@ -3,12 +3,38 @@ package service
 import (
 	"context"
 	"encoding/json"
+	"errors"
 
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 
+var(
+	CreationPhaseSubmissionsLimit = 20
+	CreationPhaseSubmissionStatuses = []model.Status{
+		model.StatusChangesRequested,
+		model.StatusSubmitted,
+		model.StatusUnderConstruction,
+	}
+	ActiveSubmissionStatuses = []model.Status{
+		model.StatusUploaded,
+		model.StatusUploading,
+		model.StatusValidated,
+		model.StatusValidating,
+		model.StatusAccepted,
+		model.StatusChangesRequested,
+		model.StatusSubmitted,
+		model.StatusUnderConstruction,
+	}
+)
+
+var (
+	ErrCreationPhaseSubmissionsLimit = errors.New("Active submissions limited to 20")
+	ErrActiveSubmissionSameAssetID = errors.New("There is an active submission with the same AssetID")
+	ErrActiveSubmissionSameTargetAssetID = errors.New("There is an active submission with the same TargetAssetID")
+)
+
 // POST /submissions
 func (svc *Service) CreateSubmission(ctx context.Context, request *api.SubmissionCreate) (*api.ID, error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
@@ -16,16 +42,71 @@ func (svc *Service) CreateSubmission(ctx context.Context, request *api.Submissio
 		return nil, ErrUserInfo
 	}
 
+	userId := userInfo.UserID
+
+	// Check if user's submissions in the creation phase exceeds the limit
+	{
+		filter := datastore.Optional()
+		filter.Add("submitter", int64(userId))
+		filter.Add("status_id", CreationPhaseSubmissionStatuses)
+		creation_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   int32(CreationPhaseSubmissionsLimit),
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		if CreationPhaseSubmissionsLimit <= len(creation_submissions) {
+			return nil, ErrCreationPhaseSubmissionsLimit
+		}
+	}
+
+	// Check if an active submission with the same asset id exists
+	{
+		filter := datastore.Optional()
+		filter.Add("asset_id", request.AssetID)
+		filter.Add("asset_version", request.AssetVersion)
+		filter.Add("status_id", ActiveSubmissionStatuses)
+		active_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   1,
+		})
+		if err != nil {
+			return nil, err
+		}
+		if len(active_submissions) != 0{
+			return nil, ErrActiveSubmissionSameAssetID
+		}
+	}
+
+	// Check if an active submission with the same target asset id exists
+	if request.TargetAssetID.IsSet() && request.TargetAssetID.Value != 0{
+		filter := datastore.Optional()
+		filter.Add("target_asset_id", request.TargetAssetID.Value)
+		filter.Add("status_id", ActiveSubmissionStatuses)
+		active_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
+			Number: 1,
+			Size:   1,
+		})
+		if err != nil {
+			return nil, err
+		}
+		if len(active_submissions) != 0{
+			return nil, ErrActiveSubmissionSameTargetAssetID
+		}
+	}
+
 	submission, err := svc.DB.Submissions().Create(ctx, model.Submission{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        request.GameID,
-		Submitter:     userInfo.UserID,
+		Submitter:     int64(userId),
-		AssetID:       uint64(request.AssetID),
+		AssetID:       request.AssetID,
-		AssetVersion:  uint64(request.AssetVersion),
+		AssetVersion:  request.AssetVersion,
 		Completed:     false,
-		TargetAssetID: uint64(request.TargetAssetID.Value),
+		TargetAssetID: request.TargetAssetID.Value,
 		StatusID:      model.StatusUnderConstruction,
 	})
 	if err != nil {
@@ -67,18 +148,22 @@ func (svc *Service) GetSubmission(ctx context.Context, params api.GetSubmissionP
 // Get list of submissions.
 //
 // GET /submissions
-func (svc *Service) ListSubmissions(ctx context.Context, request *api.ListSubmissionsReq) ([]api.Submission, error) {
+func (svc *Service) ListSubmissions(ctx context.Context, params api.ListSubmissionsParams) ([]api.Submission, error) {
 	filter := datastore.Optional()
-	//fmt.Println(request)
+
-	if request.Filter.IsSet() {
+	if params.DisplayName.IsSet(){
-		filter.AddNotNil("display_name", request.Filter.Value.DisplayName)
+		filter.Add("display_name", params.DisplayName.Value)
-		filter.AddNotNil("creator", request.Filter.Value.Creator)
+	}
-		filter.AddNotNil("game_id", request.Filter.Value.GameID)
+	if params.Creator.IsSet(){
+		filter.Add("creator", params.Creator.Value)
+	}
+	if params.GameID.IsSet(){
+		filter.Add("game_id", params.GameID.Value)
 	}
 
 	items, err := svc.DB.Submissions().List(ctx, filter, model.Page{
-		Number: request.Page.GetPage(),
+		Number: params.Page,
-		Size:   request.Page.GetLimit(),
+		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
@@ -127,7 +212,7 @@ func (svc *Service) SetSubmissionCompleted(ctx context.Context, params api.SetSu
 	return err
 }
 
-// PatchSubmissionModel implements patchSubmissionModel operation.
+// UpdateSubmissionModel implements patchSubmissionModel operation.
 //
 // Update model following role restrictions.
 //
@@ -145,7 +230,7 @@ func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.Update
 	}
 
 	// check if caller is the submitter
-	if !userInfo.IsSubmitter(submission.Submitter) {
+	if !userInfo.IsSubmitter(uint64(submission.Submitter)) {
 		return ErrPermissionDenied
 	}
 
@@ -220,7 +305,7 @@ func (svc *Service) ActionSubmissionRevoke(ctx context.Context, params api.Actio
 	}
 
 	// check if caller is the submitter
-	if !userInfo.IsSubmitter(submission.Submitter) {
+	if !userInfo.IsSubmitter(uint64(submission.Submitter)) {
 		return ErrPermissionDenied
 	}
 
@@ -248,7 +333,7 @@ func (svc *Service) ActionSubmissionSubmit(ctx context.Context, params api.Actio
 	}
 
 	// check if caller is the submitter
-	if !userInfo.IsSubmitter(submission.Submitter) {
+	if !userInfo.IsSubmitter(uint64(submission.Submitter)) {
 		return ErrPermissionDenied
 	}
 

pkg/service_internal/script_policy.go

@@ -0,0 +1,80 @@
+package service_internal
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// CreateScriptPolicy implements createScriptPolicy operation.
+//
+// Create a new script policy.
+//
+// POST /script-policy
+func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ID, error) {
+	from_script, err := svc.DB.Scripts().Get(ctx, req.FromScriptID)
+	if err != nil {
+		return nil, err
+	}
+
+	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
+
+	script, err := svc.DB.ScriptPolicy().Create(ctx, model.ScriptPolicy{
+		ID:             0,
+		FromScriptHash: from_script.Hash,
+		ToScriptID:     req.ToScriptID,
+		Policy:         model.Policy(req.Policy),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.ID{
+		ID: script.ID,
+	}, nil
+}
+
+// ListScriptPolicy implements listScriptPolicy operation.
+//
+// Get list of script policies.
+//
+// GET /script-policy
+func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
+	filter := datastore.Optional()
+
+	if params.FromScriptHash.IsSet(){
+		hash, err := model.HashParse(params.FromScriptHash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.AddNotNil("from_script_hash", int64(hash)) // No type safety!
+	}
+	if params.ToScriptID.IsSet(){
+		filter.AddNotNil("to_script_id", params.ToScriptID.Value)
+	}
+	if params.Policy.IsSet(){
+		filter.AddNotNil("policy", params.Policy.Value)
+	}
+
+	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.ScriptPolicy
+	for i := 0; i < len(items); i++ {
+		resp = append(resp, api.ScriptPolicy{
+			ID:             items[i].ID,
+			FromScriptHash: model.HashFormat(uint64(items[i].FromScriptHash)),
+			ToScriptID:     items[i].ToScriptID,
+			Policy:         int32(items[i].Policy),
+		})
+	}
+
+	return resp, nil
+}

pkg/service_internal/scripts.go

@@ -0,0 +1,97 @@
+package service_internal
+
+import (
+	"context"
+
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	"git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/model"
+)
+
+// CreateScript implements createScript operation.
+//
+// Create a new script.
+//
+// POST /scripts
+func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ID, error) {
+	script, err := svc.DB.Scripts().Create(ctx, model.Script{
+		ID:           0,
+		Name:         req.Name,
+		Hash:         int64(model.HashSource(req.Source)),
+		Source:       req.Source,
+		SubmissionID: req.SubmissionID.Or(0),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.ID{
+		ID: script.ID,
+	}, nil
+}
+
+// ListScripts implements listScripts operation.
+//
+// Get list of scripts.
+//
+// GET /scripts
+func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
+	filter := datastore.Optional()
+
+	if params.Hash.IsSet(){
+		hash, err := model.HashParse(params.Hash.Value)
+		if err != nil {
+			return nil, err
+		}
+		filter.AddNotNil("hash", int64(hash)) // No type safety!
+	}
+	if params.Name.IsSet(){
+		filter.AddNotNil("name", params.Name.Value)
+	}
+	if params.Source.IsSet(){
+		filter.AddNotNil("source", params.Source.Value)
+	}
+	if params.SubmissionID.IsSet(){
+		filter.AddNotNil("submission_id", params.SubmissionID.Value)
+	}
+
+	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
+		Number: params.Page,
+		Size:   params.Limit,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	var resp []api.Script
+	for i := 0; i < len(items); i++ {
+		resp = append(resp, api.Script{
+			ID:           items[i].ID,
+			Hash:         model.HashFormat(uint64(items[i].Hash)),
+			Source:       items[i].Source,
+			SubmissionID: items[i].SubmissionID,
+		})
+	}
+
+	return resp, nil
+}
+
+// GetScript implements getScript operation.
+//
+// Get the specified script by ID.
+//
+// GET /scripts/{ScriptID}
+func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
+	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.Script{
+		ID:           script.ID,
+		Name:         script.Name,
+		Hash:         model.HashFormat(uint64(script.Hash)),
+		Source:       script.Source,
+		SubmissionID: script.SubmissionID,
+	}, nil
+}

pkg/service_internal/service_internal.go

@@ -2,8 +2,10 @@ package service_internal
 
 import (
 	"context"
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"errors"
+
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
+	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"github.com/nats-io/nats.go"
 )
 
@@ -15,6 +17,9 @@ type Service struct {
 // yay duplicate code
 func (svc *Service) NewError(ctx context.Context, err error) *internal.ErrorStatusCode {
 	status := 500
+	if errors.Is(err, datastore.ErrNotExist) {
+		status = 404
+	}
 	return &internal.ErrorStatusCode{
 		StatusCode: status,
 		Response: internal.Error{

pkg/service_internal/submissions.go

@@ -8,13 +8,28 @@ import (
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 
+// UpdateSubmissionModel implements patchSubmissionModel operation.
+//
+// Update model following role restrictions.
+//
+// POST /submissions/{SubmissionID}/model
+func (svc *Service) UpdateSubmissionModel(ctx context.Context, params internal.UpdateSubmissionModelParams) error {
+	// check if Status is ChangesRequested|Submitted|UnderConstruction
+	pmap := datastore.Optional()
+	pmap.AddNotNil("asset_id", params.ModelID)
+	pmap.AddNotNil("asset_version", params.VersionID)
+	//always reset completed when model changes
+	pmap.Add("completed", false)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidating}, pmap)
+}
+
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
-// POST /submissions/{SubmissionID}/status/validate
+// POST /submissions/{SubmissionID}/status/validator-validated
 func (svc *Service) ActionSubmissionValidated(ctx context.Context, params internal.ActionSubmissionValidatedParams) error {
-	println("[ActionSubmissionValidate] Implicit Validator permission granted!")
+	println("[ActionSubmissionValidated] Implicit Validator permission granted!")
 
 	// transaction
 	smap := datastore.Optional()
@@ -22,6 +37,20 @@ func (svc *Service) ActionSubmissionValidated(ctx context.Context, params intern
 	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidating}, smap)
 }
 
+// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+//
+// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
+//
+// POST /submissions/{SubmissionID}/status/validator-failed
+func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params internal.ActionSubmissionAcceptedParams) error {
+	println("[ActionSubmissionAccepted] Implicit Validator permission granted!")
+
+	// transaction
+	smap := datastore.Optional()
+	smap.Add("status_id", model.StatusAccepted)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidating}, smap)
+}
+
 // ActionSubmissionReleased implements actionSubmissionReleased operation.
 //
 // (Internal endpoint) Role Releaser changes status from Uploaded -> Released.

releaser/.cargo/config.toml

@@ -1,2 +0,0 @@
-[registries.strafesnet]
-index = "sparse+https://git.itzana.me/api/packages/strafesnet/cargo/"

releaser/Cargo.toml

@@ -1,11 +0,0 @@
-[package]
-name = "releaser"
-version = "0.1.0"
-edition = "2021"
-
-[dependencies]
-submissions-api = { version = "0.2.1", features = ["internal"], default-features = false, registry = "strafesnet" }
-rbx_asset = { version = "0.2.5", registry = "strafesnet" }
-rust-grpc = { version = "1.0.3", registry = "strafesnet" }
-tokio = { version = "1.41.1", features = ["macros", "rt-multi-thread", "signal"] }
-tonic = "0.12.3"

releaser/Containerfile

@@ -1,24 +0,0 @@
-# Using the `rust-musl-builder` as base image, instead of
-# the official Rust toolchain
-FROM docker.io/clux/muslrust:stable AS chef
-USER root
-RUN cargo install cargo-chef
-WORKDIR /app
-
-FROM chef AS planner
-COPY . .
-RUN cargo chef prepare --recipe-path recipe.json
-
-FROM chef AS builder
-COPY --from=planner /app/recipe.json recipe.json
-
-# Notice that we are specifying the --target flag!
-RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
-COPY . .
-RUN cargo build --release --target x86_64-unknown-linux-musl --bin releaser
-
-FROM docker.io/alpine:latest AS runtime
-RUN addgroup -S myuser && adduser -S myuser -G myuser
-COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/releaser /usr/local/bin/
-USER myuser
-ENTRYPOINT ["/usr/local/bin/releaser"]

releaser/src/main.rs

@@ -1,32 +0,0 @@
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum StartupError{
-	API(submissions_api::ReqwestError),
-	GRPCConnect(tonic::transport::Error),
-}
-impl std::fmt::Display for StartupError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for StartupError{}
-
-// annoying mile-long type
-pub type MapsServiceClient=rust_grpc::maps::maps_service_client::MapsServiceClient<tonic::transport::channel::Channel>;
-
-#[tokio::main]
-async fn main()->Result<(),StartupError>{
-	// maps-service api
-	let api_host=std::env::var("API_HOST").expect("API_HOST env required");
-	let api=submissions_api::internal::Context::new(api_host).map_err(StartupError::API)?;
-
-	// data-service grpc for creating map entries
-	let data_host=std::env::var("DATA_HOST").expect("DATA_HOST env required");
-	let maps_grpc=crate::MapsServiceClient::connect(data_host).await.map_err(StartupError::GRPCConnect)?;
-
-	// request maps pending release
-	// randomize list
-	// release maps
-
-	Ok(())
-}

submissions-api-rs/src/context.rs

@@ -1,23 +0,0 @@
-#[derive(Clone)]
-pub struct Context{
-	pub base_url:String,
-	client:reqwest::Client,
-}
-
-impl Context{
-	pub fn new(mut base_url:String)->reqwest::Result<Self>{
-		base_url+="/v1";
-		Ok(Self{
-			base_url,
-			client:reqwest::Client::new(),
-		})
-	}
-	pub async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.get(url)
-		.send().await
-	}
-	pub async fn post(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.post(url)
-		.send().await
-	}
-}

submissions-api-rs/src/external.rs

@@ -1,86 +0,0 @@
-use crate::Error;
-
-#[derive(serde::Deserialize)]
-pub struct ScriptID(pub(crate) i64);
-
-#[allow(nonstandard_style)]
-pub struct GetScriptRequest{
-	pub ScriptID:ScriptID,
-}
-#[allow(nonstandard_style)]
-#[derive(serde::Deserialize)]
-pub struct ScriptResponse{
-	pub ID:i64,
-	pub Hash:String,
-	pub Source:String,
-	pub SubmissionID:i64,
-}
-
-#[derive(serde::Deserialize)]
-#[repr(i32)]
-pub enum Policy{
-	None=0, // not yet reviewed
-	Allowed=1,
-	Blocked=2,
-	Delete=3,
-	Replace=4,
-}
-
-pub struct ScriptPolicyHashRequest{
-	pub hash:String,
-}
-#[allow(nonstandard_style)]
-#[derive(serde::Deserialize)]
-pub struct ScriptPolicyResponse{
-	pub ID:i64,
-	pub FromScriptHash:String,
-	pub ToScriptID:ScriptID,
-	pub Policy:Policy
-}
-
-#[allow(nonstandard_style)]
-pub struct UpdateSubmissionModelRequest{
-	pub SubmissionID:i64,
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-}
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-impl Context{
-	pub fn new(base_url:String)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url)?))
-	}
-	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
-		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		self.0.get(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policy_from_hash(&self,config:ScriptPolicyHashRequest)->Result<ScriptPolicyResponse,Error>{
-		let url_raw=format!("{}/script-policy/hash/{}",self.0.base_url,config.hash);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		self.0.get(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn update_submission_model(&self,config:UpdateSubmissionModelRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/model",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		{
-			url.query_pairs_mut()
-				.append_pair("ModelID",config.ModelID.to_string().as_str())
-				.append_pair("ModelVersion",config.ModelVersion.to_string().as_str());
-		}
-
-		self.0.post(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?;
-
-		Ok(())
-	}
-}

submissions-api-rs/src/internal.rs

@@ -1,48 +0,0 @@
-use crate::Error;
-
-#[allow(nonstandard_style)]
-pub struct ActionSubmissionUploadedRequest{
-	pub SubmissionID:i64,
-	pub TargetAssetID:Option<u64>,
-}
-
-pub struct SubmissionID(pub i64);
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-// there are lots of action endpoints and they all follow the same pattern
-macro_rules! action{
-	($fname:ident,$action:expr)=>{
-		pub async fn $fname(&self,config:SubmissionID)->Result<(),Error>{
-			let url_raw=format!(concat!("{}/submissions/{}/status/",$action),self.0.base_url,config.0);
-			let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-			self.0.post(url).await.map_err(Error::Reqwest)?
-			.error_for_status().map_err(Error::Reqwest)?;
-
-			Ok(())
-		}
-	};
-}
-impl Context{
-	pub fn new(base_url:String)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url)?))
-	}
-	pub async fn action_submission_uploaded(&self,config:ActionSubmissionUploadedRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/status/uploaded",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
-
-		if let Some(target_asset_id)=config.TargetAssetID{
-			url.query_pairs_mut()
-				.append_pair("TargetAssetID",target_asset_id.to_string().as_str());
-		}
-
-		self.0.post(url).await.map_err(Error::Reqwest)?
-		.error_for_status().map_err(Error::Reqwest)?;
-
-		Ok(())
-	}
-	action!(action_submission_validated,"validator-validated");
-	action!(action_submission_released,"releaser-released");
-}

submissions-api-rs/src/lib.rs

@@ -1,22 +0,0 @@
-mod context;
-
-#[cfg(feature="internal")]
-pub mod internal;
-
-#[cfg(feature="external")]
-pub mod external;
-
-//lazy reexport
-pub type ReqwestError=reqwest::Error;
-
-#[derive(Debug)]
-pub enum Error{
-	ParseError(url::ParseError),
-	Reqwest(reqwest::Error),
-}
-impl std::fmt::Display for Error{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for Error{}

validation/Cargo.lock

@@ -1804,13 +1804,12 @@ checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3"
 
 [[package]]
 name = "submissions-api"
-version = "0.2.1"
+version = "0.3.0"
-source = "sparse+https://git.itzana.me/api/packages/strafesnet/cargo/"
-checksum = "b19f7aa92e0680fe206048851ca21761be56de415a5071f37c368c045a95f839"
 dependencies = [
  "reqwest",
  "serde",
  "serde_json",
+ "serde_repr",
  "url",
 ]
 

validation/Cargo.toml

@@ -4,7 +4,7 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-submissions-api = { version = "0.2.1", features = ["internal","external"], registry = "strafesnet" }
+submissions-api = { path = "api", features = ["internal"], registry = "strafesnet" }
 async-nats = "0.38.0"
 futures = "0.3.31"
 rbx_asset = { version = "0.2.5", registry = "strafesnet" }

validation/Containerfile

@@ -11,7 +11,7 @@ RUN cargo chef prepare --recipe-path recipe.json
 
 FROM chef AS builder
 COPY --from=planner /app/recipe.json recipe.json
-
+COPY api ./api
 # Notice that we are specifying the --target flag!
 RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
 COPY . .

validation/api/Cargo.lock

@@ -895,6 +895,17 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "serde_repr"
+version = "0.1.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn",
+]
+
 [[package]]
 name = "serde_urlencoded"
 version = "0.7.1"
@@ -952,11 +963,12 @@ checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3"
 
 [[package]]
 name = "submissions-api"
-version = "0.2.1"
+version = "0.3.0"
 dependencies = [
  "reqwest",
  "serde",
  "serde_json",
+ "serde_repr",
  "url",
 ]
 

validation/api/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "submissions-api"
-version = "0.2.1"
+version = "0.3.0"
 edition = "2021"
 publish = ["strafesnet"]
 repository = "https://git.itzana.me/StrafesNET/maps-service"
@@ -14,9 +14,10 @@ authors = ["Rhys Lloyd <krakow20@gmail.com>"]
 reqwest = { version = "0", features = ["json"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
+serde_repr = "0.1.19"
 url = "2"
 
 [features]
-default = ["external"]
+default = ["internal"]
 internal = []
 external = []

validation/api/src/context.rs

@@ -0,0 +1,48 @@
+pub struct Cookie(reqwest::header::HeaderValue);
+
+impl Cookie{
+	/// cookie is prepended with "session_id=" by this function
+	pub fn new(cookie:&str)->Result<Self,reqwest::header::InvalidHeaderValue>{
+		Ok(Self(reqwest::header::HeaderValue::from_str(&format!("session_id={}",cookie))?))
+	}
+}
+
+#[derive(Clone)]
+pub struct Context{
+	pub base_url:String,
+	client:reqwest::Client,
+}
+
+impl Context{
+	pub fn new(mut base_url:String,cookie:Option<Cookie>)->reqwest::Result<Self>{
+		base_url+="/v1";
+		Ok(Self{
+			base_url,
+			client:{
+				let mut builder=reqwest::ClientBuilder::new();
+				if let Some(mut cookie)=cookie{
+					cookie.0.set_sensitive(true);
+					let mut headers=reqwest::header::HeaderMap::new();
+					headers.insert("Cookie",cookie.0);
+					builder=builder.default_headers(headers);
+				}
+				builder.build()?
+			},
+		})
+	}
+	pub async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.get(url)
+		.send().await
+	}
+	#[cfg(feature="internal")]
+	pub async fn post_empty_body(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.post(url)
+		.send().await
+	}
+	pub async fn post(&self,url:impl reqwest::IntoUrl,body:impl Into<reqwest::Body>)->Result<reqwest::Response,reqwest::Error>{
+		self.client.post(url)
+    	.header("Content-Type","application/json")
+    	.body(body)
+		.send().await
+	}
+}

validation/api/src/external.rs

@@ -0,0 +1,131 @@
+use crate::types::*;
+
+#[derive(Clone)]
+pub struct Context(crate::context::Context);
+
+impl Context{
+	pub fn new(base_url:String,cookie:crate::context::Cookie)->reqwest::Result<Self>{
+		Ok(Self(crate::context::Context::new(base_url,Some(cookie))?))
+	}
+	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
+		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_scripts<'a>(&self,config:GetScriptsRequest<'a>)->Result<Vec<ScriptResponse>,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(name)=config.Name{
+				query_pairs.append_pair("Name",name);
+			}
+			if let Some(hash)=config.Hash{
+				query_pairs.append_pair("Hash",hash);
+			}
+			if let Some(source)=config.Source{
+				query_pairs.append_pair("Source",source);
+			}
+			if let Some(submission_id)=config.SubmissionID{
+				query_pairs.append_pair("SubmissionID",submission_id.to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptResponse>,SingleItemError>{
+		let scripts=self.get_scripts(GetScriptsRequest{
+			Page:1,
+			Limit:2,
+			Hash:Some(config.hash),
+			Name:None,
+			Source:None,
+			SubmissionID:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<scripts.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(scripts.into_iter().next())
+	}
+	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(hash)=config.FromScriptHash{
+				query_pairs.append_pair("FromScriptHash",hash);
+			}
+			if let Some(script_id)=config.ToScriptID{
+				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
+			}
+			if let Some(policy)=config.Policy{
+				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
+		let policies=self.get_script_policies(GetScriptPoliciesRequest{
+			Page:1,
+			Limit:2,
+			FromScriptHash:Some(config.hash),
+			ToScriptID:None,
+			Policy:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<policies.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(policies.into_iter().next())
+	}
+	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn update_script_policy(&self,config:UpdateScriptPolicyRequest)->Result<(),Error>{
+		let url_raw=format!("{}/script-policy/{}",self.0.base_url,config.ID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?;
+
+		Ok(())
+	}
+}

validation/api/src/internal.rs

@@ -0,0 +1,126 @@
+use crate::types::*;
+
+#[derive(Clone)]
+pub struct Context(crate::context::Context);
+
+// there are lots of action endpoints and they all follow the same pattern
+macro_rules! action{
+	($fname:ident,$action:expr)=>{
+		pub async fn $fname(&self,config:SubmissionID)->Result<(),Error>{
+			let url_raw=format!(concat!("{}/submissions/{}/status/",$action),self.0.base_url,config.0);
+			let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+			response_ok(
+				self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
+			).await.map_err(Error::Response)?;
+
+			Ok(())
+		}
+	};
+}
+impl Context{
+	pub fn new(base_url:String)->reqwest::Result<Self>{
+		Ok(Self(crate::context::Context::new(base_url,None)?))
+	}
+	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
+		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
+		let url_raw=format!("{}/scripts",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			let mut query_pairs=url.query_pairs_mut();
+			query_pairs.append_pair("Page",config.Page.to_string().as_str());
+			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
+			if let Some(hash)=config.FromScriptHash{
+				query_pairs.append_pair("FromScriptHash",hash);
+			}
+			if let Some(script_id)=config.ToScriptID{
+				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
+			}
+			if let Some(policy)=config.Policy{
+				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
+			}
+		}
+
+		response_ok(
+			self.0.get(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
+		let policies=self.get_script_policies(GetScriptPoliciesRequest{
+			Page:1,
+			Limit:2,
+			FromScriptHash:Some(config.hash),
+			ToScriptID:None,
+			Policy:None,
+		}).await.map_err(SingleItemError::Other)?;
+		if 1<policies.len(){
+			return Err(SingleItemError::DuplicateItems);
+		}
+		Ok(policies.into_iter().next())
+	}
+	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
+		let url_raw=format!("{}/script-policy",self.0.base_url);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
+
+		response_ok(
+			self.0.post(url,body).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn update_submission_model(&self,config:UpdateSubmissionModelRequest)->Result<(),Error>{
+		let url_raw=format!("{}/submissions/{}/model",self.0.base_url,config.SubmissionID);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		{
+			url.query_pairs_mut()
+				.append_pair("ModelID",config.ModelID.to_string().as_str())
+				.append_pair("ModelVersion",config.ModelVersion.to_string().as_str());
+		}
+
+		response_ok(
+			self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?;
+
+		Ok(())
+	}
+	pub async fn action_submission_uploaded(&self,config:ActionSubmissionUploadedRequest)->Result<(),Error>{
+		let url_raw=format!("{}/submissions/{}/status/validator-uploaded",self.0.base_url,config.SubmissionID);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
+
+		if let Some(target_asset_id)=config.TargetAssetID{
+			url.query_pairs_mut()
+				.append_pair("TargetAssetID",target_asset_id.to_string().as_str());
+		}
+		response_ok(
+			self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
+		).await.map_err(Error::Response)?;
+
+		Ok(())
+	}
+	action!(action_submission_validated,"validator-validated");
+	action!(action_submission_accepted,"validator-failed");
+	action!(action_submission_released,"releaser-released");
+}

validation/api/src/lib.rs

@@ -0,0 +1,15 @@
+mod context;
+pub use context::Cookie;
+
+pub mod types;
+
+#[cfg(feature="internal")]
+pub mod internal;
+
+#[cfg(feature="external")]
+pub mod external;
+
+//lazy reexports
+pub use types::Error;
+pub type ReqwestError=reqwest::Error;
+pub type CookieError=reqwest::header::InvalidHeaderValue;

validation/api/src/types.rs

@@ -0,0 +1,180 @@
+#[derive(Debug)]
+pub enum Error{
+	Parse(url::ParseError),
+	Reqwest(reqwest::Error),
+	Response(ResponseError),
+	JSON(serde_json::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}
+
+#[derive(Debug)]
+pub enum SingleItemError{
+	DuplicateItems,
+	Other(Error),
+}
+impl std::fmt::Display for SingleItemError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for SingleItemError{}
+
+#[allow(dead_code)]
+#[derive(Debug)]
+pub struct StatusCodeWithUrlAndBody{
+	pub status_code:reqwest::StatusCode,
+	pub url:url::Url,
+	pub body:String,
+}
+
+#[derive(Debug)]
+pub enum ResponseError{
+	Reqwest(reqwest::Error),
+	StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody),
+}
+impl std::fmt::Display for ResponseError{
+	fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for ResponseError{}
+// lazy function to draw out meaningful info from http response on failure
+pub async fn response_ok(response:reqwest::Response)->Result<reqwest::Response,ResponseError>{
+	let status_code=response.status();
+	if status_code.is_success(){
+		Ok(response)
+	}else{
+		let url=response.url().to_owned();
+		let bytes=response.bytes().await.map_err(ResponseError::Reqwest)?;
+		let body=String::from_utf8_lossy(&bytes).to_string();
+		Err(ResponseError::StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody{
+			status_code,
+			url,
+			body,
+		}))
+	}
+}
+
+#[derive(Clone,Copy,PartialEq,Eq,serde::Serialize,serde::Deserialize)]
+pub struct ScriptID(pub(crate)i64);
+#[derive(Clone,Copy,serde::Serialize,serde::Deserialize)]
+pub struct ScriptPolicyID(pub(crate)i64);
+
+#[allow(nonstandard_style)]
+pub struct GetScriptRequest{
+	pub ScriptID:ScriptID,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Serialize)]
+pub struct GetScriptsRequest<'a>{
+	pub Page:u32,
+	pub Limit:u32,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Name:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Hash:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Source:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub SubmissionID:Option<i64>,
+}
+pub struct HashRequest<'a>{
+	pub hash:&'a str,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptResponse{
+	pub ID:ScriptID,
+	pub Name:String,
+	pub Hash:String,
+	pub Source:String,
+	pub SubmissionID:i64,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Serialize)]
+pub struct CreateScriptRequest<'a>{
+	pub Name:&'a str,
+	pub Source:&'a str,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub SubmissionID:Option<i64>,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptIDResponse{
+	pub ID:ScriptID,
+}
+
+#[derive(PartialEq,Eq,serde_repr::Serialize_repr,serde_repr::Deserialize_repr)]
+#[repr(i32)]
+pub enum Policy{
+	None=0, // not yet reviewed
+	Allowed=1,
+	Blocked=2,
+	Delete=3,
+	Replace=4,
+}
+
+#[allow(nonstandard_style)]
+#[derive(serde::Serialize)]
+pub struct GetScriptPoliciesRequest<'a>{
+	pub Page:u32,
+	pub Limit:u32,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub FromScriptHash:Option<&'a str>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ToScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Policy:Option<Policy>,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptPolicyResponse{
+	pub ID:ScriptPolicyID,
+	pub FromScriptHash:String,
+	pub ToScriptID:ScriptID,
+	pub Policy:Policy
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Serialize)]
+pub struct CreateScriptPolicyRequest{
+	pub FromScriptID:ScriptID,
+	pub ToScriptID:ScriptID,
+	pub Policy:Policy,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptPolicyIDResponse{
+	pub ID:ScriptPolicyID,
+}
+
+#[allow(nonstandard_style)]
+#[derive(serde::Serialize)]
+pub struct UpdateScriptPolicyRequest{
+	pub ID:ScriptPolicyID,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub FromScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub ToScriptID:Option<ScriptID>,
+	#[serde(skip_serializing_if="Option::is_none")]
+	pub Policy:Option<Policy>,
+}
+
+#[allow(nonstandard_style)]
+pub struct UpdateSubmissionModelRequest{
+	pub SubmissionID:i64,
+	pub ModelID:u64,
+	pub ModelVersion:u64,
+}
+
+#[allow(nonstandard_style)]
+pub struct ActionSubmissionUploadedRequest{
+	pub SubmissionID:i64,
+	pub TargetAssetID:Option<u64>,
+}
+
+pub struct SubmissionID(pub i64);

validation/src/main.rs

@@ -10,7 +10,6 @@ mod message_handler;
 #[derive(Debug)]
 pub enum StartupError{
 	API(submissions_api::ReqwestError),
-	APIInternal(submissions_api::ReqwestError),
 	NatsConnect(async_nats::ConnectError),
 	NatsGetStream(async_nats::jetstream::context::GetStreamError),
 	NatsConsumer(async_nats::jetstream::stream::ConsumerError),
@@ -23,22 +22,25 @@ impl std::fmt::Display for StartupError{
 }
 impl std::error::Error for StartupError{}
 
-pub const GROUP_STRAFESNET:u64=6980477;
-
 pub const PARALLEL_REQUESTS:usize=16;
 
 #[tokio::main]
 async fn main()->Result<(),StartupError>{
+	let group_id:Option<u64>=match std::env::var("ROBLOX_GROUP_ID"){
+		Ok(s)=>match s.as_str(){
+			"None"=>None,
+			_=>Some(s.parse().expect("ROBLOX_GROUP_ID int parse")),
+		},
+		Err(e)=>Err(e).expect("ROBLOX_GROUP_ID env required"),
+	};
+
 	// talk to roblox through STRAFESNET_CI2 account
 	let cookie=std::env::var("RBXCOOKIE").expect("RBXCOOKIE env required");
 	let cookie_context=rbx_asset::cookie::CookieContext::new(rbx_asset::cookie::Cookie::new(cookie));
 
 	// maps-service api
-	let api_host=std::env::var("API_HOST").expect("API_HOST env required");
-	let api=submissions_api::external::Context::new(api_host).map_err(StartupError::API)?;
-
 	let api_host_internal=std::env::var("API_HOST_INTERNAL").expect("API_HOST_INTERNAL env required");
-	let api_internal=submissions_api::internal::Context::new(api_host_internal).map_err(StartupError::APIInternal)?;
+	let api=submissions_api::internal::Context::new(api_host_internal).map_err(StartupError::API)?;
 
 	// nats
 	let nats_host=std::env::var("NATS_HOST").expect("NATS_HOST env required");
@@ -56,7 +58,7 @@ async fn main()->Result<(),StartupError>{
 			.messages().await.map_err(StartupError::NatsStream)
 	};
 
-	let message_handler=message_handler::MessageHandler::new(cookie_context,api,api_internal);
+	let message_handler=message_handler::MessageHandler::new(cookie_context,group_id,api);
 
 	// Create a signal listener for SIGTERM
 	let mut sig_term=tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate()).expect("Failed to create SIGTERM signal listener");

validation/src/message_handler.rs

@@ -3,6 +3,7 @@
 pub enum HandleMessageError{
 	Messages(async_nats::jetstream::consumer::pull::MessagesError),
 	DoubleAck(async_nats::Error),
+	Json(serde_json::Error),
 	UnknownSubject(String),
 	PublishNew(crate::publish_new::PublishError),
 	PublishFix(crate::publish_fix::PublishError),
@@ -17,6 +18,10 @@ impl std::error::Error for HandleMessageError{}
 
 pub type MessageResult=Result<async_nats::jetstream::Message,async_nats::jetstream::consumer::pull::MessagesError>;
 
+fn from_slice<'a,T:serde::de::Deserialize<'a>>(slice:&'a [u8])->Result<T,HandleMessageError>{
+	serde_json::from_slice(slice).map_err(HandleMessageError::Json)
+}
+
 pub struct MessageHandler{
 	publish_new:crate::publish_new::Publisher,
 	publish_fix:crate::publish_fix::Publisher,
@@ -26,22 +31,22 @@ pub struct MessageHandler{
 impl MessageHandler{
 	pub fn new(
 		cookie_context:rbx_asset::cookie::CookieContext,
-		api:submissions_api::external::Context,
+		group_id:Option<u64>,
-		api_internal:submissions_api::internal::Context,
+		api:submissions_api::internal::Context,
 	)->Self{
 		Self{
-			publish_new:crate::publish_new::Publisher::new(cookie_context.clone(),api_internal.clone()),
+			publish_new:crate::publish_new::Publisher::new(cookie_context.clone(),group_id,api.clone()),
-			publish_fix:crate::publish_fix::Publisher::new(cookie_context.clone(),api_internal.clone()),
+			publish_fix:crate::publish_fix::Publisher::new(cookie_context.clone(),group_id,api.clone()),
-			validator:crate::validator::Validator::new(cookie_context,api,api_internal),
+			validator:crate::validator::Validator::new(cookie_context,api),
 		}
 	}
 	pub async fn handle_message_result(&self,message_result:MessageResult)->Result<(),HandleMessageError>{
 		let message=message_result.map_err(HandleMessageError::Messages)?;
 		message.double_ack().await.map_err(HandleMessageError::DoubleAck)?;
 		match message.subject.as_str(){
-			"maptest.submissions.publishnew"=>self.publish_new.publish(message).await.map_err(HandleMessageError::PublishNew),
+			"maptest.submissions.publishnew"=>self.publish_new.publish(from_slice(&message.payload)?).await.map_err(HandleMessageError::PublishNew),
-			"maptest.submissions.publishfix"=>self.publish_fix.publish(message).await.map_err(HandleMessageError::PublishFix),
+			"maptest.submissions.publishfix"=>self.publish_fix.publish(from_slice(&message.payload)?).await.map_err(HandleMessageError::PublishFix),
-			"maptest.submissions.validate"=>self.validator.validate(message).await.map_err(HandleMessageError::Validation),
+			"maptest.submissions.validate"=>self.validator.validate(from_slice(&message.payload)?).await.map_err(HandleMessageError::Validation),
 			other=>Err(HandleMessageError::UnknownSubject(other.to_owned()))
 		}
 	}

validation/src/publish_fix.rs

@@ -17,23 +17,22 @@ impl std::error::Error for PublishError{}
 
 pub struct Publisher{
 	roblox_cookie:rbx_asset::cookie::CookieContext,
+	group_id:Option<u64>,
 	api_internal:submissions_api::internal::Context,
 }
 impl Publisher{
 	pub const fn new(
 		roblox_cookie:rbx_asset::cookie::CookieContext,
+		group_id:Option<u64>,
 		api_internal:submissions_api::internal::Context,
 	)->Self{
 		Self{
 			roblox_cookie,
+			group_id,
 			api_internal,
 		}
 	}
-	pub async fn publish(&self,message:async_nats::jetstream::Message)->Result<(),PublishError>{
+	pub async fn publish(&self,publish_info:PublishFixRequest)->Result<(),PublishError>{
-		println!("publish_fix {:?}",message.message.payload);
-		// decode json
-		let publish_info:PublishFixRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
-
 		// download the map model version
 		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
 			asset_id:publish_info.ModelID,
@@ -43,7 +42,7 @@ impl Publisher{
 		// upload the map to the strafesnet group
 		let _upload_response=self.roblox_cookie.upload(rbx_asset::cookie::UploadRequest{
 			assetid:publish_info.TargetAssetID,
-			groupId:Some(crate::GROUP_STRAFESNET),
+			groupId:self.group_id,
 			name:None,
 			description:None,
 			ispublic:None,
@@ -53,7 +52,7 @@ impl Publisher{
 		// that's it, the database entry does not need to be changed.
 
 		// mark submission as uploaded, TargetAssetID is unchanged
-		self.api_internal.action_submission_uploaded(submissions_api::internal::ActionSubmissionUploadedRequest{
+		self.api_internal.action_submission_uploaded(submissions_api::types::ActionSubmissionUploadedRequest{
 			SubmissionID:publish_info.SubmissionID,
 			TargetAssetID:None,
 		}).await.map_err(PublishError::ApiActionSubmissionUploaded)?;

validation/src/publish_new.rs

@@ -18,23 +18,22 @@ impl std::error::Error for PublishError{}
 
 pub struct Publisher{
 	roblox_cookie:rbx_asset::cookie::CookieContext,
+	group_id:Option<u64>,
 	api:submissions_api::internal::Context,
 }
 impl Publisher{
 	pub const fn new(
 		roblox_cookie:rbx_asset::cookie::CookieContext,
+		group_id:Option<u64>,
 		api:submissions_api::internal::Context,
 	)->Self{
 		Self{
 			roblox_cookie,
+			group_id,
 			api,
 		}
 	}
-	pub async fn publish(&self,message:async_nats::jetstream::Message)->Result<(),PublishError>{
+	pub async fn publish(&self,publish_info:PublishNewRequest)->Result<(),PublishError>{
-		println!("publish_new {:?}",message.message.payload);
-		// decode json
-		let publish_info:PublishNewRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
-
 		// download the map model version
 		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
 			asset_id:publish_info.ModelID,
@@ -47,11 +46,11 @@ impl Publisher{
 			description:"".to_owned(),
 			ispublic:false,
 			allowComments:false,
-			groupId:Some(crate::GROUP_STRAFESNET),
+			groupId:self.group_id,
 		},model_data).await.map_err(PublishError::Create)?;
 
 		// note the asset id of the created model for later release, and mark the submission as uploaded
-		self.api.action_submission_uploaded(submissions_api::internal::ActionSubmissionUploadedRequest{
+		self.api.action_submission_uploaded(submissions_api::types::ActionSubmissionUploadedRequest{
 			SubmissionID:publish_info.SubmissionID,
 			TargetAssetID:Some(upload_response.AssetId),
 		}).await.map_err(PublishError::ApiActionSubmissionPublish)?;

validation/src/validator.rs

@@ -12,16 +12,27 @@ enum Policy{
 	Replace(String),
 }
 
+struct NamePolicy{
+	name:String,
+	policy:Policy,
+}
+
+fn source_has_illegal_keywords(source:&str)->bool{
+	source.find("getfenv").is_some()||source.find("require").is_some()
+}
+
 #[allow(dead_code)]
 #[derive(Debug)]
 pub enum ValidateError{
+	Flagged,
 	Blocked,
 	NotAllowed,
 	Get(rbx_asset::cookie::GetError),
-	Json(serde_json::Error),
 	ReadDom(ReadDomError),
-	ApiGetScriptPolicy(submissions_api::Error),
+	ApiGetScriptPolicy(submissions_api::types::SingleItemError),
 	ApiGetScript(submissions_api::Error),
+	ApiCreateScript(submissions_api::Error),
+	ApiCreateScriptPolicy(submissions_api::Error),
 	ApiUpdateSubmissionModel(submissions_api::Error),
 	ApiActionSubmissionValidate(submissions_api::Error),
 	WriteDom(rbx_binary::EncodeError),
@@ -37,27 +48,42 @@ impl std::error::Error for ValidateError{}
 
 pub struct Validator{
 	roblox_cookie:rbx_asset::cookie::CookieContext,
-	api:submissions_api::external::Context,
+	api:submissions_api::internal::Context,
-	api_internal:submissions_api::internal::Context,
 }
 
 impl Validator{
 	pub const fn new(
 		roblox_cookie:rbx_asset::cookie::CookieContext,
-		api:submissions_api::external::Context,
+		api:submissions_api::internal::Context,
-		api_internal:submissions_api::internal::Context,
 	)->Self{
 		Self{
 			roblox_cookie,
 			api,
-			api_internal,
 		}
 	}
-	pub async fn validate(&self,message:async_nats::jetstream::Message)->Result<(),ValidateError>{
+	pub async fn validate(&self,validate_info:ValidateRequest)->Result<(),ValidateError>{
-		println!("validate {:?}",message.message.payload);
+		let submission_id=validate_info.SubmissionID;
-		// decode json
+		let validate_result=self.validate_inner(validate_info).await;
-		let validate_info:ValidateRequest=serde_json::from_slice(&message.payload).map_err(ValidateError::Json)?;
 
+		// update the submission depending on the result
+		match &validate_result{
+			Ok(())=>{
+				// update the submission model status to validated
+				self.api.action_submission_validated(
+					submissions_api::types::SubmissionID(submission_id)
+				).await.map_err(ValidateError::ApiActionSubmissionValidate)?;
+			},
+			Err(_)=>{
+				// update the submission model status to accepted
+				self.api.action_submission_accepted(
+					submissions_api::types::SubmissionID(submission_id)
+				).await.map_err(ValidateError::ApiActionSubmissionValidate)?;
+			},
+		}
+
+		validate_result
+	}
+	pub async fn validate_inner(&self,validate_info:ValidateRequest)->Result<(),ValidateError>{
 		// download map
 		let data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
 			asset_id:validate_info.ModelID,
@@ -71,52 +97,78 @@ impl Validator{
 
 		// collect unique scripts
 		let script_refs=get_script_refs(&dom);
-		let mut script_map=std::collections::HashMap::<String,Policy>::new();
+		let mut script_map=std::collections::HashMap::<String,NamePolicy>::new();
 		for &script_ref in &script_refs{
 			if let Some(script)=dom.get_by_ref(script_ref){
 				if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get("Source"){
-					script_map.insert(source.clone(),Policy::None);
+					// check the source for illegal keywords
+					if source_has_illegal_keywords(source){
+						// immediately abort
+						return Err(ValidateError::Flagged);
+					}
+					// associate a name and policy with the source code
+					// policy will be fetched from the database to replace the default policy
+					script_map.insert(source.clone(),NamePolicy{
+						name:script.name.clone(),
+						policy:Policy::None,
+					});
 				}
 			}
 		}
 
 		// send all script hashes to REST endpoint and retrieve the replacements
 		futures::stream::iter(script_map.iter_mut().map(Ok))
-		.try_for_each_concurrent(Some(SCRIPT_CONCURRENCY),|(source,replacement)|async{
+		.try_for_each_concurrent(Some(SCRIPT_CONCURRENCY),|(source,NamePolicy{policy,name})|async{
 			// get the hash
 			let mut hasher=siphasher::sip::SipHasher::new();
 			std::hash::Hasher::write(&mut hasher,source.as_bytes());
 			let hash=std::hash::Hasher::finish(&hasher);
 
 			// fetch the script policy
-			let script_policy=self.api.get_script_policy_from_hash(submissions_api::external::ScriptPolicyHashRequest{
+			let script_policy=self.api.get_script_policy_from_hash(submissions_api::types::HashRequest{
-				hash:format!("{:x}",hash),
+				hash:format!("{:016x}",hash).as_str(),
 			}).await.map_err(ValidateError::ApiGetScriptPolicy)?;
 
 			// write the policy to the script_map, fetching the replacement code if necessary
-			*replacement=match script_policy.Policy{
+			if let Some(script_policy)=script_policy{
-				submissions_api::external::Policy::None=>Policy::None,
+				*policy=match script_policy.Policy{
-				submissions_api::external::Policy::Allowed=>Policy::Allowed,
+					submissions_api::types::Policy::None=>Policy::None,
-				submissions_api::external::Policy::Blocked=>Policy::Blocked,
+					submissions_api::types::Policy::Allowed=>Policy::Allowed,
-				submissions_api::external::Policy::Delete=>Policy::Delete,
+					submissions_api::types::Policy::Blocked=>Policy::Blocked,
-				submissions_api::external::Policy::Replace=>{
+					submissions_api::types::Policy::Delete=>Policy::Delete,
-					let script=self.api.get_script(submissions_api::external::GetScriptRequest{
+					submissions_api::types::Policy::Replace=>{
-						ScriptID:script_policy.ToScriptID,
+						let script=self.api.get_script(submissions_api::types::GetScriptRequest{
-					}).await.map_err(ValidateError::ApiGetScript)?;
+							ScriptID:script_policy.ToScriptID,
-					Policy::Replace(script.Source)
+						}).await.map_err(ValidateError::ApiGetScript)?;
-				},
+						Policy::Replace(script.Source)
-			};
+					},
+				};
+			}else{
+				// upload the script
+				let script=self.api.create_script(submissions_api::types::CreateScriptRequest{
+					Name:name.as_str(),
+					Source:source.as_str(),
+					SubmissionID:Some(validate_info.SubmissionID),
+				}).await.map_err(ValidateError::ApiCreateScript)?;
+
+				// create a None policy (pending review by yours truly)
+				self.api.create_script_policy(submissions_api::types::CreateScriptPolicyRequest{
+					ToScriptID:script.ID,
+					FromScriptID:script.ID,
+					Policy:submissions_api::types::Policy::None,
+				}).await.map_err(ValidateError::ApiCreateScriptPolicy)?;
+			}
 
 			Ok(())
 		})
 		.await?;
 
 		// make the replacements
-		let mut modified=false;
+		let mut modified=true;
 		for &script_ref in &script_refs{
 			if let Some(script)=dom.get_by_ref_mut(script_ref){
 				if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get_mut("Source"){
-					match script_map.get(source.as_str()){
+					match script_map.get(source.as_str()).map(|p|&p.policy){
 						Some(Policy::Blocked)=>return Err(ValidateError::Blocked),
 						None
 						|Some(Policy::None)
@@ -136,6 +188,8 @@ impl Validator{
 			}
 		}
 
+		println!("[Validator] Forcing model upload! modified=true");
+
 		// if the model was validated, the submission must be changed to use the modified model
 		if modified{
 			// serialize model (slow!)
@@ -169,18 +223,13 @@ impl Validator{
 			};
 
 			// update the submission to use the validated model
-			self.api.update_submission_model(submissions_api::external::UpdateSubmissionModelRequest{
+			self.api.update_submission_model(submissions_api::types::UpdateSubmissionModelRequest{
 				SubmissionID:validate_info.SubmissionID,
 				ModelID:model_id,
 				ModelVersion:1, //TODO
 			}).await.map_err(ValidateError::ApiUpdateSubmissionModel)?;
 		};
 
-		// update the submission model status to validated
-		self.api_internal.action_submission_validated(
-			submissions_api::internal::SubmissionID(validate_info.SubmissionID)
-		).await.map_err(ValidateError::ApiActionSubmissionValidate)?;
-
 		Ok(())
 	}
 }

web/next.config.ts

@@ -6,11 +6,22 @@ const nextConfig: NextConfig = {
     rewrites: async () => {
     	return [
      		{
-       			source: "/v1/submissions/:submissionid/status/:statustype",
+				source: "/api/:path*",
-          		destination: "http://submissions:8082/v1/submissions/:submissionid/status/:statustype"
+        		destination: "http://localhost:8082/v1/:path*"
        		}
      	]
-    }
+    },
+	images: {
+		remotePatterns: [
+			{
+				protocol: 'https',
+				hostname: 'api.ic3.space',
+				pathname: '/strafe/map-images/**',
+				port: '',
+				search: '',
+			},
+		],
+	},
 };
 
 export default nextConfig;

web/src/app/_components/header.tsx

@@ -18,10 +18,10 @@ export default function Header() {
 	return (
 		<header className="header-bar">
 			<nav className="left">
-				<HeaderButton name="Maps" href=""/>
+				<HeaderButton name="Submissions" href="/submissions"/>
 			</nav>
 			<nav className="right">
-				<HeaderButton name="Home" href=""/>
+				<HeaderButton name="Submit" href="/submit"/>
 				<HeaderButton name="Need" href=""/>
 				<HeaderButton name="Menu" href=""/>
 				<HeaderButton name="Items" href=""/>

web/src/app/_components/styles/header.scss

@@ -2,8 +2,8 @@
 	display: flex;
 	justify-content: space-between;
 	align-items: center;
-	width: 100vw;
+	width: 100%;
-	height: 60px;
+	height: var(--header-height);
 	background: var(--header-grad-left);
 	background: linear-gradient(180deg, var(--header-grad-left) 0%, var(--header-grad-right) 100%);
 
@@ -24,7 +24,7 @@
 	.right {
 		display: flex;
 		gap: 7px;
-		margin-right: 50px;
+		margin-right: 35px;
 
 		button {
 			font-size: 1rem;

web/src/app/globals.scss

@@ -10,6 +10,8 @@ $form-label-fontsize: 1.3rem;
 :root {
 	color-scheme: light dark;
 
+	--header-height: 60px;
+
 	--page:                white;
 	--header-grad-left:    #363b40;
 	--header-grad-right:   #353a40;

web/src/app/submissions/(styles)/page.scss

@@ -0,0 +1,24 @@
+@forward "./page/card.scss";
+
+@use "../../globals.scss";
+
+.container {
+	display: flex;
+	justify-content: center;
+	align-items: center;
+	height: calc(100vh - var(--header-height));
+	overflow: hidden;
+	position: relative;
+}
+
+a {
+	color:rgb(255, 255, 255);
+
+	&:visited, &:hover, &:focus {
+		text-decoration: none;
+		color: rgb(255, 255, 255);
+	}
+	&:active {
+		color: rgb(192, 192, 192)
+	}
+}

web/src/app/submissions/(styles)/page/card.scss

@@ -0,0 +1,12 @@
+@use "../../../globals.scss";
+
+.submissionCard {
+	@include globals.border-with-radius;
+	
+	background-color: #2020207c;
+	border: 1px solid #501717;
+	border-radius: 6px;
+	padding: 6px;
+	text-align: center;
+	font-size: 14px;
+}

web/src/app/submissions/[submissionId]/(styles)/page/reviewStatus.scss

@@ -1,12 +1,13 @@
-$Published:         "0";
+$UnderConstruction: "0";
-$Rejected:          "1";
+$Submitted:         "1";
-$Publishing:        "2";
+$ChangesRequested:  "2";
-$Validated:         "3";
+$Accepted:          "3";
 $Validating:        "4";
-$Accepted:          "5";
+$Validated:         "5";
-$ChangesRequested:  "6";
+$Uploading:         "6";
-$Submitted:         "7";
+$Uploaded:          "7";
-$UnderConstruction: "8";
+$Rejected:          "8";
+$Released:          "9";
 
 .review-status {
     border-radius: 5px;
@@ -16,7 +17,7 @@ $UnderConstruction: "8";
         font-weight: bold;
     }
 
-    &[data-review-status="#{$Published}"] {
+    &[data-review-status="#{$Released}"] {
         background-color: orange;
         p {
             color: white;
@@ -28,7 +29,13 @@ $UnderConstruction: "8";
             color: white;
         }
     }
-    &[data-review-status="#{$Publishing}"] {
+    &[data-review-status="#{$Uploading}"] {
+        background-color: orange;
+        p {
+            color: white;
+        }
+    }
+    &[data-review-status="#{$Uploaded}"] {
         background-color: orange;
         p {
             color: white;
@@ -70,4 +77,4 @@ $UnderConstruction: "8";
             color: white;
         }
     }
-}
+}

web/src/app/submissions/[submissionId]/_comments.tsx

@@ -9,6 +9,7 @@ interface CommentersProps {
 }
 
 interface CreatorAndReviewStatus {
+		asset_id: SubmissionInfo["AssetID"],
     creator: SubmissionInfo["DisplayName"],
     review: SubmissionInfo["StatusID"],
     comments: Comment[],
@@ -63,4 +64,4 @@ export default function Comments(stats: CommentersProps) {
 
 export {
     type CreatorAndReviewStatus
-}
+}

web/src/app/submissions/[submissionId]/_reviewButtons.tsx

@@ -1,36 +1,54 @@
 import { Button, ButtonOwnProps } from "@mui/material";
+import { SubmissionInfo } from "@/app/ts/Submission";
+
+type Actions = "Completed" | "Submit" | "Reject" | "Revoke"
+type Review  = Actions | "Accept" | "Validate" | "Upload"
+type Action  = Lowercase<Actions> | "trigger-validate" | "trigger-upload"
 
-type Review = "Completed" | "Submit" | "Reject" | "Revoke" | "Accept" | "Validate" | "Upload"
-type Action = "completed" | "submit" | "reject" | "revoke" | "trigger-validate" | "trigger-upload"
 interface ReviewButton {
 	name: Review,
 	action: Action,
+	submissionId: string,
 	color: ButtonOwnProps["color"]
 }
 
-function ReviewButtonClicked(action: Action) {
+function ReviewButtonClicked(action: Action, submissionId: string) {
-	fetch(`http://localhost:3000/v1/submissions/1/status/${action}`, {
+	fetch(`/api/submissions/${submissionId}/status/${action}`, {
 		method: "POST",
 		headers: {
 			"Content-type": "application/json",
 		}
-	})
+	}).then(() => { window.location.reload(); })
 }
 
 function ReviewButton(props: ReviewButton) {
-	return <Button color={props.color} variant="contained" onClick={() => { ReviewButtonClicked(props.action) }}>{props.name}</Button>
+	return <Button
+		color={props.color}
+		variant="contained"
+		onClick={() => { ReviewButtonClicked(props.action, props.submissionId) }}>{props.name}</Button>
 }
 
-export default function ReviewButtons() {
+export default function ReviewButtons(props: SubmissionInfo) {
+	const submissionId = props.ID.toString()
+	// When is each button visible?
+	// Multiple buttons can be visible at once.
+	// Action         | Role      | When Current Status is One of:
+	// ---------------|-----------|-----------------------
+	// Submit         | Submitter | UnderConstruction, ChangesRequested
+	// Revoke         | Submitter | Submitted, ChangesRequested
+	// Accept         | Reviewer  | Submitted
+	// Validate       | Reviewer  | Accepted
+	// Reject         | Reviewer  | Submitted
+	// RequestChanges | Reviewer  | Validated, Accepted, Submitted
+	// Upload         | MapAdmin  | Validated
 	return (
 		<section className="review-set">
-			<ReviewButton color="info"  name="Submit"    action="submit"/>
+			<ReviewButton color="info"  name="Submit"    action="submit"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Revoke"    action="revoke"/>
+			<ReviewButton color="info"  name="Revoke"    action="revoke"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Accept"    action="trigger-validate"/>
+			<ReviewButton color="info"  name="Accept"    action="trigger-validate" submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Validate"  action="trigger-validate"/>
+			<ReviewButton color="info"  name="Validate"  action="trigger-validate" submissionId={submissionId}/>
-			<ReviewButton color="error" name="Reject"    action="reject"/>
+			<ReviewButton color="error" name="Reject"    action="reject"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Upload"    action="trigger-upload"/>
+			<ReviewButton color="info"  name="Upload"    action="trigger-upload"   submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Completed" action="completed"/>
 		</section>
 	)
 }

web/src/app/submissions/[submissionId]/page.tsx

@@ -1,6 +1,6 @@
 "use client"
 
-import { SubmissionStatus, SubmissionStatusToString } from "@/app/ts/Submission";
+import { SubmissionInfo, SubmissionStatusToString } from "@/app/ts/Submission";
 import type { CreatorAndReviewStatus } from "./_comments";
 import { MapImage } from "./_map";
 import { useParams } from "next/navigation";
@@ -10,6 +10,7 @@ import Comments from "./_comments";
 import Webpage from "@/app/_components/webpage";
 import Window from "./_window";
 import Link from "next/link";
+import { useState, useEffect } from "react";
 
 import "./(styles)/page.scss";
 
@@ -34,14 +35,15 @@ function Ratings() {
 	)
 }
 
-function RatingArea() {
+function RatingArea(submission: SubmissionInfo) {
     return (
         <aside className="review-area">
         	<section className="map-image-area">
          		<MapImage/>
          	</section>
             <Ratings/>
-            <ReviewButtons/>
+            {/* TODO: NOT DO!!! */} {ReviewButtons(submission)}
+			{/* <ReviewButtons submissionId={submission.ID}/> */}
         </aside>
     )
 }
@@ -58,6 +60,7 @@ function TitleAndComments(stats: CreatorAndReviewStatus) {
                 </aside>
             </div>
             <p className="by-creator">by <Link href="" target="_blank">{stats.creator}</Link></p>
+            <p className="asset-id">Model Asset ID {stats.asset_id}</p>
             <span className="spacer"></span>
             <Comments comments_data={stats}/>
         </main>
@@ -67,14 +70,31 @@ function TitleAndComments(stats: CreatorAndReviewStatus) {
 export default function SubmissionInfoPage() {
     const dynamicId = useParams<{submissionId: string}>()
 
+    const [submission, setSubmission] = useState<SubmissionInfo | null>(null)
+
+	useEffect(() => { // needs to be client sided since server doesn't have a session, nextjs got mad at me for exporting an async function: (https://nextjs.org/docs/messages/no-async-client-component)
+		async function getSubmission() {
+			const res = await fetch(`/api/submissions/${dynamicId.submissionId}`)
+			if (res.ok) {
+				setSubmission(await res.json())
+			}
+		}
+        getSubmission()
+	}, [dynamicId.submissionId])
+
+	if (!submission) {
+		return <Webpage>
+		        {/* TODO: Add skeleton loading thingy ? Maybe ? (https://mui.com/material-ui/react-skeleton/) */}
+			</Webpage>
+	}
     return (
         <Webpage>
             <main className="map-page-main">
                 <section className="review-section">
-                    <RatingArea/>
+					{RatingArea(submission)}
-                    <TitleAndComments name={dynamicId.submissionId} creator="Quaternions" review={SubmissionStatus.Accepted} comments={[]}/>
+                    <TitleAndComments name={submission.DisplayName} creator={submission.Creator} review={submission.StatusID} asset_id={submission.AssetID} comments={[]}/>
                 </section>
             </main>
         </Webpage>
 	)
-}
+}

web/src/app/submissions/_card.tsx

@@ -0,0 +1,25 @@
+import React from "react";
+import Image from "next/image";
+import Link from "next/link";
+
+interface SubmissionCardProps {
+	displayName: string;
+	assetId: number;
+	rating: number;
+	author: string;
+	id: number;
+}
+
+export default function SubmissionCard(props: SubmissionCardProps) {
+	return (
+		<Link href={`/submissions/${props.id}`}>
+			<div className="submissionCard">
+				{/* TODO: Grab image of model */}
+				<Image height={200} width={200} priority={true} src="https://api.ic3.space/strafe/map-images/11222350808" style={{ width: `100%` }} alt={props.displayName} />
+				<h3>{props.displayName}</h3>
+				<p>By {props.author}</p>
+				<p>⭐ {props.rating}</p> {/* TODO: paste the star element from submission/1 page */}
+			</div>
+		</Link>
+	);
+}

web/src/app/submissions/_loading.tsx

@@ -0,0 +1,43 @@
+//This can all be solved using 0 JavaScript,
+//display: grid, ->1fr unit<-
+
+import React, { useState, useEffect } from 'react';
+import { Grid, Skeleton } from '@mui/material';
+
+const elementWidth = 220;
+
+function calculateSkeletonCount(setState: React.Dispatch<React.SetStateAction<number>>) {
+	const viewportWidth = window.innerWidth - 100 * 2;
+	setState(Math.floor(viewportWidth / elementWidth) * 2);
+};
+
+function SkeletonGrid() {
+	const [skeletonCount, setSkeletonCount] = useState(0);
+
+	useEffect(() => {
+		calculateSkeletonCount(setSkeletonCount);
+		window.addEventListener('resize', () => { calculateSkeletonCount(setSkeletonCount) });
+
+		return () => {
+			window.removeEventListener('resize', () => { calculateSkeletonCount(setSkeletonCount) });
+		};
+	}, []);
+
+	return (
+		<Grid
+			container
+			spacing={2}
+			alignItems="center"
+			justifyContent="center"
+			style={{ maxWidth: 'calc(100vw - 100px)', margin: '0 auto' }}
+		>
+		{Array.from({ length: skeletonCount }).map((_, index) => (
+			<Grid item key={index}>
+			<Skeleton variant="rectangular" width={215} height={340} />
+			</Grid>
+		))}
+		</Grid>
+	);
+};
+
+export default SkeletonGrid;

web/src/app/submissions/_window.tsx

@@ -0,0 +1,18 @@
+interface WindowStruct {
+    children: React.ReactNode,
+    className: string,
+    title: string,
+}
+
+export default function Window(window: WindowStruct) {
+    return <section className={window.className}>
+        <header>
+            <p>{window.title}</p>
+        </header>
+        <main>{window.children}</main>
+    </section>
+}
+
+export {
+	type WindowStruct
+}

web/src/app/submissions/page.tsx

@@ -0,0 +1,77 @@
+'use client'
+
+import React, { useState, useEffect } from 'react'
+import { SubmissionInfo } from '../ts/Submission';
+import { Grid2 as Grid } from '@mui/material';
+import SubmissionCard from "./_card";
+import SkeletonGrid from './_loading';
+import Webpage from "@/app/_components/webpage";
+
+import "./(styles)/page.scss";
+
+export default function SubmissionInfoPage() {
+	const [submissions, setSubmissions] = useState<SubmissionInfo[]>([])
+
+	useEffect(() => { // needs to be client sided since server doesn't have a session, nextjs got mad at me for exporting an async function: (https://nextjs.org/docs/messages/no-async-client-component)
+		async function fetchSubmissions() {
+			const res = await fetch('/api/submissions?Page=1&Limit=100')
+			if (res.ok) {
+				setSubmissions(await res.json())
+			}
+		}
+		setTimeout(() => { // testing loading screen made by chatGerbertPT
+			fetchSubmissions()
+		}, 250);
+	}, [])
+
+	if (!submissions) {
+		return <Webpage>
+			<main style={{ display: 'flex', justifyContent: 'center', padding: '1rem' }}>
+				<SkeletonGrid />
+			</main>
+		</Webpage>
+	}
+
+	return (
+		// TODO: Add filter settings & searchbar & page selector
+		<Webpage>
+			<main style={{ display: 'flex', justifyContent: 'center', padding: '1rem' }}>
+				<Grid
+					container
+					spacing={2}
+					alignItems="center"
+					justifyContent="center"
+					style={{ maxWidth: 'calc(100vw - 100px)', margin: '0 auto' }}
+				>
+					{submissions.map((submission) => (
+						<Grid key={submission.ID}>
+							<SubmissionCard
+								id={submission.ID}
+								assetId={submission.AssetID}
+								displayName={submission.DisplayName}
+								author={submission.Creator}
+								rating={submission.StatusID}
+							/>
+						</Grid>
+					))}
+				</Grid>
+			</main>
+		</Webpage>
+	)
+
+	// {
+	// 	"ID": 1,
+	// 	"DisplayName": "81bfc7a",
+	// 	"Creator": "79fbe8d",
+	// 	"GameID": 1073741824,
+	// 	"CreatedAt": 1734490019,
+	// 	"UpdatedAt": 1734565641,
+	// 	"Submitter": 1,
+	// 	"AssetID": 6438937102481093,
+	// 	"AssetVersion": 1225679040570074,
+	// 	"Completed": false,
+	// 	"SubmissionType": 0,
+	// 	"TargetAssetID": 1057095197389979,
+	// 	"StatusID": 4
+	// }
+}

web/src/app/submit/(styles)/page.scss

@@ -25,7 +25,6 @@
 	}
 	& fieldset {
 		border-color: rgb(100,100,100);
-
 	}
 	& span {
 		color: white;

web/src/app/submit/_game.tsx

@@ -0,0 +1,66 @@
+import { FormControl, Select, InputLabel, MenuItem } from "@mui/material";
+import { styled } from '@mui/material/styles';
+import InputBase from '@mui/material/InputBase';
+import React from "react";
+import { SelectChangeEvent } from "@mui/material";
+
+// TODO: Properly style everything instead of pasting 🤚
+
+type GameSelectionProps = {
+	game: number;
+	setGame: React.Dispatch<React.SetStateAction<number>>;
+};
+
+const BootstrapInput = styled(InputBase)(({ theme }) => ({
+	'label + &': {
+	  marginTop: theme.spacing(3),
+	},
+	'& .MuiInputBase-input': {
+	  backgroundColor: '#0000',
+	  color: '#FFF',
+	  border: '1px solid rgba(175, 175, 175, 0.66)',
+	  fontSize: 16,
+	  padding: '10px 26px 10px 12px',
+	  transition: theme.transitions.create(['border-color', 'box-shadow']),
+	  // Use the system font instead of the default Roboto font.
+	  fontFamily: [
+		'-apple-system',
+		'BlinkMacSystemFont',
+		'"Segoe UI"',
+		'Roboto',
+		'"Helvetica Neue"',
+		'Arial',
+		'sans-serif',
+		'"Apple Color Emoji"',
+		'"Segoe UI Emoji"',
+		'"Segoe UI Symbol"',
+	  ].join(','),
+	  '&:focus': {
+		borderRadius: 4,
+		borderColor: '#80bdff',
+		boxShadow: '0 0 0 0.2rem rgba(0,123,255,.25)',
+	  },
+	},
+  }));
+
+export default function GameSelection({ game, setGame }: GameSelectionProps) {
+	const handleChange = (event: SelectChangeEvent) => {
+		setGame(Number(event.target.value)); // TODO: Change later!! there's 100% a proper way of doing this
+	};
+
+	return (
+		<FormControl>
+			<InputLabel sx={{ color: "#646464" }}>Game</InputLabel>
+			<Select
+				value={String(game)}
+				label="Game"
+				onChange={handleChange}
+				input={<BootstrapInput />}
+			>
+				<MenuItem value={1}>Bhop</MenuItem>
+				<MenuItem value={2}>Surf</MenuItem>
+				<MenuItem value={3}>Fly Trials</MenuItem>
+			</Select>
+		</FormControl>
+	);
+}

web/src/app/submit/page.tsx

@@ -1,50 +1,98 @@
 "use client"
 
-import { FormControl, FormLabel, RadioGroup, FormControlLabel, Button, TextField } from "@mui/material"
+import { FormControl, FormControlLabel, Button, TextField, Checkbox } from "@mui/material"
+
+import GameSelection from "./_game";
 import SendIcon from '@mui/icons-material/Send';
 import Webpage from "@/app/_components/webpage"
-import Radio from '@mui/material/Radio';
+import React, { useState } from "react";
 
 import "./(styles)/page.scss"
 
-const enum Map {
+interface SubmissionPayload {
-	New,
+	DisplayName: string;
-	Fix,
+	Creator: string;
+	GameID: number;
+	AssetID: number;
+	AssetVersion: number;
+	TargetAssetID: number;
 }
-
+interface IdResponse {
-function TargetAsset() {
+	ID: number;
-	return (<FormControl>
-		<FormLabel id="target-asset-radio">Target:</FormLabel>
-		<RadioGroup defaultValue="New" aria-labelledby="target-asset-radio" name="target-asset-radio">
-			<FormControlLabel value="New" control={<Radio/>} label="New"/>
-			<FormControlLabel value="Fix" control={<Radio/>} label="Fix"/>
-		</RadioGroup>
-	</FormControl>)
 }
 
 export default function SubmissionInfoPage() {
-    return (
+	const [game, setGame] = useState(1);
-        <Webpage>
+	const [isFixingMap, setIsFixingMap] = useState(false);
-        	<main>
+
-	        	<header>
+	const handleSubmit = async (event: React.FormEvent<HTMLFormElement>) => {
-	          		<h1>Submit Asset</h1>
+		event.preventDefault();
-	            	<span className="spacer form-spacer"></span>
+
-	          	</header>
+		const form = event.currentTarget;
-	        	<form>
+		const formData = new FormData(form);
-					<TextField className="form-field" id="display-name"  label="Display Name"  variant="outlined"/>
+
-					<TextField className="form-field" id="creator"       label="Creator"       variant="outlined"/>
+		const payload: SubmissionPayload = {
-					<TextField className="form-field" id="game-id"       label="Game ID"       variant="outlined"/>
+			DisplayName: (formData.get("display-name") as string) ?? "unknown", // TEMPORARY! TODO: Change
-					<TextField className="form-field" id="asset-id"      label="Asset ID"      variant="outlined"/>
+			Creator: (formData.get("creator") as string) ?? "unknown", // TEMPORARY! TODO: Change
-					<TextField className="form-field" id="asset-version" label="Asset Version" variant="outlined"/>
+			GameID: game,
-					<TargetAsset/>
+			AssetID: Number((formData.get("asset-id") as string) ?? "0"),
-	         	</form>
+			AssetVersion: 0,
-				<span className="spacer form-spacer"></span>
+			TargetAssetID: isFixingMap ? Number((formData.get("target-asset-id") as string) ?? "0") : 0,
-				<Button variant="contained" startIcon={<SendIcon/>} sx={{
+		};
-					width: "400px",
+
-					height: "50px",
+		console.log(payload)
-					marginInline: "auto"
+		console.log(JSON.stringify(payload))
-				}}>Submit</Button>
+
-         	</main>
+		try {
-        </Webpage>
+			// Send the POST request
+			const response = await fetch("/api/submissions", {
+				method: "POST",
+				headers: { "Content-Type": "application/json" },
+				body: JSON.stringify(payload),
+			});
+
+			// Allow any HTTP status
+			const id_response:IdResponse = await response.json();
+
+			// navigate to newly created submission
+			window.location.assign(`/submissions/${id_response.ID}`)
+
+		} catch (error) {
+			console.error("Error submitting data:", error);
+		}
+	};
+
+	return (
+		<Webpage>
+			<main>
+				<header>
+					<h1>Submit Asset</h1>
+					<span className="spacer form-spacer"></span>
+				</header>
+				<form onSubmit={handleSubmit}>
+					{/* TODO: Add form data for mapfixes, such as changes they did, and any times that need to be deleted & what styles */}
+					<TextField className="form-field" id="display-name" name="display-name" label="Display Name" variant="outlined"/>
+					<TextField className="form-field" id="creator"      name="creator"      label="Creator"      variant="outlined"/>
+					<TextField className="form-field" id="asset-id"     name="asset-id"     label="Asset ID"     variant="outlined"/>
+					{/* I think this is Quat's job to figure this one out (to be set when someone clicks review(?)) */} {/* <TextField className="form-field" id="asset-version" label="Asset Version" variant="outlined"/> */}
+					<GameSelection game={game} setGame={setGame} />
+					<FormControl>
+						<FormControlLabel control={<Checkbox sx={{
+							color: "#646464",
+							'&.Mui-checked': {
+								color: "#66BB6A",
+							},
+						}} onChange={(e) => setIsFixingMap(e.target.checked)} />} label="Fixing an Existing Map?" />
+					</FormControl>
+					<TextField className="form-field" id="target-asset-id" name="target-asset-id" label="Target Asset ID (group model)" variant="outlined"/>
+					<span className="spacer form-spacer"></span>
+					<Button type="submit" variant="contained" startIcon={<SendIcon/>} sx={{
+						width: "400px",
+						height: "50px",
+						marginInline: "auto"
+					}}>Submit</Button>
+				</form>
+			</main>
+		</Webpage>
 	)
-}
+}

web/src/app/ts/Submission.ts

@@ -1,13 +1,14 @@
 const enum SubmissionStatus {
-    Published,
+	UnderConstruction = 0,
-    Rejected,
+	Submitted         = 1,
-    Publishing,
+	ChangesRequested  = 2,
-    Validated,
+	Accepted          = 3,
-    Validating,
+	Validating        = 4,
-    Accepted,
+	Validated         = 5,
-    ChangesRequested,
+	Uploading         = 6,
-    Submitted,
+	Uploaded          = 7,
-    UnderConstruction
+	Rejected          = 8,
+	Released          = 9,
 }
 
 interface SubmissionInfo {
@@ -26,12 +27,14 @@ interface SubmissionInfo {
 
 function SubmissionStatusToString(submission_status: SubmissionStatus): string {
 	switch (submission_status) {
-    	case SubmissionStatus.Published:
+    	case SubmissionStatus.Released:
-     		return "PUBLISHED"
+     		return "RELEASED"
      	case SubmissionStatus.Rejected:
       		return "REJECTED"
-		case SubmissionStatus.Publishing:
+		case SubmissionStatus.Uploading:
-			return "PUBLISHING"
+			return "UPLOADING"
+		case SubmissionStatus.Uploaded:
+			return "UPLOADED"
 		case SubmissionStatus.Validated:
 			return "VALIDATED"
 		case SubmissionStatus.Validating:
@@ -53,4 +56,4 @@ export {
 	SubmissionStatus,
 	SubmissionStatusToString,
 	type SubmissionInfo
-}
+}