wip

Cut Down Maps Fields (#257 )
Remove usages of Creator & Date, add Thumbnail. Reviewed-on: #257 Co-authored-by: Rhys Lloyd <krakow20@gmail.com> Co-committed-by: Rhys Lloyd <krakow20@gmail.com>
2025-08-06 20:08:55 -07:00 · 2025-08-07 02:32:22 +00:00 · 2025-08-05 23:08:21 -07:00 · 2025-08-05 23:08:18 -07:00 · 2025-08-05 22:58:41 -07:00 · 2025-08-06 05:49:30 +00:00
217 changed files with 17336 additions and 22281 deletions
--- a/validation/.cargo/config.toml
+++ b/validation/.cargo/config.toml
--- a/.drone.yml
+++ b/.drone.yml
@@ -7,7 +7,45 @@ platform:
  arch: amd64
 steps:
-  - name: api
+  - name: build-backend
    image: golang:1.24.0
    environment:
      GIT_USER:
        from_secret: GIT_USER
      GIT_PASS:
        from_secret: GIT_PASS
    commands:
      - echo "machine git.itzana.me login $${GIT_USER} password $${GIT_PASS}" > ~/.netrc
      - chmod 600 ~/.netrc
      - make build-backend
    when:
      branch:
        - master
        - staging
  - name: build-validator
    image: clux/muslrust:1.86.0-stable
    commands:
      - make build-validator
    when:
      branch:
        - master
        - staging
  - name: build-frontend
    image: oven/bun:1.2.8
    commands:
      - apt-get update
      - apt-get install make
      - make build-frontend
    when:
      branch:
        - master
        - staging
      event:
        - pull_request
  - name: image-backend
    image: plugins/docker
    settings:
      registry: registry.itzana.me
@@ -19,8 +57,10 @@ steps:
        from_secret: REGISTRY_USER
      password:
        from_secret: REGISTRY_PASS
-      dockerfile: Containerfile
+      dockerfile: Dockerfile
      context: .
    depends_on:
      - build-backend
    when:
      branch:
        - master
@@ -28,7 +68,7 @@ steps:
      event:
        - push
-  - name: frontend
+  - name: image-frontend
    image: plugins/docker
    settings:
      registry: registry.itzana.me
@@ -49,7 +89,7 @@ steps:
      event:
        - push
-  - name: validator
+  - name: image-validator
    image: plugins/docker
    settings:
      registry: registry.itzana.me
@@ -62,7 +102,9 @@ steps:
      password:
        from_secret: REGISTRY_PASS
      dockerfile: validation/Containerfile
-      context: validation
+      context: .
    depends_on:
      - build-validator
    when:
      branch:
        - master
@@ -83,9 +125,9 @@ steps:
      PASSWORD:
        from_secret: ARGO_PASS
    depends_on:
-      - api
+      - image-backend
-      - frontend
+      - image-frontend
-      - validator
+      - image-validator
    when:
      branch:
        - master
@@ -94,64 +136,19 @@ steps:
        - push
 # pr dry run
  - name: api-pr
    image: plugins/docker
    settings:
      registry: registry.itzana.me
      repo: registry.itzana.me/strafesnet/maptest-validator
      tags:
        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
        - ${DRONE_BRANCH}
      dockerfile: Containerfile
      context: .
      dry_run: true
    when:
      event:
        - pull_request
  - name: frontend-pr
    image: plugins/docker
    settings:
      registry: registry.itzana.me
      repo: registry.itzana.me/strafesnet/maptest-validator
      tags:
        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
        - ${DRONE_BRANCH}
      dockerfile: web/Containerfile
      context: web
      dry_run: true
    when:
      event:
      - pull_request
  - name: validator-pr
    image: plugins/docker
    settings:
      registry: registry.itzana.me
      repo: registry.itzana.me/strafesnet/maptest-validator
      tags:
        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
        - ${DRONE_BRANCH}
      dockerfile: validation/Containerfile
      context: validation
      dry_run: true
    when:
      event:
        - pull_request
  - name: build-pr
    image: alpine
    commands:
      - echo "Success!"
    depends_on:
-      - api-pr
+      - build-backend
-      - frontend-pr
+      - build-validator
-      - validator-pr
+      - build-frontend
    when:
      event:
        - pull_request
 ---
 kind: signature
-hmac: 11e6d7f1eb839d3798fdcb642ca5523c011bd14c1f3a0343a9c3106bab9ef142
+hmac: cc7f2f8dac4285b5fa1df163bd92115f1a51a92050687cd08169e17803a2de4c
 ...
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 build
 .idea
 /target
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/33
+++ b/33
@@ -1,33 +0,0 @@
 # Stage 1: Build
 FROM registry.itzana.me/docker-proxy/golang:1.24 AS builder
 # Set the working directory in the container
 WORKDIR /app
 # Copy go.mod and go.sum files
 COPY go.mod go.sum ./
 # Copy the entire project
 COPY . .
 # Build the Go application
 RUN CGO_ENABLED=0 GOOS=linux go build -o service ./cmd/maps-service/service.go
 # Stage 2: Run
 FROM registry.itzana.me/docker-proxy/alpine:3.21
 # Set up a non-root user for security
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup
 USER appuser
 # Set the working directory in the container
 WORKDIR /home/appuser
 # Copy the built application from the builder stage
 COPY --from=builder /app/service .
 # Expose application port (adjust if needed)
 EXPOSE 8081
 # Command to run the application
 ENTRYPOINT ["./service"]
--- a/3
+++ b/3
@@ -0,0 +1,3 @@
 FROM alpine
 COPY build/server /
 ENTRYPOINT ["/server"]
--- a/46
+++ b/46
@@ -1,12 +1,42 @@
-submissions:
+clean:
-	DOCKER_BUILDKIT=1 docker build . -f Containerfile -t maps-service-submissions
+	rm -rf build
 	rm -rf web/build
-web:
+# build
-	docker build web -f web/Containerfile -t maps-service-web
+build-backend:
 	CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o build/server cmd/maps-service/service.go
-validation:
+build-validator:
-	docker build validation -f validation/Containerfile -t maps-service-validation
+	cargo build --release --target x86_64-unknown-linux-musl --bin maps-validation
-all: submissions web validation
+build-frontend:
 	rm -rf web/build
 	cd web && bun install --frozen-lockfile
 	cd web && bun run build
-.PHONY: submissions web validation
+build: build-backend build-validator build-frontend
 # image
 image-backend:
 	docker build . -t maptest-api
 image-validator:
 	docker build . -f validation/Containerfile -t maptest-validator
 image-frontend:
 	docker build web -f web/Containerfile -t maptest-frontend
 # docker
 docker-backend:
 	make build-backend
 	make image-backend
 docker-validator:
 	make build-validator
 	make image-validator
 docker-frontend:
 	make build-frontend
 	make image-frontend
 docker: docker-backend docker-validator docker-frontend
 .PHONY: clean build-backend build-validator build-frontend build image-backend image-validator image-frontend docker-backend docker-validator docker-frontend docker
--- a/README.md
+++ b/README.md
@@ -26,10 +26,11 @@ Prerequisite: golang installed
 Prerequisite: bun installed
-The environment variable `API_HOST` will need to be set for the middleware.
+The environment variables `API_HOST` and `AUTH_HOST` will need to be set for the middleware.
 Example `.env` in web's root:
 ```
-API_HOST="http://localhost:8082/v1/"
+API_HOST="http://localhost:8082/"
 AUTH_HOST="http://localhost:8083/"
 ```
 1. `cd web`
--- a/cmd/maps-service/service.go
+++ b/cmd/maps-service/service.go
@@ -7,6 +7,16 @@ import (
 	"os"
 )
 // @title StrafesNET Maps API
 // @version 1.0
 // @description Obtain an api key at https://dev.strafes.net
 // @description Requires Maps:Read permission
 // @BasePath /public-api/v1
 // @securityDefinitions.apikey ApiKeyAuth
 // @in header
 // @name X-API-Key
 func main() {
 	log.SetLevel(log.InfoLevel)
 	log.SetFormatter(&log.JSONFormatter{})
--- a/compose.yaml
+++ b/compose.yaml
@@ -13,7 +13,7 @@ services:
  submissions:
    image:
-      maps-service-submissions
+      maptest-api
    container_name: submissions
    command: [
      # debug
@@ -33,6 +33,8 @@ services:
      "--auth-rpc-host","authrpc:8081",
      "--data-rpc-host","dataservice:9000",
    ]
    env_file:
      - ../auth-compose/strafesnet_staging.env
    depends_on:
      - authrpc
      - nats
@@ -43,17 +45,18 @@ services:
  web:
    image:
-      maps-service-web
+      maptest-frontend
    networks:
      - maps-service-network
    ports:
      - "3000:3000"
    environment:
      - API_HOST=http://submissions:8082/v1
      - AUTH_HOST=http://localhost:8080/
  validation:
    image:
-      maps-service-validation
+      maptest-validator
    container_name: validation
    env_file:
      - ../auth-compose/strafesnet_staging.env
@@ -70,6 +73,26 @@ services:
    networks:
      - maps-service-network
  public_api:
    image:
      maptest-api
    container_name: public_api
    command: [
      # debug
      "--debug","api",
      # http service port
      "--port","8084",
      "--dev-rpc-host","dev-service:8081",
      "--maps-rpc-host","maptest-api:8081",
    ]
    depends_on:
      - submissions
      - dev_service
    networks:
      - maps-service-network
    ports:
      - "8084:8084"
  dataservice:
    image: registry.itzana.me/strafesnet/data-service:master
    container_name: dataservice
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -0,0 +1,242 @@
 // Package docs Code generated by swaggo/swag. DO NOT EDIT
 package docs
 import "github.com/swaggo/swag"
 const docTemplate = `{
    "schemes": {{ marshal .Schemes }},
    "swagger": "2.0",
    "info": {
        "description": "{{escape .Description}}",
        "title": "{{.Title}}",
        "contact": {},
        "version": "{{.Version}}"
    },
    "host": "{{.Host}}",
    "basePath": "{{.BasePath}}",
    "paths": {
        "/map": {
            "get": {
                "security": [
                    {
                        "ApiKeyAuth": []
                    }
                ],
                "description": "Get a list of maps",
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "maps"
                ],
                "summary": "List maps",
                "parameters": [
                    {
                        "maximum": 100,
                        "minimum": 1,
                        "type": "integer",
                        "default": 10,
                        "description": "Page size (max 100)",
                        "name": "page_size",
                        "in": "query"
                    },
                    {
                        "minimum": 1,
                        "type": "integer",
                        "default": 1,
                        "description": "Page number",
                        "name": "page_number",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "name": "game_id",
                        "in": "query"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/PagedResponse-Map"
                        }
                    },
                    "default": {
                        "description": "General error response",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    }
                }
            }
        },
        "/map/{id}": {
            "get": {
                "security": [
                    {
                        "ApiKeyAuth": []
                    }
                ],
                "description": "Get a specific map by its ID",
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "maps"
                ],
                "summary": "Get map by ID",
                "parameters": [
                    {
                        "type": "integer",
                        "description": "Map ID",
                        "name": "id",
                        "in": "path",
                        "required": true
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/Response-Map"
                        }
                    },
                    "404": {
                        "description": "Map not found",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    },
                    "default": {
                        "description": "General error response",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
        "Error": {
            "type": "object",
            "properties": {
                "error": {
                    "type": "string"
                }
            }
        },
        "Map": {
            "type": "object",
            "properties": {
                "asset_version": {
                    "type": "integer"
                },
                "created_at": {
                    "type": "string"
                },
                "creator": {
                    "type": "string"
                },
                "date": {
                    "type": "string"
                },
                "display_name": {
                    "type": "string"
                },
                "game_id": {
                    "type": "integer"
                },
                "id": {
                    "type": "integer"
                },
                "load_count": {
                    "type": "integer"
                },
                "modes": {
                    "type": "integer"
                },
                "submitter": {
                    "type": "integer"
                },
                "thumbnail": {
                    "type": "integer"
                },
                "updated_at": {
                    "type": "string"
                }
            }
        },
        "PagedResponse-Map": {
            "type": "object",
            "properties": {
                "data": {
                    "description": "Data contains the actual response payload",
                    "type": "array",
                    "items": {
                        "$ref": "#/definitions/Map"
                    }
                },
                "pagination": {
                    "description": "Pagination contains information about paging",
                    "allOf": [
                        {
                            "$ref": "#/definitions/Pagination"
                        }
                    ]
                }
            }
        },
        "Pagination": {
            "type": "object",
            "properties": {
                "page": {
                    "description": "Current page number",
                    "type": "integer"
                },
                "page_size": {
                    "description": "Number of items per page",
                    "type": "integer"
                }
            }
        },
        "Response-Map": {
            "type": "object",
            "properties": {
                "data": {
                    "description": "Data contains the actual response payload",
                    "allOf": [
                        {
                            "$ref": "#/definitions/Map"
                        }
                    ]
                }
            }
        }
    },
    "securityDefinitions": {
        "ApiKeyAuth": {
            "type": "apiKey",
            "name": "X-API-Key",
            "in": "header"
        }
    }
 }`
 // SwaggerInfo holds exported Swagger Info so clients can modify it
 var SwaggerInfo = &swag.Spec{
 	Version:          "1.0",
 	Host:             "",
 	BasePath:         "/public-api/v1",
 	Schemes:          []string{},
 	Title:            "StrafesNET Maps API",
 	Description:      "Obtain an api key at https://dev.strafes.net\nRequires Data:Read permission",
 	InfoInstanceName: "swagger",
 	SwaggerTemplate:  docTemplate,
 	LeftDelim:        "{{",
 	RightDelim:       "}}",
 }
 func init() {
 	swag.Register(SwaggerInfo.InstanceName(), SwaggerInfo)
 }
--- a/docs/swagger.json
+++ b/docs/swagger.json
@@ -0,0 +1,217 @@
 {
    "swagger": "2.0",
    "info": {
        "description": "Obtain an api key at https://dev.strafes.net\nRequires Data:Read permission",
        "title": "StrafesNET Maps API",
        "contact": {},
        "version": "1.0"
    },
    "basePath": "/public-api/v1",
    "paths": {
        "/map": {
            "get": {
                "security": [
                    {
                        "ApiKeyAuth": []
                    }
                ],
                "description": "Get a list of maps",
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "maps"
                ],
                "summary": "List maps",
                "parameters": [
                    {
                        "maximum": 100,
                        "minimum": 1,
                        "type": "integer",
                        "default": 10,
                        "description": "Page size (max 100)",
                        "name": "page_size",
                        "in": "query"
                    },
                    {
                        "minimum": 1,
                        "type": "integer",
                        "default": 1,
                        "description": "Page number",
                        "name": "page_number",
                        "in": "query"
                    },
                    {
                        "type": "integer",
                        "name": "game_id",
                        "in": "query"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/PagedResponse-Map"
                        }
                    },
                    "default": {
                        "description": "General error response",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    }
                }
            }
        },
        "/map/{id}": {
            "get": {
                "security": [
                    {
                        "ApiKeyAuth": []
                    }
                ],
                "description": "Get a specific map by its ID",
                "produces": [
                    "application/json"
                ],
                "tags": [
                    "maps"
                ],
                "summary": "Get map by ID",
                "parameters": [
                    {
                        "type": "integer",
                        "description": "Map ID",
                        "name": "id",
                        "in": "path",
                        "required": true
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/Response-Map"
                        }
                    },
                    "404": {
                        "description": "Map not found",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    },
                    "default": {
                        "description": "General error response",
                        "schema": {
                            "$ref": "#/definitions/Error"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
        "Error": {
            "type": "object",
            "properties": {
                "error": {
                    "type": "string"
                }
            }
        },
        "Map": {
            "type": "object",
            "properties": {
                "asset_version": {
                    "type": "integer"
                },
                "created_at": {
                    "type": "string"
                },
                "creator": {
                    "type": "string"
                },
                "date": {
                    "type": "string"
                },
                "display_name": {
                    "type": "string"
                },
                "game_id": {
                    "type": "integer"
                },
                "id": {
                    "type": "integer"
                },
                "load_count": {
                    "type": "integer"
                },
                "modes": {
                    "type": "integer"
                },
                "submitter": {
                    "type": "integer"
                },
                "thumbnail": {
                    "type": "integer"
                },
                "updated_at": {
                    "type": "string"
                }
            }
        },
        "PagedResponse-Map": {
            "type": "object",
            "properties": {
                "data": {
                    "description": "Data contains the actual response payload",
                    "type": "array",
                    "items": {
                        "$ref": "#/definitions/Map"
                    }
                },
                "pagination": {
                    "description": "Pagination contains information about paging",
                    "allOf": [
                        {
                            "$ref": "#/definitions/Pagination"
                        }
                    ]
                }
            }
        },
        "Pagination": {
            "type": "object",
            "properties": {
                "page": {
                    "description": "Current page number",
                    "type": "integer"
                },
                "page_size": {
                    "description": "Number of items per page",
                    "type": "integer"
                }
            }
        },
        "Response-Map": {
            "type": "object",
            "properties": {
                "data": {
                    "description": "Data contains the actual response payload",
                    "allOf": [
                        {
                            "$ref": "#/definitions/Map"
                        }
                    ]
                }
            }
        }
    },
    "securityDefinitions": {
        "ApiKeyAuth": {
            "type": "apiKey",
            "name": "X-API-Key",
            "in": "header"
        }
    }
 }
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -0,0 +1,141 @@
 basePath: /public-api/v1
 definitions:
  Error:
    properties:
      error:
        type: string
    type: object
  Map:
    properties:
      asset_version:
        type: integer
      created_at:
        type: string
      creator:
        type: string
      date:
        type: string
      display_name:
        type: string
      game_id:
        type: integer
      id:
        type: integer
      load_count:
        type: integer
      modes:
        type: integer
      submitter:
        type: integer
      thumbnail:
        type: integer
      updated_at:
        type: string
    type: object
  PagedResponse-Map:
    properties:
      data:
        description: Data contains the actual response payload
        items:
          $ref: '#/definitions/Map'
        type: array
      pagination:
        allOf:
        - $ref: '#/definitions/Pagination'
        description: Pagination contains information about paging
    type: object
  Pagination:
    properties:
      page:
        description: Current page number
        type: integer
      page_size:
        description: Number of items per page
        type: integer
    type: object
  Response-Map:
    properties:
      data:
        allOf:
        - $ref: '#/definitions/Map'
        description: Data contains the actual response payload
    type: object
 info:
  contact: {}
  description: |-
    Obtain an api key at https://dev.strafes.net
    Requires Data:Read permission
  title: StrafesNET Maps API
  version: "1.0"
 paths:
  /map:
    get:
      description: Get a list of maps
      parameters:
      - default: 10
        description: Page size (max 100)
        in: query
        maximum: 100
        minimum: 1
        name: page_size
        type: integer
      - default: 1
        description: Page number
        in: query
        minimum: 1
        name: page_number
        type: integer
      - in: query
        name: game_id
        type: integer
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/PagedResponse-Map'
        default:
          description: General error response
          schema:
            $ref: '#/definitions/Error'
      security:
      - ApiKeyAuth: []
      summary: List maps
      tags:
      - maps
  /map/{id}:
    get:
      description: Get a specific map by its ID
      parameters:
      - description: Map ID
        in: path
        name: id
        required: true
        type: integer
      produces:
      - application/json
      responses:
        "200":
          description: OK
          schema:
            $ref: '#/definitions/Response-Map'
        "404":
          description: Map not found
          schema:
            $ref: '#/definitions/Error'
        default:
          description: General error response
          schema:
            $ref: '#/definitions/Error'
      security:
      - ApiKeyAuth: []
      summary: Get map by ID
      tags:
      - maps
 securityDefinitions:
  ApiKeyAuth:
    in: header
    name: X-API-Key
    type: apiKey
 swagger: "2.0"
--- a/generate.go
+++ b/generate.go
@@ -1,4 +1,4 @@
 package main
 //go:generate swag init -g ./cmd/maps-service/service.go
 //go:generate go run github.com/ogen-go/ogen/cmd/ogen@latest --target pkg/api --clean openapi.yaml
 //go:generate go run github.com/ogen-go/ogen/cmd/ogen@latest --target pkg/internal --clean openapi-internal.yaml
--- a/go.mod
+++ b/go.mod
@@ -1,44 +1,80 @@
 module git.itzana.me/strafesnet/maps-service
-go 1.22
+go 1.24.0
-toolchain go1.23.3
+toolchain go1.24.5
 require (
-	git.itzana.me/strafesnet/go-grpc v0.0.0-20241129081229-9e166b3d11f7
+	git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed
 	git.itzana.me/strafesnet/go-grpc v0.0.0-20250807005013-301d35b914ef
 	git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9
 	github.com/dchest/siphash v1.2.3
 	github.com/gin-gonic/gin v1.10.1
 	github.com/go-faster/errors v0.7.1
 	github.com/go-faster/jx v1.1.0
 	github.com/nats-io/nats.go v1.37.0
 	github.com/ogen-go/ogen v1.2.1
 	github.com/sirupsen/logrus v1.9.3
-	github.com/urfave/cli/v2 v2.27.5
+	github.com/swaggo/files v1.0.1
 	github.com/swaggo/gin-swagger v1.6.0
 	github.com/swaggo/swag v1.16.6
 	github.com/urfave/cli/v2 v2.27.6
 	go.opentelemetry.io/otel v1.32.0
 	go.opentelemetry.io/otel/metric v1.32.0
 	go.opentelemetry.io/otel/trace v1.32.0
 	google.golang.org/grpc v1.48.0
-	gorm.io/driver/postgres v1.5.10
+	gorm.io/driver/postgres v1.6.0
-	gorm.io/gorm v1.25.10
+	gorm.io/gorm v1.25.12
 )
 require (
 	github.com/KyleBanks/depth v1.2.1 // indirect
 	github.com/PuerkitoBio/purell v1.1.1 // indirect
 	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
 	github.com/bytedance/sonic v1.11.6 // indirect
 	github.com/bytedance/sonic/loader v0.1.1 // indirect
 	github.com/cloudwego/base64x v0.1.4 // indirect
 	github.com/cloudwego/iasm v0.2.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-openapi/jsonpointer v0.19.5 // indirect
 	github.com/go-openapi/jsonreference v0.19.6 // indirect
 	github.com/go-openapi/spec v0.20.4 // indirect
 	github.com/go-openapi/swag v0.19.15 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.20.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
-	github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
-	github.com/jackc/pgx/v5 v5.5.5 // indirect
+	github.com/jackc/pgx/v5 v5.6.0 // indirect
-	github.com/jackc/puddle/v2 v2.2.1 // indirect
+	github.com/jackc/puddle/v2 v2.2.2 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/compress v1.17.6 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mailru/easyjson v0.7.6 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/nats-io/nkeys v0.4.7 // indirect
 	github.com/nats-io/nuid v1.0.1 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.12 // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	golang.org/x/crypto v0.23.0 // indirect
+	golang.org/x/arch v0.8.0 // indirect
 	golang.org/x/crypto v0.32.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 // indirect
-	google.golang.org/protobuf v1.28.0 // indirect
+	google.golang.org/protobuf v1.34.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 require (
@@ -53,12 +89,12 @@ require (
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/segmentio/asm v1.2.0 // indirect
-	go.uber.org/multierr v1.11.0
+	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc // indirect
-	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sync v0.12.0 // indirect
-	golang.org/x/sys v0.20.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
-	golang.org/x/text v0.15.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,14 +1,30 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-git.itzana.me/strafesnet/go-grpc v0.0.0-20241129081229-9e166b3d11f7 h1:5XzWd3ZZjSw1M60IfHuILty2vRPBYiqM0FZ+E7uHCi8=
+git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed h1:eGWIQx2AOrSsLC2dieuSs8MCliRE60tvpZnmxsTBtKc=
-git.itzana.me/strafesnet/go-grpc v0.0.0-20241129081229-9e166b3d11f7/go.mod h1:X7XTRUScRkBWq8q8bplbeso105RPDlnY7J6Wy1IwBMs=
+git.itzana.me/StrafesNET/dev-service v0.0.0-20250628052121-92af8193b5ed/go.mod h1:KJal0K++M6HEzSry6JJ2iDPZtOQn5zSstNlDbU3X4Jg=
 git.itzana.me/strafesnet/go-grpc v0.0.0-20250807005013-301d35b914ef h1:SJi4V4+xzScFnbMRN1gkZxcqR1xKfiT7CaXanLltEzw=
 git.itzana.me/strafesnet/go-grpc v0.0.0-20250807005013-301d35b914ef/go.mod h1:X7XTRUScRkBWq8q8bplbeso105RPDlnY7J6Wy1IwBMs=
 git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9 h1:7lU6jyR7S7Rhh1dnUp7GyIRHUTBXZagw8F4n4hOyxLw=
 git.itzana.me/strafesnet/utils v0.0.0-20220716194944-d8ca164052f9/go.mod h1:uyYerSieEt4v0MJCdPLppG0LtJ4Yj035vuTetWGsxjY=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc=
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
 github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=
 github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M=
 github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
 github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4=
 github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM=
 github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
 github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
 github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
 github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
@@ -17,6 +33,7 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH
 github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
 github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -32,8 +49,16 @@ github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4=
 github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI=
 github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
 github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gin-contrib/gzip v0.0.6 h1:NjcunTcGAj5CO1gn4N8jHOSIeRFHIbn51z6K+xaN4d4=
 github.com/gin-contrib/gzip v0.0.6/go.mod h1:QOJlmV2xmayAjkNS2Y8NQsMneuRShOU/kjovCXNuzzk=
 github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
 github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
 github.com/gin-gonic/gin v1.10.1 h1:T0ujvqyCSqRopADpgPgiTT63DUQVSfojyME59Ei63pQ=
 github.com/gin-gonic/gin v1.10.1/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
 github.com/go-faster/errors v0.7.1 h1:MkJTnDoEdi9pDabt1dpWf7AA8/BaSYZqibYyhZ20AYg=
 github.com/go-faster/errors v0.7.1/go.mod h1:5ySTjWFiphBs07IKuiL69nxdfd5+fzh1u7FPGZP2quo=
 github.com/go-faster/jx v1.1.0 h1:ZsW3wD+snOdmTDy9eIVgQdjUpXRRV4rqW8NS3t+20bg=
@@ -45,6 +70,26 @@ github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
 github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY=
 github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonreference v0.19.6 h1:UBIxjkht+AWIgYzCDSv2GN+E/togfwXUJFRTWhl2Jjs=
 github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns=
 github.com/go-openapi/spec v0.20.4 h1:O8hJrt0UMnhHcluhIdUgCLRWyM2x7QkBXRvOs7m+O1M=
 github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I=
 github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
 github.com/go-openapi/swag v0.19.15 h1:D2NRCBzS9/pEY3gP9Nl8aDqGUcPFrwG2p+CNFrLyrCM=
 github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
 github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -70,6 +115,7 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
@@ -77,42 +123,67 @@ github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
-github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a h1:bbPeKD0xmW/Y25WS6cokEszi5g+S0QxI/d45PkRi7Nk=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
-github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/jackc/pgx/v5 v5.5.5 h1:amBjrZVmksIdNjxGW/IiIMzxMKZFelXbUoPNb+8sjQw=
+github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY=
-github.com/jackc/pgx/v5 v5.5.5/go.mod h1:ez9gk+OAat140fv9ErkZDYFWmXLfV+++K0uAOiwgm1A=
+github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw=
-github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk=
+github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
-github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
+github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.2/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
 github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/klauspost/compress v1.17.6 h1:60eq2E/jlfwQXtvZEeBUYADs+BwKBWURIY+Gj2eRGjI=
 github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM=
 github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
 github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA=
 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/nats-io/nats.go v1.37.0 h1:07rauXbVnnJvv1gfIyghFEo6lUcYRY0WXc3x7x0vUxE=
 github.com/nats-io/nats.go v1.37.0/go.mod h1:Ubdu4Nh9exXdSz0RVWRFBbRfrbSxOYd26oF0wkWclB8=
 github.com/nats-io/nkeys v0.4.7 h1:RwNJbbIdYCoClSDNY7QVKZlyb/wfT6ugvFCiKy6vDvI=
 github.com/nats-io/nkeys v0.4.7/go.mod h1:kqXRgRDPlGy7nGaEDMuYzmiJCIAAWDK0IMBtDmGD0nc=
 github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
 github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/ogen-go/ogen v1.2.1 h1:C5A0lvUMu2wl+eWIxnpXMWnuOJ26a2FyzR1CIC2qG0M=
 github.com/ogen-go/ogen v1.2.1/go.mod h1:P2zQdEu8UqaVRfD5GEFvl+9q63VjMLvDquq1wVbyInM=
 github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
 github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
-github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
-github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
@@ -121,16 +192,35 @@ github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w=
+github.com/swaggo/files v1.0.1 h1:J1bVJ4XHZNq0I46UU90611i9/YzdrF7x92oX1ig5IdE=
-github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
+github.com/swaggo/files v1.0.1/go.mod h1:0qXmMNH6sXNf+73t65aKeB+ApmgxdnkQzVTAj2uaMUg=
 github.com/swaggo/gin-swagger v1.6.0 h1:y8sxvQ3E20/RCyrXeFfg60r6H0Z+SwpTjMYsMm+zy8M=
 github.com/swaggo/gin-swagger v1.6.0/go.mod h1:BG00cCEy294xtVpyIAHG6+e2Qzj/xKlRdOqDkvq0uzo=
 github.com/swaggo/swag v1.16.6 h1:qBNcx53ZaX+M5dxVyTrgQ0PJ/ACK+NzhwcbieTt+9yI=
 github.com/swaggo/swag v1.16.6/go.mod h1:ngP2etMK5a0P3QBizic5MEwpRmluJZPHjXcMoj4Xesg=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
 github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
 github.com/urfave/cli/v2 v2.27.6 h1:VdRdS98FNhKZ8/Az8B7MTyGQmpIr36O1EHybx/LaZ4g=
 github.com/urfave/cli/v2 v2.27.6/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
 github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
 github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U=
 go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg=
 go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M=
@@ -144,55 +234,85 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
 golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
+golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
 golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc h1:O9NuF4s+E/PvMIy+9IUZB9znFwUIXEWSstNjek6VpVg=
 golang.org/x/exp v0.0.0-20240531132922-fd00a4e0eefc/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
 golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
 golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
 golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
@@ -222,9 +342,11 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
@@ -232,12 +354,15 @@ gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gorm.io/driver/postgres v1.5.10 h1:7Lggqempgy496c0WfHXsYWxk3Th+ZcW66/21QhVFdeE=
+gorm.io/driver/postgres v1.6.0 h1:2dxzU8xJ+ivvqTRph34QX+WrRaJlmfyPqXmoGVjMBa4=
-gorm.io/driver/postgres v1.5.10/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
+gorm.io/driver/postgres v1.6.0/go.mod h1:vUw0mrGgrTK+uPHEhAdV4sfFELrByKVGnaVRkXDhtWo=
 gorm.io/gorm v1.21.11/go.mod h1:F+OptMscr0P2F2qU97WT1WimdH9GaQPoDW7AYd5i2Y0=
-gorm.io/gorm v1.25.10 h1:dQpO+33KalOA+aFYGlK+EfxcI5MbO7EP2yYygwh9h+s=
+gorm.io/gorm v1.25.12 h1:I0u8i2hWQItBq1WfE0o2+WuL9+8L21K9e2HHSTE/0f8=
-gorm.io/gorm v1.25.10/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
+gorm.io/gorm v1.25.12/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
--- a/openapi-internal.yaml
+++ b/openapi-internal.yaml
@@ -1,748 +0,0 @@
 openapi: 3.1.0
 info:
  title: StrafesNET Internal - OpenAPI 3.1
  description: Internal operations inaccessible from the public internet.
  version: 0.1.0
 tags:
  - name: Mapfixes
    description: Mapfix operations
  - name: Submissions
    description: Submission operations
 paths:
  /mapfixes:
    post:
      summary: Create a mapfix
      operationId: createMapfix
      tags:
        - Mapfixes
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MapfixCreate'
      responses:
        "201":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/MapfixID"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/validated-model:
    post:
      summary: Update validated model
      operationId: updateMapfixValidatedModel
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
        - name: ValidatedModelID
          in: query
          required: true
          schema:
            type: integer
            format: int64
            minimum: 0
        - name: ValidatedModelVersion
          in: query
          required: true
          schema:
            type: integer
            format: int64
            minimum: 0
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/validator-submitted:
    post:
      summary: (Internal endpoint) Role Validator changes status from Submitting -> Submitted
      operationId: actionMapfixSubmitted
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/validator-validated:
    post:
      summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
      operationId: actionMapfixValidated
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/validator-failed:
    post:
      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
      operationId: actionMapfixAccepted
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
        - name: StatusMessage
          in: query
          required: true
          schema:
            type: string
            minLength: 0
            maxLength: 4096
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/validator-uploaded:
    post:
      summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
      operationId: actionMapfixUploaded
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /operations/{OperationID}/status/operation-failed:
    post:
      summary: (Internal endpoint) Fail an operation and write a StatusMessage
      operationId: actionOperationFailed
      tags:
        - Operations
      parameters:
        - $ref: '#/components/parameters/OperationID'
        - name: StatusMessage
          in: query
          required: true
          schema:
            type: string
            minLength: 0
            maxLength: 4096
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions:
    post:
      summary: Create a new submission
      operationId: createSubmission
      tags:
        - Submissions
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SubmissionCreate'
      responses:
        "201":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/SubmissionID"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/validated-model:
    post:
      summary: Update validated model
      operationId: updateSubmissionValidatedModel
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
        - name: ValidatedModelID
          in: query
          required: true
          schema:
            type: integer
            format: int64
            minimum: 0
        - name: ValidatedModelVersion
          in: query
          required: true
          schema:
            type: integer
            format: int64
            minimum: 0
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/validator-submitted:
    post:
      summary: (Internal endpoint) Role Validator changes status from Submitting -> Submitted
      operationId: actionSubmissionSubmitted
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/validator-validated:
    post:
      summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
      operationId: actionSubmissionValidated
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/validator-failed:
    post:
      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
      operationId: actionSubmissionAccepted
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
        - name: StatusMessage
          in: query
          required: true
          schema:
            type: string
            minLength: 0
            maxLength: 4096
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/validator-uploaded:
    post:
      summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
      operationId: actionSubmissionUploaded
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
        - name: UploadedAssetID
          in: query
          required: true
          schema:
            type: integer
            format: int64
            minimum: 0
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /script-policy:
    get:
      summary: Get list of script policies
      operationId: listScriptPolicy
      tags:
        - ScriptPolicy
      parameters:
      - $ref: "#/components/parameters/Page"
      - $ref: "#/components/parameters/Limit"
      - name: FromScriptHash
        in: query
        schema:
          type: string
          minLength: 16
          maxLength: 16
      - name: ToScriptID
        in: query
        schema:
          type: integer
          format: int64
          minimum: 0
      - name: Policy
        in: query
        schema:
          type: integer
          format: int32
          minimum: 0
      responses:
        "200":
          description: Successful response
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/ScriptPolicy"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
    post:
      summary: Create a new script policy
      operationId: createScriptPolicy
      tags:
        - ScriptPolicy
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptPolicyCreate'
      responses:
        "201":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/ScriptPolicyID"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /scripts:
    get:
      summary: Get list of scripts
      operationId: listScripts
      tags:
        - Script
      parameters:
      - $ref: "#/components/parameters/Page"
      - $ref: "#/components/parameters/Limit"
      - name: Hash
        in: query
        schema:
          type: string
          minLength: 16
          maxLength: 16
      - name: Name
        in: query
        schema:
          type: string
          maxLength: 128
      - name: Source
        in: query
        schema:
          type: string
          maxLength: 1048576
      - name: ResourceType
        in: query
        schema:
          type: integer
          format: int32
          minimum: 0
      - name: ResourceID
        in: query
        schema:
          type: integer
          format: int64
          minimum: 0
      responses:
        "200":
          description: Successful response
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/Script"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
    post:
      summary: Create a new script
      operationId: createScript
      tags:
        - Scripts
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptCreate'
      responses:
        "201":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/ScriptID"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /scripts/{ScriptID}:
    get:
      summary: Get the specified script by ID
      operationId: getScript
      tags:
        - Scripts
      parameters:
        - $ref: '#/components/parameters/ScriptID'
      responses:
        "200":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Script"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
 components:
  parameters:
    MapfixID:
      name: MapfixID
      in: path
      required: true
      description: The unique identifier for a submission.
      schema:
        type: integer
        format: int64
        minimum: 0
    OperationID:
      name: OperationID
      in: path
      required: true
      description: The unique identifier for a long-running operation.
      schema:
        type: integer
        format: int32
        minimum: 0
    SubmissionID:
      name: SubmissionID
      in: path
      required: true
      description: The unique identifier for a submission.
      schema:
        type: integer
        format: int64
        minimum: 0
    ScriptID:
      name: ScriptID
      in: path
      required: true
      description: The unique identifier for a script.
      schema:
        type: integer
        format: int64
        minimum: 0
    Page:
      name: Page
      in: query
      required: true
      schema:
        type: integer
        format: int32
        minimum: 1
    Limit:
      name: Limit
      in: query
      required: true
      schema:
        type: integer
        format: int32
        minimum: 1
        maximum: 100
  schemas:
    MapfixID:
      required:
      - MapfixID
      type: object
      properties:
        MapfixID:
          type: integer
          format: int64
          minimum: 0
    SubmissionID:
      required:
      - SubmissionID
      type: object
      properties:
        SubmissionID:
          type: integer
          format: int64
          minimum: 0
    ScriptID:
      required:
      - ScriptID
      type: object
      properties:
        ScriptID:
          type: integer
          format: int64
          minimum: 0
    ScriptPolicyID:
      required:
      - ScriptPolicyID
      type: object
      properties:
        ScriptPolicyID:
          type: integer
          format: int64
          minimum: 0
    MapfixCreate:
      required:
      - OperationID
      - AssetOwner
      - DisplayName
      - Creator
      - GameID
      - AssetID
      - AssetVersion
      - TargetAssetID
      type: object
      properties:
        OperationID:
          type: integer
          format: int32
          minimum: 0
        AssetOwner:
          type: integer
          format: int64
          minimum: 0
        DisplayName:
          type: string
          maxLength: 128
        Creator:
          type: string
          maxLength: 128
        GameID:
          type: integer
          format: int32
          minimum: 0
        AssetID:
          type: integer
          format: int64
          minimum: 0
        AssetVersion:
          type: integer
          format: int64
          minimum: 0
        TargetAssetID:
          type: integer
          format: int64
          minimum: 0
    SubmissionCreate:
      required:
      - OperationID
      - AssetOwner
      - DisplayName
      - Creator
      - GameID
      - AssetID
      - AssetVersion
      type: object
      properties:
        OperationID:
          type: integer
          format: int32
          minimum: 0
        AssetOwner:
          type: integer
          format: int64
          minimum: 0
        DisplayName:
          type: string
          maxLength: 128
        Creator:
          type: string
          maxLength: 128
        GameID:
          type: integer
          format: int32
          minimum: 0
        AssetID:
          type: integer
          format: int64
          minimum: 0
        AssetVersion:
          type: integer
          format: int64
          minimum: 0
    Script:
      required:
      - ID
      - Name
      - Hash
      - Source
      - ResourceType
      - ResourceID
      type: object
      properties:
        ID:
          type: integer
          format: int64
          minimum: 0
        Name:
          type: string
          maxLength: 128
        Hash:
          type: string
          minLength: 16
          maxLength: 16
        Source:
          type: string
          maxLength: 1048576
        ResourceType:
          type: integer
          format: int32
          minimum: 0
        ResourceID:
          type: integer
          format: int64
          minimum: 0
    ScriptCreate:
      required:
      - Name
      - Source
      - ResourceType
 #     - ResourceID
      type: object
      properties:
        Name:
          type: string
          maxLength: 128
        Source:
          type: string
          maxLength: 1048576
        ResourceType:
          type: integer
          format: int32
          minimum: 0
        ResourceID:
          type: integer
          format: int64
          minimum: 0
    ScriptPolicy:
      required:
      - ID
      - FromScriptHash
      - ToScriptID
      - Policy
      type: object
      properties:
        ID:
          type: integer
          format: int64
          minimum: 0
        FromScriptHash:
          type: string
          minLength: 16
          maxLength: 16
        ToScriptID:
          type: integer
          format: int64
          minimum: 0
        Policy:
          type: integer
          format: int32
          minimum: 0
    ScriptPolicyCreate:
      required:
      - FromScriptID
      - ToScriptID
      - Policy
      type: object
      properties:
        FromScriptID:
          type: integer
          format: int64
          minimum: 0
        ToScriptID:
          type: integer
          format: int64
          minimum: 0
        Policy:
          type: integer
          format: int32
          minimum: 0
    Error:
      description: Represents error object
      type: object
      properties:
        code:
          type: integer
          format: int64
          minimum: 0
        message:
          type: string
      required:
        - code
        - message
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -114,6 +114,13 @@ paths:
          format: int32
          minimum: 0
          maximum: 4
        description: >
          Sort order:
          * `0` - Disabled
          * `1` - DisplayNameAscending
          * `2` - DisplayNameDescending
          * `3` - DateAscending
          * `4` - DateDescending
      responses:
        "200":
          description: Successful response
@@ -151,6 +158,34 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /maps/{MapID}/download:
    get:
      summary: Download the map asset
      operationId: downloadMapAsset
      tags:
        - Maps
      parameters:
      - name: MapID
        in: path
        required: true
        schema:
          type: integer
          format: int64
          minimum: 0
      responses:
        "200":
          description: Successful response
          content:
            application/octet-stream:
              schema:
                type: string
                format: binary
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes:
    get:
      summary: Get list of mapfixes
@@ -178,6 +213,11 @@ paths:
          format: int32
          minimum: 1
          maximum: 5
        description: >
          Game ID:
          * `1` - Bhop
          * `2` - Surf
          * `5` - FlyTrials
      - name: Sort
        in: query
        schema:
@@ -185,6 +225,13 @@ paths:
          format: int32
          minimum: 0
          maximum: 4
        description: >
          Sort order:
          * `0` - Disabled
          * `1` - DisplayNameAscending
          * `2` - DisplayNameDescending
          * `3` - DateAscending
          * `4` - DateDescending
      - name: Submitter
        in: query
        schema:
@@ -210,6 +257,24 @@ paths:
          format: int32
          minimum: 0
          maximum: 9
        description: >
          // Phase: Creation
          * `0` - UnderConstruction
          * `1` - ChangesRequested
          // Phase: Review
          * `2` - Submitting
          * `3` - Submitted
          // Phase: Testing
          * `4` - AcceptedUnvalidated // pending script review, can re-trigger validation
          * `5` - Validating
          * `6` - Validated
          * `7` - Uploading
          // Phase: Final MapfixStatus
          * `8` - Uploaded // uploaded to the group, but pending release
          * `9` - Rejected
      responses:
        "200":
          description: Successful response
@@ -384,6 +449,23 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/trigger-submit-unchecked:
    post:
      summary: Role Reviewer changes status from ChangesRequested -> Submitting
      operationId: actionMapfixTriggerSubmitUnchecked
      tags:
        - Mapfixes
      parameters:
        - $ref: '#/components/parameters/MapfixID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /mapfixes/{MapfixID}/status/reset-submitting:
    post:
      summary: Role Submitter manually resets submitting softlock and changes status from Submitting -> UnderConstruction
@@ -585,6 +667,11 @@ paths:
          format: int32
          minimum: 1
          maximum: 5
        description: >
          Game ID:
          * `1` - Bhop
          * `2` - Surf
          * `5` - FlyTrials
      - name: Sort
        in: query
        schema:
@@ -592,6 +679,13 @@ paths:
          format: int32
          minimum: 0
          maximum: 4
        description: >
          Sort order:
          * `0` - Disabled
          * `1` - DisplayNameAscending
          * `2` - DisplayNameDescending
          * `3` - DateAscending
          * `4` - DateDescending
      - name: Submitter
        in: query
        schema:
@@ -617,6 +711,25 @@ paths:
          format: int32
          minimum: 0
          maximum: 10
        description: >
          // Phase: Creation
          * `0` - UnderConstruction
          * `1` - ChangesRequested
          // Phase: Review
          * `2` - Submitting
          * `3` - Submitted
          // Phase: Testing
          * `4` - AcceptedUnvalidated // pending script review, can re-trigger validation
          * `5` - Validating
          * `6` - Validated
          * `7` - Uploading
          * `8` - Uploaded // uploaded to the group, but pending release
          // Phase: Final SubmissionStatus
          * `9` - Rejected
          * `10` - Released
      responses:
        "200":
          description: Successful response
@@ -654,6 +767,31 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions-admin:
    post:
      summary: Trigger the validator to create a new submission
      operationId: createSubmissionAdmin
      tags:
        - Submissions
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SubmissionTriggerCreate'
      responses:
        "201":
          description: Successful response
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/OperationID"
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}:
    get:
      summary: Retrieve map with ID
@@ -791,6 +929,23 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/trigger-submit-unchecked:
    post:
      summary: Role Reviewer changes status from ChangesRequested -> Submitting
      operationId: actionSubmissionTriggerSubmitUnchecked
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
      responses:
        "204":
          description: Successful response
        default:
          description: General Error
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/reset-submitting:
    post:
      summary: Role Submitter manually resets submitting softlock and changes status from Submitting -> UnderConstruction
@@ -1318,6 +1473,7 @@ components:
      - ID
      - Date
      - User
      - Username
      - ResourceType
      - ResourceID
      - EventType
@@ -1332,6 +1488,9 @@ components:
        User:
          type: integer
          format: int64
        Username:
          type: string
          maxLength: 64
        ResourceType:
          type: integer
          format: int32
@@ -1406,6 +1565,13 @@ components:
      - Creator
      - GameID
      - Date
      - CreatedAt
      - UpdatedAt
      - Submitter
      - Thumbnail
      - AssetVersion
      - LoadCount
      - Modes
      type: object
      properties:
        ID:
@@ -1426,6 +1592,27 @@ components:
          type: integer
          format: int64
          minimum: 0
        CreatedAt:
          type: integer
          format: int64
        UpdatedAt:
          type: integer
          format: int64
        Submitter:
          type: integer
          format: uint64
        Thumbnail:
          type: integer
          format: uint64
        AssetVersion:
          type: integer
          format: uint64
        LoadCount:
          type: integer
          format: uint32
        Modes:
          type: integer
          format: uint32
    Mapfix:
      required:
      - ID
@@ -1440,7 +1627,7 @@ components:
      - Completed
      - TargetAssetID
      - StatusID
-      - StatusMessage
+      - Description
      type: object
      properties:
        ID:
@@ -1487,7 +1674,7 @@ components:
          type: integer
          format: int32
          minimum: 0
-        StatusMessage:
+        Description:
          type: string
          maxLength: 256
    Mapfixes:
@@ -1508,6 +1695,7 @@ components:
      required:
      - AssetID
      - TargetAssetID
      - Description
      type: object
      properties:
        AssetID:
@@ -1518,6 +1706,9 @@ components:
          type: integer
          format: int64
          minimum: 0
        Description:
          type: string
          maxLength: 256
    Operation:
      required:
      - OperationID
@@ -1566,7 +1757,6 @@ components:
      - Completed
 #     - UploadedAssetID
      - StatusID
      - StatusMessage
      type: object
      properties:
        ID:
@@ -1621,9 +1811,6 @@ components:
          type: integer
          format: int32
          minimum: 0
        StatusMessage:
          type: string
          maxLength: 256
    Submissions:
      required:
      - Total
@@ -1641,12 +1828,25 @@ components:
    SubmissionTriggerCreate:
      required:
      - AssetID
      - DisplayName
      - Creator
      - GameID
      type: object
      properties:
        AssetID:
          type: integer
          format: int64
          minimum: 0
        DisplayName:
          type: string
          maxLength: 128
        Creator:
          type: string
          maxLength: 128
        GameID:
          type: integer
          format: int32
          minimum: 0
    ReleaseInfo:
      required:
      - SubmissionID
--- a/pkg/api/oas_client_gen.go
+++ b/pkg/api/oas_client_gen.go
@@ -72,6 +72,12 @@ type Invoker interface {
 	//
 	// POST /mapfixes/{MapfixID}/status/trigger-submit
 	ActionMapfixTriggerSubmit(ctx context.Context, params ActionMapfixTriggerSubmitParams) error
 	// ActionMapfixTriggerSubmitUnchecked invokes actionMapfixTriggerSubmitUnchecked operation.
 	//
 	// Role Reviewer changes status from ChangesRequested -> Submitting.
 	//
 	// POST /mapfixes/{MapfixID}/status/trigger-submit-unchecked
 	ActionMapfixTriggerSubmitUnchecked(ctx context.Context, params ActionMapfixTriggerSubmitUncheckedParams) error
 	// ActionMapfixTriggerUpload invokes actionMapfixTriggerUpload operation.
 	//
 	// Role Admin changes status from Validated -> Uploading.
@@ -133,6 +139,12 @@ type Invoker interface {
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-submit
 	ActionSubmissionTriggerSubmit(ctx context.Context, params ActionSubmissionTriggerSubmitParams) error
 	// ActionSubmissionTriggerSubmitUnchecked invokes actionSubmissionTriggerSubmitUnchecked operation.
 	//
 	// Role Reviewer changes status from ChangesRequested -> Submitting.
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-submit-unchecked
 	ActionSubmissionTriggerSubmitUnchecked(ctx context.Context, params ActionSubmissionTriggerSubmitUncheckedParams) error
 	// ActionSubmissionTriggerUpload invokes actionSubmissionTriggerUpload operation.
 	//
 	// Role Admin changes status from Validated -> Uploading.
@@ -181,6 +193,12 @@ type Invoker interface {
 	//
 	// POST /submissions
 	CreateSubmission(ctx context.Context, request *SubmissionTriggerCreate) (*OperationID, error)
 	// CreateSubmissionAdmin invokes createSubmissionAdmin operation.
 	//
 	// Trigger the validator to create a new submission.
 	//
 	// POST /submissions-admin
 	CreateSubmissionAdmin(ctx context.Context, request *SubmissionTriggerCreate) (*OperationID, error)
 	// CreateSubmissionAuditComment invokes createSubmissionAuditComment operation.
 	//
 	// Post a comment to the audit log.
@@ -199,6 +217,12 @@ type Invoker interface {
 	//
 	// DELETE /script-policy/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
 	// DownloadMapAsset invokes downloadMapAsset operation.
 	//
 	// Download the map asset.
 	//
 	// GET /maps/{MapID}/download
 	DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (DownloadMapAssetOK, error)
 	// GetMap invokes getMap operation.
 	//
 	// Retrieve map with ID.
@@ -1257,6 +1281,130 @@ func (c *Client) sendActionMapfixTriggerSubmit(ctx context.Context, params Actio
 	return result, nil
 }
 // ActionMapfixTriggerSubmitUnchecked invokes actionMapfixTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /mapfixes/{MapfixID}/status/trigger-submit-unchecked
 func (c *Client) ActionMapfixTriggerSubmitUnchecked(ctx context.Context, params ActionMapfixTriggerSubmitUncheckedParams) error {
 	_, err := c.sendActionMapfixTriggerSubmitUnchecked(ctx, params)
 	return err
 }
 func (c *Client) sendActionMapfixTriggerSubmitUnchecked(ctx context.Context, params ActionMapfixTriggerSubmitUncheckedParams) (res *ActionMapfixTriggerSubmitUncheckedNoContent, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("actionMapfixTriggerSubmitUnchecked"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/mapfixes/{MapfixID}/status/trigger-submit-unchecked"),
 	}
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		elapsedDuration := time.Since(startTime)
 		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
 	}()
 	// Increment request counter.
 	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 	// Start a span for this request.
 	ctx, span := c.cfg.Tracer.Start(ctx, ActionMapfixTriggerSubmitUncheckedOperation,
 		trace.WithAttributes(otelAttrs...),
 		clientSpanKind,
 	)
 	// Track stage for error reporting.
 	var stage string
 	defer func() {
 		if err != nil {
 			span.RecordError(err)
 			span.SetStatus(codes.Error, stage)
 			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 		}
 		span.End()
 	}()
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [3]string
 	pathParts[0] = "/mapfixes/"
 	{
 		// Encode "MapfixID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{
 			Param:   "MapfixID",
 			Style:   uri.PathStyleSimple,
 			Explode: false,
 		})
 		if err := func() error {
 			return e.EncodeValue(conv.Int64ToString(params.MapfixID))
 		}(); err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		encoded, err := e.Result()
 		if err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		pathParts[1] = encoded
 	}
 	pathParts[2] = "/status/trigger-submit-unchecked"
 	uri.AddPathParts(u, pathParts[:]...)
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "POST", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			stage = "Security:CookieAuth"
 			switch err := c.securityCookieAuth(ctx, ActionMapfixTriggerSubmitUncheckedOperation, r); {
 			case err == nil: // if NO error
 				satisfied[0] |= 1 << 0
 			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
 				// Skip this security.
 			default:
 				return res, errors.Wrap(err, "security \"CookieAuth\"")
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
 		}
 	}
 	stage = "SendRequest"
 	resp, err := c.cfg.Client.Do(r)
 	if err != nil {
 		return res, errors.Wrap(err, "do request")
 	}
 	defer resp.Body.Close()
 	stage = "DecodeResponse"
 	result, err := decodeActionMapfixTriggerSubmitUncheckedResponse(resp)
 	if err != nil {
 		return res, errors.Wrap(err, "decode response")
 	}
 	return result, nil
 }
 // ActionMapfixTriggerUpload invokes actionMapfixTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -2498,6 +2646,130 @@ func (c *Client) sendActionSubmissionTriggerSubmit(ctx context.Context, params A
 	return result, nil
 }
 // ActionSubmissionTriggerSubmitUnchecked invokes actionSubmissionTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /submissions/{SubmissionID}/status/trigger-submit-unchecked
 func (c *Client) ActionSubmissionTriggerSubmitUnchecked(ctx context.Context, params ActionSubmissionTriggerSubmitUncheckedParams) error {
 	_, err := c.sendActionSubmissionTriggerSubmitUnchecked(ctx, params)
 	return err
 }
 func (c *Client) sendActionSubmissionTriggerSubmitUnchecked(ctx context.Context, params ActionSubmissionTriggerSubmitUncheckedParams) (res *ActionSubmissionTriggerSubmitUncheckedNoContent, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("actionSubmissionTriggerSubmitUnchecked"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/submissions/{SubmissionID}/status/trigger-submit-unchecked"),
 	}
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		elapsedDuration := time.Since(startTime)
 		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
 	}()
 	// Increment request counter.
 	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 	// Start a span for this request.
 	ctx, span := c.cfg.Tracer.Start(ctx, ActionSubmissionTriggerSubmitUncheckedOperation,
 		trace.WithAttributes(otelAttrs...),
 		clientSpanKind,
 	)
 	// Track stage for error reporting.
 	var stage string
 	defer func() {
 		if err != nil {
 			span.RecordError(err)
 			span.SetStatus(codes.Error, stage)
 			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 		}
 		span.End()
 	}()
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [3]string
 	pathParts[0] = "/submissions/"
 	{
 		// Encode "SubmissionID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{
 			Param:   "SubmissionID",
 			Style:   uri.PathStyleSimple,
 			Explode: false,
 		})
 		if err := func() error {
 			return e.EncodeValue(conv.Int64ToString(params.SubmissionID))
 		}(); err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		encoded, err := e.Result()
 		if err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		pathParts[1] = encoded
 	}
 	pathParts[2] = "/status/trigger-submit-unchecked"
 	uri.AddPathParts(u, pathParts[:]...)
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "POST", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			stage = "Security:CookieAuth"
 			switch err := c.securityCookieAuth(ctx, ActionSubmissionTriggerSubmitUncheckedOperation, r); {
 			case err == nil: // if NO error
 				satisfied[0] |= 1 << 0
 			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
 				// Skip this security.
 			default:
 				return res, errors.Wrap(err, "security \"CookieAuth\"")
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
 		}
 	}
 	stage = "SendRequest"
 	resp, err := c.cfg.Client.Do(r)
 	if err != nil {
 		return res, errors.Wrap(err, "do request")
 	}
 	defer resp.Body.Close()
 	stage = "DecodeResponse"
 	result, err := decodeActionSubmissionTriggerSubmitUncheckedResponse(resp)
 	if err != nil {
 		return res, errors.Wrap(err, "decode response")
 	}
 	return result, nil
 }
 // ActionSubmissionTriggerUpload invokes actionSubmissionTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -3429,6 +3701,114 @@ func (c *Client) sendCreateSubmission(ctx context.Context, request *SubmissionTr
 	return result, nil
 }
 // CreateSubmissionAdmin invokes createSubmissionAdmin operation.
 //
 // Trigger the validator to create a new submission.
 //
 // POST /submissions-admin
 func (c *Client) CreateSubmissionAdmin(ctx context.Context, request *SubmissionTriggerCreate) (*OperationID, error) {
 	res, err := c.sendCreateSubmissionAdmin(ctx, request)
 	return res, err
 }
 func (c *Client) sendCreateSubmissionAdmin(ctx context.Context, request *SubmissionTriggerCreate) (res *OperationID, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("createSubmissionAdmin"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/submissions-admin"),
 	}
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		elapsedDuration := time.Since(startTime)
 		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
 	}()
 	// Increment request counter.
 	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 	// Start a span for this request.
 	ctx, span := c.cfg.Tracer.Start(ctx, CreateSubmissionAdminOperation,
 		trace.WithAttributes(otelAttrs...),
 		clientSpanKind,
 	)
 	// Track stage for error reporting.
 	var stage string
 	defer func() {
 		if err != nil {
 			span.RecordError(err)
 			span.SetStatus(codes.Error, stage)
 			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 		}
 		span.End()
 	}()
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [1]string
 	pathParts[0] = "/submissions-admin"
 	uri.AddPathParts(u, pathParts[:]...)
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "POST", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
 	if err := encodeCreateSubmissionAdminRequest(request, r); err != nil {
 		return res, errors.Wrap(err, "encode request")
 	}
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			stage = "Security:CookieAuth"
 			switch err := c.securityCookieAuth(ctx, CreateSubmissionAdminOperation, r); {
 			case err == nil: // if NO error
 				satisfied[0] |= 1 << 0
 			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
 				// Skip this security.
 			default:
 				return res, errors.Wrap(err, "security \"CookieAuth\"")
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
 		}
 	}
 	stage = "SendRequest"
 	resp, err := c.cfg.Client.Do(r)
 	if err != nil {
 		return res, errors.Wrap(err, "do request")
 	}
 	defer resp.Body.Close()
 	stage = "DecodeResponse"
 	result, err := decodeCreateSubmissionAdminResponse(resp)
 	if err != nil {
 		return res, errors.Wrap(err, "decode response")
 	}
 	return result, nil
 }
 // CreateSubmissionAuditComment invokes createSubmissionAuditComment operation.
 //
 // Post a comment to the audit log.
@@ -3802,6 +4182,130 @@ func (c *Client) sendDeleteScriptPolicy(ctx context.Context, params DeleteScript
 	return result, nil
 }
 // DownloadMapAsset invokes downloadMapAsset operation.
 //
 // Download the map asset.
 //
 // GET /maps/{MapID}/download
 func (c *Client) DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (DownloadMapAssetOK, error) {
 	res, err := c.sendDownloadMapAsset(ctx, params)
 	return res, err
 }
 func (c *Client) sendDownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (res DownloadMapAssetOK, err error) {
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("downloadMapAsset"),
 		semconv.HTTPRequestMethodKey.String("GET"),
 		semconv.HTTPRouteKey.String("/maps/{MapID}/download"),
 	}
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		elapsedDuration := time.Since(startTime)
 		c.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), metric.WithAttributes(otelAttrs...))
 	}()
 	// Increment request counter.
 	c.requests.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 	// Start a span for this request.
 	ctx, span := c.cfg.Tracer.Start(ctx, DownloadMapAssetOperation,
 		trace.WithAttributes(otelAttrs...),
 		clientSpanKind,
 	)
 	// Track stage for error reporting.
 	var stage string
 	defer func() {
 		if err != nil {
 			span.RecordError(err)
 			span.SetStatus(codes.Error, stage)
 			c.errors.Add(ctx, 1, metric.WithAttributes(otelAttrs...))
 		}
 		span.End()
 	}()
 	stage = "BuildURL"
 	u := uri.Clone(c.requestURL(ctx))
 	var pathParts [3]string
 	pathParts[0] = "/maps/"
 	{
 		// Encode "MapID" parameter.
 		e := uri.NewPathEncoder(uri.PathEncoderConfig{
 			Param:   "MapID",
 			Style:   uri.PathStyleSimple,
 			Explode: false,
 		})
 		if err := func() error {
 			return e.EncodeValue(conv.Int64ToString(params.MapID))
 		}(); err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		encoded, err := e.Result()
 		if err != nil {
 			return res, errors.Wrap(err, "encode path")
 		}
 		pathParts[1] = encoded
 	}
 	pathParts[2] = "/download"
 	uri.AddPathParts(u, pathParts[:]...)
 	stage = "EncodeRequest"
 	r, err := ht.NewRequest(ctx, "GET", u)
 	if err != nil {
 		return res, errors.Wrap(err, "create request")
 	}
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			stage = "Security:CookieAuth"
 			switch err := c.securityCookieAuth(ctx, DownloadMapAssetOperation, r); {
 			case err == nil: // if NO error
 				satisfied[0] |= 1 << 0
 			case errors.Is(err, ogenerrors.ErrSkipClientSecurity):
 				// Skip this security.
 			default:
 				return res, errors.Wrap(err, "security \"CookieAuth\"")
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			return res, ogenerrors.ErrSecurityRequirementIsNotSatisfied
 		}
 	}
 	stage = "SendRequest"
 	resp, err := c.cfg.Client.Do(r)
 	if err != nil {
 		return res, errors.Wrap(err, "do request")
 	}
 	defer resp.Body.Close()
 	stage = "DecodeResponse"
 	result, err := decodeDownloadMapAssetResponse(resp)
 	if err != nil {
 		return res, errors.Wrap(err, "decode response")
 	}
 	return result, nil
 }
 // GetMap invokes getMap operation.
 //
 // Retrieve map with ID.
--- a/pkg/api/oas_handlers_gen.go
+++ b/pkg/api/oas_handlers_gen.go
@@ -1396,6 +1396,201 @@ func (s *Server) handleActionMapfixTriggerSubmitRequest(args [1]string, argsEsca
 	}
 }
 // handleActionMapfixTriggerSubmitUncheckedRequest handles actionMapfixTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /mapfixes/{MapfixID}/status/trigger-submit-unchecked
 func (s *Server) handleActionMapfixTriggerSubmitUncheckedRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("actionMapfixTriggerSubmitUnchecked"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/mapfixes/{MapfixID}/status/trigger-submit-unchecked"),
 	}
 	// Start a span for this request.
 	ctx, span := s.cfg.Tracer.Start(r.Context(), ActionMapfixTriggerSubmitUncheckedOperation,
 		trace.WithAttributes(otelAttrs...),
 		serverSpanKind,
 	)
 	defer span.End()
 	// Add Labeler to context.
 	labeler := &Labeler{attrs: otelAttrs}
 	ctx = contextWithLabeler(ctx, labeler)
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		elapsedDuration := time.Since(startTime)
 		attrSet := labeler.AttributeSet()
 		attrs := attrSet.ToSlice()
 		code := statusWriter.status
 		if code != 0 {
 			codeAttr := semconv.HTTPResponseStatusCode(code)
 			attrs = append(attrs, codeAttr)
 			span.SetAttributes(codeAttr)
 		}
 		attrOpt := metric.WithAttributes(attrs...)
 		// Increment request counter.
 		s.requests.Add(ctx, 1, attrOpt)
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
 	}()
 	var (
 		recordError = func(stage string, err error) {
 			span.RecordError(err)
 			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
 			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
 			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
 			// max redirects exceeded), in which case status MUST be set to Error.
 			code := statusWriter.status
 			if code >= 100 && code < 500 {
 				span.SetStatus(codes.Error, stage)
 			}
 			attrSet := labeler.AttributeSet()
 			attrs := attrSet.ToSlice()
 			if code != 0 {
 				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
 			}
 			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
 		}
 		err          error
 		opErrContext = ogenerrors.OperationContext{
 			Name: ActionMapfixTriggerSubmitUncheckedOperation,
 			ID:   "actionMapfixTriggerSubmitUnchecked",
 		}
 	)
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			sctx, ok, err := s.securityCookieAuth(ctx, ActionMapfixTriggerSubmitUncheckedOperation, r)
 			if err != nil {
 				err = &ogenerrors.SecurityError{
 					OperationContext: opErrContext,
 					Security:         "CookieAuth",
 					Err:              err,
 				}
 				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 					defer recordError("Security:CookieAuth", err)
 				}
 				return
 			}
 			if ok {
 				satisfied[0] |= 1 << 0
 				ctx = sctx
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			err = &ogenerrors.SecurityError{
 				OperationContext: opErrContext,
 				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
 			}
 			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 				defer recordError("Security", err)
 			}
 			return
 		}
 	}
 	params, err := decodeActionMapfixTriggerSubmitUncheckedParams(args, argsEscaped, r)
 	if err != nil {
 		err = &ogenerrors.DecodeParamsError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
 		defer recordError("DecodeParams", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
 	var response *ActionMapfixTriggerSubmitUncheckedNoContent
 	if m := s.cfg.Middleware; m != nil {
 		mreq := middleware.Request{
 			Context:          ctx,
 			OperationName:    ActionMapfixTriggerSubmitUncheckedOperation,
 			OperationSummary: "Role Reviewer changes status from ChangesRequested -> Submitting",
 			OperationID:      "actionMapfixTriggerSubmitUnchecked",
 			Body:             nil,
 			Params: middleware.Parameters{
 				{
 					Name: "MapfixID",
 					In:   "path",
 				}: params.MapfixID,
 			},
 			Raw: r,
 		}
 		type (
 			Request  = struct{}
 			Params   = ActionMapfixTriggerSubmitUncheckedParams
 			Response = *ActionMapfixTriggerSubmitUncheckedNoContent
 		)
 		response, err = middleware.HookMiddleware[
 			Request,
 			Params,
 			Response,
 		](
 			m,
 			mreq,
 			unpackActionMapfixTriggerSubmitUncheckedParams,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
 				err = s.h.ActionMapfixTriggerSubmitUnchecked(ctx, params)
 				return response, err
 			},
 		)
 	} else {
 		err = s.h.ActionMapfixTriggerSubmitUnchecked(ctx, params)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
 			if err := encodeErrorResponse(errRes, w, span); err != nil {
 				defer recordError("Internal", err)
 			}
 			return
 		}
 		if errors.Is(err, ht.ErrNotImplemented) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 			return
 		}
 		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
 			defer recordError("Internal", err)
 		}
 		return
 	}
 	if err := encodeActionMapfixTriggerSubmitUncheckedResponse(response, w, span); err != nil {
 		defer recordError("EncodeResponse", err)
 		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 		}
 		return
 	}
 }
 // handleActionMapfixTriggerUploadRequest handles actionMapfixTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -3347,6 +3542,201 @@ func (s *Server) handleActionSubmissionTriggerSubmitRequest(args [1]string, args
 	}
 }
 // handleActionSubmissionTriggerSubmitUncheckedRequest handles actionSubmissionTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /submissions/{SubmissionID}/status/trigger-submit-unchecked
 func (s *Server) handleActionSubmissionTriggerSubmitUncheckedRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("actionSubmissionTriggerSubmitUnchecked"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/submissions/{SubmissionID}/status/trigger-submit-unchecked"),
 	}
 	// Start a span for this request.
 	ctx, span := s.cfg.Tracer.Start(r.Context(), ActionSubmissionTriggerSubmitUncheckedOperation,
 		trace.WithAttributes(otelAttrs...),
 		serverSpanKind,
 	)
 	defer span.End()
 	// Add Labeler to context.
 	labeler := &Labeler{attrs: otelAttrs}
 	ctx = contextWithLabeler(ctx, labeler)
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		elapsedDuration := time.Since(startTime)
 		attrSet := labeler.AttributeSet()
 		attrs := attrSet.ToSlice()
 		code := statusWriter.status
 		if code != 0 {
 			codeAttr := semconv.HTTPResponseStatusCode(code)
 			attrs = append(attrs, codeAttr)
 			span.SetAttributes(codeAttr)
 		}
 		attrOpt := metric.WithAttributes(attrs...)
 		// Increment request counter.
 		s.requests.Add(ctx, 1, attrOpt)
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
 	}()
 	var (
 		recordError = func(stage string, err error) {
 			span.RecordError(err)
 			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
 			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
 			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
 			// max redirects exceeded), in which case status MUST be set to Error.
 			code := statusWriter.status
 			if code >= 100 && code < 500 {
 				span.SetStatus(codes.Error, stage)
 			}
 			attrSet := labeler.AttributeSet()
 			attrs := attrSet.ToSlice()
 			if code != 0 {
 				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
 			}
 			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
 		}
 		err          error
 		opErrContext = ogenerrors.OperationContext{
 			Name: ActionSubmissionTriggerSubmitUncheckedOperation,
 			ID:   "actionSubmissionTriggerSubmitUnchecked",
 		}
 	)
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			sctx, ok, err := s.securityCookieAuth(ctx, ActionSubmissionTriggerSubmitUncheckedOperation, r)
 			if err != nil {
 				err = &ogenerrors.SecurityError{
 					OperationContext: opErrContext,
 					Security:         "CookieAuth",
 					Err:              err,
 				}
 				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 					defer recordError("Security:CookieAuth", err)
 				}
 				return
 			}
 			if ok {
 				satisfied[0] |= 1 << 0
 				ctx = sctx
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			err = &ogenerrors.SecurityError{
 				OperationContext: opErrContext,
 				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
 			}
 			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 				defer recordError("Security", err)
 			}
 			return
 		}
 	}
 	params, err := decodeActionSubmissionTriggerSubmitUncheckedParams(args, argsEscaped, r)
 	if err != nil {
 		err = &ogenerrors.DecodeParamsError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
 		defer recordError("DecodeParams", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
 	var response *ActionSubmissionTriggerSubmitUncheckedNoContent
 	if m := s.cfg.Middleware; m != nil {
 		mreq := middleware.Request{
 			Context:          ctx,
 			OperationName:    ActionSubmissionTriggerSubmitUncheckedOperation,
 			OperationSummary: "Role Reviewer changes status from ChangesRequested -> Submitting",
 			OperationID:      "actionSubmissionTriggerSubmitUnchecked",
 			Body:             nil,
 			Params: middleware.Parameters{
 				{
 					Name: "SubmissionID",
 					In:   "path",
 				}: params.SubmissionID,
 			},
 			Raw: r,
 		}
 		type (
 			Request  = struct{}
 			Params   = ActionSubmissionTriggerSubmitUncheckedParams
 			Response = *ActionSubmissionTriggerSubmitUncheckedNoContent
 		)
 		response, err = middleware.HookMiddleware[
 			Request,
 			Params,
 			Response,
 		](
 			m,
 			mreq,
 			unpackActionSubmissionTriggerSubmitUncheckedParams,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
 				err = s.h.ActionSubmissionTriggerSubmitUnchecked(ctx, params)
 				return response, err
 			},
 		)
 	} else {
 		err = s.h.ActionSubmissionTriggerSubmitUnchecked(ctx, params)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
 			if err := encodeErrorResponse(errRes, w, span); err != nil {
 				defer recordError("Internal", err)
 			}
 			return
 		}
 		if errors.Is(err, ht.ErrNotImplemented) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 			return
 		}
 		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
 			defer recordError("Internal", err)
 		}
 		return
 	}
 	if err := encodeActionSubmissionTriggerSubmitUncheckedResponse(response, w, span); err != nil {
 		defer recordError("EncodeResponse", err)
 		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 		}
 		return
 	}
 }
 // handleActionSubmissionTriggerUploadRequest handles actionSubmissionTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -4922,6 +5312,201 @@ func (s *Server) handleCreateSubmissionRequest(args [0]string, argsEscaped bool,
 	}
 }
 // handleCreateSubmissionAdminRequest handles createSubmissionAdmin operation.
 //
 // Trigger the validator to create a new submission.
 //
 // POST /submissions-admin
 func (s *Server) handleCreateSubmissionAdminRequest(args [0]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("createSubmissionAdmin"),
 		semconv.HTTPRequestMethodKey.String("POST"),
 		semconv.HTTPRouteKey.String("/submissions-admin"),
 	}
 	// Start a span for this request.
 	ctx, span := s.cfg.Tracer.Start(r.Context(), CreateSubmissionAdminOperation,
 		trace.WithAttributes(otelAttrs...),
 		serverSpanKind,
 	)
 	defer span.End()
 	// Add Labeler to context.
 	labeler := &Labeler{attrs: otelAttrs}
 	ctx = contextWithLabeler(ctx, labeler)
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		elapsedDuration := time.Since(startTime)
 		attrSet := labeler.AttributeSet()
 		attrs := attrSet.ToSlice()
 		code := statusWriter.status
 		if code != 0 {
 			codeAttr := semconv.HTTPResponseStatusCode(code)
 			attrs = append(attrs, codeAttr)
 			span.SetAttributes(codeAttr)
 		}
 		attrOpt := metric.WithAttributes(attrs...)
 		// Increment request counter.
 		s.requests.Add(ctx, 1, attrOpt)
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
 	}()
 	var (
 		recordError = func(stage string, err error) {
 			span.RecordError(err)
 			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
 			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
 			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
 			// max redirects exceeded), in which case status MUST be set to Error.
 			code := statusWriter.status
 			if code >= 100 && code < 500 {
 				span.SetStatus(codes.Error, stage)
 			}
 			attrSet := labeler.AttributeSet()
 			attrs := attrSet.ToSlice()
 			if code != 0 {
 				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
 			}
 			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
 		}
 		err          error
 		opErrContext = ogenerrors.OperationContext{
 			Name: CreateSubmissionAdminOperation,
 			ID:   "createSubmissionAdmin",
 		}
 	)
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			sctx, ok, err := s.securityCookieAuth(ctx, CreateSubmissionAdminOperation, r)
 			if err != nil {
 				err = &ogenerrors.SecurityError{
 					OperationContext: opErrContext,
 					Security:         "CookieAuth",
 					Err:              err,
 				}
 				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 					defer recordError("Security:CookieAuth", err)
 				}
 				return
 			}
 			if ok {
 				satisfied[0] |= 1 << 0
 				ctx = sctx
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			err = &ogenerrors.SecurityError{
 				OperationContext: opErrContext,
 				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
 			}
 			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 				defer recordError("Security", err)
 			}
 			return
 		}
 	}
 	request, close, err := s.decodeCreateSubmissionAdminRequest(r)
 	if err != nil {
 		err = &ogenerrors.DecodeRequestError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
 		defer recordError("DecodeRequest", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
 	defer func() {
 		if err := close(); err != nil {
 			recordError("CloseRequest", err)
 		}
 	}()
 	var response *OperationID
 	if m := s.cfg.Middleware; m != nil {
 		mreq := middleware.Request{
 			Context:          ctx,
 			OperationName:    CreateSubmissionAdminOperation,
 			OperationSummary: "Trigger the validator to create a new submission",
 			OperationID:      "createSubmissionAdmin",
 			Body:             request,
 			Params:           middleware.Parameters{},
 			Raw:              r,
 		}
 		type (
 			Request  = *SubmissionTriggerCreate
 			Params   = struct{}
 			Response = *OperationID
 		)
 		response, err = middleware.HookMiddleware[
 			Request,
 			Params,
 			Response,
 		](
 			m,
 			mreq,
 			nil,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
 				response, err = s.h.CreateSubmissionAdmin(ctx, request)
 				return response, err
 			},
 		)
 	} else {
 		response, err = s.h.CreateSubmissionAdmin(ctx, request)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
 			if err := encodeErrorResponse(errRes, w, span); err != nil {
 				defer recordError("Internal", err)
 			}
 			return
 		}
 		if errors.Is(err, ht.ErrNotImplemented) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 			return
 		}
 		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
 			defer recordError("Internal", err)
 		}
 		return
 	}
 	if err := encodeCreateSubmissionAdminResponse(response, w, span); err != nil {
 		defer recordError("EncodeResponse", err)
 		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 		}
 		return
 	}
 }
 // handleCreateSubmissionAuditCommentRequest handles createSubmissionAuditComment operation.
 //
 // Post a comment to the audit log.
@@ -5522,6 +6107,201 @@ func (s *Server) handleDeleteScriptPolicyRequest(args [1]string, argsEscaped boo
 	}
 }
 // handleDownloadMapAssetRequest handles downloadMapAsset operation.
 //
 // Download the map asset.
 //
 // GET /maps/{MapID}/download
 func (s *Server) handleDownloadMapAssetRequest(args [1]string, argsEscaped bool, w http.ResponseWriter, r *http.Request) {
 	statusWriter := &codeRecorder{ResponseWriter: w}
 	w = statusWriter
 	otelAttrs := []attribute.KeyValue{
 		otelogen.OperationID("downloadMapAsset"),
 		semconv.HTTPRequestMethodKey.String("GET"),
 		semconv.HTTPRouteKey.String("/maps/{MapID}/download"),
 	}
 	// Start a span for this request.
 	ctx, span := s.cfg.Tracer.Start(r.Context(), DownloadMapAssetOperation,
 		trace.WithAttributes(otelAttrs...),
 		serverSpanKind,
 	)
 	defer span.End()
 	// Add Labeler to context.
 	labeler := &Labeler{attrs: otelAttrs}
 	ctx = contextWithLabeler(ctx, labeler)
 	// Run stopwatch.
 	startTime := time.Now()
 	defer func() {
 		elapsedDuration := time.Since(startTime)
 		attrSet := labeler.AttributeSet()
 		attrs := attrSet.ToSlice()
 		code := statusWriter.status
 		if code != 0 {
 			codeAttr := semconv.HTTPResponseStatusCode(code)
 			attrs = append(attrs, codeAttr)
 			span.SetAttributes(codeAttr)
 		}
 		attrOpt := metric.WithAttributes(attrs...)
 		// Increment request counter.
 		s.requests.Add(ctx, 1, attrOpt)
 		// Use floating point division here for higher precision (instead of Millisecond method).
 		s.duration.Record(ctx, float64(elapsedDuration)/float64(time.Millisecond), attrOpt)
 	}()
 	var (
 		recordError = func(stage string, err error) {
 			span.RecordError(err)
 			// https://opentelemetry.io/docs/specs/semconv/http/http-spans/#status
 			// Span Status MUST be left unset if HTTP status code was in the 1xx, 2xx or 3xx ranges,
 			// unless there was another error (e.g., network error receiving the response body; or 3xx codes with
 			// max redirects exceeded), in which case status MUST be set to Error.
 			code := statusWriter.status
 			if code >= 100 && code < 500 {
 				span.SetStatus(codes.Error, stage)
 			}
 			attrSet := labeler.AttributeSet()
 			attrs := attrSet.ToSlice()
 			if code != 0 {
 				attrs = append(attrs, semconv.HTTPResponseStatusCode(code))
 			}
 			s.errors.Add(ctx, 1, metric.WithAttributes(attrs...))
 		}
 		err          error
 		opErrContext = ogenerrors.OperationContext{
 			Name: DownloadMapAssetOperation,
 			ID:   "downloadMapAsset",
 		}
 	)
 	{
 		type bitset = [1]uint8
 		var satisfied bitset
 		{
 			sctx, ok, err := s.securityCookieAuth(ctx, DownloadMapAssetOperation, r)
 			if err != nil {
 				err = &ogenerrors.SecurityError{
 					OperationContext: opErrContext,
 					Security:         "CookieAuth",
 					Err:              err,
 				}
 				if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 					defer recordError("Security:CookieAuth", err)
 				}
 				return
 			}
 			if ok {
 				satisfied[0] |= 1 << 0
 				ctx = sctx
 			}
 		}
 		if ok := func() bool {
 		nextRequirement:
 			for _, requirement := range []bitset{
 				{0b00000001},
 			} {
 				for i, mask := range requirement {
 					if satisfied[i]&mask != mask {
 						continue nextRequirement
 					}
 				}
 				return true
 			}
 			return false
 		}(); !ok {
 			err = &ogenerrors.SecurityError{
 				OperationContext: opErrContext,
 				Err:              ogenerrors.ErrSecurityRequirementIsNotSatisfied,
 			}
 			if encodeErr := encodeErrorResponse(s.h.NewError(ctx, err), w, span); encodeErr != nil {
 				defer recordError("Security", err)
 			}
 			return
 		}
 	}
 	params, err := decodeDownloadMapAssetParams(args, argsEscaped, r)
 	if err != nil {
 		err = &ogenerrors.DecodeParamsError{
 			OperationContext: opErrContext,
 			Err:              err,
 		}
 		defer recordError("DecodeParams", err)
 		s.cfg.ErrorHandler(ctx, w, r, err)
 		return
 	}
 	var response DownloadMapAssetOK
 	if m := s.cfg.Middleware; m != nil {
 		mreq := middleware.Request{
 			Context:          ctx,
 			OperationName:    DownloadMapAssetOperation,
 			OperationSummary: "Download the map asset",
 			OperationID:      "downloadMapAsset",
 			Body:             nil,
 			Params: middleware.Parameters{
 				{
 					Name: "MapID",
 					In:   "path",
 				}: params.MapID,
 			},
 			Raw: r,
 		}
 		type (
 			Request  = struct{}
 			Params   = DownloadMapAssetParams
 			Response = DownloadMapAssetOK
 		)
 		response, err = middleware.HookMiddleware[
 			Request,
 			Params,
 			Response,
 		](
 			m,
 			mreq,
 			unpackDownloadMapAssetParams,
 			func(ctx context.Context, request Request, params Params) (response Response, err error) {
 				response, err = s.h.DownloadMapAsset(ctx, params)
 				return response, err
 			},
 		)
 	} else {
 		response, err = s.h.DownloadMapAsset(ctx, params)
 	}
 	if err != nil {
 		if errRes, ok := errors.Into[*ErrorStatusCode](err); ok {
 			if err := encodeErrorResponse(errRes, w, span); err != nil {
 				defer recordError("Internal", err)
 			}
 			return
 		}
 		if errors.Is(err, ht.ErrNotImplemented) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 			return
 		}
 		if err := encodeErrorResponse(s.h.NewError(ctx, err), w, span); err != nil {
 			defer recordError("Internal", err)
 		}
 		return
 	}
 	if err := encodeDownloadMapAssetResponse(response, w, span); err != nil {
 		defer recordError("EncodeResponse", err)
 		if !errors.Is(err, ht.ErrInternalServerErrorResponse) {
 			s.cfg.ErrorHandler(ctx, w, r, err)
 		}
 		return
 	}
 }
 // handleGetMapRequest handles getMap operation.
 //
 // Retrieve map with ID.
--- a/pkg/api/oas_json_gen.go
+++ b/pkg/api/oas_json_gen.go
@@ -34,6 +34,10 @@ func (s *AuditEvent) encodeFields(e *jx.Encoder) {
 		e.FieldStart("User")
 		e.Int64(s.User)
 	}
 	{
 		e.FieldStart("Username")
 		e.Str(s.Username)
 	}
 	{
 		e.FieldStart("ResourceType")
 		e.Int32(s.ResourceType)
@@ -52,14 +56,15 @@ func (s *AuditEvent) encodeFields(e *jx.Encoder) {
 	}
 }
-var jsonFieldsNameOfAuditEvent = [7]string{
+var jsonFieldsNameOfAuditEvent = [8]string{
 	0: "ID",
 	1: "Date",
 	2: "User",
-	3: "ResourceType",
+	3: "Username",
-	4: "ResourceID",
+	4: "ResourceType",
-	5: "EventType",
+	5: "ResourceID",
-	6: "EventData",
+	6: "EventType",
 	7: "EventData",
 }
 // Decode decodes AuditEvent from json.
@@ -107,8 +112,20 @@ func (s *AuditEvent) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"User\"")
 			}
-		case "ResourceType":
+		case "Username":
 			requiredBitSet[0] |= 1 << 3
 			if err := func() error {
 				v, err := d.Str()
 				s.Username = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Username\"")
 			}
 		case "ResourceType":
 			requiredBitSet[0] |= 1 << 4
 			if err := func() error {
 				v, err := d.Int32()
 				s.ResourceType = int32(v)
@@ -120,7 +137,7 @@ func (s *AuditEvent) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"ResourceType\"")
 			}
 		case "ResourceID":
-			requiredBitSet[0] |= 1 << 4
+			requiredBitSet[0] |= 1 << 5
 			if err := func() error {
 				v, err := d.Int64()
 				s.ResourceID = int64(v)
@@ -132,7 +149,7 @@ func (s *AuditEvent) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"ResourceID\"")
 			}
 		case "EventType":
-			requiredBitSet[0] |= 1 << 5
+			requiredBitSet[0] |= 1 << 6
 			if err := func() error {
 				v, err := d.Int32()
 				s.EventType = int32(v)
@@ -144,7 +161,7 @@ func (s *AuditEvent) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"EventType\"")
 			}
 		case "EventData":
-			requiredBitSet[0] |= 1 << 6
+			requiredBitSet[0] |= 1 << 7
 			if err := func() error {
 				if err := s.EventData.Decode(d); err != nil {
 					return err
@@ -163,7 +180,7 @@ func (s *AuditEvent) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b01111111,
+		0b11111111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -409,14 +426,49 @@ func (s *Map) encodeFields(e *jx.Encoder) {
 		e.FieldStart("Date")
 		e.Int64(s.Date)
 	}
 	{
 		e.FieldStart("CreatedAt")
 		e.Int64(s.CreatedAt)
 	}
 	{
 		e.FieldStart("UpdatedAt")
 		e.Int64(s.UpdatedAt)
 	}
 	{
 		e.FieldStart("Submitter")
 		e.UInt64(s.Submitter)
 	}
 	{
 		e.FieldStart("Thumbnail")
 		e.UInt64(s.Thumbnail)
 	}
 	{
 		e.FieldStart("AssetVersion")
 		e.UInt64(s.AssetVersion)
 	}
 	{
 		e.FieldStart("LoadCount")
 		e.UInt32(s.LoadCount)
 	}
 	{
 		e.FieldStart("Modes")
 		e.UInt32(s.Modes)
 	}
 }
-var jsonFieldsNameOfMap = [5]string{
+var jsonFieldsNameOfMap = [12]string{
-	0: "ID",
+	0:  "ID",
-	1: "DisplayName",
+	1:  "DisplayName",
-	2: "Creator",
+	2:  "Creator",
-	3: "GameID",
+	3:  "GameID",
-	4: "Date",
+	4:  "Date",
 	5:  "CreatedAt",
 	6:  "UpdatedAt",
 	7:  "Submitter",
 	8:  "Thumbnail",
 	9:  "AssetVersion",
 	10: "LoadCount",
 	11: "Modes",
 }
 // Decode decodes Map from json.
@@ -424,7 +476,7 @@ func (s *Map) Decode(d *jx.Decoder) error {
 	if s == nil {
 		return errors.New("invalid: unable to decode Map to nil")
 	}
-	var requiredBitSet [1]uint8
+	var requiredBitSet [2]uint8
 	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
 		switch string(k) {
@@ -488,6 +540,90 @@ func (s *Map) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Date\"")
 			}
 		case "CreatedAt":
 			requiredBitSet[0] |= 1 << 5
 			if err := func() error {
 				v, err := d.Int64()
 				s.CreatedAt = int64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"CreatedAt\"")
 			}
 		case "UpdatedAt":
 			requiredBitSet[0] |= 1 << 6
 			if err := func() error {
 				v, err := d.Int64()
 				s.UpdatedAt = int64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"UpdatedAt\"")
 			}
 		case "Submitter":
 			requiredBitSet[0] |= 1 << 7
 			if err := func() error {
 				v, err := d.UInt64()
 				s.Submitter = uint64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Submitter\"")
 			}
 		case "Thumbnail":
 			requiredBitSet[1] |= 1 << 0
 			if err := func() error {
 				v, err := d.UInt64()
 				s.Thumbnail = uint64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Thumbnail\"")
 			}
 		case "AssetVersion":
 			requiredBitSet[1] |= 1 << 1
 			if err := func() error {
 				v, err := d.UInt64()
 				s.AssetVersion = uint64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"AssetVersion\"")
 			}
 		case "LoadCount":
 			requiredBitSet[1] |= 1 << 2
 			if err := func() error {
 				v, err := d.UInt32()
 				s.LoadCount = uint32(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"LoadCount\"")
 			}
 		case "Modes":
 			requiredBitSet[1] |= 1 << 3
 			if err := func() error {
 				v, err := d.UInt32()
 				s.Modes = uint32(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Modes\"")
 			}
 		default:
 			return d.Skip()
 		}
@@ -497,8 +633,9 @@ func (s *Map) Decode(d *jx.Decoder) error {
 	}
 	// Validate required fields.
 	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
+	for i, mask := range [2]uint8{
-		0b00011111,
+		0b11111111,
 		0b00001111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -602,8 +739,8 @@ func (s *Mapfix) encodeFields(e *jx.Encoder) {
 		e.Int32(s.StatusID)
 	}
 	{
-		e.FieldStart("StatusMessage")
+		e.FieldStart("Description")
-		e.Str(s.StatusMessage)
+		e.Str(s.Description)
 	}
 }
@@ -620,7 +757,7 @@ var jsonFieldsNameOfMapfix = [13]string{
 	9:  "Completed",
 	10: "TargetAssetID",
 	11: "StatusID",
-	12: "StatusMessage",
+	12: "Description",
 }
 // Decode decodes Mapfix from json.
@@ -776,17 +913,17 @@ func (s *Mapfix) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"StatusID\"")
 			}
-		case "StatusMessage":
+		case "Description":
 			requiredBitSet[1] |= 1 << 4
 			if err := func() error {
 				v, err := d.Str()
-				s.StatusMessage = string(v)
+				s.Description = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
-				return errors.Wrap(err, "decode field \"StatusMessage\"")
+				return errors.Wrap(err, "decode field \"Description\"")
 			}
 		default:
 			return d.Skip()
@@ -862,11 +999,16 @@ func (s *MapfixTriggerCreate) encodeFields(e *jx.Encoder) {
 		e.FieldStart("TargetAssetID")
 		e.Int64(s.TargetAssetID)
 	}
 	{
 		e.FieldStart("Description")
 		e.Str(s.Description)
 	}
 }
-var jsonFieldsNameOfMapfixTriggerCreate = [2]string{
+var jsonFieldsNameOfMapfixTriggerCreate = [3]string{
 	0: "AssetID",
 	1: "TargetAssetID",
 	2: "Description",
 }
 // Decode decodes MapfixTriggerCreate from json.
@@ -902,6 +1044,18 @@ func (s *MapfixTriggerCreate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"TargetAssetID\"")
 			}
 		case "Description":
 			requiredBitSet[0] |= 1 << 2
 			if err := func() error {
 				v, err := d.Str()
 				s.Description = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Description\"")
 			}
 		default:
 			return d.Skip()
 		}
@@ -912,7 +1066,7 @@ func (s *MapfixTriggerCreate) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000011,
+		0b00000111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -2851,13 +3005,9 @@ func (s *Submission) encodeFields(e *jx.Encoder) {
 		e.FieldStart("StatusID")
 		e.Int32(s.StatusID)
 	}
 	{
 		e.FieldStart("StatusMessage")
 		e.Str(s.StatusMessage)
 	}
 }
-var jsonFieldsNameOfSubmission = [15]string{
+var jsonFieldsNameOfSubmission = [14]string{
 	0:  "ID",
 	1:  "DisplayName",
 	2:  "Creator",
@@ -2872,7 +3022,6 @@ var jsonFieldsNameOfSubmission = [15]string{
 	11: "Completed",
 	12: "UploadedAssetID",
 	13: "StatusID",
 	14: "StatusMessage",
 }
 // Decode decodes Submission from json.
@@ -3046,18 +3195,6 @@ func (s *Submission) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"StatusID\"")
 			}
 		case "StatusMessage":
 			requiredBitSet[1] |= 1 << 6
 			if err := func() error {
 				v, err := d.Str()
 				s.StatusMessage = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"StatusMessage\"")
 			}
 		default:
 			return d.Skip()
 		}
@@ -3069,7 +3206,7 @@ func (s *Submission) Decode(d *jx.Decoder) error {
 	var failures []validate.FieldError
 	for i, mask := range [2]uint8{
 		0b11111111,
-		0b01101001,
+		0b00101001,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -3128,10 +3265,25 @@ func (s *SubmissionTriggerCreate) encodeFields(e *jx.Encoder) {
 		e.FieldStart("AssetID")
 		e.Int64(s.AssetID)
 	}
 	{
 		e.FieldStart("DisplayName")
 		e.Str(s.DisplayName)
 	}
 	{
 		e.FieldStart("Creator")
 		e.Str(s.Creator)
 	}
 	{
 		e.FieldStart("GameID")
 		e.Int32(s.GameID)
 	}
 }
-var jsonFieldsNameOfSubmissionTriggerCreate = [1]string{
+var jsonFieldsNameOfSubmissionTriggerCreate = [4]string{
 	0: "AssetID",
 	1: "DisplayName",
 	2: "Creator",
 	3: "GameID",
 }
 // Decode decodes SubmissionTriggerCreate from json.
@@ -3155,6 +3307,42 @@ func (s *SubmissionTriggerCreate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"AssetID\"")
 			}
 		case "DisplayName":
 			requiredBitSet[0] |= 1 << 1
 			if err := func() error {
 				v, err := d.Str()
 				s.DisplayName = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"DisplayName\"")
 			}
 		case "Creator":
 			requiredBitSet[0] |= 1 << 2
 			if err := func() error {
 				v, err := d.Str()
 				s.Creator = string(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Creator\"")
 			}
 		case "GameID":
 			requiredBitSet[0] |= 1 << 3
 			if err := func() error {
 				v, err := d.Int32()
 				s.GameID = int32(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"GameID\"")
 			}
 		default:
 			return d.Skip()
 		}
@@ -3165,7 +3353,7 @@ func (s *SubmissionTriggerCreate) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000001,
+		0b00001111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
--- a/pkg/api/oas_operations_gen.go
+++ b/pkg/api/oas_operations_gen.go
@@ -6,55 +6,59 @@ package api
 type OperationName = string
 const (
-	ActionMapfixAcceptedOperation            OperationName = "ActionMapfixAccepted"
+	ActionMapfixAcceptedOperation                   OperationName = "ActionMapfixAccepted"
-	ActionMapfixRejectOperation              OperationName = "ActionMapfixReject"
+	ActionMapfixRejectOperation                     OperationName = "ActionMapfixReject"
-	ActionMapfixRequestChangesOperation      OperationName = "ActionMapfixRequestChanges"
+	ActionMapfixRequestChangesOperation             OperationName = "ActionMapfixRequestChanges"
-	ActionMapfixResetSubmittingOperation     OperationName = "ActionMapfixResetSubmitting"
+	ActionMapfixResetSubmittingOperation            OperationName = "ActionMapfixResetSubmitting"
-	ActionMapfixRetryValidateOperation       OperationName = "ActionMapfixRetryValidate"
+	ActionMapfixRetryValidateOperation              OperationName = "ActionMapfixRetryValidate"
-	ActionMapfixRevokeOperation              OperationName = "ActionMapfixRevoke"
+	ActionMapfixRevokeOperation                     OperationName = "ActionMapfixRevoke"
-	ActionMapfixTriggerSubmitOperation       OperationName = "ActionMapfixTriggerSubmit"
+	ActionMapfixTriggerSubmitOperation              OperationName = "ActionMapfixTriggerSubmit"
-	ActionMapfixTriggerUploadOperation       OperationName = "ActionMapfixTriggerUpload"
+	ActionMapfixTriggerSubmitUncheckedOperation     OperationName = "ActionMapfixTriggerSubmitUnchecked"
-	ActionMapfixTriggerValidateOperation     OperationName = "ActionMapfixTriggerValidate"
+	ActionMapfixTriggerUploadOperation              OperationName = "ActionMapfixTriggerUpload"
-	ActionMapfixValidatedOperation           OperationName = "ActionMapfixValidated"
+	ActionMapfixTriggerValidateOperation            OperationName = "ActionMapfixTriggerValidate"
-	ActionSubmissionAcceptedOperation        OperationName = "ActionSubmissionAccepted"
+	ActionMapfixValidatedOperation                  OperationName = "ActionMapfixValidated"
-	ActionSubmissionRejectOperation          OperationName = "ActionSubmissionReject"
+	ActionSubmissionAcceptedOperation               OperationName = "ActionSubmissionAccepted"
-	ActionSubmissionRequestChangesOperation  OperationName = "ActionSubmissionRequestChanges"
+	ActionSubmissionRejectOperation                 OperationName = "ActionSubmissionReject"
-	ActionSubmissionResetSubmittingOperation OperationName = "ActionSubmissionResetSubmitting"
+	ActionSubmissionRequestChangesOperation         OperationName = "ActionSubmissionRequestChanges"
-	ActionSubmissionRetryValidateOperation   OperationName = "ActionSubmissionRetryValidate"
+	ActionSubmissionResetSubmittingOperation        OperationName = "ActionSubmissionResetSubmitting"
-	ActionSubmissionRevokeOperation          OperationName = "ActionSubmissionRevoke"
+	ActionSubmissionRetryValidateOperation          OperationName = "ActionSubmissionRetryValidate"
-	ActionSubmissionTriggerSubmitOperation   OperationName = "ActionSubmissionTriggerSubmit"
+	ActionSubmissionRevokeOperation                 OperationName = "ActionSubmissionRevoke"
-	ActionSubmissionTriggerUploadOperation   OperationName = "ActionSubmissionTriggerUpload"
+	ActionSubmissionTriggerSubmitOperation          OperationName = "ActionSubmissionTriggerSubmit"
-	ActionSubmissionTriggerValidateOperation OperationName = "ActionSubmissionTriggerValidate"
+	ActionSubmissionTriggerSubmitUncheckedOperation OperationName = "ActionSubmissionTriggerSubmitUnchecked"
-	ActionSubmissionValidatedOperation       OperationName = "ActionSubmissionValidated"
+	ActionSubmissionTriggerUploadOperation          OperationName = "ActionSubmissionTriggerUpload"
-	CreateMapfixOperation                    OperationName = "CreateMapfix"
+	ActionSubmissionTriggerValidateOperation        OperationName = "ActionSubmissionTriggerValidate"
-	CreateMapfixAuditCommentOperation        OperationName = "CreateMapfixAuditComment"
+	ActionSubmissionValidatedOperation              OperationName = "ActionSubmissionValidated"
-	CreateScriptOperation                    OperationName = "CreateScript"
+	CreateMapfixOperation                           OperationName = "CreateMapfix"
-	CreateScriptPolicyOperation              OperationName = "CreateScriptPolicy"
+	CreateMapfixAuditCommentOperation               OperationName = "CreateMapfixAuditComment"
-	CreateSubmissionOperation                OperationName = "CreateSubmission"
+	CreateScriptOperation                           OperationName = "CreateScript"
-	CreateSubmissionAuditCommentOperation    OperationName = "CreateSubmissionAuditComment"
+	CreateScriptPolicyOperation                     OperationName = "CreateScriptPolicy"
-	DeleteScriptOperation                    OperationName = "DeleteScript"
+	CreateSubmissionOperation                       OperationName = "CreateSubmission"
-	DeleteScriptPolicyOperation              OperationName = "DeleteScriptPolicy"
+	CreateSubmissionAdminOperation                  OperationName = "CreateSubmissionAdmin"
-	GetMapOperation                          OperationName = "GetMap"
+	CreateSubmissionAuditCommentOperation           OperationName = "CreateSubmissionAuditComment"
-	GetMapfixOperation                       OperationName = "GetMapfix"
+	DeleteScriptOperation                           OperationName = "DeleteScript"
-	GetOperationOperation                    OperationName = "GetOperation"
+	DeleteScriptPolicyOperation                     OperationName = "DeleteScriptPolicy"
-	GetScriptOperation                       OperationName = "GetScript"
+	DownloadMapAssetOperation                       OperationName = "DownloadMapAsset"
-	GetScriptPolicyOperation                 OperationName = "GetScriptPolicy"
+	GetMapOperation                                 OperationName = "GetMap"
-	GetSubmissionOperation                   OperationName = "GetSubmission"
+	GetMapfixOperation                              OperationName = "GetMapfix"
-	ListMapfixAuditEventsOperation           OperationName = "ListMapfixAuditEvents"
+	GetOperationOperation                           OperationName = "GetOperation"
-	ListMapfixesOperation                    OperationName = "ListMapfixes"
+	GetScriptOperation                              OperationName = "GetScript"
-	ListMapsOperation                        OperationName = "ListMaps"
+	GetScriptPolicyOperation                        OperationName = "GetScriptPolicy"
-	ListScriptPolicyOperation                OperationName = "ListScriptPolicy"
+	GetSubmissionOperation                          OperationName = "GetSubmission"
-	ListScriptsOperation                     OperationName = "ListScripts"
+	ListMapfixAuditEventsOperation                  OperationName = "ListMapfixAuditEvents"
-	ListSubmissionAuditEventsOperation       OperationName = "ListSubmissionAuditEvents"
+	ListMapfixesOperation                           OperationName = "ListMapfixes"
-	ListSubmissionsOperation                 OperationName = "ListSubmissions"
+	ListMapsOperation                               OperationName = "ListMaps"
-	ReleaseSubmissionsOperation              OperationName = "ReleaseSubmissions"
+	ListScriptPolicyOperation                       OperationName = "ListScriptPolicy"
-	SessionRolesOperation                    OperationName = "SessionRoles"
+	ListScriptsOperation                            OperationName = "ListScripts"
-	SessionUserOperation                     OperationName = "SessionUser"
+	ListSubmissionAuditEventsOperation              OperationName = "ListSubmissionAuditEvents"
-	SessionValidateOperation                 OperationName = "SessionValidate"
+	ListSubmissionsOperation                        OperationName = "ListSubmissions"
-	SetMapfixCompletedOperation              OperationName = "SetMapfixCompleted"
+	ReleaseSubmissionsOperation                     OperationName = "ReleaseSubmissions"
-	SetSubmissionCompletedOperation          OperationName = "SetSubmissionCompleted"
+	SessionRolesOperation                           OperationName = "SessionRoles"
-	UpdateMapfixModelOperation               OperationName = "UpdateMapfixModel"
+	SessionUserOperation                            OperationName = "SessionUser"
-	UpdateScriptOperation                    OperationName = "UpdateScript"
+	SessionValidateOperation                        OperationName = "SessionValidate"
-	UpdateScriptPolicyOperation              OperationName = "UpdateScriptPolicy"
+	SetMapfixCompletedOperation                     OperationName = "SetMapfixCompleted"
-	UpdateSubmissionModelOperation           OperationName = "UpdateSubmissionModel"
+	SetSubmissionCompletedOperation                 OperationName = "SetSubmissionCompleted"
 	UpdateMapfixModelOperation                      OperationName = "UpdateMapfixModel"
 	UpdateScriptOperation                           OperationName = "UpdateScript"
 	UpdateScriptPolicyOperation                     OperationName = "UpdateScriptPolicy"
 	UpdateSubmissionModelOperation                  OperationName = "UpdateSubmissionModel"
 )
--- a/pkg/api/oas_parameters_gen.go
+++ b/pkg/api/oas_parameters_gen.go
@@ -596,6 +596,89 @@ func decodeActionMapfixTriggerSubmitParams(args [1]string, argsEscaped bool, r *
 	return params, nil
 }
 // ActionMapfixTriggerSubmitUncheckedParams is parameters of actionMapfixTriggerSubmitUnchecked operation.
 type ActionMapfixTriggerSubmitUncheckedParams struct {
 	// The unique identifier for a mapfix.
 	MapfixID int64
 }
 func unpackActionMapfixTriggerSubmitUncheckedParams(packed middleware.Parameters) (params ActionMapfixTriggerSubmitUncheckedParams) {
 	{
 		key := middleware.ParameterKey{
 			Name: "MapfixID",
 			In:   "path",
 		}
 		params.MapfixID = packed[key].(int64)
 	}
 	return params
 }
 func decodeActionMapfixTriggerSubmitUncheckedParams(args [1]string, argsEscaped bool, r *http.Request) (params ActionMapfixTriggerSubmitUncheckedParams, _ error) {
 	// Decode path: MapfixID.
 	if err := func() error {
 		param := args[0]
 		if argsEscaped {
 			unescaped, err := url.PathUnescape(args[0])
 			if err != nil {
 				return errors.Wrap(err, "unescape path")
 			}
 			param = unescaped
 		}
 		if len(param) > 0 {
 			d := uri.NewPathDecoder(uri.PathDecoderConfig{
 				Param:   "MapfixID",
 				Value:   param,
 				Style:   uri.PathStyleSimple,
 				Explode: false,
 			})
 			if err := func() error {
 				val, err := d.DecodeValue()
 				if err != nil {
 					return err
 				}
 				c, err := conv.ToInt64(val)
 				if err != nil {
 					return err
 				}
 				params.MapfixID = c
 				return nil
 			}(); err != nil {
 				return err
 			}
 			if err := func() error {
 				if err := (validate.Int{
 					MinSet:        true,
 					Min:           0,
 					MaxSet:        false,
 					Max:           0,
 					MinExclusive:  false,
 					MaxExclusive:  false,
 					MultipleOfSet: false,
 					MultipleOf:    0,
 				}).Validate(int64(params.MapfixID)); err != nil {
 					return errors.Wrap(err, "int")
 				}
 				return nil
 			}(); err != nil {
 				return err
 			}
 		} else {
 			return validate.ErrFieldRequired
 		}
 		return nil
 	}(); err != nil {
 		return params, &ogenerrors.DecodeParamError{
 			Name: "MapfixID",
 			In:   "path",
 			Err:  err,
 		}
 	}
 	return params, nil
 }
 // ActionMapfixTriggerUploadParams is parameters of actionMapfixTriggerUpload operation.
 type ActionMapfixTriggerUploadParams struct {
 	// The unique identifier for a mapfix.
@@ -1426,6 +1509,89 @@ func decodeActionSubmissionTriggerSubmitParams(args [1]string, argsEscaped bool,
 	return params, nil
 }
 // ActionSubmissionTriggerSubmitUncheckedParams is parameters of actionSubmissionTriggerSubmitUnchecked operation.
 type ActionSubmissionTriggerSubmitUncheckedParams struct {
 	// The unique identifier for a submission.
 	SubmissionID int64
 }
 func unpackActionSubmissionTriggerSubmitUncheckedParams(packed middleware.Parameters) (params ActionSubmissionTriggerSubmitUncheckedParams) {
 	{
 		key := middleware.ParameterKey{
 			Name: "SubmissionID",
 			In:   "path",
 		}
 		params.SubmissionID = packed[key].(int64)
 	}
 	return params
 }
 func decodeActionSubmissionTriggerSubmitUncheckedParams(args [1]string, argsEscaped bool, r *http.Request) (params ActionSubmissionTriggerSubmitUncheckedParams, _ error) {
 	// Decode path: SubmissionID.
 	if err := func() error {
 		param := args[0]
 		if argsEscaped {
 			unescaped, err := url.PathUnescape(args[0])
 			if err != nil {
 				return errors.Wrap(err, "unescape path")
 			}
 			param = unescaped
 		}
 		if len(param) > 0 {
 			d := uri.NewPathDecoder(uri.PathDecoderConfig{
 				Param:   "SubmissionID",
 				Value:   param,
 				Style:   uri.PathStyleSimple,
 				Explode: false,
 			})
 			if err := func() error {
 				val, err := d.DecodeValue()
 				if err != nil {
 					return err
 				}
 				c, err := conv.ToInt64(val)
 				if err != nil {
 					return err
 				}
 				params.SubmissionID = c
 				return nil
 			}(); err != nil {
 				return err
 			}
 			if err := func() error {
 				if err := (validate.Int{
 					MinSet:        true,
 					Min:           0,
 					MaxSet:        false,
 					Max:           0,
 					MinExclusive:  false,
 					MaxExclusive:  false,
 					MultipleOfSet: false,
 					MultipleOf:    0,
 				}).Validate(int64(params.SubmissionID)); err != nil {
 					return errors.Wrap(err, "int")
 				}
 				return nil
 			}(); err != nil {
 				return err
 			}
 		} else {
 			return validate.ErrFieldRequired
 		}
 		return nil
 	}(); err != nil {
 		return params, &ogenerrors.DecodeParamError{
 			Name: "SubmissionID",
 			In:   "path",
 			Err:  err,
 		}
 	}
 	return params, nil
 }
 // ActionSubmissionTriggerUploadParams is parameters of actionSubmissionTriggerUpload operation.
 type ActionSubmissionTriggerUploadParams struct {
 	// The unique identifier for a submission.
@@ -2007,6 +2173,88 @@ func decodeDeleteScriptPolicyParams(args [1]string, argsEscaped bool, r *http.Re
 	return params, nil
 }
 // DownloadMapAssetParams is parameters of downloadMapAsset operation.
 type DownloadMapAssetParams struct {
 	MapID int64
 }
 func unpackDownloadMapAssetParams(packed middleware.Parameters) (params DownloadMapAssetParams) {
 	{
 		key := middleware.ParameterKey{
 			Name: "MapID",
 			In:   "path",
 		}
 		params.MapID = packed[key].(int64)
 	}
 	return params
 }
 func decodeDownloadMapAssetParams(args [1]string, argsEscaped bool, r *http.Request) (params DownloadMapAssetParams, _ error) {
 	// Decode path: MapID.
 	if err := func() error {
 		param := args[0]
 		if argsEscaped {
 			unescaped, err := url.PathUnescape(args[0])
 			if err != nil {
 				return errors.Wrap(err, "unescape path")
 			}
 			param = unescaped
 		}
 		if len(param) > 0 {
 			d := uri.NewPathDecoder(uri.PathDecoderConfig{
 				Param:   "MapID",
 				Value:   param,
 				Style:   uri.PathStyleSimple,
 				Explode: false,
 			})
 			if err := func() error {
 				val, err := d.DecodeValue()
 				if err != nil {
 					return err
 				}
 				c, err := conv.ToInt64(val)
 				if err != nil {
 					return err
 				}
 				params.MapID = c
 				return nil
 			}(); err != nil {
 				return err
 			}
 			if err := func() error {
 				if err := (validate.Int{
 					MinSet:        true,
 					Min:           0,
 					MaxSet:        false,
 					Max:           0,
 					MinExclusive:  false,
 					MaxExclusive:  false,
 					MultipleOfSet: false,
 					MultipleOf:    0,
 				}).Validate(int64(params.MapID)); err != nil {
 					return errors.Wrap(err, "int")
 				}
 				return nil
 			}(); err != nil {
 				return err
 			}
 		} else {
 			return validate.ErrFieldRequired
 		}
 		return nil
 	}(); err != nil {
 		return params, &ogenerrors.DecodeParamError{
 			Name: "MapID",
 			In:   "path",
 			Err:  err,
 		}
 	}
 	return params, nil
 }
 // GetMapParams is parameters of getMap operation.
 type GetMapParams struct {
 	// The unique identifier for a map.
@@ -2713,16 +2961,25 @@ func decodeListMapfixAuditEventsParams(args [1]string, argsEscaped bool, r *http
 // ListMapfixesParams is parameters of listMapfixes operation.
 type ListMapfixesParams struct {
-	Page          int32
+	Page        int32
-	Limit         int32
+	Limit       int32
-	DisplayName   OptString
+	DisplayName OptString
-	Creator       OptString
+	Creator     OptString
-	GameID        OptInt32
+	// Game ID: * `1` - Bhop * `2` - Surf * `5` - FlyTrials.
 	GameID OptInt32
 	// Sort order: * `0` - Disabled * `1` - DisplayNameAscending * `2` - DisplayNameDescending * `3` -
 	// DateAscending * `4` - DateDescending.
 	Sort          OptInt32
 	Submitter     OptInt64
 	AssetID       OptInt64
 	TargetAssetID OptInt64
-	StatusID      OptInt32
+	// // Phase: Creation * `0` - UnderConstruction * `1` - ChangesRequested
 	// // Phase: Review * `2` - Submitting * `3` - Submitted
 	// // Phase: Testing * `4` - AcceptedUnvalidated // pending script review, can re-trigger validation
 	// * `5` - Validating * `6` - Validated * `7` - Uploading
 	// // Phase: Final MapfixStatus * `8` - Uploaded // uploaded to the group, but pending release * `9`
 	// - Rejected.
 	StatusID OptInt32
 }
 func unpackListMapfixesParams(packed middleware.Parameters) (params ListMapfixesParams) {
@@ -3451,7 +3708,9 @@ type ListMapsParams struct {
 	DisplayName OptString
 	Creator     OptString
 	GameID      OptInt32
-	Sort        OptInt32
+	// Sort order: * `0` - Disabled * `1` - DisplayNameAscending * `2` - DisplayNameDescending * `3` -
 	// DateAscending * `4` - DateDescending.
 	Sort OptInt32
 }
 func unpackListMapsParams(packed middleware.Parameters) (params ListMapsParams) {
@@ -4951,16 +5210,25 @@ func decodeListSubmissionAuditEventsParams(args [1]string, argsEscaped bool, r *
 // ListSubmissionsParams is parameters of listSubmissions operation.
 type ListSubmissionsParams struct {
-	Page            int32
+	Page        int32
-	Limit           int32
+	Limit       int32
-	DisplayName     OptString
+	DisplayName OptString
-	Creator         OptString
+	Creator     OptString
-	GameID          OptInt32
+	// Game ID: * `1` - Bhop * `2` - Surf * `5` - FlyTrials.
 	GameID OptInt32
 	// Sort order: * `0` - Disabled * `1` - DisplayNameAscending * `2` - DisplayNameDescending * `3` -
 	// DateAscending * `4` - DateDescending.
 	Sort            OptInt32
 	Submitter       OptInt64
 	AssetID         OptInt64
 	UploadedAssetID OptInt64
-	StatusID        OptInt32
+	// // Phase: Creation * `0` - UnderConstruction * `1` - ChangesRequested
 	// // Phase: Review * `2` - Submitting * `3` - Submitted
 	// // Phase: Testing * `4` - AcceptedUnvalidated // pending script review, can re-trigger validation
 	// * `5` - Validating * `6` - Validated * `7` - Uploading * `8` - Uploaded // uploaded to the group,
 	// but pending release
 	// // Phase: Final SubmissionStatus * `9` - Rejected * `10` - Released.
 	StatusID OptInt32
 }
 func unpackListSubmissionsParams(packed middleware.Parameters) (params ListSubmissionsParams) {
--- a/pkg/api/oas_request_decoders_gen.go
+++ b/pkg/api/oas_request_decoders_gen.go
@@ -10,7 +10,6 @@ import (
 	"github.com/go-faster/errors"
 	"github.com/go-faster/jx"
 	"go.uber.org/multierr"
 	"github.com/ogen-go/ogen/ogenerrors"
 	"github.com/ogen-go/ogen/validate"
@@ -27,13 +26,13 @@ func (s *Server) decodeCreateMapfixRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -98,13 +97,13 @@ func (s *Server) decodeCreateMapfixAuditCommentRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -132,13 +131,13 @@ func (s *Server) decodeCreateScriptRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -203,13 +202,13 @@ func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -274,13 +273,84 @@ func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
 	if err != nil {
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
 	case ct == "application/json":
 		if r.ContentLength == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		buf, err := io.ReadAll(r.Body)
 		if err != nil {
 			return req, close, err
 		}
 		if len(buf) == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		d := jx.DecodeBytes(buf)
 		var request SubmissionTriggerCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
 				return errors.New("unexpected trailing data")
 			}
 			return nil
 		}(); err != nil {
 			err = &ogenerrors.DecodeBodyError{
 				ContentType: ct,
 				Body:        buf,
 				Err:         err,
 			}
 			return req, close, err
 		}
 		if err := func() error {
 			if err := request.Validate(); err != nil {
 				return err
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
 func (s *Server) decodeCreateSubmissionAdminRequest(r *http.Request) (
 	req *SubmissionTriggerCreate,
 	close func() error,
 	rerr error,
 ) {
 	var closers []func() error
 	close = func() error {
 		var merr error
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
 			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
 			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -345,13 +415,13 @@ func (s *Server) decodeCreateSubmissionAuditCommentRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -379,13 +449,13 @@ func (s *Server) decodeReleaseSubmissionsRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -483,13 +553,13 @@ func (s *Server) decodeUpdateScriptRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
@@ -554,13 +624,13 @@ func (s *Server) decodeUpdateScriptPolicyRequest(r *http.Request) (
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
-			merr = multierr.Append(merr, c())
+			merr = errors.Join(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
+			rerr = errors.Join(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
--- a/pkg/api/oas_request_encoders_gen.go
+++ b/pkg/api/oas_request_encoders_gen.go
@@ -77,6 +77,20 @@ func encodeCreateSubmissionRequest(
 	return nil
 }
 func encodeCreateSubmissionAdminRequest(
 	req *SubmissionTriggerCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
 		req.Encode(e)
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
 func encodeCreateSubmissionAuditCommentRequest(
 	req CreateSubmissionAuditCommentReq,
 	r *http.Request,
--- a/pkg/api/oas_response_decoders_gen.go
+++ b/pkg/api/oas_response_decoders_gen.go
@@ -3,6 +3,7 @@
 package api
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"mime"
@@ -435,6 +436,66 @@ func decodeActionMapfixTriggerSubmitResponse(resp *http.Response) (res *ActionMa
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeActionMapfixTriggerSubmitUncheckedResponse(resp *http.Response) (res *ActionMapfixTriggerSubmitUncheckedNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
 		// Code 204.
 		return &ActionMapfixTriggerSubmitUncheckedNoContent{}, nil
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/json":
 			buf, err := io.ReadAll(resp.Body)
 			if err != nil {
 				return res, err
 			}
 			d := jx.DecodeBytes(buf)
 			var response Error
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
 				}
 				if err := d.Skip(); err != io.EOF {
 					return errors.New("unexpected trailing data")
 				}
 				return nil
 			}(); err != nil {
 				err = &ogenerrors.DecodeBodyError{
 					ContentType: ct,
 					Body:        buf,
 					Err:         err,
 				}
 				return res, err
 			}
 			// Validate response.
 			if err := func() error {
 				if err := response.Validate(); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
 			return &ErrorStatusCode{
 				StatusCode: resp.StatusCode,
 				Response:   response,
 			}, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}()
 	if err != nil {
 		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
 	}
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeActionMapfixTriggerUploadResponse(resp *http.Response) (res *ActionMapfixTriggerUploadNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -1035,6 +1096,66 @@ func decodeActionSubmissionTriggerSubmitResponse(resp *http.Response) (res *Acti
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeActionSubmissionTriggerSubmitUncheckedResponse(resp *http.Response) (res *ActionSubmissionTriggerSubmitUncheckedNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
 		// Code 204.
 		return &ActionSubmissionTriggerSubmitUncheckedNoContent{}, nil
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/json":
 			buf, err := io.ReadAll(resp.Body)
 			if err != nil {
 				return res, err
 			}
 			d := jx.DecodeBytes(buf)
 			var response Error
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
 				}
 				if err := d.Skip(); err != io.EOF {
 					return errors.New("unexpected trailing data")
 				}
 				return nil
 			}(); err != nil {
 				err = &ogenerrors.DecodeBodyError{
 					ContentType: ct,
 					Body:        buf,
 					Err:         err,
 				}
 				return res, err
 			}
 			// Validate response.
 			if err := func() error {
 				if err := response.Validate(); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
 			return &ErrorStatusCode{
 				StatusCode: resp.StatusCode,
 				Response:   response,
 			}, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}()
 	if err != nil {
 		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
 	}
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeActionSubmissionTriggerUploadResponse(resp *http.Response) (res *ActionSubmissionTriggerUploadNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -1679,6 +1800,107 @@ func decodeCreateSubmissionResponse(resp *http.Response) (res *OperationID, _ er
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeCreateSubmissionAdminResponse(resp *http.Response) (res *OperationID, _ error) {
 	switch resp.StatusCode {
 	case 201:
 		// Code 201.
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/json":
 			buf, err := io.ReadAll(resp.Body)
 			if err != nil {
 				return res, err
 			}
 			d := jx.DecodeBytes(buf)
 			var response OperationID
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
 				}
 				if err := d.Skip(); err != io.EOF {
 					return errors.New("unexpected trailing data")
 				}
 				return nil
 			}(); err != nil {
 				err = &ogenerrors.DecodeBodyError{
 					ContentType: ct,
 					Body:        buf,
 					Err:         err,
 				}
 				return res, err
 			}
 			// Validate response.
 			if err := func() error {
 				if err := response.Validate(); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
 			return &response, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/json":
 			buf, err := io.ReadAll(resp.Body)
 			if err != nil {
 				return res, err
 			}
 			d := jx.DecodeBytes(buf)
 			var response Error
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
 				}
 				if err := d.Skip(); err != io.EOF {
 					return errors.New("unexpected trailing data")
 				}
 				return nil
 			}(); err != nil {
 				err = &ogenerrors.DecodeBodyError{
 					ContentType: ct,
 					Body:        buf,
 					Err:         err,
 				}
 				return res, err
 			}
 			// Validate response.
 			if err := func() error {
 				if err := response.Validate(); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
 			return &ErrorStatusCode{
 				StatusCode: resp.StatusCode,
 				Response:   response,
 			}, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}()
 	if err != nil {
 		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
 	}
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeCreateSubmissionAuditCommentResponse(resp *http.Response) (res *CreateSubmissionAuditCommentNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -1859,6 +2081,82 @@ func decodeDeleteScriptPolicyResponse(resp *http.Response) (res *DeleteScriptPol
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeDownloadMapAssetResponse(resp *http.Response) (res DownloadMapAssetOK, _ error) {
 	switch resp.StatusCode {
 	case 200:
 		// Code 200.
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/octet-stream":
 			reader := resp.Body
 			b, err := io.ReadAll(reader)
 			if err != nil {
 				return res, err
 			}
 			response := DownloadMapAssetOK{Data: bytes.NewReader(b)}
 			return response, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
 		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
 		if err != nil {
 			return res, errors.Wrap(err, "parse media type")
 		}
 		switch {
 		case ct == "application/json":
 			buf, err := io.ReadAll(resp.Body)
 			if err != nil {
 				return res, err
 			}
 			d := jx.DecodeBytes(buf)
 			var response Error
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
 				}
 				if err := d.Skip(); err != io.EOF {
 					return errors.New("unexpected trailing data")
 				}
 				return nil
 			}(); err != nil {
 				err = &ogenerrors.DecodeBodyError{
 					ContentType: ct,
 					Body:        buf,
 					Err:         err,
 				}
 				return res, err
 			}
 			// Validate response.
 			if err := func() error {
 				if err := response.Validate(); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
 			return &ErrorStatusCode{
 				StatusCode: resp.StatusCode,
 				Response:   response,
 			}, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
 	}()
 	if err != nil {
 		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
 	}
 	return res, errors.Wrap(defRes, "error")
 }
 func decodeGetMapResponse(resp *http.Response) (res *Map, _ error) {
 	switch resp.StatusCode {
 	case 200:
@@ -2511,6 +2809,23 @@ func decodeListMapfixAuditEventsResponse(resp *http.Response) (res []AuditEvent,
 				if response == nil {
 					return errors.New("nil is invalid value")
 				}
 				var failures []validate.FieldError
 				for i, elem := range response {
 					if err := func() error {
 						if err := elem.Validate(); err != nil {
 							return err
 						}
 						return nil
 					}(); err != nil {
 						failures = append(failures, validate.FieldError{
 							Name:  fmt.Sprintf("[%d]", i),
 							Error: err,
 						})
 					}
 				}
 				if len(failures) > 0 {
 					return &validate.Error{Fields: failures}
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
@@ -3099,6 +3414,23 @@ func decodeListSubmissionAuditEventsResponse(resp *http.Response) (res []AuditEv
 				if response == nil {
 					return errors.New("nil is invalid value")
 				}
 				var failures []validate.FieldError
 				for i, elem := range response {
 					if err := func() error {
 						if err := elem.Validate(); err != nil {
 							return err
 						}
 						return nil
 					}(); err != nil {
 						failures = append(failures, validate.FieldError{
 							Name:  fmt.Sprintf("[%d]", i),
 							Error: err,
 						})
 					}
 				}
 				if len(failures) > 0 {
 					return &validate.Error{Fields: failures}
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
--- a/pkg/api/oas_response_encoders_gen.go
+++ b/pkg/api/oas_response_encoders_gen.go
@@ -3,6 +3,7 @@
 package api
 import (
 	"io"
 	"net/http"
 	"github.com/go-faster/errors"
@@ -62,6 +63,13 @@ func encodeActionMapfixTriggerSubmitResponse(response *ActionMapfixTriggerSubmit
 	return nil
 }
 func encodeActionMapfixTriggerSubmitUncheckedResponse(response *ActionMapfixTriggerSubmitUncheckedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionMapfixTriggerUploadResponse(response *ActionMapfixTriggerUploadNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -132,6 +140,13 @@ func encodeActionSubmissionTriggerSubmitResponse(response *ActionSubmissionTrigg
 	return nil
 }
 func encodeActionSubmissionTriggerSubmitUncheckedResponse(response *ActionSubmissionTriggerSubmitUncheckedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionSubmissionTriggerUploadResponse(response *ActionSubmissionTriggerUploadNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -216,6 +231,20 @@ func encodeCreateSubmissionResponse(response *OperationID, w http.ResponseWriter
 	return nil
 }
 func encodeCreateSubmissionAdminResponse(response *OperationID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeCreateSubmissionAuditCommentResponse(response *CreateSubmissionAuditCommentNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -237,6 +266,22 @@ func encodeDeleteScriptPolicyResponse(response *DeleteScriptPolicyNoContent, w h
 	return nil
 }
 func encodeDownloadMapAssetResponse(response DownloadMapAssetOK, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/octet-stream")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
 	writer := w
 	if closer, ok := response.Data.(io.Closer); ok {
 		defer closer.Close()
 	}
 	if _, err := io.Copy(writer, response); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeGetMapResponse(response *Map, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
--- a/pkg/api/oas_router_gen.go
+++ b/pkg/api/oas_router_gen.go
@@ -453,7 +453,6 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 										}
 										if len(elem) == 0 {
 											// Leaf node.
 											switch r.Method {
 											case "POST":
 												s.handleActionMapfixTriggerSubmitRequest([1]string{
@@ -465,6 +464,30 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 											return
 										}
 										switch elem[0] {
 										case '-': // Prefix: "-unchecked"
 											if l := len("-unchecked"); len(elem) >= l && elem[0:l] == "-unchecked" {
 												elem = elem[l:]
 											} else {
 												break
 											}
 											if len(elem) == 0 {
 												// Leaf node.
 												switch r.Method {
 												case "POST":
 													s.handleActionMapfixTriggerSubmitUncheckedRequest([1]string{
 														args[0],
 													}, elemIsEscaped, w, r)
 												default:
 													s.notAllowed(w, r, "POST")
 												}
 												return
 											}
 										}
 									case 'u': // Prefix: "upload"
@@ -548,16 +571,15 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 						}
 						// Param: "MapID"
-						// Leaf parameter, slashes are prohibited
+						// Match until "/"
 						idx := strings.IndexByte(elem, '/')
-						if idx >= 0 {
+						if idx < 0 {
-							break
+							idx = len(elem)
 						}
-						args[0] = elem
+						args[0] = elem[:idx]
-						elem = ""
+						elem = elem[idx:]
 						if len(elem) == 0 {
 							// Leaf node.
 							switch r.Method {
 							case "GET":
 								s.handleGetMapRequest([1]string{
@@ -569,6 +591,30 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 							return
 						}
 						switch elem[0] {
 						case '/': // Prefix: "/download"
 							if l := len("/download"); len(elem) >= l && elem[0:l] == "/download" {
 								elem = elem[l:]
 							} else {
 								break
 							}
 							if len(elem) == 0 {
 								// Leaf node.
 								switch r.Method {
 								case "GET":
 									s.handleDownloadMapAssetRequest([1]string{
 										args[0],
 									}, elemIsEscaped, w, r)
 								default:
 									s.notAllowed(w, r, "GET")
 								}
 								return
 							}
 						}
 					}
@@ -870,6 +916,26 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 						return
 					}
 					switch elem[0] {
 					case '-': // Prefix: "-admin"
 						if l := len("-admin"); len(elem) >= l && elem[0:l] == "-admin" {
 							elem = elem[l:]
 						} else {
 							break
 						}
 						if len(elem) == 0 {
 							// Leaf node.
 							switch r.Method {
 							case "POST":
 								s.handleCreateSubmissionAdminRequest([0]string{}, elemIsEscaped, w, r)
 							default:
 								s.notAllowed(w, r, "POST")
 							}
 							return
 						}
 					case '/': // Prefix: "/"
 						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
@@ -1229,7 +1295,6 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 										}
 										if len(elem) == 0 {
 											// Leaf node.
 											switch r.Method {
 											case "POST":
 												s.handleActionSubmissionTriggerSubmitRequest([1]string{
@@ -1241,6 +1306,30 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 											return
 										}
 										switch elem[0] {
 										case '-': // Prefix: "-unchecked"
 											if l := len("-unchecked"); len(elem) >= l && elem[0:l] == "-unchecked" {
 												elem = elem[l:]
 											} else {
 												break
 											}
 											if len(elem) == 0 {
 												// Leaf node.
 												switch r.Method {
 												case "POST":
 													s.handleActionSubmissionTriggerSubmitUncheckedRequest([1]string{
 														args[0],
 													}, elemIsEscaped, w, r)
 												default:
 													s.notAllowed(w, r, "POST")
 												}
 												return
 											}
 										}
 									case 'u': // Prefix: "upload"
@@ -1818,7 +1907,6 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 										}
 										if len(elem) == 0 {
 											// Leaf node.
 											switch method {
 											case "POST":
 												r.name = ActionMapfixTriggerSubmitOperation
@@ -1832,6 +1920,32 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 												return
 											}
 										}
 										switch elem[0] {
 										case '-': // Prefix: "-unchecked"
 											if l := len("-unchecked"); len(elem) >= l && elem[0:l] == "-unchecked" {
 												elem = elem[l:]
 											} else {
 												break
 											}
 											if len(elem) == 0 {
 												// Leaf node.
 												switch method {
 												case "POST":
 													r.name = ActionMapfixTriggerSubmitUncheckedOperation
 													r.summary = "Role Reviewer changes status from ChangesRequested -> Submitting"
 													r.operationID = "actionMapfixTriggerSubmitUnchecked"
 													r.pathPattern = "/mapfixes/{MapfixID}/status/trigger-submit-unchecked"
 													r.args = args
 													r.count = 1
 													return r, true
 												default:
 													return
 												}
 											}
 										}
 									case 'u': // Prefix: "upload"
@@ -1923,16 +2037,15 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 						}
 						// Param: "MapID"
-						// Leaf parameter, slashes are prohibited
+						// Match until "/"
 						idx := strings.IndexByte(elem, '/')
-						if idx >= 0 {
+						if idx < 0 {
-							break
+							idx = len(elem)
 						}
-						args[0] = elem
+						args[0] = elem[:idx]
-						elem = ""
+						elem = elem[idx:]
 						if len(elem) == 0 {
 							// Leaf node.
 							switch method {
 							case "GET":
 								r.name = GetMapOperation
@@ -1946,6 +2059,32 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 								return
 							}
 						}
 						switch elem[0] {
 						case '/': // Prefix: "/download"
 							if l := len("/download"); len(elem) >= l && elem[0:l] == "/download" {
 								elem = elem[l:]
 							} else {
 								break
 							}
 							if len(elem) == 0 {
 								// Leaf node.
 								switch method {
 								case "GET":
 									r.name = DownloadMapAssetOperation
 									r.summary = "Download the map asset"
 									r.operationID = "downloadMapAsset"
 									r.pathPattern = "/maps/{MapID}/download"
 									r.args = args
 									r.count = 1
 									return r, true
 								default:
 									return
 								}
 							}
 						}
 					}
@@ -2315,6 +2454,30 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 						}
 					}
 					switch elem[0] {
 					case '-': // Prefix: "-admin"
 						if l := len("-admin"); len(elem) >= l && elem[0:l] == "-admin" {
 							elem = elem[l:]
 						} else {
 							break
 						}
 						if len(elem) == 0 {
 							// Leaf node.
 							switch method {
 							case "POST":
 								r.name = CreateSubmissionAdminOperation
 								r.summary = "Trigger the validator to create a new submission"
 								r.operationID = "createSubmissionAdmin"
 								r.pathPattern = "/submissions-admin"
 								r.args = args
 								r.count = 0
 								return r, true
 							default:
 								return
 							}
 						}
 					case '/': // Prefix: "/"
 						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
@@ -2698,7 +2861,6 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 										}
 										if len(elem) == 0 {
 											// Leaf node.
 											switch method {
 											case "POST":
 												r.name = ActionSubmissionTriggerSubmitOperation
@@ -2712,6 +2874,32 @@ func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
 												return
 											}
 										}
 										switch elem[0] {
 										case '-': // Prefix: "-unchecked"
 											if l := len("-unchecked"); len(elem) >= l && elem[0:l] == "-unchecked" {
 												elem = elem[l:]
 											} else {
 												break
 											}
 											if len(elem) == 0 {
 												// Leaf node.
 												switch method {
 												case "POST":
 													r.name = ActionSubmissionTriggerSubmitUncheckedOperation
 													r.summary = "Role Reviewer changes status from ChangesRequested -> Submitting"
 													r.operationID = "actionSubmissionTriggerSubmitUnchecked"
 													r.pathPattern = "/submissions/{SubmissionID}/status/trigger-submit-unchecked"
 													r.args = args
 													r.count = 1
 													return r, true
 												default:
 													return
 												}
 											}
 										}
 									case 'u': // Prefix: "upload"
--- a/pkg/api/oas_schemas_gen.go
+++ b/pkg/api/oas_schemas_gen.go
@@ -35,6 +35,9 @@ type ActionMapfixRevokeNoContent struct{}
 // ActionMapfixTriggerSubmitNoContent is response for ActionMapfixTriggerSubmit operation.
 type ActionMapfixTriggerSubmitNoContent struct{}
 // ActionMapfixTriggerSubmitUncheckedNoContent is response for ActionMapfixTriggerSubmitUnchecked operation.
 type ActionMapfixTriggerSubmitUncheckedNoContent struct{}
 // ActionMapfixTriggerUploadNoContent is response for ActionMapfixTriggerUpload operation.
 type ActionMapfixTriggerUploadNoContent struct{}
@@ -65,6 +68,9 @@ type ActionSubmissionRevokeNoContent struct{}
 // ActionSubmissionTriggerSubmitNoContent is response for ActionSubmissionTriggerSubmit operation.
 type ActionSubmissionTriggerSubmitNoContent struct{}
 // ActionSubmissionTriggerSubmitUncheckedNoContent is response for ActionSubmissionTriggerSubmitUnchecked operation.
 type ActionSubmissionTriggerSubmitUncheckedNoContent struct{}
 // ActionSubmissionTriggerUploadNoContent is response for ActionSubmissionTriggerUpload operation.
 type ActionSubmissionTriggerUploadNoContent struct{}
@@ -76,9 +82,10 @@ type ActionSubmissionValidatedNoContent struct{}
 // Ref: #/components/schemas/AuditEvent
 type AuditEvent struct {
-	ID   int64 `json:"ID"`
+	ID       int64  `json:"ID"`
-	Date int64 `json:"Date"`
+	Date     int64  `json:"Date"`
-	User int64 `json:"User"`
+	User     int64  `json:"User"`
 	Username string `json:"Username"`
 	// Is this a submission or is it a mapfix.
 	ResourceType int32 `json:"ResourceType"`
 	ResourceID   int64 `json:"ResourceID"`
@@ -102,6 +109,11 @@ func (s *AuditEvent) GetUser() int64 {
 	return s.User
 }
 // GetUsername returns the value of Username.
 func (s *AuditEvent) GetUsername() string {
 	return s.Username
 }
 // GetResourceType returns the value of ResourceType.
 func (s *AuditEvent) GetResourceType() int32 {
 	return s.ResourceType
@@ -137,6 +149,11 @@ func (s *AuditEvent) SetUser(val int64) {
 	s.User = val
 }
 // SetUsername sets the value of Username.
 func (s *AuditEvent) SetUsername(val string) {
 	s.Username = val
 }
 // SetResourceType sets the value of ResourceType.
 func (s *AuditEvent) SetResourceType(val int32) {
 	s.ResourceType = val
@@ -171,6 +188,7 @@ func (s *AuditEventEventData) init() AuditEventEventData {
 type CookieAuth struct {
 	APIKey string
 	Roles  []string
 }
 // GetAPIKey returns the value of APIKey.
@@ -178,11 +196,21 @@ func (s *CookieAuth) GetAPIKey() string {
 	return s.APIKey
 }
 // GetRoles returns the value of Roles.
 func (s *CookieAuth) GetRoles() []string {
 	return s.Roles
 }
 // SetAPIKey sets the value of APIKey.
 func (s *CookieAuth) SetAPIKey(val string) {
 	s.APIKey = val
 }
 // SetRoles sets the value of Roles.
 func (s *CookieAuth) SetRoles(val []string) {
 	s.Roles = val
 }
 // CreateMapfixAuditCommentNoContent is response for CreateMapfixAuditComment operation.
 type CreateMapfixAuditCommentNoContent struct{}
@@ -223,6 +251,20 @@ type DeleteScriptNoContent struct{}
 // DeleteScriptPolicyNoContent is response for DeleteScriptPolicy operation.
 type DeleteScriptPolicyNoContent struct{}
 type DownloadMapAssetOK struct {
 	Data io.Reader
 }
 // Read reads data from the Data reader.
 //
 // Kept to satisfy the io.Reader interface.
 func (s DownloadMapAssetOK) Read(p []byte) (n int, err error) {
 	if s.Data == nil {
 		return 0, io.EOF
 	}
 	return s.Data.Read(p)
 }
 // Represents error object.
 // Ref: #/components/schemas/Error
 type Error struct {
@@ -278,11 +320,18 @@ func (s *ErrorStatusCode) SetResponse(val Error) {
 // Ref: #/components/schemas/Map
 type Map struct {
-	ID          int64  `json:"ID"`
+	ID           int64  `json:"ID"`
-	DisplayName string `json:"DisplayName"`
+	DisplayName  string `json:"DisplayName"`
-	Creator     string `json:"Creator"`
+	Creator      string `json:"Creator"`
-	GameID      int32  `json:"GameID"`
+	GameID       int32  `json:"GameID"`
-	Date        int64  `json:"Date"`
+	Date         int64  `json:"Date"`
 	CreatedAt    int64  `json:"CreatedAt"`
 	UpdatedAt    int64  `json:"UpdatedAt"`
 	Submitter    uint64 `json:"Submitter"`
 	Thumbnail    uint64 `json:"Thumbnail"`
 	AssetVersion uint64 `json:"AssetVersion"`
 	LoadCount    uint32 `json:"LoadCount"`
 	Modes        uint32 `json:"Modes"`
 }
 // GetID returns the value of ID.
@@ -310,6 +359,41 @@ func (s *Map) GetDate() int64 {
 	return s.Date
 }
 // GetCreatedAt returns the value of CreatedAt.
 func (s *Map) GetCreatedAt() int64 {
 	return s.CreatedAt
 }
 // GetUpdatedAt returns the value of UpdatedAt.
 func (s *Map) GetUpdatedAt() int64 {
 	return s.UpdatedAt
 }
 // GetSubmitter returns the value of Submitter.
 func (s *Map) GetSubmitter() uint64 {
 	return s.Submitter
 }
 // GetThumbnail returns the value of Thumbnail.
 func (s *Map) GetThumbnail() uint64 {
 	return s.Thumbnail
 }
 // GetAssetVersion returns the value of AssetVersion.
 func (s *Map) GetAssetVersion() uint64 {
 	return s.AssetVersion
 }
 // GetLoadCount returns the value of LoadCount.
 func (s *Map) GetLoadCount() uint32 {
 	return s.LoadCount
 }
 // GetModes returns the value of Modes.
 func (s *Map) GetModes() uint32 {
 	return s.Modes
 }
 // SetID sets the value of ID.
 func (s *Map) SetID(val int64) {
 	s.ID = val
@@ -335,6 +419,41 @@ func (s *Map) SetDate(val int64) {
 	s.Date = val
 }
 // SetCreatedAt sets the value of CreatedAt.
 func (s *Map) SetCreatedAt(val int64) {
 	s.CreatedAt = val
 }
 // SetUpdatedAt sets the value of UpdatedAt.
 func (s *Map) SetUpdatedAt(val int64) {
 	s.UpdatedAt = val
 }
 // SetSubmitter sets the value of Submitter.
 func (s *Map) SetSubmitter(val uint64) {
 	s.Submitter = val
 }
 // SetThumbnail sets the value of Thumbnail.
 func (s *Map) SetThumbnail(val uint64) {
 	s.Thumbnail = val
 }
 // SetAssetVersion sets the value of AssetVersion.
 func (s *Map) SetAssetVersion(val uint64) {
 	s.AssetVersion = val
 }
 // SetLoadCount sets the value of LoadCount.
 func (s *Map) SetLoadCount(val uint32) {
 	s.LoadCount = val
 }
 // SetModes sets the value of Modes.
 func (s *Map) SetModes(val uint32) {
 	s.Modes = val
 }
 // Ref: #/components/schemas/Mapfix
 type Mapfix struct {
 	ID            int64  `json:"ID"`
@@ -349,7 +468,7 @@ type Mapfix struct {
 	Completed     bool   `json:"Completed"`
 	TargetAssetID int64  `json:"TargetAssetID"`
 	StatusID      int32  `json:"StatusID"`
-	StatusMessage string `json:"StatusMessage"`
+	Description   string `json:"Description"`
 }
 // GetID returns the value of ID.
@@ -412,9 +531,9 @@ func (s *Mapfix) GetStatusID() int32 {
 	return s.StatusID
 }
-// GetStatusMessage returns the value of StatusMessage.
+// GetDescription returns the value of Description.
-func (s *Mapfix) GetStatusMessage() string {
+func (s *Mapfix) GetDescription() string {
-	return s.StatusMessage
+	return s.Description
 }
 // SetID sets the value of ID.
@@ -477,15 +596,16 @@ func (s *Mapfix) SetStatusID(val int32) {
 	s.StatusID = val
 }
-// SetStatusMessage sets the value of StatusMessage.
+// SetDescription sets the value of Description.
-func (s *Mapfix) SetStatusMessage(val string) {
+func (s *Mapfix) SetDescription(val string) {
-	s.StatusMessage = val
+	s.Description = val
 }
 // Ref: #/components/schemas/MapfixTriggerCreate
 type MapfixTriggerCreate struct {
-	AssetID       int64 `json:"AssetID"`
+	AssetID       int64  `json:"AssetID"`
-	TargetAssetID int64 `json:"TargetAssetID"`
+	TargetAssetID int64  `json:"TargetAssetID"`
 	Description   string `json:"Description"`
 }
 // GetAssetID returns the value of AssetID.
@@ -498,6 +618,11 @@ func (s *MapfixTriggerCreate) GetTargetAssetID() int64 {
 	return s.TargetAssetID
 }
 // GetDescription returns the value of Description.
 func (s *MapfixTriggerCreate) GetDescription() string {
 	return s.Description
 }
 // SetAssetID sets the value of AssetID.
 func (s *MapfixTriggerCreate) SetAssetID(val int64) {
 	s.AssetID = val
@@ -508,6 +633,11 @@ func (s *MapfixTriggerCreate) SetTargetAssetID(val int64) {
 	s.TargetAssetID = val
 }
 // SetDescription sets the value of Description.
 func (s *MapfixTriggerCreate) SetDescription(val string) {
 	s.Description = val
 }
 // Ref: #/components/schemas/Mapfixes
 type Mapfixes struct {
 	Total    int64    `json:"Total"`
@@ -1163,7 +1293,6 @@ type Submission struct {
 	Completed             bool     `json:"Completed"`
 	UploadedAssetID       OptInt64 `json:"UploadedAssetID"`
 	StatusID              int32    `json:"StatusID"`
 	StatusMessage         string   `json:"StatusMessage"`
 }
 // GetID returns the value of ID.
@@ -1236,11 +1365,6 @@ func (s *Submission) GetStatusID() int32 {
 	return s.StatusID
 }
 // GetStatusMessage returns the value of StatusMessage.
 func (s *Submission) GetStatusMessage() string {
 	return s.StatusMessage
 }
 // SetID sets the value of ID.
 func (s *Submission) SetID(val int64) {
 	s.ID = val
@@ -1311,14 +1435,12 @@ func (s *Submission) SetStatusID(val int32) {
 	s.StatusID = val
 }
 // SetStatusMessage sets the value of StatusMessage.
 func (s *Submission) SetStatusMessage(val string) {
 	s.StatusMessage = val
 }
 // Ref: #/components/schemas/SubmissionTriggerCreate
 type SubmissionTriggerCreate struct {
-	AssetID int64 `json:"AssetID"`
+	AssetID     int64  `json:"AssetID"`
 	DisplayName string `json:"DisplayName"`
 	Creator     string `json:"Creator"`
 	GameID      int32  `json:"GameID"`
 }
 // GetAssetID returns the value of AssetID.
@@ -1326,11 +1448,41 @@ func (s *SubmissionTriggerCreate) GetAssetID() int64 {
 	return s.AssetID
 }
 // GetDisplayName returns the value of DisplayName.
 func (s *SubmissionTriggerCreate) GetDisplayName() string {
 	return s.DisplayName
 }
 // GetCreator returns the value of Creator.
 func (s *SubmissionTriggerCreate) GetCreator() string {
 	return s.Creator
 }
 // GetGameID returns the value of GameID.
 func (s *SubmissionTriggerCreate) GetGameID() int32 {
 	return s.GameID
 }
 // SetAssetID sets the value of AssetID.
 func (s *SubmissionTriggerCreate) SetAssetID(val int64) {
 	s.AssetID = val
 }
 // SetDisplayName sets the value of DisplayName.
 func (s *SubmissionTriggerCreate) SetDisplayName(val string) {
 	s.DisplayName = val
 }
 // SetCreator sets the value of Creator.
 func (s *SubmissionTriggerCreate) SetCreator(val string) {
 	s.Creator = val
 }
 // SetGameID sets the value of GameID.
 func (s *SubmissionTriggerCreate) SetGameID(val int32) {
 	s.GameID = val
 }
 // Ref: #/components/schemas/Submissions
 type Submissions struct {
 	Total       int64        `json:"Total"`
--- a/pkg/api/oas_security_gen.go
+++ b/pkg/api/oas_security_gen.go
@@ -33,6 +33,52 @@ func findAuthorization(h http.Header, prefix string) (string, bool) {
 	return "", false
 }
 var operationRolesCookieAuth = map[string][]string{
 	ActionMapfixAcceptedOperation:                   []string{},
 	ActionMapfixRejectOperation:                     []string{},
 	ActionMapfixRequestChangesOperation:             []string{},
 	ActionMapfixResetSubmittingOperation:            []string{},
 	ActionMapfixRetryValidateOperation:              []string{},
 	ActionMapfixRevokeOperation:                     []string{},
 	ActionMapfixTriggerSubmitOperation:              []string{},
 	ActionMapfixTriggerSubmitUncheckedOperation:     []string{},
 	ActionMapfixTriggerUploadOperation:              []string{},
 	ActionMapfixTriggerValidateOperation:            []string{},
 	ActionMapfixValidatedOperation:                  []string{},
 	ActionSubmissionAcceptedOperation:               []string{},
 	ActionSubmissionRejectOperation:                 []string{},
 	ActionSubmissionRequestChangesOperation:         []string{},
 	ActionSubmissionResetSubmittingOperation:        []string{},
 	ActionSubmissionRetryValidateOperation:          []string{},
 	ActionSubmissionRevokeOperation:                 []string{},
 	ActionSubmissionTriggerSubmitOperation:          []string{},
 	ActionSubmissionTriggerSubmitUncheckedOperation: []string{},
 	ActionSubmissionTriggerUploadOperation:          []string{},
 	ActionSubmissionTriggerValidateOperation:        []string{},
 	ActionSubmissionValidatedOperation:              []string{},
 	CreateMapfixOperation:                           []string{},
 	CreateMapfixAuditCommentOperation:               []string{},
 	CreateScriptOperation:                           []string{},
 	CreateScriptPolicyOperation:                     []string{},
 	CreateSubmissionOperation:                       []string{},
 	CreateSubmissionAdminOperation:                  []string{},
 	CreateSubmissionAuditCommentOperation:           []string{},
 	DeleteScriptOperation:                           []string{},
 	DeleteScriptPolicyOperation:                     []string{},
 	DownloadMapAssetOperation:                       []string{},
 	GetOperationOperation:                           []string{},
 	ReleaseSubmissionsOperation:                     []string{},
 	SessionRolesOperation:                           []string{},
 	SessionUserOperation:                            []string{},
 	SessionValidateOperation:                        []string{},
 	SetMapfixCompletedOperation:                     []string{},
 	SetSubmissionCompletedOperation:                 []string{},
 	UpdateMapfixModelOperation:                      []string{},
 	UpdateScriptOperation:                           []string{},
 	UpdateScriptPolicyOperation:                     []string{},
 	UpdateSubmissionModelOperation:                  []string{},
 }
 func (s *Server) securityCookieAuth(ctx context.Context, operationName OperationName, req *http.Request) (context.Context, bool, error) {
 	var t CookieAuth
 	const parameterName = "session_id"
@@ -46,6 +92,7 @@ func (s *Server) securityCookieAuth(ctx context.Context, operationName Operation
 		return nil, false, errors.Wrap(err, "get cookie value")
 	}
 	t.APIKey = value
 	t.Roles = operationRolesCookieAuth[operationName]
 	rctx, err := s.sec.HandleCookieAuth(ctx, operationName, t)
 	if errors.Is(err, ogenerrors.ErrSkipServerSecurity) {
 		return nil, false, nil
--- a/pkg/api/oas_server_gen.go
+++ b/pkg/api/oas_server_gen.go
@@ -51,6 +51,12 @@ type Handler interface {
 	//
 	// POST /mapfixes/{MapfixID}/status/trigger-submit
 	ActionMapfixTriggerSubmit(ctx context.Context, params ActionMapfixTriggerSubmitParams) error
 	// ActionMapfixTriggerSubmitUnchecked implements actionMapfixTriggerSubmitUnchecked operation.
 	//
 	// Role Reviewer changes status from ChangesRequested -> Submitting.
 	//
 	// POST /mapfixes/{MapfixID}/status/trigger-submit-unchecked
 	ActionMapfixTriggerSubmitUnchecked(ctx context.Context, params ActionMapfixTriggerSubmitUncheckedParams) error
 	// ActionMapfixTriggerUpload implements actionMapfixTriggerUpload operation.
 	//
 	// Role Admin changes status from Validated -> Uploading.
@@ -112,6 +118,12 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-submit
 	ActionSubmissionTriggerSubmit(ctx context.Context, params ActionSubmissionTriggerSubmitParams) error
 	// ActionSubmissionTriggerSubmitUnchecked implements actionSubmissionTriggerSubmitUnchecked operation.
 	//
 	// Role Reviewer changes status from ChangesRequested -> Submitting.
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-submit-unchecked
 	ActionSubmissionTriggerSubmitUnchecked(ctx context.Context, params ActionSubmissionTriggerSubmitUncheckedParams) error
 	// ActionSubmissionTriggerUpload implements actionSubmissionTriggerUpload operation.
 	//
 	// Role Admin changes status from Validated -> Uploading.
@@ -160,6 +172,12 @@ type Handler interface {
 	//
 	// POST /submissions
 	CreateSubmission(ctx context.Context, req *SubmissionTriggerCreate) (*OperationID, error)
 	// CreateSubmissionAdmin implements createSubmissionAdmin operation.
 	//
 	// Trigger the validator to create a new submission.
 	//
 	// POST /submissions-admin
 	CreateSubmissionAdmin(ctx context.Context, req *SubmissionTriggerCreate) (*OperationID, error)
 	// CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
 	//
 	// Post a comment to the audit log.
@@ -178,6 +196,12 @@ type Handler interface {
 	//
 	// DELETE /script-policy/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
 	// DownloadMapAsset implements downloadMapAsset operation.
 	//
 	// Download the map asset.
 	//
 	// GET /maps/{MapID}/download
 	DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (DownloadMapAssetOK, error)
 	// GetMap implements getMap operation.
 	//
 	// Retrieve map with ID.
--- a/pkg/api/oas_unimplemented_gen.go
+++ b/pkg/api/oas_unimplemented_gen.go
@@ -77,6 +77,15 @@ func (UnimplementedHandler) ActionMapfixTriggerSubmit(ctx context.Context, param
 	return ht.ErrNotImplemented
 }
 // ActionMapfixTriggerSubmitUnchecked implements actionMapfixTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /mapfixes/{MapfixID}/status/trigger-submit-unchecked
 func (UnimplementedHandler) ActionMapfixTriggerSubmitUnchecked(ctx context.Context, params ActionMapfixTriggerSubmitUncheckedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionMapfixTriggerUpload implements actionMapfixTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -168,6 +177,15 @@ func (UnimplementedHandler) ActionSubmissionTriggerSubmit(ctx context.Context, p
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionTriggerSubmitUnchecked implements actionSubmissionTriggerSubmitUnchecked operation.
 //
 // Role Reviewer changes status from ChangesRequested -> Submitting.
 //
 // POST /submissions/{SubmissionID}/status/trigger-submit-unchecked
 func (UnimplementedHandler) ActionSubmissionTriggerSubmitUnchecked(ctx context.Context, params ActionSubmissionTriggerSubmitUncheckedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionTriggerUpload implements actionSubmissionTriggerUpload operation.
 //
 // Role Admin changes status from Validated -> Uploading.
@@ -240,6 +258,15 @@ func (UnimplementedHandler) CreateSubmission(ctx context.Context, req *Submissio
 	return r, ht.ErrNotImplemented
 }
 // CreateSubmissionAdmin implements createSubmissionAdmin operation.
 //
 // Trigger the validator to create a new submission.
 //
 // POST /submissions-admin
 func (UnimplementedHandler) CreateSubmissionAdmin(ctx context.Context, req *SubmissionTriggerCreate) (r *OperationID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
 //
 // Post a comment to the audit log.
@@ -267,6 +294,15 @@ func (UnimplementedHandler) DeleteScriptPolicy(ctx context.Context, params Delet
 	return ht.ErrNotImplemented
 }
 // DownloadMapAsset implements downloadMapAsset operation.
 //
 // Download the map asset.
 //
 // GET /maps/{MapID}/download
 func (UnimplementedHandler) DownloadMapAsset(ctx context.Context, params DownloadMapAssetParams) (r DownloadMapAssetOK, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // GetMap implements getMap operation.
 //
 // Retrieve map with ID.
--- a/pkg/api/oas_validators_gen.go
+++ b/pkg/api/oas_validators_gen.go
@@ -10,6 +10,37 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )
 func (s *AuditEvent) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    64,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Username)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Username",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *Error) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
@@ -408,13 +439,13 @@ func (s *Mapfix) Validate() error {
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
-		}).Validate(string(s.StatusMessage)); err != nil {
+		}).Validate(string(s.Description)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
-			Name:  "StatusMessage",
+			Name:  "Description",
 			Error: err,
 		})
 	}
@@ -470,6 +501,25 @@ func (s *MapfixTriggerCreate) Validate() error {
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    256,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Description)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Description",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
@@ -1751,25 +1801,6 @@ func (s *Submission) Validate() error {
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    256,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.StatusMessage)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "StatusMessage",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
@@ -1802,6 +1833,64 @@ func (s *SubmissionTriggerCreate) Validate() error {
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.DisplayName)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "DisplayName",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Creator)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Creator",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.GameID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "GameID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
--- a/pkg/cmds/api.go
+++ b/pkg/cmds/api.go
@@ -0,0 +1,57 @@
 package cmds
 import (
 	"git.itzana.me/strafesnet/maps-service/pkg/public_api"
 	"github.com/urfave/cli/v2"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
 )
 func NewApiCommand() *cli.Command {
 	return &cli.Command{
 		Name:   "api",
 		Usage:  "Run api service",
 		Action: runAPI,
 		Flags: []cli.Flag{
 			&cli.IntFlag{
 				Name:    "port",
 				Usage:   "Listen port",
 				EnvVars: []string{"PORT"},
 				Value:   8080,
 			},
 			&cli.StringFlag{
 				Name:    "dev-rpc-host",
 				Usage:   "Host of dev rpc",
 				EnvVars: []string{"DEV_RPC_HOST"},
 				Value:   "dev-service:8081",
 			},
 			&cli.StringFlag{
 				Name:    "maps-rpc-host",
 				Usage:   "Host of maps rpc",
 				EnvVars: []string{"MAPS_RPC_HOST"},
 				Value:   "maptest-api:8081",
 			},
 		},
 	}
 }
 func runAPI(ctx *cli.Context) error {
 	// Dev service client
 	devConn, err := grpc.Dial(ctx.String("dev-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		return err
 	}
 	// Data service client
 	mapsConn, err := grpc.Dial(ctx.String("maps-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		return err
 	}
 	return api.NewRouter(
 		api.WithContext(ctx),
 		api.WithPort(ctx.Int("port")),
 		api.WithDevClient(devConn),
 		api.WithMapsClient(mapsConn),
 	)
 }
--- a/pkg/cmds/serve.go
+++ b/pkg/cmds/serve.go
@@ -2,15 +2,21 @@ package cmds
 import (
 	"fmt"
 	"net"
 	"net/http"
 	"git.itzana.me/strafesnet/go-grpc/auth"
 	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/go-grpc/maps_extended"
 	"git.itzana.me/strafesnet/go-grpc/users"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/controller"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore/gormstore"
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/roblox"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
-	"git.itzana.me/strafesnet/maps-service/pkg/service_internal"
+	"git.itzana.me/strafesnet/maps-service/pkg/validator_controller"
 	"git.itzana.me/strafesnet/maps-service/pkg/web_api"
 	"github.com/nats-io/nats.go"
 	log "github.com/sirupsen/logrus"
 	"github.com/urfave/cli/v2"
@@ -90,6 +96,12 @@ func NewServeCommand() *cli.Command {
 				EnvVars: []string{"NATS_HOST"},
 				Value:   "nats:4222",
 			},
 			&cli.StringFlag{
 				Name:     "rbx-api-key",
 				Usage:    "API Key for downloading asset locations",
 				EnvVars:  []string{"RBX_API_KEY"},
 				Required: true,
 			},
 		},
 	}
 }
@@ -122,45 +134,67 @@ func serve(ctx *cli.Context) error {
 	if err != nil {
 		log.Fatal(err)
 	}
-	svc := &service.Service{
+	svc_inner := service.NewService(
-		DB:   db,
+		db,
-		Nats: js,
+		js,
-		Client: maps.NewMapsServiceClient(conn),
+		maps.NewMapsServiceClient(conn),
-	}
+		users.NewUsersServiceClient(conn),
 	)
 	svc_external := web_api.NewService(
 		&svc_inner,
 		roblox.Client{
 			HttpClient: http.DefaultClient,
 			ApiKey: ctx.String("rbx-api-key"),
 		},
 	)
 	conn, err = grpc.Dial(ctx.String("auth-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		log.Fatal(err)
 	}
-	sec := service.SecurityHandler{
+	sec := web_api.SecurityHandler{
 		Client: auth.NewAuthServiceClient(conn),
 	}
-	srv, err := api.NewServer(svc, sec, api.WithPathPrefix("/v1"))
+	srv_external, err := api.NewServer(&svc_external, sec, api.WithPathPrefix("/v1"))
 	if err != nil {
 		log.WithError(err).Fatal("failed to initialize api server")
 	}
-	svc2 := &service_internal.Service{
+	grpcServer := grpc.NewServer()
 		DB:   db,
 		Nats: js,
 	}
-	srv2, err := internal.NewServer(svc2, internal.WithPathPrefix("/v1"))
+	maps_controller := controller.NewMapsController(&svc_inner)
 	maps_extended.RegisterMapsServiceServer(grpcServer,&maps_controller)
 	mapfix_controller := validator_controller.NewMapfixesController(&svc_inner)
 	operation_controller := validator_controller.NewOperationsController(&svc_inner)
 	script_controller := validator_controller.NewScriptsController(&svc_inner)
 	script_policy_controller := validator_controller.NewScriptPolicyController(&svc_inner)
 	submission_controller := validator_controller.NewSubmissionsController(&svc_inner)
 	validator.RegisterValidatorMapfixServiceServer(grpcServer,&mapfix_controller)
 	validator.RegisterValidatorOperationServiceServer(grpcServer,&operation_controller)
 	validator.RegisterValidatorScriptServiceServer(grpcServer,&script_controller)
 	validator.RegisterValidatorScriptPolicyServiceServer(grpcServer,&script_policy_controller)
 	validator.RegisterValidatorSubmissionServiceServer(grpcServer,&submission_controller)
 	port := ctx.Int("port-internal")
 	lis, err := net.Listen("tcp", fmt.Sprintf(":%d", port))
 	if err != nil {
-		log.WithError(err).Fatal("failed to initialize api server")
+		log.WithField("error", err).Fatalln("failed to net.Listen")
 	}
 	// Channel to collect errors
 	errChan := make(chan error, 2)
 	// First server
 	go func(errChan chan error) {
-		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
+		errChan <- grpcServer.Serve(lis)
 	}(errChan)
 	// Second server
 	go func(errChan chan error) {
-		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
+		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv_external)
 	}(errChan)
 	// Wait for the first error or completion of both tasks
--- a/pkg/controller/maps.go
+++ b/pkg/controller/maps.go
@@ -0,0 +1,197 @@
 package controller
 import (
 	"context"
 	"errors"
 	"time"
 	"git.itzana.me/strafesnet/go-grpc/maps_extended"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 var (
 	PageError = errors.New("Pagination required")
 )
 type Maps struct {
 	*maps_extended.UnimplementedMapsServiceServer
 	inner *service.Service
 }
 func NewMapsController(
 	inner *service.Service,
 ) Maps {
 	return Maps{
 		inner: inner,
 	}
 }
 func (svc *Maps) Create(ctx context.Context, request *maps_extended.MapCreate) (*maps_extended.MapId, error) {
 	id, err := svc.inner.CreateMap(ctx, model.Map{
 		ID:           request.ID,
 		DisplayName:  request.DisplayName,
 		Creator:      request.Creator,
 		GameID:       request.GameID,
 		Submitter:    request.Submitter,
 		Date:         time.Unix(request.Date, 0),
 		Thumbnail:    request.Thumbnail,
 		AssetVersion: request.AssetVersion,
 		LoadCount:    0,
 		Modes:        request.Modes,
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &maps_extended.MapId{
 		ID: id,
 	}, nil
 }
 func (svc *Maps) Delete(ctx context.Context, request *maps_extended.MapId) (*maps_extended.NullResponse, error) {
 	err := svc.inner.DeleteMap(ctx, request.ID)
 	if err != nil {
 		return nil, err
 	}
 	return &maps_extended.NullResponse{}, nil
 }
 func (svc *Maps) Get(ctx context.Context, request *maps_extended.MapId) (*maps_extended.MapResponse, error) {
 	item, err := svc.inner.GetMap(ctx, request.ID)
 	if err != nil {
 		return nil, err
 	}
 	return &maps_extended.MapResponse{
 		ID:           item.ID,
 		DisplayName:  item.DisplayName,
 		Creator:      item.Creator,
 		GameID:       uint32(item.GameID),
 		Date:         item.Date.Unix(),
 		CreatedAt:    item.CreatedAt.Unix(),
 		UpdatedAt:    item.UpdatedAt.Unix(),
 		Submitter:    uint64(item.Submitter),
 		Thumbnail:    uint64(item.Thumbnail),
 		AssetVersion: uint64(item.AssetVersion),
 		LoadCount:    item.LoadCount,
 		Modes:        item.Modes,
 	}, nil
 }
 func (svc *Maps) GetList(ctx context.Context, request *maps_extended.MapIdList) (*maps_extended.MapList, error) {
 	items, err := svc.inner.GetMapList(ctx, request.ID)
 	if err != nil {
 		return nil, err
 	}
 	resp := maps_extended.MapList{}
 	resp.Maps = make([]*maps_extended.MapResponse, len(items))
 	for i, item := range items {
 		resp.Maps[i] = &maps_extended.MapResponse{
 			ID:           item.ID,
 			DisplayName:  item.DisplayName,
 			Creator:      item.Creator,
 			GameID:       uint32(item.GameID),
 			Date:         item.Date.Unix(),
 			CreatedAt:    item.CreatedAt.Unix(),
 			UpdatedAt:    item.UpdatedAt.Unix(),
 			Submitter:    uint64(item.Submitter),
 			Thumbnail:    uint64(item.Thumbnail),
 			AssetVersion: uint64(item.AssetVersion),
 			LoadCount:    item.LoadCount,
 			Modes:        item.Modes,
 		}
 	}
 	return &resp, nil
 }
 func (svc *Maps) List(ctx context.Context, request *maps_extended.ListRequest) (*maps_extended.MapList, error) {
 	if request.Page == nil {
 		return nil, PageError
 	}
 	filter := service.NewMapFilter()
 	if request.Filter != nil {
 		if request.Filter.DisplayName != nil {
 			filter.SetDisplayName(*request.Filter.DisplayName)
 		}
 		if request.Filter.Creator != nil {
 			filter.SetCreator(*request.Filter.Creator)
 		}
 		if request.Filter.GameID != nil {
 			filter.SetGameID(*request.Filter.GameID)
 		}
 		if request.Filter.Submitter != nil {
 			filter.SetSubmitter(*request.Filter.Submitter)
 		}
 	}
 	items, err := svc.inner.ListMaps(ctx, filter, model.Page{
 		Number: int32(request.Page.Number),
 		Size:   int32(request.Page.Size),
 	})
 	if err != nil {
 		return nil, err
 	}
 	resp := maps_extended.MapList{}
 	resp.Maps = make([]*maps_extended.MapResponse, len(items))
 	for i, item := range items {
 		resp.Maps[i] = &maps_extended.MapResponse{
 			ID:           item.ID,
 			DisplayName:  item.DisplayName,
 			Creator:      item.Creator,
 			GameID:       uint32(item.GameID),
 			Date:         item.Date.Unix(),
 			CreatedAt:    item.CreatedAt.Unix(),
 			UpdatedAt:    item.UpdatedAt.Unix(),
 			Submitter:    uint64(item.Submitter),
 			Thumbnail:    uint64(item.Thumbnail),
 			AssetVersion: uint64(item.AssetVersion),
 			LoadCount:    item.LoadCount,
 			Modes:        item.Modes,
 		}
 	}
 	return &resp, nil
 }
 func (svc *Maps) Update(ctx context.Context, request *maps_extended.MapUpdate) (*maps_extended.NullResponse, error) {
 	update := service.NewMapUpdate()
 	if request.DisplayName != nil {
 		update.SetDisplayName(*request.DisplayName)
 	}
 	if request.Creator != nil {
 		update.SetCreator(*request.Creator)
 	}
 	if request.GameID != nil {
 		update.SetGameID(*request.GameID)
 	}
 	if request.Date != nil {
 		update.SetDate(*request.Date)
 	}
 	if request.Submitter != nil {
 		update.SetSubmitter(*request.Submitter)
 	}
 	if request.Thumbnail != nil {
 		update.SetThumbnail(*request.Thumbnail)
 	}
 	if request.AssetVersion != nil {
 		update.SetAssetVersion(*request.AssetVersion)
 	}
 	if request.Modes != nil {
 		update.SetModes(*request.Modes)
 	}
 	err := svc.inner.UpdateMap(ctx, request.ID, update)
 	if err != nil {
 		return nil, err
 	}
 	return &maps_extended.NullResponse{}, nil
 }
 func (svc *Maps) IncrementLoadCount(ctx context.Context, request *maps_extended.MapId) (*maps_extended.NullResponse, error) {
 	err := svc.inner.IncrementMapLoadCount(ctx, request.ID)
 	if err != nil {
 		return nil, err
 	}
 	return &maps_extended.NullResponse{}, nil
 }
--- a/pkg/datastore/datastore.go
+++ b/pkg/datastore/datastore.go
@@ -25,6 +25,7 @@ const (
 type Datastore interface {
 	AuditEvents() AuditEvents
 	Maps() Maps
 	Mapfixes() Mapfixes
 	Operations() Operations
 	Submissions() Submissions
@@ -40,6 +41,16 @@ type AuditEvents interface {
 	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.AuditEvent, error)
 }
 type Maps interface {
 	Get(ctx context.Context, id int64) (model.Map, error)
 	GetList(ctx context.Context, id []int64) ([]model.Map, error)
 	Create(ctx context.Context, smap model.Map) (model.Map, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
 	Delete(ctx context.Context, id int64) error
 	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Map, error)
 	IncrementLoadCount(ctx context.Context, id int64) error
 }
 type Mapfixes interface {
 	Get(ctx context.Context, id int64) (model.Mapfix, error)
 	GetList(ctx context.Context, id []int64) ([]model.Mapfix, error)
--- a/pkg/datastore/gormstore/audit_events.go
+++ b/pkg/datastore/gormstore/audit_events.go
@@ -56,7 +56,7 @@ func (env *AuditEvents) Delete(ctx context.Context, id int64) error {
 func (env *AuditEvents) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.AuditEvent, error) {
 	var events []model.AuditEvent
-	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&events).Error; err != nil {
+	if err := env.db.Where(filters.Map()).Order("id ASC").Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&events).Error; err != nil {
 		return nil, err
 	}
--- a/pkg/datastore/gormstore/db.go
+++ b/pkg/datastore/gormstore/db.go
@@ -32,6 +32,7 @@ func New(ctx *cli.Context) (datastore.Datastore, error) {
 	if ctx.Bool("migrate") {
 		if err := db.AutoMigrate(
 			&model.AuditEvent{},
 			&model.Map{},
 			&model.Mapfix{},
 			&model.Operation{},
 			&model.Submission{},
--- a/pkg/datastore/gormstore/gormstore.go
+++ b/pkg/datastore/gormstore/gormstore.go
@@ -13,6 +13,10 @@ func (g Gormstore) AuditEvents() datastore.AuditEvents {
 	return &AuditEvents{db: g.db}
 }
 func (g Gormstore) Maps() datastore.Maps {
 	return &Maps{db: g.db}
 }
 func (g Gormstore) Mapfixes() datastore.Mapfixes {
 	return &Mapfixes{db: g.db}
 }
--- a/pkg/datastore/gormstore/mapfixes.go
+++ b/pkg/datastore/gormstore/mapfixes.go
@@ -55,11 +55,16 @@ func (env *Mapfixes) Update(ctx context.Context, id int64, values datastore.Opti
 // the update can only occur if the status matches one of the provided values.
 func (env *Mapfixes) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.MapfixStatus, values datastore.OptionalMap) error {
-	if err := env.db.Model(&model.Mapfix{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map()).Error; err != nil {
+	result := env.db.Model(&model.Mapfix{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map())
-		if err == gorm.ErrRecordNotFound {
+	if result.Error != nil {
 		if result.Error == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
 		}
-		return err
+		return result.Error
 	}
 	if result.RowsAffected == 0 {
 		return datastore.ErroNoRowsAffected
 	}
 	return nil
--- a/pkg/datastore/gormstore/maps.go
+++ b/pkg/datastore/gormstore/maps.go
@@ -0,0 +1,84 @@
 package gormstore
 import (
 	"context"
 	"errors"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"gorm.io/gorm"
 )
 type Maps struct {
 	db *gorm.DB
 }
 func (env *Maps) Get(ctx context.Context, id int64) (model.Map, error) {
 	var mdl model.Map
 	if err := env.db.First(&mdl, id).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
 		return mdl, err
 	}
 	return mdl, nil
 }
 func (env *Maps) GetList(ctx context.Context, id []int64) ([]model.Map, error) {
 	var mapList []model.Map
 	if err := env.db.Find(&mapList, "id IN ?", id).Error; err != nil {
 		return mapList, err
 	}
 	return mapList, nil
 }
 func (env *Maps) Create(ctx context.Context, smap model.Map) (model.Map, error) {
 	if err := env.db.Create(&smap).Error; err != nil {
 		return smap, err
 	}
 	return smap, nil
 }
 func (env *Maps) Update(ctx context.Context, id int64, values datastore.OptionalMap) error {
 	if err := env.db.Model(&model.Map{}).Where("id = ?", id).Updates(values.Map()).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
 		}
 		return err
 	}
 	return nil
 }
 func (env *Maps) IncrementLoadCount(ctx context.Context, id int64) error {
 	if err := env.db.Model(&model.Map{}).Where("id = ?", id).UpdateColumn("load_count", gorm.Expr("load_count + ?", 1)).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
 		}
 		return err
 	}
 	return nil
 }
 func (env *Maps) Delete(ctx context.Context, id int64) error {
 	if err := env.db.Delete(&model.Map{}, id).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
 		}
 		return err
 	}
 	return nil
 }
 func (env *Maps) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.Map, error) {
 	var events []model.Map
 	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&events).Error; err != nil {
 		return nil, err
 	}
 	return events, nil
 }
--- a/pkg/datastore/gormstore/submissions.go
+++ b/pkg/datastore/gormstore/submissions.go
@@ -55,11 +55,16 @@ func (env *Submissions) Update(ctx context.Context, id int64, values datastore.O
 // the update can only occur if the status matches one of the provided values.
 func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) error {
-	if err := env.db.Model(&model.Submission{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map()).Error; err != nil {
+	result := env.db.Model(&model.Submission{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map())
-		if err == gorm.ErrRecordNotFound {
+	if result.Error != nil {
 		if result.Error == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
 		}
-		return err
+		return result.Error
 	}
 	if result.RowsAffected == 0 {
 		return datastore.ErroNoRowsAffected
 	}
 	return nil
--- a/pkg/internal/oas_cfg_gen.go
+++ b/pkg/internal/oas_cfg_gen.go
@@ -1,283 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"net/http"
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/metric"
 	"go.opentelemetry.io/otel/trace"
 	ht "github.com/ogen-go/ogen/http"
 	"github.com/ogen-go/ogen/middleware"
 	"github.com/ogen-go/ogen/ogenerrors"
 	"github.com/ogen-go/ogen/otelogen"
 )
 var (
 	// Allocate option closure once.
 	clientSpanKind = trace.WithSpanKind(trace.SpanKindClient)
 	// Allocate option closure once.
 	serverSpanKind = trace.WithSpanKind(trace.SpanKindServer)
 )
 type (
 	optionFunc[C any] func(*C)
 	otelOptionFunc    func(*otelConfig)
 )
 type otelConfig struct {
 	TracerProvider trace.TracerProvider
 	Tracer         trace.Tracer
 	MeterProvider  metric.MeterProvider
 	Meter          metric.Meter
 }
 func (cfg *otelConfig) initOTEL() {
 	if cfg.TracerProvider == nil {
 		cfg.TracerProvider = otel.GetTracerProvider()
 	}
 	if cfg.MeterProvider == nil {
 		cfg.MeterProvider = otel.GetMeterProvider()
 	}
 	cfg.Tracer = cfg.TracerProvider.Tracer(otelogen.Name,
 		trace.WithInstrumentationVersion(otelogen.SemVersion()),
 	)
 	cfg.Meter = cfg.MeterProvider.Meter(otelogen.Name,
 		metric.WithInstrumentationVersion(otelogen.SemVersion()),
 	)
 }
 // ErrorHandler is error handler.
 type ErrorHandler = ogenerrors.ErrorHandler
 type serverConfig struct {
 	otelConfig
 	NotFound           http.HandlerFunc
 	MethodNotAllowed   func(w http.ResponseWriter, r *http.Request, allowed string)
 	ErrorHandler       ErrorHandler
 	Prefix             string
 	Middleware         Middleware
 	MaxMultipartMemory int64
 }
 // ServerOption is server config option.
 type ServerOption interface {
 	applyServer(*serverConfig)
 }
 var _ ServerOption = (optionFunc[serverConfig])(nil)
 func (o optionFunc[C]) applyServer(c *C) {
 	o(c)
 }
 var _ ServerOption = (otelOptionFunc)(nil)
 func (o otelOptionFunc) applyServer(c *serverConfig) {
 	o(&c.otelConfig)
 }
 func newServerConfig(opts ...ServerOption) serverConfig {
 	cfg := serverConfig{
 		NotFound: http.NotFound,
 		MethodNotAllowed: func(w http.ResponseWriter, r *http.Request, allowed string) {
 			status := http.StatusMethodNotAllowed
 			if r.Method == "OPTIONS" {
 				w.Header().Set("Access-Control-Allow-Methods", allowed)
 				w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
 				status = http.StatusNoContent
 			} else {
 				w.Header().Set("Allow", allowed)
 			}
 			w.WriteHeader(status)
 		},
 		ErrorHandler:       ogenerrors.DefaultErrorHandler,
 		Middleware:         nil,
 		MaxMultipartMemory: 32 << 20, // 32 MB
 	}
 	for _, opt := range opts {
 		opt.applyServer(&cfg)
 	}
 	cfg.initOTEL()
 	return cfg
 }
 type baseServer struct {
 	cfg      serverConfig
 	requests metric.Int64Counter
 	errors   metric.Int64Counter
 	duration metric.Float64Histogram
 }
 func (s baseServer) notFound(w http.ResponseWriter, r *http.Request) {
 	s.cfg.NotFound(w, r)
 }
 func (s baseServer) notAllowed(w http.ResponseWriter, r *http.Request, allowed string) {
 	s.cfg.MethodNotAllowed(w, r, allowed)
 }
 func (cfg serverConfig) baseServer() (s baseServer, err error) {
 	s = baseServer{cfg: cfg}
 	if s.requests, err = otelogen.ServerRequestCountCounter(s.cfg.Meter); err != nil {
 		return s, err
 	}
 	if s.errors, err = otelogen.ServerErrorsCountCounter(s.cfg.Meter); err != nil {
 		return s, err
 	}
 	if s.duration, err = otelogen.ServerDurationHistogram(s.cfg.Meter); err != nil {
 		return s, err
 	}
 	return s, nil
 }
 type clientConfig struct {
 	otelConfig
 	Client ht.Client
 }
 // ClientOption is client config option.
 type ClientOption interface {
 	applyClient(*clientConfig)
 }
 var _ ClientOption = (optionFunc[clientConfig])(nil)
 func (o optionFunc[C]) applyClient(c *C) {
 	o(c)
 }
 var _ ClientOption = (otelOptionFunc)(nil)
 func (o otelOptionFunc) applyClient(c *clientConfig) {
 	o(&c.otelConfig)
 }
 func newClientConfig(opts ...ClientOption) clientConfig {
 	cfg := clientConfig{
 		Client: http.DefaultClient,
 	}
 	for _, opt := range opts {
 		opt.applyClient(&cfg)
 	}
 	cfg.initOTEL()
 	return cfg
 }
 type baseClient struct {
 	cfg      clientConfig
 	requests metric.Int64Counter
 	errors   metric.Int64Counter
 	duration metric.Float64Histogram
 }
 func (cfg clientConfig) baseClient() (c baseClient, err error) {
 	c = baseClient{cfg: cfg}
 	if c.requests, err = otelogen.ClientRequestCountCounter(c.cfg.Meter); err != nil {
 		return c, err
 	}
 	if c.errors, err = otelogen.ClientErrorsCountCounter(c.cfg.Meter); err != nil {
 		return c, err
 	}
 	if c.duration, err = otelogen.ClientDurationHistogram(c.cfg.Meter); err != nil {
 		return c, err
 	}
 	return c, nil
 }
 // Option is config option.
 type Option interface {
 	ServerOption
 	ClientOption
 }
 // WithTracerProvider specifies a tracer provider to use for creating a tracer.
 //
 // If none is specified, the global provider is used.
 func WithTracerProvider(provider trace.TracerProvider) Option {
 	return otelOptionFunc(func(cfg *otelConfig) {
 		if provider != nil {
 			cfg.TracerProvider = provider
 		}
 	})
 }
 // WithMeterProvider specifies a meter provider to use for creating a meter.
 //
 // If none is specified, the otel.GetMeterProvider() is used.
 func WithMeterProvider(provider metric.MeterProvider) Option {
 	return otelOptionFunc(func(cfg *otelConfig) {
 		if provider != nil {
 			cfg.MeterProvider = provider
 		}
 	})
 }
 // WithClient specifies http client to use.
 func WithClient(client ht.Client) ClientOption {
 	return optionFunc[clientConfig](func(cfg *clientConfig) {
 		if client != nil {
 			cfg.Client = client
 		}
 	})
 }
 // WithNotFound specifies Not Found handler to use.
 func WithNotFound(notFound http.HandlerFunc) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		if notFound != nil {
 			cfg.NotFound = notFound
 		}
 	})
 }
 // WithMethodNotAllowed specifies Method Not Allowed handler to use.
 func WithMethodNotAllowed(methodNotAllowed func(w http.ResponseWriter, r *http.Request, allowed string)) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		if methodNotAllowed != nil {
 			cfg.MethodNotAllowed = methodNotAllowed
 		}
 	})
 }
 // WithErrorHandler specifies error handler to use.
 func WithErrorHandler(h ErrorHandler) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		if h != nil {
 			cfg.ErrorHandler = h
 		}
 	})
 }
 // WithPathPrefix specifies server path prefix.
 func WithPathPrefix(prefix string) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		cfg.Prefix = prefix
 	})
 }
 // WithMiddleware specifies middlewares to use.
 func WithMiddleware(m ...Middleware) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		switch len(m) {
 		case 0:
 			cfg.Middleware = nil
 		case 1:
 			cfg.Middleware = m[0]
 		default:
 			cfg.Middleware = middleware.ChainMiddlewares(m...)
 		}
 	})
 }
 // WithMaxMultipartMemory specifies limit of memory for storing file parts.
 // File parts which can't be stored in memory will be stored on disk in temporary files.
 func WithMaxMultipartMemory(max int64) ServerOption {
 	return optionFunc[serverConfig](func(cfg *serverConfig) {
 		if max > 0 {
 			cfg.MaxMultipartMemory = max
 		}
 	})
 }
--- a/pkg/internal/oas_client_gen.go
+++ b/pkg/internal/oas_client_gen.go
--- a/pkg/internal/oas_handlers_gen.go
+++ b/pkg/internal/oas_handlers_gen.go
--- a/pkg/internal/oas_json_gen.go
+++ b/pkg/internal/oas_json_gen.go
--- a/pkg/internal/oas_labeler_gen.go
+++ b/pkg/internal/oas_labeler_gen.go
@@ -1,42 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"context"
 	"go.opentelemetry.io/otel/attribute"
 )
 // Labeler is used to allow adding custom attributes to the server request metrics.
 type Labeler struct {
 	attrs []attribute.KeyValue
 }
 // Add attributes to the Labeler.
 func (l *Labeler) Add(attrs ...attribute.KeyValue) {
 	l.attrs = append(l.attrs, attrs...)
 }
 // AttributeSet returns the attributes added to the Labeler as an attribute.Set.
 func (l *Labeler) AttributeSet() attribute.Set {
 	return attribute.NewSet(l.attrs...)
 }
 type labelerContextKey struct{}
 // LabelerFromContext retrieves the Labeler from the provided context, if present.
 //
 // If no Labeler was found in the provided context a new, empty Labeler is returned and the second
 // return value is false. In this case it is safe to use the Labeler but any attributes added to
 // it will not be used.
 func LabelerFromContext(ctx context.Context) (*Labeler, bool) {
 	if l, ok := ctx.Value(labelerContextKey{}).(*Labeler); ok {
 		return l, true
 	}
 	return &Labeler{}, false
 }
 func contextWithLabeler(ctx context.Context, l *Labeler) context.Context {
 	return context.WithValue(ctx, labelerContextKey{}, l)
 }
--- a/pkg/internal/oas_middleware_gen.go
+++ b/pkg/internal/oas_middleware_gen.go
@@ -1,10 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"github.com/ogen-go/ogen/middleware"
 )
 // Middleware is middleware type.
 type Middleware = middleware.Middleware
--- a/pkg/internal/oas_operations_gen.go
+++ b/pkg/internal/oas_operations_gen.go
@@ -1,27 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 // OperationName is the ogen operation name
 type OperationName = string
 const (
 	ActionMapfixAcceptedOperation           OperationName = "ActionMapfixAccepted"
 	ActionMapfixSubmittedOperation          OperationName = "ActionMapfixSubmitted"
 	ActionMapfixUploadedOperation           OperationName = "ActionMapfixUploaded"
 	ActionMapfixValidatedOperation          OperationName = "ActionMapfixValidated"
 	ActionOperationFailedOperation          OperationName = "ActionOperationFailed"
 	ActionSubmissionAcceptedOperation       OperationName = "ActionSubmissionAccepted"
 	ActionSubmissionSubmittedOperation      OperationName = "ActionSubmissionSubmitted"
 	ActionSubmissionUploadedOperation       OperationName = "ActionSubmissionUploaded"
 	ActionSubmissionValidatedOperation      OperationName = "ActionSubmissionValidated"
 	CreateMapfixOperation                   OperationName = "CreateMapfix"
 	CreateScriptOperation                   OperationName = "CreateScript"
 	CreateScriptPolicyOperation             OperationName = "CreateScriptPolicy"
 	CreateSubmissionOperation               OperationName = "CreateSubmission"
 	GetScriptOperation                      OperationName = "GetScript"
 	ListScriptPolicyOperation               OperationName = "ListScriptPolicy"
 	ListScriptsOperation                    OperationName = "ListScripts"
 	UpdateMapfixValidatedModelOperation     OperationName = "UpdateMapfixValidatedModel"
 	UpdateSubmissionValidatedModelOperation OperationName = "UpdateSubmissionValidatedModel"
 )
--- a/pkg/internal/oas_parameters_gen.go
+++ b/pkg/internal/oas_parameters_gen.go
--- a/pkg/internal/oas_request_decoders_gen.go
+++ b/pkg/internal/oas_request_decoders_gen.go
@@ -1,300 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"io"
 	"mime"
 	"net/http"
 	"github.com/go-faster/errors"
 	"github.com/go-faster/jx"
 	"go.uber.org/multierr"
 	"github.com/ogen-go/ogen/ogenerrors"
 	"github.com/ogen-go/ogen/validate"
 )
 func (s *Server) decodeCreateMapfixRequest(r *http.Request) (
 	req *MapfixCreate,
 	close func() error,
 	rerr error,
 ) {
 	var closers []func() error
 	close = func() error {
 		var merr error
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
 			merr = multierr.Append(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
 			rerr = multierr.Append(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
 	if err != nil {
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
 	case ct == "application/json":
 		if r.ContentLength == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		buf, err := io.ReadAll(r.Body)
 		if err != nil {
 			return req, close, err
 		}
 		if len(buf) == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		d := jx.DecodeBytes(buf)
 		var request MapfixCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
 				return errors.New("unexpected trailing data")
 			}
 			return nil
 		}(); err != nil {
 			err = &ogenerrors.DecodeBodyError{
 				ContentType: ct,
 				Body:        buf,
 				Err:         err,
 			}
 			return req, close, err
 		}
 		if err := func() error {
 			if err := request.Validate(); err != nil {
 				return err
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
 func (s *Server) decodeCreateScriptRequest(r *http.Request) (
 	req *ScriptCreate,
 	close func() error,
 	rerr error,
 ) {
 	var closers []func() error
 	close = func() error {
 		var merr error
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
 			merr = multierr.Append(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
 			rerr = multierr.Append(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
 	if err != nil {
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
 	case ct == "application/json":
 		if r.ContentLength == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		buf, err := io.ReadAll(r.Body)
 		if err != nil {
 			return req, close, err
 		}
 		if len(buf) == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		d := jx.DecodeBytes(buf)
 		var request ScriptCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
 				return errors.New("unexpected trailing data")
 			}
 			return nil
 		}(); err != nil {
 			err = &ogenerrors.DecodeBodyError{
 				ContentType: ct,
 				Body:        buf,
 				Err:         err,
 			}
 			return req, close, err
 		}
 		if err := func() error {
 			if err := request.Validate(); err != nil {
 				return err
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
 func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
 	req *ScriptPolicyCreate,
 	close func() error,
 	rerr error,
 ) {
 	var closers []func() error
 	close = func() error {
 		var merr error
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
 			merr = multierr.Append(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
 			rerr = multierr.Append(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
 	if err != nil {
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
 	case ct == "application/json":
 		if r.ContentLength == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		buf, err := io.ReadAll(r.Body)
 		if err != nil {
 			return req, close, err
 		}
 		if len(buf) == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		d := jx.DecodeBytes(buf)
 		var request ScriptPolicyCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
 				return errors.New("unexpected trailing data")
 			}
 			return nil
 		}(); err != nil {
 			err = &ogenerrors.DecodeBodyError{
 				ContentType: ct,
 				Body:        buf,
 				Err:         err,
 			}
 			return req, close, err
 		}
 		if err := func() error {
 			if err := request.Validate(); err != nil {
 				return err
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
 func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 	req *SubmissionCreate,
 	close func() error,
 	rerr error,
 ) {
 	var closers []func() error
 	close = func() error {
 		var merr error
 		// Close in reverse order, to match defer behavior.
 		for i := len(closers) - 1; i >= 0; i-- {
 			c := closers[i]
 			merr = multierr.Append(merr, c())
 		}
 		return merr
 	}
 	defer func() {
 		if rerr != nil {
 			rerr = multierr.Append(rerr, close())
 		}
 	}()
 	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
 	if err != nil {
 		return req, close, errors.Wrap(err, "parse media type")
 	}
 	switch {
 	case ct == "application/json":
 		if r.ContentLength == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		buf, err := io.ReadAll(r.Body)
 		if err != nil {
 			return req, close, err
 		}
 		if len(buf) == 0 {
 			return req, close, validate.ErrBodyRequired
 		}
 		d := jx.DecodeBytes(buf)
 		var request SubmissionCreate
 		if err := func() error {
 			if err := request.Decode(d); err != nil {
 				return err
 			}
 			if err := d.Skip(); err != io.EOF {
 				return errors.New("unexpected trailing data")
 			}
 			return nil
 		}(); err != nil {
 			err = &ogenerrors.DecodeBodyError{
 				ContentType: ct,
 				Body:        buf,
 				Err:         err,
 			}
 			return req, close, err
 		}
 		if err := func() error {
 			if err := request.Validate(); err != nil {
 				return err
 			}
 			return nil
 		}(); err != nil {
 			return req, close, errors.Wrap(err, "validate")
 		}
 		return &request, close, nil
 	default:
 		return req, close, validate.InvalidContentType(ct)
 	}
 }
--- a/pkg/internal/oas_request_encoders_gen.go
+++ b/pkg/internal/oas_request_encoders_gen.go
@@ -1,68 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"bytes"
 	"net/http"
 	"github.com/go-faster/jx"
 	ht "github.com/ogen-go/ogen/http"
 )
 func encodeCreateMapfixRequest(
 	req *MapfixCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
 		req.Encode(e)
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
 func encodeCreateScriptRequest(
 	req *ScriptCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
 		req.Encode(e)
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
 func encodeCreateScriptPolicyRequest(
 	req *ScriptPolicyCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
 		req.Encode(e)
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
 func encodeCreateSubmissionRequest(
 	req *SubmissionCreate,
 	r *http.Request,
 ) error {
 	const contentType = "application/json"
 	e := new(jx.Encoder)
 	{
 		req.Encode(e)
 	}
 	encoded := e.Bytes()
 	ht.SetBody(r, bytes.NewReader(encoded), contentType)
 	return nil
 }
--- a/pkg/internal/oas_response_decoders_gen.go
+++ b/pkg/internal/oas_response_decoders_gen.go
--- a/pkg/internal/oas_response_encoders_gen.go
+++ b/pkg/internal/oas_response_encoders_gen.go
@@ -1,224 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"net/http"
 	"github.com/go-faster/errors"
 	"github.com/go-faster/jx"
 	"go.opentelemetry.io/otel/codes"
 	"go.opentelemetry.io/otel/trace"
 	ht "github.com/ogen-go/ogen/http"
 )
 func encodeActionMapfixAcceptedResponse(response *ActionMapfixAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionMapfixSubmittedResponse(response *ActionMapfixSubmittedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionMapfixUploadedResponse(response *ActionMapfixUploadedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionMapfixValidatedResponse(response *ActionMapfixValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionOperationFailedResponse(response *ActionOperationFailedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionSubmissionSubmittedResponse(response *ActionSubmissionSubmittedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionSubmissionUploadedResponse(response *ActionSubmissionUploadedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeCreateMapfixResponse(response *MapfixID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeCreateScriptResponse(response *ScriptID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeCreateScriptPolicyResponse(response *ScriptPolicyID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeCreateSubmissionResponse(response *SubmissionID, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(201)
 	span.SetStatus(codes.Ok, http.StatusText(201))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeGetScriptResponse(response *Script, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
 	e := new(jx.Encoder)
 	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
 	e := new(jx.Encoder)
 	e.ArrStart()
 	for _, elem := range response {
 		elem.Encode(e)
 	}
 	e.ArrEnd()
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
 	e := new(jx.Encoder)
 	e.ArrStart()
 	for _, elem := range response {
 		elem.Encode(e)
 	}
 	e.ArrEnd()
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	return nil
 }
 func encodeUpdateMapfixValidatedModelResponse(response *UpdateMapfixValidatedModelNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeUpdateSubmissionValidatedModelResponse(response *UpdateSubmissionValidatedModelNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
 	return nil
 }
 func encodeErrorResponse(response *ErrorStatusCode, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	code := response.StatusCode
 	if code == 0 {
 		// Set default status code.
 		code = http.StatusOK
 	}
 	w.WriteHeader(code)
 	if st := http.StatusText(code); code >= http.StatusBadRequest {
 		span.SetStatus(codes.Error, st)
 	} else {
 		span.SetStatus(codes.Ok, st)
 	}
 	e := new(jx.Encoder)
 	response.Response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
 	if code >= http.StatusInternalServerError {
 		return errors.Wrapf(ht.ErrInternalServerErrorResponse, "code: %d, message: %s", code, http.StatusText(code))
 	}
 	return nil
 }
--- a/pkg/internal/oas_router_gen.go
+++ b/pkg/internal/oas_router_gen.go
--- a/pkg/internal/oas_schemas_gen.go
+++ b/pkg/internal/oas_schemas_gen.go
@@ -1,671 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"fmt"
 )
 func (s *ErrorStatusCode) Error() string {
 	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
 }
 // ActionMapfixAcceptedNoContent is response for ActionMapfixAccepted operation.
 type ActionMapfixAcceptedNoContent struct{}
 // ActionMapfixSubmittedNoContent is response for ActionMapfixSubmitted operation.
 type ActionMapfixSubmittedNoContent struct{}
 // ActionMapfixUploadedNoContent is response for ActionMapfixUploaded operation.
 type ActionMapfixUploadedNoContent struct{}
 // ActionMapfixValidatedNoContent is response for ActionMapfixValidated operation.
 type ActionMapfixValidatedNoContent struct{}
 // ActionOperationFailedNoContent is response for ActionOperationFailed operation.
 type ActionOperationFailedNoContent struct{}
 // ActionSubmissionAcceptedNoContent is response for ActionSubmissionAccepted operation.
 type ActionSubmissionAcceptedNoContent struct{}
 // ActionSubmissionSubmittedNoContent is response for ActionSubmissionSubmitted operation.
 type ActionSubmissionSubmittedNoContent struct{}
 // ActionSubmissionUploadedNoContent is response for ActionSubmissionUploaded operation.
 type ActionSubmissionUploadedNoContent struct{}
 // ActionSubmissionValidatedNoContent is response for ActionSubmissionValidated operation.
 type ActionSubmissionValidatedNoContent struct{}
 // Represents error object.
 // Ref: #/components/schemas/Error
 type Error struct {
 	Code    int64  `json:"code"`
 	Message string `json:"message"`
 }
 // GetCode returns the value of Code.
 func (s *Error) GetCode() int64 {
 	return s.Code
 }
 // GetMessage returns the value of Message.
 func (s *Error) GetMessage() string {
 	return s.Message
 }
 // SetCode sets the value of Code.
 func (s *Error) SetCode(val int64) {
 	s.Code = val
 }
 // SetMessage sets the value of Message.
 func (s *Error) SetMessage(val string) {
 	s.Message = val
 }
 // ErrorStatusCode wraps Error with StatusCode.
 type ErrorStatusCode struct {
 	StatusCode int
 	Response   Error
 }
 // GetStatusCode returns the value of StatusCode.
 func (s *ErrorStatusCode) GetStatusCode() int {
 	return s.StatusCode
 }
 // GetResponse returns the value of Response.
 func (s *ErrorStatusCode) GetResponse() Error {
 	return s.Response
 }
 // SetStatusCode sets the value of StatusCode.
 func (s *ErrorStatusCode) SetStatusCode(val int) {
 	s.StatusCode = val
 }
 // SetResponse sets the value of Response.
 func (s *ErrorStatusCode) SetResponse(val Error) {
 	s.Response = val
 }
 // Ref: #/components/schemas/MapfixCreate
 type MapfixCreate struct {
 	OperationID   int32  `json:"OperationID"`
 	AssetOwner    int64  `json:"AssetOwner"`
 	DisplayName   string `json:"DisplayName"`
 	Creator       string `json:"Creator"`
 	GameID        int32  `json:"GameID"`
 	AssetID       int64  `json:"AssetID"`
 	AssetVersion  int64  `json:"AssetVersion"`
 	TargetAssetID int64  `json:"TargetAssetID"`
 }
 // GetOperationID returns the value of OperationID.
 func (s *MapfixCreate) GetOperationID() int32 {
 	return s.OperationID
 }
 // GetAssetOwner returns the value of AssetOwner.
 func (s *MapfixCreate) GetAssetOwner() int64 {
 	return s.AssetOwner
 }
 // GetDisplayName returns the value of DisplayName.
 func (s *MapfixCreate) GetDisplayName() string {
 	return s.DisplayName
 }
 // GetCreator returns the value of Creator.
 func (s *MapfixCreate) GetCreator() string {
 	return s.Creator
 }
 // GetGameID returns the value of GameID.
 func (s *MapfixCreate) GetGameID() int32 {
 	return s.GameID
 }
 // GetAssetID returns the value of AssetID.
 func (s *MapfixCreate) GetAssetID() int64 {
 	return s.AssetID
 }
 // GetAssetVersion returns the value of AssetVersion.
 func (s *MapfixCreate) GetAssetVersion() int64 {
 	return s.AssetVersion
 }
 // GetTargetAssetID returns the value of TargetAssetID.
 func (s *MapfixCreate) GetTargetAssetID() int64 {
 	return s.TargetAssetID
 }
 // SetOperationID sets the value of OperationID.
 func (s *MapfixCreate) SetOperationID(val int32) {
 	s.OperationID = val
 }
 // SetAssetOwner sets the value of AssetOwner.
 func (s *MapfixCreate) SetAssetOwner(val int64) {
 	s.AssetOwner = val
 }
 // SetDisplayName sets the value of DisplayName.
 func (s *MapfixCreate) SetDisplayName(val string) {
 	s.DisplayName = val
 }
 // SetCreator sets the value of Creator.
 func (s *MapfixCreate) SetCreator(val string) {
 	s.Creator = val
 }
 // SetGameID sets the value of GameID.
 func (s *MapfixCreate) SetGameID(val int32) {
 	s.GameID = val
 }
 // SetAssetID sets the value of AssetID.
 func (s *MapfixCreate) SetAssetID(val int64) {
 	s.AssetID = val
 }
 // SetAssetVersion sets the value of AssetVersion.
 func (s *MapfixCreate) SetAssetVersion(val int64) {
 	s.AssetVersion = val
 }
 // SetTargetAssetID sets the value of TargetAssetID.
 func (s *MapfixCreate) SetTargetAssetID(val int64) {
 	s.TargetAssetID = val
 }
 // Ref: #/components/schemas/MapfixID
 type MapfixID struct {
 	MapfixID int64 `json:"MapfixID"`
 }
 // GetMapfixID returns the value of MapfixID.
 func (s *MapfixID) GetMapfixID() int64 {
 	return s.MapfixID
 }
 // SetMapfixID sets the value of MapfixID.
 func (s *MapfixID) SetMapfixID(val int64) {
 	s.MapfixID = val
 }
 // NewOptInt32 returns new OptInt32 with value set to v.
 func NewOptInt32(v int32) OptInt32 {
 	return OptInt32{
 		Value: v,
 		Set:   true,
 	}
 }
 // OptInt32 is optional int32.
 type OptInt32 struct {
 	Value int32
 	Set   bool
 }
 // IsSet returns true if OptInt32 was set.
 func (o OptInt32) IsSet() bool { return o.Set }
 // Reset unsets value.
 func (o *OptInt32) Reset() {
 	var v int32
 	o.Value = v
 	o.Set = false
 }
 // SetTo sets value to v.
 func (o *OptInt32) SetTo(v int32) {
 	o.Set = true
 	o.Value = v
 }
 // Get returns value and boolean that denotes whether value was set.
 func (o OptInt32) Get() (v int32, ok bool) {
 	if !o.Set {
 		return v, false
 	}
 	return o.Value, true
 }
 // Or returns value if set, or given parameter if does not.
 func (o OptInt32) Or(d int32) int32 {
 	if v, ok := o.Get(); ok {
 		return v
 	}
 	return d
 }
 // NewOptInt64 returns new OptInt64 with value set to v.
 func NewOptInt64(v int64) OptInt64 {
 	return OptInt64{
 		Value: v,
 		Set:   true,
 	}
 }
 // OptInt64 is optional int64.
 type OptInt64 struct {
 	Value int64
 	Set   bool
 }
 // IsSet returns true if OptInt64 was set.
 func (o OptInt64) IsSet() bool { return o.Set }
 // Reset unsets value.
 func (o *OptInt64) Reset() {
 	var v int64
 	o.Value = v
 	o.Set = false
 }
 // SetTo sets value to v.
 func (o *OptInt64) SetTo(v int64) {
 	o.Set = true
 	o.Value = v
 }
 // Get returns value and boolean that denotes whether value was set.
 func (o OptInt64) Get() (v int64, ok bool) {
 	if !o.Set {
 		return v, false
 	}
 	return o.Value, true
 }
 // Or returns value if set, or given parameter if does not.
 func (o OptInt64) Or(d int64) int64 {
 	if v, ok := o.Get(); ok {
 		return v
 	}
 	return d
 }
 // NewOptString returns new OptString with value set to v.
 func NewOptString(v string) OptString {
 	return OptString{
 		Value: v,
 		Set:   true,
 	}
 }
 // OptString is optional string.
 type OptString struct {
 	Value string
 	Set   bool
 }
 // IsSet returns true if OptString was set.
 func (o OptString) IsSet() bool { return o.Set }
 // Reset unsets value.
 func (o *OptString) Reset() {
 	var v string
 	o.Value = v
 	o.Set = false
 }
 // SetTo sets value to v.
 func (o *OptString) SetTo(v string) {
 	o.Set = true
 	o.Value = v
 }
 // Get returns value and boolean that denotes whether value was set.
 func (o OptString) Get() (v string, ok bool) {
 	if !o.Set {
 		return v, false
 	}
 	return o.Value, true
 }
 // Or returns value if set, or given parameter if does not.
 func (o OptString) Or(d string) string {
 	if v, ok := o.Get(); ok {
 		return v
 	}
 	return d
 }
 // Ref: #/components/schemas/Script
 type Script struct {
 	ID           int64  `json:"ID"`
 	Name         string `json:"Name"`
 	Hash         string `json:"Hash"`
 	Source       string `json:"Source"`
 	ResourceType int32  `json:"ResourceType"`
 	ResourceID   int64  `json:"ResourceID"`
 }
 // GetID returns the value of ID.
 func (s *Script) GetID() int64 {
 	return s.ID
 }
 // GetName returns the value of Name.
 func (s *Script) GetName() string {
 	return s.Name
 }
 // GetHash returns the value of Hash.
 func (s *Script) GetHash() string {
 	return s.Hash
 }
 // GetSource returns the value of Source.
 func (s *Script) GetSource() string {
 	return s.Source
 }
 // GetResourceType returns the value of ResourceType.
 func (s *Script) GetResourceType() int32 {
 	return s.ResourceType
 }
 // GetResourceID returns the value of ResourceID.
 func (s *Script) GetResourceID() int64 {
 	return s.ResourceID
 }
 // SetID sets the value of ID.
 func (s *Script) SetID(val int64) {
 	s.ID = val
 }
 // SetName sets the value of Name.
 func (s *Script) SetName(val string) {
 	s.Name = val
 }
 // SetHash sets the value of Hash.
 func (s *Script) SetHash(val string) {
 	s.Hash = val
 }
 // SetSource sets the value of Source.
 func (s *Script) SetSource(val string) {
 	s.Source = val
 }
 // SetResourceType sets the value of ResourceType.
 func (s *Script) SetResourceType(val int32) {
 	s.ResourceType = val
 }
 // SetResourceID sets the value of ResourceID.
 func (s *Script) SetResourceID(val int64) {
 	s.ResourceID = val
 }
 // Ref: #/components/schemas/ScriptCreate
 type ScriptCreate struct {
 	Name         string   `json:"Name"`
 	Source       string   `json:"Source"`
 	ResourceType int32    `json:"ResourceType"`
 	ResourceID   OptInt64 `json:"ResourceID"`
 }
 // GetName returns the value of Name.
 func (s *ScriptCreate) GetName() string {
 	return s.Name
 }
 // GetSource returns the value of Source.
 func (s *ScriptCreate) GetSource() string {
 	return s.Source
 }
 // GetResourceType returns the value of ResourceType.
 func (s *ScriptCreate) GetResourceType() int32 {
 	return s.ResourceType
 }
 // GetResourceID returns the value of ResourceID.
 func (s *ScriptCreate) GetResourceID() OptInt64 {
 	return s.ResourceID
 }
 // SetName sets the value of Name.
 func (s *ScriptCreate) SetName(val string) {
 	s.Name = val
 }
 // SetSource sets the value of Source.
 func (s *ScriptCreate) SetSource(val string) {
 	s.Source = val
 }
 // SetResourceType sets the value of ResourceType.
 func (s *ScriptCreate) SetResourceType(val int32) {
 	s.ResourceType = val
 }
 // SetResourceID sets the value of ResourceID.
 func (s *ScriptCreate) SetResourceID(val OptInt64) {
 	s.ResourceID = val
 }
 // Ref: #/components/schemas/ScriptID
 type ScriptID struct {
 	ScriptID int64 `json:"ScriptID"`
 }
 // GetScriptID returns the value of ScriptID.
 func (s *ScriptID) GetScriptID() int64 {
 	return s.ScriptID
 }
 // SetScriptID sets the value of ScriptID.
 func (s *ScriptID) SetScriptID(val int64) {
 	s.ScriptID = val
 }
 // Ref: #/components/schemas/ScriptPolicy
 type ScriptPolicy struct {
 	ID             int64  `json:"ID"`
 	FromScriptHash string `json:"FromScriptHash"`
 	ToScriptID     int64  `json:"ToScriptID"`
 	Policy         int32  `json:"Policy"`
 }
 // GetID returns the value of ID.
 func (s *ScriptPolicy) GetID() int64 {
 	return s.ID
 }
 // GetFromScriptHash returns the value of FromScriptHash.
 func (s *ScriptPolicy) GetFromScriptHash() string {
 	return s.FromScriptHash
 }
 // GetToScriptID returns the value of ToScriptID.
 func (s *ScriptPolicy) GetToScriptID() int64 {
 	return s.ToScriptID
 }
 // GetPolicy returns the value of Policy.
 func (s *ScriptPolicy) GetPolicy() int32 {
 	return s.Policy
 }
 // SetID sets the value of ID.
 func (s *ScriptPolicy) SetID(val int64) {
 	s.ID = val
 }
 // SetFromScriptHash sets the value of FromScriptHash.
 func (s *ScriptPolicy) SetFromScriptHash(val string) {
 	s.FromScriptHash = val
 }
 // SetToScriptID sets the value of ToScriptID.
 func (s *ScriptPolicy) SetToScriptID(val int64) {
 	s.ToScriptID = val
 }
 // SetPolicy sets the value of Policy.
 func (s *ScriptPolicy) SetPolicy(val int32) {
 	s.Policy = val
 }
 // Ref: #/components/schemas/ScriptPolicyCreate
 type ScriptPolicyCreate struct {
 	FromScriptID int64 `json:"FromScriptID"`
 	ToScriptID   int64 `json:"ToScriptID"`
 	Policy       int32 `json:"Policy"`
 }
 // GetFromScriptID returns the value of FromScriptID.
 func (s *ScriptPolicyCreate) GetFromScriptID() int64 {
 	return s.FromScriptID
 }
 // GetToScriptID returns the value of ToScriptID.
 func (s *ScriptPolicyCreate) GetToScriptID() int64 {
 	return s.ToScriptID
 }
 // GetPolicy returns the value of Policy.
 func (s *ScriptPolicyCreate) GetPolicy() int32 {
 	return s.Policy
 }
 // SetFromScriptID sets the value of FromScriptID.
 func (s *ScriptPolicyCreate) SetFromScriptID(val int64) {
 	s.FromScriptID = val
 }
 // SetToScriptID sets the value of ToScriptID.
 func (s *ScriptPolicyCreate) SetToScriptID(val int64) {
 	s.ToScriptID = val
 }
 // SetPolicy sets the value of Policy.
 func (s *ScriptPolicyCreate) SetPolicy(val int32) {
 	s.Policy = val
 }
 // Ref: #/components/schemas/ScriptPolicyID
 type ScriptPolicyID struct {
 	ScriptPolicyID int64 `json:"ScriptPolicyID"`
 }
 // GetScriptPolicyID returns the value of ScriptPolicyID.
 func (s *ScriptPolicyID) GetScriptPolicyID() int64 {
 	return s.ScriptPolicyID
 }
 // SetScriptPolicyID sets the value of ScriptPolicyID.
 func (s *ScriptPolicyID) SetScriptPolicyID(val int64) {
 	s.ScriptPolicyID = val
 }
 // Ref: #/components/schemas/SubmissionCreate
 type SubmissionCreate struct {
 	OperationID  int32  `json:"OperationID"`
 	AssetOwner   int64  `json:"AssetOwner"`
 	DisplayName  string `json:"DisplayName"`
 	Creator      string `json:"Creator"`
 	GameID       int32  `json:"GameID"`
 	AssetID      int64  `json:"AssetID"`
 	AssetVersion int64  `json:"AssetVersion"`
 }
 // GetOperationID returns the value of OperationID.
 func (s *SubmissionCreate) GetOperationID() int32 {
 	return s.OperationID
 }
 // GetAssetOwner returns the value of AssetOwner.
 func (s *SubmissionCreate) GetAssetOwner() int64 {
 	return s.AssetOwner
 }
 // GetDisplayName returns the value of DisplayName.
 func (s *SubmissionCreate) GetDisplayName() string {
 	return s.DisplayName
 }
 // GetCreator returns the value of Creator.
 func (s *SubmissionCreate) GetCreator() string {
 	return s.Creator
 }
 // GetGameID returns the value of GameID.
 func (s *SubmissionCreate) GetGameID() int32 {
 	return s.GameID
 }
 // GetAssetID returns the value of AssetID.
 func (s *SubmissionCreate) GetAssetID() int64 {
 	return s.AssetID
 }
 // GetAssetVersion returns the value of AssetVersion.
 func (s *SubmissionCreate) GetAssetVersion() int64 {
 	return s.AssetVersion
 }
 // SetOperationID sets the value of OperationID.
 func (s *SubmissionCreate) SetOperationID(val int32) {
 	s.OperationID = val
 }
 // SetAssetOwner sets the value of AssetOwner.
 func (s *SubmissionCreate) SetAssetOwner(val int64) {
 	s.AssetOwner = val
 }
 // SetDisplayName sets the value of DisplayName.
 func (s *SubmissionCreate) SetDisplayName(val string) {
 	s.DisplayName = val
 }
 // SetCreator sets the value of Creator.
 func (s *SubmissionCreate) SetCreator(val string) {
 	s.Creator = val
 }
 // SetGameID sets the value of GameID.
 func (s *SubmissionCreate) SetGameID(val int32) {
 	s.GameID = val
 }
 // SetAssetID sets the value of AssetID.
 func (s *SubmissionCreate) SetAssetID(val int64) {
 	s.AssetID = val
 }
 // SetAssetVersion sets the value of AssetVersion.
 func (s *SubmissionCreate) SetAssetVersion(val int64) {
 	s.AssetVersion = val
 }
 // Ref: #/components/schemas/SubmissionID
 type SubmissionID struct {
 	SubmissionID int64 `json:"SubmissionID"`
 }
 // GetSubmissionID returns the value of SubmissionID.
 func (s *SubmissionID) GetSubmissionID() int64 {
 	return s.SubmissionID
 }
 // SetSubmissionID sets the value of SubmissionID.
 func (s *SubmissionID) SetSubmissionID(val int64) {
 	s.SubmissionID = val
 }
 // UpdateMapfixValidatedModelNoContent is response for UpdateMapfixValidatedModel operation.
 type UpdateMapfixValidatedModelNoContent struct{}
 // UpdateSubmissionValidatedModelNoContent is response for UpdateSubmissionValidatedModel operation.
 type UpdateSubmissionValidatedModelNoContent struct{}
--- a/pkg/internal/oas_server_gen.go
+++ b/pkg/internal/oas_server_gen.go
@@ -1,142 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"context"
 )
 // Handler handles operations described by OpenAPI v3 specification.
 type Handler interface {
 	// ActionMapfixAccepted implements actionMapfixAccepted operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 	//
 	// POST /mapfixes/{MapfixID}/status/validator-failed
 	ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error
 	// ActionMapfixSubmitted implements actionMapfixSubmitted operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
 	//
 	// POST /mapfixes/{MapfixID}/status/validator-submitted
 	ActionMapfixSubmitted(ctx context.Context, params ActionMapfixSubmittedParams) error
 	// ActionMapfixUploaded implements actionMapfixUploaded operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 	//
 	// POST /mapfixes/{MapfixID}/status/validator-uploaded
 	ActionMapfixUploaded(ctx context.Context, params ActionMapfixUploadedParams) error
 	// ActionMapfixValidated implements actionMapfixValidated operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Validating -> Validated.
 	//
 	// POST /mapfixes/{MapfixID}/status/validator-validated
 	ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error
 	// ActionOperationFailed implements actionOperationFailed operation.
 	//
 	// (Internal endpoint) Fail an operation and write a StatusMessage.
 	//
 	// POST /operations/{OperationID}/status/operation-failed
 	ActionOperationFailed(ctx context.Context, params ActionOperationFailedParams) error
 	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 	//
 	// POST /submissions/{SubmissionID}/status/validator-failed
 	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
 	// ActionSubmissionSubmitted implements actionSubmissionSubmitted operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
 	//
 	// POST /submissions/{SubmissionID}/status/validator-submitted
 	ActionSubmissionSubmitted(ctx context.Context, params ActionSubmissionSubmittedParams) error
 	// ActionSubmissionUploaded implements actionSubmissionUploaded operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 	//
 	// POST /submissions/{SubmissionID}/status/validator-uploaded
 	ActionSubmissionUploaded(ctx context.Context, params ActionSubmissionUploadedParams) error
 	// ActionSubmissionValidated implements actionSubmissionValidated operation.
 	//
 	// (Internal endpoint) Role Validator changes status from Validating -> Validated.
 	//
 	// POST /submissions/{SubmissionID}/status/validator-validated
 	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
 	// CreateMapfix implements createMapfix operation.
 	//
 	// Create a mapfix.
 	//
 	// POST /mapfixes
 	CreateMapfix(ctx context.Context, req *MapfixCreate) (*MapfixID, error)
 	// CreateScript implements createScript operation.
 	//
 	// Create a new script.
 	//
 	// POST /scripts
 	CreateScript(ctx context.Context, req *ScriptCreate) (*ScriptID, error)
 	// CreateScriptPolicy implements createScriptPolicy operation.
 	//
 	// Create a new script policy.
 	//
 	// POST /script-policy
 	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ScriptPolicyID, error)
 	// CreateSubmission implements createSubmission operation.
 	//
 	// Create a new submission.
 	//
 	// POST /submissions
 	CreateSubmission(ctx context.Context, req *SubmissionCreate) (*SubmissionID, error)
 	// GetScript implements getScript operation.
 	//
 	// Get the specified script by ID.
 	//
 	// GET /scripts/{ScriptID}
 	GetScript(ctx context.Context, params GetScriptParams) (*Script, error)
 	// ListScriptPolicy implements listScriptPolicy operation.
 	//
 	// Get list of script policies.
 	//
 	// GET /script-policy
 	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
 	// ListScripts implements listScripts operation.
 	//
 	// Get list of scripts.
 	//
 	// GET /scripts
 	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
 	// UpdateMapfixValidatedModel implements updateMapfixValidatedModel operation.
 	//
 	// Update validated model.
 	//
 	// POST /mapfixes/{MapfixID}/validated-model
 	UpdateMapfixValidatedModel(ctx context.Context, params UpdateMapfixValidatedModelParams) error
 	// UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
 	//
 	// Update validated model.
 	//
 	// POST /submissions/{SubmissionID}/validated-model
 	UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error
 	// NewError creates *ErrorStatusCode from error returned by handler.
 	//
 	// Used for common default response.
 	NewError(ctx context.Context, err error) *ErrorStatusCode
 }
 // Server implements http server based on OpenAPI v3 specification and
 // calls Handler to handle requests.
 type Server struct {
 	h Handler
 	baseServer
 }
 // NewServer creates new Server.
 func NewServer(h Handler, opts ...ServerOption) (*Server, error) {
 	s, err := newServerConfig(opts...).baseServer()
 	if err != nil {
 		return nil, err
 	}
 	return &Server{
 		h:          h,
 		baseServer: s,
 	}, nil
 }
--- a/pkg/internal/oas_unimplemented_gen.go
+++ b/pkg/internal/oas_unimplemented_gen.go
@@ -1,184 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"context"
 	ht "github.com/ogen-go/ogen/http"
 )
 // UnimplementedHandler is no-op Handler which returns http.ErrNotImplemented.
 type UnimplementedHandler struct{}
 var _ Handler = UnimplementedHandler{}
 // ActionMapfixAccepted implements actionMapfixAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-failed
 func (UnimplementedHandler) ActionMapfixAccepted(ctx context.Context, params ActionMapfixAcceptedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionMapfixSubmitted implements actionMapfixSubmitted operation.
 //
 // (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-submitted
 func (UnimplementedHandler) ActionMapfixSubmitted(ctx context.Context, params ActionMapfixSubmittedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionMapfixUploaded implements actionMapfixUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /mapfixes/{MapfixID}/status/validator-uploaded
 func (UnimplementedHandler) ActionMapfixUploaded(ctx context.Context, params ActionMapfixUploadedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionMapfixValidated implements actionMapfixValidated operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Validated.
 //
 // POST /mapfixes/{MapfixID}/status/validator-validated
 func (UnimplementedHandler) ActionMapfixValidated(ctx context.Context, params ActionMapfixValidatedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionOperationFailed implements actionOperationFailed operation.
 //
 // (Internal endpoint) Fail an operation and write a StatusMessage.
 //
 // POST /operations/{OperationID}/status/operation-failed
 func (UnimplementedHandler) ActionOperationFailed(ctx context.Context, params ActionOperationFailedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionAccepted implements actionSubmissionAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /submissions/{SubmissionID}/status/validator-failed
 func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionSubmitted implements actionSubmissionSubmitted operation.
 //
 // (Internal endpoint) Role Validator changes status from Submitting -> Submitted.
 //
 // POST /submissions/{SubmissionID}/status/validator-submitted
 func (UnimplementedHandler) ActionSubmissionSubmitted(ctx context.Context, params ActionSubmissionSubmittedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionUploaded implements actionSubmissionUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /submissions/{SubmissionID}/status/validator-uploaded
 func (UnimplementedHandler) ActionSubmissionUploaded(ctx context.Context, params ActionSubmissionUploadedParams) error {
 	return ht.ErrNotImplemented
 }
 // ActionSubmissionValidated implements actionSubmissionValidated operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Validated.
 //
 // POST /submissions/{SubmissionID}/status/validator-validated
 func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error {
 	return ht.ErrNotImplemented
 }
 // CreateMapfix implements createMapfix operation.
 //
 // Create a mapfix.
 //
 // POST /mapfixes
 func (UnimplementedHandler) CreateMapfix(ctx context.Context, req *MapfixCreate) (r *MapfixID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // CreateScript implements createScript operation.
 //
 // Create a new script.
 //
 // POST /scripts
 func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ScriptID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // CreateScriptPolicy implements createScriptPolicy operation.
 //
 // Create a new script policy.
 //
 // POST /script-policy
 func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ScriptPolicyID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // CreateSubmission implements createSubmission operation.
 //
 // Create a new submission.
 //
 // POST /submissions
 func (UnimplementedHandler) CreateSubmission(ctx context.Context, req *SubmissionCreate) (r *SubmissionID, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // GetScript implements getScript operation.
 //
 // Get the specified script by ID.
 //
 // GET /scripts/{ScriptID}
 func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParams) (r *Script, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
 func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // ListScripts implements listScripts operation.
 //
 // Get list of scripts.
 //
 // GET /scripts
 func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
 	return r, ht.ErrNotImplemented
 }
 // UpdateMapfixValidatedModel implements updateMapfixValidatedModel operation.
 //
 // Update validated model.
 //
 // POST /mapfixes/{MapfixID}/validated-model
 func (UnimplementedHandler) UpdateMapfixValidatedModel(ctx context.Context, params UpdateMapfixValidatedModelParams) error {
 	return ht.ErrNotImplemented
 }
 // UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
 //
 // Update validated model.
 //
 // POST /submissions/{SubmissionID}/validated-model
 func (UnimplementedHandler) UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error {
 	return ht.ErrNotImplemented
 }
 // NewError creates *ErrorStatusCode from error returned by handler.
 //
 // Used for common default response.
 func (UnimplementedHandler) NewError(ctx context.Context, err error) (r *ErrorStatusCode) {
 	r = new(ErrorStatusCode)
 	return r
 }
--- a/pkg/internal/oas_validators_gen.go
+++ b/pkg/internal/oas_validators_gen.go
@@ -1,901 +0,0 @@
 // Code generated by ogen, DO NOT EDIT.
 package api
 import (
 	"github.com/go-faster/errors"
 	"github.com/ogen-go/ogen/validate"
 )
 func (s *Error) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.Code)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "code",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ErrorStatusCode) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := s.Response.Validate(); err != nil {
 			return err
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Response",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *MapfixCreate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.OperationID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "OperationID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetOwner)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetOwner",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.DisplayName)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "DisplayName",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Creator)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Creator",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.GameID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "GameID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetVersion)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetVersion",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.TargetAssetID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "TargetAssetID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *MapfixID) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.MapfixID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "MapfixID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *Script) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Name)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Name",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    16,
 			MinLengthSet: true,
 			MaxLength:    16,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Hash)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Hash",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    1048576,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Source)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Source",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ResourceType)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ResourceType",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ResourceID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ResourceID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ScriptCreate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Name)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Name",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    1048576,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Source)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Source",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ResourceType)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ResourceType",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if value, ok := s.ResourceID.Get(); ok {
 			if err := func() error {
 				if err := (validate.Int{
 					MinSet:        true,
 					Min:           0,
 					MaxSet:        false,
 					Max:           0,
 					MinExclusive:  false,
 					MaxExclusive:  false,
 					MultipleOfSet: false,
 					MultipleOf:    0,
 				}).Validate(int64(value)); err != nil {
 					return errors.Wrap(err, "int")
 				}
 				return nil
 			}(); err != nil {
 				return err
 			}
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ResourceID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ScriptID) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ScriptID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ScriptID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ScriptPolicy) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    16,
 			MinLengthSet: true,
 			MaxLength:    16,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.FromScriptHash)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "FromScriptHash",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ToScriptID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ToScriptID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.Policy)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Policy",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ScriptPolicyCreate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.FromScriptID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "FromScriptID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ToScriptID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ToScriptID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.Policy)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Policy",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *ScriptPolicyID) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.ScriptPolicyID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "ScriptPolicyID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *SubmissionCreate) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.OperationID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "OperationID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetOwner)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetOwner",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.DisplayName)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "DisplayName",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
 			MinLengthSet: false,
 			MaxLength:    128,
 			MaxLengthSet: true,
 			Email:        false,
 			Hostname:     false,
 			Regex:        nil,
 		}).Validate(string(s.Creator)); err != nil {
 			return errors.Wrap(err, "string")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "Creator",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.GameID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "GameID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetID",
 			Error: err,
 		})
 	}
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.AssetVersion)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "AssetVersion",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
 func (s *SubmissionID) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}
 	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.Int{
 			MinSet:        true,
 			Min:           0,
 			MaxSet:        false,
 			Max:           0,
 			MinExclusive:  false,
 			MaxExclusive:  false,
 			MultipleOfSet: false,
 			MultipleOf:    0,
 		}).Validate(int64(s.SubmissionID)); err != nil {
 			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
 			Name:  "SubmissionID",
 			Error: err,
 		})
 	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
 	return nil
 }
--- a/pkg/model/audit_event.go
+++ b/pkg/model/audit_event.go
@@ -2,9 +2,12 @@ package model
 import (
 	"encoding/json"
 	"math"
 	"time"
 )
 const ValidatorUserID uint64 = uint64(math.MaxInt64)
 type AuditEventType int32
 // User clicked "Submit", "Accept" etc
@@ -42,6 +45,25 @@ type AuditEventDataChangeName struct {
 	NewName string `json:"new_name"`
 }
 // Validator had an error
 const AuditEventTypeError   AuditEventType = 6
 type AuditEventDataError struct {
 	Error string `json:"error"`
 }
 type Check struct {
 	Name    string `json:"name"`
 	Summary string `json:"summary"`
 	Passed  bool   `json:"passed"`
 }
 // Validator map checks details
 const AuditEventTypeCheckList AuditEventType = 7
 type AuditEventDataCheckList struct {
 	CheckList []Check `json:"check_list"`
 }
 type AuditEvent struct {
 	ID           int64 `gorm:"primaryKey"`
 	CreatedAt    time.Time
--- a/pkg/model/map.go
+++ b/pkg/model/map.go
@@ -0,0 +1,18 @@
 package model
 import "time"
 type Map struct {
 	ID           int64
 	DisplayName  string
 	Creator      string
 	GameID       uint32
 	Date         time.Time // Release date
 	CreatedAt    time.Time
 	UpdatedAt    time.Time
 	Submitter    uint64    // UserID of submitter
 	Thumbnail    uint64    // AssetID of thumbnail
 	AssetVersion uint64    // Version number for LoadAssetVersion
 	LoadCount    uint32    // How many times the map has been loaded
 	Modes        uint32    // Number of modes (always at least one)
 }
--- a/pkg/model/mapfix.go
+++ b/pkg/model/mapfix.go
@@ -39,5 +39,5 @@ type Mapfix struct {
 	Completed     bool   // Has this version of the map been completed at least once on maptest
 	TargetAssetID uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
 	StatusID      MapfixStatus
-	StatusMessage string
+	Description   string // mapfix description
 }
--- a/pkg/model/nats.go
+++ b/pkg/model/nats.go
@@ -9,12 +9,31 @@ type CreateSubmissionRequest struct {
 	// operation_id is passed back in the response message
 	OperationID    int32
 	ModelID       uint64
 	DisplayName   string
 	Creator       string
 	GameID        uint32
 	Status        uint32
 	Roles         uint32
 }
 type CreateMapfixRequest struct {
 	OperationID    int32
 	ModelID       uint64
 	TargetAssetID uint64
 	Description   string
 }
 type CheckSubmissionRequest struct{
 	SubmissionID int64
 	ModelID      uint64
 	SkipChecks   bool
 }
 type CheckMapfixRequest struct{
 	MapfixID   int64
 	ModelID    uint64
 	SkipChecks bool
 }
 type ValidateSubmissionRequest struct {
--- a/pkg/model/resource.go
+++ b/pkg/model/resource.go
@@ -0,0 +1,13 @@
 package model
 type ResourceType int32
 const (
 	ResourceUnknown    ResourceType = 0
 	ResourceMapfix     ResourceType = 1
 	ResourceSubmission ResourceType = 2
 )
 type Resource struct{
 	ID int64
 	Type ResourceType
 }
--- a/pkg/model/roles.go
+++ b/pkg/model/roles.go
@@ -0,0 +1,33 @@
 package model
 // Submissions roles bitflag
 type Roles int32
 var (
 	RolesSubmissionUpload Roles = 1<<6
 	RolesSubmissionReview Roles = 1<<5
 	RolesSubmissionRelease Roles = 1<<4
 	RolesScriptWrite Roles = 1<<3
 	RolesMapfixUpload Roles = 1<<2
 	RolesMapfixReview Roles = 1<<1
 	RolesMapDownload Roles = 1<<0
 	RolesEmpty Roles = 0
 )
 // StrafesNET group roles
 type GroupRole int32
 var (
 	// has ScriptWrite
 	RoleQuat GroupRole = 255
 	RoleItzaname GroupRole = 254
 	RoleStagingDeveloper GroupRole = 240
 	RolesAll Roles = ^RolesEmpty
 	// has SubmissionUpload
 	RoleMapAdmin GroupRole = 128
 	RolesMapAdmin Roles = RolesSubmissionRelease|RolesSubmissionUpload|RolesSubmissionReview|RolesMapCouncil
 	// has MapfixReview
 	RoleMapCouncil GroupRole = 64
 	RolesMapCouncil Roles = RolesMapfixReview|RolesMapfixUpload|RolesMapAccess
 	// access to downloading maps
 	RoleMapAccess GroupRole = 32
 	RolesMapAccess Roles = RolesMapDownload
 )
--- a/pkg/model/script.go
+++ b/pkg/model/script.go
@@ -23,13 +23,6 @@ func HashParse(hash string) (uint64, error){
 	return strconv.ParseUint(hash, 16, 64)
 }
 type ResourceType int32
 const (
 	ResourceUnknown    ResourceType = 0
 	ResourceMapfix     ResourceType = 1
 	ResourceSubmission ResourceType = 2
 )
 type Script struct {
 	ID           int64 `gorm:"primaryKey"`
 	Name         string
--- a/pkg/model/submission.go
+++ b/pkg/model/submission.go
@@ -40,5 +40,4 @@ type Submission struct {
 	Completed     bool   // Has this version of the map been completed at least once on maptest
 	UploadedAssetID        uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
 	StatusID      SubmissionStatus
 	StatusMessage string
 }
--- a/pkg/public_api/dto/map.go
+++ b/pkg/public_api/dto/map.go
@@ -0,0 +1,47 @@
 package dto
 import (
 	"git.itzana.me/strafesnet/go-grpc/maps_extended"
 	"time"
 )
 type MapFilter struct {
 	GameID *uint32 `json:"game_id" form:"game_id"`
 } // @name MapFilter
 type Map struct {
 	ID           int64     `json:"id"`
 	DisplayName  string    `json:"display_name"`
 	Creator      string    `json:"creator"`
 	GameID       uint32    `json:"game_id"`
 	Date         time.Time `json:"date"`
 	CreatedAt    time.Time `json:"created_at"`
 	UpdatedAt    time.Time `json:"updated_at"`
 	Submitter    uint64    `json:"submitter"`
 	Thumbnail    uint64    `json:"thumbnail"`
 	AssetVersion uint64    `json:"asset_version"`
 	LoadCount    uint32    `json:"load_count"`
 	Modes        uint32    `json:"modes"`
 } // @name Map
 // FromGRPC converts a maps.MapResponse protobuf message to a Map domain object
 func (m *Map) FromGRPC(resp *maps_extended.MapResponse) *Map {
 	if resp == nil {
 		return nil
 	}
 	m.ID = resp.ID
 	m.DisplayName = resp.DisplayName
 	m.Creator = resp.Creator
 	m.Date = time.Unix(resp.Date, 0)
 	m.GameID = resp.GameID
 	m.CreatedAt = time.Unix(resp.CreatedAt, 0)
 	m.UpdatedAt = time.Unix(resp.UpdatedAt, 0)
 	m.Submitter = resp.Submitter
 	m.Thumbnail = resp.Thumbnail
 	m.AssetVersion = resp.AssetVersion
 	m.LoadCount = resp.LoadCount
 	m.Modes = resp.Modes
 	return m
 }
--- a/pkg/public_api/dto/response.go
+++ b/pkg/public_api/dto/response.go
@@ -0,0 +1,52 @@
 package dto
 // @Description Generic response
 type Response[T any] struct {
 	// Data contains the actual response payload
 	Data T `json:"data"`
 } // @name Response
 type PagedTotalResponse[T any] struct {
 	// Data contains the actual response payload
 	Data []T `json:"data"`
 	// Pagination contains information about paging
 	Pagination PaginationWithTotal `json:"pagination"`
 } // @name PagedTotalResponse
 // PaginationWithTotal holds information about the current page, total items, etc.
 type PaginationWithTotal struct {
 	// Current page number
 	Page int `json:"page"`
 	// Number of items per page
 	PageSize int `json:"page_size"`
 	// Total number of items across all pages
 	TotalItems int `json:"total_items"`
 	// Total number of pages
 	TotalPages int `json:"total_pages"`
 } // @name PaginationWithTotal
 type PagedResponse[T any] struct {
 	// Data contains the actual response payload
 	Data []T `json:"data"`
 	// Pagination contains information about paging
 	Pagination Pagination `json:"pagination"`
 } // @name PagedResponse
 // Pagination holds information about the current page.
 type Pagination struct {
 	// Current page number
 	Page int `json:"page"`
 	// Number of items per page
 	PageSize int `json:"page_size"`
 } // @name Pagination
 // Error holds error responses
 type Error struct {
 	Error string `json:"error"`
 } // @name Error
--- a/pkg/public_api/handlers/handler.go
+++ b/pkg/public_api/handlers/handler.go
@@ -0,0 +1,98 @@
 package handlers
 import (
 	"fmt"
 	"github.com/gin-gonic/gin"
 	"google.golang.org/grpc"
 	"strconv"
 )
 const (
 	ErrMsgDataClient = "data client is required"
 )
 // Handler is a base handler that provides common functionality for all HTTP handlers.
 type Handler struct {
 	mapsClient *grpc.ClientConn
 }
 // HandlerOption defines a functional option for configuring a Handler
 type HandlerOption func(*Handler)
 // WithMapsClient sets the data client for the Handler
 func WithMapsClient(mapsClient *grpc.ClientConn) HandlerOption {
 	return func(h *Handler) {
 		h.mapsClient = mapsClient
 	}
 }
 // NewHandler creates a new Handler with the provided options.
 // It requires both a datastore and an authentication service to function properly.
 func NewHandler(options ...HandlerOption) (*Handler, error) {
 	handler := &Handler{}
 	// Apply all provided options
 	for _, option := range options {
 		option(handler)
 	}
 	// Validate required dependencies
 	if err := handler.validateDependencies(); err != nil {
 		return nil, err
 	}
 	return handler, nil
 }
 // validateDependencies ensures all required dependencies are properly set
 func (h *Handler) validateDependencies() error {
 	if h.mapsClient == nil {
 		return fmt.Errorf(ErrMsgDataClient)
 	}
 	return nil
 }
 // validateRange ensures a value is within the specified range, returning defaultValue if outside
 func validateRange(value, min, max, defaultValue int) int {
 	if value < min {
 		return defaultValue
 	}
 	if value > max {
 		return max
 	}
 	return value
 }
 // validateMin ensures a value is at least the minimum, returning defaultValue if below
 func validateMin(value, min, defaultValue int) int {
 	if value < min {
 		return defaultValue
 	}
 	return value
 }
 // getPagination extracts pagination parameters from query string.
 // It applies validation rules to ensure parameters are within acceptable ranges.
 func getPagination(ctx *gin.Context, defaultPageSize, minPageSize, maxPageSize int) (pageSize, pageNumber int) {
 	// Get page size from query string, parse to integer
 	pageSizeStr := ctx.Query("page_size")
 	if pageSizeStr != "" {
 		pageSize, _ = strconv.Atoi(pageSizeStr)
 	} else {
 		pageSize = defaultPageSize
 	}
 	// Get page number from query string, parse to integer
 	pageNumberStr := ctx.Query("page_number")
 	if pageNumberStr != "" {
 		pageNumber, _ = strconv.Atoi(pageNumberStr)
 	} else {
 		pageNumber = 1 // Default to first page
 	}
 	// Apply validation rules
 	pageSize = validateRange(pageSize, minPageSize, maxPageSize, defaultPageSize)
 	pageNumber = validateMin(pageNumber, 1, 1)
 	return pageSize, pageNumber
 }
--- a/pkg/public_api/handlers/maps.go
+++ b/pkg/public_api/handlers/maps.go
@@ -0,0 +1,153 @@
 package handlers
 import (
 	"git.itzana.me/strafesnet/go-grpc/maps_extended"
 	"git.itzana.me/strafesnet/maps-service/pkg/public_api/dto"
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"net/http"
 	"strconv"
 )
 // MapHandler handles HTTP requests related to maps.
 type MapHandler struct {
 	*Handler
 }
 // NewMapHandler creates a new MapHandler with the provided options.
 func NewMapHandler(options ...HandlerOption) (*MapHandler, error) {
 	baseHandler, err := NewHandler(options...)
 	if err != nil {
 		return nil, err
 	}
 	return &MapHandler{
 		Handler: baseHandler,
 	}, nil
 }
 // @Summary Get map by ID
 // @Description Get a specific map by its ID
 // @Tags maps
 // @Produce json
 // @Security ApiKeyAuth
 // @Param id path int true "Map ID"
 // @Success 200 {object} dto.Response[dto.Map]
 // @Failure 404 {object} dto.Error "Map not found"
 // @Failure default {object} dto.Error "General error response"
 // @Router /map/{id} [get]
 func (h *MapHandler) Get(ctx *gin.Context) {
 	// Extract map ID from path parameter
 	id := ctx.Param("id")
 	mapID, err := strconv.ParseInt(id, 10, 64)
 	if err != nil {
 		ctx.JSON(http.StatusBadRequest, dto.Error{
 			Error: "Invalid map ID format",
 		})
 		return
 	}
 	// Call the gRPC service
 	mapData, err := maps_extended.NewMapsServiceClient(h.mapsClient).Get(ctx, &maps_extended.MapId{
 		ID: mapID,
 	})
 	if err != nil {
 		statusCode := http.StatusInternalServerError
 		errorMessage := "Failed to get map"
 		// Check if it's a "not found" error
 		if status.Code(err) == codes.NotFound {
 			statusCode = http.StatusNotFound
 			errorMessage = "Map not found"
 		}
 		ctx.JSON(statusCode, dto.Error{
 			Error: errorMessage,
 		})
 		log.WithError(err).Error(
 			"Failed to get map",
 		)
 		return
 	}
 	// Convert gRPC MapResponse object to dto.Map object
 	var mapDto dto.Map
 	result := mapDto.FromGRPC(mapData)
 	// Return the map data
 	ctx.JSON(http.StatusOK, dto.Response[dto.Map]{
 		Data: *result,
 	})
 }
 // @Summary List maps
 // @Description Get a list of maps
 // @Tags maps
 // @Produce json
 // @Security ApiKeyAuth
 // @Param page_size query int false "Page size (max 100)" default(10) minimum(1) maximum(100)
 // @Param page_number query int false "Page number" default(1) minimum(1)
 // @Param filter query dto.MapFilter false "Map filter parameters"
 // @Success 200 {object} dto.PagedResponse[dto.Map]
 // @Failure default {object} dto.Error "General error response"
 // @Router /map [get]
 func (h *MapHandler) List(ctx *gin.Context) {
 	// Extract and constrain pagination parameters
 	query := struct {
 		PageSize   int `form:"page_size,default=10" binding:"min=1,max=100"`
 		PageNumber int `form:"page_number,default=1" binding:"min=1"`
 		SortBy     int `form:"sort_by,default=0" binding:"min=0,max=3"`
 	}{}
 	if err := ctx.ShouldBindQuery(&query); err != nil {
 		ctx.JSON(http.StatusBadRequest, dto.Error{
 			Error: err.Error(),
 		})
 		return
 	}
 	// Get list filter
 	var filter dto.MapFilter
 	if err := ctx.ShouldBindQuery(&filter); err != nil {
 		ctx.JSON(http.StatusBadRequest, dto.Error{
 			Error: err.Error(),
 		})
 		return
 	}
 	// Call the gRPC service
 	mapList, err := maps_extended.NewMapsServiceClient(h.mapsClient).List(ctx, &maps_extended.ListRequest{
 		Filter: &maps_extended.MapFilter{
 			GameID: filter.GameID,
 		},
 		Page: &maps_extended.Pagination{
 			Size:   uint32(query.PageSize),
 			Number: uint32(query.PageNumber),
 		},
 	})
 	if err != nil {
 		ctx.JSON(http.StatusInternalServerError, dto.Error{
 			Error: "Failed to list maps",
 		})
 		log.WithError(err).Error(
 			"Failed to list maps",
 		)
 		return
 	}
 	// Convert gRPC MapResponse objects to dto.Map objects
 	dtoMaps := make([]dto.Map, len(mapList.Maps))
 	for i, m := range mapList.Maps {
 		var mapDto dto.Map
 		dtoMaps[i] = *mapDto.FromGRPC(m)
 	}
 	// Return the paged response
 	ctx.JSON(http.StatusOK, dto.PagedResponse[dto.Map]{
 		Data: dtoMaps,
 		Pagination: dto.Pagination{
 			Page:     query.PageNumber,
 			PageSize: query.PageSize,
 		},
 	})
 }
--- a/pkg/public_api/router.go
+++ b/pkg/public_api/router.go
@@ -0,0 +1,159 @@
 package api
 import (
 	"context"
 	"errors"
 	"fmt"
 	"git.itzana.me/StrafesNET/dev-service/pkg/api/middleware"
 	"git.itzana.me/strafesnet/maps-service/docs"
 	"git.itzana.me/strafesnet/maps-service/pkg/public_api/handlers"
 	"github.com/gin-gonic/gin"
 	log "github.com/sirupsen/logrus"
 	swaggerfiles "github.com/swaggo/files"
 	ginSwagger "github.com/swaggo/gin-swagger"
 	"github.com/urfave/cli/v2"
 	"google.golang.org/grpc"
 	"net/http"
 	"time"
 )
 // Option defines a function that configures a Router
 type Option func(*RouterConfig)
 // RouterConfig holds all router configuration
 type RouterConfig struct {
 	port            int
 	devClient       *grpc.ClientConn
 	mapsClient      *grpc.ClientConn
 	context         *cli.Context
 	shutdownTimeout time.Duration
 }
 // WithPort sets the port for the server£
 func WithPort(port int) Option {
 	return func(cfg *RouterConfig) {
 		cfg.port = port
 	}
 }
 // WithContext sets the context for the server
 func WithContext(ctx *cli.Context) Option {
 	return func(cfg *RouterConfig) {
 		cfg.context = ctx
 	}
 }
 // WithDevClient sets the dev gRPC client
 func WithDevClient(conn *grpc.ClientConn) Option {
 	return func(cfg *RouterConfig) {
 		cfg.devClient = conn
 	}
 }
 // WithMapsClient sets the data gRPC client
 func WithMapsClient(conn *grpc.ClientConn) Option {
 	return func(cfg *RouterConfig) {
 		cfg.mapsClient = conn
 	}
 }
 // WithShutdownTimeout sets the graceful shutdown timeout
 func WithShutdownTimeout(timeout time.Duration) Option {
 	return func(cfg *RouterConfig) {
 		cfg.shutdownTimeout = timeout
 	}
 }
 func setupRoutes(cfg *RouterConfig) (*gin.Engine, error) {
 	r := gin.Default()
 	r.ForwardedByClientIP = true
 	r.Use(gin.Logger())
 	r.Use(gin.Recovery())
 	handlerOptions := []handlers.HandlerOption{
 		handlers.WithMapsClient(cfg.mapsClient),
 	}
 	// Maps handler
 	mapsHandler, err := handlers.NewMapHandler(handlerOptions...)
 	if err != nil {
 		return nil, err
 	}
 	docs.SwaggerInfo.BasePath = "/public-api/v1"
 	public_api := r.Group("/public-api")
 	{
 		v1 := public_api.Group("/v1")
 		{
 			// Auth middleware
 			v1.Use(middleware.ValidateRequest("Maps", "Read", cfg.devClient))
 			// Maps
 			v1.GET("/map", mapsHandler.List)
 			v1.GET("/map/:id", mapsHandler.Get)
 		}
 		// Docs
 		public_api.GET("/docs/*any", ginSwagger.WrapHandler(swaggerfiles.Handler))
 		public_api.GET("/", func(ctx *gin.Context) {
 			ctx.Redirect(http.StatusPermanentRedirect, "/docs/index.html")
 		})
 	}
 	return r, nil
 }
 // NewRouter creates a new router with the given options
 func NewRouter(options ...Option) error {
 	// Default configuration
 	cfg := &RouterConfig{
 		port:            8080, // Default port
 		context:         nil,
 		shutdownTimeout: 5 * time.Second,
 	}
 	// Apply options
 	for _, option := range options {
 		option(cfg)
 	}
 	// Validate configuration
 	if cfg.context == nil {
 		return errors.New("context is required")
 	}
 	if cfg.devClient == nil {
 		return errors.New("dev client is required")
 	}
 	routes, err := setupRoutes(cfg)
 	if err != nil {
 		return err
 	}
 	log.Info("Starting server")
 	return runServer(cfg.context.Context, fmt.Sprint(":", cfg.port), routes, cfg.shutdownTimeout)
 }
 func runServer(ctx context.Context, addr string, r *gin.Engine, shutdownTimeout time.Duration) error {
 	srv := &http.Server{
 		Addr:    addr,
 		Handler: r,
 	}
 	// Run the server in a separate goroutine
 	go func() {
 		if err := srv.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) {
 			log.WithError(err).Fatal("web server exit")
 		}
 	}()
 	// Wait for a shutdown signal
 	<-ctx.Done()
 	// Shutdown server gracefully
 	ctxShutdown, cancel := context.WithTimeout(context.Background(), shutdownTimeout)
 	defer cancel()
 	return srv.Shutdown(ctxShutdown)
 }
--- a/pkg/roblox/asset_location.go
+++ b/pkg/roblox/asset_location.go
@@ -0,0 +1,95 @@
 package roblox
 import (
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
 	"net/url"
 )
 type AssetMetadata struct {
 	MetadataType uint32 `json:"metadataType"`
 	Value        string `json:"value"`
 }
 // Struct equivalent to Rust's AssetLocationInfo
 type AssetLocationInfo struct {
 	Location       string          `json:"location"`
 	RequestId      string          `json:"requestId"`
 	IsArchived     bool            `json:"isArchived"`
 	AssetTypeId    uint32          `json:"assetTypeId"`
 	AssetMetadatas []AssetMetadata `json:"assetMetadatas"`
 	IsRecordable   bool            `json:"isRecordable"`
 }
 // Input struct for getAssetLocation
 type GetAssetLatestRequest struct {
 	AssetID uint64
 }
 // Custom error type if needed
 type GetError string
 func (e GetError) Error() string { return string(e) }
 // Example client with a Get method
 type Client struct {
 	HttpClient *http.Client
 	ApiKey     string
 }
 func (c *Client) GetAssetLocation(config GetAssetLatestRequest) (*AssetLocationInfo, error) {
 	rawURL := fmt.Sprintf("https://apis.roblox.com/asset-delivery-api/v1/assetId/%d", config.AssetID)
 	parsedURL, err := url.Parse(rawURL)
 	if err != nil {
 		return nil, GetError("ParseError: " + err.Error())
 	}
 	req, err := http.NewRequest("GET", parsedURL.String(), nil)
 	if err != nil {
 		return nil, GetError("RequestCreationError: " + err.Error())
 	}
 	req.Header.Set("x-api-key", c.ApiKey)
 	resp, err := c.HttpClient.Do(req)
 	if err != nil {
 		return nil, GetError("RequestError: " + err.Error())
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		return nil, GetError(fmt.Sprintf("ResponseError: status code %d", resp.StatusCode))
 	}
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, GetError("ReadBodyError: " + err.Error())
 	}
 	var info AssetLocationInfo
 	if err := json.Unmarshal(body, &info); err != nil {
 		return nil, GetError("JSONError: " + err.Error())
 	}
 	return &info, nil
 }
 func (c *Client) DownloadAsset(info *AssetLocationInfo) (io.Reader, error) {
 	req, err := http.NewRequest("GET", info.Location, nil)
 	if err != nil {
 		return nil, GetError("RequestCreationError: " + err.Error())
 	}
 	resp, err := c.HttpClient.Do(req)
 	if err != nil {
 		return nil, GetError("RequestError: " + err.Error())
 	}
 	if resp.StatusCode != http.StatusOK {
 		return nil, GetError(fmt.Sprintf("ResponseError: status code %d", resp.StatusCode))
 	}
 	return resp.Body, nil
 }
--- a/pkg/service/audit_events.go
+++ b/pkg/service/audit_events.go
@@ -4,85 +4,44 @@ import (
 	"context"
 	"encoding/json"
 	"git.itzana.me/strafesnet/go-grpc/users"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
-// CreateMapfixAuditComment implements createMapfixAuditComment operation.
+func (svc *Service) ListAuditEvents(ctx context.Context, resource model.Resource, page model.Page) ([]api.AuditEvent, error){
 //
 // Post a comment to the audit log
 //
 // POST /mapfixes/{MapfixID}/comment
 func (svc *Service) CreateMapfixAuditComment(ctx context.Context, req api.CreateMapfixAuditCommentReq, params api.CreateMapfixAuditCommentParams) (error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleMapfixReview()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDeniedNeedRoleMapfixReview
 	}
 	userId, err := userInfo.GetUserID()
 	if err != nil {
 		return err
 	}
 	data := []byte{}
 	_, err = req.Read(data)
 	if err != nil {
 		return err
 	}
 	Comment := string(data)
 	event_data := model.AuditEventDataComment{
 		Comment: Comment,
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: model.ResourceMapfix,
 		ResourceID:   params.MapfixID,
 		EventType:    model.AuditEventTypeComment,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ListMapfixAuditEvents invokes listMapfixAuditEvents operation.
 //
 // Retrieve a list of audit events.
 //
 // GET /mapfixes/{MapfixID}/audit-events
 func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMapfixAuditEventsParams) ([]api.AuditEvent, error) {
 	filter := datastore.Optional()
-	filter.Add("resource_type", model.ResourceMapfix)
+	filter.Add("resource_type", resource.Type)
-	filter.Add("resource_id", params.MapfixID)
+	filter.Add("resource_id", resource.ID)
-	items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{
+	items, err := svc.db.AuditEvents().List(ctx, filter, page)
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	idMap := make(map[int64]bool)
 	for _, item := range items {
 		idMap[int64(item.User)] = true
 	}
 	var idList users.IdList
 	idList.ID = make([]int64,len(idMap))
 	for userId := range idMap {
 		idList.ID = append(idList.ID, userId)
 	}
 	userList, err := svc.users.GetList(ctx, &idList)
 	if err != nil {
 		return nil, err
 	}
 	userMap := make(map[int64]*users.UserResponse)
 	for _,user := range userList.Users {
 		userMap[user.ID] = user
 	}
 	var resp []api.AuditEvent
 	for _, item := range items {
 		EventData := api.AuditEventEventData{}
@@ -90,10 +49,15 @@ func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMa
 		if err != nil {
 			return nil, err
 		}
 		username := ""
 		if userMap[int64(item.User)] != nil {
 			username = userMap[int64(item.User)].Username
 		}
 		resp = append(resp, api.AuditEvent{
 			ID:           item.ID,
 			Date:         item.CreatedAt.Unix(),
 			User:         int64(item.User),
 			Username:     username,
 			ResourceType: int32(item.ResourceType),
 			ResourceID:   item.ResourceID,
 			EventType:    int32(item.EventType),
@@ -104,51 +68,38 @@ func (svc *Service) ListMapfixAuditEvents(ctx context.Context, params api.ListMa
 	return resp, nil
 }
-// CreateSubmissionAuditComment implements createSubmissionAuditComment operation.
+func (svc *Service) CreateAuditEventAction(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataAction) error {
 //
 // Post a comment to the audit log
 //
 // POST /submissions/{SubmissionID}/comment
 func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.CreateSubmissionAuditCommentReq, params api.CreateSubmissionAuditCommentParams) (error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleSubmissionReview()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDeniedNeedRoleSubmissionReview
 	}
 	userId, err := userInfo.GetUserID()
 	if err != nil {
 		return err
 	}
 	data := []byte{}
 	_, err = req.Read(data)
 	if err != nil {
 		return err
 	}
 	Comment := string(data)
 	event_data := model.AuditEventDataComment{
 		Comment: Comment,
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
-	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
+	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
-		ResourceType: model.ResourceSubmission,
+		ResourceType: resource.Type,
-		ResourceID:   params.SubmissionID,
+		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) CreateAuditEventComment(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataComment) error {
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: resource.Type,
 		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeComment,
 		EventData:    EventData,
 	})
@@ -159,42 +110,129 @@ func (svc *Service) CreateSubmissionAuditComment(ctx context.Context, req api.Cr
 	return nil
 }
-// ListSubmissionAuditEvents invokes listSubmissionAuditEvents operation.
+func (svc *Service) CreateAuditEventChangeModel(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeModel) error {
-//
+	EventData, err := json.Marshal(event_data)
-// Retrieve a list of audit events.
+	if err != nil {
-//
+		return err
-// GET /submissions/{SubmissionID}/audit-events
+	}
 func (svc *Service) ListSubmissionAuditEvents(ctx context.Context, params api.ListSubmissionAuditEventsParams) ([]api.AuditEvent, error) {
 	filter := datastore.Optional()
-	filter.Add("resource_type", model.ResourceSubmission)
+	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
-	filter.Add("resource_id", params.SubmissionID)
+		ID:           0,
-
+		User:         userId,
-	items, err := svc.DB.AuditEvents().List(ctx, filter, model.Page{
+		ResourceType: resource.Type,
-		Number: params.Page,
+		ResourceID:   resource.ID,
-		Size:   params.Limit,
+		EventType:    model.AuditEventTypeChangeModel,
 		EventData:    EventData,
 	})
 	if err != nil {
-		return nil, err
+		return err
 	}
-	var resp []api.AuditEvent
+	return nil
-	for _, item := range items {
+}
-		EventData := api.AuditEventEventData{}
+
-		err = EventData.UnmarshalJSON(item.EventData)
+
-		if err != nil {
+func (svc *Service) CreateAuditEventChangeValidatedModel(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeValidatedModel) error {
-			return nil, err
+	EventData, err := json.Marshal(event_data)
-		}
+	if err != nil {
-		resp = append(resp, api.AuditEvent{
+		return err
-			ID:           item.ID,
+	}
-			Date:         item.CreatedAt.Unix(),
+
-			User:         int64(item.User),
+	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
-			ResourceType: int32(item.ResourceType),
+		ID:           0,
-			ResourceID:   item.ResourceID,
+		User:         userId,
-			EventType:    int32(item.EventType),
+		ResourceType: resource.Type,
-			EventData:    EventData,
+		ResourceID:   resource.ID,
-		})
+		EventType:    model.AuditEventTypeChangeValidatedModel,
-	}
+		EventData:    EventData,
-
+	})
-	return resp, nil
+	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) CreateAuditEventError(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataError) error {
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: resource.Type,
 		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeError,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) CreateAuditEventCheckList(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataCheckList) error {
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: resource.Type,
 		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeCheckList,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) CreateAuditEventChangeDisplayName(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeName) error {
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: resource.Type,
 		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeChangeDisplayName,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) CreateAuditEventChangeCreator(ctx context.Context, userId uint64, resource model.Resource, event_data model.AuditEventDataChangeName) error {
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.db.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         userId,
 		ResourceType: resource.Type,
 		ResourceID:   resource.ID,
 		EventType:    model.AuditEventTypeChangeCreator,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
--- a/pkg/service/mapfixes.go
+++ b/pkg/service/mapfixes.go
--- a/pkg/service/maps.go
+++ b/pkg/service/maps.go
@@ -4,70 +4,146 @@ import (
 	"context"
 	"git.itzana.me/strafesnet/go-grpc/maps"
-	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
-// ListMaps implements listMaps operation.
+// Optional map used to update an object
-//
+type MapUpdate datastore.OptionalMap
 // Get list of maps.
 //
 // GET /maps
 func (svc *Service) ListMaps(ctx context.Context, params api.ListMapsParams) ([]api.Map, error) {
 	filter := maps.MapFilter{}
-	if params.DisplayName.IsSet(){
+func NewMapUpdate() MapUpdate {
-		filter.DisplayName = &params.DisplayName.Value
+	update := datastore.Optional()
-	}
+	return MapUpdate(update)
 	if params.Creator.IsSet(){
 		filter.Creator = &params.Creator.Value
 	}
 	if params.GameID.IsSet(){
 		filter.GameID = &params.GameID.Value
 	}
 	mapList, err := svc.Client.List(ctx, &maps.ListRequest{
 		Filter: &filter,
 		Page: &maps.Pagination{
 			Size:   params.Limit,
 			Number: params.Page,
 		},
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.Map
 	for _, item := range mapList.Maps {
 		resp = append(resp, api.Map{
 			ID:           item.ID,
 			DisplayName:  item.DisplayName,
 			Creator:      item.Creator,
 			GameID:       item.GameID,
 			Date:         item.Date,
 		})
 	}
 	return resp, nil
 }
-// GetMap implements getScript operation.
+func (update MapUpdate) SetDisplayName(display_name string) {
-//
+	datastore.OptionalMap(update).Add("display_name", display_name)
-// Get the specified script by ID.
+}
-//
+func (update MapUpdate) SetCreator(creator string) {
-// GET /maps/{MapID}
+	datastore.OptionalMap(update).Add("creator", creator)
-func (svc *Service) GetMap(ctx context.Context, params api.GetMapParams) (*api.Map, error) {
+}
-	mapResponse, err := svc.Client.Get(ctx, &maps.IdMessage{
+func (update MapUpdate) SetGameID(game_id uint32) {
-		ID:          params.MapID,
+	datastore.OptionalMap(update).Add("game_id", game_id)
 }
 func (update MapUpdate) SetDate(date int64) {
 	datastore.OptionalMap(update).Add("date", date)
 }
 func (update MapUpdate) SetSubmitter(submitter uint64) {
 	datastore.OptionalMap(update).Add("submitter", submitter)
 }
 func (update MapUpdate) SetThumbnail(thumbnail uint64) {
 	datastore.OptionalMap(update).Add("thumbnail", thumbnail)
 }
 func (update MapUpdate) SetAssetVersion(asset_version uint64) {
 	datastore.OptionalMap(update).Add("asset_version", asset_version)
 }
 func (update MapUpdate) SetModes(modes uint32) {
 	datastore.OptionalMap(update).Add("modes", modes)
 }
 // getters
 func (update MapUpdate) GetDisplayName() (string, bool) {
 	value, ok := datastore.OptionalMap(update).Map()["display_name"].(string)
 	return value, ok
 }
 func (update MapUpdate) GetGameID() (uint32, bool) {
 	value, ok := datastore.OptionalMap(update).Map()["game_id"].(uint32)
 	return value, ok
 }
 func (update MapUpdate) GetThumbnail() (uint64, bool) {
 	value, ok := datastore.OptionalMap(update).Map()["thumbnail"].(uint64)
 	return value, ok
 }
 // Optional map used to find matching objects
 type MapFilter datastore.OptionalMap
 func NewMapFilter(
 ) MapFilter {
 	filter := datastore.Optional()
 	return MapFilter(filter)
 }
 func (update MapFilter) SetDisplayName(display_name string) {
 	datastore.OptionalMap(update).Add("display_name", display_name)
 }
 func (update MapFilter) SetCreator(creator string) {
 	datastore.OptionalMap(update).Add("creator", creator)
 }
 func (update MapFilter) SetGameID(game_id uint32) {
 	datastore.OptionalMap(update).Add("game_id", game_id)
 }
 func (update MapFilter) SetSubmitter(submitter uint64) {
 	datastore.OptionalMap(update).Add("submitter", submitter)
 }
 func (svc *Service) CreateMap(ctx context.Context, item model.Map) (int64, error) {
 	// 2 jobs:
 	// create map on maps-service
 	map_item, err := svc.db.Maps().Create(ctx, item)
 	if err != nil {
 		return 0, err
 	}
 	// create map on data-service
 	game_id := int32(item.GameID)
 	_, err = svc.maps.Create(ctx, &maps.MapRequest{
 		ID:          item.ID,
 		DisplayName: &item.DisplayName,
 		GameID:      &game_id,
 		Thumbnail:   &item.Thumbnail,
 	})
 	if err != nil {
-		return nil, err
+		return 0, err
 	}
-	return &api.Map{
+	return map_item.ID, nil
-		ID:           mapResponse.ID,
+}
-		DisplayName:  mapResponse.DisplayName,
+
-		Creator:      mapResponse.Creator,
+func (svc *Service) ListMaps(ctx context.Context, filter MapFilter, page model.Page) ([]model.Map, error) {
-		GameID:       mapResponse.GameID,
+	return svc.db.Maps().List(ctx, datastore.OptionalMap(filter), page)
-		Date:         mapResponse.Date,
+}
-	}, nil
+
 func (svc *Service) GetMapList(ctx context.Context, ids []int64) ([]model.Map, error) {
 	return svc.db.Maps().GetList(ctx, ids)
 }
 func (svc *Service) DeleteMap(ctx context.Context, id int64) error {
 	// Do not delete the "embedded" map, since it deletes times.
 	// _, err := svc.maps.Delete(ctx, &maps.IdMessage{ID: id})
 	return svc.db.Maps().Delete(ctx, id)
 }
 func (svc *Service) GetMap(ctx context.Context, id int64) (model.Map, error) {
 	return svc.db.Maps().Get(ctx, id)
 }
 func (svc *Service) UpdateMap(ctx context.Context, id int64, pmap MapUpdate) error {
 	// 2 jobs:
 	// update map on maps-service
 	err := svc.db.Maps().Update(ctx, id, datastore.OptionalMap(pmap))
 	if err != nil {
 		return err
 	}
 	// update map on data-service
 	update := maps.MapRequest{
 		ID: id,
 	}
 	if display_name, ok := pmap.GetDisplayName(); ok {
 		update.DisplayName = &display_name
 	}
 	if game_id, ok := pmap.GetGameID(); ok {
 		game_id_int32 := int32(game_id)
 		update.GameID = &game_id_int32
 	}
 	if thumbnail, ok := pmap.GetThumbnail(); ok {
 		update.Thumbnail = &thumbnail
 	}
 	_, err = svc.maps.Update(ctx, &update)
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) IncrementMapLoadCount(ctx context.Context, id int64) error {
 	return svc.db.Maps().IncrementLoadCount(ctx, id)
 }
--- a/pkg/service/nats_mapfix.go
+++ b/pkg/service/nats_mapfix.go
@@ -0,0 +1,114 @@
 package service
 import (
 	"encoding/json"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 func (svc *Service) NatsCreateMapfix(
 	OperationID int32,
 	ModelID uint64,
 	TargetAssetID uint64,
 	Description string,
 ) error {
 	create_request := model.CreateMapfixRequest{
 		OperationID:   OperationID,
 		ModelID:       ModelID,
 		TargetAssetID: TargetAssetID,
 		Description:   Description,
 	}
 	j, err := json.Marshal(create_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.mapfixes.create", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsCheckMapfix(
 	MapfixID   int64,
 	ModelID    uint64,
 	SkipChecks bool,
 ) error {
 	validate_request := model.CheckMapfixRequest{
 		MapfixID:   MapfixID,
 		ModelID:    ModelID,
 		SkipChecks: SkipChecks,
 	}
 	j, err := json.Marshal(validate_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.mapfixes.check", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsUploadMapfix(
 	MapfixID      int64,
 	ModelID       uint64,
 	ModelVersion  uint64,
 	TargetAssetID uint64,
 ) error {
 	upload_fix_request := model.UploadMapfixRequest{
 		MapfixID:      MapfixID,
 		ModelID:       ModelID,
 		ModelVersion:  ModelVersion,
 		TargetAssetID: TargetAssetID,
 	}
 	j, err := json.Marshal(upload_fix_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.mapfixes.upload", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsValidateMapfix(
 	MapfixID         int64,
 	ModelID          uint64,
 	ModelVersion     uint64,
 	ValidatedAssetID uint64,
 ) error {
 	validate_request := model.ValidateMapfixRequest{
 		MapfixID:         MapfixID,
 		ModelID:          ModelID,
 		ModelVersion:     ModelVersion,
 		ValidatedModelID: nil,
 	}
 	// sentinel values because we're not using rust
 	if ValidatedAssetID != 0 {
 		validate_request.ValidatedModelID = &ValidatedAssetID
 	}
 	j, err := json.Marshal(validate_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.mapfixes.validate", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
--- a/pkg/service/nats_submission.go
+++ b/pkg/service/nats_submission.go
@@ -0,0 +1,120 @@
 package service
 import (
 	"encoding/json"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 func (svc *Service) NatsCreateSubmission(
 	OperationID int32,
 	ModelID     uint64,
 	DisplayName string,
 	Creator     string,
 	GameID      uint32,
 	Status      uint32,
 	Roles       uint32,
 ) error {
 	create_request := model.CreateSubmissionRequest{
 		OperationID: OperationID,
 		ModelID:     ModelID,
 		DisplayName: DisplayName,
 		Creator:     Creator,
 		GameID:      GameID,
 		Status:      Status,
 		Roles:       Roles,
 	}
 	j, err := json.Marshal(create_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.submissions.create", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsCheckSubmission(
 	SubmissionID int64,
 	ModelID      uint64,
 	SkipChecks   bool,
 ) error {
 	validate_request := model.CheckSubmissionRequest{
 		SubmissionID: SubmissionID,
 		ModelID:      ModelID,
 		SkipChecks:   SkipChecks,
 	}
 	j, err := json.Marshal(validate_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.submissions.check", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsUploadSubmission(
 	SubmissionID int64,
 	ModelID      uint64,
 	ModelVersion uint64,
 	ModelName    string,
 ) error {
 	upload_new_request := model.UploadSubmissionRequest{
 		SubmissionID: SubmissionID,
 		ModelID:      ModelID,
 		ModelVersion: ModelVersion,
 		ModelName:    ModelName,
 	}
 	j, err := json.Marshal(upload_new_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.submissions.upload", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
 func (svc *Service) NatsValidateSubmission(
 	SubmissionID     int64,
 	ModelID          uint64,
 	ModelVersion     uint64,
 	ValidatedModelID uint64,
 ) error {
 	validate_request := model.ValidateSubmissionRequest{
 		SubmissionID:     SubmissionID,
 		ModelID:          ModelID,
 		ModelVersion:     ModelVersion,
 		ValidatedModelID: nil,
 	}
 	// sentinel values because we're not using rust
 	if ValidatedModelID != 0 {
 		validate_request.ValidatedModelID = &ValidatedModelID
 	}
 	j, err := json.Marshal(validate_request)
 	if err != nil {
 		return err
 	}
 	_, err = svc.nats.Publish("maptest.submissions.validate", []byte(j))
 	if err != nil {
 		return err
 	}
 	return nil
 }
--- a/pkg/service/operations.go
+++ b/pkg/service/operations.go
@@ -2,45 +2,54 @@ package service
 import (
 	"context"
 	"time"
-	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
-// GetOperation implements getOperation operation.
+type OperationFailParams datastore.OptionalMap
 //
 // Get the specified operation by ID.
 //
 // GET /operations/{OperationID}
 func (svc *Service) GetOperation(ctx context.Context, params api.GetOperationParams) (*api.Operation, error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
-	// You must be the operation owner to read it
+func NewOperationFailParams(
-
+	status_message string,
-	operation, err := svc.DB.Operations().Get(ctx, params.OperationID)
+) OperationFailParams {
-	if err != nil {
+	filter := datastore.Optional()
-		return nil, err
+	filter.Add("status_id", model.OperationStatusFailed)
-	}
+	filter.Add("status_message", status_message)
-
+	return OperationFailParams(filter)
-	userId, err := userInfo.GetUserID()
+}
-	if err != nil {
+
-		return nil, err
+type OperationCompleteParams datastore.OptionalMap
-	}
+
-
+func NewOperationCompleteParams(
-	// check if caller is the submitter
+	path string,
-	has_role := userId == operation.Owner
+) OperationCompleteParams {
-	if !has_role {
+	filter := datastore.Optional()
-		return nil, ErrPermissionDeniedNotSubmitter
+	filter.Add("status_id", model.OperationStatusCompleted)
-	}
+	filter.Add("path", path)
-
+	return OperationCompleteParams(filter)
-	return &api.Operation{
+}
-		OperationID:   operation.ID,
+
-		Date:          operation.CreatedAt.Unix(),
+func (svc *Service) CreateOperation(ctx context.Context, operation model.Operation) (model.Operation, error) {
-		Owner:         int64(operation.Owner),
+	return svc.db.Operations().Create(ctx, operation)
-		Status:        int32(operation.StatusID),
+}
-		StatusMessage: operation.StatusMessage,
+
-		Path:          operation.Path,
+func (svc *Service) CountOperationsSince(ctx context.Context, owner int64, since time.Time) (int64, error) {
-	}, nil
+	return svc.db.Operations().CountSince(ctx, owner, since)
 }
 func (svc *Service) DeleteOperation(ctx context.Context, id int32) error {
 	return svc.db.Operations().Delete(ctx, id)
 }
 func (svc *Service) GetOperation(ctx context.Context, id int32) (model.Operation, error) {
 	return svc.db.Operations().Get(ctx, id)
 }
 func (svc *Service) FailOperation(ctx context.Context, id int32, params OperationFailParams) error {
 	return svc.db.Operations().Update(ctx, id, datastore.OptionalMap(params))
 }
 func (svc *Service) CompleteOperation(ctx context.Context, id int32, params OperationCompleteParams) error {
 	return svc.db.Operations().Update(ctx, id, datastore.OptionalMap(params))
 }
--- a/pkg/service/script_policy.go
+++ b/pkg/service/script_policy.go
@@ -3,169 +3,43 @@ package service
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
-// CreateScriptPolicy implements createScriptPolicy operation.
+type ScriptPolicyFilter datastore.OptionalMap
 //
 // Create a new script policy.
 //
 // POST /script-policy
 func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ScriptPolicyID, error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
-	has_role, err := userInfo.HasRoleScriptWrite()
+func NewScriptPolicyFilter() ScriptPolicyFilter {
 	if err != nil {
 		return nil, err
 	}
 	if !has_role {
 		return nil, ErrPermissionDenied
 	}
 	from_script, err := svc.DB.Scripts().Get(ctx, req.FromScriptID)
 	if err != nil {
 		return nil, err
 	}
 	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
 	script, err := svc.DB.ScriptPolicy().Create(ctx, model.ScriptPolicy{
 		ID:             0,
 		FromScriptHash: from_script.Hash,
 		ToScriptID:     req.ToScriptID,
 		Policy:         model.Policy(req.Policy),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptPolicyID{
 		ScriptPolicyID: script.ID,
 	}, nil
 }
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
 func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
 	filter := datastore.Optional()
-
+	return ScriptPolicyFilter(filter)
-	if params.FromScriptHash.IsSet(){
+}
-		hash, err := model.HashParse(params.FromScriptHash.Value)
+func (filter ScriptPolicyFilter) SetFromScriptHash(from_script_hash int64) {
-		if err != nil {
+	// Finally, type safety!
-			return nil, err
+	datastore.OptionalMap(filter).Add("from_script_hash", from_script_hash)
-		}
+}
-		filter.Add("from_script_hash", int64(hash)) // No type safety!
+func (filter ScriptPolicyFilter) SetToScriptID(to_script_id int64) {
-	}
+	datastore.OptionalMap(filter).Add("to_script_id", to_script_id)
-	if params.ToScriptID.IsSet(){
+}
-		filter.Add("to_script_id", params.ToScriptID.Value)
+func (filter ScriptPolicyFilter) SetPolicy(policy int32) {
-	}
+	datastore.OptionalMap(filter).Add("policy", policy)
 	if params.Policy.IsSet(){
 		filter.Add("policy", params.Policy.Value)
 	}
 	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.ScriptPolicy
 	for _, item := range items {
 		resp = append(resp, api.ScriptPolicy{
 			ID:             item.ID,
 			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
 			ToScriptID:     item.ToScriptID,
 			Policy:         int32(item.Policy),
 		})
 	}
 	return resp, nil
 }
-// DeleteScriptPolicy implements deleteScriptPolicy operation.
+func (svc *Service) CreateScriptPolicy(ctx context.Context, script model.ScriptPolicy) (model.ScriptPolicy, error) {
-//
+	return svc.db.ScriptPolicy().Create(ctx, script)
 // Delete the specified script policy by ID.
 //
 // DELETE /script-policy/{ScriptPolicyID}
 func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScriptPolicyParams) error {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleScriptWrite()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDenied
 	}
 	return svc.DB.ScriptPolicy().Delete(ctx, params.ScriptPolicyID)
 }
-// GetScriptPolicy implements getScriptPolicy operation.
+func (svc *Service) ListScriptPolicies(ctx context.Context, filter ScriptPolicyFilter, page model.Page) ([]model.ScriptPolicy, error) {
-//
+	return svc.db.ScriptPolicy().List(ctx, datastore.OptionalMap(filter), page)
 // Get the specified script policy by ID.
 //
 // GET /script-policy/{ScriptPolicyID}
 func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPolicyParams) (*api.ScriptPolicy, error) {
 	policy, err := svc.DB.ScriptPolicy().Get(ctx, params.ScriptPolicyID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptPolicy{
 		ID:             policy.ID,
 		FromScriptHash: model.HashFormat(uint64(policy.FromScriptHash)),
 		ToScriptID:     policy.ToScriptID,
 		Policy:         int32(policy.Policy),
 	}, nil
 }
-// UpdateScriptPolicy implements updateScriptPolicy operation.
+func (svc *Service) DeleteScriptPolicy(ctx context.Context, id int64) error {
-//
+	return svc.db.ScriptPolicy().Delete(ctx, id)
-// Update the specified script policy by ID.
+}
-//
+
-// POST /script-policy/{ScriptPolicyID}
+func (svc *Service) GetScriptPolicy(ctx context.Context, id int64) (model.ScriptPolicy, error) {
-func (svc *Service) UpdateScriptPolicy(ctx context.Context, req *api.ScriptPolicyUpdate, params api.UpdateScriptPolicyParams) error {
+	return svc.db.ScriptPolicy().Get(ctx, id)
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+}
-	if !ok {
+
-		return ErrUserInfo
+func (svc *Service) UpdateScriptPolicy(ctx context.Context, id int64, pmap ScriptPolicyFilter) error {
-	}
+	return svc.db.ScriptPolicy().Update(ctx, id, datastore.OptionalMap(pmap))
 	has_role, err := userInfo.HasRoleScriptWrite()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDenied
 	}
 	pmap := datastore.Optional()
 	if from_script_id, ok := req.FromScriptID.Get(); ok {
 		from_script, err := svc.DB.Scripts().Get(ctx, from_script_id)
 		if err != nil {
 			return err
 		}
 		pmap.Add("from_script_hash", from_script.Hash)
 	}
 	if to_script_id, ok := req.ToScriptID.Get(); ok {
 		pmap.Add("to_script_id", to_script_id)
 	}
 	if policy, ok := req.Policy.Get(); ok {
 		pmap.Add("policy", policy)
 	}
 	return svc.DB.ScriptPolicy().Update(ctx, req.ID, pmap)
 }
--- a/pkg/service/scripts.go
+++ b/pkg/service/scripts.go
@@ -3,172 +3,48 @@ package service
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
-// CreateScript implements createScript operation.
+type ScriptFilter datastore.OptionalMap
 //
 // Create a new script.
 //
 // POST /scripts
 func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ScriptID, error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
-	has_role, err := userInfo.HasRoleScriptWrite()
+func NewScriptFilter() ScriptFilter {
 	if err != nil {
 		return nil, err
 	}
 	if !has_role {
 		return nil, ErrPermissionDenied
 	}
 	script, err := svc.DB.Scripts().Create(ctx, model.Script{
 		ID:           0,
 		Name:         req.Name,
 		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
 		ResourceType: model.ResourceType(req.ResourceType),
 		ResourceID:   req.ResourceID.Or(0),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptID{
 		ScriptID: script.ID,
 	}, nil
 }
 // ListScripts implements listScripts operation.
 //
 // Get list of scripts.
 //
 // GET /scripts
 func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
 	filter := datastore.Optional()
-
+	return ScriptFilter(filter)
-	if params.Hash.IsSet(){
+}
-		hash, err := model.HashParse(params.Hash.Value)
+func (filter ScriptFilter) SetName(name string) {
-		if err != nil {
+	datastore.OptionalMap(filter).Add("name", name)
-			return nil, err
+}
-		}
+func (filter ScriptFilter) SetSource(source string) {
-		filter.Add("hash", int64(hash)) // No type safety!
+	datastore.OptionalMap(filter).Add("source", source)
-	}
+}
-	if params.Name.IsSet(){
+func (filter ScriptFilter) SetHash(hash int64) {
-		filter.Add("name", params.Name.Value)
+	datastore.OptionalMap(filter).Add("hash", hash)
-	}
+}
-	if params.Source.IsSet(){
+func (filter ScriptFilter) SetResourceType(resource_type int32) {
-		filter.Add("source", params.Source.Value)
+	datastore.OptionalMap(filter).Add("resource_type", resource_type)
-	}
+}
-	if params.ResourceType.IsSet(){
+func (filter ScriptFilter) SetResourceID(resource_id int64) {
-		filter.Add("resource_type", params.ResourceType.Value)
+	datastore.OptionalMap(filter).Add("resource_id", resource_id)
 	}
 	if params.ResourceID.IsSet(){
 		filter.Add("resource_id", params.ResourceID.Value)
 	}
 	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.Script
 	for _, item := range items {
 		resp = append(resp, api.Script{
 			ID:           item.ID,
 			Hash:         model.HashFormat(uint64(item.Hash)),
 			Source:       item.Source,
 			ResourceType: int32(item.ResourceType),
 			ResourceID:   item.ResourceID,
 		})
 	}
 	return resp, nil
 }
-// DeleteScript implements deleteScript operation.
+func (svc *Service) CreateScript(ctx context.Context, script model.Script) (model.Script, error) {
-//
+	return svc.db.Scripts().Create(ctx, script)
 // Delete the specified script by ID.
 //
 // DELETE /scripts/{ScriptID}
 func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptParams) error {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleScriptWrite()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDenied
 	}
 	return svc.DB.Scripts().Delete(ctx, params.ScriptID)
 }
-// GetScript implements getScript operation.
+func (svc *Service) ListScripts(ctx context.Context, filter ScriptFilter, page model.Page) ([]model.Script, error) {
-//
+	return svc.db.Scripts().List(ctx, datastore.OptionalMap(filter), page)
 // Get the specified script by ID.
 //
 // GET /scripts/{ScriptID}
 func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
 	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.Script{
 		ID:           script.ID,
 		Name:         script.Name,
 		Hash:         model.HashFormat(uint64(script.Hash)),
 		Source:       script.Source,
 		ResourceType: int32(script.ResourceType),
 		ResourceID:   script.ResourceID,
 	}, nil
 }
-// UpdateScript implements updateScript operation.
+func (svc *Service) DeleteScript(ctx context.Context, id int64) error {
-//
+	return svc.db.Scripts().Delete(ctx, id)
-// Update the specified script by ID.
+}
-//
+
-// PATCH /scripts/{ScriptID}
+func (svc *Service) GetScript(ctx context.Context, id int64) (model.Script, error) {
-func (svc *Service) UpdateScript(ctx context.Context, req *api.ScriptUpdate, params api.UpdateScriptParams) error {
+	return svc.db.Scripts().Get(ctx, id)
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+}
-	if !ok {
+
-		return ErrUserInfo
+func (svc *Service) UpdateScript(ctx context.Context, id int64, pmap ScriptFilter) error {
-	}
+	return svc.db.Scripts().Update(ctx, id, datastore.OptionalMap(pmap))
 	has_role, err := userInfo.HasRoleScriptWrite()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDenied
 	}
 	pmap := datastore.Optional()
 	if Name, ok := req.Name.Get(); ok {
 		pmap.Add("name", Name)
 	}
 	if source, ok := req.Source.Get(); ok {
 		pmap.Add("source", source)
 		pmap.Add("hash", int64(model.HashSource(source))) // No type safety!
 	}
 	if ResourceType, ok := req.ResourceType.Get(); ok {
 		pmap.Add("resource_type", ResourceType)
 	}
 	if ResourceID, ok := req.ResourceID.Get(); ok {
 		pmap.Add("resource_id", ResourceID)
 	}
 	return svc.DB.Scripts().Update(ctx, req.ID, pmap)
 }
--- a/pkg/service/service.go
+++ b/pkg/service/service.go
@@ -1,59 +1,29 @@
 package service
 import (
 	"context"
 	"errors"
 	"fmt"
 	"git.itzana.me/strafesnet/go-grpc/maps"
-	"git.itzana.me/strafesnet/maps-service/pkg/api"
+	"git.itzana.me/strafesnet/go-grpc/users"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"github.com/nats-io/nats.go"
 )
 var (
 	// ErrPermissionDenied caller does not have the required role
 	ErrPermissionDenied = errors.New("Permission denied")
 	// ErrUserInfo user info is missing for some reason
 	ErrUserInfo = errors.New("Missing user info")
 	ErrDelayReset = errors.New("Please give the validator at least 10 seconds to operate before attempting to reset the status")
 	ErrPermissionDeniedNotSubmitter = fmt.Errorf("%w: You must be the submitter to perform this action", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleSubmissionRelease = fmt.Errorf("%w: Need Role SubmissionRelease", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleMapfixUpload = fmt.Errorf("%w: Need Role MapfixUpload", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleMapfixReview = fmt.Errorf("%w: Need Role MapfixReview", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleSubmissionUpload = fmt.Errorf("%w: Need Role SubmissionUpload", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleSubmissionReview = fmt.Errorf("%w: Need Role SubmissionReview", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleMapDownload = fmt.Errorf("%w: Need Role MapDownload", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleScriptWrite = fmt.Errorf("%w: Need Role ScriptWrite", ErrPermissionDenied)
 	ErrPermissionDeniedNeedRoleMaptest = fmt.Errorf("%w: Need Role Maptest", ErrPermissionDenied)
 	ErrNegativeID = errors.New("A negative ID was provided")
 )
 type Service struct {
-	DB   datastore.Datastore
+	db     datastore.Datastore
-	Nats nats.JetStreamContext
+	nats   nats.JetStreamContext
-	Client maps.MapsServiceClient
+	maps   maps.MapsServiceClient
 	users  users.UsersServiceClient
 }
-// NewError creates *ErrorStatusCode from error returned by handler.
+func NewService(
-//
+	db datastore.Datastore,
-// Used for common default response.
+	nats nats.JetStreamContext,
-func (svc *Service) NewError(ctx context.Context, err error) *api.ErrorStatusCode {
+	maps maps.MapsServiceClient,
-	status := 500
+	users users.UsersServiceClient,
-	if errors.Is(err, datastore.ErrNotExist) {
+) Service {
-		status = 404
+	return Service{
-	}
+		db:     db,
-	if errors.Is(err, ErrPermissionDenied) {
+		nats:   nats,
-		status = 403
+		maps:   maps,
-	}
+		users:  users,
 	if errors.Is(err, ErrUserInfo) {
 		status = 401
 	}
 	return &api.ErrorStatusCode{
 		StatusCode: status,
 		Response: api.Error{
 			Code:    int64(status),
 			Message: err.Error(),
 		},
 	}
 }
--- a/pkg/service/submissions.go
+++ b/pkg/service/submissions.go
--- a/pkg/service_internal/mapfixes.go
+++ b/pkg/service_internal/mapfixes.go
@@ -1,280 +0,0 @@
 package service_internal
 import (
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 var(
 	// prevent two mapfixes with same asset id
 	ActiveMapfixStatuses = []model.MapfixStatus{
 		model.MapfixStatusUploading,
 		model.MapfixStatusValidated,
 		model.MapfixStatusValidating,
 		model.MapfixStatusAcceptedUnvalidated,
 		model.MapfixStatusChangesRequested,
 		model.MapfixStatusSubmitted,
 		model.MapfixStatusUnderConstruction,
 	}
 )
 var(
 	ErrActiveMapfixSameAssetID = errors.New("There is an active mapfix with the same AssetID")
 	ErrNotAssetOwner = errors.New("You can only submit an asset you own")
 )
 // UpdateMapfixValidatedModel implements patchMapfixModel operation.
 //
 // Update model following role restrictions.
 //
 // POST /mapfixes/{MapfixID}/validated-model
 func (svc *Service) UpdateMapfixValidatedModel(ctx context.Context, params internal.UpdateMapfixValidatedModelParams) error {
 	ValidatedModelID := uint64(params.ValidatedModelID)
 	ValidatedModelVersion := uint64(params.ValidatedModelVersion)
 	// check if Status is ChangesRequested|Submitted|UnderConstruction
 	pmap := datastore.Optional()
 	pmap.Add("validated_asset_id", ValidatedModelID)
 	pmap.Add("validated_asset_version", ValidatedModelVersion)
 	// DO NOT reset completed when validated model is updated
 	// pmap.Add("completed", false)
 	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, pmap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataChangeValidatedModel{
 		ValidatedModelID: ValidatedModelID,
 		ValidatedModelVersion: ValidatedModelVersion,
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceMapfix,
 		ResourceID:   params.MapfixID,
 		EventType:    model.AuditEventTypeChangeValidatedModel,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionMapfixValidate invokes actionMapfixValidate operation.
 //
 // Role Validator changes status from Submitting -> Submitted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-submitted
 func (svc *Service) ActionMapfixSubmitted(ctx context.Context, params internal.ActionMapfixSubmittedParams) error {
 	// transaction
 	target_status := model.MapfixStatusSubmitted
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusSubmitting}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceMapfix,
 		ResourceID:   params.MapfixID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionMapfixValidate invokes actionMapfixValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
 // POST /mapfixes/{MapfixID}/status/validator-validated
 func (svc *Service) ActionMapfixValidated(ctx context.Context, params internal.ActionMapfixValidatedParams) error {
 	// transaction
 	smap := datastore.Optional()
 	smap.Add("status_id", model.MapfixStatusValidated)
 	return svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, smap)
 }
 // ActionMapfixAccepted implements actionMapfixAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-failed
 func (svc *Service) ActionMapfixAccepted(ctx context.Context, params internal.ActionMapfixAcceptedParams) error {
 	// transaction
 	target_status := model.MapfixStatusAcceptedUnvalidated
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	smap.Add("status_message", params.StatusMessage)
 	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusValidating}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceMapfix,
 		ResourceID:   params.MapfixID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionMapfixUploaded implements actionMapfixUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /mapfixes/{MapfixID}/status/validator-uploaded
 func (svc *Service) ActionMapfixUploaded(ctx context.Context, params internal.ActionMapfixUploadedParams) error {
 	// transaction
 	target_status := model.MapfixStatusUploaded
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	err := svc.DB.Mapfixes().IfStatusThenUpdate(ctx, params.MapfixID, []model.MapfixStatus{model.MapfixStatusUploading}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceMapfix,
 		ResourceID:   params.MapfixID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // POST /mapfixes
 func (svc *Service) CreateMapfix(ctx context.Context, request *internal.MapfixCreate) (*internal.MapfixID, error) {
 	// sanitization
 	if request.GameID<0||
 	request.AssetOwner<0||
 	request.AssetID<0||
 	request.AssetVersion<0||
 	request.TargetAssetID<0{
 		return nil, ErrNegativeID
 	}
 	var GameID=uint32(request.GameID);
 	var Submitter=uint64(request.AssetOwner);
 	var AssetID=uint64(request.AssetID);
 	var AssetVersion=uint64(request.AssetVersion);
 	var TargetAssetID=uint64(request.TargetAssetID);
 	// Check if an active mapfix with the same asset id exists
 	{
 		filter := datastore.Optional()
 		filter.Add("asset_id", request.AssetID)
 		filter.Add("asset_version", request.AssetVersion)
 		filter.Add("status_id", ActiveMapfixStatuses)
 		active_mapfixes, err := svc.DB.Mapfixes().List(ctx, filter, model.Page{
 			Number: 1,
 			Size:   1,
 		},datastore.ListSortDisabled)
 		if err != nil {
 			return nil, err
 		}
 		if len(active_mapfixes) != 0{
 			return nil, ErrActiveMapfixSameAssetID
 		}
 	}
 	operation, err := svc.DB.Operations().Get(ctx, request.OperationID)
 	if err != nil {
 		return nil, err
 	}
 	// check if user owns asset
 	// TODO: allow bypass by admin
 	if operation.Owner != Submitter {
 		return nil, ErrNotAssetOwner
 	}
 	mapfix, err := svc.DB.Mapfixes().Create(ctx, model.Mapfix{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        GameID,
 		Submitter:     Submitter,
 		AssetID:       AssetID,
 		AssetVersion:  AssetVersion,
 		Completed:     false,
 		TargetAssetID: TargetAssetID,
 		StatusID:      model.MapfixStatusUnderConstruction,
 	})
 	if err != nil {
 		return nil, err
 	}
 	// mark the operation as completed and provide the path
 	pmap := datastore.Optional()
 	pmap.Add("status_id", model.OperationStatusCompleted)
 	pmap.Add("path", fmt.Sprintf("/mapfixes/%d", mapfix.ID))
 	err = svc.DB.Operations().Update(ctx, request.OperationID, pmap)
 	if err != nil {
 		return nil, err
 	}
 	return &internal.MapfixID{
 		MapfixID: mapfix.ID,
 	}, nil
 }
--- a/pkg/service_internal/operations.go
+++ b/pkg/service_internal/operations.go
@@ -1,21 +0,0 @@
 package service_internal
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 // ActionOperationFailed implements actionOperationFailed operation.
 //
 // Fail the specified OperationID with a StatusMessage.
 //
 // POST /operations/{OperationID}/status/operation-failed
 func (svc *Service) ActionOperationFailed(ctx context.Context, params internal.ActionOperationFailedParams) (error) {
 	pmap := datastore.Optional()
 	pmap.Add("status_id", model.OperationStatusFailed)
 	pmap.Add("status_message", params.StatusMessage)
 	return svc.DB.Operations().Update(ctx, params.OperationID, pmap)
 }
--- a/pkg/service_internal/script_policy.go
+++ b/pkg/service_internal/script_policy.go
@@ -1,80 +0,0 @@
 package service_internal
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	api "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 // CreateScriptPolicy implements createScriptPolicy operation.
 //
 // Create a new script policy.
 //
 // POST /script-policy
 func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ScriptPolicyID, error) {
 	from_script, err := svc.DB.Scripts().Get(ctx, req.FromScriptID)
 	if err != nil {
 		return nil, err
 	}
 	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
 	script, err := svc.DB.ScriptPolicy().Create(ctx, model.ScriptPolicy{
 		ID:             0,
 		FromScriptHash: from_script.Hash,
 		ToScriptID:     req.ToScriptID,
 		Policy:         model.Policy(req.Policy),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptPolicyID{
 		ScriptPolicyID: script.ID,
 	}, nil
 }
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
 func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
 	filter := datastore.Optional()
 	if params.FromScriptHash.IsSet(){
 		hash, err := model.HashParse(params.FromScriptHash.Value)
 		if err != nil {
 			return nil, err
 		}
 		filter.Add("from_script_hash", int64(hash)) // No type safety!
 	}
 	if params.ToScriptID.IsSet(){
 		filter.Add("to_script_id", params.ToScriptID.Value)
 	}
 	if params.Policy.IsSet(){
 		filter.Add("policy", params.Policy.Value)
 	}
 	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.ScriptPolicy
 	for _, item := range items {
 		resp = append(resp, api.ScriptPolicy{
 			ID:             item.ID,
 			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
 			ToScriptID:     item.ToScriptID,
 			Policy:         int32(item.Policy),
 		})
 	}
 	return resp, nil
 }
--- a/pkg/service_internal/scripts.go
+++ b/pkg/service_internal/scripts.go
@@ -1,103 +0,0 @@
 package service_internal
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	api "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 // CreateScript implements createScript operation.
 //
 // Create a new script.
 //
 // POST /scripts
 func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ScriptID, error) {
 	script, err := svc.DB.Scripts().Create(ctx, model.Script{
 		ID:           0,
 		Name:         req.Name,
 		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
 		ResourceType: model.ResourceType(req.ResourceType),
 		ResourceID:   req.ResourceID.Or(0),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptID{
 		ScriptID: script.ID,
 	}, nil
 }
 // ListScripts implements listScripts operation.
 //
 // Get list of scripts.
 //
 // GET /scripts
 func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
 	filter := datastore.Optional()
 	if params.Hash.IsSet(){
 		hash, err := model.HashParse(params.Hash.Value)
 		if err != nil {
 			return nil, err
 		}
 		filter.Add("hash", int64(hash)) // No type safety!
 	}
 	if params.Name.IsSet(){
 		filter.Add("name", params.Name.Value)
 	}
 	if params.Source.IsSet(){
 		filter.Add("source", params.Source.Value)
 	}
 	if params.ResourceType.IsSet(){
 		filter.Add("resource_type", params.ResourceType.Value)
 	}
 	if params.ResourceID.IsSet(){
 		filter.Add("resource_id", params.ResourceID.Value)
 	}
 	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.Script
 	for _, item := range items {
 		resp = append(resp, api.Script{
 			ID:           item.ID,
 			Hash:         model.HashFormat(uint64(item.Hash)),
 			Source:       item.Source,
 			ResourceType: int32(item.ResourceType),
 			ResourceID:   item.ResourceID,
 		})
 	}
 	return resp, nil
 }
 // GetScript implements getScript operation.
 //
 // Get the specified script by ID.
 //
 // GET /scripts/{ScriptID}
 func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
 	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.Script{
 		ID:           script.ID,
 		Name:         script.Name,
 		Hash:         model.HashFormat(uint64(script.Hash)),
 		Source:       script.Source,
 		ResourceType: int32(script.ResourceType),
 		ResourceID:   script.ResourceID,
 	}, nil
 }
--- a/pkg/service_internal/service_internal.go
+++ b/pkg/service_internal/service_internal.go
@@ -1,39 +0,0 @@
 package service_internal
 import (
 	"context"
 	"errors"
 	"math"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"github.com/nats-io/nats.go"
 )
 const (
 	ValidtorUserID uint64 = uint64(math.MaxInt64)
 )
 var (
 	ErrNegativeID = errors.New("A negative ID was provided")
 )
 type Service struct {
 	DB   datastore.Datastore
 	Nats nats.JetStreamContext
 }
 // yay duplicate code
 func (svc *Service) NewError(ctx context.Context, err error) *internal.ErrorStatusCode {
 	status := 500
 	if errors.Is(err, datastore.ErrNotExist) {
 		status = 404
 	}
 	return &internal.ErrorStatusCode{
 		StatusCode: status,
 		Response: internal.Error{
 			Code:    int64(status),
 			Message: err.Error(),
 		},
 	}
 }
--- a/pkg/service_internal/submissions.go
+++ b/pkg/service_internal/submissions.go
@@ -1,304 +0,0 @@
 package service_internal
 import (
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )
 var(
 	// prevent two mapfixes with same asset id
 	ActiveSubmissionStatuses = []model.SubmissionStatus{
 		model.SubmissionStatusUploading,
 		model.SubmissionStatusValidated,
 		model.SubmissionStatusValidating,
 		model.SubmissionStatusAcceptedUnvalidated,
 		model.SubmissionStatusChangesRequested,
 		model.SubmissionStatusSubmitted,
 		model.SubmissionStatusUnderConstruction,
 	}
 )
 var(
 	ErrActiveSubmissionSameAssetID = errors.New("There is an active submission with the same AssetID")
 )
 // UpdateSubmissionValidatedModel implements patchSubmissionModel operation.
 //
 // Update model following role restrictions.
 //
 // POST /submissions/{SubmissionID}/validated-model
 func (svc *Service) UpdateSubmissionValidatedModel(ctx context.Context, params internal.UpdateSubmissionValidatedModelParams) error {
 	ValidatedModelID := uint64(params.ValidatedModelID)
 	ValidatedModelVersion := uint64(params.ValidatedModelVersion)
 	// check if Status is ChangesRequested|Submitted|UnderConstruction
 	pmap := datastore.Optional()
 	pmap.Add("validated_asset_id", ValidatedModelID)
 	pmap.Add("validated_asset_version", ValidatedModelVersion)
 	// DO NOT reset completed when validated model is updated
 	// pmap.Add("completed", false)
 	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, pmap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataChangeValidatedModel{
 		ValidatedModelID: ValidatedModelID,
 		ValidatedModelVersion: ValidatedModelVersion,
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceSubmission,
 		ResourceID:   params.SubmissionID,
 		EventType:    model.AuditEventTypeChangeValidatedModel,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
 // Role Validator changes status from Submitting -> Submitted.
 //
 // POST /submissions/{SubmissionID}/status/validator-submitted
 func (svc *Service) ActionSubmissionSubmitted(ctx context.Context, params internal.ActionSubmissionSubmittedParams) error {
 	// transaction
 	target_status := model.SubmissionStatusSubmitted
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusSubmitting}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceSubmission,
 		ResourceID:   params.SubmissionID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
 // POST /submissions/{SubmissionID}/status/validator-validated
 func (svc *Service) ActionSubmissionValidated(ctx context.Context, params internal.ActionSubmissionValidatedParams) error {
 	// transaction
 	target_status := model.SubmissionStatusValidated
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceSubmission,
 		ResourceID:   params.SubmissionID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionSubmissionAccepted implements actionSubmissionAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /submissions/{SubmissionID}/status/validator-failed
 func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params internal.ActionSubmissionAcceptedParams) error {
 	// transaction
 	target_status := model.SubmissionStatusAcceptedUnvalidated
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	smap.Add("status_message", params.StatusMessage)
 	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceSubmission,
 		ResourceID:   params.SubmissionID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // ActionSubmissionUploaded implements actionSubmissionUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /submissions/{SubmissionID}/status/validator-uploaded
 func (svc *Service) ActionSubmissionUploaded(ctx context.Context, params internal.ActionSubmissionUploadedParams) error {
 	// transaction
 	target_status := model.SubmissionStatusUploaded
 	smap := datastore.Optional()
 	smap.Add("status_id", target_status)
 	smap.Add("uploaded_asset_id", params.UploadedAssetID)
 	err := svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusUploading}, smap)
 	if err != nil {
 		return err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	EventData, err := json.Marshal(event_data)
 	if err != nil {
 		return err
 	}
 	_, err = svc.DB.AuditEvents().Create(ctx, model.AuditEvent{
 		ID:           0,
 		User:         ValidtorUserID,
 		ResourceType: model.ResourceSubmission,
 		ResourceID:   params.SubmissionID,
 		EventType:    model.AuditEventTypeAction,
 		EventData:    EventData,
 	})
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // POST /submissions
 func (svc *Service) CreateSubmission(ctx context.Context, request *internal.SubmissionCreate) (*internal.SubmissionID, error) {
 	// sanitization
 	if request.GameID<0||
 	request.AssetOwner<0||
 	request.AssetID<0||
 	request.AssetVersion<0{
 		return nil, ErrNegativeID
 	}
 	var GameID=uint32(request.GameID);
 	var Submitter=uint64(request.AssetOwner);
 	var AssetID=uint64(request.AssetID);
 	var AssetVersion=uint64(request.AssetVersion);
 	// Check if an active submission with the same asset id exists
 	{
 		filter := datastore.Optional()
 		filter.Add("asset_id", request.AssetID)
 		filter.Add("asset_version", request.AssetVersion)
 		filter.Add("status_id", ActiveSubmissionStatuses)
 		active_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
 			Number: 1,
 			Size:   1,
 		},datastore.ListSortDisabled)
 		if err != nil {
 			return nil, err
 		}
 		if len(active_submissions) != 0{
 			return nil, ErrActiveSubmissionSameAssetID
 		}
 	}
 	operation, err := svc.DB.Operations().Get(ctx, request.OperationID)
 	if err != nil {
 		return nil, err
 	}
 	// check if user owns asset
 	// TODO: allow bypass by admin
 	if operation.Owner != Submitter {
 		return nil, ErrNotAssetOwner
 	}
 	submission, err := svc.DB.Submissions().Create(ctx, model.Submission{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        GameID,
 		Submitter:     Submitter,
 		AssetID:       AssetID,
 		AssetVersion:  AssetVersion,
 		Completed:     false,
 		StatusID:      model.SubmissionStatusUnderConstruction,
 	})
 	if err != nil {
 		return nil, err
 	}
 	// mark the operation as completed and provide the path
 	pmap := datastore.Optional()
 	pmap.Add("status_id", model.OperationStatusCompleted)
 	pmap.Add("path", fmt.Sprintf("/submissions/%d", submission.ID))
 	err = svc.DB.Operations().Update(ctx, request.OperationID, pmap)
 	if err != nil {
 		return nil, err
 	}
 	return &internal.SubmissionID{
 		SubmissionID: submission.ID,
 	}, nil
 }
--- a/pkg/validator_controller/mapfixes.go
+++ b/pkg/validator_controller/mapfixes.go
@@ -0,0 +1,380 @@
 package validator_controller
 import (
 	"context"
 	"errors"
 	"fmt"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 type Mapfixes struct {
 	*validator.UnimplementedValidatorMapfixServiceServer
 	inner *service.Service
 }
 func NewMapfixesController(
 	inner *service.Service,
 ) Mapfixes {
 	return Mapfixes{
 		inner: inner,
 	}
 }
 var(
 	// prevent two mapfixes with same asset id
 	ActiveMapfixStatuses = []model.MapfixStatus{
 		model.MapfixStatusUploading,
 		model.MapfixStatusValidated,
 		model.MapfixStatusValidating,
 		model.MapfixStatusAcceptedUnvalidated,
 		model.MapfixStatusChangesRequested,
 		model.MapfixStatusSubmitted,
 		model.MapfixStatusUnderConstruction,
 	}
 )
 var(
 	ErrActiveMapfixSameAssetID = errors.New("There is an active mapfix with the same AssetID")
 	ErrNotAssetOwner = errors.New("You can only submit an asset you own")
 )
 // UpdateMapfixValidatedModel implements patchMapfixModel operation.
 //
 // Update model following role restrictions.
 //
 // POST /mapfixes/{MapfixID}/validated-model
 func (svc *Mapfixes) SetValidatedModel(ctx context.Context, params *validator.ValidatedModelRequest) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// check if Status is ChangesRequested|Submitted|UnderConstruction
 	update := service.NewMapfixUpdate()
 	update.SetValidatedAssetID(params.ValidatedModelID)
 	update.SetValidatedAssetVersion(params.ValidatedModelVersion)
 	// DO NOT reset completed when validated model is updated
 	// update.Add("completed", false)
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusValidating}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataChangeValidatedModel{
 		ValidatedModelID: params.ValidatedModelID,
 		ValidatedModelVersion: params.ValidatedModelVersion,
 	}
 	err = svc.inner.CreateAuditEventChangeValidatedModel(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionMapfixSubmitted invokes actionMapfixSubmitted operation.
 //
 // Role Validator changes status from Submitting -> Submitted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-submitted
 func (svc *Mapfixes) SetStatusSubmitted(ctx context.Context, params *validator.SubmittedRequest) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// transaction
 	target_status := model.MapfixStatusSubmitted
 	update := service.NewMapfixUpdate()
 	update.SetStatusID(target_status)
 	update.SetAssetVersion(uint64(params.ModelVersion))
 	update.SetDisplayName(params.DisplayName)
 	update.SetCreator(params.Creator)
 	update.SetGameID(uint32(params.GameID))
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusSubmitting}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionMapfixRequestChanges implements actionMapfixRequestChanges operation.
 //
 // (Internal endpoint) Role Validator changes status from Submitting -> RequestChanges.
 //
 // POST /mapfixes/{MapfixID}/status/validator-request-changes
 func (svc *Mapfixes) SetStatusRequestChanges(ctx context.Context, params *validator.MapfixID) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// transaction
 	target_status := model.MapfixStatusChangesRequested
 	update := service.NewMapfixUpdate()
 	update.SetStatusID(target_status)
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusSubmitting}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionMapfixValidate invokes actionMapfixValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
 // POST /mapfixes/{MapfixID}/status/validator-validated
 func (svc *Mapfixes) SetStatusValidated(ctx context.Context, params *validator.MapfixID) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// transaction
 	update := service.NewMapfixUpdate()
 	update.SetStatusID(model.MapfixStatusValidated)
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusValidating}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionMapfixAccepted implements actionMapfixAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /mapfixes/{MapfixID}/status/validator-failed
 func (svc *Mapfixes) SetStatusFailed(ctx context.Context, params *validator.MapfixID) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// transaction
 	target_status := model.MapfixStatusAcceptedUnvalidated
 	update := service.NewMapfixUpdate()
 	update.SetStatusID(target_status)
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusValidating}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	// push an action audit event
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionMapfixUploaded implements actionMapfixUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /mapfixes/{MapfixID}/status/validator-uploaded
 func (svc *Mapfixes) SetStatusUploaded(ctx context.Context, params *validator.MapfixID) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	// transaction
 	target_status := model.MapfixStatusUploaded
 	update := service.NewMapfixUpdate()
 	update.SetStatusID(target_status)
 	allow_statuses := []model.MapfixStatus{model.MapfixStatusUploading}
 	err := svc.inner.UpdateMapfixIfStatus(ctx, MapfixID, allow_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // CreateMapfixAuditError implements createMapfixAuditError operation.
 //
 // Post an error to the audit log
 //
 // POST /mapfixes/{MapfixID}/error
 func (svc *Mapfixes) CreateAuditError(ctx context.Context, params *validator.AuditErrorRequest) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	event_data := model.AuditEventDataError{
 		Error: params.ErrorMessage,
 	}
 	err := svc.inner.CreateAuditEventError(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // CreateMapfixAuditCheckList implements createMapfixAuditCheckList operation.
 //
 // Post a checklist to the audit log
 //
 // POST /mapfixes/{MapfixID}/checklist
 func (svc *Mapfixes) CreateAuditChecklist(ctx context.Context, params *validator.AuditChecklistRequest) (*validator.NullResponse, error) {
 	MapfixID := int64(params.ID)
 	check_list := make([]model.Check, len(params.CheckList))
 	for i, check := range params.CheckList {
 		check_list[i] = model.Check{
 			Name:    check.Name,
 			Summary: check.Summary,
 			Passed:  check.Passed,
 		}
 	}
 	event_data := model.AuditEventDataCheckList{
 		CheckList: check_list,
 	}
 	err := svc.inner.CreateAuditEventCheckList(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: MapfixID,
 			Type: model.ResourceMapfix,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // POST /mapfixes
 func (svc *Mapfixes) Create(ctx context.Context, request *validator.MapfixCreate) (*validator.MapfixID, error) {
 	var Submitter=request.AssetOwner;
 	// Check if an active mapfix with the same asset id exists
 	{
 		filter := service.NewMapfixFilter()
 		filter.SetAssetID(request.AssetID)
 		filter.SetAssetVersion(request.AssetVersion)
 		filter.SetStatuses(ActiveMapfixStatuses)
 		active_mapfixes, err := svc.inner.ListMapfixes(ctx, filter, model.Page{
 			Number: 1,
 			Size:   1,
 		},datastore.ListSortDisabled)
 		if err != nil {
 			return nil, err
 		}
 		if len(active_mapfixes) != 0{
 			return nil, ErrActiveMapfixSameAssetID
 		}
 	}
 	OperationID := int32(request.OperationID)
 	operation, err := svc.inner.GetOperation(ctx, OperationID)
 	if err != nil {
 		return nil, err
 	}
 	// check if user owns asset
 	// TODO: allow bypass by admin
 	if operation.Owner != Submitter {
 		return nil, ErrNotAssetOwner
 	}
 	mapfix, err := svc.inner.CreateMapfix(ctx, model.Mapfix{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        request.GameID,
 		Submitter:     Submitter,
 		AssetID:       request.AssetID,
 		AssetVersion:  request.AssetVersion,
 		Completed:     false,
 		TargetAssetID: request.TargetAssetID,
 		StatusID:      model.MapfixStatusUnderConstruction,
 		Description:   request.Description,
 	})
 	if err != nil {
 		return nil, err
 	}
 	// mark the operation as completed and provide the path
 	params := service.NewOperationCompleteParams(fmt.Sprintf("/mapfixes/%d", mapfix.ID))
 	err = svc.inner.CompleteOperation(ctx, OperationID, params)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.MapfixID{
 		ID: uint64(mapfix.ID),
 	}, nil
 }
--- a/pkg/validator_controller/operations.go
+++ b/pkg/validator_controller/operations.go
@@ -0,0 +1,37 @@
 package validator_controller
 import (
 	"context"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 type Operations struct {
 	*validator.UnimplementedValidatorOperationServiceServer
 	inner *service.Service
 }
 func NewOperationsController(
 	inner *service.Service,
 ) Operations {
 	return Operations{
 		inner: inner,
 	}
 }
 // ActionOperationFailed implements actionOperationFailed operation.
 //
 // Fail the specified OperationID with a StatusMessage.
 //
 // POST /operations/{OperationID}/status/operation-failed
 func (svc *Operations) Fail(ctx context.Context, params *validator.OperationFailRequest) (*validator.NullResponse, error) {
 	fail_params := service.NewOperationFailParams(
 		params.StatusMessage,
 	)
 	err := svc.inner.FailOperation(ctx, int32(params.OperationID), fail_params)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
--- a/pkg/validator_controller/script_policy.go
+++ b/pkg/validator_controller/script_policy.go
@@ -0,0 +1,89 @@
 package validator_controller
 import (
 	"context"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 type ScriptPolicy struct {
 	*validator.UnimplementedValidatorScriptPolicyServiceServer
 	inner *service.Service
 }
 func NewScriptPolicyController(
 	inner *service.Service,
 ) ScriptPolicy {
 	return ScriptPolicy{
 		inner: inner,
 	}
 }
 // CreateScriptPolicy implements createScriptPolicy operation.
 //
 // Create a new script policy.
 //
 // POST /script-policy
 func (svc *ScriptPolicy) Create(ctx context.Context, req *validator.ScriptPolicyCreate) (*validator.ScriptPolicyID, error) {
 	from_script, err := svc.inner.GetScript(ctx, int64(req.FromScriptID))
 	if err != nil {
 		return nil, err
 	}
 	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
 	script, err := svc.inner.CreateScriptPolicy(ctx, model.ScriptPolicy{
 		ID:             0,
 		FromScriptHash: from_script.Hash,
 		ToScriptID:     int64(req.ToScriptID),
 		Policy:         model.Policy(req.Policy),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &validator.ScriptPolicyID{
 		ID: uint64(script.ID),
 	}, nil
 }
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
 func (svc *ScriptPolicy) List(ctx context.Context, params *validator.ScriptPolicyListRequest) (*validator.ScriptPolicyListResponse, error) {
 	filter := service.NewScriptPolicyFilter()
 	if params.Filter.FromScriptHash != nil {
 		filter.SetFromScriptHash(int64(*params.Filter.FromScriptHash))
 	}
 	if params.Filter.ToScriptID != nil {
 		filter.SetToScriptID(int64(*params.Filter.ToScriptID))
 	}
 	if params.Filter.Policy != nil {
 		filter.SetPolicy(int32(*params.Filter.Policy))
 	}
 	items, err := svc.inner.ListScriptPolicies(ctx, filter, model.Page{
 		Number: int32(params.Page.Number),
 		Size:   int32(params.Page.Size),
 	})
 	if err != nil {
 		return nil, err
 	}
 	resp := validator.ScriptPolicyListResponse{}
 	resp.ScriptPolicies = make([]*validator.ScriptPolicy, len(items))
 	for i, item := range items {
 		resp.ScriptPolicies[i] = &validator.ScriptPolicy{
 			ID:             uint64(item.ID),
 			FromScriptHash: uint64(item.FromScriptHash),
 			ToScriptID:     uint64(item.ToScriptID),
 			Policy:         validator.Policy(int32(item.Policy)),
 		}
 	}
 	return &resp, nil
 }
--- a/pkg/validator_controller/scripts.go
+++ b/pkg/validator_controller/scripts.go
@@ -0,0 +1,119 @@
 package validator_controller
 import (
 	"context"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 type Scripts struct {
 	*validator.UnimplementedValidatorScriptServiceServer
 	inner *service.Service
 }
 func NewScriptsController(
 	inner *service.Service,
 ) Scripts {
 	return Scripts{
 		inner: inner,
 	}
 }
 // CreateScript implements createScript operation.
 //
 // Create a new script.
 //
 // POST /scripts
 func (svc *Scripts) Create(ctx context.Context, req *validator.ScriptCreate) (*validator.ScriptID, error) {
 	ResourceID := int64(0)
 	if req.ResourceID != nil {
 		ResourceID = int64(*req.ResourceID)
 	}
 	script, err := svc.inner.CreateScript(ctx, model.Script{
 		ID:           0,
 		Name:         req.Name,
 		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
 		ResourceType: model.ResourceType(req.ResourceType),
 		ResourceID:   ResourceID,
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &validator.ScriptID{
 		ID: uint64(script.ID),
 	}, nil
 }
 // ListScripts implements listScripts operation.
 //
 // Get list of scripts.
 //
 // GET /scripts
 func (svc *Scripts) List(ctx context.Context, params *validator.ScriptListRequest) (*validator.ScriptListResponse, error) {
 	filter := service.NewScriptFilter()
 	if params.Filter.Hash != nil {
 		filter.SetHash(int64(*params.Filter.Hash))
 	}
 	if params.Filter.Name != nil {
 		filter.SetName(*params.Filter.Name)
 	}
 	if params.Filter.Source != nil {
 		filter.SetSource(*params.Filter.Source)
 	}
 	if params.Filter.ResourceType != nil {
 		filter.SetResourceType(int32(*params.Filter.ResourceType))
 	}
 	if params.Filter.ResourceID != nil {
 		filter.SetResourceID(int64(*params.Filter.ResourceID))
 	}
 	items, err := svc.inner.ListScripts(ctx, filter, model.Page{
 		Number: int32(params.Page.Number),
 		Size:   int32(params.Page.Size),
 	})
 	if err != nil {
 		return nil, err
 	}
 	resp := validator.ScriptListResponse{}
 	resp.Scripts = make([]*validator.Script, len(items))
 	for i, item := range items {
 		resource_id := uint64(item.ResourceID)
 		resp.Scripts[i] = &validator.Script{
 			ID:           uint64(item.ID),
 			Name:         item.Name,
 			Hash:         uint64(item.Hash),
 			Source:       item.Source,
 			ResourceType: validator.ResourceType(item.ResourceType),
 			ResourceID:   &resource_id,
 		}
 	}
 	return &resp, nil
 }
 // GetScript implements getScript operation.
 //
 // Get the specified script by ID.
 //
 // GET /scripts/{ScriptID}
 func (svc *Scripts) Get(ctx context.Context, params *validator.ScriptID) (*validator.Script, error) {
 	ScriptID := int64(params.ID)
 	script, err := svc.inner.GetScript(ctx, ScriptID)
 	if err != nil {
 		return nil, err
 	}
 	ResourceID := uint64(script.ResourceID)
 	return &validator.Script{
 		ID:           uint64(script.ID),
 		Name:         script.Name,
 		Hash:         uint64(script.Hash),
 		Source:       script.Source,
 		ResourceType: validator.ResourceType(script.ResourceType),
 		ResourceID:   &ResourceID,
 	}, nil
 }
--- a/pkg/validator_controller/submissions.go
+++ b/pkg/validator_controller/submissions.go
@@ -0,0 +1,403 @@
 package validator_controller
 import (
 	"context"
 	"errors"
 	"fmt"
 	"git.itzana.me/strafesnet/go-grpc/validator"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 type Submissions struct {
 	*validator.UnimplementedValidatorSubmissionServiceServer
 	inner *service.Service
 }
 func NewSubmissionsController(
 	inner *service.Service,
 ) Submissions {
 	return Submissions{
 		inner: inner,
 	}
 }
 var(
 	// prevent two mapfixes with same asset id
 	ActiveSubmissionStatuses = []model.SubmissionStatus{
 		model.SubmissionStatusUploading,
 		model.SubmissionStatusValidated,
 		model.SubmissionStatusValidating,
 		model.SubmissionStatusAcceptedUnvalidated,
 		model.SubmissionStatusChangesRequested,
 		model.SubmissionStatusSubmitted,
 		model.SubmissionStatusUnderConstruction,
 	}
 )
 var(
 	ErrActiveSubmissionSameAssetID = errors.New("There is an active submission with the same AssetID")
 )
 // UpdateSubmissionValidatedModel implements patchSubmissionModel operation.
 //
 // Update model following role restrictions.
 //
 // POST /submissions/{SubmissionID}/validated-model
 func (svc *Submissions) SetValidatedModel(ctx context.Context, params *validator.ValidatedModelRequest) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// check if Status is ChangesRequested|Submitted|UnderConstruction
 	update := service.NewSubmissionUpdate()
 	update.SetValidatedAssetID(params.ValidatedModelID)
 	update.SetValidatedAssetVersion(params.ValidatedModelVersion)
 	// DO NOT reset completed when validated model is updated
 	// update.Add("completed", false)
 	allowed_statuses := []model.SubmissionStatus{model.SubmissionStatusValidating}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataChangeValidatedModel{
 		ValidatedModelID: params.ValidatedModelID,
 		ValidatedModelVersion: params.ValidatedModelVersion,
 	}
 	err = svc.inner.CreateAuditEventChangeValidatedModel(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionSubmissionSubmitted invokes actionSubmissionSubmitted operation.
 //
 // Role Validator changes status from Submitting -> Submitted.
 //
 // POST /submissions/{SubmissionID}/status/validator-submitted
 func (svc *Submissions) SetStatusSubmitted(ctx context.Context, params *validator.SubmittedRequest) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// transaction
 	target_status := model.SubmissionStatusSubmitted
 	update := service.NewSubmissionUpdate()
 	update.SetStatusID(target_status)
 	update.SetAssetVersion(uint64(params.ModelVersion))
 	update.SetDisplayName(params.DisplayName)
 	update.SetCreator(params.Creator)
 	update.SetGameID(uint32(params.GameID))
 	allowed_statuses := []model.SubmissionStatus{model.SubmissionStatusSubmitting}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionSubmissionRequestChanges implements actionSubmissionRequestChanges operation.
 //
 // (Internal endpoint) Role Validator changes status from Submitting -> RequestChanges.
 //
 // POST /submissions/{SubmissionID}/status/validator-request-changes
 func (svc *Submissions) SetStatusRequestChanges(ctx context.Context, params *validator.SubmissionID) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// transaction
 	target_status := model.SubmissionStatusChangesRequested
 	update := service.NewSubmissionUpdate()
 	update.SetStatusID(target_status)
 	allowed_statuses :=[]model.SubmissionStatus{model.SubmissionStatusSubmitting}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	// push an action audit event
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
 // Role Validator changes status from Validating -> Validated.
 //
 // POST /submissions/{SubmissionID}/status/validator-validated
 func (svc *Submissions) SetStatusValidated(ctx context.Context, params *validator.SubmissionID) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// transaction
 	target_status := model.SubmissionStatusValidated
 	update := service.NewSubmissionUpdate()
 	update.SetStatusID(target_status)
 	allowed_statuses :=[]model.SubmissionStatus{model.SubmissionStatusValidating}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionSubmissionAccepted implements actionSubmissionAccepted operation.
 //
 // (Internal endpoint) Role Validator changes status from Validating -> Accepted.
 //
 // POST /submissions/{SubmissionID}/status/validator-failed
 func (svc *Submissions) SetStatusFailed(ctx context.Context, params *validator.SubmissionID) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// transaction
 	target_status := model.SubmissionStatusAcceptedUnvalidated
 	update := service.NewSubmissionUpdate()
 	update.SetStatusID(target_status)
 	allowed_statuses :=[]model.SubmissionStatus{model.SubmissionStatusValidating}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	// push an action audit event
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // ActionSubmissionUploaded implements actionSubmissionUploaded operation.
 //
 // (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
 //
 // POST /submissions/{SubmissionID}/status/validator-uploaded
 func (svc *Submissions) SetStatusUploaded(ctx context.Context, params *validator.StatusUploadedRequest) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	// transaction
 	target_status := model.SubmissionStatusUploaded
 	update := service.NewSubmissionUpdate()
 	update.SetStatusID(target_status)
 	update.SetUploadedAssetID(params.UploadedAssetID)
 	allowed_statuses :=[]model.SubmissionStatus{model.SubmissionStatusUploading}
 	err := svc.inner.UpdateSubmissionIfStatus(ctx, SubmissionID, allowed_statuses, update)
 	if err != nil {
 		return nil, err
 	}
 	event_data := model.AuditEventDataAction{
 		TargetStatus: uint32(target_status),
 	}
 	err = svc.inner.CreateAuditEventAction(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // CreateSubmissionAuditError implements createSubmissionAuditError operation.
 //
 // Post an error to the audit log
 //
 // POST /submissions/{SubmissionID}/error
 func (svc *Submissions) CreateAuditError(ctx context.Context, params *validator.AuditErrorRequest) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	event_data := model.AuditEventDataError{
 		Error: params.ErrorMessage,
 	}
 	err := svc.inner.CreateAuditEventError(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // CreateSubmissionAuditCheckList implements createSubmissionAuditCheckList operation.
 //
 // Post a checklist to the audit log
 //
 // POST /submissions/{SubmissionID}/checklist
 func (svc *Submissions) CreateAuditChecklist(ctx context.Context, params *validator.AuditChecklistRequest) (*validator.NullResponse, error) {
 	SubmissionID := int64(params.ID)
 	check_list := make([]model.Check, len(params.CheckList))
 	for i, check := range params.CheckList {
 		check_list[i] = model.Check{
 			Name:    check.Name,
 			Summary: check.Summary,
 			Passed:  check.Passed,
 		}
 	}
 	event_data := model.AuditEventDataCheckList{
 		CheckList: check_list,
 	}
 	err := svc.inner.CreateAuditEventCheckList(
 		ctx,
 		model.ValidatorUserID,
 		model.Resource{
 			ID: SubmissionID,
 			Type: model.ResourceSubmission,
 		},
 		event_data,
 	)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.NullResponse{}, nil
 }
 // POST /submissions
 func (svc *Submissions) Create(ctx context.Context, request *validator.SubmissionCreate) (*validator.SubmissionID, error) {
 	var Submitter=uint64(request.AssetOwner);
 	var Status=model.SubmissionStatus(request.Status);
 	var roles=model.Roles(request.Roles);
 	// Check if an active submission with the same asset id exists
 	{
 		filter := service.NewSubmissionFilter()
 		filter.SetAssetID(request.AssetID)
 		filter.SetAssetVersion(request.AssetVersion)
 		filter.SetStatuses(ActiveSubmissionStatuses)
 		active_submissions, err := svc.inner.ListSubmissions(ctx, filter, model.Page{
 			Number: 1,
 			Size:   1,
 		},datastore.ListSortDisabled)
 		if err != nil {
 			return nil, err
 		}
 		if len(active_submissions) != 0{
 			return nil, ErrActiveSubmissionSameAssetID
 		}
 	}
 	operation_id := int32(request.OperationID)
 	operation, err := svc.inner.GetOperation(ctx, operation_id)
 	if err != nil {
 		return nil, err
 	}
 	// check if user owns asset
 	is_submitter := operation.Owner == Submitter
 	// check if user is map admin
 	has_submission_review := roles & model.RolesSubmissionReview == model.RolesSubmissionReview
 	// if neither, u not allowed
 	if !is_submitter && !has_submission_review {
 		return nil, ErrNotAssetOwner
 	}
 	submission, err := svc.inner.CreateSubmission(ctx, model.Submission{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        request.GameID,
 		Submitter:     Submitter,
 		AssetID:       request.AssetID,
 		AssetVersion:  request.AssetVersion,
 		Completed:     false,
 		StatusID:      Status,
 	})
 	if err != nil {
 		return nil, err
 	}
 	// mark the operation as completed and provide the path
 	params := service.NewOperationCompleteParams(fmt.Sprintf("/submissions/%d", submission.ID))
 	err = svc.inner.CompleteOperation(ctx, operation_id, params)
 	if err != nil {
 		return nil, err
 	}
 	return &validator.SubmissionID{
 		ID: uint64(submission.ID),
 	}, nil
 }
--- a/pkg/web_api/mapfixes.go
+++ b/pkg/web_api/mapfixes.go
--- a/pkg/web_api/maps.go
+++ b/pkg/web_api/maps.go
@@ -0,0 +1,131 @@
 package web_api
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/roblox"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 // ListMaps implements listMaps operation.
 //
 // Get list of maps.
 //
 // GET /maps
 func (svc *Service) ListMaps(ctx context.Context, params api.ListMapsParams) ([]api.Map, error) {
 	filter := service.NewMapFilter()
 	if display_name, display_name_ok := params.DisplayName.Get(); display_name_ok{
 		filter.SetDisplayName(display_name)
 	}
 	if creator, creator_ok := params.Creator.Get(); creator_ok{
 		filter.SetCreator(creator)
 	}
 	if game_id, game_id_ok := params.GameID.Get(); game_id_ok{
 		filter.SetGameID(uint32(game_id))
 	}
 	items, err := svc.inner.ListMaps(ctx,
 		filter,
 		model.Page{
 			Size:   params.Limit,
 			Number: params.Page,
 		},
 	)
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.Map
 	for _, item := range items {
 		resp = append(resp, api.Map{
 			ID:           item.ID,
 			DisplayName:  item.DisplayName,
 			Creator:      item.Creator,
 			GameID:       int32(item.GameID),
 			Date:         item.Date.Unix(),
 			CreatedAt:    item.CreatedAt.Unix(),
 			UpdatedAt:    item.UpdatedAt.Unix(),
 			Submitter:    item.Submitter,
 			Thumbnail:    item.Thumbnail,
 			AssetVersion: item.AssetVersion,
 			LoadCount:    item.LoadCount,
 			Modes:        item.Modes,
 		})
 	}
 	return resp, nil
 }
 // GetMap implements getScript operation.
 //
 // Get the specified script by ID.
 //
 // GET /maps/{MapID}
 func (svc *Service) GetMap(ctx context.Context, params api.GetMapParams) (*api.Map, error) {
 	mapResponse, err := svc.inner.GetMap(ctx, params.MapID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.Map{
 		ID:           mapResponse.ID,
 		DisplayName:  mapResponse.DisplayName,
 		Creator:      mapResponse.Creator,
 		GameID:       int32(mapResponse.GameID),
 		Date:         mapResponse.Date.Unix(),
 		CreatedAt:    mapResponse.CreatedAt.Unix(),
 		UpdatedAt:    mapResponse.UpdatedAt.Unix(),
 		Submitter:    mapResponse.Submitter,
 		Thumbnail:    mapResponse.Thumbnail,
 		AssetVersion: mapResponse.AssetVersion,
 		LoadCount:    mapResponse.LoadCount,
 		Modes:        mapResponse.Modes,
 	}, nil
 }
 // DownloadMapAsset invokes downloadMapAsset operation.
 //
 // Download the map asset.
 //
 // GET /maps/{MapID}/download
 func (svc *Service) DownloadMapAsset(ctx context.Context, params api.DownloadMapAssetParams) (ok api.DownloadMapAssetOK, err error) {
 	userInfo, success := ctx.Value("UserInfo").(UserInfoHandle)
 	if !success {
 		return ok, ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleMapDownload()
 	if err != nil {
 		return ok, err
 	}
 	if !has_role {
 		return ok, ErrPermissionDeniedNeedRoleMapDownload
 	}
 	// Ensure map exists in the db!
 	// This could otherwise be used to access any asset
 	_, err = svc.inner.GetMap(ctx, params.MapID)
 	if err != nil {
 		return ok, err
 	}
 	info, err := svc.roblox.GetAssetLocation(roblox.GetAssetLatestRequest{
 		AssetID: uint64(params.MapID),
 	})
 	if err != nil{
 		return ok, err
 	}
 	// download the complete file
 	asset, err := svc.roblox.DownloadAsset(info)
 	if err != nil{
 		return ok, err
 	}
 	ok.Data = asset
 	return ok, nil
 }
--- a/pkg/web_api/operations.go
+++ b/pkg/web_api/operations.go
@@ -0,0 +1,46 @@
 package web_api
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 )
 // GetOperation implements getOperation operation.
 //
 // Get the specified operation by ID.
 //
 // GET /operations/{OperationID}
 func (svc *Service) GetOperation(ctx context.Context, params api.GetOperationParams) (*api.Operation, error) {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return nil, ErrUserInfo
 	}
 	// You must be the operation owner to read it
 	operation, err := svc.inner.GetOperation(ctx, params.OperationID)
 	if err != nil {
 		return nil, err
 	}
 	userId, err := userInfo.GetUserID()
 	if err != nil {
 		return nil, err
 	}
 	// check if caller is the submitter
 	has_role := userId == operation.Owner
 	if !has_role {
 		return nil, ErrPermissionDeniedNotSubmitter
 	}
 	return &api.Operation{
 		OperationID:   operation.ID,
 		Date:          operation.CreatedAt.Unix(),
 		Owner:         int64(operation.Owner),
 		Status:        int32(operation.StatusID),
 		StatusMessage: operation.StatusMessage,
 		Path:          operation.Path,
 	}, nil
 }
--- a/pkg/web_api/script_policy.go
+++ b/pkg/web_api/script_policy.go
@@ -0,0 +1,149 @@
 package web_api
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 // CreateScriptPolicy implements createScriptPolicy operation.
 //
 // Create a new script policy.
 //
 // POST /script-policy
 func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ScriptPolicyID, error) {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return nil, err
 	}
 	from_script, err := svc.inner.GetScript(ctx, req.FromScriptID)
 	if err != nil {
 		return nil, err
 	}
 	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
 	script, err := svc.inner.CreateScriptPolicy(ctx, model.ScriptPolicy{
 		ID:             0,
 		FromScriptHash: from_script.Hash,
 		ToScriptID:     req.ToScriptID,
 		Policy:         model.Policy(req.Policy),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptPolicyID{
 		ScriptPolicyID: script.ID,
 	}, nil
 }
 // ListScriptPolicy implements listScriptPolicy operation.
 //
 // Get list of script policies.
 //
 // GET /script-policy
 func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
 	filter := service.NewScriptPolicyFilter()
 	if hash_hex, ok := params.FromScriptHash.Get(); ok{
 		hash_parsed, err := model.HashParse(hash_hex)
 		if err != nil {
 			return nil, err
 		}
 		filter.SetFromScriptHash(int64(hash_parsed))
 	}
 	if to_script_id, to_script_id_ok := params.ToScriptID.Get(); to_script_id_ok{
 		filter.SetToScriptID(to_script_id)
 	}
 	if policy, policy_ok := params.Policy.Get(); policy_ok{
 		filter.SetPolicy(policy)
 	}
 	items, err := svc.inner.ListScriptPolicies(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.ScriptPolicy
 	for _, item := range items {
 		resp = append(resp, api.ScriptPolicy{
 			ID:             item.ID,
 			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
 			ToScriptID:     item.ToScriptID,
 			Policy:         int32(item.Policy),
 		})
 	}
 	return resp, nil
 }
 // DeleteScriptPolicy implements deleteScriptPolicy operation.
 //
 // Delete the specified script policy by ID.
 //
 // DELETE /script-policy/{ScriptPolicyID}
 func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScriptPolicyParams) error {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return err
 	}
 	return svc.inner.DeleteScriptPolicy(ctx, params.ScriptPolicyID)
 }
 // GetScriptPolicy implements getScriptPolicy operation.
 //
 // Get the specified script policy by ID.
 //
 // GET /script-policy/{ScriptPolicyID}
 func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPolicyParams) (*api.ScriptPolicy, error) {
 	policy, err := svc.inner.GetScriptPolicy(ctx, params.ScriptPolicyID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptPolicy{
 		ID:             policy.ID,
 		FromScriptHash: model.HashFormat(uint64(policy.FromScriptHash)),
 		ToScriptID:     policy.ToScriptID,
 		Policy:         int32(policy.Policy),
 	}, nil
 }
 // UpdateScriptPolicy implements updateScriptPolicy operation.
 //
 // Update the specified script policy by ID.
 //
 // POST /script-policy/{ScriptPolicyID}
 func (svc *Service) UpdateScriptPolicy(ctx context.Context, req *api.ScriptPolicyUpdate, params api.UpdateScriptPolicyParams) error {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return err
 	}
 	filter := service.NewScriptPolicyFilter()
 	if from_script_id, ok := req.FromScriptID.Get(); ok {
 		from_script, err := svc.inner.GetScript(ctx, from_script_id)
 		if err != nil {
 			return err
 		}
 		filter.SetFromScriptHash(from_script.Hash)
 	}
 	if to_script_id, to_script_id_ok := req.ToScriptID.Get(); to_script_id_ok{
 		filter.SetToScriptID(to_script_id)
 	}
 	if policy, policy_ok := req.Policy.Get(); policy_ok{
 		filter.SetPolicy(policy)
 	}
 	return svc.inner.UpdateScriptPolicy(ctx, req.ID, filter)
 }
--- a/pkg/web_api/scripts.go
+++ b/pkg/web_api/scripts.go
@@ -0,0 +1,170 @@
 package web_api
 import (
 	"context"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
 )
 func CheckHasRoleScriptWrite(ctx context.Context) error {
 	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
 	if !ok {
 		return ErrUserInfo
 	}
 	has_role, err := userInfo.HasRoleScriptWrite()
 	if err != nil {
 		return err
 	}
 	if !has_role {
 		return ErrPermissionDeniedNeedRoleScriptWrite
 	}
 	return nil
 }
 // CreateScript implements createScript operation.
 //
 // Create a new script.
 //
 // POST /scripts
 func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ScriptID, error) {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return nil, err
 	}
 	script, err := svc.inner.CreateScript(ctx, model.Script{
 		ID:           0,
 		Name:         req.Name,
 		Hash:         int64(model.HashSource(req.Source)),
 		Source:       req.Source,
 		ResourceType: model.ResourceType(req.ResourceType),
 		ResourceID:   req.ResourceID.Or(0),
 	})
 	if err != nil {
 		return nil, err
 	}
 	return &api.ScriptID{
 		ScriptID: script.ID,
 	}, nil
 }
 // ListScripts implements listScripts operation.
 //
 // Get list of scripts.
 //
 // GET /scripts
 func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
 	filter := service.NewScriptFilter()
 	if hash_hex, ok := params.Hash.Get(); ok{
 		hash_parsed, err := model.HashParse(hash_hex)
 		if err != nil {
 			return nil, err
 		}
 		filter.SetHash(int64(hash_parsed))
 	}
 	if name, name_ok := params.Name.Get(); name_ok{
 		filter.SetName(name)
 	}
 	if source, source_ok := params.Source.Get(); source_ok{
 		filter.SetSource(source)
 	}
 	if resource_type, resource_type_ok := params.ResourceType.Get(); resource_type_ok{
 		filter.SetResourceType(resource_type)
 	}
 	if resource_id, resource_id_ok := params.ResourceID.Get(); resource_id_ok{
 		filter.SetResourceID(resource_id)
 	}
 	items, err := svc.inner.ListScripts(ctx, filter, model.Page{
 		Number: params.Page,
 		Size:   params.Limit,
 	})
 	if err != nil {
 		return nil, err
 	}
 	var resp []api.Script
 	for _, item := range items {
 		resp = append(resp, api.Script{
 			ID:           item.ID,
 			Name:         item.Name,
 			Hash:         model.HashFormat(uint64(item.Hash)),
 			Source:       item.Source,
 			ResourceType: int32(item.ResourceType),
 			ResourceID:   item.ResourceID,
 		})
 	}
 	return resp, nil
 }
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
 //
 // DELETE /scripts/{ScriptID}
 func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptParams) error {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return err
 	}
 	return svc.inner.DeleteScript(ctx, params.ScriptID)
 }
 // GetScript implements getScript operation.
 //
 // Get the specified script by ID.
 //
 // GET /scripts/{ScriptID}
 func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
 	script, err := svc.inner.GetScript(ctx, params.ScriptID)
 	if err != nil {
 		return nil, err
 	}
 	return &api.Script{
 		ID:           script.ID,
 		Name:         script.Name,
 		Hash:         model.HashFormat(uint64(script.Hash)),
 		Source:       script.Source,
 		ResourceType: int32(script.ResourceType),
 		ResourceID:   script.ResourceID,
 	}, nil
 }
 // UpdateScript implements updateScript operation.
 //
 // Update the specified script by ID.
 //
 // PATCH /scripts/{ScriptID}
 func (svc *Service) UpdateScript(ctx context.Context, req *api.ScriptUpdate, params api.UpdateScriptParams) error {
 	err := CheckHasRoleScriptWrite(ctx)
 	if err != nil {
 		return err
 	}
 	filter := service.NewScriptFilter()
 	if name, name_ok := req.Name.Get(); name_ok{
 		filter.SetName(name)
 	}
 	if source, source_ok := req.Source.Get(); source_ok{
 		filter.SetSource(source)
 		filter.SetHash(int64(model.HashSource(source)))
 	}
 	if resource_type, resource_type_ok := req.ResourceType.Get(); resource_type_ok{
 		filter.SetResourceType(resource_type)
 	}
 	if resource_id, resource_id_ok := req.ResourceID.Get(); resource_id_ok{
 		filter.SetResourceID(resource_id)
 	}
 	return svc.inner.UpdateScript(ctx, req.ID, filter)
 }
--- a/Show More
+++ b/Show More